JP2003036465A - Card utilization transaction system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To drastically reduce risk of a person successfully pretending to be someone else by performing biometric collation on the basis of user's biometric information and identify the person and without installing many biometric devices. SOLUTION: A card utilization transaction system is provided with a card utilization condition setting terminal for transmitting both biometric information of a user utilizing a card and the utilization condition of the card and connected to a network, a biometric information storing means for storing the biometric information, a biometric authentication server 15 for performing biometric collation and connected to the network, a storing means for storing the utilization condition of the card, and a card operating server 21 for allowing a transaction using the card in the case a condition included in transaction information using the card satisfies the utilization condition.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a card use transaction system.

[0002]

2. Description of the Related Art Conventionally, in electronic commerce, which is a commercial transaction via the Internet, and Internet banking, which is a financial transaction via the Internet, cards such as credit cards and cash cards are used for settlement.

FIG. 2 is a conceptual diagram showing a conventional electronic commerce and Internet banking system.

In the figure, reference numeral 111 is a user terminal such as a personal computer arranged in a user environment such as a user's residence or office, and is communicably connected to the Internet 112. Further, 113 is an Internet server on the operation / management side that operates and manages virtual shops, electronic bank accounts, etc., and is communicably connected to the Internet 112. Further, the Internet server 113 is communicably connected to a personal information database 114 that stores personal information of users and the like. The personal information database 114 is generally managed and used in cooperation with other systems such as a certificate authority and a credit company, that is, is linked.

In the case of electronic commerce, first, a user operates transaction information including a credit card number, a password, etc. from a user terminal 111 via the Internet 112.
It is transmitted to the Internet server 113 on the management side. Then, the Internet server 113 on the operation / management side
The personal information database 114 is accessed, the identity of the user is confirmed based on the credit card number, password, etc., and the transaction content is confirmed.

In the case of Internet banking, first, the user transmits transaction information including an account number, a personal identification number, a password, etc. from the user terminal 111 to the Internet server 113 on the operation / management side via the Internet 112. To do. Then, the Internet server 113 on the operation / management side accesses the personal information database 114, confirms the identity of the user based on the account number, personal identification number, password, etc., and confirms the transaction content. ing.

As described above, in a transaction system using a card such as electronic commerce or Internet banking, the identity of the user is confirmed based on the credit card number, password, account number, personal identification number, etc.
By confirming the contents of the transaction, the safety of the transaction, that is, the security is ensured.

[0008]

However, in the above conventional card-using transaction system, when a credit card number, a password, an account number, a personal identification number, etc. are leaked and used by a third party, The user's identity cannot be verified. That is, the risk of impersonation in which another person impersonates the user and conducts a transaction increases.

Therefore, a transaction system has been proposed in which the identity of the user is confirmed by performing biometrics collation based on the biometrics information of the user.

FIG. 3 is a conceptual diagram showing a conventional electronic commerce and internet banking system for performing biometrics collation.

In the figure, reference numeral 118 is a biometrics device arranged in a user environment to collect biometrics information of the user. Reference numeral 115 denotes a biometrics certification authority that performs biometrics collation based on the biometrics information of the user registered in advance, and is communicably connected to the biometrics database 116 in which the biometrics information of the user is stored. There is. Reference numeral 119 denotes an internal network such as an intranet or LAN built on the operation / management side,
The operation / management side Internet server 113, the biometrics certification authority 115, etc. are the internal network 11
9 are connected to each other and also to the Internet 112.

In the case of electronic commerce, first, the user obtains transaction information including a credit card number and biometrics information of the user collected by the biometrics device 118 from the user terminal 111 on the Internet 112.
Via the Internet to the Internet server 113 on the operation / management side. Then, the Internet server 113 on the operation / management side requests the biometrics certificate authority 115 to confirm the identity. The biometrics certificate authority 115 accesses the biometrics database 116 to verify the identity of the user by performing biometrics verification, and notifies the Internet server 113 of the result of the identity verification. After confirming the identity of the user, the internet server 113 confirms the transaction content.

