JP2016157277A - Combination authentication method, combination authentication device, and authentication system in station service equipment - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an authentication method and device capable of quickly and securely performing processing in thin client type station service equipment.SOLUTION: After ticket purchase processing, risk assessment is performed, and when a risk level is small, a white list is created, and distributed to a station server. At the time of exiting a ticket gate, when the pertinent record is present in a black list, it is determined that authentication fails, and the gate is closed. Also, when the pertinent record is present in a white list, fare calculation is performed in the station server, and when ticket charge is not insufficient, it is determined that authentication succeeds, and the gate is opened. When the pertinent record is not present in the white list, risk assessment is performed, and when the risk level is large, authentication is requested to each authentication server. When all authentication succeeds, the gate is opened.SELECTED DRAWING: Figure 1

Description

  The present invention relates to an authentication method, an authentication device, and an authentication system in station equipment.

  In recent years, with the development of network technology and virtualization technology, cloud computing and thin client type business systems are spreading. Similarly, in public transportation such as railways, it is conceivable to realize station equipment such as automatic ticket gates and ticket vending machines in a thin client type. In this configuration, for example, only reading data from the IC card is performed by the station-side equipment on the client side, and all other processing is performed on the server side. In thin client type automatic ticket gates, it is important to realize high-speed processing to prevent congestion at the ticket gate even during commuting rush hours, and secure authentication processing to prevent unauthorized boarding .

  As a technique for realizing a thin client type automatic ticket gate, there is a method in which various processes performed by station equipment are performed on the server side (see, for example, Patent Document 1).

  On the other hand, as one technique for realizing a secure electronic ticket, there is a method of creating and collating authentication information using IC card specific information and ticket information (for example, Patent Document 2).

JP 2012-94053 A JP 2007-79915 A

  Patent Document 1 provides a mechanism for performing ticket gate processing on the server side, and Patent Document 2 provides a mechanism for improving the safety and reliability of an electronic ticket.

  However, in the method of Patent Document 1, there is a problem that processing is slowed down if authentication processing is added to improve security.

  Further, the method of Patent Document 2 does not consider the method of performing authentication processing on the server side, and there is a problem that it is difficult to realize high-speed processing.

  The present invention has been made to solve the above-mentioned problems, and its purpose is to provide a device such as an automatic ticket gate for public transportation such as a railway, characterized by being able to achieve both high-speed ticket gate processing and secure authentication processing. And providing a method and apparatus for performing an authentication process.

In order to achieve the above object, according to the present invention, in an electronic ticket for using transportation,
A first means for creating a list according to the risk assessed before using the electronic ticket;
Second means for performing an authentication process according to the risk assessed at the time of entrance to the ticket gate using the list created by the first means;
A third means for performing an authentication process according to the risk assessed when entering the ticket gate using the list created by the first means can be provided.

  According to the present invention, it is possible to perform both high-speed ticket gate processing and secure authentication processing in station equipment.

It is a figure which shows the system configuration example of the Example of this invention. It is a figure which shows the hardware structural example of the station server 1040. FIG. It is a figure which shows the hardware structural example of the combination authentication server 1060. 12 is a flowchart illustrating a processing example of a registration processing program 3070. 12 is a flowchart illustrating a processing example of a list distribution program 3080. It is a flowchart which shows the process example in the case of the ticket gate of the conventional line train of the entrance process program 2070. It is a flowchart which shows the process example in the case of the ticket gate of an express train of the entrance process program 2070. 12 is a flowchart showing a processing example of an entry processing program 2080. 18 is a flowchart illustrating a processing example of an authentication request program 3090. It is a figure which shows the structural example of the white list tables 2090 and 3120. It is a figure which shows the structural example of the black list tables 2100 and 3130. FIG. 5 is a diagram illustrating a configuration example of an authentication server list table 3100. FIG. 5 is a diagram illustrating a configuration example of an association table 3110. FIG. It is a figure which shows the example of a screen of a station employee operation terminal.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 is a block diagram illustrating a system configuration example of this embodiment. A plurality of station service devices 1020 such as automatic ticket gates, ticket vending machines, and station staff operation terminals are connected to the station server 1040 via the network 1030. The station service device 1020 can identify a medium 1010 such as a transportation IC card or a credit card, and can read or write data. The medium includes living bodies such as fingerprints, finger veins, eye retinas and irises. The plurality of station servers 1040 are connected to the combination authentication server 1060, the personal authentication server 1070, the medium authentication server 1080, and the ticket authentication server 1090 via the network 1050. The personal authentication server 1070 manages attribute information such as a user's name, gender, and age. It also manages SF (Stored Fare) balances deposited in advance. The medium authentication server 1080 manages, for example, the issuer and status (active / inactive) of the traffic IC card. The ticket authentication server 1090 manages, for example, the issuer and status (e.g., before issue, issue, entry, participation, discard) of the electronic ticket (ticket). In addition to the above, for example, an authentication server that performs credit / authentication of a medium issued by a company other than a railway company such as a credit card company, or an authentication server that manages and authenticates biometric information may be connected. The combination authentication server 1060 manages combinations of individuals, media, and tickets, and authenticates whether the combinations are correct.

