JP2007087313A - Automatic transaction device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a means for preventing a personal identification number from being known by a third person peeping from behind. <P>SOLUTION: This automatic transaction device 1 is connected communicably with a host computer 13 storing an identifier for extracting the personal identification number of a client, and performs transaction by the operation of the client. The identifier received from the host computer 13 is stored in a setting storage part 20, and an extraction part 22 extracts the personal identification number from a digit string input by the client in a display input part 2 based on the identifier stored in the setting storage part 20. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a technology for verifying a customer's identity by using a personal identification number entered by the customer in an automatic transaction apparatus, and in particular, by guiding the input so that the personal identification number is not stolen by another person, the personal identification is surely performed. It relates to technology to do.

When performing a withdrawal transaction, etc. with an automatic transaction device, it is required to enter a personal identification number, but a third party can look into the arms and fingers of the customer during the transaction from behind. There is a possibility that the personal identification number may be known, and there is a possibility that the personal identification number is illegally used by a third party having malicious intent to know the personal identification number.
Therefore, the conventional automatic transaction device displays an invalid button on the screen when entering the PIN, treats the number entered by the customer while pressing the invalid button as an invalid dummy number, and inputs without pressing the invalid button. The number is validated, and the valid number is transmitted to the host computer as a personal identification number to confirm the identity (for example, see Patent Document 1).
JP 2004-185458 (paragraphs “0050” to “0055”, FIG. 1)

  However, in the conventional technology described above, it is necessary for the customer to input dummy numbers by pressing the invalid button while pressing the invalid button, so if the customer is not used to the operation, the invalid button is pressed. However, the operation when entering numbers becomes unnatural. For this reason, a third person who is peeping from behind knows that the invalid button has been pressed due to the movement of the arm or finger, and when entering a PIN number and entering a dummy number. Therefore, there is a problem that the effect of preventing peeping from behind is not sufficient.

  The present invention aims to solve the above problems.

  Therefore, the present invention is an automatic transaction device that is communicably connected to a host device that stores an identifier for extracting a customer's personal identification number, and performs a transaction by a customer's operation, and the identifier received from the host device is A storage means for storing; an input means for inputting a number string consisting of a dummy number and an identifier; and a number for a password; and a password from a number string input by a customer based on the identifier stored in the storage means. It is characterized by comprising extraction means for extracting.

  Thus, according to the present invention, the automatic transaction apparatus stores the identifier and the personal identification number, and extracts the personal identification number from the numerical string input by the customer based on the stored identifier. Since it is possible to enter a PIN with a dummy number with a smooth movement without any unnatural movement when inputting, a third party peeks at the movement of the customer's arms and fingers while trading. Can also prevent the secret code from being known.

  Embodiments of an automatic transaction apparatus according to the present invention will be described below with reference to the drawings.

FIG. 1 is a block diagram showing a schematic configuration of an automatic transaction apparatus common to the first to third embodiments, and FIG. 2 is a block diagram showing identity verification means of the first embodiment.
In FIG. 1, reference numeral 1 denotes an automatic transaction apparatus installed in a branch office or a convenience store of a financial institution such as a bank, which is connected to a host computer (higher level apparatus) 13 provided in the center of the financial institution via a communication line 15. , Information can be communicated.

The automatic transaction apparatus 1 includes a display input unit 2, a card read / write unit 5, a cash deposit / withdrawal unit 6, a passbook entry unit 7 having a receipt printing function, a control unit 8, a storage unit 9, a communication unit 10, and the like. Yes.
The display input unit 2 is provided so as to be exposed on the customer service surface in front of the automatic transaction apparatus 1. A display unit (display means) 3 such as a CRT display or a liquid crystal display with the display surface facing upward, The touch panel input unit (input unit) 4 is arranged on the display unit 3 and displays a screen on which a message for guiding a customer's operation is arranged and various input keys. The input key is pressed with a finger from the touch panel. By doing so, the information defined in the input key can be input, and the display unit 3 also displays the input information.

The card read / write unit 5 has a function of reading and writing card information with respect to a magnetic stripe provided on a customer's transaction card, and the card insertion / return port is provided on the customer service surface.
The cash deposit / withdrawal unit 6 performs a cash deposit / withdrawal process associated with the transaction, and includes a banknote deposit / withdrawal machine that handles banknotes and a coin deposit / withdrawal machine that handles coins. It is provided on the customer service surface.