Similarly, in the case of Internet banking, first, the user obtains transaction information including the account number and biometrics information of the user from the user terminal 111 via the Internet 112 on the operation / management side Internet server. Send to 113. Then, after confirming the identity of the user by performing biometrics verification, the Internet server 113 confirms the transaction content.

As described above, by performing biometrics collation based on the biometrics information of the user, it is possible to greatly reduce the risk of impersonation in which another person impersonates the user and conducts a transaction.

However, in this case, since the biometrics device 118 must be installed in the user environment, the user needs to bear the cost for installing the biometrics device 118.

When the same user performs electronic commerce and Internet banking in a plurality of user environments, for example, at home and in the office, the biometrics device 118 must be provided in each user environment. Therefore, the cost for disposing the biometrics device 118, which is borne by the user, increases.

Further, when the type of the biometrics device 118 to be adopted is designated for each operation / management side that operates and manages virtual shops, electronic bank accounts, etc., each operation / management side is specified in the user environment. Since it is necessary to dispose the biometrics device 118 of the same type, the cost borne by the user increases.

The present invention solves the problems of the above-mentioned conventional card use transaction system and verifies biometrics based on the biometrics information of the user and confirms the identity of the user so that another person A card-based transaction system that can greatly reduce the risk of impersonation in which a user impersonates a transaction and does not increase the cost borne by the user because it is not necessary to install a large number of biometrics devices. The purpose is to provide.

[0019]

Therefore, in the card use transaction system of the present invention, the use of a card connected to a network, which transmits both biometrics information of the user of the card and the use conditions of the card, A condition setting terminal and a biometrics information storage unit for storing the biometrics information, a biometrics authentication server connected to the network for performing biometrics matching, and a storage unit for storing the usage conditions of the card, And a card management server that permits a transaction using the card when a condition included in the transaction information using the card satisfies the usage condition.

In another card use transaction system of the present invention, the use condition is set by the user using the card use condition setting terminal.

[0021] In still another card use transaction system of the present invention, the card operation server further uses the card when a condition contained in transaction information for using the card does not satisfy the use condition. To disallow.

The card usage condition setting terminal of the present invention has a biometrics device capable of collecting biometrics information of a user who uses the card, and an input means for allowing the user to set the usage conditions of the card. Then, the biometrics information and the usage conditions of the card are transmitted together.

In the card use condition setting terminal program of the present invention, a computer uses a biometrics device capable of collecting biometrics information of a user who uses the card, and the user sets the use condition of the card. The biometrics information and the usage conditions of the card are transmitted together by functioning as an input means.

[0024]

BEST MODE FOR CARRYING OUT THE INVENTION Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

FIG. 1 is a conceptual diagram showing a card use transaction system according to the first embodiment of the present invention, and FIG. 4 is a block of a transaction terminal provided with a biometrics device according to the first embodiment of the present invention. It is a figure.

In the figure, reference numeral 11 denotes a user terminal used by a user who is provided in a user environment such as a user's residence or office, and is communicably connected to the Internet 12. Here, the user terminal 11 includes a communication interface, an arithmetic unit, a storage unit, an input unit, a display unit, and the like, and if it can be connected to the Internet 12, a personal computer, a mobile information terminal, a mobile phone, or the like. Telephone, electronic notebook, PDA (Personal)
The digital assistant, a game console, a videophone, a digital television, or the like may be used.

Reference numeral 13 is an Internet server on the operation / management side that operates and manages virtual shops, electronic bank accounts, etc., and is an intranet / LA constructed on the operation / management side.
It is communicably connected to an internal network 18 such as N. Since the internal network 18 is connected to the Internet 12 via a firewall, a gateway, etc. not shown, the Internet server 13 is connected to the Internet 12 via the internal network 18. A personal information database 14 in which personal information of users and the like is stored is communicably connected to the Internet server 13.

Reference numeral 15 denotes a biometrics authentication server that performs biometrics collation based on biometrics information of users registered in advance, and a biometrics database 16 in which biometrics information of registered users is stored in the biometrics database 16. Connected for communication. Here, the biometrics information is a biological characteristic peculiar to each person, that is, a fingerprint, a voiceprint, a face (face),
An iris (iris) or the like is preferable, and an iris is preferable because the matching accuracy is high. In the present embodiment, the case where the biometrics information is an iris will be described. The person who operates the biometrics authentication server 15 is the Internet server 13
It may be the same as the person who manages or may be another person.

