JP2004310654A - Service acceptance device, service request device and memory device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a service acceptance/request device allowing a larger number of service acceptance applicants to apply acceptance of service. <P>SOLUTION: First, a service acceptance applicant (1, 2) transmits a part of data produced at the time of service acceptance to a service provision company (3, 4, 5) by service acceptance end time to apply temporary acceptance of the service. Thereafter, the service acceptance applicant (1, 2) transmits, to the service provision company, the rest of the data which have not been transmitted, and the service provision company receiving them executes an actual acceptance process. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

[0001]
TECHNICAL FIELD OF THE INVENTION
The present invention relates to a service reception system.
[0002]
[Prior art]
As a conventional service reception device, for example, a service reception device based on a ticket reservation system using a telephone is known (see Patent Document 1).
[0003]
FIG. 16 shows the entire structure of a conventional service receiving apparatus, and the configuration will be described below. An exchange 7 is connected to the public telephone network 6, and a ticket reservation center is connected to the exchange 7. Further, a telephone 8 used by the ticket reservation person 9 is connected to the public telephone network 6. The ticket reservation center includes a connection device 11 connected to the exchange 7, a ticket reservation server 12 connected to the connection device 11, a telephone 13 connected to the connection device 11, and a database server 14 connected to the ticket reservation server 12. , A ticket reservation server 12, a database server 14, and a terminal device 15 connected to the database server 14. The terminal device 15 and the telephone set 13 are arranged at a desk of a business operator 5 who performs a ticket accepting operation, and are used by the operator 5.
[0004]
An operation for executing a ticket purchase from the above components will be described below.
[0005]
The reservation person 9 applies for a ticket by telephone via the telephone 8. Then, when the ticket reservation server 12 is connected, the ticket reservation server 12 sends a message to the reservation person by saying a telephone number by voice or the like recorded in advance. When the reservation person 9 completes the registration of his / her telephone number in the database server 14 in accordance with the instruction, the connection with the reservation center is disconnected. After the connection is cut off, the ticket reservation server 12 searches the database server 14 and makes a callback to the telephone number of the ticket reservation person 9 who made the reservation application in the order of registration. When the connection with the reservation person 9 is established, the connection is changed to the telephone 3 and the actual reservation procedure is performed via the operator 10.
[0006]
[Patent Document 1]
JP-A-2002-366696 (pages 1-4, FIG. 1)
[0007]
[Problems to be solved by the invention]
However, the conventional technology has the following problems.
[0008]
In the prior art, when a service reception end time is determined, such as in a voting betting ticket, it is very difficult to apply the service immediately before the end of the service reception. This is because, if there is a limit on the service reception end time, access to the service provider's server will increase near the end of the service reception, which may cause users to be unable to receive the service within the time limit Would. If the number of services is not limited, not being able to accept users will not only disappoint users, but also reduce the sales of companies that provide services, and consequently the profits will decrease. Will lead to
[0009]
In addition, if the service is just started or immediately before the end of the reception, even if the service can be received, the access to the server of the service provider increases, the load on the server increases, and the processing speed decreases. turn into. This not only causes discomfort to the users waiting for the service procedure, but also increases the access, the server may go down, the system itself may not function, and the user may not be able to perform the service procedure. obtain. Therefore, when the load on the server becomes large immediately after the start of the reception of the service or immediately before the deadline of the reception, measures must be taken to reduce the load on one server, and the processing speed of the service procedure must be increased.
[0010]
It is an object of the present invention to provide a service reception / request device that allows more service reception applicants to receive a service.
[0011]
[Means for Solving the Problems]
In order to solve the problem in the conventional service reception device described above, the present invention solves the problem as follows.
[0012]
In the present invention, when a service is provided to a service provider, the procedure of receiving the service is performed twice. First, the service reception applicant transmits a part of the service reception information generated at the time of service reception to the service providing company by the service reception end time, and temporarily receives the service. Then, the service provider receiving the data issues an identifier for identifying the received data by the service provider, and sends it back to the source of the data just received. After receiving the identifier from the service provider, the reception applicant adds the identifier to at least the service reception information that was not transmitted earlier and transmits the information to the service provider, and the service provider receiving the information performs the actual reception processing. do.
