JP2005293262A - Card information management apparatus, card information management method, and card information management program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent a card from being used unauthorizedly by a third party. <P>SOLUTION: A card information management apparatus 10 is provided with: a member information DB 12a for storing card authentication information (authentication information such as a card number and password, for example) and an address of a communication terminal 40 of a card member by associating them every card member; and a card use reporting part 13c for extracting the address of the communication terminal 40 of the card member corresponding to the card authentication information from the member information DB 12a to give a use notification of the card to the extracted address when the card authentication information of a card user is received from a card dealer's shop terminal 30. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention provides a card information management device for managing card authentication information of a card user received from a card handling terminal that handles card use and card authentication information of a card subscriber who is a valid user of the card, The present invention relates to a card information management method and a card information management program, and more particularly to a card information management apparatus, a card information management method, and a card information management program that can prevent unauthorized use of a card by a third party.

  Conventionally, in the credit and credit sales industry, settlement processing of sales contracts for products and services has been performed using debit cards or credit cards issued by issuing institutions such as banking, credit sales and distribution systems. Yes.

  For example, when a payment process using a credit card is performed, card authentication information (information such as a card number and a card expiration date) presented by a customer who is a credit card member is also stored at a card handling store (member store). Then, a procedure is performed in which a sales slip is created and a sign is requested to be entered in the sales slip. After that, the credit card company makes a settlement by charging the customer for the price of the sales merchandise based on the sales slip and delivering the price of the sales merchandise to the card dealer.

  In this way, by performing a payment process using a credit card, a card subscriber can purchase a product without having cash, and can enjoy a grace period of about several tens of days, Also, the card dealer can avoid the loss of sales opportunities due to the lack of money held by customers.

  Furthermore, in recent years, a card authentication processing system using a CAFIS (Credit And Finance Information Switching system) that can check the validity of a credit card online has become widespread (see, for example, Patent Document 1). Specifically, the card authentication information stored in the credit card is read by a computer terminal (CAT) installed in the card dealer, and the credit card company is inquired about the validity of the card online.

  However, since credit cards have various conveniences, they are becoming indispensable for settlement of commercial transactions, and at the same time, fraudulent acts by third parties (for example, theft of cards themselves or the fraud of cards by skimming card information) The card may be used illegally. When the card is illegally used in this way, there has been a problem that the card subscriber and the credit card company are seriously damaged.

  For this reason, for the purpose of preventing unauthorized use of a credit card, a system has been developed that monitors card payment processing in a commercial transaction based on a card subscriber's card usage history. For example, if a card subscriber who is a legitimate user of a card has accumulated a history that the card is being used in a small amount in the Kanto region, the card in a remote area contrary to the card usage history If a card is used for a high-priced product or a high-priced product, it is detected that there is a risk of fraudulent use, and a normal card payment processing at a facility such as a call center set up by a credit card company Is taking other actions (for example, checking personal information of card subscribers) to prevent unauthorized use of cards by third parties.

JP-A-10-124591

  However, the above-described conventional technology has a problem that unauthorized use of a card by a third party cannot be prevented when the card is used by a third party based on the usage history of the card subscriber. It was. In the example of the above-mentioned prior art, since the card subscriber's use history is accumulated that the card is used in small amounts in the Kanto region, a small amount of card in a single period in the Kanto region. If an unauthorized use of a card that is frequently repeated is used, it is not inconsistent with the card subscriber's usage history, so such unauthorized use cannot be detected, and unauthorized use of the card by a third party is overlooked. Will end up.

  In addition, in the above prior art, when unauthorized use of a card by a third party is detected, the card stop process is performed. However, the procedure for rejoining a card member is complicated, and this Since the re-enrollment procedure takes a long time, there is a problem that the convenience of the card subscriber is impaired.

  Accordingly, the present invention has been made to solve the above-described problems caused by the prior art, and a card information management device, a card information management method, and card information that can prevent unauthorized use of a card by a third party. The purpose is to provide a management program.

  In order to solve the above-described problems and achieve the object, the card information management device according to the present invention provides the card user's card authentication information received from the card handling terminal that handles the use of the card, and the legitimacy of the card. A card information management apparatus for managing card authentication information of a card subscriber who is a user, wherein each card subscriber stores the card authentication information and the address of the communication terminal of the card subscriber in association with each other When the card authentication information of the card user is received from the information storage means and the card handling terminal, the address of the card subscriber's communication terminal corresponding to the card authentication information is extracted from the subscriber information storage means, Card usage notification means for notifying the use of the card at the extracted address destination.

  The card information management apparatus according to the present invention is the card numbered to the card from the communication terminal of the card subscriber when the card usage notification is made by the card usage notification means in the above invention. An additional number setting receiving means for receiving an additional number setting to be added to the number, and the subscriber information storage means adds the additional number received by the additional number setting receiving means to the card number, The card number to which the additional number is added is stored as card authentication information.

  The card information management device according to the present invention is a card information management device connected via a network to a card handling terminal that handles the use of cards, and for each card subscriber, the card authentication information and the card Subscriber information storage means for storing the use availability status in association with each other, and the card authentication information received from the card user and including the card authentication information, and the card authentication information stored in the subscriber information storage means Card usage request authenticating means for authenticating whether the card usage request is a card usage request from an authorized user of the card based on the information, and the card usage request authenticating means The card stored by the subscriber information storage means when the card usage request is authenticated by a valid card user. And the use permission setting means for setting the use permission / prohibition state to the use permission state, and when the approval inquiry for the settlement process including the card authentication information of the card user is received from the card handling terminal, the approval inquiry includes The use status check means for checking whether or not the use status of the card corresponding to the card authentication information is the use permission status, and the use of the card by the use status check means. And a use permission response notifying means for notifying the card handling terminal of a use permission response of the card when it is verified that the availability state is a use permission state.

  The card information management device according to the present invention is the card information management device according to the above invention, wherein the usage permission setting means is configured to change the subscriber information if a predetermined time has elapsed after setting the card usage permission state to the usage permission state. The use permission state stored by the storage unit is canceled.

  In the card information management device according to the present invention, in the above invention, the subscriber information storage means stores the address of the communication terminal of the card subscriber in association with each card subscriber. When the use permission setting means sets the card use availability state to the use permission state, the card subscriber's communication terminal is permitted to use the card with reference to the subscriber information storage means. A card use permission notification means for notifying is further provided.

  In the card information management device according to the present invention, in the above invention, when the subscriber information storage means receives a card use request including card authentication information from the card user, the card user's communication means The card use permission notifying means refers to the subscriber information storage means when the use permission setting means sets the card use permission state to the use permission state. The card user's communication terminal is notified that the use of the card is permitted.

  Also, the card information management device according to the present invention provides the subscriber information storage means when the use permission response notifying means notifies the card handling terminal to the card handling terminal in the above invention. Referring to the card subscriber's communication terminal and / or the card user's communication terminal, card usage notification means for notifying the card usage is further provided.

  The card information management apparatus according to the present invention is the card information management apparatus according to the present invention, wherein the use permission setting means cancels the use permission state setting by referring to the subscriber information storage means. The communication terminal and / or the communication terminal of the card user is further provided with card usage permission cancellation notifying means for notifying that the card usage permission has been canceled.

  In the card information management device according to the present invention, the card use notification means refers to the subscriber information storage means and the card subscriber communication terminal and / or the card user communication in the invention described above. A notice of use cancellation of the setting of the use permission state by the use permission setting means is given to the terminal together with the card use notification.

  The card information management device according to the present invention may further comprise card usage history storage means for storing a card usage history for each card subscriber, wherein the card usage permission cancellation notification means is the subscription The card user's communication terminal and / or the card user's communication terminal is notified of the cancellation of the card use permission and stored by the card use history storage means. The usage history of the card is notified.

  The card information management device according to the present invention, in the above invention, accepts a card use request including card authentication information from the card user, and corresponds to the use permitted area and the area as the use condition of the card. It further comprises usage condition setting accepting means for accepting setting of usage permission time, wherein the usage permission setting means uses the usage status received by the usage condition setting accepting means for the card availability status stored by the subscriber information storage means. It is characterized in that the use permission state is set only to use for the permitted area and the use permission time corresponding to the area.

  In the card information management apparatus according to the present invention as set forth in the invention described above, the subscriber information storage means stores the card authentication information and the availability status of the card in association with each card owned by the card subscriber. The usage permission setting means stores the subscriber information storage means when the card usage request authentication means authenticates that the card usage request is a card usage request from an authorized user of the card. It is characterized in that the use permission / prohibition state of each card is set to a use permission state.

  Further, the card information management method according to the present invention includes card authentication information of a card user received from a card handling terminal that handles card use, and card authentication information of a card subscriber who is a valid user of the card. A card information management method for managing card information, and for each card subscriber, the card authentication information and the address of the communication terminal of the card subscriber are associated with each other and registered in the subscriber information storage means; and When the card authentication information of the card user is received from the card handling terminal, the address of the card subscriber's communication terminal corresponding to the card authentication information is extracted from the subscriber information storage means, and the extracted address destination And a card use notification step for notifying the use of the card.

  The card information management method according to the present invention is a card information management method that is connected via a network to a card handling terminal that handles the use of a card. The card authentication information and the card Subscriber information registration step of registering in the subscriber information storage means in association with the availability state, receiving a card use request including card authentication information from the card user, the card authentication information, and the subscriber information storage means A card use request authentication step for authenticating whether the card use request is a card use request from a legitimate user of the card based on the card authentication information registered in the card, and the card use request authentication step When it is authenticated that the card use request is a card use request from a valid user of the card, it is registered in the subscriber information storage means. Included in the authorization inquiry when an authorization inquiry of the payment process including the card authentication information of the card user is received from the card handling terminal The use permission state checking step of checking whether or not the use permission state of the card corresponding to the card authentication information is a use permission state with reference to the subscriber information storage means, and the card by the use permission state checking step And a use permission response notifying step of notifying the card handling terminal of a use permission response to the card handling terminal when it is verified that the use permission / non-use state is a use permission state.

  Also, the card information management method according to the present invention is the card information management method according to the above invention, wherein the use permission setting step includes the subscriber information if a predetermined time elapses after setting the card use permission state to the use permission state. The use permission state registered in the storage unit is canceled.

