JP2015039233A - Called party leadership based communication method, communication system, and electronic settlement system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To effectively utilize communication resources and additional devices by controlling a communication device as intended by an owner of the communication device, and to provide an efficient routing guide service system, secure and convenient electronic settlement, and a moving body charge collection system by eliminating nuisance communication, reducing useless communication traffics, and utilizing supervisory, anonymous communication and the additional devices of the communication device.SOLUTION: An owner of a communication device issues an instruction to an electronic secretary interposed between the communication device and a network beforehand. The electronic secretary identifies a caller or communication contents in accordance with instruction contents of the owner. Thereafter, a plurality of methods for handling from rejection to control permission are provided in response to communication request from each of callers, and the communication request arriving from the inside and the outside is processed.

Description

  The present invention relates to communication using electronic devices on a communication network, and more particularly to securing communication security in connection with the stage of establishing a communication connection. The present invention relates to the integration of communication and remote control functions that determine all operations according to the intention of the party that controls the callee or callee communication facility.

Telecommunications has become widespread. Various information technology services utilizing the Internet have rapidly spread to the general public, high-speed and large-capacity always-on communication has become widespread in ordinary households, and caller ID notification has become common. The caller now takes the initiative in communication.
However, it can be infected just by looking at the screen of the incoming mail, unsolicited communications against the intention of the callee, fraud that misrepresents the caller's identity, emails that adversely affect youth, frequent "attack" of mass emails Serious damage has occurred, such as a situation where a telecommunications carrier's network has failed due to a virus, a “one cut” incomplete call, and the telephone line has been paralyzed extensively over a long period of time. In addition, negative problems such as paralysis of communication infrastructure and deterioration of functions, the fall of normal communication, etc. have also emerged. It triggers the above illegal or legitimate acts due to the weakness of the existing public communication system.
Conventional nuisance communication prevention techniques are classified into each alert level. However, there is nothing that can cope with various situations simultaneously. For example, “designation rejection” rejects reception of a designated partner, but there is a problem that it is not possible to designate all unspecified many partners. In “designated reception”, data is received only from the designated partner, but it becomes “isolation principle” (see, for example, Patent Document 1, Non-Patent Documents 1 and 2). With the method of Patent Document 6, the convenience when registering / cancelling the rejection number can be improved. Receiving is rejected according to the receiving conditions specified by the receiver, and the e-mail sender determines whether or not the e-mail can be transferred. However, it is difficult to determine the condition itself, and there is a problem that it cannot be specified (for example, patent document) 2 and 3). There is also a method in which unopened mail is recorded in the received spam mail and the sender is charged reversely (for example, see Patent Document 4). Some extract the sender's identification information from the incoming e-mail (see, for example, Patent Document 5).

However, these technologies (a) how to respond after at least one nuisance communication occurs (see, for example, Patent Document 6), and legal regulations such as the opt-out method are all Forced to respond to the caller, especially in the case of email. The reasons are: The number of callers is huge. Sending only one time is annoying, and it is not realistic to reply one by one. Even if refusal registration is made, the number of storage areas that can be registered is limited and cannot be increased indefinitely. The above laws and regulations cannot be resolved, for example, how to regulate the content of foreign language transmissions, the existence of countries where there is no legal system for outgoing regulations, and prosecution of violators if the sender is an individual rather than an organization. Not realistic. 2. Cannot cope with one-off spam communication. 3. It cannot deal with criminal acts such as “Ole scam” and the problem that home phone calls are used by criminals.
(B) Perfect reception conditions cannot be set. The “designated reception” technique has the potential to prevent important communications from being received. Strict laws and regulations, and the opt-in method that allows transmission only to registrants hinders freedom of expression and freedom of business. As a concept of spam mail, there is no common standard that cannot be determined without considering the subjective factors of individual callees as to what kind of mail hits the spam mail. A technique such as filtering using a known spam mail sender database cannot reflect the subjectivity of the called party at all, and there is a limit that can clearly cope with the situation where the sender address is constantly changing.

(C) In general, conventional communication systems are premised on the concept that communicating parties know each other's identities. For example, a personal phone number plays the role of personal identity. For this reason, if a phone number is easily disclosed to an unknown party, there will be some danger. On the other hand, if you need anonymous communication to the beginning or the end of activities such as personal-to-individual, personal-to-company transactions, companionships, job hunting, etc. on the network, once you invite the other party, your email address or phone number will be your partner Therefore, when you want to catch yourself, you can't easily break the relationship with the other party. Patent Document 10 discloses a method of establishing a communication channel that requires two steps for anonymous communication and removes both pieces of identity information from communication contents through a dedicated anonymous communication center.
(D) With the advancement of technology, small-sized mobile communication devices have become multifunctional. Utilization of attached functions such as cameras attached to communication equipment, attached position information devices, children, elderly people with blur, and unattended can be safely used as communication means and for custody. For example, for use of position information, there is a control means for setting a travel route, but the calculation amount is large and is not suitable for a small device such as a mobile phone (see, for example, Patent Documents 7 and 8). Although there is a mobile phone provided with means for receiving radio waves from a GPS satellite, there is no means for preventing unwanted communication (see, for example, Patent Document 9).
Patent Documents 19 to 20 and 27 to 29 show techniques for using a mobile device for settlement. However, the payment PIN cannot be used safely. In Patent Documents 30 to 31, a technique relating to cashless at the time of commercial transaction is shown. However, the liquidity of funds is impaired.
JP-A-5-14488 (Claim 1, FIGS. 1-4) JP 2002-344524 A (Claims 1-15, FIGS. 1-19) JP 2000-10880 (Claims 1-5, FIGS. 1-18) Japanese Patent No. 3283873 (Claims 1-2, 1-3) Japanese Patent No. 3003640 (Claims 1-2, 1-2) Japanese Patent Laid-Open No. 2002-290656 (full text, Fig. 1-3) Patent No. 3460033 Specification Japanese Patent Publication No. 6-60821 (Claim 1-2, FIG. 1) Japanese Patent No. 3039536 (full text, Fig. 1-7) US Pat. No. 5,884,270 (full text, FIGS. 1-9) US Pat. No. 6,070,149 US Pat. No. 6,370,235 US Pat. No. 6,691,156 Japanese Patent Laid-Open No. 2001-148094 (full text, FIG. 1-7) JP-A-10-307993 Japanese Patent Laid-Open No. 9-22497 Japanese Patent No. 3488192 Japanese Patent No. 3028796 JP-A-8-339407 JP 2001-338250 A JP 2003-141043 A JP 2002-374307 A JP 2003-36230 A JP 2001-217861 A JP 2003-333097 A JP 2003-216548 A Japanese translation of PCT publication No. 2004-519022 Japanese Patent No. 3497144 Japanese Patent No. 3339843 JP 2000-242717 A JP 2001-306982 A JP 2000-48283 A JP 2002-42273 A JP-A-11-234393 JP 2003-18636 A Study Group on How to Deal with Spam Mail, “Interim Report”, [online], January 24, 2002, Ministry of Internal Affairs and Communications, p. 10, [Search January 9, 2004], Internet <URL: http://www.soumu.go.jp/s-news/2002/020124_4.html>4 Study Group on How to Deal with Spam Mail, “Report”, [online], October 7, 2002, Ministry of Internal Affairs and Communications, p. 3-5 [Search January 9, 2004], Internet <URL: http://www.soumu.go.jp/s-news/2002/021007_1.html> M. (J. Myers), "RFC 1939, POP3 (Post Office Protocol-Version 3)" [online], May 1996, IAB (Internet Architecture Boad) standard recommendation document RFC (Request for Comments), p. 11 [Search January 12, 2004] Internet <URL: (ftp://ftp.rfc-editor.org/in-notes/rfc1939.txt) J. Klensin, “RFC2821, (Simple Mail Transfer Protocol)” [online], April 2001, IAB (Internet Architecture Boad) standard recommendation document RFC (Request for Comments), p. 32, [Search January 14, 2004], Internet <URL: (ftp://ftp.rfc-editor.org/in-notes/rfc2821.txt) P. Resnick, "RFC2822, (Internet Message Format)" [online], April 2001, IAB (Internet Architecture Boad) standard recommendation document RFC (Request for Comments), p. 26 [Search January 20, 2004], Internet <URL: (ftp://ftp.rfc-editor.org/in-notes/rfc2822.txt)

  All of these devices are intended to prevent the intention of an administrator of an electronic device (hereinafter referred to as a communication device) having a communication function and a function related to communication, that is, to prevent the operation of the device due to the intention of others including nuisance communication. It is related to the will to control. The problem with the prior art is that this will not be satisfied. It is an object of the present invention to solve this problem and satisfy the intention of the parties concerned. Specifically, it is an object of the present invention to efficiently use communication resources with peace of mind as intended by the parties concerned. Communication, function to control communication devices, eliminate nuisance communication without compromising conventional communication functions in a normally open manner, reduce unnecessary communication volume, supervision, emergency communication, anonymous communication, efficient mobile equipment It is an object of the present invention to utilize an accessory device of a communication device such as a location information service. It is an object of the present invention to provide a route guidance service, to grasp a traffic state without providing a dedicated facility, and to realize a safe and convenient electronic payment and mobile fee collection system.

In order to solve the above-mentioned problem, as shown in FIG. 1, the present invention is directed to an administrator of a communication device that issues an instruction to an electronic secretary interposed between the communication device and the network in advance. According to the contents, a communication request arriving from the inside or the outside (communication device or network) is provided with a plurality of treatment methods. When the communication request is received, one of the plurality of treatment methods is selected, Treating the communication request; the method of treating in this specification is referred to as “treatment” and means a method of performing a specific treatment for a specific communication request determined by an administrator.
Conventional communication is usually led by a caller. For example, when a call is made to the other party, it is considered that the other party receives the call. Since the response method is also simple, there is no need to describe it in special terms. The present invention has a variety of response methods, and there is no appropriate technical term to express briefly. Therefore, the term “treatment” is used to express the relationship between the parties.
Receiving refusal treatment is an expression of intention to completely reject the caller, communication permission treatment is a conventional communication need, control permission treatment is a potential need, an expression of intention to give the caller control of the communication device is there.
As used herein, the term “control permission” refers to an administrator's intention to allow a communication facility to be in a controlled state, execute a caller's command, or activate a specified function or program. Represents. For example, when the caller can remotely activate the camera attached to the communication device to monitor the incoming side and receives a communication request for confirmation of electronic payment, the personal authentication program is activated.
The idea of the invention begins after all callers have received prior permission. When an unknown caller makes a call without permission, first the name of the caller is asked, the caller's identity is judged, and whether or not to communicate is determined. This is called application acceptance. This flow can be compared to an example of a receptionist or secretary. Instruct the secretary in advance to the prescribed rules, and the secretary will respond to the instructed visitor, treat them in the specified manner, and if an unknown visitor arrives, ask for their name and requirements, Decide whether or not to allow visitors based on the rules taught by your boss. For example, if the boss is interested in the visitor's requirements, let the boss pass. If it turns out that it is an old acquaintance of the boss, let it pass. A clever secretary can remember the visitor and immediately decide whether to treat the second visitor kindly or pay in front of the gate.

If the supervisor comes, follow the order. This is because the boss has control. This is like a remote control of a communication machine.
In the present invention, the party issues an instruction to the electronic secretary who realizes the secretary role in advance, and the electronic secretary processes the communication request according to the instruction content of the party. A first rule consisting of a caller ID and a treatment to be given is taught to the electronic secretary, and a communication request is first dealt with based on the first rule. If the second rule consisting of a question, correct answer, and treatment is taught to the electronic secretary and the treatment method is not known by the first rule, the sender is asked a question, and the correct answer is obtained based on the second rule. Then, the ID and treatment of the caller are stored as the first rule. Also, the electronic secretary is instructed how to deal with the caller who did not get the correct answer.
The second rule can include the personal information of the parties. For example, if it is specified as a rule that the name of the party is known, the caller who does not know the name of the called party can be rejected. You can also identify family members and relatives with secret words and passwords. In the case of telephone communication, voice recognition and voiceprint recognition can also be used.
The types of treatment include reception rejection and communication permission for communication requests arriving from the outside, and transmission rejection and transmission permission for communication requests transmitted from the inside. A virtual account (described later) is introduced for settlement.

(A) Prevention of spam mail and spam calls. The greatest feature of the present invention is that annoying communication is prevented without being allowed to occur logically once before it occurs. 1. Communication is not allowed unless the pair of caller ID and callee ID matches. Even if the sender ID can be forged, it cannot be matched with the receiver ID pair. When caller ID cannot be forged, such as caller ID notification, an unknown number of application opportunities are given to unknown callers, and then unconditionally rejected to prevent automatic nuisance communication attempts by the program it can. 2. For those who want to make a one-off call, the application procedure starts automatically and the sender is charged for the communication fee, so sanctions can be imposed. 3. Because it is automatically confirmed according to the procedure decided for the other party who was not registered, it can cope with "ole scam" where the elderly are inadvertently deceived.
(B) At the same time, in the case of a partner who answers the callee's question accurately, for example, when the callee's name can be answered, the communication function is not substantially impaired in a normally open manner similar to the conventional case. The caller's freedom is not restricted. If you want to sell or advertise things, you only benefit if both parties are interested. The present invention is provided with means for preliminarily expressing interest on the receiving side, and does not reject communications that benefit both parties.
(C) When the present invention is operated on the receiving server, it can be prevented at the time of sending a nuisance communication request. It is possible to reduce the amount of communication by using a large amount of wasted mail on the public network, effectively use the facilities, and save the nuisance communication compensation fee of the communication company. Even if it is not operated on the receiving server, it is possible to reduce the social burden for changing communication contracts and implementing laws, and to manually judge junk mail and save time for deletion. By eliminating nuisance communication, the use of communication means will eventually increase.
(D) Simple anonymous communication, one-way communication allowing only one side to transmit is possible. You will be able to carry out companionship and job hunting activities more securely and comfortably via the public communication network.
(E) The other party is automatically identified according to the subjective consciousness of each party, and even if the other party obtains an unauthorized communication permission due to an automatic processing problem, the permission can be revoked.
(F) The communication device and the communication accessory device can be used efficiently and safely as the intention of the ruler of the receiving communication machine. Integration of custody, crime prevention, emergency communication, and vehicle driving guidance functions can be realized. This creates new uses and new needs.
In addition, problems, means, and effects are described for each embodiment.

  The term “communication request” used in the present specification means the content of communication that has arrived at the electronic secretary before achieving the original communication purpose of the caller. For example, the connection request or the callee Before receiving, the e-mail or data received by the electronic secretary or a request for consent is a communication request.The “rule” is a pair of search conditions for processing objects and action definition information when the search conditions are satisfied. The “first rule” is a condition part having an application condition relating to a caller ID (caller identifier) and an action corresponding to treatment. An execution unit for instructing execution, and “when the communication request from the caller is actually received, the ID of the caller detected from the communication request (hereinafter referred to as“ actual caller ID ”) is If it matches the caller ID in the condition part Represents the matter of “treating the communication request based on the treatment”, “first rule set” is a set of first rules, and in this specification, a first rule is created, Adding to the first rule set gives treatment to the caller. ・ The “second rule” is an execution instructing the execution of an action corresponding to the treatment with a condition part having application conditions regarding the expected application contents. "If the expected application content is detected from the communication request, the communication request is treated based on the treatment", and the "third rule" is , A rule having a condition part having an application condition relating to a caller ID and a reception time, and an execution part instructing execution of an action corresponding to the treatment, "if the fact caller ID detected from the communication request is a condition The communication request is dealt with based on the treatment if the predetermined time has not elapsed since the reception time. “Rule 4” is a rule having a question to be presented to the caller, a condition part having an application condition related to the correct answer of the question, and an action execution part for scoring. If the answer is correct, the score is counted and the total score is totaled. ”The“ fifth rule ”includes a condition part having application conditions regarding the callee ID and the call time. And an execution unit for instructing the execution of the action corresponding to the treatment, “If the destination ID (the ID of the callee) matches the callee ID of the condition part and the predetermined time from the call origination time” Time has not passed Represents the matter that “the call request is treated based on the treatment”, “the caller” means one selected from the group consisting of the side party and equipment requesting the start of communication. “Treatment information” is information on the recipient ID and the first rule set. However, if there is only one recipient ID, it means the first rule set. This means an identifier provided by a service provider to a party who uses the communication service, and it is possible to provide a plurality of identifiers to one party. “Communication permission” conveys a communication request to the called party. This means that the electronic secretary judges that communication can be permitted, communicates the communication request to the called party, makes the communication request of the conventional communication means the same as when the incoming call is received, and whether the called party communicates. The final decision can be made. "Yant" means a device that can collect the recipient's mail stored on the server. For example, mobile phones that receive mail, and the standard recommendation document RFC (Request for Comments) issued by IAB (Internet Architecture Boad). This applies to hosts that are trying to use services that comply with POP3 (Post Office Protocol-Version 3) as defined in) .- "Send client" means a device that sends mail, for example, sends mail Client server, ISP server that sends mail, “Server” means the service provider side, telephone switch corresponds to server, and “Receiving server” receives mail This means a device that provides a service to store and pass the stored mail to the called party when the called party accesses it. The “host” is the host that provides the service, “Communication” means transmitting information and control signals, “Mail” means email, and “Preliminary application” Means disclosing information including their ID (identifier), allowing the caller to apply for communication permission, and applying for communication permission to the party before the caller issues a communication request; “Identity registration” identifies a party who uses a communication service by ID, and the provider of the communication service provides the ID to the party, and includes a group consisting of a provider of the communication service and a third party. What is selected means that the identification information of the party is registered, and “permission” means that the caller acquires an audio signal acquired by the transmitter of the communication device on the called side.・ "Allow monitoring" is incoming to the caller This means that the image signal acquired by the imaging device installed on the called party side is acquired through the communication device on the side. ・ "Position acquisition permission" is installed on the called party side through the communication device on the called party side. Means that the location information acquired by the location acquisition means to be acquired, “Alert alert permission” means that the caller is allowed to output information through the communication device on the receiver side, and alert the receiver -"Information transfer permission" means that the caller is allowed to transfer information to the communication device on the called party side.-"First expectation" is applied when treatment cannot be determined by the rule set to be applied. ”Means pre-set treatment,” “subject” means informational fields that have the purpose of information recommended by the person included in the mail header, and “sender email address” ”Means the destination e-mail address that contains the reply destination e-mail address specified by the caller and sends the e-mail to the caller. ・“ Treatment application ”means applying for communication permission. Can also be considered as a form of treatment application. ・ "Treatment relationship" is a relationship that both parties establish by treatment given to each other. ・ "Treatment set" means a set of treatments. "Application content" means the content of the application for permission of communication, and "Expected application content" means the application content expected by the called party. For example, when asking the other party the name of the called party, The name of the application is the expected application content, that is, the application content that the correct answer of the question is expected, or can be specified as a topic of interest, a keyword, or the expected application content. Means that permits execution of a program on the incoming side communication apparatus to the sender, said communication device comprises means for executing the CPU or the like program.

