JP2007156621A - Authentication server device, communication terminal device, settlement processing authentication system, settlement processing authentication method, control program, and recording medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent illegal processing caused by impersonation even if a communication terminal device impersonates transmission source information. <P>SOLUTION: The authetication server device comprises an individual information acquisition section 21 for acquiring the individual information of a cellular phone 2 allocated to each communication device fixedly for identifying each communication terminal device from the cellular phone 2; an individual information collating section 22 for authenticating the cellular phone 2 having the individual information as a legitimate terminal device since the individual information acquired by the individual information acquisition section 21 is recorded at a registration information recording section 41 for recording the individual information of the communication terminal device of a legitimate user; a specific information acquisition section 23 for acquiring the destination specific information of the cellular phone 2 required for communication for the settlement processing with the cellular phone 2, recorded in association with the acquired individual information, when the cellular phone 2 is authenticated as the legitimate terminal device; and an authentication result output section 24 for supplying the destination specific information acquired by the specific information acquisition section 23 to the partner. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an authentication server device, a communication terminal device, a payment processing authentication system, a payment processing authentication method, a control program, and a recording medium, which are applied to a processing system using a communication terminal device.

  Communication terminal devices such as mobile phones have been widely used. In particular, the penetration rate of mobile phones is by far the highest, and those having a video capturing function and a content providing function such as video / music / books have appeared. As described above, it is well known that the communication terminal apparatus is used not only as a telephone call / communication means but also in various situations.

  Furthermore, in recent years, it has become possible to perform settlement processing (payment request or payment processing for billing) for payments that occur when receiving paid content or purchasing merchandise. For example, Patent Document 1 discloses a payment system and a mobile communication terminal that can easily and accurately perform payment using a mobile communication terminal as a payment terminal.

  In Patent Document 1, a payment request to the payment management apparatus 106 is made via the portable wireless terminal 102 with respect to the payment that requires the user of the portable wireless terminal 102 to pay. Note that the payment management apparatus 106 authenticates whether or not it is a subscriber by using the subscriber information of the portable wireless terminal 102 managed by itself. The subscriber information is, for example, a subscriber ID, a personal identification number, or a telephone number of the portable wireless terminal 102.

More specifically, the payment management apparatus 106 authenticates whether or not the user of the portable wireless terminal 102 is a subscriber based on the subscriber ID and password included in the payment request transmitted by the portable wireless terminal 102. It is carried out.
JP 2001-243382 (published September 7, 2001)

  However, the system of Patent Document 1 causes the following problems.

  Specifically, since the payment management apparatus 106 performs authentication only based on whether or not the subscriber information sent from the portable wireless terminal 102 matches that managed by itself, If a fraudulent user who is originally obliged to pay is impersonated as a user of another mobile wireless terminal 102 by falsifying subscriber information such as a subscriber ID or telephone number, such fraud cannot be detected. Cause problems.

  Further, although the personal identification number is an effective means for preventing impersonation, the possibility that the personal identification number is leaked or wiretapped cannot be denied. Therefore, if a password that is illegally obtained in this way is used, a problem arises in that an unauthorized payment process by impersonation cannot be detected as described above.

  The present invention has been made in view of the above problems, and an object of the present invention is to provide an authentication server device that prevents fraudulent processing due to impersonation even when a communication terminal device that performs payment processing disguises transmission source information. A communication terminal device, a payment processing authentication system, a payment processing authentication method, a control program, and a recording medium.

  In order to solve the above-described problem, an authentication server device according to the present invention includes a first communication terminal device of a billing user who requests payment, and a second communication terminal device of a billed user who is required to pay. In the authentication server device that permits communication for performing settlement processing by authenticating each communication terminal device, fixed identification information is assigned to each communication terminal device that is fixed to identify each communication terminal device. Fixed information acquisition means for acquiring the fixed identification information of the second communication terminal device from any of the communication terminal devices, and the fixed identification information acquired by the fixed information acquisition means Terminal device authenticating means for authenticating the second communication terminal device having the fixed identification information as a legitimate terminal device by being recorded in a registration information recording unit that records the fixed identification information of the terminal device. When the second communication terminal device is authenticated as a legitimate terminal device, a settlement process is performed with the second communication terminal device that is the legitimate terminal device associated with the fixed identification information acquired by the fixed information acquisition means. Specific information acquisition means for acquiring destination specific information of the second communication terminal apparatus necessary for communication to be performed, and destination specific information of the second communication terminal apparatus acquired by the specific information acquisition means are the first information And a specific information supply means for supplying to the communication terminal device.

  According to the above configuration, based on the fixed identification information of the second communication terminal device acquired by the fixed information acquisition device from either the first or the second communication terminal device, the terminal device authentication means Authenticate. Specifically, the second communication terminal device is authenticated as a legitimate terminal device based on the fact that the fixed identification information is registered in the registration information recording unit. Then, the specific information acquisition unit acquires only the destination specific information of the communication terminal device authenticated as the legitimate terminal device by the terminal device authentication unit from the registration information recording unit. Since the destination identification information is recorded in the registration information recording unit in association with the fixed identification information, the identification information acquisition unit is configured to store the second identification information based on the fixed identification information of the second communication terminal device. Obtain destination specifying information of the communication terminal device. The destination specifying information of the second communication terminal device is information necessary for communicating with the second communication terminal device in order to perform the settlement process.

  Subsequently, the specific information supply means transmits the acquired destination specific information of the second communication terminal apparatus to the first communication terminal apparatus that is the communication partner of the settlement process.

  Therefore, the user of the second communication terminal device that is obligated to pay forges the destination identification information (for example, e-mail address) of the own device and the fixed identification information (for example, manufacturing serial number) (ie, another If the fixed identification information supplied to the authentication server device is not registered in the registration information recording unit as a legitimate terminal device, the terminal device authentication means uses the fixed identification information. The second communication terminal device that is included is regarded as an unauthorized terminal device. That is, the communication of the payment process with the 1st communication terminal device of the claimant who requests payment is not permitted. This is because, when the specific information supply means determines that the second communication terminal device is an unauthorized terminal device, the first communication terminal device requires the second communication terminal device for communication of the settlement process with the second communication terminal device. 2 Realized by not (cannot) supply destination specification information of communication terminal device.

  Thereby, even if the second communication terminal device performs impersonation, the first communication terminal device is not supplied with the second communication terminal device specific information necessary for the settlement processing communication with the second communication terminal device. Therefore, the first communication terminal device and the second communication terminal device cannot communicate for settlement processing. Accordingly, it is possible to prevent an unauthorized payment process between the first communication terminal device and the second communication terminal device that has been camouflaged.

  As a result, even when the communication terminal device of the billee performing the payment process impersonates the transmission source information, it is possible to prevent an illegal payment process due to the impersonation.

  Furthermore, when the user of the second communication terminal apparatus that is obligated to pay is going to execute a settlement process with the first communication terminal apparatus on the billing party who requests payment, the user is registered in the registration information recording unit. Even when spoofing is performed using other fixed identification information, it is possible to prevent unauthorized payment processing due to the spoofing.

  That is, since the camouflaged fixed identification information (hereinafter referred to as camouflaged fixed identification information) is registered in the registration information recording unit, the terminal device authentication means includes a communication terminal device (hereinafter referred to as communication) having the camouflaged fixed identification information. Assume that the terminal device A) is authenticated as a valid terminal device. However, it is not the second communication terminal device but the communication terminal device A having the above-mentioned camouflaged fixed identification information that has been authenticated as a legitimate terminal device. Therefore, the specific information of the communication terminal device A is supplied to the first communication terminal device, not the specific information of the second communication terminal device. Thereby, the 1st communication terminal device cannot perform payment processing communication with the 2nd communication terminal device.

  From the above, even if the user of the second communication terminal device succeeds in impersonation using the fixed identification information of the legitimate terminal device registered in the registration information recording unit, it prevents unauthorized payment processing due to the impersonation It becomes possible to do.

  Further, the fixed information acquisition unit of the authentication server device acquires the fixed identification information of the first communication terminal device, and the terminal device authentication unit fixes the first communication terminal device acquired by the fixed information acquisition unit. Since the identification information is recorded in the registration information recording unit, the first communication terminal device is authenticated as a legitimate terminal device, and the specific information acquisition means includes the first communication terminal device and the second communication terminal. When both devices are authenticated as valid terminal devices, the destination of the first communication terminal device that is the valid terminal device associated with the fixed identification information of the first communication terminal device acquired by the fixed information acquisition means Preferably, the specific information is acquired, and the specific information supply means supplies the second communication terminal apparatus with the destination specific information of the first communication terminal apparatus acquired by the specific information acquisition means. Arbitrariness.

  As a result, an illegal settlement occurs when not only the second communication terminal device of the billed user who is obligated to pay but also the first communication terminal device of the billing user who is requesting payment. Processing can be prevented.

  Further, the authentication server device includes an authentication result notifying unit for notifying the legitimate terminal device of authentication result information indicating whether or not the terminal device authenticating unit has succeeded in authenticating the communication terminal device of the communication partner. It is preferable.

  Accordingly, when only one of the first communication terminal device and the second communication terminal device is authenticated as a valid terminal device, the communication terminal device of the communication partner is an unauthorized terminal device to the valid terminal device, Notification of authentication failure can be made.

  Therefore, even if the legitimate terminal device receives the payment processing request from the unauthorized terminal device, it can cope with the fact that it is not processed erroneously. As a result, it is possible to prevent unauthorized payment processing by spoofing more reliably.

  When both the first communication terminal device and the second communication terminal device are authenticated as valid terminal devices, the communication terminal device may be notified that the communication terminal device of the communication partner has been successfully authenticated. it can.

  Further, the terminal device authentication means of the authentication server device is a rejection information record in which the fixed identification information of the communication terminal device recorded in the registration information recording unit records the rejection terminal device that should prohibit the settlement process. If the information is not recorded in the section, the communication terminal device may be authenticated as a valid terminal device.

  According to the above configuration, even if the fixed identification information is registered in the registration information recording unit, the settlement processing communication is permitted for the communication terminal device registered in the rejection information recording unit as the rejection terminal device. do not do.

  As an example of a communication terminal device registered as a rejection terminal device in the rejection information recording unit while being registered in the registration information recording unit, the following cases can be given. For example, when a certain user loses a communication terminal device with a payment processing function, the communication terminal device prevents the person other than the user who picked up the communication terminal device from executing the payment processing illegally. There may be a case where it is desired to keep the lock so that nobody can process the payment until returning to hand. In such a case, a user who has lost the communication terminal device registers the communication terminal device as a rejection terminal device in the rejection information recording unit, for example, by requesting the administrator of the authentication server device to stop the payment process. . In this way, even if the communication terminal device is lost, it is possible to prevent unauthorized payment processing from being performed by another person.

  Alternatively, the authentication server device includes payment processing mediating means for transmitting communication data related to the payment processing received from the first communication terminal device to a destination designated by the first communication terminal device, and The information may be created in advance so that the first communication terminal device is used to designate the destination of the communication data as the settlement processing mediating means.

