JP2000132610A - User identifying method and ic card - Google Patents

Abstract

PROBLEM TO BE SOLVED: To allow an IC card side to receive and certify password information provided for an IC card user without increasing the burden such as the user's memory and safely against tapping action. SOLUTION: Both of a password information receiving program and a password information certifying program are held in the IC card as a pair. At the time of certifying the user of the IC card, the password information receiving program is loaded from the IC card 12 to a terminal device 13, which transmits/receives information between the IC card 12 and its user, to execute. Thus, a display picture for inputting password information is displayed on a display attached to the device 13 and user password information inputted through this display picture for inputting password information is transferred to the password information certifying program operating in the IC card 12 from the password information receiving program to certify the propriety of user password information.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a user authentication method suitable for handling electronic money or the like using an IC card.

[0002]

2. Description of the Related Art In a commercial transaction system that handles electronic money using an IC card, security is an important issue. In particular, when an IC card is used as a general-purpose electronic wallet or credit card, authentication of a valid card user is performed in various electronic money payment / reception situations. This authentication method must be sufficiently secure.

When an IC card is frequently used in various situations, a malicious person can pass through user authentication by unauthorized means in an initial process for starting to put data into and out of the IC card. If it is possible, any technology that robustly protects the electronic money data itself will be useless.

At present, as cards generally used by limited users, there are a credit card issued by a credit company, a cash card issued by a bank, and the like. In general, the former is a handwritten signature, and the latter is generally input of a four-digit password using a cash dispenser device.

[0005] However, in a situation where electronic money is held using an IC card and is used for purchasing goods, etc., since the IC card has data having a monetary value, it is necessary to provide guarantees in the event of theft. From a viewpoint, more strict user authentication technology is required.

[0006] In particular, a terminal for transferring electronic money data from an IC card is not always a limited safe situation and device like a cash dispenser device of a bank. Usage conditions and equipment, such as taxis and amusement centers, can vary.

[0007] Further, the terminal device for IC cards prepared by each retail store or the like is not always a specific device designated by the IC card issuer, but rather accepts various IC cards corresponding to various commercial transaction services. A common device may be installed, which is not always safe. For example, there is a risk that a mechanism for stealing a user's password will be incorporated into the terminal device.

[0008] As described above, if it becomes commonplace to carry out business transactions while holding electronic money in an IC card, it is different from a conventional credit card or cash card under a condition in which security is not ensured. The situation in which a valid card user must be authenticated increases.

Conventional user authentication techniques include (1)
PIN, (2) signature, (3) fingerprint, (4) voiceprint,
(5) Information based on user-specific information such as a retinal pattern is known, and is at various levels from a research stage to a practical stage.

[0010] Among them, the method using the password of (1) is a method which has already been put to practical use in a bank card or the like. Is the amount of data normally set. In order to further increase the security by this method, the number of digits of the password data may be increased, but this imposes a burden on the user's memory.

[0011] Next, the one using the signature of (2) is not digitized, but is actually used by a credit card or the like, and the person who performs the authentication visually judges. When this is digitized, it is necessary to attach a special device for signature to all terminal devices for cards, which is an obstacle to the spread in terms of cost. Also,
The determination algorithm also needs to determine the similarity of data, and there is a problem in processing for distinguishing differences due to imitation.

Next, (3) fingerprint, (4) voiceprint,
The method using the biometrics such as the retinal pattern of (5) handles the physical characteristics of the user as data, but has the same problem as the method using the signature. Also, in order to increase the accuracy, it is necessary to add a special device for each data. For example, a method using voiceprints requires a processor or software to calculate features specific to each user from voice information, and a method using retinal patterns requires a device that reads the retina first. become. Therefore,
There are many difficulties in applying such information to user authentication for IC cards in the field of general commercial transactions.

On the other hand, recently, when an IC card is used in a commercial transaction system handling electronic money, an OS (Operating System) in the IC card is not used as a passive medium only for storing data like a conventional magnetic card. An operating system has been developed which operates an application program for commercial transactions on an IC card OS and uses it as an active card for performing services related to commercial transactions.

