JP2016057960A - Remittance system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a remittance system capable of easily and safely remitting from a remitter to a recipient.SOLUTION: A remittance system 1 is configured so that: a data server 50 searches an account number management data storage part 53 on the basis of account information of a remitter whose remittance is received at a remittance terminal, then stores a specific number of a token other than a remittance token related to the account information of the remitter, as a specific number of a reception token which a recipient has, in a payout management data storage part 54; a control part of a reception bank server 40 acquires the specific number of the reception token related to account information of the recipient whose cash payout operation is received at a reception terminal 30, from the payout management data storage part 54, and then sends the specific number and authentication information of the reception token input from the reception terminal to an authentication server 50; a control part of the authentication server authenticates the created authentication information of the reception token on the basis of the specific number of the reception token, and according to the authentication result, allows payout of cash at the reception terminal, to the reception bank server.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a money transfer system for transferring money from a sender to a receiver.

  2. Description of the Related Art Conventionally, there is a remittance system that allows a recipient to pay out money transferred from a sender to a recipient's bank account at a receiving terminal such as an ATM. In such a remittance system, there is an act in which a person impersonating a legitimate recipient deceives the remittance person and transfers it to the recipient's bank account, and illegally pays out the remittance. In order to prevent this, a remittance system has been proposed in which a third party's presence and input of a personal identification number are requested at the time of a transaction (see, for example, Patent Document 1).

JP 2010-250431 A

In the conventional remittance system, a third party must be present at the time of the transaction, so authentication takes time and effort. In addition, if the password is leaked, the information may be used illegally.
An object of the present invention is to provide a remittance system capable of easily and safely transferring money from a sender to a receiver.

  The present invention solves the problems by the following means. In addition, in order to make an understanding easy, although the code | symbol corresponding to embodiment of this invention is attached | subjected and demonstrated, it is not limited to this. In addition, the configuration described with reference numerals may be improved as appropriate, or at least a part thereof may be replaced with another configuration.

-1st invention receives the cash withdrawal operation by the receiving terminal (30) which the recipient who receives remittance operates, the receiving bank server (40) of the receiving bank which has a receiving account of a recipient, and the said receiving terminal An authentication server (50) for authenticating the recipient and a data server (50) are provided on the communication network, and a remittance token (60) owned by the sender and a receiving token (70) owned by the recipient. A payout management data storage in which the data server stores the account information of the recipient who is the remittance destination and the unique number of the receipt token owned by the recipient in association with each other. Part (54), the sender's account number and the unique number of the remittance token registered for the account number, and the receiver's account number and the unique number of the received token registered for the account number. An account number management data storage unit (53) stored in association with each other, the account number management data storage unit is searched based on account information of the sender who received the remittance at the remittance terminal, and the account of the sender A unique number of a token other than the remittance token associated with the information is stored in the payout management data storage unit as a unique number of the receiving token owned by the recipient, and the control unit of the receiving bank server is the receiving terminal A unique number of the receipt token associated with the account information of the recipient who accepted the cash withdrawal operation is obtained from the withdrawal management data storage unit of the data server, and the receipt token generated from the receipt terminal is generated. The authentication information is transmitted to the authentication server together with the authentication information, and the control unit of the authentication server receives the receipt based on the unique number of the receipt token. A remittance system characterized by authenticating authentication information generated by a token and permitting the receiving bank server to issue cash at the receiving terminal that has received a cash payout operation according to an authentication result. It is.

-2nd invention is the remittance system (1) of 1st invention, the remittance terminal (10) which the remittance person who operates remittance operates, and the remittance bank server (20) of the remittance bank which has a remittance account of a remittor On the communication network, the control unit of the remittance bank server, the account information of the remitter who accepted the remittance operation at the remittance terminal, and the authentication generated by the remittance token input from the remittance terminal Information is sent to the authentication server (50), and the control unit of the authentication server authenticates the authentication information generated by the remittance token based on the account information of the sender, and according to the authentication result, A remittance system characterized in that remittance from a remittance account to the receiving account is permitted to the remittance bank server.

-3rd invention WHEREIN: In the remittance system (1) of 2nd invention, the control part of the said authentication server (50) is a remittance destination from the said remittance account other than the remittance token (60) which a remitrer owns. The remittance system is characterized in that the authentication information generated by the remittance token is authenticated only when it is a receiving account of a recipient who owns the token.

-4th invention is the remittance system (1) of 2nd or 3rd invention, The control part of the said remittance bank server (20) performs operation of remittance for a specific recipient at the said remittance terminal (10). In this case, the remittance system only executes remittance to the receiving account stored in the data server (50).

  ADVANTAGE OF THE INVENTION According to this invention, the remittance system which can transfer money easily from a remittance person to a receiver can be provided.

It is explanatory drawing which shows the outline | summary of the remittance system. It is a block diagram which shows the structure of the remittance system. It is a sequence diagram explaining the acceptance process of token purchase. It is explanatory drawing of the data transmitted from an applicant. It is explanatory drawing of the data produced with the authentication server. It is a sequence diagram explaining a remittance reception process. It is explanatory drawing which shows an example of the display screen in a remittance reception process. It is a sequence explaining cash payment processing. It is explanatory drawing which shows an example of the display screen in a cash payment process.

