JP2015005135A - Reading device, reading method, program and authentication system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To reduce a risk of impropriety.SOLUTION: A reading unit 110 of a reading device 100 reads in a balance of electronic money stored in an IC card, history information including identification information on another reading device in which the balance of electronic money has been written, and a card ID. A connection determination unit 111 determines whether communication with an authentication server is available or not. An identifying unit 112 identifies the other reading device in which the balance of electronic money has been written on the basis of the identification information included in the history information if communication with the authentication server is not available. A transaction control unit 113 transmits an authentication request including the history information to the other reading device. The transaction control unit 113 receives an authentication result indicating whether or not the history information included in the transmitted authentication request accords with the history information of the IC card stored by the other reading device from the other reading device. The transaction control unit 113 performs utilization determination whether utilization of the IC card should be permitted or not on the basis of the received authentication result.

Description

  The present invention relates to a reading device, a reading method, a program, and an authentication system.

  Currently, commercial transactions are widely performed by charging electronic money, which is electronic value information, to an IC card such as Felica (registered trademark) or a portable terminal such as a smartphone.

  For example, when a product is purchased using an IC card, a card reader / writer (hereinafter referred to as “reading device”) reads the balance of electronic money stored in the IC card. Then, the reading device reduces the read balance by the amount corresponding to the merchandise value, and updates the electronic money of the IC card so as to have the value after the reduction.

  Further, in commercial transactions using electronic money, IC cards are often authenticated before the start of transactions from the viewpoint of preventing fraud. As a technique related to this authentication, a technique is known in which authentication is performed by an authentication server connected to a reading device over a network (for example, Patent Document 1).

JP 2006-99217 A

  However, if communication cannot be performed between the reading device and the authentication server due to a network failure or a failure of the authentication server, the authentication server cannot perform authentication. In this case, it is conceivable that the authentication is performed only by the reading device that reads the IC card without depending on the authentication of the authentication server. However, if this authentication passes, there is a possibility that unauthorized writing may be performed on the IC card.

  In particular, if a malicious person steals the reading device and the communication between the reading device and the authentication server is intentionally disconnected, once authentication is performed using only the reading device, There is a risk that unauthorized writing such as charging is performed using the reader.

  Therefore, the present invention has been made in view of the above-described circumstances, and an object thereof is to provide a reading device and the like that can reduce the risk of fraud.

In order to achieve the above object, a reading apparatus according to the first aspect of the present invention provides:
A reading device capable of reading and writing information,
Reading means for reading the history information from a portable medium storing electronic value information and history information including identification information of another reading device that has written the value information;
Based on history information about the portable medium stored in the other reading device specified based on the identification information included in the history information, and history information read from the portable medium by the reading unit. Determining means for determining whether to permit the use of the portable medium;
It is provided with.

In addition, after the history information is read by the reading means, a communication determination means for determining whether or not communication with the authentication server is possible,
The determination unit performs the use determination when the communication determination unit determines that communication is impossible, and when the communication determination unit determines that communication is possible, history information about the portable medium stored in the authentication server and Further, it may be determined whether to permit the use of the portable medium based on the history information read from the portable medium by the reading unit.

The determination means includes
The history information read from the portable medium by the reading means is transmitted to the other reading device,
From the other reading device, receiving history matching information that is information indicating whether or not the transmitted history information matches history information about the portable medium stored in the other reading device;
The use determination is performed based on the received history matching information,
The electronic value information stored in the portable medium according to the transaction when the transaction using the electronic value information stored in the portable medium permitted to be used by the use determination is performed. And writing means for performing update writing of the history information.

The determination means includes
Requesting the other reader device for history information of the portable medium stored in the other reader device;
Receiving history information of the portable medium transmitted in response to the request from the other reading device;
The use determination is performed based on whether or not the received history information matches the history information read from the portable medium by the reading unit,
The electronic value information stored in the portable medium according to the transaction when the transaction using the electronic value information stored in the portable medium permitted to be used by the use determination is performed. And writing means for performing update writing of the history information.

In order to achieve the above object, a reading method according to a second aspect of the present invention includes:
A reading step of reading the history information from a portable medium storing electronic value information, history information including identification information of a reading device that has written the value information, and
Based on the history information about the portable medium stored by the reading device specified based on the identification information included in the history information, and the history information read from the portable medium by the reading step, A determination step for determining whether to permit the use of a portable medium;
It is provided with.

In order to achieve the above object, a program according to the third aspect of the present invention provides:
A program for causing a computer to function as a reader capable of reading and writing information,
Reading means for reading the history information from a portable medium that stores electronic value information and history information including identification information of another reading device that has written the value information;
Based on history information about the portable medium stored in the other reading device specified based on the identification information included in the history information, and history information read from the portable medium by the reading unit. Determining means for determining whether to permit use of the portable medium;
It is a program to make it function as.

In order to achieve the above object, an authentication system according to the fourth aspect of the present invention provides:
An authentication system comprising an authentication server and a plurality of reading devices connected to the authentication server via a network,
Each of the plurality of reading devices is
Reading means for reading the history information from a portable medium storing electronic value information and history information including identification information of another reading device that has written the value information;
Communication determination means for determining whether communication with the authentication server is possible after reading the history information by the reading means;
When the communication determination unit determines that communication is not possible, history information about the portable medium stored in the other reading device specified based on the identification information included in the history information, and the reading unit Determining means for determining whether to permit use of the portable medium based on history information read from the portable medium;
The electronic value information stored in the portable medium according to the transaction when the transaction using the electronic value information stored in the portable medium permitted to be used by the use determination is performed. And writing means for performing update writing of the history information;
Storage means for storing history information after update writing by the writing means in storage means for storing history information of a plurality of portable media;
When the history information of the portable medium read by the other reading device is received from another reading device, whether or not the received history information matches the history information of the portable medium stored in the storage means History matching information transmitting means for transmitting history matching information, which is information indicating the above, to the other reading device;
When the history information stored in the storage unit is requested for the portable medium read by the other reading device from the other reading device, the history of the portable medium stored in the storage unit in response to the request History information transmitting means for transmitting information to the other reading device;
It is provided with.

  According to the present invention, the risk of fraud can be reduced.

It is a figure which shows roughly the structure of the authentication system which concerns on embodiment of this invention. It is a functional block diagram of an IC card. It is a figure which shows an example of the log | history information of an IC card. It is a block diagram which shows the hardware constitutions of a reader. It is a functional block diagram of a reading device. It is a figure which shows an example of log | history information DB of a reader. It is a block diagram which shows the hardware constitutions of an authentication server. It is a functional block diagram of an authentication server. It is a figure which shows an example of the log | history information management DB of an authentication server. It is a flowchart which shows an example of the flow of an authentication request process. It is a flowchart which shows an example of the flow of a server authentication process. 6 is a flowchart illustrating an example of a flow of a reader authentication process. It is a flowchart which shows an example of the flow of a process at the time of receiving an authentication result.

