JP2005141404A - Financial transaction method and system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To improve the convenience of a user at the time of using remote banking in a store, and to promote task efficiency in the store by promoting its use. <P>SOLUTION: A card reader 23 for reading a cash card of a customer is connected to a terminal 22, and connected through a network to a remote service relevant processing server 21. The remote service relevant processing server 21 is connected to a customer database 14 and a remote service customer database 15 or the like, and configured to execute remote service relevant processing in response to a transaction request from the terminal 22. The remote service relevant processing server 21 is connected to a cash card relevant processing server 25, and the cash card relevant processing server 25 is connected to a cash card password database 26 or the like, and configured to execute processing in response to a processing request from the remote service relevant processing server 21, and to return the result to the remote service relevant processing server 21. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a financial transaction method and system, and more particularly to a financial transaction method and system using different authentication methods.

  Conventionally, certain financial transactions in transactions with financial institutions are performed using a computer device such as a remote computer without visiting the store, generally remote banking, net banking, or farming A transaction system called banking has been proposed (this type of transaction is hereinafter referred to as remote banking or remote service). In this remote banking system, a host computer that performs processing on the financial institution side and a user terminal are connected online, whereby a predetermined transaction is provided from the financial institution. That is, a desired transaction request is transmitted online from the user terminal together with information necessary for the transaction, and the host computer that has received the request executes a predetermined transaction and transmits a necessary response to the user terminal.

  In recent years, with the development of network technology and the spread of the Internet, the user terminal has become an open architecture such as a personal computer, and the network has also used the Internet, so users can conduct transactions related to their own trading accounts remotely outside the store. Requests are made from a personal computer to a financial institution server using the Internet, and the server processes transactions using various databases. For this reason, ensuring security in remote banking systems has become more important, and an authentication method using a cash card and a personal identification number in a transaction using, for example, an ATM (automated teller machine), which has been performed in a conventional financial institution, A one-time password / one-time pass card system, which is a different authentication method, has been proposed separately (for example, see Patent Document 1).

  FIG. 1 is a diagram showing an outline of a conventional remote banking system. The customer 11 connects to a host bank server via a network such as the Internet through a personal computer 12 installed in a home or office or a portable notebook personal computer 12 to receive a service. Specifically, a desired service related to the account held by the customer 11 is transmitted from the above-mentioned personal computer or the like to the remote service related processing server 13 in the bank server, and information related to the password is extracted from the customer information included in the transmitted request. The Thereafter, based on the password information stored in the remote service customer database 15, authentication is performed by the remote service authentication unit 16 using the extracted information, and if the authentication is successful, the actual transaction is performed by the remote service unit 17. Is called.

  On the other hand, as a part of improving business efficiency at financial institution stores, many transactions normally provided in stores can be processed by the above-mentioned remote banking system. Needs to provide services are emerging. In other words, customers who come to the store using the terminal in the store can not only reduce the queue in the store but also make use of the electronic transaction base built by remote banking. This eliminates the waste of re-entering the system and further increases operational efficiency.

JP-A-8-227397

  However, since the remote banking system of the prior art employs a unique authentication system strengthened as described above, a card for authentication in an environment where a user normally uses net banking, for example, at work or at home. In many cases, customers who come to the store with a note that has a password or PIN number recorded, and even if a remote banking system is registered, it cannot actually be used in the store. There's a problem. In addition, the net banking system is designed to ensure security even if the client device is used in a user environment where the bank clerk cannot reach, but conversely user authentication is excessive when used in a store. There is a problem of burden.

  The present invention has been made in view of such problems, and the object of the present invention is to improve the convenience of the user when using remote banking in the store and to promote the use thereof in the store. It is to provide a financial transaction method and system that promotes business efficiency improvement.