As a technique of user authentication for this active IC card, which takes into account the use situation of the user, there is a technique disclosed in, for example, JP-A-62-37198. In this method, a personal identification number is input in advance from an IC card case, and electronic money can be exchanged within a short time at a ticket gate of a train. However, the amount of use is determined in advance for safe use. It is considered that the authentication method is limited to a situation where the transaction is small or small, and is not an authentication method corresponding to various commercial transaction situations.

[0015] In addition, if the user has no use authority due to theft, etc.
As a defense technique for obtaining a C card and attempting to use it, there is a technique disclosed in JP-A-61-151793. This is to count the number of times of failure in the verification with the authentication data on the card side, and prevent the card from leaking its own data when the number of times exceeds the specified number. Therefore, it is possible to prevent analogy processing of the authentication information itself after the card is stolen, but this does not prevent eavesdropping when using the card.

Meanwhile, in the future, instead of credit cards, etc.,
It is expected that such an IC card will be used for electronic commerce in an international situation. However, in overseas use, there is a problem particularly in the reliability of a terminal device that exchanges data with the IC card. Circumstances around the world
In the situation, the risk associated with the use of the card is different in degree, and there is a possibility that the risk is different from that in Japan, for example, the terminal device is modified so that the password information of the user can be eavesdropped.

[0017]

SUMMARY OF THE INVENTION The present invention has been made in order to solve such a situation, and the purpose of the present invention is not only for domestic use but also for international transactions such as overseas use. It is an object of the present invention to provide a user authentication method for securely receiving and authenticating password information possessed only by an IC card user on the IC card side without increasing the burden on the user and securely against eavesdropping.

[0018]

In order to achieve the above object, the present invention provides an IC card with a card user authentication function for overseas use. Specifically, the native language information (or Japanese information if the native country is Japan) and a program for processing it are stored in the card, and personal identification information is input when authenticating the card user overseas. Prior to the authentication procedure, an authentication procedure based on the native language information is performed.

For example, as the Japanese language information, hiragana, katakana, kanji and the like that are used on a daily basis are used. At the time of user authentication, some characters (for example, about 10 characters) are selected by a processing program in the IC card, some of which are processed to generate some non-Japanese characters, Display above. As a processing method, an incorrect character is generated by replacing a radical of a kanji character or adding a voiced point / semi-voiced point. The card user informs the authentication program in the IC card that the user is a valid user by selecting an incorrect character or a correct character created by processing on the terminal device.

In addition, a specific character group (for example, a kanji character with a letter) is specified in advance as a card user-specific setting, and these are also displayed as incorrect characters or correct characters on the terminal device at the time of user authentication. To select.

By taking such measures, for a card user who regularly uses Japanese as his native language, the amount of information to be stored hardly increases, and the processed characters are displayed visually. Since the error can be determined, the load is extremely light. On the other hand, it is very difficult for a foreigner to learn Japanese and acquire the ability to swiftly make mistakes, which has the effect of reducing the risk of unauthorized use when a card is stolen.

According to the present invention, a function of card user authentication based on user-specific information is provided in the IC card. Specifically, the user stores in the card the local information that the user knows in particular and the program that processes it,
Perform user authentication procedures.

For example, as the local information, a place of origin, around a work place, around a home school, and the like are selected, and data in the previously selected area is stored in an IC card.

Information on the area such as the place of origin and workplace is shared by many people, and the person who is familiar with the area information is not limited to the IC card user. By selecting three areas (the surrounding area, the town where relatives live, etc.), only the IC card user is the person who is familiar with all the selected areas.

The data in the area includes names of places, towns, natural objects (names of mountains and rivers), names of sightseeing spots, etc., and can be naturally acquired by living in the area, commuting, attending school, etc. Choose information. Such information can be easily obtained by selecting a part from a digitized map information system such as a car navigation system.

At the time of user authentication, some of the data in the area are selected by a processing program in the IC card, and a part or all of the data is processed and displayed on the terminal device. As a processing method, an incorrect name is generated by partially replacing characters in the name, changing the reading method, and the notation. The IC card user informs the authentication program in the IC card that the user is a valid user by selecting an incorrect name or a correct name in the processed area on the terminal device.