Reference numeral 21 denotes a card management server for managing and managing a card such as a credit company, a financial institution, etc. that manages a card such as a credit card, a cash card, a debit card, and a prepaid card. The network 18 is communicatively connected. The card management server 21 is connected to a card management personal database 22 in which personal information about users who use the card is collected by the card management / management side. And the card management server 21
The person who operates the Internet server 13 may be the same person who operates the Internet server 13 and the person who operates the biometrics authentication server 15, or may be another person.

Here, the Internet server 13,
The biometrics authentication server 15 and the card management server 21 are connected to each other via the internal network 18 and also to the Internet 12.

Reference numeral 31 denotes a transaction terminal as a card use condition setting terminal arranged in the store 30. Here, the store 30 is a bank, a branch of a financial institution such as a credit union, a convenience store, a store such as a supermarket, a station window, a ticket office such as a ticket office, a city hall, a public facility such as an underground passage. is there. The transaction terminal 31 is a terminal that allows a user to make a transaction by using a card, and is a KIOSK, ATM, etc., but it is a device for issuing railway tickets, movie theater admission tickets, etc., home delivery. It may be a part of another device such as a device for applying for a flight.

Here, the transaction terminal 31 is a computer, and as shown in FIG. 4, various controllers,
A central control unit 36 including a CPU and a storage unit, an input unit 37 such as a keyboard, a mouse, a joystick, a touch panel, and push buttons, and a display unit 38 having a screen such as a CRT and a liquid crystal display are provided. Further, it is provided with a magnetic recording band included in the card, a card reader 33 for reading information stored in a storage means such as an IC, and a biometrics device 32 for acquiring an iris as biometrics information. Further, it is equipped with a communication interface (not shown) and is communicably connected to the Internet 12. Then, the biometrics information and the usage conditions of the card described later are transmitted together.

Next, the operation of the card use transaction system having the above configuration will be described.

FIG. 5 is a diagram showing an example of card usage condition setting according to the first embodiment of the present invention.

First, the user visits the store 30 and registers personal information using the transaction terminal 31. At this time, the biometrics device 32 arranged in the transaction terminal 31 is used to collect the iris as the biometrics information of the user himself as the registered biometrics information. Further, the card reader 33 is caused to read the information stored in the storage means of the card used by the user for the transaction. The user inputs information such as his / her name and address by the input means 37.
Enter using. At this time, the input information, the information read by the card reader 33, etc. are displayed on the display means 38, so that the user can confirm the contents of these information.

The personal information of the user, the biometrics information, and the information stored in the memory means of the card are transferred from the transaction terminal 31 via the Internet 12 to the Internet server 13, the biometrics authentication server 15, and the card operation. Each is transmitted to the server 21. As a result, the personal information of the user is stored in the personal information database 14 connected to the Internet server 13, the biometrics information of the user is registered in the biometrics database 16 connected to the biometrics authentication server 15, and the card operation is performed. In the card management personal database 22 connected to the server 21, the information stored in the storage means of the card and the fact that the user has been registered as biometrics are recorded.

Subsequently, the user sets the conditions for using the card, which are restrictions when carrying out transactions using the card thereafter. The usage conditions include those shown as user input items in FIG.

In the user input items shown in FIG. 5,
The handling card information is information such as a card type and a card number used when a user conducts a transaction through a network such as electronic commerce and Internet banking, and is usually information read by the card reader 33. Is. The handling period is a period during which the card can be used when conducting a transaction via the network.

The supplier operating company name is the name of the person who operates and manages the Internet server 13 used when the user makes a transaction via the network. Note that it is possible to specify a plurality of supplier operating companies. The site address of the supplier operating company is the website address of the supplier operating company specified by the user.

Further, the transaction upper limit amount is the upper limit of the transaction amount when the user makes a transaction via the network.

As conditions for using the card, items other than the user input items shown in FIG. 5 may be added, or some of the user input items shown in FIG. 5 may be deleted. Good. Further, the usage condition of the card may be a setting that only one of the plurality of conditions needs to be satisfied, that is, an OR setting, or any one of the plurality of conditions. It may be a setting that the condition must be satisfied, that is, an AND setting, or a combination of an OR setting and an AND setting.