Hereinafter, an authentication system according to an embodiment of the present invention will be described with reference to FIG.
As shown in FIG. 1, the authentication system 500 includes reading devices 100 to 300 and an authentication server 400. The readers 100 to 300 and the authentication server 400 are connected via a network. As the network, any communication path such as a wired / wireless LAN (local area network) or a WAN (wide area network) can be adopted.
Note that the hardware configurations and functions of the reading devices 100 to 300 are the same. Here, when it is not necessary to specify any one of the reading devices 100 to 300, the reading device 100 will be described as a representative.

The reading device 100 is a card reader / writer that reads information stored in the IC card 10 and writes information to the IC card 10 in a non-contact manner. Details of the reading apparatus 100 will be described later.
The authentication server 400 is a server that authenticates the IC card 10 read by the reading device 100. Details of the authentication server 400 will be described later.

  The IC card 10 is a non-contact type portable medium that is used to perform transactions using electronic money with the reading device 100. As shown in FIG. 2, the IC card 10 includes a communication unit 11, a control unit 12, and a storage unit 13.

The communication unit 11 performs non-contact communication with the reading device 100. The communication unit 11 is realized by a built-in antenna of the IC card 10.
The control unit 12 controls the IC card 10. The control unit 12 is realized by the CPU of the IC card 10.
The storage unit 13 stores data such as a balance of electronic money that is electronic value information, a card ID that is identification information of itself, and history information that is information indicating a transaction history. Specifically, the storage unit 13 stores data such as a balance of electronic money ¥ 1,000, a card ID 10, and history information shown as an example in FIG. The storage unit 13 is realized by a non-volatile memory (for example, ROM or EEPROM) of the IC card 10.

As shown in FIG. 3, the storage unit 13 stores one piece of history information that is the latest transaction history.
The history information includes a transaction ID, date and time, device ID, balance, balance before transaction, and authenticated device ID.
The transaction ID is identification information for uniquely specifying a transaction using electronic money. This transaction ID is issued by the device that has authenticated the IC card 10. In the example of FIG. 3, it can be seen that the device ID 400 that has authenticated the IC card 10, that is, the authentication server 400 has issued the transaction IDXXX100.

The date and time is the date and time when the transaction ID is issued. In the example of FIG. 3, the date and time is 201303401, 18:00, that is, April 1, 2013, 18:00.
The device ID is identification information of a reading device in which the balance of electronic money is written in the storage unit 13 in accordance with the transaction using the latest electronic money. In the example of FIG. 3, the device ID is 200, that is, the reading device 200.
The balance is the balance of electronic money currently charged in the IC card 10. In the example of FIG. 3, the balance is ¥ 1,000. The balance of the history information and the balance of electronic money stored in the storage unit 13 separately from the history information are the same amount.

The pre-transaction balance is the balance of electronic money that has been charged in the IC card 10 before the most recent transaction. In the example of FIG. 3, the balance before transaction is ¥ 2,000.
The authenticated device ID is identification information of a device that has authenticated the IC card 10 before electronic money is traded. In the example of FIG. 3, the authenticated device ID is 400, that is, the authentication server 400.

  From the history information of the IC card 10, it can be seen that the IC card 10 has recently been authenticated by the authentication server 400 and a transaction ID has been issued from the authentication server 400. It can also be seen that the IC card 10 was used to exchange electronic money of ¥ 1,000 with the reading device 200.

Next, the hardware configuration of the reading apparatus 100 will be described with reference to FIG.
As illustrated in FIG. 4, the reading apparatus 100 includes a CPU 101, a ROM 102, a RAM 103, an HDD 104, a network I / F 105, a display unit 106, and an operation unit 107.
Among these, the CPU 101 is a central processing unit that controls the entire reading device 100.
The ROM 102 is a non-volatile memory that stores a program executed by the CPU 101.

The RAM 103 is a volatile memory that temporarily develops a program executed by the CPU 101 and is used as a work area when the CPU 101 performs various processes.
The HDD 104 is a storage unit that stores history information of transaction histories with a plurality of IC cards including the IC card 10.
The network I / F 105 is an interface for the reading apparatus 100 to communicate with the other reading apparatuses 200 and 300 and the authentication server 400 via the network.

The display unit 106 is a display unit such as a liquid crystal display or an organic EL (Electroluminescence) display for displaying a balance of electronic money.
The operation unit 107 includes a coin slot, a purchase button for purchasing goods using electronic money, and the like. When the user inserts money into the money slot, the IC card 10 can be charged with electronic money. When the user presses the purchase button, the value corresponding to the product is reduced from the electronic money. As described above, an operation performed by the user using the operation unit 107 serves as a trigger for starting a transaction such as charging or purchasing a product.

  Here, the CPU 101 reads various programs in the ROM 102, develops them in the RAM 103, and then controls the reading device 100 according to the various programs, thereby realizing the functions of the respective units as shown in FIG. 5. As shown in FIG. 5, as a function, a reading unit 110, a connection determination unit 111, a specification unit 112, a transaction control unit 113, a communication unit 114, a transaction request reception unit 115, a writing unit 116, a history information DB 117, and an authentication determination Part 118 is provided.

First, the reading unit 110 is a reading unit that reads the balance of electronic money stored in the IC card 10, the card ID 10, and the history information shown in FIG. 3 in a non-contact manner.
The connection determination unit 111 is a communication determination unit that determines whether communication with the authentication server 400 is possible after reading by the reading unit 110. Specifically, the connection determination unit 111 periodically checks the network connection with the authentication server 400 to determine whether communication is possible by polling the authentication server 400 at predetermined intervals.

  The identifying unit 112 is a identifying unit that identifies the reading device into which the electronic money balance has been written based on the device ID included in the history information read by the reading unit 110 when the connection determining unit 111 determines that communication is not possible. . In the case of the example illustrated in FIG. 3, the specifying unit 112 specifies the device ID 200, that is, the reading device 200 when the connection determining unit 111 determines that communication with the authentication server 400 is not possible.

  Transaction control unit 113 is a determination unit that determines whether to permit use of IC card 10 based on the authentication result of IC card 10. Specifically, the transaction control unit 113 determines a transaction based on the authentication result of the IC card 10 as to whether or not to permit a transaction using the balance of electronic money stored in the IC card 10. Moreover, the transaction control part 113 controls the transaction using electronic money based on the result of transaction determination. The transaction control unit 113 is also a storage unit that stores history information after transactions using electronic money in a history information DB that stores history information of a plurality of IC cards. The authentication method and transaction control method of the IC card 10 will be described later.

