JP2012113467A - System and method for possessing plurality of electronic cards - Google Patents

Abstract

PROBLEM TO BE SOLVED: To enable a user to possess a plurality of electronic cards such as credit cards or cash cards of which only one card is normally issued to one person, and to limit the electronic card that can be used among all the electronic cards.SOLUTION: In an electronic card management system managing a plurality of electronic cards possessed by a user, the plurality of electronic cards and a card status management server are interconnected. Each of the plurality of electronic cards comprises a wireless communication unit for transmitting card status information concerning an own physical location via wireless communication. The card status management server comprises: a card information acquisition unit for acquiring the card status information of each of the plurality of electronic cards; and a card validation determination unit for determining whether to validate the electronic card that transmitted the card status information, based on the acquired card status information and the card status information of other electronic cards possessed by the user.

Description

  The present invention relates to a system and method for carrying a plurality of electronic cards.

  Conventionally, credit cards, cash cards, debit cards and the like have been issued only by one person in principle. In other words, users are not allowed to have copies (backups) of these cards, and if they are lost, lost or stolen, they must be reissued. In addition to the need for procedures, it usually takes several weeks to complete the reissuance, so it was inconvenient that the card could not be used temporarily. Of course, there are also family cards, but this is only intended to be used as a branch card of the original card and divided between families, not as a backup card. . Of course, the annual membership fee is required separately and is not issued to people without a family member.

  On the other hand, in modern society, many benefits such as points can be obtained by possessing a card. However, since the convenience and application range differ depending on the card, one person has possessed many cards. Yes. At the same time, however, an increasing number of people find it necessary to carry many cards at all times and find it difficult to use them properly depending on the situation. Therefore, for example, Patent Document 1 describes a mobile communication terminal and a card information reading device that allow a mobile communication terminal to have card information possessed by a plurality of credit cards, cash cards, and the like so that the user can carry it in a lump. Has been. Patent Document 2 describes an electronic module for presenting member information that is mounted on a mobile phone and functions as a credit card, and a method for issuing the electronic module.

JP 2001-169357 A JP 2006-65437 A

  However, the methods described in Patent Document 1 and Patent Document 2 described above are such that a plurality of pieces of card information are stored in a portable terminal such as a mobile phone so that the portable terminal has a card function. It does not allow the user to use it as a card backup. Further, when a mobile terminal is lost, damaged, stolen, etc., all the information is collected in the mobile terminal, so the damage is great, and it takes time and time to replace the mobile terminal with an alternative mobile terminal.

  The present invention has been made in view of the above-described problems, and a user has a plurality of electronic cards (IC cards) such as a credit card or a cash card that the user can normally have only one. It is an object of the present invention to provide a system and a method capable of limiting the number of cards that can be used.

In order to solve the above problems, the present invention provides an electronic card management system provided with the following solution.
An electronic card management system in which a plurality of electronic cards and a card state management server are connected to manage a plurality of the electronic cards possessed by a user, wherein the electronic card is information relating to its physical location A wireless communication unit that transmits state information by wireless communication, wherein the card state management server acquires a card state information of each of the plurality of electronic cards, the acquired card state information, and the user And a card validation determination unit that determines whether or not the electronic card that has transmitted the card status information can be used based on the card status information of another electronic card possessed by the card.

  According to the above invention, the electronic card (hereinafter sometimes simply referred to as a card) has means capable of communicating with a card state management server that manages the states of a plurality of cards possessed by the user. The card status management server (hereinafter, also simply referred to as a server) acquires “card status information” of each card from the card, and based on the card status information of the card of interest and other cards, Cards that can be used individually or disabled. Here, the card status information is information relating to the physical position of the card, but does not simply mean the static position information of the card, but also includes information obtained by the physical movement of the card. .

  In this way, the card state management server constituting the system can electronically enable or disable only a specific card among a plurality of electronic cards possessed by the user. Even if the user has a plurality of duplicate cards, only one of them can always be used. In the unlikely event that one of the duplicate cards is lost, if the lost card is made unusable, another card can be used immediately, so the card can be used without waiting for reissue. Also, you can always carry a large number of cards by making it possible to use only the cards that are carried outside the home, even if they are not duplicates, and disable other cards that are stored at home. It is less likely to get lost with the card used, and at the same time, unauthorized use of the card at home can be prevented.

The electronic card management system can further include the following solution.
A detection device installed near the entrance of the user's residence is provided to detect the entry and exit of a person. When the person enters and exits and communicates with the electronic card by the wireless communication, the ID of the electronic card and the detection are detected. The device ID is transmitted to the card status management server as the card status information, and the card validation determination unit determines whether or not the electronic card can be used based on the card status information. Features.

