JP2000029996A - Method for managing ic card function - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a mechanism safely and flexibly change the use range of the service of a grouped IC cards within a limit in an IC card system having a program usable in a card. SOLUTION: An AP for realizing a function is integrated into an IC card 112 in an initial state by an AP integrating terminal 111, and each information of a master card 113 and a slave card 114 is set. A ticket is transferred from the master card 113 through a user's terminal 121 to the slave card 114 so that the slave card 114 can be turned into a state capable of the use of the function of the integrated AP. Also, the ticket is transferred from the slave card 114 to the master card 113 so that the function of the AP integrated into the slave card 114 can not be used.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

[0001] 1. Field of the Invention [0002] The present invention relates to an IC card system, and more particularly to an IC card system that can use a plurality of cards in a group.

[0002]

2. Description of the Related Art In recent years, a so-called IC card has been used.
Devices having a data processing device and a storage device such as a microprocessor in a card-shaped carrier have been put to practical use. In such an IC card, calculation by a program can be performed inside the card by an internal data processing device. For example, in an IC card conforming to various standards, such an I
It has been considered to provide a function such as a credit service by using a function of a C card to incorporate a program prepared by a card issuer or the like.

Further, there has been proposed a method of securely transferring a value having a monetary value between cards by utilizing the function of such an IC card. Such a technique is described in, for example, Japanese Patent Application Laid-Open No. 5-504463 or Japanese Patent Application Laid-Open No. 6-503913. In these technologies, secure value transfer between cards is realized by authentication between cards using encryption technology and transmission and reception of encrypted transfer messages.

On the other hand, there is a card grouping use function represented by a family card service in a credit card. This is to issue a plurality of cards having the same function and to use them simultaneously. At this time, as many cards as required by the user are issued within the range specified by the card issuer. If the number of cards for which the service can be used is changed (within the range), the card issuing company will perform the change procedure.

[0005]

When the above-described grouping function is realized by using the IC card described above, a program for realizing the function is stored in each card. In such a form,
When changing the range of cards that can use the service,
With storing or erasing a program on a card, it is necessary to prevent unauthorized copying of the program and to prevent the operation of the card user from becoming complicated. However, using a card-to-card value transfer technology as described above to transfer data with a data size equivalent to a program, as a message,
Processing time increases, which is not practical.

It is an object of the present invention to provide a mechanism capable of safely and flexibly changing the service range of a grouped IC card in an IC card system in which a program in the card can be used. is there.

[0007]

In order to achieve the above object, the present invention provides an IC card system in which a plurality of cards have a common function and can be used in a group. It comprises one parent card and another child card, and has a function of distributing and collecting the common function by transferring the right to use the common function between the parent card and the child card. . Preferably, the parent card has a limited number of right to use the common function in the initial state, and the common function is made available by transferring the right to the child card not having the right in the initial state. The transfer of the right to use the common function is performed by mutual authentication between the parent card and the child card and by transferring the right using encrypted data based on the authentication.

In other words, the management method of the IC card function according to the present invention comprises a processor and a memory, and executes a program held in the memory by the processor to realize a first and a second function. A function management method of an IC card for managing authority to use a predetermined function between cards of the first type, wherein the first card and the second card are permitted to use the predetermined function. Transfer of the ticket message to the second card, and in response to receiving the ticket message, setting right information indicating that the predetermined function is available in the memory of the second card. Features.

[0009] Preferably, in the step of transferring the ticket message, a plaintext meaning the transfer of the ticket is encrypted with the first encryption key to generate the ticket message. In the step of setting the right information, the ticket message is decrypted with the second encryption key to obtain the plaintext.

[0010] In a more preferred aspect, the ticket message includes a signature key obtained by encrypting the second encryption key with the third encryption key. In the step of setting the right information, the signature key is decrypted using the fourth encryption key, and the second encryption key is obtained.

[0011]

FIG. 1 is a conceptual diagram of an IC card system according to an embodiment of the present invention. In the present embodiment, a description will be given assuming a member card system having a credit card function with a family card service.