[0013]
If the provisional reception is completed by the service reception deadline, the service provider can perform the actual reception processing even after the reception of the service is completed, so that more applicants can be received. . In addition, since the provisional reception of the service and the actual reception processing are performed separately, it is possible to distribute the load applied to the server peak even when the service reception is not immediately before the deadline, and the load on the server at the peak can be reduced. .
[0014]
BEST MODE FOR CARRYING OUT THE INVENTION
FIG. 1 is a block diagram showing a service reception system of the present invention. Reference numeral 1 denotes an information communication terminal in which a user performs service reception processing. Reference numeral 2 denotes a storage device that stores data required for service reception and includes an arithmetic unit. Conventionally, the service reception processing is performed on the information terminal. However, in the present invention, in order to enhance security, processing related to security such as data reading / writing and data encryption is performed by, for example, an IC provided with arithmetic means. It is performed on the storage device 2 called a card. Reference numeral 3 denotes a signature receiving device that receives an electronic signature of service reception data transmitted first and issues an identifier for identifying a user. The first data sent is not only an electronic signature, but also a part of the service reception data such as information necessary for the ticket such as the amount and number of tickets, and a data such as a personal ID by which the service provider can identify the sender. Other data may be included. Reference numeral 4 denotes a main body receiving apparatus for receiving data obtained by encrypting service reception data transmitted after receiving an electronic signature, an electronic signature and an identifier of the reception. Reference numeral 5 denotes a data inquiry device that searches for information having the same identifier from data transmitted first and data transmitted next, compares their electronic signatures, and performs an actual reception process. The data inquiry device 5 and the signature reception device 3 are connected to each other, and the data inquiry device 5 and the main body reception device 4 are connected to each other. The user connects to the signature reception device 3 and the main body reception device 4 via the information communication terminal 1. The information communication terminal 1 includes storage device connecting means, and the storage device 2 is connected to this portion for use.
[0015]
In the service receiving apparatus of the present invention configured as described above, voting betting ticket purchase will be described below as an example, and its operation will be described.
[0016]
FIG. 2 shows the configuration of the information communication terminal 1, which includes a data communication unit 11 for transmitting and receiving data to and from a service provider, an input unit 12 serving as an intermediary for a user to perform a reception process, and a storage device. 2 and a display means 14 for displaying information necessary for reception.
[0017]
FIG. 3 shows the configuration of the storage device 2, including an arithmetic processing unit 21 for performing data arithmetic processing, a TRM which is a tamper-resistant area, and a non-tamper-resistant secure flash for securely storing the contained data. And a normal flash unit 24 which is non-tamper resistant. Hereinafter, in this embodiment, tamper resistance means physical tamper resistance. The TRM includes an arithmetic unit 21 for performing arithmetic processing and a storage unit 22 for storing data. The secure flash unit is physically the same as a normal flash unit, but access to data contained therein is not performed. It cannot be performed without the operation processing means 21 inside the TRM, and cannot be directly accessed from the terminal.
[0018]
FIG. 14 shows the operation of data communication between the terminal and the storage device 2. In FIG. 14, the control unit controls writing and reading of data from the external terminal. Normal data access of the flash unit in the flash unit can be performed as it is from the external terminal via the control unit. However, data access to the TRM internal storage unit in the TRM and the secure flash unit of the flash unit is not available. After passing through the control unit, the access cannot be made unless the CPU of the TRM is authenticated. Since authentication of the CPU inside the TRM requires personal authentication of the storage device using a PIN or the like, unauthorized access from outside to the data in the TRM internal storage means or the secure flash unit is extremely difficult. It can be stored under the condition that the confidentiality of the data is guaranteed as compared with the copy. Further, the secure flash unit can store larger data than the TRM internal storage unit.