The passbook entry unit 7 has a function of reading and writing data with respect to a magnetic stripe provided in the customer's passbook, and also has a function of writing transaction contents and the like in the customer's passbook. It is provided on the customer service surface.
The control unit 8 controls the display input unit 2, the card read / write unit 5, the cash deposit / withdrawal unit 6, the passbook entry unit 7 and the like based on a control program stored in the storage unit 9 to perform various transactions. In order to carry out this function, it communicates with the host computer (higher level device) 13 via the communication unit 10 to exchange necessary information.

Further, the control unit 8 has a function of extracting a personal identification number from a digit string composed of a dummy number and a personal identification number inputted by the customer, and also extracts the extracted personal identification number and the personal identification number received from the host computer 13. In comparison, it has a function of executing identity verification of the customer, and this function is realized by a program for identity verification stored in the storage unit 9 for the present embodiment.
The storage unit 9 stores the control program for control executed by the control unit 8 and the program for identity verification, a transaction selection screen, a guidance screen for each processing step in each transaction, an input screen, and the like. Also stores.

The host computer 13 has a database 14 that stores, as customer account information, the name, account number, personal identification number, unregistered data, account balance, and the like of each customer who has opened an account.
In addition, it is assumed that the database 14 also stores a number that serves as an identifier applied by the customer when the account is opened together with a password.

This number, that is, the identifier, is input by the customer immediately before the first digit of the password at the time of transaction. By detecting this identifier, the extraction unit 22 (to be described later) extracts the subsequent four-digit number as the password. belongs to.
Next, FIG. 2 will be described.
2 includes a display input unit 2 including the display unit 3 and the input unit 4, a setting storage unit (first storage unit) 20, a personal identification number storage unit (second storage unit) 21, An extraction unit (extraction unit) 22 and an authentication unit (authentication unit) 23 are included.

The setting storage unit 20 is a component that receives a number as an identifier stored in the database 14 from the host computer 13 and temporarily stores it, and can use the temporary memory of the control unit 8.
The personal identification number storage unit 21 is a component that receives the customer personal identification number stored in the database 14 from the host computer 13 and temporarily stores it. The temporary memory of the control unit 8 can be used.

The extraction unit 22 is realized by the control unit 8 and a program for identity verification stored in the storage unit 9, and obtains a password from a numeric string input by the customer based on the identifier stored in the setting storage unit 20. Has a function to extract.
The authentication unit 23 is realized by the control unit 8 and a program for identity verification stored in the storage unit 9, and the security code extracted by the extraction unit 22 and the security code stored in the security code storage unit 21. And verifying the identity of the customer.

Further, in the storage unit 9 of the automatic transaction apparatus 1 described above, when the extraction unit 22 determines that the password cannot be extracted from the digit string input by the customer based on the identifier, or the password number compared by the authentication unit 23. A storage area for storing the number of mismatches when it is determined that the numbers do not match is secured, and a threshold value for restricting the number of input retries of the number string by the customer is stored.
The operation of the above-described configuration will be described according to the steps indicated by S with reference to the flowchart showing the operation of the automatic transaction apparatus according to the first embodiment shown in FIG.

In this embodiment, the password registered by the customer is “5963” and the identifier is “7”.
S1; The control unit 8 displays a transaction selection screen in which a transaction selection button such as a withdrawal transaction is displayed on the display input unit 2 and stands by.
S2; When the customer presses a transaction selection button for withdrawal transaction on the transaction selection screen, the control unit 8 recognizes the press and displays a screen on which a word or an illustration for prompting insertion of a transaction card is arranged on the display input unit 2. indicate. In accordance with this, the customer inserts the transaction card into the card insertion / return port of the card read / write unit 5.

S3: When the card information such as the account number, branch number, and account item is read from the transaction card in which the card read / write unit 5 is inserted, the control unit 8 uses the communication unit 10 to read the card information via the communication line 15 to the host computer. 13 to send.
The host computer 13 searches the customer account information stored in the database 14 based on the received card information, reads the personal identification number and identifier of the account, and transmits the read personal identification number and identifier to the communication line 15. To the automatic transaction apparatus 1.