  According to the above configuration, when the terminal device authenticating unit succeeds in authenticating the second communication terminal device, the destination specifying information that the specific information supplying unit supplies to the first communication terminal device is the second This is address specifying information created in advance in association with the fixed identification information of the communication terminal device. Further, the destination specifying information is used for designating the destination to the settlement processing mediating means of the authentication server device so that the first communication terminal device transmits communication data related to the settlement processing to the second communication terminal device. Information.

  Therefore, the first communication terminal device can perform settlement processing communication with the second communication terminal device for the first time by using the designation destination specifying information supplied from the authentication server device. That is, the exchange of communication data between the communication terminal devices is realized by the payment processing mediating means. Further, the destination specifying information used when specifying the destination of the communication data in the payment processing mediating means is not intended to directly indicate the destination of the communication terminal device, but is created (or set in advance) in advance. ) Destination specifying information is used.

  For example, when the payment processing communication is realized via the Internet, not near field wireless communication such as infrared communication, the destination specifying information is made relatively public, for example, an e-mail address, When it is easy to obtain from the outside, it becomes an environment in which specific information can be easily obtained, and there arises a disadvantage that spoofing is invited.

  As described above, the use of destination identification information created (or set) uniquely in advance avoids the inconveniences as described above, and as a result, prevents unauthorized payment processing by spoofing. Is possible.

  Furthermore, when the address specifying information is unnecessarily leaked due to the unauthorized payment processing by impersonation, the following measures can be taken. In other words, since the destination specifying information is uniquely created and can be easily changed, the destination specifying information is immediately changed as soon as the presence of a spoofed communication terminal device is detected. it can.

  From the above, even when communication data related to payment processing is performed via the Internet, it is possible to prevent unauthorized payment processing due to impersonation.

  In order to solve the above-described problem, the authentication server device according to the present invention authenticates each communication terminal device for communication for performing bidirectional processing that is established by each communication terminal device transmitting and receiving communication data to and from each other. In the authentication server device permitted by the above, fixed identification information is assigned to each communication terminal device so as to identify each communication terminal device, and the fixed identification information of each communication terminal device is assigned to each communication terminal device. The fixed information acquisition means that acquires from any of the devices, and each of the fixed identification information is recorded in a registration information recording unit that records the fixed identification information of the communication terminal device of the authorized user, whereby each of the fixed identifications Terminal device authenticating means for authenticating each communication terminal device having information as a valid terminal device, and when each communication terminal device is authenticated as a valid terminal device Specific information that is associated with each fixed identification information acquired by the fixed information acquisition means, and that is used for communication for performing bidirectional processing with each legitimate terminal device, and that acquires destination specifying information of each legitimate terminal device It is characterized by comprising acquisition means and specific information supply means for supplying destination specific information of the legitimate terminal device acquired by the specific information acquisition means to each of the legitimate terminal devices.

  According to the above configuration, each of the two or more communication terminal devices that perform bidirectional processing is authenticated using the fixed identification information, and the destination specifying information of the communication terminal device authenticated as the valid terminal device is used as the valid terminal device. To each communication terminal device. As a result, bidirectional processing only between legitimate terminal devices is realized, and illegal processing due to impersonation can be prevented.

  As a method for sending the destination specifying information to each legitimate terminal device, a method may be adopted in which the destination specifying information of all communication terminal devices authenticated as legitimate terminal devices is transmitted to all legitimate terminal devices. In this case, since the authentication server device can collectively transmit the destination specifying information having the same content to all valid terminal devices without changing the content to be transmitted for each transmission partner, the processing efficiency is improved.

  Alternatively, a method of transmitting destination specifying information of a legitimate terminal device that is a communication partner of each legitimate terminal device (that is, destination specifying information of all legitimate terminal devices other than the legitimate terminal device) to each legitimate terminal device is adopted. May be. Since it is not necessary for the legitimate terminal device to supply its own address specifying information, only the address specifying information of the legitimate terminal device other than its own device is transmitted from the authentication server device. As a result, useless communication costs can be saved.

  In order to solve the above-mentioned problem, the communication terminal device according to the present invention receives the communication data from the communication terminal device of the communication partner in the communication terminal device that performs bidirectional processing by transmitting and receiving communication data to and from each other. Specific information extracting means for extracting the specific information given to the communication data, specific information collating means for collating the specific information extracted by the specific information extracting means with the specific information of its own device, A communication data management means for approving the received communication data when the specific information collating means determines that the given specific information matches the specific information of the own device, the given specific information is: Specific information associated with the fixed identification information of the device itself, and the communication end of the communication partner authenticated by the authentication server device as a legitimate terminal device. It is characterized in that supplied to the apparatus.

  According to the said structure, the communication terminal device authenticated by the above-mentioned authentication server apparatus acquires the specific information of a communicating party. As a result, each communication terminal device can perform payment processing communication with the communication partner. Then, when receiving communication data related to the settlement process from the communication partner, the specific information collating means determines the validity of the communication data depending on whether or not the specific information of the own device is given to the communication data. to decide.

  When the communication data includes the specific information of the own device, the communication data is approved, and the communication data not including the specific information can be processed as invalid. That is, it is highly possible that communication data to which no specific information is assigned is communication data transmitted from an unauthorized terminal device by impersonation, and unauthorized communication data can be rejected. From the above, it becomes possible to prevent unauthorized payment processing.

  Further, the communication terminal device, when receiving the destination specifying information of the legitimate terminal device from the authentication server device, a processing history confirmation means for determining whether or not there is a processing history that has issued the bidirectional processing start request, and the processing Preferably, when the history confirmation unit determines that there is no processing history of the start request, it includes spoofing detection unit that detects that another communication terminal device has impersonated itself.

  According to the above configuration, when the destination specifying information of the legitimate terminal device is received from the authentication server device even though the request for starting any bidirectional processing is not sent to the authentication server device. The spoofing detection means can detect that another communication terminal device has impersonated itself.

  More specifically, for example, if another communication terminal device X impersonates itself (using the fixed identification information of the device itself) and makes a process start request to the authentication server device described above, the authentication server Based on the fixed identification information of the device itself, the device authenticates itself instead of the communication terminal device X. Therefore, the destination specifying information of the own device associated with the fixed identification information of the own device is transmitted to the communication partner of the camouflaged communication terminal device X, and the destination specifying information of the communication partner is stored in the own device. Will be sent. In other words, when a camouflaged terminal device pretending to be its own device attempts unauthorized processing, it receives the destination specifying information of the communication terminal device even though it has not sent a processing start request to the authentication server device. Will do.

  Thereby, the impersonation detection means can detect the presence of an unauthorized terminal device impersonating the device itself. If impersonation is detected, this can be notified to the authentication server device. As a result, it is possible to prevent unauthorized processing from being executed due to impersonation.

  The specific information extracting means of the communication terminal device extracts specific information given to download data downloaded from the communication terminal device of the communication partner, and the communication data managing means The download data may be approved when the specific information collating means determines that the specific information matches the own device.

  As a result, it is possible to confirm that the data is download data from the valid terminal device of the communication partner, and to process only the data determined as valid data by the specific information collating means.

  As a result, it is no longer necessary to process unauthorized data from an unauthorized terminal device that performs impersonation, and unauthorized processing can be prevented in advance.

  In order to solve the above-described problem, the payment processing authentication system according to the present invention uses the above-mentioned communication terminal device as the first communication terminal device of the billing user who requests payment, and the billed side where the payment obligation occurs. The user's second communication terminal device is the communication terminal device described above, and the authentication server device that performs authentication of each communication terminal device based on the fixed identification information of the first and second communication terminal devices is the authentication server described above. As the server device, the first communication terminal device uses the second communication terminal device to add the communication data obtained by adding the specific information of the second communication terminal device as the communication partner acquired from the authentication server device. The second communication terminal device transmits the communication data obtained by adding the specific information of the first communication terminal device as the communication partner, acquired from the authentication server device, to the first communication terminal device. Send It is characterized by a door.

  According to the said structure, each said communication terminal device is authenticated using each fixed identification information by the above-mentioned authentication server apparatus. Each authenticated communication terminal device acquires destination identification information of the communication partner from the authentication server device. Thereby, each communication terminal device can perform payment processing communication with each other. And when transmitting the communication data which concerns on a payment process to a communication other party, the destination specific information of the communication other party acquired from the authentication server apparatus is provided and transmitted to the said communication data. On the other hand, when receiving the communication data related to the settlement process from the communication partner, the communication data of the communication terminal device depends on whether or not the specific information of the own device is given to the communication data. Judging the legitimacy of

  Thus, each communication terminal device exchanges the communication data including the mutual specific information when executing the payment process, and does not process the communication data not including the specific information as being invalid. As a result, it is possible to construct a payment processing authentication system that can prevent unauthorized payment processing due to impersonation.

  In order to solve the above-described problem, the settlement processing authentication method according to the present invention includes a first communication terminal device of a billing user who requests payment, and a second communication terminal device of a billed user who generates a payment obligation. In the payment processing authentication method for authenticating each communication terminal device for permitting the communication of the payment processing performed by each of the communication terminal devices, fixed identification information is assigned to each communication terminal device. A first step of acquiring the fixed identification information of the second communication terminal device from any one of the communication terminal devices, and the fixed identification information records the fixed identification information of the communication terminal device of the authorized user. A second step of authenticating the second communication terminal device having the fixed identification information as a valid terminal device by being recorded in the registered information recording unit; and The second communication terminal device associated with the fixed identification information acquired in the first step and the second communication terminal device, which is the legitimate terminal device, required for the communication for performing the settlement process. A third step of acquiring destination specifying information of the communication terminal device, and a fourth step of supplying the destination specifying information of the second communication terminal device acquired in the third step to the first communication terminal device. It is characterized by including.

  According to the method, the second communication terminal apparatus is authenticated in the second step based on the fixed identification information of the second communication terminal apparatus acquired in the first step. That is, the second communication terminal device is authenticated by recording the fixed identification information in a registration information recording unit in which a valid terminal device is registered in advance. Subsequently, in the third step, the destination specifying information of the second communication terminal apparatus is acquired from the registration information recording unit based on the fixed identification information, and finally, the destination specifying information acquired in the fourth step is acquired. Information is supplied to the first communication terminal device.

  Thereby, even if the second communication terminal device performs impersonation, the first communication terminal device is not supplied with the second communication terminal device specific information necessary for the settlement processing communication with the second communication terminal device. Therefore, the first communication terminal device and the second communication terminal device cannot communicate for settlement processing. Accordingly, it is possible to prevent an unauthorized payment process between the first communication terminal device and the second communication terminal device that has been camouflaged.

  As a result, even when the communication terminal device of the billee performing the payment process impersonates the transmission source information, it is possible to prevent an illegal payment process due to the impersonation.

  The authentication server device and the communication terminal device may be realized by a computer. In this case, the authentication server device or the communication terminal device is realized by a computer by causing the computer to operate as each means. A control program for an authentication server device or a communication terminal device and a computer-readable recording medium on which the control program is recorded also fall within the scope of the present invention.