  Further, the card information management program according to the present invention includes a card user's card authentication information received from a card handling terminal that handles card use, and card authentication information of a card subscriber who is a valid user of the card. A card information management program for managing card information, and for each card subscriber, the card authentication information and the address of the communication terminal of the card subscriber are associated with each other and registered in the subscriber information storage means; When the card authentication information of the card user is received from the card handling terminal, the address of the card subscriber's communication terminal corresponding to the card authentication information is extracted from the subscriber information storage means, and the extracted address destination And a card usage notification procedure for notifying the usage of the card.

  The card information management program according to the present invention is a card information management program connected via a network to a card handling terminal that handles the use of a card. Subscriber information registration procedure for registering in the subscriber information storage means in association with the availability status, receiving a card use request including card authentication information from the card user, the card authentication information, and the subscriber information storage means A card use request authentication procedure for authenticating whether the card use request is a card use request from a valid user of the card based on the card authentication information registered in the card authentication information, and the card use request authentication procedure When the card use request is authenticated as a card use request from an authorized user of the card, the subscriber information storage A use permission setting procedure for setting the use permission state of the card registered in the stage to a use permission state, and when an approval inquiry for a settlement process including card authentication information of the card user is received from the card handling terminal, An availability status checking procedure for checking whether the availability status of the card corresponding to the card authentication information included in the authorization inquiry is a usage authorization status, with reference to the subscriber information storage means, and the availability status Causing the computer to execute a use permission response notifying procedure for notifying the card handling terminal of the use permission response of the card when the check procedure confirms that the card use availability state is a use permission state. Features.

  In the card information management program according to the present invention, in the above invention, the usage permission setting procedure may be configured such that if a predetermined time has elapsed after setting the card usage permission state to the usage permission state, the subscriber information The use permission state registered in the storage unit is canceled.

  According to the present invention, for each card subscriber, the card authentication information and the address of the card subscriber's communication terminal are stored in association with each other, and when the card user's card authentication information is received from the card handling terminal, Since the address of the card subscriber's communication terminal corresponding to the card authentication information is extracted and the card usage notification is sent to the extracted address destination, the card subscriber uses the card illegally by a third party. Can be detected at an early stage, and the card can be promptly dealt with illegal use of the card, so that there is an effect that a card information management device capable of preventing the unauthorized use of the card by a third party is obtained. In addition, in connection with this, when the card user's communication status is sequentially notified to the card subscriber's communication terminal, when the settlement of the commercial transaction with the credit card is performed, and when the fee is actually settled It is possible to detect early unauthorized use of a card targeting a period in which the manifestation of card use is delayed due to a time lag with the above, and to prevent continued unauthorized use of the card by a third party. It becomes possible.

  Further, according to the present invention, when the card usage notification is made, the setting of the additional number added to the card number assigned to the card is accepted and accepted from the communication terminal of the card subscriber. Since the additional number is added to the card number, and the card number with the additional number added is stored as card authentication information, even if the card number is leaked due to an illegal act by a third party, the unauthorized use is performed. A card information management device that can newly set a card number concealed from a third party and can continue to use the card by a card subscriber while preventing unauthorized use of the card by a third party. The effect is obtained. Furthermore, in connection with this, even if the card is illegally used by a third party, the card subscriber can continue to use the card. It is not necessary to perform the re-enrollment procedure for the required card member, and the convenience of the card subscriber can be improved.

  Further, according to the present invention, for each card subscriber, the card authentication information and the availability status of the card are stored in association with each other, the card authentication request including the card authentication information is received from the card user, and the card authentication is performed. Authenticating whether the card use request is a card use request from a valid user of the card based on the information and the stored card authentication information, and the card use request is a valid use of the card The card usage request status is set to the usage permission status, and an authorization inquiry for payment processing including the card user's card authentication information is accepted from the card handling terminal. At this time, it is checked whether or not the card availability status corresponding to the card authentication information included in the authorization inquiry is the usage authorization status, and the card availability status is the usage authorization status. When it is verified that the card is used, the card handling terminal is notified of the card use permission response, so the card can be used only when the card subscriber intends to use it. There is an effect that a card information management device capable of preventing unauthorized use of the card can be obtained.

  In addition, according to the present invention, if a predetermined time has elapsed after setting the card use permission state to the use permission state, the card subscriber cancels the use of the card because the use permission state setting is canceled. There is a card information management device that can suppress a card use permission state from being set to a use permission state outside the intended period, and can more reliably prevent unauthorized use of a card by a third party. The effect is obtained.

  In addition, according to the present invention, for each card subscriber, the address of the communication terminal of the card subscriber is stored in association with each other, and when the card availability status is set to the usage permitted status, the card subscriber The card subscriber is notified that the card is permitted to be used, so even if the third party sets the card availability status to the usage permitted state, the card subscriber The card information management device can be obtained, which can detect fraudulent acts before the card is illegally used and can reliably protect the card subscriber from unauthorized use of the card by a third party. Play.

  Further, according to the present invention, when a card use request including card authentication information is received from a card user, the address of the card user's communication terminal is stored, and the card use availability state is set to a use permission state. In this case, since the card user's communication terminal is notified that the card is permitted to be used, even if the registered communication terminal is not at hand of the card subscriber, There is an effect that a card information management device capable of confirming that the use permission state is set is obtained.

  Further, according to the present invention, when a card use permission response is notified to the card handling terminal, the card usage notification is sent to the card subscriber's communication terminal and / or the card user's communication terminal. Therefore, even if the card is illegally used by a third party, the card subscriber can quickly detect the unauthorized use of the card by a third party, and the registered communication terminal Even if the card subscriber is not at hand, there is an effect that a card information management device capable of confirming the card usage status can be obtained.

  Further, according to the present invention, when the setting of the use permission state is canceled, the card subscriber's communication terminal and / or the card user's communication terminal is notified that the card use permission has been revoked. As a result, it is possible to check the setting status of the use permission / prohibition state, and there is an effect that a card information management device capable of preventing the use of the card in a state other than the use permission state can be obtained.

  In addition, according to the present invention, since the card subscriber's communication terminal and / or the card user's communication terminal is notified together with the card usage notification, the notice of cancellation of the setting of the usage permission state is performed. There is an effect that it is possible to obtain a card information management device capable of confirming the setting status of the availability status while grasping the usage status of the card.

  Further, according to the present invention, for each card subscriber, the card usage history is stored, and the card subscriber's communication terminal and / or the card user's communication terminal has been canceled. Notification of the card's usage history is made at the same time, so it is possible to detect unauthorized use of a card by a third party without being overwhelmed by the card subscriber's use of the card in the permitted state of use. The effect is that a simple card information management device can be obtained.

  In addition, according to the present invention, a card use request including card authentication information is received from a card user, a setting of a use permission area and a use permission time corresponding to the area is accepted as a use condition of the card, Since the use permission state is set to the use permission state limited to the use permission area and the use permission time corresponding to the area, only the area intended by the card subscriber and the use permission time corresponding to the area are used. There is an effect that a card information management apparatus that can permit the use of the card and can more reliably prevent the unauthorized use of the card by a third party can be obtained.

  Further, according to the present invention, for each card owned by a card subscriber, the card authentication information and the card availability status are stored in association with each other, and the card usage request is sent from a valid user of the card. When it is authenticated that it is a usage request, it is decided to set the usage status of each card to the usage-permitted status. By making a card usage request for one card, the usage permission status for multiple cards is set. It is possible to obtain a card information management device capable of performing the above-described migration in a lump.

  According to the present invention, for each card subscriber, when the card authentication information and the address of the communication terminal of the card subscriber are registered in association with each other and the card authentication information of the card user is received from the card handling terminal Then, the address of the communication terminal of the card subscriber corresponding to the card authentication information is extracted, and the card subscriber is notified of the use of the card at the extracted address destination. Since it is possible to detect unauthorized use at an early stage and promptly respond to unauthorized use of such a card, it is possible to prevent unauthorized use of the card by a third party. In addition, in connection with this, when the card user's communication status is sequentially notified to the card subscriber's communication terminal, when the settlement of the commercial transaction with the credit card is performed, and when the fee is actually settled It is possible to detect early unauthorized use of a card targeting a period in which the manifestation of card use is delayed due to a time lag with the above, and to prevent continued unauthorized use of the card by a third party. There is an effect that a possible card information management method can be obtained.

  Further, according to the present invention, for each card subscriber, the card authentication information is registered in association with the card availability status, and the card authentication request is received from the card user and includes the card authentication information. Authenticating whether the card use request is a card use request from a valid user of the card based on the information and the registered card authentication information, and the card use request is a valid use of the card The card usage request status is set to the usage permission status, and an authorization inquiry for payment processing including the card user's card authentication information is accepted from the card handling terminal. At this time, it is checked whether or not the card availability status corresponding to the card authentication information included in the authorization inquiry is the usage authorization status, and the card availability status is the usage authorization status. When it is verified that the card is used, the card handling terminal is notified of the card use permission response, so the card can be used only when the card subscriber intends to use it. There is an effect that a card information management method capable of preventing unauthorized use of a card can be obtained.

  In addition, according to the present invention, if a predetermined time has elapsed after setting the card use permission state to the use permission state, the card subscriber cancels the use of the card because the use permission state setting is canceled. There is a card information management method that can prevent the card usage status from being set to a usage-permitted status outside of the intended period, and that can more reliably prevent unauthorized use of the card by a third party. The effect is obtained.

  According to the present invention, for each card subscriber, when the card authentication information and the address of the communication terminal of the card subscriber are registered in association with each other and the card authentication information of the card user is received from the card handling terminal Then, the address of the communication terminal of the card subscriber corresponding to the card authentication information is extracted, and the card subscriber is notified of the use of the card at the extracted address destination. Since it is possible to detect unauthorized use at an early stage and promptly respond to unauthorized use of such a card, it is possible to prevent unauthorized use of the card by a third party. In addition, in connection with this, when the card user's communication status is sequentially notified to the card subscriber's communication terminal, when the settlement of the commercial transaction with the credit card is performed, and when the fee is actually settled It is possible to detect early unauthorized use of a card targeting a period in which the manifestation of card use is delayed due to a time lag with the above, and to prevent continued unauthorized use of the card by a third party. There is an effect that a possible card information management program can be obtained.

