JP2006031640A - Ic card, ic card identification number dynamic generation method and ic card identification number dynamic generation system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To solve the following problem: an IC card business process associated with an card ID cannot hold secrecy of personal transaction contents by tracing of the card ID. <P>SOLUTION: An ID dynamic numbering server 101 previously shares an encryption key with an IC card 110. A business affiliation terminal first takes out an ID dynamic numbering server certificate 112 from the IC card, acquires derivative data from the specified ID dynamic numbering server, and transmits them to the IC card. The IC card generates a session key on the basis of the derivative data, and encrypts the card ID. The business affiliated-store terminal transmits the encrypted card ID, the derivative data, and business related data to a business operation server 121 together. The business operation server makes the later business process by use of the original card ID restored by the ID dynamic numbering server. Thereby, the card ID responded by the IC card is dynamically changed every time, and the original card ID can be restored in only a system having authority. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to an IC card and a system thereof that can dynamically change a card identification number every time it is accessed.

  Conventionally, the identification number (card ID) of an IC card is always open to the outside accessing the IC card and responds with the same value. When business processing using an IC card is performed, the card ID is first read from the IC card, and processing is performed in association with each business content and data. For example, in the case of credit settlement business, as described in Non-Patent Document 1, the IC card reader / writer (R / W) installed in the business member store terminal reads the card ID of the IC card, and the usage amount and contents, Data required for business processing, such as payment method and store name, is sent to the credit card company server.

In addition, credit cards often use a magnetic card instead of an IC card. In this case as well, the same processing method is used in that the credit card number is read from the magnetic stripe and related business data is associated with this number. ing.
FIG. 2 shows a conventional IC card system configuration. First, an outline of system components will be described.

Reference numeral 110 denotes a so-called IC card, which has an identification number (card ID) that can be uniquely identified. The card ID transmission processing unit (114) transmits a card ID in response to a request from outside the IC card.
Reference numeral 121 denotes a business operation server, which performs business using an IC card in the business processing unit (123). For example, in the case of credit settlement business, the server is a server owned by a credit card company, and the business processing unit (123) manages credit information such as management of customer information and credit card information, credit check when using credit, and settlement processing. Do business.

  Reference numeral 131 denotes a business member store terminal which is installed in each store and directly accesses the IC card and exchanges data when executing business. As basic processing, first, the card ID transmission request processing unit (135) accesses the IC card, acquires the card ID, and identifies the IC card. The business processing unit (134) prepares business-related data necessary for execution of each business, and transmits it to the business operation server (121) in association with the card ID. For example, in the case of credit payment business, this is the case of a POS terminal installed at a merchant terminal contracted with a credit card company, which obtains the card ID (credit card number in the case of a magnetic card) from the card, Combine business-related data such as payment method and send it to the credit card company server.

Information exchange is realized between a business member store terminal and a business operation server through a network such as a public network or a network using a dedicated line. Direct data exchange is realized between the business member store terminal and the IC card using an IC card reader / writer (R / W) provided in the business member store terminal.
Further, the business operation server (121) and the business member store terminal (131) described above have a card ID transmission request function and a business processing function in their respective processing units (123, 134, 135). Each of these processing functions is realized and operated as a computer program. The card ID transmission processing unit (114) in the IC card (110) is often implemented as a computer program, but some IC cards may be implemented as a file system.

Next, the problem of the conventional system will be described by taking the operation procedure of business processing in the above system as an example.
The business member store terminal (131) uses the card ID transmission request processing unit (135) to access the IC card and requests card ID transmission (201). The IC card (110) responds with its own card ID using the card ID transmission processing unit (114) (202). Using the business processing unit (134), the business member store terminal (131) associates the received card ID with data related to the business and transmits the data to the business operation server (121) (203). The business operation server (121) analyzes the received data using the business processing unit (123) and proceeds with business processing.

"IC card overview" Seamedia Publishing 2001

  In the above prior art, business processing using an IC card is associated with a card ID. Therefore, when the card ID is tracked, there arises a problem that the confidentiality of information relating to personal transaction details cannot be maintained. Since the IC card always responds with the same card ID for any access from the outside, transaction contents at different times and different locations can be tracked using the card ID as a key. The card ID does not directly identify the individual user, but once the relationship between the card ID and the individual user is known, there is a threat that all the transaction history up to that point is known. . In addition, there is a problem that even if the user cannot be identified, the consumption behavior can be grasped from the pattern such as the purchase contents and the visited place.