  The transaction control unit 113 sends an authentication request for obtaining the authentication result of the IC card 10 to 1) the authentication server 400 when communication with the authentication server 400 is possible, and 2) the specification unit 112 when communication with the authentication server 400 is impossible. Is transmitted to the other reading device 200 or 300 specified by the communication unit 114, respectively. Moreover, the transaction control part 113 performs the said authentication request | requirement with respect to the authentication determination part 118, when the communication control part 113 cannot communicate with the authentication server 400, and the specific | specification part 112 specifies the own reader 100. FIG. The transaction control unit 113 includes the card ID 10 and history information necessary for authenticating the IC card 10 in the authentication request.

  In the case of the history information example of FIG. 3, the transaction control unit 113 is in the authentication server 400 when communication with the authentication server 400 is possible, or in the reading device 200 specified by the specification unit 112 when communication with the authentication server 400 is impossible. An authentication request is transmitted including the card ID 10 and the history information of FIG.

  When the transaction control unit 113 receives the authentication result as a response to the authentication request, the transaction control unit 113 determines the transaction of the IC card 10 based on the received authentication result, and determines whether the transaction using electronic money is permitted or not permitted. Specifically, when the authentication result indicates that the authentication is successful, the transaction control unit 113 has issued the IC card 10 properly (that is, the IC card 10 has not been written with invalid data, and the IC card 10 The balance information recorded in (1) is correct and the IC card 10 can be used), and the transaction is permitted in the transaction determination. On the other hand, when the authentication result is not valid, the transaction control unit 113 does not issue the IC card 10 properly (that is, illegal data is written in the IC card 10 and is recorded in the IC card 10). The balance information is illegal and the IC card 10 cannot be used), and the transaction is not permitted in the transaction determination.

  If the authentication result is successful, the authentication result includes a transaction ID issued by the device (authentication server 400, another reading device 200 or 300, or the reading device 100 itself), and the transaction ID. The date and time when the device is issued and the authenticated device ID are included.

  Next, the transaction control unit 113 controls the transaction (additional charge, reduction) using the electronic money charged to the IC card 10 based on the transaction determination result. Specifically, the transaction control unit 113 performs control so that the transaction using the electronic money charged in the IC card 10 cannot be performed when the transaction is not permitted by the transaction determination based on the authentication result. For example, the transaction control unit 113 displays a message such as “IC card 10 could not be authenticated” on the display unit 106 or invalidates the input of the operation unit 107 for performing a transaction.

  On the other hand, the transaction control unit 113 performs control so that the transaction using the electronic money charged in the IC card 10 can be performed when the transaction is permitted by the transaction determination based on the authentication result. For example, the transaction control unit 113 displays the balance “¥ 1,000” of the IC card 10 on the display unit 106 or validates the input of the operation unit 107 for performing a transaction.

  Transaction request receiving unit 115 receives a transaction request. Examples of the type of transaction request include a charge request to the IC card 10 and a request to reduce electronic money corresponding to the merchandise value. These transaction requests are triggered by the operation of the operation unit 107 by the user. For example, when the user inserts money into the money insertion slot of the operation unit 107, it triggers a charge request to the IC card 10. Further, when the user presses a purchase button for purchasing a product on the operation unit 107, it triggers a request to reduce electronic money.

The transaction control unit 113 instructs the writing unit 116 to update the balance and history information of the electronic money stored in the IC card 10 in accordance with the type of transaction request received by the transaction request receiving unit 115. At the same time, the transaction control unit 113 writes the contents of the updated history information in the history information DB 117. Further, the transaction control unit 113 also transmits the contents of the updated history information to the authentication server 400 when the authentication server 400 can communicate.
Thereby, when the transaction using the electronic money is performed, if the authentication server 400 is communicable, the IC card 10, the reading device 100, and the authentication server 400 all store the same history information at the same time. When the 400 cannot communicate, the IC card 10 and the reading device 100 store the same history information at the same time.

Here, when the user inserts a 1,000 yen bill into the slot, that is, when the transaction request type is a charge request for 1,000 yen to the IC card 10, the history of FIG. This will be described with reference to the information DB 117. FIG. 6 is an example of the history information DB 117 of the reading device 100 having the device ID 100.
The history information DB 117 is a database that stores a plurality of history information indicating transaction histories with a plurality of IC cards including the IC card 10.
The history information DB 117 includes items of serial number, card ID, transaction ID, date and time, balance, balance before transaction, and authenticated device ID.

The serial number is a serial number indicating the number of transactions performed with a plurality of IC cards in ascending order. The card ID, transaction ID, date and time, balance, balance before transaction, and authenticated device ID are as described with reference to FIG.
When the transaction request type is a charge request for 1,000 yen to the IC card 10, the transaction control unit 113 first issues a serial number 101. Then, the transaction control unit 113 includes the issued serial number 101, the card ID 10 read by the reading unit 110, the transaction ID included in the authentication result and the date and time when the transaction ID was issued, and the balance after charging ¥ 2,000. The latest history information is written in association with the balance before transaction ¥ 1,000 and the authenticated device ID 200 included in the authentication result. Since the authenticated apparatus ID is 200, it can be seen that the reading apparatus 200 has authenticated the IC card 10 in place of the authentication server 400 that was unable to communicate.

Next, the writing unit 116 is a writing unit that updates and writes the balance and history information of the electronic money stored in the IC card 10 based on an instruction from the transaction control unit 113.
Specifically, the writing unit 116 updates the balance of electronic money stored in the storage unit 13 of the IC card 10 to the balance after the transaction, and updates the history information to the latest content.
For example, in the case of the above example in which the transaction request type is a charge request for 1,000 yen to the IC card 10, the writing unit 116 determines the balance of electronic money based on an instruction from the transaction control unit 113. The balance is updated from ¥ 1,000 to ¥ 2,000 and the history information is overwritten. At this time, the writing unit 116 is the same as the latest history information of the serial number 101 of the history information DB 117, the transaction IDXXX200, the date and time 20130410, 15:00, the balance ¥ 2,000, and the balance before transaction ¥ The history information in FIG. 3 is overwritten with the latest history information by associating 1,000 with the authenticated device ID 200 and its own device ID 100.

Returning to FIG. 5, the authentication determination unit 118 is a case where communication with the authentication server 400 is not possible and the specifying unit 112 specifies the reading device 100 (the device ID of the history information of the IC card 10 indicates 100 itself). ), The IC card 10 is authenticated in place of the authentication server 400.
In this case, the authentication determination unit 118 searches the history information DB 117 using the card ID 10 of the IC card 10 and the history information included in the authentication request from the transaction control unit 113, and authenticates the IC card 10. Specifically, the history information with a card ID of 10 is identified from the history information DB 117 using the card ID 10, and the date and time of the identified history information matches the date and time included in the authentication request. The card 10 is authenticated.

