JP2005327243A - Point system using information terminal - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a system capable of authenticating identification information of a member by means of a network type information terminal such as a portable terminal and accumulating points. <P>SOLUTION: Authentication with authentication information of a database is carried out on an information terminal making an ID issue request, and when authentication is established, an ID is generated by using a variable numerical expression using a time as a variable or random number to the ID issue request. The generated ID is transformed into an electronic image to be transmitted to the information terminal. When it is determined that an ID which is given by decoding the electronic image transmitted from the information terminal corresponds to the generated ID, member information stored in the database is offered. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a point system using an electronic authentication system using a network type information terminal and a network type authentication terminal.

  Various services are provided to registered members by giving points according to the purchase amount. Since the accumulation of points is often done by card, if you do not bring the card to the store, you will not be awarded points, and if you lose the card, the number of points accumulated so far will become invalid there were.

  For this reason, there has been proposed a method of accumulating points using an information terminal such as a mobile phone that is not always lost and is always carried so that points can be accumulated without using a card (for example, Patent Document 1). . This method is a device that provides a dedicated connection interface and reads mobile phone information. However, it is difficult to attach a dedicated interface for each cash register in terms of locational problems and the cost of deploying equipment. there were.

Further, as a problem when diverting or operating a conventional point system as a network type electronic point system and an electronic money settlement method, the same ID is transmitted to an information terminal which has issued an authentication ID issue request. This method is not suitable for operation as a commercial service involving money because the customer authentication ID is specified and can be easily duplicated or tampered.
JP 2003-173473 A

  Therefore, the present invention uses a network type information terminal such as a portable terminal to authenticate member identification information and accumulate points even if the card is not brought or lost. It aims to provide a system that can be used. At that time, measures are taken to safely manage customer information.

In order to achieve the above object, according to the first aspect of the present invention, a database storing member authentication information and member information in association with each other, and an authentication transmitted from an information terminal which has issued an ID issue request Based on the information and authentication information stored in the database, an authentication means for performing authentication, and when authentication is established, a variable expression or a random number using time as a variable for the ID issue request is used. ID generating means for generating an ID according to the above, conversion means for encoding the generated ID into an electronic image, storage means for storing the generated ID in the database, and information obtained from the converted electronic image An image analysis device that reads and decodes an electronic image from a terminal and extracts an ID, and the extracted ID matches the ID stored by the storage means Detecting means for detecting a Rukoto, if the matching is detected, a point system, in which an information providing means for providing a member information stored in the database.

  The present invention is a technology that allows an existing point system using a card to be safely transferred to a network type system, enables both methods to be used together, and is applicable to online shopping and catalog shopping.

  The ID created by the present invention is created in response to the ID creation request from the information terminal held by the member, apart from the member's fixed authentication ID, so that others cannot easily duplicate or falsify, Since it is created each time using a special mathematical formula or random number, identification of the ID can be prevented and customer information can be strictly managed.

  Since customer information is collectively managed by a server, an ID is generated and transmitted in response to a member's request, so that data is not written to the information terminal. Therefore, even if the electronic information received by the information terminal from the server is intercepted or exploited, the ID is created so that the ID fluctuates in the authentication time, so the falsified and copied data is authenticated by others. And customer data is guaranteed to be safe.

  Since the ID is created based on the time to access the web server, the time until the ID is displayed on the member's information terminal is not constant, and it is impossible to duplicate and falsify the ID or specify the ID. is there.

  Since the authentication time is limited, the validity period of the ID is short, and it is impossible to specify an ID and generate an ID by fraud.

  Like the conventional membership system, the customer fills in the application form and the store side manually inputs information based on the contents of the application form, so there is no need to create a database. Since the information input by is directly transmitted to the server, work efficiency can be improved and input errors on the store side can be prevented.

  The registration information of the customer is electronically registered in the database, and the customer can easily change the registration content of the database using TCPIP, which is a joint protocol, as necessary. Therefore, it is possible to release the complexity that has been required when changing customer information, and to simplify the change work and improve the work efficiency.

  Since data can be easily changed via the network, the information is constantly updated and efficient marketing can be performed.

  By linking the ID created by the present invention, the member's existing ID, and the credit member ID on the server, it becomes possible to use in conjunction with shopping on the network and catalog mail order.

  Hereinafter, a point system using an information terminal according to an embodiment of the present invention will be described with reference to the drawings.

  FIG. 1 is a diagram showing a point system using an information terminal according to an embodiment of the present invention. In the figure, the contents of data transmitted and received by each means are shown. In the figure, a POS communication server 1, a database server 2, an authentication server 3, an encoding server 4, an information terminal 5, a POS system 6, an image analysis device 7, a kiosk terminal 8, and a web server 9 are connected via the Internet. .

  FIG. 2 shows a screen displayed on the information terminal. (A) shows a member authentication screen displayed at the time of an ID issue request, (b) shows a transmitted electronic image information display screen, and (c) shows a point number confirmation screen.

  The web server 9 is a server that members access via the Internet. Information input and ID issuance request for member registration are made through this server.