[0019]
In the secure flash unit 23, voting data, which is data of a betting ticket of a betting ticket purchased by the user, personal data by which the service provider recognizes the user, a public key of the service provider distributed to the user by the service provider, Contains the private key of the individual for generating the digital signature. The personal data is for the service provider to recognize the user, and may be any user ID and password issued by the service provider, or any other information that allows the service provider to uniquely identify the user, such as the user's name, address, and telephone. Absent. It is also possible to include an application for estimating a winning horse betting ticket in the secure flash unit 23, including an algorithm of an individual's own prediction, to assist the user in estimating. The normal flash unit 24 includes data referred to when a user purchases a betting ticket, and stores data on race odds, data on racehorses, data on races, and the like. It also includes an application used to purchase voting tickets.
[0020]
In addition, the data included in the normal flash unit 24 may share data normally included in the storage medium of the personal computer, such as music data, image data, video data, and data used by software. Further, these data may be included in the secure flash unit 23.
[0021]
The signature receiving device 3 receives the electronic signature of the data (hereinafter, referred to as service reception data) representing the reception information of the service sent from the user, the total amount of the betting ticket, and the user ID, and adds the reception number, The service provider issues an identifier for identifying the received data such as an ID. This identifier is used when retrieving data sent from the same user from data sent later and data sent first. Then, the identifier is returned to the user who transmitted the data, and the identifier and the electronic signature are transmitted to the data reference device.
[0022]
The main body receiving device 4 receives the service reception data, the electronic signature, and the identifier sent from the user after the transmission of the electronic signature, and sends the data to the data inquiry device 5.
[0023]
The data inquiry device 5 receives the electronic signature, the total amount of the voting ticket, the user ID and the identifier sent from the signature receiving device 3, and the main body data, the electronic signature and the identifier sent from the main body receiving device 6. And store those data. Then, data sent from the same user is searched based on the identifier, the digital signatures are compared, and if the data has not been tampered with, service acceptance processing is performed. FIG. 4 shows an example of the internal structure of the data inquiry device 5.
[0024]
The operation of one embodiment of the present invention will be described below with reference to the flowchart of FIG.
[0025]
First, the user registers with the service provider in advance personal information such as name, address, telephone number, etc., as well as the method of paying the account, such as the account number and credit card number to which the fee is to be paid, and the public key of the user, etc. The personal ID for voting and the public key of the service provider are obtained from the company by mail, Internet mail, or the like, and are stored in the flash unit inside the storage device 2.
[0026]
Next, the user obtains information such as odds data, racehorse data, and race data, if necessary, through information terminals such as mobile phones and personal computers, and broadcasts, in addition to the applications necessary for accepting votes. , Is stored in the storage device 2. If registration has been completed with the service providing company, it is also possible to obtain the personal ID and the public key of the service providing company at this time. Here, it is preferable that the public key and the personal ID of the service provider be stored in the secure flash unit 23 of the storage device as much as possible, but the other items may be stored in the secure flash unit 23 or the normal flash unit 24. These can also be stored in storage means included in the TRM (S10). Although the storage device 2 used in this embodiment is shown in FIG. 3, a storage device applicable to this embodiment, including the storage device of this embodiment, is shown in FIG.
[0027]
FIG. 15A is a diagram of the storage device of the present embodiment, but other storage devices such as those of FIG. 15B and FIG. In the storage device of FIG. 15B, the present embodiment can be realized by storing various data necessary for accepting a vote in the TRM internal storage means inside the TRM. FIG. 15C is similar to the storage device used in this embodiment, but has a structure in which a secure flash unit is not provided inside the flash memory. In this case, the present embodiment can be realized by storing various data necessary for accepting a vote separately in a flash memory, a TRM internal storage unit in the TRM, or both. However, in consideration of data confidentiality, it is preferable to store all necessary data in the TRM internal storage means in the TRM if possible.
[0028]
Here, the user may transfer the storage device 2 to a mobile information communication terminal having storage device connection means such as a mobile phone if necessary. Then, the user first performs user identification using a PIN or biometric information on the information communication terminal in order to identify the owner of the storage device 2. After the identification is correctly performed and the owner of the storage device 2 is confirmed, the user can access the data in the secure flash unit 23 of the storage device 2. When the user authentication is completed, a series of processes on the user side in the future will be performed on the storage device 2 except for operations using the information communication terminal as an intermediary, such as communication, user input operations, and screen output. (S11).