  As described above, the authentication server device according to the present invention uses the fixed identification information of the second communication terminal device that is fixed and assigned to each communication terminal device to identify each communication terminal device. Fixed information acquisition means acquired from any of the devices and the fixed identification information acquired by the fixed information acquisition means are recorded in a registration information recording unit that records the fixed identification information of the communication terminal device of the authorized user. The terminal device authentication means for authenticating the second communication terminal device having the fixed identification information as a valid terminal device, and the acquired fixed identification information when the second communication terminal device is authenticated as a valid terminal device. The destination specifying information of the second communication terminal device required for communication for performing the settlement process with the second communication terminal device, which is the valid terminal device, is recorded in association with A specific information acquiring means, the destination identification information of the second communication terminal device the specific information acquisition unit acquires, and a specific information supply means for supplying to the first communication terminal device.

  Therefore, even if the communication terminal device that performs payment processing disguises the transmission source information, there is an effect that it is possible to prevent unauthorized processing due to impersonation.

  An embodiment of the present invention is described below with reference to the drawings. In the first embodiment, as an example, an authentication system applied to credit settlement processing when purchasing a product at a sales store will be described. More specifically, the credit settlement processing is performed in a settlement processing terminal device as a POS terminal device of a billing user and a mobile phone as a terminal device of a billed user purchasing a product, which are installed in a store. Shall be executed.

Embodiment 1
(Configuration of authentication system)
First, an authentication system (payment processing authentication system) 100 to which an authentication server (authentication server apparatus) 1 according to the present embodiment is applied will be described with reference to FIG. In the example shown in FIG. 2, the authentication system 100 pays the mobile phone (communication terminal device / second communication terminal device / second communication terminal device) 2 owned by the purchaser of the product and the mobile phone 2. A payment processing terminal device (communication terminal device / first communication terminal device / first communication terminal device) 3 as a POS terminal device installed in a store for transmitting a request message and performing payment processing, and the mobile In order to allow communication when the telephone 2 and the payment processing terminal device 3 perform payment processing, the authentication server 1 that authenticates each device is provided. In the following, when there is no need to distinguish between the payment processing terminal device 3 on the biller side and the mobile phone 2 on the billee side, they will be referred to as communication terminal devices.

  The authentication server 1 includes a communication unit 10 for communicating with each communication terminal device via the Internet, an authentication control unit 20 for authenticating each communication terminal device, and for the authentication control unit 20 to perform authentication. And a recording unit 40 for storing various information used by the settlement processing control unit 30. Details of the authentication control unit 20 and the recording unit 40 will be described later.

  The mobile phone 2 performs the payment process by the communication unit 10 that communicates with the authentication server 1 via the mobile phone network and the Internet, the payment processing control unit 30 that performs the payment process for the user to purchase the product, and the payment process. And a short-distance wireless communication unit 60 that performs communication with the payment processing terminal device 3 to perform payment processing.

  The payment processing terminal device 3 includes a communication unit 10 that communicates with the authentication server 1 via the Internet, a payment processing control unit 30 that performs payment processing for charging the price of the product purchased by the user, and the payment processing. A recording unit 40 that stores various types of information used by the payment processing control unit 30 to perform, and a short-range wireless communication unit 60 that performs communication for performing payment processing with the mobile phone 2 are provided.

  Details of the payment processing control unit 30 and the recording unit 40 of the mobile phone 2 and the payment processing terminal device 3 will be described later.

  In the present embodiment, communication for performing the payment process between the mobile phone 2 and the payment processing terminal device 3 is realized by short-range wireless communication such as infrared communication. In short-distance wireless communication such as infrared rays, communication is not performed by specifying a communication partner. For example, in order for the mobile phone 2 to receive communication from the payment processing terminal device 3, It is necessary for the user to intentionally bring the mobile phone 2 into a receivable state by approaching the processing terminal device 3 or the like. In other words, in order to receive communication data such as a payment request message from the payment processing terminal device 3, the user must take actions such as intentionally bringing the mobile phone 2 close to the payment processing terminal device 3. By doing so, the mobile phone of another unrelated user does not receive the processing request by mistake.

  The communication between the mobile phone 2 and the payment processing terminal device 3 and between the authentication server 1 and the mobile phone 2 and the payment processing terminal device 3 is not limited to the communication means, but can be wired communication, infrared It may be realized by communication, Bluetooth (registered trademark), wireless LAN (Local Area Network), or the like.

  Individual information (fixed identification information) is assigned to the mobile phone 2 and the payment processing terminal device 3. The individual information is identification information for physically specifying each of the communication terminal devices such as the mobile phone 2 and the payment processing terminal device 3. This individual information is fixedly assigned to each communication terminal device and cannot be arbitrarily changed, for example, like a mail address. In this embodiment, as the individual information, a manufacturing serial number assigned to each device when the manufacturer manufactures the communication terminal device is used. The individual information is not limited to the manufacturing serial number. For example, a MAC address used for communication in a LAN can be used as individual information. In other words, the individual information may be any information that is fixedly given to the communication terminal device itself and is unique throughout the world and cannot be changed.

(Configuration of authentication server)
The authentication server 1 authenticates each communication terminal device using the individual information. Hereinafter, the configuration of the authentication server 1 will be described in more detail.

  FIG. 1 is a block diagram showing a main configuration of an authentication server 1 according to the embodiment of the present invention.

  As illustrated in FIG. 1, the authentication server 1 includes a communication unit 10, an authentication control unit 20, and a recording unit 40.

  Furthermore, the communication part 10 has the receiving part 11 for receiving the communication data from each communication terminal device, and the transmission part 12 for transmitting communication data to each communication terminal apparatus. The authentication control unit 20 includes an individual information acquisition unit (fixed information acquisition unit) 21, an individual information verification unit (terminal device authentication unit) 22, a specific information acquisition unit (specific information acquisition unit) 23, and an authentication result output. Part (specific information supply means / authentication result notification means) 24 is included. Further, the recording unit 40 includes a registration information recording unit 41 for recording the individual information described above, and a rejection information recording unit 42 to which the authentication control unit 20 refers when authenticating each individual information. Yes. Note that the recording unit 40 is a block constituting a nonvolatile memory, and is realized by, for example, an HD (Hard Disk) or a ROM (Read Only Memory).

  The registration information recording unit 41 records registration information that is referred to when the authentication control unit 20 performs authentication of each communication terminal device that performs a payment process. The registration information includes the individual information of the communication terminal device of a legitimate user (biller or claimee) who is qualified to perform the settlement processing, and the destination at the time of settlement processing (payment processing communication). The specific information (communication destination specific information) to be shown is information recorded in association with each communication terminal device and a set thereof. Therefore, the communication terminal device having the individual information recorded in the registration information recording unit 41 as the registration information is authenticated as a valid user communication terminal device (hereinafter referred to as a valid terminal device) in the settlement process. Means that. Moreover, if the specific information associated with the individual information is used, communication for performing a settlement process can be performed with the legitimate terminal device. In the present embodiment, the specific information is also used as information for designating a destination when the authentication server 1 transmits communication data to each communication terminal device.

  The specific information is specifically destination information necessary for communication with each communication terminal device, such as a telephone number, a mail address, and an address. In addition, what added the predetermined | prescribed code | symbol unique for every apparatus to the said e-mail address etc. is good also as destination information for performing communication of payment processing, ie, specific information. Each communication terminal device is set with specific information for designating a destination. If the specific information is incorrect, communication with the communication terminal device is impossible. The specific information can be changed unlike the individual information. In other words, even when the communication terminal device is updated to a new model or replaced with another communication terminal device according to a failure, the previous specific information is transferred to the new individual information of the new device again. It is possible to associate. Alternatively, the specific information assigned to one certain communication terminal device can be changed to another specific information. For example, in the case of a mobile phone, the user can arbitrarily change the mail address.

  The change of the individual information and the specific information as described above can be handled by updating the registration information in the registration information recording unit 41 in accordance with the user's registration work or the operation of the administrator of the authentication server 1. To do.

  FIG. 10 shows an example of registration information recorded in the registration information recording unit 41. In this embodiment, as an example, the registration information includes a manufacturing serial number as individual information and a mail address as specific information, but is not limited to the above. Both are recorded in association with each communication terminal device. Thereby, the authentication control part 20 which refers to the registration information recording part 41 can identify specific information from individual information, and can identify and extract individual information from specific information.

  The configuration of the registration information table is not limited to the example of FIG. For example, information such as a user ID, a password, and a user name may be recorded, without being limited to the manufacturing serial number and the mail address. By recording the password in association with the communication terminal device, it is possible to prevent a person other than the original user from performing unauthorized payment processing using the communication terminal device.

  The refusal information recording unit 42 records refusal information (for processing) that is referred to when the authentication control unit 20 authenticates each communication terminal device that performs the settlement process. Refusal information refers to a communication terminal device (hereinafter referred to as refusal terminal) in which payment processing should be prohibited (no authentication is performed) for various reasons even when individual information of the communication terminal device is registered in the registration information recording unit 41. Device) information and its collection. For example, when a user loses a mobile phone with a payment processing function, the mobile phone is returned to the hand so that a person other than the user who picked up the mobile phone is not illegally executed the payment processing. In the meantime, there may be a case where it is desired to keep the lock so that nobody can process the payment. In such a case, the user who has lost his / her mobile phone requests the administrator of the authentication server 1 to stop the settlement process, and the administrator updates the refusal information in the refusal information recording unit 42. .

  Alternatively, for example, when it is discovered that the terminal E, which was initially registered as a legitimate terminal device, has attempted to perform payment processing by unauthorized use due to impersonation or the like, or a communication terminal device ( In the following, it is assumed that it is preferable to prohibit the subsequent settlement processing related to the terminal E when it is detected that the communication partner of the fraudulent terminal device has been made. In such a case, if the administrator of the authentication server 1 detects the history of fraud processing, identifies the corresponding communication terminal device as a rejection terminal device, and updates the rejection information in the rejection information recording unit 42. Good.

  FIG. 11 shows an example of rejection information recorded in the rejection information recording unit 42. In the present embodiment, as an example, the rejection information includes the manufacturing serial number, a rejection flag indicating whether or not the communication terminal device with the number is a rejection terminal device, and rejection of the settlement process (rejection). It is composed of a reason for refusal field describing the circumstances), but is not limited to the above.

  In the example shown in FIG. 11, for the serial numbers “C00012938” (terminal C) and “E03829938” (terminal E), the rejection of the settlement process is set. "User instructions" and "Unauthorized use history" are described. As described above, the “user instruction” means that when a legitimate user of the terminal C desires to prohibit payment processing (when accepting the wish, the user is a legitimate user. This means that the terminal C is registered in the refusal information recording unit 42 as a refusal terminal device, assuming that the request is confirmed to be valid by means and procedures for confirmation. “With unauthorized use history” means that the administrator of the authentication server 1 prohibits the payment processing of the terminal E when it is clear from the past communication history that the terminal E is involved in unauthorized payment processing. This means that the terminal E is registered in the rejection information recording unit 42 as a rejection terminal device.