The above problem is caused by the fact that the IC card always responds with the same card ID. However, if a random value such as a random number is always returned from the IC card, the business operation server (121) cannot identify the IC card, and the business process cannot proceed. In the case of credit settlement processing, it becomes impossible to identify from which account the credit card is used for settlement. Therefore, the IC card does not respond with the same card ID, but the business operation server (121) needs a system that can identify the IC card.
This completes the description of the problems in the conventional system.

  In order to solve the above-mentioned problems, the present invention introduces an “ID dynamic numbering server” and provides a method in which an IC card dynamically generates and responds to a card ID based on derived data generated by the server. To do. This dynamic card ID can be decrypted to the original card ID by the ID dynamic numbering server, and the business operation server can identify the IC card by cooperating with the ID dynamic numbering server. is there.

By the IC card identification number dynamic generation method provided by the present invention, it is possible to change the card ID to which the IC card responds every turn and to restore the original card ID only in an authorized system. .
In addition, since the authorized system is not aware of the business-related data, the business operator can perform the encryption / decryption processing of the card ID without knowing the specific business content to the authorized system.

Embodiments of the present invention will be described below.
First, since the IC card always responds with the same card ID, the information on the transaction contents associated with the card ID cannot be concealed. In the embodiment of the present invention, the dynamic card ID is generated inside the IC card. By installing the processing unit, the problem is solved by changing the card ID that responds to the outside rotationally. Even if the same user performs processing using an IC card, a different card ID is responded each time, so the business member store terminal cannot be associated with the previous processing history.

  In addition, in response to the problem that the IC card cannot be identified in the business operation server if the card ID is dynamic, the present invention introduces a system that is authorized to share the encryption key with the IC card called “ID dynamic numbering server”. To solve it. First, the dynamic card ID is a value obtained by encrypting the card ID. In order for the dynamic card ID to respond with a different value each time, encryption should be performed with a different session key each time, but the key data for creating this session key (derived data) is dynamically attached to the ID. The number server will create it. Since the ID dynamic numbering server has a shared key with the IC card, it is possible for both to generate the same session key if there is derivative data. As a result, if there is a session key and a dynamic card ID, the original card The ID can be decrypted. The business operation server can identify the IC card by coordinating with the ID dynamic numbering server and having the ID dynamic numbering server perform the decryption processing of the card ID from the dynamic card ID. Also, in this solution, it is necessary to send the derived data from the ID dynamic numbering server to the IC card. However, if the derived data is altered, the dynamic card ID cannot be decrypted. It is necessary to perform encryption processing in

  The inventive method will be described according to a specific processing procedure. First, the business member store terminal accesses the IC card and extracts the “ID dynamic numbering server certificate”. This certificate is set when the IC card is issued, and has information for specifying the ID dynamic numbering server. Next, the business member store terminal requests the ID dynamic numbering server specified by the certificate to generate derivative data. The ID dynamic numbering server encrypts random data such as random numbers with a shared key shared with the IC card and sends it to the affiliated store terminal as derived data. This shared key is a shared key shared in advance between the ID dynamic numbering server and the IC card. The business member store terminal transmits the derived data to the IC card and requests a corresponding dynamic card ID. The IC card decrypts the derived data with the shared key, and derives the session key from the shared key based on this.

  The card ID is encrypted with this session key, and this is responded to the business member store terminal as a dynamic card ID. The business member store terminal associates the received dynamic card ID, derivative data, and business-related data with each other and transmits them to the business operation server. The business operation server sends a dynamic card ID and derived data to the ID dynamic numbering server and requests decryption of the card ID. The ID dynamic numbering server decrypts the derived data with the shared key, and generates a session key from the shared key based on the value. The original card ID is extracted by decrypting the dynamic card ID using this session key and transmitted to the business operation server. The business operation server advances the business process by associating the received card ID with the business-related data.

  Next, it demonstrates using drawing. The basic configuration of the system according to the present invention is shown in FIG. Reference numeral 110 denotes a so-called IC card, which includes an ID dynamic numbering server certificate (112) for specifying the ID dynamic numbering server (101) and a dynamic card ID generation processing unit (113). The dynamic card ID generation processing unit (113) receives the derived data from the outside of the IC card, encrypts the card ID based on this data, and responds to the outside as the dynamic card ID.