  According to the above-described invention, a detection device that is installed near the entrance of a user's home or the like and detects the entry / exit of a person is provided, and when the person passes the detection device, the card carried by the person and the detection device communicate at the same time, The ID of the exchanged card and the ID of the detection device are transmitted to the server as card status information, and the card validation determination unit of the server determines whether or not the card can be used based on the received card status information. . In this way, when the card is taken out of the house or the like, it can be determined that the card may be used, and the card can be automatically used. On the other hand, if it can be determined that the card is at home or the like, the card is not normally used, so it can be disabled.

The electronic card management system can further include the following solution.
The electronic card includes means for detecting its own position information, transmits the position information as the card state information to the card state management server, and the card validation determination unit determines whether the electronic card is based on the position information. It is characterized by determining whether or not the card can be used.

  According to the above invention, the electronic card itself is provided with means for detecting the position of the card, the card transmits its own position information to the server, and the card validation determination unit of the server, based on the position information, Determine whether the card can be used. In this way, the card can be used automatically when it is taken out of the house, automatically disabled when it is returned home, or the card can be used only in a specific area. It can also be.

The electronic card management system can further include the following solution.
The electronic card is connected to the card state management server via a repeater,
The repeater includes means for detecting its own location information, and transmits the location information to the card status management server as the card status information of the electronic card with which the location information has been exchanged. Whether or not the electronic card can be used is determined based on the above.

  According to the above invention, the repeater itself is provided with means for detecting the position, and the position information is sent to the server as the position information of the card communicated with the repeater, and the card validation determination unit of the server includes the position information. Based on this, it is determined whether the card can be used. In this way, the approximate location and area of the card can be known from the location information of the repeater without providing the location information detecting means in the card itself. It should be noted that there is almost no error in the position of the repeater when the repeater and the card communicate with each other by a short-distance communication method (communication distance of about 10 cm to 70 cm), and the communication with the card is remote communication. Even the method only includes an error of the communication distance.

The electronic card management system can further include the following solution.
The card validation determination unit determines that only one of the plurality of electronic cards can be used when the plurality of electronic cards possessed by the user are issued as backup cards. And

  According to the above invention, when a plurality of cards possessed by the user are issued as backup cards (replicated cards), the server can use only one of the replicated cards. By doing so, it is possible to prevent the copy card from being used for other purposes when the original card is lost.

The electronic card management system can further include the following solution.
The electronic card includes a fingerprint authentication unit that reads the fingerprint of the user, and includes a matching result between the read fingerprint pattern and the registered fingerprint pattern of the user stored in the electronic card in the card status information. The fingerprint pattern transmitted to the card state management server is erased after a predetermined time.

  According to the above invention, the fingerprint reading unit is provided on the electronic card, and the collation result with the registered fingerprint pattern of the user stored in the card is included in the card status information and transmitted to the server. In this way, the server can determine whether the card has been taken out by a legitimate user. The fingerprint pattern read on the card is automatically erased after a certain time so that it cannot be reused.

The electronic card management system can further include the following solution.
The electronic card includes a personal identification number input unit for the user to input a personal identification number, and the card status information includes a collation result between the input personal identification number and the registered personal identification number stored in the electronic card. And transmitting to the card state management server.

  According to the above invention, the personal identification number input unit is provided on the electronic card, and the collation result with the registered personal identification number stored in the card is included in the card status information and transmitted to the server. In this way, the server can determine whether the card has been taken out by a legitimate user.

Moreover, this invention can also be grasped | ascertained as follows as an electronic card management method, and can obtain an effect equivalent to the said electronic card management system.
An electronic card management method for managing a plurality of electronic cards possessed by a user using a card state management server that is communicably connected to the electronic card, and each of the plurality of electronic cards in the card state management server A step of acquiring card state information which is information relating to a physical position of the user, a step of storing card state information for all the cards possessed by the user, and the acquired card state information and other items possessed by the user And determining whether or not the electronic card that has transmitted the card status information can be used based on the card status information of the electronic card.

  According to the present invention, a user can have a plurality of electronic cards such as a credit card and a cash card that can normally be held by one user, and the cards that can be used can be limited.

It is a figure showing the outline of the whole electronic card system concerning a first embodiment of the present invention. It is a figure which shows the functional block of the electronic card 10 which concerns on 1st embodiment of this invention. It is a figure which shows the functional block of the card | curd state management server 40 which concerns on 1st embodiment of this invention. It is a flowchart which shows the process sequence of the card | curd validation determination process which concerns on 1st embodiment of this invention. It is a figure which shows the outline of the whole electronic card system which concerns on 2nd embodiment of this invention. It is a figure which shows the functional block of the electronic card 10 which concerns on 2nd embodiment of this invention. It is a figure which shows the functional block of the card | curd state management server 40 which concerns on 2nd embodiment of this invention. It is a flowchart which shows the process sequence of the card | curd validation determination process which concerns on 2nd embodiment of this invention. It is a figure which shows the functional block of the electronic card 10 which concerns on 3rd embodiment of this invention. It is a figure which shows the functional block of the electronic card 10 which concerns on 4th embodiment of this invention. It is a figure which shows the outline of the electronic card 10 which concerns on 4th embodiment of this invention.