S4: In the automatic transaction apparatus 1, the personal identification number received by the communication unit 10 is stored in the personal identification number storage unit 21, and the identifier is stored in the setting storage unit 20.
S5: The control unit 8 displays on the display input unit 2 a number string input screen on which a word string for prompting the input of a number string for inputting the password, an input column for the number string, and the like are arranged.
Since the number of digits of the numeric string that the customer can input on the numeric string input screen is indefinite, a completion button is displayed on the numeric string input screen to inform the customer that the input of the numeric string has been completed.

FIG. 4 is an explanatory diagram illustrating a procedure for extracting a personal identification number according to the first embodiment.
As shown in FIG. 4A, the customer looks at the numeric string input screen and, for example, first, the dummy number “194”, then the identifier number “7”, and then the number “ 5963 "and finally a dummy string" 35 "in the order of a number string" 19447593635 ", these numbers are sequentially sent to the extraction unit 22.

S6; When the customer presses the completion button after inputting the numeric string, the extraction unit 22 recognizes the numeric string “194756335” input by the customer, reads the identifier stored in the setting storage unit 20, and starts the recognized numeric string Search for identifiers in order.
S7: The extracting unit 22 determines whether or not there is an identifier being searched for in the numeric string. If there is, the process proceeds to the next step S8, and if not, the process proceeds to step S10.

The case where there is no identifier in this case is a case where “7” in the numeric string “19447593635” is not input and another number is input.
S8: The extracting unit 22 recognizes the position of the identifier in the number string (the position of the number of digits from the top), and extracts the four-digit number immediately after the identifier as a personal identification number.
That is, the extraction unit 22 recognizes the identifier “7” as shown in FIG. 4B from the numeric string “19447593635”, and recognizes the identifier “7” as shown in FIGS. 4C and 4D. A four-digit number “5963” immediately after “7” is extracted as a personal identification number and passed to the authentication unit 23.

  S9: The authentication unit 23 reads the code number “5963” stored in the code number storage unit 21, compares the read code number with the code number received from the extraction unit 22, and the code numbers match. Determine whether or not. If they match, the process proceeds to step S12. If the passwords do not match, for example, the 4-digit number immediately after the identifier “7” in the input number string is not “5963”. Moves to step S10.

  S10: When the extraction unit 22 determines that there is no identifier in the number string in step S7, or when the authentication unit 23 determines that the two passwords do not match, the authentication unit 23 stores in the storage unit 9 1 is added to the number of mismatches being made, and the added value is compared with the threshold value of the input retry count stored in the storage unit 9 to determine whether or not the number of mismatches exceeds the threshold value. As a result, if it is equal to or less than the threshold value, the process returns to step S5 to repeat the processing up to step S9, and if it exceeds the threshold value, the process proceeds to step S11.

S11: The control unit 8 returns the customer's transaction card from the card insertion / return port of the card read / write unit 5, stops the withdrawal transaction with the customer and ends.
At this time, the control unit 8 resets the number of mismatches stored in the storage unit 9 to the initial value “0”.
S12: When the authentication unit 23 determines that the two passwords match in step S9, the control unit 8 displays a screen for inputting the amount on the display input unit 2. As a result, when the customer inputs the desired withdrawal amount, the control unit 8 executes a withdrawal process for the desired withdrawal amount entered by the customer. Since the withdrawal process in this case is performed in the same manner as before, the description thereof is omitted.

Also in this case, when the number of mismatches is stored in the storage unit 9, the control unit 8 resets the initial value to “0”.
As described above, in the first embodiment, the automatic transaction apparatus stores the identifier and the personal identification number received from the host computer, and extracts the personal identification number from the number string input by the customer based on the stored identifier. In order to verify the identity by comparing the extracted PIN with the stored PIN, the customer must enter the PIN along with the dummy digits without any unnatural action when entering the digit string. Therefore, even if a third party peeks at the movements of the arms and fingers of customers who are trading, it is possible to prevent the secret code from being known.

  In the first embodiment, the automatic transaction apparatus stores the identifier and the personal identification number received from the host computer, and extracts the personal identification number from the number string input by the customer based on the stored identifier. Although it was described that the personal identification number and the stored personal identification number are compared to determine whether they match or not, the automatic transaction apparatus receives and stores only the identifier from the host computer, and extracts it from the numeric string based on the identifier. The personal identification number may be transmitted to the host computer, and the host computer may determine whether the personal identification number matches or does not match.