  In order to achieve the above object, the present invention provides a financial transaction system comprising a transaction account database for storing information on a predetermined transaction account, and a first computer device. A first transaction processing means for executing a predetermined transaction using a transaction account database in response to a transmitted transaction request for a predetermined transaction account, and a first password for storing first password information When the database and the first computer request a transaction from the first transaction processing means, the first password information stored in the first password database is referred to based on the password information included in the transaction request. The first authentication means for determining whether or not to execute the transaction of the first transaction processing means by authenticating the user having a predetermined transaction account, and transmitted from the second computer device Second transaction processing means for executing a predetermined transaction using a transaction account database in response to a transaction request for a predetermined transaction account, and a second password database for storing second password information And when the second computer device requests a transaction from the second transaction processing means, referring to the second password information stored in the second password database based on the password information included in the transaction request. And a second authentication unit that authenticates a user having a predetermined transaction account and determines whether to execute the transaction of the second transaction processing unit, and is different from the second computer unit. When a transaction request for a transaction predetermined by the second transaction processing unit for a predetermined transaction account is transmitted from the first authentication unit to the second transaction processing unit, Performing authentication of the user with, and judging whether to execute a trade of the second transaction processing means.

  According to a second aspect of the present invention, in the financial transaction system according to the first aspect, a transaction request from a computer device different from the second computer device is received, and the password information included in the transaction request is the first authentication. In the case of the password information used by the means, an authentication processing means for causing the first authentication means to perform authentication is further provided.

  According to a third aspect of the present invention, in the financial transaction system according to the first or second aspect, the first transaction processing means executes a transaction for automatic deposit and payment for a predetermined transaction account, and the first computer apparatus Is an automated teller machine that conducts transactions related to deposits and payments, the second transaction processing means executes online transactions for a predetermined transaction account via a network, and the second computer device is remotely connected via the network. The client device transmits a transaction request from the ground to the second transaction processing means.

  According to a fourth aspect of the present invention, in the financial transaction system according to the first, second, or third aspect, the second personal identification database includes a plurality of personal identification information for a predetermined transaction account, and the second authentication means includes a plurality of personal identification information. By authenticating each of the personal identification information in combination, authentication is performed using a plurality of authentication levels in stages, and the second transaction processing means has transaction contents that can be traded according to each of the plurality of authentication levels. It is characterized by executing a plurality of different transactions.

  According to a fifth aspect of the present invention, in the financial transaction system according to any one of the first to fourth aspects, the first authentication information is information included in a cash card and a cash card password.

  Invention of Claim 6 is a financial transaction method, Comprising: In the financial transaction system of Claim 5, the computer apparatus different from a 2nd computer apparatus is a client apparatus installed in the shop, The first computer device and the client device include cash card reading means for reading information contained in the cash card.

  The invention according to claim 7 is a financial transaction method, the step of storing information of a predetermined transaction account in a transaction account database, and the predetermined transaction transmitted from the first computer device by the first transaction processing means. A first transaction processing step for executing a predetermined transaction using the transaction account database in response to a transaction request for the transaction account, and storing first password information in the first password database; The first authentication means stores the first password stored in the first password database based on the password information included in the transaction request when the first computer device requests a transaction from the first transaction processing means. A first authentication step of authenticating a user having a predetermined transaction account by referring to the personal identification information and determining whether or not to execute the transaction of the first transaction processing means; A second transaction processing step for executing a predetermined transaction using a transaction account database in response to a transaction request for the predetermined transaction account transmitted from the second computer device by the second transaction processing means; , Storing the second password information in the second password database, and when the second computer device requests a transaction from the second transaction processing means by the second authentication means, the transaction request is included in the transaction request. Whether or not to execute the transaction of the second transaction processing means by authenticating the user having a predetermined transaction account by referring to the second password information stored in the second password database based on the password information A second authentication step for determining whether or not a second transaction processor for a predetermined transaction account from a computer device different from the second computer device to a second transaction processor When a transaction request for a predetermined transaction is transmitted in step 1, a user having a predetermined transaction account is authenticated by the first authentication unit to determine whether or not to execute the transaction of the second transaction processing unit And a step of performing.

  The invention according to claim 8 is the financial transaction method according to claim 7, wherein the authentication processing means receives a transaction request from a computer device different from the second computer device, and the password information included in the transaction request. Is the password information used by the first authenticating means, further comprising an authentication processing step for causing the first authenticating means to perform authentication.

