JP2006268473A - Automatic transaction device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To solve the following problem: because can a secret code number can be tested to the upper limit of an input frequency of the secret code number even if a plurality of analogized secret code numbers are present, a transaction is concluded when the right secret code number is present among the sequentially tested secret code numbers. <P>SOLUTION: This automatic transaction device has: an operation part wherein a user inputs secret code information; a host authentication processing part transmitting the secret code information inputted by the user to a host to obtain a host authentication result; an input instruction part requiring input of the secret code information to the user a plurality of times; and a storage part storing the inputted secret code information. The automatic transaction device performs host authentication of the inputted secret code information, requires new input of the secret code information regardless of the host authentication result, and decides identity authentication success when the same secret code information is newly inputted. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a personal authentication technique using a personal identification number of an automatic transaction apparatus used in a financial institution or the like.

In an automatic transaction apparatus (hereinafter referred to as ATM) used in a financial institution or the like, personal authentication is performed at the time of transaction. Conventionally, a personal identification number has been used as information for personal authentication. The user registers a password when issuing a cash card. When a transaction requiring personal authentication such as withdrawal is performed by ATM, a password input screen is displayed on the ATM touch panel, and the user inputs the password. The entered password is transmitted to the host, and the authentication result of the password is reported from the host to the ATM. If the authentication result is OK, the transaction is continued and established, but if it is NG, the transaction is not established. Note that the user may mistakenly input the PIN code due to an operation error or the like. In that case, even if the customer intends to input the correct password, the authentication result is NG. Therefore, when the authentication result is NG, a screen for requesting re-input of the password is displayed to the customer. Accordingly, the customer can know the input mistake of the personal identification number, and can enter the correct personal identification number to complete the transaction.
By the way, a stolen cash card may be used, and a deposit may be withdrawn. Further, in recent years, not only the cash card itself is stolen but also the card magnetic information is illegally obtained by skimming or the like, and a copy of the cash card may be created. In order to withdraw a deposit, it is necessary to obtain a personal identification number as well as a card, but since many users use personal information such as date of birth or telephone number as their personal identification number, the personal identification number is estimated from the personal information. It may be done. Further, in the case where the cash card placed in the PIN locker is skimmed, the deposit may have been withdrawn because the PIN code of the locker locker is the same as the PIN of the cash card. In this case, it is assumed that the password used for the rental locker is the same as the cash card password. In this way, even if the personal identification number is not directly stolen, the deposit may be withdrawn with the analogy personal identification number.
For this reason, in order to prevent misuse when a card is stolen, the number of input of a personal identification number is limited. For example, if you enter the wrong PIN number three times, the card becomes unusable. (For example, see Patent Document 1)
JP 2001-31469 A

  However, even if there are a plurality of estimated passwords, it is possible to try up to the upper limit of the number of input of the password. If the correct PIN is found after trying them in order, the transaction will be closed. For example, it is assumed that a certain person's card is obtained illegally and there are three personal identification numbers inferred from the personal information of the person. If it is possible to input a personal identification number up to three times as described above, all the personal identification numbers analogized with the person's card can be tried. If the correct PIN is included in it, the deposit will be successfully withdrawn.

In order to solve such a problem, the automatic transaction apparatus of the present invention has the following configuration.
<Configuration 1>
An operation unit for the user to input password information, a host authentication processing unit for transmitting the password information input by the user to the host and obtaining a host authentication result, and an input instruction for prompting the user to input the password information multiple times And a storage unit for storing the entered password information, and performing host authentication of the entered password information, asking for re-entry of the password information regardless of the host authentication result, The authentication is successful because the same password information is input again.
<Configuration 2>
The input instruction unit performs the second and subsequent input instructions by displaying a re-input instruction screen due to authentication failure regardless of the host authentication result.
<Configuration 3>
When host authentication of the entered personal identification information is successful, the mode in which the personal authentication succeeds when the same personal identification information is entered again is the first mode, and the host authentication of the entered personal identification number is successful. In this case, the mode in which the user authentication is successful is set as the second mode, and the number of times the password can be entered is the same in both the first and second modes.
<Configuration 4>
In an automatic transaction apparatus that verifies an identity by allowing a user to input password information and transmitting it to a host for authentication, an operation section for inputting the password information, and a storage section for storing the input password information are input. A host authentication processing unit for obtaining the host authentication result by transmitting the first password information to the host, a re-input instruction unit for requesting the user to input the second password information regardless of the host authentication result, If the host authentication result is authentication success, the identity authentication succeeds when the first password information and the second password information match.
<Configuration 5>
When the first password information and the second password information do not match, the re-input instruction unit instructs the user to input the third password information again, and the re-input third The personal authentication succeeds when the personal identification information matches the first personal identification information.
<Configuration 6>
If the host authentication result based on the first password information is an authentication failure, the host authentication processing unit sends the second password information to the host to obtain a second host authentication result, and a re-input instruction unit Prompts the user to input the third password information regardless of the second host authentication result, and if the second host authentication result is successful, the second password information and If the third password information matches, the personal authentication is successful.
<Configuration 7>
If the second host authentication result is an authentication failure, it is determined that the personal authentication has failed without performing the host authentication of the third password information.

