JP2007072766A - Personal authentication system and method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a personal authentication system having a protection function against a stolen device and illegally copied device. <P>SOLUTION: A device 8 has an ID code and an access code as personal authentication codes, while a personal computer/server 10 has an ID code and an access code same as those of the device. A personal authentication apparatus 12 reads the ID code and the access code of the device to compare them with those of the personal computer/server for authenticating the device. After confirmation is established, the access code of the device and that of the personal computer/server are rewritten. When the access code is rewritten, the stolen/illegally copied device cannot be used. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a personal authentication system and method, and more particularly to a personal authentication system and method in device authentication using a device (such as a magnetic card / IC card / IC memory / IC tag).

  Device authentication using a device (magnetic card / IC card / IC memory / IC tag, etc.) as a personal authentication method when using a personal computer (PC), server, ATM (automatic deposit payment machine), credit card, etc. Password authentication using a password, biometric authentication using a retina / palm / auricle / voice / vein / DNA / handwriting / face / iris / fingerprint.

  In device authentication, impersonation of the person is regarded as a problem due to theft and skimming. In addition, it is necessary to construct a system in which a stolen / skimmed device is less likely to be used than to prevent theft / skimming.

  In password authentication, passwords may be leaked. In addition, since passwords are based on the principle that they cannot be taught, seen, or guessed by others, they largely depend on the person's awareness.

  In biometric authentication, there is concern about the leakage of physical personal information. In addition, the elderly and persons with disabilities should not feel resistance.

  When the use of the personal computer or the server is permitted only to an authenticated individual, the user inputs the ID / password, and if they match, the authentication is established.

  In the case of ATM, when a user reads a cash card (personal authentication code) and subsequently inputs a password, the authentication is established when they match.

  In using a personal computer, server, ATM, or credit card, a high level of security can be established by combining a plurality of the above authentication methods. However, theft and skimming in device authentication cannot be ignored. Therefore, it is necessary to construct a system having a defense function against a stolen device or a device illegally copied.

  An object of the present invention is to provide a personal authentication system and method in device authentication that answers such a need.

In the personal authentication system of the present invention, after the authentication is established, the personal authentication code is rewritten so that an illegally copied device cannot be used. The personal authentication code is rewritten by managing the personal authentication code with an ID code and an access code and rewriting only the access code.
Moreover, the device used for authentication is preferably a non-contact type device that can perform authentication even if it is put in a pocket such as clothes without touching the human eye.
When withdrawal or the like is performed at an ATM or the like, or when settlement or the like is performed at a credit terminal or the like, a report email is transmitted to a designated email address. For this reason, it becomes possible to quickly find illegal withdrawals, unauthorized payments, and the like.

  By introducing this system and method, it becomes a deterrent to information leakage from existing systems, fraudulent withdrawal from ATMs, fraudulent payments from credit terminals, and the like.

  First, a personal authentication system for a personal computer / server will be described.

Device Configuration FIG. 1 shows a device configuration. A contact type or non-contact type personal authentication device 12 is provided near the personal computer / server 10.

Device Interface FIG. 2 shows the configuration of the device interface. The personal authentication device 12 includes a type that is externally attached to the personal computer / server 10 and a type that is built into the personal computer / server 10.

An external type personal authentication device 12 is shown in FIGS. 3A and 3B.
FIG. 3A shows a type in which a reader / writer 14 and a device authentication check program 16 are provided in the personal authentication device 12 and a device authentication monitoring program 18 is provided in the personal computer / server 10.
FIG. 3B shows a type in which a reader / writer 14 is externally attached and a device authentication check program 16 and a device authentication monitoring program 18 are provided in the personal computer / server 10.

A built-in type personal authentication device is shown in FIGS. 4A and 4B.
FIG. 4A shows a type in which the personal authentication device 12 and the device authentication monitoring program 18 are provided in the personal computer / server 10.
FIG. 4B shows a type in which a reader / writer 14, a device authentication check program 16, and a device authentication monitoring program 18 are provided in the personal computer / server 10.

Details of System Configuration FIG. 5A shows a small-scale system configuration (stand-alone configuration).
FIG. 5B shows a medium / large scale system configuration (PC / server 10 is connected to authentication DB server 20 of a third party).
An outline of the personal authentication system shown in FIGS. 5A and 5B will be described.
FIG. 6 is a diagram for explaining the outline.

