JP2003208552A - Dealing processor, information providing method and dealing system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To solve a problem that, since commercial dealing using a network is diversified, in configuring dealing system for computerizing gifts dealing, dealing between a user given a gift and a provider giving commodity requires the improvement in security for the provider such as certainty of a user's authentication that the user is a right user to be given a gift, and further it is necessary to improve the convenience so that the user given the gift does not feel troublesome in using the system, whereby the dealing system can be spread. <P>SOLUTION: A card information device is used for a dummy gift, and according to the authentication data stored by the card information device, authentication of the user and specification of a browsing destination of browsed information are automatically performed. <P>COPYRIGHT: (C)2003,JPO

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a transaction processing device used for ordering products such as foods, toys and information contents and reserving services such as entrance rights to concerts and amusement parks on a network. The present invention relates to a method of providing information and a transaction system used by a person to select a desired product or service on a network.

[0002]

2. Description of the Related Art The transaction system of the present specification is a transaction system in which a plurality of users and a plurality of providers mainly use a network such as the Internet or a unique communication line to trade products. The network is mainly the Internet, WAN (Wide Area Network), LA.
It is a communication network that transmits and receives data between information processing devices such as a plurality of mobile phones, computers, computer systems and servers, and between information processing systems by using N or a unique communication line. An information transmission path is established by a hardware connection using a coaxial cable using a copper wire, a twisted pair cable, an optical fiber, a wireless device, etc. and a software connection using a protocol etc., and data communication is performed. XDSL or CATV near the network terminal
In some cases, an information transmission path is formed in each terminal by using a communication network called broadband such as FWA, mobile phone network, fixed telephone network, and FTTH.

User authentication is an information processing handbook (1) as a security measure for a computer system.
Of the external security, internal security, and user authentication described in 1989, 1st edition, Information Processing Society of Japan,
It is the authentication of the user who confirms that he is an authorized and authorized user. The most popular method of use is to certify the user as the user himself and to log in by browsing what he has only when introductory, purchasing products, logging in to a computer, etc. Is possible. Currently, the method of using a password or a credit card is a simple and general user authentication method. These personal authentication methods have few means for identifying the original user, are easily used by others, and have a safety problem. However, because of its convenience, while services using the personal authentication system are spreading to society, a method of authenticating a user using an IC card or the like with improved safety is being studied. The IC card is a debit card of a bank, Suica of JR East Co., Ltd., or each local government (IC card system utilization promotion conference www.jic.
sap. com) has begun to be used. The IC card is a highly secure portable information device that is difficult to forge due to encryption processing in the internal IC and is difficult to leak information when authenticating a user.

Presently, a gift giving method called a catalog gift is popular because the user can select a desired product from a plurality of products listed in a catalog after receiving a gift. It is a gift giving method. In a catalog gift, a transaction mainly consists of a pre-transaction between a purchaser who gives a gift and a provider who provides a product, and a post-transaction between a user who receives the gift and a provider. If the purchaser gives a voucher to the user or the provider gives a voucher to the user between the pre-transaction and the post-transaction, it will be a temporary gift. Pre-transaction, post-transaction and provisional gifts are defined herein for ease of explanation. Conventionally, since a catalog is sent, there are the following restrictions depending on the catalog. First, it costs a catalog creation cost. Secondly, the number of products to be posted is limited by the number of pages in the catalog. Thirdly, in order to provide information to the catalog, it is difficult to provide prompt and flexible merchandise in line with the purchase of merchandise.
Further, there is a problem that the voucher for ordering a product is easily forged. As a usage method, a purchaser purchases a catalog and a voucher from a provider and sends it to the user. The product selected by the user from the catalog is filled in on the voucher, and the address is also filled in and sent to the provider. Upon receipt of the voucher, the provider sends the listed product to the listed address.

In recent years, a gift giving method of making a catalog gift using the Internet has also been performed. This improves the convenience of transactions. In the previous transaction,
We mainly trade money and data necessary for user authentication such as vouchers or passwords. In the post-transaction, data such as a voucher or a password is mainly traded with the product. At this time, when the purchaser directly gives a voucher or the like to the user as a gift between the pre-transaction and the post-transaction, the provider may send the voucher or the like to the user as a proxy.

A method of trading gifts such as catalog gifts using the currently developed net will be described. As You Like of Shady Co., Ltd. (www.shaddy.co.jp) is used in the following procedure. First, the purchaser selects the amount of money on the Internet and informs the provider of the address of the user who is the recipient of the gift. Secondly, the catalog and exchange will be delivered to the user. Third, the user fills in the desired product from the catalog in exchange and returns it to the provider. Fourth, the desired product reaches the user.

In this transaction system, online transactions are performed as pre-transactions, and catalog books and exchange tickets are transacted as post-transactions. As a gift, the provider sends a voucher to the user as a proxy. This is a computerization of the previous transaction, which enables quick transactions and improves the convenience of the purchaser. But,
The post-transaction is the same as the non-electronic gift-giving method, and the convenience of the gift-given user is not improved. For example, the products listed in the catalog may be out of stock. Due to the fear that many voucher-like products will appear on the market, it may be necessary to devise a technique such as making it difficult for counterfeiting by using a holographic material on the back of the voucher.

[0008] In addition, PROGREX Co., Ltd. (www.
Japan-sea. ne. jp) Good Cho
In ice, it is used as follows. First, the purchaser's website, the catalog by budget, the payment method,
Fill in your own address, etc., then fill in the e-mail address of the recipient, and send. Second, the provider sends the URL and the ID and password for viewing the page to the user by email. Third, the user accesses the URL sent by e-mail, inputs the ID and password, browses the home page, selects only one item from the products listed in the home page catalog, and presents the product. Send it to the provider with the address and phone number you want. Fourthly, the provider notifies the purchaser by email as soon as the user selects and sends the product. Fifth, when payment from the purchaser is confirmed, the provider sends the arrival date of the product to the purchaser and the user by email. Sixth, the provider delivers the product to the user.

In this transaction system, a provider sends a URL to a user and a user authentication ID and password for viewing the homepage to a proxy as a temporary gift. It is a computerization of pre- and post-transactions, and not only in pre-transactions but also in post-transactions, the user can click the URL sent on the terminal connected to the Internet to open the home page and browse the product catalog. It is convenient for the user, and there is no limit on the amount of information provided such as the number of pages in the catalog, which does not incur the cost of creating the catalog. Since the network is used, it is a transaction system using an effective network that can provide information promptly.

However, for the provider, the URL used in the post-transaction and the ID and password for user authentication are easily copied, and the security of the transaction system is likely to cause a problem.
For buyers, both before and after transactions can be done easily in a short time, but conversely, because the catalog is also selected on the network, it is very easy to give the price given by the recipient user. There is a problem with the convenience of the purchaser. Furthermore, in product transactions using only e-mail, the exchange of goods from the purchaser to the user is frivolous, and it is difficult to obtain the satisfaction of the purchaser.

Further, the pre-transaction method in which the quality of the product is confirmed at a store such as a department store, a specialty store, or a convenience store before the gift is determined is the most well-established conventional gift giving method. For this reason, the digitization of the previous transaction described above,
The digitization of pre-transaction and post-transaction, as well as the digitization of post-transaction, not only gives buyers the peace of mind to send gifts that confirm the quality of the product, but also the freedom for the user to select the product that he or she really wants. It is convenient because it gives you the added security.

[0012] At this time, if the user who is gifted in the post-deal as referred to in the present specification is burdened with the computerization of the post-deposit, it is difficult to disseminate the post-deal. For example, enter the address of the home page to browse the selectable product items, select the page,
Not only long ID but also complicated work such as authentication work of entering a password from a keyword is required. The fact that the user has to hold a plurality of cards and to launch the home page of the provider for each card is confusing in usage, cumbersome to manage the home page, and inconvenient. Furthermore, it is important to secure the security of the trading system through pre-trading as the post-trading becomes electronic. The security of the transaction system is to secure the security against leakage or trust and malicious use of the above-mentioned voucher, ID, and password which are mainly used for post-transaction. Furthermore, it is necessary to deal with the diversification of transaction systems and to provide convenience to providers in each industry.

[0013]

As described above, mainly in the transaction of gifts, the issue of safety of the transaction system for the provider, the issue of convenience for the purchaser, and the convenience for the user. The problem of (1) hinders the digitization of transactions such as ordering gifts and services.

The present invention has been made in consideration of the above problems, and an object of the present invention is to provide a transaction processing device which is mainly used in a post-transaction provider and which is highly convenient for purchasers and users. And Another object of the present application is to provide a product selection information providing method and a product transaction that has a new function and enhances safety and convenience.

[0015]

A card type information device such as an IC card is distributed between a provider, a purchaser and a user. A conceptual diagram is shown in FIG. A user places an order for a post-trade on a provider on the network, but the user authenticates with the authentication data uniquely stored in the card-type information device 1 to permit browsing of information necessary for ordering. After that, as a series of work, specify the browsing destination of the browsing information with the authentication data,
Further, the user is allowed to browse the browsing information. By using such a transaction processing device, the card-type information device 1 which is difficult to forge is distributed between the provider, the purchaser, and the user to prevent the forgery of the voucher and the leakage of the password, and the security of the transaction system. To improve. Furthermore, the purchaser can freely and freely hand over the card-type information device 1 to the user, send it in a simple envelope, or give a temporary gift, and the convenience is improved. Furthermore, as computerization of post-transactions is carried out using such transaction processing devices, at the same time as user authentication is performed using the authentication data of the card-type information device, the information necessary for product ordering and service reservation is automatically provided to the user. By sending the information in a convenient manner, the gifted user can obtain necessary information without performing complicated work, and the convenience is improved. Furthermore, although the services of multiple providers are used, the user only needs to connect to a specific transaction processing device, and the use of various types of card type information devices,
The transaction system can be diversified in response to transactions between multiple users and multiple providers.

[0016]

BEST MODE FOR CARRYING OUT THE INVENTION (Example 1) In constructing a trading system whose main purpose is to trade gifts and the like using alternative products such as gift vouchers, the fields of merchandise trading using networks are diversified. , Safety against counterfeiting of alternatives is required. Furthermore, it is necessary to improve the convenience so that the user who receives the gift does not feel bothered to use the system. Solving these issues will lead to the spread of electronic trading systems. A system is an aggregate of constituent elements such as an information processing device and an information processing system connected by a network, and means a work that has one purpose as a whole. In this example, even if the system is configured using a LAN or the like, if it can be regarded as a terminal for the Internet or WAN, it may be included in the transaction processing device, the provider terminal, or the user terminal.

The present invention mainly provides a transaction processing device for use in a transaction system, which provides security against counterfeiting by a provider and convenience that a user can easily use. The transaction system in this specification is shown in a conceptual diagram as shown in FIG. As described above, as the first feature of the present transaction system, the card-type information device 1 such as an IC card that is difficult to forge is distributed between the provider, the purchaser, and the user. Gifts with gift certificates,
In gifts such as catalog gifts, money between the purchaser and the provider and pre-transaction of the card-type information device 1, a temporary gift that is a gift of the card-type information device 1 from the purchaser to the user, a card between the user and the provider It consists of the type information device 1 and post-trade transactions. Post-transaction consists of ordering products and delivering products. Alternatively, the post transaction may consist of booking a service and providing the service. As the second feature of the present transaction system, the browsing information that the user browses at the time of ordering or making a reservation for post-transaction is determined by the card-type information device 1, which is a substitute product that the user has provisionally gifted. At this time, the following is hidden and automatically performed by the user. First, the user is authenticated. Secondly, the browsing destination is specified. Thirdly, the browsing information is displayed. User authentication confirms that the provider is a legitimate user who is authorized to browse the browsing information. In this example, it is assumed that the person holding the card type information device 1 is a legitimate user. The browsing destination is specified by browsing the URL (Uniform Resor) of the browsing information file as the browsing destination data.
ce Locator) and IP address (Intern
It may be specified based on et Protocol Address) and the file name. The file A in this example is a block of data that describes browsing information. The browsing information may be composed of a plurality of files and a plurality of pages. The browsing information is displayed by transferring the file A and displaying it on the user terminal 2 so that the user can browse the browsing information.

