JP2009217771A - Automatic transaction system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To guide a customer to change his/her personal identification number currently used to a safe one by giving the customer the risk of the personal identification number. <P>SOLUTION: When a personal identification number input to perform personal authentication is matched to risk information stored in a personal identification number risk database 312, the risk database 312 is searched based on the risk information to extract a classification showing the attribute of the risk information, and a damage state of the classification is extracted from a damage state database 313, and a display for urging change of the personal identification number is displayed together with the damage state of the classification. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to an automatic transaction system including a customer operation terminal that accepts customer operations and performs various transactions, and a host computer that processes various transactions in response to inquiries from the customer operation terminals. The present invention relates to an automatic transaction system that accepts an operation and changes a password registered in a host computer.

In recent years, crimes that illegally use cards such as cash cards and credit cards of other people who have been found or stolen have been increasing rapidly. In particular, if the PIN registered with a bank or other financial institution can be easily guessed from the date of birth, telephone number, address, etc., the card is likely to be used illegally by a third party. There is a problem of becoming.
In view of such problems, the conventional automatic transaction system is designed to provide a password to a customer who uses an automatic teller machine when the registered password can be easily estimated from the date of birth, telephone number, address, etc. A message prompting the user to change the number to one that cannot be estimated from the date of birth or the like is displayed on the screen, an operation to change the password is accepted, and the registered password can be changed.

In particular, when changing to a personal identification number, there is one that prevents an operation to change to a personal identification number that can be easily guessed from information related to a customer (see, for example, Patent Document 1).
JP 2007-34409 A (paragraph “0014” to paragraph “0026”, FIG. 1)

  However, in the conventional technology described above, a message prompting a customer who uses an automatic teller machine or the like to change a PIN number takes into account the registered PIN number and the number of times the message is displayed. Since the content is always the same, the customer captures the message in the same way as the screen that guides a series of operations and skips the message without feeling the importance of the message. There is a problem that the personal identification number is not recognized as a dangerous thing that can be easily guessed by a third party, and the personal identification number may not be changed.

  An object of the present invention is to solve such a problem.

  Therefore, in the automatic transaction system that accepts the input of personal identification information and authenticates the user, the present invention edits the customer information stored in the customer information storage means based on the extracted definition information stored in the storage unit. Risk information generating means for generating risk information as password information that can be easily guessed by a person, and risk information storage means for storing the risk information generated by the risk information generating means and the classification indicating the attribute of the risk information in association with each other Damage status storage means for storing the damage status of the password information of the customer who has been damaged for each classification indicating the attribute of the password information, and the password information input for authenticating the person is stored in the risk information storage means. When it matches the stored risk information, the risk information storage means is searched based on the risk information to extract the classification of the risk information, and the damage status of the classification Characterized in that a personal identification information changing means for displaying a screen prompting change of dark card information along with the damage status of the classification by extracting from the damage status storage means.

  According to the present invention as described above, the customer can grasp the risk level of the personal identification number used and can be guided to change to a safe personal identification number.

  Embodiments of an automatic transaction system according to the present invention will be described below with reference to the drawings.

FIG. 1 is a block diagram showing the configuration of the automatic transaction system in the first embodiment.
In FIG. 1, reference numeral 11 denotes an automatic transaction apparatus such as an automatic teller machine, which is installed at a store of a financial institution such as a bank or a store such as a convenience store, an airport, a station, etc. Receives a transaction permission from, and performs various transactions such as cash withdrawal and PIN change.

  This automatic transaction apparatus 11 includes a liquid crystal display for displaying a screen for guiding a customer's operation, a customer operation display unit composed of a touch panel for receiving the customer's operation, an account number recorded on a card inserted by the customer, and the like. Card reader unit for reading account identification information for identifying an account, deposit / withdrawal unit for depositing / withdrawing cash of banknotes and coins, communication unit for transmitting / receiving data via communication line 4, magnetic disk, semiconductor memory, etc. And a control unit such as a CPU (Central Processing Unit) and an MPU (Micro Processing Unit) that control the whole based on a control program (software) stored in the storage unit.

  Reference numeral 12 denotes an information terminal, which is a normal personal computer. The information terminal 12 includes an input unit such as a keyboard, a mouse, and a touch panel, a display unit such as a CRT and a liquid crystal display, a communication unit that transmits and receives data via the communication line 4, a storage unit such as a magnetic disk and a semiconductor memory, A control unit such as a CPU or MPU that controls the whole based on a control program (software) stored in the storage unit is provided.