The outline of the personal authentication system will be described with reference to these drawings.
(1) The user has the personal authentication device 8 and sits in front of the personal computer / server 10.
(2) Turn on the personal computer / server 10.
(3) The personal authentication code / access code of the personal authentication device 8 is read by the reader / writer 14 of the personal authentication device 12 connected to the personal computer / server 10.
(4) The personal authentication device 12 uses the device authentication check program 16 to check whether the personal authentication code of the personal authentication device 8 is a registered personal authentication code.
(5) If the validity check in (4) is OK, the device authentication check program 16 reads the access code associated with the personal authentication code stored in the personal authentication device 12 or the authentication DB server 20 and performs a comparison check I do. When the comparison result is NG, the login operation to the personal computer / server 10 is prohibited.
(6) If the comparison result is OK, the device authentication check program 16 issues the next access code, writes the next access code to the personal authentication device 8, and links the personal authentication code to the personal authentication device 12 or the authentication DB server 20. It is stored as the attached next access code. Thereafter, the login operation to the personal computer / server 10 is permitted. The access code can be rewritten only during login operations.
(7) If the comparison result is NG, login operation to the personal computer / server is prohibited.

The personal computer / server personal authentication system described above has the following advantages.
(1) By rewriting the access code of the personal authentication device, it becomes extremely difficult to use an illegally copied personal authentication device.
(2) By making the personal authentication device non-contact, authentication can be performed with the same operation as before only by wearing a personal authentication device (for example, an IC tag).
(3) When the user leaves the seat with the personal authentication device 8 after logging in, the operation and reference via the LAN are automatically disabled. Therefore, a third party cannot operate the personal computer. It should be noted that when the user returns to the seat, the operation is enabled.
(4) If the personal authentication device 12 is intentionally removed or breaks down, login operation is prohibited. If logged in, disable operations and references via LAN. Therefore, the personal computer / server 10 cannot be operated.
(5) When the personal authentication device 8 is of a non-contact type (for example, an IC tag), only the corresponding personal authentication device is rewritten, and other personal authentication devices are not rewritten.
(6) By providing an encryption function to the exchange between the personal authentication device 12 and the personal authentication device 8 / authentication DB server 20, it is safe even if the data being communicated is illegally read. Note that the encryption method is not complicated but a general one is used.
(7) Since the personal authentication device has an encryption function, it cannot be used even if copied to a device without the encryption function. Even a device having an encryption function cannot be used unless the encryption key is known.
(8) Even when a personal authentication device copied illegally is used with a personal computer / server, it can be discovered by the next authentication, so that an immediate response is possible.
(9) Security is enhanced by using a plurality of personal authentication devices. For example, it is conceivable that one is managed by the person and one is managed by a company management box. In this case, even if it is illegally copied, the next time the access code is rewritten when the company-stored personal authentication device is returned to the management box, so that unauthorized use becomes extremely difficult.
(10) If a personal authentication device has already been introduced as an employee ID card, the empty area of employee information is used as an access code, so attendance / exit management can be used as it is.