The card issuing company 110 has an AP built-in terminal 111 in which an application program (hereinafter referred to as AP) for realizing processes such as credit use processing and ticket transfer processing is built. Card issuing company 110
Is the I that has been initialized using the AP embedded terminal 111.
The AP is incorporated into the C card 112 to create a parent card 113 and a child card 114.

The card user 120 is a card issuer 1
A request for issuing a card is made to 10, and the parent card 113 and the child card 114 are received by mail or the like. At this time, the parent card 113 has a ticket indicating the right to use the credit of the parent card 113 itself and also has a ticket indicating the right to use the credit of the child card. On the other hand, the child card 114 does not have a ticket indicating the right to use the credit of the child card 114 at this time. In addition,
In the present specification, when it is not necessary to particularly distinguish the parent card 113 and the child card 114, these are simply referred to as cards.

The card user 120 has a user terminal having a ticket transfer function between cards (also called a wallet).
The ticket indicating the right to use the credit is transferred between the parent card 113 and the child card 114 as necessary using the 121. The child card 114 that receives the ticket by the transfer can use the credit.
Conversely, transfer from child card 114 to parent card 113 by transfer
It is also possible to collect the ticket and stop using the credit of the child card 114.

The store 130 where credits can be used is provided with a credit use terminal 131, and credits can be used with the cards 113 and 114. Credit can be used for the parent card 113 and the child card 114 to which the ticket has been transferred from the parent card 113.
It is. The child card 114 without a ticket cannot use credit.

FIG. 2 shows a parent card 113 and a child card 114.
FIG. 2 is a block diagram showing a configuration of an IC card used as a device. The configuration of the IC card is common to the parent card 113 and the child card 114.

The IC card 200 includes a processing device 211 such as a microprocessor, a storage device 212 such as an EEPROM and a flash memory, an AP embedded terminal 111,
An interface unit 214 for transferring data, messages, and the like between the user terminal 121 and devices such as the credit use terminal 131 is provided.

The storage device 212 stores an AP 213 for realizing various functions and a control program 215 corresponding to a so-called operating system (OS). The processing device 211 executes processing by the AP 213 under the control of the control program 215, and realizes various functions achieved by these APs.

The storage device 212 can store a plurality of APs at the same time. IC card 200 is parent card 1
When used as 13, the AP 213 includes a parent card AP for realizing the function as the parent card 113. The IC card 200 is the child card 1
When used as 14, the child card AP for realizing the function as the child card 114 is included as one of the APs 213. The parent card AP implements functions such as a credit use process, a ticket transfer process for granting a ticket to the child card 114, and collection. Child card A
P implements functions such as credit use processing, ticket reception from a parent card, and ticket transfer processing for return. The AP 213 stores a program storage unit 2131 storing the substance of a program for realizing these functions.
And a data storage unit 2132 storing data used when the program of the program storage unit 2131 is executed.

FIG. 3 is a block diagram showing the configuration of the AP built-in terminal 111 provided in the card issuing company 110.

The AP-embedded terminal 111 includes a processing device 311,
IC card reader / writer 312 which is an interface with the card, and AP 314 incorporated in the card
Is stored in the storage device 313.

The processing device 311 holds an AP incorporation processing unit 3110 that implements the AP 314 in a card. The AP 314 includes a parent card AP and a child card AP.

As the processing device 311, an information processing device such as a personal computer or a workstation can be used. In this case, the AP built-in processing unit 3110 is realized as a program. Such a program is stored in a storage unit in the processing device 311, and the processing device 311 executes the program to achieve the AP built-in function in the present embodiment.

FIG. 4 is a block diagram showing the configuration of the user terminal 121.

The user terminal 121 includes an interface 41 between the processing device 411, the storage device 412, and the card.
6. The storage device 412 stores an AP 414, a menu program 413, and a control program 415 functioning as a so-called OS. Each AP 412,
A program unit 4141 for storing the substance of the program;
A data section 4142 for storing data used by the program stored in the program section 4141. Storage device 4
The AP 12 can store, as the AP 414, a plurality of APs for performing a process corresponding to the AP 213 held in the card, in addition to the family card AP that realizes the ticket transfer process in the present embodiment.

The user terminal 121 has an interface 4
16 are provided. When performing a ticket transfer process between cards, the parent card 113 is connected to one interface 416 and the child card 114 is connected to the other interface 416.