  According to a ninth aspect of the present invention, in the financial transaction method according to the seventh or eighth aspect, the first transaction processing step executes a transaction for automatic deposit and payment for a predetermined transaction account, and the first computer apparatus Is an automated teller machine that conducts transactions related to deposit and payment, and the second transaction processing step executes online transaction for a predetermined transaction account via the network, and the second computer device is remotely connected via the network. The client device transmits a transaction request from the ground to the second transaction processing means.

  According to a tenth aspect of the present invention, in the financial transaction method according to the seventh, eighth, or ninth aspect, the second personal identification database includes a plurality of personal identification information for the predetermined transaction account, and the second authentication step includes: Authentication is performed using a plurality of authentication levels in stages by performing authentication by combining each of a plurality of password information, and the second transaction processing step is a transaction content that can be traded according to each of the plurality of authentication levels. A plurality of different transactions are executed.

  The invention according to claim 11 is the financial transaction method according to any one of claims 7 to 10, wherein the first authentication information is information contained in a cash card and a cash card password.

  The invention according to claim 12 is a program for causing a computer to execute the process, storing information on a predetermined transaction account in a transaction account database, and a first transaction processing means from a first computer device. In response to the transmitted transaction request for the predetermined transaction account, a first transaction processing step of executing a predetermined transaction using the transaction account database, and first password information in the first password database When the first computer device requests a transaction from the first transaction processing means by the first authenticating means, the information is stored in the first password database based on the password information included in the transaction request. Whether or not to execute the transaction of the first transaction processing means by authenticating the user having the predetermined transaction account by referring to the first password information A predetermined transaction using a transaction account database in response to a transaction request for a predetermined transaction account transmitted from the second computer device by the first authentication step to be determined and the second transaction processing means; A second transaction processing step for executing the step, a step for storing the second personal identification information in the second personal identification database, and a second authentication means for causing the second computer device to conduct a transaction with the second transaction processing means. When requesting, a user having a predetermined transaction account is authenticated by referring to the second password information stored in the second password database based on the password information included in the transaction request, A second authentication step for determining whether or not to execute the transaction of the transaction processing means, and a predetermined transaction from the computer device different from the second computer device to the second transaction processing means. When transmitting a transaction request for a predetermined transaction in the second transaction processing means for the account, the first authentication means authenticates the user who has a predetermined transaction account, and the transaction of the second transaction processing means And a step of determining whether to execute or not.

  As described above, according to the present invention, the first transaction processing means for executing a predetermined transaction corresponding to the transaction request for the predetermined transaction account transmitted from the first computer device, A first authentication unit that performs authentication when the first computer device requests a transaction from the first transaction processing unit and determines whether or not to execute the transaction of the first transaction processing unit; A second transaction processing means for executing a predetermined transaction in response to a transaction request for the predetermined transaction account transmitted from the computer apparatus, and the second computer apparatus performs a transaction with the second transaction processing means. Second authentication means for determining whether or not to execute the transaction of the second transaction processing means by performing authentication when requesting the second transaction processing means from a computer device different from the second computer device. To transaction processing means When transmitting a transaction request for a predetermined transaction by the second transaction processing means for a fixed transaction account, the first authentication means authenticates a user having a predetermined transaction account, and the second transaction processing It is possible to improve the convenience of the user when using remote banking in the store, and to improve the business efficiency in the store by promoting the use. It is possible to provide a financial transaction method and system to be achieved.

(First embodiment)
Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.
FIG. 2 is a block diagram showing an embodiment according to the present invention. In this embodiment, the system is roughly divided into an in-store system including the terminal 22 and the card reader 23 and a bank server including the remote service related processing server 21 and the cash card related processing server 25. In the present embodiment, the remote service related processing server 21 further includes a remote service authentication unit 16 and a remote service unit 17, and the cash card related processing server 25 includes a cash card service authentication unit 27 and a cash card service unit 28, respectively. However, a configuration in which some or all of these functions are supplied by another server or another device may be employed.

  Here, the bank server itself can be installed in an actual store, or can be installed in another place, for example, a management center that manages each store. Further, the cash card information can be included in the cash card in the form of a magnetic stripe or IC chip of the cash card, and the card reader 23 is adapted to read the information at that time.

