JP2005339399A - Illegality prevention system in terminal for transaction - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an illegality prevention system in a terminal for transaction capable of surely preventing a damage by actual illegal alteration by detecting illegality to the terminal for transaction and assuming that the illegal alteration is performed from evidence of the illegality. <P>SOLUTION: When the evidence of removal of a control unit 365, etc. is detected by a control unit removal detection sensor 312, a fact that the illegal alteration is performed to the control unit 365 is assumed by an illegality detection part 341 and an operation by a debit terminal machine 300 which is confirmed that there is no actual abnormality (no illegal alteration) is restarted by "operation restart instruction notification" of a maintenance center 500 based on an inspection result by a maintenance staff of the maintenance center 500 targeting a debit terminal machine 300 with suspicion of the illegal alteration, etc. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a fraud prevention system for a transaction terminal device, and in particular, by detecting in advance the evidence of fraudulent acts on a control device provided in the transaction terminal device, damage due to unauthorized modification to the control device can be prevented. The present invention relates to a fraud prevention system in a transaction terminal device.

  In recent years, a debit terminal (dealing terminal device) for debit payment has been installed in an amusement store, and cards issued in parallel with this debit terminal by means of payment using a debit card (bank or postal savings cash card) A game media lending system based on debit payment that can purchase a prepaid card for a player's desired amount using a machine has been put into practical use.

  According to this type of game media lending system, the value of the purchased prepaid card is deducted from the account of the player using debit payment on the debit terminal, and the prepaid card purchased by this debit payment is used. A game medium (such as a pachinko ball or a medal) can be borrowed to play a game (see, for example, Patent Document 1).

  Here, in such a debit payment game medium lending system (debit card system), the debit card (cash card) is handled when the debit terminal 300 (FIG. 2) is used. In order to prevent the information from being stolen, a peep prevention plate is attached to the operation input unit for inputting a personal identification number, or the main components of the debit terminal 300 (communication I / F units 330 and 335, debit control unit 340). , An external operation input unit 360 and a debit card processing unit 390) are integrated into a housing (black box), and security measures are implemented (hereinafter, this black box is referred to as a control unit 365).

  That is, the control unit 365 is provided with a cover open / close detection mechanism that detects opening / closing of the housing cover. When the control unit 365 in the black box is opened for the purpose of unauthorized modification such as skimming, the cover is opened. A security mechanism is provided to erase important internal data by operating the open / close detection mechanism. That is, even if the control unit 365, which is an important component of the debit terminal 300, is stolen, and important data and programs in the control unit 365 are analyzed and the user tries to steal, the housing cover of the control unit 365 When you open, you can erase important internal data. As a result, it is possible to prevent the personal identification number and card information from being stolen by a malicious third party and unauthorized modification such as attachment of skimming parts (fraud prevention system).

JP 2000-242717 A

  However, the above-described conventional fraud prevention system has the following problems. That is, as described above, the control unit 365 has a black box integrated structure, and further, when the opening / closing of the housing cover is detected by the cover opening / closing detection mechanism, the security unit is configured to erase the internal data. It has become.

  However, once the mechanism of the cover open / close detection mechanism is analyzed by a malicious third party, the housing cover may be opened / closed without operating the mechanism. In such a case, there is a risk that important data or programs stored in the control unit will be analyzed, or that fraudulent acts such as attaching skimming parts for stealing passwords or card information may be performed.

  Accordingly, the present invention has been made to solve the above-described problems caused by the prior art, and this unauthorized modification is made by detecting in advance the evidence of fraudulent acts on the transaction terminal device. It is an object of the present invention to provide a fraud prevention system in a transaction terminal device that can reliably prevent damage caused by the above.

  In order to solve the above-described problems and achieve the object, the invention according to claim 1 is a fraud prevention system in a transaction terminal device including a control device in which individual information related to transaction information is stored, The transaction terminal device includes a fraud detection unit that detects fraud against the control device, a fraud content storage unit that stores detection contents of fraud by the fraud detection unit, and a power supply to the transaction terminal device. A standby power supply unit (auxiliary power supply unit / battery) for supplying backup power to the fraud detection means when stopped is provided.

  The invention according to claim 2 is the invention according to claim 1, wherein the fraud detection means constitutes a desorption detection means for detecting desorption of the control apparatus with respect to the transaction terminal device, and the control apparatus. Function of any one of housing cover open / close detection means for detecting opening / closing of the housing cover and harness removal detection means for detecting the removal of the harness connecting the control device and the other devices in the transaction terminal device It is characterized by providing.

  The invention according to claim 3 is the invention according to claim 1 or 2, wherein the transaction terminal device is detected by the fraud detection means when the fraud detection is detected by the fraud detection means. Transmission means for transmitting the contents of the fraudulent behavior as abnormality detection information to a maintenance center that performs maintenance and inspection of the transaction terminal device is provided.

  The invention according to claim 4 is the invention according to claim 1, 2, or 3, wherein the transaction terminal device operates the transaction terminal device when the fraud detection is detected by the fraud detection means. An operation stop means for stopping the operation is provided.

  The invention described in claim 5 is characterized in that, in the invention described in claim 1 or 2, an operation stop canceling means for canceling the operation stop by the operation stop means is provided.