FIG. 5 shows a state in which the parent card 113 is used during the AP installation process.
3 shows an example of data items set in the data storage unit 2132 in the parent card AP. In the figure, the setting value corresponding to each data item includes an
1 shows an example of a value set in the data storage unit 2132 of the parent card AP.

The data items of the data set in the data storage section 2132 of the parent card AP include a credit number, a child card number, the presence or absence of a ticket, the number of tickets for a child card, a private key for signature, a public key for decryption, The public key for key decryption is included.

The credit card has its parent card 113
Is set to a unique number for identifying.

In the child card number, a number for identifying each of the child cards 114 included in the group having the parent card 113 as a parent is set. For example, in the data example shown in FIG. 5, two child cards are issued to the group having the parent card 113 as a parent, so two card numbers given to each of the two child cards 114 are set. Have been.

Data indicating whether the card has the authority to use the credit function is set in the ticket presence / absence. In the case of the parent card 113, data indicating "Yes" is set in the presence or absence of the ticket when the AP is incorporated.

The number of tickets for a child card includes the number of tickets that can be transferred by the parent card 113, in other words,
The number of child cards 114 included in the group having the parent card 113 as a parent is set. For example, in the data example shown in FIG. 5, “2” is set as the value, which indicates that ticket transfer to two child cards 114 is possible.

A private key for sentence signature, a signed public key for sentence decryption,
As the key decryption public key, an encryption key used when transferring a ticket with the child card 114 is set. Among these, the public key for key decryption can use a common value for all cards.

FIG. 6 shows an example of data items set in the data storage section 2132 in the child card AP of the child card 114. In the drawing, an example of a value set in the data storage unit 2132 of the child card AP by the AP embedding terminal 111 at the time of the embedding process is shown as the set value corresponding to each data item.

The credit number is a number for uniquely identifying the child card 114, and one of the child card numbers set in the data storage section 2132 of the parent card AP is set. The parent card number is a credit number given to a parent card in the group to which the child card 114 belongs. The presence / absence of a ticket has the same meaning as the presence / absence of a ticket of the parent card AP, but in the case of the child card AP, data indicating “absence” is set as an initial setting value. The sentence signature private key, sentence signed public key, and key decryption public key each have the same meaning as the corresponding data item of the parent card AP.

In FIGS. 5 and 6, the setting values of the private key for text signature, the signed public key for text decryption, and the public key for key decryption are represented by symbols. This will be described in the description of the processing.

FIG. 7 is a flowchart of the AP embedding process performed by the AP embedding processing section 3110 of the AP embedding terminal 111.

In the AP embedding process, first, designation of an AP to be embedded in a card is received from an operator. Specifically, it is specified whether the parent card AP is incorporated or the child card AP is incorporated (step 701).

The AP built-in processing unit 3110 determines in step 60
The AP designated in 1 is read from the storage device 313 (step 702).

Next, a set value of each data item to be set in the data storage unit is prepared, and the AP read out in step 702 is prepared.
Is set in the data storage unit 2132. If the parent card AP is incorporated, the setting values as shown in FIG. 5 are prepared. If the child card AP is incorporated, the setting values as shown in FIG. 6 are prepared (step 703).

In the present embodiment, among the set values of the data items set in the data storage unit 2132, the set values of the data items other than the ticket presence / absence, the sentence signed public key and the key decryption public key are as follows. Data individually specified by the operator is used. The method of determining the set values specified for these data items is not directly related to the present invention, and may be determined by any method. As described above, the presence / absence of the ticket is “present” for the parent card AP and “absent” for the child card AP. Further, the public key for key decryption includes all parent card APs and child card APs.
(Kpk) is used. The decrypted signed public key is obtained by signing the public key corresponding to the given document name private key with the private key paired with the key decryption public key.

In step 704, the set value prepared in step 703 is set in the AP data storage unit 2132 read out in step 702. The AP in which data is set in the data storage unit is an IC card reader / writer 312.
IC card 11 that performs AP embedding via
Sent to 2. The AP sent to the IC card 112 has I
The data is stored in the storage device using the AP built-in function of the control program stored in the C card 112 in advance (step 704).