  In the conventional remote service, the customer is connected to a network from a computer such as a desktop personal computer installed at home or office or a portable notebook personal computer, that is, a second computer device. In the embodiment, the transaction is performed using the terminal 22 in the store which is a computer device different from the second computer device. In the conventional remote service, the user authentication is performed by the remote service authentication unit 16 as the second authentication means with reference to the remote service customer database 15 as the second password database. Furthermore, the conventional automated teller transaction using the cash card is performed by the ATM which is the first computer device, and the card reader is usually built in the ATM. In the present embodiment, a card reader 23 is provided as the card reading device.

  A card reader 23 for reading the customer's cash card is connected to the terminal 22 and is connected to the remote service related processing server 21 via the network. The terminal 22 is usually a personal computer having a network connection function and an input / output interface with a customer, but may be another computer having a function for achieving the object of the present invention or a dedicated input / output device. The card reader 23 is usually built in the housing of the terminal 22 in consideration of security, but is not limited to this, and is connected externally through an interface such as a USB, or any method such as wireless connection or LAN connection. Can also be connected.

  The remote service related processing server 21 is connected to the customer database 14 and the remote service customer database 15 which are transaction account databases, accesses these databases as appropriate, and processes related to the remote service in response to a transaction request from the terminal 22. I do. The remote service related processing server 21 is further connected to a cash card related processing server 25 which is a first authentication means. In this embodiment, the cash card related processing server 25 performs authentication when receiving a service using ATM or the like by the cash card service authentication unit 27 as the first authentication means, and when the authentication is successful. Similarly, the cash card service unit 28, which is the first transaction processing means, performs service processing using ATM or the like.

  The cash card service authentication unit 27 refers to the cash card password database 26, which is the first password database, and performs processing in response to a processing request from the remote service related processing server 21, and the result is the remote service related processing server. Return to 21.

  Next, the processing of this embodiment will be described with reference to FIG. FIG. 3 is a diagram illustrating a flowchart of processing according to the present embodiment. When the customer 11 who has visited the store operates the terminal 22, inserts a cash card into the card reader 23 and enters a personal identification number, and the transaction is started, the information on the cash card is first read into the card reader 23 and the cash is read. The card information is transmitted to the remote service related processing server 21 via the Internet together with the transaction start request (S31). When the remote service related processing server 21 receives the cash card information, it is determined whether or not the format of the sent information is the format of the cash card information (S32). If so, the process proceeds to the next process.

  The next process is a conversion process for authenticating the received cash card information, which is performed by converting the cash card information into the store number, subject, and account number in the cash card related processing server 25 (S33). If the result is confirmed with reference to the cash card password database 26 and is authenticated, the process proceeds to the next process. If not authenticated, the process is terminated (S34). In this embodiment, after converting the cash card information as described above, the authentication is performed by confirming, but the authentication can also be performed by using another known technique using the cash card.

  When the cash card password is authenticated, the result is returned to the remote service related processing server 21, and the customer database 14 is referred to and it is confirmed whether or not the authenticated customer is a contractor of the remote service contract. (S35, S36).

  As described above, the customer who visits the store and desires a remote service transaction is authenticated by the cash card information, and if authenticated, the remote service unit 17 performs remote service processing. In the present embodiment, Further, it is confirmed whether the customer is valid in the remote service contract, that is, there is no accident or transaction stoppage (S37, S38), and after confirming the safety of the transaction, the actual transaction is processed (S39). ). In this case, the remote service related processing server 21 refers to the remote service customer database 15 to read information about the customer who requested the transaction, and confirms the safety of such transaction.

  FIG. 4 is a diagram illustrating an example of an initial screen displayed on the terminal in the present embodiment. As shown in FIG. 4, when performing a transaction for remote banking in the present embodiment, the customer first inserts a cash card into the card reader of the terminal and follows the instructions on the screen as shown in FIG. Input. If the customer is authenticated by the host through the above operation, the transaction is started.

(Second Embodiment)
A service provided in conventional remote banking has a plurality of security levels corresponding to the confidentiality thereof, and a plurality of authentication methods are applied in a superimposed manner in order to receive each level of service. For example, referring to FIG. 5, in this embodiment, there are three security levels, which are level 1, 2 and 3, respectively. As a result, the customer is authenticated. For the level 2 service, authentication is performed using the second password in addition to the authentication method used for the level 1, and for the level 3 service, authentication is further performed using the third password.