  Further, according to the present invention, for each card subscriber, the card authentication information is registered in association with the card availability status, and the card authentication request is received from the card user and includes the card authentication information. Authenticating whether the card use request is a card use request from a valid user of the card based on the information and the registered card authentication information, and the card use request is a valid use of the card The card usage request status is set to the usage permission status, and an authorization inquiry for payment processing including the card user's card authentication information is accepted from the card handling terminal. At this time, it is checked whether or not the card availability status corresponding to the card authentication information included in the authorization inquiry is the usage authorization status, and the card availability status is the usage authorization status. When it is verified that the card is used, the card handling terminal is notified of the card use permission response, so the card can be used only when the card subscriber intends to use it. There is an effect that a card information management program capable of preventing unauthorized use of a card can be obtained.

  In addition, according to the present invention, if a predetermined time has elapsed after setting the card use permission state to the use permission state, the card subscriber cancels the use of the card because the use permission state setting is canceled. There is a card information management program that can prevent the card use permission state from being set to a use permission state outside the intended period and can more reliably prevent unauthorized use of the card by a third party. The effect is obtained.

  A preferred embodiment when the card information management apparatus according to the present invention is applied to a credit card settlement system will be described in detail below with reference to the accompanying drawings. In the following, the concept of terms used in the present embodiment will be described first, and then the card information management device (card information management method) according to the first and second embodiments will be described. Finally, other embodiments will be described. Various modifications (Example 3) will be described as follows.

(Concept of terms used in this example)
Hereinafter, the concept of terms used in this embodiment will be briefly described. The “card subscriber” used in the present embodiment indicates a credit card member who has an authorized user authority of the card. The “card user” refers to a user who intends to use a card at a card dealer and represents a broad user who is distinguished from a card subscriber. That is, the “card user” mentioned here includes a “card subscriber” who has the right user authority of the card and a malicious third party who intends to illegally use the card.

  The “registration address” used in the present embodiment is an address of a communication terminal registered in advance by a card subscriber, and the “transmission source address” refers to a card store or a card information management device from a card user. This is the address of the card user's communication terminal acquired when access is accepted. That is, if the “card user” is the “card subscriber” and the communication terminal registered in the “registration address” is used, the “registration address” and the “source address” must match. In addition, when the “card user” is the “card subscriber” himself / herself but does not use the communication terminal registered in the “registration address”, or the “card user” In the case of “user”, “registration destination address” and “transmission source address” do not match.

  The approval inquiry of “card payment processing” used in the present embodiment is an approval inquiry for payment of a commercial transaction by credit card, which is performed from the card handling store terminal 30 to the card information management device 10. "That is," card authentication information "(for example, authentication information such as a card number or a personal identification number) for determining whether the card user is a card subscriber who is a valid user of the card) And “card payment information” (for example, information such as card number, card usage amount, store, usage date and time) indicating the contents of the commercial transaction.

  First, the card information management apparatus (card information management method) according to the first embodiment will be described. Here, after describing the outline and features of the card information management apparatus according to the first embodiment, the configuration of the card information management apparatus will be described, and finally the procedures of various processes of the card information management apparatus will be described. I will do it.

(Overview and features)
An outline and features of the card information management apparatus according to the first embodiment will be described. FIG. 1 is a system configuration diagram illustrating the configuration of the credit card settlement system according to the first embodiment. As shown in the figure, this credit card settlement system is connected to a credit company host computer 20, a card handling store terminal 30, and a card subscriber communication terminal 40 with a card information management apparatus 10 as the center. It becomes composition.

  Among them, the host computer 20 of the credit company is a host computer that provides a card settlement processing service to a “card handling store (member store)” that handles credit cards and a “card subscriber” that is a credit card member. Yes, it manages card payment information received from the card information management apparatus 10 via the credit network 1 (for example, information such as card number, card usage amount, store, date and time of use).

  The card dealer terminal 30 is a computer terminal that receives a credit card usage by a card user and sends an approval inquiry for “card payment processing” to the card information management device 10, and also has a card information reading function and a merchandise sales registration function. Functions of a POS (Point Of Sales) system. Specifically, it has a card reader that reads card authentication information stored in a credit card, an input device that inputs a card usage amount, and a printer that prints out a credit slip (not shown).

  The communication terminal 40 is a communication terminal possessed by a card subscriber, and is connected to the card information management apparatus 10 via the Internet 3 so that they can communicate with each other. In the first embodiment, an example where a “mobile phone” is adopted as the communication terminal of the card subscriber will be described. However, a personal computer, a mobile communication terminal, a PHS terminal, Various mobiles such as a PDA may be used.

  Here, the card information management apparatus 10 according to the first embodiment stores the card authentication information and the address of the communication terminal 40 of the card subscriber in association with each card subscriber and stores the card from the card dealer terminal 30 to the card. When the card authentication information of the user is received, the address of the communication terminal 40 of the card subscriber corresponding to the card authentication information is extracted, and the card usage notification is sent to the extracted address destination. The main feature of the “processing” is that the “card use notification processing” can prevent unauthorized use of the card by a third party.

  The main feature will be described in detail. The card information management device 10 provides, for each card subscriber, card authentication information (for example, authentication information such as a card number and a password) and the communication terminal 40 of the card subscriber. An address (for example, a mail address of a mobile phone) is associated and stored in the subscriber information DB 12a (see FIG. 3A).

  The card information management apparatus 10 determines whether or not the card can be used when receiving an approval inquiry for “card payment processing” including card authentication information of the card user from the card dealer terminal 30. When it is determined that the card user is permitted to use the card, the address of the communication terminal 40 of the card subscriber corresponding to the card authentication information (card number) of the card user transmitted from the card dealer terminal 30 is set. Extracted from the subscriber information DB 12a, the card usage notification screen 100 (see FIG. 6) is transmitted to the extracted address destination.

  Therefore, in the above prior art example, when a card is used by a third party based on the card subscriber's usage history, the card is not overlooked by the third party. By sequentially reporting the card usage status by the user to the card subscriber's communication terminal, the card subscriber can quickly detect unauthorized use of the card by a third party and promptly respond to such unauthorized use of the card. Since it can be performed, unauthorized use of the card by a third party can be prevented as in the main feature described above. In addition, in connection with this, when the card user's communication status is sequentially notified to the card subscriber's communication terminal, when the settlement of the commercial transaction with the credit card is performed, and when the fee is actually settled It is possible to detect early unauthorized use of a card targeting a period in which the manifestation of card use is delayed due to a time lag with the above, and to prevent continued unauthorized use of the card by a third party. It becomes possible.

  In addition, the card information management apparatus 10 according to the first embodiment has additional features related to the main features described above. That is, when the card usage notification screen 100 (see FIG. 6) is transmitted, the setting of the additional number added to the card number assigned to the card is accepted from the card subscriber's communication terminal 40 (see FIG. 7). ), The received additional number is added to the card number, and the card number to which the additional number is added is stored as card authentication information (see FIG. 3-2).

  In other words, an “additional number” (for example, “1472”) is added to the card number “1996 0804 0501 1926” composed of “16 digits”, and the “additional number” is added. The card number “1996 0804 0501 1926 1472” is used as the card authentication information. For this reason, even if a card number is leaked due to a fraudulent act by a third party, a new card number concealed from a third party that performs fraudulent use can be set. It is possible to continue the use of the card by the card subscriber while preventing it. Furthermore, in connection with this, even if the card is illegally used by a third party, the card subscriber can continue to use the card. There is no need to re-enroll the required card member, and the convenience of the card subscriber can be improved.

(Configuration of card information management device)
Next, the configuration of the card information management apparatus 10 according to the first embodiment will be described. FIG. 2 is a block diagram illustrating the configuration of the card information management apparatus according to the first embodiment. The card information management apparatus 10 is connected to a credit company host computer 20, a card store terminal 30, and a card subscriber communication terminal 40 so that they can communicate with each other. The communication part 11 which communicates via the member store network 2 or the internet 3, the memory | storage part 12, and the control part 13 are provided.

  Among these, the storage unit 12 is a storage unit (storage unit) that stores data and programs necessary for various processes by the control unit 13, and includes a subscriber information DB 12a, a card use history DB 12b, and a password pattern storage table 12c. With.

  The subscriber information DB 12a is a storage (storage) means for storing card authentication information and the address of the communication terminal 40 of the card subscriber in association with each card subscriber. 3A is a diagram showing an example of the subscriber information DB 12a shown in FIG. 2. As shown in FIG. 3A, the card subscriber name “aaa” has a card number “1996 0804 0501 1926” and a password. A pattern “A”, a password “1234”, a card subscriber's mobile phone mail address “aaa@user.ne.jp”, and an “additional number” are stored in association with each other. The details of changing the “password number pattern” and “password” and setting the “additional number” will be described later.

  The card usage history DB 12b is storage means for storing and storing card usage history of card subscribers. FIG. 4 is a diagram showing an example of the card use history DB 12b shown in FIG. 2. As shown in the figure, the card subscriber name “aaa” includes the area name “Tokyo” of the store using the card, The number of times the local store is used “10 times”, the usage amount (average amount) “10000 yen”, and the usage time zone “around 14:00” are stored in association with each other.

  The personal identification number pattern storage table 12c is a table that stores, for each card subscriber, a “security number pattern” and a “password” that are preset by the card subscriber. FIG. 5 is a diagram showing an example of the code number pattern storage table 12c shown in FIG. 2. As shown in FIG. 5, the card subscriber name “aaa” corresponds to each “code number pattern”. "Password" (that is, password number pattern A "1234", password number pattern B "0123", and password number pattern C "2345") is stored.

  The control unit 13 includes a control program such as an OS (Operating System), a program that defines various processing procedures, and an internal memory for storing necessary data, and is a processing unit that executes various processes using these. In particular, as closely related to the present invention, the availability determination unit 13a, the card settlement processing unit 13b, the card usage notification unit 13c, the additional number setting reception unit 13d, the password change change reception unit 13e, and the card stop reception unit 13f Is provided.

  Among these, the use permission determination unit 13a receives the card inquiry stored in the card use history DB 12b when receiving an approval inquiry of “card payment processing” including the card authentication information of the card user from the card dealer terminal 30. This is a processing unit that determines whether or not to allow the card user to use the card based on the usage history. For example, when an authorization inquiry of “card payment processing” including the card number “1996 0804 0501 1926” of the card subscriber “aaa” is received from the card dealer terminal 30 as card authentication information of the card user, the card usage history It is determined whether or not the card is being used based on the usage history of the card subscriber “aaa” stored by the DB 12b.

  That is, when the card user intends to use the card based on the usage history of the card subscriber “aaa”, the card user is likely to be the same person as the card subscriber “aaa”. It is determined that the card is allowed to be used by the user, and the card user intends to use the card in a distant area that is contrary to the usage history of the card subscriber “aaa” or the card for expensive products. If so, it is determined that the card user is not permitted to use the card because the card user may not be the same person as the card subscriber “aaa”.

