JP2002374570A - Communication method and its system, communication unit and processing unit - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a communication method in a system for an electronic commerce employing an IC that can simplify the entire configuration of the system including a transaction device (processing unit). SOLUTION: A user A selects a utility service on a menu of a mobile phone 14 and a mobile communication function section 20 accesses an IC service providing server unit 13 via a wireless communication channel 17 and a network 18. Then an IC 21 and the IC service providing server unit 13 make communication with each other to confirm the authentication. Then the user A approaches the mobile phone 14 to an IC- R/W device 15. Then the IC- R/W device 15 and the IC service providing server unit 13 make communication via the IC 21, the mobile communication function section 20, the wireless communication channel 17 and the network 18 to make processing with respect to a service provided by using the IC21.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

The present invention relates to an integrated circuit (IC:
The present invention relates to a communication method and a communication system using a communication device having a built-in integrated circuit, and a communication device and a processing device used for the communication method and system.

[0002]

2. Description of the Related Art Currently, electronic commerce using IC devices such as IC cards is performed. In electronic commerce using such an IC device (integrated circuit), a transaction device (processing device) installed in a store or the like communicates with the IC device in a contact type or a non-contact type and, for example, a network or a dedicated line. Is communicated with the IC service providing server device via the Internet.

[0003]

However, in the above-mentioned conventional electronic commerce, a transaction device installed in a store or the like has a communication function with an IC service providing server device separately from a communication function with the IC device. It is necessary to have a communication function, and there is a problem that the scale is increased. In addition, there is also a problem that a switching system is required to perform communication between the plurality of transaction devices and the IC service providing server device, and the configuration of the system is complicated.

[0004] The present invention has been made in view of the above problems,
It is an object of the present invention to provide a communication method and a system, a communication device, and a processing device that can simplify a configuration of an entire system including a transaction device (processing device) in a system for performing electronic commerce using an IC and that can reduce the size. I do.

[0005]

SUMMARY OF THE INVENTION In order to solve the above-mentioned problems of the prior art and achieve the above-mentioned object, a communication method according to a first aspect of the present invention comprises a first method having an integrated circuit and a communication circuit.
Between the communication device and the processing device used for services related to the integrated circuit by transmitting and receiving data between the integrated circuit and the integrated circuit, and the integrated circuit via the communication circuit A communication method for transmitting and receiving data and performing communication using a second communication device used for a service related to the integrated circuit, wherein the communication circuit transmits a service use request to the second communication device, In response to the service use request, mutual authentication is performed between the integrated circuit and the second communication device through the communication circuit, and the integrated circuit and the second communication device are mutually authenticated by the mutual authentication. When authenticating, the integrated circuit relays the exchange of data between the communication circuit and the processing device, and the second communication device and the processing device communicate with each other via the integrated circuit and the communication circuit. Performs processing relating to the service in communication with each other.

As described above, in the communication method of the first invention, the processing device has a communication function with the integrated circuit, but individually has a communication function with the second communication device. Not. That is, the processing device communicates with the second communication device using the function of the communication circuit of the first communication device.

[0007] A communication system according to a second aspect of the present invention relates to the integrated circuit by transmitting and receiving data between a first communication device having an integrated circuit and a communication circuit and the integrated circuit in a contact or non-contact manner. A processing device used for the service;
A communication system comprising: a second communication device that transmits and receives data to and from the integrated circuit through the communication circuit and is used for a service related to the integrated circuit, wherein the communication circuit includes the second communication device. Transmitting a service use request to a communication device, performing mutual authentication between the integrated circuit and the second communication device via the communication circuit according to the service use request, and performing the mutual authentication by the mutual authentication. When the second communication device and the second communication device authenticate each other, the integrated circuit relays the transfer of data between the communication circuit and the processing device, and the integrated circuit relays the data via the integrated circuit and the communication circuit. A second communication device and the processing device communicate with each other to perform processing related to the service.

A communication device according to a third aspect of the present invention has an integrated circuit and a communication circuit, and transmits and receives data to and from the integrated circuit in a contact type or a non-contact type, and performs processing used for a service related to the integrated circuit. A communication device for transmitting and receiving data between the device and the integrated circuit via the communication circuit and communicating with another communication device used for a service related to the integrated circuit, wherein the communication circuit Transmits a service use request to the other communication device, wherein the integrated circuit comprises:
In response to the service use request, mutual authentication is performed between the integrated circuit and the second communication device via the communication circuit, and the integrated circuit communicates with the integrated circuit and the other communication by the mutual authentication. When the devices authenticate each other's validity, the device relays data exchange between the processing device and the other communication device via the communication circuit.

An integrated circuit according to a fourth aspect of the present invention is an integrated circuit incorporated in a first communication device having a communication circuit, wherein the first interface exchanges data with the communication circuit, and the integrated circuit includes: A second interface for exchanging data in a contact or non-contact manner with a processing device used for the related service, and a second interface for transmitting and receiving data to and from the integrated circuit via the first interface and the communication circuit; Performing mutual authentication with a second communication device to be authenticated, and authenticating each other's validity with the other communication device by the mutual authentication, the first interface;
A control circuit that controls relaying communication between the processing device and the second communication device via the communication circuit and the second interface.

A communication device according to a fifth aspect of the present invention provides a service related to the integrated circuit by transmitting and receiving data between the integrated circuit and another communication device having the communication circuit in a contact or non-contact manner with the integrated circuit. A communication device that communicates with the processing device used for receiving a service use request from the communication circuit, and in response to the service use request, performs mutual authentication with the integrated circuit via the communication circuit. Performing the mutual authentication, the mutual authentication with the integrated circuit is performed, and the processing related to the service is performed by mutually communicating with the processing device via the integrated circuit and the communication circuit. Do.

According to a sixth aspect of the present invention, there is provided a processing apparatus for transmitting and receiving data between a first communication device having an integrated circuit and a communication circuit and the integrated circuit via the communication circuit, and providing a service related to the integrated circuit. A processing device that communicates with a second communication device used for the communication device, and an interface that transmits and receives data to and from the integrated circuit in a contact or non-contact manner, via the interface, The communication device accesses the second communication device using the relay function of the integrated circuit and the communication function of the communication circuit to perform processing related to the service.