[0029]
Here, in order to start access to the data included in the secure flash unit 23 first, personal authentication is performed, but information such as password input is combined before starting processing for accepting a service. The security of the service reception process is increased. Further, an embodiment in which when a part of the secure flash unit is accessed, input of a password or a PIN is required.
[0030]
When the personal authentication of the user of the card is normally completed and the secure flash unit 23 can be accessed, an application for service acceptance is started, and a menu screen as shown in FIG. Displayed through. Further, although the menu is displayed here, if what is to be accepted is determined in advance, the operation may immediately proceed to the accepting work without going through the menu screen (S12).
[0031]
Hereinafter, the three processes of voting ticket purchase, voting ticket correction / cancellation, and data reference will be described.
[0032]
First, a process for purchasing a betting ticket will be described. The user makes selections in the order of the date, place, and race number of the betting ticket to be purchased. Next, a purchase type such as a winning type, a winning type, a horse type or the like is selected, and a combination is input. Finally, the number is entered and one voting ticket is purchased. When one voting ticket purchase input operation is completed, the voting data stored in the secure flash unit 23 of the storage device 2 is updated. Then, when the voting data as shown in FIG. 7 is displayed on the display means 14 of the information communication terminal 1 and the user confirms, the work of purchasing one betting ticket is completed (the display will be described at the time of the data reference processing). I do). If the purchase is to be continued, the process returns to S12, and if the purchase is to be ended, the process proceeds to S18 (S13 to S17). FIG. 8 shows an example of the data format of the voting data.
[0033]
Further, in the format of FIG. 8, if the date, location, race number, and format are the same, those data can be omitted and only different data can be followed. The data area is variable for the combination and the number of copies, but for the combination, the service provider prepares a database and prepares the database of the combination in the flash area of the storage device 2, in an external storage area, or on a paper basis. Then, by inputting the number of the corresponding combination, it is possible to reduce the area used for the combination.
[0034]
As for the number of sheets, the area used for the number of sheets can be reduced by using a purchase format in a unit such as a unit of 10 sheets, a unit of 50 sheets, and a unit of 100 sheets. In addition, the service provider creates a database for the venues, race numbers, formats, and the like that are frequently used by the user, and prepares and uses the database in the flash area of the storage device 2, in an external storage area, or on a paper basis. By doing so, it is possible to reduce the data of the betting ticket. In addition, a purchase method of making a prediction by putting software for predicting a winning horse in the storage device 2 and purchasing a betting ticket can also be performed.
[0035]
In the present embodiment, the menu screen is returned every time one betting ticket purchase process is completed. However, in the case of continuing purchase, an example in which the purchase operation is performed continuously without returning to the menu screen can also be performed. It is. In this embodiment, the data at the time of voting is also updated each time one betting ticket purchase process is completed. However, the data is stored in a volatile memory such as a RAM or in a flash area in advance, and later. An embodiment in which voting data included in the storage device 2 is updated collectively is also possible. Further, the configuration diagram of the voting data is not limited to that shown in FIG. 8, but may be a configuration content used independently by the service providing company.
[0036]
Next, a process in the case of correcting and canceling a voting ticket will be described. When the correction / cancellation of the betting ticket is selected, a correction screen of the vote list as shown in FIG. 9 is displayed on the display means 14 of the information communication terminal 1. Then, the user selects a betting ticket to be changed, and performs change processing such as deletion and modification of the betting ticket. When the correction input operation for one betting ticket is completed, the voting data stored in the secure flash unit 23 of the storage device 2 is updated. Then, when the voting data as shown in FIG. 7 is displayed on the display means 14 of the information communication terminal 1 and the user confirms, the work of correcting one betting ticket is completed. If the process is still to be performed, the process returns to S12. If the process is to be ended, the process proceeds to S18 (S15, S14, S16, S17).