FIGS. 8 and 9 are flowcharts showing the flow of a ticket transfer process performed using the user terminal 121. FIG. Here, the transfer processing of the ticket from the parent card 113 to the child card 114 will be described as an example. This transfer processing is performed by the user selecting the family card AP by the menu program 412, and the control program 41
5 starts by activating the family card AP. In the present embodiment, the ticket transfer process is interactively performed between the parent card AP of the parent card 113 and the child card AP of the child card 114 via the family card AP of the user terminal.

In this embodiment, the parent card 11
The message transfer performed between the third card and the child card 114 uses a public key cryptosystem, and the following items are assumed to be satisfied.

One key that becomes i ≠ Pj ¢ e is represented by “Ksx”, and this is used as a secret key. The other key is represented in the form of “Kpx”, which is used as a public key. In FIG. 5, "Ksm0" and "Kpm0" and "Ksk" and "Kpk" are paired keys.

I ≠ Qj ≠ X data X (sentence or key) to which key K is applied is expressed in the form of “X * K”. For example, “Kpm0 * Ksk” in FIG. 5 indicates that the key “Kpm0” is encrypted with the key “Ksk”.

The data obtained by continuously operating the key that becomes i {Rj} e returns to the original state. That is, when "Kpk" is applied to "X * Ksk", X is restored ((X * Ksk) * Kpk = X). Similarly, “(X * Kpk) * Ksk = X”.

Hereinafter, the ticket transfer process will be described on the premise of the above items. In the figure, the child card 11 is shown in the left column.
4, the processing by the child card AP, the processing by the family card AP of the user terminal in the middle row, and the processing by the parent card AP in the right row are arranged.

The activated family card AP accepts a ticket transfer instruction from the user, and calls a transfer request process for the transfer destination card. Here, since the child card 114 is the transfer destination card, the transfer request processing of the child card AP is called (step 801).

In the transfer request processing of the child card AP, a ticket transfer request message is generated in response to a call from the family card AP. Specifically, the plaintext of the text meaning “ticket transfer request” is encrypted with the text signature private key set in the data storage unit 2132 of the child card AP. By this encryption processing, "Ticket transfer request * Ksm1"
Is generated. The child card AP generates a ticket transfer request message by adding the sentence-combined signed public key to the ciphertext. This ticket transfer request message is ““ Ticket transfer request * Ksm1 ”+“ Kpm1 * Ks
k ”” (step 802).

The child card AP transfers the ticket transfer request message generated in this way to the family card AP of the user terminal 121 as a return value (step 80).
3).

When the family card AP of the user terminal 121 receives the transfer request message, which is the return value from the child card AP, it transfers it to the parent card 114, and the parent card A
The transfer execution process of P is called (step 804).

The transfer execution processing of the parent card AP decrypts the transferred ticket transfer request message in response to the call from the family card AP. Specifically, first, the public key for decryption is decrypted with the public key for decryption, and the public key for decryption is obtained. In other words, the signed public key “Kpm1
The public key for decryption “Kpk” is applied to “* Ksk” to obtain a public key for decryption “Kpm1” (step 805). Next, a message is acquired using the acquired public key for decryption. In other words, the public key for decryption “Kpm1” obtained in the encrypted message “ticket transfer request * Ksm1”
To obtain a plaintext "ticket transfer request" (step 806).

When confirming that the transmitted message is a ticket transfer request message, the parent card AP changes the value set in the “number of child card tickets” set in the data storage unit 2132 to “1”. "(Step 807).

Next, the parent card AP generates a transfer execution message. Specifically, as in the case of the transfer request message, the plaintext of the text meaning “transfer execution” is encrypted with the sentence signature private key set in the data storage unit 2132 of the parent card AP. By this encryption processing, an encrypted text “Transfer execution * Ksm0” is generated. The parent card AP adds a sentence-combined signed public key to the ciphertext to generate a transfer execution message ““ transfer execution * Ksm0 ”+“ Kpm0 * Ksk ”” (step 808).

The parent card AP transfers the transfer execution message thus generated to the family card AP of the user terminal 121 as a return value (step 809).

The family card AP is followed by the parent card 11
3 is transferred to the child card 114.
And calls the transfer confirmation processing of the child card AP (step 810).