  In this embodiment, the authentication means that the date and time included in the history information read from the IC card and the date and time of the history information of the IC card stored in either the authentication server 400 or the reading devices 100 to 300 match. This means that the validity of the IC card is verified depending on whether or not it is performed.

If the date and time match, the authentication determination unit 118 notifies the transaction control unit 113 of an authentication result indicating that the authentication of the IC card 10 is successful. At this time, the authentication determination unit 118 issues a transaction ID, and includes the issued transaction ID, the issued date and time, and its own device ID 100 in the authentication result. On the other hand, if the date and time do not match, the authentication determination unit 118 notifies the transaction control unit 113 of an authentication result indicating that the authentication of the IC card 10 has failed.
This authentication result is also information indicating whether or not the dates and times included in the history information match, and is also referred to as history matching information. Also, an authentication method using the date and time of history information performed by the authentication determination unit 118, an authentication method performed when the authentication server 400 or another reading device 200 or 300 receives an authentication request from the transaction control unit 113, Are the same. This point will be described later.

Further, when the authentication determination unit 118 receives an authentication request from another reading device 200 or 300 via the communication unit 114, the authentication determination unit 118 authenticates an IC card other than the IC card 10 read by the other reading device 200 or 300. Also do.
The case where the authentication request is transmitted from the other reading device 200 or 300 is a case where the device ID of the history information of another IC card read by the other reading device 200 or 300 is 100, and This is a case where the authentication server 400 cannot communicate. That is, instead of the authentication server 400, the reading device 100 authenticates another IC card.

Upon receiving the card ID and history information of another IC card included in the authentication request, the authentication determination unit 118 searches and specifies the latest history information of the card ID from the history information DB 117, and the specified history information. The other IC card is authenticated based on whether or not the date and time included in the ID matches the date and time of the history information included in the authentication request.
Then, the authentication determination unit 118 transmits the authentication result to the other reading device 200 or 300 that is the authentication request source via the communication unit 114. Note that the communication unit 114 transmits authentication results (history match information), and thus can be said to be history match information transmission means. If the date and time match, the authentication determination unit 118 issues a transaction ID, and includes the issued transaction ID, the issued date and time, and its own device ID 100 in the authentication result.

Next, the hardware configuration of the authentication server 400 will be described with reference to FIG.
As shown in FIG. 7, the authentication server 400 includes a CPU 401, a ROM 402, a RAM 403, an HDD 404, and a network I / F 405.
Among these, the CPU 401 is a central processing unit that controls the entire authentication server 400.
The ROM 402 is a non-volatile memory that stores a program executed by the CPU 401.

A RAM 403 is a volatile memory that temporarily develops a program executed by the CPU 401 and is used as a work area when the CPU 401 performs various processes.
The HDD 404 is a storage unit that stores history information of transaction history with a plurality of IC cards including the IC card 10 for each reading device.
The network I / F 405 is an interface for the authentication server 400 to communicate with the reading devices 100 to 300 via the network.

Here, the CPU 401 reads various programs in the ROM 402, develops them in the RAM 403, and then controls the authentication server 400 according to the various programs, thereby realizing the functions of the respective units as shown in FIG. As functions, as shown in FIG. 8, a communication unit 410, an authentication determination unit 411, a history information management DB 412, and a writing unit 413 are provided.
The communication unit 410 receives an authentication request from the reading devices 100 to 300 and transmits an authentication result to the reading devices 100 to 300. The communication unit 410 receives the latest history information each time each reading device 100 to 300 exchanges electronic money with a plurality of IC cards including the IC card 10.

The authentication determination unit 411 searches the history information management DB 412 based on the authentication request, and authenticates the IC card read by each of the reading devices 100 to 300. Here, an example of the history information management DB 412 is shown in FIG.
The history information management DB 412 is a management database in which the history information DB stored in each of the reading devices 100 to 300 is collected. For this reason, the history information management DB 412 stores history information of transaction histories with a plurality of IC cards performed by the reading devices 100 to 300, respectively.

  Each of the reading devices 100 to 300 issues and writes a serial number when writing the latest history information in its own history information DB, and simultaneously transmits the same latest history information to the authentication server 400. For this reason, the serial number of the history information management DB 412 of the authentication server 400 is consistent with the serial number of the history information DB of each reading device 100 to 300, except when communication with the authentication server 400 cannot be performed due to a network failure or the like. In the case of the example of FIG. 9, the content of the history information of the device ID 100, that is, the reading device 100 is the same as the content of the history information DB 117 of FIG.

Here, when serial number inconsistency occurs (when the authentication server 400 cannot receive the latest history information due to a network failure or the like), the history information is matched using the serial number after failure recovery.
Specifically, when a network connection is established between each reading device 100 to 300 and the authentication server 400 after the failure of the authentication server 400 is restored, each reading device 100 to 300 sends the latest serial number and device ID to the authentication server. 400. The authentication server 400 searches the history information management DB 412 based on the latest received serial number and the device ID, and compares the serial number stored for the device ID with the latest received serial number.
If the comparison results in different serial numbers, the authentication server 400 requests the history information of all serial numbers larger than the serial number stored in the authentication server 400 to each reading device 100 to 300 and manages the requested history information as history information management. Store in DB412. In this way, the contents of the history information DB of each of the reading devices 100 to 300 can be reflected in the history information management DB 412 of the authentication server 400 to match the history information.

Here, when the authentication determination unit 411 receives an authentication request from any of the reading devices 100 to 300 via the communication unit 410, first, a history is recorded using the device ID and the card ID of the history information included in the authentication request. The information management DB 412 is searched.
For example, when receiving the authentication request including the history information shown in FIG. 3 of the IC card 10 read by the reading device 100 and the card ID 10, the authentication determination unit 411 searches for the device ID 200 and the card ID 10 included in the history information. The history information of the serial number 152 is specified. Here, since the history information stored in the IC card 10 is the latest history information, the authentication determination unit 411 only needs to identify the latest 152 having the newest serial number.

  Next, the authentication determination unit 411 authenticates the IC card based on whether or not the date and time of the identified history information matches the date and time of the history information included in the authentication request. In the case of the history information example in FIG. 3, the authentication determination unit 411 matches the history information date and time 201303401, 18:00 of the identified serial number 152 with the date and time 2013130401 and 18:00 of the history information included in the authentication request. The IC card 10 is authenticated depending on whether or not it is performed.