Explanation of email related terms. The flow of mail transmission is generally from the sender terminal (sending client) to the sending mail server (receiving server), from the sending mail server (sending client) to the receiving server, and from the receiving server to the called party terminal (receiving client). The sending mail server has two roles of receiving server and sending client.
Hereinafter, embodiments of the present invention will be described with reference to the drawings.
FIG. 1 is a diagram showing a schematic configuration example of an embodiment of the present invention. The party terminal 101 performs communication on the network 104 via the electronic secretary 102, and the electronic secretary may be incorporated on the party terminal side or the server side that provides the communication service, or in the case of telephone communication, on the telephone side or the exchange side. .
When it is incorporated on the server side, it is connected to the party terminal through the communication channel. The instruction file 103 may be incorporated in the electronic secretary or independent of the electronic secretary. The administrator may input data directly into the instruction file (not shown in the figure). The instruction file is stored in the data storage device. As long as the storage device is obtained by achieving the object of the present invention, for example, an optical storage medium can be adopted in addition to an electronic memory circuit such as a magnetic storage device, a RAM, and a ROM. The preferred implementation of the instruction file is a database that organizes and integrates interrelated data, including multimedia information, and is easy to search. Hereinafter, the same reference numerals are used for common or similar components in the drawings.
FIG. 2B is a record layout diagram showing the contents of a data database (hereinafter referred to as R1DB) that records a first rule set relating to items and treatments. There can be multiple items. For example, there are two items, a transmission number and a command, in the condition part of “communication confirmation” treatment described later.

The table contains all the data in the database. A table is a collection of columns. Data is organized in row and column format. Each row represents a record, and each column represents a field of that record. The record layout is composed of information organized by "field name" (left side of the table shown in the figure) and "field feature" (right side of the table shown in the figure). A line matches each field. The primary key is a column containing a value that uniquely identifies each row of the table. The foreign key is a column for setting a link between data in two tables.
R1DB has fields for a caller ID and a treatment ID.
FIG. 2A is a record layout diagram showing the contents of a data database (hereinafter referred to as TDB) in which one embodiment of a treatment set is recorded. The specific realization of each treatment differs depending on the communication device, and the total number of treatment types that can be realized differs depending on the communication device. The treatment set can be expanded and simplified according to the individual needs of the parties concerned. The treatment ID is used to identify the processing method (function) to be called in the program, and the text is used to display the function contents to the user.
FIG. 2C is a record layout diagram showing the contents of a data database (hereinafter referred to as GDB) in which one example of the presentation information is recorded. When the presentation information includes a question to be presented to the caller, it may be in the format shown in FIG. 2F.
FIG. 2D is a record layout diagram showing the contents of a data database (hereinafter referred to as R2DB) that records an example of the second rule set relating to expected application contents and treatment.
FIG. 2E is a record layout diagram showing the contents of a data database (hereinafter referred to as R3DB) that records an example of the third rule set relating to the sender, reception time, and treatment.

FIG. 2F is a record layout diagram showing the contents of a data database (hereinafter referred to as R4DB) that records an example of the fourth rule set relating to the question presented to the caller, the correct answer of the question, and the score. The question and the presentation information stored in the GDB include information selected from the group consisting of text, sound, and images.
FIG. 2G is a record layout diagram showing the contents of a data database (hereinafter referred to as R5DB) that records one embodiment of the fifth rule set relating to the callee ID, call origination time, and treatment.
FIG. 2H is a record layout diagram showing the contents of a data database (hereinafter referred to as TRDB) in which one embodiment of the treatment relationship master is recorded.
FIG. 4 is a flowchart of one embodiment of the present invention.
A method of performing communication via an electronic secretary system (hereinafter referred to as “electronic secretary”) that supports communication in a telecommunications network, in which an administrator issues an instruction to the electronic secretary in advance, and the electronic secretary communicates with a communication device. Installed between the networks, the electronic secretary processes a communication request from the inside (communication device) or outside (telecommunications network) according to the contents of the administrator, and the method includes (a) the electronic secretary A step of inputting data for constructing an instruction file for instructing an operation; a condition part having an application condition relating to an item, wherein the instruction file includes: an execution part instructing execution of an action corresponding to treatment; A first set of rules (referred to herein as a “first rule set”) described in the rules having the following: (the first rule is “actually receives the communication request from the caller; If the item detected from the communication request (hereinafter referred to as “actual item”) matches the item in the condition part, it represents the fact that the communication request is treated based on the treatment. In the present specification, creating the first rule and adding it to the first rule set is said to give the caller a treatment), (b) communication using the electronic secretary capable of the following operations: And performing the method. (1) The item is detected from the communication request from the caller, (2) The instruction file is accessed, (3) The application condition is satisfied for all the rules in the first rule set. (4) to transmit the communication request to the callee for each of the communication requests. (Hereinafter referred to as “communication permission”) and a plurality of treatment methods (hereinafter referred to as “treatment set”), and when receiving the communication request, select one of the plurality of treatment methods. The communication request is processed.
When a communication request from an internal or external caller is received, the item, that is, a fact item is detected from the communication request (401), an instruction file is read (402), and the first rule set is applied in the next first rule set application procedure. Apply. That is, for all the rules in the first rule set relating to items and treatments, a rule that satisfies the applicable condition is found, and R1DB (see FIG. 2B) is searched under the condition that the item and the fact item match ( 403) It is determined whether or not it is found (404), and when the record is detected, that is, when a rule that satisfies the application condition is found, the treatment given to the sender can be extracted from the field of treatment ID. . Then, the rule execution unit is executed (406). If not found, the communication request is treated based on a predetermined treatment method, that is, the initial expected treatment (405).

A rule set is a description of control of processing by data having a structure. That is, there are a plurality of different data in the same rule set. Different data in the same rule set is used to control similar processing. In this specification, in the case of the same rule set described by different data, it will be referred to as a rule set.
First, a case where a communication request from the outside is processed and treatment is given to each caller will be described. In the first rule set, the item is a caller ID (caller identifier), treatment for rejecting the communication request is called “reception refusal”, and treatment for receiving the communication request is called “application acceptance”.
Acceptance of application means that the caller permits the caller to express his / her desire to communicate, which can communicate the communication request including information for identifying the caller to the electronic secretary, In addition, after the presentation information is presented to the caller, the original communication purpose of the caller cannot be achieved before the caller's response is received and it is determined that the communication request can be permitted based on the response.
The term “communication requirement” refers to communication that establishes a communication connection between a caller and the electronic secretary and achieves communication with a callee that reaches the electronic secretary before achieving the original communication purpose of the caller. Means content. For example, in the case of telephone communication, the caller's name, phone number, and message are recorded and communicated to the receiver, and the electronic secretary sends out voice guidance and receives the caller's reply, but the reply is judged to be correct. Do not allow conversations with recipients before Repeated questions and answers are possible. Immediate judgment and judgment after the callee are possible. Replies can be received by dialing number or voice identification.
For the purposes of this invention, the term “application acceptance” refers to any interaction that facilitates an ongoing cycle of receiving guidance messages and receiving responses.

In the case of e-mail communication, the e-mail address, subject, etc. are received, but the contents are not handed to the recipient before the contents are judged to be correct, and the e-secretary returns the presented information, and the sender responds according to the presented information. Do not hand it over to the recipient before the content is correct.
The recipient can freely determine the presentation information. For example, the caller can be asked for personal information such as the name of the callee.
Some conventional telephone technologies have a function of being able to stay away. In the present invention, it is different from confirming the other party only when the caller is not known, enabling communication if the caller is confirmed, and calling or refusing when the caller is known.
FIG. 5 is a flowchart of an embodiment according to the present invention. The instruction file includes presentation information to be presented to the caller, and the electronic secretary can perform an operation of presenting the presentation information to the caller. The instruction file includes a second rule set described in a rule having a condition part having an application condition related to an expected application content and an execution part instructing execution of an action corresponding to treatment (in this specification, “ (Referred to as “second rule set”) and (the second rule represents that “if the expected application content is detected from the communication request, the communication request is treated based on the treatment”). The application acceptance includes the following operations: (a) detecting the expected application content from the communication request; (b) applying the second rule set. ID is detected (501), the instruction file is read (502), the first rule set is applied (503), the result is judged (504), and the application acceptance is the second rule set relating to the expected application contents and treatment The rule for which the applicable condition is satisfied is found for all the rules in (505), and it is determined whether or not the rule is found (506). If it is not found, the predetermined treatment method, that is, the first expected treatment is used. Treat based on.

For example, after the presentation information is presented to the sender, reception is refused. Or it refuses reception without presenting guidance. It is desirable to decide by the parties. It is desirable to select the initial treatment from the treatment set excluding the application acceptance treatment (507). Use whether or not to execute the application acceptance treatment when no rule that satisfies the conditions of application of the first rule set is found. Can be selected.
When a rule for which the application condition is satisfied is found, the communication request is processed based on the given treatment, that is, the treatment described in the execution part of the rule (508). The treatment includes communication permission and reception refusal, such as partially permitting communication, recording the caller's requirements, and so on. It is possible to specify according to the intention of the person. For example, if the communication facility has only a basic communication function, the communication contents are passed so that the implementation of the electronic secretary's communication permission treatment does not simply interfere, and if the communication is not permitted, all communication contents are simply blocked.
A communication facility incorporating an embodiment of the present invention includes a basic communication function and a function to be controlled. After instructing the communication facility to perform control permission treatment of the electronic secretary, the communication contents including the command of the caller are passed. Furthermore, various controlled states such as information transfer permission, alerting permission, position acquisition permission, hearing permission, and monitoring permission can be realized.
By using the second rule set to issue a password to the sender, phishing (sender identity forgery) fraud can be prevented.
Communication can be permitted by judging from the communication contents using the second rule set. Freedom of transmission is not restricted. Mail order sales and advertisements that can benefit both parties are possible.

Similar to the mechanism for processing communication requests from the outside, communication requests from the inside can be processed. For example, it is possible to use a first rule set for outgoing call in which the item is a callee ID (callee identifier). A treatment for rejecting a communication request of “call rejection”, a treatment for permitting a communication request of “transmission permission”, and a treatment of “transmission authentication” can be used. In the transmission authentication process, an authentication program is started, and transmission is permitted when authentication by password verification or the like succeeds. For example, in the case of a company, outgoing calls such as international calls can be managed using the present invention.
In this specification, giving a treatment to a certain communication request means taking a specific measure for a communication request having a specific communication content.
FIG. 6 is a flowchart of another embodiment of the present invention described in the description of FIG. The communication is an e-mail communication, the caller ID is a caller's e-mail address (return address), the presentation information includes a description of conditions for receiving the e-mail, and the communication permission treatment is an e-mail The electronic secretary first applies the first rule set when the communication request arrives, and the application condition is satisfied. If no rule is found, the application is accepted, and in the step of accepting the application, when the second rule set is applied, a rule that satisfies the application condition is not found, that is, treatment cannot be determined. In the case, the communication request is rejected after the presentation information is presented to the caller.
The sender's mail address is detected (601), the instruction file is read (602), the first rule set is applied (603), the result is judged (604), the second rule set is applied (605), The result is judged (606), and the presentation information includes a description of the condition for receiving the mail, and the treatment of the communication permission is to receive the mail. That is, the electronic secretary passes the mail, and the recipient receives the mail. The reception refusal treatment does not receive mail (608), and presenting the presentation information to the sender is returning the presentation information to the sender (607).
FIG. 7 is a diagram showing the configuration of another embodiment of the present invention described in the description of FIG. The electronic secretary and instruction files R1DB, GDB, R2DB are incorporated in the receiving client side user terminal 701. Reference numeral 702 denotes an ISP (Internet Service Provider) receiving server.

FIG. 8 is a flowchart of another embodiment of the present invention described in the description of FIG. The electronic secretary is installed on the receiving client side and rejecting the communication request is to send a delete command to the receiving server to delete the e-mail from the receiving server. The way to apply for permission is to list the application in the subject line of the email. The presentation information includes at least content that prompts the application subject to be described in the subject of the email. For example, the question is presented and the answer is prompted to be written in the subject.
Then, it logs in to the receiving server (801), and detects the sender's ID, that is, the sender's mail address from the header of the mail (802). For example, the command “TOP 1 0” described in POP3 (Non-patent Document 3), which is a general mail reception protocol, is sent, and the header of the first mail is received from the POP3 server and analyzed, so that the sender's electronic E-mail address can be detected.
Then, the instruction file is read (803), the first rule set is applied in the first rule set application procedure (804, 805, 809), and a rule satisfying the application condition is not found from the first rule set. The second rule set is applied in the following example procedure (806, 807). First, the correct contents are extracted one by one for all the records in R4DB (see FIG. 2F), and based on the extracted contents, the corresponding contents are searched from the subject included in the header of the mail and scored. .
Then, for all records in R2DB, a record that matches the score value is detected, and when it is detected, that is, when a rule that satisfies the application condition is found, the treatment ID can be extracted from the field of the treatment ID. . Then, the rule execution unit is executed (809). The initial treatment is processed (808).

There is also an invention for extracting sender identification information from an incoming e-mail (Patent Document 5). The present invention is different in that the caller ID is extracted from the header of the arrived electronic mail. The present invention can achieve the object without opening the mail body. Therefore, in comparison with the above-described invention in which the main body of the mail is opened, the communication amount of the billing part of communication with the server such as a mobile phone can be greatly reduced.
FIG. 9 is a diagram showing a configuration of another embodiment in the present invention described in the description of FIG. An electronic secretary and instruction files R1DB, GDB, and R2DB are incorporated on the receiving server 901 side. Reference numeral 902 indicates a receiving client. Reference numeral 903 denotes a mail transmission client.
FIG. 10 is a flowchart of another embodiment of the present invention described in the description of FIG. The method for applying for communication permission presented to the caller is to describe the application contents in the subject line of the email. The presented information includes at least content that prompts the application subject to be described in the subject of the email, the electronic secretary is installed on the receiving server side, and the communication request is rejected to the sending client of the email The communication is stopped after notification of the error occurrence. The envelope (envelope) is received (1001), the sender's mail address is detected, the instruction file is read (1002), and the first rule set is applied. The first rule set is applied in the procedure (1003, 1004, 1009). If no rule satisfying the application condition is found from the first rule set, a header including the subject of the mail is received in order to receive the subject of the mail (1005), and the second rule set application procedure The second rule set is applied at (1006, 1007, 1009). The initial treatment is processed (1008).

FIG. 11 is a partial flowchart of the early determination process of another embodiment in the present invention described in the description of FIG. The early determination means to determine and execute to reject the reception of the mail before the reception of the mail body is completed. The present invention can determine to reject the reception of the mail body by judging the subject content of the mail. However, prior art SMTP compliant mail senders send a mail envelope, but before sending the content, there is a step to check if it is authorized, but once the mail content has been sent, before sending the body, There is no step to check if it is authorized (see Non-Patent Document 4). Therefore, a sending client that has been forcibly canceled (ie, early decision) by closing the communication channel during content transmission will have a mail sender implemented to ignore the error code returned when it is terminated and resend. May exist. The present invention can realize early determination that can prevent generation of wasteful communication even when receiving from such a prior art sender.
The early determination process starts when a rule that satisfies the application condition of the step of applying the first rule set (FIG. 10, 1004) is not found. The third rule set is applied in the next third rule set application procedure. That is, the R3DB is searched based on the condition that the caller ID (the mail address of the caller in this embodiment) matches and the predetermined time has not passed from the reception time to the search time (1101), When the result is judged (1102) and the rule in which the record is detected, that is, the applicable condition is found, the treatment can be extracted from the treatment ID field. Then, the rule execution unit is executed (1110). If a rule that satisfies the application condition is not found, the header including the subject of the mail is received (1103), and the second rule set is applied in the second rule set application procedure (1104, 1105, 1112). The initial expected treatment is processed (1106). However, if the treatment and initial expected treatment of the second rule set execution unit include reception refusal (decision: 1107), the third rule is determined based on the fact sender ID, reception time, and reception refusal treatment. In addition to the third rule set (1108), the communication request is processed based on the treatment, and the reception refusal during the treatment is merely a temporary error state returned to the transmission client, and then the communication is forcibly stopped ( 1109), if not, the communication request is processed based on the given treatment (1112). The purpose of the execution of the third rule is to stop a prior art SMTP compliant sender before the reception of the header: a step in which the prior art can be officially stopped. Since it only needs to be executed once, when the execution part of the third rule is executed, the corresponding rule is deleted (1111).