In the first embodiment, the identifier is described as a number registered in advance by the customer. However, the identifier may be a symbol such as “*” or “#”, a combination of two or more numbers or symbols, or a pseudonym. Character keys such as letters and alphabets may be displayed, and the characters input by the keys may be used as identifiers.
Furthermore, the specific number of digits in the numeric string may be an identifier indicating the first digit of the password. In this case, the first digit registered by the customer is stored in the database of the host computer, and the automatic transaction apparatus receives the password registered by the customer and the first digit from the host computer when storing a transaction with the customer. Then, a code number is extracted from a digit string inputted by the customer based on the stored first digit, and the extracted code number and the stored code number are compared to determine whether they match or not.

  In the first embodiment, the personal identification number is continuously input after the identifier. However, as shown in FIG. 5, the number string includes a skip number among the numbers after the identifier “7”. You may make it make a customer input so that a number, for example, the 1st, 3rd, 5th, 6th number may correspond to a personal identification number. In this case, it is only necessary to arrange a screen for guiding the location where the password is input on the number string input screen.

FIG. 6 is a block diagram showing identity verification means of the second embodiment.
6 includes a display input unit 2, a setting storage unit 20, a personal identification number storage unit 21, an extraction unit 22, an authentication unit 23, and a random number sequence generation unit (generation unit) 25. The components other than the generation unit 25 are the same as those in the first embodiment.
The random number sequence generation unit 25 is realized by the control unit 8 and a program for identity verification stored in the storage unit 9, and randomly generates a dummy number other than the password, and the generated number Has a function of assigning the password before and after the password.

In the present embodiment, the number of dummy digits generated by the random number sequence generator 25 is set in a range of 2 to 4 digits.
In addition, the setting storage unit 20 of this embodiment has a function of storing the number of digits of the dummy numbers generated by the random number sequence generation unit 25.
In this embodiment, the configuration of the automatic transaction apparatus 1 is the same as that of the first embodiment, but the database 14 of the host computer 13 does not store an identifier.

The operation of the automatic transaction apparatus 1 will be described according to the steps indicated by SB, using the flowchart showing the operation of the automatic transaction apparatus according to the second embodiment shown in FIG.
In this embodiment, the password registered by the customer is “5963”.
Since the operation from step SB1 to step SB3 in the present embodiment is the same as the operation from step S1 to step S3 in the first embodiment, description thereof will be omitted.

The host computer 13 searches the customer account information stored in the database 14 based on the received card information, and confirms that the balance of the corresponding account is equal to or greater than the received withdrawal amount information received. And the personal identification number of the said account is read, and the read personal identification number is transmitted to the automatic transaction apparatus 1 via the communication line 15.
SB4: In the automatic transaction apparatus 1, the personal identification number “5963” received by the communication unit 10 is stored in the personal identification number storage unit 21.

SB5: The random number sequence generation unit 25 generates two sets of dummy numbers.
The generated two sets of dummy numbers are input before and after the password when the customer inputs the password later.
In the present embodiment, a dummy number “1947” input before the personal identification number and a dummy number “35” input after the personal identification number are generated.

SB6: The random number sequence generation unit 25 recognizes the number of dummy digits to be input before the generated password, and stores the recognized number of digits in the setting storage unit 20.
In the present embodiment, since the dummy number input before the generated password is “1947”, the number of digits stored in the setting storage unit 20 is four.
FIG. 8 is an explanatory diagram illustrating a procedure for extracting a personal identification number according to the second embodiment.

SB7; The control unit 8 obtains the character string “1947 *** 35” shown in FIG. 8 (a) in which “*” is inserted between the two dummy numbers generated in the display input unit 2 by the number of digits of the password. Numerals displayed in order from the left side of the character string are input, and a “***” portion displays a number string input screen in which a word or the like prompting the user to input a password is arranged.
SB8: When the customer looks at the numeric string input screen, the dummy number “1947” displayed as shown in FIG. 8B, the number “5963” that becomes the PIN code, and finally the dummy number “35” When the digit string “19447593635” is input in this order, the extraction unit 22 recognizes this digit string, reads the number of digits “4” stored in the setting storage unit 20, and obtains the four digits from the number immediately after the number of digits read. A number is extracted as a password.