  The invention according to claim 6 is the invention according to claim 5, wherein the operation stop cancellation means restarts / restores the operation using the transaction terminal device based on an operation restart notification from the maintenance center. It is characterized by.

  The invention according to claim 7 is the removal preventing member according to any one of claims 1 to 6, wherein the transaction terminal device prevents removal of the control device from the transaction terminal device. The removal preventing member is formed with a through hole allowing passage of a harness connecting the control device and other devices in the transaction terminal device, and depending on the attachment position of the removal preventing member, The removal of the control device is prevented.

  The invention according to claim 8 is the debit terminal apparatus according to any one of claims 1 to 7, wherein the transaction terminal apparatus performs a debit approval process by using a debit card. It is characterized by.

  According to the first aspect of the present invention, there is a fraud prevention system in a transaction terminal device comprising a control device in which individual information related to transaction information is stored, the transaction terminal device being a fraudulent act against the control device. Fraud detection means for detecting, fraud content storage means for storing the contents of fraud detection by the fraud detection means, and when the power supply of the transaction terminal device is stopped, for the fraud detection means, A spare power supply section (auxiliary power supply section / battery) that supplies spare power is provided, so that the status of the transaction terminal device can be reliably grasped by the maintenance center, and unauthorized modification of the control device (password or card) It is possible to reliably prevent an illegal act due to the attachment of information skimming parts). Moreover, even when the transaction terminal device is turned off, the power supply to the fraud detection means can be performed by using a spare power supply unit (battery).

  According to the invention described in claim 2, the fraud detection means detects attachment / detachment detection means for detecting attachment / detachment of the control device to / from the transaction terminal device, and detects opening / closing of a casing cover constituting the control device. Since the case cover opening / closing detection means, the transaction terminal has a function of any one of the harness removal detection means for detecting the removal of the harness connecting the control device and the other device in the transaction terminal device. Since it is possible to accurately detect the evidence of fraudulent acts on the device, it is possible to accurately determine that fraudulent acts on the control device have actually been performed.

  According to the invention of claim 3, the transaction terminal device uses, as abnormality detection information, fraud content detected by the fraud detection means when detecting fraud by the fraud detection means. Since it has a transmission means for transmitting to the maintenance center that performs maintenance and inspection of the transaction terminal device, it is possible to accurately and quickly transmit the evidence of fraud to the transaction terminal device to the maintenance center. There is an effect that it is possible to accurately request the inspection work for the terminal device for use.

  According to the invention of claim 4, the transaction terminal device includes an operation stop unit that stops the operation of the transaction terminal device when the fraud detection is performed by the fraud detection unit. Since the operation is temporarily suspended for transaction terminal devices that have been traced of illegal acts on the terminal devices for use, the security code and card information associated with unauthorized modification are stolen. There is an effect that the damage caused by can be surely prevented.

  In addition, according to the invention described in claim 5, since the operation stop canceling means for canceling the operation stop by the operation stop means is provided, the operation is intended for a transaction terminal device that is not actually illegally modified. Since the stop state is canceled, there is an effect that it is possible to shorten the transaction stop time associated with the stop of the operation of the transaction terminal device.

  Further, according to the invention described in claim 6, since the resumption / recovery of the operation by the transaction terminal device by the operation suspension releasing means is performed based on the operation resumption notification by the maintenance center, the accurate maintenance by the maintenance center is performed. The operation resumption notification has the effect of reliably preventing damages caused by theft of passwords and card information associated with unauthorized modification.

  According to the invention described in claim 7, the transaction terminal device includes a removal prevention member that prevents removal of the control device from the transaction terminal device, and the removal prevention member includes the control device and the removal device. Since a through-hole allowing passage of a harness connecting with other devices in the transaction terminal device is formed, and removal of the control device is prevented by the mounting position of the removal prevention member, a plurality of fraudulent acts Even when the operation by the detection means becomes defective, it is possible to reliably prevent unauthorized modification of the transaction terminal device by making it difficult to remove the transaction terminal device.

  The invention described in claim 8 is the debit terminal apparatus according to any one of claims 1 to 7, wherein the transaction terminal apparatus performs a debit decision process by using a debit card. In particular, the present invention can be applied to a debit terminal requiring security.

  Below, with reference to an accompanying drawing, the suitable example of the fraud prevention system in the terminal device for dealing concerning this example 1 is described in detail. In the following embodiment, the outline and features of the fraud prevention system are described, the details of the overall configuration of the fraud prevention system are described, and then the fraud prevention processing procedure by the fraud prevention system is described. Finally, a modified example will be described as another embodiment. In addition, this invention is not limited by the Example shown below.

(Outline and features of fraud prevention system for transaction terminal)
First, with reference to FIG. 1, a game medium lending system to which the fraud prevention system in the transaction terminal device according to the first embodiment is applied will be described. FIG. 1 is a functional block diagram illustrating an overall configuration of a gaming medium lending system using debit payment to which the fraud prevention system in the transaction terminal device according to the first embodiment is applied.

  As shown in FIG. 1, the fraud prevention system in the transaction terminal device according to the first embodiment performs debit payment processing with a debit terminal 300 provided in a game shop 100 that provides games such as pachinko games and slot games. The information processing center 600 that is a debit settlement center and the maintenance center 500 that performs maintenance (inspection / repair) of the debit terminal 300 are constructed.