Issuing a TCP protocol socket disconnection command (close) is an example of the forced abort. If a sender compliant with SMTP encounters a transmission retry after a certain period of time, the third rule set is used as a rejection history. If the sender can detect the aborted sender retry from the history, the system refuses to send the content according to the standard SMTP method. If no retries occur, delete the old rejection history. In this way, it is possible to realize early determination that can prevent generation of unnecessary communication amount. This third rule set for this purpose is called a third rule set for cancellation.
The embodiment shown in FIGS. 30 and 31 is proposed as an extended function of the conventional SMTP. When the sender implementing this function and the invention shown in FIG. 10 are used at the same time, the recipient's electronic secretary does not need to respond to the retry, and the forced cancellation means by the command of the TCP layer located in a layer different from SMTP. Without having to rely on the system, it is possible to further reduce the amount of communication on the public network and the processing of the connected mail server for spam mail.
If the predetermined time is set longer than the retry interval (see Non-Patent Document 4) in the third rule, the re-execution transmission is surely captured (YES in 1102), the sender is abandoned, and undesired repeated re-execution Execution can be prevented.
In step 1109, a failure response may be returned to the sending client instead of a temporary error state. You may judge that it is a junk mail when the correct answer of a question or the expected keyword is not detected or is detected after receiving a part or all of the content instead of the header.
FIG. 12 is a flowchart of another embodiment of the present invention described in the description of FIG. The presentation information presented to the caller makes an application for permission of communication, the presentation information includes at least content that prompts the electronic mail to describe the application content, and the electronic secretary is installed on the receiving server side, Rejecting the communication request is to notify the sending client of the e-mail that an error has occurred and stop communication, and when the electronic secretary receives the communication request, first the fact sender ID Is received up to the envelope (envelope) of the e-mail, the first rule set is applied, and if no rule that satisfies the application condition is found, the e-mail content is received. , Accept the application. Receiving the envelope (envelope) (1201), detecting the sender's mail address, reading the instruction file (1202), and applying the first rule set in the first rule set application procedure (1203, 1204, 1209) ). If no rule satisfying the application condition is found from the first rule set, the content is received (1205), and the second rule set is applied in the second rule set application procedure (1206, 1207, 1209). . The initial treatment is processed (1208).

FIG. 13 is a flowchart of another embodiment of the present invention described in the description of FIG. When the second rule set is applied, if a second rule that satisfies the application condition is found, treatment of the execution unit of the found second rule is given to the caller. ID is detected (1301), the instruction file is read (1302), the first rule set is applied (1303), the result is determined (1304), the second rule set is applied (1305), and the result is determined ( 1306), the first expected treatment is processed (1307). The difference from FIG. 5 is that when the second rule satisfying the application condition is found, the storage condition is further determined (1310), and if the condition is satisfied, the electronic secretary finds the second rule It is to give the caller the treatment of the execution part of the rule. That is, based on the caller ID and the treatment, a first rule is created, added to the first rule set (1309), and a communication request is processed based on the treatment (1308). Usually, one of the storage conditions is that the treatment of the execution part of the found second rule is not acceptance of the application. Storage conditions can be specified or changed by the parties.
This process is called automatic screening. For example, if you correctly answer a question specified by the recipient, all the parties who contacted the recipient once will be automatically stored in the first rule. Not. Application acceptance treatment is usually not given to a specific partner. This is useful as a record of communication with the other party when the person who gave the communication permission treatment is demoted and given the application acceptance treatment.
Step 1307 takes action based on the initial expectation. The initial expectation in this example is to refuse reception after presenting presentation information to the sender. When the caller is unknown, it is necessary to present the presentation information in order to make the caller apply for communication permission. If the presentation information is not presented in the exchange of application acceptance, it can be presented in this step. It is also possible not to present at the will of the parties.
FIG. 14 is a flowchart of a portion of another embodiment of the present invention described in the description of FIG. This part of processing is included in the initial expected processing block (FIG. 5, 507). That is, when treatment is not determined by the first and second rules, the third rule set is applied in the third rule set application procedure (1401, 1402, 1405). When applied, the corresponding rule is deleted from the third rule set (1406), the first rule is created based on the caller ID and predetermined treatment, and added to the first rule set (1407). If a rule for which the application condition is satisfied is not found, a third rule is created based on the caller ID, the reception time, and predetermined treatment, and added to the third rule set (1403). The electronic secretary executes the original first expectation (1404).

When the caller is unknown, the present invention automatically replies to the caller and confirms the identity of the caller. However, the reply address of most spam mails is currently forged. Auto-reply can create new spam emails. When the second mail is received from the return address, the present invention does not include information capable of confirming the predetermined identity, and if the party designates the predetermined treatment, for example, refusing reception, Ignore the address and give a reception rejection treatment, and then reject the reception without an automatic reply.
The time element may be taken into the condition part of the first rule so as to be similar to the third rule. For example, the first rule having a refusal treatment is deleted after one month or more. Then, the rejected caller can return to the initial expectation again, and the first rule set can be prevented from being enlarged. Immediately rejects forged addresses that cannot be replied to.
In the case of a telephone, the present invention can prevent an attack by repeated applications. In the present invention, a limited number of application opportunities are given to the other party, and repeated application by a machine or the like is supported. This can be realized by putting the number of times in the execution condition or giving a limited number of application treatments. Here, it should be noted that the purpose of use of the third rule set is different from the purpose of use for the forced cancellation.
FIG. 15 is a diagram showing a configuration of another embodiment in the present invention described in the description of FIG. Electronic secretaries and instruction files R1DB, GDB, and R2DB are incorporated in the party terminal side 1501. Means to communicate through real-time interaction. The party terminal 1502 having the control right can communicate with the called party terminal 1501 without intervention of the called party, and can send a control command 1510 to the terminal 1501. The party terminal 1503 to which the communication permission treatment is given can perform normal two-way communication 1520 with the terminal 1501. Communication and control can coexist.
FIG. 16 is a flowchart of another embodiment of the present invention described in the description of FIG. The communication is telephone communication, the presentation information includes a description of the conditions for receiving the communication, and when the communication request arrives, the electronic secretary first applies the first rule set, and the rules satisfying the application conditions are satisfied. If the application information is not found, the application is accepted. In the step of accepting the application, the presentation information is presented to the sender, the sender's reaction is received, the second rule set is applied, and the application is applied. If no rule that satisfies the condition is found, that is, if treatment cannot be determined, the communication request is processed based on the initial expected treatment. ID is detected (1601), the instruction file is read (1602), the first rule set is applied to determine the result (1603, 1604), and if no rule that satisfies the condition is found, the presentation information is transmitted. After receiving the caller's response (1605), the second rule set is applied to determine the result (1606, 1607), and the communication request is treated based on the initial expected treatment or the given treatment according to the result. (1608, 1609).

FIG. 17 is a flowchart of another embodiment of the present invention described in the description of FIG. The presentation information includes a question to be presented to the caller, the expected application content is an answer to the question that has obtained a predetermined total score, and the instruction file includes the question to be presented to the caller and the question A fourth rule set (hereinafter referred to as a “fourth rule set”) described by a rule having a condition part having an application condition related to the correct answer and an action execution part relating to a score (the fourth rule is “ If the answer of the question from the caller is correct, the electronic secretary can be further operated as follows: “The score is counted and the total score is totaled”) It is. (A) presenting the question to the caller; (b) receiving the caller's answer to the question; (c) applying the fourth set of rules.
This part of the process exemplifies a procedure for repeatedly presenting a guidance message, receiving a response, and determining the accuracy of the response. This corresponds to the processing block (FIG. 16, 1605) of “presenting presentation information to the sender and receiving the sender's response” in FIG. It judges whether the processing of the rule data record is completed from the R4DB (1701), extracts (1702), presents the question to the caller, and receives the answer of the caller (1704). A question may have multiple correct answers. For example, when confirming an identification number, there are a plurality of identification numbers. In this embodiment, the mechanism for confirming a plurality of correct answers (1705) does not ask the same question, and verifies whether the answer received at the previous question is the next correct answer. Judgment is made by adding a question presentation unnecessary sign to R4DB or by leaving the question field blank (1703). There are cases where it is not necessary to present all questions. For example, there is a case where the other party's identity can be determined by the first question. In this embodiment, when the total score (1706) exceeds a predetermined score, the question and answer is terminated early (1707). The system that performs the processing of this part includes means for receiving the response of the caller according to the type of the presentation information. For example, when an answer is obtained by pressing a telephone dial number, a means for recognizing the pressed number is provided.

In the case of a telephone, the caller is identified by the calling telephone number. In the present invention, a caller can be identified by an identification number or a password issued by a party. Communication is possible from an unspecified calling terminal using the identification number.
FIG. 18 is a diagram showing the configuration of another embodiment of the present invention. The electronic secretary and the instruction file are incorporated on the communication service providing server 1801 side. Each party has an instruction file and can be used by a plurality of parties. The party having the right of use inputs data to construct his / her instruction file from any terminal 1803 or telephone (1820). A communication request or control command of the caller terminal 1802 is sent via the electronic secretary server (1810).
FIG. 19 is a diagram showing the configuration of another embodiment of the present invention. The electronic secretary has means (1930) for accessing the instruction file through the network, and one ruler uses a plurality of electronic secretaries (1901, 1904). The plurality of electronic secretaries access one instruction file 103. Reference numeral 1940 indicates mail via the server 1904. The fifth rule set (R5DB in FIG. 2G) created by the electronic secretary is also stored in the instruction file 103 (not shown in FIG. 19).
FIG. 20 is a flowchart of a part of the outgoing call process according to another embodiment of the present invention described in the description of FIG.
The instruction file further includes a fifth rule set (rule) having a condition part having an application condition relating to the callee ID and the call time, and an execution part instructing execution of an action corresponding to the treatment ( (Hereinafter referred to as “fifth rule set”), and the electronic secretary can further perform the following operations. (A) applying the fifth rule set; (b) sending a communication request to the called party and receiving treatment; (c) creating the fifth rule and adding it to the fifth rule set.

For all the rules in the fifth rule set regarding the destination recipient ID, outgoing time, and treatment, find a rule that satisfies the applicable condition, determine the result (2001, 2002), and satisfy the applicable condition. If a rule is found, the outgoing call request is processed based on the given treatment (2004). If the rule is not found, a communication request is sent to the called party and treatment is received (2003). In the case of the electronic secretary of the present invention, the incoming party determines the treatment received by a predetermined return code and communicates (2005, 2006). In the case where the incoming party uses the prior art, for example, in the case of a conventional mail receiving server, it is desirable to consider the reception refusal when a permanent error code is received.
If the received treatment is “cannot communicate immediately”, a fifth rule is created based on the recipient ID, the calling time, and the treatment, and added to the fifth rule set (2007). The main object of the present invention is to prevent unwanted communication at the source. Preferably, the server operates as shown in FIGS. 18 and 19, and the caller cannot prevent the input (2007) of the treatment “cannot communicate immediately” including the reception refusal treatment to the R5DB. When the treatment given to the other party is reception refusal, repeated transmission is prevented within a predetermined time. It is desirable to set the predetermined time by a server administrator. For example, if a treatment such as “Please try again after one hour” is given, it can be performed on the transmission server side. If R5DB is not cleared, the number of R5DB records of the sender of mass nuisance communication increases indiscriminately. Depending on the number of R5DB records, the server administrator can perform management such as reducing the transmission efficiency of the caller or giving a warning.
With respect to a communication request transmitted from the inside, treatment can be performed by the first rule set for transmission set by the administrator of the communication device. Note that the purposes of the first and fifth rulesets for outgoing calls are different.

FIG. 21 shows a system for performing anonymous communication between electronic secretary users. The first and second parties are users of the electronic secretary of the present invention. As shown in FIG. 1, the electronic secretary operates between a terminal and a communication network, and is incorporated in a party terminal side or a server side that provides a communication service (not shown in FIG. 21). The first and second data are personal information of the first and second parties, respectively. These pieces of information are shown in FIG. 3A describing the PDDB, and include a party ID such as a telephone number, name, writing name, address, educational background, work history, etc. The server system 2103 stores personal information PDDB and VDB of a party who desires anonymous communication, and provides services such as searching for a communication partner in order to start anonymous communication.
This form relates to anonymous communication between two or more parties. Refer to Patent Document 10 for contrasting background technology. Realizing anonymous communication with easy and easy tasks. The main means is to create a communication channel between the parties by means of control permission treatment.
FIG. 3A is a layout diagram of records showing the contents of a party data database (hereinafter referred to as PDDB) of one embodiment relating to party data.
FIG. 3B is a record layout diagram showing the contents of a confirmation data database (hereinafter referred to as VDB) of one embodiment relating to data for recording confirmation requests.
FIG. 3C is a record layout diagram showing the contents of a verifier data database (hereinafter referred to as VRDB) of one embodiment relating to data for recording the verifier information.
FIG. 22 is a partial flowchart of the processing of the first party. FIG. 23 is a partial flowchart of the processing of the second party. FIG. 24 is a flowchart of the server search, data transmission, and treatment exchange processing part.
The present invention can be used simultaneously by two or more parties. In the following description, the treatment given by the first party to the data disclosure partner is input to the PDDB, the proxy authorization treatment is given to the server (2202), and the second party sends a search request to the server (2302). And
See Example 4 for another example of party data in addition to the PDDB.

The parties 2101 and 2102 input the first and second data, at least one party rule for disclosing the data, and the server 2103 to give the server permission for communication (2110, 2111, 2201, 2301). ). The server receives the party data and party rules and stores them in the PDDB (2401). The party rules include information about the profiles of candidates who disclose information, not disclosed, whether confirmation is required before information is disclosed, and what information is disclosed to which candidates. Save to authorization profile. The second party sends a search request containing the search criteria (2112, 2302), and the server receives it and searches the PDDB (2402). A search result such as the number of records satisfying the criteria is sent to the second party (2303, 2403). If the first data satisfies the search criteria (2404), if there is the first data that satisfies the search criteria, determine whether the first party rule is satisfied (2405), if satisfied , Send the first data to the second party (2113, 2303, 2406). When the first party gives the server a proxy permission treatment and the treatment given to the second party to be disclosed the first data is input to the PDDB, the server performs the operation of the first party, The second party is given a treatment to be given to the disclosed subject included in the first data (2113, 2407). It is determined whether the second party rule is satisfied (2408), and if it is satisfied, the second data of the second party is sent to the first party (2114, 2203, 2409).
The party's rules can include a confirmation of the identity as a prerequisite before disclosing information. It is possible to specify in the party rule on condition that the information about the party has been confirmed.
It is possible to ask the server to confirm information about the party. Information regarding the confirmation is stored in the confirmation database VDB, and the verifier information is stored in the verifier data database VRDB.

When the instruction file of the party is stored in a server in the network, the server logs in to the server based on the access permission information (ID, password) and inputs data to the instruction file. The proxy permission is entered into the instruction file based on the access permission information input from the client. When the instruction file is stored locally, the proxy permission is implemented by giving information transfer permission treatment to the server and inputting it into the local instruction file.
The server processes the search request, determines whether the first data meets the search criteria, and whether the first (second) party rule that discloses the first (second) data is satisfied The implementation of the process to be determined is known from Japanese Patent Application Laid-Open No. 2004-151867. There are many search techniques that can be used, including keywords, fuzzy logic and natural language search tools.
According to the present invention, since the called party holds the key to success or failure of communication, the connection between the party ID such as a telephone number and the identity can be disconnected. Connect only to personal phones and other people who can easily trust e-mail. An effect similar to that of a private network in a public network can be obtained. In the present invention, even with a public network communication ID that is known to the other party, the other party's communication can be refused later. Therefore, unless an identity is publicized, anonymity is maintained and an ordinary number is used simply. Anonymous communication that can use all communication functions can be realized. For example, the present invention does not require a dedicated central controller to remove identities from communication content. There is no need to create a special communication channel.
Compared with anonymous communication technology (see Patent Document 10) that requires two steps for data exchange between parties, the present invention easily realizes anonymous communication and easy data exchange. Can do.
A communication service provider provides an ID to a party using the communication service, and a method selected from the group consisting of the communication service provider and a third party registers the identification information of the party. By using the information, the identification information of the parties is stored on the server. A third party such as a communication service provider that manages the server or a security service provider that cooperates with the server has a legal obligation to protect information. In the case of damage caused by illegal acts, the other party's background can be checked by legal means, so communication can be made with peace of mind.

The communication relationship can be cut off by resetting the treatment to the other party. If necessary, an additional ID is used and a telephone number dedicated to anonymous communication is newly contracted separately from the telephone number for normal use. For example, NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION can use an additional number service in addition to the original subscriber line number, and can also use the additional number as a caller number. In the case of mail, a new address can be used as an additional ID. When the need for anonymous communication is eliminated, if it is burdensome to set the treatment as reception refusal, the additional ID contract may be abolished. The concept of normal language treatment is exchange. The term treatment of the present invention is also related to exchange, but “treatment exchange” is not necessarily exchange at the same time. In the present invention, only one side can give communication permission, and only the other side can communicate.
FIG. 25 is a flowchart of another embodiment to which control permission treatment is added in the present invention described in the description of FIG. FIG. 26 is a diagram showing a configuration of an embodiment in the present invention described in the description of FIG. The administrator of terminal A2601 gives terminal C2603 permission for information transfer and program execution permission. When the information is transferred from the terminal C to the terminal A, the data is written in the storage device 13 of the terminal A (2610), and the warning permission treatment is given, the information is output to the display unit 18 through the terminal A, and the speaker 17 receives the voice. It is possible to call attention of a nearby party. Terminal B 2602 and terminal A perform normal bidirectional communication (2620).
When information requesting confirmation of electronic payment by the bank is received from the terminal C, an authentication program is started, the owner of the terminal A inputs a fingerprint through a fingerprint sensor, and the authentication program registers based on the input fingerprint information. The password is checked against the fingerprint information, and if it matches, the password registered in advance is transmitted to the terminal C to confirm the settlement.

