JP2014175728A - Coupon verification system and coupon verification method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a coupon verification system for prohibiting identifying a terminal holding a coupon issued by an issuance station and prohibiting a terminal excluding a terminal to which a coupon is issued by the issuance station from using the coupon.SOLUTION: A coupon verification system includes: an issuance station for issuing a coupon; a mobile terminal for using the coupon acquired from the issuance station; and a verification device for permitting the mobile terminal to use the coupon according to a result obtained by verifying the coupon acquired from the mobile terminal. The mobile terminal acquires a coupon including first information for identifying a result of calculation performed in the terminal on the basis of a random number value transmitted from the issuance station and a unique value of the terminal, and the random number value from the issuance station; receives a random number value included in the coupon transmitted to the verification device from the verification device; transmits second information for identifying a result of calculation performed in the terminal on the basis of the acquired random number value and unique value of the terminal to the verification device; and makes the coupon be available according to correspondence between the first information and second information.

Description

  The present invention relates to a ticket verification system and a ticket verification method for verifying proper use of issued tickets.

  In recent years, tickets for digitizing tickets, coupons and the like for users to receive desired services have been issued to users. The user holds the issued ticket in an information processing terminal such as a portable terminal, and at the time of use, causes a reading device provided on the service provider side to read the ticket held in the information processing terminal, thereby providing a desired service. Can receive.

  While it is difficult to illegally use the ticket, the verifier can determine the ticket identifier n and the generated random number C in order to prove the contents of the ticket to a third party and maintain the anonymity of the ticket user. The certificate is transmitted to the prover, and the prover acquires the ticket secret information D from the ticket corresponding to the identifier n. A value R calculated by the prover using the random number C and the ticket secret information D is transmitted to the verifier. It has been proposed that the verifier generates a random number C from the value R and the ticket public information E, and verifies the ticket by comparison with the random number C transmitted to the prover.

JP 11-31204 A

  As a use form of a digitized ticket, a store may issue a coupon (electronic coupon) for the purpose of enclosing a customer. If you bring a receipt that shows that the customer has paid for the purchase or enjoyed the service at the store, the coupon will be discounted by 100 yen from the price for the next use. There are coupon tickets.

  The store side may want the customer himself / herself to use a coupon issued to such a customer. That is, the store side does not want the coupon issued to the customer to be transferred to another person, and there is a desire to know that the coupon user is the customer. That is, the store side does not need to identify the individual customer, but wants to confirm that the customer is the customer himself when the user issues the coupon. On the other hand, the customer does not want to inform the store of personal information.

  With the above-described technology, it is possible to verify that the ticket is a legitimate ticket and to make the ticket user anonymous, so the store cannot know whether the store is used by the customer who issued the coupon. .

  In the above-described technology, since both the ticket issuing unit and the prover-specific information holding means are in the ticket creation / issuing authority, the store sales promotion information, such as which user issued which ticket, etc. Issuing authority can know.

  In one aspect, an object of the present invention is to make it possible to confirm whether or not the coupon user is the customer who issued the coupon without using the customer's personal information.

  According to one aspect of the present embodiment, the issuing station that issues the ticket, the terminal that uses the ticket acquired from the issuing station, and the use permission of the ticket according to the result of verifying the ticket acquired from the terminal In the ticket verification system including a verification device provided to the terminal, the terminal specifies a result of an operation performed at the terminal based on a random value transmitted from the issuing station and an eigenvalue of the terminal A ticket acquisition unit that acquires a ticket including the first information and the random number value from the issuing station; and a random number value included in the ticket as a response to the transmission of the ticket from the terminal to the verification device. Based on the random value receiving unit received from the verification device and the random value received from the verification device and the eigenvalue of the terminal, the second information specifying the result of the operation performed in the terminal is transmitted to the verification device A transmitter, and If a match between the information and the first information has been verified, it as the use of the ticket is possible.

  According to one aspect of the present embodiment, a ticket including a set of a random value and a value generated by a predetermined calculation from the random value and the secret value is issued at the terminal, and the random number value of the issued ticket is issued to the terminal. The verification for performing the calculation makes it impossible to specify the terminal that issues the ticket, and the use other than the terminal can also be suppressed.

It is a figure which shows schematic structure of a ticket verification system. It is a figure for demonstrating the 1st related technique. It is a figure for demonstrating the problem of a 1st related technique. It is a figure for demonstrating the 2nd related technique. It is a figure which shows the structural example of the ticket verification system in 1st Example. It is a figure which shows the structural example of the coupon issue in 1st Example. It is a figure which shows the structural example of the coupon verification in 1st Example. It is a figure which shows the data structural example of a coupon. It is a figure which shows the structural example of the coupon issue in 2nd Example. It is a flowchart figure for demonstrating the coupon issue process in 2nd Example. It is a figure which shows the structural example of the coupon verification in 2nd Example. It is a figure which shows the processing sequence of the coupon verification in 2nd Example. It is a figure which shows the structural example of the coupon verification in 3rd Example. It is a flowchart figure for demonstrating the terminal authenticator production | generation process by the portable terminal in 3rd Example. It is a flowchart figure for demonstrating the portable terminal verification process by the portable terminal verification station in 3rd Example. It is a figure which shows the structural example of the coupon verification in 4th Example. It is a figure for demonstrating the method 2 which produces | generates a random value. It is a figure which shows the hardware constitutions of a computer apparatus.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. FIG. 1 is a diagram showing a schematic configuration of a ticket verification system. In FIG. 1, the ticket verification system 100 includes a mobile terminal 1, an issuing station 5, and a verification device 7.

  The portable terminal 1 is a portable information processing terminal such as a cellular phone having a network communication function capable of communicating with the issuing station 5 via a network. The user 1u is a customer who purchased goods or services from the service provider 7s, and the mobile terminal 1 is a mobile phone or the like possessed by the user 1u.

  The issuing station 5 is a computer device that issues the coupon 2 to the user u specified by the service provider 7s in response to a coupon issue request from the service provider 7s. The coupon 2 is a digitized electronic coupon, and is provided to the mobile terminal 1 of the user 1u via a network. The provided coupon 2 is held in the storage area of the mobile terminal 1.

  The verification device 7 is a computer device, is installed in a store, and verifies the coupon 2 read from the mobile terminal 1. When the user 1 u purchases a product with the coupon 2 at the store, the coupon 2 held in the portable terminal 1 is read and verified by the verification device 7.

  When it is determined that the coupon 2 can be used by the verification, the user 1u can purchase the product using the service 3 specified by the coupon 2. The service 3 specified by the coupon 2 is performed by the service provider 7 on the user 1u.

  The service provider 7s verifies the coupon 2 and provides an appropriate service to the user 1u. Moreover, since the service provider 7s verifies the validity of the coupon 2 using the verification apparatus 7, it can also be said that it is a verifier.

  In the form in which the coupon 2 is verified at the time of payment such as payment of goods, for example, a computer device having a cash register function is configured to have a verification function corresponding to the verification device 7.

In such a service providing form, the present embodiment provides a ticket verification system that simultaneously satisfies the following conditions 1 and 2.
Condition 1: The issuing station 5 that issues the coupon 2 and the verifier 7s cannot obtain information that identifies the individual user 1u. This includes that the mobile terminal 1 carried by the user 1u cannot be specified.
Condition 2: Coupon 2 cannot be used except by the user 1u himself.

The ticket verification system 100 assumes the following situation.
(1) The user 1u and the portable terminal 1 of the user 1u may be reliable or not.
(2) Only the owner (user 1u) can use the portable terminal 1.
(3) A coupon 2 is issued to the mobile terminal 1, that is, the user 1u.
(4) The portable terminal 1 (user 1u) to be issued with the coupon 2 is only the portable terminal 1 (user 1u) that operates as intended by the issuing station 5 and the verification device 7.
(5) Although the issuing station 5 of the coupon 2 and the service provider (verifier) 7 s (and the verification device 7) are reliable and not, the user 1 u and the mobile terminal 1 cannot distinguish them. For example, an unreliable verifier (fake verifier) may issue a coupon received at the time of verification to another user by transmitting it to an unreliable issuing authority (fake issuing authority) using the verification device. .

  Prior to the description of the present embodiment, related techniques relating to coupon issuance and verification will be described with reference to FIGS. FIG. 2 is a diagram for explaining the first related technology. In the ticket verification system 9 a shown in FIG. 2, when the terminal authentication is successful between the issuing station P and the mobile terminal 1, the signed coupon 21 of the issuing station P is transmitted to the mobile terminal 1.