By taking such measures, for a card user who has stored, as a matter of course, the regional information acquired from his own experience, the amount of information to be newly stored hardly increases, and processing is not performed. Names in the area where they are located can be immediately determined to be incorrect, so the burden is extremely light. On the other hand, it is very difficult for a person other than the IC card user to learn the information in all of the selected multiple regions and to acquire the ability to quickly correct the error. This also has the effect of reducing the risk of unauthorized use.

[0028]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS One embodiment of the present invention will be described below with reference to the drawings. FIG. 1 shows a service provider 1 for implementing the user authentication method for an IC card according to the present invention.
1, IC card 12, terminal device 1 for IC card
FIG. 4 is a diagram showing a relationship of No. In FIG. 1, for example,
When the “bank A”, which is the service provider 11, provides the “IC card user B” who has an account at the bank with a service for transferring electronic money to and from the IC card 12 owned by the user B, A “password information reception program” and a “password information determination program” are distributed to the IC card 12 in advance.

This program is distributed in a secure environment, such as in a branch of "Bank A", where a cash dispenser device is installed, or where a user uses a personal computer at home.

An “IC card user B” having an IC card 12 to which a pair of programs corresponding to the service provided by “bank A” has been distributed, uses electronic money held in the IC card 12 to An article or the like can be purchased at “Retail Store C” where the terminal device 13 for IC cards is installed.

FIG. 2 shows a terminal device 1 for an IC card.
It is an external view which shows an example of No.3. Here, the function is extended based on a telephone, and a slot 21 for an IC card is prepared. By inserting the IC card 12 into the slot 21, electronic money and other data can be exchanged between the IC card 12 and the terminal device 13.

In the present embodiment, the input of the password information is not performed by the ten key device 22 but by using the screen display device 23. In FIG. 2, the screen display device 23 is a touch screen, and
The card user B selects an object by touching or pressing the object displayed on the touch screen.

As means for selecting the displayed object, means using a mouse, a trackball, a touch pad or the like can be considered, but the present invention does not limit the type of this selecting means.

FIG. 3 is a flowchart showing an outline of the procedure from the insertion of the IC card 12 into the terminal device 13 to the transaction handling electronic money. First, the IC card 12 on the side of paying the electronic money determines whether or not the terminal device 13 conforms to the correct standard (step 31). It is determined whether the user of the card 12 is a valid user (step 32). After passing these checks, the IC card 12 provides the electronic money to the terminal device 13 and ends the transaction processing (step 33), is discharged from the slot 21 and returned to the user.

Here, if the checks in steps 31 and 32 do not pass, the IC card 12 judges and does not permit commercial transactions using electronic money. The present invention relates to an IC card user authentication step of step 32 in this procedure.

FIG. 4 shows a procedure for authenticating an IC card user by incorporating a "password information receiving program" 121 and a "password information authentication program" 122 into the IC card 12.
This is shown in detail from the operation of FIG.

First, the IC card 12 is inserted into the terminal device 1.
3 is inserted into the slot 21, the “password information receiving program” 121 is transmitted from the IC card 12 to the terminal device 13.
(Step 41), and the terminal device 13
Is started (step 42). At the same time, the "password information authentication program" 122 starts operating on the IC card (step 43), and exchanges data with the "password information reception program" 121 loaded in the terminal device 13 by communication.

The loading, execution, and communication of these programs can be easily realized by mounting a Java virtual machine and a Java applet distribution mechanism in the IC card 12 and the terminal device 13, for example. However, the present invention is not limited to a specific programming language or a method of loading and executing a program.

The “secret information receiving program” 121 started operating in the terminal device 13
A screen for inputting authentication information is displayed on the screen display device 23 (step 44). In the present embodiment, the screen display device 23
Is a touch screen, so the IC card user touches or presses this screen,
The personal identification information is input (step 45).

FIG. 5 is a diagram showing a "secret information receiving program" 12
FIG. 3 is a diagram showing an example of an authentication information input screen displayed by No. 1; Since the "password information receiving program" 121 is distributed for each of various transaction services, a specific administrator or a maker arbitrarily generates a screen to be generated so as to be different for each transaction type or service. be able to. Therefore, in this example, an area 51 for displaying the service name at the title position is provided. To confirm how many passwords have been entered,
An area 52 for displaying a number such as a mark, an OK button 53 for confirming that the password information has been input, a cancel button 54 for redoing when an error is made during the input, and an operation on the IC card 12. An area 55 for displaying a message from the operating “password information authentication program” 122 is also provided.