That is, the extraction unit 22 extracts the four-digit number “5963” from the fifth digit of the number string “19447593635” and passes it to the authentication unit 23 as shown in FIGS.
SB9; The authentication unit 23 reads the password number “5963” stored in the password number storage unit 21, compares the read password number with the password received from the extraction unit 22, and determines whether both password numbers match. Judge whether or not. If they match, the process proceeds to step SB12. If the passwords do not match, for example, the 4-digit number immediately after the number of digits stored in the setting storage unit 20 in the input number string is “ If it is not “5963”, the process proceeds to step SB10.

  SB10: The authentication unit 23 recognizes that the two passwords do not match, adds 1 to the number of mismatches stored in the storage unit 9, and stores the added value in the storage unit 9 as well. And the threshold value of the number of input retries, and determine whether or not the number of mismatches exceeds the threshold value. As a result, if it is equal to or less than the threshold value, the process returns to step SB7 to repeat the processing up to step SB9, and if it exceeds the threshold value, the process proceeds to step SB11.

SB11; The control unit 8 returns the customer's transaction card from the card insertion / return port of the card read / write unit 5, stops the withdrawal transaction with the customer, and ends.
At this time, the control unit 8 resets the number of mismatches stored in the storage unit 9 to the initial value “0”.
SB12; When the authentication unit 23 determines that the two passwords match in step S9, the control unit 8 executes a withdrawal process of the withdrawal amount requested by the customer. Since the withdrawal process in this case is performed in the same manner as before, the description thereof is omitted.

Also in this case, when the number of mismatches is stored in the storage unit 9, the control unit 8 resets the initial value to “0”.
As described above, in the second embodiment, the automatic transaction apparatus stores the PIN number received from the host computer, while randomly generating and displaying dummy numbers included in the number string input by the customer. The customer extracts the password from the number string entered according to the dummy number displayed, and compares the extracted password with the stored password to confirm the identity. You can enter your PIN with a dummy number with a smooth movement without any natural movement, so the PIN is known by a third party who looks into the movement of the customer's arms and fingers during the transaction from behind. Can be prevented.

In addition, by displaying the dummy numbers to be input by the customer, it is possible to save the trouble for the customer who is not accustomed to inputting the dummy number string by himself / herself to think of the dummy numbers.
In the second embodiment described above, the customer inputs the displayed dummy number as it is. However, the start position of the password is determined by the number of digits of the dummy number that is input before the generated password. Therefore, as long as the dummy numbers to be input match the number of digits, numbers other than the displayed numbers may be input.

  In the second embodiment, the personal identification number received from the host computer by the automatic transaction apparatus is stored, and the personal identification number extracted from the number string inputted by the customer is compared with the stored personal identification number to determine whether or not they match. As described above, the automatic transaction apparatus may transmit the personal identification number extracted from the input number string to the host computer, and the host computer may determine whether the personal identification number matches or does not match.

In the second embodiment, four digits are assigned before the password and two digits after the password. However, the present invention is not limited to this.
Further, in the second embodiment, it has been described that the dummy numbers to be added before and after the password are generated. However, the generated dummy numbers may be sandwiched between the password numbers. In this case, the number string as shown in FIG. 9 is formed based on the generated dummy numbers, and when the customer inputs the password, the password of the number string in FIG. 9 is displayed on the number string input screen. The character string “1947 * 3 * 9 * 63” with the number part hidden may be displayed, and a screen prompting the customer to input the code number at the location corresponding to “*” may be displayed.

FIG. 10 is a block diagram showing identity verification means of the third embodiment.
The personal identification means shown in FIG. 10 includes a display input unit 2, a setting storage unit 20, a personal identification number storage unit 21, an extraction unit 22, an authentication unit 23, and a start position acquisition unit (recognition unit) 30, of which start The components other than the position acquisition unit 30 are the same as those in the first embodiment.
The start position acquisition unit 30 is realized by the control unit 8 and a personal identification program stored in the storage unit 9, and has a function of recognizing the first digit of the password stored in the password storage unit 21.

The setting storage unit 20 according to the present embodiment temporarily stores the first digit of the personal identification number received from the start position acquisition unit 30.
In addition, the extraction unit 22 according to the present embodiment has a function of extracting a personal identification number from a number string input by the customer based on the first number stored in the setting storage unit 20.
In this embodiment, the configuration of the automatic transaction apparatus 1 is the same as that of the first embodiment, but the database 14 of the host computer 13 does not store an identifier.