  By referring to the refusal information recording unit 42 described above, the authentication control unit 20 can appropriately prevent unauthorized processing due to impersonation in accordance with various circumstances. In other words, when it is better to prohibit the settlement process due to various circumstances, the rejection information recording unit 42 is dynamically registered in the registration information recording unit 41 by enabling the settlement process prohibition setting process. It is possible to configure the authentication server 1 so that appropriate authentication processing is also performed on the legitimate terminal device and the payment processing is appropriately prohibited. As a result, even if a legitimate terminal device has been transferred to a malicious third party or unintentionally selected as a communication partner for fraudulent payment processing, Processing can be prevented.

  The individual information acquisition unit 21 (FIG. 1) acquires the individual information of the communication terminal device included in the communication data received by the reception unit 11 from the communication terminal device. Specifically, for example, the payment processing terminal device 3 (FIG. 2) transmits a payment request message to the mobile phone 2, and the mobile phone 2 that receives the payment request message sends the payment processing request message to the authentication server 1. Taking the case of transmission as an example, the individual information acquisition unit 21 acquires the individual information of the mobile phone 2 from the settlement processing request message. The acquired individual information is used when the individual information verification unit 22 authenticates each communication terminal device in the payment processing communication.

  The individual information collating unit 22 performs authentication of each communication terminal device in the payment processing communication by collating individual information. Specifically, by referring to the registration information recording unit 41 and determining that the individual information acquired by the individual information acquisition unit 21 matches the individual information recorded in the registration information recording unit 41, A communication terminal device having individual information is authenticated as a valid terminal device.

  The specific information acquisition unit 23 refers to the registration information recording unit 41 and associates with the individual information based on the individual information of the communication terminal device (in the above example, the mobile phone 2) authenticated as the valid terminal device. Specific information is acquired. The specific information is required when the payment processing terminal device 3 performs payment processing communication with the mobile phone 2.

  The authentication result output unit 24 transmits the specific information extracted from the registered information recording unit 41 by the specific information acquisition unit 23 to the communication partner (payment processing terminal device 3) of the legitimate terminal device (mobile phone 2) having the specific information. Communication data for generating data. In addition to the specific information, information notifying that the mobile phone 2 has been successfully authenticated, that is, an authentication result notification message may be generated together. The authentication result notification message and the specific information are transmitted to the settlement processing terminal device 3 via the transmission unit 12 as authentication result information. The specific information of the payment processing terminal device 3 is supplied from the payment processing terminal device 3 or the authentication server 1 to the mobile phone 2 on the assumption that the payment processing terminal device 3 is a legitimate terminal device. do it.

  Thereby, the settlement processing terminal device 3 detects that the mobile phone 2 has been authenticated as a valid terminal device. Furthermore, using the specific information of the mobile phone 2 received from the authentication server 1, it is possible to perform settlement processing communication with the mobile phone 2 and execute settlement processing.

  According to the above configuration, the individual information matching unit 22 authenticates the cellular phone 2 based on the individual information included in the settlement processing request message transmitted from the cellular phone 2. Specifically, the individual information is collated, and the mobile phone 2 is authenticated as a valid terminal device based on being registered in the registered information recording unit 41. And the specific information acquisition part 23 extracts only the specific information authenticated as the legitimate terminal device by the individual information verification part 22 from the registration information recording part 41, and the authentication result output part 24 uses the communication partner as the authentication result. To the payment processing terminal device 3.

  Therefore, even if the user of the mobile phone 2 succeeds in impersonating his / her e-mail address or individual information (spoofing another communication terminal device), the false individual information is registered as a legitimate terminal device. If it is not registered in the unit 41, the authentication server 1 does not permit payment processing communication with the payment processing terminal device 3. Alternatively, even if it is registered in the registration information recording unit 41, the payment processing communication is not permitted for the communication terminal device registered in the rejection information recording unit 42 as the rejection terminal device.

  As a result, even if the communication terminal device of the billee performing the payment process impersonates the transmission source information, it is possible to prevent an illegal payment process due to the impersonation.

  Furthermore, even when the user of the mobile phone 2 tries to execute a payment process with the payment processing terminal device 3, the user impersonates using another individual information registered in the registration information recording unit 41. It is possible to prevent unauthorized payment processing due to the spoofing.

  That is, since the impersonated individual information (hereinafter, camouflaged individual information) is registered in the registration information recording unit 41, the individual information matching unit 22 has a communication terminal device (hereinafter, communication terminal device A) having the impersonated individual information. ) Is authenticated as a valid terminal device. However, it is not the mobile phone 2 but the communication terminal device A having the above-mentioned camouflaged individual information that has been authenticated as a legitimate terminal device. Accordingly, the specific information of the communication terminal device A is supplied to the payment processing terminal device 3 instead of the specific information of the mobile phone 2. In this case, the payment processing terminal device 3 cannot perform payment processing communication with the mobile phone 2.

  Thereby, even if the user of the mobile phone 2 succeeds in impersonation using the individual information of the legitimate terminal device registered in the registration information recording unit 41, it is possible to prevent unauthorized payment processing due to the impersonation. It becomes.

  In the above description, the configuration of the authentication server 1 for preventing unauthorized payment processing due to impersonation of the mobile phone 2 on the demandee side has been described, but the authentication server 1 of the present invention is not limited to this. It is also possible to prevent unauthorized payment processing due to impersonation of the payment processing terminal device 3 on the claimant side. As a result, it is possible to prevent a settlement process in which a malicious user makes an unfair charge by using the formal settlement processing terminal device 3 operated by the billing party. Hereinafter, the authentication server 1 (FIG. 1) when the payment processing terminal apparatus 3 is also authenticated will be described in detail.

(Modification of authentication server)
FIG. 3 is a flowchart showing a flow of authentication processing of the authentication server 1 according to the embodiment of the present invention.

  The individual information acquisition unit 21 of the authentication server 1 acquires the individual information of the mobile phone 2 and the payment processing terminal device 3 included in the payment processing request message received from the mobile phone 2 (S101).

  The individual information collation unit 22 collates the individual information of the mobile phone 2 and the payment processing terminal device 3 with the individual information group recorded in the registration information recording unit 41 (S102). Here, the individual information matching unit 22 registers both the individual information of the mobile phone 2 (hereinafter referred to as individual information F2) and the individual information of the settlement processing terminal device 3 (hereinafter referred to as individual information F3) in the registration information recording unit 41. If it is determined that it is determined (YES in S103), the individual information matching unit 22 authenticates both the mobile phone 2 and the payment processing terminal device 3 as valid terminal devices (S104).

  Subsequently, the specific information acquisition unit 23 receives the authentication result of the individual information collating unit 22, and based on the individual information of each device authenticated as the valid terminal device (that is, the individual information F2 and the individual information F3), The specific information of the mobile phone 2 and the payment processing terminal device 3 is extracted from the registration information recording unit 41 (S105). Here, the specific information (hereinafter referred to as specific information D2) of the mobile phone 2 and the specific information (hereinafter referred to as specific information D3) of the payment processing terminal device 3 are extracted. Each specific information is information for designating a destination when the authentication server 1 transmits communication data to each legitimate terminal device. The specific information D2 is required when the payment processing terminal device 3 performs payment processing communication with the mobile phone 2, and the specific information D3 is required when the mobile phone 2 performs payment processing communication with the payment processing terminal device 3.

  Next, the authentication result output unit 24 generates authentication result information to be transmitted to each legitimate terminal device (the mobile phone 2 and the payment processing terminal device 3) (S106). More specifically, first, as authentication result information to be transmitted to the mobile phone 2, an authentication result notification message for notifying that the authentication of the payment processing terminal device 3 that is the communication partner is successful, and the specific information D3 are provided. Generate authentication result information. On the other hand, as the authentication result information to be transmitted to the payment processing terminal device 3, the authentication result information including the authentication result notification message for notifying that the mobile phone 2 as the communication partner has been successfully authenticated and the specific information D2 is generated. To do.

  Finally, the authentication result output unit 24 transmits the authentication result information generated toward the mobile phone 2 through the transmission unit 12 as communication data destined for the specific information D2. Further, the authentication result information generated toward the settlement processing terminal device 3 is transmitted via the transmission unit 12 as communication data having the specific information D3 as a destination (S107). Thereby, the mobile phone 2 and the payment processing terminal device 3 can start communication for performing payment processing.

  On the other hand, if the individual information matching unit 22 determines in S103 that only one of the communication terminal devices is registered in the registration information recording unit 41 (NO in S103, YES in S108), the individual information Taking the case where only F3 is registered in the registration information recording unit 41 as an example, the individual information verification unit 22 authenticates only the payment processing terminal device 3 as a valid terminal device, and the mobile phone 2 is an unauthorized terminal device. Is detected (S109).

  Subsequently, the specific information acquisition unit 23 extracts the specific information D3 based on the individual information of the legitimate terminal device (here, the individual information F3) (S110).

  Next, the authentication result output part 24 produces | generates the authentication result information transmitted to the payment processing terminal device 3 which is a valid terminal device (S111). That is, the authentication result information including the authentication result notification message for notifying that the authentication of the mobile phone 2 as the communication partner has failed is generated. Here, since the authentication of the mobile phone 2 has failed because the individual information of the mobile phone 2 is not registered, the specific information D2 is not included in the authentication result information (the specific information D2 can be obtained in the first place). Can not). Finally, the authentication result output unit 24 transmits the authentication result information to the payment processing terminal device 3 based on the specific information D3 (S112).

  Thereby, the impersonation of the mobile phone 2 is notified to the payment processing terminal device 3 and the specific information of each other is not notified, so that an illegal payment process due to the impersonation of the mobile phone 2 can be prevented.

  When only the mobile phone 2 is authenticated as a legitimate terminal device, contrary to S109 to S112, the specific information D2 is used to notify the mobile phone 2 that the authentication of the payment processing terminal device 3 has failed. By doing so, it is possible to prevent unauthorized payment processing due to impersonation of the payment processing terminal device 3.

  Furthermore, in S108, when the individual information matching unit 22 determines that none of the communication terminal devices is registered in the registration information recording unit 41 (NO in S108), the mobile phone 2 and the payment processing terminal device 3 Both of these communication terminal devices are detected as unauthorized terminal devices and cannot obtain any specific information, so the authentication process is terminated without transmitting any communication data.

  As a result, it is possible to prevent unauthorized payment processing when both communication terminal devices are unauthorized terminal devices.

(Configuration of mobile phone / payment processing terminal device)
Next, the configuration of the mobile phone 2 and the payment processing terminal device 3 in the authentication system 100 (FIG. 2) will be described in more detail. The mobile phone 2 and the payment processing terminal device 3 use the communication partner specific information acquired from the authentication server 1 respectively, and FIG. 4 shows communication data of the mobile phone 2 according to the embodiment of the present invention. It is a functional block diagram.

  As illustrated in FIG. 4, the mobile phone 2 includes a communication unit 10, a payment processing control unit 30, a recording unit 40, and a short-range wireless communication unit 60.