Regarding the input of the password information itself, in this example, objects of various "graphics" (△, ○, ☆, etc.) are generated and displayed. The position of these "graphics" is randomly generated each time, and the display position changes each time, so that even if the selection operation position is known to others, if the selected object itself is not known, the password information will not be known. It is devised. The displayed objects are not limited to "shapes", but "numbers", "alphabet"
"Japanese (Kanji / Hiragana / Katakana)" can be used instead. Further, it is possible to provide a variation by providing a rank of a color or a size to the object.

Further, it is possible not only to statically display these objects, but also to move them and display them, thereby giving variations. In any of these cases, "Password information reception program" 121
Manages which object is displayed at which position, it is possible to specify the object selected by the IC card user.

On the other hand, the password information itself to be remembered by the IC card user pays attention to specific attributes of these objects, and is registered in advance as a sequence of about four.

For example, (1) △ → □ → ○ → ☆ (2) green → red → yellow → purple (3) large → small → medium → maximum etc. can be used as the password information.

If such password information is set, IC
Card users can use complex PIN information with the same burden as remembering the PIN of a bank cash card.

On the other hand, by using a screen for inputting authentication information with a variety of variations, there is a possibility that information may be stolen by people around when inputting password information, and a device hidden in the terminal device 13 may be used. The possibility of eavesdropping can be greatly reduced.

The authentication information input from the IC card user through the authentication information input screen as shown in FIG. 5 is converted into a communication data format (step 4 in FIG. 4).
6) It is transmitted to the "Password information authentication program" 122 running on the IC card 12 (step 47).

FIG. 6 shows two programs 121 and 122.
It is an example of the data format of the password information passed between.

This is only the sequence of the input objects connected in order. However, the terminal device 13 does not know which attribute value sequence is actually valid password information. I have.

For more secure delivery, a secret key is prepared in advance between the two programs 121 and 122, and this communication data is stored in a "secret information receiving program".
It is also possible to adopt a configuration in which the encrypted password is transmitted at 121 and the password is decrypted after being received at the “password identification program” 122.

In the present embodiment, the password information is collectively passed between the "password information reception program" 121 and the "password information authentication program" 122.
The delivery of the password information input from the IC card user is not limited to the synchronization of the two programs, and the two programs may operate asynchronously.

Upon receiving the password information, the "password information authentication program" 122 authenticates whether or not the content is correct according to the data format (steps 48 and 49 in FIG. 4), and sends a message indicating the result to the "password". It is transmitted to the "information reception program" 121 (step 410). Here, since the program code itself for authenticating the password information is stored in the IC card 12 and operates there, there is no possibility that the algorithm is analyzed on the terminal device 13 such as copying and disassembling.

Upon receiving the message of the judgment result, the “secret information receiving program” 121
The message is displayed in the message area 55 prepared in the screen for inputting the authentication information (steps 411 and 41 in FIG. 4).
2).

Thereafter, the contents of the message are determined (step 413). If the input password information is correct and the authentication is successful, both programs end. Also, if the authentication fails, the message “Up to a certain number of times”
(Step 414), and input of password information is accepted again from the IC card user. When the two programs 121 and 122 are finished, a message of an end request is transmitted from the "password information receiving program" 121 to the "password information authentication program" 122 for synchronization (step 415), and the process ends. (Step 41
6). On the other hand, the “password information authentication program” 122 receives this termination request message (step 41).
7), end (step 418).

As is clear from the above description, according to the present embodiment, it is possible to realize an IC card user authentication method having the following features in a commercial transaction service using the IC card 12. . (1) It is difficult to steal password information in various situations of commercial transactions using the IC card 12. In particular, IC
It is safe even if the terminal device for card 13 is modified. (2) As a device for reading password information to be added to the terminal device 13, a special device specialized for a specific type of password information is not required. (3) Do not increase the burden on users due to an increase in password information and complexity. (4) The authentication method can be freely changed for each service.