For the operation of the personal authentication system for the personal computer / server, the following various methods can be employed.
(1) Issuing and managing personal authentication devices It is possible to issue and manage personal authentication devices in-house, but considering security, it is preferable that they are issued by a third-party organization and the operation management is performed in-house. .
(2) Method of associating (registering) a personal authentication device with a personal computer A third-party organization issues a personal authentication device and registration software linked to the personal authentication device, and the personal authentication code of the personal authentication device is registered with the registration software. Register to a personal authentication device. In this case, registration password input is required.
It should be noted that registration restrictions are imposed on the personal authentication device so that registration exceeding the upper limit cannot be performed. Registration information is deleted with a registration deletion IC tag, and then the registration work is performed.
(3) Restricting user registration Although it is possible to register multiple users on a personal authentication device, it is safer to limit the number of people who can operate a personal computer / server for security reasons. Therefore, it is preferable to limit the number of users that can be registered in the personal authentication device to as few as possible.
(4) Personal authentication code / access code management method
When the personal authentication device is issued by a third party as described in (1), it is preferable that the access code is managed by a third party and the personal authentication code is managed by a personal authentication device. However, in the case of a small-scale system, it is better to use an in-house personal computer in terms of management costs.
(5) If the personal authentication device is stolen or lost The registration information is deleted using the registration deletion software / registration deletion IC tag. In this case, it is necessary to input a deletion password. After deletion, request a reissue of the personal authentication IC tag to a third party.
Accordingly, the personal computer cannot be used until the personal authentication device is reissued.
At the time of reissuance, registration work is performed in (2).
(6) When an unauthorized user tries to use the registration process
When registering as described in (2), registration software linked to a personal authentication device is required. When registering, if the personal authentication code has already been registered, registration exceeding the upper limit cannot be performed. In the case of deletion, registration deletion software / registration deletion device is required as described in (5). Since the above procedure is required, it is extremely difficult for an unauthorized user to register.
(7) If you forget your personal authentication device at home It is possible to prepare a spare personal authentication device, but it should not be prepared for security reasons. Therefore, you cannot log in to the personal computer / server until you bring your personal authentication device.
(8) When an abnormality occurs when rewriting the access code The access code is rewritten in the order of personal authentication device → PC / server or authentication DB server, and a log is left.
Ask a third party to investigate and identify the problem. Therefore, the login operation cannot be performed until the problem is solved. The following factors can be considered as abnormalities.
a The personal authentication device is broken or disconnected.
b The personal authentication device is damaged.
c There is a problem with the PC / server.
d There is a problem with the authentication DB server.
(9) If the personal authentication device is damaged (cannot be read) Request an investigation from a third party to identify the problem. Therefore, the login operation cannot be performed until the problem is solved.
The following factors can be considered as the reasons why the data cannot be read.
a The personal authentication device is broken or disconnected.
b The personal authentication device is damaged.
(10) If the access code of the personal authentication device does not match the registered access code Request an investigation to a third party to identify the problem. Therefore, the login operation cannot be performed until the problem is solved. The following factors can be considered as causes of the access code mismatch.
a Unauthorized use occurred.
Confirm that both the personal authentication device and personal authentication device are normal and there is no access code rewriting error (see log).
If the conditions are met, unauthorized use may have occurred.
If the conditions are not met, there is very little possibility of unauthorized use.
If there is a possibility of unauthorized use, delete registration information and request reissue of personal authentication device.
b Trying to misuse.
When authentication is performed using an illegally copied personal authentication device, access code mismatch occurs. In this case, authentication is NG, and login to the personal computer / server is not possible.
c An error occurred when writing the access code, resulting in a mismatch.
The cause described in (8) can be considered as the cause of the occurrence of abnormality.
(11) If the personal authentication device is broken or disconnected The login operation cannot be performed until the following problems are resolved.
When the personal authentication device is disconnected b When the personal authentication device is not disconnected If the personal authentication device is not recognized, there is a problem with one of the personal authentication device / personal authentication device / computer / server / authentication DB server. Ask a third party to investigate and identify the problem. If the personal authentication device / personal computer / server / authentication DB server is normal, the personal authentication device may be out of order.
(12) If the registered personal authentication code or access code cannot be obtained Request an investigation from a third party to identify the problem. Therefore, the login operation cannot be performed until the problem is solved. The following factors can be considered as reasons why the personal authentication code and access code cannot be obtained.
a The personal authentication device is broken or disconnected.
b There is a problem with the authentication DB server.
(13) When accessed from another computer in the company or from outside.
It is recognized as a security problem such as file sharing.
(14) If a personal authentication device is stolen or lost during login
It is necessary to delete the registration information as in (5).
(15) Security of personal authentication code / access code If the personal authentication code / access code is in the personal authentication device, it cannot be read intentionally. When the personal authentication code / access code is in the authentication DB server, reading from other than the personal authentication device is prohibited.
Also, it is encrypted because it may be read by a third party during data reading / writing.
(16) Access code generation and encryption The access code for rewriting (preferably 16 bits or more) is generated in the personal authentication device. Further, it is preferable that the exchange between the personal authentication device and the personal authentication device, and between the personal authentication device and the authentication DB server is encrypted.