  DESCRIPTION OF EMBODIMENTS Hereinafter, embodiments for carrying out the present invention (hereinafter referred to as embodiments) will be described in detail with reference to the accompanying drawings. Note that the same number is assigned to the same element throughout the description of the embodiment.

[First embodiment]
FIG. 1 is a diagram showing an outline of the entire electronic card system according to the first embodiment of the present invention. In this specification, the term “electronic card” refers to credit card, cash card, debit card, electronic money card, point card, driver's license, passport, insurance card, identification card, admission permit, basic resident register card, etc. In general, this means an IC card that is not allowed to be held in plural, but here, a credit card will be described as a specific example as the first embodiment of the present invention.

  In this credit card system, a user has a plurality of credit cards (indicated by 10A, 10B, 10C, and 10D in the figure but indicated by 10 when there is no need to distinguish them) from one credit card company. Has been issued. Each card is basically a copy of one type of card with the same credit card number, but each card has a unique identifier recorded. In this credit card system, an entrance gate 31 is installed at the entrance of the user's home (residence) 30 and the card carried by the user can be detected (going out or going home). That is, the entrance gate 31 functions as a detection device that detects that the card carried by the user has gone out of the house or returned home. The installation location of the entrance gate 31 may not necessarily be the entrance of the home, but may be an entrance / exit of a place where the employee enters and exits at all times. The entrance gate 31 includes short-range wireless communication means and can communicate with the credit card 10. The entrance gate 31 is preferably connected to a card status management server 40 that manages status information of credit cards possessed for each user via a public network 70 such as the Internet. In this case, the entrance gate 31 also functions as a relay between the credit card and the card state management server. The “card state information” here refers to information obtained electronically regarding the physical position of the card, and does not refer to the physical state of the card itself. Although not essential, the user can connect to the card status management server 40 by using the user terminal 60 and inquire the status information of the card he owns at any time. In the following, for simplicity of description, the card status information is simply referred to as a card status.

The card state management server 40 is connected to a credit card settlement system 50, and the credit card settlement system 50 includes a credit card settlement server 51 that performs credit card settlement and a customer DB (Data Base) that stores customer information. Credit card payment server 51 is a CAFIS (Credit
When a user pays with a credit card via a dedicated network such as And Finance Information Switching system), the CAT terminal 54 receives the credit card. The information is read and transmitted to the credit card settlement system 50 together with the password entered by the user. The credit card settlement server 51 authenticates the user's credit card based on the transmitted information. If it is OK, the credit card settlement server 51 approves the settlement and notifies the CAT terminal, and later charges the price from the user's account. Process.

  In this example, the user possesses four duplicate cards, usually using any one of them, and the other three cards being stored at home 30. However, in the initial state, it is assumed that all four cards are in an “unusable state”. Here, the “unusable state” indicates one of the card states electronically managed by the card state management server 40, and the card state management server 40 includes a card validation determination unit. By detecting information such as the card position, it is determined whether the card is “usable” or “unusable”. When the user selects and carries one of the four cards (credit card 10A) and passes through the entrance gate 31 at home, the credit card 10A and the entrance gate 31 communicate with each other by short-range wireless communication means, Information that the card 10 </ b> A has passed through the entrance gate 31 is transmitted to the card state management server 40 via the public network 70. The card state management server 40 acquires information on the holder of the credit card 10A from the customer DB 52, checks the state of the same type of card (10B, 10C, 10D) possessed by the holder, and all the states are “unusable. ", The card 10A that has been carried is made" usable "(typically, the usability flag is turned ON). When the user returns home and passes through the entrance gate 31 again, the entrance gate 31 communicates with the card 10A again, and this time the card 10A is disabled (the use flag is turned off).

  In this way, when a user carries out one of a plurality of credit cards and goes out, only the carried credit card can be used. Therefore, other cards (10B, 10C, 10D) cannot be used even if another person takes it out without permission. Conversely, if the user is out of the office and loses the card, he / she immediately contacts the credit company and makes the card unusable. If the gate 31 is passed, the card can be used this time. In other words, even if the user loses the credit card on the go, the user can use one of the remaining cards without waiting for reissuance, thereby avoiding that the credit card cannot be temporarily used. it can.

  In the above explanation, the user has four copies of one credit card, only one of them can be used, and the other three are backups. It is not limited to form. That is, the user can have a plurality of different types of credit cards provided by the card company, and only a predetermined number of the cards carried by the user can be used. For example, if you want to use only two credit cards when you go out, you can set the card status management server 40 so that up to two cards can be used when registering this service. It can be easily realized. In this way, users can carry only a certain number of frequently used credit cards and keep other credit cards that are not frequently used at home so that many credit cards are always carried. There is no need to keep it. It also prevents other people from using a credit card that you do not carry without your permission. Of course, when changing the credit card to be used, the card can be automatically used only by carrying the card and passing through the entrance gate 31. Also, even if a credit card at home is stolen, even if one credit card is carried, the stolen card cannot be used as it is even if the PIN is known. This is because a credit card of a predetermined number or more cannot be used even if it passes through the entrance gate 31.