  Further, the communication unit 10 includes, via the Internet, a reception unit 11 for receiving communication data from the authentication server 1 and each communication terminal device, and a transmission unit 12 for transmitting communication data to each of the above devices. Have The short-range wireless communication unit 60 includes a wireless reception unit 61 for receiving communication data from each communication terminal device in a communicable area and a wireless transmission unit 62 for transmitting communication data to each of the devices. The payment processing control unit 30 includes a payment request receiving unit 13, a payment request unit 14, a specific information management unit (processing history confirmation unit / spoofing detection unit) 31, a specific information extraction unit (specific information extraction unit) 32, and a specific unit. An information verification unit (specific information verification unit) 33, a communication data management unit (communication data management unit) 34, and a communication data output unit 35 are included. In addition, the recording unit 40 includes a processing history recording unit 51 for recording the progress of the settlement process that the mobile phone 2 is currently executing, a past settlement process, and identification information of a communication partner that performs the settlement process. A specific information recording unit 52 for recording is included.

  The payment request reception unit 13 receives a payment request message from the payment processing terminal device 3. The payment request receiving unit 13 acquires the individual information F3 of the settlement processing terminal device 3 included in the payment request message.

  The settlement request unit 14 transmits a settlement process request message to the authentication server 1. The settlement request unit 14 transmits a settlement processing request message including the individual information F3 acquired by the payment request reception unit 13 and the individual information F2 of the own device to the authentication server 1.

  In addition, about the structure of the payment processing terminal device 3, it replaces with the payment request | requirement reception part 13 and the payment request | requirement request | requirement part 14 in the structure of the mobile telephone 2 shown in FIG. Since the configuration is the same as that of the mobile phone 2 except that it is not provided, a description thereof will be omitted. The payment request unit transmits a payment request message to a communication terminal device in a communicable area in response to an instruction input from an operator (such as a store clerk). Payment processing from the communication terminal device on the demandee side such as the telephone 2 is accepted. In the present embodiment, the above-described units of the mobile phone 2 and the payment processing terminal device 3 communicate with each other via the short-range wireless communication unit 60 to execute the payment process.

  The short-range wireless communication unit 60 includes a light emitting / receiving module (light emitting / receiving element) for performing infrared communication. The wireless receiving unit 61 includes a photodiode for receiving communication data, and the wireless transmitting unit 62 includes an infrared LED (light emitting diode) for transmitting communication data. That is, the wireless reception unit 61 receives communication data by detecting blinking of the infrared LED with a photodiode, and the wireless transmission unit 62 transmits communication data by blinking the infrared LED.

  In the present embodiment, the user of the mobile phone 2 places the mobile phone 2 so that the short-range wireless communication unit 60 of the mobile phone 2 and the short-range wireless communication unit 60 of the payment processing terminal device 3 face each other. By holding 2, it is possible to perform short-range wireless communication with each other. In this embodiment, payment processing communication is realized by infrared communication. However, in the authentication system 100 of the present invention, the communication means between the communication terminal devices is not limited to the above.

  The processing history recording unit 51 records the progress of the payment processing currently being executed by the mobile phone 2 (payment processing terminal device 3) and the history of payment processing completed in the past. For example, the payment processing executed by the mobile phone 2 is centrally managed including the one currently being executed, and for each payment processing, the communication partner, the payment amount, the payment date and time, the specific information of the communication partner, and the status (currently In progress / settlement processing complete), etc. are recorded. The above-described processing history information is appropriately referred to by each unit of the settlement processing control unit 30.

  The specific information recording unit 52 includes (1) the specific information of the own device, that is, the specific information D2 of the mobile phone 2, and (2) the specific information of the communication partner that is currently proceeding with the payment process, that is, the authentication server 1. Specific information to be transmitted by being included in the authentication result information (specific information D3 of the settlement processing terminal device 3 as a communication partner in the above example) is recorded.

  The specific information (1) described above is used when determining the validity of the communication data received in the payment processing communication. Specifically, when the specific information given to the communication data matches the specific information of (1), the communication data is approved as valid.

  The specific information (2) described above is given to the communication data at the time of transmission as proof of the validity of the communication data transmitted in the payment processing communication. For example, the specific information D3 recorded in the specific information recording unit 52 is given to the communication data for payment processing transmitted to the payment processing terminal device 3.

  The specific information management unit 31 receives authentication result information supplied from the authentication server 1 via the reception unit 11 and acquires and manages various types of information necessary for the payment process. When the received authentication result information includes an authentication result notification message for notifying the success of authentication and identification information of the communication partner, the specific information management unit 31 first refers to the processing history recording unit 51. Then, the history of the settlement request processing of the settlement request unit 14 performed by the own apparatus with respect to the authentication server 1 is confirmed. Here, if the history that the settlement processing request message is transmitted to the authentication server 1 together with the individual information of the communication partner can be confirmed in the processing history recording unit 51, the specific information management unit 31 indicates that the received authentication result information is It is determined that the response is a correct response to the request, and the specific information of the communication partner included therein is recorded in the specific information recording unit 52.

  On the other hand, if the processing history corresponding to the processing history recording unit 51 is not recorded, the authentication result information has been sent even though the own device has not transmitted the payment processing request message, The information management unit 31 detects the presence of another communication terminal device that tries the fraudulent settlement process by enrolling itself. Furthermore, the specific information management unit 31 may report to the authentication server 1 that impersonation has been detected when receiving authentication result information that is not memorized as described above. That is, a damage report is generated and transmitted to the authentication server 1. As a result, the authentication server 1 that mediates payment processing can detect impersonation and prevent unauthorized payment processing.

  The specific information extraction unit 32 receives communication data transmitted from a communication partner of the payment processing communication via the wireless reception unit 61, and extracts specific information given to the communication data. The extracted specific information is supplied to the specific information matching unit 33.

  The specific information collation unit 33 collates the extracted specific information with the specific information (1) recorded in the specific information recording unit 52, that is, the specific information of the own device.

  As already described in the description of the authentication server 1, the communication partner (for example, the payment processing terminal device 3) is supplied with the specific information of the own device (the mobile phone 2) from the authentication server 1. Therefore, if the communication partner is a valid terminal device authenticated by the authentication server 1, the specific information of the own device (mobile phone 2) can be given to the communication data addressed to the own device. Conversely, unless the payment processing terminal device 3 is authenticated as a legitimate terminal device, the specific information of the mobile phone 2 cannot be assigned to the communication data. Therefore, the specific information extraction unit 32 of the mobile phone 2 matches the specific information given to the communication data received from the payment processing terminal device 3 with the specific information of the own device stored in the specific information recording unit 52. It is determined that the communication data is valid communication data from the payment processing terminal device 3.

  If no specific information is given to the communication data, or if specific information different from that of its own device is given, the sender information of the communication data is the settlement process that is the communication partner. Even if the terminal device 3 is shown, it is determined that the communication data is invalid. As a result, even if the communication partner sends the communication data for payment processing by pretending to be the transmission source, it is possible to prevent unauthorized payment processing due to the spoofing.

  The communication data management unit 34 processes and manages the received communication data in accordance with the determination result of the specific information matching unit 33. If it is determined that the communication data is invalid, the communication data may be discarded as it is. On the other hand, if it is determined that the communication data is valid, the communication data is approved as valid communication data, and data necessary for each unit (not shown) of the settlement processing control unit 30 that performs various processes according to the content. Supply or control.

  The communication data output unit 35 generates and transmits communication data for each unit of the payment processing control unit 30 to return the result of executing various processes related to payment to the communication partner. Specifically, communication data to be transmitted to the communication partner is generated, identification information of the communication partner is added to the communication data, and the communication data is transmitted via the wireless transmission unit 62. Thereby, the communication terminal device of the communication partner can approve the communication data as valid by adding the specific information of the own device to the communication data transmitted by the mobile phone 2.

  According to the said structure, each communication terminal device authenticated by the authentication server 1 each acquires the specific information of a communicating party. Thereby, each communication terminal device, that is, the mobile phone 2 and the payment processing terminal device 3 can perform payment processing communication. When receiving communication data related to payment processing from the communication partner (for example, payment processing terminal device 3), the specific information matching unit 33 uses the communication data to specify specific information (for example, specific information D2) of the device itself. The validity of the communication data is determined based on whether or not is given. On the other hand, when transmitting communication data related to payment processing to a communication partner, the communication partner specific information (for example, specific information D3) acquired from the authentication server 1 is added to the communication data and transmitted. Accordingly, the payment processing terminal device 3 can determine the communication data as valid communication data from the mobile phone 2 by adding the identification information D3 of the own device to the communication data.

  Thus, each communication terminal device exchanges the communication data including the mutual specific information when executing the payment process, and does not process the communication data not including the specific information as being invalid. As a result, it is possible to prevent unauthorized payment processing due to impersonation.

(Authentication system flow)
Next, the flow of authentication processing of each device (the authentication server 1, the mobile phone 2, and the payment processing terminal device 3) in the authentication system 100 (FIG. 2) according to the present embodiment will be described.

  FIG. 5 is a sequence diagram showing a processing flow of each device in the authentication system 100 according to the present embodiment. A user of the mobile phone 2 purchases a product at a certain store, and brings the short-range wireless communication unit 60 of the mobile phone 2 close to the short-range wireless communication unit 60 of the payment processing terminal device 3 installed in the store.

  The settlement processing terminal device 3 sends a payment request message and individual information F3 of its own device to the mobile phone 2 via the wireless transmission unit 62 in accordance with the instruction content input to the device by the store clerk. Transmit (S1). Subsequently, the mobile phone 2 that has received the payment request message and the individual information F3 transmits the received individual information F3 and the individual information F2 of the device itself to the authentication server 1 together with the settlement processing request message (S2). .

  In the authentication server 1 that has received the individual information F3 of the payment processing terminal device 3 and the individual information F2 of the mobile phone 2 from the mobile phone 2, the individual information is registered in the registration information recording unit 41 (FIG. 1) in advance. On the condition that it is not a rejection terminal device recorded in the rejection information recording unit 42 (YES in S3), each of the communication terminal devices is authenticated as a valid terminal device.

  Subsequently, the authentication server 1 acquires the specific information D2 of the mobile phone 2 and the specific information D3 of the payment processing terminal device 3 associated with the individual information F2 and F3 from the registration information recording unit 41 (S4). .

  Next, the authentication server 1 transmits the authentication result information with the specific information D3 as a destination (to the payment processing terminal device 3). That is, the authentication result notification message of the mobile phone 2 and the specific information D2 are transmitted (S5). Further, the authentication result information is transmitted with the specific information D2 as a destination (to the mobile phone 2). That is, the authentication result notification message of the payment processing terminal device 3 and the specific information D3 are transmitted (S6).

  Here, since the authentication result is successful, each communication terminal apparatus is in a state where payment processing communication is possible.

  On the other hand, for example, when the mobile phone 2 disguises the individual information F2 of its own device and transmits a settlement processing request message (assuming the disguised individual information is referred to as individual information FX), the authentication server 1 The mobile phone 2 is not authenticated because the individual information FX is not registered in the unit 41 (NO in S3). Therefore, the mobile phone 2 cannot acquire the specific information D3 necessary for performing the payment process with the payment processing terminal device 3.

  When the payment processing terminal device 3 is authenticated as a valid terminal device, the authentication server 1 notifies the payment processing terminal device 3 that the authentication of the mobile phone 2 has failed (S11). . Conversely, if the payment processing terminal device 3 is an unauthorized terminal device, the authentication server 1 notifies the mobile phone 2 that the authentication of the payment processing terminal device 3 has failed. As a result, it is possible to prevent information from being unintentionally leaked by a legitimate terminal device attempting to carelessly communicate with an unauthorized terminal device.