Next, device authentication in a personal authentication system for a personal computer / server will be described.
FIG. 7 shows a schematic flow, FIG. 8 shows a device authentication check program flow, and FIG. 9 shows a device authentication monitoring program flow.
The device authentication check unit of the personal authentication device 12 first reads the information of the personal authentication device 8. Next, the personal authentication code / access code of the personal authentication device is compared with the registered personal authentication code / access code. Next, the comparison result is notified to the device authentication monitoring unit of the personal computer / server 10. Next, the access code rewriting request from the device authentication monitoring unit is read. Next, the next access code is generated. Next, the access code is rewritten. Next, the device authentication monitoring unit is notified of the rewrite result.
Refer to FIG. 8 for details of the flow of the device authentication check program.

The device authentication monitoring unit of the personal computer / server 10 first prohibits a login operation as shown in FIG. Next, it waits until the device authentication result becomes “OK”. If the device authentication is OK, the login operation is permitted. Next, the personal authentication device 12 is notified of an access code rewriting request.
Refer to FIG. 9 for details of the flow of the device authentication monitoring program.

  The detailed device authentication processing flow in the personal authentication system for the personal computer / server described above is shown in FIGS. A detailed device authentication monitoring flow is shown in FIG.

  Next, a personal authentication system for ATM will be described.

Device Configuration FIG. 14 shows a device configuration. A non-contact type personal authentication device 32 is provided near the ATM 30. Alternatively, a contact type or non-contact type personal authentication device 32 is provided in the ATM 30.

Device Interface FIG. 15 shows the configuration of a device interface. The personal authentication device 32 includes a type externally attached to the ATM and a type incorporated in the ATM.
An external type personal authentication device 32 is shown in FIG. A reader / writer 14, a device authentication check program 16, and a device authentication monitoring program 18 are provided in the personal authentication device 32.
A built-in type personal authentication device 32 is shown in FIG. A personal authentication device 32 is provided in the ATM 30.

Details of System Configuration FIG. 18 shows an ATM system configuration. FIG. 19 shows an outline of the personal authentication system.
The outline of the personal authentication system will be described with reference to these drawings.
(1) The user has the personal authentication device 8 and stands in front of the ATM 30.
(2) Insert the cash card 34 into the ATM 30.
(3) The personal authentication code / access code of the personal authentication device 8 is read by the personal authentication device 32 connected to the ATM 30.
(4) The personal authentication device 32 checks whether the personal authentication code of the personal authentication device 8 is a personal authentication code registered as the owner of the cash card 34.
(5) If the validity check in (4) is OK, the access code linked to the personal authentication code stored in the center server 36 is read and a comparison check is performed. When the validity check in (4) is NG, the input operation to the ATM 30 is prohibited.
(6) If the comparison result is OK, after the next access code is issued by the center server 36, the next access code is written in the personal authentication device 8. After that, the password input is permitted. The access code is rewritten only when the password input operation is completed.
(7) After withdrawal, the center server 36 sends a withdrawal report email to the email address designated by the user.

The above ATM personal authentication system has the following advantages.
(1) By rewriting the access code of the personal authentication device, it becomes extremely difficult to use an illegally copied personal authentication device.
(2) By making the personal authentication device a non-contact type, it is possible to pull out with the same operation as before only by wearing a personal authentication device (for example, an IC tag).
(3) Even if the cash card is stolen or skimmed, unauthorized withdrawal cannot be performed without a personal authentication device.
(4) Personal authentication device⇔By providing an encryption function in the exchange with the personal authentication device / center server, it is safe even if the data being communicated is illegally read. Note that the encryption method is not complicated but a general one is used.
(5) Since the personal authentication device is provided with an encryption function, it cannot be used even if copied to a device without the encryption function. Even a device having an encryption function cannot be used unless the encryption key is known.
(6) By making the personal authentication device different from the shape of the cash card, it becomes extremely difficult to perform unauthorized withdrawal by theft or skimming. For example, the personal authentication device may be a mobile phone with a built-in personal authentication device.
(7) When targeting a cash card (magnetic card / IC card) that is already in use, an empty area of information can be used as an access code.
(8) When the personal authentication device is of a non-contact type (for example, an IC tag), only the corresponding personal authentication device is rewritten, and other personal authentication devices are not rewritten.
(9) Even if the card is withdrawn using a stolen or illegally copied cash card / personal authentication device, it can be discovered by a withdrawal report mail or the next authentication, so that an immediate response is possible.