These features are that the situation in which the IC card 12 is used is spread to various things, such as restaurants, supermarkets, station stands, taxis, and amusement centers, for which it is difficult to ensure a uniform level of security. It is particularly effective when

Next, a second embodiment of the present invention will be described. In the second embodiment, it is assumed that an electronic money transaction is made at an overseas retail store C in consideration of the international usage of IC cards, for example. When "bank A" provides "IC card user B" having a course with a service for transferring electronic money to and from the IC card 12,
"Japanese information" and "Japanese information processing program" are distributed to IC cards. In this case, if it is not for the Japanese, the "native language information" and the "native language information processing program" of the IC card owner are distributed. Hereinafter, the description will be made assuming that the IC card user is Japanese.

The distribution of the "Japanese information" and the "Japanese information processing program" is based on the situation such as the use of a personal computer in the branch of "Bank A", the location of the cash dispenser device, or the home of the user. Implement in a secure environment.

An “IC card user B” having an IC card 12 to which “Japanese information” and a “Japanese information processing program” are distributed, uses an electronic money held in the IC card 12 to make an IC card. An article or the like can be purchased at “Retail Store C” where the terminal device 13 for cards is installed. In the present embodiment, the "retail store C" is assumed to be an overseas one, particularly for the international use situation of IC cards. Terminal device 1 installed in "Retail store C"
3 has the same configuration as that of FIG. 2, and electronic money and other data can be exchanged between the IC card 12 and the terminal device 13 by inserting the IC card 12 into the slot 21. .

In the present embodiment, input of confirmation data for user authentication and personal identification information is input by the ten-key device 22. Japan information for user authentication is displayed on the screen display device 23.

As in the case of the first embodiment, the displayed characters may be selected by touching or pressing the IC card user using the screen display device 23 as a touch screen. Another option is to:
Although a device using a mouse, a trackball, a touch pad, or the like is conceivable, the present invention does not limit the type of the selecting means.

FIG. 7 shows an example of “Japanese information” 71 stored in the IC card 12. Characters are treated as a unit, and those used daily are selected and stored. For characters, in addition to the image information of the characters, several groups are prepared using a part of the information published in ordinary Japanese language dictionaries, Kanji dictionaries, etc., such as radicals and stroke numbers, and each entry is prepared. It also has information on which groups belong to.

Examples of groups for "Japanese information" shown in FIG. 7 include (1) Kanji with ninben, (2) Kanji with a canopy, (3) Katakana with turbid dots, and (4) Kanji with 4 strokes or less. Conceivable.

FIG. 8 shows an example in which a character image which can be clearly determined to be an error from the correct "Japanese information" is generated by the "Japanese information processing program". Here, it is added to hiragana and katakana, which should not have a cloud point or semi-voice point, or a part of kanji is processed. An IC card user whose native language is Japanese is configured to form an erroneous character image so that correctness can be immediately determined, and processing is performed so as not to increase the memory load.

FIG. 9 shows a procedure for setting before the normal use of the IC card 12 is started. First,
The user selects whether to use the user authentication procedure in the "overseas use mode" (step 91). Next, a user-specific Japanese group is selected (step 92). In step 92, a plurality of groups may or may not be selected. For example, a selection is made such as "Kanji with a crown and katakana with a half-tone dot". If one or more are selected, the user stores the group as personal identification information in the IC card 12 (step 93), and when the IC card 12 is used for payment at a retail store, the user makes a judgment in the user authentication procedure. Use as a reference. That is, if the displayed character belongs to the group, it is selected.

FIG. 10 is a flowchart showing an outline of a procedure from the insertion of the IC card 12 into the terminal device 13 to the transaction dealing with electronic money. The IC card 12 on the side of paying the electronic money firstly includes the terminal device 13
Is determined to meet the correct standard (step 101), and then it is determined whether the user of the IC card 12 is a valid user (step 102). After passing these checks, the IC card 12 provides the electronic money to the terminal device 13 and performs the transaction processing (step 103).
Is realized. If the checks in steps 101 and 102 do not pass, the IC card 12 judges and does not permit the commercial transaction using the electronic money.

FIG. 11 shows the details of the procedure for authenticating an IC card user based on the operation of the "Japanese information processing program" on the IC card 12 and the terminal device 13.