Hereinafter, an embodiment of a remittance system according to the present invention will be described with reference to the drawings.
FIG. 1 is an explanatory diagram showing an outline of the remittance system 1. FIG. 2 is a block diagram showing the configuration of the remittance system 1.

  In the remittance system 1 of this embodiment, the remittance A can remit money from his remittance account to the receiving account of the recipient B by operating the remittance ATM 10. Recipient B can pay out the remittance amount from his / her receipt account by performing a cash withdrawal operation at the receipt ATM 30.

  The sender A and the recipient B are, for example, members of a family having a blood relationship. In the present embodiment, an example will be described in which when a person impersonating an authorized recipient B deceives the sender A and sends it to the bank account of the recipient B, the unauthorized withdrawal of the transfer is suppressed.

  In the present embodiment, for ease of explanation, the receiving side configuration is referred to as a receiving ATM, a receiving bank server, or the like. The remittance side configuration is referred to as remittance ATM, remittance bank server, or the like. However, in actual operation, these are not distinguished. In other words, ATMs and banks have the same functions as normal ATMs and banks, respectively, so they can be remittance sides or remittance recipients.

  Similarly, in the present embodiment, an example in which the sender A performs only remittance and the receiver B performs only receipt will be described. However, the receiver B can also be a sender, and the sender A can also be a receiver. obtain. Further, in the present embodiment, the sender A and the recipient B are described as family members, but the family member may exist in addition to the sender A and the recipient B.

  Although not shown, the sender A and the receiver B each have a personal computer (hereinafter also referred to as “PC”) that can be connected to the communication network N. The sender A and the recipient B can log into the money transfer system 1 via their PCs.

[Overall configuration of remittance system 1]
As shown in FIG. 1, a remittance system 1 includes a remittance ATM (remittance terminal) 10, a remittance bank server 20, a receiving bank server 40, a receiving ATM (receiving terminal) 30, and an authentication server 50 on a communication network N such as the Internet. In preparation. Each device provided in the remittance system 1 can transmit and receive various data to and from each other via the communication network N. In addition, the sender A owns the remittance token 60. The recipient B owns the receipt token 70 (hereinafter, the remittance token 60 and the receipt token 70 are collectively referred to as “token”).

  Note that the storage units 16, 21, 36, 41, and 51 (described later) of each device include a hard disk, a semiconductor memory element, and the like for storing programs, information, and the like necessary for the operation of each device. Further, the control units 17, 23, 37, 43, and 55 (described later) of each device are control devices that control each device in an integrated manner, and are configured by a CPU (Central Processing Unit) or the like. Each control unit 17, 23, 37, 43, 55 cooperates with each hardware by appropriately reading and executing various programs stored in each storage unit 16, 21, 36, 41, 51, and remittance. Various functions of the system 1 are realized. Each control part 17,23,37,43,55 performs control regarding communication with another apparatus, etc., for example.

The remittance ATM 10 is a terminal that is operated by the remitter A who sends money. The remittance ATM 10 is an automatic teller machine that performs operations related to a remittance bank (not shown).
1 and 2, one remittance ATM 10 is shown, but a plurality of remittance ATMs 10 may be arranged. The location of the remittance ATM 10 is not particularly limited. For example, the remittance ATM 10 is arranged at the head office or a plurality of branches of the remittance bank. A plurality of remittance ATMs 10 may be arranged in the same store. Further, the remittance ATM 10 may be disposed in a store such as a convenience store, or may be disposed in a public transportation facility or the like.

As shown in FIG. 2, the remittance ATM 10 includes an operation unit 11, a display unit 12, a card insertion unit 13, a passbook insertion unit 14, a cash deposit / withdrawal unit 15, a storage unit 16, and a control unit 17.
The operation unit 11 is an operation button or the like for the remittance A to operate the remittance ATM 10. The sender A can input a personal identification number, a destination of remittance, a recipient's account number, a remittance amount, a one-time password (described later), etc. by operating the operation buttons of the operation unit 11.
The display unit 12 is a liquid crystal display device that displays information to the sender A.
The remittance ATM 10 may include a touch panel display that also serves as the operation unit 11 and the display unit 12.
The card insertion part 13 is an insertion slot into which the sender A inserts a cash card of a remittance account. The card insertion unit 13 includes a reader (not shown) that reads the magnetic information of the cash card. The cash card inserted into the card insertion unit 13 is returned from the card insertion unit 13.
The bankbook insertion unit 14 is an insertion slot through which the sender A inserts a bankbook. The passbook insertion unit 14 is provided with a printer (not shown) or the like for entering the remittance amount, deposit balance, etc. in the passbook. The passbook inserted into the passbook insertion unit 14 is returned from the passbook insertion unit 14.
The cash deposit / withdrawal unit 15 is a device for depositing and dispensing cash.
In addition to storing ATM identification information, the storage unit 16 stores information such as the account information of the sender A who accepted the remittance operation, and the one-time password of the remittance token 60 input by the sender A by operating the operation unit 11. Memorize temporarily.