FIG. 27 is a conceptual diagram showing the configuration of another embodiment of the present invention. The ruler of the mobile device 2701 gave the location acquisition permission treatment to the caller of the terminal A2702. A location information acquisition command 2711 is issued from the terminal A, and the mobile device acquires the location information by the installed location acquisition means according to the command, and transfers the acquired location information to the terminal A (2712). The position information is based on a received GPS (Global Positioning System) position signal, position information converted from the received GPS position signal, current position information of a PHS (Personal handy phone) terminal, and mobile phone base station position information. It includes those selected from the group of provided mobile terminal location information (hereinafter referred to as “specific location”). The specific position includes the GPS position signal received from the GPS satellite 2704, the position information converted from the received GPS position signal, the current position information provided based on the position information of the base station 2705 of the PHS terminal, and the mobile phone base station 2706. It includes those selected from the group consisting of mobile terminal location information provided based on location information. When the communication device on the called party side makes a communication request to the terminal A having a pre-registered ID, the mobile communication device (hereinafter referred to as “mobile device”) detects the speed or the position information and detects the terminal A. (2714), the movement plan information is transferred to the terminal A, and the terminal A is further given treatment of (a) information transfer permission and (b) alerting permission. Terminal A transfers information to the mobile device, causes the information display means of the mobile device to output the information, and alerts the nearby party through the mobile device alerting means (2715).
For example, a mutual position notification desired group such as a moving vehicle or a climber nearby can notify and display the mutual position. Similar to the position information acquisition command, the speed of the mobile device can be acquired for the terminal A that has given the speed acquisition permission. Then, the movement information can be acquired from the mobile device only when the terminal A is necessary. The electrical configuration of the mobile device, the calculation of the moving speed and direction, and the estimation of the traffic state are known from Patent Document 14. Calling the attention includes causing the mobile device to generate what is selected from the group consisting of voice, light, and vibration. The movement plan information includes arrival destination information, and information transferred to the mobile device includes information selected from the group consisting of map information, recommended route, current route, forward traffic jam information, detour information, and weather information. The position information includes a specific position. Terminal B 2703 and the mobile device perform normal two-way communication (2713).
A system to guard elderly people also appeared several years ago. The present invention is not limited to elements that can acquire (control) the location information of the called party. It should be noted that the present invention includes elements that can also make calls.

FIG. 28 is a flowchart of another embodiment of the present invention relating to route guidance dynamically (see FIG. 27). The purpose of this example is to efficiently provide a vehicular travel guidance function to a mobile terminal having a position information acquisition function, such as a GPS-equipped mobile phone. When a communication request is issued to the server terminal of the fixed machine having a pre-registered ID, the current location and destination information of the mobile device is transmitted to the server, and the server receives it (2801). When the server searches for a recommended route and transmits it to the mobile device (2802), searches for traffic jam information of the recommended route at a predetermined interval (2803), determines whether a traffic jam occurs (2804), and occurs The server to which the position acquisition permission treatment is given acquires the current position of the mobile device, confirms the travel route (2805), and searches for a detour when there is a traffic jam before the travel route (2806, 2807) In the case where a detour exists, the server given the information transfer permission and the alert permission treatment transfers the detour information to the mobile device, and then informs the driver by voice (2808).
The route search requires a lot of calculation amount and calculation speed. Retrieving dynamic road traffic information from a mobile device is inefficient. The present invention leaves an operation that cannot be performed by an inexpensive portable mobile terminal to the server, and communicates with the mobile device only when there is a traffic jam that may be involved, and notifies detour information. By giving control permission treatment to the server, an operation performed by the called driver himself is not necessary. The route search and the detour search are known from Patent Documents 7 and 8.
FIG. 29 is a conceptual diagram of another embodiment of the present invention relating to position information and the like. When the mobile device 2701 detects a change in position, the mobile device 2701 transfers the changed position information to the terminal A 2702 having an ID registered in advance (2911). Terminal A gives the mobile device permission for information transfer and alerting. Control permission includes hearing permission. It is assumed that the ruler of the mobile device has given permission to observe and monitor to the caller of terminal A.
A communication request, a hearing command, and a monitoring command are issued from the terminal A (2921). In accordance with the command, the mobile device sends the audio signal acquired by the installed transmitter and the image signal acquired by the imaging device to the terminal A (2922). This example can be used for a mobile device to guard a child. For example, parents can check where their children are and listen to their children's activities such as playing in the park or going to school. The position information changed when the child is in school or moving is automatically transferred to the parent terminal A. The mobile device preferably uses PHS, and information transfer is performed by mail which is packet communication. Terminal A preferably uses a personal computer that is always connected to the Internet via an ADSL line or the like, and displays the location of the child carrying the mobile device on the map in real time. Can also be used for car crime prevention. If there is an unscheduled vehicle move, the owner will be warned and tracked. When high position accuracy is required such as taxi or transportation work, it is desirable to use GPS position acquisition means.

Patent Document 9 discloses an image display unit that adds position information of a mobile device to map data and displays it on an image.
The first rule set of the present invention is a mechanism led by the callee (administrator) and can give a position acquisition permission treatment to an arbitrary caller determined by the administrator. Therefore, it differs from the invention shown in Patent Document 9 in that the caller can directly acquire the position of the mobile device without relying on a third party relay such as a service center fixed to the receiver.
FIG. 30 is a diagram showing a configuration of a mail transmission client for use in a pair with the mail receiving embodiment (FIG. 10) of the present invention. An e-mail 3003 stored in the storage device 13 of the transmission client 3001 is transmitted to the reception server 3002. See the prior art SMTP (Non-Patent Document 4, Non-Patent Document 5) for an example of the configuration of the e-mail 3003. FIG. 31 is a flowchart of an embodiment of the sending client of the method of claim 113 utilized by the system of claim 131. Session initialization, transmission client initialization (3101). Envelope transmission is performed by issuing an SMTP compliant command: MAIL command, RCPT command (3102), and the sender and recipient mail addresses are transmitted to the receiving server to check whether the envelope has been accepted (3103). The processing so far is the same as SMTP. Since the authorization to send the body is determined by the information contained in the header, the information field contained in the header is transmitted (3104), and the information field contains information that allows the recipient to judge the specified reception condition and is authorized. Is checked (3105). In the present invention, this step is called an “INFO command”. Based on the received envelope and the information field, the receiving server can check whether or not to permit transmission of the next body by collating with a receiving condition designated by the callee. If authorized, a conventional DATA command is issued and the content is transmitted (3106). If it is authorized and accepted, the normal mail transmission process and the transmitted mail are deleted from the storage device 13 (3107, 3109). If not authorized, an error is processed (3108).

In the prior art SMTP, after authorizing the envelope, the content is transmitted as one block and the authorization is checked. If only the mail transfer protocol level command is used, the reception of the content cannot be refused unless the entire content has been received. For this reason, even if it can be determined that the reception should be rejected based on the content, the useless communication has already occurred. On the other hand, the content fields (Subject), Comments (Comments), and Keywords (Keywords) with the purpose of having the content of information recommended by people in the content specification (Non-Patent Document 5) that has already been widely used Can describe information that can determine the specified reception condition. Even existing mail communication software has means for writing information in the field. When the caller does not know the reception condition of the callee for the first time, the receiving server transmits the caller's reception condition to the caller by the automatic reply means. In addition, the sender's mail address that satisfies the reception condition is recorded only once, and the second and subsequent transmissions are those that satisfy the previous reception condition as judged from the sender address included in the envelope. If so, pass the content without checking the information field. As described above, the reception server can determine whether to authorize transmission of the body based on the received envelope and the information received before receiving the body.
It is desirable to separate the information field from the header and send it before the content as a body sending authorization standard. However, in order to make the best use of existing communication software, the information field is extracted from the header and sent first. If authorized, the content may be transmitted without changing the conventional content, that is, with the DATA command for transmitting the conventional content (3106). Alternatively, the header may be sent first, and if approved, the body may be sent.
As described above, the present invention uses an already widely accepted subject field to construct an efficient mail communication system that can prevent spam mail communication.

  When the present invention is operated on the server side, the effects of preventing annoying communication and reducing the communication amount of the entire network can be obtained simultaneously. When the control permission function is used at the same time, a multi-function terminal is realized. A settlement system consisting of connection by packet communication, treatment given based on a virtual account, and authentication by a fingerprint recognition function attached to a mobile phone enables robust and convenient cashless commerce.

Multifunctional telephone (3201)
FIG. 32 is a block diagram showing the configuration. Reference numeral 17 denotes a microphone and a speaker. 33A-D show TDB, R1DB, R2DB, R4DB). The presentation information is a question presented to the caller. The questions are pre-recorded audio files. In this example, if the question field is blank, it means that the question need not be presented, the predetermined total score for completing the question and answer is 3 (see FIGS. 17 and 1707), and the automatic examination is saved. When the total score is 5, the condition is automatically given to the caller as the second rule execution unit (see FIGS. 13 and 1310).
FIG. 34 is a schematic flowchart of the process, and the basic part is the same as FIG. In the present embodiment, the party terminal is a telephone, or the party terminal function is incorporated in a personal computer, or can be realized as an external adapter dedicated to the telephone. For the first time, a question message is sent to the other party who receives a call from a phone number that the recipient does not know, and the other party presses a dial button to answer. Judge treatment and decide treatment.
FIG. 35 is a diagram showing an operation example in which a treatment that allows a normal call to a related party's telephone number is automatically given by automatic examination.
Various functions can be set from the basic nuisance communication prevention function. The instruction file setting in this example can realize the following functions. For each recipient's phone number, designated reception (treatment ID = 4), designation rejection (treatment ID = 1), and unknown recipients need to accept applications. The side is charged a communication fee. As a result, it is possible to give economic sanctions to the caller of an incomplete call (one call) from the machine, and since the caller does not answer correctly, total scoring = 0, treatment ID = 0, reject No number will remain in the reception history.
However, the party who gave permission rings the same ringing tone as usual, and is not charged until the receiver receives the call. If you make a mistake in the name of the recipient in the first question, you will be rejected immediately. For other requirements, pressing 4 will send the second question, prompting you to press the dial button 1 for real estate sales, 2 for English conversation, 3 for household goods, and 4 for sports equipment. When each selection is made, the ringtone is automatically sounded according to the score, the sound is recorded without sounding the ringtone, the call is disconnected, the caller ID is not automatically memorized even when the call is made, or the memory is automatically memorized. To do. When the code number 5678 is pressed, the call is automatically connected without ringing. This makes it possible to monitor and monitor the babysitters and children at home. For example, it is possible to select whether the parent calls or listens to the mobile phone for children.

Although the first question in this example is simple, it can be set in a complicated manner according to the actual use situation. For example, if the first name and last name are divided into two questions and presented in order (the correct answer is presented first and then the second is presented) The probability decreases to 1/25.
The number set in the correct answer column can have various functions depending on the device. For example, it can be used as an extension number, and if the guidance question is “Please press the extension number”, the telephone of the other party who knows the number can be received regardless of the calling number.
If treatment is given to the calling number of the other party's home phone, if the same party makes a call from a public phone, you will be asked to enter the other party's home number as a confirmation in the guidance message, and the entered number will be checked against the treatment information. Can be determined.
The specific method for examining a treatment application varies depending on the specific configuration of the party's device. A variety of methods can be employed as long as they are obtained by achieving the purpose of the examination stage of the present invention. For example, it is conceivable to use voice recognition or image recognition.
Some of the automated telephone transactions of existing technology used in banks and the like send voice guidance to the caller, and the caller operates by pressing a dial button to confirm the customer himself / herself by a personal identification number. The present invention is different in that the response method is different for each transmission number and that the caller does not need to register a password in advance.
In this example, the electronic secretary accepts the intention of the party based on the rules and points, but it can also be accepted in natural language. For example, “Receiving a call from someone who knows my name.” The electronic secretary can listen to these requests by a known rule-based technique (for example, see Patent Document 11), allow the user to input missing information, and organize necessary rules.
The electronic secretary of the present invention can be installed on the telephone exchange and related service providing server side by a known technique (for example, see Patent Document 6).
Symbol 21 is an electric lock control unit, and symbol 22 is an electric lock of the controlled device. When the number 8765 is pressed, a score = 10, a treatment ID = 6, an unlock signal is output, and the entrance door is unlocked. As the unlocking communication line, a short-distance communication means such as infrared rays may be used other than the telephone line.
The present invention is different from the invention shown in Patent Document 21 in that an element of a second rule set that does not depend on the caller ID is included in the determination of whether communication is possible. Therefore, the caller can be authenticated from the communication content, and real-time control can be performed.

Answering Machine (3601)
FIG. 36 is a diagram showing a telephone configuration of the present embodiment. FIGS. 37A to C show a data database (GDB) that records TDB, R1DB, and response guidance (presentation information).
This example illustrates the concept of the present invention, in which all communication is a permission system with a plurality of treatments, and provides a means for giving permission to a partner without permission. In this example, a phone call made by an unknown party is recorded and not received directly. This protects the weak, such as the elderly, from fraud crimes. It is suitable for users who have a limited communication range, except when used for unspecified parties such as business. It is also possible to reject all calls from outsiders who have not registered, and as the usage time accumulates, the treatment setting is completed naturally, and the purpose can be achieved without undue burden on the parties.
The first expected treatment illustrated is staying away, and when the identity can be confirmed by the voice of the other party, a call can be made immediately. It is desirable to devise convenience in operation such that the number of the last party to call can be easily registered with one button. If there is an important customer, you can register the number of the other party in advance.
The caller can be identified by a group. For example, it is possible to identify by the area number and give communication permission to the home number. This example is simple and easy to use and has low manufacturing costs. It can be implemented on the external adapter dedicated to the telephone, on the server side that provides the exchange and related services.

Conventionally, when a communication request is made by paying money, it is natural for the receiving side to receive it. However, with the development of communication networks, issuing communication requests is becoming increasingly cost-effective, and as more people are able to access the communication network, there is no reason to receive communication requests from anyone. . It should be possible to at least reject calls from unrelated people. To put it the other way around, except for public services, the person making the call is usually acquainted with the person whom he / she wants to talk in advance, and there is usually a case where there is a business. Therefore, the communication according to the permission system of the present invention can prevent unwanted communication without sacrificing the conventional communication function.
It differs from the invention shown in Patent Document 12 in that a one-off call can be made with a recipient such as a mail-order salesperson, which does not violate the intention of the recipient, depending on the status of residence. It differs from the invention shown in Patent Document 34 in that it has a call rejection treatment.

Mail receiving client system In this embodiment, an electronic secretary is incorporated on the party terminal side. It will be commercialized as a PC (PC) application (URL: http://www.netinfotech.co.jp, http://www.Emailship.com) and will be released to the public soon.
FIG. 38 is a block diagram illustrating the configuration of the third embodiment. In this figure, reference numeral 10 denotes an ISP server device. Reference numeral 381 denotes a mail service party terminal. This embodiment is a client of an ISP mail service server. Reference numeral 11 denotes a processor, which is composed of a CPU and the like, and controls each part, transfers data, performs various operations, temporarily stores data, and the like. Do. Reference numeral 12 denotes an input / output control means that controls data input from a server connected via a communication line and controls data output to the server. Reference numeral 15 denotes a communication transfer apparatus, which is connected to the ISP. Reference numeral 16 denotes a keyboard and a display unit, and reference numeral 13 denotes a storage device.
First, such a program is used in the processor 11, for example, from a program for setting treatment, initial expected treatment, request confirmation question, correct answer (keyword), treatment to be given to the correct answer, an electronic secretary program, etc. Composed.
Next, the storage device 13 stores data such as instruction files. A magnetic storage medium is adopted as the storage device. 39A to 39D show TDB, R1DB, R2DB, and GDB. Automatically reply to the caller with questions and presentation information. FIG. 40 is a schematic flowchart of the reception process. The basic part is the same as in FIG.

The processor 11 displays a question input screen as shown in FIG. 41 on the display unit of the terminal 381, and gives the terminal operator a criterion for determining the treatment, that is, a request confirmation question, a treatment given to the correct answer and the correct answer, (4101). When an e-mail from a sender without permission arrives at the server, presentation information and a question for guiding the permission application are automatically returned to the sender, and the answer to the confirmation question is entered in the subject of the response mail during the application guidance. Many spam emails are automatically sent by machines.
For example, if you get a correct answer to a confirmation question such as "How many is a plus?", You know that the caller is a person, not a machine, and that person automatically sends an email to that person. Unlike machines, etc., the recipient can decide whether he or she wants to receive in the future. Of course, there are many machines that can be added up, but it would not be profitable to automatically make a machine that can understand the problem sentence that each person gave.
The present invention can achieve the object without opening the mail body. In particular, the amount of communication in the billing part of the connection with a server such as a mobile phone can be greatly reduced. If a correct answer such as the name of the called party or a keyword of a category of interest is detected from the subject or body of the mail, a predetermined treatment is given. In other words, the permission application procedure is implicitly performed, and convenience can be provided to the caller. When searching from the text, it is desirable to use a form resident on the server side of the present invention.
The processor 11 causes the display unit of the terminal 381 to display a screen as shown in FIG. 42 and prompts the terminal operator to select the first expected treatment 4202 from the list 4201. FIG. 39A is a treatment set adopted in this example, and a specific realization of the treatment of the application acceptance type is one treatment of “replying a request confirmation question to the caller and refusing reception”. If necessary, you can add "Reply request confirmation question to caller and receive only subject".