First, the "Japanese information processing program"
It is activated on the C card 12 and refers to the "Japanese information" distributed in the IC card 12, and selects some characters to be used for user authentication (step 111). For example, 10
If a number of characters are selected, the "Japanese information processing program" further selects some characters (any number of 10 or less) to generate an image of an incorrect character. This is a character for the user to specify during the user authentication process. On the "Japanese information processing program" side, at the same time as the generation of the character image, the correctness table is also created and retained. (Step 112). When the correct / incorrect table is created, if there is a character belonging to the Japanese group registered as user-specific information, this character is also set as an incorrect character in the correct / incorrect table. For example, if "kanji with ninben" is registered, the character "shin" is set as an incorrect character even if it is not processed as an image. The generated user authentication information includes only the character image information in order,
The data is transmitted from the C card 12 to the terminal device 13 (step 113).

After receiving these (step 114), the terminal device 13 sequentially displays the plurality of character images on the screen display device 23 (step 115).
Accept authentication information from the user (step 11
6). The user looks at the displayed character image and specifies an incorrect character on the terminal device 13 among them. Use a numeric keypad for specification. When the screen display device 23 is a touch panel, it can be designated by directly touching a character image. In addition, various pointing devices may be used. Characters to be specified by a legitimate user are not only erroneous characters, but also characters belonging to those previously registered as a user-specific Japanese group in advance. The characters specified by the user are transmitted from the terminal device 13 through the IC
The data is transmitted to the card 12 (step 117).

In the IC card 12, the “Japanese information processing program” receives the character number information sent from the terminal device 13 (step 118).
Authentication is performed using the correct / wrong table created in step (step 119), and the result of the determination is transmitted to the terminal device 13 (step 710).

The terminal device 13 receives the authentication judgment result from the IC card 12 (step 711), and displays the message content in the message area 55 prepared in the screen display device 23 (step 71).
2).

Thereafter, the terminal device 13 determines whether or not the authentication result is successful (step 713). If the authentication is successful, the terminal device 13 transmits a request for ending the user authentication procedure to the IC card 12 (step 717). . On the other hand, if the authentication fails, a retry request is further accepted from the user with conditions such as "up to a certain number of times" (step 7).
14) If the user authentication is attempted again, the message is transmitted to the IC card 12 (step 71).
5). If the retry is not performed, an end request is transmitted as in the case where the authentication is successful (step 717).

The "Japanese information processing program" receives a message from the terminal device 13 (step 71).
6), determine whether it is a retry request or a termination request (step 7)
18) In the former case, return to step 111 again,
In the latter case, the user authentication procedure ends.

FIG. 12 is an example of a screen for inputting authentication information displayed on the screen display device 23 in the terminal device 13. This screen is displayed in step 115 of FIG.
In step 116, a character number is received from the user using a numeric keypad or the like. In this example, eight characters are displayed in the display area 121, and the first, third, and fourth characters are clearly wrong. Further, when a group of “characters with a letter” is registered as information unique to the user, for example, number 7 corresponds. Therefore, the user is required to specify the first, third, fourth and seventh characters here.

In addition to this, in the screen, to confirm which character has been designated so far, an area 122 for echo-displaying the number, and when it is determined that the character has been designated, when the character designation is completed, A guide display 123 for explaining operations such as canceling the designation and retrying the user authentication procedure, a message display area 124 for displaying an authentication determination result and the like are provided.

FIG. 13 shows a second example of the authentication information input screen displayed on the screen display device 23 in the terminal device 13. This screen is also displayed in step 115 of FIG. 11, similarly to FIG.
In step 6, a character number is received from the user. In this example, eight characters included in the alphabet of the European language are displayed in the display area 131. Assuming that the card user is a German-speaking person, the characters included in the native language are It assumes a situation of choice. The characters included in the German alphabet are only the third and seventh characters out of the eight characters displayed, so the correct card user is required to select these. Here, if the card user is a German-speaking person, it can be immediately determined whether or not it is a native language character that is used daily. The characters selected here as examples are all correct characters included in the alphabet of another language. However, as shown in the example of FIG. 12, an existing character is processed to obtain a character image not included in any language. Can be created in the IC card 12 and displayed on the terminal device 13.

The method based on these specific native language character sets can be applied not only to European languages but also to various applications such as Chinese, Korean, Southeast Asian languages, and Arabic languages.