  The authentication server 3 is an authentication unit that receives a member ID issuance request and collates with authentication information recorded in the database server 2. After the authentication, the database server 2 creates an ID. Member information and authentication information are stored in the database server 2, and when creating an ID, a fixed authentication ID that is individual member authentication information, a time from an ID issuance request to authentication, etc. are used, and the time is used as a variable. A one-time ID is created using a variable formula or random number. A one-time ID is created each time an ID issuance request is issued, and it is difficult to specify or duplicate by another person.

  The encoding server 4 is conversion means for encoding the ID created by the database server 2 into an electronic image such as a dot matrix or a barcode. A WEB page on which the one-time ID is encoded and an electronic image is posted is created. The web server 9 transfers the URL of the WEB page to the information terminal 5. The member accesses the URL and displays the electronic information on his / her information terminal 5.

  Note that the URL is invalidated after the set time has elapsed. Since the URL is encrypted with 128 bits at all stages, it cannot be specified.

  It is also possible to display the electronic image on the member's information terminal 5 by attaching the electronic image to a mail addressed to the member.

  The image analysis device 7 reads the electronic image displayed on the screen of the information terminal 5 and decodes the electronic image. The POS 6 transmits the numerical value decoded by the image analysis device 7 to the POS communication server 1, and the POS communication server 1 makes an authentication request to the database server 2 and collates the decoded numerical value with the one-time ID, thereby authenticating the authentication means. It is composed. After authentication, the database server 2 searches for member information and transmits it to the POS 6 via the POS communication server 1. The POS 6 transmits points for the amount adjusted by the member to the database server 2 via the POS communication server 1, and the database server 2 updates and rewrites the data.

  In addition, in the time from receiving the ID issuance request of the information terminal 5 until the electronic information is displayed on the information terminal 5, when the time elapsed based on a certain point exceeds the preset time, The created one-time ID is invalidated. This can prevent an act of illegally creating an ID.

<Example 1>
In using the point card system of the present invention, the member needs to input unique identification information in advance. First, the customer uses the information terminal 5 to register, sends a mail to a predetermined electronic mail address, or accesses a designated URL to make a member registration request.

  Upon receiving the request, the web server 1 registers the customer's email address in the database server 2 and transmits the URL of the member registration form to the customer's email address. The customer accesses the URL, inputs predetermined information about personal information such as address, name, age, date of birth, etc., and transmits it to the database server 2. At this time, an environment variable such as a manufacturing number of the information terminal 5 used by the customer for registration is added to the registration information, and is transmitted to the database server 2 and registered. This completes customer membership registration.

  FIG. 3 is a diagram showing a database in the database server.

  As shown in the figure, the database server 2 in the database server 2 includes authentication information (fixed ID, password, one-time ID) and member information (e-mail address, address, name, information) used for authentication for each member. Device serial numbers, points, etc.) are stored in association with each other.

  The fixed ID and password are used as login information when acquiring a one-time ID. A description of the one-time ID will be described later.

  Next, a member will describe a method of using the service with reference to the flowcharts of FIGS. When a member wants to receive a service, he / she accesses a predetermined URL (S1), inputs predetermined information such as a fixed authentication ID and password of the individual member on the login page shown in FIG. To the authentication server 3. The authentication server 3 authenticates the information registered in the database server 2 and the transmitted information (S3), and if it is authenticated, based on the fixed authentication ID of the individual member, the variable type using time as a variable A one-time ID is created using mathematical formulas and random numbers (S4). This created one-time ID is stored in the database of the database server. On the other hand, if authentication is not permitted in S3, the process returns to S2. The authentication in S3 is established when the authentication information registered in the database server 2 matches the transmitted authentication information.

  The one-time ID is any time from the stage when the member accesses the server to the stage where the one-time ID is generated, such as the time when the information terminal 5 makes an ID issue request or the time when the one-time ID is generated. It can be created by adding to the existing ID number.

  For example, when the existing fixed ID owned by the individual member is No. 12345789, and an ID issuance request is made at 16:25:32, 123456789 + 162532 = 123169321. In order to reduce the generation of the same ID, when the same number is generated, for example, 1231619321 + 9000000000, the numbering is performed until there is no duplication. The time to add to the existing fixed ID owned by the individual member may be based on any time from when the ID issuance request is made until ID is created.

  In addition, any number of existing fixed IDs owned by individual members and the number of digits under the httpd process ID or all digits, or a boot stored in units of 1 / 100th of a second called the jiffie counter And one-time ID can be used using the time since reboot.

  Furthermore, a one-time ID can be created by adding a random number to an existing fixed ID owned by a member. If the same number is generated, numbering is performed until there is no overlap.

  As shown in FIG. 2 (c), by inputting predetermined information such as a member's fixed authentication ID and password, and after authentication, the database stored in the database server 2 is searched. It is also possible to check the balance of the number.

  The one-time ID is encoded by the encoding server 4 into an electronic image (barcode) such as a dot matrix or a barcode (S5). The web server 9 transmits an encrypted URL indicating the WEB page of the electronic image encoded to the information terminal 5 (S6).