  In this case, since both match, the authentication determination unit 411 issues a transaction ID on the assumption that the authentication of the IC card 10 is successful, the authentication result of the issued transaction ID, the issued date and time, and its own device ID 400. Include in Then, the authentication determination unit 411 transmits the authentication result to the reading device 100 via the communication unit 410. On the other hand, if the two do not match, the authentication determination unit 411 transmits an authentication result indicating that the authentication of the IC card 10 has failed via the communication unit 410. Note that the transaction control unit 113 of the reading apparatus 100 determines whether or not to permit transactions using electronic money based on the authentication result (history matching information).

  Next, the writing unit 413 writes the latest history information respectively transmitted from the reading devices 100 to 300 in the history information management DB 412. Specifically, the writing unit 413 writes the same history information transmitted at the timing when each of the reading devices 100 to 300 writes the latest history information in its history information DB, to the history information management DB 412.

As described above, in the authentication system 500 described with reference to FIGS. 1 to 9, for example, one characteristic point is that the reader 100 that has read the history information of the IC card 10 cannot communicate with the authentication server 400. The reading device (in the example of FIG. 3, the reading device 200 with the device ID 200) having written the balance of electronic money on the IC card 10 is specified, and an authentication request is made to the specified reading device. Further, the reader 100 determines whether or not the authentication result for the authentication request (the date and time of the history information included in the transmitted authentication request matches the date and time of the history information about the IC card stored in the specified reading device). The transaction determination of the IC card is performed based on the history matching information), and the permission or non-permission of the transaction using the electronic money is determined.
The flow of authentication request processing related to this point will be described below with reference to the flowchart of FIG.

The flowchart of FIG. 10 is performed by each of the reading devices 100 to 300, and will be described by taking the reading device 100 as an example. The reading device 100 sequentially performs the following processing when the IC card reaches a distance that can be read without contact.
First, the reading unit 110 reads the card ID and history information of the IC card (S11). In the example of FIG. 3, the reading unit 110 reads the card ID 10 and history information of the IC card 10.

Next, the connection determination unit 111 performs server connection determination (S12). Specifically, the connection determination unit 111 determines whether communication with the authentication server 400 is possible by polling or the like.
Here, when the server connection is possible (S13; Yes), the transaction control unit 113 issues an authentication request to the authentication server 400 via the communication unit 114 (S14), and ends the process. In the case of the example in FIG. 3, the transaction control unit 113 includes the card ID 10 read by the reading unit 110 and the history information in FIG. 3 in the authentication request and transmits the authentication request to the authentication server 400, and ends the process.

  On the other hand, when the server connection is not possible (S13; No), the specifying unit 112 specifies the reader that has most recently traded from the history information (S15). Specifically, the specifying unit 112 specifies the reading device that has written the electronic money balance on the IC card based on the device ID included in the history information read by the reading unit 110. In the case of the example of FIG. 3, the specifying unit 112 specifies the reading device 200 that is the device ID 200.

  Next, the specifying unit 112 determines whether the specified reading device is another reading device (S16). Specifically, when the device ID included in the history information is other than its own device ID 100, the specifying unit 112 determines that the specified reading device is another reading device. In the case of the example in FIG. 3, since the device ID specified by the specifying unit 112 is 200, it is another reading device 200.

  Here, when it is another reading device (S16; Yes), the transaction control unit 113 issues an authentication request to the other reading device (S17), and ends the process. In the case of the example in FIG. 3, the transaction control unit 113 includes the card ID 10 and the history information in FIG.

  On the other hand, if it is not another reading device (S16; No), since the reading device 100 itself has written electronic money on the IC card in the most recent transaction, the authentication determination unit 118 uses the card ID and history information. The IC card is authenticated by itself (S18). The IC card authentication method is as described above.

  Here, when the authentication of the IC card is successful (the date and time of the history information read from the IC card matches the date and time of the history information about the IC card stored in the history information DB 117) (S19; Yes). The authentication determination unit 118 issues a transaction ID (S20). Specifically, the transaction control unit 113 is notified of the authentication result indicating that the authentication of the IC card is successful, including the issued transaction ID, issuance date and time, and its own device ID 100. On the other hand, when the authentication of the IC card is unsuccessful (S19; No), the process proceeds to S21. At this time, the authentication determination unit 118 notifies the transaction control unit 113 of an authentication result indicating that the IC card authentication has failed.

  Next, the transaction control unit 113 determines whether or not to permit the transaction based on the authentication result indicating that the authentication of the IC card is successful or unsuccessful (S21). Specifically, the transaction control unit 113 permits the transaction in the case of an authentication result indicating that the authentication of the IC card is successful (S22; Yes). On the other hand, the transaction control unit 113 does not permit the transaction in the case of an authentication result indicating that the authentication of the IC card is unsuccessful (S22; No).

  Here, when the transaction is not permitted (S22; No), the transaction control unit 113 performs a transaction impossibility process (S23) and ends the process. Specifically, the transaction control unit 113 performs processing (for example, disabling the message display on the display unit 106 and the operation unit 107 as described above) so that transactions using electronic money are not performed. To end the process.

  On the other hand, when the transaction control part 113 permits a transaction (S22; Yes), the transaction request reception part 115 determines whether the transaction request was received (S24). Specifically, the transaction request receiving unit 115 performs standby processing until it detects an operation of the operation unit 107 by the user (for example, insertion of money, pressing of a purchase button, etc.). If the operation of the operation unit 107 by the user cannot be detected after a certain period of time, the transaction request receiving unit 115 causes the time-out process (for example, forcibly terminating the authentication request process itself or reading the IC card again on the display unit 106). Display a message indicating that it is necessary) (S24; No).

  Here, when the transaction request receiving unit 115 receives the transaction request (S24; Yes), the transaction control unit 113 updates the balance and history information of the electronic money according to the type of the transaction request (S25), and performs processing. finish. Specifically, the transaction control unit 113 updates the balance and history information of the electronic money stored in the IC card according to the type of transaction request (for example, a charge request to the IC card, a request to reduce the electronic money). I do. At the same time, the transaction control unit 113 writes the same history information as the history information updated by issuing a serial number in the history information DB 117.

  Next, a server authentication process performed by the authentication server 400 that has received an authentication request will be described with reference to FIG. When receiving the authentication request, the authentication server 400 performs the following processing in order.

  First, the authentication determination unit 411 of the authentication server 400 performs IC card authentication determination using the card ID and history information (S31). Specifically, the authentication server 400 searches the history information management DB 412 shown in FIG. 9 and authenticates the IC card based on the card ID included in the authentication request, the device ID of the history information, and the date and time. In the case of the history information examples shown in FIGS. 3 and 9, the authentication determination unit 411 searches the history information management DB 412 by the card ID 10 and the device ID 200 included in the authentication request, and identifies the history information of the serial number 152. Then, the authentication determination unit 411 authenticates the IC card 10 based on whether or not the date and time of the specified history information matches the date and time of the history information included in the authentication request.