FIG. 14 is a third example of the authentication information input screen displayed on the screen display device 23 in the terminal device 13. This screen is also displayed in step 115 of FIG. 11, similarly to FIG.
In step 6, a word number is received from the user. In this example, nine words, such as a Nordic manufacturer name and product name, are displayed in the display area 141, and the card user is assumed to be Danish, and is not a manufacturer name or product name in the home country. It is assumed that you select. Of the nine words displayed, Nos. 2, 7, and 9 are Swedish manufacturer names, so the correct card user is required to select them. Here, if the card user is Danish, he or she is familiar with the name of the manufacturer or product in his home country on an advertising medium on a daily basis, so it can be immediately determined whether or not the card is from his home country. Conversely, it is also possible to make a setting in which only those in the home country are selected. Further, not only words related to other countries but also words related to the home country can be spelled or written as shown in the example of FIG.
It is also possible to make an erroneous one by processing in the card and display it on the terminal device 13.

Although the words selected here as examples relate to alcohol, communication, newspapers, confectionery, tobacco, furniture, toys, tableware, etc., the present invention is not limited to these fields. .

FIG. 15 is a fourth example of the authentication information input screen displayed on the screen display device 23 in the terminal device 13. This screen is also displayed in step 115 of FIG. 11, similarly to FIG.
In step 6, a word number is received from the user. In this example, 9 based on the local information around the work location that the user knows well.
The words are displayed in the display area 151, and it is assumed that the card user selects a word that is not near his / her work location. Of the nine words displayed,
Since No. 2 and No. 6 are far apart from the others, the correct card user is required to select them. here,
Since the card user is familiar with the local information near the work place on a daily basis, it is possible to immediately determine whether or not the card is located near the work place. Conversely, it is also possible to set to select only items near the work location of the user. Further, in addition to mixing and using words other than those in the vicinity, words related to the local information near the work location are processed in the IC card as shown in FIG. 12 by replacing some characters. It is also possible to create an incorrect one and display it on the terminal device 13.

As the region to be selected, besides the work location,
The IC card user chooses something that is already familiar with the area, such as the place of birth, the area where the relatives are, or the area around the school where he or she was born.

Here, as the regional information selected as an example,
Public facilities, retail stores, transportation, accommodation, sightseeing spots, etc., but the present invention is not limited to these fields.

If the area information used as the authentication information is only one area, there are usually many people who are familiar with the area information.
By using the same authentication information input screen as above, authentication information for a plurality of regions is input, so that persons who are familiar with all the selected regions can be almost exclusively limited to IC card users.

In order to specialize the area information for authentication to the IC card user, the target area is narrowed and limited to a small level of information, or information known only to the IC card user is mixed. Store in IC card.

The digitized area information unique to the IC card user to be stored in the IC card can be partially used as authentication information from, for example, a car navigation system or a map information system. Does not limit the method of acquiring the information.

According to the method shown in FIG. 15, the IC card user authentication is sufficiently effective not only for overseas use but also for domestic use.

As described above, the user of the IC card can use complicated password information with the same burden as learning the password of the bank card at the bank.

Further, by using such a screen for inputting authentication information that is rich in variations based on the native language information, when entering password information overseas, the information can be stolen by persons nearby. Gender and terminal equipment 1
The possibility of eavesdropping by the device hidden in 3 can be greatly reduced. In addition, the information unique to the user can be expected to have a large effect in terms of security with a smaller amount of storage compared to the increase in the password.

As is clear from the above description, according to the present embodiment, in the commercial transaction service using an IC card, in order to bridge the difference between overseas use and domestic use, the IC card has the following features. A method for assisting user authentication of the user can be realized. (1) It is possible to make it difficult to steal password information in various situations of domestic use of IC cards or international commercial transactions. (2) A special device specialized for a specific type of password information is not required for reading password information to be added to the terminal device. (3) Do not increase the burden on users due to an increase in password information and complexity.

[0111] These features are that the situation where IC cards are used in various situations, such as restaurants, supermarkets, station shops, taxis, and amusement centers, for which it is difficult to ensure a uniform level of security, both in Japan and overseas. It is particularly effective when it spreads to things.