  The control unit 17 is a control device that comprehensively controls the remittance ATM 10. A specific example of control by the control unit 17 will be described later.

  The remittance token 60 is a device owned by the sender A. The remittance token 60 periodically generates a disposable one-time password (authentication information: hereinafter also referred to as “password”). The remittance token 60 includes a display button 61 and a display unit 62 as shown in FIG. The sender A can display the password valid at that time on the display unit 62 by pressing the display button 61 of the remittance token 60. The sender A can input the password displayed on the display unit 62 from the remittance terminal 10 (operation unit 11).

  A unique number (hereinafter also referred to as “token ID”) is assigned to the remittance token 60. The authentication server 50 (password generation unit 57) to be described later generates the same password as the password generated by the remittance token 60 at the same timing as the remittance token 60 by specifying the remittance token 60 based on the token ID. Can do.

  The receiving token 70 is a device owned by the recipient B. The receiving token 70 periodically generates a disposable password. As shown in FIG. 1, the receiving token 70 includes a display button 71 and a display unit 72. The basic configuration and function of the receiving token 70 are the same as those of the remittance token 60. Needless to say, the token ID of the receiving token 70 and the password generated by the receiving token 70 are different from those of the remittance token 60.

The remittance bank server 20 is a server managed by a remittance bank having a remittance account which is the bank account of the remittance A.
The remittance bank server 20 includes a storage unit 21 and a control unit 23 as shown in FIG.
The storage unit 21 includes a deposit data storage unit 22. The deposit data storage unit 22 is a storage area for storing information related to the bank account of the customer including the sender A. The deposit data storage unit 22 associates information such as “branch name”, “remittance account number”, “password”, “account holder”, “deposit amount”, “email address”, etc. Remember.
The control unit 23 is a control device that comprehensively controls the remittance bank server 20. A specific example of the control by the control unit 23 will be described later.

  The receiving ATM 30 is a terminal operated by the recipient B who receives the remittance. The receiving ATM 30 is an automatic teller machine that performs operations related to a receiving bank (not shown). The receiving ATM 30 receives a cash payout operation or the like by the receiver B. As with the remittance ATM 10, the arrangement location, the number, etc. of the receiving ATM 30 are not particularly limited.

  The configuration of the receiving ATM 30 is the same as that of the remittance ATM 10. As shown in FIG. 2, the receiving ATM 30 includes an operation unit 31, a display unit 32, a card insertion unit 33, a passbook insertion unit 34, a cash deposit / withdrawal unit 35, a storage unit 36, and a control unit 37. The functions of these units are the same as those of the operation unit 11, the display unit 12, the card insertion unit 13, the passbook insertion unit 14, the cash deposit / withdrawal unit 15, the storage unit 16, and the control unit 17 of the remittance ATM 10.

The receiving bank server 40 is a server managed by a receiving bank having a receiving account which is the bank account of the recipient B.
The receiving bank server 40 includes a storage unit 41 and a control unit 43.
The storage unit 41 includes a deposit data storage unit 42. The deposit data storage unit 42 is a storage area for storing information related to the bank account of the customer including the recipient B. The deposit data storage unit 42 associates information such as “branch name”, “received account number”, “password”, “account holder”, “deposit amount”, “email address”, etc. Remember.
The control unit 43 is a control device that controls the receiving bank server 40 in an integrated manner. A specific example of control by the control unit 43 will be described later.

The authentication server 50 (data server) is a server that authenticates the recipient B who has received a cash payout operation at the receiving ATM 30. The authentication server 50 includes a storage unit 51 and a control unit 55.
As shown in FIG. 2, the storage unit 51 includes a token registration data storage unit 52, an account number management data storage unit 53, and a payout management data storage unit 54.

  The token registration data storage unit 52 is a storage area that stores information relating to the sender A who has received the token purchase acceptance process, the token ID of the token purchased by the sender A, and the like as token registration data. Items of the token registration data will be described later. In this embodiment, an example in which the sender A purchases a token will be described, but the token may be provided free of charge.

  The account number management data storage unit 53 receives the remittance account number of the sender A, the token ID of the remittance token 60 registered for the remittance account number, and the receiving account number of the recipient B and the receiving account number. This is a storage area in which the token IDs of the registered receiving tokens 70 are associated with each other and stored as account number management data. The account number management data items will be described later.

  The payout management data storage unit 54 is a storage area for storing payout management data in association with the receiving account number of the recipient B as the remittance destination and the token ID of the receiving token 70 owned by the payee B. The items of the payout management data will be described later.

  The control unit 55 is a control device that comprehensively controls the authentication server 50. The control unit 55 includes an account issuing unit 56 and a password generation unit 57.