  Reference numeral 101 denotes an ID dynamic numbering server, which includes a derived data generation processing unit (102) and a dynamic card ID verification processing unit (103). The derived data generation processing unit (102) generates derived data that is a key for the IC card to generate a dynamic card ID. Derived data is based on random data such as random numbers, but in order to maintain the integrity and confidentiality of the data, it is encrypted and transmitted to the outside using a shared key shared with the IC card. The dynamic card ID verification processing unit (103) decrypts the dynamic card ID into the original card ID and responds in response to a request from the outside. In order to perform the decryption process, corresponding derivative data is required. It is also necessary to verify the validity of whether the requesting outside has the authority to know the original card ID.

  Reference numeral 121 denotes a business operation server, which includes a dynamic card ID verification request processing unit (122) and a business processing unit (123). The dynamic card ID verification request processing unit (122) transmits the derived data corresponding to the dynamic card ID received from the business member store terminal to the ID dynamic numbering server (101), and decrypts the original card ID. Request. After the decryption, the card ID and the business-related data are associated with each other and the processing is transferred to the business processing unit (123). The business processing unit (123) performs a business using an IC card such as a credit settlement business as in the past.

  Reference numeral 131 denotes a business member store terminal which is installed in each store and directly accesses the IC card and exchanges data when executing business. An IC card authentication processing unit (132), a dynamic card ID issue request processing unit (133), and a business processing unit (134) are included. The IC card authentication processing unit (132) first accesses the IC card, acquires the ID dynamic numbering server certificate (112), and identifies the ID dynamic numbering server (101). Next, the dynamic card ID issue request processing unit (133) requests derived data from the ID dynamic numbering server (101), and transmits the received data to the IC card. Finally, the business processing unit (134) prepares business-related data necessary for the execution of each business and transmits it to the business operation server (121) in association with the dynamic card ID received from the IC card.

  Information exchange is realized between a business member store terminal, a business operation server, and an ID dynamic numbering server through a network such as a public network or a network using a dedicated line. Direct data exchange is realized between the business member store terminal and the IC card using an IC card reader / writer (R / W) provided in the business member store terminal.

  The ID dynamic numbering server (101), the business operation server (121), and the business member store terminal (131) are connected to the respective processing units (102, 103, 122, 123, 132, 133, 134). It has a dynamic card ID generation function and a business processing function. Each of these processing functions is realized and operated as a computer program. The card ID transmission processing unit (113) in the IC card (110) is often implemented as a computer program, but some IC cards may be implemented as a file system. The ID dynamic numbering server certificate (112) is a so-called electronic certificate and exists in the IC card as data.

Next, a rough procedure for dynamically generating an IC card identification number by the proposed method of the embodiment of the present invention will be described.
First, as preprocessing, an ID dynamic number server certificate (112) is set in the IC card at the time of issuance. This certificate has information for specifying the ID dynamic numbering server (101). A shared key is shared between the ID dynamic numbering server (101) and the IC card.

  Next, the processing of the proposed method is started. First, the derived data generation process will be described. First, the business member store terminal (131) uses the IC card authentication processing unit (132) to access the IC card (110) and extracts the ID dynamic numbering server certificate (112) (151). Next, the business member store terminal (131) uses the dynamic card ID assignment request processing unit (133) to request the ID dynamic numbering server identified by the certificate to generate derivative data (152). The ID dynamic numbering server (101) uses the derivation data generation processing unit (102) to encrypt random data such as a random number with a shared key shared with the IC card, and to the business member store terminal as derivation data. Transmit (152).

  Next, the process proceeds to a dynamic card ID generation process. The business member store terminal (131) uses the dynamic card ID issue request processing unit (133) to transmit the derived data to the IC card (110), and requests the corresponding dynamic card ID (153). The IC card (110) decrypts the derived data with the shared key using the dynamic card ID generation processing unit (113), and derives the session key from the shared key based on the decrypted data. The IC card (110) generates a dynamic card ID by encrypting the card ID with this session key, and responds to the business member store terminal (154).