  The user 1u presents the coupon 21 with the signature of the issuing authority P held in the portable terminal 1 to the service provider 7s, that is, when the verification device 7 reads the coupon 21 from the portable terminal 1, the signed coupon 21 Is verified. When the validity is confirmed by the verification, the service provider 7s provides the service to the user 1u.

  In the first related technology, personal information of the user 1u is not passed to the issuing station P of the coupon 21, the verification device 7, and the service provider (verifier) 7s, but a person other than the coupon target person can also receive the coupon 21. Can be used. Therefore, the above condition 1 is satisfied, but the condition 2 is not satisfied.

  FIG. 3 is a diagram for explaining the problem of the first related technology. The ticket verification system 9b shown in FIG. 3 shows an example in which the service provider (verifier) 7s and the verification device 7 are not valid in the first related technology in FIG.

  The coupon 21 is issued with the signature of the issuing station P to the mobile terminal 1-1 of Mr. Suzuki who can be trusted by a valid issuing station P. In order to receive service from the fake service provider (fake verifier) 7s-2, Mr. Suzuki causes the fake verifier 7-2 to read the coupon 21 held in the portable terminal 1-1.

  The false verification apparatus 7-2 provides the read coupon 21 with the signature of the issuing station P to the false issuing station FP, and the coupon 21 is illegally reused or copied. Since it is a coupon with a signature of the issuing authority P, it is considered that it is an issuing authority that issues a valid coupon, and a reliable Mr. Tanaka obtains the coupon 21 from the fake issuing authority FP without realizing that it is fraudulent. Hold at 2.

  In this case, even if the mobile device can be trusted, the coupon held by the mobile device is not necessarily the one of the coupon target person (because it may have another person's coupon), It is not possible to verify whether it is properly used for the purpose. Therefore, the condition 2 is not satisfied.

  FIG. 4 is a diagram for explaining the second related technique. The ticket verification system 9c shown in FIG. 4 is different from the first related technique shown in FIG. 2 in that a coupon 22 with a signature of the portable terminal A is issued from the issuing station P in addition to the signature of the issuing station P. .

  The issuing authority P issues a coupon 22 with user information (signature, biometric information, etc.) of the user 1u and the issuing authority's signature, and the service provider (verifier) 7s verifies it.

  In the second related technology, the signature of the portable terminal A is included in the coupon 22 so that only the user 1u himself / herself in condition 2 can use the coupon 22. However, the issuing station P that issues the coupon 22 of the condition 1 and the verifier 7s (verification device 7) cannot satisfy that the information specifying the user 1u cannot be obtained.

  As described above, either condition 1 or condition 2 could be satisfied, but both cannot be satisfied simultaneously.

  That is, it is difficult for the issuing station 5 and the service provider 7s (verification device 7) to confirm that the coupon user is the coupon target person himself / herself without using information that identifies the individual user. Specifically, the user 1u may be informed that “You are the subject of this coupon”, but does not want to be informed that “You are Mr. Suzuki”. Also, it is not desirable for the user 1u to know that “the user of this coupon and the user of that coupon are the same person”.

  In the present embodiment, a mechanism for simultaneously satisfying the above-described condition 1 and condition 2 is provided. FIG. 5 is a diagram showing a configuration example of the ticket verification system in the first embodiment. In the ticket verification system 200 shown in FIG. 5, the issuing station P that issues the coupon 2, the mobile terminal 1 of the user 1u, the verification device 7 used by the service provider (verifier) 7s, and the mobile terminal 1 are genuine. And a portable terminal verification station 8 that verifies whether or not there is.

  In the ticket verification system 200, the issuing station 5 issues the coupon 2 in association with the mobile terminal 1 of the user 1u. The coupon 2 is used as a set with the mobile terminal 1.

  Further, a coupon authenticator is attached to the coupon 2. The features of the coupon authenticator are as follows. A method for realizing the coupon authenticator will be described later.

  Feature 1: Even if a third party looks at the coupon authenticator, the mobile terminal 1 (= user 1u) cannot be specified. Also, the coupon authenticators are different between coupons associated with the same mobile terminal 1. Condition 1 is satisfied by this feature 1.

  Feature 2: It is possible to confirm whether or not the mobile terminal 1 using the coupon 2 is linked to the coupon. Certainly, it can be confirmed that the coupon is issued to the mobile terminal 1. Condition 2 is satisfied by this feature 2.

  The verifier 7s can confirm whether or not the mobile terminal 1 is authentic. When it can be confirmed that it is reliable, the verifier 7s can confirm whether or not the portable terminal 1 is linked to the coupon 2 from the coupon authenticator.

  The verifier 7s makes an inquiry to the mobile terminal verification station 8 to check whether the mobile terminal 1 is genuine. This confirmation method will be described later.

The coupon authenticator in the present embodiment is a set of a coupon random value cpn_rdm and a coupon terminal generation value cpn_dvgen. Values related to the coupon authenticator are as follows.
Secret value v: Secret value for each mobile terminal 1 Coupon random value cpn_rdm: Random number Coupon terminal generated value cpn_dvgen: Value generated by mobile terminal 1 from secret value v and coupon random value cpn_rdm The reason why the conditions 1 and 2 described above are satisfied by using is as follows.

  Characteristics of coupon authenticator 1: When a coupon is issued or verified, the mobile terminal 1 does not pass terminal-specific information to the issuing station 5 or the verifier. Even if the target person is the user 1u of the same person, the coupon authenticator (a set of the coupon random number cpn_rdm and the terminal generated value cpn_dvgen) is different for each coupon. The mobile terminal 1 cannot be specified.

  Coupon Authenticator Feature 2: The coupon terminal generation value cpn_dvgen is generated using a secret value v that is different for each portable terminal 1. Therefore, only one portable terminal 1 can generate a specific coupon terminal generation value cpn_dvgen from a certain coupon random value cpn_rdm. From this feature 2, the verifier 7s can confirm whether or not the portable terminal 1 using the coupon 2 is associated with the coupon.

  Hereinafter, coupon issue and coupon verification in the first embodiment will be described. First, coupon issue will be described. The issuing of the coupon 2 is performed by the issuing station 5 issuing a signed coupon including a coupon authenticator (a set of a coupon random value cpn_rdm and a terminal generated value cpn_dvgen).

  FIG. 6 is a diagram illustrating a configuration example of coupon issue in the first embodiment. In FIG. 6, the components related to coupon issue are shown, and the others are omitted. In FIG. 6, the mobile terminal 1 includes a random value receiving unit 101, a value generating / transmitting unit 102, and a coupon receiving unit 103. The random value reception unit 101, the value generation / transmission unit 102, and the coupon reception unit 103 correspond to a ticket acquisition unit. The secret value v and the coupon 2 are stored in the storage unit of the mobile terminal 1.

  The random value receiving unit 101 receives a coupon random value cpn_rdm from the issuing station 5. The value generation / transmission unit 102 generates a coupon terminal generation value cpn_dvgen from the coupon random number cpn_rdm and the secret value v received from the issuing station 5 and transmits them to the issuing station 5. When the coupon receiving unit 103 receives the coupon 2 from the issuing station 5, the coupon receiving unit 103 stores the coupon 2 in the storage unit of the mobile terminal 1.

  The issuing station 5 includes a coupon random number generation unit 501, a coupon random value transmission unit 502, and a signed coupon issue unit 503.

  The random value generation unit 501 generates a coupon random value cpn_rdm that is different for each coupon. The random value transmission unit 502 transmits the coupon random value cpn_rdm generated by the random value generation unit 501 to the mobile terminal 1. The signed coupon issuing unit 503 issues the coupon 2 with the signature of the issuing authority 5 including the coupon authenticator received from the mobile terminal 1.

  When the issuing station 5 generates a coupon random value cpn_rdm in response to a coupon issue request to the mobile terminal 1, the coupon random number generation unit 501 generates a coupon random value cpn_rdm (step S1). The numerical value cpn_rdm is transmitted to the mobile terminal 1 (step S2).

  In the portable terminal 1, when the random value receiving unit 101 receives the coupon 2, the coupon 2 is passed to the value generating / transmitting unit 102 (step S3). The value generation / transmission unit 102 generates a value cpn_dvgen from the coupon random value cpn_rdm and the secret value v and transmits it to the issuing station 5 (step S4).