  Reference numeral 13 denotes a portable terminal, a storage unit including a display unit such as a liquid crystal display, an input unit such as an operation button, a communication unit that transmits and receives data via a communication line 4 including wireless communication and wired communication, and a semiconductor memory. Unit, CPU that controls the whole based on a control program (software) stored in the storage unit, mobile phone equipped with a control unit such as MPU, PHS (Personal Handyphone System), PDA (Personal Digital Assistant) and portable Such as a notebook personal computer.

  Reference numeral 1 denotes a customer operation terminal, which is a concept encompassing the above-described automatic transaction apparatus 11, information terminal 12, portable terminal 13, and the like, and is an apparatus that can accept customer operations and perform various financial transactions. As described above, the automatic transaction apparatus 11 can perform transactions such as cash withdrawal, cash deposit, and transfer. The information terminal 12 and the mobile terminal 13 accept customer operations and transfer funds between accounts. Etc. can be performed.

Further, the customer operation terminal 1 can also perform a transaction for changing the personal identification number registered by accepting the customer's operation.
2 is a window terminal, which is installed at the window of a financial institution's sales office, accepts operations of financial institution staff (operators), etc., and processes transactions such as cash payments (withdrawals) desired by customers. is there. The window terminal 2 includes a CRT (Cathode Ray Tube), a display unit such as a liquid crystal display, an operation unit such as a mouse and a keyboard, a scanner unit that reads a slip in which a customer has entered transaction details, a passbook or slip Passbook slip printer unit for printing on paper, cash processing unit for depositing and withdrawing cash such as banknotes, communication unit for transmitting and receiving data via communication line 4, storage unit such as magnetic disk and semiconductor memory, storage unit thereof And a control unit such as a CPU or MPU that controls the whole based on a control program (software) stored in the computer.

  Reference numeral 3 denotes a host computer as a host device such as the customer operation terminal 1, which is installed in a business center of a financial institution such as a bank. The host computer 3 includes a control unit that is a calculation and control unit such as a CPU and an MPU, a storage unit that is a storage unit such as a magnetic disk and a semiconductor memory, a communication unit that is a communication unit, and the like. Via the customer operation terminal 1, the window terminal 2, and the like.

Further, the host computer 3 performs personal authentication to confirm the identity by comparing the personal identification information received from the customer operation terminal 1 with personal identification information registered in a customer information database, which will be described later, and the customer operation terminal 1 The transaction messages of various transactions are transmitted to and received from the customer, and it is determined whether or not the customer's transaction is established and the transaction is processed.
As described above, the automatic transaction system includes the automatic transaction apparatus 11, the information terminal 12, the customer operation terminal 1 such as the mobile terminal 13, the window terminal 2, and the host computer 3.

In the present embodiment, the password information is described as a four-digit password, but the password is not limited to a four-digit password, and may be a password using alphabetic characters of arbitrary digits.
Next, the configuration of the host computer 3 will be described based on the block diagram showing the configuration of the host computer in the first embodiment of FIG.
Reference numeral 31 denotes a storage unit composed of a magnetic disk, a semiconductor memory, or the like, a personal identification number risk data extraction definition 311 as extraction definition information, a personal identification number risk database 312 as risk information storage means, and a damage situation as damage status storage means The database 313 includes a customer information database 314 as customer information storage means.

  The code number risk data extraction definition 311 is information for extracting (generating) the code number risk data. Here, PIN number risk data (hereinafter also simply referred to as “risk data”) is a PIN code that can be easily guessed by a third party from customer information such as the date of birth, telephone number, and address of the customer. It shall be a number. That is, it is a character string of 4 digits (or other number corresponding to the number of passwords) extracted according to a certain rule based on customer information.

The password risk data extraction definition 311 will be described based on the password risk data extraction definition in the first embodiment of FIG.
The definition for extracting the personal identification number risk data is represented by “Kind1”, “Kind2”, “OrgData”, “EditPtn”, “Define”, and the like.
“Kind1” defines a classification indicating an attribute of risk data, and “birth date”, “address”, “phone number”, and the like of the customer are defined.

“Kind2” defines the detailed classification indicating the attribute of the risk data, and defines the “date of birth”, “date of month”, “date of date”, etc. of the customer's date of birth.
“OrgData” defines risk data reference source information. For example, “0” is the date of birth, “1” is the home phone number, “2” is the work phone number, and “3”. Is the home zip code, “4” is the work zip code, “5” is the home address, “6” is the work address, and “7” is an arbitrary number consisting of the same number, “8”. Arbitrary numerical values that are consecutive are defined. The reference source information is customer information registered in a customer information database to be described later.