For the operation of the personal authentication system for ATM, various methods shown below can be adopted.
(1) Issuing and managing personal authentication devices Although it is possible to issue and manage personal authentication devices at each financial institution, it is security that users have the same number of personal authentication devices as the transaction financial institution.・ Problems are likely to arise from an administrative perspective. Therefore, it is desirable that the personal authentication device is issued by a third-party organization to the user after issuing the common personal authentication device.
(2) Management method of personal authentication code / access code It is possible to manage personal authentication code / access code at each financial institution. It is desirable that the personal authentication code / access code be managed by a third party.
(3) When a personal authentication device is stolen or lost Submit a loss report in writing or by telephone to a financial institution or third party and request a reissue. The third party will delete the registration information upon receipt of the loss notification. Therefore, the user cannot authenticate with the personal authentication device until the personal authentication device is reissued.
(4) How to withdraw cash while the user is requesting reissuance While the user is requesting reissuance of the personal authentication device, withdrawal from ATM is not possible. In this case, withdrawals with a bankbook / seal will be made at the financial institution sales office.
(5) When a user requests withdrawal to a third party for some reason, withdrawal is not possible without both a cash card and a personal authentication device. It is not preferable in terms of security that a user passes a cash card / personal authentication device to a third party and withdraws it from an ATM because it does not pass through a financial institution related person. In this case, the user can pass the power of attorney / cash card to a third party, and the financial institution can be present to prevent unauthorized withdrawal in advance. However, withdrawals outside the business hours of financial institutions will not be possible.
(6) Shape of personal authentication device As described in the advantage (6) of this system, it is desirable that the personal authentication device is not the same shape as the cash card. This is because if they are the same shape, they are put together with a cash card in the wallet, and if the wallet is stolen, there is a high possibility that it will be withdrawn illegally. It is desirable that the personal authentication device has a shape that cannot be accommodated in the same place as the cash card, and is always carried when leaving the house. For example, using an IC tag whose shape can be freely selected, a mobile phone with built-in IC tag, a key holder, a key, glasses, a wristwatch, and the like can be considered.
(7) If you forget your personal authentication device at home You will be returned to your personal authentication device.
(8) When an error occurs when rewriting the access code The access code is rewritten in the order of the center server → personal authentication device.
Ask a third party to investigate and identify the problem.
The following factors can be considered for the occurrence of abnormalities.
a The personal authentication device is malfunctioning.
b The personal authentication device is damaged.
c There is a problem with ATM.
d There is a problem with the center server.
(9) If the personal authentication device is damaged (cannot be read) Request an investigation from a third party to identify the problem.
The following factors can be considered as the reasons why the data cannot be read.
a The personal authentication device is malfunctioning.
b The personal authentication device is damaged.
c There is a problem with ATM.
(10) If the access code of the personal authentication device does not match the registered access code Request an investigation to a third party to identify the problem.
The following factors are considered as access code mismatches.
a Illegal withdrawal was performed.
Confirm that both the personal authentication device and personal authentication device are normal and there is no access code rewriting error.
If the conditions are satisfied, there is a possibility that fraudulent withdrawal was performed.
If the conditions are not met, the possibility of fraudulent withdrawal is very small.
If there is a possibility of fraudulent withdrawal, submit a loss report to a financial institution or third party and request a reissue of the personal authentication device.
b Trying to make an illegal withdrawal.
When authentication is performed using an illegally copied personal authentication device, access code mismatch occurs. In this case, it becomes authentication NG and cannot be withdrawn.
c An error occurred when writing the access code, resulting in a mismatch.
See (8).
d I brought a different personal authentication device.
It is necessary to bring the correct personal authentication device.
(11) When the personal authentication device fails If there is a problem with one of the personal authentication device / personal authentication device / ATM / center server when the personal authentication device is not recognized, ask the third party to investigate Identify.
If the personal authentication device / ATM / center server is normal, the personal authentication device may be out of order.
(12) If the registered personal authentication code or access code cannot be obtained Request an investigation from a third party to identify the problem.
The following factors can be considered as reasons why the personal authentication code and access code cannot be obtained.
a The personal authentication device is malfunctioning.
b There is a problem with ATM.
c There is a problem with the center server.
(13) Security of personal authentication code / access code Encrypt data as it may be read by a third party during data reading / writing.
(14) Withdrawal report emails When a user requests a withdrawal report email service, he / she applies to the transaction financial institution. Allows multiple email addresses to be notified when withdrawals or remittances are made.
(15) Access code generation and encryption The access code for rewriting (preferably 16 bits or more) is generated at the center server. Also, the exchange between the personal authentication device and the personal authentication device, and between the personal authentication device and the center server is encrypted.