  Here, first, with reference to FIG. 1, a game medium lending system to which the fraud prevention system is applied will be briefly described. That is, as shown in FIG. 1, this game medium lending system includes a pachinko machine 110 and a card processing machine 150 connected to an island controller 255 under the control of a terminal controller 280 (T / C), and a card issuing machine 200. A prepaid card system comprising a card settlement machine 210, a debit terminal 300, an information processing center 600, a CAFIS network 700 (including a clearing center 710), and a debit card issuing bank that are communicatively connected via a public network 450. 800, member store bank 900, and ΔΔ bank 950 (amusement store account). The system portion that is connected to the debit terminal 300 installed in the amusement store 100 of the information processing center 600 with the CAFIS network 700 as a core is called a debit card system that performs debit payment. The details of the debit card system are well-known techniques, and the details are omitted.

  The terminal controller 280 has functions for managing sales in the amusement store 100 and providing information to members. The terminal controller 280 is connected to the central management computer of the card company center 470 outside the amusement store 100 by a public line network 460 so that data in the terminal controller 280 can be managed using the central management computer. It has become.

  In the game store 100, the debit terminal 300, the card issuing machine 200, and the terminal controller 280 (T / C) that is a management device are connected for communication. Among these, the debit terminal 300 is a game as described above. Outside the store 100, the information processing center 600 that performs debit payment processing via a public network 450 such as an ISDN line and the maintenance center 500 that performs maintenance (inspection / repair) of the debit terminal 300 are connected. Yes.

  Here, the maintenance center 500 exists mainly as an organization that performs version upgrade, maintenance (maintenance / inspection), and inspection / repair of internal data of the debit terminal 300 installed in the amusement store 100, but is closely related to the present invention. As a function to monitor fraudulent acts by a malicious third party. Specifically, based on the illegal content information notified from the debit terminal 300, the maintenance staff is dispatched to the amusement shop 100, and the function of checking the status of the target debit terminal 300 and repairing it is provided. Yes.

  It should be noted that “monitoring fraud” actually performed at the maintenance center 500 means determining whether there is any evidence of any fraudulent activity for the purpose of performing unauthorized modification to the control unit 365 of the debit terminal 300. Is shown.

  Here, when this fraud prevention system detects a fraudulent act on the debit terminal 300 by a malicious third party, it transmits a trace of the fraudulent act as fraud detection information to the maintenance center in advance. By presuming that unauthorized modification has been performed from the evidence of fraudulent acts and conducting inspections by the maintenance center for the relevant transaction terminal devices, damage due to actual unauthorized modification is reliably prevented. It is built as a fraud prevention system that can.

  That is, this fraud prevention system is characterized by obtaining (disassembling) the control unit 365 (FIG. 3) of the debit terminal 300, analyzing / decoding important internal information (for example, a scramble program), and a skimming device. For example, it is necessary to remove the control unit 365 from the main body of the debit terminal 300 in order to attach the debit terminal 300 to the debit terminal 300 in advance. When the trace of the opening and closing of the housing cover 365 and the removal of the harness 395 connecting the control unit 365 and the power supply box 396 are detected, this fraudulent act is transmitted to the maintenance center 500 as fraud detection information. is there.

  Specifically, the characteristics of the fraud prevention system according to the present invention will be described. A plurality of fraud detection means (removal (detachment) of the control unit 365) is performed on the basis of the evidence of fraudulent acts on the debit terminal 300. The opening / closing of the housing cover of the removal sensor 312 and the control unit 365 is detected by the control unit cover set detection sensor 313 and the removal of the power supply harness 395 connected to the control unit 365 by the harness connection detection unit 343). At the same time, any fraud detection information detected by each of these detection means is transmitted to the maintenance center 500 as error information.

  On the other hand, when the fraud detection information is notified from the debit terminal 300, the maintenance center 500 dispatches maintenance personnel to the amusement store 100 in which the debit terminal 300 to be inspected / repaired is installed. Then, check the corresponding debit terminal 300, and confirm that there is no abnormality in the debit terminal 300 (there is evidence that fraudulent activity has been performed, but there has been no actual unauthorized modification, etc.) ) Is confirmed, an “operation resumption request notification” requesting the resumption of operation is transmitted to the maintenance center 500 and an “operation start instruction notification” transmitted from the maintenance center 500 is received. In addition, the transaction by the debit terminal 300 is resumed (recovered).

  In this debit terminal 300, for example, when the control unit removal detection sensor 312 detects a trace such as removal of the control unit 365, it is assumed that the control unit 365 has been tampered with. The debit terminal 300, which is suspected of unauthorized modification, is inspected by maintenance personnel of the maintenance center 500, and the operation of the debit terminal 300 that has been confirmed to be actually normal is resumed. Since it is restarted by the instruction, it is possible to reliably prevent damage caused by theft of card information associated with unauthorized modification by a third party.