  The account issuing unit 56 issues an ID and password as an account unique to the sender A in the token purchase acceptance process described later. The password issued by the account issuing unit 56 is a fixed value password used when the sender A logs into the money transfer system 1 and purchases / changes a token, and the password generation unit described later. This is different from the disposable one-time password generated at 57. The password issued by the account issuing unit 56 is also different from the password used when the sender A and the receiver B access the remittance bank server 20 in the token purchase process described later. Furthermore, the password issued by the account issuing unit 56 is used when the sender A accesses the remittance bank server 20 when performing remittance acceptance processing using the internet banking provided by the remittance bank server 20 (modified form). It is also different from the password used for.

When password authentication is required, the password generation unit 57 generates a password (one-time password) that is valid at that time by the time synchronization method. Specifically, the password generation unit 57 generates the same password as the password generated by the remittance token 60 in a remittance acceptance process (FIG. 6: S51) described later. Further, the password generation unit 57 generates the same password as the password generated by the receiving token 70 in a cash payout process (FIG. 8: S91) described later. Each token is assigned a unique token ID. The password generation unit 57 generates the same password as the password generated by the token in synchronization with the token specified by the token ID.
In this embodiment, an example in which a password is generated by a time synchronization method will be described, but a password may be generated by a counter synchronization method.
A specific example of control by the control unit 55 will be described later.

[Token purchase acceptance processing]
Next, token purchase acceptance processing in the remittance system 1 will be described with reference to FIGS.
FIG. 3 is a sequence diagram illustrating a token purchase acceptance process. FIG. 4 is an explanatory diagram of data transmitted from the applicant (remitter A) in the token purchase acceptance process. FIG. 5 is an explanatory diagram of data created by the authentication server 50 in the token purchase acceptance process and the remittance acceptance process (described later).
In the token purchase acceptance process, the sender A can purchase a token via the internet banking provided by the remittance bank server 20. Note that data transmission / reception between the remittance A (PC) and the authentication server 50 is performed via the remittance bank server 20 (not shown).

The remittance A applies to the remittance bank server 20 via the communication network N from his / her PC (not shown) for token purchase for himself and his family (recipient B in this example).
First, in step S (hereinafter referred to as “S”) 11 shown in FIG. 3, the remittance A transmits application data into which the name, address, and the like are input, to the remittance bank server 20. An example of application data transmitted from the sender A's PC to the remittance bank server 20 is shown in FIG.

  In S21, the control unit 55 of the authentication server 50 receives the token purchase application data transmitted from the sender A via the remittance bank server 20, and starts a token purchase acceptance process. First, the control unit 55 of the authentication server 50 creates token registration data (not shown) based on token purchase application data. The token registration data created in S21 is substantially the same as the token purchase application data shown in FIG.

In S <b> 22, the control unit 55 of the authentication server 50 issues an ID and a password as an account unique to the sender A in the account issuing unit 56. The control unit 55 of the authentication server 50 transmits the ID and password issued by the account issuing unit 56 to the sender A's PC via the remittance bank server 20.
In S <b> 12, the sender A transmits the token purchase data into which the ID, the password, the required number of tokens, and the like received from the sender bank server 20 are input to the sender bank server 20 (not shown). An example of token purchase data transmitted from the sender A to the remittance bank server 20 is shown in FIG.

  In S23, the control unit 55 of the authentication server 50 acquires the token purchase data transmitted from the sender A via the remittance bank server 20, and the email address of the sender A who has transmitted the token purchase data is obtained. Confirm that it is correct. Then, the control unit 55 of the authentication server 50 adds the ID and password included in the token purchase data to the token registration data and stores them in the token registration data storage unit 52. The token registration data to which the ID and password of the sender A are added is shown in FIG.

  In S24, the control unit 55 of the authentication server 50 notifies the customer service department (not shown) of the remittance bank via the remittance bank server 20 of token sending processing. Thereafter, a predetermined number (two in this case) of tokens is sent to the sender A by home delivery, mail, etc. from the customer service department of the remittance bank. The sender A receives the token sent out from the remittance bank at home or the like.

  In S13, the sender A and the recipient B who have received the token access the remittance bank server 20 from their respective PCs, and execute a token validation process. Specifically, the sender A and the recipient B input a token ID and the like unique to the received token via the Internet banking display screen. The token ID is described in the token body or a shipping document enclosed with the token. Data such as a token ID is transmitted to the authentication server 50 via the remittance bank server 20. Note that the password used when the sender A and the recipient B who received the token in S13 access the remittance bank server 20 from their respective PCs is the password issued from the authentication server 50 in S22. Different. Further, when the sender A and the recipient B can directly access the authentication server 50 from their respective PCs, they do not necessarily have to go through the remittance bank server 20.

  In S <b> 25, the control unit 55 of the authentication server 50 adds the token ID acquired via the remittance bank server 20 to the token registration data and stores it in the token registration data storage unit 52. The token registration data with the token ID added is shown in FIG. In FIG. 5B, two tokens sent to the sender A are registered as “token 1” and “token 2”. The control unit 55 of the authentication server 50 adds the unique token ID assigned to each token to the token registration data.

  In S14, the sender A and the recipient B enter their bank account number via the Internet banking display screen. The account numbers of the sender A and the recipient B are transmitted to the authentication server 50 via the remittance bank server 20.