  Since the personal identification number is always re-entered, it is possible to prevent an unauthorized transaction by a person who does not know the correct personal identification number from being established.

  The present invention is characterized by the ATM password authentication method. ATMs may be installed at a branch office such as a financial institution, a convenience store, or a cash corner on the street, but the present invention can be applied regardless of the installation location as long as the password is authenticated. Here, a description will be given as follows for an example of an ATM installed at a branch of a financial institution. Further, here, a cash card will be described as an example. However, the present invention can be applied to other types of cards such as a credit card as long as a password is input.

<Configuration of Example 1>
FIG. 2 is a system configuration diagram of the present invention.

  The store 1 is a store of a financial institution. The business store 1 has an ATM corner and an ATM 5 is installed. A plurality of ATMs 5 are usually installed, and are represented as ATMs 5a and 5b in FIG. ATM 5 is connected by a LAN in the store. The LAN of the branch office 1 is connected to the center 3 of the financial institution via the network 2. The network 2 uses a dedicated line or the like, but may be another communication network such as the Internet VPN as long as security can be ensured. A host 4 is installed at the center. The host 4 executes account transactions of financial institutions. The center 3 is provided with a CRM (Customer Relationship Management) server 6. The CRM server 6 includes a customer information database and has a function of managing various customer information. In this embodiment, the CRM server 6 operates as a customer information providing server that provides information about what services each customer receives from a financial institution to the ATM as customer information. The ATM 5 can communicate with the host and the CRM server 6 via the in-store LAN and the network 2 to execute account transactions and obtain customer information.

  Here, the password authentication at the host 4 will be described.

  When the host 4 receives the PIN number data input by the customer from the ATM 5 for a certain customer account, the host 4 compares it with the PIN number of the account in the account master. As a result, if the passwords match, the ATM 5 is notified to the authentication OK, and if they do not match, the ATM 5 is notified to the authentication NG.

  Next, the structure of ATM5 is demonstrated based on FIG.

  The control unit 51 is a processing unit that controls each function unit of the ATM 5, and is actually a control program of the ATM 5.

  The operation unit 52 provides an interface function for a customer to operate the ATM 5, and a touch panel having both display and input functions is used. Needless to say, any other device having a display function and an input function may be used, for example, a combination of a display device such as a liquid crystal panel or a CRT and a keyboard.

  The host authentication processing unit 53 is a functional unit that sends a password entered by a customer via a communication unit (not shown) to the host 4 and receives an authentication result from the host 4.

  The input instruction unit 54 is a functional unit that requests an input necessary for a transaction from a customer. Specifically, the input instruction unit 54 displays various input screens or operation screens as shown in FIGS. 3 and 4 on the operation unit 52, and allows the customer to perform various inputs and operations such as card insertion. . In the present embodiment, when a password number input instruction is given, it operates as a password number input instruction section.

  Note that when the host authentication of the personal identification number is NG, the customer may simply make an input mistake, so a screen as shown in FIG. 5 is displayed and the customer is requested to input again. The number of re-inputs is limited to a predetermined number in order to prevent unauthorized use by brute force. Here, it is assumed that the number of times that input is possible is three. That is, the password can be input up to three times. If the password is wrong three times, the personal authentication by the password is failed and the transaction is not established. In that case, the account and the used card may be disabled. In the re-input operation, the input instruction unit 54 operates as a password re-input instruction unit or a re-input instruction unit.

  The storage unit 55 is an ATM 5 main storage device, that is, an auxiliary storage device such as a main memory or a hard disk. In this embodiment, it operates as a password information storage unit for storing a password entered by a customer. In the present embodiment, since the number of times the code number can be input is set to 3 as described above, the code number for the first input, re-input, and re-input is stored in the storage unit 55 for the first password. Information 55a, second password information 22b, and third password information 55c are stored. When the predetermined number of times is more than three times, the password information may be increased in accordance with the predetermined number of times.