(Outline and configuration of debit terminal 300)
Next, with reference to FIG. 2 and FIG. 3, the outline | summary and the detail of a structure of the debit terminal 300 with which the game shop 100 is equipped are demonstrated. FIG. 2 is a front view showing the appearance of the debit terminal 300, and FIG. 3 is a schematic view showing the main internal configuration of the debit terminal 300, showing a state in which the door 310 is opened. FIG. 4 is a cross-sectional view showing a state in which the control unit 365 is attached to the debit terminal 300. FIG. 5 is a functional block diagram showing an internal configuration of the debit terminal 300. Hereinafter, an outline and a detailed configuration of the debit terminal 300 will be described with reference to FIGS.

  As shown in FIG. 2, the debit terminal 300 includes a vertical casing (main body 300a) having a door 310, and in order from the top, a display unit 350 and an operation input unit 360 (external operation). An input unit), a debit card insertion / return port 370, and a receipt issue port 380.

  Further, as shown in FIG. 3, a control board (debit control unit 340) for controlling the entire debit terminal 300 and this control board (debit control unit 340) are integrated in the debit terminal 300. The control unit 365, the power supply box 396, and the communication terminal adapter 397 are provided. As described above, the control unit 365 includes the main components (communication I / F units 330 and 335, the debit control unit 340, the external operation input unit 360, and the debit card processing unit 390) of the debit terminal 300. ) Is integrated (black box).

  The control unit 365 is fixedly attached to the main body 300a of the debit terminal 300 with an attachment screw. A user of the debit terminal 300 inserts a hand from an opening 300b formed in a part of the door 310, and inputs a personal identification number or the like by operating a numeric keypad (see FIG. 4).

  Further, as shown in FIG. 3, a harness 395 for supplying power from a power supply box 396 is connected to the control unit 365 in order to supply power to the control unit 365. That is, one end (upper side in FIG. 3) of the harness 395 is attached to the control unit 365, and the other end (lower side in FIG. 3) of the harness 395 is attached to the power supply box 396. As will be described later, when either one end or the other end of the harness 395 is removed from the control unit 365 or the power supply box 396, the connection disconnection detection by the harness connection detection unit 343 (FIG. 6) is activated, It can be determined that there is a evidence that the three parties have been cheating.

  The display unit 350 has a function of displaying a transaction amount by debit payment (a purchase amount of a prepaid card) and various information for performing guidance of an input operation by a player, and is configured by, for example, a liquid crystal display.

  The operation input unit 360 (external operation input unit) includes various function switches such as a confirmation switch and a cancel switch, and further includes a numeric key switch for inputting a PIN code of a debit card (cash card). It has a function to enter a password.

  The debit card insertion / return port 370 receives a cash card (debit card), performs a desired process on the debit card processing unit 390 (FIG. 5), and then returns the debit card again. It is an opening for.

  The receipt issuing port 380 is an opening for discharging the receipt printed by the printing unit 385 (FIG. 5) as a usage record for a player. From this receipt issuing port 380, a receipt printed with a result (OK / NG, payment amount, etc.) by debit payment can be issued.

  Next, the internal configuration of the debit terminal 300 will be described in detail with reference to FIG. That is, as shown in FIG. 5, the debit terminal 300 includes a control unit removal detection sensor 312, a control unit cover set detection sensor 313, communication I / F units 330 and 335, a debit control unit 340, A display unit 350, an external operation input unit 360 (operation input unit), a debit card insertion / return port 370, a receipt issue port 380, a printing unit 385, and a debit card processing unit 390 are provided. As described above, the communication I / F units 330 and 335, the debit control unit 340, the display unit 350, and the external operation input unit 360 (operation input unit) are configured as the control unit 365.

  Here, as shown in FIG. 4, the debit terminal 300 is characterized by a control unit removal detection sensor 312 that detects the removal of the control unit 365 assembled in the main body of the debit terminal 300 and an abnormality caused by the debit terminal 300. And an error state determination unit 345 that determines a state as an error. Note that, as described above, the debit control unit 340 and the debit card processing unit 390 are integrated as a black box and form a control unit 365.

  The control unit removal detection sensor 312 has a function of detecting removal of the control unit 365. The control unit removal detection sensor 312 has a function of detecting the removal of the control unit 365 assembled inside the debit terminal 300 electrically or mechanically when the control unit 365 is removed. And a push sensor. As shown in the figure, when the control unit 365 is removed, it can be determined by the control unit removal detection sensor 312 that unauthorized modification has been performed.

  Specifically, the control unit removal detection sensor 312 detects that the control unit 365 has been removed and attached to the debit terminal 300 again, and the main power of the debit terminal 300 is turned on (ON). In this case, the fraud detection unit 341 (FIG. 6) detects that the control unit 365 has been removed.

  The communication I / F unit 330 has a function of communicating with the maintenance center 500 and the information processing center 600 through the public line network 450, and through this communication I / F unit 330, a payment request related to the desired payment amount. The notification and “injustice detection information” when any abnormality occurs in the debit terminal 300 are transmitted to the maintenance center 500. The communication I / F unit 335 can communicate with a communication I / F unit (not shown) of the card issuing machine 200 (FIG. 1), and between the debit terminal 300 and the card issuing machine 200. In this way, various information (such as balance information owned by the prepaid card) is transmitted and received.

  The debit control unit 340 has a control function for collectively controlling each process in the debit terminal 300, and stores a control program such as an OS (Operating System), a program defining various processing procedures, and necessary data. The processing unit has an internal memory for executing various processes.