A communication method according to a seventh aspect of the present invention relates to the integrated circuit, wherein the integrated circuit and the first communication device having the communication circuit exchange data in a contact or non-contact manner with the integrated circuit. A communication method for exchanging data between a processing device used for a service and the integrated circuit via the communication circuit and performing communication using a second communication device used for a service related to the integrated circuit. Performing a first mutual authentication between the integrated circuit and the processing device,
When the integrated circuit and the processing device authenticate each other's validity by the first mutual authentication, the integrated circuit and the processing device communicate with each other to perform a first process related to the service, After the completion of the first process, a second mutual authentication is performed between the processing device and the second communication device, and the processing device and the second communication device communicate with each other by the second mutual authentication. Upon authenticating the validity, the integrated circuit relays the transfer of data between the communication circuit and the processing device, and the processing device and the second communication device communicate with each other via the integrated circuit and the communication device. A second process related to the service is performed by communicating with each other.

[0013] A communication system according to an eighth aspect of the present invention relates to the integrated circuit by transmitting and receiving data between the first communication device having an integrated circuit and a communication circuit and the integrated circuit in a contact or non-contact manner. A processing device used for the service;
A communication system comprising: a second communication device that transmits and receives data to and from the integrated circuit through the communication circuit and that is used for a service related to the integrated circuit; Perform a first mutual authentication between
When the integrated circuit and the processing device authenticate each other's validity by the first mutual authentication, the integrated circuit and the processing device communicate with each other to perform a first process related to the service, After the completion of the first process, a second mutual authentication is performed between the processing device and the second communication device, and the processing device and the second communication device communicate with each other by the second mutual authentication. Upon authenticating the validity, the integrated circuit relays the transfer of data between the communication circuit and the processing device, and the processing device and the second communication device communicate with each other via the integrated circuit and the communication device. A second process related to the service is performed by communicating with each other.

According to a ninth aspect of the present invention, there is provided a communication apparatus including an integrated circuit and a communication circuit, for exchanging data with the integrated circuit in a contact type or a non-contact type, and performing processing for a service related to the integrated circuit. A communication device for transmitting and receiving data between the device and the integrated circuit via the communication circuit and communicating with another communication device used for a service related to the integrated circuit, wherein the integrated circuit Performs a first mutual authentication with the processing device, and the integrated circuit authenticates each other's validity with the processing device by the first mutual authentication. And performs the first process related to the service, and the integrated circuit and the communication circuit relay the communication between the processing device and the other communication device after the mutual authentication.

An integrated circuit according to a tenth aspect of the present invention is an integrated circuit built in a first communication device having a communication circuit, wherein the first interface transmits and receives data to and from the communication circuit; A second interface for transmitting and receiving data in a contact type or a non-contact type with a processing device used for a related service, and performing mutual authentication with the processing device via the second interface, When mutual validity with the processing device is authenticated by mutual authentication, communication with the processing device is performed through the second interface to perform a process related to the service, and a process related to the service is performed. A control circuit that relays communication between the processing device and a second communication device related to a service related to the integrated circuit via the communication circuit after the process is completed.

[0016] A communication method according to an eleventh aspect of the present invention relates to a method for transmitting and receiving data between a first communication device having an integrated circuit and a communication circuit and the integrated circuit in a contact type or a non-contact type. A data processor is used to transmit and receive data between the processing device used for the service and the integrated circuit via the communication circuit.
A communication method for performing communication using the communication device, wherein the integrated circuit and the second communication device perform mutual authentication via the communication circuit, and the integrated circuit and the second communication device are subjected to the mutual authentication. When the communication device and each other authenticate each other,
The second communication device accesses the integrated circuit via the communication circuit to set authenticity confirmation data, and the processing device verifies the authenticity confirmation data of the integrated circuit, and then performs processing related to the service. I do.

According to a twelfth aspect of the present invention, there is provided a communication system for transmitting and receiving data between a first communication device having an integrated circuit and a communication circuit and the integrated circuit in a contact or non-contact manner. A communication system comprising: a processing device used for a service; and a second communication device used for a service related to the integrated circuit, which exchanges data with the integrated circuit via the communication circuit. When the integrated circuit and the second communication device perform mutual authentication via a communication circuit, and the integrated circuit and the second communication device authenticate each other's validity by the mutual authentication, the communication circuit The second communication device accesses the integrated circuit via the second communication device to set authenticity confirmation data, and the processing device verifies the authenticity confirmation data of the integrated circuit. Performs processing related to nest.

A communication method according to a thirteenth aspect of the present invention relates to the integrated circuit, wherein the integrated circuit and the first communication device having the communication circuit exchange data in a contact or non-contact manner with the integrated circuit. A data processor is used to transmit and receive data between the processing device used for the service and the integrated circuit via the communication circuit.
A communication method for performing communication using the communication device, wherein a first mutual authentication is performed between the integrated circuit and the processing device, and the integrated circuit and the processing device are communicated by the first mutual authentication. When authenticating each other, a second mutual authentication is performed between the processing device and the second communication device, and the processing device and the second communication device mutually communicate with each other by the second mutual authentication. Is authenticated, the processing device and the second communication device communicate with each other via the integrated circuit and the communication circuit to perform a process related to the service.

According to a fourteenth aspect of the present invention, there is provided a communication system according to the first aspect, wherein data is exchanged between a first communication device having an integrated circuit and a communication circuit and the integrated circuit in a contact or non-contact manner. A communication system for exchanging data between the processing device used for the service and the integrated circuit via the communication circuit and performing communication using the second communication device used for the service related to the integrated circuit. Performing a first mutual authentication between the integrated circuit and the processing device, and when the integrated circuit and the processing device authenticate each other's validity by the first mutual authentication, the processing device and the processing device A second mutual authentication is performed with a second communication device, and when the processing device and the second communication device authenticate each other's validity by the second mutual authentication, the integrated circuit and the communication device are authenticated. Performs processing relating to the service and the processing unit and the second communication apparatus perform communication with each other through the circuit.