In the transfer confirmation process of the child card AP, when the transfer execution message is received, the decryption public key “Kpm0” is obtained in the same manner as in steps 805 and 806 of the transfer execution process in the parent card AP. Then, this public key for decryption is applied to the encrypted text “transfer execution * Ksm0” to obtain a plaintext indicating “transfer execution” (steps 811 and 81).
2).

When the child card AP confirms the plain text indicating "transfer execution", it changes the value of the data item "presence / absence of ticket" in the data storage section 2132 to "present" (step 8).
13). Thereafter, the child card AP generates a transfer confirmation message from plaintext meaning "transfer confirmation" in the same manner as the previous transfer request message (step 814), transfers the message to the user terminal 121, and ends the processing (step 814). Step 81
5).

The family card AP of the user terminal 121 transfers the transfer confirmation message sent from the child card 114 to the parent card 113, and calls the transfer termination processing of the parent card AP (step 816).

Upon receiving the transfer confirmation message, the parent card AP decrypts the message and confirms the plain text "transfer confirmation" (step 817). After confirming that the received message is a transfer confirmation notice, the parent card AP
Notifies the end of the process to the family card AP of the user terminal 121 and ends the process (step 818).

When the family card AP of the user terminal 121 is notified of the processing end from the parent card 113, the processing ends (step 819).

FIGS. 10 and 11 are flowcharts of the ticket transfer process from the child card 114 to the parent card 113. This processing is basically performed in substantially the same manner as the transfer of a ticket from the child card 114 to the parent card 113. Therefore, in the following, this process will be briefly described with reference to the ticket transfer process from the child card 114 to the parent card 113.

As in step 801, the family card AP
Is started by the control program 415, and accepts an instruction from the user. The received instruction is child card 11
If it indicates the transfer of the ticket from No. 4 to the parent card 113, the transfer request processing of the parent card AP of the parent card 113 is called (step 901).

In the parent card AP, steps 802 and 80
A transfer request message is generated in the same manner as in the process of step 3 (step 902) and transferred to the family card AP of the user terminal 121 (step 903).

The transfer request message is transferred to the child card AP of the child card 113 via the family card AP, and the child card AP obtains plain text of a text indicating the transfer request in the same manner as in steps 805 and 806 (step 805). Steps 905 and 906). When confirming the plaintext indicating the transfer request, the child card AP changes the value of the data item “presence / absence of ticket” in the data storage unit 2132 to “absent” (step 9).
07). Thereafter, a transfer execution message is generated and transferred in the same manner as in steps 808 and 809 (step 90).
8, 909).

When the transfer execution message is sent from the child card 114, the family card AP sends it to the parent card 1
13 (step 910). In the parent card 113, when the parent card AP receives the transfer execution message,
The message is decrypted in the same manner as steps 811, 812 (steps 911, 912). Parent Card AP
Confirms the plaintext indicating the execution of the transfer,
The value set in the “number of child card tickets” set in 132 is increased by “1” (step 91)
3).

Thereafter, as in steps 814-819, a transfer confirmation message is sent from the parent card 113 to the child card 114, the transfer is confirmed by the child card, the end of the processing is notified to the user terminal, and the transfer processing is performed. This ends (steps 914-919).

In the above-described ticket transfer processing, the user terminal 121 actually performs only the transfer of the message between the transfer source card and the transfer destination card.
Substantial processing is performed by the AP 213 of each card.

In this embodiment, the card receiving the ticket can take out the public key for decryption using the public key for decryption “Kpk” (that is, the other party has the signed public key for decryption that is correct). ) And the key was used to decrypt the message (that is, sent a ciphertext that only the correct "sentence creator" can create) so that the other party's card is the correct one to forward the ticket to You can confirm that. Since this process is performed when each message is transmitted / received, the authenticity of the other party's card can be confirmed between the cards. As described above, since the message exchanged between the two cards is encrypted, the user terminal 121 cannot illegally obtain the right to use the credit by eavesdropping and falsifying the message.

Finally, a ticket confirmation process when using a credit will be described. FIG. 12 is a processing flow diagram when using the credit of the parent card AP of the parent card 113 and the child card AP of the child card 114.