[0037]
In this embodiment, the data is updated each time one correction process is completed. However, the data is stored in a volatile memory such as a RAM or in a flash area in advance, and is collectively collected later. An embodiment in which the voting data included in the storage device 2 is updated is also possible.
[0038]
Next, processing in the case of data reference will be described. When the user selects the data reference, a screen as shown in FIG. 7 is displayed on the display unit 14 of the information communication terminal 1.
Then, on this screen, the user makes an inquiry for desired data and confirms the data, and then the process ends. If the process is still to be performed, the process returns to S12. If the process is to be completed, the process proceeds to S18. The same procedure is followed when terminating.
[0039]
In addition, in this embodiment, when confirming the vote list, the data of the odds data, the horse weight, and the data up to the previous run can be referred to. However, these data can be entered in the menu screen and can be referred to during any processing. Such an embodiment is also possible.
[0040]
In addition, these reference data are not limited to the above-mentioned data, and may be other data which is useful for voting, such as racetrack data, horse racing news, and irrelevant to voting such as advertisements and stocks. But it doesn't matter. When confirming the vote list, the betting ticket may be modified without returning to the menu screen.
[0041]
If the user has completed the processing of purchasing a betting ticket and has a purchased betting ticket, the total amount of the betting ticket is calculated. The service reception data as shown in FIG. 10A transmitted by the service providing company to the service providing company from the terminal-related information specifying the data transmission source and the voting ticket data indicating the combination of the total amount and the purchase ticket calculated above. Create Here, in the present embodiment, for example, an 8-digit user ID issued from a service provider consisting of AZ, az, and 0-9 is considered as terminal-related information. The terminal-related information is not limited to the user ID, but may be an ID assigned to the terminal or the storage device. In addition, these IDs are not limited to the above-described format, and may be other formats. When these IDs are created, security can be enhanced by using a method such as combining numbers and letters at random.
[0042]
Next, a session key is created with the service provider. Then, a hash of the created service reception data is created, and an electronic signature is created using the private key of the individual.
Then, the first data is created by adding the terminal-related information described above and the total amount of the betting ticket to prevent cancellation or cancellation after the user has started the betting ticket. The electronic signature created just now is added to the first data to generate and transmit signature related information. FIG. 11 shows a configuration diagram of the signature related information. Then, the signature-related information is transmitted, and when the transmission is completed, the electronic signature is discarded. The signature-related information is encrypted with the session key. In order to accept a vote, these data must be delivered to the service provider by the deadline for acceptance (S18, S19).
[0043]
In this embodiment, the session key is first created, and the total amount and the terminal-related information are encrypted with the session key. However, the session key is not generated, but is encrypted with the public key of the service provider. Examples are also possible. In addition, an embodiment in which a hash itself or a hash is encrypted with a session key or a public key of a service providing company and transmitted instead of an electronic signature is also possible. Although the user ID has eight digits, as the ID for identifying the user has a larger number of digits, the probability that the hash values overlap will decrease. Therefore, it is preferable that the number of digits be as large as possible without having to worry about the size of the data. Street). By incorporating a random number into the service reception data, the probability of hash collision further decreases. Also, as shown in FIG. 10B, by incorporating a random number at the beginning of the service reception data, it is possible to prevent decryption using a selective plaintext attack by analogy of the data format.
[0044]
When the signature receiving device 3 receives the signature-related information from the user within the service reception time, the signature receiving device 3 creates an identifier for identifying the data just received and the data of the same user sent later. Then, the identifier is encrypted with the session key generated earlier and transmitted to the user's terminal, while the data just received is decrypted, if necessary, and transmitted to the data inquiry device 5 together with the identifier. Then, if necessary, the data inquiry device 5 performs a billing process based on the information included in the signature-related information just received. (S20).