“EditPtn” defines a pattern for editing reference information of risk data. For example, “0” is conversion from the Japanese calendar to the Western calendar, “1” is conversion from the Western calendar to the Japanese calendar, “2” "Is the concatenation of numerical data such as telephone numbers and postal codes," 3 "is the extraction and concatenation of numerical data such as address numbers (for example, ABCD in the case of rooms A, B, C, and D), and" 4 "is the same number. , Serial numbers, initial values such as serial numbers on the keyboard (for example, “0000”, “1111”, “0123”, “1234”), “5” is defined as no editing, and the like.
“Define” defines the digit from which the edited data is extracted. For example, if “1234”, the first digit value, the second digit value, the third digit value of the edited data, The 4th digit of the 4th digit is risk data, and if it is “3478”, the 3rd digit, 4th digit, 7th digit, and 8th digit of the edited data Four digits are the risk data.

  For example, in the case where the date of birth is registered in the customer information database as May 22, 1969, the PIN number risk data extraction definition 311 is Kind1 = date of birth, Kind2 = last 2 digits of the calendar year + day, OrgData = 44 (date of birth), EditPtn = 0 (conversion from the Japanese calendar to the Western calendar), and Define = 3478 (the last two digits of the year + the third, fourth, seventh, and eighth digits of the year) May 22 is converted to "19690522", and "6922" in the third, fourth, seventh, and eighth digits becomes risk data. The classification of the risk data is "date of birth" and the detailed classification is " "The last two digits of the year + day".

  When the telephone number (home) is registered in the customer information database as 090-2356-9872, the PIN number risk data extraction definition 311 is Kind1 = phone number, Kind2 = setting case 1, OrgData = 1 (phone number (Home)), EditPtn = 2 (concatenation of numerical data), and Define = 4567 (the fourth, fifth, sixth and seventh digits of the telephone number (home)), the numerical data of “090-2356-9872” Concatenated and edited to "09023569872", "2356" in the 4th, 5th, 6th and 7th digits becomes risk data, the classification of the risk data is "phone number", and the detailed classification is "setting case 1" Become.

Thus, the definition for extracting risk data can be described in the PIN number risk data extraction definition 311 using the above-described notation, and the risk data can be generated with reference to a customer information database to be described later. It is like that.
Returning to the description of FIG. 2, the personal identification number risk database 312 includes the risk data generated based on the personal identification number risk data extraction definition 311, the classification and detailed classification of the risk data, customer identification information for identifying the customer, and It is a database stored in association with account identification information for identifying customer accounts.

For example, as shown in FIG. 4, the PIN number risk database 312 associates customer identification information such as a login ID with “ABCD” and account identification information such as an account number with “1234567” and risk data (such as XXX1) and its risk. Data classification (date of birth, etc.) and detailed classification (date, etc.) are stored.
Therefore, it is possible to search the personal identification number risk database 312 based on the customer identification information or the account identification information to extract the risk data, the classification of the risk data, and the detailed classification.

  For example, the risk data of the personal identification number risk database 312 is a Japanese calendar year / year / day / month / day / month / day / day / day / month / year / year / month / day when the date of birth is the reference source data. Year, year (4 digits), year (last 2 digits) month, year (last 2 digits) day, month year (last 2 digits), day year (last 2 digits), year (last 2 digits) year (The last two digits). Further, if the telephone number: XXXX-YYYY-ZZZZ (mobile phone or the like) is used as the reference source data, it is XXXX (operator identification number), ZZZZ (subscriber identification number), or the like, and the telephone number: 1234567890 (fixed telephone or the like). 1234, 2345, 3456, 4567, 5678, 6789, 7890, 0987, 9876, 8765, 7654, 6543, 5432, 4321 and the like. Furthermore, arbitrary numbers are 0000, 1111, 2222, 3333, 4444, 5555, 6666, 7777, 8888, 9999, 0123, 1234, 4567 and the like.

The damage status database 313 is a database that stores information on damages in which a customer's personal identification number has been misused by a third party in association with customer identification information and account identification information.
Assume that a staff member such as a financial institution inputs damage information reported by the customer from the operation unit of the window terminal 2. The window terminal 2 transmits the input damage information to the host computer 3, and the host computer 3 stores the damage information in the damage status database 313.

  For example, as shown in FIG. 5, the damage status database 313 includes a filing date (2007.2.3, etc.) indicating the date of receipt of damage filing from a customer, customer identification information (ABCD, etc.), and account identification information ( Damage code number (XXX1 etc.) showing the damage code abused by a third party in relation to the damage code number (XXX1 etc.), classification (birth date, etc.) and detailed classification (date etc.) of the damage code number Remember.