  In addition to this, the ATM 5 has a configuration (not shown) generally provided in the ATM, such as a cash card reader unit, a cash input / output unit, and a receipt printing unit.

  Now, in the ATM 5 of the present invention, two modes are provided in the personal authentication procedure using the above-mentioned personal identification number.

  One is the normal mode. In the normal mode, if the host authentication result is OK, the personal authentication is OK.

  The second is a reconfirmation mode. In the reconfirmation mode, the password is re-inputted by the user regardless of the host authentication result. That is, even when the host authentication is OK, a screen as if it was NG is displayed. When the user inputs the same personal identification number again, the personal authentication is OK. The control unit 51 performs control such as personal authentication based on these comparison processes and comparison results.

  Note that which of these modes is used is stored in the customer information DB of the CRM server 6 as personal authentication mode information. The customer can switch this mode at the time of opening the account and at a desired time after opening the account. The ATM 5 obtains the personal authentication mode information by appropriately accessing the CRM server 6 and determines in which mode the transaction is to be executed.

  Here, the significance of providing such a reconfirmation mode will be described.

  If a re-entry screen as shown in FIG. 5 is displayed after entering the password, if the ATM 5 user is a valid user, that is, the person or agent (hereinafter referred to as a valid user), the correct password is displayed. I try to enter the same PIN again.

  If the ATM5 user is an unauthorized user, that is, a person who is attempting to withdraw money or the like illegally using a stolen card or an illegally copied card (hereinafter referred to as an unauthorized person) It is likely that you are using it. In this case, it is considered that there are usually a plurality of passwords that can be inferred. That is, the date of birth of the person or family, a telephone number, a personal identification number used for other things such as the above-mentioned rental locker, and the like.

  For example, it is assumed that the birthday of a legitimate user is October 31, and the spouse and child's birthdays are December 01 and April 10, respectively. In that case, there are three password numbers “1031”, “1201”, and “0410” as birthdays of the person and the family alone. If other personal information such as the above-mentioned telephone number is also used, the number of candidates further increases. Since there are a plurality of candidates in the case of analogizing the personal identification number in this way, it is considered that an unauthorized person tries the personal identification numbers as candidates in order to input personal identification information.

  Even if the correct password is obtained by stealing the memo of the legitimate user, etc., if there is no confirmation that the number string is the password of the account, the password of Candidates will be prepared.

  Accordingly, when the re-entry screen 7c as shown in FIG. 5 is displayed, an unauthorized person is not sure of the input password, and the password is different from the next candidate, that is, the password entered first. Enter. If the re-input screen is displayed, the next candidate will be entered.

  In addition, since the legitimate user remembers the fact that he / she chooses to use the reconfirmation mode, even if the message “PIN code is different” appears, the same PIN number should not be confused. Can be entered. Even if you forget the fact that you have chosen to use the reconfirmation mode, if you know the correct PIN, you will simply assume that you have made an input mistake rather than suspecting that the PIN is different, and then do the same again. There is a high possibility of entering a password.

  As described above, according to the present invention, if a legitimate user is asked to re-enter the password, the same password is likely to be entered, and if it is an unauthorized person, a different password is likely to be entered. , Based on the knowledge, to prevent unauthorized use of cards.

  By the way, even if it is a legitimate user, there is a case where the input of the password is missed. If the input of the first password is missed, the host authentication is NG. In this case, after the host authentication is performed again with the re-entered personal identification number, the personal identification number is again input and compared in the same manner.

  It is clear that the first host authentication is OK, and if a mistake is made by re-entry, if the host authentication is performed with the re-entered password, the host authentication result is NG. Therefore, if there is a password that has already become host authentication OK, host authentication is not performed on the password that has been input thereafter, and only a comparison with the password that has already become host authentication OK is performed.

  The control of the comparison and determination is performed by the control unit 51.

<Operation of Example 1>
Here, with reference to FIG. 6, the personal authentication process using the personal identification number in the normal mode in the ATM 5 of this embodiment will be described.

S101: The transaction selection screen 7a shown in FIG. The user can start a desired transaction by touching a button on the transaction selection screen 7a. Here, it is assumed that “withdrawal” is selected from transactions that require personal authentication using a personal identification number.

S102: ATM5 displays on the operation unit 52 a screen asking the user to insert a cash card. When the user inserts a cash card, ATM 5 reads account information from the cash card.