FIG. 2 is a first structural example of the transaction system of the present invention. Card type information device 1 for which the user received a provisional gift
And a user terminal 2 operated by a user, a provider terminal 4 operated by a provider, and an administrator connected to the user terminal 2 and the provider terminal 4 via a network 5. It comprises a transaction processing device 3 and an information transmission line formed by contact between the card type information device 1 and the user terminal 2. With this configuration, when the user inserts the card type information device 1 into the reading device 2b, the user is authenticated and the screen on which the browsing information is described is automatically displayed on the display device 2c. In the transaction, the card type information device 1 is temporarily presented to the user,
As a post-transaction product order, the administrator's home page is accessed from the user terminal 2 connected to the Internet operated by the user, the user is authenticated using the card-type information device 1, and automatically displayed. A desired product 7 is selected from a plurality of products on the browsing information screen. Finally, the user sends the card-type information device 1 to the provider for delivery of post-transaction products.
The desired product 7 is received by presenting.

Gifts are goods and services. Merchandise refers to food, goods, information, tickets for amusement parks, concerts, and the like. What is a product order?
Select the desired product from the items displayed in the browsing information and specify the delivery address. Services include the right to enter an event at amusement parks and concerts, the right to download information content such as music, texts, pictures, and photos, and the right to use services. In ordering a service, a desired service is selected from the items displayed in the browse information, and the seat, the course, the usage time, etc. are specified. The user is a person who mainly receives a temporary gift of the card type information device 1. When the card type information device 1 is purchased by himself, the purchaser himself may be the purchaser himself. The purchaser is the person, corporation or organization that purchased the card type information device 1 for the purpose of giving a gift to the user. Purchases are mainly made in exchange for money and the card-type information device 1. However, if money is surely delivered to the provider side, it may be transaction at a store, electronic commerce, direct exchange, payment at a later date, Electronic payment is also acceptable. The provider is a corporation or organization such as a person or a company that mainly provides products or services. The company that receives the order, the company that delivers the product, and the company that delivers the product may act as a provider. The administrator is an organization such as a person, a company, or a corporation that at least uses the network 5 to authenticate the user of the user when the user makes a commodity transaction or a service reservation with the provider. For example, a certification body that certifies the legitimacy of the transaction as a third party, a credit company or a financial institution that issues the card-type information device 1, a communication company that provides infrastructure, or a portal site operating company may be used.

Reference numeral 1 in FIG. 2 indicates a card type information device, and the card type information device 1 is mainly an IC card, a magnetic card, a plastic card, a small electronic device, a key holder, a toy, etc. It should be easily carried by buyers and purchasers. However, in the present specification, the card type information device 1
Stores authentication data that is later determined by the provider.
The IC card is a non-contact type IC card, a contact type IC card, a mixed type IC card that uses contact and non-contact IC tags separately.
There is a mixed type IC card that uses both contact and non-contact IC tags. It may be a SIM card used for a mobile phone or the like. The IC card is a central processing unit (CPU), ROM, R
I having at least one of AM, EPROM, etc.
It is sufficient to mount C. Contact type IC card such as ISO / IEC7816, contact type IC card such as ISO / IEC10536, proximity type IC card such as ISO / IEC14443, proximity type I such as ISO / IEC15693
A non-contact IC card such as a C card may be used. ICs include MULTOS from MAOSCO, JAVA (registered trademark) from Sun Microsystems, and Microsoft.
Windows (registered trademark) of the company or its own OS may be used. Magnetic cards are magnetic stripe cards, PET
Such as cards. The plastic card is embossed,
Some cards have holograms, sign panels, rewrites, and barcodes. A card-type device that has an IC and emits sound or a card-type device that emits light may be used. The small electronic device may be an electronic device such as a key holder that can be held with one hand, a wrist watch, or a remote controller.

The card type information device 1 may store an encryption algorithm, various processing programs, a communication protocol and the like when performing information processing such as encryption, collation and communication of information. In recent years, it has been devised to put an IC used for an IC card in a mobile phone or a wristwatch, and thus these may be used as the card type information device 1 in this example. Furthermore, FDD and C with memory function
A storage card using D, IC, or the like may be used. In addition to the authentication data, the user may have a unique number that can be easily confirmed by comparing with the authentication data. Having the unique number facilitates the management of the card type information device 1 by the manager or the provider. The unique number is also used by the user as a means for dealing with an emergency situation due to a malfunction of the trading system. For example, the authentication data is encrypted or stored in the IC. On the other hand, since the unique number is encrypted, no special decryption is required to use it, or it is a character string printed on the exterior of the card type information device 1, so that it can be confirmed at a glance.

In FIG. 3, the card type information device 1 has an authentication data storage means A1 for storing authentication data and an authentication data output means A2 for outputting the authentication data to the user terminal 2.
Have and. The authentication data is encrypted and stored for internal security or external security, and may be prevented from being browsed, modified, or forged by a malicious third party. Password information, information by actions such as signatures, biological information such as biometrics,
Information read from the storage medium, product trading certificate information,
Personal information such as an individual's name, age, address, and identification number may be included, and possession of such information identifies the user himself. The authentication data storage means A1 is a ROM (Rea
d Only Memory) and RAM (Rando
m Access Memory), EPROM (E
rasable Programmable Read
It is stored by a semiconductor element such as only memory, magnetic tape, printing, or the like. It suffices to take measures to prevent information leakage such as encryption. EPROM is E
EPROM (Electrically Erasab)
le Programmable Read Only
Memory or UVEPROM may be used. FR, which is a non-volatile memory that uses a ferroelectric material, has lower power consumption compared to EEPROM and enables high-speed writing and high-frequency writing.
AM (Ferroelectric Random A
access memory) may be used. The authentication data output means A2 is means for transmitting the authentication data to the user terminal 2 through the information transmission line, and is the card type information device 1
Different communication methods are used depending on the type. Normally, an information transmission path is established between the user terminal 2 and the transaction processing device 3 using the network 5, the home page of the administrator is displayed on the display unit 2c, and then the authentication data is output. The control circuit in this specification includes a control device, a calculation device, a central processing unit, and the like. The control device, the arithmetic device, and the central processing unit referred to here are the devices described in, for example, the 5th edition of the physical and chemical dictionary,
It suffices to perform data processing, control of the internal configuration of the device, control of writing and erasing data in the storage device, and the like.

In FIG. 2, the user terminal 2 is a home computer, a fixed telephone, a mobile telephone, an IP telephone, or the like. Alternatively, it may be an automatic cash dispenser, an automatic ticket vending machine, a music download machine, etc. in a bank or a convenience store, and any device or system with an interface for connecting to a network that the user operates while looking at the screen. . 2a is a main body, and 2b
Is a reading unit, and 2c is a display unit. These are main configuration examples of the user terminal. In FIG. 3, the user terminal 2 has at least authentication data input means A3, authentication data transmission means A4, browsing information receiving means A5, and browsing information display means A6.
This will be described below.

In FIG. 3, authentication data input means A3
Inputs the authentication data transmitted from the authentication data output means A2 of the card type information device 1 to the reading section 2b to the main body section 2a. The authentication data transmission means A4 transmits the authentication data received by the authentication data input means A3 to the transaction processing device 3. The browsing information receiving means A5 is the browsing information transferring means A12.
At, the file A is received as browsing information via the transaction processing device 3. The method in which the user terminal 2 receives the file A is a method in which the file A is received via the transaction processing apparatus 3, and the browsing destination data of the file A is obtained from the transaction processing apparatus 3 and the file A is transmitted to the provider terminal 4. Although there is a method of directly requesting and receiving the transmission, the browsing information may be finally obtained from the provider terminal 4. The browsing information display means A6 displays so that the browsing information received by the browsing information receiving means A5 can be browsed by the user. The authentication data input means A3 has an authentication data identification function of identifying authentication data. In this example, the user receives the home page of the administrator who stores the authentication data identification program in the user terminal 2 and stores it, and starts it. It is sufficient to set the execution state such that the identification of data is always repeated or the identification is repeated repeatedly. The following is done before the user remembers the administrator's home page. In FIG. 2, the user executes the browser stored in the main body 2a and inputs the URL of the administrator's home page in the URL text box.
The browser is software used to browse information on the network. The browser uses the URL input by the server to manage the IP address and then the transaction processing device 3
The IP address of is acquired. At this time, UDP (Use
r Datagram Protocol), and then TCP / IP (Transmissio).
n Control Protocol / Inter
HTTP (Hyper Text Tran) of the communication service by communication using the net Protocol.
The home page of the administrator may be received by the user terminal 2 from the transaction processing device 3 by sfer Protocol).
And HTML (Hyper Text Makeu)
The browser converts the file of the administrator's home page, which is described in, into an image and displays the content on the display device 2c.

In FIG. 2, in data communication using the network 5 such as the Internet, the interface between the network 5 and the user terminal 2 and the transaction processing device 3 are used.
It is necessary to make a hardware connection such as the connection between the interface of 1 and the interface of the provider terminal 4. further,
The device driver of the interface, the protocol such as TCP / IP and UDP, the protocol of the communication service such as HTTP and TELNET, and the program that executes the protocol are stored in the user terminal 2, the transaction processing device 3, and the provider terminal 4, and these are stored. It is also necessary to make a software connection to operate the device and transfer data according to a fixed rule between each device. Mechanism of communication protocol (1999
You can use the communication protocol and communication service described in the 6th edition Nihon Jitsugyo Publishing Co., Ltd. Isao Taniguchi. In addition, the user terminal 2 may store a browser as a browsing program, and the transaction processing device 3 and the provider terminal 4 may store a program for processing the received communication service. The information communication network (1
991 Ohmsha Haruo Akimaru) Arrangements for correctly transmitting the information described and arrangements relating to the processing of the information may be made. In addition, in order to prevent information leakage during transmission, a protocol for encrypting and transmitting and receiving data among protocols used in a layer above a transmission protocol such as TCP, for example, SSL (Secure Socket).
ts Layer) and TLS (Transport L)
It is preferable to carry out the encrypted transmission using the Ayer Security). In this way, it is possible to transmit data by making a hardware connection and a software connection.
In this specification, an information transmission path is established. The data is sent according to the rules of the communication protocol, but the data is sent and received in packets in a predetermined format. FIG. 21 shows an example of a packet. The packet has a header 702
a, data 702b, trailer 2c,
Information is exchanged by transmitting and receiving a plurality of these.

In FIG. 2, when the home page is received,
An authentication data identification program having an authentication data identification function for identifying authentication data, an authentication data transmission program for transmitting the authentication data to the transaction processing device 31 after identification, and the like are simultaneously received. The authentication data identification program determines whether the data output to the reading device 2b by the authentication data input means A1 of the card type information device 1 is the type of the intended authentication data. The method of identifying authentication data is to add the same data before multiple authentication data for identification, or to add a specific pattern to the authentication data,
It is sufficient to identify this pattern. If sound is used, a pattern may be formed by combining a plurality of frequencies and may be identified by Fourier analysis or the like. Alternatively, the card type information device 1 may output the data after encrypting with the encryption key, and the user terminal 2 may decrypt with the public key to identify the pattern. It may be included in the authentication data identification program on the home page. The authentication data input unit A3 and the authentication data transmission unit A4 allow the user to input the password for the authentication data identification program and the authentication data transmission program, and operate after the password is discriminated. However, it is preferable that the password is easy to input with 2 to 6 digits, and the unique number of the card type information device 1 may be used.

As another method of using the authentication data input means A3 and the authentication data transmission means A4, in FIG. If the user outputs the authentication data from the card type information device 1, it becomes possible to automatically display the browsing information by memorizing it and starting it as a program resident in the system. Even if the user uses a plurality of card type information devices 1, he / she can easily browse the target information. At the same time, the use of the transaction system of this example by a plurality of providers has the effect of reducing the load on the memory capacity of the user terminal 2. When the program is added with the authentication data identification program of the user terminal 2 and the authentication data transmission program to the browser, the user can easily browse the target information by starting the browser and inputting the authentication data. Furthermore, if the authentication data identification program and the authentication data transmission program are added to the homepage of the portal site, the target information can be easily browsed by displaying the homepage of the portal site and inputting the authentication data.