  Note that the transmission of the account number by the sender A and the recipient B is performed following the token validation process (S14). Further, when the sender A and the recipient B input the account number of their bank account from the display screen of the internet banking, identity verification (input of a personal identification number notified in advance) is performed. The identity verification at this point can be omitted depending on the system operation mode.

  In S26, the control unit 55 of the authentication server 50 obtains the account numbers of the sender A and the recipient B acquired via the remittance bank server 20, and the token IDs of the tokens owned by the sender A and the recipient B. In association therewith, the account number management data shown in FIG. 5C is created and stored in the account number management data storage unit 53. FIG. 5C shows an example in which the sender A and the recipient B each register two account numbers, but it is sufficient that at least one account number is registered.

  As described above, the authentication server 50 ends the token purchase acceptance process. When the token purchase acceptance process ends, the token registration data (token registration data storage unit 52) shown in FIG. 5B and the account number management data (account number management data storage unit 53) shown in FIG. Are stored in the storage unit 51 of the authentication server 50 in a state of being associated with each other.

[Remittance acceptance processing]
Next, remittance acceptance processing in the remittance system 1 will be described with reference to FIGS. 1, 2, and 5 to 7.
FIG. 6 is a sequence diagram for explaining the remittance acceptance process. FIG. 7 is an explanatory diagram showing an example of a display screen in the remittance acceptance process.
The remittance A goes to the place where the remittance ATM 10 is installed, and operates the operation unit 11 of the remittance ATM 10 to select remittance acceptance. The remittance by the sender A is executed, for example, when a request for remittance is made from the recipient B by telephone.

First, in S31 and S41 shown in FIG. 6, the control unit 17 of the remittance ATM 10 and the control unit 23 of the remittance bank server 20 accept a remittance acceptance selection operation by the remittance A, and start a remittance acceptance process.
In S32, the control unit 17 of the remittance ATM 10 requests the sender A to insert a cash card and input a personal identification number via a display screen (not shown) of the display unit 12. The sender A operates the operation unit 11 of the remittance ATM 10 to insert a cash card and input a personal identification number. Information relating to the password entered from the remittance ATM 10 is transmitted to the remittance bank server 20.

In S <b> 42, the control unit 23 of the remittance bank server 20 refers to the deposit data storage unit 22 and collates the PIN number of the sender A.
In S43, the control unit 23 of the remittance bank server 20 transmits a remittance destination selection screen 12a shown in FIG. 7A to the remittance ATM 10 when the collation result in S42 is appropriate. On the other hand, the control unit 23 of the remittance bank server 20 stops the remittance acceptance process when the collation result in S42 is inappropriate.

In S <b> 33, the control unit 17 of the remittance ATM 10 displays a remittance destination selection screen 12 a on the display unit 12 and requests the sender A to select a remittance destination. Here, it is assumed that the “family-friendly” selection button 12b is operated by the sender A.
In S34, the control unit 17 of the remittance ATM 10 transmits information (identifier) corresponding to the selection button 12b (for family) to the remittance bank server 20 as selection information. When the “non-family” selection button 12c is operated by the sender A, the control unit 17 of the remittance ATM 10 sends information corresponding to the selection button 12c (non-family) to the remittance bank server 20 as selection information. Send.

In S44, the control unit 23 of the remittance bank server 20 transmits the password input screen 12d shown in FIG. 7B to the remittance ATM 10.
In addition, the control part 23 of the remittance bank server 20 does not transmit the password input screen 12d, when the selection information transmitted from the remittance ATM 10 is an identifier corresponding to the selection button 12c (other than family). The process after S45 mentioned later is performed.
In this embodiment, when a person other than the family is selected as the remittance destination, the remittance process can be performed more promptly because remittance is permitted without verifying the password.

  In S35, the control unit 17 of the remittance ATM 10 displays the password input screen 12d on the display unit 12, and requests the remittator A to input a password. The sender A inputs the password generated by the token 1 (remittance token 60) possessed by the sender A into the password input frame 12e.

  In S36, the control unit 17 of the remittance ATM 10 determines the password input in the password input frame 12e and the account number of the remittance A who has received the remittance acceptance selection operation in response to the operation of the confirmation button 12f by the remittance A. , OTP (one-time password) information is transmitted to the remittance bank server 20. The OTP information transmitted from the remittance ATM 10 is transmitted to the authentication server 50 via the remittance bank server 20.

  In S <b> 51, the control unit 55 of the authentication server 50 collates the password included in the OTP information transmitted from the remittance ATM 10 with the password generated by the password generation unit 57. The control unit 55 of the authentication server 50 searches the account number management data storage unit 53 (account number management data: see FIG. 5C) based on the account number of the sender A included in the OTP information, The remittance token (token 1) with the corresponding token ID is specified. As a result, the control unit 55 of the authentication server 50 generates the same password as the password generated by the remittance token (token 1) owned by the sender A in the password generation unit 57.

  Here, in the remittance ATM 10, when the person who performed the remittance acceptance selection operation is the remittance A who owns the remittance token (token 1) registered in advance, the password included in the OTP information and the password generation unit 57 The generated password matches. In this case, the control unit 55 of the authentication server 50 determines that the verification result is appropriate.