[0020]

DESCRIPTION OF THE PREFERRED EMBODIMENTS A communication system according to an embodiment of the present invention will be described below. First Embodiment FIG. 1 is an overall configuration diagram of a communication system 1 of the present embodiment. As shown in FIG. 1, the communication system 1 includes, for example, a gateway 10, an IC_R / W device 15, an IC service providing device 12, an IC service providing server device 13, and a mobile phone device 14. The mobile phone device 14 and the IC service providing server device 13 communicate via a wireless communication line 17 such as a mobile phone communication network, a gateway 10 and a network 18 such as the Internet. The mobile phone device 14 and the IC_R / W device 15 perform, for example, wireless communication.

The IC_R / W device 15 and the IC service providing server device 13 are, for example,
4. Communication is performed via the wireless communication line 17, the gateway 10, and the network 18. Further, the mobile phone device 14 includes a mobile communication function unit 20 and an IC 21.

The IC_R / W device 15 shown in FIG. 1 corresponds to the processing device of the present invention. Also, the mobile phone device 14
Is the first communication device of the first, second, fourth, sixth, seventh, eighth, tenth, eleventh, twelfth, thirteenth, and fourteenth inventions, and the third and ninth inventions And the other communication device of the fifth invention. Further, the IC service providing server device 13 is a second communication device according to the first, second, fourth, sixth, seventh, eighth, tenth, eleventh, twelfth, thirteenth, and fourteenth inventions. , Correspond to the other communication devices of the third and ninth inventions, and the communication device of the fifth invention.

First, an outline of an example of the operation of the communication system 1 shown in FIG. 1 will be described. FIG. 2 is a diagram for explaining an outline of an operation example of the communication system 1 shown in FIG. The user A visits the store 30 and selects a service to be used on the screen of the mobile phone device 14 (shown in FIG. 2). Next, the portable communication function unit 20 of the portable telephone device 14
And access to the IC service providing server device 13 via the network 18 (shown in FIG. 2). next,
The IC 21 communicates with the IC service providing server device 13 to confirm authenticity (shown in FIG. 2). The confirmation may be performed using, for example, predetermined password information. Next, the user A connects the mobile phone device 14 with IC_
Move closer to the R / W device 15 (shown in FIG. 2). Next, I
C_R / W device 15 and IC service providing server device 13
Is the IC 21, the mobile communication function unit 20, the wireless communication line 1
7 and the network 18 to communicate with each other.
1 is performed (see FIG. 2).

As described above, according to the communication system 1, I
C_R / W device 15 and IC service providing server device 13
The IC_R / W device 15 does not need to have a function for connecting to the network 18 or the like, since communication with the device is performed via the mobile phone device 14.

Hereinafter, each component of the communication system 1 shown in FIG. 1 will be described in detail. [Gateway 10] The gateway 10 is a device that relays communication between the wireless communication line 17 such as a mobile phone and the network 18.

[IC Service Providing Server 13] IC
The service providing server device 13 includes a mobile communication function unit 20,
It communicates with the IC 21 and the IC_R / W device 15 and
Processing related to the service provided by using C21 is performed.

FIG. 3 shows an IC service providing server device 13.
3 is a functional block diagram of FIG. As shown in FIG. 3, the IC service providing server device 13 is, for example, a SAM (Secure Appointment).
replication module) 51, a memory 52, a control unit 53, and an I / F unit 54.

FIG. 4 is a functional block diagram of the SAM 51 shown in FIG. The SAM 51 is a tamper-resistant hardware or software module. SAM5
Reference numeral 1 denotes an authentication unit 61 and an encryption / decryption unit 6 as shown in FIG.
2. It has an IC control unit 63 and an IC-related processing unit 64. The authentication unit 61 performs mutual authentication with the IC 21 described later and mutual authentication with the IC_R / W device 15.

The encryption / decryption unit 62 includes, for example, the memory 52
It encrypts data and application programs to be written into the memory 52, and decrypts data and application programs read from the memory 52.

The IC control section 63 controls, for example, communication with the IC 21. The IC-related processing unit 64
And performs processing related to a predetermined service.

The memory 52 is used as a virtual memory of the IC 21 and stores data and application programs related to services using the IC 21.

The control unit 53 controls the overall operation of the server 13 for providing IC services. FIG.
3 is a functional block diagram of FIG. As shown in FIG.
3 includes a portal unit 71, a user I / F unit 72, an AP (application program) execution unit 73, a SAM control unit 74, and a memory control unit 75. Portal 71
Realizes a portal function in response to access from the mobile phone device 14, for example, and displays a menu screen of a service that can be provided on a display unit of the mobile phone device 14, for example. The user I / F unit 72 controls a user I / F screen displayed on the display unit 34 of the mobile communication function unit 20. AP
The execution unit 73 executes the application program read from the memory 52. The SAM control unit 74 determines whether the SA
The processing using M51 is controlled. The memory control unit 75 includes:
It manages data and application programs stored in the memory 52.

[Portable Telephone Device 14] As shown in FIG.
The mobile phone device 14 includes a mobile communication function unit 20 and an IC 2
One. Here, the portable communication function unit 20 corresponds to the communication circuit of the present invention, and the IC 21 corresponds to the integrated circuit of the present invention. <Portable Communication Function Unit 20> FIG. 6 is a functional block diagram of the portable communication function unit 20 shown in FIG. As shown in FIG.
The mobile communication function unit 20 includes, for example, a voice input / output unit 31, A
/ D / D / A conversion unit 32, DSP 33, display unit 34, operation unit 35, IC_I / F unit 36, memory 37, control unit 3
8, a baseband processing unit 39 and a radio unit 40.

The audio input / output unit 31 generates a speaker that outputs audio corresponding to the analog audio signal input from the A / D / D / A conversion unit 32, and generates an analog audio signal corresponding to the input audio. And a microphone for outputting to the A / D / D / A converter 32.

The A / D / D / A converter 32 includes a DSP 33
Is converted into an analog audio signal and output to the audio input / output unit 31. A / D
The D / A converter 32 converts an analog audio signal input from the audio input / output unit 31 into a digital audio signal,
Output to SP33.