In FIG. 2, the information transmission path between the card type information device 1 and the user terminal 2 is electrically connected by wireless, wired or contact, the interface of the card type information device 1 and the user terminal 2. And an information transmission path for transmitting and receiving data and transmitting information according to a certain rule. The interface is a contact terminal, a connector, an antenna, a speaker, a microphone, a light emitting device, a light receiving device, an electromagnetic wave generating device, an image display device, a camera, and a circuit that operates and drives them, a modulation circuit, a demodulation circuit, an oscillation circuit, It may include an amplifier circuit and a filter circuit. Contact terminal is I
The contact terminals and connectors determined by SO / IEC7816 include USB, RS232C, microphone connector, mobile phone interface connector and unique connector. Wireless is a wireless communication mainly using microwaves, infrared rays, ultrasonic waves, and electromagnetic waves of voice frequency, and an information transmission method using encrypted patterns such as barcodes.
You may use communication standards, such as tooth and irDA1. Wired is an information transmission method for connecting cords.
This example is an information transmission path by contact, and is an information transmission method in which the card-type information device 1 and the exterior of the user terminal 2 are brought into contact with each other, or the terminal of the card-type information device 1 is brought into contact with the reading terminal of the user terminal 2. is there. When the card type information device 1 includes an IC having a control circuit that manages a memory that stores authentication data, an information transmission path is established between the card type information device 1 and the user terminal 2. When reading the authentication data in the memory of the card type information device 1 having no control circuit, the user terminal 2
Requires a device driver to control the memory. Similarly, when the card type information device 1 is a CD, a DVD, an MD, a floppy disk, etc., a storage medium for storing authentication data directly establishes an information transmission path by using magnetism or light,
The user terminal 2 requires a device for generating an electric signal, a device for generating magnetism, a device for generating light, a circuit for controlling these, a device driver, and the like.

In FIG. 2, the transaction processing device 3 is mainly composed of a server, a plurality of servers, a server, an external storage device, a computer and the like. In a small-scale transaction system, an ordinary personal computer (PC) or a small server may be used. Considering the processing speed such as the frequency of use in product transactions, large-sized multiple servers and external large-capacity hard disk It is sufficient to establish an information transmission path by using a drive or a PC as a LAN and introduce an information processing system that performs a single job as a whole. The server is a www server that connects the home page to the Internet, a mail server necessary for performing necessary information processing, a DNS server used for address management, a news server providing net news, and an FTP used for file distribution.
For example, a server. An authentication server that mainly authenticates users may be used. For example, a Proliant ML330 manufactured by COMPAQ can be used as a server, and a ProDS1000-SP manufactured by Procide can be used as an input PC, and these can be connected by a LAN. In this example, the program that operates various means, various functions, and various procedures is Su
n Microsoft Systems' JAVA (registered trademark) is used, and Microsoft's Windows is used.
(Registered trademark) or MacOS of Macintosh
Also, it can be used on various platforms such as Linux. As a result, the same browsing information can be browsed by several types of portable information devices 1. Other C ++,
Even if various programming languages such as Visual Basic of Microsoft Corporation are used, the card type information device 1
The user terminal 2, the transaction processing device 3, and the provider terminal 4 may operate by exchanging data with each other.

In FIG. 3, the transaction processing device 3 has the following means. At least it has a discriminating storage unit A7, an authentication data receiving unit A8, an authentication data discriminating unit A9, and a browsing destination specifying unit A10, and if necessary, a browsing information requesting unit A11 and a browsing information transferring unit A12. , Transaction information storage means. In this example, existing hardware is used to create a program for operating these means and operate according to the processing procedure. This will be described below. The discrimination storage unit A7 stores the discrimination data used for discriminating the authentication data and the browsing destination data for identifying the browsing destination of the browsing information in association with each other. The discrimination data is data used to discriminate the authentication data. Discrimination is to determine whether the data is genuine or not, and in the present specification, to identify that the data is valid. The discrimination data is
Stored before the information processing device 3 receives the authentication data,
It may be used to determine whether the authentication data is valid. Also,
The discrimination data may include a program for processing for discriminating the authentication data, in addition to the data for simple comparison.

The browsing destination data is data required for receiving at least browsing information of products and service items on the network 5. In this example, the file A is used to identify it on the network 5. The transaction processing device 3 is used to establish an information transmission path of the user terminal 4, and is mainly data representing a domain name, a storage device name, and a file name.
It can be an address or the like. The description of the URL is shown in FIG. UR for information processing devices and files connected to the network
Specified by L. The domain name and the device, folder name, and file name managed by the information processing device specified by the domain name are specified. A device connected to the network 5 has a unique domain name. Generally, to display the top page on the user terminal 2, only the domain name is specified. Specify the file name to see the lower page. When the URL is entered in the URL text box of the browser, the file specified by the URL is received and displayed. The URL is converted into an IP address by the browser using a resolver program. The transaction processing device 3 may not necessarily use the URL but may store the browsing destination by the IP address and the file name and use it for the connection. The browsing destination data may be data uniquely attached to the information browsing destination on the network. The IP address of the Internet is NIC (Ne
IPv4 (Internet Pro), which is centrally managed by the network Information Center.
Tocol version 4) is 32-bit data and will be used in future IPv6 (Internet).
In Protocol version 6), it is 128-bit data, and these may be used.

In FIG. 3, the discrimination storage means 7 includes the card type information device 1 purchased by the user later to the user terminal 2
It suffices that the authentication data is transmitted before the authentication data is received in anticipation of transmitting the authentication data to the transaction processing device 3 in order to obtain the browsing information via. For example, before and after the card type information device 1 is manufactured, before and after the card type information device 1 is distributed from an administrator to a provider, before and after the card type information device 1 is distributed from a provider to a purchaser or a user, Before and after the card type information device 1 is distributed from the purchaser to the user. For example, in the case of storing two or more data in a matrix, it is possible to fill them in the same row or column collectively or to store the same code so that one data can be searched later for another. Then, it suffices if it can be specified on the transaction processing device 3. The relationship among the numbers of the authentication data, the discrimination data, and the browsing destination data to be associated may be one-to-one, one-to-one, one-to-one, and one-to-one. However, the card type information device 1 does not store a plurality of browsing destination data in order to determine the browsing destination.
If necessary, for example, the browse information file specified by the browse destination data may form a link that allows selection of a plurality of subordinate files. In this manner, by storing the discrimination data in association with the browsing data, the received authentication data is specified by using the discrimination data, and at the same time, a plurality of existing provider terminals are determined from the received authentication data. The provider terminal 4 or the browse information file having the browse information is identified on the network 5. In this example, 100 pieces of discrimination data and URLs are input and stored in the database in association with each discrimination data from the input PC of the transaction processing apparatus 1. The file A in this example is specified by one URL in the database.

In FIG. 3, the authentication data receiving means A8 means that the authentication data stored in the card type information device 1 is transmitted to the network 5 via the card type information device 1 and the user terminal 2.
Receive authentication data from. The authentication data stored in the card-type information device 1 is input to the user terminal 2 through the information transmission path and further transmitted from the user terminal 2 to the transaction processing device 3 via the network 5, and the information processing device 3 transmits the authentication data. To receive. It is necessary to establish an information transmission path via the user terminal 2 and the network 5. In this example, when the authentication data is received in the server, it is registered and managed as one processing item, and a processing area is formed in the memory. A program that operates in series by the processing procedure of means A11 and then browsing information transfer means A12 was created. When another authentication data is received, it is registered as the second process item and the process is similarly started. Authentication data receiving means A
Even if the user inputs the password on the user terminal 2 and operates after receiving the password, the user can prevent the easy use of the card type information device 1 when it is lost. It is good, but it is preferable that the password is easy to input with about 2 to 6 digits, and a unique number may be used.

In FIG. 3, the authentication data discriminating means A9 processes the authentication data received from the authentication data receiving means A8 as discrimination data and discriminates it to authenticate the user. The determination is to determine whether the authentication data is valid. By determining whether the data is legitimate authentication data, it is determined that the data has not been copied or forged by a malicious third party created for the purpose of being used as a substitute for a product or service by an administrator or a provider. When the received authentication data is collated, and if it matches the discrimination data, it is determined to be valid authentication data, for example, the authentication data is 3-digit data of 1.2.3 and the discrimination data is 1.2.3. . The transaction processing device 3 stores a program for searching for discrimination data that matches the received authentication data. At this time, as the data for discrimination, 1, 2, 3
If only the data is stored in the discrimination storage means A7, it is regarded as valid data and the discrimination result. It is unreasonable if the received data has different arrangement of authentication data such as 2.3.1, different number of digits such as 1.2, or different kinds of characters such as a.b.c. It will be the result of discrimination from different data.

Further, when the authentication data discriminating means A9 discriminates a plurality of authentication data from one discriminating data as legitimate authentication data, for example, all the digits of the authentication data and all the digits of the identification data are summed up. When the total number is 15, a program for authenticating authentication data is stored. The authentication data is 1.2.3 or 1.1.4 or 3.1.2, and the identification data is 4.
・ Set to 5. Further, the transaction processing device 1 sums up all the digits and determines whether or not they match 15. A method of determining that the encrypted authentication data is decrypted into meaningful characters may be used.
In this way, any determination method may be used as long as the authentication data is determined to be valid authentication data. Processing is a series of operations performed on data. For example, reading data, creating data, deleting data, collating data with other data, the amount of change of one data, the amount of error, a constant value, the average before collating It is the calculation of a value, the encryption or decryption according to an algorithm or program, and the acquisition of data indicating whether or not there is a match as a result of collation. Decoding may be included to determine the encrypted authentication data. In this example, the unique number and the authentication data are received, decrypted by the determination data decryption program, processed by the processing program, and the determination result is OK.
Output with O.

In FIG. 3, the browsing destination identifying means A10 identifies the browsing destination data stored in advance by the discrimination storage means A7 in association with the discrimination data from the discrimination data used by the authentication data discrimination means A9. Identifying is to determine that, among many, only that is the case. In this specification, it means to specify at least one provider terminal 4 or browsing information file from a plurality of provider terminals that are mainly connected to a network. The program specified by the associated and stored method may be stored. For example, a program in which the data in the (A + 1) th row and the Bth column is used as the browse destination data for the discrimination data stored in the Ath row and the Bth column may be used. A program that uses the data of E1 of the database E as the browse destination data for the discrimination data stored in D1 of the database D.
A code F may be added to the discrimination data, and a program or the like in which the data having the same code F is used as the browse destination data may be stored. Any specifying method may be used as long as it can be specified. In this example, the authentication data discriminating means A9 is used.
Is output and the URL of the file A is specified.

In FIG. 3, the browsing information requesting means A11 uses the browsing destination data specified by the browsing destination specifying means A10 to receive desired browsing information from the provider terminal 4. It is also necessary to establish an information transmission path with the provider terminal 4 and transmit data requesting that the provider terminal 4 transmit browsing information, and establish an information transmission path via the provider terminal 4 and the network 5. There is a need. In this specification, the determination result is the result of determining whether the authentication data stored in the card type information device 1 is valid or not, and is obtained by the data determining means. I using TCP / IP
A program that establishes an information transmission path with the provider terminal 4 specified by the P address and then executes the communication service may be used. For example, HTML is used to request and receive a file specified by a file name. In this example, the browsing information specifying unit A10 operates after the operation, and the U of the file A
The provider terminal 4 is requested to send the file A using the RL.

In FIG. 3, the browsing information transfer means A12 transfers the browsing information to the user terminal 2. This is a browsing information transfer function of receiving at least data of browsing information of products and services from the provider terminal 4 and transmitting the data to the user terminal 2.
As the transfer method, there are a method of transmitting the received browsing information data as it is to the user terminal 2 and a method of storing the received browsing information in the transaction processing device 3 and then transmitting it to the user terminal. There is also a method of directly transmitting the browsing information from the provider terminal 4 to the user terminal 2. For establishing the information transmission path with the user terminal 2, a method of maintaining the information transmission path established by the authentication data receiving means A8 and using it as it is until the processing of the product order is completed, a method of newly establishing the information transmission path, etc. There is. In this example, the browsing information is received once, and the HDD is
A program for temporarily recording in the (hard disk drive) and transferring browsing information to the user terminal 2 is used. In this way, the user automatically browses the predetermined browsing information from the specific user terminal or the like by the card-type information device 1 that he has. For example, when the authentication data of a gift card is input to a home computer, the commodities items are automatically displayed on the computer. During input and display, the authentication data is sent to the transaction processing device 3, the authentication data is discriminated by the discrimination data stored in the data storage means, and the browsing destination data is specified from the discrimination data used in the discrimination.