  In the issuing station 5, the signed coupon issuing unit 503 receives the generated value cpn_dvgen from the mobile terminal 1, and includes the generated value cpn_dvgen and the coupon random number cpn_rdm, and the coupon 2 signed by the issuing station 5. Is issued to the portable terminal 1 (step S5). In the mobile terminal 1, the coupon 2 issued from the issuing station 5 is held in the storage unit in the mobile terminal 1.

  Next, a configuration for coupon verification in the present embodiment will be described. FIG. 7 is a diagram illustrating a configuration example of coupon verification in the first embodiment. In FIG. 7, the components related to coupon verification are shown, and the others are omitted. In FIG. 7, the mobile terminal 1 includes a random number reception unit 101 and a value generation / transmission unit 102. A secret value 1 and a coupon 2 are stored in the storage unit of the mobile terminal 1.

  When receiving the terminal random value auth_rdm or receiving the coupon random value cpn_rdm, the random number receiving unit 101 notifies the value generating / transmitting unit 102 of the received terminal random value auth_rdm or coupon random number cpn_rdm. The value generation / transmission unit 102 calculates the terminal or coupon terminal generation value from the terminal random number value auth_rdm or the coupon random number cpn_rdm notified from the random number reception unit 101 and the secret value v, and the verification terminal 7 Send to.

  The verification device 7 includes a coupon acquisition unit 701, a signature verification unit 702, a random value generation / transmission unit 703, a terminal authenticity confirmation unit 704, a coupon authenticator take-out unit 705, and a coupon authenticator verification unit 706. .

  The mobile terminal verification station 8 receives the terminal authenticator (a set of the terminal random value auth_rdm and the terminal generated value auth_dvgen for the terminal), verifies whether the mobile terminal 1 is authentic, and the terminal authenticator verification unit 801. Have In addition, the mobile terminal verification station 8 has a secret value database (DB) 809 that holds secret values of all mobile terminals that guarantee authenticity in a storage unit in the mobile terminal verification station 8.

The terminal authenticator in the present embodiment is a set of a terminal random value auth_rdm and a terminal generated value auth_dvgen. The values related to the terminal authenticator are as follows.
-Terminal random value auth_rdm: random number-Terminal generated value auth_dvgen: Value generated from secret value v and terminal random value auth_rdm The verification device 7 transmits the terminal random value auth_rdm to the mobile terminal 1, and the terminal An authenticator (a set of the terminal random value auth_rdm and the terminal generated value auth_dvgen returned from the mobile terminal 1) is transmitted to the mobile terminal verification station 8 to confirm that the mobile terminal 1 is genuine. After the confirmation, the verification device 7 verifies the coupon authenticator in the coupon 2 and confirms that the coupon 2 is targeted for the mobile terminal 1.

  The coupon acquisition unit 701 acquires the coupon 2 from the mobile terminal 1. The acquisition method reads the image (for example, barcode) which shows the coupon 2 displayed on the portable terminal 1, and acquires the information of the coupon 2. FIG. Alternatively, the coupon 2 may be acquired from the storage unit of the mobile terminal 1 by short-range wireless communication with the mobile terminal 1.

  The signature verification unit 702 verifies the signature by the issuing authority 5 of the coupon 2 acquired by the coupon acquisition unit 701. The random value generation / transmission unit 703 generates a terminal random value auth_rdm.

  The terminal authenticity confirmation unit 704 has the terminal for terminal generated by the portable terminal verification station 8 using the terminal random number value auth_rdm generated by the random value generation / transmission unit 703 and the terminal random value auth_rdm. The mobile terminal 1 is verified by the generated value auth_dvgen.

  The coupon authenticator retrieving unit 705 retrieves the coupon authenticator from the coupon 2 read from the mobile terminal 1, and uses the coupon random number cpn_rdm included in the retrieved coupon authenticator to store the coupon terminal generated value cpn_dvgen. Is generated as a return value to the verification device 7.

  The coupon authenticator verification unit 706 verifies the coupon authenticator by comparing the return value generated by the mobile terminal 1 with the coupon terminal generation value cpn_dvgen included in the coupon authenticator extracted by the coupon authenticator extraction unit 705. .

  In the verification device 7, when the coupon acquisition unit 701 acquires the coupon 2 from the mobile terminal 1, the coupon acquisition unit 701 stores the coupon 2 in its own storage unit and notifies the signature verification unit 702 that the coupon 2 is received (step S <b> 21). . In response to the notification from the coupon acquisition unit 701, the signature verification unit 702 extracts the signature of the issuing authority 5 from the coupon 2 and verifies the validity of the issuer of the coupon 2 (step S22).

  In the verification device 7, when the signature verification unit 702 successfully verifies the signature of the issuing authority 5 (step S 23), the random value generation / transmission unit 703 generates a terminal random value auth_rdm and transmits it to the terminal device 1. At the same time, the generated terminal random number value auth_rdm is provided to the terminal authenticity confirmation unit 704 (step S23).

  In the portable terminal 1, when the random number receiving unit 101 receives the terminal random number value auth_rdm, the random number receiving unit 101 sends it to the value generating / transmitting unit 102 (step S25). The value generation / transmission unit 102 generates a terminal generation value auth_dvgen for the terminal from the terminal random value auth_rdm and the secret value v, and transmits it to the verification device 7.

  In the verification device 7, when the terminal authenticity confirmation unit 704 receives the terminal generated value auth_dvgen, the terminal authenticator 704 transmits a terminal authenticator based on the set of the terminal random value auth_rdm and the terminal generated value auth_dvgen to the mobile terminal verification station 8 (step S27). .

  When the mobile terminal verification station 8 receives the terminal authenticator, the terminal authenticator verification unit 801 uses the terminal random number value auth_rdm acquired from the received terminal authenticator and the secret value DB 809 held by the mobile terminal verification station 8. Then, the terminal generation value auth_dvgen is calculated by the same method as the portable terminal 1. If the terminal authenticator verification unit 801 can generate a terminal generated value auth_dvgen that matches the terminal generated value auth_dvgen included in the received terminal authenticator, the terminal authenticator verification unit 801 verifies the terminal verification result indicating that the mobile terminal is genuine. 7 (step S28).

  In the verification device 7, when the terminal verification result received from the mobile terminal verification station 8 indicates that “the mobile terminal is authentic”, the terminal authenticity confirmation unit 704 notifies the signature verification unit 702 of the coupon verification start (step S <b> 1). S29).

  Upon receiving the notification of the terminal verification result, the signature verification unit 702 receives the coupon authenticator request when the verification of the signature of the issuing authority 5 is successful and the terminal verification result indicates “the mobile terminal is genuine”. To the coupon authenticator take-out unit 705 (step S30).

  The coupon authenticator take-out unit 705 acquires the coupon random number cpn_rdm from the coupon authenticator included in the coupon 2 stored in the storage unit of the own device in response to the coupon authenticator take-out request, and transmits it to the mobile terminal 1. (Step S31).

  When the mobile terminal 1 receives the coupon random value cpn_rdm, the random number receiving unit 101 notifies the value generating / transmitting unit 102 of the received coupon random value cpn_rdm (step S32). In response to this notification, the value generation / transmission unit 102 determines the coupon terminal from the coupon random number cpn_rdm received from the verification device 7 and the secret value v of the portable terminal 1 held in the storage unit of the own device. A return value to the verification device 7 is generated by the same calculation method for generating the generated value cpn_dvgen, and the generated return value is transmitted to the verification device 7 (step S33).

  In the verification device 7, when the return value is received from the mobile terminal 1, the coupon authenticator verification unit 706 determines whether or not the return value matches the terminal generation value cpn_dvgen included in the coupon 2 acquired by the coupon acquisition unit 701. Verification is performed (step S34). When they match, the coupon authenticator verification unit 706 notifies the verifier 7s that the coupon 2 is an appropriate use that satisfies the above-described conditions 1 and 2, whereby the user 1u receives a coupon from the verifier 7s. Service based on 2 can be received.

  As described with reference to FIGS. 6 and 7, the coupon authenticator generated by the mobile terminal 1 is determined based on the coupon random number cpn_rdm generated by the issuing station 5 for each coupon and the secret value v of the mobile terminal 1. Since the coupon 2 is issued, the issuing station 5 does not hold information specifying the mobile terminal 1 and the user 1u. Therefore, the condition 1 described above is established in the issuing station 5.