  Finally, the process proceeds to the dynamic card ID verification process. The business member store terminal (131) uses the business processing unit (134) to associate the received dynamic card ID, derived data, and business-related data with each other and transmit them to the business operation server (155). Using the dynamic card ID verification request processing unit (122), the business operation server (121) transmits the dynamic card ID and derived data to the ID dynamic numbering server (101) to request decryption of the card ID. (156). The ID dynamic numbering server (101) uses the dynamic card ID verification processing unit (103) to decrypt the derived data with the shared key, and generates a session key from the shared key based on the value. Using this session key, the dynamic card ID is decrypted and the original card ID is extracted and transmitted to the business operation server (121) (156). The business operation server (121) associates the received card ID with the business related data, and the business processing unit (123) advances the business processing.

The above is the basic configuration and processing of the system according to the present invention. Next, each component of the system will be described.
FIG. 3 is a diagram showing an outline of an example of an IC card system. An example is shown in which an IC card 110 has a chip 302 and exchanges data with a reader / writer (or a terminal having a reader / writer) 303. Among the reader / writers are a control processor 304 and a magnetic disk 305 as a database. As usual, the IC card 110 shows various terminals such as Vcc (power supply), GND (ground), RST (reset), I / O (input / output), and CLK (clock). In the figure, reference numeral 306 indicates various inquiries such as a card ID from the reader / writer 303 to the IC card 110. Reference numeral 307 indicates a reply made by the IC card to the above inquiry. A conventional system is sufficient for transmitting such information.

  In the IC chip in the IC card, specifically, the above-described application is mounted in the memory area. Generally, RAM (Random Access Memory), EEPROM (Electrical Erasable Programmable Read Only Memory), ROM (Read Only Memory), or the like is used as the memory.

Next, FIG. 4 shows a logical configuration of a basic area inside the IC mounted in such an IC card (110). The IC has a hardware layer (403) and an area in which an OS is mounted, that is, an OS layer (402) and an area in which an application is mounted, that is, an application layer (401), as in a normal microcomputer. . Here, “multi-application mountable” means that a plurality of applications (404-406) can be mounted in the application layer (401). Further, the initial loading of the application means that the application (404-406) is distributed to the use applicant in a state where it is already loaded when the IC card is issued, and the dynamic loading is possible. ) Indicates that it can be loaded or deleted after the card is issued. The OS layer (402) includes a communication processing unit (407), an interpreter (408), a security mechanism (409), etc., and performs command reception from external terminals, application command transfer, and the like. Of course, an application interface is installed between the application layer (401) and the OS layer (402), and a hardware interface is installed between the OS layer (402) and the hardware layer (403).

  Next, a specific method of the IC card identification number dynamic generation process according to the embodiment of the present invention will be described. First, the derivative data generation process, dynamic card ID generation process, and dynamic card ID verification process will be described using the sequence of FIG. First, the business member store terminal (501) makes a card authentication request to the IC card (502) (step 511). The IC card responds with an ID dynamic numbering server certificate (step 512). The business member store terminal analyzes the certificate, specifies the corresponding ID dynamic numbering server (503), and requests the derived data (step 513). The ID dynamic numbering server performs encryption processing corresponding to the IC card, and generates and transmits derived data (step 514). The business member store terminal transmits the derived data to the IC card and requests generation of a dynamic card ID (step 515). The IC card generates and responds to a dynamic card ID based on the derived data (step 516). The business member store terminal sends the dynamic card ID, the derived data, and the related business data to the business operation server (504) (step 517). The business operation server requests verification of the dynamic card ID from the ID dynamic numbering server (step 518). The ID dynamic numbering server performs a process of decrypting the dynamic card ID to extract and send the original card ID (step 519). Thereafter, the business operation server continues the conventional business processing.

  Regarding the details of the IC card identification number dynamic generation method in the embodiment of the present invention described above, the operation flowcharts of the business member store terminal, IC card, ID dynamic numbering server, and business operation server (FIG. 6 to FIG. 6). This will be described with reference to FIG. These are details of the sequence of FIG. 6 to 8 are operational flowcharts of the business member store terminal in the embodiment of the present invention.

  First, the IC card authentication process of the business member store terminal will be described with reference to FIG. The business member store terminal accesses the IC card and acquires the ID dynamic numbering server certificate (step 601). Next, the validity of the certificate is verified (step 602). If the validity cannot be verified, such as when the certificate has expired, the processing is stopped (step 604). If the validity can be verified, the certificate is analyzed to identify the corresponding ID dynamic numbering server (step 603).