The transaction information storage means stores user's selection information such as product order contents or service reservation contents,
This is stored in association with the authentication data or the discrimination data. By remembering the content of the transaction, you sign the transaction as a third party in case of problems later. At this time, it is preferable as credibility of the proof to store personal information of the provider or the user, time information such as transaction time, and notification contents. The time information may be the time when the authentication data is received, the time when the authentication data is determined, the time when the user selects the product, the time when the user expresses some intention, and the year, month, day, hour,
It is sufficient if it has minutes, seconds, and information indicating what time means to the user or the provider, and is effective as evidence later. Further, the location where the product or service is provided may be stored. The providing place is a place where the provider and the user deliver the product or a place where the service is provided. It should be stored mainly so that the provider can use it to deliver the product. In FIG. 1, it is a place where the product and the card type information device 1 are exchanged. In this example, it is the place where the provider delivers the desired product selected by the user viewing the browsing information, that is, the home address of the user. In addition, when delivering a product, the identification number or address of a store such as a convenience store or a department store where the user goes to receive the product may be used. On the other hand, in the provision of services, identification numbers and addresses of concert venues, event venues, amusement parks, movie theaters, rental companies, etc. to which the services are provided by the user are provided. Furthermore, for home cleaning, the home address of the user may be used. Further, it may be an identification number or address of a line such as a train or a bus or a station. The transaction processing device 3 has selection information transfer means and transmits the contents stored in the transaction information storage means to the provider terminal 4,
It may be notified or confirmed to the provider, or may be stored in the provider terminal 4. Similarly, the contents of the transaction may be confirmed to the user by transmitting it to the user terminal.

In FIG. 2, the provider terminal 4 is composed of an information processing device such as a personal computer to a host computer and various servers required for using the Internet. For example, an authentication server and a DNS server are combined. It may be used after being converted. Further, a database group may be configured by using a necessary external storage device or the like. The provider terminal 4 has a unique URL or IP address and is specified on the network. The URL is an example of browsing destination data referred to in this specification. In this example, the provider terminal 4 stores the file A of browsing information in advance and stores the URL of the file A.
Is set, and the transaction processing apparatus 3 is requested to transmit the file A and transmits the file A. In FIG.
The provider terminal 3 has a browsing information storage unit A13 and a browsing information transmission unit A14, and the browsing information storage unit A13 stores a browsing information file A that the user browses after the user has been authenticated. Is a means to do. In addition, the browsing information storage unit A13 may have a browsing destination data setting function for setting the browsing destination data of the browsing information as necessary. The browsing information transmitting means A14 is the browsing information requesting means A1.
It is a means for transmitting to the transaction processing apparatus 1 the browsing information file A stored by the browsing information storage means A13 requested by 1.

The operation is mainly to operate so as to operate without any trouble, turning on the power of the device or connecting an information transmission line to the network 5. It may include operations to open, enter data required to operate the trading system, and manage and maintain the information so that it is not used for any use. Connection refers to the state of transmitting and receiving information.

In FIG. 2, the product 7 is, in this example, an order for a product such as food or toys, or a ticket for a concert or an amusement park. When the product 7 is received, the card type information device 1 is handed to the courier and used as an exchange ticket. The provider can collect the card-type information device 1 and reuse it to provide a service at low cost. When handing over the product 7, the authentication data or the unique number may be transmitted to the provider terminal 4 or the transaction processing device to determine whether the card-type information device 1 is valid. In addition, as the product 7, information such as music, photos, welcome information, messages, passwords, etc. may be downloaded using the information transmission path of the Internet. As the service, the card type information device 1 may be used as a ticket to provide a service such as a right to enter a concert or an amusement park. At this time,
The card type information device 1 may be collected as a ticket.

FIG. 4 shows a main data transmission / reception procedure. The first embodiment will be described below with reference to FIGS. 2, 3, and 4. The card type information device 1 stores the authentication data A. The card type information device 1 stores the authentication data A in the authentication data storage means A1. The transaction processing apparatus 3 determines the discrimination data A for identifying the authentication data A and the browsing destination data A for identifying the file A on the network 5 by the discrimination storage means A.
Remembered by 7. The provider terminal 4 sets the browsing destination data A that specifies the file A, and stores the file A including the browsing information in the browsing information storage unit A13. In FIG. 4, the authentication data is input from the card type information device 1 to the user terminal 2. The card-type information device 1 outputs the authentication data A stored in the authentication data storage means A1 by the authentication data output means A2, and the user terminal 2 inputs it by the authentication data input means A3. For the transfer of the authentication data, the authentication data A is transmitted from the user terminal 2 to the transaction processing device 3. The user terminal 2 transmits by the authentication data transmitting means A4. The transaction processing device 4 receives it by the authentication data receiving means A8. As for the request for the file A, the transaction processing device 3 transmits to the provider terminal 4 the data of the content requesting the transmission of the file A. The transaction processing apparatus 3 collates the authentication data A received by the authentication data receiving means A8 with the discrimination data A stored in the discrimination storage means A7, and after discriminating the authentication data A, the browsing destination specifying means A10 causes the file A.
Is specified by the browsing destination data A, and the browsing information requesting means A11 requests the file A to the provider terminal 4 using the browsing destination data A and receives the file. For the transmission of the file A, the provider terminal 4 transmits the file A specified by the browsing destination data A by the browsing information transmitting unit A14. The file A is transmitted from the provider terminal 4 to the transaction processing device 3. The file A is transferred from the transaction processing device 3 to the user terminal 2
Transfer file A to. The transaction processing device 3 transfers the file A by the browsing information transfer means A12. In this way, the user terminal 2 receives the file A by the browsing information receiving means A5 and displays it by the browsing information display means A6.

The user browses the browsing information of the file A and determines the selection information of the product to be ordered and the service to reserve. The selection information is input by the user to the user terminal 2, received by the transaction processing device 2, stored, or transmitted to the provider terminal 4.
The provider delivers the product to the user or provides the service to the user according to the selection information.

(Embodiment 2) FIG. 5 shows an example of the configuration of a transaction system. This is a transaction system in which the browsing information to be browsed by each card is determined, and at that time, the browsing information is displayed after the user is authenticated as a valid user to browse. The user browses the browsing information using the home computer 22.
These are a department store card 11 and a cyber shop card 13 to which the user has given a temporary gift, and an event company card 12 purchased by the user. The department store card 11 is a card information device dedicated to a department store company, the cyber store card 13 is a cyber store, and the event company card 12 is a dedicated event information device of the event company. Each card type information device stores unique authentication data.

The department store card 11 is distributed mainly as follows. The data for discriminating the card produced by the administrator is temporarily stored as a registered card. Also, the transaction processing device 3 has already been
Send the registered department store card 11 to the provider, who has become the registered provider who has completed the usage contract of 1.
It becomes the A department store card 11, which is a distributed card. The provider sells the A department store card in exchange for money 10 to the purchaser, and further, the purchaser gives the department store card 1 as a gift to the user.

In FIG. 5, the user terminals include a home computer 22, a user terminal 2 and a mobile phone 24 owned by the user, and a convenience store terminal 25 such as an ATM installed in a convenience store.
But it's okay. The terminals 26 owned by other people are also physically connected to the Internet 51. The fixed-line telephone 23 is mainly connected by wire through the telephone communication network 7. The mobile phone 24 establishes a wireless and wired information transmission path through the Internet 51 and the wireless telephone communication network 8.

In FIG. 5, it is desirable that there is one transaction processing device 31 on one transaction system. However, when a plurality of similar transaction systems are formed, a plurality of transaction processing devices of each system may be connected to the network. The transaction processing device 31 is operated by an administrator. Further, the provider terminal is the department store computer 41.
The event company host computer 42, the cyber shop server 43, the Internet 51, and the information transmission path are established, and are operated by different providers. When communicating between information processing devices and information processing systems at the time of communication, let each device use the communication protocol,
Send and receive data according to a common rule. A protocol used in the Internet or the like communicates according to a standard communication protocol such as TCP / IP. TCP is a communication protocol that delivers all packets without error. IP
Is a communication protocol for delivering a packet from a transmission information processing device to a reception information processing device. Internet 5
In the data communication of No. 1, the SSL protocol is used for encryption and communication is performed. Internet 51
In the information transmission path via, the transaction protocols are stored in each transaction processing device 3, user terminal 2 and provider terminal 4.

In FIG. 5, a department store computer 4
Reference numeral 1 denotes a control circuit 41a for controlling each configuration and a transmission / reception unit 41.
b, a storage unit 41c that stores browsing information, a memory 41d that uses data for processing, and the like. In this example, the browsing information of the C course is the file F. Further, in order to establish an information transmission line with the transaction processing device 51 using the Internet 51, a device driver, TCP / IP, SS
A program including the L protocol and the like, and a program for executing a program for searching and transmitting the file C are stored in the storage unit 41c or the memory 41d.

FIG. 6 is a structural example of the transaction processing device 31. The transaction processing device 31 includes a server 31a, an external storage device 31c, and a LAN 31b. Although the server 3a is an information processing device, it has a home computer 22 and a landline telephone 23.
It has a server program that executes a communication service in response to a browser request such as. Hardware and OS
And, it operates by the server program, application and various programs. LAN is Local Ar
It is an abbreviation for ea Network, which is a local information communication network. It is preferable that the transaction processing device 31 is installed in an authentication center or the like managed by an administrator such as a certification institution, and measures for leaking information and hacking are taken sufficiently. It may be a facility operated by a portal site, mobile phone, or telephone company. A transmission / reception unit 102 for transmitting / receiving data to / from the Internet, a transmission / reception unit 103 for communicating with the external storage device 31c and other information processing devices, a memory 104 used for processing data such as calculation, an internal storage unit 105, and management Input unit 1 used by a person to operate
06, the display unit 107, and a control circuit 101 that controls these configurations, executes programs, and also processes data.
Consists of.

In FIG. 6, an internal storage unit 105 is a device for storing data by utilizing electricity, magnetism, light or the like, and is a built-in hard disk drive in this example. In this example, a hard disk drive using a magnetic disk is used. The main data to be stored is the homepage file,
A device driver that communicates with the home computer 22 or the department store computer 41, a program that uses a protocol required for communication such as TCP / IP or SLL protocol, and when one authentication data is received, the processing procedure shown in FIGS. 12 and 13 is followed. A process management program that activates and manages the necessary programs to advance and manage the process, a determination storage program that operates the determination storage unit, an authentication data determination program that operates the authentication data determination unit, and a browsing destination identification that operates the browsing destination identification unit A program, a browsing information request program that operates the browsing information requesting unit, a transaction refusal file, an encryption program, a decryption program, an authentication database 110 that stores discrimination data and browsing destination data, and an internal storage unit 105 that receives the browsing information. Operate the browsing information storage function Management information management program, temporary browsing destination setting program that operates temporary browsing destination setting function that sets temporary URL in browsing information, temporary browsing destination transmission program that operates temporary browsing destination transmission function that transmits temporary URL, and manages each database A program for operating each component, a driver for operating each component, and the like. These are read and used in the memory 104 as needed. The authentication database 110 is used to authenticate a user, and the main data to be stored are the identification data of the department store card 11, the data of the URL for browsing the information, and the unique number. The provider number or the like unique to the registered provider is stored as necessary.

In FIG. 6, in this example, the external storage device 31c is used for the reason of the information holding management of the server 31a. In this example, the card registration database 108, the provider registration database 109, the transaction information database 111
Have. The card registration database 108 is used to manage the registered cards after they are manufactured. The main data to be stored are discrimination data and unique number data. Input from the input unit 106 and L from the transmission / reception unit 103
The AN 31b is transmitted and stored. Store multiple registration cards for distribution to the provider eventually. The provider registration database 109 registers a department store that is a provider. The main data to be stored is the URL of browsing information and, if necessary, the data of company name and provider number. The administrator uses the provider number for searching and managing the provider.

In FIG. 6, the transaction information database 11
1 stores the transaction of the product 7 ordered by the user and the transaction of the reserved service, and later uses it for proof of transaction and proof of the number of times the system has been used. The main data to be stored are the data of products and services selected by the user, the data of the date and time when the user inputs the intention of the transaction, the authentication data and the discrimination for distinguishing the department store card 1 used for the transaction. It is data such as business data and unique number. If personal information such as name, address, telephone number and address is obtained from the user or purchaser, it may be stored here.

FIG. 7 and FIG. 8 show a first configuration example of the card type information processing device and the user terminal. Department store card 11
A method of transmitting authentication data from the computer to the home computer 22 will be described.