Therefore, the damage status database 313 is searched based on the filing date to extract the classification and detailed classification of the damage code number, the number of damage code numbers and the detailed classification, the occurrence rate of damage, the number of occurrences in a predetermined period It is possible to calculate the rankings of the items.
The customer information database 314 is a database that stores customer information such as a customer's date of birth and address in association with customer identification information and account identification information.

This customer information database 314 is related to customer identification information and account identification information, and includes a personal identification number, customer date of birth, telephone number (home and work), postal code (home and work), address (home and work). ), The number of times the warning screen is displayed prompting the user to change the password is stored.
Accordingly, the customer information database 314 is searched based on the customer identification information or the account identification information, and the personal identification number, the date of birth of the customer, the telephone number (home and work), the postal code (home and work), and the address (home). And the number of times the warning screen is displayed can be extracted.

The storage unit 31 stores a control program (software) for controlling the operation of the entire host computer 3, information necessary for a transaction performed by a customer, and the like.
Reference numeral 32 denotes a control unit, which is composed of arithmetic and control means such as a CPU and MPU. The control unit 32 stores the entire operation of the host computer 3 including a storage unit 31 and a communication unit (not shown) that communicates with the customer operation terminal 1 and the window terminal 2 via the communication line 4. It controls based on the control program (software) stored in 31.

Further, the control unit 32 includes a personal identification number risk data maintenance unit 321, a personal identification number risk data update unit 322, a damage state data update unit 323, a personal identification number change warning number reference / update unit 324, and a damage state / warning number screen creation unit. 325.
When the personal identification number risk data maintenance unit 321 as the risk information generation unit changes the personal identification number risk data extraction definition 311 due to a change in the damage situation of the personal identification number, the risk data generated by the personal identification number risk data extraction definition 311 Is stored in the personal identification number risk database 312.

When the customer information stored in the customer information database 314 is updated, the PIN number risk data update unit 322 as the risk information generation unit is generated based on the updated customer information and the PIN number risk data extraction definition 311. The risk data is stored in the personal identification number risk database 312, and the personal identification number risk database 312 is updated.
The damage status data update unit 323 stores the damage information of the customer's personal identification number received from the customer operation terminal 1 in the damage status database 313 and performs a process of updating the damage status database 313.

When the PIN number used by the customer matches the PIN number stored in the PIN number risk database 312, the PIN number change warning frequency reference / update means 324 performs the transaction performed by the customer in the customer information database 314. Refer to and update the number of times the warning screen prompting you to change the PIN is displayed.
The damage situation / warning frequency screen creation means 325 categorizes the damage password number and the detailed classification of the damage situation database 313 when the password used by the customer matches the password stored in the password risk database 312. , Calculate the number of damage PIN numbers for each predetermined period and detailed classification, the occurrence ratio of damage, the ranking of the number of occurrences, etc., and refer to the number of times the warning screen of the customer information database 314 is displayed. Then, a process for generating a screen to be displayed on the display unit of the customer operation terminal 1 is performed.

In the present embodiment, the password number risk data extraction definition 311, the password number risk database 312, the damage status database 313, the customer information database 314, etc. are described as being provided in the host computer 3, but are limited to the host computer 3. Alternatively, it may be provided in a computer such as a database server.
The operation of the above configuration will be described.

The operation of each device in each embodiment described below is controlled by a control unit such as a central processing unit based on a program (software) stored in a storage unit such as a memory or a magnetic disk.
First, the damage status data display process will be described in accordance with the steps indicated by S in the flowchart of the damage status data display process in the first embodiment of FIG.

  S1: The customer operation terminal 1 accepts input of customer identification information (customer ID) or account identification information (account ID) and a personal identification number in order to authenticate the customer by the operation of the customer, and the customer identification information or account The identification information and the password are transmitted to the host computer 3. For example, when the customer operation terminal 1 is the automatic transaction apparatus 11, the account number read from the card inserted by the customer is transmitted to the host computer 3 as the account identification information, and when it is the information terminal 12 or the mobile terminal 13, the login ID or the like To the host computer 3 as customer identification information.

The host computer 3 searches the customer information database 314 based on the received customer identification information or account identification information, extracts the registered personal identification number, and performs personal authentication that compares the received personal identification number with the extracted personal identification number. Shall be done.
S2: The password change warning reference / update means 324 of the host computer 3 searches the customer information database 314 based on the received customer identification information or account identification information, and changes the registered password and the password. Extract the number of times the warning screen is displayed.