  An authentication method corresponding to the application of such a superimposed password is also considered in this embodiment, and will be described with reference to FIG. FIG. 5 is a diagram showing a correspondence table between service contents and authentication methods at each level of the present embodiment. In this embodiment, services corresponding to levels 1 and 2 out of the remote banking security level outside the store authenticate customers by using the above-described cash card and cash card password.

  On the other hand, in the service corresponding to level 3, in addition to the cash card and the cash card password, the customer is authenticated by confirming the public certificate. Here, the confirmation of the official certificate is performed by a staff member of the financial institution at the counter using one of the predetermined identity verification materials, as in the case of conventional storefront operations.

  FIG. 6 is a diagram illustrating an example of a screen on which a financial institution staff confirms a public certificate and inputs a result in the present embodiment. In the present embodiment, the staff uses the terminal used by the customer as it is, but it is also possible to adopt a configuration in which the work proceeds with another terminal for the staff.

  As described above, a service with a high security level that approves the provision of a service with a plurality of passwords in the conventional remote banking can be authenticated using the in-store characteristics.

It is the schematic which shows the remote banking system concerning the background art of this invention. It is a block diagram which shows one Embodiment concerning this invention. It is a figure which shows the flowchart of the process of this embodiment. It is a figure which shows an example of the concrete display image of the display part of the terminal device in a store concerning one Embodiment of this invention. It is a figure which shows the correspondence table | surface with the service content and authentication method in each level of this embodiment. It is a figure which shows an example of the concrete display image of the display part of the terminal device in a store concerning one Embodiment of this invention.

Explanation of symbols

11 Customer 12 Personal computer 13, 21 Remote service related processing server 14 Customer database 15 Remote service customer database 16 Remote service authentication unit 17 Remote service unit 22 Terminal 23 Card reader 25 Cash card related processing server 26 Cash card password database 27 Cash card service authentication Part 28 Cash Card Service Department

Claims (12)