In FIG. 7, the department store card 11 is
It is a card type information device that is registered as a distributed card in the transaction processing device 3 and that the purchaser tentatively gave to the user. The home computer 22 is a user terminal owned by the user. The department store card 11 is a contact type IC card including a control circuit 201, a transmission / reception circuit 202, a contact terminal 203, and various memories. There are CPU cards and memory cards as IC cards, but the IC card in FIG. 7 is a CPU card. Moreover, you may utilize what is standardized by ISO7816 grade | etc.,. Control circuit 201 is CP
U, which strictly manages browsing to the memory and performs cryptographic processing. It mainly interprets program instructions stored in memory, executes them, and performs various processes. The control circuit 201 includes a ROM 204, a RAM 205 and an E
It is connected to the EPROM 206 or built in the same chip. The ROM 204 is a read-only nonvolatile semiconductor memory. Mainly stored are various programs such as an operating system that the control circuit 201 first executes, communication protocol programs, initial operation codes, encryption algorithms, and other data that is difficult to erase.

In FIG. 7, a RAM 205 is a volatile memory in which data is erased when the power is turned off, and is a semiconductor memory capable of reading and writing by designating an arbitrary address. It is used as a work area for processing data such as encryption and send / receive commands. E
The EPROM 206 is a non-volatile memory that does not lose data even when the power is turned off, and is a ROM that can be electrically erased and rewritten at a voltage of a certain level or higher. You may erase or write in block units using a flash memory. It is used to store various data. In addition, an arithmetic processing circuit that enhances the function of the control circuit 201, which is a coprocessor, may be included. The authentication data of this example may be stored in the EEPROM 206. It may be encrypted and stored.

In FIG. 7, the printing unit 207 displays a unique number. The unique number may be, for example, a character string or a bar code printed on the surface of the department store card 11, or a character string or a bar code written by rewriting, or data stored by embossing or IC. In this example, a rewritten character string is used. Rewrite can repeatedly write and erase several hundred times on the card surface. The unique number is
In an emergency when the user has trouble using the trading system,
It may be used as a simple means for authenticating the second user. The unique number makes it easy for the provider and the product delivery company to manage the distribution and collection of the card type information device.

In FIG. 7, the home computer 22 comprises a main body device 22a, a reading device 22b and a display device 22c. The reading device 22b transmits the electric power obtained from the power supply circuit 213 and the clock obtained from the clock generation circuit 214 by the contact between the terminals 203 and 212. Reader 22b
Is a contact terminal 212 corresponding to the contact terminal 203, a power supply circuit 213 for a power supply used in the department store card 11, a clock generation circuit 214 for a clock, an interface 215 for transmitting and receiving data to and from the main body device 22a, and data and power. Transmitter / receiver circuit 211 that transmits and receives a clock
Consists of. The contact terminal 203 is GND, 5V, -5V,
It has terminals such as I / O, reset, and clock, and inputs and outputs data, inputs power, and inputs clock. In FIG. 8, the main body device 22a includes an interface 222 used for transmitting / receiving data to / from the reading device 22b, a modem 223 including a transmitting / receiving circuit for transmitting / receiving data to / from the Internet, and an HDD 2 for storing programs and the like.
24, a keyboard 225 for the user to input data, in this example, selection of goods and services, and a control circuit 221 for processing data and programs and controlling components of each home computer 2a. The HDD 224 is an OS,
Communication protocol, program that uses the protocol,
Remember your browser. In addition to non-contact IC cards, in card type information devices that have magnetic tapes, the authentication data is sent to the user terminal when the reader reads the part of the magnetic tapes, and it has been used in conventional magnetic cards. There is a method.

12 and 13 show flowcharts of the first embodiment, and FIG. 14 shows an outline of the transaction processing apparatus of this example. Figure 1
5, FIG. 16 and FIG. 17 show configuration examples of the display screen of the display device 22c. The first embodiment will be described. As shown in FIG. 5, it is a transaction system for ordering goods or reserving services of gifts such as catalog gifts using the Internet 51. The preparation for the department store, which is the provider, to sell the department store card 11 to the purchaser will be described. The administrator creates a card type information device which becomes the department store card 11. In FIG. 12 and FIG. 14, the administrator uses the registration card input means S1 to input the input unit 1 after manufacturing the card type information device.
From 06, the discrimination data C and the characters of the printing unit 207 are input as the unique number C. In the registration card storage means S2,
The discrimination data C and the unique number C are stored in the card registration database 108, and the card type information device is used as a registration card.

In FIGS. 12 and 14, on the other hand, the registration provider input means S3 inputs the provider number unique to the provider, the company name, and the URL of the browsing information file C from the input device 106. The data is stored in the provider registration database 109 by the registration provider storage means S4. The URL is the file C of the C course of the catalog gift that the administrator has decided in advance. Courses range from A to F, depending on price. When the manager hands over the department store card 11 to the provider, the distribution card input means S5 inputs the provider number and the unique number into the input device 1.
Enter from 06. In the discrimination storage means S6, the URL is retrieved from the provider registration database 109 from the provider number, the discrimination data is retrieved from the card registration database 108 from the unique number C, and the authentication database 1
The determination data C and the URL are stored in 10 in association with each other.
At this time, the unique number C may be associated and stored at the same time. With this, the card type information device registered as the registration card becomes a distributed card. By such preparation, the department store card 11 necessary for browsing the file C, which is the browsing information of the C course exclusively for the department store, is obtained.

As a pre-transaction, the transaction between the provider and the purchaser will be explained. The department store, which is the provider, shows the purchaser an example catalog of gifts by course, divided by cost. When the buyer selects the F course, which has abundant seasonal foods, the department store card 1 is selected from multiple types of distributed cards such as for the C course.
Give 1 to the purchaser in exchange for money 10. As a temporary gift, the department store card 11 is sent from the purchaser to the user.

In FIGS. 13 and 14, as the post-transaction,
Explain the order of the product of the user and the provider. The user uses the home computer 22, activates a browser, inputs the URL of the administrator, receives the home page C from the server 31a, and displays it on the display device 22c. The authentication data identification program and the authentication data transmission program linked with it are received together with the file of the homepage C, and the authentication data identification data is activated. When the department store card 11 is inserted into the reading device 22b according to the instruction on the screen as shown in FIG. 15A, the contact terminal 203 and the contact terminal 2 are inserted.
When the contacts 12 come into contact with each other, the power and clock transmitted when the contacts 12 are transmitted from the transmission / reception circuit 202 to the control circuit 201, and the department store card 11 operates. The operation system (OS) stored in the ROM, the authentication data encryption program, the communication protocol program, etc. are driven, and EEPRO
The encrypted authentication data stored in M206 is further second-encrypted in the RAM 205, and the transmission / reception circuit 202
And output to the reading device 22b through the contact terminal 203.
This method is a transmission method that is generally used in non-contact IC cards and the like, and is likely to become popular.

On the home computer 22, the authentication data identification program that has already been received is activated. When data is input to the transmission / reception circuit 211, identification is performed by the authentication data identification program. When the authentication data C is identified, the authentication data transmission program is activated, and the authentication data C is transmitted from the modem 223 to the Internet 51. An information transmission path is established and transmitted to the transaction processing device 31. At this time, TELNET (TELecommun), which is a protocol for connecting to a remote information processing device and logging in.
The authentication data C may be transmitted by establishing a communication transmission line between the main body device 22a and the server 31a by using the (ICATION NETwork). Data transmission / reception using the Internet 51 is performed using the SSL protocol.

In FIGS. 13 and 14, the transaction processing device 31 receives the authentication data C in the authentication data reception S7. Upon reception, the processing management program is executed, and the processing area of the department store card 11 is created in the memory 104. The authentication data C is stored in the memory 104 from the transmission / reception unit 102, and the second encrypted authentication data C is decrypted by the authentication data decryption means S8 according to the decryption program in the internal storage unit 105 and further encrypted. The encrypted authentication data C is decrypted into a plain text. In the authentication data discriminating means S9, the authentication database 110 is searched and the plaintext authentication data C is collated with the discrimination data C to determine S10 of the discrimination result as to whether or not the authentication data can be discriminated.
It is possible to determine that they match, and if they do not match, the transaction is rejected S1
At 2, the URL of the transaction refusal file is transmitted to the user terminal 22 and the display is displayed on the display device 22c.

In FIG. 13 and FIG. 14, when the matching determination result is made in the determination result determination S10, the browsing destination specifying means S13 stores the URL in association with the searched determination data from the authentication database 110. The file C is specified and read into the memory 104. In the browse information requesting means S14, the URL is changed to the IP address and the file name, the information transmission path is established with the department store computer 41 using the IP address, and then the control circuit 101 transmits and receives the file name and the file request as packets. Part 103
To request file C. The browsing information transfer means S14 receives the received file C by the browsing information receiving function, executes the browsing information storage program, stores it in the internal storage unit 105 by the browsing information storage function, and executes the temporary browsing destination setting program. Then, the temporary URL is set in the stored file F by the temporary browsing information setting function, the temporary browsing destination transmission program is executed, and the temporary URL is transmitted to the home computer 22 by the temporary browsing destination transmission function. Home computer 22 is a temporary UR
By inputting L into the browser, the C course file C
Is displayed on the display device 22c. The file F may be transferred to the home computer 22 without using the temporary URL. It is displayed as shown in FIG. At this time, if the processing of the transaction processing device 31 is not in time, FIG.
A screen as shown in (b) is displayed. Processing may not be in time if there is congestion due to usage by multiple users and there is not enough memory 104 to process, when the number of processing managers exceeds the limit, when there is a problem with the communication transmission path, etc. is there. When the user changes the page S15, the new U received
Browse information search S by converting RL to IP address
Repeat from 13. When the user clicks on the screen of FIG. 16C, the page change S15 causes
(D) is displayed and browsing information is displayed. When the user browses FIG. 16D and inputs selection information such as the selected product selected by the input unit 225 and the delivery destination of the user, the selection information receiving unit S16 receives the selection information and the delivery destination data. To do.

13 and 14, the transaction information storage means S17 stores the selection information and the delivery destination data, and later proves the contents of the commodity transaction. The unique number is also stored if necessary. At the same time, the same selection information, unique number and delivery destination data are sent to the department store computer 41 to notify the provider. The department store stores these in the storage unit 41c and uses them for delivery of products. In the discrimination data erasing means S16,
The discrimination data and the browsing destination data are erased from the authentication database 110 and are not changed again. The overwrite function of this specification is used. At the same time, the processing area of the department store card 11 is also erased. The browsing destination data may be rewritten to the URL for browsing the selection information stored in the transaction information storage means S17, and the selection information selected by the user may be browsed.

After these processes are completed, the provider himself or a courier will later deliver the product 7 of the selection information to the user by using the name and address of the selection information. The provider receives and collects the A department store card 11 in exchange for the product 7. The delivery completion receiving means S15 notifies the administrator of the unique number of the collected department store card 11. The security is further enhanced by providing a means for authenticating the department store card 11 based on the authentication data at the time of exchange and authenticating the user for the second time and adding it to the transaction system. In particular, it is effective for delivering the product 7 when the user wants to be anonymous and the product 7 is delivered only by holding the department store card 11 by making the delivery destination a convenience store or the like.

A home computer 22 is shown in FIGS.
The configuration example of the screen displayed by the display device 22c of FIG. FIG. 15A shows a state in which a browser used by the home computer 22 to communicate on the Internet 51 is activated, and 501a is a URL text box for displaying the URL of the file being displayed. The screen 502a is a state where the home page of the administrator is displayed. When the user performs the authentication data receiving means, the screen 502b and the URL 501b in FIG. 15B are replaced. After the browsing information transfer means S14, the screen 502c and the URL 501c in FIG. 16C are automatically displayed. If the purchaser wishes to display the name, nickname, or message in the previous transaction, such a display may be made.

When the user finishes reading and clicks to make an input to proceed to the next page, the screen is changed by the page change S15 by the user, and browsing information like the screen 502d in FIG. It is displayed as a field 504 and a product field 505. Other products are also browsed by scrolling 506. As the browsing information, in addition to the products and the items of the services, descriptions and photographs of the products and services may be described, and any information that the user can easily select may be disclosed.
Further, it may include information such as a method of receiving goods and services, delivery time, and the like. You may add the information which assists a user's judgment by putting a photograph, an item, a purchaser's recommendation message, a provider's recommendation message, etc. in a goods column, respectively. When you click the product column 503, Fig. 17 (e)
The screen is changed to the screen 502e of the URL 501e, and there is a field for confirming the selected product 7 and for inputting information necessary for delivering the product 7. The information of the delivery destination is mainly the user's name, address, desired delivery date, and the like. If the user fills out his / her name and address to prevent leakage of personal information, he / she may choose to notify the convenience store or the like. When the selection information receiving means S16 is performed by the user, the screen 502f of the URL 501f of (f) is displayed, and a notice of commodity transaction, especially confirmation of commodity delivery is displayed. When the user further confirms the input, the transaction information storage means S17 for the transaction is performed, and the order for the product 7 is completed. The transaction is completed after receiving the commodity 7 at a later date.

