JP2002099856A - Card information handling system on network - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a card information handling system with improved security when performing a card settlement in commerce on a network. SOLUTION: In this card information handling system for an electronic commerce system, a password for card settlement is included in addition to a card number as card information, a means encrypting the password including the date of a date generating means (a calendar clock) is lent by a card company station 2 to be installed in a user terminal 1, the user terminal 1 encrypts the password of the card information by the means and sends it to a virtual store server 3, the virtual store server 3 requests for a credit check on the received card information to the card company station 2, and the card company station 2 deciphers the encrypted password in the card information including the date to perform the credit check. The encrypting means is generated so process contents are random between users, and a readout prohibiting protection is applied when installing it.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method for handling card information such as a credit card, a cash card, and a David card on a network, and particularly to a method for accessing a virtual shop or service site on the Internet to purchase a product or service. And a card information handling method for improving the security of information including a card number presented through the Internet.

[0002]

2. Description of the Related Art When purchasing a product using a card on the Internet, the card number must be presented to a virtual store on the Internet. There is anxiety that the card number leaked above and that it caused a card damage accident.

That is, before and after presenting the card number, the purchaser's personal information (name, telephone number, address, etc.) or user identification information is also presented.
Alternatively, if the user identification information and the card number are stolen as a set of information, there is a risk that these information may be used improperly.

[0004] In the event of a card accident, it is rare for a card member to pay the amount of damage directly, and the card company is often paid by insurance. It is partially funded and ultimately borne by cardholders.

[0005]

When a card number is leaked on the Internet together with personal information and user identification information when making a card payment on the Internet, there is anxiety as a user.

Therefore, a password is added to the card number when making a payment, and the password is encrypted, and the password is changed and transmitted and received every time. At the time of credit check, the encrypted information is added to the password in the computer of the card company. The above problem can be solved by decrypting the data and confirming that the personal information or user identification information, the card number, and the password all match those registered and stored in advance.

If the RSA encryption or similar encryption is used as the encryption means, it is difficult for an outsider to decipher the data and the confidentiality is improved. Is also a numerical value of more than ten digits, and it takes time to perform encryption and decryption.

On the other hand, the terminal on the online shopping user side may be an inexpensive terminal dedicated to the Internet or a portable terminal, and the processing performance of these terminals and the like is not high. The response time at the time of operating the terminal is not prolonged if the means is used.

Further, in a system in which a card member (user) terminal communicates with a card company in advance in order to change an apparent password value each time transmission / reception is performed, the terminal is not always in a receivable state. In this case, the pre-processing is not performed, and the settlement processing and the credit check processing stagnate.
Another problem arises that communication costs are additionally required.

[0010] Further, it is necessary to mount an encryption means on the user terminal, so that a card member (user) improperly impersonates another member of the same card company, or once becomes a card member and installs the encryption means. There is a high possibility that after receiving and decrypting the information, the member will leave the membership and improperly impersonate another member. For example, the encryption processing (operation contents) is kept private to the user and cannot be easily decrypted. The content should be varied.

[0011] In consideration of the above, the inexpensive terminal is almost always provided with a calendar clock (date generating means), and when transmitting and receiving a password, the password is encrypted including the date. In addition, it is sufficient to provide the user with an encryption means for preventing the contents of the encryption processing from being analyzed and changing the processing contents at random by the user.

[0012] In this way, security on the net is strengthened and safety is improved. As a result, it is possible to reduce the card insurance premium collected as part of the annual membership fee.

[0013]

According to a first card information handling method according to the present invention, a user holding a card transmits card information to a virtual store or service site on a network from a terminal to purchase a product or service. This is a card information handling system in an electronic commerce system in which the virtual store or service site requests a credit card company station through a network for a credit check of the card information, wherein the card information includes a password in addition to a card number. The terminal includes date generation means and means for encrypting the password including the date information, encrypts the password in the card information and transmits the encrypted password to the virtual shop or service site, The site stores the received encrypted password in the card information at the time of the credit check request. Use the card company station is characterized in that having a means for credit decode including date information encrypted password received check.

In a second card information handling system according to the present invention, the password encryption means of the terminal also has means for counting the number of password transmissions within the same date, and re-processes date information according to the count value. In addition, there is provided a means for encrypting data including the reprocessed date information.