Next, when the date and time match and authentication is successful (S32; Yes), the authentication determination unit 411 issues a transaction ID (S33). Next, the authentication determination part 411 transmits an authentication result (S34), and complete | finishes a process. Specifically, the authentication determination unit 411 includes the transaction ID issued in S33, the issued date and time, and its own device ID 400 in the authentication result, and sends the authentication result to the reading device that is the authentication request source via the communication unit 410. Send. On the other hand, if the date and time do not match and authentication is unsuccessful (S32; No), the authentication determination unit 411 transmits an authentication result indicating that authentication has failed to the reader that is the authentication request source (S34), and performs processing. finish.
In this manner, the authentication server 400 performs authentication using the history information management DB 412 each time an authentication request is made, and transmits the authentication result to any one of the readers 100 to 300 that are the authentication request source.

Next, reading device authentication processing of the reading device that has received the authentication request will be described with reference to FIG. Since this reading device authentication process is performed by any of the reading devices 100 to 300, the reading device 100 will be described as an example. Upon receiving an authentication request from another reading device 200 or 300, the reading device 100 performs the following processing in order.
First, the authentication determination unit 118 of the reading apparatus 100 authenticates the IC card using the card ID and history information (S41). Specifically, the reader 100 searches the history information DB 117 shown in FIG. 6 and authenticates the IC card based on the card ID and the date and time of the history information included in the authentication request.

Here, when the date and time match and authentication is successful (S42; Yes), the authentication determination unit 118 issues a transaction ID (S43). Next, the authentication determination part 118 transmits an authentication result (S44), and complete | finishes a process. Specifically, the authentication determination unit 118 includes the transaction ID issued in S43, the issued date and time, and its own device ID 100 in the authentication result, and the other reading device 200 of the authentication request source via the communication unit 114 or The authentication result is transmitted to 300. On the other hand, when the date and time do not match and authentication is unsuccessful (S42; No), the authentication determination unit 118 transmits an authentication result indicating authentication failure to the other reading device 200 or 300 that is the authentication request source ( S44), the process is terminated.
As described above, when there is an authentication request from another reading device 200 or 300 when the authentication server 400 has a failure or the like, the reading device 100 performs authentication using the history information DB 117 and displays the authentication result in addition to the authentication request source. To either the reading device 200 or 300.

  Next, the flow of processing performed by the reading apparatus 100 that has received the authentication result will be described with reference to FIG. When the reading device 100 receives the authentication result from the authentication server 400 or another reading device 200 or 300, the reading device 100 sequentially performs the following processing.

  First, the transaction control unit 113 performs a transaction determination as to whether or not to permit the transaction based on the authentication result indicating that the authentication of the IC card is successful or unsuccessful (S51). Here, when the transaction is not permitted (S52; No), the transaction control unit 113 performs a transaction disabling process (S53), and ends the process. The transaction impossibility process is the same as S23 in FIG. On the other hand, when the transaction control part 113 permits a transaction (S52; Yes), the transaction request reception part 115 determines whether the transaction request was received (S54). When the transaction request receiving unit 116 receives the transaction request (S54; Yes), the transaction control unit 113 updates the balance and history information of the electronic money according to the type of transaction request (S55), and ends the process. The transaction control unit 113 writes the updated history information (latest history information) in its own history information DB 117 at the same timing as this S55, and transmits this history information also to the authentication server 400.

  Among the processes described above with reference to FIGS. 10 to 13, in the authentication request process of FIG. 10, the reading device 100 includes the reading unit 110, the connection determination unit 111, the specifying unit 112, the transaction control unit 113, and the communication unit 114. Even when communication with the authentication server 400 is not possible, the reading device (in the case of the history information in FIG. 3, the reading device 200) that writes the balance of electronic money to the IC card 10 is provided. In particular, an authentication request can be made to the identified reading device.

  In particular, when the identification unit 112 identifies another reading device 200 or 300 when communication with the authentication server 400 is not possible, an authentication request is made to either of the other reading devices 200 or 300. In other words, for example, even when a malicious person steals the reader 100 and intentionally disconnects the network between the authentication server 400 and the reader 100, the date and time included in the history information The other reading device 200 or 300 authenticates whether or not the two match (the reading device 100 itself does not authenticate). For this reason, even if a malicious person tries to authenticate only with his own IC card and the stolen reader, the reader 100 does not authenticate alone, so the transaction control unit 113 authorizes the transaction. There is no. Therefore, since the reading device 100 does not update the balance of electronic money in the IC card, it is possible to reduce the risk of unauthorized writing and the like.

(Modification)
Although the description of the embodiment has been completed, the specific configuration and processing contents of the authentication system 500 or each of the reading devices 100 to 300 are not limited to those described in the above embodiment.

  For example, in the authentication request process of FIG. 10 described above, the reading device 100 reads the authentication request including the card ID 10 read from the IC card 10 and the history information of FIG. 3 when the authentication server 400 cannot communicate with the authentication request. However, the present invention is not limited to this. The reading device 100 may request the history information of the card ID 10 stored in the history information DB of the reading device 200 by transmitting the card ID 10 to the reading device 200. In response to this request, the reading device 200 transmits the history information of the latest card ID 10 stored in the history information DB to the reading device 100. The reading device 100 performs transaction determination based on whether or not the date and time of the received history information matches the date and time of the history information in FIG. 3 read by the reading unit 110 from the IC card 10.

  As a result, when communication with the authentication server 400 is impossible, the reading device 100 cannot make a transaction determination unless history information is received from another reading device 200. For this reason, even if a malicious person tries to authenticate only with the IC card owned by the malicious person and the reading device 100 stolen, the reading device 100 does not permit the transaction. Therefore, as in the above-described embodiment, it is possible to reduce the risk of unauthorized writing.

  On the other hand, the reading apparatus 100 transmits an authentication request including the card ID 10 read from the IC card 10 and the history information of FIG. 3 to the specified authentication server 400 when communication with the authentication server 400 is possible. Not limited to. The reading device 100 may request the history information specified from the card ID 10 stored in the history information management DB 412 of the authentication server 400 by transmitting the card ID 10 and the device ID 200 to the authentication server 400. In response to this request, the authentication server 400 transmits the history information of the latest serial number 152 specified by the device ID 200 and the card ID 10 stored in the history information management DB 412 to the reading device 100. The reading device 100 makes a transaction determination based on whether or not the date and time of the received history information of the serial number 152 matches the date and time of the history information in FIG. 3 read by the reading unit 110 from the IC card 10.