  Next, the dynamic card ID issuing request process of the business member store terminal will be described with reference to FIG. The business member store terminal accesses the ID dynamic numbering server and requests derivative data corresponding to the target IC card for business processing (step 701). If the corresponding derived data cannot be received, the processing is stopped (step 704). If the corresponding derivative data can be received, the derivative data is transmitted to the IC card to request generation of a dynamic card ID (step 703).

  Next, the business process of the business member store terminal will be described with reference to FIG. The business member store terminal receives the dynamic card ID, which is a different value each time, from the IC card (step 801). Next, derivative data transmitted to the IC card to generate the dynamic card ID and related data necessary for proceeding with the business process are prepared (step 802). The dynamic card ID, the derived data, and the business related data are transmitted together to the business operation server (step 803).

  FIG. 9 is an operation flowchart of the IC card in the embodiment of the present invention. A dynamic card ID generation process performed in the IC card will be described. The IC card receives derivative data necessary to generate a dynamic card ID from the business member store terminal (step 901). Next, the derived data is decrypted using the shared key (called Ka) shared between the ID dynamic numbering server that generated the derived data and the IC card, and random data is extracted (step 902). If this decryption process fails because the corresponding shared key Ka does not exist, the process is stopped (step 906). If the decryption process is successful, a shared key Ka is derived using the extracted random data to generate a session key (referred to as Ks) (step 904). Next, the card ID is encrypted with the session key Ks and transmitted as a dynamic card ID to the business member store terminal (step 905).

10 to 11 are operational flowcharts of the ID dynamic numbering server in the embodiment of the present invention.
First, the derivative data generation processing of the ID dynamic numbering server will be described with reference to FIG. The ID dynamic numbering server accepts a derived data request from the business member store terminal (step 1001). Next, random data such as a random number is generated (step 1002). Then, the shared key Ka shared in advance between the IC card and the ID dynamic numbering server is searched (step 1003). If the corresponding shared key Ka does not exist, the process is stopped (step 1006). If the shared key Ka exists, the random data is encrypted with the shared key Ka and transmitted as derivative data to the business member store terminal (step 1005).

  Next, the dynamic ID verification processing of the ID dynamic numbering server will be described with reference to FIG. The ID dynamic numbering server receives the dynamic card ID verification request from the business operation server and receives the dynamic card ID and the derived data (step 1101). Derived data is decrypted using the shared key Ka to extract random data (step 1102). If this decryption processing fails due to the absence of the corresponding shared key Ka, the processing is stopped (step 1106). If the decryption process is successful, the shared key Ka is derived using the extracted random data to generate the session key Ks (step 1104). Using the session key Ks that generated the dynamic card ID, the original card ID is extracted and sent to the business operation server (step 1105).

12 to 13 are operation flowcharts of the business operation server in the embodiment of the present invention.
First, the dynamic card ID verification request processing of the business operation server will be described with reference to FIG. The business operation server receives the dynamic card ID, the derived data, and the business related data from the business member store terminal (step 1201). The dynamic card ID and the derived data are transmitted to the ID dynamic numbering server to request verification of the dynamic card ID (step 1202). If the original card ID is not transmitted from the ID dynamic numbering server, the processing is stopped (step 1206). When the original card ID is transmitted from the ID dynamic numbering server (step 1204), the card ID is associated with the business-related data and transmitted to the business processing unit (step 1205).

Next, business processing of the business operation server will be described with reference to FIG. The business operation server receives business-related data associated with the card ID from the dynamic ID verification request processing unit (step 1301). Necessary business processing is performed (step 1302). This process is basically the same as the process performed by the conventional business operation server.
The above is the embodiment of the present invention. The IC card includes a contact IC card, a non-contact IC card, and the like, but in the embodiment of the present invention, it can be applied regardless of the configuration itself of the IC card. However, the IC card needs to have a function of performing data encryption / decryption processing and key derivation processing.

  FIG. 14 is a diagram in which the above processing flow is summarized and key encryption / decryption is combined. The shared key Ka is a key shared in advance between the ID dynamic numbering server and the IC card, but if the ID dynamic numbering server assigns one shared key to one IC card In this case, there is a security threat that the transaction content is traced using this shared key as a key. Therefore, it is desirable that the ID dynamic numbering server shares the same shared key with a plurality of IC cards, and the same key may be set for all IC cards related to the ID dynamic numbering server. .