S103: The control part 51 of ATM5 requests | requires the personal authentication mode information of the said account with respect to the CRM server 6 based on the read account information. As a result, it is found here that the normal mode is selected, and the process proceeds to S104. If it is determined that the mode is the reconfirmation mode, the process proceeds to a reconfirmation mode process described later.

S104: The password input screen 7b shown in FIG. On the password input screen 7b, a message "Please enter the password", a numeric keypad for entering numbers, a display that displays the entered password as a mask, and transactions without entering the password The in-transaction button for closing is displayed. The user sees this screen and inputs a password.
Since operations on other screens such as a withdrawal amount input screen are the same as those of a conventional ATM, description thereof will be omitted.

S 105: The host authentication processing unit 53 sends the input personal identification number to the host 4. The host 4 performs authentication by comparing the passwords, and notifies the ATM 5 of the host authentication result. The host authentication processing unit 53 receives the notified authentication result and passes it to the control unit 51.

S106: The control unit 51 determines whether the host authentication result is OK or NG. If it is OK, the process proceeds to S107. If it is NG, the process proceeds to S108.

S107: The control unit 51 determines that the personal authentication is successful.

S108: The control unit 51 determines whether re-input has been performed a predetermined number of times. Here, since the number of possible inputs is 3, the predetermined number of re-inputs is 2 times. If the re-input has been performed twice, the process proceeds to S110. If the number of re-inputs has not reached 2, the process proceeds to S109.

S109: The input instruction unit 54 causes the operation unit 52 to display the password re-input screen 7c shown in FIG. The re-input screen 7c is the same as the input screen 7b except that the message is changed to the phrase "The password is different. Please enter the password again." The user sees the re-input screen and re-enters the password.
In addition, when the user misses the input of the password again and the host authentication result is NG, this step is executed again. In that case, the screen 7c is displayed as the re-input screen.

S110: The control unit 51 determines that the personal authentication has failed.

S111: The control unit 51 ends the transaction based on the personal authentication result. That is, if the personal authentication is successful, a transaction is established. If the identity authentication is unsuccessful, the transaction is canceled and canceled. In particular, when the password has been re-input a predetermined number of times, crime prevention measures such as taking in a cash card or invalidating it are taken.

Next, the personal authentication process using the password in the reconfirmation mode will be described with reference to FIG.
As a result of S103, when the personal authentication mode is the reconfirmation mode, the process proceeds to S201. In the reconfirmation mode, the input passwords are stored in the storage unit 55 for comparison with each other. In addition, when the stored password is authenticated by the host, it is also stored with OK or NG information.

S201: Since it is the same as S104, description is abbreviate | omitted. The input password is stored in the first password information 55a.

S202: Since it is the same as S105, description is abbreviate | omitted.

S203: The input instruction unit 54 displays the re-input screen 7c on the operation unit 52. That is, the re-input screen 7c is displayed regardless of whether the host authentication result is OK or NG. The user sees this screen and inputs the password again.
Here, as described above, it is expected that if the user is a valid user, the same password is input again, and if the user is an unauthorized person, a different password is input.

S204: The control unit 51 determines whether there is a personal identification number whose host authentication result is already OK. If there is already a password whose host authentication result is OK, the process proceeds to S205. If not, the process proceeds to S207.

S205: The personal identification number for which the host authentication is successful is compared with the re-entered personal identification number. If they match, the process proceeds to S206, and if they do not match, the process proceeds to S207.

S206: The control unit 51 determines that the personal authentication is successful.

S207: If the password that has been accepted for host authentication does not match the password that has been re-entered, or if there is no password that has been successfully accepted for host authentication, the control unit 51 determines whether re-entry has been performed a predetermined number of times. To do. Here, as in S108, the predetermined number of re-inputs is two. If the re-input has been performed twice, the process proceeds to S208. If the number of re-inputs has not reached 2, the process proceeds to S209. In the reconfirmation mode, one re-input has already been performed when this step is executed for the first time.

S208: The control unit 51 determines that the personal authentication has failed.

S209: If the re-input has not reached the predetermined number of times, the control unit 51 confirms whether or not the host authentication result is already OK. If there is no personal identification number whose host authentication result is OK, the process proceeds to S210. If there is already a password whose host authentication result is OK, the process proceeds to S203 without performing S210, and the password is input again.

S210: The host authentication processing unit 53 sends the re-input password to the host 4 and obtains a host authentication result. Thereafter, the process proceeds to S203 again, and the password is input again.

S211: Same as S111.