  In addition, when using a credit card at home for online shopping or the like, before entering the credit card number and making a settlement, the credit card is once passed through the entrance gate 31, and a predetermined amount is received from the user terminal 60. After authentication of identity verification, it may be set so that it cannot be used for a certain period of time. However, it is possible to provide a setting means that can temporarily use the card without causing the entrance gate 31 to pass through.

  FIG. 2 is a diagram showing functional blocks of the credit card according to the first embodiment of the present invention. Of course, the card of this embodiment may be another card such as a cash card or an electronic money card, and is not limited to a credit card. Therefore, unless otherwise specified, it is simply referred to as an electronic card or a card. To do.

The electronic card 10 includes an IC chip (IC module) 20. Typically, the IC chip 20 includes a CPU (Central Processing Unit) 21 and a ROM (Read Only).
Memory22, EEPROM (Electrically Erasable Programmable Read-Only
Memory) 23, RAM (Random Access Memory) 24, contact I / F (Interface) terminal 25, and non-contact I / F communication unit 26 (wireless communication unit) are built in, and each is connected by an internal bus 27. . However, as the nonvolatile memory, only the EEPROM 23 may be mounted without mounting the ROM 22. In addition, as a non-volatile memory, flash memory (Flush Memory) or FeRAM (Ferroelectric Random) can be used instead of EEPROM.
Access Memory) may be used. The CPU 21 performs various functions as an IC card by reading and executing a control program stored in the ROM 22 or the EEPROM 23. The control program encrypts data that uses a card OS (Operating System) that loads the program and controls the execution of the program, application programs that provide various card functions, and SSL (Secure Socket Layer) protocol. A program for secure transmission and reception is included. In the EEPROM 23, card individual information such as a card ID, a card number (credit card number, etc.), a personal identification number, a secret key, and the like, which are physically unique identifiers, are recorded. Further, the current card state (usable or unusable) determined by the card state management server 40 may be received via the entrance gate 31 and written in the EEPROM 23. The RAM 24 is used as a work area for temporarily storing data when the CPU 21 performs data processing.

  Further, the electronic card 10 includes a contact I / F terminal 25 and a non-contact I / F communication unit 26 as an interface with the outside. Although not shown, a magnetic stripe may be provided for compatibility with the prior art. The contact I / F terminal 25 is also called a contact layer, and is a contact type interface unit conforming to the specification defined by ISO / IEC7816. In many card readers (card readers) such as ATM, the contact I / F terminal 25 The internal card information is read through the F terminal 25. The non-contact I / F communication unit 26 is a wireless communication circuit that is connected to the antenna unit 11 and performs short-range wireless communication with an external device, and performs non-contact communication with the entrance gate 31 in the present embodiment. Of course, the non-contact I / F communication unit 26 also has a communication function with a non-contact type card reader. The short-range wireless communication here is NFC (Near Field Communication; ISO / IEC 18092 and 21481). Communication distance of about 70 cm or less), but also includes Bluetooth and remote type using microwave (ISO / IEC 18000; communication distance of 70 cm or more) with a communication distance of about 100 meters or less Shall be.

  The antenna unit 11 is an antenna pattern printed along the outer frame of the card, and is sometimes called an antenna coil. The antenna coil functions as a communication antenna with an external device, and also functions to supply necessary power to the inside of the card by electromagnetic induction from a magnetic field generated from the antenna coil on the card reader side. The above-described configuration is called a dual interface card having both a contact I / F part and a non-contact I / F part with one IC chip (one-chip type). The / F unit may be configured as a hybrid card (two-chip type) separated into two IC chips.

  FIG. 3 is a diagram showing functional blocks of the card state management server 40 according to the first embodiment of the present invention. The card state management server 40 may be a general computer, but as a functional configuration, a control unit 41, a storage unit 42, a first communication unit 43A, a second communication unit 43B, a card validation determination unit 44, and a gate An information acquisition unit 45 is included.

  As shown in the figure, the card state management server 40 is connected to the credit card settlement system 50 via a dedicated line via the first communication unit 43A, and reads / writes the credit card information stored in the customer DB 52. In the customer DB 52, in addition to customer information (A, B,...) Which is credit information for each customer, credit card information (A1, A2, A3, A4 and B1, B2,.・ ・) Is linked. Customer information includes the customer's address / name, date of birth, place of work, annual income, all credit card information issued by a credit company or affiliated credit card company group, and past usage history. Is recorded. The credit card information includes information on a card ID, a credit card number, a debit account number, a credit limit, and a card status. When a plurality of credit cards linked to customer information are used as a copy of one credit card, the credit card number, withdrawal account number, and usage limit are all the same in each credit card information. However, since the card ID is an ID physically unique to the card, the card ID is different even when it is reissued. Specifically, the card state is a flag or a numerical value indicating the current usable state or unusable state of each card determined by a card validation determining unit 44 described later.