Example 3 A purchaser pays money to an event company, and a user invites a plurality of concerts.
It is a trading system that selects the desired concert. This will be described with reference to FIGS. 3, 5, 6, 9, and 10. Further, FIG. 1 showing a configuration example of the display screen of the fixed telephone 23 operated by the user.
8 to 20. In this example, the case where the user selects the invitation of the concert will be described with reference to FIG. 5, and the event company card 12 is used instead of the ticket when the concert is held. As another example, when issuing and sending a ticket or the like from the provider to the user, the ticket may be sent as a product as in the first embodiment. The user uses the provisionally presented event company card 12 and the fixed-line telephone 23 connected to the Internet to make a reservation for the concert with reference to the browsing information stored in the event company server 42.

9 and 10 show examples of the configurations of the card type information device 1 and the user terminal 2. In FIG. 9, the event company card 12 is registered in the transaction processing device 31 as a distributed card, and the purchaser makes a temporary gift to the user. The event company card 12 includes a control circuit 301 and a transmission / reception circuit 30.
2, a non-contact type I including an antenna 303 and various memories
It is a C card. The control circuit 301 is a ROM 304 or RA
It is connected to the M305 or EEPROM 306 or built in the same chip. Although the configuration is almost the same as that of FIG. 5, the transmission / reception method is different for transmitting information in a contactless manner, and the programs such as the transmission / reception circuit 302 and the protocol used for transmission / reception are different from the department store card 11. Antenna 303 such as a coil is used because data input and output, power input, and clock input are performed using electromagnetic waves in the microwave band.
Have.

In FIG. 9, the event company card 12
Has a rewrite unit 307. Rewrite is a card provided with a rewrite recording section.As a reversible recording material, for example, an aliphatic dicarboxylic acid such as behenic acid is dispersed in a thermoplastic resin such as a cloudy polyvinyl chloride resin, followed by heating and cooling. It uses the phenomenon that the recording layer repeatedly turns cloudy and transparent, and is generally used for recording the number of points. By using the character string by rewriting to describe the unique number, it can be used for emergency, as a confirmation number when exchanging products, or used to enhance safety by collecting and rewriting after delivery of products. Is also good.

In FIG. 9, the fixed telephone 23 includes a main body 2
3a and a reading unit 23b. It may be an L-mode compatible telephone of NTT East Japan Co., Ltd. Reading unit 2
3b is composed of an antenna 312 used for data input / output, power input, and clock input, a power supply circuit 313, a clock generation circuit 314, and a switch 315 for starting data transmission / reception with an event company card. When the switch 315 is pressed to bring the event company card closer to about 10 cm, electric power and clock are transmitted from the antenna 303 to the transmission / reception circuit 302 and the control circuit 301 by the electromagnetic waves, and the event company card is activated by the program in the ROM. The authentication data D stored in the ROM is output and transmitted from the antenna 303 to the antenna 312 and the transmission / reception circuit 311. At this time, by pressing the switch 315, a program for requesting the authentication data D in the memory 328 is activated in the fixed telephone 23, and the event card 12 outputs the authentication data D according to this program. Establishment of transmission line, authentication data D
May be controlled. In FIG. 10, the main body 23
a is a telephone line communication circuit 322 and interface 323 for transmitting and receiving data from the telephone communication network 7 to the Internet 51, a display unit 324 such as a liquid crystal display, a microphone 325 used as a telephone, a speaker 326, an input unit 3
It may be configured with 27. Furthermore, the control circuit 3 that controls the configuration of the fixed telephone 23 and activates and executes programs and the like.
21. The memory 328 stores at least the following. A program that uses a protocol that communicates with the transaction processing device 31 or a protocol that communicates by encryption via the telephone communication network 7 and the Internet 51, an authentication data identification program, a browser startup program that is activated by the authentication data identification program, and a browser startup. For example, the authentication data transmission program started by the uploading program.

Transactions will be described with reference to FIG. The card type information device 1 is the event company card 12,
The user terminal 2 is the landline telephone 23, the transaction processing device 3 is the transaction processing device 31, and the provider terminal 4 is the event company server 42. Information for selecting a concert is browsing information. Regarding the previous transaction, the event company is a trader registered in the transaction processing device 3, and further URs the file D which is browsing information of the D course provided for gift giving.
Register with L. At the request of the provider, the manager sends the card type information device 1. When the purchaser selects the D course, the event company inputs the authentication data D of the card type information device 1 from the provider terminal 4 and registers the card type information device 1 as a distributed card. At this time, the discrimination data D and the URL are stored in the card type information device 1 by the discrimination storage means A7. Although it is easy to register as a distributed card by inputting the number of the rewrite unit 307 as a unique number, the authentication data D that is encrypted and is not easily leaked is used. Regarding the gift, the purchaser purchases the card type information device 1 from the event company and sends it to the user as a gift by mail or the like.

For post-transaction, the user reserves a service. The user terminal 2 is used. Switch 315 ON
10c of the card type information device 1 near the antenna 312.
When approaching m, power and clock are transmitted to the card type information device 1 through the wireless transmission path 2, and the OS stored in the ROM 304 is started up. Further, the authentication data D stored in the EEPROM 306 by the authentication data storage means A1.
However, the authentication data output means A2 operates the control circuit 301 to read it into the RAM 305, which is encrypted, modulated by the transmission / reception circuit 302, and output from the antenna 303. When the switch 315 is turned on, the authentication data identification program stored in the memory 328 of the user terminal 2 is simultaneously activated, and is output from the card type information device 1 and read by the reading unit 2.
3b and the memory 328 are read and processed, and the authentication data D
Identify. When the authentication data D is identified by the control circuit 321, a browser start-up program activated by the authentication data identification program is activated. Further, the card type information device 1 receives the authentication data D through the information transmission path between the telephone communication network 7 and the Internet 51, which is modulated by the telephone line communication circuit 322 by the authentication data transmission program activated by the browser start-up program. To do. The input authentication data D may have a code used for identification added to the beginning of the data. The card type information device 1 receives the authentication data D by the authentication data receiving means.

The authentication data D received by the card type information device 1 is received by the authentication data receiving means A8 and processed by the authentication data judging means A9 with the plural judging data D stored in the judging storage means A7. At the same time, the data is decrypted, and it is determined whether the authentication data is valid or not by matching with another part of the determination data D. When the authentication data D is discriminated, it is considered that the user has been authenticated, the browsing destination specifying unit A10 identifies the URL from the discrimination data D, and the browsing information requesting unit A11 stores the URL in the provider terminal 4.
Request the file D of the course from the provider terminal 4. The provider terminal 4 stores the file D in the browsing information storage unit A13, and the browsing information requesting unit A1 in the browsing information transmitting unit A14.
The file D is transmitted to the transaction processing apparatus according to the request of No. 1.
Further, the card type information device 1 transfers the file D to the user terminal 2 by the browsing information transfer means. User terminal 2
Displays the browsing information of the file D on the display 324. The user inputs one concert as the selection information D, and the card type information device 1 receives the selection information D by the selection information receiving means. The transaction information storage means stores the selection information D obtained by the selection information receiving means, the discrimination data used by the authentication data discriminating means A9, the reception time, the user registration number, etc., and is used as proof of the commodity transaction. Further, the selection information D and the discrimination data D are transmitted to the provider terminal 4 and stored in the entrance authentication computer operated by the provider. The user outputs the authentication data D from the card-type information device 1 at the beginning of the concert hall, authenticates the second user, and uses the determination data D to determine whether the entry is permitted. At this time, the provider needs an introduction device in addition to the user terminal 4, and needs to be connected by a LAN or the like. The entry device need only have a reading device 42d for inputting the authentication data D from the card type information device 1 similar to the reading unit 23b of FIG. When the user holds the card type information device 1 over the entry device, the door opens and the entry is permitted.

18 to 20 show examples of screen configurations of the display unit 324 of the user terminal 2 operated by the user. FIG.
(M) is the menu screen 602 a of the user terminal 2. When the user turns on the switch 315 and inputs the authentication data D, the authentication data receiving means A8 shown in FIG.
The screen 602b of (n) is displayed. When the authentication data is concealed by the user and the user is authenticated, the authentication data determination means is followed by A9. Further, the transaction processing device 31 displays the information of the file D after the browsing destination specifying unit A10 that identifies the file D, the browsing information requesting unit A11, the browsing information transferring unit A12, the browsing information receiving unit A5, and the browsing information displaying unit A6. Is changed to the screen 602d in FIG. 19 (p). At this time, after the authentication data discriminating means A9, FIG.
The file of the screen 602c of (o) may be transmitted and displayed. In FIG. 19P, the browsing information is displayed as a service column 603, a service column 604, and a service column 605, and the user browses other services by scrolling 606. When the user browses the browsing information and selects one concert, when the user selects the concert and clicks the service column 603, the selection information is input and the selection information is received.
The screen 602e of (q) is replaced. When the user inputs the name, the transaction information storage means is started and the screen 6 of FIG.
02f. Furthermore, when the user confirms the notes and inputs to agree, the reservation of the service ends after the transaction information storage means. Later, by going to the concert and presenting the event company card 12, the admission is permitted, and the post-transaction is completed.

Example 4 This example is a transaction system using a mobile phone. A description will be given centering on FIG. 23 with reference to FIGS. 3 and 11. It is a transaction system in which a purchaser pays money to a cyber shop and a user selects a desired service from invitations of various events. The user makes a reservation for entering the amusement park by using the tentatively gifted cyber shop card 13 and the mobile phone 24 connected to the Internet. Further, the cyber shop card 13 is used as a ticket. The cyber shop card 13 is the card type information device 1, the mobile phone 24 is the user terminal 2, the transaction processing device 45 is the transaction processing device 1, and the cyber shop server 45 is the provider terminal 4.

FIG. 23 shows a card 13 for a cyber shop to which a user has given a temporary gift, and a mobile phone 24 operated by the user.
And a transaction processing device 35 operated by an administrator, and a cyber shop server 45 operated by a provider. The transaction processing device 35 includes a www server 35a, an authentication server 35b, and an external storage device 35c. In addition to the server 45, the cyber store system includes an input computer 803, an entrance device 804, and a LAN 805. Cell phone 24
The transaction processing device 35 establishes the information transmission path using the wireless telephone communication network 8 including the wireless information transmission path 801 and the base station 802, and the Internet 51. The server 35 and the server 45 are connected by their own WAN and have established an information transmission line having a high transmission speed and a large transmission capacity using an optical fiber or the like.

FIG. 11 shows a configuration example of the cyber shop card 13 and the mobile phone 24. C cyber store card 1
3, a mobile phone 24, a C cyber shop card 13, and a wireless information transmission path 3 by sound waves between the mobile phone 24. C The cyber shop card 13 is registered in the authentication server 35b as a distributed card, and the discrimination data E
Is the card that the user purchased. This is a card type information device using a voice output IC card. The cyber shop card 13 includes at least a speaker 403 that outputs authentication data E, a transmission circuit 402 that drives the speaker to transmit data, a switch 404 that starts transmission of the authentication data E, a power supply circuit 405, and a clock generation circuit 406. A ROM 407, a RAM 408, and a control circuit 401 for controlling them.

Each memory is controlled by the control circuit 401 for processing such as reading, storing, erasing, and calculation. Control circuit 40
In No. 1, the power of the power supply circuit 405 and the clock signal of the clock generation circuit 406 are supplied when the switch 404 is turned on, and the device 1 operates. The authentication data E is stored in the ROM 407. The output of the authentication data E is read by the control circuit from the ROM 407 to the RAM 408 by pressing the switch 404, and is converted to voice data.
The drive circuit 402 drives the speaker 403 to output an audio frequency in the range of 5 kHz as a sound wave. The sound wave is received by the microphone 412 of the mobile phone 24. For example, as the audio frequency, data can be easily transmitted by using a DTMF signal or the like used in, for example, a touch-tone phone. In the DTMF signal, 1 is represented by combining two sine waves, 1209 Hz and 697 Hz. 16 other types of signals are transmitted by combining eight other types of sine waves of different frequencies. This method is a convenient transmission method which does not require a special reading device and may use the microphone of a fixed telephone or a mobile telephone, the microphone of a PDA or a notebook personal computer, and reduce the cost burden on the user. In this example, the authentication data E may be mainly transmitted. It is easy to record because it is a voice, but the authentication data E is changed for each output by a specified algorithm, or the clock function is added to the card-type information device 1 to set the time such as time, post-production time, and final authentication data transmission time. It may be combined with information and output to improve safety.