In a third card information handling system according to the present invention, the card company station generates a password encryption module based on the date information and an arithmetic value randomly assigned, and processes the generated encryption module. There is also provided a means for renting the contents to individual card members' terminals while keeping the contents confidential, so that the contents of the encryption processing at the terminals are randomly different between the terminals.

According to a fourth card information handling method of the present invention, when the user terminal transmits card information including an encrypted password, the terminal information at that time is transmitted as accompanying information, and the terminal information is received. The virtual shop or service site transmits the card information transmitted when requesting the credit check, including the accompanying information, and the card company station decrypts the received encrypted password including the date information of the accompanying information. A credit checking means.

The first card company station according to the present invention provides, for each card number, personal information of the member holding the card number,
Generates a password encryption module that encrypts cardholder data that holds passwords and information including date information, lends the processing contents to individual cardholder terminals while keeping the processing contents confidential, and performs credit checks. It is characterized by having a credit check means for decrypting the encrypted password included in the received card information including the date information when requested, and comparing the password and the other received information with the card member data.

The second card company station according to the present invention provides, for each card number, the personal information of the member holding it,
Generates a password encryption module that encrypts cardholder data that holds passwords and information including date information, lends the processing contents to individual cardholder terminals while keeping the processing contents confidential, and performs credit checks. Credit check means for decrypting the encrypted password in the received card information when requested, including the date information received along with the card information, and comparing the password and other information received with the card member data; It is characterized by having.

The third card company station according to the present invention is characterized in that the credit check means also has means for confirming that the received encrypted password is not the received encrypted password within the same date. And

The fourth card company station according to the present invention provides, for each card number, the personal information of the member holding it,
Designate one of the cardholder data holding the password, the password encryption template for encrypting with the date information, the random conversion submodule of many numbers and alphabets, and one of the random conversion submodules with the card number information, A means for creating an individual encryption module embedded in the password encryption template and lending it to each card member's terminal while keeping the processing contents confidential, and an encryption password in the card information received when a credit check is requested Is decoded using the date information, the received card number information, and the random conversion submodule,
It is characterized by having a credit check means for collating the password and other received information with the card member data.

The fifth card company station according to the present invention provides, for each card number, personal information of the member holding the card number,
Designate one of the cardholder data holding the password, the password encryption template for encrypting with the date information, the random conversion submodule of many numbers and alphabets, and one of the random conversion submodules with the card number information, A means for creating an encryption module embedded in the password encryption template and renting it to each card member's terminal while keeping the processing content confidential, and an encryption password in the card information received when a credit check is requested, It is characterized by having credit check means for collating the card information with the received date information, the received card number information, the password and the other received information by using the random conversion submodule. And

[0022]

Next, a first embodiment of the present invention will be described with reference to the drawings. FIG. 1 is a configuration diagram of an electronic commerce system using the card information handling system of the present invention. This electronic commerce system includes a card member's user terminal 1, a card company station 2, and a virtual store server 3, which are connected by a network 4. The user terminal 1 is a card member's personal computer, web terminal, mobile terminal, or the like. The network 4 will be described as a webnet as a typical example.

The user terminal 1 is a terminal of a card company member, and the member applies for personal information (name, telephone number, address, etc.) and a password to the card company when joining. This password is used when making a credit card payment on the Internet, and is encrypted using the date of the calendar clock of the user terminal 1 and transmitted.

In the card company station 2, when contracting with a member, in addition to the usual enrollment procedure, a registration for encrypting and using a credit card payment dedicated on the Internet is performed, and an encryption module is provided by the card company. Borrow and use.

The virtual store server 3 is a server having a virtual store function on the Internet. When a product is ordered from the user terminal 1, the personal information received at the time of ordering,
The card number and the encrypted password are sent to the card company station 2 of the corresponding card company to request a credit check. The user is authenticated as a card member by the card company station 2 and the merchandise is sent to the user.

The card company station 2 holds the member's personal information and password as member data 26, generates an encryption module for the password, and lends it to each member.
When a credit check request is received from the virtual store server 3, the encrypted password is decrypted by the calendar clock date of its own device and the commutation submodule specified by the card number information, and is combined with other received information. Then, the data is compared with the held member data, and if they match, the user (card member) is authenticated as the user.

FIG. 2 is a block diagram showing a detailed configuration of the user terminal 1. The user terminal 1 accesses a server and a site on the web net, and obtains the URL (Unif).
(or Resource Locator), an input / output unit 12 such as a keyboard, a display unit 13, an encryption module 14 for encrypting a password, and a calendar clock 15.
have.