  Further, when the history information stored in the history information DB 117 for the IC card read by the other reading device 200 or 300 is requested from another reading device 200 or 300, the reading device 100 responds to the request with history information. The history information of the IC card stored in the DB 117 is transmitted to the other reading device 200 or 300.

  In the above-described embodiment, the transaction control unit 113 of the reading device 100 permits the transaction using electronic money when the authentication result for the authentication request is authentication success (when the date and time of the history information match). However, it is not limited to this. For example, the transaction control unit 113 of the reading apparatus 100 does not immediately permit the transaction when the authentication result is successful, but does not permit the transaction immediately, and the validity of the IC card based on whether the date and time of the history information matches. In addition to the verification of the verification, the transaction may be permitted when all the authentications are successful.

  For example, other types of authentication include checking the balance of electronic money (for example, whether it is the lower limit of 0 yen or whether the upper limit is exceeded), biometric authentication, public key and private key, or common It is conceivable to perform cryptographic authentication using keys. The verification accuracy of the legitimacy can be improved by making a transaction determination after performing other authentications as well.

In the above-described embodiment, authentication is performed based on whether the dates and times of the history information match, but the present invention is not limited to this. For example, authentication may be performed using information other than the date and time included in the history information, such as whether the transaction IDs included in the history information match, or whether the balance and the balance before the transaction match. In this case, “matching” does not require that the data to be compared is completely matched, but may be substantial matching between the data after processing, conversion, or the like. That is, even if the data to be compared is different in form due to processing, conversion, or the like, it is assumed that they substantially match when determining whether they match.
As another example, authentication may be performed based on whether or not the balances included in the history information to be compared match.

  In the above-described embodiment, the date and time is described as the date and time when the transaction ID is issued. However, the transaction control unit 113 records the history of the IC card 10 and the history information DB 117 according to the type of transaction request after the transaction is permitted. It may be the date and time when the information is updated.

Further, information indicating the destination of the reading device 200 indicated by the device ID 200 (for example, an IP address) may be stored in the device ID 200 of the history information shown in FIG. This can be realized when the reading device 200 writes the history information to the IC card 10 together with its own IP address. As a result, when the reading device 100 that has read the IC card 10 issues an authentication request to another reading device 200, the authentication request can be transmitted to the IP address.
Further, information indicating the destination of the reading device (for example, an IP address) may be included in the device ID.
Further, each reading device may store in advance a correspondence relationship between the device IDs of a plurality of other reading devices and information indicating the destination, and the specifying unit 112 may specify the information indicating the destination from the device ID.
Further, the reading device 200 may perform a signature (for example, setting a signature flag on the balance) indicating that the balance has been written to the balance ¥ 1,000 when the history information is written to the IC card 10. Good. The fact that the reading device 200 has written the history information into the IC card 10 indicates that the authentication by the authentication server 400 is successful and the transaction determination by the reading device 200 is a transaction permission. For this reason, the signature on the balance proves that the authentication is successful and the transaction is permitted. Therefore, the reading device 100 that has read the IC card 10 can confirm that the history information of the IC card 10 has been properly written by this signature.

  In the above-described embodiment, the description has been made on the assumption that the history information stored in the IC card 10 is one. However, there may be a plurality of history information. In this case, the reading apparatus 100 transmits a plurality of history information or a predetermined number of history information to the authentication server 400, and the authentication server 400 performs authentication using all the received history information. Thereby, the verification accuracy of the validity of the IC card 10 can be increased. Further, when the authentication server 400 is incapable of communication, the reading device 100 identifies all the reading devices in which the respective history information has been written, and makes an authentication request to each of the plurality of identified reading devices. Good. As a result, the same effect as described above can be obtained.

  In the above-described embodiment, the reading apparatus 100 includes the display unit 106, the operation unit 107, and the transaction request receiving unit 115, and receives the transaction itself. However, the transaction itself may be performed by a separate entity such as a transaction device. For example, the result of the transaction determination performed by the transaction control unit 113 is notified to a transaction apparatus including a separate display unit 106, operation unit 107, and transaction request receiving unit 115. Then, the transaction apparatus accepts a transaction request from the user in response to the notification, and notifies the transaction control unit 113 of the accepted transaction request. As a result, the processing burden on the reading apparatus 100 is reduced.

  The authentication system 500 in the above-described embodiment can be applied to various scenes. For example, it can be applied to a pachinko parlor. In this case, each of the reading devices 100 to 300 is provided on each pachinko machine. The electronic money charged to the IC card 10 is used for pachinko ball lending. Further, the authentication server 400, as a store server of a pachinko store, is shown in FIG. 11 based on the history information of the IC card read by the reading devices 100 to 300 provided in each pachinko machine and the history information of the history information management DB 412. Perform server authentication. After the authentication is successful and the transaction is permitted, when the user presses the ball lending button on the operation unit 107, the reading apparatus 100 deducts the value corresponding to the number of balls from the balance of the electronic money of the IC card 10 and updates the history information. .

  By applying the authentication system 500 to a pachinko parlor, even when the authentication server 400 cannot communicate, authentication can be performed between each reading device provided in each pachinko machine. In addition to pachinko parlors, the authentication system 500 can also be applied to reading devices of a plurality of vending machines in a certain area or reading devices placed in a plurality of convenience stores. In this case, if the authentication server 400 is an area server and the area server cannot perform authentication, authentication can be performed between the reading devices of each vending machine or between the reading devices placed in each convenience store.

Further, in the above-described embodiment, the IC card has been described on the premise of the non-contact type, but may be a contact type. Further, instead of the IC card, a portable terminal such as a smartphone equipped with an IC chip storing electronic money may be used.
Further, the balance and history information of electronic money stored in the storage unit 13 of the IC card 10 may be stored in the tamper resistant area. As a result, falsification of the balance of electronic money and history information can be prevented.

In the above-described embodiment, the history information includes the balance and the balance before transaction. However, instead of these, the history information may include a transaction type (eg, charge or purchase) and a transaction amount.
In the above-described embodiment, the IC card 10 stores the balance of the electronic money currently charged in the IC card 10 separately from the history information. However, the balance recorded in the history information may be used as the balance currently charged in the IC card 10.

  Further, in the above-described embodiment, the authentication determination units 411 and 118 in the authentication server 400 or the reading device 100 use the card ID included in the authentication request and the device ID of the history information in the history information management DB 412 and the history information DB 117. A search is performed to identify the most recent history information stored, and an authentication determination is made based on whether or not the date and time of the identified history information matches the date and time of the history information included in the authentication request. Absent. For example, the history information management DB 412 or the history information DB 117 is searched with the card ID included in the authentication request, the device ID of the history information, and the date and time, and authentication is determined based on whether or not history information satisfying a predetermined condition is recorded. May be.