[0045]
Further, in this embodiment, when comparing two data, the identifier issued by the service provider is used, but instead of the identifier, the two data are compared from the caller number of the user's mobile phone, or An embodiment in which the comparison is performed from the IP address of the terminal of the sender is also possible. When the digital signature is received for the first time, it is also possible to roughly classify the data on the basis of the IP address or the like in advance in the data inquiry server, thereby reducing the time required for the search. In this embodiment, the data transmitted from the same user is searched by searching for the identifier. However, personal data transmitted without using the identifier is compared, and the data transmitted from the same user is searched. Is also possible. In this case, this step (S20) becomes unnecessary. This identifier can be used as an inquiry number of a voting ticket purchaser, in addition to the data search performed by the service provider.
[0046]
When the identifier is sent from the signature receiving device 3, service reception data as shown in FIG. 10A is created as in the previous case, and an electronic signature is created for the data. Then, the voting data of the betting ticket, which is the second information, the electronic signature just created, the terminal-related information described above, the total amount, and the received identifier are added to generate main body-related information.
[0047]
FIG. 12 shows a configuration diagram of the main body related information. Then, the main body related information is encrypted with the session key and transmitted to the main body transmission device 4 of the service providing company immediately before the start. Then, the session key and the electronic signature are destroyed (S21). If a random number is used when creating a digital signature in S19, it is necessary to store the random number and use the random number for generating a digital signature. If the identifier is not compounded, the encryption need not be performed again.
[0048]
When the main body related information is sent to the main body receiving device 4 immediately before the start, the device 4 transmits the data to the data inquiry device 5. At this time, a decoding process may be performed if necessary. Data sent after that is treated as canceled. If the data is not decrypted in the data inquiry device 5, decryption is performed. Otherwise, the same identifier received via the signature receiving device 3 is used based on the identifier included in the received main body related information. Search for data that you have. A pair having the same identifier is found, the digital signatures are compared, and if they are the same, the data inquiry device 5 performs a service accepting process such as an odds calculation / charging process on the service accepting data included in the main body related information. I do. If the electronic signatures are not the same, it means that the data has been falsified.
[0049]
In the present embodiment, the main body-related information includes not only the second information and the electronic signature but also the first information. However, the first information is already included in the signature-related information. Since the information is already transmitted (already transmitted), it does not have to be included in the main body related information. Also, since the signature-related information is information for completing the provisional reception of the service, the first information is the smallest in the service reception information generated by the execution of the service, and the second information is If the service reception information is other than the first information, the load such as data transmission can be further reduced.
[0050]
Also, the processing target after the electronic signature becomes compatible with the data inquiry device is the first information, the second information, or the first information and the second information in various cases. However, it is sufficient to process only the first information or the second information, depending on which of the first information and the second information is the service reception information, The processing cannot be performed unless both the first information and the second information are used, and the processing can be freely determined according to the service operator's request.
[0051]
In the present embodiment, the signature receiving device 3, the main body receiving device 4, and the data inquiry device 5 are separated. However, all or any combination thereof may be the same device. 1 and the storage device 2 may be integrated. Further, the same session key is used between the user and the data receiving device at the time of the first data transmission and the next data transmission, but the session key may be created and used at each step.
[0052]
Further, in this embodiment, in order to purchase a voting ticket, registration must be made in advance with a service provider, but a prepaid ticket, electronic money, or the like may be stored in a storage device for billing. For example, a user who has not registered with the service provider can purchase a voting ticket. Although this embodiment is an example of voting ticket purchase, embodiments such as auction bidding, numbered ticket distribution, lottery, and offline shopping are also possible.
[0053]
In addition, by following the procedure of sending an electronic signature first and not accepting the process, storing a shopping catalog etc. instead of the voting ticket application enables offline shopping with no time limit and posting format of questionnaire. By storing the information, an embodiment such as a questionnaire can be performed.
[0054]
Although the embodiment in which the deadline for service reception is limited has been described, the present invention is also applicable to a case in which a service reception start time is determined. In addition, an embodiment in which the present invention is applied only when the load on the server increases when receiving a service is possible.
[0055]
Although a mobile communication terminal such as a mobile phone has been described as an information communication terminal, the information communication terminal is not limited to a mobile communication terminal, and a fixed terminal such as a personal computer can be used in this embodiment. In the present invention, the storage device is detachable, but a non-detachable device provided in advance in the information communication terminal may be used.