As described above, by setting the use conditions as described above as restrictions when conducting a transaction using the card, a person who does not know the use conditions cannot use the card. Therefore, when conducting a transaction using a card after setting the usage conditions, it is possible to significantly reduce the risk of impersonation in which another person impersonates the user and conducts the transaction without the user's biometric matching. .

Then, when the user inputs the conditions of use by using the input means 37, the card reader 33, etc.,
The usage conditions are displayed on the display means 38. After the user confirms the content displayed on the display unit 38, the usage conditions are transmitted to the card management server 21.

In this case, the card management server 21 may accept the transmitted usage conditions as they are and store them in the card management personal database 22, or may accept them after examining the contents of the usage conditions. You may Further, not only the user's judgment but also the judgment of the person who operates the card management server 21 can limit the setting of the usage conditions. For example, the user's credit card usage record to date, the reliability of the partner operating company designated by the user, the length of the handling period, the maximum handling amount, and the current fraudulent card usage rate in the market. In consideration of this, a person who operates the card management server 21 may set various conditions.

Next, the user uses the user terminal 11 in the user environment to make a transaction via the network. In the case of electronic commerce, first, a user transmits transaction information including a credit card number, a password, etc. from the user terminal 11 via the Internet 12. In addition,
Since the biometrics device 32 is not installed in the user environment, the biometrics information of the user is not transmitted in this case.

Then, the transaction information is transmitted to the card management server 21. Then, the card management server 21
Accesses the card management personal database 22, acquires the usage conditions of the stored card, and determines whether or not the contents of the transaction satisfy the usage conditions. Then, when it is determined that the conditions are satisfied, the permission of the transaction using the card is transmitted to the Internet server 13. If it is determined that the transaction is not satisfied, the fact that the transaction using the card is prohibited is transmitted to the Internet server 13.

Subsequently, the Internet server 13
When receiving from the card management server 21 that the transaction using the card is permitted, the user replies to the user terminal 11 and urges the user to confirm the transaction content using the card.
Then, when a confirmation notification is sent from the user terminal 11, electronic commerce is executed.

On the other hand, the Internet server 13
When it is received from the card management server 21 that the transaction using the card is not permitted, it is returned to the user terminal 11 and the transaction using the card is not permitted, and
Therefore, the electronic commerce is not executed, that is, the transaction is not permitted and the transaction is stopped. It should be noted that the notification of transaction disapproval is normally notified as a reply to the transmission of the transaction from the user terminal 11 in this manner, but it may be notified by means such as mail, electronic mail, or telephone. Good. Further, the notification of the transaction disapproval may display the reason why the transaction is disapproved, for example, which condition in the usage condition is not satisfied.

In the case of Internet banking,
The user transmits transaction information including an account number, a personal identification number, a password, etc. from the user terminal 11 via the Internet 12, and the subsequent operations are the same as in the case of electronic commerce.

Here, if the transaction for which the transaction is not permitted is the transaction by the user himself, the user performs biometrics verification using the biometrics device 32 installed in the store 30 to confirm the identity. After performing the transaction, by updating the usage conditions of the card, it is possible to permit subsequent transactions using the card.

In addition, when the card is lost, the user can use the Internet server 13 or the card management server 2
Send the lost card notification to 1. As a result, the lost card is invalidated, and if the lost card is used after being invalidated, the unauthorized use of the card is immediately detected.

As described above, in this embodiment, the user who wants to make a transaction using the card is the store 30.
When the personal information is registered using the transaction terminal 31, the biometrics device 32 is used to register the biometrics information. Further, the user uses the transaction terminal 31 to set card usage conditions as restrictions when carrying out a transaction using the card.

Therefore, a person who does not know the above-mentioned usage conditions cannot use the card. Therefore, when carrying out a transaction using the card after setting the usage conditions, even if the biometrics verification of the user is not performed, The risk of impersonation in which another person impersonates the user and conducts a transaction can be significantly reduced. Moreover, since it is not necessary to dispose the biometrics device in the user environment, the cost borne by the user does not increase.