  The storage unit 42 of the card state management server 40 stores a card state management table as illustrated, and associates a gate (entrance gate 31) ID and a customer ID. Further, all card states are managed for each customer ID. In this figure, a card that is “available” is indicated by a tag at the lower right corner. Note that the gate ID and the customer ID do not necessarily have a one-to-one correspondence as in the example of this figure, and may have a one-to-N relationship. A plurality of gate IDs may be associated with one customer ID. By doing so, it is possible to deal with an apartment house where a plurality of customers exist in one residence, and it is also possible to deal with a case where one customer has a plurality of residences.

  The gate information acquisition unit 45 communicates with all the entrance gates 31 connected to the card state management server 40 via a public line such as the Internet via the second communication unit 43B, and information on the cards passing through each gate, at least the card Receive ID and gate passage direction (going out or going home). In addition, the passage date and time of the gate may be received. The timing of communication with each entrance gate 31 may be such that when the entrance gate 31 detects the passage of the card, the entrance gate side may notify the entrance gate 31 or the card state management server side may contact the entrance gate at regular intervals. Polling may be applied to the gate side. Although not particularly illustrated, the entrance gate 31 includes a sensor that detects the passing direction of the customer, and can distinguish whether the customer has taken the card or returned home.

  The card validation determination unit 44 extracts the gate ID and the card ID that has passed through the card information received by the gate information acquisition unit 45, and displays all the card states possessed by the customer based on the card state management table. If there is no other usable card, it is determined that the card that has passed through the gate is usable (validation). If there are already other passed cards, the newly passed cards can be used as long as they are within a predetermined number of cards set by the customer. If it is not within the predetermined number of cards, the newly passed card is disabled (invalidated). Then, the card state and the gate passage time are recorded in the card state management table, and at the same time, the card state in the credit card information of the customer DB 52 is updated. Details of the card validation determination process will be described later.

  The functional configuration of the server described above is merely an example, and one functional unit may be further divided, or a plurality of functional units may be configured as one functional unit. In each functional unit, a CPU built in the server reads a computer program stored in a storage device such as a memory (ROM, EEPROM) or a hard disk, and the computer program executed by the CPU is stored in the storage device. It is realized by reading and writing necessary data such as a table from a storage area on a database or memory and controlling related hardware (for example, an input / output device, a display device, a communication interface device) in some cases. Further, the database (DB) in the embodiment of the present invention may be a commercial database, but may be a collection of tables and files, and the internal structure of the database itself does not matter.

  FIG. 4 is a flowchart showing a processing procedure of card validation determination processing according to the first embodiment of the present invention. The card validation determination process is a process for judging whether the card can be used (validated) or unusable (invalidated) based on the acquired card status information. Cards that are determined to be unusable are communicated to the credit card settlement system 50 and cannot be settled with that card unless the card status changes and becomes usable.

  The card validation determination unit 44 first looks at the reception information from each entrance gate 31 and checks whether there is a card that has passed through the gate (step S10). If there is no passing card, the process is terminated. If there is a passing card, the customer information associated with the gate and the card information possessed by the customer are read from the customer DB 52 (step S11). Next, based on the read information, the card state management table in the storage unit 42 is checked, and if there is a mismatch, it is updated to the latest information (step S12). Next, it is checked whether or not the passed card is out of the card status information received from the entrance gate 31 (step S13). If it is not going out (step S13; No), it will be considered that it is going home, it will move to step S17, and the card | curd which passed the gate will be invalidated. If the user goes out (step S13; Yes), the process proceeds to step S14, and the card status management table is checked again to check whether the number of cards that can be used by the customer is equal to or smaller than a predetermined number of cards set in advance ( Step S14). However, if all of the customer's cards are backup copy cards, the predetermined number of cards is 1 (not shown). This is because only one copy card can be used. Whether the card is a backup duplicate card can be determined by checking whether the credit card numbers in the card information are all the same, or by recording an identifier indicating that the card is a backup card in the card ID itself.

  Then, even if the card that has passed through the gate is usable, the card validation determination unit 44 validates the card that has passed through the gate if the number of available cards is within a predetermined number of cards that are allowed. (Step S15). If it is not within the predetermined number of cards (step S14; No), even if the card has passed through the gate, it is invalidated without being usable (step S17). Finally, the card validation determination unit 44 checks whether or not all customer information associated with the gate has been processed (step S16), and if there are other customers, repeats the processing from step S11 to step S15, If there are no other customers, the process ends.

[Second Embodiment]
In the above, the first embodiment of the present invention has been described by taking the credit card system as an example. Hereinafter, another embodiment of the present invention will be described. FIG. 5 is a diagram showing an outline of the entire electronic card system according to the second embodiment of the present invention.