First, prior to the credit processing with the credit use terminal 131, the card AP (parent card A
The value of the data item “presence / absence of ticket” in the data storage unit 2132 is obtained by P or the child card AP) (step 1201). If "Yes" is set, the normal credit processing is performed thereafter (step 1202). On the other hand, if the value of the data item “presence / absence of ticket” in the data storage unit 2132 is “absent”, the card cannot be used, and error processing such as passing through the credit use terminal 131 that the card cannot be used is performed. To end the processing (step 1203).

By the above processing, it is possible to realize a card processing in which only a card having a ticket indicating a right to use credit can use credit. In the present embodiment, when the credit function is used, the AP on the card side is used.
Is used to check the presence or absence of a ticket. However, it is also possible to transfer the ticket information from the card-side AP to the credit use terminal 131 and perform the check at the credit use terminal 131 side AP. In this case, by transferring the ticket information using the same encryption technology as that for transferring the message between the parent and child cards, the credit use terminal 13 can be used.
One side can also confirm whether the other party's card is an appropriate card.

As described above, according to the present embodiment, in an IC card system in which a plurality of cards have a common function and can be used in a group,
By transferring the right to use the function between the parent card and the child card in the group, a common function can be distributed and collected to the child card. This enables flexible customization of functions within the service usage range. Further, by transferring the right by using data encrypted in the card based on the mutual authentication between the parent card and the child card and the authentication, it is possible to safely and correctly transfer the right.

[0075]

According to the present invention, it is possible to realize an IC card system capable of flexibly changing the range of authority to use services and functions of the IC card.

[Brief description of the drawings]

FIG. 1 is a conceptual diagram showing a configuration of an IC card system according to an embodiment of the present invention.

FIG. 2 is a block diagram showing a configuration of an IC card used as a parent card and a child card.

FIG. 3 is a block diagram illustrating a configuration of an AP embedded terminal.

FIG. 4 is a block diagram illustrating a configuration of a user terminal.

FIG. 5 is a data configuration diagram of initial setting data set in a data storage unit in a parent card AP during an AP incorporating process.

FIG. 6 is a data configuration diagram of initial setting data set in a data storage unit in a child card AP during an AP incorporating process.

FIG. 7 is a processing flowchart of an AP embedding process in an AP embedding terminal.

FIG. 8 is a processing flowchart of a ticket transfer process from a parent card to a child card.

FIG. 9 is a processing flowchart of a ticket transfer process from a parent card to a child card.

FIG. 10 is a processing flowchart of a ticket transfer process from a child card to a parent card.

FIG. 11 is a processing flowchart of a ticket transfer process from a child card to a parent card.

FIG. 12 is a flowchart of a ticket confirmation process when using a credit.

[Explanation of symbols]

111 AP embedded terminal 112, 200 IC card 113 Parent card 114 Child card 121 User terminal 131 Credit utilization terminal 211, 311, 411 Processing unit 212, 313, 412 Storage unit 213, 314 414: Application program (AP) 214, 416: Interface unit 215, 415: Control program 312: IC card reader / writer 413: Menu program

──────────────────────────────────────────────────続 き Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) G07F 7/08 G07F 7/08 R (72) Inventor Mari Udagawa 2-chome Kagahara, Tsuzuki-ku, Yokohama-shi, Kanagawa Number System Development Division, Hitachi, Ltd. (72) Inventor Shoko Hatanaka 4-280, Kanda Surugadai, Chiyoda-ku, Tokyo F-term (Reference) 3E044 AA20 BA05 CA06 CB01 DA05 DC05 DE01 DE02 5B035 BB09 BC00 CA11 5B058 CA01 KA17 YA20

Claims (15)