  In the above-described embodiment, the transaction ID is issued by the device (authentication server 400 or each reading device 100 to 300) that authenticates the IC card. However, the present invention is not limited to this. For example, instead of a device that has authenticated an IC card, a reading device that has granted transaction permission based on the authentication result from the device may issue a transaction ID. Even in this case, the date and time when the transaction ID is issued is the same as the date and time stored in the history information.

In the above-described embodiment, the card ID and the history information are included in the authentication request transmitted by the reading device that has read the history information of the IC card. However, the present invention is not limited to this. For example, when information indicating the type of transaction request using electronic money (example 1: charge request and charge amount, example 2: reduction request and reduction amount) is included, and the transaction is permitted by the transaction determination for the authentication result The transaction included in the transaction request may be performed.

In the above-described embodiment, the reading device that reads the history information of the IC card makes an authentication request. However, the present invention is not limited to this. For example, instead of the authentication request, the reading device 100 requests history information necessary for performing authentication with confidence from the authentication server 400 or another reading device 200 or 300, and the history information received as a response to the request After authenticating based on the history information read by the confidence, it may be determined whether the transaction is possible.
Authentication may be performed with an IC card. Specifically, the reading device 100 that has read the history information of the IC card 10 transmits the history information received in response to the request for history information to the IC card 10 in a non-contact manner. Then, the IC card 10 performs authentication based on the history information received by the authentication program stored in advance in the storage unit 13 and the history information stored in the storage unit 13, and sends the authentication result to the reading device 100. You may transmit without contact.
Furthermore, it is needless to say that the embodiment and the modification may be arbitrarily combined without departing from the gist of the invention.

The reader 100 of the present invention can also be realized by a computer such as a normal PC.
Specifically, in the above-described embodiment, the program of the reading device 100 has been described as being stored in the ROM 102 in advance. However, a computer capable of executing the above-described functions of each unit by installing the program of the ROM 102 in the computer may be configured. Of course, the program is not limited to the ROM 102 but may be stored in other computer-readable recording media (for example, a flexible disk, CD-ROM, DVD, MO, etc.) and distributed to the computer.
Further, the program may be stored in a disk device or the like of a server device on a communication network such as the Internet, and may be downloaded to a computer, for example.

DESCRIPTION OF SYMBOLS 10 IC card 11 Communication part 12 Control part 13 Memory | storage part 100 thru | or 300 Reading apparatus 101 CPU
102 ROM
103 RAM
104 HDD
105 Network I / F
106 display unit 107 operation unit 110 reading unit 111 connection determination unit 112 identification unit 113 transaction control unit 114 communication unit 115 transaction request reception unit 116 writing unit 117 history information DB
118 Authentication determination unit 400 Authentication server 401 CPU
402 ROM
403 RAM
404 HDD
405 Network I / F
410 Communication Unit 411 Authentication Determination Unit 412 History Information Management DB
413 Writing unit

Claims (7)

A reading device capable of reading and writing information,
Reading means for reading the history information from a portable medium storing electronic value information and history information including identification information of another reading device that has written the value information;
Based on history information about the portable medium stored in the other reading device specified based on the identification information included in the history information, and history information read from the portable medium by the reading unit. Determining means for determining whether to permit the use of the portable medium;
A reading apparatus comprising: A communication determination unit that determines whether communication with an authentication server is possible after reading the history information by the reading unit;
The determination unit performs the use determination when the communication determination unit determines that communication is impossible, and when the communication determination unit determines that communication is possible, history information about the portable medium stored in the authentication server and Determining whether to permit the use of the portable medium based on the history information read from the portable medium by the reading unit;
The reading apparatus according to claim 1. The determination means includes
The history information read from the portable medium by the reading means is transmitted to the other reading device,
From the other reading device, receiving history matching information that is information indicating whether or not the transmitted history information matches history information about the portable medium stored in the other reading device;
The use determination is performed based on the received history matching information,
The electronic value information stored in the portable medium according to the transaction when the transaction using the electronic value information stored in the portable medium permitted to be used by the use determination is performed. And writing means for performing update writing of the history information,
The reading apparatus according to claim 1, further comprising: The determination means includes
Requesting the other reader device for history information of the portable medium stored in the other reader device;
Receiving history information of the portable medium transmitted in response to the request from the other reading device;
The use determination is performed based on whether or not the received history information matches the history information read from the portable medium by the reading unit,
The electronic value information stored in the portable medium according to the transaction when the transaction using the electronic value information stored in the portable medium permitted to be used by the use determination is performed. And writing means for performing update writing of the history information,
The reading apparatus according to claim 1, further comprising: A reading step of reading the history information from a portable medium storing electronic value information, history information including identification information of a reading device that has written the value information, and
Based on the history information about the portable medium stored by the reading device specified based on the identification information included in the history information, and the history information read from the portable medium by the reading step, A determination step for determining whether to permit the use of a portable medium;
A reading method comprising: A program for causing a computer to function as a reader capable of reading and writing information,
Reading means for reading the history information from a portable medium that stores electronic value information and history information including identification information of another reading device that has written the value information;
Based on history information about the portable medium stored in the other reading device specified based on the identification information included in the history information, and history information read from the portable medium by the reading unit. Determining means for determining whether to permit use of the portable medium;
Program to function as. An authentication system comprising an authentication server and a plurality of reading devices connected to the authentication server via a network,
Each of the plurality of reading devices is
Reading means for reading the history information from a portable medium storing electronic value information and history information including identification information of another reading device that has written the value information;
Communication determination means for determining whether communication with the authentication server is possible after reading the history information by the reading means;
When the communication determination unit determines that communication is not possible, history information about the portable medium stored in the other reading device specified based on the identification information included in the history information, and the reading unit Determining means for determining whether to permit use of the portable medium based on history information read from the portable medium;
The electronic value information stored in the portable medium according to the transaction when the transaction using the electronic value information stored in the portable medium permitted to be used by the use determination is performed. And writing means for performing update writing of the history information;
Storage means for storing history information after update writing by the writing means in storage means for storing history information of a plurality of portable media;
When the history information of the portable medium read by the other reading device is received from another reading device, whether or not the received history information matches the history information of the portable medium stored in the storage means History matching information transmitting means for transmitting history matching information, which is information indicating the above, to the other reading device;
When the history information stored in the storage unit is requested for the portable medium read by the other reading device from the other reading device, the history of the portable medium stored in the storage unit in response to the request History information transmitting means for transmitting information to the other reading device;
An authentication system characterized by comprising:

Images