  In addition, when the use permission determination unit 13a determines that the card user is not permitted to use the card, it is different from the usual “card payment processing” in a facility such as a call center set up by a credit card company. (For example, confirmation of personal information of the card subscriber) will be performed, but it is confirmed that the card user is the card subscriber “aaa” by an individual response by an operator belonging to the call center. Then, the card user is permitted to use the card.

  The card settlement processing unit 13b is a processing unit that performs a settlement (card settlement processing) of a commercial transaction using a credit card in response to an approval inquiry for “card settlement processing” from the card dealer terminal 30. Specifically, when it is determined by the use permission determination unit 13a that the card user is permitted to use the card, the transaction of the transaction with the credit card (card payment processing) is performed, and the “card payment completion notification” is sent to the card. In addition to transmitting to the dealer terminal 30, card settlement information (for example, information such as card number, card usage amount, store, usage date and time) is transmitted to the host computer 20 of the credit company. In addition, when it is determined that the card user does not permit the use of the card by the use permission determination unit 13a, the card handling store indicates that the settlement of the commercial transaction using the credit card is not approved (notification of approval of the card settlement process). Reply to the terminal 30.

  The card usage notifying unit 13c, when the use permission determining unit 13a determines that the card user is allowed to use the card, the card subscription corresponding to the card user's card authentication information transmitted from the card dealer terminal 30. This is a processing unit that extracts the address of the communication terminal 40 of the subscriber from the subscriber information DB 12a and notifies the use of the card to the extracted address destination.

  For example, when the card number “1996 0804 0501 1926” of the card subscriber “aaa” is transmitted as the card authentication information of the card user from the card dealer terminal 30, the card subscriber “aaa” corresponding to this card number is transmitted. The mobile phone mail address “aaa@user.ne.jp” is extracted from the subscriber information DB 12a, and the card usage notification screen 100 (see FIG. 6) is transmitted to the extracted address destination. The “card use notification screen” is generated based on the “card payment information” transmitted from the card dealer terminal 30.

  In this way, by sequentially reporting the card usage status by the card user to the card subscriber's communication terminal, the card subscriber can detect unauthorized use of the card by a third party at an early stage and use the card for unauthorized use. It is possible to respond quickly to the card and prevent unauthorized use of the card by a third party. In addition, in connection with this, when the card user's communication status is sequentially notified to the card subscriber's communication terminal, when the settlement of the commercial transaction with the credit card is performed, and when the fee is actually settled It is possible to detect early unauthorized use of a card targeting a period in which the manifestation of card use is delayed due to a time lag with the above, and to prevent continued unauthorized use of the card by a third party. It becomes possible.

  The additional number setting reception unit 13d receives an additional number added to the card number assigned to the card from the communication terminal 40 of the card subscriber when the card usage notification unit 13c notifies the card usage. It is a processing unit that accepts settings. For example, when the card usage notification screen 100 (see FIG. 6) is transmitted to the mobile phone of the card subscriber “aaa” by the card usage notification unit 13c, the card number “1996 0804 0501 1926” assigned to the card is given. The setting of the additional number to be added to is accepted.

  In other words, an “additional number” (for example, “1472”) is added to the card number “1996 0804 0501 1926” composed of “16 digits”, and the “additional number” is added. The card number “1996 0804 0501 1926 1472” is used as the card authentication information.

  That is, the “additional number” is accepted as card authentication information from the card subscriber at the card dealer. For example, as shown in FIG. 10A, “additional number” is written in the remarks column of “sales slip”, and “card authentication information” including the received “additional number” is received from the card dealer terminal 30. You may make it transmit to the said card | curd information management apparatus 10, and as shown to FIG. 10-2, the input of "additional number" is received via input operation apparatuses, such as a PIN keypad (pin pad), The received “additional number” may be transmitted from the card dealer terminal 30 to the card information management apparatus 10.

  For this reason, even if a card number is leaked due to a fraudulent act by a third party, a new card number concealed from a third party that performs fraudulent use can be set. It is possible to continue the use of the card by the card subscriber while preventing it. Furthermore, in connection with this, even if the card is illegally used by a third party, the card subscriber can continue to use the card. There is no need to re-enroll the required card member, and the convenience of the card subscriber can be improved.

  The personal identification number change acceptance unit 13e performs a process of accepting selection of a personal identification number pattern from the personal identification number patterns stored in the personal identification number pattern storage table 12c when the card usage notification unit 13c notifies the usage of the card. Part. For example, when the card usage notification screen 100 (see FIG. 6) is transmitted to the mobile phone of the card subscriber “aaa” by the card usage notification unit 13c, the password number pattern stored in the password pattern storage table 12c (for example, The personal identification number pattern A “1234”, personal identification number pattern B “0123” or personal identification number pattern C “2345”) is selected and accepted. For this reason, even if a personal identification number is leaked due to a fraudulent act by a third party, it can be changed to a personal identification number concealed by a third party that performs unauthorized use, and the card in the case where authentication related to the personal identification number is required. Unauthorized use can be prevented.

  The card stop accepting unit 13f is a processing unit that accepts the card stop when the card use notifying unit 13c notifies the card use. For example, when the card use notification screen 100 (see FIG. 6) is transmitted to the mobile phone of the card subscriber “aaa” by the card use notification unit 13c, the stop of the card is accepted.

(Procedures for various processing of the card information management device)
Next, procedures of various processes of the card information management apparatus 10 according to the first embodiment will be described. Here, after explaining the main feature (1) the card use notification process, the card subscriber accepts a process for dealing with unauthorized use of the card via the communication terminal 40. (2) Additional number setting acceptance Processing will be described.

(1) Card Usage Notification Process FIG. 11 is a flowchart showing the card usage notification process. As shown in the figure, the “card use notification process” is started when an approval inquiry for the card settlement process is received from the card handling store terminal 30 (Yes in step S1101). Here, the case where the approval inquiry of “card payment processing” including the card number “1996 0804 0501 1926” of the card subscriber “aaa” is received as the card authentication information of the card user from the card dealer terminal 30 is illustrated. Will be described.

  Then, the availability determination unit 13a determines whether or not to allow the card user to use the card based on the usage history of the card subscriber “aaa” stored in the card usage history DB 12b (step S1102).

  Here, when it is determined that the use of the card by the card user is not permitted by the use permission determination unit 13a (No in step S1103), the card settlement processing unit 13b does not approve the settlement of the commercial transaction using the credit card ( The card settlement processing approval disapproval response notification) is transmitted to the card dealer terminal 30 (step S1104).

  If it is determined that the card user can use the card (Yes in step S1103), the card settlement processing unit 13b performs settlement of a commercial transaction using a credit card (card settlement processing). (Step S1105), “Card payment completion notification” is transmitted to the card handling store terminal 30 (Step S1106), and card payment information (for example, information such as card number, card usage amount, store, usage date and time) is sent to the credit company. To the host computer 20 (step S1107).

  Subsequently, the card use notifying unit 13c sends the mail address “of the mobile phone of the card subscriber“ aaa ”corresponding to the card number“ 1996 0804 0501 1926 ”of the card subscriber“ aaa ”transmitted from the card dealer terminal 30. “aaa@user.ne.jp” is extracted from the subscriber information DB 12a (step S1108), and the card use notification screen 100 (see FIG. 6) is transmitted to the extracted address destination (step S1109).

  As described above, according to the card information management apparatus 10 according to the first embodiment, the card subscriber quickly detects the unauthorized use of the card by a third party, and promptly responds to the unauthorized use of the card. It is possible to prevent unauthorized use of the card by a third party. In addition, related to this, it is a continuous target targeting a period in which the manifestation of card use is delayed due to the time lag between the time when settlement of commercial transactions with credit cards is performed and the time when charges are actually settled. Unauthorized use can be detected at an early stage, and continuous unauthorized use of the card by a third party can be prevented.

(2) Additional Number Setting Acceptance Processing FIG. 12 is a flowchart showing the procedure of additional number setting acceptance processing. This “additional number setting reception process” is started when the card usage notification unit 13c transmits the card usage notification screen 100 (see FIG. 6) to the mobile phone of the card subscriber “aaa”.

  As shown in FIG. 12, when pressing of the “additional number setting” button 120 on the card usage notification screen 100 is received via the user interface (multi-cursor key, operation button, etc.) of the card subscriber's mobile phone 40 ( In step S1201, the additional number setting receiving unit 13d displays the additional number setting screen 200 (see FIG. 7) on the mobile phone 40 of the card subscriber and receives an input of the additional number (for example, “1472”) ( Step S1202).

  Subsequently, when the depression of the “OK” button 210 on the additional number setting screen 200 is received via the user interface of the card subscriber's mobile phone 40 (Yes in step S1203), the card subscriber's mobile phone 40 The number “1472” is transmitted to the card information management apparatus 10 (step S1204).

  Here, the card information management apparatus 10 receives the additional number “1472” transmitted from the cellular phone 40 of the card subscriber at the communication unit 11 (step S1205), and adds the additional number “1” to the card number “1996 0804 0501 1926”. 1472 "is added and stored in the subscriber information DB 12a (see FIG. 3-2) (step S1206).

  In addition, when the pressing of the “change PIN” button 130 on the card usage notification screen 100 is received via the user interface of the card subscriber's mobile phone 40 (No in step S1201 and YES in step S1207), the password change is accepted. The unit 13e displays the password change screen 300 (see FIGS. 8-1 and 8-2) on the card subscriber's mobile phone 40 and accepts the selection of the password pattern (step S1208). Specifically, the password number is selected from the password number patterns (for example, the password number pattern A “1234”, the password number pattern B “0123”, or the password number pattern C “2345”) stored in the password number pattern storage table 12 c. Accepts pattern selection.

  When the password change screen 300 accepts the selection of the password pattern B “0123” via the user interface of the card subscriber's mobile phone 40 and the password pattern is determined (Yes in step S1209), the card The subscriber's mobile phone 40 transmits the personal identification number pattern B to the card information management apparatus 10 (step S1210).

  Here, the card information management apparatus 10 receives the password number pattern B transmitted from the card subscriber's mobile phone 40 by the communication unit 11 (step S1211), and stores the password number pattern B “0123” in the subscriber information DB 12a. Update (see FIG. 3-3) (step S1212).