The encryption module 14 is a module in a machine language format downloaded from the card company station 2 in a compressed format, decompressed by the downloaded installer 232, and installed on a magnetic disk or a nonvolatile memory.

The access attribute 141 is a flag indicating permission / inhibition of read / write / execution access of this module. Immediately after this module is installed, read / write is inhibited by the installer 232, and only execution is performed. It is set to an allowed value. Calendar clock 15
Is a timer which is backed up by a battery and keeps the date and time.

FIG. 3 is a block diagram showing the configuration of the virtual store server 3. As shown in FIG. The virtual store server 3 determines that the U
Web server processing means 31 for responding to the access addressed to the RL and transmitting the information and procedure of the specified URL to the other party;
Order settlement processing means 32, menu information 33, and product information 3
Has four. The order settlement processing means 32 to the product information 34 are URLs under the web server processing means 31.

FIG. 4 is a block diagram showing a detailed configuration of the card company station 2. As shown in FIG. Card company station 2
Are web server processing means 21, registration processing means 22, encryption module generating / renting means 23, multiple commutation sub-modules 24-1,... 24-n, credit checking means 25, member data 26, calendar It has a clock 27 and input means 28.

The web server processing means 21 has the same function as the web server processing means 31, and upon receiving an access request, requests a password for server login from the other party and confirms that the code is a predetermined code. Before accepting this request.

The input means 28 is an input means for off-line or local communication to the card company station 2. A keyboard or a file device that handles a removable storage medium, or an input personal computer connected via Ethernet (registered trademark).

The registration processing means 22 is used when a member joins.
Personal information and a password are received from the input means 28 for each card number and registered in the member data 26 using the card number as a key.

The encryption module generating / renting means 23
An encryption module for encrypting the password is generated and lent to the user terminal 1 of the member through the network 4.
The template module 231 is a model of the encryption module, and is a program unit that obtains the current date, calculates the input password using the date and transmission count, and processes the result.

The installer 232 is an installation program that decompresses and installs the compressed encryption module on the user terminal 1 and sets its access attribute to only execution permission.

The commutation submodules 24-1,..., 24
-N is a subroutine for randomly converting each number from 0 to 9 to a different number, and a large number (n) of patterns are prepared. The submodule determined by the card number information is incorporated in the template module 231 and transmitted to each user terminal 1.

When a credit check is requested from the virtual store server 3 through the web server processing means 21, the credit check means 25 decrypts the password, and the password and the received personal information are compared with the corresponding information read from the member data 26. It verifies, and if they match, it authenticates itself and returns the result.

The encrypted password received at the time of the credit check is temporarily stored in an entry corresponding to the card number in the member data 26 on a daily basis.

The decryption means 251 determines the commutation submodules 24-1,..., 24-n based on the received card number information, and performs the reverse commutation processing on the received encrypted password using the same. Then, an operation (an operation opposite to the encryption) is performed based on the number of receptions of the credit check request on that day and the date obtained from the calendar clock 27, and the password is decrypted.

The calendar clock 27 is a timer similar to the calendar clock 15.

Next, the operation of this embodiment will be described with reference to the drawings. FIG. 5 shows that when a user contracts with a card company and becomes a member, in addition to the usual enrollment procedure, a password dedicated to card payment on the Internet is registered, and an encryption module for the password lent by the card company is stored in the terminal itself. 6 is a flowchart showing a process until installation.

The user determines a password and applies for registration. That is, personal information and a password are written and mailed or telephoned. After examining the contents of the application, the card company assigns a card number if there is no inconsistency or suspicious point in the personal information, and notifies the user of the card number and the access destination URL by mail.

The registration processing means 22 causes the member data 2
In 6, the personal information and password are registered using the card number as a key.

The user operates the browsing processing means 11 of the user terminal 1.
To access the designated URL of the card company station 2, present the personal information and the card number, and request the download of the encryption module.

The encryption module generating / renting means 23 reads out the personal information of the member data 26 with the received card number, and checks it against the received information. If they match, one of the commutation sub-modules 24-1,... 24-n is designated by the card number information (for example, the second and fifth digits of the card number), and the designated sub-module is designated as an encryption module. After being embedded in the template 231, it is compressed and transmitted together with the installer 232.

The user operates the installer 23 of the user terminal 1.
2, the installer 232 decompresses the encryption module, installs it on a magnetic disk or a non-volatile memory, changes the access attribute 141 to read / write disabled, and changes to only execution permission.