Besides, the IC tag 410 may be included, and the transmission circuit 202 and the contact terminal 203 of FIG. 7 having a configuration for outputting the authentication data E like an IC card by contact may be included. At this time, the input computer 803 for inputting the authentication data E when selling the cyber shop card 13 needs a configuration like the home computer 22 in FIG. By having two means for outputting the authentication data D, it is possible to support a plurality of reading devices and use the reading device that is easy for the provider and the user to use.

In addition, international publication "WO 00/2120"
3 "(Invention title" A Method to Us "
e Acoustic Signal for Com
The method of transmitting sound waves as described in "Putter Communications") may be used. For the transmission of the authentication data E by voice, the mobile phone 2c does not need a special configuration, and can be used if a fixed-line telephone at home or a small information processing device has a microphone. As the microphone 412, a condenser microphone, a conductive microphone, a moving coil microphone, a piezoelectric microphone, a ribbon microphone, or the like is used, but other microphones may be used as long as they receive sound. Fixed telephone 2 in FIG.
In b, the microphone 324 is used to establish a wireless information transmission path. The mobile phone 2c or the like includes a microphone 412, a reception circuit 413 for receiving sound waves, a wireless telephone communication circuit 414, a retrofit memory 415, a memory 416, a display unit 417, an input unit 41.
8 and an antenna 419. The memory 416 stores an authentication data identification program and an authentication data transmission program for analyzing and converting sound waves into data for identification. When the capacity is insufficient, the retrofit memory 415 may be used. With this configuration, the cyber shop card 13 to the mobile phone 24, the wireless telephone communication network 8 and the Internet 5 are connected.
An information transmission path to the transaction processing device 3 is established via 1. It is also possible to use the card type information device 1 which outputs similar authentication data by using a highly versatile audio microphone connector.

In FIG. 22, the transaction will be described focusing on the transaction processing device 35. The cyber shop is a trader registered in the transaction processing device 3h, and the file E, which is browsing information of the concert provided as a gift, is also registered at an arbitrary URL. The cyber shop card 13 has been sent in advance from the administrator. The cyber shop card 13 stores the discrimination data E in the transaction processing device 35.

Regarding the previous transaction, the purchaser purchases the cyber shop card 13 from the cyber shop by electronic commerce on the Internet. Purchaser C at cyber store
When the course is selected, the cyber shop inputs the authentication data E of the cyber shop card 13 from the input computer 803.
And the URL are entered, and the cyber shop card 13 is registered in the authentication server 35b as a distributed card. At this time, as the discrimination storage means A7, the discrimination data E specified by the authentication data E and the input URL are associated and stored in the certification server 35b. The C cyber shop card 13 is sent by the C cyber shop as a gift by mail or the like to the user on behalf of the purchaser.

Regarding the post-transaction, the user uses the mobile phone 24
Book a concert using. When the browser of the mobile phone 24 is activated, the authentication data identification program is executed, and when the switch 404 is pressed, the authentication data E is output as a sound wave from the speaker 403 to the microphone 412. An information transmission path is established from the mobile phone 24 to the wireless telephone communication network 8 and the Internet 51, and the server 35a is established.
Receives the authentication data E by the authentication data receiving means A8 and transfers it to the authentication server 35b.

The authentication data E received by the authentication server 35b is deciphered by the stored decryption program, processed by the authentication data discriminating means A9 with a plurality of discrimination data, and processed with the discrimination data E to be matched. It is determined whether the authentication data E is valid or not. When the authentication data E is discriminated, it is considered that the user has been authenticated, and the UR associated with the discrimination data E by the browsing destination specifying means A10.
The file E is specified from L, and the browsing information requesting means A11 receives the browsing information from the provider terminal. The browsing information transfer means A12 transmits the file E to the mobile phone 24. The mobile phone 24 receives the file E by the browsing information receiving means and displays it on the display unit 417. When the user inputs an amusement park entrance as selection information from the input unit 418, the selection information receiving means causes the server 35a to receive the selection information. Further, the selection information is stored in the external storage device 35c and stored by the transaction information storage means. The discrimination data E, the reservation completion date and time, and the URL of the mobile phone 24 are stored and used as proof of the merchandise transaction. If the individual is authenticated by other biometrics or the like, it is sufficient to store these as well, and the reliability is improved. Recording the URL and the telephone number of the mobile phone 24 is a simple but effective means for identifying the user.

Further, the selection information transmitting means sends the selection information, and at the same time, the discrimination data E is transmitted to the server 45.
On the day of the concert, the user inputs the authentication data E at the beginning of the concert venue, is discriminated by the discrimination data E, authenticates the user, and is permitted to enter. If a reader 806 such as the reader 22b of FIG. 7 is configured in the introductory device 804,
The user inserts the cyber shop card 13 into the entry device 804.
Then, the authentication data E is input from the IC tag 410, and the second user is authenticated. Further, the door opens and you are allowed to enter. This completes the post-transaction.

(Embodiment 5) In the authentication data F stored in the card type information device F which is a key ring, the browsing information F
As a result, receive music information, program information, and messages. The transaction system of this example includes a card type information device F, a user terminal F, a transaction processing device F, a provider terminal F, an information transmission line between the card type information device F and the user terminal F, and a user terminal F. The transaction processing device F and the provider terminal F each include an information transmission line that connects the network F. Figure 3
This example will be described using. The user uses the mobile phone for the user terminal F and connects the card type information device F to the microphone connector of the user terminal F. When the user presses the switch of the card type information device F, a communication program stored in the card type information device F is started, an information transmission path is established with the user terminal F, and the transaction processing device is further connected to the user terminal F. The information transmission path is established with F, and the authentication data F is output. The transaction processing device F receives the authentication data F by the authentication data receiving means A8. Further, the discrimination data F stored in advance in the discrimination storage means A7 is the received certification data F.
Then, the authentication data discriminating means A9 processes and authenticates the user whether or not the user has the right to browse the valid browsing information F. After the user is authenticated, the browsing destination specifying means A10 identifies the browsing destination data F by using the discrimination data F used for the discrimination, that is, the browsing destination in which the browsing information is stored.
In FIG. 3, the browsing information requesting means A11 and the browsing time information transferring means A12 of the transaction processing apparatus 3 receive the browsing information from the provider terminal 4, but in this example, the browsing information is obtained by another method.
The transaction processing device F of this example has a browsing destination data transmitting means for transmitting the browsing destination data F to the user terminal F, and the user terminal F uses the browsing destination data F to browse the browsing information F. Request directly to F and receive browsing information F. At this time, the user terminal F and the provider terminal F use the network F to establish the information transmission path F. The transaction processing device F not only transmits the browsing destination data F to the user terminal F, but also transmits / receives data proving that each is a valid communication partner, data of each IP address, and encrypted data. As described above, the common key or the data of each public key may be transmitted, and the data may be used to establish the information transmission path F and mediate the provision of the browsing information F from the provider to the user without leakage of information. The browsing destination data transmitting means transmits the browsing destination data F, the encryption key, etc. to the user terminal F or the card type information device F, and the user terminal F or the card type information device F encrypts the browsing destination data F or the encryption. By storing the key, the user may directly obtain the browsing information F from the provider terminal F without passing through the transaction processing apparatus F after the user is authenticated once or for a certain period of time. After browsing the browsing information F and selecting the transaction by the user,
The transaction processing device F acquires transaction information from the provider terminal F and the user terminal F, and uses the transaction information storage means to select the title of the song, the transaction time, the time at which the song can be heard, and the user terminal. The telephone number and IP address of F are stored and used as proof of subsequent transactions.

(Sixth Embodiment) The browsing information G is downloaded to the user terminal 4 by the transaction system similar to that shown in FIG.
The card type information device 1 is a card exclusively for members of a CD rental store. The browsing information G is a page exclusively for members.
It may include browsing information provided to each member separately. This transaction system not only provides browsing information to corporate members and corporations, but also by e-government, that is, the government and local governments provide the citizens with browsing information regarding specific resident issuance and tax payment documents. Available. The authentication data G stored in the IC tag of the card type information device 1 authenticates the user, and as the browsing information G, music information, privilege information, a message, music data, and a video corresponding to the number of times the user G has used the information. The data providing privilege is received from the provider G. The user G is a person who purchases the card type information device 1 that stores the encrypted authentication data G or a person who is lent from a CD rental store. The provider G is a CD
Companies such as rental stores. The manager G is a third-party organization that mediates the authentication of the user by the transaction processing device 3 using the authentication data G transmitted from the card type information device 1 and the provision of the browsing information of the provider. is there. The user G uses the home computer for the user terminal 2 and inserts it into the reading device provided in the user terminal 2 to output the authentication data G. At this time, the unique number G is also output. The card type information device 1 has a communication protocol and directly establishes an information transmission line G via the transaction processing device 3, the user terminal 2 and the network 5. The information transmission path at this time includes the information transmission path between the card type information device 1 and the user terminal 2 and the network 5.
Includes a telephone line and an information transmission line called a broadband called XDSL or FTTH. The user terminal 2 may be a television called a digital home appliance, a refrigerator, a home crime prevention device, or the like which will be used in the future.

The transaction processing device 3 stores the discrimination data G for discriminating the authentication data G in advance by the discrimination storage means A6. The discrimination data G has data necessary for decryption and data for collating the authentication data G in plain text with the authentication data. The transaction processing device 3 uses the authentication data receiving means A8.
When the authentication data G and the unique number G are received at, the authentication data determining unit A9, the browsing destination specifying unit A10, and the browsing information requesting unit A11 are subsequently executed. The authentication data receiving means A8 receives the authentication data G and the unique number G. The authentication data discriminating means A9 retrieves the discrimination data G from the database with the unique number G, processes it with the authentication data G, and performs decryption and collation. The browsing destination specifying unit A10 searches the database for the browsing destination data G indicating the browsing destination of the browsing information G from the discrimination data G. At this time, the browsing destination data G may be specified from the unique number G and the authentication data G. Further, the browsing information requesting means A11 requests the browsing information G from the provider terminal 4, receives the browsing information G, and transfers the browsing information G to the user terminal 2. Since the user has been authenticated by the authentication data determination means A9, the user terminal 2
The data proving the legitimacy of the provider terminal 4 is transmitted to the provider terminal 4 or the transaction processing device 3 has established an information transmission path with the provider terminal 4, so that the data proving the legitimacy of the provider terminal 4 is used by the user. It may be transmitted to the terminal 2. The transaction information may be obtained from each of the user terminal 2 and the provider terminal 4, and the transaction information storage means may store the trajectory of the transaction for proof at a later date.

[0092]

By using the transaction processing device of the present invention, it is possible to distribute card-type information devices, which are difficult to forge, between the provider, the purchaser, and the user, and to forge the voucher and leak the password. Prevent and improve the security of the provider against unauthorized use. By using a transaction processing device in which the user determines the browsing information using the card-type information device to which the provisional gift was given, the user who received the gift can automate the troublesome work in the electronic transaction, which is convenient. Improve sex.
Further, by using such a transaction processing device, when the user uses the card type information device supplied by various kinds of providers, it is sufficient to connect to a specific homepage and input the authentication data. The operation procedure is unified and automated, such as displaying browsing information only by itself, and it is highly convenient and corresponds to the diversification of trading systems. Further, the post-transaction is digitized to eliminate the limitation of the convenience of the catalog, or only the post-transaction is digitized to cope with the diversification. Further, by using the card type information device, the purchaser can freely hand over to the user, send it by a simple envelope, or have a degree of freedom to make a temporary gift, which improves convenience. Further, in order to provide browsing information via the transaction processing device, the transaction processing device can act as a firewall to prevent hacking such as cyber terrorism and computer virus infection, and improve the security for the provider terminal. it can.