  As shown in the figure, the electronic card (10 or 10A, 10B, 10C, 10D) in this embodiment is a GPS (Global Positioning System) receiving circuit (12 or 12A) as means for detecting its own position information inside the card. , 12B, 12C, 12D) and can receive radio waves from GPS satellites. The electronic card 10 transmits GPS radio wave reception data to the base station (80 or 80A, 80B) via the mobile phone network or the like, and the base station 80 receives the received data to the positioning server 81 via the dedicated network 85. Data is sent to obtain position information (longitude, latitude, altitude) of the electronic card 10. The obtained position information is sent to the card state management server 40 via the gateway 75 and the public network 70. That is, the base station 80 functions as a relay between the electronic card 10 and the card state management server 40. However, the base station 80 and the electronic card 10 may not directly communicate with each other but may pass through a device such as a local radio receiver (not shown). In that case, a local radio receiver or the like becomes a repeater.

  Even if the electronic card 10 does not include a GPS receiver circuit, the accuracy of the position information may be reduced. However, the base station 80 or the local wireless receiver (relay relay) that receives the radio wave from the electronic card 10 may be used. ) Position information may be substituted as the position information of the electronic card 10 (simple position information). Note that the position information of the repeater has almost no error as the position of the card when the repeater and the card communicate with each other by a short-range communication method (communication distance of about 10 cm to 70 cm), and the communication with the card is a long distance Even communication includes only an error about the communication distance. The electronic card 10 does not always need to communicate with a base station or the like, and is exchanged when the electronic card 10 is held over an IC card reader installed in a store or the like and power is supplied by electromagnetic induction. As will be described later, communication may be performed when a solar cell mounted on the electronic card receives light and power is supplied.

  The card state management server 40 is connected to an electronic card service processing system 55, which is a system of an electronic card service provider, via a dedicated network (not shown). The service processing system is a payment system if it is a financial card, and a personal authentication system if it is a card for identification. The card status management server 40 determines whether the card is valid (usable) or invalid (unusable) based on the received position information of the electronic card 10. For example, the location information of the cardholder's home address is compared with the current location information of the card, and if the card is more than a predetermined distance away from the home, the card is regarded as being carried by the user and validated. The card in is invalidated. Further, since the position information of the card is used as a determination criterion, a specific card can be used only in a specific area, and another card can be used in another area.

  In the illustrated example, the electronic card 10A is validated, and the other electronic cards 10B, 10C, and 10D are invalidated. When a plurality of electronic cards 10 are issued for the purpose of backup as a copy, it is the same as in the first embodiment that only one of the plurality of cards is always valid. Details of the processing procedure of the validation determination will be described later. As in the first embodiment, the user terminal 60 may be able to access the card status management server 40 via the network 70 so that the card validation / invalidation status can be confirmed. is there.

  FIG. 6 is a functional block diagram of the electronic card 10 according to the second embodiment of the present invention. Since the electronic card 10 of the present embodiment is similar to the configuration of the functional block of the credit card in FIG. 2, the description of the same parts is omitted in the following description. The information recorded in the EEPROM 23 varies depending on the use of the card, and data other than the card ID and card number is recorded as necessary.

  In the electronic card 10, the internal bus 27 is extended to the outside of the IC chip 20 and wired, and is connected to the solar cell unit 28 and the position detection unit 12. The solar cell unit 28 includes a light receiving unit on the card surface, receives visible light, stores the light, and supplies power to the electronic card 10. As described above, the position detection unit 12 may be a GPS reception circuit, but may be mounted on the card as an expansion chip or may be incorporated in the IC chip 20. The position detection unit 12 shares the antenna unit 11 (antenna pattern) with the non-contact I / F communication unit 26 in order to receive radio waves from GPS satellites. In the card configuration of the present embodiment, the non-contact I / F communication unit 26 has a communication function that can be connected to a base station in addition to a communication function with a card reader. Further, when the position detection unit 12 is not mounted on the card and the position information of the base station is used as simple position information, the solar cell unit 28 can be omitted. The contact I / F terminal 25 can be omitted in the case of a card using a card reader that does not use the contact I / F (for example, a ticket gate).

  FIG. 7 is a diagram showing functional blocks of the card state management server 40 according to the second embodiment of the present invention. The card state management server 40 of the present embodiment is roughly the same as in the case of FIG. 3, but only different parts will be described below.

  The card state management server 40 of the second embodiment includes a card position information acquisition unit 46 as a new functional unit. The card position information acquisition unit 46 functions as position information detection means for collecting current card position information. Although it is desirable that the card position information detection means can accurately detect by the GPS embedded in each card, the position of a repeater such as the nearest base station with which the card is communicating may be adopted as simple position information. . The timing at which the card position information acquisition unit 46 updates the position information of each card may be performed by polling at a certain period, but if any action occurs on the card side, for example, if it is close to the card reader, When the solar cell on the card is activated, or when a predetermined key (described later) on the card is operated, the position information is preferably updated in accordance with the operation. Moreover, this embodiment can also be combined with the card and entrance gate system of the first embodiment. That is, the position information may be updated when the card passes the entrance gate 31.