S3: When the number of times of displaying the warning screen is extracted, the damage state / warning number screen creating means 325 searches the damage state database 313 based on the report date and collects the damage state data.
S4 to S6: Damage status / warning frequency screen creation means 325 extracts the damage PIN number classification and detailed classification for a predetermined period (for example, one year) from the collected damage status data (S4), and damages for the predetermined period The number of passwords for each classification, the occurrence rate of damage, the ranking of the number of occurrences, and the like are calculated (S5), and the damage PIN numbers are sorted in descending order of the number of damages to edit the screen information indicating the damage status (S6). ).

S7: Damage status / warning count screen creation means 325 searches personal identification number risk database 312 based on the received customer identification information or account identification information, extracts all the risk data of the customer and its classification, and receives the personal identification Search the extracted risk data based on the number.
The damage status / warning count screen creation means 325 determines whether or not there is risk data that matches the PIN number received in the extracted risk data. As a result of the determination, if it is determined that there is matching risk data, the process proceeds to S9. If it is determined that there is no matching risk data, the process proceeds to S8.

S8: When it is determined that there is no matching risk data, the damage status / warning count screen creation means 325 recognizes that the input password is low in risk of damage and displays a screen showing the damage status The customer operation terminal 1 is notified that there is no need, and the customer operation terminal 1 continues the transaction without displaying a screen showing the damage situation.
S9: On the other hand, if it is determined that there is matching risk data, the damage status / warning count screen creation means 325 recognizes that the input password is high risk of damage and matches the input password The screen information indicating the damage status is generated by highlighting the number of cases with the same classification as the risk data classification, the occurrence ratio of damage, the ranking of the number of occurrences, etc.

  S10: Also, the damage status / warning frequency screen creation means 325 displays a warning message indicating that the password may be damaged in the generated screen information indicating the damage status and a warning indicating the number of times the warning screen is displayed. Edit the damage status / warning screen information by adding screen information. Here, the display frequency of the warning screen is the display frequency of the warning screen extracted from the customer information database 314 in S2.

  As shown in FIG. 7, this damage status / warning screen information includes, for example, a title statement such as “the damage status of the bank opening account for the past year (January 4, 2007 to January 3, 2008)”, and the number of damages. The classification of the damage code number (order of the code number), the number of damages (number of cases), the proportion of the classification of the damage code number in the total damage (percentage), and the code number are damaged. “Your PIN can be guessed by“ birth date ”as a word to warn you of the possibility. "And the number of times the warning screen is displayed" Requests to change the current security code is the XXth. "To change the security code, change the security code. ”Button, a“ Do not change PIN ”button, etc. for continuing the transaction without changing the PIN.

S11: The damage situation / warning frequency screen creation means 325 transmits the damage situation / warning screen information to the customer operation terminal 1, and the customer operation terminal 1 performs, for example, the damage shown in FIG. 7 based on the received damage situation / warning screen information. Displays a status / warning screen.
In this way, by displaying the specific damage status and number of warnings for the password entered by the customer on the display unit of the customer operation terminal, the customer can grasp the risk level of the password used. Be able to improve the perception of danger to the customer and guide them to change to a secure PIN.
Next, the processing after the damage status / warning screen is displayed on the display unit of the customer operation terminal 1 is represented by S in the flowchart of the processing after the damage status / warning screen display in the first embodiment of FIG. This will be explained according to the steps.

First, a process for changing the password encryption will be described with reference to FIG.
S21: When the “change PIN” button on the damage status / warning screen displayed on the display unit of the customer operation terminal 1 is selected, the customer operation terminal 1 accepts the input of a new PIN by the operation unit. A notification to change to a new password is sent to the host computer 3 together with the password and customer identification information or account identification information.

S22: The host computer 3 that has received the notification to change to a new password stores the received password in association with the received customer identification information or account identification information in the customer information database 314, and the registered password Register as a new PIN instead of.
S23: When a new password is registered, the password number change warning reference / update means 324 of the host computer 3 searches the customer information database 314 based on the received customer identification information or account identification information, and displays the number of warning screens displayed. Is initialized to “0”.

In this way, the host computer 3 changes to a new password, and initializes the number of times the warning screen is displayed to the customer to “0”.
Next, processing when the password is not changed will be described based on FIG.
S31: When the “Do not change password” button on the damage / warning screen displayed on the display unit of the customer operation terminal 1 is selected, the customer operation terminal 1 does not change the password together with the customer identification information or the account identification information. A notification to that effect is transmitted to the host computer 3.