  Next, payment processing communication between the mobile phone 2 and the payment processing terminal device 3 will be described.

  The payment processing terminal device 3 that has received the authentication result information from the authentication server 1 uses the specific information D2 included in the authentication result information to the mobile phone 2 when the authentication result notification message indicates successful authentication. The process is started. At this time, the payment processing terminal device 3 adds the specific information D2 acquired from the authentication server 1 to the communication data and transmits it to the mobile phone 2 (S7). The mobile phone 2 determines whether or not to approve the communication data depending on whether or not the specific information given to the received communication data is the specific information D2 of the own device (S8).

  On the other hand, the mobile phone 2 that has received the authentication result information from the authentication server 1 uses the specific information D3 included in the authentication result information when the authentication result notification message indicates successful authentication, 3 starts processing. At this time, the mobile phone 2 adds the specific information D3 acquired from the authentication server 1 to the communication data and transmits it to the payment processing terminal device 3 (S9). The settlement processing terminal device 3 determines whether or not to approve the communication data depending on whether or not the specific information given to the received communication data is the specific information D3 of the own device (S10).

  When executing the payment process, each communication terminal device includes only the communication data including the specific information of the communication partner in the communication data transmitted / received between the communication terminal devices as the valid communication data. Accordingly, each communication terminal device can be authenticated not only at the stage of authentication before the settlement process is started but also when the settlement process is executed. Furthermore, it is possible to prevent unauthorized payment processing from being performed by improper communication data interrupting the payment processing.

  Next, the flow of authentication processing of each device in the authentication system 100 when impersonation is performed using individual information of the mobile phone 2 registered as a valid terminal device will be described.

  FIG. 6 is a sequence diagram showing the flow of processing of each device when the camouflaged mobile phone X tries to perform a payment process with the mobile phone 2 in the authentication system 100. A user of a camouflaged mobile phone X purchases a product at a certain store, and transmits the individual information F3 acquired in S21 and the individual information F2 of the mobile phone 2 to the authentication server 1 together with a settlement processing request message. (S22).

  The authentication server 1 that has received the individual information F2 and the individual information F3 from the camouflaged mobile phone X authenticates the mobile phone 2 and the payment processing terminal device 3 as legitimate terminal devices as in S3 described above (YES in S23). . Subsequently, the specific information D2 and the specific information D3 are extracted as in S4 (S24).

  Next, the authentication server 1 transmits the authentication result notification message of the mobile phone 2 and the specific information D2 to the payment processing terminal device 3 with the specific information D3 as the destination (S25). Further, the authentication result notification message of the settlement processing terminal device 3 and the specific information D3 are transmitted with the specific information D2 as the destination (S26).

  Thereby, the authentication result information including the specific information D3 transmitted in S26 is not delivered to the camouflaged mobile phone X. Accordingly, it is possible to prevent the camouflaged mobile phone X from impersonating the mobile phone 2 and performing the payment processing with the payment processing terminal device 3 (S27).

  On the other hand, the mobile phone 2 receives the authentication result notification message of the payment processing terminal device 3 and the specific information D3. However, the mobile phone 2 detects that there is another history of requesting settlement processing with the settlement processing terminal device 3 (NO in S28), so that another device pretending to be its own device is present (S29). . Further, the payment processing terminal device 3 cannot proceed with the payment processing because it cannot receive the communication data related to the payment processing from the mobile phone 2 or the camouflaged mobile phone X (S30).

  From the above, even when the disguised individual information is registered in the registration information recording unit 41 of the authentication server 1, it is possible to prevent an unauthorized settlement process by impersonation from being executed.

[Embodiment 2]
Next, another embodiment of the present invention will be described. In the second embodiment, as an example, an authentication system applied to a payment process by pay site registration when making a contract related to a pay service via the Internet will be described. More specifically, the paid site registration settlement process is a communication between the settlement processing terminal device 3 as a registration management server of a paid site provider (billing user) and a billed user who performs registration on the paid site. It is assumed that the authentication server 1 is executed as an intermediary with the mobile phone 2 as a terminal device.

  Note that the configuration of the authentication system in the present embodiment is substantially the same as that of the authentication system 100 shown in FIG. The difference from the authentication system 100 is that the payment processing communication between the payment processing terminal device 3 and the mobile phone 2 is not the short-range wireless communication by the short-range wireless communication unit 60 but the authentication server 1 via the Internet and the mobile phone network. Therefore, the mobile phone 2 and the payment processing terminal device 3 are not necessarily provided with the short-range wireless communication unit 60.

(Configuration of authentication server 2)
FIG. 7 is a block diagram showing a main configuration of the authentication server 1 according to the embodiment of the present invention.

  As shown in FIG. 7, the authentication server 1 further includes a payment processing mediation unit (payment processing mediation means) 25 and a damage report management unit 26 inside the authentication control unit 20, as compared with the configuration shown in FIG. 40 includes a damage report recording unit 43. The other configuration is the same as the configuration shown in FIG. 1 described above, and a description thereof will be omitted.

  Hereinafter, differences from the authentication server 1 shown in FIG. 1 will be described.

  In the present embodiment, the authentication server 1 manages, in the registration information recording unit 41, second specific information different from the mail address in addition to the manufacturing serial number and the mail address.

  FIG. 12 shows an example of registration information recorded in the registration information recording unit 41 in the present embodiment. In the present embodiment, the registration information includes three items, which are a manufacturing serial number, a mail address, and a management address as the second specific information, but is not limited to the above. Each of the above items is recorded for each communication terminal device.

  The management address is uniquely set when the authentication server 1 registers the communication terminal device, and is specific information used when each communication terminal device designates the communication partner as the authentication server 1. is there. Each communication terminal device designates a destination of communication data using the management address and sends it to the authentication server 1. The authentication server 1 transmits the communication data using specific information (that is, a mail address) indicating an actual destination corresponding to the management address. Hereinafter, the specific information (mail address) indicating the actual destination information is referred to as first specific information, and the specific information (management address) used for mediation of each communication terminal device uniquely set by the authentication server 1 is referred to as the first specific information. The two specific information are distinguished from each other by referring to two specific information.

  Thereby, when the authentication server 1 completely mediates the payment processing between the mobile phone 2 and the payment processing terminal device 3, it is possible to prevent the first specific information of each communication terminal device from being unnecessarily leaked. . In addition, each communication terminal device can confirm the validity of the communication data by receiving the communication data to which the second specific information is added, and the individual information or the first specific information is impersonated. It is possible to prevent an unauthorized payment process from being executed.

  The specific information acquisition unit 23 extracts second specific information based on the individual information of the communication terminal device authenticated as the legitimate terminal device. The second specifying information is required when each communication terminal device performs payment processing communication via the authentication server 1. Subsequently, the authentication result output unit 24 generates authentication result information including the authentication result notification message of the communication partner and the second specific information addressed to the first specific information associated with each of the communication terminal devices. Thereby, each communication terminal device can execute a settlement process with a communication partner by exchanging communication data using the second specific information.

  The payment processing mediation unit 25 performs processing for mediating exchange of communication data for payment processing between the communication terminal devices (for example, between the mobile phone 2 and the payment processing terminal device 3). The settlement processing mediation unit 25 has a function of extracting the first specific information corresponding to the second specific information from the registered information recording unit 41. More specifically, for example, first, it is assumed that communication data to which the second specific information D3 of the payment processing terminal device 3 is attached is received from the mobile phone 2. The settlement processing mediation unit 25 extracts the first specific information D3 from the registered information recording unit 41 based on the second specific information D3. Then, the payment processing mediation unit 25 adds the first specific information D3 to the communication data, and transmits the communication data to the destination communication terminal device indicated by the first specific information D3.

  The communication terminal device that has received the communication data can confirm the validity of the received communication data since the first identification information of the device itself is attached to the communication data.

  The damage report management unit 26 manages the damage report that notifies the presence of impersonation received from each communication terminal device that has detected impersonation of its own device, and controls the settlement processing mediation unit 25. For example, it is assumed that the mobile phone 2 receives authentication result information regarding the payment processing terminal device 3 from the authentication server 1 even though there is no history of transmitting the payment processing request message to the authentication server 1. In this way, the mobile phone 2 detects the presence of impersonation, and reports that the impersonation of the own device has been performed together with the received communication partner information (for example, the second specific information D3 of the payment processing terminal device 3). The damage report is sent back to the authentication server 1.

  Upon receiving the damage report, the damage report management unit 26 records the damage report in the damage report recording unit 43. For example, the damage information recorded in the damage report recording unit 43 includes at least information of a spoofed victim (mobile phone 2) and information of a communication partner (payment processing terminal device 3) of a disguised communication terminal device. . Based on the above damage information, the damage report management unit 26 controls so that when the payment processing mediation unit 25 receives communication data from the payment processing terminal device 3 to the mobile phone 2, the communication data is not mediated. It becomes possible to do.

(Configuration 2 of mobile phone / payment processing terminal device)
In the mobile phone 2 and the payment processing terminal device 3 in the present embodiment, the following two pieces of specific information are recorded in the specific information recording unit 52. That is,
(1) First specific information (email address) of own device
(2) Second identification information of a communication partner whose payment process is currently in progress (that is, a management address transmitted by the authentication server 1 included in the authentication result information)
It is.
The specific information (1) is referred to in order to determine the validity of the communication data when the communication data is received from the authentication server 1. Further, the specific information (2) is given to the communication data in order to verify the designation and validity of the destination of the communication data when the communication data is transmitted to the authentication server 1.

  In addition, the specific information management unit 31 of the mobile phone 2 and the payment processing terminal device 3 receives the authentication result information from the authentication server 1 even though there is no processing history. Although the presence can be detected, a damage report output unit (not shown) for reporting the presence of impersonation to the authentication server 1 may be further provided in the settlement processing control unit 30 at this time. As a result, the presence of impersonation can be promptly notified to the authentication server 1 that is a mediator of the process, and unauthorized payment processing due to impersonation can be more reliably prevented.

  According to the above configuration, the exchange of communication data between the communication terminal devices is realized by the payment processing mediation unit 25 mediating. Further, as the specific information used when certifying or approving that the communication data is valid from the valid terminal device, without using the first specific information directly indicating the destination information of the communication terminal device, The 2nd specific information which the authentication server 1 sets uniquely is used.

  Thereby, since each communication terminal device is public as destination information, it is not the first specific information that may be used for impersonation or impersonation of communication data, but the confidentiality set by the authentication server 1 uniquely It is possible to determine the legitimacy of the communication data using the second specific information having a high value.

  Furthermore, when the second specific information is unnecessarily leaked due to an attempt of illegal payment processing by impersonation, the following measures can be taken. That is, since the second specifying information can be changed independently in the authentication server 1, the second specifying information can be changed as soon as the presence of the spoofed communication terminal device is detected.

  From the above, even when communication data related to payment processing is performed via the Internet, it is possible to prevent unauthorized payment processing due to impersonation.