  FIG. 8 is a flowchart showing a processing procedure of card validation determination processing according to the second embodiment of the present invention. The card validation determination unit 44 in the present embodiment rises at regular time intervals and repeats the following processing.

  The card validation determination unit 44 first reads customer information from the customer DB 52 in step S20. Next, all card information associated with the customer information is read (step S21). Then, all current position information of these cards is confirmed, and it is checked whether a certain card is separated from other cards by a predetermined distance or more (step S22). Here, the predetermined distance is set in advance by the system in consideration of the customer's attribute in the card type. For example, if the card type is a point card and the customer attribute is a housewife who is mainly shopping near his home, the distance may be as short as several tens of meters to several hundreds of meters. Further, if the type of card is an identification card, and the customer attribute is a salaried worker living in the suburbs of an urban area and the company is in the city center, it may be a long distance of several kilometers to several tens of kilometers. Of course, it is preferable to provide means for confirming and changing the predetermined distance for each individual card by the customer from the user terminal 60 or the like.

  In step S22, if there is no card that is more than a predetermined distance away from other cards, it is determined that all the cards are in a certain storage location such as home, and all the cards are invalidated (step S24). In step S22, if there is a card that is away from the other card by a predetermined distance or more, it is determined that the card is likely to be used outside the office, and only the card away from the card is validated (step S23). When there are a plurality of cards separated by a predetermined distance or more, the card is validated only for a predetermined number (steps S24 to S25). However, if there are a plurality of cards separated by a predetermined distance or more and they are in a relationship of duplicate cards, only one of them is activated (not shown). This is because the customer may have accidentally carried two or more same cards. The card validation determination unit 44 then repeats the processing from step S20 to S25 for all customers (step S26).

  In this way, if the card goes out with the customer, the card can be used, and if the card goes home with the customer (stored in the vicinity of other cards at home), the card is used. Since there is no possibility of it, disable it once. Of course, if a card that is still usable on the go is lost or stolen, you can contact the service provider and unconditionally disable the card (in some cases disable it permanently) It is. The permanently invalidated card is also recorded in the customer DB 52 and the card status management table and is excluded from the subsequent check target, but the customer can use another backup card thereafter.

[Third embodiment]
FIG. 9 is a functional block diagram of the electronic card 10 according to the third embodiment of the present invention. The electronic card 10 shown in FIG. 9 has a fingerprint authentication unit 13 in place of the position detection unit 12 of the electronic card 10 shown in FIG. 6 so that identification information can be transmitted to the card state management server 40. .

  The fingerprint authentication unit 13 is provided with a fingerprint reading unit on the card surface to detect a fingerprint pattern and perform identity verification. The fingerprint pattern left on the card is automatically erased after a predetermined time to prevent misuse. As the structure of the fingerprint reading unit on the card, an existing technology (for example, Japanese Patent Laid-Open No. 2000-76412) may be used. The read fingerprint pattern is collated with the fingerprint registration pattern of the person registered in advance in the EEPROM 23. If the patterns match, the card can be authenticated. At this time, the card state recorded in the EEPROM 23 may be written as a “provisional use enabled” state. However, since the information indicating “provisional use” is not notified to the card status management server 40 at that time, the card status in the EEPROM 23 is actually “provisional use” over the card reader. In addition, if it is within a predetermined number together with other cards that can be used, it is determined as “usable” for the first time. In order to improve safety, a card that is in a temporarily usable state is set to “usable”, and after being used, it is made unusable again.

  The card of the third embodiment can be combined with the first embodiment and the second embodiment. For example, the temporary usable state returns to the unusable state after a certain period of time (about one day), passes through the entrance gate 31 and becomes a “provisional usable” card again (fingerprint reading again). It is also possible to determine that the card that has been used can be used for the first time. In combination with the second embodiment, only a temporarily usable card that is separated from other cards may be used. By doing so, it is possible to further enhance prevention of unauthorized family card removal and card theft from home.

  In the above description, the card side authenticates and is temporarily usable, but without doing this, the result of fingerprint pattern matching is included in the card status information and sent to the server for use. You may make it leave to the server side all judgments which cannot be used.

  FIG. 10 is a diagram showing functional blocks of the electronic card 10 according to the fourth embodiment of the present invention. The internal configuration of the electronic card 10 of this embodiment is provided with a personal identification number input unit 14 instead of the fingerprint authentication unit 13 of FIG. FIG. 11 is a diagram showing an overview of the electronic card 10 of the present embodiment. Since these figures show the same thing in different ways, they will be explained together.

  As shown in FIG. 11, in the electronic card 10 of the present embodiment, the IC chip 20, the solar cell light receiving unit 15, and the numeric input keys 16 are pattern-printed on the card. The numeric input key 16 recognizes the pressing of the key by detecting a change in capacitance. A display unit 17 may be provided to confirm key input. The number input key 16 and the display unit 17 constitute a personal identification number input unit 14. The personal identification number input unit 14 performs personal authentication by a customer inputting a personal identification number on a card. Note that the structure of the personal identification number input unit on the card itself may use another existing technology (for example, JP-A-2004-164039). The entered password is automatically deleted (invalidated) after a certain period of time so that it cannot be reused.