FIG. 6 shows a process performed by the user terminal 1, the virtual store server 3, and the card company station 2 for a series of purchase procedures, credit check, billing, and payment when the card member performs online shopping at the user terminal 1. FIG.

The card member operates the user terminal 1 and first activates the encryption module 14. Encryption module 1
Reference numeral 4 displays an input screen for the password and the expected number of transmissions on the display means 13 to acquire the password input by the card member and the expected number of transmissions. The password transmission count counting means 142 is cleared to zero, the date is obtained from the calendar clock 15, and the first encrypted password is calculated and displayed using the date. Next, password transmission number counting means 142
Is incremented, and the next encrypted password is calculated from this value and the date, and is additionally displayed on the next line. This is repeated for the number of transmissions scheduled.

When the card member activates the browsing processing means 11 and accesses the virtual shop server 3, the web server processing means 31 of the virtual shop server 3 returns a menu and product information. When the card member decides the purchased product and proceeds to order, the order settlement processing means 32 returns a card information input screen.

In response, the card member inputs the product number, personal information, card name, card number, and encrypted password, and these are transmitted.

The order settlement processing means 32 of the virtual store server 3
Receives the above information, requests the credit card company station 2 corresponding to the card name to carry out a credit check together with personal information, a card number and an encrypted password.

The credit check means 25 of the card company station 2 decodes the encrypted password from the card number and the date information read from the calendar clock 27, and uses the card number as a key to read the personal information read from the member data 26;
Check against password. Also, the encrypted password received before the previous day of the same day is read out at the same time, and it is also confirmed that the received encrypted password is different from the previous one on the same day. If the collation is performed, if it is different from the last time, OK (authentication with the card member) is returned, and otherwise, NG is returned.

When the credit check result is received, the user terminal 1 is notified that the order has been accepted, and the card company station 2 is charged for the price of the product. The card company station 2 performs payment processing in response to this. (For example, the transfer from the company's bank account to the designated account is instructed through the network 4 or another network.) Then, the paid amount and the fee are stored in the member data 26.

The virtual store server 3 confirms the payment processing and sends the goods to the card member. The card company station 2 sends the charge request including the fee to the card member, and the card member pays the card company. Alternatively, the card company debits the account designated by the card member into its own account and notifies the card member.

Next, referring to FIG.
An example of the encryption operation will be described. In this example, the password for settlement is a five-digit number, and the most significant digit is a digit indicating whether the next digit or later is a plaintext value or an encrypted value. For example, "0" indicates a plaintext value,
“1” and “2” indicate encryption values.

If the date is July 12, the month and day are converted to 4-bit and 5-bit binary numbers, and the date value is set to "0111".
-01100 ". A fixed bit shuffling operation is performed on this date value as shown in FIG.

In the shuffle, the value of the least significant bit of the month and the value of the third bit of the day are exchanged. Perform the bit exchange shown below until the shuffled date value becomes “0011”.
01110b ".

2-5 digit number "4532" of the password
Is converted to a 14-bit binary number to obtain “11B4h”, and the above “001101110b” is subjected to binary addition to obtain an intermediate addition value “1222h”. This is converted to a decimal number to be "4642".

Next, this decimal number is subjected to a permutation process exemplified in FIG. 7 (4), converted to "1710", and the most significant digit is combined with "1" indicating encryption without carry, and Obtain the encrypted password “11710”. The commutation process is described in FIG.
Is a process of the permutation sub-module 24-i, and is a process that is randomly different for each user terminal.

For the second and subsequent encryptions, see FIG.
As shown in (3), re-processing is performed to rotate and shift the shuffled date value to the right by the transmission count value. Binary addition of the reprocessed date value to the binary password. The result of the addition is returned to a decimal number, and the above-described commutation processing is performed to obtain the second and subsequent encrypted passwords.

The decryption means 251 in FIG. 4 performs the reverse processing of the above-mentioned encryption operation processing. First, the received password 1
Since the digit is not “0”, it is assumed that the
The fifth to fifth digits are decrypted, and “0” is added to the most significant digit to form a password.

In the decoding of the second to fifth digits, the permutation value is returned to a numerical value by the designated permutation sub-module 24-i. Then, this is set to a 14-bit binary number format. Next, a date value is obtained from the calendar clock 27, and the same process as encryption is performed on the date value. After shuffling, a date value is obtained. This value is binary-subtracted from the 14-bit binary number, and the result is converted to a decimal number. Convert and decrypt.