  On the other hand, if the person who performed the remittance acceptance selection operation at the remittance ATM 10 does not have a pre-registered remittance token (token 1), that is, the person pretending to be remittance A performed the remittance acceptance selection operation. The password included in the OTP information does not match the password generated by the password generation unit 57, or the OTP information is not transmitted from the remittance ATM 10 (because the password is not input). In this case, the control unit 55 of the authentication server 50 determines that the verification result is inappropriate.

  In this embodiment, remittance from the remittance ATM 10 is permitted only when the password included in the OTP information matches the password generated by the password generation unit 57 in remittance for the family. Therefore, unauthorized remittance due to impersonation of a person who does not own a remittance token registered in advance can be suppressed.

In S <b> 52, the control unit 55 of the authentication server 50 transmits the verification result to the remittance bank server 20.
In S53, the control unit 55 of the authentication server 50 searches the account number management data (see FIG. 5C) in the account number management data storage unit 53 based on the account number of the sender A included in the OTP information. The control unit 55 of the authentication server 50 searches the account number management data, and uses the token ID of the token 2 other than the token 1 associated with the account number of the sender A as the token of the receiving token 70 owned by the receiver B. Obtained as an ID. The control unit 55 of the authentication server 50 creates payout management data shown in FIG. 5D by associating the account number of the recipient B as the remittance destination with the token ID acquired from the account number management data, The data is stored in the management data storage unit 54. The process of S53 is executed when the collation result of S52 is appropriate. When the collation result in S52 is inappropriate, the control unit 55 of the authentication server 50 stops the remittance acceptance process.

  In the present embodiment, since the account number management data storage unit 53 shown in FIG. 5C is provided in the storage unit 51, the payout management data (payout management data storage unit 54) shown in FIG. It can be created more quickly.

  In S45, when the verification result transmitted from the authentication server 50 is appropriate, the control unit 23 of the remittance bank server 20 transmits the receipt account input screen 12g shown in FIG. 7C to the remittance ATM 10. On the other hand, the control unit 23 of the remittance bank server 20 stops the remittance acceptance process when the collation result transmitted from the authentication server 50 is inappropriate.

In S <b> 37, the control unit 17 of the remittance ATM 10 requests the sender A to input by displaying a receiving account input screen 12 g on the display unit 12. As shown in FIG. 7C, the sender A sends information on the bank account of the recipient B as “receiving bank”, “branch name”, “receiving account number”, “sending amount” (hereinafter referred to as “receiving”). (Also referred to as “account information”) from the remittance ATM 10. The money sender A operates the remittance execution button 12h after inputting it on the receiving account input screen 12g.
In S <b> 38, the control unit 17 of the remittance ATM 10 transmits information related to the receiving account to the remittance bank server 20 in accordance with the operation of the remittance execution button 12 h by the remittance A.

  In S46, the control unit 23 of the remittance bank server 20 executes remittance to the receiving account. That is, the control unit 23 of the remittance bank server 20 connects to the receiving bank server 40 and transmits information related to the receiving account of “receiving bank”, “branch name”, “receiving account number”, and “remittance amount”.

  Note that the control unit 23 of the remittance bank server 20 remits money to the receiving account stored in the account number management data storage unit 53 of the authentication server 50 when a remittance operation for a family is performed in the remittance ATM 10. Run only. According to this, since the remittance from the remittance ATM 10 is limited to a receivable account that can authenticate the recipient with a pre-registered token, the illegal receipt of cash by impersonation of a person who does not own a regular receivable token is more It can be effectively suppressed.

  In S <b> 61, when the control unit 43 of the receiving bank server 40 receives the information regarding the receiving account transmitted from the remittance bank server 20, the control unit 43 updates the information regarding the deposit amount of the recipient B. That is, the control unit 43 of the receiving bank server 40 adds the remittance amount to the deposit of the recipient B in the deposit data storage unit 42.

  In S39, the control unit 17 of the remittance ATM 10 displays a display screen (not shown) for notifying the end of the remittance on the display unit 12. And the control part 17 of remittance ATM10 will discharge a cash card and will return to remitrer A, if operation of the end button (not shown) by remittator A is received.

  Thus, the remittance ATM 10, the remittance bank server 20, the authentication server 50, and the receiving bank server 40 end the remittance acceptance process. At this time, the payout management data storage unit 54 of the authentication server 50 stores payout management data to be referred to when determining whether or not the remittance recipient B is a regular recipient (see FIG. 5D). Is stored.

[Cash withdrawal process]
Next, the cash payout process in the remittance system 1 will be described with reference to FIGS. 1, 2, 8, and 9.
FIG. 8 is a sequence for explaining the cash payout process. FIG. 9 is an explanatory diagram illustrating an example of a display screen in the cash payout process.
Recipient B goes to the place where the receiving ATM 30 is installed and operates the operation unit 31 of the receiving ATM 20 to select the cash payout process.