The DSP 33 performs band compression processing of a digital audio signal. The display unit 34 is, for example, a liquid crystal display that displays an image according to the display signal input from the control unit 38. The operation unit 35 is an operation button or the like, and outputs an operation signal corresponding to an operation of the operation button by the user to the control unit 38. The IC_I / F unit 36 transmits and receives data to and from the IC 21 shown in FIG.
T (Universal Asynchronons)
ReceiverTransmitter), IC2
An interface such as USB or IEEE1394. The memory 37 stores application programs and data necessary for processing in the control unit 38 and the baseband processing unit 39. The memory 37 may be fixed to the portable communication function unit 20 so as not to be detachable, or may be detachably attached to the portable communication function unit 20 such as a memory card.

The control section 38 generally controls the processing of the portable communication function section 20, and is controlled by the control section 48 shown in FIG. The baseband processing unit 39 performs a baseband process. The wireless unit 40
Processing such as amplification and detection of data (signal) transmitted and received via the antenna 17 and generation of an IQ signal are performed.

<IC21> The IC21 is a tamper-resistant integrated circuit capable of monitoring and preventing tampering of processing and data in the IC21, and data exchanged with the outside, and the IC_R / W device 15 and the IC Processing related to various predetermined services provided by using the service providing device 12 is performed. FIG. 7 shows the IC2 shown in FIG.
1 is a functional block diagram of FIG. As shown in FIG.
1 includes, for example, an I / F unit 45, a memory 46, an analog unit 47, and a control unit 48. The I / F unit 45 is configured as shown in FIG.
Is an interface for exchanging data with the IC_I / F unit 36 of the portable communication function unit 20 by a wired method or a wireless method. The memory 46 stores data and application programs necessary for the processing of the control unit 48. The memory 46 may store application programs used for all or some of the various services provided by using the IC 21. The analog unit 47 receives an IC_
An analog process such as amplifying data (signal) exchanged with the R / W device 15 in a wireless manner is performed.

The control section 48 controls the overall operation of the IC 21. The control unit 48 executes the allocation program read from the memory 46. The allocation program includes an authenticity confirmation flag (authentication confirmation data of the present invention) as described later, and the logical value of the authenticity confirmation flag is set by the IC service providing server device 13 as described later. The control unit 48 is controlled by the control unit 38 of the portable communication function unit 20 shown in FIG. Baseband processing unit 3
Reference numeral 9 performs baseband processing of a signal exchanged with the radio unit 40. As described above, according to the portable communication function unit 20 and the IC 21, the provision of the I / F unit 45 and the IC_I / F unit 36 enables communication between them.

[IC_R / W device 15] FIG. 8 is a functional block diagram of the IC_R / W device 15 shown in FIG. As shown in FIG. 8, the IC_R / W device 15
1, an analog section 82, a baseband processing section 83, a memory 84, and a control section 85.

The analog section 82 performs analog processing such as amplifying data (signals) transmitted and received between the IC 21 and the IC 21 via the antenna 81 in a wireless manner. The baseband processing unit 83 performs baseband processing on signals transmitted and received between the baseband processing unit 83 and the analog unit 82. The memory 84 stores data and application programs (application programs related to services provided using the IC 21) necessary for the processing of the control unit 85.

The control unit 85 controls the overall operation of the IC_R / W device 15.

The IC_R / W device 15 is installed in the service provider's store 30 or the like, exchanges data with the IC 21 built in the mobile phone device 14 in a contact or non-contact manner, and uses the IC 21. Perform processing related to the service performed. In the present embodiment, a case where data is transmitted and received between the IC_R / W device 15 and the IC 21 by a non-contact method (wireless method) will be exemplified. The IC_R / W device 15 performs a process related to a service provided by using the IC 21 while communicating with the IC service providing server device 13 via the mobile phone device 14 as described later. As the service of the present embodiment, for example,
There are services that involve confidential processing such as personal (personal) authentication, electronic money, electronic commerce, and ticketing.

Hereinafter, an operation example of the communication system 1 shown in FIG. 1 will be described. Hereinafter, communication between the portable communication function unit 20 and the IC service providing server device 13 is performed via the wireless communication line 17, the gateway 10, and the network 18 shown in FIG. Communication between IC_I / F unit 36 shown in FIG. 6 and FIG.
Are performed through the I / F unit 45 shown in FIG.
Communication with the R / W device 15 is performed by the antenna 49 shown in FIG.
8 through an antenna 81 shown in FIG.

[First Operation Example] Hereinafter, after performing mutual authentication between the IC 21 and the IC service providing server device 13, mutual authentication is performed between the IC service providing server device 13 and the IC_R / W device 15. Next, an example of the operation of the communication system 1 in the case of performing processing related to a service while performing communication between the IC service providing server device 13 and the IC_R / W device 15 will be described. The first operation example corresponds to the first to seventh inventions.

FIG. 9 is a flowchart for explaining the operation example. Hereinafter, each step shown in FIG. 9 will be described. Step ST1: The user A makes the mobile phone device 1 shown in FIG.
The user operates the operation unit 35 of the portable communication function unit 20 and selects a service provided by using the IC 21 to be used on the screen of the display unit 34 according to the operation.

Step ST2: The portable communication function unit 20
It accesses the IC service providing server device 13 and transmits the identification information of the service selected in step ST1 to the IC service providing server device 13.

Step ST3: Upon receiving access from the portable communication function unit 20 in step ST2, the IC service providing server device 13 sends an authentication request to the portable communication function unit 20.
Send to

Step ST4: The portable communication function unit 20
In response to the authentication request received in step ST3, the IC 21
Send an authentication request to.

Step ST5: The portable communication function unit 20
Upon receiving the authentication request in step ST4, mutual authentication is performed with the IC service providing server device 13 via the mobile communication function unit 20.

Step ST6: The IC service providing server device 13 determines that the service can be used by the user A based on the identification information received in step ST2, and the mutual authenticity in step ST5 authenticates each other's legitimacy. Then, the IC service providing server device 13 displays a service availability display on the display unit 34 of the mobile communication function unit 20.

Step ST7: A relay request is transmitted from the portable communication function unit 20 to the IC 21.