In the above description, the password is a string of numbers, but may be a string of alphabets and numbers. In this case, the permutation process may be a process based on a permutation table including numbers.

When the credit card station 2 is operated at midnight and the credit is checked, there are two ways from the previous day to the last several days for several minutes to several tens minutes immediately before the date is changed. The encrypted password may be decrypted with the date information, and if any of the decrypted values matches the registered password, the password may be regarded as matched and checked.

As a result, the error of the calendar clock of each device and the time lag on the network are sufficiently tolerated.
Smooth credit check processing can be performed.

Next, a second embodiment of the present invention will be described with reference to the drawings. Referring to FIG. 8, in the present embodiment, when the user terminal 1 performs a purchase procedure with respect to the virtual store server 3, in addition to a product number, personal information, a card name, a card number, an encryption password, a calendar clock 15 Date, transmission count value (0 for the first time, 1 for the second time, 2 for the third time
・) And send it.

The virtual store server 3 requests the credit card company station 2 corresponding to the card name to carry out a credit check with the personal information, the card number, the encrypted password and the accompanying information (date, transmission count value).

The credit check means 25A of the card company station 2 does not use the information of the calendar clock 27 as the date information for decryption, but uses the received card number, date,
The encrypted password is decrypted from the transmission count value, and is compared with the personal information and password read using the card number. Also, it confirms that the count value is different from the value received before the previous day of the day and performs authentication.

If the received date information is more than a predetermined number of days (for example, two days) before the date of the calendar clock 27, the authentication result is determined to be NG.

In this way, there is a failure in the virtual store server 3 or the network 4 and it takes half a day or
The credit check process can be performed smoothly even if the user terminal 1 and the card company station 2 exist in different countries and the calendar clock 15 and the calendar clock 27 have a time difference.

In the description of the first and second embodiments,
The transmission of the encrypted password of the user terminal 1 has been described in the example in which the card member operating the browsing processing unit 11 inputs the value displayed by the encryption module 14 and transmits the value to the virtual store server 3. There is also the following method as a control method for transmitting data.

The operator of the user terminal 1 checks the browsing processing means 11
In response to the settlement password input screen, the first control character for instructing the encryption set is keyed in, the password is subsequently input, and then the second control character for instructing the encryption reset is input. Means 11 calls the encryption module 14 at the time of decrypting the first control character,
The password between the control characters may be passed, the encryption value may be obtained, the password between the control characters may be replaced with the encryption value, and transmitted to the URL of the other party.

A program for relaying communication between the session layer program for communication to the network 4 and the browsing processing means 11 is provided. This program detects the control characters, calls the encryption module 14, and converts the encryption value. May be performed.

[0075]

As described above, according to the present invention, in addition to a card number, a password for settlement is used for credit check when performing card settlement on a network. Since the card information including the encrypted password is intercepted, it cannot be illegally used, thereby preventing accidental damage due to the card. Eventually, card companies will be able to reduce insurance premiums for card accidents, which will result in lower cardholder annual membership fees, which is expected to increase the number of members.

Further, according to the present invention, the processing time is short, and the card means lends the encryption means which does not involve extra communication, so that there is an effect that the burden on the card member can be reduced.

Since the hardware of the encryption means is an extremely basic information processing section of the terminal and a calendar clock, an inexpensive web terminal as a card member terminal,
This has the effect that the encryption means can be used even on a portable terminal.

Further, according to the present invention, the encryption means lends the processing contents while keeping the processing contents confidential, and randomly changes the processing contents for each card member. It also has the effect of preventing this.

[Brief description of the drawings]

FIG. 1 is a configuration diagram of an electronic commerce system using a card information handling system of the present invention.

FIG. 2 is a block diagram showing a detailed configuration of a user terminal 1 in FIG.

FIG. 3 is a block diagram showing a configuration of a virtual store server 3 in FIG. 1;

FIG. 4 is a block diagram showing a detailed configuration of a card company station 2 in FIG. 1;

FIG. 5 is a flowchart showing processing of the card information handling system of the present invention, and is a flowchart showing processing from card member registration to installation of a password encryption module in the user terminal 1 of the member.

FIG. 6 is a diagram showing the processing of the first embodiment of the card information handling system of the present invention, which is performed by the user terminal 1, the virtual store server 3, and the card company station 2 when a card member performs online shopping at the user terminal 1. 9 is a flowchart showing a series of processing contents.