  When the customer inputs the personal identification number from the card, it is compared with the registered personal identification number stored in the EEPROM 23 and is in a “provisional use” state if it matches. However, there is no change in the card status management server 40 determining whether or not the final card can be used or not in consideration of the status of other cards. The number input key 16 can be used as a trigger for transmitting a request from the card side to the system in addition to inputting the password. Since the subsequent processing is the same as in the third embodiment, description thereof will be omitted. However, by doing so, it is possible to further enhance the prevention of unauthorized removal of cards by family members and theft of cards from home. Is the same.

  In the above description, the card side authenticates and is temporarily usable. However, the result of the password verification is included in the card status information and sent to the server. It is the same as that of 3rd embodiment that you may make it leave to.

  As mentioned above, although this invention was demonstrated using several types of embodiment, it cannot be overemphasized that the technical scope of this invention is not limited to the range as described in the said embodiment. It will be apparent to those skilled in the art that various modifications or improvements can be added to the above-described embodiment. Further, it is apparent from the scope of the claims that the embodiments added with such changes or improvements can be included in the technical scope of the present invention.

10, 10A, 10B, 10C, 10D Credit card (electronic card)
DESCRIPTION OF SYMBOLS 11 Antenna part 12,12A, 12B, 12C, 12D Position detection part 13 Fingerprint authentication part 14 PIN number input part 15 Solar cell light-receiving part 16 Number input key 17 Display part 20 IC chip (IC module)
21 CPU
22 ROM
23 EEPROM
24 RAM
25 Contact I / F terminal 26 Non-contact I / F communication unit 27 Internal bus 28 Solar cell unit 30 Residence such as home 31 Entrance gate 40 Card state management server 41 Control unit 42 Storage unit 43A First communication unit 43B Second communication unit 44 Card validation determination unit 45 Gate information acquisition unit 46 Card position information acquisition unit 50 Credit card payment system 51 Credit card payment server 52 Customer DB
53 Dedicated Network 54 CAT Terminal 55 Electronic Card Service Processing System 60 User Terminal 70 Public Network (Internet)
75 Gateway 80, 80A, 80B Base station 85 Dedicated network

Claims (8)

A plurality of electronic cards and a card state management server are connected, and an electronic card management system that manages a plurality of the electronic cards possessed by a user,
The electronic card includes a wireless communication unit that transmits card state information, which is information related to its physical location, by wireless communication,
The card state management server includes a card information acquisition unit that acquires card state information of each of the plurality of electronic cards;
A card validation determination unit that determines whether or not the electronic card that has transmitted the card status information is usable based on the acquired card status information and card status information of another electronic card possessed by the user; An electronic card management system comprising: Provided a detection device installed near the entrance of the user's whereabouts to detect the entry and exit of humans,
When the detection device communicates with the electronic card by the wireless communication when the person enters or exits, the ID of the electronic card and the ID of the detection device are used as the card status information to the card status management server. The electronic card management system according to claim 1, wherein transmission is performed.   The electronic card includes means for detecting its own position information, transmits the position information as the card state information to the card state management server, and the card validation determination unit determines whether the electronic card is based on the position information. 2. The electronic card management system according to claim 1, wherein it is determined whether or not the card can be used. The electronic card is connected to the card state management server via a repeater,
The repeater includes means for detecting its own location information, and transmits the location information to the card status management server as the card status information of the electronic card with which the location information has been exchanged. The electronic card management system according to claim 1, wherein it is determined whether or not the electronic card can be used based on the electronic card.   The card validation determination unit determines that only one of the plurality of electronic cards can be used when the plurality of electronic cards possessed by the user are issued as backup cards. The electronic card management system according to claim 1.   The electronic card includes a fingerprint authentication unit that reads the fingerprint of the user, and includes a matching result between the read fingerprint pattern and the registered fingerprint pattern of the user stored in the electronic card in the card status information. 6. The electronic card management system according to claim 1, wherein the fingerprint pattern is transmitted to the card state management server and erased after a predetermined time.   The electronic card includes a personal identification number input unit for the user to input a personal identification number, and the card status information includes a collation result between the input personal identification number and the registered personal identification number stored in the electronic card. The electronic card management system according to claim 1, wherein the electronic card management system is transmitted to the card state management server. An electronic card management method for managing a plurality of electronic cards possessed by a user using a card state management server connected so as to be communicable with an electronic card,
In the card state management server,
Obtaining card status information that is information relating to the physical position of each of the plurality of electronic cards;
Storing card status information for all cards possessed by the user;
Determining whether or not the electronic card that has transmitted the card status information can be used based on the acquired card status information and the card status information of another electronic card possessed by the user. An electronic card management method.

Images