(Authentication system flow 2)
Next, the flow of authentication processing of each device (the authentication server 1, the mobile phone 2, and the payment processing terminal device 3) in the authentication system according to the present embodiment will be described.

  FIG. 8 is a sequence diagram showing a processing flow of each device in the authentication system according to the present embodiment. The user of the mobile phone 2 accesses a pay site via the mobile phone network and the Internet, and executes registration processing necessary for enjoying the service of the pay site. The processing terminal device 3) is requested (S31). Similarly to S1 and S2, the individual information (F2 and F3) of the mobile phone 2 and the payment processing terminal device 3 is supplied to the authentication server 1 (S32 and S33), and the authentication server 1 performs authentication based on the individual information. (S34).

  Here, when each communication terminal device is authenticated as a valid terminal device (YES in S34), the authentication server 1 sends the second information of the mobile phone 2 associated with the individual information F2 and F3 from the registration information recording unit 41. The specific information D2 and the second specific information D3 of the payment processing terminal device 3 are acquired (S35).

  Next, the authentication server 1 transmits authentication result information for notifying that each communication terminal has been successfully authenticated to each legitimate terminal device (the mobile phone 2 and the payment processing terminal device 3). At this time, the mobile phone 2 receives the second specific information D3 (management address of the payment processing terminal device 3), and the payment processing terminal device 3 receives the second specific information D3 (management address of the mobile phone 2). Each is transmitted (S36, S37). Thereby, the mobile phone 2 and the payment processing terminal device 3 can execute the pay site registration payment processing via the authentication server 1.

  The settlement processing terminal device 3 adds the second specific information D2 acquired from the authentication server 1 to the communication data (paid site registration format) and transmits it to the authentication server 1 (S38). The authentication server 1 receives this, and the payment processing mediation unit 25 acquires the first specific information D2 from the registration information recording unit 41 based on the second specific information D2 given to the communication data (S39). The communication data is transmitted to the mobile phone 2 together with the first specific information D2 (S40).

  When the mobile phone 2 receives the communication data, the mobile phone 2 determines whether or not the specific information given to the communication data matches the first specific information D2 of the own device (S41). And approve the communication data. Thereby, the user of the mobile phone 2 can input necessary items into the approved paid site registration format and create an input file. Next, the mobile phone 2 adds the second specific information D3 acquired in S37 to the communication data (input file) and transmits it to the authentication server 1 (S42). The authentication server 1 receives this, and the payment processing mediation unit 25 acquires the first specific information D3 from the registration information recording unit 41 based on the second specific information D3 given to the communication data (S43). The communication data is transmitted to the payment processing terminal device 3 together with the first specific information D3 (S44).

  The payment processing terminal device 3 also confirms that the specific information (first specific information D3) of its own device is attached to the communication data (input file) in the same manner as described above (S45), and approves this. .

  In S34, for example, when it is determined that the mobile phone 2 is an unauthorized terminal device and only the payment processing terminal device 3 is authenticated as a valid terminal device, the authentication server 1 You may notify that the authentication of the mobile telephone 2 failed (S46). As a result, it is possible to prevent information from being unintentionally leaked by a legitimate terminal device attempting to carelessly communicate with an unauthorized terminal device.

  In the payment process performed via the authentication server 1, each communication terminal device includes the second identification information of the communication partner uniquely set by the authentication server 1 in the communication data transmitted between the communication terminal devices. As for the communication data received from the authentication server 1, only the communication data including the destination information (first specifying information) of the own device is processed as valid communication data. Thereby, in the payment process performed via the Internet, a mobile telephone network, etc., each communication terminal device can be authenticated not only at the stage of authentication before the payment process is started but also when the payment process is executed. Furthermore, it is possible to prevent unauthorized payment processing from being performed by improper communication data interrupting the payment processing.

  Next, the flow of authentication processing of each device in the authentication system 100 when impersonation is performed using individual information of the mobile phone 2 registered as a valid terminal device will be described.

  FIG. 9 is a sequence diagram illustrating a processing flow of each device when the camouflaged mobile phone X tries to perform a settlement process by holding the mobile phone 2 in the authentication system according to the present embodiment. It is assumed that the user of the camouflaged mobile phone X requests the payment processing terminal device 3 to register to the pay site and transmits the individual information F3 and the individual information F2 of the mobile phone 2 to the authentication server 1 (S53). . In S54, when the mobile phone 2 impersonating the camouflaged mobile phone X and the payment processing terminal device 3 are authenticated as legitimate terminal devices, the specific information acquisition unit 23, as in S35 described above, receives the second specific information D2. And D3 are extracted.

  Subsequently, the authentication result output unit 24 transmits the second specific information D2 to the payment processing terminal device 3 in the same manner as described above based on FIG. 6 (S56), and the second specific information D3 is transmitted to the disguised mobile phone X. Instead, it is transmitted to the mobile phone 2 (S57). As a result, even if the camouflaged mobile phone X impersonates the mobile phone 2, it cannot acquire the second specific information D 3 of the payment processing terminal device 3, so that the authentication server 1 sends the communication data to the payment processing terminal device 3. It cannot be requested (S58).

  First, the mobile phone 2 that has received the second specific information D3 from the authentication server 1 impersonates itself due to the absence of a history of requesting payment processing with the payment processing terminal device 3 (NO in S59). Detect that there is a device. At this time, the damage report output unit of the mobile phone 2 sends a damage report including information on the victim of impersonation (mobile phone 2) and information on the communication partner (payment processing terminal device 3) of the camouflaged communication terminal device. You may report to the authentication server 1 (S60).

  On the other hand, the payment processing terminal device 3 that has received the second specific information D2 from the authentication server 1 adds the second specific information D2 to the communication data (pay site registration format) and transmits it to the authentication server 1 (S61). . This is because the payment processing terminal device 3 recognizes the mobile phone 2 as an official communication partner.

  Here, if the damage report in S61 has already arrived from the mobile phone 2, the damage report management unit 26 determines that the communication data is illegally settled based on the damage information recorded in the damage report recording unit 43. It is determined that the processing is related (YES in S62), the communication data is rejected, and the fact is notified to the settlement processing terminal device 3 (S63). Thereby, the payment processing terminal device 3 can stop the payment processing.

  Alternatively, if the communication data from the payment processing terminal device 3 arrives at S59 before the damage report at S61 is delivered to the authentication server 1, the damage report management unit 26 sends the mobile phone 2 The payment processing terminal device 3 recognizes that there is no problem in the payment processing (NO in S62), attaches the first specific information D2 to the communication data, and transmits it to the mobile phone 2 (S64). However, even in such a case, the specific information management unit 31 of the mobile phone 2 refers to the processing history recording unit 51 (FIG. 4) and detects that the device itself has not requested payment processing. The received communication data can be rejected (S66).

  From the above, even if the individual information of the communication terminal device to be spoofed is registered in the registration information recording unit 41 of the authentication server 1, the payment process is not a short-range wireless communication means, Even when executed via communication means such as the Internet, it is possible to prevent unauthorized payment processing by impersonation.

(Paid data download process)
The communication data authentication processing in each communication terminal device described in the above embodiment is not only exchange of communication data during payment processing communication, but also content distribution of a pay site provider (billing user). The present invention can also be applied to content download processing from a server to a mobile phone of a pay site user (requested user).

  When the mobile phone 2 performs the download process, the specific information matching unit 33 of the mobile phone 2 downloads the download data as valid data on the condition that the download data includes the second specific information D2 of the mobile phone 2. Authenticate that there is. When the authentication is not possible, the communication data management unit 34 prohibits the execution processing of the unauthorized data, assuming that the download data is unauthorized data. Thereby, it is possible to prevent illegal data from being processed and leaked due to illegal copying between the mobile phone 2 and another communication terminal device that is not registered.

Further, as the method of giving the second specific information to the download data, the following methods can be considered.
(1) The content distribution server encrypts and distributes the download data using the second specific information D2 of the mobile phone 2 as a key. The mobile phone 2 receives the encrypted communication data via the authentication server 1, decrypts the received communication data using the second (and / or first) specific information of the own device, Use download data.
(2) The content distribution server inserts the second identification information D2 as header information at the beginning of the download data, and distributes the download data. The mobile phone 2 does not use data unless the header information includes the second specifying information D2 of the own device.

  This makes it possible to prevent illegal download request processing and pay data distribution processing due to impersonation.

  In the authentication system of the present invention, the specific information of the mobile phone 2 used for the payment processing communication performed between the payment processing terminal device 3 and the mobile phone 2 is the individual information obtained from the mobile phone 2 by the authentication server 1. Based on the registration information of the registration information recording unit 41 based on this. Therefore, it is determined that the payment processing by the unauthorized terminal device that has attempted to impersonate does not match the actual specific information of the unauthorized terminal device with the specific information associated with the individual information registered in the authentication server 1. Therefore, it can be prevented beforehand.

  Since the identification information of the mobile phone 2 is extracted from the registration information of the registration information recording unit 41 based on the individual information obtained from the mobile phone 2 by the authentication server 1, the specific information supplied by the mobile phone 2 is disguised. In addition, it is possible to prevent unauthorized payment processing from being executed.

  Further, when authentication of the payment processing terminal device 3 is performed in the authentication server 1, the mobile phone 2 performs payment processing communication with the payment processing terminal device 3, which is an unauthorized terminal device. Can be prevented from leaking.

  Each communication terminal device is connected to the authentication server 1 (or the communication terminal device serving as a communication partner) only when the individual information and the specific information of the device match the registration information of the registration information recording unit 41. Can communicate. Therefore, fraudulent payment processing can be prevented by preventing payment processing communication from being performed using only one of the information due to impersonation or illegal reception.

  Each communication terminal device includes specific information of a communication terminal device to be a communication partner when transmitting the communication data between the communication terminal devices when executing the settlement process. Further, when receiving, communication data not including specific information is not processed as illegal data. As a result, it is possible to prevent settlement processing using illegal data.

  Alternatively, in the download process of the mobile phone 2, the mobile phone 2 authenticates that the download data is valid data by performing authentication on the condition that the download data includes specific information of the mobile phone 2. On the other hand, execution processing is prohibited for data that cannot be authenticated as illegal data. Thereby, it is possible to prevent illegal data from being processed and leaked by, for example, transmitting an illegal copy to another communication terminal device that has not been registered by the mobile phone 2.

  The present invention is not limited to the above-described embodiments, and various modifications are possible within the scope shown in the claims, and embodiments obtained by appropriately combining technical means disclosed in different embodiments. Is also included in the technical scope of the present invention.

  Finally, each block of the authentication server 1, the mobile phone 2, and the payment processing terminal device 3, in particular, the individual information matching unit 22 and the specific information matching unit 33 may be configured by hardware logic, as follows: Alternatively, it may be realized by software using a CPU.

  That is, the authentication server 1, the mobile phone 2, and the payment processing terminal device 3 include a CPU (central processing unit) that executes instructions of a control program that realizes each function, a ROM (read only memory) that stores the program, A RAM (random access memory) for expanding the program, a storage device (recording medium) such as a memory for storing the program and various data, and the like are provided. The object of the present invention is the program code (execution format program, intermediate code program, source program) of the control program for the authentication server 1, the mobile phone 2, and the payment processing terminal device 3, which are software for realizing the functions described above. Is supplied to the authentication server 1, the mobile phone 2, and the payment processing terminal device 3, and the computer (or CPU or MPU) is recorded on the recording medium. This can also be achieved by reading out and executing.