The operation of the above-described configuration will be described according to steps indicated by SD with reference to a flowchart showing the operation of the automatic transaction apparatus according to the third embodiment shown in FIG.
In the present embodiment, the password registered by the customer is “5963”.
Since the operation from step SD1 to step SD3 in the present embodiment is the same as the operation from step S1 to step S3 in the first embodiment, description thereof will be omitted.

The host computer 13 searches the customer account information stored in the database 14 based on the received card information, and confirms that the balance of the corresponding account is equal to or greater than the received withdrawal amount information received. And the personal identification number of the said account is read, and the read personal identification number is transmitted to the automatic transaction apparatus 1 via the communication line 15.
SD4: In the automatic transaction apparatus 1, the personal identification number “5963” received by the communication unit 10 from the host computer 13 is stored in the personal identification number storage unit 21, and at the same time, the start position acquisition unit 30 stores the first digit “#” of the personal identification number. 5 ”is recognized and stored in the setting storage unit 20.

SD5; The control unit 8 informs the display input unit 2 that the user inputs a word string, a numeric string input field for prompting the input of a numeric string with dummy numbers before and after the personal identification number, and that the customer has completed the input of the numeric string. Displays a numeric string input screen with a complete button etc.
FIG. 12 is an explanatory diagram illustrating a procedure for extracting a personal identification number according to the third embodiment.
When the customer inputs a dummy number before the password, the customer inputs a number other than the first number of the password.

When the customer inputs a numeric string “19447593635” as shown in FIG. 12A, these numbers are sequentially sent to the extraction unit 22.
SD6: When the customer presses the completion button after inputting the number string, the extraction unit 22 recognizes the number string “19475693635” input by the customer and reads the first digit “5” of the password stored in the setting storage unit 20 The first number read out in order from the beginning of the number sequence recognized in the above is searched.

SD7: The extraction unit 22 determines whether or not the number of the searched secret number is in the number string. If there is, the process proceeds to the next step SD8, and if not, the process proceeds to step SD10.
In this case, the case where there is no leading digit means that the leading digit “5” in the digit string “19447593635” is not inputted, or another digit is inputted, or “5” corresponding to the search. To the last digit in the digit string is less than 4 digits.

SD8: The extraction unit 22 recognizes the position of the first digit in the number string, and extracts a four-digit number including the first digit from the position as a password.
In other words, the extraction unit 22 recognizes the leading numeral “5” from the numeric string “19447593635” as shown in FIG. 12B, and recognizes the leading digit as shown in FIGS. 12C and 12D. A four-digit number “5963” including the number “5” is extracted as a password and passed to the authentication unit 23.

  SD9: The authentication unit 23 reads the code number “5963” stored in the code number storage unit 21, compares the read code number with the code number received from the extraction unit 22, and whether both code numbers match. Judge whether or not. If they match, the process proceeds to step SD12. If the passwords do not match, for example, if the 4-digit number including the first digit “5” in the input number string is “5963”, If not, the process proceeds to step SD10.

  SD10: When the extraction unit 22 determines that there is no leading digit in the number string in step SD7, or when the authentication unit 23 determines that the passwords do not match, the authentication unit 23 stores in the storage unit 9. 1 is added to the stored number of mismatches, and the added value is compared with the threshold value of the input retry count stored in the storage unit 9 to determine whether the number of mismatches exceeds the threshold value. . As a result, if it is equal to or smaller than the threshold value, the process returns to step SD5 to repeat the process up to step SD9, and if it exceeds the threshold value, the process proceeds to step SD11.

SD11; The control unit 8 returns the customer's transaction card from the card insertion / return port of the card read / write unit 5, stops the withdrawal transaction with the customer, and ends.
At this time, the control unit 8 resets the number of mismatches stored in the storage unit 9 to the initial value “0”.
SD12: When the authenticating unit 23 determines that the two passwords match at step SD9, the control unit 8 executes a withdrawal process of the withdrawal amount requested by the customer. The withdrawal process in this case is performed in the same manner as in the prior art, and the description thereof is omitted.