S32: The password number change warning frequency reference / update means 324 of the host computer 3 that has received the notification that the password is not changed searches the customer information database 314 based on the received customer identification information or account identification information and issues a warning. Update the screen display count by adding "1".
In this way, the processing after the damage status / warning screen is displayed on the display unit of the customer operation terminal 1 is performed.

Next, the personal identification number risk data update process will be described according to the step represented by S in the flowchart of the personal identification number risk data update process in the first embodiment of FIG.
First, a process for changing customer information in the customer information database 314 will be described with reference to FIG.
S41: The operation unit accepts an operation for changing customer information such as an address already registered in accordance with the customer information change screen displayed on the display unit of the customer operation terminal 1 or the window terminal 2, and customer information such as the address and customer identification A notification to change the customer information is sent to the host computer 3 together with the information or the account identification information.

S42: The host computer 3 that has received the notification to change the customer information stores the received customer information in association with the received customer identification information or account identification information in the customer information database 314, and replaces it with the registered customer information. And register as new customer information.
S43: When the customer information is stored in the customer information database 314, the personal identification number risk data update unit 322 of the host computer 3 refers to the personal identification number risk data extraction definition 311.

S44: Also, the personal identification number risk data updating unit 322 searches the customer information database 314 based on the received customer identification information or account identification information, and extracts the customer information of the customer.
S45: The personal identification number risk data updating means 322 generates risk data based on the personal identification number risk data extraction definition 311 and the extracted customer information of the customer, and classifies the risk data and the classification and detailed classification of the risk data to the customer. It is stored in the PIN number risk database 312 in association with the identification information or account identification information, and the risk data of the customer is updated.

In addition, a process for changing the password risk data extraction definition 311 will be described with reference to FIG.
A center terminal (not shown) such as an ordinary personal computer configured to be able to communicate with the host computer 3 or a window terminal 2 or the like is already in accordance with the PIN risk data extraction definition change screen displayed on the display unit by a staff member of a financial institution or the like. An operation for changing the registered PIN number risk data extraction definition is received by the operation unit, and a notification to the effect that the PIN number risk data extraction definition is changed is transmitted to the host computer 3 together with the PIN number risk data extraction definition.

The host computer 3 stores the received password number risk data extraction definition in the password number risk data extraction definition 311 of the storage unit 31.
S51: When the received code number risk data extraction definition is stored in the code number risk data extraction definition 311 of the storage unit 31, the code number risk data update means 322 of the host computer 3 refers to the updated code number risk data extraction definition 311. .

S52: Also, the personal identification number risk data updating unit 322 searches the customer information database 314 and extracts customer information of all customers.
S53: The personal identification number risk data updating unit 322 generates risk data based on the personal identification number risk data extraction definition 311 and the extracted customer information of the customer, and associates the risk data with the customer identification information or the account identification information to perform the personal identification. It stores in the number risk database 312 and updates the risk data of all customers.

In this way, PIN code risk data is automatically created based on PIN code risk data extraction definition and customer information database information, so that customer information is changed or PIN code risk status changes, etc. It is possible to reduce the work load of updating the PIN number risk data and to provide the customer with the PIN code damage status immediately.
Next, the damage status data update processing will be described in accordance with the steps indicated by S in the flowchart of the damage status data update processing in the first embodiment of FIG.

S61: The operation unit accepts the operation of the financial institution's staff who inputs the damage status information according to the damage status report screen displayed on the display unit of the window terminal 2 as the damage report receiving means, and the damage status information and customer identification information Alternatively, a notification that the damage status information is updated together with the account identification information is transmitted to the host computer 3.
S62: The host computer 3 that has received the notification that the damage status information is to be updated searches the customer information database 314 based on the received customer identification information or account identification information, extracts the registered PIN, and the account The customer information database 314 is stored with information that prohibits withdrawal of cash from the customer, and the account is frozen.

  S63: When the registered password is extracted, the damage status data update unit 323 of the host computer 3 searches the password risk database 312 based on the received customer identification information or account identification information to extract risk data, Further, the risk data that matches the password extracted from the customer information database 314 is searched, and the classification and detailed classification of the matching risk data are extracted.

  The damage status data updating unit 323, when receiving customer identification information from the customer operation terminal 1 or the window terminal 2, extracts account identification information associated with the customer identification information from the personal identification number risk database 312. Further, when the account identification information is received from the customer operation terminal 1 or the window terminal 2, the customer identification information associated with the account identification information is extracted from the password risk database 312.