A specific realization of the type of treatment that partially permits communication is “Receive a limited size and store it in a temporary folder to notify the callee”. Furthermore, it is a “receive” treatment necessary for manual examination. “Receiving and giving treatment to receive” treatment gives the receiving party the treatment to receive. If received from an unknown e-mail address, a request confirmation question is returned to the sender as an initial expectation, and reception is rejected.
In the initial setting of the product of this embodiment, first, after receiving confirmation from the party, a reception permission treatment (treatment ID = 4) is given to the other party described in the address book of the existing mail software (FIG. 42, 4203), and thereafter You can enter the reception permission / rejection address / domain name individually at any time, and set / change the treatment for each sender. In addition, it is possible to extract the destination address from the mail transmitted by the party and automatically set reception permission treatment.
39A to 39D are examples of set treatment information, and the following functions can be realized simultaneously. That is, for each address or domain, designated reception (treatment ID = 4) and designation rejection (treatment ID = 1),
Reject unwanted emails automatically sent by the machine (treatment ID = 2), receive limited emails from unrelated people (1 + 1 = 2 answer) and wait for manual treatment review (treatment) ID = 3) Gives the sender a receipt after receiving mail sent by a person who knows the name of the recipient. Treatment ID = 5).
In the present embodiment, multilingual correspondence processing of presentation information is performed based on character code information included in mail header information and regional information included in the suffix of the domain name of the sender address.
The present invention is different from Patent Document 21 in that an element of a second rule set that does not depend on a caller ID is included in the determination of whether communication is possible. Therefore, it is possible to prevent a phishing scam that forges the sender address by issuing a password (FIG. 39C, 5678) to the sender. Means for expressing an interest to the sender through the presented information (FIG. 39D) is provided, and the other party's answer or keyword can be searched from the subject or the main body, enabling communication that benefits both parties.

Internet Videophone and Monitoring System In this embodiment, an electronic secretary operated on the server side and a party videophone terminal communicating with the electronic secretary on the client side are completed.
1: FIG. 43 is a block diagram showing the overall configuration. FIG. 44 is a block diagram showing the internal configuration of the first embodiment. In this figure, reference numeral 430 denotes a server, which is connected to the Internet via a route control device and a telephone line. Reference numerals 431 to 434,... Denote various terminals, which are connected to the Internet in the same manner as the server 430. Here, the terminals 431, 432,... Each have an output unit such as a CRT, LCD, speaker, etc., an input unit such as a keyboard, a mouse, a camera, and a microphone, and a function for executing a videophone program.
1-1: Server Configuration Next, a detailed configuration of the server 430 will be described. FIG. 44 is a block diagram showing the configuration of the server 430 and the terminal. In this figure, reference numeral 11 denotes a processor, which is composed of a CPU and the like, and performs control of each part, data transfer, various calculations, temporary storage of data, and the like. Reference numeral 12 denotes input / output control means for controlling data input from a terminal connected via the Internet and controlling data output to the terminal. Reference numeral 15 denotes a communication transfer device, which is connected to the Internet. Reference numerals 13 to 14 denote storage devices, which store and store the following files, respectively.
First, the main program is stored in the storage device 14. Such a main program is used in the processor 11, for example, a program for displaying a treatment application screen on a display unit of a terminal, a treatment examination program for displaying detailed information of a party who has sent a treatment application, and communication with a party. It consists of the public name of the party who has applied for treatment in the book, the status display of the other party, the program for starting the videophone program and displaying the icon transmitted to the other party.

Next, the storage device 13 stores a party master database table and a treatment relationship master database table. In the party master, a party information record is stored. One party information record is composed of party-specific information such as party ID, password, mail address, IP address, self-introduction, etc. (see PDDB for another example of party data).
The party ID in this embodiment is automatically given by the processor 11 when newly registering for service participation, but the identity registration can be executed at this stage. The password, e-mail address, and self-introduction store information transmitted by the parties registered from the terminals 431, 432,.
As the IP address, the address of the terminal transmitted when the videophone communication program of the terminals 431, 432,. A treatment information record is stored in the treatment relationship master. One treatment information record is composed of treatment information and treatment application indication information.
The present invention records the treatment given to the other party by R1DB when operating on the client side. When operating on the server side, the treatment-related master TRDB (see FIG. 2H) of this embodiment with high efficiency is desirable. The treatment information includes an ID of the recipient himself / herself, a caller ID given treatment by the recipient, and the given treatment. The treatment information and the treatment application indication information are information input from a user interface of a program for displaying a treatment application screen on the display unit of the terminal, and are information transmitted from the terminals 431, 432,.
2: The operation will be described. Here, each of the terminals 431, 432,... Is connected to the server 430 for communication, and functions as a terminal of a videophone party. Give an explanation. When the terminal 431 is connected to the server 430, the processor 11 detects this connection via the input / output control means 12, and controls the terminal 431 according to the main program. FIG. 45 is a flowchart showing the operation of the main program.

2-1: Assume that the terminal operator is a new party in order to explain the process of creating the party information record. Describe new registration. In step Sa1 shown in FIG. 45, the processor 11 displays a main menu screen as shown in FIG. 46 on the display unit of the terminal 431, and “login” is used to use the service for the terminal operator. ”And“ New registration ”are prompted to select a desired process.
On the main menu screen, a mouse cursor MC is displayed, and various operations can be performed by clicking a predetermined place. For example, if the mouse cursor MC is positioned and clicked on the display area of any one of the link buttons 4601 and 4602, the processing shown in the display area is performed. Here, after the terminal operator positions the mouse cursor MC in the display area of the link button 4602, the terminal operator performs a click operation (this operation is simply referred to as “click” below) to perform the “new registration” process. select. Then, the processor 11 that has detected this advances the procedure to step Sa2 shown in FIG. 45, and is prompted to input the name, e-mail address, and password to the terminal operator at this step.
If it is determined that the input mail address is not used by the party master, the user ID is automatically given by the processor 11 based on the input information, and the user ID is used as the public ID of the party. The next step Sa3 is performed. In step Sa3, the processor 11 controls the terminal 431 to display the contact book screen shown in FIG.
In the following steps Sa4 to Sa7, it is possible to return to the contact book screen and the main menu screen at any time by a predetermined operation. Now, in the case of a newly registered party, no one partner is displayed in the contact book on this contact book screen, but for the sake of explanation, explanation will be made using a screen in which several other parties already exist.

First, the addition of a new partner will be described. In order to communicate with a partner, the present invention first applies for treatment to the partner. Adding a new partner is a specific procedure for treatment application. The new partner addition screen specifies the treatment given to the partner at the same time as the application for treatment to the partner.
Encourage terminal operators to add members. The terminal operator clicks a link button 4701. Then, the processor 11 performs the process of the next step Sa4. In step Sa4, the processor 11 controls the terminal 431 to display the member addition screen shown in FIG. 48 and prompts the terminal operator to input public ID information.
This is an example of prior application. The public ID is publicly disclosed on the Internet bulletin board or chat on the communication network, or directly taught by the other party. On this member addition screen, input boxes 4801 and 4802 of ID and self-introduction are shown, and “disclosure of email address to this member”, “disclosure of private email address”, “ Check buttons 4803 to 4807 corresponding to “Publish homepage address”, “Publish profile address”, “Publish my status to this member” are displayed, and “Receiving permission” corresponds to receiving permission treatment given to the other party A selection box 4808 to be displayed is displayed, and the terminal operator who is prompted to input and select the terminal operator inputs the other party's public ID in the “identification ID” box and 200, and the self-introduction is “ "...""and input it into the" self-introduction "box, and then click the execution link button 4810.
In the treatment set of this embodiment, there are three types of incoming call permission for a videophone incoming call answering method: “automatic reception rejection”, “inquiry every time”, and “automatic reception”. “Automatic reception” is a control permission treatment. The caller side communication device: instructing the TV phone terminal that the caller has the control right, can communicate with the caller without intervention of the callee. Of course, it is necessary for the terminal to always be able to receive.

For the information disclosure range to the other party, “Publish your email address to this member”, “Publish your private email address”, “Publish your homepage address”, “Publish your profile address”, “Publish your status to this member” “Yes” ”is selectable (4809), there are two types of treatment application,“ application for treatment ”and“ rejection of treatment ”, and the default initial expectation is“ Every time inquiry ”. , “Treatment application permission”. This embodiment does not include a function for changing the initial expected treatment.
With this operation, the procedure performs the next execution process of the treatment application (see FIG. 49). Here, the terminal operator is party a, the party with whom communication is desired is party b, and the public ID of party b is 200. In order to process the treatment application based on the treatment given to the party a by the party b, the processor 11 first searches the already created party master to determine whether the party a already exists in the caller list of the party b. (4901), if present, check the treatment given by the party b to the application for the treatment application (4902). If the given treatment is "treatment application refusal", the display unit of the terminal 431 After controlling to display “Member addition rejected” (Sa8), the procedure returns to step Sa3 to display the contact book screen again, and party a is not present in party b's caller list and given If the treatment is not "rejection of treatment application", a predetermined initial expected treatment is given to the party a, and a new treatment consisting of the IDs of b and a, the initial expected treatment, and the treatment application indication information is newly provided. Create a multi-address records, stored in the treatment relationship master, returns to the People screen.
In step Sa3, the processor 11 controls the terminal 431 to display the contact book screen shown in FIG. Prompt the terminal operator to confirm personal settings. The terminal operator clicks the link button 4702. Then, the processor 11 performs the process of the next step Sa7.

In step Sa7, the processor 11 controls the terminal 431 to display the personal setting screen of the party shown in FIG. 50, displays the public ID 5001 to the terminal operator, and writes the display area of the public ID. Control is performed so that the personal information 5002 can be changed.
2-2: Login In the case of 2-1, it is assumed that the operator of the terminal 431 is the party a, and the party b has completed the treatment application. Here, it is assumed that an existing party b is operating the terminal 432.
For convenience of explanation, the screen displayed on the terminal 431 in the description of 2-1, FIG. 46 and FIG. 47 will continue to be used for explanation as the screen displayed on the terminal 432 of the party b. The following description will be made assuming that the terminal 432 is connected to the server 430. When the terminal 432 is connected to the server 430, the processor 11 detects the connection via the input / output control means 12, and controls the terminal 432 according to the main program. FIG. 51 is a flowchart showing the login processing operation of the main program.
Now, in step Sa1 shown in FIG. 45, the processor 11 displays a main menu screen as shown in FIG. 46 on the display unit of the terminal 432, and uses the service to the terminal operator. The user is prompted to select a desired process from “login” and “new registration”. Here, the terminal operator inputs a mail address and password in a “mail address” input box 4603 and a “password” input box 4604, performs a click operation on the link button 4601, and selects a “login” process. Then, the processor 11 that has detected this checks by searching the party master that has already been created based on the input mail address and password (FIGS. 51 and 5101).

If the processor 11 determines that the e-mail address and password are not correct, the processor 11 proceeds to step Sa7 and performs control to display “incorrect e-mail address or password” on the display unit of the terminal 432. Thereafter, the procedure returns to step Sa1 to display the main menu screen again. On the other hand, if the processor 11 determines that the input mail address and password are correct, the processor 11 performs the process of the next step Sa3.
In step Sa3, the processor 11 controls the terminal 432 to display the contact book screen shown in FIG. 47, extracts the partner who newly applied for treatment from the treatment relationship master, informs the party b, and The party a who applied for treatment is displayed in green and the public name sous of the party a (4705), and according to the information disclosure treatment given to the party b by the other party, the state is disclosed in color and icon ( 4706), an email creation icon is displayed for the partner whose email address is disclosed (4703), a link icon is displayed for the partner whose profile address is disclosed (4704), and the detailed information of the partner corresponding to the pencil icon is displayed. To control.
When the link button (4707) is clicked, the processor 11 performs the process of the next step Sa5. In step Sa5, the processor 11 controls the terminal 432 to display the friend list item editing screen shown in FIG. 52, performs treatment examination and treatment change on this screen, and sends a treatment application to the party b. The detailed information 5203 of the party a is displayed and the treatment 5201 to be given to the party a is controlled to be edited, whereby the party b examines the treatment application of the party a, decides the treatment to be given to the party a, and each treatment content Encourage you to choose. In addition to the screening of the treatment application, the treatment change given to the existing partner is also changed on the friend list item editing screen.

The party b selects each treatment content and clicks a link button 5204. Then, the processor 11 updates the treatment information record based on the selected treatment content and stores it in the treatment relationship master. When the relationship with the partner is cut off, the link button 5202 is clicked to delete the partner. Then, the processor 11 performs the process of step Sa6. In step Sa6, the processor 11 controls the terminal 432 to display the treatment application qualification designation screen shown in FIG. 53, and selects “treatment application refusal” for the treatment application qualification 5301. Can be disconnected. Party b clicks link button update 5302. Then, the processor 11 updates the treatment information record based on the selected treatment content and stores it in the treatment relationship master.
This example illustrates the implementation of the anonymous communication functional part of the present invention. As long as the parties do not publish their identities themselves, anonymous communication that can use all communication functions can be easily realized using ordinary numbers (IDs) while maintaining anonymity. The server here is not a dedicated central controller that removes identities from the communication content, nor does it require a special communication channel. In order to prevent crime, it is sufficient to register the identity of the ID at the acquisition stage.
2-3: It is assumed that the party a and the party b have established a treatment relationship based on the processing described in 2-1 and 2-2, and the terminal 431 of the party a and the terminal 432 of the party b are connected to the server 430. Suppose that FIG. 54 is a flowchart showing the operation of the videophone communication program. In step Sa3, the processor 11 performs control to display the contact book screen shown in FIG. 47, and the party b clicks the link button “Start program” (4708). Then, the processor 11 activates the videophone communication program for the terminal of the party b, and passes “-” as the activation parameter. When the videophone communication program is activated, the IP address of the terminal is transmitted to the server (5401), and it is determined whether the activation parameter is an IP address (5402). If the parameter is not an IP address, The connection waiting screen is displayed and the connection is waited (Sb3: connection waiting screen, FIG. 55). The waiting connection request is checked (5405). The processor 11 updates the information record of the party b based on the IP address information sent from the terminal videophone communication program of the party b, and stores it in the party master.

Then, the status display icon of the party b (FIGS. 47 and 4709) is displayed on the camera icon on the contact book screen of the party a. Party a clicks on the camera icon 4709 of party b. Then, the processor 11 extracts the IP address of the party b from the party master, starts the videophone communication program of the terminal 431 of the party a, passes the IP address as a parameter (5403), and notifies the caller ID, A connection is requested to the destination IP address, that is, a call is made to the party b, and a response of the videophone communication program of the called party b is received (5404).
When the videophone communication program of the called party b receives the connection request, it queries the processor 11 using the caller ID as an inquiry parameter. The processor 11 that receives the inquiry receives the treatment information from the treatment relationship master of the server 430 based on the caller ID. (5406) and the treatment given to the calling party a is returned to the videophone communication program as a result of the inquiry.
When the treatment given to the calling party a is “automatic reception” (5407, YES), the electronic secretary instructs the calling party communication device TV phone terminal that the calling party has control right, The videophone communication program of the called party b does not ring the bell, does not go through the display of the input request screen and does not go through the input request, permits the communication request, sends a connection approval response, automatically connects, and acquires it by the camera. When the image signal is acquired by the other party, that is, when the image signal is transmitted and the image signal transmitted by the other party is received at the same time, the image signal is displayed on the screen and the videophone communication screen (Sb2: videophone communication screen, FIG. 56) is displayed. Let
On the other hand, the videophone communication program of the caller party a receives an approval response, and after 5404 and 5409 steps, displays the received image signal on the videophone communication in-progress screen for communication or monitoring (Sb2). When the treatment given to the calling party a is “inquiry every time” (FIGS. 54, 5408, YES), the videophone communication program of the called party b rings the bell, and the input request screen (Sb4: approval inquiry screen: “party” display the message "Are you sure you want to answer?" and inquire the party b of the called party whether or not to connect.

At the same time, the caller's videophone communication program displays the other party's approval waiting screen (Sb1: Approval waiting screen: "Waiting for other party's approval ..."). When the callee b approves the connection (FIGS. 54, 5410, YES), the videophone communication program displays a videophone communication in-progress screen and responds that the caller party a has accepted the connection, and The videophone communication program executed on the terminal of the caller party a determines this response (5409, YES), displays a videophone communication screen, and communicates.
If the called party b does not approve the connection (FIGS. 54, 5410, NO), the videophone communication program is waiting for connection (status display: 5501) and the connection is rejected to the videophone communication program of the calling party a. Then, the videophone communication program running on the terminal of the caller party a causes the response to be judged (5409, NO), and the access display is denied on the terminal display of the party a. 55, 5502, 54, 5411) and the connection result are displayed, and then a connection standby screen is displayed to wait for connection (Sb3: connection standby screen, FIG. 55). When the treatment given to the calling party a is “reception automatic refusal” (FIG. 54, 5408, NO), the same processing is performed as when the called party b does not approve the connection.
3: Outline of Flow Next, FIG. 57 shows the flow of establishing a treatment relationship with the other party through the public ID. In order to receive the provision of the communication service of the present invention, the party a first uses the terminal 5701 to log in to the server 5702 via the Internet, and uses the public ID: 200 disclosed by the other party b. A treatment application that expresses an intention to desire communication to b is made (1).
The party a who applies for treatment inputs the public ID: 200 of the called party b (FIG. 48, 4801), and at the same time, the party a himself gives the partner b an “inquiry every time” (4808) treatment. The server stores the treatment “every time inquiry” given to the designated partner b by the party a in the treatment relationship master (5703). If the party a does not exist in the caller list of the party b, the first expected treatment of the party b “reception automatic” "Reject" is given to the party a (5704). In this state, the party b can send and communicate with the party a. Cannot communicate in the reverse direction. The called party takes the initiative. The server informs the party a that the application has been accepted by the party a (3), (4). When the party b logs in to the server using the terminal 5705, the party who newly applied for treatment is extracted from the treatment relationship master and notified to the party b (5) to (8). The party a who applied for treatment in the book is displayed in green and the public name sous of the party a (4705), and the state is disclosed in color and icon according to the information disclosure treatment given to the party b by the other party (4706) ).