  The printing unit 385 has a function for printing the information notified from the debit control unit 340 on a receipt issued from the receipt issuing port 380. Specifically, the printing unit 385 prints money amount information related to debit processing on the receipt.

  The debit card processing unit 390 has a function of reading card information magnetically recorded on a debit card (cache card) taken from the debit card insertion / return port 370 and notifying the debit control unit 340 of the read result. .

(Internal configuration of debit control unit 340)
Next, the internal configuration of the debit control unit 340 (control board) will be described with reference to FIG. FIG. 6 shows a functional block diagram (circuit configuration) of the debit control unit 340 (control board). That is, as shown in FIG. 6, the debit control unit 340 (control board) includes a fraud detection unit 341, a control unit removal detection unit 342, a harness connection detection unit 343, a control unit cover detection unit 344, a battery 345, a memory 346, a communication control I / F unit 347, and a main control unit 400 (CPU).

  The control unit removal detection unit 342 has a function of detecting the removal (detachment) of the control unit 365. Detection of removal of the control unit 365 by the control unit removal detection unit 342 is performed by the control unit removal detection sensor 312.

  The harness connection detection unit 343 has a function of detecting that the connection between the harness 395 that supplies power to the control unit 365 and the power supply box 396 is interrupted. In terms of circuit, it has a function of detecting that the connection with the power supply box 396 by the harness 395 that supplies power to the control unit 365 is interrupted.

  The control unit cover detection unit 344 has a function of detecting opening / closing of the housing cover of the control unit 365. The control unit cover detection unit 344 detects the opening / closing of the housing cover by the control unit cover set detection sensor 313.

  The communication control I / F unit 347 has a function of controlling communication between the debit terminal 300 and the maintenance center 500 or the information processing center 600 through an ISDN communication line.

  The memory unit 346 has a function of storing the detected contents of the fraud detected by the fraud detection unit 341. The battery 345 has a backup power supply function for supplying backup power to the fraud detection unit 341 when the power supply of the debit terminal 300 is stopped. Specifically, even if the power switch of the debit terminal 300 is turned off, predetermined power is supplied to the fraud detection unit 341.

  The main control unit 400 (CPU) has a function as a control unit that manages the entire system of the debit terminal 300.

(Internal configuration of main controller 400)
Next, the details of the internal configuration of the main control unit 400 (CPU) will be described with reference to FIG. As shown in FIG. 7, the main control unit 400 (CPU) includes an unauthorized act determination unit 410, an error state transmission unit 420, an operation stop control unit 430, and an operation stop release unit 440.

  The cheating determination unit 410 determines whether or not there is a cheating performed on the debit terminal 300 by a malicious third party by using a plurality of cheating detection means (a control unit removal detecting unit 342 and a harness connection detecting unit 343). And a function of determining based on the detection information acquired from the control unit cover detection unit 344).

  The error state transmission unit 420 has a function of transmitting fraud detection information indicating a trace of the fraud determined by the fraud determination unit 410 to the maintenance center 500.

  The operation stop control unit 430 has a function of temporarily stopping the operation of the target debit terminal 300 when the fraud determination unit 410 detects any fraud to the debit terminal 300.

  The operation stop cancellation unit 440 has a function of resuming the operation of the debit terminal 300 that has been temporarily stopped by the operation stop control unit 430 (cancelling the error state). Specifically, after the inspection / confirmation work by the maintenance staff of the maintenance center 500 for the debit terminal 300 targeted for the debit terminal 300 detected as having some sort of fraud, is completed, If it is determined that there is no abnormality, an “operation resumption notification” is transmitted from the debit terminal 300 to the maintenance center 500, and thereafter, the operation by debit payment by the debit terminal 300 that has stopped operation is performed. (Debit transaction) will be resumed. In addition, when it is determined that “there is an abnormality” by inspection / confirmation work by the maintenance staff on the debit terminal 300, the control unit 365 of the debit terminal 300 needs to be replaced.

(Internal configuration of maintenance center 500)
As shown in FIG. 8, the maintenance center 500 includes an error state acquisition unit 510, an error cancellation determination unit 520, an error cancellation notification control unit 530, and a communication control I / F unit 540.

  The error state acquisition unit 510 has a function of acquiring fraud detection information transmitted from the debit terminal 300 as error information.

  When the debit terminal 300 detects an illegal act, the error release determination unit 520 determines that “no abnormality” is determined by the maintenance staff of the maintenance center 500, and “operation resumption request notification” transmitted from the debit terminal 300. Has a function to determine the cancellation of an error.

  The error cancellation notification control unit 530 has a function of notifying the debit terminal 300 of error cancellation and instructing the debit terminal 300 to resume operation. Specifically, the error cancellation notification control unit 530 transmits an “operation resumption instruction notification” from the maintenance center 500 to the debit terminal 300.

  The communication control I / F unit 540 has a function of performing communication with the debit terminal 300.

(Basic control procedure by fraud prevention system in transaction terminal)
FIG. 9 is a flowchart illustrating the basic control procedure of the fraud prevention system in the transaction terminal device according to the first embodiment. That is, the fraud prevention system of the present invention is broadly classified into (1) fraud detection step (SA110), (2) fraud determination step (SA120), (3) fraud content storage step (SA130), 4) It consists of six processing steps including an error state transmission step (SA140), (5) an operation stop control step (SA150), and (6) an operation stop release step (SA150). Hereinafter, the detail of each control process by (1)-(6) is demonstrated.