A trading account database that stores information about a given trading account;
A first transaction processing means for executing a predetermined transaction using the transaction account database in response to a transaction request for the predetermined transaction account transmitted from the first computer device;
A first password database for storing first password information;
When the first computer device requests a transaction from the first transaction processing means, the first password information stored in the first password database is referred to based on the password information included in the transaction request. Authenticating a user having the predetermined transaction account to determine whether to execute the transaction of the first transaction processing unit, and
A second transaction processing means for executing a predetermined transaction using the transaction account database in response to a transaction request for the predetermined transaction account transmitted from a second computer device;
A second password database for storing second password information;
When the second computer device requests the second transaction processing means to make a transaction, the second computer device refers to the second password information stored in the second password database based on the password information included in the transaction request. A second authenticating unit that authenticates a user having the predetermined transaction account to determine whether to execute the transaction of the second transaction processing unit, and
When transmitting a transaction request for a transaction predetermined by the second transaction processing unit for the predetermined transaction account from a computer device different from the second computer device to the second transaction processing unit, A financial transaction system comprising: authenticating a user having the predetermined transaction account by one authentication unit and determining whether or not to execute a transaction of the second transaction processing unit.   When the transaction request from a computer device different from the second computer device is received and the password information included in the transaction request is password information used in the first authentication means, the first authentication means The financial transaction system according to claim 1, further comprising authentication processing means for performing authentication. The first transaction processing means executes a transaction for automatic deposit and payment with respect to the predetermined transaction account, and the first computer device is an automatic deposit machine for performing a transaction for deposit and payment;
The second transaction processing unit executes online transaction for the predetermined transaction account via a network, and the second computer device performs a transaction with the second transaction processing unit from a remote location via the network. The financial transaction system according to claim 1, wherein the financial transaction system is a client device that transmits a request.   The second password database includes a plurality of password information for the predetermined transaction account, and the second authentication means performs a plurality of authentication levels step by step by performing authentication by combining each of the plurality of password information. The second transaction processing means executes a plurality of transactions with different transaction contents according to each of the plurality of authentication levels. 3. The financial transaction system according to 3.   The financial transaction system according to any one of claims 1 to 4, wherein the first authentication information is information included in a cash card and a cash card password.   The computer device different from the second computer device is a client device installed in a store, and the first computer device and the client device have a cash card reading means for reading information contained in the cash card. The financial transaction system according to claim 5, comprising: Storing predetermined trading account information in a trading account database;
A first transaction for executing a predetermined transaction using the transaction account database in response to a transaction request for the predetermined transaction account transmitted from the first computer device by the first transaction processing means. Processing steps;
Storing first password information in a first password database;
When the first computer device requests a transaction from the first transaction processing unit by the first authentication unit, the first authentication unit is stored in the first password database based on the password information included in the transaction request. A first authentication step of authenticating a user having the predetermined transaction account by referring to first password information and determining whether or not to execute a transaction of the first transaction processing means;
A second transaction for executing a predetermined transaction using the transaction account database in response to a transaction request for the predetermined transaction account transmitted from the second computer device by the second transaction processing means. Processing steps;
Storing second password information in a second password database;
When the second computer device requests a transaction from the second transaction processing unit by the second authentication unit, the second authentication unit is stored in the second password database based on the password information included in the transaction request. A second authentication step of authenticating a user having the predetermined transaction account by referring to second personal identification information and determining whether or not to execute the transaction of the second transaction processing means;
When transmitting a transaction request for a transaction predetermined in the second transaction processing unit for the predetermined transaction account from a computer device different from the second computer device to the second transaction processing unit, And a step of authenticating a user having the predetermined transaction account by one authentication means and determining whether or not to execute the transaction of the second transaction processing means. .   When the transaction request from a computer device different from the second computer device is received by the authentication processing means, and the password information included in the transaction request is password information used in the first authentication means, 8. The financial transaction method according to claim 7, further comprising an authentication processing step for causing one authentication means to perform authentication. The first transaction processing step executes a transaction for automatic deposit and payment with respect to the predetermined transaction account, and the first computer device is an automatic deposit machine for performing a transaction for deposit and payment;
The second transaction processing step executes online transaction for the predetermined transaction account via a network, and the second computer device performs transaction from the remote place to the second transaction processing means via the network. 9. The financial transaction method according to claim 7, wherein the financial transaction method is a client device that transmits a request.   The second password database includes a plurality of password information for the predetermined transaction account, and the second authentication step includes a plurality of authentication levels step by step by performing authentication by combining each of the plurality of password information. 9. The authentication according to claim 7, wherein the second transaction processing step executes a plurality of transactions with different transaction contents depending on each of the plurality of authentication levels. 9. The financial transaction method according to 9.   11. The financial transaction method according to claim 7, wherein the first authentication information is information contained in a cash card and a cash card password. Storing information on a predetermined trading account in a trading account database on a computer;
A first transaction for executing a predetermined transaction using the transaction account database in response to a transaction request for the predetermined transaction account transmitted from the first computer device by the first transaction processing means. Processing steps;
Storing first password information in a first password database;
When the first computer device requests a transaction from the first transaction processing unit by the first authentication unit, the first authentication unit is stored in the first password database based on the password information included in the transaction request. A first authentication step of authenticating a user having the predetermined transaction account by referring to first password information and determining whether or not to execute a transaction of the first transaction processing means;
A second transaction for executing a predetermined transaction using the transaction account database in response to a transaction request for the predetermined transaction account transmitted from the second computer device by the second transaction processing means. Processing steps;
Storing second password information in a second password database;
When the second computer device requests a transaction from the second transaction processing unit by the second authentication unit, the second authentication unit is stored in the second password database based on the password information included in the transaction request. A second authentication step of authenticating a user having the predetermined transaction account by referring to second personal identification information and determining whether or not to execute the transaction of the second transaction processing means;
When transmitting a transaction request for a transaction predetermined in the second transaction processing unit for the predetermined transaction account from a computer device different from the second computer device to the second transaction processing unit, A program for performing authentication of a user having the predetermined transaction account by one authentication unit and determining whether or not to execute the transaction of the second transaction processing unit.

Images