  Further, in the verification device 7, based on the terminal random value auth_rdm generated for the terminal by the verification device 7, the mobile terminal verification station uses the terminal generated value auth_dvgen for the terminal generated by the mobile terminal 1 using its own secret value v. 8, since the mobile terminal 1 is verified, the verification device 7 and the mobile terminal verification station 8 do not hold information for specifying the mobile terminal 1 and the user 1 u. Therefore, the above-described condition 1 is established in the verification device 7 and the mobile terminal verification station 8.

  Further, by using the coupon random number cpn_rdm included in the coupon authenticator of the coupon 2 held by the mobile terminal 1, the user can create a coupon authenticator using the secret value v unique to the mobile terminal 1. It is verified whether or not the coupon 2 that should have been issued to 1u is about to be used by another person, that is, whether or not the coupon 2 belongs to the user 1u targeted by the service provider 7s. it can. Therefore, the condition 2 described above is satisfied.

  FIG. 8 is a diagram illustrating a data configuration example of a coupon. In FIG. 8, a coupon 2 mainly includes a coupon body, a signature of an issuing authority, a signer's certificate, and the like. The coupon body further includes service contents, a coupon authenticator, and the like. In the service content, for example, one or more such as “coffee 100 yen discount”,..., “Expiration date” is designated. The coupon authenticator stores a coupon random value cpn_rdm and a coupon terminal generation value cpn_dvgen.

  Next, a second embodiment will be described. The second embodiment is substantially the same as the first embodiment, but will be specifically described for comparison and understanding with other embodiments described later.

The outline of the second embodiment is as follows.
· The mobile terminal 1 holds the secret value V _i of each terminal in its own storage unit.
The mobile terminal verification station 8 has secret values (V ₁ , V ₂ ,...) DB of all terminals.
・ Coupon issue processing:
The issuing station 5 provides the coupon random number value to the portable terminal 1, and the portable terminal 1 generates a coupon terminal generated value from the coupon random value and the secret value.

The issuing station 5 issues a coupon 2 including a coupon authenticator (a set of a coupon random number value and a coupon terminal generated value).
・ Coupon verification processing:
The verification device 7 provides the terminal random number value to the mobile terminal 1, and the mobile terminal 1 generates a terminal terminal generation value from the terminal random number value and the secret value.

  The mobile terminal verification station 8 that has received the terminal authenticator from the verification device 7 generates a terminal for the terminal from the terminal random number value received from the verification device 7 and the secret value DB held by itself by the same calculation as the mobile terminal 1 Generate a value that matches the value. If a matching value can be generated, a terminal verification result indicating that “the mobile terminal is genuine” is transmitted to the verification device 7.

  -The verification apparatus 7 verifies that the user 1u who uses a coupon using a coupon authenticator is a coupon object person after confirming that the portable terminal 1 is authentic.

  FIG. 9 is a diagram illustrating a configuration example of coupon issue in the second embodiment. In FIG. 9, the configuration of the mobile terminal 1 is the same as that of the first embodiment. The issuing station 5 includes a random value generation / transmission unit 501a and a signed coupon issuing unit 503. The random value generation / transmission unit 501a corresponds to the random value generation unit 501 and the random value transmission unit 502 of the issuing station 5 in the first embodiment.

  In the issuing station 5, the random value generation / transmission unit 501a generates a coupon random value cpn_rdm and transmits it to the mobile terminal 1 (step S41).

When receiving the coupon random value cpn_rdm from the issuing station 5, the portable terminal 1 notifies the value generation / transmission unit 102 (step S42). The value generation / transmission unit 102 acquires the secret value v ₁ from the storage unit, creates a coupon terminal generation value cpn_dvgen with the coupon random value cpn_rdm and the secret value v _1, and transmits it to the issuing station 5 (step) S43).

  When the issuing station 5 receives the coupon terminal generation value cpn_dvgen from the portable terminal 1, it obtains the coupon random value cpn_rdm from the random value generation / transmission unit 501a (step S45), and the coupon random value cpn_rdm and the coupon terminal are obtained. The coupon authenticator by the generated value cpn_dvgen is included, and the signed coupon 2 of the issuing authority 5 is issued and transmitted to the mobile terminal 1 (step S46).

  FIG. 10 is a flowchart for explaining the coupon issuing process in the second embodiment. 10, in the issuing station 5, the random value generation unit 501 generates a coupon random value cpn_rdm (step S51), and the random value transmission unit 502 transmits the coupon random value cpn_rdm to the mobile terminal 1 (step S52). ).

  When the issuing station 5 receives the coupon terminal generation value cpn_dvgen from the portable terminal 1 (step S53), it issues the coupon 2 (step S54). The signed coupon issuing unit 503 generates a coupon 2 including a coupon authenticator (coupon random number cpn_rdm and coupon terminal generation value cpn_dvgen). The signed coupon issuing unit 503 adds its own signature (digital signature) to the coupon 2 (step S55), and transmits the coupon 2 to the mobile terminal 1 (step S56). And the coupon issue process by the issuing station 5 is complete | finished.

  The coupon issuing process in the second embodiment described above is similarly performed in the first embodiment.

  In order to generate a coupon random value cpn_rdm every time the coupon 2 is issued, each coupon 2 has a matching coupon authenticator even if it is issued to the same mobile terminal 1 more than once. There is nothing. Since two or more coupons 2 having the same coupon authenticator are not provided by the issuing station 5, the mobile terminal 1 cannot be identified by the coupon authenticator.

  The coupon verification process in 2nd Example is demonstrated using FIG.11 and FIG.12. FIG. 11 is a diagram illustrating a configuration example of coupon verification in the second embodiment. FIG. 12 is a diagram showing a processing sequence for coupon verification in the second embodiment. 11 and 12, the same process is denoted by the same step code.

  11 and 12, in the verification device 7, when the coupon acquisition unit 701 reads the coupon 2 from the mobile terminal 1 (step S61), the signature verification unit 702 verifies the signature of the issuing authority (step S62). After verifying the signature of the issuing authority, the random value generation / transmission unit 703 generates a terminal random value auth_rdm and transmits it to the mobile terminal 1 (step S63).

In the mobile terminal 1, the random number value receiving unit 101 receives the terminal random value auth_rdm received from the value generating / transmitting unit 102, and the value generating / transmitting unit 102 stores the terminal random number value auth_rdm in the storage unit in the mobile terminal 1. The terminal generation value auth_dvgen for the terminal is generated using the stored secret value v ₁ (step S64). Then, the value generation / transmission unit 102 transmits the generated terminal generation value auth_dvgen for the terminal to the verification device 7 (step S65).

  In the verification device 7, when the terminal generated value auth_dvgen for the terminal is received from the mobile terminal 1, the terminal authenticity confirmation unit 704 acquires the random number value auth_rdm for the terminal from the random value generation / transmission unit 703 and sends it to the mobile terminal verification station 8. A terminal authenticator (a set of terminal random value auth_rdm and terminal generated value auth_dvgen for terminal) is transmitted (step S66).

  When the mobile terminal verification station 8 receives the terminal authenticator from the verification device 7, the terminal authenticator verification unit 801 uses the terminal random number value auth_rdm included in the terminal authenticator and the secret value DB 809 as a terminal authenticator. It is verified whether or not a value that matches the included terminal generated value auth_dvgen included can be created (step S67). When a value that matches the terminal generation value auth_dvgen for the terminal included in the terminal authenticator can be created, the terminal authenticator verification unit 801 transmits a terminal verification result indicating that the mobile terminal is genuine to the verification device 7 (Step S68).

  In the verification device 7, when receiving the terminal verification result indicating that “the mobile terminal is authentic”, the terminal authenticity confirmation unit 704 notifies the signature verification unit 702 of the coupon verification start, and the signature verification unit 702 receives the coupon 2 as a coupon. The authenticator take-out unit 705 is notified (step S69). The coupon authenticator extraction unit 705 extracts the coupon authenticator from the coupon 2 and transmits the coupon random number cpn_rdm included in the coupon authenticator to the mobile terminal 1 (step S70).

The mobile terminal 1 notifies the value generating / transmitting unit 102 of the coupon random value cpn_rdm received by the random value receiving unit 101 (step S71), and the value generating / transmitting unit 102 receives the coupon random value cpn_rdm and its own value. A coupon terminal generation value cpn_dvgen is generated with the secret value v ₁ and transmitted to the verification device 7 as a return value to the verification device 7 (step S72).