  (1) In the fraud detection step, a sign of any fraudulent activity being performed on the debit terminal 300 by a third party is performed using a plurality of fraud detection means (control unit removal detection sensor 312 and harness connection detection unit). 343 and the control unit cover set detection sensor 313).

  (2) The fraud determination step is a processing step in which the evidence of fraud on the debit terminal 300 detected in the fraud detection step is estimated as some fraudulent modification and determined as fraud detection content.

  (3) The fraudulent content storing step is a processing step for storing the fraud detection content determined in the fraud determining step in the memory 346 (FIG. 6) as fraud detection information.

  (4) In the error status transmission step, the fraud detection information is sent from the debit terminal 300 to the maintenance center 500 in the error state when any fraud detection is determined for the debit terminal 300 by the fraud determination step. This is a processing step of transmitting to the debit terminal 300 as information.

  (5) The operation stop control step is a processing step for temporarily stopping (error down) the operation of the debit terminal 300 when any fraud detection is determined for the debit terminal 300 by the fraud determination step. It is.

  (6) The operation stop canceling process is based on the condition that the debit terminal 300 is not abnormal in terms of stopping the operation by the debit terminal 300 that has been stopped (error down) by the operation stop control process. This is a processing step for resuming the operation by the debit terminal 300 based on the error release instruction notification notified from 500.

(Procedure for fraud prevention in the debit terminal 300)
Next, a fraud prevention processing procedure in the fraud prevention system according to the first embodiment will be described with reference to the flowchart of FIG. The flowchart shown in FIG. 10 shows the anti-fraud processing procedure executed between the debit terminal 300 installed in the game shop 100 and the maintenance center 500. Specifically, this is a processing procedure from when the main switch of the debit terminal 300 is turned on (when the power is turned on) to when the operation by the debit terminal 300 (debit settlement through the information processing center 600 and the financial institution) is resumed. .

  That is, as shown in the flowchart of FIG. 10, first, it is determined whether or not the removal detection sensor 312 of the control unit 365 is activated (step S110). If it is determined by this determination that the removal detection sensor 312 is not in operation (No at Step S110), then the harness 395 that connects (power supplies) the control unit 365 and the power supply box 396 is connected. It is determined whether or not the connection in FIG. 3) has been disconnected (step S120). If it is determined by this determination that the harness 395 has not been removed (No at step S120), it is then determined whether the housing cover set detection sensor 313 constituting the control unit 365 has been activated. (Step S130). If it is determined by this determination that the cover set detection sensor 313 has been actuated (Yes at step S130), it is determined whether the main power supply of the debit terminal 300 is turned on (ON). Step S140). Further, if the operation detection of the removal detection sensor 312 (Yes in Step S110) or the removal of the harness 395 is detected (Yes in Step S120) by the determination in Step S110 and Step S120, the process proceeds to Step S140. .

  As described above, the determinations in step S110 to step S130 are processes for determining, by each detecting means, a trace that some sort of fraud has been performed on the debit terminal 300, and specifically, in step S110. It is determined whether the control unit 365 is removed, the control unit 365 or the harness 395 is removed from the power supply box 396 in step S120, and the control unit 365 is opened or closed in step S130. Can do. In this case, the detection processing is not performed in the order shown in the flowchart of FIG. 10 (steps S110 to S130), and the processing by the detection means that can appropriately change the processing order or detect other illegal acts. You may make it add a procedure.

  That is, in the flowchart of FIG. 10, for example, when it is determined that the cover set detection sensor 313 is activated (Yes in Step S130), the main power of the debit terminal 300 is turned on (ON). ) Is determined (step S140). When the power is turned on by this determination (Yes at Step S140), any fraud detection information detected at Steps S110 to S130 is transmitted to the maintenance center 500 as error information (Step S150). In this example, the operation of the control unit cover set detection sensor 313 detected in step S130 is transmitted as error information.

  Here, if the main power supply of the debit terminal 300 is turned off according to the determination in step S140 (No in step S140), the acquired fraud detection information (abnormal information) is stored in the memory 346 according to the determination in steps S110 to S130. (FIG. 6) is stored (step S141), and thereafter, when the power is turned on (Yes in step S142), the process of transmitting error status information to the maintenance center 500 in step S150 is performed.

  Next, the debit terminal 300 performs an operation stop process for temporarily stopping the transaction by debit settlement in accordance with the detection of the above-described fraud (step S160), and then the debit terminal 300 is in an error down state (step S160). S165). Hereinafter, the debit terminal 300 determines whether there is an error state recovery (step S170). In step S170, the debit terminal 300, for which the evidence of fraud has been detected by the inspection / confirmation work of the maintenance staff dispatched from the maintenance center 500, is set to "defect". This is a process for determining whether the state is “present” or “no abnormality”. Specifically, it is a determination as to whether or not the debit terminal 300 has been tampered with. If it is determined in step S170 that there is a recovery from the error state (determined that there is no abnormality in the debit terminal 300 by the maintenance staff), if it is determined (step S170 affirmative), the debit terminal 300 An “operation resumption request notification” requesting resumption of operation of the debit terminal 300 is transmitted to the maintenance center 500 (step S175).