  Here, in this embodiment, it is assumed that a station server is arranged at each station and a combination authentication server is arranged at the center in order to speed up the process when passing through the ticket gate. However, the present invention is not limited to this, and the functions may be concentrated in one of the servers and arranged in the station or center. Also, the station server is not limited to one per station, and multiple servers can be placed at one station at large stations, or one server can be placed at multiple stations at small stations. May be.

  In this configuration, for example, the medium 1010 is an IC card, the station service device 1020, the station server 1040, the combination authentication server 1060, the personal authentication server 1070, the medium authentication server 1080, and the ticket authentication server 1090 are computers such as personal computers and workstations. This can be realized by configuring the networks 1030 and 1050 with Ethernet (registered trademark).

  FIG. 2 is a diagram illustrating a hardware configuration example of the station server 1040. A main control unit 2010 performs hardware control and program execution processing. An input unit 2020 inputs a program execution start instruction, a stop instruction, and the like from a system administrator. Reference numeral 2030 denotes an output unit that outputs the execution state of the program. Reference numeral 2040 denotes a communication processing unit that exchanges data with other computers. A storage management unit 2050 reads and records programs and data. A communication unit 2060 exchanges data between the above units. The storage management unit 2050 stores an entrance processing program 2070, an entrance processing program 2080, a white list table 2090, and a black list table 2100.

  FIG. 3 is a diagram illustrating a hardware configuration example of the combination authentication server 1060. A main control unit 3010 performs hardware control and program execution processing. An input unit 3020 inputs a program execution start instruction, a stop instruction, and the like from a system administrator. Reference numeral 3030 denotes an output unit that outputs the execution state of the program. Reference numeral 3040 denotes a communication processing unit that exchanges data with other computers. A storage management unit 3050 reads and records programs and data. A communication unit 3060 exchanges data between the above units. The storage management unit 3050 stores a registration processing program 3070, a list distribution program 3080, an authentication request program 3090, an authentication server list table 3100, an association table 3110, a white list table 3120, and a black list table 3130.

  In the above configuration, for example, the main control units 2010 and 3010 are CPUs, the input units 2020 and 3020 are keyboards, the output units 2030 and 3030 are liquid crystal displays, and the communication processing units 2040 and 3040 are stored and managed by Ethernet and wireless communication. The units 2050 and 3050 can be configured by a hard disk or a flash memory, and the communication units 2060 and 3060 can be realized by a bus. Further, the input unit and the output unit can be realized by a touch panel.

  Next, a processing example of the registration processing program 3070 will be described using the flowchart of FIG. This program is executed when a user purchases a ticket using station equipment such as a ticket vending machine. Alternatively, it is executed when a ticket is purchased using a mobile phone with a traffic IC card function.

  First, the authentication request is sent to the personal authentication server and the media authentication server to authenticate that it is a legitimate user and a legitimate medium, and further confirms the validity of the combination of the individual, medium, and ticket. Processing is performed (step 4010). For medium authentication, an authentication server list table is read in order to determine to which authentication server an authentication request is transmitted according to the type of medium. FIG. 12 shows a configuration example of the authentication server list table. This table is a list of rows including a medium type 12010 and an authentication server address 12020. As the medium type, a medium type such as a traffic IC card, a low-priced tag, a credit card, a living body (finger vein), or a living body (iris) can be registered. In the authentication server address, the IP address, connection protocol, interface information, and the like of a server that can perform the authentication process for the medium type can be registered. In combination authentication, for example, when a ticket for a child fare is assigned to a medium used by an adult, it is determined that the authentication has failed. If the individual authentication and the combination authentication are successful, a ticket purchase process designated by the user is performed (step 4020). For example, a ticket purchase request is made to the ticket authentication server, and if a ticket is secured, a ticket settlement request is made to the personal authentication server to complete the ticket purchase. When the ticket purchase process is completed, registration to the association table is performed (step 4030).