Step ST8: The user A positions the portable telephone device 14 at a position where the portable telephone device 14 and the IC_R / W device 15 can communicate wirelessly.

Step ST9: The IC 21 relays the communication between the IC_R / W device 15 and the portable communication function unit 20 in response to the relay request received in step ST7, and the IC 21 via the portable communication function unit 20 and the IC 21 Mutual authentication is performed between the service providing server device 13 and the IC_R / W device 15.

Step ST10: If the mutual validity is verified by the mutual authentication in step ST9, the IC 21 relays the communication between the IC_R / W device 15 and the portable communication function unit 20, and the portable communication function unit 20 Via the IC 21, the IC service providing server device 13 and the IC_R / W device 15 cooperate with each other to perform processing relating to services provided using the IC 21.

Step ST11: When the process of step ST10 ends, the IC service providing server device 13 displays the use history of the service on the display unit 34 of the portable communication function unit 20.

[Second operation example] Hereinafter, IC21 and IC_
After performing mutual authentication with the R / W device 15, cooperate to perform processing relating to the service, and then perform mutual authentication between the IC service providing server device 13 and the IC_R / W device 15, and then cooperate. An example of the operation of the communication system 1 in the case where the processes related to the service are performed in cooperation with each other will be described. The second operation example is an embodiment corresponding to the seventh to tenth inventions. FIG. 10 is a flowchart for explaining the operation example.

Step ST21: When the user A enters the IC 21
The mobile phone device 14 is located at a position where wireless communication between the mobile phone device and the IC_R / W device 15 is possible.

Step ST22: IC21 and IC_R /
The W device 15 performs mutual authentication.

Step ST23: When mutual validity is verified by the mutual authentication in step ST22, the IC 21 of the portable telephone device 14 and the IC_R / W device 15 are provided using the IC 21 while communicating and cooperating. Performs service-related processing. In this case, the control unit 4 of the IC 21
8 executes the application program read from the memory 46.

Step ST24: IC_R / W device 11
Transmits an access request to the IC 21.

Step ST25: The IC 21 transmits an access request to the portable communication function unit 20 in response to the access request received in step ST24.

Step ST26: Portable communication function unit 20
Transmits an access request to the IC service providing server device 13 in response to the access request received in step ST25.

Step ST27: Portable communication function unit 20
Transmits a relay request to the IC 21.

Step ST28: The IC 21 relays the communication between the IC_R / W device 11 and the portable communication function unit 20 in response to the relay request in step ST27, and provides the IC service providing server via the portable communication function unit 20 and the IC 21. Mutual authentication is performed between the device 13 and the IC_R / W device 15.

Step ST29: When mutual validity is authenticated by the mutual authentication in step ST28, the IC service providing server device 13 and the IC_R / W device 15 cooperate via the portable communication function unit 20 and the IC 21. , And performs a process related to a service provided by using the IC 21.

Step ST30: When the process of step ST29 ends, the IC service providing server device 13 displays the use history of the service on the display unit 34 of the portable communication function unit 20.

Step ST31: IC_R / W device 15
Performs a processing end display on the display unit.

[Third Operation Example] Hereinafter, after performing mutual authentication between the IC 21 and the IC service providing server device 13, the IC service providing server device 13 sets a genuine confirmation flag of the application program of the IC 21. Next, an operation example of the communication system 1 in a case where the IC_R / W device 15 performs processing related to a service after verifying the authenticity confirmation flag will be described. This operation example corresponds to the eleventh and twelfth inventions. FIG. 11 is a flowchart for explaining the operation example.

Step ST41: The browser operating on the portable communication function unit 20 is the IC service providing server device 13.
Access to.

Step ST42: An authentication request is transmitted from the IC service providing server device 13 to the portable communication function unit 20.

Step ST43: In response to the authentication request in step ST42, an authentication request is transmitted from the portable communication function unit 20 to the IC 21.

Step ST44: In response to the authentication request received in step ST43, the IC 21 and the IC service providing server device 13 perform mutual authentication.

Step ST45: When mutual validity is verified by the mutual authentication of step ST44, the IC service providing server device 13 accesses the IC 21 and
The authenticity check flag of the allocation program executed by the IC 21 is set (set to the first logical value “1”).

Step ST46: When the user A enters the IC 21
The mobile phone device 14 is located at a position where the mobile phone device and the IC_R / W device 15 can communicate wirelessly.

Step ST47: IC_R / W device 15
Verifies whether the authenticity confirmation flag of the allocation program executed by the IC 21 is set.

Step ST48: IC_R / W device 15
However, when it is confirmed in step ST47 that the authenticity confirmation flag is set, the application program reads out the allocation program from the memory 84 and performs processing relating to the service provided by using the IC 21.

Step ST49: IC_R / W device 11
And the IC service providing server device 13 perform mutual authentication.

Step ST50: If mutual validity is verified by the mutual authentication in step ST49, IC_R
The / W device 15 notifies the IC service providing server device 13 of the contents of the process related to the service in step ST48.

[Fourth Operation Example] Hereinafter, IC21 and IC_
After performing mutual authentication with the R / W device 15, the IC service providing server device 13 and the IC_R / W device 15 perform mutual authentication, and subsequently, the IC service providing server device 13 and the IC_R / W device 15 An example of the operation of the communication system 1 in the case of performing processing related to a service provided by using the IC 21 in cooperation with the communication system will be described. This operation example corresponds to the thirteenth and fourteenth inventions.

FIG. 12 is a flowchart for explaining the operation example. Step ST61: The user A operates the operation unit 35 of the mobile communication function unit 20 of the mobile phone device 14 shown in FIG. 6, and uses the IC 21 to be used on the screen of the display unit 34 according to the operation. Select the service to be provided.

Step ST62: Portable communication function unit 20
Sets the service selected in step ST61 to IC_R
/ W device 11 is notified.

Step ST63: The user A enters the IC 21
The mobile phone device 14 is located at a position where the mobile phone device and the IC_R / W device 15 can communicate wirelessly.

Step ST64: IC21 and IC_R /
The W device 15 performs mutual authentication.

Step ST65: If mutual validity is verified by the mutual authentication in step ST64, the IC 21
Notifies the IC_R / W device 15 of the service notified in step ST62.