  In addition, when pressing of the “card stop” button 140 on the card usage notification screen 100 is received via the user interface of the card subscriber's mobile phone 40 (No in step S1201, negative in step S1207, and positive in step S1213), The stop accepting unit 13f displays a card stop accepting screen 400 (see FIG. 9) on the card subscriber's mobile phone 40 and accepts an input of card stop confirmation.

  When the depression of the “OK” button 410 on the card stop acceptance screen 400 is accepted via the user interface of the card subscriber's mobile phone 40 (Yes in step S1214), the card subscriber's mobile phone 40 A “stop instruction” is transmitted to the card information management apparatus 10 (step S1215).

  Here, the card information management apparatus 10 receives the “card stop instruction” transmitted from the mobile phone 40 of the card subscriber by the communication unit 11 (step S1216), and performs card stop processing (step S1217). .

  Further, when pressing of the “confirmation completion” button 110 on the card usage notification screen 100 is received via the user interface of the card subscriber's mobile phone 40 (No in step S1201, negative in step S1207, negative in step S1213, positive in step S1218). In this case, the process is terminated.

  As described above, according to the card information management apparatus 10 according to the first embodiment, even if the card number is leaked due to an illegal act by a third party, a new card number concealed from a third party who performs illegal use is newly obtained. The card subscriber can continue to use the card while preventing unauthorized use of the card by a third party. Furthermore, in connection with this, even if the card is illegally used by a third party, the card subscriber can continue to use the card. There is no need to re-enroll the required card member, and the convenience of the card subscriber can be improved.

  Moreover, according to the card information management apparatus 10 according to the first embodiment, even if a personal identification number is leaked due to an illegal act by a third party, the personal identification number is changed to a personal identification number concealed by a third party who performs unauthorized use. It is possible to prevent unauthorized use of the card when authentication related to the personal identification number is required.

  Next, a card information management apparatus (card information management method) according to the second embodiment will be described. Here, after describing the outline and features of the card information management apparatus according to the second embodiment, the configuration of the card information management apparatus will be described, and finally the procedures of various processes of the card information management apparatus will be described. I will do it.

(Overview and features)
The outline and features of the card information management apparatus according to the second embodiment will be described. FIG. 13 is a system configuration diagram illustrating the configuration of the credit card settlement system according to the second embodiment. As shown in the figure, this credit card settlement system is similar to the first embodiment, with the card information management device 10 as the center, a credit company host computer 20, a card dealer terminal 30, and card subscribers. The communication terminal 40 is connected.

  Here, the card information management apparatus 10 according to the first embodiment described above performs the “card use notification process” that sequentially notifies the card subscriber's communication terminal 40 of the card use status by the card user, thereby performing the third step. The card subscriber is made aware of the unauthorized use of the card by the subscriber. In other words, after the card is illegally used by a third party, the card subscriber is notified of the use of the card that he / she does not remember by notifying the use of the card. For this reason, the card information management apparatus 10 according to the first embodiment cannot avoid the first unauthorized use by a third party.

  However, unauthorized use of such cards should not be overlooked even once. Thus, the second embodiment aims to provide a card information management apparatus that can prevent unauthorized use of a card by a third party.

(Configuration of card information management device)
Next, the configuration of the card information management apparatus 50 according to the second embodiment will be described. FIG. 14 is a block diagram illustrating the configuration of the card information management apparatus according to the second embodiment. The card information management device 50 is connected to a credit company host computer 20, a card handling store terminal 30, and a card subscriber communication terminal 40 so as to be able to communicate with each other. The communication part 51 which communicates via the member store network 2 or the internet 3, the memory | storage part 52, and the control part 53 are provided. In the second embodiment, those having a difference in function as compared with the first embodiment will be described, and description of those having the same function will be omitted.

  Among these, the memory | storage part 52 is a storage means (memory | storage means) which stores the data and program required for various processes by the control part 53, and is provided with subscriber information DB52a and card utilization log | history DB52b.

  The subscriber information DB 52a is a storage (storage) means for storing the card authentication information and the card availability status in association with each card subscriber. FIG. 15A is a diagram showing an example of the subscriber information DB 52a shown in FIG. 14. As shown in FIG. 15, the card subscriber name “aaa”, the card number “1996 0804 0501 1926”, and the password “1234”, registration source address (that is, mail address of the card subscriber's mobile phone 40) “aaa@user.ne.jp”, “source address”, “usability status”, “usable area” and “ “Usage time (local time)” is stored in association with each other. Details of the fields of “source address”, “usability status”, “usage permitted area”, and “usage permitted time” will be described later.

  The control unit 53 includes a control program such as an OS (Operating System), a program defining various processing procedures, and an internal memory for storing necessary data, and is a processing unit that executes various processes using these. In particular, as closely related to the present invention, a card use request authenticating unit 53a, a use permission setting unit 53b, a card use permission notifying unit 53c, a use availability state checking unit 53d, a card settlement processing unit 53e, a card use notifying unit 53f and a card use permission cancellation notification unit 53g.

  Among these, the card use request authentication unit 53a receives a card use request including card authentication information from the card user, and based on the card authentication information and the card authentication information stored in the subscriber information DB 52a, It is a processing unit that authenticates whether or not the use request is a card use request from a valid user of the card. Specifically, the “card number” corresponding to the “card number” included in the card use request is searched from the subscriber information DB 52a, and if the corresponding “card number” exists, it is included in the card use request. It is determined whether or not the “password” stored in the subscriber information DB 52a matches the “password”. When these “passwords” match, the card use request is authenticated as a card use request from a valid user of the card.

  For example, a “card use request authentication process” when a card use request acceptance screen 500 (see FIG. 16) is received from a card user's communication terminal will be described. After retrieving the card number corresponding to the card number “1996 0804 0501 1926” input on the card use request acceptance screen 500 from the subscriber information DB 52a and confirming that it is the card number of the card subscriber “aaa”, It is determined whether or not the personal identification number “1234” included in the card use request matches the personal identification number set by the card subscriber “aaa”. In this case, since the personal identification number “1234” included in the card usage request matches the personal identification number set by the card subscriber “aaa”, the card usage request is a valid user of the card (that is, The card subscriber "aaa") is authenticated as a card use request.

  When the card user request reception screen 500 is received from the card user's communication terminal, the mail address “aaa@user.ne.jp” of the card user's mobile phone is “source address” in the subscriber information DB 52a. "Is stored in the field" (see FIG. 15-2). In this case, since the “card user” is the “card subscriber” and the communication terminal registered in the “registration destination address” is used, the “registration destination address” and the “transmission source address” are Will match.

  When the card use request authentication unit 53a authenticates that the card use request is a card use request from an authorized user of the card, the use permission setting unit 53b stores the card stored in the subscriber information DB 52a. It is a processing unit that sets “usability state” to “usage permission state”. For example, in the above example, in the subscriber information DB 52a, the “usability status” field of the card subscriber “aaa” is rewritten to “permitted” (see FIG. 15-2).

  In addition, the use permission setting unit 53b sets the “use permission state” stored in the subscriber information DB 52a when a predetermined time has elapsed after setting the “use permission state” of the card to the “use permission state”. Cancel. In this way, the card subscriber intends to use the card by canceling the “Usage Allowed State” setting when a predetermined time has elapsed after setting the “Usage Status” of the card to “Usage Allowed State”. During the period other than the above-described period, it is possible to suppress the “usable / unusable state” of the card from being set to the “usable state”, and it is possible to more reliably prevent unauthorized use of the card by a third party.

  In addition, the usage permission setting unit 53b subscribes to the usage conditions (that is, “usage permitted area” and “usage permitted time” corresponding to the area) input to the card usage request reception screen 500 by the card user. Is written in the “use permitted area” and “use permitted time” fields in the user information DB 52a. Specifically, the use permitted area “US, New York” and the use permitted time (local time) “2 hours from 12:00 on March 1, 2004” are set to “use permitted area” and “use permitted time” in the subscriber information DB 52a. "(See Fig. 15-2).

  In this way, a card use request including card authentication information is received from the card user, and a use permission area and a use permission time setting corresponding to the area are accepted as the use condition of the card, and the card use availability state is set. By setting the usage-permitted state to the usage-permitted state corresponding to the usage-permitted area and the usage-permitted time corresponding to the area, the card usage is permitted only for the area intended by the card subscriber and the usage-permitted time corresponding to the area. It is possible to prevent unauthorized use of the card by a third party more reliably.

  The card use permission notifying unit 53c refers to the subscriber information DB 52a when the “usable / unusable state” of the card is set to the “use permitted state” by the use permission setting unit 53b. And a processing unit that notifies the communication terminal of the card user that use of the card is permitted. For example, when the usage permission setting section 53b rewrites the “usability status” field of the card subscriber “aaa” to “permitted”, the registration destination address “aaa@user.ne” stored in the subscriber information DB 52a. .Jp ”and the source address“ aaa@user.ne.jp ”, a card use permission notification screen 600 (see FIG. 17) is transmitted to the card subscriber's mobile phone and the card user's mobile phone.

  In this way, when the “usable / unusable state” of the card is set to “usable state”, the card subscriber's communication terminal is notified that the card is permitted to use, even if a third party is used. Even if the card's “usability status” is set to “usage permission status”, the card subscriber can detect such illegal acts by a third party before the card is illegally used. It becomes possible to reliably protect the card subscriber from unauthorized use of the card by the three parties.

  In addition, when the “usable / unusable state” of a card is set to “usable state”, the registered communication terminal is notified by notifying the card user's communication terminal that the card is permitted to be used. Even when the subscriber is not at hand, it is possible to confirm that the “usable / unusable state” of the card is set to the “usable state”.

  When accepting an approval inquiry for card payment processing including card authentication information of a card user from the card handling store terminal 30, the availability checking unit 53d checks the card corresponding to the card authentication information included in the approval inquiry. This is a processing unit that checks whether or not the “usability status” is the “usage permission status” with reference to the subscriber information DB 52a. For example, when an authorization inquiry of “card payment processing” including the card number “1996 0804 0501 1926” of the card subscriber “aaa” is received as the card authentication information of the card user from the card dealer terminal 30, the authorization inquiry It is checked that the “usability status” corresponding to the card number included in is “permitted” (see FIG. 15-2).