[Claims] 1. A predetermined function comprising a processor and a memory, wherein the predetermined function can be used between a first card and a second card which realize a predetermined function by executing a program stored in the memory by the processor. A function management method of an IC card for managing the authority to transfer a ticket message for permitting use of the predetermined function from the first card to the second card, The second card sets, in response to receiving the ticket message, right information indicating that the predetermined function can be used in a memory of the second card. Card function management method. 2. The number information indicating the number of ticket tickets that can be issued to the second card is set in the first card in advance, and the step of transferring the ticket message includes: 2. The IC card function management method according to claim 1, further comprising the step of reducing the number of issuable cards managed by the information. 3. The step of transferring the ticket message includes a step of generating the ticket message by encrypting a plaintext signifying the transfer of the ticket with a first encryption key, and the step of setting the rights information comprises: 2. The method of claim 1, further comprising the step of decrypting the ticket message with a second encryption key to obtain the plaintext.
C card function management method. 4. The ticket message includes a signature key obtained by encrypting the second encryption key with a third encryption key, and the step of setting the right information further includes using a fourth encryption key. 4. The IC according to claim 3, including the step of decrypting said signature key and obtaining said second encryption key.
Card function management method. 5. The method of claim 1, further comprising the step of: said second card revoking said rights information and forwarding a ticket return message to said first card.
C card function management method. 6. The IC card management method according to claim 5, wherein the invalidation of the right information is performed in response to a ticket transfer request from the first card. 7. Number information indicating the number of tickets that can be issued to the second card is set in advance in the first card, and the first card stores the ticket return message in the first card. In response to receiving it,
7. The IC card function management method according to claim 5, further comprising the step of reducing the number of issuable cards managed by the number information. 8. When the second card realizes the predetermined function, the second card confirms whether or not the user has the right to use the predetermined function based on the right information. 8. The IC card function management method according to claim 1, wherein processing for realizing the predetermined function is not performed. 9. An IC card system in which a plurality of cards have a common function and can be used as a group, wherein the cards in the group are composed of one parent card and other child cards. An IC card function management method, wherein a common function is distributed and collected by transferring a right to use a common function between a parent card and a child card. 10. The parent card has a limited number of right to use a common function in an initial state, and uses the common function by transferring the right to a child card not having the right in an initial state. The IC card function management method according to claim 9, wherein the method is enabled. 11. The transfer of the right to use the common function is performed by mutual authentication between the parent card and the child card, and by transferring the right using encrypted data based on the authentication. The method for managing an IC card function according to claim 9. 12. A first card comprising a processor and a memory, wherein the first card which is a parent card for realizing a predetermined function by executing a program held in the memory by the processor, a processor and a memory, A second group which is a child card having a group with the parent card and having at least a part of the functions of the parent card;
And a terminal device interposed in data transfer between the parent card and the child card, wherein the parent card can set validity / invalidity of the at least some functions in the memory. A storage area for holding number information indicating the number of child cards, and the child card holds, in the memory, right information indicating whether or not the at least some functions can be used. Area, the ticket information for permitting the use of at least a part of the function from the parent card to the child card within the range indicated by the number information is transferred via the terminal device, The child card that received the ticket information transfer,
An IC card system, wherein rights information indicating that at least a part of the functions can be used is set in the area. 13. A parent card having a processor and a memory, a child card having a processor and a memory and forming a group with the parent card, and an IC in an initial state possessed by an issuer of the parent card and the child card. It has an embedded terminal for incorporating an application program for realizing a predetermined function in a card, and a user terminal possessed by the user and interposed in the transfer of information between the parent card and the child card. A function management method of an IC card in an IC card system, wherein the embedded terminal stores, in a memory of the IC card serving as the parent card,
Set the number of rights information that can be issued to enable the use of the predetermined function in the child card, indicating that the predetermined function cannot be used in the memory of the IC card serving as the child card Set the first rights information,
Transferring ticket information for enabling the predetermined function from the parent card to the child card within the range of the issuable number via the user terminal, and transferring the ticket information in the child card Rewrites the first right information into second right information indicating that the predetermined function is available, and responds to the request to execute the processing for realizing the predetermined function. Checking the rights information in the memory, and executing the processing for realizing the predetermined function when the second rights information is set, wherein . 14. An IC card having a processor and a memory and holding programs for using various services, the memory having a storage area for holding information indicating whether or not the services can be used, Receiving ticket information for permitting use of the service from outside, and in response to receiving the ticket information,
An IC card having a function of setting right information indicating that the service can be used in the storage area. 15. The ticket information is encrypted, and the setting function sets the right information when the ticket information can be decrypted with a given encryption key. The IC card according to claim 14, wherein