  S64: The damage status data update unit 323 reads the current date from a calendar / clock function (not shown), and uses the date of declaration and the customer identification information and account based on the received customer identification information or account identification information. The damage information is registered by storing the identification information, the extracted risk data in the damage situation database 313 as the damage password number, the classification and detailed classification of the extracted risk data as the damage password number classification and the detailed classification.

  The personal identification number registered in the customer information database 314 is extracted based on the customer identification information or the account identification information damaged in this way, and the classification of the personal identification number is performed from the personal identification number risk database 312 based on the personal identification number. As a result of the extraction, a staff member who received a report of damage does not need to classify the secret code, and can update the damage status database with an appropriate classification.

  As described above, in the first embodiment, the customer uses the specific damage status and warning count for the password entered by the customer on the display unit of the customer operation terminal. It becomes possible to grasp the risk level of the personal identification number, improve the awareness of the danger to the customer, and obtain the effect that the user can be guided to change to a safe personal identification number.

  In addition, the PIN risk data is automatically created based on the PIN risk data extraction definition and customer information in the customer information database, so that when the customer information is changed or the PIN risk status changes, etc. It is possible to reduce the work load for updating the personal identification number risk data and to provide the customer with an immediate provision of the personal identification number damage status.

  Furthermore, by extracting the registered PIN based on the damaged customer identification information or account identification information, and extracting the PIN classification from the PIN risk database based on the PIN Thus, it is not necessary for a staff member who has received a damage report to classify the personal identification number, and the damage status database can be updated with an appropriate classification.

Since the configuration of the second embodiment is the same as that of the first embodiment, the same reference numerals are given and description thereof is omitted.
In the first embodiment, the damaged personal identification number is displayed as a damage status / warning screen as a classification of birth date, address (address), telephone number, etc., but the second embodiment is shown in FIG. As shown in FIG. 11, the detailed classification such as date of birth, date, and date is displayed.

The processing of S4 to S11 in FIG. 6 described above in this case will be described below.
S4 to S6: Damage status / warning frequency screen creation means 325 extracts the damage PIN number classification and detailed classification for a predetermined period (for example, one year) from the collected damage status data (S4), and damages for the predetermined period The number of cases for each detailed classification of the PIN number, the occurrence rate of damage, the ranking of the number of occurrences, etc. are calculated (S5), and the screen information indicating the damage status is edited by rearranging the classification of the damage PIN numbers in descending order of the number of damages ( S6).

S7: Damage status / warning count screen creation means 325 searches personal identification number risk database 312 based on the received customer identification information or account identification information, extracts all the risk data of the customer and its classification, and receives the personal identification Search the extracted risk data based on the number.
The damage status / warning count screen creation means 325 determines whether or not there is risk data that matches the PIN number received in the extracted risk data. As a result of the determination, if it is determined that there is matching risk data, the process proceeds to S9. If it is determined that there is no matching risk data, the process proceeds to S8.

S8: When it is determined that there is no matching risk data, the damage status / warning count screen creation means 325 recognizes that the input password is low in risk of damage and displays a screen showing the damage status The customer operation terminal 1 is notified that there is no need, and the customer operation terminal 1 continues the transaction without displaying a screen showing the damage situation.
S9: On the other hand, if it is determined that there is matching risk data, the damage status / warning count screen creation means 325 generates the number of damages with the same detailed classification as the detailed classification of the risk data that matches the input password. Extracts the ratio, ranking of the number of occurrences, etc., and generates screen information indicating the damage status.

  S10: Also, the damage status / warning frequency screen creation means 325 displays a warning message indicating that the password may be damaged in the generated screen information indicating the damage status and a warning indicating the number of times the warning screen is displayed. Edit the damage status / warning screen information by adding screen information. Here, the display frequency of the warning screen is the display frequency of the warning screen extracted from the customer information database 314 in S2.

  As shown in FIG. 11, the damage status / warning screen information includes, for example, a title statement such as “the damage status of the bank opening account in the past one year (January 4, 2007 to January 3, 2008)”, the number of damages, etc. Ranking (damage ranking), detailed classification of damage PIN number (set PIN number), number of damages (number of cases), ratio (ratio) of classification of damage PIN number in overall damage, PIN number “Your personal identification number can be guessed by“ date of birth (year / month) ”as a word to warn you that you may receive it. "And the number of times the warning screen is displayed" Requests to change the current security code is the XXth. "To change the security code, change the security code. ”Button, a“ Do not change PIN ”button, etc. for continuing the transaction without changing the PIN.