Next, a second embodiment of the present invention will be described. Note that description of the same structure and operation as those of the first embodiment will be omitted.

FIG. 6 is a conceptual diagram showing a card use transaction system according to the second embodiment of the present invention.

In this embodiment, the store 30 in the first embodiment, the transaction terminal 31 and the biometrics device 32 arranged in the store 30 do not exist, and the user is required to use the card. The user terminal 11 in the user environment is used as the setting terminal.

In this embodiment, the user terminal 11 which is a computer is provided with the biometrics device 42. The biometrics device 42 has the same configuration as the biometrics device 32 in the first embodiment, and therefore the description thereof is omitted.

Next, the operation of the card use transaction system having the above configuration will be described.

FIG. 7 is a diagram showing an example of a card use condition setting screen according to the second embodiment of the present invention.

First, the user registers personal information using the user terminal 11 in the user environment. At this time, the biometrics device 4 installed in the user terminal 11
2 is used to collect the iris as the user's own biometrics information as the registered biometrics information.
In addition, the user inputs information such as his / her name and address using the user terminal 11.

Then, the personal information and biometrics information of the user are transmitted from the user terminal 11 to the Internet server 13 and the biometrics authentication server 15 via the Internet 12. As a result, the personal information of the user is stored in the personal information database 14 connected to the Internet server 13, the biometrics information of the user is registered in the biometrics database 16 connected to the biometrics authentication server 15, and the card operation is performed. In the card management personal database 22 connected to the server 21, the information stored in the storage means of the card and the fact that the user has been registered as biometrics are recorded.

Subsequently, the user sets the conditions for using the card, which are restrictions when carrying out transactions using the card thereafter. In this case, the usage conditions as shown in FIG. 7 are displayed on the screen of the display means of the user terminal 11.

In the user input items shown in FIG. 7,
The card number is information on a card number used when a user conducts a transaction through a network such as electronic commerce and Internet banking. The handling period is a period during which the card can be used when conducting a transaction via the network.

The designation of the day of the week designates the day of the week on which transactions are carried out using the card. In the example shown in FIG. 7, Saturday and Sunday are designated. Therefore, in this case, the transaction using the card cannot be performed except on Saturday and Sunday.

The handling site is the address of the website used when the user makes a transaction via the network.

Furthermore, the transaction upper limit amount is the upper limit of the transaction amount when the user conducts a transaction via the network.

As conditions for using the card, items other than the user input items shown in FIG. 7 may be added, or some of the user input items shown in FIG. 7 may be deleted. Good. Further, the usage condition of the card may be a setting that only one of the plurality of conditions needs to be satisfied, that is, an OR setting, or any one of the plurality of conditions. It may be a setting that the condition must be satisfied, that is, an AND setting, or a combination of an OR setting and an AND setting.

As described above, by setting the use conditions as described above as restrictions when conducting a transaction using the card, a person who does not know the use conditions cannot use the card. Therefore, when conducting a transaction using a card after setting the usage conditions, it is possible to significantly reduce the risk of impersonation in which another person impersonates the user and conducts the transaction without the user's biometric matching. .

The usage conditions entered by the user using the user terminal 11 are transmitted to the card management server 21. In this case, the card management server 21 may accept the transmitted usage condition as it is and store it in the card management personal database 22, or may accept it after examining the content of the usage condition. . Further, not only the user's judgment but also the judgment of the person who operates the card management server 21 can limit the setting of the usage conditions. For example, the user's credit card usage record to date, the reliability of the partner operating company designated by the user, the length of the handling period, the maximum handling amount, and the current fraudulent card usage rate in the market. In consideration, the person who operates the card management server 21 may limit various conditions.

Next, the user uses the biometrics device 4
User terminal 11 in another environment where 2 is not installed
To make transactions via the network. In the case of electronic commerce, first, the user is the credit card number,
Transaction information including a password and the like is transmitted from the user terminal 11 via the Internet 12. Since the biometrics device 42 is not installed in the user environment, the biometrics information of the user is not transmitted in this case. Subsequent operations are the same as those in the first embodiment, so description thereof will be omitted.