  In the verification device 7, when received as a return value indicating the coupon terminal generation value cpn_dvgen, the coupon authenticator verification unit 706 acquires the coupon authenticator of the coupon 2 from the coupon authenticator extraction unit 705 and receives it from the mobile terminal 1. It is confirmed that the returned value matches the terminal generation value cpn_dvgen for coupons included in the coupon authenticator in the coupon 2 (step S73).

  When the match is confirmed, the verification device 7 or the verifier 7s provides a service (step S74). When the service specified by the coupon 2 is a discount amount, the discount amount may be automatically subtracted from the payment amount in accordance with the confirmation of the match. It is possible to reduce the trouble of inputting to the cash register of the service provider 7s.

Next, a third embodiment will be described. The second embodiment described above has the following problems.
The secret value (V ₁ , V ₂ ,...) Of each portable terminal 1 is known to the portable terminal verification station 8.
The mobile terminal verification station 8 needs to repeat the calculation for generating the terminal generation value auth_dvgen for the terminal until the corresponding secret value can be detected from the secret value DB 809.

  The third embodiment includes a mechanism for solving these problems in the configuration of coupon verification. The configuration for issuing a coupon is the same as in the second embodiment.

The values held by the mobile terminal 1 and the mobile terminal verification station 8 are as follows.
The portable terminal 1 holds the secret value X and the common value e in its storage unit.

  The secret value X is a value that differs for each mobile terminal 1. It may be set by the user 1u.

The common value e is a common value held by all the mobile terminals 1 and the mobile terminal verification station 8 that guarantees that the mobile terminal verification station 8 is authentic.
The mobile terminal verification station 8 holds the common value e in its storage unit.

The processing different from the other embodiments is as follows.
Processing for generating a terminal authenticator by the mobile terminal 1:
Generate a pair of public key p and secret key s from secret value X and terminal random number value auth_rdm.

  A terminal generation value auth_dvgen (= Ge (Hs (auth_rdm) + p) for terminals is generated, where G is a common key encryption function and H is a public key encryption function.

-Coupon authenticator is generated by the same calculation.
Processing for verifying the mobile terminal 1 of the mobile terminal verification station 8:
Extract Hs (auth_rdm) and public key p from Ge (Hs (auth_rdm) + p) using common value e.

  ・ Generate auth_rdm from Hs (auth_rdm) using public key p.

  A configuration example of coupon verification in the third embodiment will be described. FIG. 13 is a diagram illustrating a configuration example of coupon verification in the third embodiment. FIG. 14 is a flowchart for explaining terminal authenticator generation processing by the mobile terminal 1 in the third embodiment. FIG. 15 is a flowchart for explaining portable terminal verification processing by the portable terminal verification station 8 in the third embodiment.

  In FIG. 13, the same steps as those shown in FIG. 14 or FIG. Steps S91 to S94 correspond to the step numbers in FIG. Steps S111 to S116 correspond to the step numbers in FIG.

  In FIG. 13, when the coupon acquisition unit 701 reads the coupon 2 from the portable terminal 1 in the verification device 7 (step S81), the signature verification unit 702 verifies the signature of the issuing authority (step S82). After verifying the signature of the issuing authority, the random value generation / transmission unit 703 generates a terminal random value auth_rdm and transmits it to the mobile terminal 1 (step S83).

  In the portable terminal 1, when the random value receiving unit 101 receives the terminal random value auth_rdm, the value generating / transmitting unit 102 is notified (step S91).

  The value generation / transmission unit 102 generates the public key p and the secret key s using the terminal random value auth_rdm and the common value e held in the storage unit in the mobile terminal 1 (step S92). The value generation / transmission unit 102 sets the value of Ge (Hs (auth_rdm) + p) to the terminal generation value auth_dvgen for the terminal (step S93) and transmits it to the verification device 7 (step S94).

  In the verification device 7, upon receiving the terminal generation value auth_dvgen for the terminal, the terminal authenticity confirmation unit 704 acquires the terminal random value auth_rdm from the random value generation / transmission unit 703 (step S <b> 101) and sends it to the mobile terminal verification station 8. A terminal authenticator (a set of terminal random value auth_rdm and terminal generated value auth_dvgen for terminal) is transmitted (step S102).

  When the mobile terminal verification station 8 receives a terminal authenticator (a set of the terminal random value auth_rdm and the terminal generated value auth_dvgen for the terminal) from the verification device 7 (step S111), the terminal authenticator verification unit 801 stores its own memory. Hs (auth_rdm) + p is extracted from the terminal generation value auth_dvgen for the terminal using the common value e stored in the common value DB 819 (step S112). Get Hs (auth_rdm) and public key p.

  Also, the terminal authenticator verification unit 801 generates a terminal random value auth_rdm from Hs (auth_rdm) using the public key p (step S113). Then, the terminal authenticator verification unit 801 determines whether or not the extracted terminal random value auth_rdm matches the terminal random value auth_rdm in the terminal authenticator received from the verification device 7 (step S114).

  If they match, the terminal authenticator verification unit 801 transmits a terminal verification result indicating that “the mobile terminal is genuine” to the verification device (step S115). On the other hand, if they do not match, the terminal authenticator verification unit 801 transmits a terminal verification result indicating that “the mobile terminal is a fake” to the verification device 7 (step S116).

  When the verification apparatus 7 receives the terminal verification result indicating that “the mobile terminal is genuine”, the terminal authenticity confirmation unit 704 notifies the signature verification unit 702 of the coupon verification start (step S121), and the signature verification unit 702 The coupon 2 is notified to the coupon authenticator take-out unit 705 (step S122). On the other hand, when the terminal verification result indicating that “the mobile terminal is a fake” is received, the verification is made to the verifier 7s and the service is not provided.

  In response to the notification of coupon verification start, the coupon authenticator take-out unit 705 extracts the coupon authenticator from the coupon 2 and transmits the coupon random number cpn_rdm included in the coupon authenticator to the mobile terminal 1 (step S123).

The portable terminal 1 notifies the value generation / transmission unit 102 of the coupon random value cpn_rdm received by the random value reception unit 101 (step S124), and the value generation / transmission unit 102 receives the secret value X ₁ from its own storage unit. acquires (step S125), and the coupon random number for Cpn_rdm, generates a coupon terminal generates value cpn_dvgen in his secret value X _1, and transmits to the verification device 7 as return value to the verification device 7 (step S126).

  In the verification device 7, when received as a return value indicating the coupon terminal generation value cpn_dvgen, the coupon authenticator verification unit 706 acquires the coupon authenticator of the coupon 2 from the coupon authenticator extraction unit 705 and receives it from the mobile terminal 1. It is confirmed that the returned value matches the terminal generation value cpn_dvgen for coupons included in the coupon authenticator in the coupon 2 (step S127). When the match is confirmed, the verification device 7 or the verifier 7s provides a service.

  Next, a fourth embodiment will be described. The fourth embodiment solves the problem of the second embodiment as in the third embodiment. In the case of the second embodiment and the third embodiment, since the verification apparatus 7 performs coupon verification, the mobile terminal 1 performs only the process of generating the terminal generation value and sending it back in response to the reception of the random value. On the other hand, in 4th Example, coupon verification is performed with the portable terminal 1. FIG.

The values held by the mobile terminal 1 and the mobile terminal verification station 8 are as follows.
The portable terminal 1 holds the secret value X and the common value e in its storage unit.

  The secret value X is a value that differs for each mobile terminal 1. It may be set by the user 1u.

The common value e is a common value held by all the mobile terminals 1 and the mobile terminal verification station 8 that guarantees that the mobile terminal verification station 8 is authentic.
The mobile terminal verification station 8 holds the common value e in its storage unit.

  The outline of the processing is as follows.

The processing in the mobile terminal 1 is mainly
・ Generate coupon authenticator ・ Generate coupon terminal generated value cpn_dvgen from coupon random value cpn_rdm and secret value X ・ Generate terminal authenticator Generate terminal terminal from terminal random value auth_rdm and common value e A terminal that generates a terminal generation value for a coupon included in a coupon authenticator using the coupon authenticator transmitted from the verification device 7 and its own secret value X is generated by the mobile terminal 1. It is confirming that it is itself and transmitting the result to the verification device 7.

The processing at the mobile terminal verification station is mainly
-Verifying the terminal authenticator Using the terminal authenticator and the common value e transmitted from the verification device 7, verifying that the mobile terminal 1 that generated the terminal authenticator is reliable.