  The ID dynamic numbering server generates derived data based on a random number and transmits it to the IC card through the business member store terminal. However, the session key Ks may be directly passed instead of the derived data. In that case, there is no need to generate a session key in the IC card. However, while the session key Ks is transmitted from the ID dynamic numbering server to the IC card, it is necessary to maintain the confidentiality and integrity of the data by encryption processing or the like.

The ID dynamic numbering server sends the original card ID in response to a request from the business operation server, but if it responds to a request from anyone, there is no point in encrypting the card ID. The ID dynamic numbering server must check whether the business operation server has the authority to restore the card ID based on operational restrictions such as server-to-server authentication, public key certificate verification, and whether there is a contract relationship. Don't be.
In addition, encryption and decryption algorithms and key derivation methods in the embodiments of the present invention are not specified.

As described above, according to the embodiment of the present invention, the following is possible.
(1) The IC card responds with a different value each time for external access as a card ID. As a result, it becomes impossible to track the transaction history of the user by the association with the card ID, and the security threat is reduced.
(2) In addition, the business server cannot recognize the IC card only when the IC card randomly responds with a card ID in (1) above. After the business server receives business-related data safely, it must be able to identify which IC card the target is. According to the embodiment of the present invention, since the dynamically changed card ID is a value generated based on the derived data generated by the ID dynamic numbering server, the ID dynamic numbering server It is possible to restore the original card ID from the card ID. The business server can request the ID dynamic numbering server to retrieve the original card ID, and proceed with subsequent business processing using the card ID as a key as before.
(3) When the business operation server makes a dynamic card ID verification request, it transmits only the dynamic card ID and the derived data to the ID dynamic numbering server, and does not send the business-related data to the outside. For this reason, the ID dynamic numbering server has a function of decrypting the card ID but does not know the business data, so that information such as the transaction contents of the user is not known to the ID dynamic numbering server.

  In the above description, the case where the invention made mainly by the present inventor is applied to the IC card which is the technical field behind the invention has been described. However, the present invention is not limited to this. A portable terminal such as a PDA having a function or a cellular phone can be used instead.

The figure which shows the IC card system structure which implements the IC card identification number dynamic generation method which concerns on embodiment of this invention. The figure which shows the conventional system structure concerning embodiment of this invention. The figure which shows the outline | summary of a card system. The figure which shows the basic composition of an IC card. The IC card dynamically changes the IC card identification number to a different value every time, responds to the outside, and shows the sequence according to the present invention for restoring the original card ID only with an authorized ID dynamic numbering server Figure. The figure which shows the sequence which concerns on this invention for a business member store terminal to take out ID dynamic numbering server certificate from an IC card, and to identify ID dynamic numbering server. The figure which shows the sequence which concerns on this invention for a business member store terminal to request | require derivative data production | generation from ID dynamic numbering server, to acquire derivative data, and to transmit to IC card. The figure which shows the sequence which concerns on this invention for a business member store terminal to receive dynamic card ID from an IC card, and to transmit the business related data which were derived data to a business operation server. The figure which shows the sequence which concerns on this invention for an IC card to receive derivative data from a business member store terminal, generate | occur | produce a dynamic card ID, and transmit to a business member store terminal. The figure which shows the sequence which concerns on this invention for an ID dynamic numbering server to receive a derivative data production | generation request | requirement from a business member store terminal, and produce | generate and transmit derivative data. The figure which shows the sequence which concerns on this invention for an ID dynamic numbering server to receive the dynamic card ID verification request | requirement from a business operation server, and to decode and transmit the original card ID. The figure which shows the sequence concerning this invention for a business operation server to request | require dynamic card ID verification to an ID dynamic numbering server based on the data received from the business member store terminal, and to acquire original card ID . The figure which shows the sequence concerning this invention for a business operation server to advance a process combining the card ID received from the ID dynamic numbering server and the data related to the business. It is the figure which showed the processing content of this invention in detail.