FIG. 52 displays the detailed information of the party a who sent the treatment application to the party b. The party b examines the application for treatment, and determines the treatment to be given to the partner a (FIGS. 52 and 5201). The treatment “every inquiry” given to the partner a is replaced with the treatment “automatic reception rejection” stored in the server (10). As a result, the parties a and b can send a connection request to the other party of the videophone.
In this embodiment, control permission treatment can be given to any one or a plurality of callers, the caller can directly control the receiving side equipment, can start the TV communication program on the receiving side, and the receiving side and data Can be sent and received. In place of the control of the camera of the TV phone according to the present embodiment, the control can be performed for the control of the GPS receiver of the mobile phone. The point that any sender who has given control permission treatment can directly acquire and display the position information of the receiver is shown in Patent Document 9 in which position information can be acquired only at a fixed position information center at the product design stage. Different from the prior art. Since a third-party location information center is not required, a remarkable effect can be obtained that significantly reduces the operating cost of hardware facilities and users. A model having a means for displaying position information of its own device on a mobile phone can acquire original data for display from the other party's mobile phone and display it on the display means of the own device.

Mail Server System FIG. 58 is a block diagram showing the configuration of this embodiment, and illustrates the operation of the electronic secretary 5801 of the present invention on the mail server side of ISP5812. The electronic secretary is independent of the existing mail server, and after receiving the permitted mail, transfers it to the conventional mail server 5802. The transmission of mail from the ISP5812 client is processed directly via the electronic secretary.
When dealing with the business contact address of a public institution or product sales company that provides services to unspecified callers, the electronic secretary 5801 describes the business scope or keywords related to the service in the guidance information and communicates in advance. When a mail transmission request for which permission treatment is not given is received, if a specific keyword is not detected from the header of the mail according to the second rule, guidance information is presented (returned) to the sender, and mail reception is rejected.
For example, the inquiries email address related to JPO applicant registration is PA1670@jpo.go.jp (abbreviated as “F” in FIG. 58), and the guide information (FIG. 60) of this address is “This address is Please contact the JPO Application Support Division in charge of registration for applicants, etc. If you are a user, please fill in the subject line of the <inquiry regarding applicant registration> and re-send. " A setting (ID = 5, FIG. 59, FIG. 61) is set for the electronic secretary that temporarily receives an email describing “inquiry regarding applicant registration” in the set (FIG. 61), but does not give treatment to the caller. Consider the case.

The mail address of the applicant terminal 5804 is assumed to be fe1@netinfotech.co.jp (“A” in FIG. 58). The applicant obtains an inquiry email address on the JPO homepage, and preferably provides guidance information on the homepage. Then, the applicant will write the text “Inquiry about registration of applicants, registration method” in the subject line and email to the address PA1670@jpo.go.jp (F) (Fig. 58, (a1) To: F, application Send people registration relationship ...). The electronic secretary is permitted to receive the mail according to the second rule and forwarded to the mail server 5802. The mail is put into F's mailbox. The reply (a2) from the application support section is sent via the electronic secretary.
When an applicant sends an e-mail without knowing the keyword for the first time, the electronic secretary automatically responds immediately and informs the applicant of guidance information. The applicant can receive the guidance information in a short time even outside the business hours of the JPO. The automatic reply route of the guidance information is applicant → transmission server 5803 → reception server 5801 → transmission server 5803 → applicant. In the environment of actual ADSL line, URL: mail.netinfotech.co.jp and mail.yahoo.co.jp server, transmission / reception of sender → sending server → receiving server → recipient was tested. It took 5 seconds or less. Therefore, it can be retransmitted to the applicant according to the guidance with almost no time delay.
The terminal 5805 that sends a junk e-mail using a robot sends an e-mail (Fig. 58, (b1) To: F, oooxxx ...) to the application support section to sell the product. Reject reception after automatic reply (b2). Under normal circumstances, the robot cannot understand the guidance information and retransmit it according to the guidance.
If a mail attack occurs intentionally according to guidance information by a human, communication rejection can be set manually.
When an email bomb attacker 5806 who frequently sends a large number of emails using a robot sends an email (Fig. 58, (c1) To: F, oooxxx ...) to the Application Support Division, the electronic secretary provides guidance information. Reject reception after automatic reply (c2) to inform. When the electronic secretary using the method according to claim 9 (see FIG. 14) is an automatic reply, the third rule is set based on the sender mail address, the reception time, and the predetermined reception rejection treatment (ID = 0). Created and added to the third rule set for attack prevention (FIG. 63). The usage constants of this embodiment are shown in FIG. The third time condition part for preventing attack is set to a predetermined time of 60 minutes, the predetermined treatment is not returned, and reception is refused. Then, if the attacker sends the second mail (c3) within 60 minutes, he / she gives a reception refusal treatment without reply (FIG. 14, 1407), and the subsequent attacks are immediately rejected by looking at the mail envelope. .

A preferred variant of the invention adds the number of emails that reach the condition part of the third rule. For example, when reaching the fifth mail of the attacker within 60 minutes, the communication request is processed based on the treatment.
Since the electronic secretary judges the sender from the mail envelope or header (claim 5), there is no need to receive the mail body. Public network traffic can be significantly reduced.
In the prior art disclosed in Patent Document 13, when the caller is unknown, a mail is temporarily received, a confirmation mail created by the server is automatically returned to the caller, and when the confirmation is confirmed, the received mail is delivered to the callee. As described above, the present invention does not generate a large amount of useless communication in the public network, and there is no fear that the communication bandwidth is compressed or the server storage area is punctured due to a mail attack. It is different from the above-mentioned prior art that the subjective intention of each individual recipient can be reflected without the possibility that the mail itself becomes a large number of new spam mails. In addition, the present invention has a feature that, when operated on the client side such as a mobile phone, a recipient who is inconvenienced by junk mail is not charged unreasonably.
As described above, it is possible to completely reject error mails, spam mails sent by machines, and attack mails while guaranteeing normal business execution.
A preferred variant of the present invention stores the IP address of the abnormal caller and rejects the TCP connection with the IP address.
When a sender uses a conventional mail transmission server (SMTP client), the electronic secretary determines the identity of the sender based on the header of the mail, and does not receive the main body of the mail. The communication is forcibly stopped by closing the connection (claim 6, FIG. 11). Since the transmission server whose communication has been forcibly stopped retry, the state of the forced cancellation is recorded using a dedicated third rule set, and when the transmission server tries again, the caller ID in which the electronic secretary is recorded The other party is judged by and communication is terminated normally. FIG. 65 shows the dedicated third rule set (R3DB2). It should be noted that data different from the third rule set (R3DB1) for preventing attacks shown in FIG. 63 is recorded.

When the mail transmission server uses the transmission system using claims 99 and 100 instead of the prior art, the information field included in the header is used to determine the authorization for transmitting the body based on the information included in the header. (FIGS. 31 and 3104), and after receiving the information field including the subject, the electronic secretary on the receiving server side applies the second rule set (FIGS. 10, 1006, 1007, and 1009). If the transmission is permitted, the communication is allowed, and the communication is continued (FIGS. 31 and 3106). By using the inventions of claims 99 and 100 and the electronic secretary at the same time, the amount of unnecessary communication is further reduced, and there is no need to forcibly stop communication. Communication control processing becomes clear.
When mail is transmitted from the electronic secretary, it is possible to prevent unwanted communication from occurring (see claim 26, FIG. 20). D: Email bomb attacker (5807) sends A: email to applicant (Fig. 58, (d1) To: A, oooxxx ...) and uses electronic secretary 5803 operated by A on the server side. Suppose that Since the electronic secretary 5803 receives (d1) and the caller D does not have permission to receive, the electronic secretary 5803 sends an automatic reply (d2) informing the applicant's guide information to the caller and rejects the reception. The electronic secretary 5801 that transmitted (d1) receives the reception refusal treatment from 5803, creates the fifth rule, and saves it in the instruction file of the caller D in addition to the fifth rule set R5DB (FIG. 66). If D further transmits (d3) within the time (one day) set in the fifth rule condition part, the electronic secretary 5801 applies the fifth rule and rejects the transmission (FIG. 20, 2004). . Before the unwanted communication as described above enters the public network 5813, it is rejected for the first transmission client. For example, if the caller uses Microsoft Outlook, pressing the send button causes Outlook to report that it cannot be delivered immediately.

During system operation, the third and fifth rules that have passed a predetermined time in the condition part from the created time are deleted.
Companies and organizations that provide services to specific callers have business communications that communicate only to a limited extent. The public telecommunications network of the prior art can communicate quickly and cheaply. However, since it is open to the public, it does not apply to the above work. The present invention provides an exclusive communication effect for a public telecommunications network.
For example, the Japan Patent Office currently handles only inquiries regarding the status of patent examination initiation. The present invention proposes the work by the following e-mail.
Assume that the e-mail destination of the inquiry is E (FIGS. 58 and 5808). In the information of E, “This is the contact for inquiries regarding the status of patent examinations. If you are a first-time user, please re-send“ application number: reference number ”in the subject line of the email. -70953: 0302-001 "" and when a mail arrives, the second rule gives the communication permission treatment to receive the mail to the caller who correctly described the application number and reference number, and the given treatment Save to the first rule set.
“Application number: reference number” is the role of the password for obtaining permission for communication for the first time. Instead, a password determined by the JPO or the applicant can be used. The password notification will be included in the application delivery document.
The predetermined recording conditions of claims 101 and 102 are included in the treatment ID. When the treatment ID determined by the second rule is 6, the treatment is stored. That is, the password is not checked for the second mail after the sender.
When the business system is dynamically connected and changes dynamically, it is difficult to maintain the instruction file by a person. This problem is solved by the instruction file input component according to claims 131 and 132.

FIG. 67 illustrates the layout of the user interface of the instruction file input component.
FIG. 68 shows data passed to the instruction file input component according to the user interface.
The electronic secretary 5801 runs on a Microsoft Windows®-based computer. (Who) Input information with little fluctuation, such as constants and guidance information, to the instruction file via the Internet.
The input component runs on a Microsoft Windows (registered trademark) -based computer, and the terminal 5810 extracts the application number and reference number from the pending case data 5811 of the JPO and passes it to the component. Alternatively, when the application data for determining the application number is saved, the data is input to the instruction file by calling the component from the business system. Preferably, the sender ID for which the input component has given permission and the relevant information of the second rule set are stored, and the relevant information is deleted from the instruction file after the application case is no longer pending at the JPO.
As described above, even if there are many parties involved and changes dynamically, it is possible to create a communication environment like a secure dedicated communication network limited to the parties involved in the public Internet communication network without maintaining it manually. .
The electronic secretary 5801 directly sends a mail to the Internet 5813, but a mail other than an automatic reply may be transferred via a conventional mail server 5802, such as 5808 to 5801 to 5802 to 5813 ( (Not shown in FIG. 58). Then, since the mail transfer (5801 to 5802) inside the ISP is fast, the management of the queue of the outgoing mail in the electronic secretary can be omitted, and the functions such as the queue management of the conventional mail server can be fully utilized.
A conventional mail server can be used, such as Sendmail running on a Unix®-based computer.
The present invention may be used as a component of a mail server.

Embodiment, electronic payment system.
FIG. 69 is a block diagram showing a method and system relating to electronic payment.
[Field] It relates to a system that enables cashless business transactions. In particular, the present invention relates to an electronic payment server, an electronic payment system, an electronic payment method, and a program that can make an immediate payment using a communication terminal such as a mobile phone.
[Background] There are payment systems for credit cards and debit cards (shopping with cash cards). There are also many services for portable communication devices such as the Internet business (e-business), mobile phones and PHS. However, card data can be easily stolen. With a debit card, it is not safe to enter a PIN when shopping, and the PIN can be easily stolen from the movement of a finger. If the terminal is crafted or the line is intercepted, information for withdrawing money from the account is easily stolen. For this reason, damage has been caused by forged cash cards and stolen passwords. Patent Documents 30 and 31 disclose a technique for opening a dedicated account that does not cause high damage. However, a deposit / withdrawal operation is required between the ordinary account and the dedicated account, which impairs the liquidity of the ordinary account funds.
[Problem] A settlement method / system with convenience, safety that does not cause heavy damage, and liquidity of funds.

[Means] In order to promote electronic settlement, any type of financial institution or settlement center (hereinafter also referred to as “bank”) account (eg, debit card, credit card) owner (hereinafter also referred to as “buyer”) and seller ( In the electronic settlement system and method for processing commercial settlement between FIGS. 69 and 6902), the buyer (FIG. 69,6901) reserves information for reserving electronic settlement in order to pay the planned purchase by electronic settlement (FIG. 69). , A) is transmitted to the bank (FIG. 69, 6903), and the product (FIG. 69, G) is purchased using the identification ID (FIG. 69, B).
Table 1 shows simple examples of reservation information, data, and operation information.

The terms used in this specification are defined as follows.
“Communication ID” means a communication destination when confirming a settlement request with a buyer. For example, a mobile phone number, a computer communication address, etc. correspond to this.
“Identification ID” means a user identifier associated with a buyer's bank account. For example, a telephone number, a vehicle identification number, etc. correspond to this.
The “virtual account” means an assumed account for paying a planned payee. For example, an account assumed for payment to a specific seller, institution, or group of sellers such as a railway, an expressway, an automatic teller machine (ATM) withdrawal, shopping, an Internet store, and the like.
The “balance upper limit” means a value that specifies the balance of the virtual account. By making a reservation, the balance of the virtual account is set to the balance upper limit.
“Unnecessary confirmation amount” means an upper limit of payment that may be omitted.
The “unrecognized cumulative limit” means a reference amount to be confirmed. Omission of confirmation is a cumulative method, and when the accumulated amount of payment without confirmation exceeds the reference amount (hereinafter referred to as “cumulative excess”), confirmation is performed and the accumulated amount is set to zero and accumulated again. do.
“Balance notification amount” means an amount that the balance is less likely to be reserved.
The “automatic recovery days” means the shortest elapsed days for automatically recovering the balance to the balance upper limit.
“Payment reservation confirmation necessity” means a flag for designating whether or not to make a reservation for a payment request generated at the exit when the identification ID medium holder passes through the entrance of the pay area.

“Confirmation information” means information used to confirm a payment request. It corresponds to the PIN code of the virtual account.
The information, balance notification destination, and personal identification number shown in terms in Table 1 above are reservation information.
“Balance” means the balance of the virtual account.
“Communication confirmation” means one type of treatment of control permission treatment provided. See Fig. 70 for treatment ID.
“Operation information” means information input to an authentication program activated by communication confirmation treatment.
Table 1 shows a settlement reservation confirmation necessity flag not used for the virtual account by “-”.
The seller generates a settlement request (FIG. 69, C) for requesting settlement of the usage amount, and transmits it to the bank to approve the settlement request. When the bank identifies the virtual account from the seller identifier included in the settlement request and the balance and the bank account balance (hereinafter referred to as “total balance”) are sufficient, the bank confirms the settlement request with the buyer. A confirmation request (FIG. 69, D) is presented to the buyer. The buyer confirms the settlement request by presenting confirmation information (FIG. 69, E) to the bank. Only after confirmation by the buyer, the bank sends an approval (FIG. 69, F) to the seller for settlement.
The virtual account is specified by a method specified by the buyer, such as an industry code, a seller name, and a product type. The bank provides the buyer with available information, such as a seller identifier, and selects an association with the virtual account.
For the data structure and the like related to the settlement processing of the present invention, refer to known techniques, for example, Patent Documents 27 to 29.
The virtual account can freely withdraw the total balance from the bank account, unlike the conventional account, the reserved deposit (the frame that cannot be withdrawn freely from the entire account balance), and the prepaid card. FIG. 73 schematically shows the balance of the bank account opened by the account owner and the reserved virtual account. The balance of the virtual account may exceed the total balance. Settlement amount is less than both balance and total balance. The virtual account has the effect of maintaining the liquidity of funds while maintaining the security of settlement. If you deposit too much into multiple dedicated accounts, there is no inconvenience that you cannot easily use the funds for other purposes.

The confirmation request asks the buyer to confirm the payment request including the cause of the charge and the amount.
Banks are required to process promptly. You may run your own payment center that acts as a bank.
Any information communication means can be used. Any means that can achieve the object of the present embodiment, such as telephone, mail, and the Internet, may be used. You may utilize the communication means always connected to a network. For example, mobile Internet Web or chat-like interactive communication (chat-like interaction) may be used.
The buyer may send a confirmation request from the bank. The electronic secretary analyzes the communication request that arrives from the inside, and performs communication confirmation treatment for the communication request for confirming the settlement request. For example, when a call to a bank electronic payment telephone number or an access to a Web page that provides an electronic payment service identified by a URL is detected, an authentication program is activated.
Confirmation criteria may be included in the reservation information. When the confirmation criteria included in the reservation information is satisfied by the data included in the settlement request, the bank may approve the settlement request by omitting transmission / reception of the confirmation request and the confirmation information. Examples of validation criteria include, but are not limited to, seller identifiers, payment limits, settlement dates, settlement times, or combinations thereof, or other criteria that buyers may find convenient.
The bank may confirm the payment request with the buyer through a seller communication module, eg, a cash register terminal. You may choose to send a confirmation request to both the trading devices. Alternatively, confirmation may be requested by e-mail and confirmation may be made via the Web.
The identification ID recording medium may use any means that matches the seller device. For example, a barcode is displayed on a mobile phone display. You may use near field communication means, such as a magnetic card, an ID tag, an IC card, and infrared rays. The identification ID may be manually entered into the seller device. In addition, the usage history, balance, total balance, etc. may be selected to be displayed on the store apparatus or printed on the receipt.