[0056]
Also, when receiving a service online using a mobile information communication terminal such as a mobile phone, it is necessary to communicate with the server every time processing using confidential information is performed. However, such confidential information is obtained by using a medium other than a mobile information communication terminal such as an information terminal such as a personal computer or a broadcast, and stored in a removable storage device in advance, and then stored. By transferring the device to the information communication terminal and applying the present invention, the number of times of connection to the server of the service provider can be reduced even in online shopping. In the present invention, the connection to the server of the service providing company is made only when the service reception data is transmitted, and the service execution work is performed by executing the service reception application stored in the storage device. This is because it is not necessary to connect to the server of the sales company for one process.
[0057]
FIG. 13 shows an example of data transmission of service reception online. Here, only data sent from the user terminal is considered, and it is assumed that data A to F need to be sent to receive a service. When the present invention is not applied, it can be seen that the same data has been transmitted for the data A of the first transmission and the second transmission and the data B of the first transmission and the third transmission. Some use one packet relatively efficiently, while others do not. On the other hand, when data is transmitted using the present invention, none of the same data is transmitted, and it can be seen that one packet is used more efficiently than when the present invention is not applied. Also, it can be seen that the number of transmissions is smaller than when no transmission is applied. From this, it is also possible to say that when the service is received by applying the present invention, the communication fee is reduced as compared with the case where the service is not applied.
[0058]
Further, according to the present invention, since the service reception processing is performed off-line, the work of input processing of reception in a place where radio waves cannot reach such as underground becomes possible.
[0059]
【The invention's effect】
In the present invention, first, a part of the service reception information generated at the time of service execution is transmitted to the service providing company, and the provisional reception is completed. By using a method in which the provider company performs the reception process, it is possible to receive more applicants' reception requests. In addition, since the provisional reception of the service and the actual reception processing are performed separately, by applying this method, it is possible to distribute the load applied at the peak of the server even when the service reception is not closed immediately. Server load can also be reduced.
[Brief description of the drawings]
FIG. 1 is a diagram illustrating the configuration of an apparatus according to the present invention.
FIG. 2 is an explanatory diagram of an information communication terminal.
FIG. 3 is an explanatory diagram of a storage device.
FIG. 4 is an explanatory diagram of a data inquiry server.
FIG. 5 is a flowchart illustrating a processing process according to an embodiment of the present invention.
FIG. 6 is a menu screen diagram according to the embodiment of the present invention.
FIG. 7 is a configuration diagram of voting data according to the embodiment of the present invention.
FIG. 8 is a screen view of a vote list according to the embodiment of the present invention.
FIG. 9 is a view showing a screen for canceling a vote list according to the embodiment of the present invention.
FIG. 10 is a configuration diagram of service reception data according to the embodiment of the present invention, and a configuration diagram including a hash in the service reception data.
FIG. 11 is a configuration diagram of signature related information according to the embodiment of the present invention.
FIG. 12 is a configuration diagram of main body related information according to the embodiment of the present invention.
FIG. 13 shows an example of data transmission.
FIG. 14 is an explanatory diagram of a data communication operation between a terminal and a storage device.
FIG. 15 is a diagram of a storage device applicable to the present invention.
FIG. 16 is a diagram illustrating the configuration of a conventional service receiving apparatus.