  From the above description, the characteristics of the identity authentication being successful when the password that has become the host authentication OK and the password that has been re-entered thereafter are the essence of the present invention have been clarified.

  Here, in order to further clarify the operation of the reconfirmation mode of the present invention, the operation of the present invention will be described below from the viewpoint of handling password information stored in the storage unit.

  FIG. 8 represents the processing of the present invention without using a loop in order to explain the handling of the password information in the storage unit. Here, the maximum number of inputs is three. The normal mode is omitted.

  Since S301 to S303 are the same as S101 to S103, description thereof will be omitted. S304 to S305 are the same as S201 to S202. In S303, it is assumed that the personal authentication mode information is the reconfirmation mode. S304 to S305 are the same as S201 to S202.

S306: The input instruction unit 54 displays the re-input screen 7c on the operation unit 52. That is, the re-input screen 7c is displayed regardless of whether the host authentication result is OK or NG. The user sees this screen and inputs the password again.
Here, as described above, it is expected that if the user is a valid user, the same password is input again, and if the user is an unauthorized person, a different password is input.
The re-entered password number is stored in the second password information 55b.

S307: The control unit 51 determines whether the host authentication result is OK or NG. If it is OK, the process proceeds to S308. If it is NG, the process proceeds to S310.

S308: If the host authentication result is OK, the first password information 55a is compared with the second password information 55b. If they match, the process proceeds to S309, and if they do not match, the process proceeds to S311.
Here, when this step is executed when the user is a legitimate user, the first password information 55a and the second password information 55b are usually input with the same password, so that they match each other. Authentication is successful.
The case where this step is executed when the person is an unauthorized person is when the password candidate inputted as the first password information 55b happens to be correct password information. In this case, since the second password information 55c is inputted with a candidate for the next password number, the two passwords do not coincide with each other and the personal authentication is not successful.
If they do not match, the reason for shifting to S311 (that is, the host authentication with the second password information 55b is not performed) is that the host password is already OK with the first password information 55a, and matches with that. This is because there is no point in performing host authentication using the second password information 55b.

S309: The control unit 51 determines that the personal authentication is successful.

S310: The host authentication processing unit 53 transmits the second password information 55b to the host 4 and obtains a host authentication result.

S311: The input instruction unit 54 displays the input screen 7c again on the operation unit 52. That is, the re-input screen 7c is displayed regardless of whether the host authentication result is OK or NG. Note that the re-input screen 7c is the same screen as the re-input screen. The user sees this screen and inputs the password again. The entered password is stored in the third password information 55c.

S312: The control unit 51 determines whether the host authentication result is OK or NG. If it is OK, the process proceeds to S313. If it is NG, the process proceeds to S314.
In this case, the contents of the third personal identification number are not considered, and host authentication or the like is not performed. This is because the third password is the last password that can be entered, and even if the third password is the correct password, the password to be compared is not input any more.

S313: The personal identification number for which the host authentication is successful is compared with the third personal identification information 55c.
Here, when this step is executed when the user is a legitimate user, it is considered that either the input of the first password information 55a is missed or the input of the second password information 55b is missed. .
For this reason, if it is due to an input error of the first password information 55a, the second password information 55b and the third password information 55c coincide with each other, and the personal authentication is successful. If it is due to an input error of the second personal identification information 55b, the first personal identification information 55a and the third personal identification information 55c coincide, and the personal authentication is successful. In addition, if it is a normal authorized user, it is thought that the possibility of making mistakes in both is low.
The case where this step is executed when the person is an unauthorized person is when the password number candidate inputted as the second password information 55b happens to be correct password information. In this case, since the third password information 55c is inputted with a candidate for the next password, it does not match the second password information 54a, and the personal authentication fails.

S314: The control unit 51 determines that the personal authentication has failed.

S315: Same as S111.

  As described above, the personal identification is successful when the personal identification number that has been accepted as host authentication and the personal identification number that has been re-entered thereafter are successful. If the fraudulent method is used, even if the correct password is included in these candidates, it is only entered once, so that it is possible to prevent unauthorized transactions.

  In these processes, since the comparison with the re-entered personal identification number is performed in the ATM 5, the process of the host 4 does not change between the normal mode and the reconfirmation mode, so the program of the host 4 is changed when the reconfirmation mode is implemented. There is no need.

  In addition, it is only necessary to input the password on the conventional re-entry screen, and no additional configuration is required. Therefore, it is not necessary to add new hardware or the like compared to the information using information other than the password such as biometric information. It can be realized only by changing the program of ATM5.