A medium in which the identification ID is recorded can be duplicated and used by a family member. For example, a child can buy juice at a convenience store, present a card with a barcode on which an identification ID is recorded for payment to a store clerk, and a parent can confirm a settlement request by mobile at home. If the medium is duplicated or dropped unintentionally, unauthorized use can be easily detected, so it can be abolished.
All withdrawals can be used for confirmation from the user's bank account. For example, when withdrawing cash from an ATM, the ATM may be regarded as a seller (FIG. 69, 6902). The user inputs the account number or unique ID into the ATM through a medium such as a magnetic card, inputs the amount, and the bank withdraws only after confirming that the withdrawal has been made through the user (buyer) communication module. Communication confirmation may be performed by adding authentication of a conventional cash card with ATM.
Furthermore, the bank generates a transaction code for each transaction, transfers it to a mobile phone, inputs the transaction code into an ATM using a short-range communication means, collates it, and operates the authentication program with a fingerprint. You can prevent trading.
The balance is a payment limit amount by electronic settlement from the virtual account, and the settlement deducts the settlement amount from the balance. If the balance is insufficient, the settlement request is denied. The amount within the balance can be used with confirmation information different from the PIN. The balance is the maximum loss when the identification ID, the confirmation information, and the buyer communication device are stolen at the same time.
Immediately notify and confirm the owner of any payment attempt exceeding the unrecognized limit. The confirmation unnecessary limit is a cash-like amount that can be used only with the identification ID. When rejecting the settlement request, the virtual account may be frozen by invalidating the confirmation information.
The payment amount without confirmation is accumulated in the accumulated amount, and when a settlement request is made to exceed the unrecognized accumulation limit amount, confirmation is always performed, and then the accumulated amount is reset to zero and accumulated. You can confirm the payment of the amount. The confirmation unnecessary cumulative limit is the maximum loss when the identification ID and the confirmation information are stolen at the same time.

When the balance decreases below the balance notification amount, the fact is transmitted to the designated balance notification destination. Furthermore, when a certain condition is satisfied, the balance is automatically restored to the balance upper limit (automatic recovery). For example, automatic recovery is performed when the conditions for which the automatic recovery days have elapsed since the previous reservation or automatic recovery are satisfied.
The confirmation information is different in nature from authentication information such as a password. It can be used according to the importance of the settlement and the usage environment. When using the virtual account for payment in a public environment, it is better to use confirmation information different from the password. The confirmation code of the environmental virtual account that can be safely input such as an ATM corner may use the same code as the password.
The term “communication confirmation” refers to an incoming communication request that alerts the owner with a ringtone, vibration, etc., receives the information, presents it visually or audibly, and automatically activates the authentication program Including doing. The authentication program includes a process of checking the registered operation information based on the input operation information and transmitting the registered information registered in advance to the outside (bank) only when they match. The operation information includes information selected from the group consisting of human physical features (biological information) such as simple button operations, approval codes, voices, passwords, and fingerprints.
Confirmation information is used as the registration information.
If necessary, a plurality of communication confirmation treatments as shown in FIG. 70 can be provided.
Reservation is made on the Internet, telephone or bank counter based on the identification ID or account number and PIN. It may be possible to make a reservation only at the window.

Preferably, the personal identification number (authentication information) uses a disposable password (OTP). Since each communication uses a different password, communication interception damage can be prevented. For example, the authentication program has a function for realizing OTP. Reservation can also be made temporarily on a public telephone, and a daily usage limit may be set in order to prevent wiretapping damage. Further, OTP may be used as the confirmation information.
Preferably, the electronic payment is made valid (a state in which the payment can be approved) through the personal authentication. For example, the instruction file is accessed and communication confirmation treatment is given to the bank. Alternatively, if an electronic payment valid / invalid flag is set in the instruction file and the flag is set invalid, the communication confirmation treatment rejects the communication.
The identity authentication uses the identity authentication means attached to the communication device, and the buyer registers the identity identification information in the device in advance, and when the identity authentication means is activated, the device identifies the identity to the operator. Prompts the user to input information, and compares the input information with the registered personal identification information. If the verification results match (authentication success), the next operation is permitted. The personal identification information includes biometric information such as a fingerprint or a password.
Preferably, after a predetermined time, for example, 4 hours elapses after the electronic payment is validated, the electronic payment is invalidated (a state in which the payment cannot be approved).
[effect]
If you want the maximum level of safety, reserve your balance as the planned usage amount, zero as the confirmation-free limit, reserve your communication destination as your mobile phone number, and confirm with your fingerprint before you go shopping.
Reserving the communication destination on the store side as something that remembers the identification ID and confirmation information, and by manually entering the identification ID and confirmation information at the store, payment can be made only by storage.

When making daily payments, do not use a PIN during input operations and communications. When making a reservation, you can use your PIN number safely. You can use no password at all.
You can freely control the outflow rate of money for each application from the account, there is no possibility of high-priced card counterfeiting beyond the outflow rate, and if it is within the planned outflow rate range, there is no need to make a reservation by automatic recovery, and plan for households Increases nature.
Detailed Description Details of the prior art used (communication software, command transmission, program execution, IC card, OTP, etc.) are omitted.
70 and 71 show TDB and R1DB of an embodiment of a mobile telephone having the electronic settlement function of the present invention. Block diagram showing the configuration is basically the same as FIG. The R1DB is an example of what is shown in FIG. 2B. Use the calling number for easy explanation. As in the fourth embodiment, communication means such as continuous Internet connection and packet communication can be used, and the caller can be identified by an ID such as a mail address.
FIG. 74 is a flowchart of the transaction process in the virtual account schematic diagram shown in FIG. FIG. 75 is a flowchart of the approval process shown in FIG.
Next, the reservation of the virtual account “shopping” will be explained. Communication ID “090-1234-5678, store”, identification ID “045-1234-5678”, confirmation information “456”, and other reservation information shown in Table 1 are transmitted. The confirmation information and buyer fingerprint shown in Table 1 are stored in the instruction file.
The communication ID means that the confirmation request is transmitted to both the mobile phone and the store terminal. On the back side of the mobile phone, a bar code recording a home phone number as an identification ID is attached.

The seller reads the identification ID with a bar code reader such as a cash register terminal, and sends the identification ID, seller account number, store name, billing amount (A), etc. to the bank and requests settlement (FIG. 74, 7401). If the buyer forgets to carry the phone, the home number is manually entered at the cashier terminal.
The bank searches for the account number from the identification ID. For example, if the initial payment A is 500 yen and the total balance (B) is 200,000 yen, B will be sufficient and the process will continue (7402, YES) If a specific virtual account cannot be specified, a shopping account is selected (7403). Since A does not exceed the balance of ¥ 100,000 (7404, YES), the approval process (7405) is performed, and the limit of 1,000 yen that does not require confirmation is exceeded (Fig. 75,7501). Is approved, and the payment amount of 500 yen is accumulated in the accumulated amount (C) (Figure 75,7502), C becomes 500 yen, and A is withdrawn from the account and transferred to the seller's account. At the same time, A is withdrawn from the virtual account, and the new total balance is 200,000-500 = 199,500 yen, and the balance is 100,000-500 = 99,500 yen (7407).
If the payment A for the second purchase is 600 yen, C will be 1,100 yen if accumulated in C, exceeding the unrecognized accumulation limit (7503, YES), so the bank will search for the mobile number from the identification ID. Then, a call is sent to the mobile phone to confirm the settlement request, and at the same time, the confirmation request is displayed on the cash register terminal (7504). The buyer confirms the settlement request by inputting the confirmation information “456” at the cash register or by inputting the fingerprint through the fingerprint sensor into the authentication program activated on the mobile phone. If the settlement request with the wrong confirmation information is not confirmed (7505, NO), the transaction is rejected (7406). If confirmed, approve the transaction, and if it exceeds the cumulative amount, the cumulative amount C is set to 0 yen (7506), the new total balance will be 200,000-1,100 = 198,900 yen, the balance will be 100,000-1,100 = 98,900 yen .

FIG. 72 is a block diagram of still another embodiment of the present invention relating to a ticket.
[Field] Regarding toll collection system for toll areas (hereinafter referred to as “roads”) such as railways, buses, highways, city centers, parking lots, and event venues that do not require cash. [Means] Uses electronic payment shown in FIG. The seller (road, FIG. 72,6902) reads the user identification ID at the entrance (FIG. 72,7204) (FIG. 72,1) and reserves the settlement including the identification ID and the cause (FIG. 72, 2) Send information to the bank to reserve payment. The bank sends a confirmation request (FIGS. 72, 3) confirming the reservation to the user. The user confirms the confirmation request and sends confirmation information (FIGS. 72 and 4) to the bank. The bank sends the reserved (Fig. 72, 5) information to the seller only after confirmation by the user. The seller reads the identification ID at the exit (Figs. 72, 7205) (Figs. 72, 6), settles the usage fee, and sends a settlement request (Figs. 72, 7) to the bank. The bank sends a confirmation request (FIGS. 72 and 8) for confirming the settlement request to the user. The user confirms the confirmation request and sends confirmation information (FIGS. 72 and 8) to the bank. Only after being confirmed by the user, the bank sends an approval (FIGS. 72 and 10) to the seller for settlement.
When the settlement reservation confirmation necessity flag is reserved to “required”, entrance control is possible based on the reservation approval / denial result.
DETAILED DESCRIPTION In a specific embodiment, payment for rail fare. The identification ID is recorded on the non-contact IC card. For the reservation of the virtual account “railway company”, communication ID “090-1234-5678”, identification ID “IC card number”, confirmation information “456”, settlement reservation confirmation necessity “unnecessary” are shown in other Table 1. Reservation information is sent.

The boarding station ticket gate (7204) reads the identification ID and transfers it to a server (installed in FIGS. 72 and 6902, not shown). The server creates an admission record that records the identification ID, boarding station, and time, sends settlement reservation information including the identification ID and boarding station name (different from virtual account reservation information) to the bank, and the settlement reservation confirmation necessity flag is “unnecessary” ", The bank skips the confirmation (Figs. 72, 3 and 4), sends the reserved information to the ticket gate, and is allowed to enter.
The getting-off station ticket gate settles the boarding fee of the passenger identified by the read identification ID, transmits a settlement request to the bank, and permits the exit when the approval is received.
When boarding within the boarding fee range that does not exceed the confirmation unnecessary limit amount, the bank omits the confirmation (FIGS. 72, 8, and 9), which has the effect of speeding up the exit determination process.
If the payment reservation confirmation necessity flag is “necessary”, if the identification ID read is valid, the entrance ticket gate permits the admission and sends the payment reservation to the bank, and the disembarking station receives the reserved information In this case, the settlement request may be transmitted to the bank after permitting the exit. This has the effect of speeding up the entrance / exit judgment process.
Further, in order to reduce the cost for high-speed processing and settlement request processing, the amount of payment without confirmation may be accumulated in the IC card or server. Cumulative and entry / exit decisions can be approved offline without communicating with the bank. For offline approval, the seller obtains the reservation information set by the required buyer from the bank.

FIG. 76 is a flowchart of offline approval. When the seller terminal reads the identification ID and determines that the product price does not exceed the confirmation unnecessary limit (FIG. 76, 7601), the seller price adds the product price to the accumulated amount stored by the seller (7602). In the case of excess, a settlement request is created using the accumulated amount as a product price, and approval is requested from the bank according to the procedure shown in FIG. 74 (hereinafter referred to as “online approval”) (7605). If the transaction is approved (7606, YES), the accumulated amount is reset to zero (7607). If it is not cumulative, it is to approve the transaction without communicating with the bank. In this system, this process is referred to as “offline approval”.
When the ID (IC card, etc.) is sold at a guaranteed amount and payment is rejected, the customer will be sent off with cash. When requesting the abolition of the identification ID, it may be refunded by subtracting the used amount from the guaranteed amount. The accumulative limit amount that does not require confirmation and the guarantee amount may be limited to the same amount. There is an effect to guarantee the collection of the price. For example, when using an identification ID that has been released or validated at 1,000 yen, boarding up to 990 yen is permitted, and when taking the next 120 yen section, 1110 yen is charged at the exit. If the settlement is rejected, the exit liquidation amount is 120 yen, and if the abolishment of the identification ID is requested, the return amount is 10 yen.
For one identification ID, a plurality of sellers can independently store the accumulated amount and approve it offline. For example, there is an effect that the same mobile phone number can be used as an identification ID and can be used for trains of different railway companies.
Furthermore, the passenger gives the seller a position acquisition permission treatment to speed up entry and exit. The ticket gate can determine the validity of nearby passenger identification IDs in advance. The exit ticket gate can be used for provisional settlement of payment (assuming that it will get off at the nearest station from the passenger's location). The location of the mobile phone can be acquired from the telephone company system and does not have to be directly connected to the mobile phone.

In the case of processing a ticket for entering an event venue or the like, a customer orders a ticket from a ticket shop or the like prior to entering, and the entrance management server corresponds to a bank and stores ticket information. The ticket information includes data such as an identification ID, a venue name, an event name, a date and time, the number of people, and a seat position. Then, the server transmits to the mobile phone corresponding to the identification ID read by the admission ticket checker, and permits the admission after authenticating the person.
Sellers may operate their own payment centers. Instead of public communication means, it is possible to communicate with the ticket gate using non-contact short-range communication means such as mobile infrared, DSRC (Dedicated Short Range Communication), Bluetooth (registered trademark) , and directly start the mobile identity authentication program. .
In yet another specific embodiment, road toll collection.
[Background] Japan's automatic toll collection system (ETC system) is composed of an on-board ETC device, an ETC card that stores personal information and contract information or electronic currency, an entrance / exit gate, and a road-to-vehicle high-speed communication (DSRC) device Is done. However, it is required to pass through the gate at a speed that can be stopped at any time. Also, the cost is high. On the other hand, in Singapore, there is a method for ERP, where a license plate of a traffic vehicle with a speed of 180 km / h or less is photographed and charged. Existing technology camera-type billing can realize a free-flow toll gate that can pass at high speed, but it is difficult to separate the car owner and the payer.
[Problem] To realize a free flow fee system that does not require cash at low cost.
[Means] The electronic settlement shown in FIG. 69 is used. The vehicle registration number is used as the user identification ID. For the reservation of the virtual account “highway”, communication ID “090-1234-5678”, identification ID “number plate number”, confirmation information “456”, payment reservation confirmation necessity “necessary” are shown in other Table 1. Reservation information is sent.

The seller photographs the number plate with the digital camera at the entrance (7204), reads the identification ID with the image recognition means, and sends a settlement reservation including the identification ID, the entrance name, etc. to the bank. When the reserved information is received, the exit is permitted, the price is settled based on the entry record, and the settlement request is transmitted to the bank.
The entry / exit records will also include vehicle models, photos, etc. according to the charge category, and will be left as proof of use. When the payment reservation or the payment request is rejected or the electronic payment is not reserved, the vehicle use (owner) is specified by the identification ID and charged by a method such as sending a bill. You may request by adding the administrative fee charged on the invoice.
When there is an entrance gate, the identification ID is a virtual account settlement, or admission is permitted when reserved information is received.
When there is an exit gate, the identification ID is a virtual account settlement, or when the reserved information is received or the approval is received, the exit is permitted.
Preferably, the vehicle is guided to the light signal and the voice according to the determination result. A non-stop lane for electronic payment and a conventional charge gate may be added.
In addition, even if a camera is installed at the first arrival position of the entrance / exit lane, or position information of the mobile phone is acquired, the payment method of the vehicle approaching the entrance / exit, the provisional settlement, or the high-speed judgment of the entrance / exit gate good.
Preferably, a road use schedule (period) is designated, and when the schedule is over, the reservation of the virtual account is deleted.
In the case of a method of charging each time a boundary line of a toll area such as a city center is passed (hereinafter referred to as “passage charging”), the same processing as the exit may be performed on the boundary line.

A billing method based on travel distance (hereinafter referred to as distance billing) can be realized. When the user gives the system location acquisition treatment and enters the pay zone, the system makes the system know the location of the mobile phone almost continuously. For example, mobile location information (location cell, GPS information, etc.) may be acquired from a server and tracked. The mobile travel distance is calculated as the travel distance of the car. If the mobile battery runs out or the position cannot be specified, fixed charging may be applied.
You may replace the camera which reads vehicle information with the vehicle information acquisition means required for another charge, for example, a license plate etc. in which the communication function is provided.
[Operation] The ETC system instantly recognizes a car that is traveling at high speed when passing through gates and boundaries, and requires instant processing of the vehicle and two-way communication and movement of electronic currency. Since high accuracy and high reliability are required, and security functions such as maintaining the confidentiality of credit card information and preventing data tampering are required, a large amount of processing is required instantaneously. This is due to the high cost of the ETC system. The present invention only needs to photograph a car and read a license plate, and signal processing technology for that purpose is mature. In addition, since confidential information is not transferred, there is no need for a large amount of instantaneous processing at the time of passing through a gate, and no on-vehicle device or ETC card is required, so that the cost of both roads and vehicles can be reduced. Also, problems such as forgery of highway cards can be solved. In addition, it is easy to separate the car owner and the payer. Non-stop at tollgates can be realized easily. Since the card is not used, there is no worry of forgery of the card, shortage of the balance of the electronic currency or the complication of the increase.

FIG. 69 is a block diagram showing another settlement method and system.
In an electronic payment system and method for processing commercial payments between banks, buyers and sellers, buyers purchase goods (FIGS. 69, 6) from sellers using identification IDs (FIGS. 69, 1). The seller generates a payment request (FIG. 69, 2) for requesting payment of the usage amount, and transmits the payment request to the bank (FIG. 69, 6903) to approve the payment request. In order to confirm the settlement request to the buyer, the bank presents a confirmation request (FIG. 69, 3) to the buyer. The buyer confirms the settlement request by transmitting authentication information such as a personal identification number (FIGS. 69 and 4) to the bank through the buyer communication module. The bank sends an approval (Fig. 69, 5) to the seller only after confirmation by the buyer.
Communication confirmation treatment is performed for a communication request for confirming a settlement request. The registration information transmitted by the authentication program activated by the communication confirmation treatment includes the authentication information. There is an effect that it is possible to avoid inputting the authentication information in a public place. Preferably, the electronic payment is invalidated after confirming the payment request. Then, in order to enable electronic payment before each payment, personal authentication is always performed, and there is no risk of damage even if the mobile phone is lost.