Also in this case, when the number of mismatches is stored in the storage unit 9, the control unit 8 resets the initial value to “0”.
As described above, in the third embodiment, the personal identification number received by the automatic transaction apparatus from the host computer and the first digit thereof are stored, and the personal identification number is obtained from the numeric string input by the customer based on the first digit stored. Since the customer confirms the identity by comparing the extracted personal identification number with the stored personal identification number, the customer can enter the digit string with a dummy number with a smooth movement without any unnatural action. Therefore, even if the third party peeks at the movement of the customer's arm or finger during the transaction from behind, it can be prevented that the personal identification number is known.

In addition, since the PIN number is extracted from the number string entered by the customer based on the first digit of the PIN number, even if only the PIN number is entered without including the dummy number, the identity verification can be performed normally. For the customer, the identity verification of the automatic transaction apparatus according to the present embodiment can be used while maintaining the identity verification procedure in the automatic transaction apparatus.
In the third embodiment, the personal identification number received from the host computer by the automatic transaction apparatus is stored, and the personal identification number is extracted from the number string input by the customer based on the first digit of the stored personal identification number. However, the automatic transaction device receives and stores only the first digit of the PIN from the host computer, based on the comparison of the stored PIN and the stored PIN. It is also possible to transmit the security code extracted to the host computer to determine whether the security code matches or does not match.

  In each of the above embodiments, the password is a four-digit number, but is not limited thereto.

The block diagram which shows schematic structure of the automatic transaction apparatus common to Example 1- Example 3. The block diagram which shows the identity verification means of Example 1 The flowchart which shows operation | movement of the automatic transaction apparatus of Example 1. Explanatory drawing which shows the cut-out procedure of the personal identification number of Example 1 Explanatory drawing which shows the case where a PIN is not input continuously in Example 1. The block diagram which shows the identity verification means of Example 2. The flowchart which shows operation | movement of the automatic transaction apparatus of Example 2. Explanatory drawing which shows the cut-out procedure of the personal identification number of Example 2 Explanatory drawing which shows the case where a PIN is not input continuously in Example 2. The block diagram which shows the personal identification means of Example 3 The flowchart which shows operation | movement of the automatic transaction apparatus of Example 3. Explanatory drawing which shows the cut-out procedure of the personal identification number of Example 3

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Automatic transaction apparatus 2 Display input part 3 Display part 4 Input part 5 Card read / write part 6 Cash deposit / withdrawal part 7 Passbook entry part 8 Control part 9 Memory | storage part 10 Communication part 13 Host computer 14 Database 15 Communication line 20 Setting memory | storage part 21 PIN number storage unit 22 extraction unit 23 authentication unit 25 random number sequence generation unit 30 start position acquisition unit

Claims (5)

An automatic transaction device that is communicably connected to a host device that stores an identifier for extracting a customer's personal identification number, and performs a transaction by a customer's operation,
Storage means for storing an identifier received from the host device;
An input means for inputting a number string consisting of a dummy number, an identifier, and a code number;
An automatic transaction apparatus comprising: extraction means for extracting a personal identification number from a number string inputted by a customer based on the identifier stored in the storage means. The automatic transaction apparatus according to claim 1,
The automatic transaction apparatus according to claim 1, wherein the identifier is a pre-registered number input immediately before a password. The automatic transaction apparatus according to claim 1,
The automatic transaction apparatus according to claim 1, wherein the identifier is a first digit of a password in the numeric string. It is an automatic transaction device that is communicably connected to a host device and performs transactions by customer operations,
Generating means for generating a dummy number that the customer enters in front of the PIN;
Storage means for storing the number of digits of the dummy number generated by the generation means;
Display means for displaying the dummy numbers; input means for allowing a customer to input a number string consisting of the dummy numbers and the numbers of the personal identification number;
An automatic transaction apparatus comprising: extraction means for extracting a personal identification number from a number string input by a customer based on the number of digits stored in the storage means. An automatic transaction device that is communicably connected to a higher-level device that stores a customer's personal identification number, and conducts a transaction by a customer's operation,
Storage means for storing the first digit of the customer's password received from the host device;
An input means for allowing a customer to input a number string consisting of dummy numbers and PIN numbers;
An automatic transaction apparatus comprising: extraction means for extracting a personal identification number from a number string inputted by a customer based on the first number stored in the storage means.