  Examples of the recording medium include a tape system such as a magnetic tape and a cassette tape, a magnetic disk such as a floppy (registered trademark) disk / hard disk, and an optical disk such as a CD-ROM / MO / MD / DVD / CD-R. Card system such as IC card, IC card (including memory card) / optical card, or semiconductor memory system such as mask ROM / EPROM / EEPROM / flash ROM.

  The authentication server 1, the mobile phone 2, and the payment processing terminal device 3 may be configured to be connectable to a communication network, and the program code may be supplied via the communication network. The communication network is not particularly limited. For example, the Internet, intranet, extranet, LAN, ISDN, VAN, CATV communication network, virtual private network, telephone line network, mobile communication network, satellite communication. A net or the like is available. Also, the transmission medium constituting the communication network is not particularly limited. For example, even in the case of wired such as IEEE 1394, USB, power line carrier, cable TV line, telephone line, ADSL line, etc., infrared rays such as IrDA and remote control, Bluetooth ( (Registered trademark), 802.11 wireless, HDR, mobile phone network, satellite line, terrestrial digital network, and the like can also be used. The present invention can also be realized in the form of a computer data signal embedded in a carrier wave in which the program code is embodied by electronic transmission.

  The authentication system of the present invention is not limited to credit payment processing at the time of product purchase or paid site registration payment processing, but various processes established by each communication terminal device transmitting and receiving and exchanging communication data bidirectionally. When performing, it can use suitably as an authentication system for authenticating each communication terminal device.

It is a block diagram which shows the principal part structure of the authentication server which concerns on embodiment of this invention. It is a block diagram which shows schematic structure of the authentication system with which the authentication server which concerns on this embodiment is applied. It is a flowchart which shows the flow of the authentication process of the authentication server which concerns on embodiment of this invention. It is a functional block diagram which shows the principal part structure of the mobile telephone which concerns on embodiment of this invention. It is a sequence diagram which shows the flow of a process of each apparatus in the authentication system which concerns on this embodiment. It is a sequence diagram which shows the flow of a process of each apparatus in the authentication system which concerns on this embodiment, when a camouflaged mobile telephone tries to perform a payment process over a mobile telephone. It is a block diagram which shows the principal part structure of the authentication server which concerns on other embodiment of this invention. It is a sequence diagram which shows the flow of a process of each apparatus in the authentication system which concerns on other embodiment. It is a sequence diagram which shows the flow of a process of each apparatus in the authentication system which concerns on other embodiment, when a camouflaged mobile telephone tries to perform a payment process over a mobile telephone. It is a figure which shows the example of the registration information recorded on the registration information recording part of the authentication server which concerns on embodiment of this invention. It is a figure which shows the example of the refusal information recorded on the refusal information recording part of the authentication server which concerns on this embodiment. It is a figure which shows the example of the registration information recorded on the registration information recording part of the authentication server which concerns on other embodiment of this invention.

Explanation of symbols

1 Authentication server (authentication server device)
2 Mobile phone (communication terminal device / second communication terminal device / second communication terminal device)
3 Payment processing terminal device (communication terminal device / first communication terminal device / first communication terminal device)
DESCRIPTION OF SYMBOLS 10 Communication part 11 Reception part 12 Transmission part 13 Payment request reception part 14 Settlement request part 20 Authentication control part 21 Individual information acquisition part (fixed information acquisition means)
22 Individual information verification unit (terminal device authentication means)
23 specific information acquisition unit (specific information acquisition means)
24 Authentication result output unit (specific information supply means / authentication result notification means)
25 Payment processing mediation department (payment processing mediation means)
26 Damage Report Management Unit 30 Settlement Processing Control Unit 31 Specific Information Management Unit (Processing History Checking Unit / Spoofing Detection Unit)
32 Specific information extraction unit (specific information extraction means)
33 Specific information verification unit (specific information verification means)
34 Communication data management unit (communication data management means)
35 communication data output unit 40 recording unit 41 registration information recording unit 42 refusal information recording unit 43 damage report recording unit 51 processing history recording unit 52 specific information recording unit 60 short-range wireless communication unit 61 wireless reception unit 62 wireless transmission unit 100 authentication system (Payment processing authentication system)

Claims (13)

Each communication terminal apparatus authenticates communication for the payment processing between the first communication terminal apparatus of the billing user who requests payment and the second communication terminal apparatus of the requested user who is required to pay. In the authentication server device that permits by
Fixed identification information is assigned to each communication terminal apparatus so as to identify each of the communication terminal apparatuses, and the fixed identification information of the second communication terminal apparatus is acquired from any of the communication terminal apparatuses. Fixed information acquisition means;
The second communication terminal having the fixed identification information by the fixed identification information acquired by the fixed information acquisition means being recorded in a registration information recording unit that records the fixed identification information of the communication terminal device of the authorized user. Terminal device authentication means for authenticating the device as a valid terminal device;
When the second communication terminal device is authenticated as a valid terminal device, it performs a settlement process with the second communication terminal device that is the valid terminal device associated with the fixed identification information acquired by the fixed information acquisition means. Specific information acquisition means for acquiring destination specific information of the second communication terminal device necessary for communication for
An authentication server device comprising: specific information supply means for supplying destination specific information of the second communication terminal apparatus acquired by the specific information acquisition means to the first communication terminal apparatus. The fixed information acquisition means acquires the fixed identification information of the first communication terminal device,
The terminal device authenticating unit records the fixed identification information of the first communication terminal device acquired by the fixed information acquiring unit in the registration information recording unit, and thereby uses the first communication terminal device as a legitimate terminal device. Authenticate,
The specific information acquisition means is the fixed identification information of the first communication terminal apparatus acquired by the fixed information acquisition means when both the first communication terminal apparatus and the second communication terminal apparatus are authenticated as legitimate terminal apparatuses. The destination specifying information of the first communication terminal device that is the legitimate terminal device associated with the
2. The authentication server device according to claim 1, wherein the specific information supply unit supplies the second communication terminal device with the destination specific information of the first communication terminal device acquired by the specific information acquisition unit. .   2. The authentication result notifying means for notifying the legitimate terminal device of authentication result information indicating whether or not the terminal device authentication means has succeeded in authenticating the communication terminal device of the communication partner. Or the authentication server apparatus of 2.   The terminal device authentication means, when the fixed identification information of the communication terminal device recorded in the registration information recording unit is not recorded in the refusal information recording unit that records the refusal terminal device that should prohibit the settlement processing The authentication server device according to claim 1, wherein the communication terminal device is authenticated as a valid terminal device. Payment processing mediating means for transmitting communication data related to the payment processing received from the first communication terminal device to a destination designated by the first communication terminal device;
2. The destination specifying information is created in advance so that the first communication terminal device can be used to designate the destination of the communication data to the settlement processing mediating means. Authentication server device. In an authentication server device that permits communication for performing bidirectional processing established by each communication terminal device transmitting and receiving communication data to each other by authenticating each communication terminal device,
Fixed identification information is assigned to each communication terminal apparatus in a fixed manner for identifying each communication terminal apparatus, and the fixed identification information for each communication terminal apparatus is acquired from any one of the communication terminal apparatuses. Information acquisition means;
Each fixed identification information is recorded in a registration information recording unit that records the fixed identification information of the communication terminal device of the authorized user, so that each communication terminal device having each fixed identification information is regarded as a legitimate terminal device. A terminal device authentication means for authenticating;
Necessary for communication for performing bidirectional processing with each legitimate terminal device associated with each fixed identification information obtained by the fixed information obtaining means when each of the communication terminal devices is authenticated as a legitimate terminal device. Specific information acquisition means for acquiring destination specific information of each legitimate terminal device;
An authentication server device comprising: specific information supply means for supplying destination specific information of a valid terminal device acquired by the specific information acquisition means to each of the valid terminal devices. In a communication terminal device that performs bidirectional processing that consists of sending and receiving communication data to each other,
Specific information extracting means for receiving the communication data from the communication terminal device of the communication partner and extracting the specific information attached to the communication data;
Specific information extracted by the specific information extracting means, specific information collating means for collating the specific information of the own device, which is determined in advance,
A communication data management unit that approves the received communication data when the specific information collating unit determines that the given specific information matches the specific information of the own device;
The given specific information is specific information associated with the fixed identification information of the own device, and the authentication server device according to any one of claims 1 to 6 is authenticated as a valid terminal device. A communication terminal device supplied to a communication terminal device of a partner. Processing history confirmation means for determining the presence or absence of a processing history that has made a request to start the bidirectional processing when receiving the destination specifying information of the legitimate terminal device from the authentication server device;
The said process history confirmation means is provided with the impersonation detection means which detects that the other communication terminal device impersonates itself when it determines with there being no process history of the said start request. Item 8. The communication terminal device according to Item 7. The specific information extracting means extracts specific information attached to download data downloaded from the communication terminal device of the communication partner,
The communication data management means approves the download data when the specific information collating means determines that the assigned specific information matches the specific information of the own device. The communication terminal device described. The first communication terminal device of a billing user who requests payment is the communication terminal device according to any one of claims 7 to 9,
The second communication terminal device of the billed user where the payment obligation occurs is the communication terminal device according to any one of claims 7 to 9,
An authentication server device that authenticates each communication terminal device based on the fixed identification information of each communication terminal device is included as an authentication server device according to any one of claims 1 to 6,
The first communication terminal device transmits the communication data obtained by adding the specific information of the second communication terminal device to be a communication partner acquired from the authentication server device to the second communication terminal device,
The second communication terminal device transmits to the first communication terminal device the communication data obtained by adding the specific information of the first communication terminal device to be a communication partner acquired from the authentication server device. A payment processing authentication system. Each communication terminal device for permitting communication of settlement processing performed by a first communication terminal device of a billing user who requests payment and a second communication terminal device of a billed user who is required to pay In the payment processing authentication method to authenticate,
Fixed identification information is assigned to each communication terminal apparatus so as to identify each of the communication terminal apparatuses, and the fixed identification information of the second communication terminal apparatus is acquired from any of the communication terminal apparatuses. The first step;
The fixed identification information is recorded in a registration information recording unit that records the fixed identification information of the communication terminal device of the authorized user, so that the second communication terminal device having the fixed identification information is authenticated as a legitimate terminal device. A second step to
When the second communication terminal device is authenticated as a valid terminal device, it performs a settlement process with the second communication terminal device that is the valid terminal device associated with the fixed identification information acquired in the first step. A third step of acquiring destination specifying information of the second communication terminal device necessary for communication for
And a fourth step of supplying destination specifying information of the second communication terminal device acquired in the third step to the first communication terminal device.   A control program for causing a computer to function as each unit of the authentication server device according to any one of claims 1 to 6 or the communication terminal device according to any one of claims 7 to 9.   A computer-readable recording medium on which the control program according to claim 12 is recorded.

Images