Step ST66: IC_R / W device 15
Sends an access request to the IC 21.

Step ST67: The IC 21 responds to the access request of step ST66 by using the portable communication function unit 20.
Send an access request to.

Step ST68: Portable communication function unit 20
Transmits an access request to the IC service providing server device 13 in response to the access request received in step ST25.

Step ST69: Portable communication function unit 20
Transmits a relay request to the IC 21.

Step ST70: The IC 21 relays the communication between the IC_R / W device 11 and the portable communication function unit 20 in response to the relay request in step ST69, and provides the IC service providing server via the portable communication function unit 20 and the IC 21. Mutual authentication is performed between the device 13 and the IC_R / W device 15.

Step ST71: When mutual validity is authenticated by the mutual authentication in step ST28, the IC service providing server device 13 and the IC_R / W device 15 cooperate with each other via the portable communication function unit 20 and the IC 21. The process related to the service notified in step ST65 provided using the IC 21 is performed.

Step ST72: When the process of step ST71 ends, the IC service providing server device 13 displays the use history of the service on the display unit 34 of the portable communication function unit 20.

Step ST73: IC_R / W device 15
Performs a processing end display on the display unit.

[Fifth Operation Example] The communication system 1
Is, for example, as shown in FIG.
After the service is selected on the screen and the mutual authentication is performed between the IC service providing server device 13 and the IC_R / W device 15, they may communicate with each other to perform the process related to the selected service. . In this operation example, the IC
Communication between the IC 21 and the IC_R / W device 15 is, for example,
This is performed using a local communication method such as IrDA, Bluetooth, or wireless LAN.

FIG. 13 is a flowchart for explaining the operation example. Step ST81: The user A operates the operation unit 35 of the mobile communication function unit 20 of the mobile phone device 14 shown in FIG. 6, and uses the IC 21 to be used on the screen of the display unit 34 according to the operation. Select the service to be provided.

Step ST82: Portable communication function unit 20
Sets the service selected in step ST81 to IC_R
/ W device 11 is notified.

Step ST83: The user A enters the IC 21
The mobile phone device 14 is located at a position where wireless communication between the mobile phone device and the IC_R / W device 15 is possible.

Step ST84: The IC 21 determines that IC_R /
The communication between the W device 11 and the portable communication function unit 20 is relayed, and mutual authentication is performed between the IC service providing server device 13 and the IC_R / W device 15 via the portable communication function unit 20 and the IC 21.

Step ST85: When mutual validity is verified by the mutual authentication in step ST28, the IC service providing server device 13 and the IC_R / W device 15 cooperate with each other through the portable communication function unit 20 and the IC 21. The process related to the service notified in step ST82 provided using the IC 21 is performed.

As described above, according to the communication system 1, even if the IC_R / W device 15 is not connected to the network 18, the IC service providing server device 13 and the IC_R / W device can be connected via the portable telephone device 14. 15 becomes possible. Therefore, the IC_R / W device 15
It is not necessary to separately provide a communication function with the IC service providing server device 13 as long as the communication function with the mobile phone device 14 is provided. Therefore, the configuration of the IC service providing server device 13 can be simplified. Also, IC
A switching system for performing communication between the service providing server device 13 and the IC_R / W device 15 becomes unnecessary.

According to the communication system 1, the IC_R / W device 15 communicates with the IC service providing server device 13 using the line established between the mobile phone device 14 and the IC service providing server device 13. IC_
A system can be constructed such that the administrator of the R / W device 15 does not bear the communication fee.

Further, according to the communication system 1, the mobile phone device 14 communicates with the IC service providing server device 13 before the mobile phone device 14 communicates with the IC_R / W device 15. The personal information of the user A used for communication between the IC 14 and the IC_R / W device 15 can be stored in the IC service providing server device 13. Therefore, the personal information stored in the mobile phone device 14 can be reduced or eliminated, and the mobile phone device 14
Can reduce the storage capacity of the built-in memory.

Further, according to the communication system 1, the portable telephone device 14 is connected to the IC service providing server device 13 and the IC
By performing mutual authentication with both of the _R / W devices 15, so-called spoofing can be effectively prevented.

The effect of the communication system 1 described above is realized by the configuration and operation of the IC 21 built in the portable telephone device 14 described above. Further, according to the IC 21 built in the mobile phone device 14, as shown in FIG.
By providing an I / F unit 45 for communicating with the portable communication function unit 20 in addition to the antenna 49 for communicating with the _R / W device 15, the portable communication function unit 20 and the IC 21 can mutually communicate with each other. It becomes possible to control. So, for example,
Under certain conditions, the mobile communication function unit 20 can disable the function of the IC 21 or the IC 21 can disable the function of the mobile communication function unit 20 to realize various controls from the viewpoint of service contents and security. it can.

The present invention is not limited to the above embodiment. In the above-described embodiment, the IC is installed in the mobile phone device 14.
21 is incorporated, but a fixed telephone connected by a wire and a portable information terminal (Pers
onal Digital Assistants),
The present invention can also be applied to a case where the IC 21 is incorporated in a device such as a clock or a computer having a function of connecting to a network by either wired or wireless methods. The IC 21 may be built in the communication device in a detachable or non-detachable form, or an external storage medium such as an IC card having a built-in IC 21 or a memory card may be stored in a mobile phone, a portable information device, or the like. Terminal,
It may be configured to be detachable from a computer or the like.

[0106]

As described above, according to the present invention,
In a system for performing transactions such as electronic commerce using an integrated circuit (IC), it is possible to provide a communication method, a system, a communication device, and a processing device that can simplify a configuration of an entire system including a processing device and that can achieve miniaturization. it can.

[Brief description of the drawings]

FIG. 1 is an overall configuration diagram of a communication system according to an embodiment of the present invention.