  First, in S71 and S81 shown in FIG. 8, the control unit 37 of the receiving ATM 30 and the control unit 43 of the receiving bank server 40 accept the cash payout selection operation by the recipient B, and start the cash payout process.

  In S72, the control unit 37 of the receiving ATM 30 requests the recipient B to insert a cash card and input a personal identification number via a display screen (not shown) of the display unit 32. Recipient B operates the operation unit 31 of the receiving ATM 30, inserts a cash card, and inputs a personal identification number. Information relating to the password entered from the receiving ATM 30 is transmitted to the receiving bank server 40.

In S <b> 82, the control unit 43 of the receiving bank server 40 refers to the deposit data storage unit 42 and collates the personal identification number of the recipient B.
In S83, the control unit 43 of the receiving bank server 40 transmits the cash withdrawal input screen 32a shown in FIG. 9 to the receiving ATM 30 when the collation result in S82 is appropriate. On the other hand, when the collation result in S82 is inappropriate, the control unit 43 of the receiving bank server 40 stops the cash payout process.

  In S73, the control unit 37 of the receiving ATM 30 requests the recipient B to input by displaying the cash payout input screen 32a on the display unit 32. Recipient B inputs the remittance amount by remitter A as a received amount in received amount input box 32b. In addition, the recipient B inputs the password generated by the token 2 (the receiving token 70) owned by the recipient B into the password input frame 32c.

In S74, the control unit 37 of the receiving ATM 30 receives the receipt amount, password, and cash withdrawal selection operation input on the cash withdrawal input screen 32a in response to the operation of the confirmation button 32d by the recipient B. Are sent to the receiving bank server 40 as payout information.
In S <b> 84, the control unit 43 of the receiving bank server 40 receives the payout information from the receiving ATM 30 and transfers the payout information to the authentication server 50.

  In S91, the control unit 55 of the authentication server 50 determines the payout management data storage unit 54 (payout management data: FIG. 5D) based on the account number of the recipient B included in the payout information transmitted from the receiving bank server 40. ))) And obtain the corresponding token ID. The control unit 55 of the authentication server 50 generates the password and the password generated by the token specified by the acquired token ID in the password generation unit 57 and collates with the password included in the payout information transmitted from the receiving bank server 40. To do.

  Here, in the receiving ATM 30, when the person who performed the cash payout selection operation is the recipient B who owns the regular receiving token, the password generated by the password generation unit 57 matches the password included in the payout information. To do. In this case, the control unit 55 of the authentication server 50 determines that the verification result is appropriate.

  On the other hand, in the receiving ATM 30, if the person who performed the cash withdrawal selection operation does not possess the regular receipt token, that is, if the person impersonating the regular recipient B performs the cash withdrawal selection operation, the password generation unit The password generated in 57 does not match the password included in the payout information, or the payout information is not transmitted from the receiving ATM 30 (because the password is not input). In this case, the control unit 55 of the authentication server 50 determines that the verification result is inappropriate.

  In S <b> 92, the control unit 55 of the authentication server 50 permits the receiving bank server 40 to pay out the cash at the receiving ATM 30 that has accepted the cash-out selection operation when the result is an appropriate collation result. In addition, the control part 55 of the authentication server 50 notifies the receiving bank server 40 to complete | finish a cash payment process, when it is an inadequate collation result.

In S <b> 85, the control unit 43 of the receiving bank server 40 updates information related to the deposit amount of the recipient B in accordance with the cash withdrawal permission from the authentication server 50. That is, the control unit 43 of the receiving bank server 40 subtracts the remittance amount (received amount) from the deposit of the recipient B.
In S <b> 86, the control unit 43 of the receiving bank server 40 instructs the receiving ATM 30 to pay out the amount of money to be sent.

In S <b> 75, the control unit 37 of the receiving ATM 30 controls the cash deposit / withdrawal unit 35 to execute the cash payout to the recipient B. The control unit 37 ejects the cash card from the card insertion unit 33 and returns it to the recipient B.
The remittance system 1 can pay out the cash to the recipient B by the above cash payout process.

According to the remittance system 1 of the present embodiment, it is possible to authenticate the recipient who has accepted the cash-out by checking the same password as the token owned by the authorized recipient against the password input from the receiving ATM 30. it can. According to this, since the third party does not need to be present when paying out the cash, the recipient can be easily authenticated.
Further, in the remittance system 1, when the password needs to be authenticated, a valid password is generated at that time. Therefore, even when the password is leaked, there is little possibility that the password is used illegally.
Further, in the remittance system 1, the authentication server 50 includes the account number management data storage unit 53, so that the payment management data stored in the payment management data storage unit 54 can be created more quickly.
Therefore, according to the remittance system 1 of the present embodiment, remittance can be easily and safely performed from the sender to the receiver.

  As mentioned above, although embodiment of this invention was described, this invention is not limited to embodiment mentioned above, For example, various deformation | transformation and a change are possible like the deformation | transformation form mentioned later, These are also this book. It is within the technical scope of the invention. In addition, the effects described in the embodiments are merely a list of the most preferable effects resulting from the present invention, and the effects of the present invention are not limited to those described in the embodiments. In addition, although embodiment mentioned above and the deformation | transformation form mentioned later can also be used in combination as appropriate, detailed description is abbreviate | omitted.