  In addition, if the usage condition of the card is set by the usage permission setting unit 53b, the usage status check unit 53d receives information such as the store and usage date and time as card payment information of the card user from the card handling store terminal 30. When the approval inquiry of “card payment processing” including “is received, it is checked whether the use target store is in the“ use permitted area ”and the use date and time is“ use permitted time (local time) ”. For example, in the above example, it is checked whether the target store is “New York, USA” and whether the use date is within “2 hours from 12:00 on March 1, 2004” (local time). (See FIG. 15-2).

  The card settlement processing unit 53e is a processing unit that performs a settlement of a commercial transaction using a credit card (card settlement processing) in response to an approval inquiry for “card settlement processing” from the card dealer terminal 30. For example, the usage status check unit 53d determines that the “usability status” is “permitted”, the usage target store is “New York, USA”, and the usage date is “from 12:00 on March 1, 2004. If it is within 2 hours (local time), settlement of the business transaction by credit card (card settlement processing) is performed, and a “card settlement completion notification” (use permission response for the card) is transmitted to the card dealer terminal 30. At the same time, the card settlement information (for example, information such as card number, card usage amount, store, usage date and time) is transmitted to the host computer 20 of the credit company. Also, the availability check section 53d indicates that the “usability status” is “not permitted”, the usage target store is not in “New York, USA”, or the usage date is “March 1, 2004, 12:00. If it is outside of “2 hours” (local time), the card dealer terminal 30 is replied to the effect of not approving the settlement of the commercial transaction with the credit card (notifying the card settlement process is not accepted).

  The card usage notification unit 53f refers to the subscriber information DB 52a when the card settlement processing unit 53e makes a “card settlement completion notification” to the card handling store terminal 30, and the card subscriber communication terminal 40 and the card usage notification unit 53f. It is a processing unit that notifies the card user's communication terminal of the card usage. Specifically, when the card settlement processing unit 53e makes a “card payment completion notification” to the card handling store terminal 30, the registered address “aaa@user.ne.jp” stored in the subscriber information DB 52a. The card use notification screen 700 (see FIG. 18) is transmitted to the card subscriber's mobile phone and the card user's mobile phone based on the sender address “aaa@user.ne.jp”.

  In this way, when a “card payment completion notification” is issued to the card handling store terminal 30, by referring to the subscriber information DB 52a and notifying the card subscriber's communication terminal 40 of the card usage, for example, Even if the card is illegally used by a third party, the card subscriber can quickly detect the unauthorized use of the card by the third party. In addition, when a “card payment completion notification” is issued to the card handling store terminal 30, the registered communication terminal is notified by making a card usage notification to the communication terminal of the card user with reference to the subscriber information DB 52a. Even when the card subscriber is not at hand, it is possible to check the usage status of the card.

  Further, the card usage notification unit 53f refers to the subscriber information DB 52a and notifies the card subscriber's communication terminal 40 and the card user's communication terminal together with the card usage notification by the usage permission setting unit 53b. Notice for canceling the setting. For example, as in the card usage notification screen 700 (see FIG. 18), together with the notification of the card usage status based on the card payment information, the time limit “2004” of the usage permission time (local time) set by the usage permission setting unit 53b The notice of “March 1st 14:00” is given.

  In this way, the card subscriber's communication terminal and the card user's communication terminal are notified together with the card usage notification, and a notice of cancellation of the “use permission status” setting is made, thereby grasping the card usage status. However, it is possible to confirm the setting status of the “usability status”.

  When the use permission setting unit 53b cancels the “use permission state” setting, the card use permission cancellation notification unit 53g refers to the subscriber information DB 52a and the card subscriber's communication terminal 40 and the card user. Is a processing unit that notifies the communication terminal that the use permission of the card has been revoked. Specifically, when the setting of “use permission state” is canceled by the use permission setting unit 53b, the registration destination address “aaa@user.ne.jp” and the transmission source address “stored in the subscriber information DB 52a” Based on “aaa@user.ne.jp”, a card use permission cancellation notice screen 800 (see FIG. 19) is transmitted to the card subscriber's mobile phone and the card user's mobile phone.

  In this way, when the setting of the use permission state is canceled, by notifying the card subscriber's communication terminal and the card user's communication terminal that the card use permission has been canceled, It is possible to check the setting status of “status”, and it is possible to prevent the card from being used in a status other than “usage permission status”.

  Further, the card usage permission cancellation notification unit 53g refers to the subscriber information DB 52a to notify the communication terminal 40 of the card subscriber and the communication terminal of the card user that the usage permission of the card has been canceled, The card usage history stored in the card usage history DB 52b is notified (see FIG. 19). For this reason, it is possible to detect the unauthorized use of the card by a third party without being overwhelmed by the card subscriber himself / herself in the “use permitted state”.

(Procedures for various processing of the card information management device)
Next, procedures of various processes of the card information management apparatus 50 according to the second embodiment will be described. Here, after explaining the (1) use permission setting process, which is a pre-process for using a card, the settlement of a commercial transaction using a credit card corresponding to this pre-process is performed (2) explaining the card settlement process To do.

(1) Use Permission Setting Process FIG. 20 is a flowchart showing the procedure of the use permission setting process. As shown in the figure, the “use permission setting process” is started when execution of a card use request is accepted via the user interface of the card user's mobile phone (Yes in step S2001). . Here, a case where the card use request reception screen 500 (see FIG. 16) is received as a card use request from the communication terminal of the card user will be described as an example.

  The card user's mobile phone receives an input to the card usage request reception screen 500 via the user interface (step S2002), and the card usage request reception screen 500 (see FIG. 16) that has received the input is used as a card information management device. 50 (step S2003).

  Then, the card information management device 50 receives the card use request reception screen 500 transmitted from the card user's mobile phone via the communication unit 51 (step S2004), and the card user's mobile phone of the transmission source card user. The mail address “aaa@user.ne.jp” is stored in the “source address” field in the subscriber information DB 52a (see FIG. 15-2) (step S2005).

  Subsequently, the card use request authenticating unit 53a receives a card use request including card authentication information from the card user, and based on the card authentication information and the card authentication information stored in the subscriber information DB 52a, It is authenticated whether or not the use request is a card use request from a valid user of the card (step S2006).

  That is, the card number corresponding to the card number “1996 0804 0501 1926” entered on the card use request acceptance screen 500 is searched from the subscriber information DB 52a and confirmed to be the card number of the card subscriber “aaa”. Thereafter, it is determined whether or not the personal identification number “1234” included in the card use request matches the personal identification number set by the card subscriber “aaa”. In this case, since the personal identification number “1234” included in the card usage request matches the personal identification number set by the card subscriber “aaa”, the card usage request is a valid user of the card (that is, The card subscriber "aaa") is authenticated as a card use request.

  When the card use request authentication unit 53a authenticates that the card use request is not a card use request from a valid user of the card (that is, the card subscriber “aaa”) (No in step S2007). Then, an error message (message indicating that there is an error in the card authentication information) is transmitted to the card dealer terminal 30 (step S2008), and the card user's mobile phone receives the error message (step S2009). ).

  On the other hand, when the card use request authentication unit 53a authenticates that the card use request is a card use request from a valid user of the card (that is, the card subscriber “aaa”) (Yes in step S2007), The use permission setting unit 53b performs a use permission setting process for setting the “use permission state” of the card stored in the subscriber information DB 52a to the “use permission state” (step S2010).

  More specifically, the field of “usability status” of the card subscriber “aaa” in the subscriber information DB 52a is rewritten to “permitted” (see FIG. 15-2), and the card user request acceptance screen is displayed by the card user. As the use condition of the card entered in 500, the use permission area “US, New York” and the use permission time (local time) “2 hours from 12:00 on March 1, 2004” in the subscriber information DB 52a Write in the “Region” and “Usage Allowed Time” fields (see FIG. 15-2).

  Then, the card use permission notifying unit 53c joins the card based on the registration destination address “aaa@user.ne.jp” and the transmission source address “aaa@user.ne.jp” stored in the subscriber information DB 52a. Card use permission notification screen 600 (see FIG. 17) is transmitted to the user's mobile phone and the card user's mobile phone (step S2011), and this card use permission is sent to the card subscriber's mobile phone and the card user's mobile phone. The notification screen 600 is received (step S2012) and output (step S2013).

  Therefore, according to the card information management device 50 according to the second embodiment, the card can be used only for the area intended by the card subscriber and the use permission time corresponding to the area, and the card by a third party can be permitted. It is possible to prevent unauthorized use of the Internet more reliably.

  Further, according to the card information management device 50 according to the second embodiment, even if the “usable / unusable state” of the card is set to the “usable state” by a third party, the card subscriber It is possible to detect fraudulent acts by a person before the card is illegally used, and it is possible to reliably protect the card subscriber from unauthorized use of the card by a third party.

  Further, according to the card information management device 50 according to the second embodiment, even when the registered communication terminal is not in the hand of the card subscriber, the “usability status” of the card is set to “usage permitted status”. It becomes possible to confirm.

(2) Card Payment Processing FIG. 21 is a flowchart showing the card payment processing procedure. As shown in the figure, this “card payment processing” is started when a request for card payment processing is received from the card user at the card dealer terminal 30 (Yes in step S2101). Makes an inquiry for approval of the card payment processing including the card authentication information of the card user to the card information management device 50 (step S2102).

  When the use status check unit 53d receives an approval inquiry for card payment processing including card authentication information of the card user from the card dealer terminal 30 (step S2103), the card authentication included in the approval inquiry is received. Whether or not the “usable / unusable state” of the card corresponding to the information is the “usable state” is determined by referring to the subscriber information DB 52a (step S2104).

  That is, when an approval inquiry of “card payment processing” including the card number “1996 0804 0501 1926” of the card subscriber “aaa” is received as the card authentication information of the card user from the card dealer terminal 30, the approval inquiry The “usability status” corresponding to the card number included in the card is checked as “permitted” (see FIG. 15-2), and the usage condition of the card is set by the usage permission setting unit 53b. Then, an authorization inquiry of “card payment processing” including information such as the store and use date and time as card payment information of the card user is received from the card handling store terminal 30, and the use target store is in “US, New York” In addition, it is checked whether the use date is within “2 hours from 12:00 on March 1, 2004” (local time) (see FIG. 15-2).

  Here, when the availability check state 53d checks that the “use availability status” is “not permitted” (No in step S2105), the use target store is not in “United States, New York” or the use date and time. Is confirmed to be outside of “2 hours from 12:00 on March 1, 2004” (local time) (No in step S2108), the card settlement processing unit 53e does not approve the settlement of the commercial transaction by credit card. (Card payment processing approval failure notification) is transmitted to the card dealer terminal 30 (step S2106), and the card payment processing terminal terminal 30 receives this card payment processing approval failure response notification (step S2107). ).