FIG. 2 is a diagram for explaining an outline of an operation example of the communication system shown in FIG. 1;

FIG. 3 is a functional block diagram of the IC service providing server device shown in FIG. 1;

FIG. 4 is a functional block diagram of the SAM shown in FIG. 3;

FIG. 5 is a functional block diagram of a control unit shown in FIG. 3;

FIG. 6 is a functional block diagram of a portable communication function unit of the portable telephone device shown in FIG. 1;

FIG. 7 is a functional block diagram of an IC of the mobile phone device shown in FIG. 1;

FIG. 8 is a functional block diagram of the IC_R / W device shown in FIG. 1;

FIG. 9 is a diagram for explaining a first operation example of the communication system shown in FIG. 1;

FIG. 10 is a diagram for explaining a second operation example of the communication system shown in FIG. 1;

FIG. 11 is a diagram for explaining a third operation example of the communication system shown in FIG. 1;

FIG. 12 is a diagram for explaining a fourth operation example of the communication system shown in FIG. 1;

FIG. 13 is a diagram for explaining a fifth operation example of the communication system shown in FIG. 1;

[Explanation of symbols]

DESCRIPTION OF SYMBOLS 1 ... Communication system, 10 ... Gateway, 13 ... IC service providing server device, 14 ... Mobile telephone device, 15 ... I
C_R / W device, 17: wireless communication line, 18: network, 20: portable communication function unit, 21: IC, 31: voice input / output unit, 32: A / D / D / A conversion unit, 33: DS
P, 34: display unit, 35: operation unit, 36: IC_I / F
Unit, 37 memory, 38 control unit, 39 baseband processing unit, 40 radio unit, 41 antenna, 45 I / F
Unit, 46 memory, 47 analog unit, 48 control unit
49 ... antenna, 51 ... SAM, 52 ... memory, 53 ...
Control unit, 54: I / F unit, 61: Authentication unit, 62: Encryption
Decoding unit, 63 ... IC control unit, 64 ... IC related processing unit

Continued on the front page F-term (reference)

Claims (19)