  FIG. 13 shows a configuration example of the association table. This table is a list of rows including a user ID 13010, a medium ID 13020, a ticket ID 13030, a list creation flag 13040, a use date 13050, attribute information 13060, a risk assessment / reason 13070, and authentication information 13080. The list creation flag is a flag for determining whether or not a white list has been created. If the list has been created, 1 is set. Otherwise, 0 is set. As the use date and time, the use date and time of the ticket (for example, the departure date and time of the train to be boarded) is set. The attribute information includes attributes related to personal authentication (for example, age, SF balance, past use history, etc.), attributes related to medium authentication (for example, medium type, medium issue source, medium issue year, last use date, etc.) , Attributes related to ticket authentication (for example, ticket issuer, issue date / time, ticket type, ticket amount, etc.) are set. The authentication information sets the current authentication status (for example, authenticated at the time of ticketing, authenticated at the time of entry, authentication failure, etc.). In this step, user ID, medium ID, ticket ID, use date and time, and attribute information values are set, 0 is set in the list creation flag, and authentication at the time of ticketing is set in the authentication information. If step 4030 ends or if individual authentication or combination authentication fails in step 4010, the processing result is transmitted to the station server (step 4040), and the processing ends.

  That is, the combination authentication device 1060 assesses risks based on electronic ticket information related to electronic tickets for using transportation facilities, and creates a list including the risks (registration processing program 3070); Use the list created by the registration processing department to make an authentication request according to the risk assessed when entering the ticket gate, and use the list created by the registration processing department to make an authentication request according to the risk assessed when entering the ticket gate An authentication request unit (authentication request program 3090) to be performed. The authentication apparatus (personal authentication server 1070, medium authentication server 1080, and ticket authentication server 1090) that has received the authentication request includes an authentication unit that performs authentication.

  The electronic ticket information is the amount of electronic ticket or the type of electronic ticket, and the registration processing unit may assess the risk level according to the amount of electronic ticket or the type of electronic ticket.

  Further, the amount of electronic ticket is the balance of electronic money related to the electronic ticket, the type of electronic ticket is the content of the commuter pass, and the registration processing unit is based on the balance of electronic money or the content of the commuter pass. The risk level may be assessed.

  Further, the registration processing unit may store usage history data of the electronic ticket and assess the risk level according to the content of the usage history data.

  Furthermore, the registration processing unit may acquire the purchase time of the electronic ticket stored in the usage history data, and may assess that the risk level is low when entering the ticket gate within a certain time from the purchase time.

  Subsequently, a processing example of the list distribution program 3080 will be described with reference to the flowchart of FIG. This program is executed asynchronously (for example, at regular intervals) after the execution of the registration processing program is completed.

  First, the correspondence table is sequentially read one record at a time (step 5010). If there is a next record in the table (step 5020), the use date / time and list creation flag of the record are checked (step 5030). If the list creation flag of the record is 0 and the use date / time is within a certain time from the current date / time, the risk of using the ticket is assessed, and the result and the assessment date / time are set in the column of risk assessment / reason 13070 ( Step 5040). Here, as a risk assessment method, for example, the risk level is determined based on the following criteria.

(1) If the ticket amount is equal to or greater than a certain amount, it is determined that there is a high risk when the boarding is illegal.
(2) When the ticket type is a Shinkansen or a limited express ticket, it is determined that the risk of illegal boarding is high.
(3) If the medium type is a secure medium or a living body, it is determined that the risk of forgery is low. Conversely, in the case of an inexpensive tag that is not secure, it is determined that the risk of forgery is high.
(4) If the user's SF balance exceeds a certain amount or holds a commuter pass, it is determined that the risk when the boarding fare is removed is low.
(5) Ticket purchase / use is performed in a pattern that is suspicious or normally rare based on the user's ticket purchase / use history data (for example, purchasing and reimbursing at multiple stations) If it is performed many times, etc.), it is determined that the risk of unauthorized use of the ticket is high.

  As a result of assessing the risk, when it is determined that the risk is smaller than a certain level (step 5050), the information of the record is registered in the white list table. FIG. 10 shows a configuration example of the white list table. This table is a list of rows including a user ID 10010, a medium ID 10020, a ticket ID 10030, a risk assessment / reason 10040, and attribute information 10050. After registration, the process returns to step 5020 to check whether there is a next record. If it is determined in step 5030 that the list creation flag of the record is 1 or the use date / time is not within a certain time from the current date, the process returns to step 5020. If it is not determined in step 5050 that the risk is smaller than a certain level, the process returns to step 5020. If there is no next record in step 5020, the created white list table is transmitted to the station server (step 5070), white list transmission completed is set in the authentication information of the association table, and the process ends. For example, if it is a train ticket for a conventional train, the station server as a transmission destination transmits it to the station server of the participating station, and if it is a ticket for a limited express train, it transmits it to the station server of the entrance station / participating station. Or you may transmit to the station server of the station which transfer changes with this boarding ticket, or all the stations which can get off on the way.