(Deformation)
(1) In the embodiment, an example in which the remittance terminal is the remittance ATM 10 is shown, but the present invention is not limited to this. The remittance terminal may be an information communication terminal such as a PC owned by the remittance person, for example. In this case, the remittance person can perform a remittance acceptance process on an internet bank, for example.

(2) In the embodiment, an example is shown in which remittance is performed with respect to a normal deposit of a receiving account, but is not limited thereto. As a remittance destination account, for example, a remittance exclusive frame (reception account) may be provided in a bank account, or a remittance bank account (reception account) may be provided.

(3) In the embodiment, the remittance token 60 and the receiving token 70 are examples of dedicated devices for generating a one-time password. However, the present invention is not limited to this. For example, software having a function of periodically generating a disposable password may be executed on a mobile phone, a PC, or the like.

(4) In the embodiment, the remittance bank server 20 has shown an example in which remittance is executed when the password verification result is appropriate at the time of remittance acceptance, but is not limited to this. The remittance bank server 20 may be in a remittance standby state, for example, when the password verification result is appropriate when remittance is accepted. In this example, the remittance bank server 20 is in a remittance standby state when cash withdrawal is permitted from the authentication server 50 at the time of cash withdrawal (that is, when the password input to the recipient ATM 30 is appropriate). All you have to do is transfer the money you had. In this case, since remittance only has to be executed when the recipient is appropriate, the remittance processing and refund processing when the recipient is inappropriate can be made unnecessary.

(5) In the embodiment, an example in which the data server is the authentication server 50 has been described, but the embodiment is not limited thereto. The data server may be arranged in the remittance bank server 20 or in the receiving bank server 40. Further, the data server may be arranged on the communication network N as an independent server. Furthermore, in this embodiment, although the authentication server 50 showed the example which is an independent server, it is not limited to this. The authentication server 50 may be arranged in the remittance bank server 20 or in the receiving bank server 40.

(6) In the embodiment, an example in which the recipient's bank and the sender's bank are different banks is shown, but the present invention is not limited to this. Both may be the same bank. In this case, the processing of the remittance bank server 20 and the receiving bank server 40 may be executed in the one bank server.

1 Remittance system 10 Remittance ATM
17, 23, 37, 43, 55 Control unit 20 Remittance bank server 30 Receiving ATM
40 Receiving Bank Server 50 Authentication Server 52 Token Registration Data Storage Unit 53 Account Number Management Data Storage Unit 54 Payment Management Data Storage Unit 60 Remittance Token 70 Receiving Token

Claims (4)

A receiving terminal operated by the recipient receiving the remittance,
The receiving bank server of the receiving bank with the recipient's receiving account;
An authentication server for authenticating a recipient who has accepted a cash withdrawal operation at the receiving terminal;
A data server;
On the communication network,
A remittance token owned by the sender,
A receiving token owned by the recipient, and
A remittance system comprising:
The data server is
A payout management data storage unit that stores the account information of the recipient to be remittance and the unique number of the receipt token owned by the recipient;
An account that stores the sender's account number and the unique number of the remittance token registered for the account number, and the recipient's account number and the unique number of the received token registered for the account number, in association with each other. A number management data storage unit,
The account number management data storage unit is searched based on the account information of the sender who accepted the remittance at the remittance terminal, and the unique number of the token other than the remittance token associated with the account information of the sender Is stored in the payout management data storage unit as a unique number of the receiving token owned by
The control unit of the receiving bank server includes:
The receipt number, which is obtained from the withdrawal management data storage unit of the data server, is acquired from the withdrawal management data storage unit of the data server, and is received from the receipt terminal. Sent to the authentication server together with the authentication information generated by the token;
The control unit of the authentication server
The authentication information generated by the receiving token is authenticated based on the unique number of the receiving token, and according to the authentication result, the cash payment at the receiving terminal that has accepted the cash-out operation is sent to the receiving bank server. Allow it,
A remittance system featuring. The remittance system according to claim 1,
A remittance terminal operated by the sender,
A remittance bank server of the remittance bank that has the remittance account of the sender,
On the communication network,
The remittance bank server controller is
Send the account information of the sender who accepted the remittance operation at the remittance terminal, and the authentication information generated by the remittance token input from the remittance terminal to the authentication server,
The control unit of the authentication server
Authenticating the authentication information generated by the remittance token based on the account information of the sender, and permitting the remittance bank server to transfer money from the remittance account to the receiving account according to the authentication result. ,
A remittance system featuring. In the remittance system according to claim 2,
The control unit of the authentication server
Authenticating the authentication information generated by the remittance token only when the remittance destination from the remittance account is the receiving account of a recipient who owns a token other than the remittance token owned by the sender,
A remittance system featuring. In the remittance system according to claim 2 or 3,
The remittance bank server controller is
Executing remittance only to a receiving account stored in the data server when a remittance operation for a specific recipient is performed at the remittance terminal;
A remittance system featuring.

Images