  FIG. 16 is a diagram illustrating a configuration example of coupon verification in the fourth embodiment. In FIG. 16, the mobile terminal 1 includes a coupon authenticator receiving unit 104, a coupon value generating unit 105, a coupon verifying unit 106, in addition to the random value receiving unit 101 and the terminal value generating / transmitting unit 102. It has further. In the fourth embodiment, the random value receiving unit 101 and the terminal value generating / transmitting unit 102 perform processing related to terminal verification, a coupon authenticator receiving unit 104, a coupon value generating unit 105, and coupon verification. The unit 106 performs processing related to coupon verification. Since the random value receiving unit 101 and the terminal value generating / transmitting unit 102 are the same as those in the other embodiments described above, description thereof will be omitted.

The coupon authenticator receiving unit 104 receives a coupon authenticator from the verification device 7. Value generating unit 105, the coupon terminal generates values for verifying coupons, coupon random number value received from the verification device 7, and a secret value X ₁ of the mobile terminal 1 stored in the storage unit of its own Obtained by calculation used. The coupon verification unit 106 confirms a match between the coupon terminal generation value generated by the value generation unit 105 and the coupon terminal generation value obtained from the coupon authenticator obtained from the coupon authenticator reception unit 104. The proper use of the coupon 2 held by itself is verified.

  In the fourth embodiment, the validity of the coupon 2 held by the mobile terminal 1 is determined by the verification device 7, but the mobile terminal 1 itself determines the proper use of the coupon 2 held by the mobile terminal 1.

  In FIG. 16, in the verification device 7, when the coupon acquisition unit 701 reads the coupon 2 from the portable terminal 1 (step S201), the signature verification unit 702 verifies the signature of the issuing authority (step S202). After verifying the signature of the issuing authority, the random number generation / transmission unit 703 generates a terminal random value auth_rdm and transmits it to the mobile terminal 1 (step S203).

  In the portable terminal 1, the random number value auth_rdm for the terminal received by the random value receiving unit 101 is notified to the value generating / transmitting unit 102 (step S204), and the value generating / transmitting unit 102 and the random number value auth_rdm for the terminal in the portable terminal 1 The terminal generation value auth_dvgen for the terminal is generated using the common value e held in the storage unit (step S205). Then, the value generation / transmission unit 102 transmits the generated terminal generation value auth_dvgen for the terminal to the verification device 7 (step S206).

  When the verification device 7 receives the terminal generation value auth_dvgen for the terminal from the mobile terminal 1, the terminal authenticity confirmation unit 704 acquires the terminal random value auth_rdm from the random value generation / transmission unit 703 (step S207). A terminal authenticator (a set of the terminal random value auth_rdm and the terminal generated value auth_dvgen) is transmitted to the verification station 8 (step S208).

  When the mobile terminal verification station 8 receives the terminal authenticator from the verification device 7, the terminal authenticator verification unit 801 uses the terminal random number value auth_rdm included in the terminal authenticator and the common value DB 819 to change the terminal authenticator. It is verified whether or not a value that matches the included terminal generation value auth_dvgen included can be created (step S209). When a value that matches the terminal generation value auth_dvgen for the terminal included in the terminal authenticator can be created, the terminal authenticator verification unit 801 transmits a terminal verification result indicating that the mobile terminal is genuine to the verification device 7 (Step S210).

  In the verification device 7, when receiving the terminal verification result indicating that “the mobile terminal is genuine”, the terminal authenticity confirmation unit 704 notifies the signature verification unit 702 of the coupon verification start (step S 211), and the signature verification unit 702 The coupon 2 is notified to the coupon authenticator take-out unit 705 (step S212). The coupon authenticator take-out unit 705 takes out the coupon authenticator from the coupon 2 and transmits it to the mobile terminal 1 (step S213).

  When the mobile phone 1 receives the coupon authenticator, the coupon authenticator receiving unit 104 calculates the coupon random value cpn_rdm included in the received coupon authenticator (a set of the coupon random value cpn_rdm and the terminal generated value cpn_dvgen). The generation unit 105 is notified (step S214).

Value generation unit 105, a coupon for random number cpn_rdm notified, by using the secret value X ₁ stored in the storage unit of its own, generate a coupon terminal generates value Cpn_dvgen (step S215), the coupon The verification unit 106 is notified (step S216).

  The coupon verification unit 106 acquires the coupon authenticator from the coupon authenticator receiving unit 104 (step S217), and the coupon terminal generation value cpn_dvgen generated by the value generating unit 105 is included in the coupon authenticator. After confirming that it matches the generated value cpn_dvgen, the coupon verification result is transmitted to the verification terminal 7 (step S218). When the match is confirmed, a coupon verification result indicating that “this terminal is a coupon target person” is transmitted to the verification terminal 7.

  When the verification terminal 7 receives the coupon verification result from the mobile terminal 1, the verification terminal 7 notifies the service provider 7s by the coupon verification result receiving unit 708. When the coupon verification result indicates that “this terminal is a coupon target person”, the service provider 7s performs a service designated by the coupon 2 for the user 1u. On the other hand, when the coupon verification result indicates that “the terminal is not a coupon target person”, the service provider 7s does not perform the service specified by the coupon 2 for the user 1u.

Next, generation of random values will be described.
・ Method 1
The issuing station 5 generates a coupon random value, and the verification device 7 generates a terminal random value. This corresponds to the random value generation method in the first to fourth embodiments.

Problem of Method 1 ・ When the issuing station 5 uses the same value as the coupon random number every time, the coupon authenticators of the coupons of the same person are all the same value, and the coupons of the same target person are linked to each other. Will be possible.

Similarly, when the verification device 7 uses the same value as the random number value for the terminal each time, the terminal authenticator for the same terminal all has the same value, so the coupon used by the user this time and the coupon used in the past It can be tied.
Method 2: Method for solving the problem of Method 1 The coupon random number value is created by combining the generated value α ′ of the portable terminal 1 and the generated value α ″ of the issuing station 5. Similarly, a random number value for a terminal is created by combining the generated value α ′ of the portable terminal 1 and the generated value α ″ of the verification device 7.

  However, if the generation value α ′ of the mobile terminal 1 is a different value for each generation (for example, a random value generated in the mobile terminal 1), there is no generation value α ″ of the issuing station 5 or the verification device 7. May be.

  FIG. 17 is a diagram for explaining Method 2 for generating a random value. FIG. 17A shows a processing flow for generating a coupon random value, and FIG. 17B shows a processing flow for generating a terminal random value.

  In FIG. 17A, the mobile terminal 1 generates a value α ′ (step S301) and transmits it to the issuing station 5 (step S302). The issuing station 5 generates a value α ″ (step S303), and uses the value obtained by adding the generated value α ″ generated by itself to the received generated value α ′ of the mobile terminal 1 as a coupon random number value. 1 (step S304). The portable terminal 1 generates a coupon terminal generation value using a coupon random value or the like and transmits it to the issuing station 5 (step S305).

  In FIG. 17B, the mobile terminal 1 generates a value α ′ (step S311) and transmits it to the verification device 7 (step S312). The verification device 7 generates the value α ″ (step S313), and uses the value obtained by adding the generated value α ″ generated by itself to the received generated value α ′ of the mobile terminal 1 as the terminal random number value. 1 (step S314). The portable terminal 1 generates a terminal generation value using the terminal random value and the like, and transmits it to the verification device 7 (step S315).

  In FIGS. 17A and 17B, the generation of the value α ″ may be omitted.

  Each of the mobile terminal 1, the issuing station 5, the verification device 7, and the mobile terminal verification station 8 described above is a computer device and has a hardware configuration as shown in FIG. FIG. 18 is a diagram illustrating a hardware configuration of the computer apparatus.

  In FIG. 18, the computer device includes a CPU (Central Processing Unit) 11, a main storage device 12, an auxiliary storage device 13, an input device 14, a display device 15, a communication I / F (interface) 17, and a drive. 18 and connected to the bus B.

  The CPU 11 controls the computer device according to a program stored in the main storage device 12. The main storage device 12 uses RAM (Random Access Memory), ROM (Read-Only Memory), etc., and is obtained by a program executed by the CPU 11, data necessary for processing by the CPU 11, and processing by the CPU 11. Stored data and the like are stored. A part of the main storage device 12 is allocated as a work area used for processing by the CPU 11.