As an effect of the first and second embodiments, by automatically displaying the information necessary for ordering goods and reserving services to the user, it is necessary for the user to be donated without performing complicated work. Get convenient browsing information and improve convenience. After delivery of the merchandise, the data for discrimination is erased by the overwrite function of this specification to clarify that the card-type information device has been used and secure the storage capacity of the transaction processing device. The transaction processing device certifies the transaction by storing at least one of the selection information of the product ordered by the user or the reserved service, the authentication data, the unique number, the user's personal information or the transaction time. Information is prevented from being leaked by encrypting and transmitting data between the user terminal, the transaction processing device, and the provider terminal. Use encrypted authentication data to prevent information leakage and prevent unauthorized use. By selecting the amount of money while looking at the catalog of product examples at the store, etc., it is possible to prevent the user from easily knowing the amount of money given by a gift, rather than the method of selecting the amount of money on the network. The user can easily provide the user with a highly convenient gift giving system, and if the card type information device 1 is tentatively gifted to recover the cost, the risk of collection can be reduced. By adding a unique number to the card-type information device in addition to the authentication data, it can be used for management of the card-type information device, start of the discriminating storage device, simple authentication at the time of product delivery and service provision, and diversification. Correspond.

Further, since the purchaser gives the card type information device, the customer satisfaction is obtained and the price is cheaper than the feeling that the item is given. Further, since the browsing information stored in the user terminal is disclosed to the user about the products and services on the network, new products and services are introduced to the browsing information, frequently rewritten, and temporarily in large quantities at a low cost. It is very convenient to introduce products that have been successfully purchased. Further, the user has a high degree of freedom because he or she selects a product or service from a plurality of items. There is no need to enter a password with an input device to authenticate the user, and the desired product can be selected from the browsing information automatically displayed on the user terminal 2. Convenience without worrying about getting lost or annoying Is high. The purchaser can add a degree of freedom to the gifts within the purchase amount of the card-type information device to give a gift, and does not bother the user who uses the gift, thus promoting the purchase.
By sending the browsing information data from the provider terminal to the user terminal via the transaction processing device, leakage of the browsing information becomes difficult and safety is improved. By having a browsing information storage function, a temporary browsing destination setting function, and a temporary browsing destination transmission function, it is possible to prevent unauthorized use of the provider, improve safety, and make the provider anonymous to the provider. Is kept to prevent leakage of user's personal information.

As an effect of the third embodiment, the authentication data identification function is stored in the user terminal in advance, the user terminal is started and the browsing information is automatically displayed by using the authentication data output from the card type information device. However, the convenience is improved by reducing the annoyance of the user as much as possible. Even if a user uses a plurality of card type information devices 1, desired information can be easily browsed and convenience is improved. The convenience is improved by automatically displaying the browsing information on the user terminal when the user presses the input button. The user terminal or card-type information device has authentication data identification means, and after inputting the authentication data, establishes an information transmission path to a specific transaction processing device, thereby establishing a correspondence between the user terminal and the card-type information device. Security by increasing the evidence that the user has used the authentication data or by restricting the authentication data from being used by other organizations.

As an effect of the fourth embodiment, the convenience of ordering products and reserving services by using a mobile phone or the like is improved. When the user presses the input button of the card type information device, the browsing information is automatically displayed on the user terminal, thereby improving the convenience of the user.

The effect of the fifth embodiment is that the user terminal receives the browsing information directly from the provider terminal, so that the transaction processing device can reduce the burden of transferring the browsing information and save the processing capacity. And so on. The user terminal or the card type information device stores the browsing data and the encryption key, so that the user directly browses from the provider terminal without authenticating the user or through the transaction processing device for a certain period of time. The transaction processing apparatus can reduce the burden of transferring the browsing information and save the processing capacity.

[Brief description of drawings]

FIG. 1 is a conceptual diagram of a transaction system of the present invention.

FIG. 2 is a first configuration example of the transaction system of the present invention.

FIG. 3 is a relation of each means of the trading system of the present invention.

FIG. 4 is a main content of communication between the devices of the present invention.

FIG. 5 is a second configuration example of the transaction system of the present invention.

FIG. 6 is a configuration example of a transaction processing apparatus of the present invention.

FIG. 7 is a first view of the card type information device and the user terminal of the present invention.
It is a configuration example of.

FIG. 8 is a first configuration example of the user terminal of the present invention.

FIG. 9 is a second configuration example of the card type information device and the reading device of the present invention.

FIG. 10 is a second configuration example of the user terminal of the present invention.

FIG. 11 is a third configuration example of the card type information device and the user terminal of the present invention.

FIG. 12 is a flowchart during transaction preparation showing an operation example of the transaction processing apparatus of the present invention.

FIG. 13 is a flowchart during a transaction showing an operation example of the transaction processing apparatus of the present invention.

FIG. 14 is an example of the relation of each means of the transaction processing apparatus of the present invention.

FIG. 15 is a first configuration example of a transaction screen operated by a user of the present invention.

FIG. 16 is a second configuration example of a transaction screen operated by the user of the present invention.

FIG. 17 is a third configuration example of a transaction screen operated by the user of the present invention.

FIG. 18 is a fourth configuration example of the transaction screen operated by the user of the present invention.

FIG. 19 is a fifth configuration example of the transaction screen operated by the user of the present invention.

FIG. 20 is a sixth configuration example of the transaction screen operated by the user of the present invention.

FIG. 21 is an example of a packet structure.

FIG. 22 is an example of a URL structure.

FIG. 23 is a third configuration example of the transaction system of the present invention.

[Explanation of symbols]

1 card type information device 2 user terminal 3 Transaction processing equipment 4 Provider terminal 5 network 6 Information transmission path 7 products A1 authentication data storage means A2 authentication data output means A3 Authentication data input means A4 authentication data transmission means A5 Browsing information receiving means A6 browsing information display means A7 discrimination storage means A8 Authentication data receiving means A9 Authentication data discrimination means A10 Browse destination identification means A11 Browsing information requesting means A12 Browsing information transfer means A13 Browsing information storage means A14 Browsing information transmission means

─────────────────────────────────────────────────── ─── Continuation of front page (51) Int.Cl. ⁷ Identification code FI theme code (reference) G06K 17/00 G06K 17/00 T 19/00 19/00 Q 19/10 R

Claims (22)

[Claims] 1. A transaction processing device, which is connected via a network to a user terminal operated by a user and a provider terminal operated by a plurality of providers, respectively, and operated by an administrator. Discrimination data used for discriminating authentication data unique to each and the browsing data for identifying browsing information in association with each other, and the authentication data from the card type information device via the user terminal. Authentication data receiving means for receiving, and authentication data determining means for processing and determining the authentication data with the determination data,
A transaction processing apparatus comprising: a browsing destination identifying unit that identifies the browsing information from browsing destination data stored in the discrimination storage unit according to a discrimination result of the authentication data discriminating unit. 2. A browsing information requesting unit for requesting the browsing information stored in the provider terminal by the browsing destination specifying unit, and a browsing for transferring the browsing information requested by the browsing information requesting unit to the user terminal. The transaction processing apparatus according to claim 1, further comprising an information transfer unit. 3. The browsing information transfer means includes a browsing information receiving function for receiving the browsing information requested by the browsing information requesting means, and a browsing information storing function for storing the browsing information received by the browsing information receiving function. A temporary browsing destination setting function for setting temporary browsing destination data in the browsing information stored by the browsing information storage function; a temporary browsing destination transmitting function for transmitting the temporary browsing destination data to the user terminal; The transaction processing device according to claim 2, further comprising a browsing information transfer function for transmitting browsing information stored in the browsing information storage function in response to a request. 4. The browsing destination data transmitting means for transmitting the browsing destination data specified by the browsing destination specifying means to the user terminal, the browsing being obtained by the user terminal by the browsing destination data transmitting means. The transaction processing apparatus according to claim 1, wherein the browsing information is obtained by using destination data. 5. The transaction processing apparatus according to claim 1, wherein the discrimination storage means has an overwrite function of re-storing or erasing the discrimination data and the browsing destination data to be stored. 6. A product or service selection information selected by the user from the browsing information, the authentication data, the discrimination data, a unique number unique to the card type information device, a product or service providing location, or a time. The transaction processing apparatus according to claim 1, further comprising transaction information storage means for storing at least one of the information. 7. A decrypting means for decrypting the received data and an encrypting means for encrypting the data to be transmitted, and between the user terminal and the provider terminal. The transaction processing device according to claim 1, wherein communication is performed using encrypted data. 8. The selection information of a product or service selected by the user from the browsing information, the authentication data, the discrimination data, a unique number unique to the card type information device, a location where the product or service is provided, or a time. The transaction processing apparatus according to claim 1, further comprising selection information transfer means for transmitting at least one of the information to the provider terminal. 9. In a method of providing information necessary for ordering a desired product or reserving a service, data for discrimination for discriminating authentication data stored uniquely for each card type information device and an item of the product or service. And a second step in which the user who has obtained the card type information device inputs the authentication data, and a first step of storing the browsing information including the A third step of judging the authentication data input in the second step using the judgment data stored in the first step, and the judgment data used for the judgment after the judgment of the third step and the third step. Information having a fourth step of identifying a browsing destination from the browsing destination data stored in the first stage and a fifth step of displaying browsing information of the browsing destination identified by the fourth stage How to provide. 10. In a transaction system for ordering goods or reserving services, a card type information device obtained by a user, a user terminal operated by the user, the card type information device and the user terminal. The wireless, wired or contact information transmission path, a provider terminal operated by a provider, and a transaction processing device connected to the user terminal and the provider terminal via a network. The type information device has an authentication data storage unit that stores authentication data unique to the card type information device, and an authentication data output unit that outputs the authentication data to a user terminal, and the user terminal is the Authentication data input means for inputting the authentication data obtained from the authentication data output means, and authentication data transmission for transmitting the authentication data input by the authentication data input means to the transaction processing device. Means and a browsing information receiving means for receiving browsing information from the transaction processing device, wherein the transaction processing device comprises discrimination data used for discriminating the authentication data, and browsing destination data for identifying the browsing information. Are stored in association with each other, the authentication data receiving means for receiving the authentication data transmitted by the authentication data transmitting means, and the authentication data received by the authentication data receiving means are stored in the data storing means. An authentication data discriminating means for processing and discriminating the discrimination data; a browsing destination identifying means for identifying the provider end from the browsing destination data stored in the discrimination storage means based on the discrimination result of the authentication data discriminating means The browsing information requesting unit for requesting the browsing information specified by the browsing destination specifying unit, and the browsing information received from the browsing information requesting unit for the user Browsing information transfer means for transferring the browsing information to the end, and the provider terminal stores browsing information in the browsing information storage means, and browsing information stored in the browsing information storage means at the request of the browsing information requesting means. And a browsing information transmitting means for transmitting the browsing information to the transaction processing device, and the browsing information to be displayed at the end of the user is determined by the card type information device. 11. The card type information device has an input button for operating the authentication data input means, and when a user presses the input button, browsing information of goods or services is displayed on the user terminal. The trading system according to claim 10, wherein: 12. The transaction system according to claim 10, wherein the card type information device has a unique number that is the same as or different from the authentication data. 13. The transaction processing device has a database in which a plurality of discrimination data are registered in advance, and by inputting the unique number, the discrimination data stored in the discrimination storage means is searched based on the database. 13. A discriminative data retrieval function for performing the discrimination is provided.
Trading system described in. 14. The transaction processing device comprises a product delivery permission unit that permits delivery of a product or provision of a service by inputting the unique number.
The transaction system described in 2. 15. The transaction system according to claim 10, wherein the authentication data input means has an authentication data identification function for identifying the input authentication data, and inputs the identified authentication data. 16. The transaction according to claim 10, wherein the user terminal has browsing information display means for displaying browsing information, and displays the browsing information received by the browsing information receiving means. system. 17. The user terminal, the selection information input unit for inputting selection information selecting a desired product or service from the browsing information received by the user from the browsing information receiving unit, and the transaction of the selection information. 11. The transaction system according to claim 10, further comprising selection information transmitting means for transmitting to the processing device. 18. The transaction processing device, selection information of a product or service selected by a user from the browsing information, the authentication data, the discrimination data, a unique number unique to the card type information device, a product or service. 11. The transaction system according to claim 10, further comprising a transaction information storage unit that stores at least one of a provision location of the item and time information. 19. The transaction system according to claim 10, wherein the authentication data storage means stores the authentication data in an encrypted form. 20. The card type information device has an encryption means for encrypting the authentication data, and the encrypted authentication data is input to the user terminal by the authentication data output means. The trading system according to claim 10. 21. The transaction processing device has a decryption unit for decrypting the encrypted authentication data, and the authentication data determination unit determines the authentication data after decryption. The trading system according to claim 19 or claim 20. 22. The user terminal, the provider terminal, and the transaction processing device have data encryption means and data decryption means, and the network is between the user terminal and the transaction processing device. 22. The transaction system according to claim 10, wherein encrypted communication is performed between the provider terminal and the transaction processing device.