[Claims] A first communication device having an integrated circuit and a communication circuit, and a processing device for transmitting and receiving data to and from the integrated circuit in a contact or non-contact manner and used for a service related to the integrated circuit. A communication method for transmitting and receiving data to and from the integrated circuit via the communication circuit and performing communication using a second communication device used for a service related to the integrated circuit, wherein the communication circuit includes: Transmitting a service use request to the second communication device, performing mutual authentication between the integrated circuit and the second communication device via the communication circuit in response to the service use request, When the integrated circuit and the second communication device authenticate each other, the integrated circuit relays data transfer between the communication circuit and the processing device, and the integrated circuit and the communication device relay the data. Via said circuit second
A communication method in which the communication device and the processing device communicate with each other to perform processing related to the service. 2. When the integrated circuit and the second communication device authenticate each other's validity by the first mutual authentication,
The second communication device notifies the communication circuit of use permission of the service, the communication circuit transmits a relay request to the integrated circuit in response to the use permission notification, and the integrated circuit transmits the relay request. The communication method according to claim 1, wherein, in response to a request, data transmission and reception between the communication circuit and the processing device is relayed, and communication between the second communication device and the processing device is relayed. 3. A first communication device having an integrated circuit and a communication circuit, and a processing device for transmitting and receiving data to and from the integrated circuit in a contact or non-contact manner and used for a service related to the integrated circuit. A communication device for transmitting and receiving data to and from the integrated circuit via the communication circuit, and a second communication device used for a service related to the integrated circuit, wherein the communication circuit includes the second communication device; Transmitting a service use request to the communication device, performing mutual authentication between the integrated circuit and the second communication device via the communication circuit in response to the service use request, and performing the integration by the mutual authentication. When the circuit and the second communication device authenticate each other, the integrated circuit relays data transfer between the communication circuit and the processing device, and the integrated circuit and the communication device Via said road second
A communication system in which the communication device and the processing device communicate with each other to perform processing related to the service. 4. A processing device having an integrated circuit and a communication circuit, for transmitting and receiving data to and from the integrated circuit in a contact or non-contact manner and used for a service related to the integrated circuit; A communication device for transmitting and receiving data to and from the integrated circuit via a communication device and communicating with another communication device used for a service related to the integrated circuit, wherein the communication circuit is the other communication device The integrated circuit performs mutual authentication between the integrated circuit and the second communication device via the communication circuit in response to the service use request. When the integrated circuit and the other communication device authenticate each other's validity by the mutual authentication, communication for relaying data transfer between the processing device and the other communication device via the communication circuit. Dress . 5. An integrated circuit built in a first communication device having a communication circuit, wherein the first interface exchanges data with the communication circuit, and a processing device used for a service related to the integrated circuit. The second way to send and receive data between contact and non-contact type
And the second communication device used for a service related to the integrated circuit via the first interface and the communication circuit, and performs mutual authentication with the other communication device by the mutual authentication. After authenticating each other's validity, control is performed to relay communication between the processing device and the second communication device via the first interface, the communication circuit, and the second interface. An integrated circuit having a control circuit. 6. A communication device having an integrated circuit and another communication device having a communication circuit, and communicating with a processing device used for a service relating to the integrated circuit by transferring data in a contact or non-contact manner with the integrated circuit. Receiving a service use request from the communication circuit, performs mutual authentication with the integrated circuit via the communication circuit in response to the service use request, and performs the mutual authentication by the mutual authentication. A communication device that performs processing related to the service by mutually communicating with the processing device via the integrated circuit and the communication circuit when authenticating each other with the integrated circuit. 7. A second communication device for transmitting and receiving data between a first communication device having an integrated circuit and a communication circuit and the integrated circuit via the communication circuit and used for a service related to the integrated circuit. A processing device that communicates with a device, comprising: an interface for transmitting and receiving data in a contact or non-contact manner with the integrated circuit; and accessing the integrated circuit through the interface, A processing device that communicates with the second communication device using a relay function and a communication function of the communication circuit to perform processing related to the service. 8. A first communication device having an integrated circuit and a communication circuit, and a processing device for transmitting and receiving data between the integrated circuit in a contact type or a non-contact type and used for a service related to the integrated circuit. A communication method for exchanging data with the integrated circuit via the communication circuit and performing communication using a second communication device used for a service related to the integrated circuit, wherein the integrated circuit and the integrated circuit A first mutual authentication is performed with the processing device, and when the integrated circuit and the processing device authenticate each other's validity by the first mutual authentication, the integrated circuit and the processing device communicate with each other. To perform a first process related to the service. After the completion of the first process, perform a second mutual authentication between the processing device and the second communication device. The processing equipment When the device and the second communication device authenticate each other's validity, the integrated circuit relays the transfer of data between the communication circuit and the processing device, and via the integrated circuit and the communication device A communication method in which the processing device and the second communication device communicate with each other to perform a second process related to the service. 9. A first communication device having an integrated circuit and a communication circuit, and a processing device for transmitting and receiving data to and from the integrated circuit in a contact or non-contact manner and used for a service related to the integrated circuit. A communication system comprising: a second communication device that transmits and receives data to and from the integrated circuit via the communication circuit and is used for a service related to the integrated circuit, wherein the integrated circuit and the processing device Performing a first mutual authentication between the integrated circuit and the processing device by authenticating each other's validity by the first mutual authentication, the integrated circuit and the processing device communicate with each other, Performing a first process related to the service; performing a second mutual authentication between the processing device and the second communication device after the first process; and performing the second mutual authentication on the processing device When the second communication device and the second communication device authenticate each other's validity, the integrated circuit relays data transfer between the communication circuit and the processing device, and performs the processing via the integrated circuit and the communication device. A communication system in which a device and the second communication device communicate with each other to perform a second process related to the service. 10. The processing device accesses the second communication device via the integrated circuit and the communication device after completing the first processing, and the processing device responds to the access. 10. The communication system according to claim 9, wherein said second communication device initiates said second mutual authentication. 11. A processing device having an integrated circuit and a communication circuit for transmitting and receiving data to and from the integrated circuit in a contact or non-contact manner and used for a service related to the integrated circuit, A communication device that transmits and receives data to and from the integrated circuit through the communication device and communicates with another communication device used for a service related to the integrated circuit, wherein the integrated circuit communicates with the processing device. A first mutual authentication is performed between the first and second integrated circuits. When the integrated circuit authenticates mutual validity with the processing device by the first mutual authentication, the integrated circuit communicates with the processing device to perform the service. A communication device that performs a first process according to the above, wherein the integrated circuit and the communication circuit relay communication between the processing device and the other communication device after the mutual authentication. 12. An integrated circuit built in a first communication device having a communication circuit, wherein the first interface exchanges data with the communication circuit, and a processing device used for a service related to the integrated circuit. The second way to send and receive data between contact and non-contact type
And mutual authentication between the processing device and the processing device via the second interface, and when the mutual authentication authenticates the mutual validity with the processing device, the mutual authentication via the second interface Performing processing related to the service by performing communication with the processing device, and after the processing related to the service is completed, the processing device via the communication circuit;
A control circuit for relaying communication with a second communication device related to a service related to the integrated circuit. 13. A first communication device having an integrated circuit and a communication circuit, and a processing device for transmitting and receiving data between the integrated circuit in a contact type or a non-contact type and used for a service related to the integrated circuit. A communication method for transmitting and receiving data to and from the integrated circuit via the communication circuit and performing communication using a second communication device used for a service related to the integrated circuit; When the integrated circuit and the second communication device perform mutual authentication with each other, and the integrated circuit and the second communication device authenticate each other's validity by the mutual authentication, the second communication device performs the second authentication through the communication circuit. A second communication device accesses the integrated circuit to set authenticity confirmation data, and the processing device performs a process related to the service after verifying the authenticity confirmation data of the integrated circuit. Shin method. 14. The communication method according to claim 13, wherein the processing device notifies the second communication device of a processing result via the integrated circuit and the communication circuit after finishing the processing related to the service. 15. The method according to claim 1, wherein the processing device performs the notification after performing mutual authentication with the second communication device.
5. The communication method according to 4. 16. A first communication device having an integrated circuit and a communication circuit, and a processing device for transmitting and receiving data to and from the integrated circuit in a contact or non-contact manner and used for a service related to the integrated circuit. A communication system comprising: a second communication device that transmits and receives data to and from the integrated circuit via the communication circuit and is used for a service related to the integrated circuit; When the circuit and the second communication device perform mutual authentication, and when the integrated circuit and the second communication device authenticate each other's validity by the mutual authentication, the second communication is performed via the communication circuit. A device accesses the integrated circuit to set authenticity confirmation data, and the processing device verifies the authenticity confirmation data of the integrated circuit, and then performs processing related to the service. System. 17. A first communication device having an integrated circuit and a communication circuit, and a processing device for transmitting and receiving data to and from the integrated circuit in a contact or non-contact manner and used for a service related to the integrated circuit. A communication method for transmitting and receiving data to and from the integrated circuit via the communication circuit and performing communication using a second communication device used for a service related to the integrated circuit; A first mutual authentication is performed between the processing device and the second communication device, and when the integrated circuit and the processing device authenticate each other's validity by the first mutual authentication, When the processing device and the second communication device authenticate each other's validity by the second mutual authentication, the processing device is connected to the processing device via the integrated circuit and the communication circuit. And before Communication method for performing processing relating to the service and the second communication apparatus performing communication with each other. 18. The processing device, after performing the first mutual authentication, transmits an access request to the second communication device via the integrated circuit and a communication circuit, wherein the communication circuit A relay request is transmitted to a circuit, and the integrated circuit relays transmission and reception of data between the communication circuit and the processing device in response to the relay request, and a communication between the second communication device and the processing device is performed. The communication method according to claim 17, wherein communication between the devices is relayed. 19. A first communication device having an integrated circuit and a communication circuit, and a processing device for transmitting and receiving data to and from the integrated circuit in a contact or non-contact manner and used for a service related to the integrated circuit. A communication system that transmits and receives data to and from the integrated circuit via the communication circuit and performs communication using a second communication device used for a service related to the integrated circuit; A first mutual authentication is performed between the processing device and the second communication device, and when the integrated circuit and the processing device authenticate each other's validity by the first mutual authentication, When the processing device and the second communication device authenticate each other's validity by the second mutual authentication, the processing device is connected to the processing device via the integrated circuit and the communication circuit. Communication system which performs process relating to the service and the second communication apparatus performing communication with each other.