  The auxiliary storage device 13 uses a hard disk drive and stores data such as programs for executing various processes. A part of the program stored in the auxiliary storage device 13 is loaded into the main storage device 12 and executed by the CPU 11, whereby various processes are realized. The storage unit 130 includes the main storage device 12 and / or the auxiliary storage device 13.

  The input device 14 includes a mouse, a keyboard, and the like, and is used for a user to input various information necessary for processing by the computer device. The display device 15 displays various information required under the control of the CPU 11.

  The communication I / F 17 is a device for controlling communication with an external device. Communication by the communication I / F 17 is not limited to wireless or wired. The communication I / F 17 may include a plurality of communication methods required according to the application. The communication I / F 17 may include, for example, Internet communication, short-range wireless communication using Bluetooth (registered trademark), infrared communication using IrDA (Infrared Data Association), or the like.

A program that realizes processing performed by a computer device functioning as the issuing station 5, the verification device 7, or the portable terminal verification station 8 is stored in the computer device by a storage medium 19 such as a CD-ROM (Compact Disc Read-Only Memory). Provided to. That is, when the storage medium 19 storing the program is set in the drive 18, the drive 18 reads the program from the storage medium 19, and the read program is installed in the auxiliary storage device 13 via the bus B. . When the program is activated, the CPU 11 starts its processing according to the program installed in the auxiliary storage device 13. The medium for storing the program is not limited to a CD-ROM, and any medium that can be read by a computer may be used. As a computer-readable storage medium, in addition to a CD-ROM, a portable recording medium such as a DVD disk or a USB memory, or a semiconductor memory such as a flash memory may be used. Programs, data, and the like according to the present embodiment may be recorded in advance in a ROM or the like.

  As described above, in the present embodiment, the issuing station 5 and the verification device 7 cannot identify the mobile terminal 1 and can use the ticket other than the mobile terminal 1 from which the ticket is issued by the issuing station 5. It is possible to provide a ticket verification system that cannot.

  The present invention is not limited to the specifically disclosed embodiments, and various modifications and changes can be made without departing from the scope of the claims.

Regarding the embodiment including the first to fourth examples, the following additional notes are further disclosed.
(Appendix 1)
An issuing station that issues a ticket, a terminal that uses the ticket acquired from the issuing station, and a verification device that gives the terminal permission to use the ticket according to a result of verifying the ticket acquired from the terminal In the ticket verification system including
The terminal
A ticket that acquires from the issuing station a ticket that includes the first information that specifies the result of a calculation performed in the terminal based on the random value transmitted from the issuing station and the unique value of the terminal, and the random value. An acquisition unit;
A random value receiver for receiving from the verification device a random value included in the ticket as a response to the transmission of the ticket from the terminal to the verification device;
Based on the random number value received from the verification device and the eigenvalue of the terminal, and a transmission unit for transmitting to the verification device second information that specifies the result of the operation performed in the terminal,
The ticket verification system characterized in that the ticket can be used when the match between the second information and the first information can be verified.
(Appendix 2)
The ticket verification system according to supplementary note 1, wherein the verification is performed by the verification device.
(Appendix 3)
The terminal
The ticket verification system according to appendix 1, further comprising a ticket verification unit that transmits the verification result of the verification to the verification device.
(Appendix 4)
The random number value receiving unit receives a second random number value generated by the verification device from the verification device,
The transmitting unit generates third information that specifies a result of an operation using the second random number value and a predetermined value of the terminal, and transmits the third information to the verification device.
The ticket verification system according to appendix 2, wherein the mobile terminal is verified.
(Appendix 5)
The verification device includes:
When the ticket is acquired from the terminal, a random value generation / transmission unit that generates a terminal random value and transmits it to the terminal;
In response to the transmission of the terminal random value to the terminal, the terminal receives the terminal generation value for the terminal generated by the terminal based on the terminal random value and the predetermined value of the terminal. A terminal authenticator that transmits a terminal authenticator based on a set of the generated random number for the terminal and the generated terminal generated value for the terminal to a terminal verification station that verifies the terminal, and receives a terminal verification result from the terminal verification station; Have
The ticket verification system according to supplementary note 4, wherein when the terminal verification result verifies that the terminal is authentic, the ticket is verified.
(Appendix 6)
The predetermined value is an eigenvalue of the terminal,
The terminal verification station indicates that the terminal (1) is genuine when there is an eigenvalue that matches the eigenvalue obtained by calculation from the terminal authenticator among the plurality of eigenvalues of the terminal verification authority. The ticket verification system according to appendix 5, wherein a terminal verification result is transmitted to the verification device.
(Appendix 7)
The predetermined value is a common value common to a plurality of terminals,
When the terminal verification authority can verify the coincidence between the common value obtained by calculation from the terminal authenticator and the common value of the terminal verification authority, the terminal verification result indicating that the terminal is genuine is The ticket verification system according to appendix 5, wherein the ticket verification system is transmitted to the verification device.
(Appendix 8)
An issuing station that issues a ticket, a terminal that uses the ticket acquired from the issuing station, and a verification device that gives the terminal permission to use the ticket according to a result of verifying the ticket acquired from the terminal In the ticket verification method in the ticket verification system including,
The terminal
Obtaining from the issuing station a ticket including the first information specifying the result of the operation performed in the terminal based on the random value transmitted from the issuing station and the unique value of the terminal, and the random value,
A random number value included in the ticket is received from the verification device as a response to the transmission of the ticket from the terminal to the verification device;
Based on the random value received from the verification device and the eigenvalue of the terminal, the second information specifying the result of the operation performed in the terminal is transmitted to the verification device,
A ticket verification method characterized in that the ticket can be used when a match between the second information and the first information can be verified.
(Appendix 9)
A random value generation / transmission unit that transmits a random value related to the issuance of a ticket to the terminal;
When the first information generated from the terminal based on the random value and the unique value of the terminal is received from the terminal, the random value transmitted to the terminal by the random value generation / transmission unit and the received first information An issuing station, comprising: a ticket issuing unit that issues a ticket with a signature of the station added to a ticket authenticator by a pair and sends the ticket to the terminal.
(Appendix 10)
A storage unit for storing the first random number value transmitted from the issuing station and the unique value of the terminal;
A transmission unit that transmits the first information generated based on the first random number value stored in the storage unit and the unique value of the terminal to the issuing station;
A ticket receiving unit that receives a ticket including a ticket authenticator by a set of the first random number value and the first information from the issuing station and stores the ticket in the storage unit;
A random number value receiving unit that transmits the ticket stored in the storage unit to a verification device that verifies the ticket and receives a first random value included in the ticket;
A transmitter that generates second information for specifying a result of a calculation using the received first random value and the eigenvalue of the terminal, and transmits the second information to the verification device;
The mobile terminal, wherein the verification device verifies the match between the second information and the first information.
(Appendix 11)
The random number value receiving unit receives a second random number value generated by the verification device from the verification device,
The transmitting unit generates third information that specifies a result of an operation using the second random number value and a predetermined value of the terminal, and transmits the third information to the verification device.
The mobile terminal according to appendix 10, wherein the mobile terminal is verified.
(Appendix 12)
The mobile terminal according to appendix 11, wherein the predetermined value is an eigenvalue of the terminal or a common value common to a plurality of terminals.
(Appendix 13)
A ticket specified by a ticket authenticator based on a combination of a ticket random number value, first information for specifying a result of a calculation performed in the terminal based on the ticket random number value and a unique value of the terminal; A storage unit for storing eigenvalues;
A ticket authenticator receiving unit that receives the ticket authenticator retrieved from the ticket read by the verification device from the storage unit;
A value generating unit that generates second information for specifying a result of an operation performed based on the ticket random number value of the ticket authenticator received by the ticket authenticator receiving unit and the unique value of the terminal;
Verification that verifies the match between the first information of the ticket authenticator received by the ticket authenticator receiving unit and the second information generated by the value generating unit, and transmits a verification result to the verification terminal And a portable terminal.
(Appendix 14)
A terminal holding a ticket specified by a ticket authenticator based on a combination of a ticket random number value and first information for specifying a result of a calculation performed in the terminal based on the ticket random number value and a unique value of the terminal The ticket authenticator is obtained by acquiring the ticket and taking out the ticket authenticator given to the ticket, acquiring the ticket random number included in the ticket authenticator and transmitting it to the terminal,
The second information for specifying the result of the calculation performed by the terminal using the transmitted ticket random number value and the unique value of the terminal matches the first information included in the ticket authenticator of the ticket. A verification device characterized in that a ticket is verified depending on whether or not.
(Appendix 15)
When receiving the second information from the terminal, the ticket verification unit verifies the ticket depending on whether the second information matches the first information included in the ticket authenticator of the ticket. 15. The verification apparatus according to supplementary note 14, wherein
(Appendix 16)
16. The verification device according to appendix 15, wherein a ticket verification result indicating whether the second information and the first information match or does not match is received from the terminal.
(Appendix 17)
When the ticket is acquired from the terminal, a random value generation / transmission unit that generates a terminal random value and transmits it to the terminal;
In response to the transmission of the terminal random value to the terminal, the terminal receives the terminal generation value for the terminal generated by the terminal based on the terminal random value and the predetermined value of the terminal. A terminal authenticator that transmits a terminal authenticator based on a set of the random number value for the terminal and the generated random number value for the terminal to the terminal verification station that verifies the terminal, and receives the terminal verification result from the terminal verification station; Have
The verification apparatus according to supplementary note 16, wherein when the terminal verification result verifies that the terminal is authentic, the ticket is verified.
(Appendix 18)
The predetermined value is an eigenvalue of the terminal,
If there is an eigenvalue that matches the eigenvalue obtained by calculation from the terminal authenticator among a plurality of eigenvalues possessed by the terminal verification station, the terminal verification determines whether the terminal is genuine or not. 18. The verification device according to appendix 17, characterized in that it is shown in the result.
(Appendix 19)
The predetermined value is a common value common to a plurality of terminals,
When the terminal verification authority can verify the match between the common value obtained by the operation from the terminal authenticator and the common value possessed by the terminal verification authority, it is determined whether or not the terminal is genuine. The verification device according to appendix 18, characterized in that:
(Appendix 20)
A terminal verification authority that verifies the validity of the terminal,
When receiving a terminal authenticator from a set of a terminal random number value and a terminal generated value generated by the terminal based on the terminal random value and a predetermined value held by the terminal, A terminal verification station comprising a terminal authenticator verification unit for verifying a match with a predetermined value of the terminal verification station.
(Appendix 21)
The predetermined value is an eigenvalue of the terminal,
The terminal authenticator verification unit indicates that the terminal is genuine when there is an eigenvalue that matches an eigenvalue obtained by calculation from the terminal authenticator among a plurality of eigenvalues of the terminal verification authority. The terminal verification station according to appendix 20, wherein the verification result is transmitted to the external device.
(Appendix 22)
The predetermined value is a common value common to a plurality of terminals,
The terminal authenticator verifying unit indicates that the terminal is genuine when the common value obtained by calculation from the terminal authenticator and the common value of the terminal verification authority can be verified. The terminal verification station according to appendix 20, wherein the result is transmitted to the external device.