Explanation of symbols

101: ID dynamic numbering server 102: Derived data generation processing unit 103: Dynamic card ID verification processing unit 110: IC card 112: ID dynamic numbering server certificate 113: Dynamic card ID generation processing unit 114: Card ID transmission processing unit 121: business operation server 122: dynamic card ID verification request processing unit 123: business processing unit 131: business member store terminal 132: IC card authentication processing unit 133: dynamic card ID issue request processing unit 134: business Processing unit 135: Card ID transmission request processing unit 151: IC card authentication processing 152: Derived data generation request processing 153: Dynamic card ID request processing 154: Dynamic card ID response processing 155: Business data transmission processing 156: Dynamic card ID verification request processing 157: business data transmission processing 201: card ID request processing 202: card ID response processing 203: business data transmission processing 30 : IC chip 303: IC card processing terminal 304: IC card system processing unit 305: IC card system database 306: IC card command request 307: IC card command response 401: Application layer 402: OS layer 403: Hardware layers 404 and 405 406: IC card application 407: communication processing unit 408: interpreter 409: security mechanism 501: business member store terminal 502: IC card 503: ID dynamic numbering server 504: business operation server.

Claims (7)

Connect to IC card via IC card reader / writer,
ID dynamic numbering that generates derivative data necessary for the IC card to change the card ID rotationally via a network or a dedicated line, and decrypts the dynamically changed card ID Connect to the server system
A dynamic generation method of the IC card identification number in a business member store terminal system connected to a business operation server system that operates a predetermined business using an IC card via the network or the dedicated line,
Obtain a certificate identifying the ID dynamic numbering server system from the IC card,
Request and obtain the derived data necessary for dynamically changing the card ID to the ID dynamic numbering server system specified from the certificate,
Sending the derived data to the IC card, obtaining a dynamic card ID changed based on the derived data,
A method for dynamically generating an IC card identification number, wherein the dynamic card ID, the derived data, and business-related data required for performing a predetermined business are transmitted together to the business operation server. Connect to IC card via IC card reader / writer,
ID dynamic numbering that generates derivative data necessary for the IC card to change the card ID rotationally via a network or a dedicated line, and decrypts the dynamically changed card ID Connect to the server system
A business member store terminal system connected to a business operation server system that operates a predetermined business using an IC card via the network or the dedicated line,
Obtain a certificate identifying the ID dynamic numbering server system from the IC card,
Request and obtain the derived data necessary for dynamically changing the card ID to the ID dynamic numbering server system specified from the certificate,
Sending the derived data to the IC card, obtaining a dynamic card ID changed based on the derived data,
A business member store terminal system, wherein the dynamic card ID, the derived data, and business-related data required for performing a predetermined business are transmitted together to the business operation server. An ID dynamic numbering service system that generates derivative data necessary for the IC card to change the card ID every rotation, and performs the decryption processing of the dynamically changed card ID,
Connect to a business member store terminal system that connects to an IC card to obtain an ID dynamic numbering server certificate and obtains a card ID that changes every rotation via a network or dedicated line,
In response to a derivative data generation request from the business member store terminal, the derivative data is generated using an encryption key shared with the IC card and transmitted to the business member store terminal,
Connect to a business operation server system that operates a predetermined business using an IC card via the network or the dedicated line,
In response to a dynamically changed card ID restoration processing request from the business operation server system, the dynamically changed card ID, the derived data, and an encryption key shared in advance with the IC card An ID dynamic numbering server system characterized in that an original card ID is decrypted and transmitted to the business operation server system. The ID dynamic numbering server system according to claim 3,
The ID dynamic numbering server system, wherein the derived data is an encryption session key for generating a dynamically changed card ID. A business operation server system that operates a predetermined business using an IC card
Connect to a business member store terminal system that connects to an IC card to obtain an ID dynamic numbering server certificate and obtains a card ID that changes every rotation via a network or dedicated line,
From the business member store terminal, the dynamically changed card ID and business-related data necessary for performing a predetermined business are received,
Derived data required for the IC card to change the card ID every rotation is generated, and the dynamically changing card ID is decrypted in the ID dynamic numbering server system in the network or the dedicated line. Connected through
Requesting the ID dynamic numbering server system to restore the dynamically changed card ID, obtaining the restored card ID, and performing a predetermined job using the card ID. A featured business operation server system. An IC card connected to an external system via an IC card reader / writer,
In response to a request from the external system, an ID dynamic numbering server certificate that identifies the ID dynamic numbering server system is transmitted,
The derivative data generated by the ID dynamic numbering server system is received from the external system,
An encryption session key is generated by encrypting an encryption key shared with the ID dynamic numbering server system using the derived data,
An IC card, wherein a card ID dynamically changed from a card ID using the encryption session key is generated and transmitted to the external system. The IC card according to claim 6,
The IC card, wherein the derived data is an encryption session key for generating a dynamically changed card ID.

Images