  On the other hand, the availability check unit 53d checks that the “use availability” is “permitted” (Yes in step S2105), the use target store is “New York, USA”, and the use date is “2004”. When it is verified that it is within “two hours from 12:00 on March 1” (local time) (Yes in step S2108), the card settlement processing unit 53e performs settlement of a commercial transaction by credit card (card settlement processing) ( In step S2109, a “card payment completion notification” (card use permission response) is transmitted to the card dealer terminal 30 (step S2110), and the card dealer terminal 30 receives this “card payment completion notice”. (Step S2111).

  Further, the card payment processing unit 53e transmits card payment information (for example, information such as a card number, a card usage amount, a store, a usage date and time) to the host computer 20 of the credit company (step S2112).

  Then, the card usage notification unit 53f uses the registered address “aaa@user.ne.jp” and the source address “aaa@user.ne.jp” stored in the subscriber information DB 52a to The card use notification screen 700 (see FIG. 18) is transmitted to the mobile phone and the card user's mobile phone (step S2113). Specifically, as in the card usage notification screen 700 (see FIG. 18), the usage permission time (local time) set by the usage permission setting unit 53b is notified together with the card usage status notification based on the card payment information. A notice of advance notice about “14:00 on March 1, 2004” is given.

  Also, the card subscriber's mobile phone and the card user's mobile phone receive this card usage notification screen 700 (step S2114) and output it (step S2115).

  Thereafter, if the card use permission time (14:00 on March 1, 2004) has elapsed (Yes at Step S2116), the card use permission cancellation notification unit 53g stores the registered address “aaa” stored in the subscriber information DB 52a. @ User.ne.jp ”and the sender address“ aaa@user.ne.jp ”on the card subscriber's mobile phone and the card user's mobile phone 800 (see FIG. 19). ) Is transmitted (step S2117). Specifically, referring to the subscriber information DB 52a, the card subscriber's communication terminal 40 and the card user's communication terminal are notified that the card usage permission has been revoked and stored in the card usage history DB 52b. The usage history of the card is notified.

  Then, the card subscriber's mobile phone and the card user's mobile phone receive this card use permission cancellation notice screen 800 (step S2118) and output it (step S2119).

  As described above, according to the card information management apparatus 50 according to the second embodiment, when the card usage request is a card usage request from a valid user of the card, the usage permission status of the card is permitted. The card payment process is allowed when the card usage status is set to the usage-permitted state, so that the card can be used only when the card subscriber intends. It becomes possible to prevent unauthorized use of the card by the three parties.

  Although the first to second embodiments of the present invention have been described so far, the present invention is not limited to the above-described embodiments, and various other embodiments are within the scope of the technical idea described in the claims. May be implemented.

  For example, in the first and second embodiments, the payment system using a credit card has been described, but the same applies to a debit card payment system that performs immediate payment using a cash card issued by a financial institution such as a bank or a post office. Can be applied to.

  Also, in the first embodiment, as shown in FIG. 2, each process in the control unit 13 (usability determination unit 13a, card settlement processing unit 13b, card usage notification unit 13c, additional number setting reception unit 13d, PIN change) Although the card information management device 10 that performs the processing in the reception unit 13e and the card stop reception unit 13f in a collective manner has been described, the present invention is not limited to this, and as shown in FIG. The card authentication device 60 that performs “determination processing” and “card payment processing” and the card information management device 70 that performs “card use notification processing” according to the present invention may be distributed.

  That is, the card information management device 70 is determined to permit the card user to use the card by the use determination unit 63a in the card authentication device 60, and the card settlement processing unit 63b settles the commercial transaction (card settlement processing) by the credit card. ), The address of the card subscriber's communication terminal 40 corresponding to the card user's card authentication information transmitted from the card dealer terminal 30 is sent to the subscriber information via the communication unit 61 and the communication unit 71. A card usage notification unit 72a that extracts from the DB 62a and notifies the extracted address destination of usage of the card is provided. As described above, the card information management apparatus 70 according to the present invention is connected to the card authentication apparatus 60 that performs the existing “usability determination process” and “card payment process”, so that the first embodiment relates. The same effect as the card information management apparatus 10 can be obtained.

  In the first embodiment, when an additional number is added to the card number assigned to the card, the additional number “1472” is added to the end of the original card number (for example, “1996 0804 0501 1926”). Although the embodiment to be added has been described, the present invention is not limited to this, and any method can be adopted as the method of adding numbers “1”, “2”, “4”, and “7”. be able to. In this connection, in the first embodiment, the additional number is a “four-digit” number, but an additional number having an arbitrary number of digits can be adopted.

  In the second embodiment, as shown in FIG. 14, each process in the control unit 53 (card use request authenticating unit 53a, use permission setting unit 53b, card use permission notifying unit 53c, use availability checking unit 53d, card The card information management device 50 that performs the processing in the settlement processing unit 53e, the card usage notification unit 53f, and the card usage cancellation notification unit 53g is described. However, the present invention is not limited to this, and FIG. As shown, a card authentication apparatus 80 that performs processing related to “authentication” and “card payment” (“card use request authentication processing”, “use permission setting processing”, and “card payment processing”) in the second embodiment, In the second embodiment, processing related to “notification” (“card usage permission notification processing”, “card usage notification processing”, and “card usage permission cancellation notification processing”). ") May be formed by dispersing into the card information management apparatus 90 that performs.

  In other words, the card information management device 90 refers to the subscriber information DB 82a when the “usable / unusable state” of the card is set to “usable state” by the use permission setting unit 83b in the card authentication device 80. A card handling terminal by a card use permission notifying unit 92a that notifies the card subscriber's communication terminal 40 and the card user's communication terminal that the card use is permitted, and a card settlement processing unit 83e in the card authentication device 80. When a “card settlement completion notification” is issued to the card 30, a card use notification unit that notifies the card subscriber's communication terminal 40 and the card user's communication terminal with reference to the subscriber information DB 82 a 92b and the use permission setting unit 83b in the card authentication device 80 set the “use permission state”. A card usage permission cancellation notification unit 92c that refers to the subscriber information DB 82a and notifies the card subscriber's communication terminal 40 and the card user's communication terminal that the card usage permission has been canceled. Is provided.

  In this way, the card authentication device 80 that performs the “card use request authentication process”, “use permission setting process”, and “card payment process” is sent to the “card use permission notification process”, “card use notification process”, and “card use notification process”. By connecting the card information management device 90 that performs “permission cancellation notification processing”, the same effect as the card information management device 50 according to the second embodiment can be obtained.

  Further, in the first and second embodiments, the card handling terminal has been described as an example of handling the use of a card at a terminal installed in a card dealer. However, the present invention is not limited to this, Any terminal having an authentication information reading function can be similarly applied. For example, the present invention can be similarly applied to an automatic teller machine such as an ATM installed in a predetermined place or a convenience store.

  In the second embodiment, the “use permission setting process” for accepting a “card use request” for one card and setting the “usable / unusable state” of one card to the “usable state” has been described. However, the present invention is not limited to this, and card usage requests for a plurality of cards may be accepted at one time to perform “use permission setting processing”, or a card usage request for one card may be accepted. At this time, “use permission setting processing” may be performed for a plurality of cards.

  More specifically, for each card owned by the card subscriber, the card authentication information and the availability status of the card are stored in association with each other, and the card usage request is a card usage request from a valid user of the card. If the card is authenticated, the “usability status” of each card is set to “usage permission status”. For example, in the example shown in FIG. 15A, the card authentication information and the card with the card number “1996 0804 0501 1926” and the card number “1998 1003 0902 2400” owned by the card subscriber “aaa” When the “usable / unusable state” of the card is stored in association with each other, the card request is accepted for one card request, and the card use request is authenticated as a card use request from an authorized user of the card For both such cards, the “usability status” is set to “usage permission status”. In other words, by making a card use request for one card, it is possible to collectively shift to a use permission state for a plurality of cards.

  In the second embodiment, a portable mobile phone has been described as an example of a communication terminal for a card user and a card subscriber. However, the present invention is not limited to this and is not limited to a specific place. It may be a fixed communication device. For example, the same effect can be obtained by arranging a communication terminal for making a card use request in a card store and accepting the card use request by the communication terminal.

  Further, in the second embodiment, the use permission area and the use permission time corresponding to the area are accepted as the card use conditions accepted when the card use request is made. However, the present invention is limited to this. Rather, the usage conditions such as the usage amount, the number of times of usage, and the sales form of the store that is the object of the transaction (for example, in-store sales, sales using the network, etc.) may be accepted. You may make it accept.

  In addition, among the processes described in this embodiment, all or part of the processes described as being performed automatically can be performed manually, or the processes described as being performed manually can be performed. All or a part can be automatically performed by a known method. In addition, the processing procedure, control procedure, specific name, and information including various data and parameters shown in the above-described document and drawings can be arbitrarily changed unless otherwise specified.

  Further, each component of each illustrated apparatus is functionally conceptual, and does not necessarily need to be physically configured as illustrated. In other words, the specific form of distribution / integration of each device is not limited to that shown in the figure, and all or a part thereof may be functionally or physically distributed or arbitrarily distributed in arbitrary units according to various loads or usage conditions. Can be integrated and configured. Further, all or a part of each processing function performed in each device is realized by a CPU and a program that is analyzed and executed by the CPU.

  The card information management method described in this embodiment can be realized by executing a program prepared in advance on a computer such as a personal computer or a workstation. This program can be distributed via a network such as the Internet. The program can also be executed by being recorded on a computer-readable recording medium such as a hard disk, a flexible disk (FD), a CD-ROM, an MO, and a DVD and being read from the recording medium by the computer.

  As described above, according to the present invention, the card authentication information of the card user received from the card handling terminal that handles the use of the card and the card authentication information of the card subscriber who is a valid user of the card. Card information management apparatus, card information management method, card information management program, card information management method, card information management method and card information management apparatus that are useful for card information management method and card information management program Suitable for the program.