[Explanation of symbols]
1 Information communication terminal of the present invention
11 Data communication means of information communication terminal
12 Input means of information communication terminal
13. Storage device connection means of information communication terminal
14 Information communication terminal display means
2 Storage device of the present invention
21 Arithmetic processing means inside TRM of storage device
22 Storage means inside TRM of storage device
23 Secure Flash Unit of Storage Device
24 Normal flash part of storage device
3. Signature receiving apparatus of the present invention
4. Body receiving device of the present invention
5. Data inquiry device of the present invention
6. Public telephone network of the prior invention
7. Switch of the prior invention
8 Telephone on the reservation side of conventional invention
9 Reservant of conventional invention
10 Operators of Conventional Invention
11 Connection device of conventional invention
12. Ticket reservation server of conventional invention
13. Telephone on the reservation center side of the conventional invention
14 Database server of conventional invention
15. Terminal device on the reservation center side of the conventional invention

Claims (11)

Signature receiving means for receiving the first information and the second information as a set of information, receiving an electronic signature for the set of information, and signature-related information including the first information;
Thereafter, main body information receiving means for receiving main body related information including at least the second information and the electronic signature,
Determines the compatibility between the electronic signature included in the signature-related information and the electronic signature included in the body-related information, and if so, at least data for processing the first information or the second information A service reception device comprising: an inquiry unit. The signature receiving means generates an identifier when receiving the signature-related information, sends the identifier to the source of the signature-related information, sends the signature-related information and the identifier to the data inquiry means,
The main body information receiving means then receives the main body related information with the identifier added from the transmission source, sends the information to the data inquiry means,
2. The service according to claim 1, wherein the data inquiry means searches information having the same identifier from the identifiers sent from the signature receiving means and the main body receiving means, and if there is the same identifier, determines the suitability of the electronic signature. Reception device. The first information is information that identifies the sender, or
A part of the reception information of the service generated at the time of execution of the service for the service reception device at the transmission source and information for identifying the transmission source,
2. The service reception device according to claim 1, wherein the second information includes information not included in at least the first information among the reception information of the service. Service execution means for executing a predetermined application for performing necessary processing for an arbitrary service;
Communication means for transmitting and receiving data according to instructions from the service execution means;
Signature generation means for generating an electronic signature according to an instruction from the service execution means,
The service execution means generates first information and second information,
The signature generation means sets the first information and the second information as a set of information, generates an electronic signature for the set of information,
The communication means sends signature-related information including the electronic signature and the first information,
Thereafter, the service requesting apparatus sends at least the main body related information including the second information and the electronic signature. 5. The service request apparatus according to claim 4, wherein the communication means receives the identifier returned in response to the transmission of the signature-related information, and transmits the main body-related information with the identifier added thereto. The first information is related information related to the service request device, or
A part of the reception information of the service generated by the application executed by the service execution means and the related information,
5. The service request device according to claim 4, wherein the second information includes at least information not included in the first information among the reception information of the service. A first memory that is a tamper-resistant storage area that does not allow access without authentication of the service execution means,
A second memory that is a non-tamper-resistant storage area that does not allow access without authentication of the service execution means;
A third memory which is a storage area accessible without authentication of the service execution means,
5. The service request device according to claim 4, wherein the service execution unit stores at least one of the first information, the second information, and the signature information in the second memory. A memory device fixedly or detachably connected to communication equipment,
Service execution means for executing a predetermined application for performing necessary processing for an arbitrary service;
Communication means for controlling transmission and reception of data via communication equipment;
Signature generation means for generating an electronic signature,
The service execution means generates the first information and the second information,
The signature generation means sets the first information and the second information as a set of information, generates an electronic signature for the set of information,
The communication means instructs the communication device to transmit signature-related information including the first information and the electronic signature,
Thereafter, a memory device that instructs to transmit body-related information including at least the second information and the electronic signature. 9. The memory device according to claim 8, wherein the communication unit instructs the identifier returned in response to the transmission of the signature-related information to be added to the body-related information and transmitted. The first information is related information about the communication device or the memory device, or
A part of the reception information of the service generated by the application executed by the service execution means and the related information,
9. The memory device according to claim 8, wherein the second information includes information not included in at least the first information among the reception information of the service. A first memory that is a tamper-resistant storage area that does not allow access from a communication device without authentication of a service execution unit,
A second memory, which is a non-tamper-resistant storage area that does not allow access from the communication device without authentication of the service execution unit,
A third memory which is a storage area accessible from the communication device without authentication of the service execution means,
9. The memory device according to claim 8, wherein the service execution means stores at least one of the first information, the second information, and the signature information in the second memory.

Images