  Next, whether or not the time elapsed from receiving the ID issuance request of the information terminal 5 until the electronic information is displayed on the information terminal 5 exceeds a preset time. (S7), if it is determined that the time has passed, the one-time ID is invalidated by a process such as deleting from the database (S8).

  Next, authentication using a one-time ID will be described.

  The information terminal 5 that has received the transmission displays the electronic image on the screen as shown in FIG. 2B by accessing the URL, and the electronic image displayed on the screen is displayed on the store cash register or the kiosk terminal 8. Image analysis is performed using the provided image analysis device 7. The numerical value that has been analyzed and decoded is sent from the point-of-sale POS system 6 to the database server 2 via the POS communication server 1 to make an authentication request. The database server 2 receives the authentication request including the decoded numerical value (S11), and is authenticated with the one-time ID stored in the database server 2. Specifically, authentication is performed based on whether or not the received decoded numerical value matches the one-time ID stored in the database (S12). Thereafter, it is determined whether or not the authentication is established (S13). When the authentication is established, the member information associated with the authentication information is transmitted to the POS system 6 via the POS communication server 1 (S14).

  The POS system 6 transmits the information on the amount settled by the member to the database server 2 via the POS communication server 1, and when the database server 2 receives the amount information, it is stored in the database according to the received amount information. The point is rewritten (S15).

  In the present embodiment, the case where login is performed using authentication information has been described, but member information (for example, the serial number of the information terminal) may be used as an authentication condition for login. In this case, the member information is included in the ID issuance request, and authentication is performed by comparing with the member information recorded in the database.

<Example 2>
The present invention can be used in combination with shopping on a network and catalog mail-order sales offline.

  The service provider converts the amount per point in advance and sets a product corresponding to a predetermined point. When a member purchases a favorite product, the member can use the number of points as a discount amount or exchange it for a specific product by accumulating points. At that time, using the registered information terminal 5 such as a mobile phone or a computer, the member's personal authentication ID or password is entered into the web server 9 to authenticate the member, and then order information of the product. Is transmitted to the web server 9.

  The web server 9 checks the number of points by collating with the member registration information of the database server 2 and transmits an order confirmation and approval mail to the mail address of the member. When the member who has received the email accesses the URL described in the body of the email, confirms the order contents, and clicks the approval button, the unique identification information of the information terminal 5 is transmitted to the server. The information terminal 5 is authenticated. Thereafter, the order information and the number of points used are recorded in the database server 2.

  If the number of points does not reach the amount of the purchased product, the customer's order is recorded in the database server 2, and at the same time, the customer ID of the credit and the order authentication record are transmitted to the credit company server. Make a credit request.

  The credit company transmits information indicating that the credit request has been approved to the registered information terminal 5 of the customer via electronic mail. In addition, the credit company server transmits approval information to the server of the present system via the Internet.

  When delivering the ordered product to the member who is the orderer, the order of the customer is recorded in the database server 2 and at the same time, the information on the ordered product and the customer information associated with the transmission are transmitted to the merchant handling the product. This is done by sending the merchandise to the member who ordered the merchandise after confirming the order.

  Information transmission / reception and data storage can be used in combination with SSL, VPN, RSA, AES, and other existing security as required.

  Note that the present invention is not limited to the above-described embodiment as it is, and can be embodied by modifying the components without departing from the scope of the invention in the implementation stage. In addition, various inventions can be formed by appropriately combining a plurality of components disclosed in the embodiment. For example, some components may be deleted from all the components shown in the embodiment. Furthermore, constituent elements over different embodiments may be appropriately combined.

It is a figure which shows the point system using the information terminal which concerns on embodiment of this invention. It is a figure which shows the screen displayed on an information terminal. It is a figure which shows the database in a database server. It is a flowchart for demonstrating operation | movement of the point system which concerns on embodiment of this invention. It is a flowchart for demonstrating operation | movement of the point system which concerns on embodiment of this invention.

Explanation of symbols

1 POS Communication Server 2 Database Server 3 Authentication Server 4 Encoding Server 5 Information Terminal 6 POS
7 Image analysis device 8 Kiosk terminal 9 Web server

Claims (3)

A database for storing member authentication information and member information in association with each other;
Authentication means for performing authentication based on the authentication information transmitted from the information terminal that issued the ID issuance request and the authentication information stored in the database;
An ID generating means for generating an ID by using a variable mathematical expression or a random number using a time as a variable in response to the ID issue request when authentication is established;
Conversion means for encoding the generated ID into an electronic image;
Storage means for storing the generated ID in the database;
An image analysis device that reads and decodes an electronic image from an information terminal that has acquired the converted electronic image, and extracts an ID;
Detection means for detecting that the extracted ID matches the ID stored by the storage means;
A point system comprising information providing means for providing member information stored in the database when a match is detected. The converting means further creates a web page of the encoded electronic image,
The point system according to claim 1, wherein the information terminal acquires an electronic image by accessing a URL of the created WEB page.   The generated ID is based on any point in time from when the information terminal makes an ID issuance request until the information terminal acquires electronic information, and a certain time has passed since the reference point. The point system according to claim 1, wherein the point system is invalidated later.

Images