  On the other hand, when the maintenance center 500 receives the fraud detection information transmitted from the debit terminal 300 in step S150 (Yes in step S151), the terminal ID (machine number) of the debit terminal 300 in which the fraud detection information is detected is then received. ) And fraud detection content (in this example, the operation of the cover set detection sensor 313) is acquired as error status information (step S152). Hereinafter, the maintenance center 500 based on the error status information acquired in step S152. Then, a maintenance staff is dispatched to the amusement shop 100 in which the debit terminal 300 to be inspected / repaired is installed, and thereafter, predetermined inspection / repair is performed (step S153).

  Next, it is determined whether or not there is any abnormality in the debit terminal 300 by inspection / repair by the maintenance staff (step S154), and there is no abnormality in the debit terminal 300 by the determination in step S154. Is determined (No at Step S154), based on the reception of the “operation resumption request notification” transmitted from the debit terminal 300 (Yes at Step S176), the maintenance center 500 notifies the debit terminal 300 of “Operation Transmission of “resume instruction notification” is performed (step S177). If it is determined in step S154 that the debit terminal 300 has an abnormality (Yes in step S154), it is assumed that some unauthorized modification is performed on the control unit 356 of the debit terminal 300. This is an exchange process by itself (step S178).

  In the debit terminal 300, after the transmission of the “operation resumption request notification” of the debit terminal 300 in step S175, whether or not the “operation resumption instruction notification” is transmitted from the maintenance center 500 in the next step S185. (Step S185), and by determining that the “operation resumption instruction notification” has been transmitted from the maintenance center 500 (Yes at Step S185), the operation by the debit terminal 300 that has been error-down is started (returned). ). Thereafter, when there is a request for debit payment, the process proceeds to a debit request process by the information processing center 600.

  As described above, in the fraud prevention system according to the first embodiment, the fraudulent act on the debit terminal 300 (a trace of some fraudulent act) is detected in advance by the fraud act detection unit 341 (FIG. 6), It is presumed that the control unit 365 has been tampered with in advance, and the debit terminal 300 suspected of tampering or the like is inspected by the maintenance staff of the maintenance center 500, and there is actually an abnormality. Since the operation by the debit terminal 300 that has been confirmed to be absent is resumed by the operation resumption instruction from the maintenance center 500, the maintenance center 500 can accurately grasp the state of the debit terminal 300, and a third party Can prevent damages such as theft of passwords and card information due to unauthorized modification

  Next, the detail of Example 2 which concerns on the fraud prevention system in the terminal device for transaction of this invention is demonstrated. FIG. 11 is a schematic diagram illustrating an internal configuration of the debit terminal 300 according to the second embodiment, and FIG. 12 is a side view illustrating a state in which the control unit 365 is attached to the debit terminal 300. As shown in FIGS. 11 and 12, in the second embodiment, the harness 395 for connecting the control unit 365 and the power supply box 396 is provided with a removal prevention member 398 for preventing the control unit 365 from being removed. There is a feature.

Hereinafter, the details of the function of the removal preventing member 398 according to the second embodiment will be described. FIG. 13 is a layout diagram showing the positional relationship among the control unit 365, the removal preventing member 398, and the power supply box 396. As shown in the figure, the control unit 365 is fixedly attached to the main body 300a of the debit terminal 300 by an attaching screw. Further, the removal preventing member 398 is attached to a position separated from the lower end of the control unit 365 by a distance L ₂ (L ₁ > L ₂ ). A through hole 398 a for allowing the harness 395 to be inserted is formed in a substantially central portion of the removal preventing member 398. When the control unit 365 and the power supply box 396 are assembled to the debit terminal 300, the harness 395 is assembled in a state of passing through the through hole 398a of the blocking member 398.

In other words, in the state where there is no removal preventing member 398 as in the prior art, the free length of the harness 395 is the length L _1, and therefore, after the control unit 365 is removed by this length L ₁ , this control is performed. Although it was possible to pull out the unit 365 toward the near side and perform some illegal act, the provision of the removal prevention member 398 according to the second embodiment newly provided the harness 395 necessary for pulling out the control unit 365. Since the free length is short (length L ₂ ), it is impossible to perform an illegal modification work. Here, when the harness 395 is removed, the control unit 365 can be pulled out toward the front side for unauthorized modification. In this case, either one end or the other end of the harness 395 is connected to the control unit 365 or the power supply box. Since it is necessary to remove from 396, the disconnection detection by the harness connection detection part 343 (FIG. 6) will act | operate by this.

  As described above, in the fraud prevention system according to the second embodiment, the removal prevention that prevents the control unit 365 from being removed from the harness 395 that connects the power supply path between the control unit 365 and the power supply box 396 of the debit terminal 300. Since the member 398 is provided, the removal preventing member 398 can prevent unauthorized modification by pulling the control unit 365 forward. Further, even if either or both of the control unit removal detection sensor 312 and the harness connection detection unit 343 fail or do not operate, the removal prevention member 398 can prevent an illegal act caused by taking out the control unit 365. it can.