Mobile phone key [Field] Use a mobile phone as a key at home doors, safes, cars, etc.
[Means] When unlocking, the electric lock control system confirms unlocking to the user through the communication module. Unlock only after confirmation by the user. The confirmation is performed by sending authentication information such as a personal identification number to the electric lock control system.
FIG. 32 illustrates the configuration of the electric lock control system. In the first embodiment, the case of unlocking by calling a mobile phone has been described. In this example, the electric lock side of the controlled device is transmitting. When the user performs an unlocking operation using an unlocking operation means such as an unlocking operation button, the system sends a message to the user. 70 and 71 show examples of giving communication confirmation treatment to the unlock confirmation communication request. The system unlocks only after receiving the predetermined authentication information.
The unlocking operation may be further verified with a password input from the numeric keypad.
The unlocking operation may be performed simply by pressing a call push button also used as a door phone. A door phone and a mobile phone may be allowed to talk. Remote unlocking is possible.
[Effect] Locking with strong security can be realized by the result of personal authentication such as biometric authentication without a key or keyhole.

[Field] This embodiment relates to traffic information collection and mobile route guidance.
This specification shows a mobile communication terminal device using a mobile phone. The mobile communication terminal device is not limited to a mobile phone, and an electronic information device (a notebook PC, a PDA, an electronic notebook, a car navigation system, etc.) having a communication function can also be used.
[Background] A technique for collecting traffic information from a vehicle is known from Patent Documents 14 and 15. Patent Document 17 discloses a technique for predicting a road usage situation. The technique shown in Patent Document 16 avoids the occurrence of traffic jams.
[Problem] There is cooperation by a mobile communication device, efficient collection of traffic information, prevention and avoidance of traffic congestion, and guidance of a dynamic route of a mobile body.
[Means] Centralize the optimal route calculation function including information database such as traffic information, map and facility data and whole vehicle elements to the traffic center, and the traffic center departs from the user (pedestrian, car) via the communication line It collects travel plans including time and destinations, and provides recommended travel plans and recommended planned routes to users.
The user's mobile communication device acquires the current location information, the traffic center communicates with the mobile body to grasp the movement situation, and when a traffic jam ahead of the travel route occurs and is predicted, a car that can eliminate the traffic jam Select and transfer to the avoidance route, search only necessary information when necessary, such as the map ahead is newer than the map possessed by the mobile unit, or the mobile unit does not possess the map ahead, and transfer to the mobile unit To do.
Each time it communicates with a mobile device, it collects movement information such as position, speed, and direction of travel, and updates the traffic condition database. The traffic center provides a communication method including connection with a mobile device at all times, interval connection, and connection only when an event is detected.
The mobile device measures the position, speed, direction of travel, etc., and gives the control treatment necessary for the traffic center, such as measurement data acquisition, map and voice information transfer, alerting, etc., and the user releases the handle while driving Without exchanging the necessary information with the traffic center.

When a mobile device issues a communication request to a traffic center, it detects information including the location of the mobile device, forwards a route search, traffic information search request, etc. to the traffic center, and sends a route or command from the traffic center. Is operated according to the command, guides the user to the received route, or requests the route search from the traffic center again when the user leaves the route on the way.
At the time of fog, poor visibility, uphill, etc. that cause traffic congestion, it detects events such as intersections, vehicle speed changes, etc., and the traffic center continuously grasps the position of the vehicle, and the position of surrounding vehicles to the driver Informs and recommends speed regulation, protects safe inter-vehicle distance, assists in traffic jam prevention and safe driving.
A danger prevention service is provided by communication between vehicles approaching through the transportation center. Cars in the vicinity are handled as a group, the traffic center grasps the position of each member of the group, and the connection number of each member can be exchanged through the transportation center to connect directly between the vehicles. The position of other cars in the group is displayed on the mobile device screen, and if a danger such as the approach of a nearby vehicle such as rearward or forward, sudden braking, airbag operation, accident, etc. is detected, an emergency call is sent to the relevant vehicle And warn. The vehicle positions of all approaching groups are grasped in real time, the inter-vehicle distance is maintained, and data is provided to the automatic driving system mounted on each vehicle.
When the traffic center lacks information, it collects information using a mobile phone with a position detection device on a moving body such as a car as a mobile monitor, analyzes the received information, creates an information collection command, and Return it.
One way to start the monitor is to automatically send information to the traffic center if the moving speed meets a set condition such as 20 km / h or higher. One response or command of the traffic center receiving the information returns a transmission interval t. Let t be a positive correlation with the density p of the monitor. That is, when p increases, t increases. If the density increases, the possibility of overlapping information transmission increases. Therefore, if the transmission interval is increased, unnecessary information transmission can be suppressed. For example, t is obtained by t = a * p + b using constants a and b. As a specific example, when p is 10 km in radius and the number of monitors within 10 minutes difference in transmission time is 10 and a = 5 and b = 10, t is 60 minutes. That is, it instructs the monitor to transmit information again after 60 minutes.

The specific definition (calculation) method of p and the values of a and b may differ depending on the importance of the measurement location. For example, when it is necessary to increase the measurement density in the city center as compared to the suburbs, the values of a and b or the count radius of p may be made smaller than those in the suburbs. The center selects and uses a predetermined value according to the current location of the monitor.
Furthermore, the following information transmission conditions may be included in the command: No transmission is made at a specified time. Do not send within the specified speed range. Do not make calls within the specified geographic area. Send only when the speed or direction of movement changes.
Mobile monitors are operated by rewarding information providers or selling mobile phones with built-in automatic monitoring functions. Preferably, the reward providing method converts the provided amount of information into reward points and saves it in a memory measure. Provide services such as route guidance in exchange for points accumulated by users.
Signals can be controlled by actual traffic flow and emergency vehicles. For example, when the predicted position of a vehicle is close to an intersection, the traffic center sends out, grasps the position of the vehicle in real time, and does not emit an unnecessary red light. If an emergency vehicle or the like sends its position information in real time, the forward traffic signal can be optimized. The traffic center can check the position of another vehicle in the forward path of the emergency vehicle and instruct the vehicle to evacuate.
The traffic center can monitor overspeed and the behavior of vehicles near the intersection, and warns drivers and pedestrians who are immediately involved when it detects the danger of a collision. The traffic center can provide route guidance services to pedestrians and the like with mobile terminals. It is possible to guide the last train and the route to avoid train suspension according to the travel plan, commuting route, current location, time, etc.

[Action, effect]
There is an effect that information for this realization can be collected while realizing traffic guidance. Feedback of increasing traffic → increasing service requests → increasing the amount of information that the traffic center can collect → guiding based on collected information → reducing traffic congestion can be expected.
The traffic center can guide the recommended route dynamically, thereby realizing an optimum traffic system by changing the conventional unordered traffic flow in an orderly manner. It is possible to provide information specific to individual drivers and pedestrians accurately and in real time. It is possible to predict the optimum avoidance route according to the route information of each vehicle, which is predicted before the occurrence of traffic congestion, and to fully utilize the transport capacity of the traffic network without concentrating on a specific road Can do. Compared with the case where sensors are fixedly installed on the road, the measurement points are not limited, and traffic state information can be collected evenly on the road and evenly or evenly according to the importance.
It is possible to provide guidance on dynamic route guidance and traffic jam avoidance to the vehicle without operating the mobile phone prohibited by the Traffic Act while moving or driving. In the event of a train operation stop accident, pedestrians can be guided through detours.
It is easy to support safe driving, optimize traffic management, improve road management efficiency, support pedestrians, emergency vehicle operation support, ease traffic jams, and prevent traffic jams.

  As described above, the present invention is suitable for a communication method using an electronic device on a communication network.

It is a figure which shows the basic schematic structural example of this invention. It is a layout diagram of a record showing the contents of TDB. It is a layout diagram of a record showing the contents of R1DB. It is a layout diagram of a record showing the contents of GDB. It is a layout figure of the record which shows the contents of R2DB. It is a layout figure of the record which shows the contents of R3DB. It is a layout diagram of a record showing the contents of R4DB. It is a layout figure of the record which shows the contents of R5DB. It is a layout diagram of a record showing the contents of TRDB. It is a layout figure of the record which shows the contents of PDDB. It is a layout diagram of a record showing the contents of VDB. It is a layout diagram of a record showing the contents of VRDB. It is a flowchart of one Embodiment of this invention. It is a flowchart of another embodiment. It is a flowchart of another embodiment. It is a figure which shows the structure of another embodiment. It is a flowchart of another embodiment. It is a figure which shows another embodiment structural example. It is a flowchart of another embodiment. It is a partial flowchart of the early determination process of another embodiment. It is a flowchart of another embodiment. It is a flowchart of another embodiment. It is a flowchart of another embodiment. It is a figure which shows another embodiment structural example. It is a flowchart of another embodiment. It is a flowchart of another embodiment. It is a figure which shows the structure of another embodiment. It is a figure which shows the structure of another embodiment. It is a transmission processing partial flowchart. It is a figure which shows the system configuration | structure regarding anonymous communication. It is a partial flowchart of a process of a 1st party. It is a partial flowchart of a process of a 2nd party. It is a flowchart of a treatment exchange process part. It is a flowchart of another embodiment. It is a figure which shows the structure of one Embodiment. It is a conceptual diagram which shows the structure of a positional information system. It is a flowchart of the driving | running | working guidance function for vehicles. It is a conceptual diagram of another form of the present invention regarding position information and the like. It is a figure which shows the structure of a mail transmission client. It is a mail transmission flowchart. It is a block diagram which shows the structure of a multifunction telephone. It is a figure which shows the instruction | indication file content of the said telephone. It is a flowchart of the said telephone. It is a figure which shows the example which gives automatically the treatment which can normally call to the telephone number of a related person by automatic examination. It is a figure which shows the telephone configuration of the answering machine embodiment. It is a figure which shows the instruction | indication file content of the said telephone. It is a block diagram which shows the structure of the mail reception client Example. It is a figure which shows the instruction | indication file content of the said Example. It is a schematic flowchart of a reception process. It is a figure which shows a question input screen. It is a figure which shows an initial treatment selection screen. It is a block diagram which shows an Internet videophone and a monitoring system structure. It is a block diagram which shows the internal structure of the Example. It is a flowchart which shows operation | movement of a main program. It is a figure which shows a main menu screen. It is a figure which shows a contact book screen. It is a figure which shows a member addition screen. It is a figure which shows a treatment application process. It is a figure which shows a personal setting screen. It is a flowchart which shows a login process operation | movement. It is a figure which shows a friend list edit screen. It is a figure which shows a treatment application qualification designation | designated screen. It is a flowchart which shows operation | movement of a video telephone communication program. It is a figure which shows a connection waiting screen. It is a figure which shows the screen during videophone communication. It is a figure which shows the flow outline | summary which builds a treatment relationship. It is a block diagram which shows the structure of a mail server system Example. It is a figure which shows a treatment information data database. It is a block diagram which shows a guidance information data database (GDB). It is a figure which shows a 2nd rule set. It is a figure which shows a 1st rule set. It is a figure which shows the 3rd rule set for attack prevention. It is a figure which shows a usage constant. It is a figure which shows the 3rd rule set for cancellation. It is a figure which shows a 5th rule set. FIG. 3 is a diagram illustrating a user interface of an input component. It is a figure which shows the data passed to an input component. It is a block diagram which shows the method and system regarding an electronic payment. It is a figure which shows TDB of an electronic payment Example. It is a figure which shows R1DB of an electronic payment Example. It is a block diagram of another embodiment regarding a boarding ticket. It is a figure which shows an account and a virtual account typically. It is a flowchart of the transaction processing in a virtual account schematic diagram. It is a flowchart of an approval process. It is a flowchart of offline approval.

11, 111, 211... Processor 12, 112, 212... Input / output control means 13, 14, 114, 214... Storage device 15, 115, 215 .. communication transfer device 16.
17 …… Microphone, speaker 18 …… Camera, keyboard and display unit.
19 …… Vibrator 20 …… Fingerprint sensor

Claims (55)

A method performed by a computer,
Comparing the available amount of the account with a threshold;
Sending a balance alert message to a correspondent associated with the account when the available amount is below the threshold;
Transmitting information to a communication destination associated with the account;
Have
The information includes control information for controlling a mobile phone having the communication destination, and when the information is received, the mobile phone operates according to the control information. The method of claim 1, wherein the balance alert message is in the form of a text message. The method of claim 1, wherein the balance alert message is in the form of an email message. The method of claim 1, wherein the account is a credit account. 5. The method of claim 4, wherein the available amount is an amount related to a credit limit. The method of claim 1, wherein the account is a debit account. 7. The method of claim 6, wherein the available amount is an amount related to a balance. The method of claim 1, further comprising receiving a limit. 9. The method of claim 8, wherein the available amount is an amount related to the limit amount. The method of claim 1, further comprising receiving the threshold. A means of comparing the account available amount with a threshold;
Means for sending a balance alert message to a destination associated with the account when the available amount is below the threshold;
Means for transmitting information to a communication destination associated with the account;
Have
The information includes control information for controlling a mobile phone having the communication destination, and when the information is received, the mobile phone operates according to the control information. 12. The apparatus of claim 11, wherein the balance alert message is in the form of a text message. 12. The apparatus of claim 11, wherein the balance alert message is in the form of an email message. The apparatus of claim 11, wherein the account is a credit account. 15. The apparatus of claim 14, wherein the available amount is an amount related to a credit limit. 12. The apparatus of claim 11, wherein the account is a debit account. The apparatus of claim 16, wherein the available amount is an amount related to a balance. 12. The apparatus of claim 11, further comprising means for receiving a limit amount. The apparatus of claim 18, wherein the available amount is an amount related to the limit amount. 12. The apparatus of claim 11, further comprising means for receiving the threshold value. Computer
A means of comparing the account available amount with a threshold;
Means for sending a balance alert message to a destination associated with the account when the available amount is below the threshold;
Means for transmitting information to a communication destination associated with the account;
Function as
The information includes control information for controlling a mobile phone having the communication destination, and when the information is received, the mobile phone operates according to the control information. The program according to claim 21, wherein the balance warning message is in the form of a text message. The program according to claim 21, wherein the balance warning message is in the form of an e-mail message. The program according to claim 21, wherein the account is a credit account. 25. The program according to claim 24, wherein the available amount is an amount related to a credit limit. The program according to claim 21, wherein the account is a debit account. 27. The program according to claim 26, wherein the available amount is an amount related to a balance. 23. The program according to claim 21, further comprising a function for receiving a limit amount. 29. The program according to claim 28, wherein the available amount is an amount related to the limit amount. The program according to claim 21, further causing the function to function as means for receiving the threshold value. A method performed by a computer,
Receiving information identifying the account;
Identifying the account;
Receiving a password different from the previously used password corresponding to the account;
Receiving a limit if the password is correct;
Storing the limit in a limit storage means;
Receiving a request for authorization of a transaction relating to the account;
Determining whether to allow the request based on a determination condition;
Updating the available amount in the account;
Have
The determination condition includes the limit amount, the transaction amount in the transaction, and the available amount.
A method characterized by that. A method performed by a computer,
Sending information identifying the account;
Identifying the account;
Sending a request for authorization of a transaction relating to the account;
Receiving the request; and
Reading a set limit when a password different from the previously used password corresponding to the account is correct;
Determining whether to allow the request based on a determination condition;
Updating the available amount in the account;
Have
The determination condition includes the limit amount, the transaction amount in the transaction, and the available amount.
A method characterized by that. The determination condition further includes an authentication condition,
The authentication condition includes an input password input by the user and a password registered in advance.
The method according to any one of claims 31 to 32, wherein: The determination condition further includes an amount condition,
The amount condition includes the transaction amount
The method according to any one of claims 31 to 32, wherein: The amount condition is that the transaction amount is less than or equal to a threshold value
35. The method of claim 34. The limit is the daily limit
36. A method as claimed in any one of claims 31 to 35. The limit amount is set to a predetermined amount at specified time intervals
36. A method as claimed in any one of claims 31 to 35. The determination condition further includes an effective condition,
If the valid condition is not met, the transaction is rejected
38. A method as claimed in any one of claims 31 to 37. After the transaction, it is set to an invalid state where the validity condition is not satisfied
The method according to claim 8, wherein: It is set to an invalid state where the valid condition is not satisfied after a predetermined time has elapsed.
40. The method of claim 38. Information is sent to the destination associated with the account
41. The method according to any one of claims 31 to 40, wherein: The communication destination includes an e-mail address, and the information includes an e-mail.
42. The method of claim 41, wherein: The communication destination includes a telephone number, and the information includes voice information.
42. The method of claim 41, wherein: The information includes content indicating that the transaction has been accepted.
44. A method according to any one of claims 41 to 43. The information includes content indicating completion of acceptance of the transaction.
44. A method according to any one of claims 41 to 43. If the transaction amount exceeds a threshold, the information includes a request to approve the transaction
44. A method according to any one of claims 41 to 43. The information includes a balance warning message when the residual of the limit minus the transaction amount falls below a threshold
44. A method according to any one of claims 41 to 43. The account is an account opened at a bank
48. A method according to any one of claims 31 to 47, characterized in that The transaction is a withdrawal transaction withdrawing cash from the account
49. The method according to any one of claims 31 to 48, wherein: The transaction is a debit transaction
49. The method according to any one of claims 31 to 48, wherein: The account is a credit account;
The transaction is a credit transaction
48. A method according to any one of claims 31 to 47, characterized in that The limit amount is a limit amount read from the limit storage means;
At least one limit amount is stored in the limit storage means,
When there are a plurality of the limit amounts, the limit amount is one of them.
52. The method according to any one of claims 31 to 51, wherein: Selection information associated with the limit amount is stored in the selection storage means,
The limit amount is a limit amount to be read from the limit storage means when the selection information is stored in the selection storage means;
The selection information is deleted from the selection storage means after a predetermined time has elapsed.
53. The method of claim 52, wherein: 54. An apparatus comprising means for performing the steps of the method according to any one of claims 31 to 53. The program for making a computer perform each step of the method as described in any one of Claims 31-53.