1u user 2 coupon 3 service 5 issuing station 7 verification device 7s verifier 8 portable terminal verification station 11 CPU
12 Main storage device 13 Auxiliary storage device 14 Input device 15 Display device 17 Communication I / F
18 Drive 19 Storage medium 21, 22 Coupon 101 Random value receiving unit 102 Value generating / transmitting unit 103 Coupon receiving unit 104 Coupon authenticator receiving unit 105 Value generating unit 106 Coupon verification unit 501 Random value generating unit 501a Random value generating / transmitting unit 502 Random Value Transmission Unit 503 Signed Coupon Issuer 701 Coupon Acquisition Unit 702 Signature Verification Unit 703 Random Value Generation / Transmission Unit 704 Terminal Genuine Confirmation Unit 705 Coupon Authentication Code Extraction Unit 706 Coupon Authentication Code Verification Unit 801 Terminal Authentication Code Verification Unit

Claims (10)

An issuing station that issues a ticket, a terminal that uses the ticket acquired from the issuing station, and a verification device that gives the terminal permission to use the ticket according to a result of verifying the ticket acquired from the terminal In the ticket verification system including
The terminal
A ticket that acquires from the issuing station a ticket that includes the first information that specifies the result of a calculation performed in the terminal based on the random value transmitted from the issuing station and the unique value of the terminal, and the random value. An acquisition unit;
A random value receiver for receiving from the verification device a random value included in the ticket as a response to the transmission of the ticket from the terminal to the verification device;
Based on the random number value received from the verification device and the eigenvalue of the terminal, and a transmission unit for transmitting to the verification device second information that specifies the result of the operation performed in the terminal,
The ticket verification system characterized in that the ticket can be used when the match between the second information and the first information can be verified.   The ticket verification system according to claim 1, wherein the verification is performed by the verification device. The terminal
The ticket verification system according to claim 1, further comprising a ticket verification unit that transmits a verification result of the verification to the verification device. The random number value receiving unit receives a second random number value generated by the verification device from the verification device,
The transmitting unit generates third information that specifies a result of an operation using the second random number value and a predetermined value of the terminal, and transmits the third information to the verification device.
The ticket verification system according to claim 2, wherein the portable terminal is verified. The verification device includes:
When the ticket is acquired from the terminal, a random value generation / transmission unit that generates a terminal random value and transmits it to the terminal;
In response to transmission of the terminal random number value to the terminal, the terminal generated value for the terminal generated by the terminal based on the generated random number value for the terminal and the predetermined value of the terminal is received from the terminal. A terminal authenticator that transmits a terminal authenticator based on the set of the terminal random value and the generated terminal generated value to the terminal verification station that verifies the terminal and receives the terminal verification result from the terminal verification station And a confirmation unit,
The ticket verification system according to claim 4, wherein when the terminal verification result verifies that the terminal is genuine, the ticket is verified. An issuing station that issues a ticket, a terminal that uses the ticket acquired from the issuing station, and a verification device that gives the terminal permission to use the ticket according to a result of verifying the ticket acquired from the terminal In the ticket verification method in the ticket verification system including,
The terminal
Obtaining from the issuing station a ticket including the first information specifying the result of the operation performed in the terminal based on the random value transmitted from the issuing station and the unique value of the terminal, and the random value,
A random number value included in the ticket is received from the verification device as a response to the transmission of the ticket from the terminal to the verification device;
Based on the random value received from the verification device and the eigenvalue of the terminal, the second information specifying the result of the operation performed in the terminal is transmitted to the verification device,
A ticket verification method characterized in that the ticket can be used when a match between the second information and the first information can be verified. A random value generation / transmission unit that transmits a random value related to the issuance of a ticket to the terminal;
When the first information generated from the terminal based on the random value and the unique value of the terminal is received from the terminal, the random value transmitted to the terminal by the random value generation / transmission unit and the received first information An issuing station, comprising: a ticket issuing unit that issues a ticket with a signature of the station added to a ticket authenticator by a pair and sends the ticket to the terminal. A storage unit for storing the first random number value transmitted from the issuing station and the unique value of the terminal;
A transmission unit that transmits the first information generated based on the first random number value stored in the storage unit and the unique value of the terminal to the issuing station;
A ticket receiving unit that receives a ticket including a ticket authenticator by a set of the first random number value and the first information from the issuing station and stores the ticket in the storage unit;
A random number value receiving unit that transmits the ticket stored in the storage unit to a verification device that verifies the ticket and receives a first random value included in the ticket;
A transmitter that generates second information for specifying a result of a calculation using the received first random value and the eigenvalue of the terminal, and transmits the second information to the verification device;
The mobile terminal, wherein the verification device verifies the match between the second information and the first information. A terminal holding a ticket specified by a ticket authenticator based on a combination of a ticket random number value and first information for specifying a result of a calculation performed in the terminal based on the ticket random number value and a unique value of the terminal The ticket authenticator is obtained by acquiring the ticket and taking out the ticket authenticator given to the ticket, acquiring the ticket random number included in the ticket authenticator and transmitting it to the terminal,
The second information for specifying the result of the calculation performed by the terminal using the transmitted ticket random number value and the unique value of the terminal matches the first information included in the ticket authenticator of the ticket. A verification device characterized in that a ticket is verified depending on whether or not. A terminal verification authority that verifies the validity of the terminal,
When receiving a terminal authenticator from a set of a terminal random number value and a terminal generated value generated by the terminal based on the terminal random value and a predetermined value held by the terminal, A terminal verification station comprising a terminal authenticator verification unit for verifying a match with a predetermined value of the terminal verification station.

Images