S11: The damage situation / warning frequency screen creation means 325 transmits the damage situation / warning screen information to the customer operation terminal 1, and the customer operation terminal 1 performs, for example, the damage shown in FIG. 11 based on the received damage situation / warning screen information. Displays a status / warning screen.
Since other processes are the same as those in the first embodiment, the description thereof is omitted.
When detailed classifications are displayed in this way, if there are many types and all of them are displayed, the customer's interest will be diminished and the transaction time will be longer, so the damage ranking corresponding to the entered PIN number Only the damage status such as detailed classification and ratio of damage PIN is displayed.

It should be noted that the damage situation that does not correspond to the password entered as necessary is notified to the customer by e-mail or the like. In order to ensure security, the contents of the damage status / warning screen are not printed on the statement slip or the like.
The extraction definition information can be embedded as data or logic in the program. However, if the risk data extraction definition is retained as described above, it is desirable because it can be updated independently.

The damage status data may be used if similar information is provided by an external database or the like.
As described above, in the second embodiment, in addition to the effects of the first embodiment, the detailed classification of the damaged personal identification number is displayed, so that the customer can easily guess the personal identification number by a third party. Thus, it is possible to grasp the pattern, and the customer can be guided to change the dangerous password to a safe password.

The block diagram which shows the structure of the automatic transaction system in a 1st Example. The block diagram which shows the structure of the host computer in a 1st Example. Explanatory drawing of PIN number risk data extraction definition in 1st Example Explanatory drawing of the PIN code risk database in the first embodiment Explanatory drawing of the damage situation database in the first embodiment Flowchart showing damage status / warning screen display processing in the first embodiment Explanatory drawing of damage status / warning screen in the first embodiment The flowchart which shows the process after the damage condition / warning screen display in the first embodiment The flowchart which shows the PIN code risk data update process in 1st Example Flowchart showing damage status data update processing in the first embodiment Explanatory drawing of damage situation / warning screen in the second embodiment

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Customer operation terminal 2 Window terminal 3 Host computer 4 Communication line 11 Automatic transaction apparatus 12 Information terminal 13 Portable terminal 31 Memory | storage part 32 Control part 311 Security code risk data extraction definition 312 Security code risk database 313 Damage situation database 314 Customer information database 321 Security code risk data maintenance means 322 Security code risk data update means 323 Damage status data update means 324 Security code change warning count reference / update means 325 Damage status / warning count screen creation means

Claims (8)

In an automatic transaction system that accepts input of personal identification information and authenticates the person,
Risk information generation means for editing the customer information stored in the customer information storage means based on the extraction definition information stored in the storage unit and generating risk information as password information that is easily guessed by a third party;
A risk information storage means for storing an association between the risk information and a classification indicating an attribute of the risk information;
Damage status storage means for storing the damage status for each classification;
A screen for extracting the damage status of the risk information classification from the damage status storage means and prompting the change of the security information together with the damage status of the classification when the password information for performing personal authentication matches the risk information; An automatic transaction system comprising a password information changing means for displaying. In the automatic transaction system of claim 1,
An automatic transaction system, characterized in that a classification of personal identification information input for performing personal authentication is displayed on the screen. In the automatic transaction system according to claim 1 or claim 2,
The automatic transaction system characterized in that the damage status is any one or more of the number of occurrences of damage, the ranking of the number of occurrences of damage, and the ratio of the number of occurrences of damage. In the automatic transaction system according to claim 1, claim 2 or claim 3,
The number of times the screen is displayed is stored in the customer information storage means, and the number of times the screen is displayed is displayed on the screen. In the automatic transaction system according to claim 1 to claim 3 or claim 4,
When the customer information stored in the customer information storage means is updated, the risk information generation means generates risk information based on the updated customer information, and stores the risk information in the risk information storage means An automatic transaction system characterized by doing so. In the automatic transaction system according to claim 1 to claim 4 or claim 5,
When the extraction definition information stored in the storage unit is updated, the risk information generation unit generates risk information based on the updated extraction definition information, and stores the risk information in the risk information storage unit An automatic transaction system characterized by doing so. In the automatic transaction system according to claim 1 to claim 5 or claim 6,
In the customer information storage means, password information for each customer is stored,
Based on the information for identifying the customer input by the damage report receiving means that receives the operation of the staff member who received the damage report from the customer, the customer's password information is extracted from the customer information storage means, and the password An automatic transaction system comprising a damage status update means for storing a damage status in a damage status storage means for each classification. In the automatic transaction system according to claim 1 to claim 6 or claim 7,
The classification is a detailed classification,
An automatic transaction system, characterized in that the damage status of only the detailed classification of the password information input for performing personal authentication is displayed on the screen.

Images