As described above, in the present embodiment, it is possible to register the biometrics information of the user and set the card usage conditions by using the user terminal 11 in the user environment. It can be done over. Therefore, the setting items of the card usage conditions can be detailed, and the usage conditions can be changed frequently.

Therefore, it is extremely unlikely that a person who does not know the use conditions can use the card, and the risk of impersonation in which another person impersonates the user and conducts a transaction can be greatly reduced.

Further, when there are a plurality of user environments, the biometrics device may be provided in only one use environment, and therefore the cost borne by the user does not increase.

The present invention is not limited to the above-mentioned embodiments, but can be variously modified within the scope of the present invention, and they are not excluded from the scope of the present invention.

For example, the name of the store (bank name) and the branch name of the store (bank branch name) are used both for actual transactions at the store 30 and banks, and for transactions using cards without going through the network. The card use transaction system of the present invention can be used by setting the use restrictions such as the use area and the use time zone.

[0076]

As described above in detail, according to the present invention, in the card transaction system, the biometrics information of the user who uses the card and the usage conditions of the card are connected to the network. And a biometrics authentication server connected to the network for performing biometrics matching, and a memory for storing the usage conditions of the card. And a card management server which permits the transaction using the card when the condition included in the transaction information using the card satisfies the use condition.

In this case, by performing biometrics collation based on the biometrics information of the user and confirming the identity of the user, the risk of impersonation in which another person impersonates the user and conducts a transaction can be significantly reduced. it can. Moreover, once the usage conditions have been set, those who do not know the usage conditions will not be able to use the card.
Even if the biometrics collation of the user is not performed, the risk of impersonation in which another person impersonates the user and conducts a transaction can be significantly reduced. Therefore, since it is not necessary to dispose the biometrics device in the user environment, the cost borne by the user does not increase.

[Brief description of drawings]

FIG. 1 is a conceptual diagram showing a card use transaction system according to a first embodiment of the present invention.

FIG. 2 is a conceptual diagram showing a conventional electronic commerce and Internet banking system.

FIG. 3 is a conceptual diagram showing a conventional electronic commerce and internet banking system for performing biometrics matching.

FIG. 4 is a block diagram of a transaction terminal provided with the biometrics device according to the first embodiment of the present invention.

FIG. 5 is a diagram showing an example of card usage condition setting according to the first embodiment of the present invention.

FIG. 6 is a conceptual diagram showing a card use transaction system according to a second embodiment of the present invention.

FIG. 7 is a diagram showing an example of a card use condition setting screen in the second embodiment of the present invention.

[Explanation of symbols]

11 user terminals 15 Biometrics authentication server 18 Internal network 21 Card management server 31 Transaction terminal 32, 42 biometrics device 37 Input means

─────────────────────────────────────────────────── ─── Continuation of front page (51) Int.Cl. ⁷ Identification code FI theme code (reference) G06F 17/60 ZEC G06F 17/60 ZEC G06K 17/00 G06K 17/00 L G07D 9/00 461 G07D 9 / 00 461A G07F 7/08 G07F 7/08 R

Claims (5)

[Claims] 1. A card usage condition setting terminal connected to a network, which transmits together (a) biometrics information of a user of a card and usage conditions of the card, and (b) stores the biometrics information. A biometrics authentication server connected to the network for performing biometrics matching, and (c) a storage means for storing the usage conditions of the card. A card use transaction system, comprising: a card management server that permits a transaction using the card when the included condition satisfies the use condition. 2. The card use transaction system according to claim 1, wherein the use condition is set by the user using the card use condition setting terminal. 3. The card management server according to claim 1 or 2, wherein when the condition included in the transaction information for using the card does not satisfy the use condition, the transaction for using the card is not permitted. Card usage transaction system. 4. (a) A biometrics device capable of collecting biometrics information of a user who uses a card,
(B) A card use condition setting terminal, characterized in that the user has an input means for setting the use condition of the card, and (c) transmits the biometrics information and the use condition of the card together. 5. A biometrics device capable of collecting (a) a computer, (b) biometrics information of a user who uses a card, and (c) an input for the user to set a usage condition of the card. Function as a means,
(D) A card use condition setting terminal program for transmitting the biometrics information and the use condition of the card together.