FIG. 7 is a diagram showing an example of an encryption operation of the encryption module 14 in FIG. 2;

FIG. 8 is a diagram showing a process of a second embodiment of the card information handling system of the present invention, which is performed by the user terminal 1, the virtual store server 3, and the card company station 2 when a card member performs online shopping at the user terminal 1. 9 is a flowchart showing a series of processing contents.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 User terminal 11 Browsing processing means 12 Input means 13 Display means 14 Encryption module 141 Access attribute 142 Password transmission frequency counting means 15 Calendar clock 2 Card company station 21 Web server processing means 22 Registration processing means 23 Encryption module generation / renting means 231 template module 232 installer 24 commutation sub-module 25 credit checking means 251 decryption means 26 member data 27 calendar clock 3 virtual store server 31 web server processing means 32 order settlement processing means 33 menu information 34 product information 4 network

──────────────────────────────────────────────────続 き Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) G07F 7/12 G07F 7/08 B

Claims (9)

[Claims] 1. A card holder transmits card information from a terminal to a virtual shop or service site on a network for purchasing goods or services, and the virtual shop or service site checks the credit of the card information. Is a card information handling system in an e-commerce system that requests a card company station through a network, wherein the card information includes a password in addition to a card number, and the terminal includes date generation means and the password including the date information. And encrypts the password in the card information and sends it to the virtual store or service site. The virtual store or service site converts the received encryption into the card information at the time of the credit check request. Using the password, the card company station receives the encrypted password A card information handling method comprising means for decrypting a card including date information and checking credit. 2. The password encryption means of the terminal further comprises means for counting the number of password transmissions within the same date, reprocessing date information in accordance with the count value, and encrypting the date information including the reprocessed date information. 2. The card information handling method according to claim 1, further comprising means for converting the card information. 3. A means for the card company station to generate a password encryption module based on the date information and a randomly assigned operation value, wherein each generated card is kept secret while the processing contents of the module are kept secret. 3. The card information handling system according to claim 1, further comprising means for lending to a member terminal, wherein the contents of the encryption processing at the terminal are randomly different between the terminals. 4. When the user terminal transmits card information including an encrypted password, the user terminal transmits date information at that time as accompanying information, and the virtual shop or service site receiving the information transmits the credit check. The card information to be transmitted when requesting, including the accompanying information and transmitted,
3. The card information handling system according to claim 1, wherein the card company station has means for decrypting the received encrypted password including the date information of the accompanying information and checking the credit. 5. For each card number, a password encryption module for encrypting personal information of a member holding the card, card member data holding a password, and information including date information is generated, and the processing contents are concealed. Means to lend to each card member's terminal as it is, and when a credit check is requested, the encrypted password in the received card information is decrypted including date information, and the password and other received information, A card company station having credit check means for checking member data. 6. A password encryption module is generated for each card number, which encrypts personal information of a member holding the card, card member data holding a password, and information including date information, and conceals the processing contents. Means to lend to each card member's terminal as it is, and decrypting the encrypted password in the card information received when requested for credit check, including the date information received along with the card information, and password And a credit check means for collating the received other information with the card member data. 7. The credit checking means according to claim 5, further comprising means for confirming that the received encrypted password is not a received encrypted password within the same date. Card company station. 8. A card encryption template for encrypting with personal information of a member holding the card number, a card member data for holding a password for each card number, and date information for each card number,
A large number of random conversion sub-modules of numbers and alphabets, and one of the random conversion sub-modules specified by the card number information, embedded in the password encryption template to generate an individual encryption module, and conceal the processing contents. Means to lend to each card member's terminal as it is, when the credit check is requested, the encrypted password in the received card information is decoded using the date information, the received card number information, and the random conversion submodule, 6. The card company station according to claim 5, further comprising credit checking means for checking the password and other received information with the card member data. 9. A personal information of a member holding the card number, card member data holding a password for each card number, a password encryption template for encrypting with date information,
Many types of random conversion sub-modules of numbers and alphabets and one of the random conversion sub-modules are specified by the card number information, an encryption module is built in the password encryption template, and the processing contents are kept confidential. Means to lend to each card member's terminal, the encrypted password in the card information received when a credit check is requested, the accompanying date information,
7. The card according to claim 6, further comprising a credit check unit for decrypting the received card number information using the random conversion submodule, collating the password and the other received information with the card member data. Company station.