  In addition, the re-input screen displays that the password is different, that is, the host authentication failed, regardless of whether the host authentication result is OK or NG. However, you can make it appear that you have entered the wrong PIN for the fraudster. Even if an unauthorized person knows that the account uses the reconfirmation mode, whether or not the entered password is correct is determined unless the same password is entered twice. Since this is not possible, the efficiency of fraud can be significantly reduced.

  Furthermore, if the number of possible inputs is set to 3 as in this embodiment, the remaining one can be input only for the last time when host authentication is not performed, and only one personal identification number can be tried. It becomes. In the normal mode, the number of trials can be increased up to three times, which is one third of the number, and the efficiency of fraud can be significantly reduced.

  In this embodiment, the number of times that input can be performed is about three times, but it can be changed as appropriate according to the business form. However, the number of passwords that can be entered in the normal mode and the reconfirmation mode is automatically the same so that the user authentication mode used is not known depending on the number of times that the authentication fails. It is desirable to have common settings so that

  Note that after the password is re-entered, if the password that has become host authentication OK matches the password that has been re-entered, the host communication is not actually performed, but the host communication screen is displayed and the host communication is performed. After waiting for a time equivalent to the time, the operation when the personal authentication is successful may be performed. By doing so, it is possible to prevent the user from knowing which user authentication mode is being used from the response time after re-input.

  In addition, it is desirable to display the same screen in either mode, but it may be necessary to distinguish which mode from the displayed screen for administrative reasons. It is done. In that case, if a message stating that “the entered PIN is different” is displayed to the unauthorized person, it is considered that there is a certain effect, so even if another screen containing such a message is displayed. Good. It should be noted that it is more effective if the screen is such that the outsider cannot see the difference even at first glance.

  Although the personal authentication mode information is acquired from the CRM server 6, if the personal authentication mode information can be acquired before the personal authentication process is executed in the ATM 5, if the personal authentication mode information is acquired, the information is stored in the cash card. The host 4 may have information.

ATM functional block diagram System Configuration Transaction selection screen Security code input screen Security code re-input screen Normal mode processing flow Process flow in reconfirmation mode Process flow in reconfirmation mode

Explanation of symbols

1 branch office 2 network 3 center 4 host 5 ATM
51 Control Unit 52 Operation Unit 53 Host Authentication Processing Unit 54 Input Instruction Unit 55 Storage Unit 6 CRM Server

Claims (7)

An operation unit for a user to input personal identification information;
A host authentication processing unit that sends the password information entered by the user to the host and obtains a host authentication result; and
An input instructing unit that prompts the user to input password information multiple times;
A storage unit for storing the input password information,
The host authentication of the entered password information is performed, the password information is requested to be entered again regardless of the host authentication result, and the same password information as the password information that has been successfully host-authenticated is entered again. Automatic transaction device. The input instruction unit performs the second and subsequent input instructions by displaying a re-input instruction screen due to authentication failure regardless of the host authentication result.
The automatic transaction apparatus according to claim 1. When host authentication of the entered personal identification information is successful, the first mode is a mode in which the personal identification is successful when the same personal identification information is input again.
When host authentication of the entered password is successful, the mode in which the personal authentication is successful is set as the second mode,
In either of the first mode and the second mode, the number of times the password can be entered is the same.
The automatic transaction apparatus according to claim 1 or 2. In the automatic transaction device that verifies the identity by allowing the user to input the password information and sending it to the host for authentication,
An operation unit for inputting password information;
A storage unit for storing the input password information;
A host authentication processing unit for transmitting the input first password information to the host and obtaining a host authentication result;
A re-input instruction unit that requests the user to input the second password information regardless of the host authentication result;
If the host authentication result is authentication success, the identity authentication succeeds when the first password information and the second password information match.
Automatic transaction device. When the first personal identification information and the second personal identification information do not match, the re-input instruction unit instructs the user to input the third personal identification information again.
The third password information re-entered again matches the first password information, and the personal authentication is successful.
The automatic transaction apparatus according to claim 4. In claim 4,
When the host authentication result by the first password information is an authentication failure,
The host authentication processing unit transmits the second password information to the host to obtain a second host authentication result,
The re-input instruction unit requests the user to input the third password information regardless of the second host authentication result,
If the second host authentication result is an authentication success, the identity authentication succeeds when the second password information and the third password information match.
Automatic transaction device. If the second host authentication result is an authentication failure, the authentication of the person is failed without performing the host authentication of the third password information.
The automatic transaction apparatus according to claim 6.

Images