Next, device authentication in the personal authentication system for ATM will be described.
FIG. 20 shows a schematic flow, FIG. 21 shows a device authentication check program flow, and FIG. 22 shows a device authentication monitoring program flow.

The device authentication check unit first waits for a notification from the device authentication monitoring unit. Next, the information of the personal authentication device is read. Next, the personal authentication code / access code of the personal authentication device is compared with the personal authentication code / access code registered in the center. Next, the device authentication monitoring unit is notified of the comparison result. Next, it waits for an access code rewrite request from the device authentication monitoring unit. Next, the access code is rewritten. Next, the device authentication monitoring unit is notified of the rewrite result.
Refer to FIG. 21 for details of the flow of the device authentication check program.

First, the device authentication monitoring unit prohibits the input of a password. Next, wait until the cash card is inserted. Next, the personal authentication code / access code corresponding to the cash card is acquired from the center and notified to the device authentication check unit. Next, it waits until the device authentication result becomes “OK”. Next, the password input is permitted. Next, it waits until the password is normally input. Next, the next access code is requested. Next, the access code is notified and rewritten. Next, it waits for the rewrite result.
Refer to FIG. 22 for details of the device authentication program flow.

  The detailed device authentication processing flow in the ATM personal authentication system described above is shown in FIGS. The detailed device authentication monitoring flow is shown in FIGS.

  Next, a personal authentication system for an IC credit card will be described.

Device Configuration FIG. 27 shows a device configuration. Two patterns of use at a store and use at online shopping are shown.

Details of System Configuration FIG. 28 shows a system configuration in a store. FIG. 29 shows an outline of a personal authentication system in a store.
(1) The user causes the clerk to read the credit card 40 into the credit card terminal 42 and inputs the amount.
(2) The center 44 performs authentication based on the read credit card number and access code, and notifies the credit card terminal 42 of the authentication result.
(3) If the authentication result of (2) is OK, the user enters the password and authenticates at the center 44.
(4) If the authentication results of (2) and (3) are OK, the center 44 issues the next access code and writes the next access code to the credit card 40. Thereafter, the authentication result is notified to the credit card terminal 42, a slip is issued, and the user signs it.
(5) If the authentication result is NG, the credit card terminal 42 is notified to that effect, and no slip is issued.
(6) After the settlement is completed, a settlement completion report email is transmitted to the email address designated by the user.

  A detailed flow of the personal authentication system in the store personal authentication system described above is shown in FIG.

  The credit card terminal 42 first reads credit card information and access code. Next, the amount is read. Next, the credit card information, access code, and amount are transmitted to the center. Next, the authentication result is awaited. Next, the password is read and transmitted to the center. Next, the authentication result is awaited. Next, the next access code is received from the center. Next, the access code is rewritten. Next, a slip is issued.

  The center 44 first performs authentication based on the credit card information, access code, and amount sent from the credit card terminal 42. Next, the authentication result is transmitted to the credit card terminal 42. Next, authentication is performed based on the password sent from the credit card terminal. Next, the authentication result is transmitted to the credit card terminal 42. Next, the next access code is issued. Next, the credit card terminal 42 is notified of the next access code. Next, the credit card terminal 42 is notified of the issue of the slip. Next, the settlement result is sent by e-mail.