(Other examples)
Although the embodiments of the present invention have been described so far, the present invention is implemented in various different embodiments within the scope of the technical idea described in the claims other than the embodiments described above. You can also.

  That is, in the above description, the transaction terminal device applied to the fraud prevention system in the transaction terminal device of the present invention has been described as applying a debit terminal used when performing debit payment. The present invention can be applied not only to such a debit terminal but also to other terminal devices that are communicably connected to a higher-level management device. In addition, other than amusement stores, it can be used for a transaction terminal device that handles cash in particular, such as a change machine or an automatic cash transaction apparatus (ATM) installed in a bank or the like, and requires security.

  As described above, the fraud prevention system in the transaction terminal device according to the present invention is particularly suitable for the fraud prevention system in the transaction terminal device that requires security, such as a debit terminal.

It is a functional block diagram which shows the whole structure of the game media rental system to which the fraud prevention system in the transaction terminal device which concerns on the present Example 1 is applied. It is a front view which shows a debit terminal. FIG. 3 is a schematic diagram illustrating an internal configuration of the debit terminal illustrated in FIG. 2. It is sectional drawing which shows the attachment state of the control unit with respect to a debit terminal. 1 is an overall functional block diagram illustrating an internal configuration of a debit terminal according to Embodiment 1. FIG. It is a whole functional block diagram which shows the internal structure of a debit control part. It is a functional block diagram which shows the internal structure of a main control part (CPU). It is a functional block diagram which shows the internal structure of a maintenance center. It is a basic flowchart which shows the basic process sequence of a fraud prevention system. It is a flowchart which shows the flow by the fraud prevention processing procedure by a fraud prevention system. FIG. 6 is a schematic diagram illustrating an internal configuration of a debit terminal according to a second embodiment. It is sectional drawing which shows the attachment state of the control unit with respect to the debit terminal which concerns on Example 2. FIG. FIG. 6 is a layout diagram showing a positional relationship among a control unit, a removal prevention member, and a power supply box.

Explanation of symbols

100 amusement shop 110 pachinko machine 150 card processing machine 200 card issuing machine 210 card settlement machine 255 island controller 280 terminal controller (T / C)
300 Debit terminal 310 Door 312 Control unit removal detection sensor 313 Control unit cover set detection sensor 330, 335 Communication I / F unit 347, 540 Communication control I / F unit 340 Debit control unit 342 Control unit removal detection unit 343 Harness connection Detection unit 344 Control unit cover detection unit 345 Battery 346 Memory 350 Display unit 365 Control unit 370 Debit card insertion / return port 380 Receipt discharge port 385 Printing unit 390 Debit card processing unit 396 Power supply box 397 Terminal adapter 398 Removal prevention member 400 Main control Department (CPU)
410 Unauthorized conduct determination unit 420 Error state transmission unit 430 Operation stop control unit 440 Operation stop release unit 450 460 Public line network 470 Card company center 500 Maintenance center 510 Error state acquisition unit 520 Error release determination unit 530 Error release notification control unit 600 Information processing center 700 CAFIS network 710 Clearing center 800 Debit card issuing bank 900 Merchant bank 950

Claims (8)

A fraud prevention system in a transaction terminal device including a control device in which individual information related to transaction information is stored,
The transaction terminal is
Cheating detection means for detecting cheating on the control device;
Cheating content storage means for storing cheating detection content by the cheating detection means;
A fraud prevention system for a transaction terminal device, comprising: a reserve power supply unit that supplies a reserve power to the fraud detection means when power supply to the transaction terminal device is stopped. The fraud detection means is
Desorption detection means for detecting attachment / detachment of the control device to / from the transaction terminal device, case cover opening / closing detection means for detecting opening / closing of a case cover constituting the control device, the control device, and the other in the transaction terminal device 2. The fraud prevention system for a transaction terminal device according to claim 1, comprising any one of harness removal detecting means for detecting removal of a harness connecting to the device. The transaction terminal is
When detecting fraudulent activity by the fraudulent detection means, a transmission means is provided that transmits the contents of the fraudulent activity detected by the fraudulent activity detection means to the maintenance center that performs maintenance and inspection of the transaction terminal device as abnormality detection information. The fraud prevention system in the transaction terminal device according to claim 1 or 2. The transaction terminal is
The fraud prevention system for a transaction terminal device according to claim 1, 2 or 3, further comprising operation stop means for stopping the operation of the transaction terminal device upon detection of fraud by the fraud detection means. .   5. The fraud prevention system for transaction terminal device according to claim 4, further comprising operation stop canceling means for canceling operation stop by said operation stop means.   6. The fraud prevention system for a transaction terminal device according to claim 5, wherein the resumption / recovery of the operation by the transaction terminal device by the operation suspension releasing means is performed based on the operation resumption notification by the maintenance center. The transaction terminal is
A removal prevention member for preventing removal of the control device from the transaction terminal device is provided, and the removal prevention member allows passage of a harness that connects the control device and another device in the transaction terminal device. The fraud prevention system for a transaction terminal device according to any one of claims 1 to 6, wherein a hole is formed and removal of the control device is prevented by an attachment position of the removal prevention member. .   The fraud prevention system for a transaction terminal device according to any one of claims 1 to 7, wherein the transaction terminal device is a debit terminal device that performs a debit approval process by using a debit card.

Images