1 is a system configuration diagram illustrating a configuration of a credit card settlement system according to a first embodiment. 1 is a block diagram illustrating a configuration of a card information management device according to a first embodiment. It is a figure which shows an example of subscriber information DB shown in FIG. It is a figure which shows an example of subscriber information DB shown in FIG. It is a figure which shows an example of subscriber information DB shown in FIG. It is a figure which shows an example of card utilization log | history DB shown in FIG. It is a figure which shows an example of the PIN code pattern storage table shown in FIG. It is a figure which shows an example of a card utilization notification screen. It is a figure which shows an example of an additional number setting screen. It is a figure which shows an example of a PIN code change screen. It is a figure which shows an example of a PIN code change screen. It is a figure which shows an example of a card | curd stop reception screen. It is explanatory drawing for demonstrating the Example which uses an additional number as card | curd authentication information. It is explanatory drawing for demonstrating the Example which uses an additional number as card | curd authentication information. It is a flowchart which shows the procedure of a card use notification process. It is a flowchart which shows the procedure of an additional number setting reception process. It is a system configuration | structure figure which shows the structure of the credit card payment system which concerns on the present Example 2. FIG. It is a block diagram which shows the structure of the card information management apparatus which concerns on the present Example 2. FIG. It is a figure which shows an example of subscriber information DB shown in FIG. It is a figure which shows an example of subscriber information DB shown in FIG. It is a figure which shows an example of a card utilization request reception screen. It is a figure which shows an example of a card utilization permission notification screen. It is a figure which shows an example of a card utilization notification screen. It is a figure which shows an example of a card utilization permission cancellation notification screen. It is a flowchart which shows the procedure of a use permission setting process. It is a flowchart which shows the procedure of a card payment process. It is a block diagram which shows the structure of the modification of the card information management apparatus which concerns on this invention. It is a block diagram which shows the structure of the modification of the card information management apparatus which concerns on this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Credit network 2 Merchant network 3 Internet 10 Card information management apparatus 11 Communication part 12 Memory | storage part 12a Subscriber information DB
12b Card usage history DB
12c PIN number pattern storage table 13 Control unit 13a Usage availability determination unit 13b Card payment processing unit 13c Card usage notification unit 13d Additional number setting reception unit 13e PIN number change reception unit 13f Card stop reception unit 20 Host computer 30 Card dealer terminal 40 Communication terminal 50 Card information management device 51 Communication unit 52 Storage unit 52a Subscriber information DB
52b Card usage history DB
53 Control Unit 53a Card Usage Request Authentication Unit 53b Usage Permission Setting Unit 53c Card Usage Permission Notification Unit 53d Usage Availability Check Unit 53e Card Payment Processing Unit 53f Card Usage Notification Unit 53g Card Usage Permission Cancellation Notification Unit 60, 80 Card Authentication Device 70 , 90 card information management device

Claims (18)

A card information management device that manages card authentication information of a card user received from a card handling terminal that handles card use and card authentication information of a card subscriber who is a valid user of the card,
Subscriber information storage means for storing the card authentication information and the address of the communication terminal of the card subscriber in association with each card subscriber;
When the card authentication information of the card user is received from the card handling terminal, the address of the communication terminal of the card subscriber corresponding to the card authentication information is extracted from the subscriber information storage means, and the extracted address A card usage notification means for making a usage notification of the card first;
A card information management device comprising: Additional number setting accepting means for accepting setting of an additional number to be added to the card number assigned to the card from the communication terminal of the card subscriber when the card utilization notice is made by the card use notifying means. Further comprising
The subscriber information storage unit adds the additional number received by the additional number setting reception unit to the card number, and stores the card number to which the additional number is added as card authentication information. Item 2. The card information management device according to Item 1. A card information management device connected via a network to a card handling terminal that handles card usage,
Subscriber information storage means for storing the card authentication information and the availability status of the card in association with each card subscriber;
Upon receiving a card use request including card authentication information from the card user, the card use request is based on the card authentication information and the card authentication information stored by the subscriber information storage means. A card use request authenticating means for authenticating whether or not a card use request is received from a person;
When the card use request authentication means authenticates that the card use request is a card use request from a valid user of the card, the card use availability state stored by the subscriber information storage means is used. Use permission setting means for setting the permission state;
When an approval inquiry for payment processing including card authentication information of a card user is received from the card handling terminal, the use permission state of the card corresponding to the card authentication information included in the approval inquiry is a use permission state. Availability checking means for checking whether or not referring to the subscriber information storage means,
A use permission response notifying means for notifying the card handling terminal of a use permission response to the card handling terminal when the use permission status is checked by the use permission status checking means;
A card information management device comprising:   The use permission setting means cancels the setting of the use permission state stored by the subscriber information storage means when a predetermined time has elapsed after setting the card use permission state to the use permission state. The card information management device according to claim 3. The subscriber information storage means stores the address of the communication terminal of the card subscriber in association with each card subscriber,
When the use permission setting means sets the card use permission / non-use state to the use permission state, the card subscriber's communication terminal is notified of the card use permission by referring to the subscriber information storage means. 5. The card information management apparatus according to claim 3, further comprising card usage permission notifying means. The subscriber information storage means stores an address of a communication terminal of the card user when receiving a card use request including card authentication information from the card user,
The card use permission notifying means refers to the subscriber information storage means when the card use permission / non-use state is set to the use permission state by the use permission setting means. The card information management apparatus according to claim 5, wherein the card information management apparatus notifies that usage is permitted.   When the use permission response notification means notifies the card handling terminal of the use permission response of the card, the card subscriber communication terminal and / or the card user with reference to the subscriber information storage means The card information management apparatus according to claim 6, further comprising card usage notification means for performing card usage notification to the communication terminal.   When the use permission setting is canceled by the use permission setting means, the card use permission is referred to the communication terminal of the card subscriber and / or the communication terminal of the card user with reference to the subscriber information storage means. The card information management device according to claim 6 or 7, further comprising card usage permission cancellation notification means for notifying that the card has been canceled.   The card usage notifying means refers to the subscriber information storage means and uses the card subscriber's communication terminal and / or the card user's communication terminal together with the card usage notification and the usage permission status by the usage permission setting means. The card information management apparatus according to claim 7 or 8, wherein a notice of advance notice regarding cancellation of the setting is performed. Card usage history storage means for storing card usage history is further provided for each card subscriber,
The card use permission revocation notification means refers to the subscriber information storage means and notifies the card subscriber's communication terminal and / or the card user's communication terminal that the card use permission has been revoked. 10. The card information management apparatus according to claim 8, wherein the card usage history stored by the card usage history storage means is notified. A card usage request including card authentication information is received from the card user, and further includes a usage condition setting accepting unit that accepts a usage permission area and a usage permission time setting corresponding to the area as a usage condition of the card,
The use permission setting means limits the use status of the card stored by the subscriber information storage means to the use permission area received by the use condition setting receiving means and the use permission time corresponding to the area. The card information management device according to any one of claims 3 to 10, wherein the card information management device is set in a use permission state. The subscriber information storage means stores the card authentication information and the availability status of the card in association with each card owned by the card subscriber,
The use permission setting means is stored by the subscriber information storage means when the card use request authentication means authenticates that the card use request is a card use request from an authorized user of the card. The card information management device according to any one of claims 3 to 11, wherein a use permission state of each card is set to a use permission state. A card information management method for managing card authentication information of a card user received from a card handling terminal handling card use and card authentication information of a card subscriber who is a valid user of the card,
A subscriber information registration step for registering card authentication information and the address of the communication terminal of the card subscriber in the subscriber information storage means in association with each card subscriber;
When the card authentication information of the card user is received from the card handling terminal, the address of the communication terminal of the card subscriber corresponding to the card authentication information is extracted from the subscriber information storage means, and the extracted address A card usage notification process that first notifies the card usage;
Card information management method characterized by comprising: A card information management method connected via a network to a card handling terminal that handles card usage,
For each card subscriber, a subscriber information registration step of registering card authentication information and the availability status of the card in the subscriber information storage means in association with each other,
Upon receiving a card use request including card authentication information from the card user, the card use request is legitimate use of the card based on the card authentication information and the card authentication information registered in the subscriber information storage means. A card use request authentication process for authenticating whether or not a card use request is received from a person;
When the card use request authentication step authenticates that the card use request is a card use request from an authorized user of the card, the card use availability state registered in the subscriber information storage means is used. A use permission setting step for setting the permission state;
When an approval inquiry for payment processing including card authentication information of a card user is received from the card handling terminal, the use permission state of the card corresponding to the card authentication information included in the approval inquiry is a use permission state. Whether or not to check whether or not it is possible to refer to the subscriber information storage means,
A use permission response notifying step of notifying the card handling terminal of a use permission response of the card when the use permission state of the card is checked by the use permission state checking step;
Card information management method characterized by comprising:   The use permission setting step cancels the use permission state setting registered in the subscriber information storage means when a predetermined time has elapsed after setting the card use permission state to the use permission state. The card information management method according to claim 14. A card information management program for managing card authentication information of a card user received from a card handling terminal that handles card use and card authentication information of a card subscriber who is a valid user of the card,
Subscriber information registration procedure for registering the card authentication information and the address of the communication terminal of the card subscriber in the subscriber information storage means in association with each card subscriber;
When the card authentication information of the card user is received from the card handling terminal, the address of the communication terminal of the card subscriber corresponding to the card authentication information is extracted from the subscriber information storage means, and the extracted address A card usage notification procedure to notify the usage of the card first;
Card information management program for causing a computer to execute A card information management program connected via a network to a card handling terminal that handles card usage,
For each card subscriber, a subscriber information registration procedure for registering card authentication information and the availability status of the card in the subscriber information storage means in association with each other,
Upon receiving a card use request including card authentication information from the card user, the card use request is legitimate use of the card based on the card authentication information and the card authentication information registered in the subscriber information storage means. A card use request authentication procedure for authenticating whether or not the card use request is received from the user,
When the card use request authentication procedure confirms that the card use request is a card use request from an authorized user of the card, the card use availability state registered in the subscriber information storage means is used. The usage permission setting procedure to set the permission state,
When an approval inquiry for payment processing including card authentication information of a card user is received from the card handling terminal, the use permission state of the card corresponding to the card authentication information included in the approval inquiry is a use permission state. Whether or not to check whether or not it is possible to check with reference to the subscriber information storage means,
A use permission response notifying procedure for notifying the card handling terminal of a use permission response to the card handling terminal when the use permission status of the card is checked by the use permission status checking procedure;
Card information management program for causing a computer to execute   The use permission setting procedure is characterized in that the setting of the use permission state registered in the subscriber information storage means is canceled when a predetermined time has elapsed after setting the card use permission state to the use permission state. The card information management program according to claim 17.

Images