FIG. 31 shows a system configuration in online shopping. FIG. 32 shows an outline of a personal authentication system in online shopping.
(1) When the personal computer 46 for online shopping is used for the first time, the online shopping registration operation is performed, and the access code stored in the center 44 is copied to the personal computer for use. Note that in the online shopping registration operation, authentication information that can identify the person such as name / address / phone number / card number is input.
(2) Input information (address, etc.) necessary for settlement through online shopping from the personal computer 46.
(3) As credit card payment information, the credit card type / credit card number / credit card expiration date / credit card holder is entered from the personal computer 46.
(4) Notify the center 44 of the credit card information entered in (3) and the access code stored on the PC, and authenticate at the center.
(5) If the authentication result of (4) is OK, the center 44 issues the next access code and writes the next access code to the personal computer 46. Thereafter, the authentication result is notified to the merchandise sales site and the settlement is completed.
(6) If the authentication result is NG, the fact is notified to the merchandise sales site and no settlement is made. In addition, the PC access code is not rewritten.
(7) After the settlement is completed, a settlement completion report email is transmitted to the email address designated by the user.

According to the operation of the personal authentication system for a credit card, there are the following advantages.
(1) By rewriting the access code of the credit card, it becomes extremely difficult to use an illegally copied credit card.
(2) Even in the case of online shopping, rewriting the access code makes it extremely difficult to use the credit card information if it is skimmed or if the credit card information stored in the personal computer is illegally copied. In addition, it is impossible to settle without an access code.
(3) Even when a fraudulent user makes a payment at a store or online shopping, it can be found in a payment completion report mail or the next authentication, so an immediate response is possible.
(4) By providing an encryption function for the exchange between the credit card and the credit card terminal and the center, it is safe even if the data being communicated is illegally read. Note that the encryption method is not complicated but a general one is used.
(5) By providing the credit card with an encryption function, the credit card does not have an encryption function or cannot be used even if copied to a different credit card. Even a credit card with an encryption function cannot be used unless the encryption key is known.

For the operation of the personal authentication system for credit cards, the following various methods can be employed.
(1) Access code management method Two types of access codes for stores and online shopping are prepared and managed at the center.
(2) When an error occurs when rewriting the access code The access code is rewritten in the order of the center server → credit card.
Ask for an investigation to identify the problem.
The following factors can be considered for the occurrence of abnormalities.
a Credit card terminal is broken.
b Credit card is damaged.
c There is a problem with the center server.
(3) If the credit card is damaged (cannot be read) Request an investigation to identify the problem.
The following factors can be considered as the reasons why the data cannot be read.
a Credit card terminal is broken.
b Credit card is damaged.
(4) If the credit card access code does not match the registered access code Request an investigation to identify the problem.
The following factors can be considered for mismatched access codes.
a Unauthorized use occurred.
Confirm that both the credit card terminal and credit card are normal and there is no access code rewriting error.
If the conditions are met, unauthorized use may have occurred.
If the conditions are not met, the possibility of unauthorized use is extremely low.
If there is a possibility of fraudulent use, submit a notice of suspension of use to the credit card company and request a credit card reissue.
b Trying to misuse.
When authentication is performed using an illegally copied credit card, an access code mismatch occurs. In this case, it becomes authentication NG and cannot be used.
c An error occurred when writing the access code, resulting in a mismatch.
See (2).
(5) If the registered access code cannot be obtained Request an investigation to identify the problem.
The following factors can be considered as reasons why the access code cannot be acquired.
a Credit card terminal is broken.
b There is a problem with the center server.
(6) Security of access code Encrypt data because it may be read by a third party during data reading / writing.
(7) Access code generation and encryption The access code for rewriting (preferably 16 bits or more) is generated in the center server.
In addition, the exchange between the credit card and the credit card terminal, and the exchange between the credit card terminal and the center server is performed by encryption.

  Although the above has described the case of an IC credit card, it is obvious that the present invention can also be applied to a magnetic credit card.