[0091]

As described above, according to the present invention, a commercial transaction service using an IC card has the following features in order to bridge the difference between overseas use and domestic use.
A method for assisting user authentication of an IC card can be realized. (1) It is possible to make it difficult to steal password information in various situations of domestic use of IC cards or international commercial transactions. (2) A special device specialized for a specific type of password information is not required for reading password information to be added to the terminal device. (3) Without increasing the burden on the user due to the increase or increase in the complexity of the password information, the password information possessed only by the IC card user can be protected from eavesdropping without increasing the burden on the user's memory, etc. It can be safely received and authenticated on the IC card side.

[Brief description of the drawings]

FIG. 1 is a diagram showing a relationship between a service provider, an IC card, and a terminal device, which is a basis for realizing a user authentication method for an IC card according to the present invention.

FIG. 2 is an external configuration diagram showing an embodiment of a terminal device for an IC card.

FIG. 3 After inserting an IC card into a terminal device,
It is the flowchart which showed the outline | summary of the procedure until the transaction which handles electronic money.

FIG. 4 is a flowchart showing a detailed procedure of authentication of an IC card user.

FIG. 5 is a diagram showing an example of a screen for inputting authentication information displayed by a password information receiving program.

FIG. 6 is a diagram showing an example of a data format of personal identification information transferred between two programs.

FIG. 7 is an example of “Japanese information” stored in an IC card.

FIG. 8 is a diagram showing an example of generating a character image that can be easily determined to be an error by the Japanese information processing program.

FIG. 9 is a flowchart showing an outline of a procedure for setting before starting normal use of an IC card.

FIG. 10 is a flowchart showing an outline of a procedure from insertion of an IC card into a terminal device to transactions dealing with electronic money.

FIG. 11 is a flowchart showing a detailed procedure of authentication of an IC card user.

FIG. 12 is a diagram illustrating an example of a screen for inputting authentication information displayed on a terminal device.

FIG. 13 is a diagram (part 2) illustrating an example of a screen for inputting authentication information displayed on the terminal device.

FIG. 14 is a diagram (part 3) illustrating an example of a screen for inputting authentication information displayed on the terminal device.

FIG. 15 is a diagram (part 4) illustrating an example of a screen for inputting authentication information displayed on the terminal device.

[Description of Signs] 12: IC card, 13: Terminal device, 23: Screen display device, 71: Japanese information, 121: Password information receiving program, 122: Password information authentication program.

Claims (5)

[Claims] 1. A user authentication method for authenticating a user for business transactions using an IC card equipped with a microprocessor, wherein the user's native language information and a processing program for processing the same are stored in the IC card. When authenticating an IC card user, the native language information is processed by the processing program prior to the procedure for inputting personal password information of the user, and the processed native language information is stored in an IC card. Information on the display device of the terminal device that sends and receives the information, and prompts the user to select the correct or incorrect information in the displayed native language information. A user authentication method characterized in that the user is authenticated. 2. A language group of a native language is specified by an IC in advance.
2. The user authentication method according to claim 1, wherein user authentication is performed by registering in a card. 3. An IC card equipped with a microprocessor for use in user authentication for business transactions, wherein, when authenticating the IC card, native language information of the user is processed, and the native language information after the processing is processed. On a display device of a terminal device for transmitting and receiving information to and from an IC card, and a processing program for allowing a user to select correct or incorrect information in the displayed native language information, and a selection program An IC card having an authentication program for authenticating a user based on a result. 4. A user authentication method for authenticating a user for business transactions using an IC card equipped with a microprocessor, comprising: area information familiar to the user and a processing program for processing the information. The local information is processed by the processing program prior to the procedure of inputting personal information of the user when the IC card is authenticated and stored in the IC card, and the processed local information is stored in the IC card. On the display device of the terminal device that sends and receives information, and allows the user to select the correct or incorrect one of the displayed area information, and based on the result, the user's legitimacy. A user authentication method characterized in that the user is authenticated. 5. An IC card equipped with a microprocessor, which is used for user authentication for business transactions, wherein at the time of authenticating the IC card, regional information that is well known to the user is processed, and A processing program for displaying regional information on a display device of a terminal device for transmitting and receiving information to and from an IC card, and for allowing a user to select a correct or incorrect one of the displayed regional information; An authentication program for authenticating the user's validity based on the selection result.
card.