It is a figure which shows the apparatus structure of the personal authentication system for personal computers / servers. It is a figure which shows the structure of the apparatus interface of the personal authentication system for personal computers / servers. It is a figure which shows an example of an external attachment type personal authentication apparatus. It is a figure which shows another example of an external type personal authentication apparatus. It is a figure which shows an example of a built-in type personal authentication apparatus. It is a figure which shows another example of a built-in type personal authentication apparatus. It is a figure which shows a small-scale system configuration. 1 is a diagram illustrating a medium / large-scale system configuration. FIG. It is a figure which shows the outline | summary of a personal authentication system. It is a figure explaining the flow of the device authentication in the personal authentication system for personal computers / servers. It is a figure which shows the flow of a device authentication check program. It is a figure which shows the flow of a device authentication monitoring program. It is a figure which shows a detailed device authentication processing flow. It is a figure which shows a detailed device authentication processing flow. It is a figure which shows a detailed device authentication processing flow. It is a figure which shows a detailed device authentication monitoring flow. It is a figure which shows the apparatus structure of the personal authentication system for ATM. It is a figure which shows the structure of the apparatus interface of the personal authentication system for ATM. It is a figure which shows an external type personal authentication apparatus. It is a figure which shows a built-in type personal authentication apparatus. It is a figure which shows an ATM system structure. It is a figure which shows the outline | summary of a personal authentication system. It is a figure which shows the general | schematic flow of the device authentication in the personal authentication system for ATM. It is a figure which shows the flow of a device authentication check program. It is a figure which shows the flow of a device authentication monitoring program. It is a figure which shows the detailed device authentication processing flow in the personal authentication system for ATM. It is a figure which shows the detailed device authentication processing flow in the personal authentication system for ATM. It is a figure which shows a detailed device authentication monitoring flow. It is a figure which shows a detailed device authentication monitoring flow. It is a figure which shows two patterns, the use in the store of a credit card, and the use in internet shopping. It is a figure which shows the system configuration | structure in a shop. It is a figure which shows the outline | summary of the personal authentication system in a shop. It is a figure which shows the flow of the detailed personal authentication system in the personal authentication system in a shop. It is a figure which shows the system configuration | structure in net shopping. It is a figure which shows the outline | summary of the personal authentication system in net shopping.

Explanation of symbols

8 devices
10 PC / Server
12, 32 Personal authentication equipment
14 Reader / Writer
20 Authentication DB server
30 ATM
34 Cash Card
36 Center server
40 credit card
42 credit card terminal
44 Center

Claims (10)

In a personal authentication system using a device to allow only authorized individuals to use the target system,
The device has an ID code and an access code as a personal identification code,
The target system has the same ID code and access code as the ID code and access code of the device;
The ID code and access code of the device are read, and the device is authenticated by comparing with the ID code and access code of the target system. After the authentication is established, the access code of the device and the access code of the target system are rewritten. Personal authentication device
A personal authentication system characterized in that a device stolen or illegally copied cannot be used by rewriting the access code.   2. The personal authentication according to claim 1, wherein when the target system is an ATM and a center that manages the ATM, the center has a function of notifying a user of the ATM by e-mail. system.   2. The function according to claim 1, wherein when the target system is a credit card terminal and a center that manages the credit card terminal, the center has a function of notifying a user of completion of settlement by e-mail. Personal authentication system.   When the target system is a personal computer functioning as a credit card terminal and a center connected to the personal computer, the center has a function of notifying the user of completion of settlement by e-mail. The personal authentication system according to claim 1.   The personal authentication system according to claim 1, wherein the device is a contact type or a non-contact type. In the personal authentication method using the device to allow only the authenticated individual to use the target system,
The device has an ID code and an access code as a personal identification code,
The target system has the same ID code and access code as the ID code and access code of the device,
The personal authentication device reads the ID code and access code of the device and compares the ID code and access code of the target system to authenticate the device. After the authentication is established, the access code of the device and the target system Rewrite the access code of
A personal authentication method characterized in that a device stolen or illegally copied cannot be used by rewriting the access code.   The personal authentication method according to claim 6, wherein, when the target system is an ATM and a center that manages the ATM, the center notifies the ATM user by e-mail.   The personal authentication method according to claim 6, wherein when the target system is a credit card terminal and a center that manages the credit card terminal, the center notifies the user of completion of settlement by e-mail. .   7. When the target system is a personal computer functioning as a credit card terminal and a center connected to the personal computer, the center notifies the user of completion of settlement by e-mail. The personal authentication method described in 1.   The personal authentication method according to claim 6, wherein the device is a contact type or a non-contact type.

Images