  Next, a processing example of the authentication request program 3090 will be described with reference to the flowchart of FIG. This program is executed in response to an authentication request from the station server when entering a ticket gate or entering a ticket gate.

  First, an authentication request is made to the personal authentication server, medium authentication server, and ticket authentication server to authenticate that the user is a valid user, a valid medium, and a valid ticket. A combination authentication process for confirming the validity of the combination is performed (step 9010). For medium authentication, an authentication server list table is read in order to determine to which authentication server an authentication request is transmitted according to the type of medium. If the individual authentication and the combination authentication are successful, the processing result is transmitted to the station server (step 9040), the authentication result is registered in the authentication information of the association table, and the processing is terminated. If the authentication is unsuccessful and the request source is a conventional line ticket gate admission processing program (step 9020), a black list table is created and transmitted to the station server of the candidate station (step 9030). FIG. 11 shows a configuration example of the black list table. This table is a list of rows including a user ID 11010, a medium ID 11020, and a ticket ID 11030. For example, extraction of candidates for participating stations is performed by extracting from a station where a boarding ticket has entered, a transfer station, a passing station, and the like, and transmitting the extracted information to a station server of the station. Alternatively, the participating station may be predicted from the past ticket use history data of the user and transmitted only to the station servers around the station. Alternatively, the black list table may be transmitted to all station servers. If the transmission of the black list table is completed, or if the request source is other than the conventional line ticket gate entrance processing program in step 9020, the processing result is transmitted to the station server (step 9040), and the authentication result is the authentication information in the association table. After registering, the process is terminated.

  Next, a processing example of the station server entrance processing program at the time of entering the ticket gate of the conventional train will be described with reference to the flowchart of FIG. In the case of a conventional train, the fare is relatively low compared to an express train, so the authentication process according to the risk level is omitted in the admission process of this embodiment. This processing is executed at the timing when the station equipment such as an automatic ticket gate recognizes the medium held by the user such as an IC card, and then requests the entrance determination from the automatic ticket gate to the station server. Shall.

  First, it is checked whether or not the corresponding ID is registered in the black list table (step 6010). It is assumed that the black list table has been transmitted from the combination authentication server in advance. Here, for example, a medium ID read from the medium is used as the ID to be checked. Alternatively, a personal ID or ticket ID may be stored in a storage area of the medium, and the ID may be read and used. If the corresponding ID is registered in the black list table, a determination NG is transmitted to the ticket gate (step 6030), and the process ends. If the corresponding ID is not registered in the black list table, a determination OK is transmitted to the ticket gate (step 6020). The ticket gate performs an operation of opening the gate if the determination is OK, and closing the gate if the determination is NG, according to the transmitted determination result. After the transmission, the authentication request program of the combination authentication server is called (step 6040), and the process ends.

  Next, the processing of the station server at the time of entering the ticket gate of the express train will be described using the flowchart of FIG. In the case of limited express trains, the fare is relatively high compared to conventional trains. Therefore, authentication processing according to the risk level is basically performed even in entrance processing. This processing is executed at the timing when the station equipment such as an automatic ticket gate recognizes the medium held by the user such as an IC card, and then requests the entrance determination from the automatic ticket gate to the station server. Shall.

  First, it is checked whether or not the corresponding ID is registered in the black list table (step 7010). It is assumed that the black list table has been transmitted from the combination authentication server in advance. Here, for example, a medium ID read from the medium is used as the ID to be checked. Alternatively, a personal ID or ticket ID may be stored in a storage area of the medium, and the ID may be read and used. If the ID corresponding to the black list is registered, a determination NG is transmitted to the ticket gate (step 7030), and the process is terminated. If the ID corresponding to the black list is not registered, it is next checked whether the ID corresponding to the white list table is registered and whether the assessment date in the record is within a certain time from the current date ( Step 7020). It is assumed that the white list table has been transmitted from the combination authentication server in advance. If a certain period of time has passed since the assessment date and time, security can be improved by performing risk assessment again. If it corresponds to step 7020, the authentication process corresponding to the risk is executed, the result is transmitted to the ticket gate (step 7060), and the authentication result is registered in the authentication information in the association table of the combination authentication server. Exit. For example, if a secure medium is used and it is assessed that the risk is low, medium authentication is omitted and only personal authentication and ticket authentication are performed. Alternatively, if the risk is small, all authentication processes may be omitted when entering. If it does not correspond to step 7020, the risk of using the ticket is assessed (step 7040). Here, as a risk assessment method, for example, in addition to the methods (1) to (5) described in Step 5040, the risk is determined based on the following criteria.

  (6) If the admission date and time is within a certain time from the ticket purchase date and time, it is determined that the risk of ticket forgery is low.

  As a result of assessing the risk, when it is determined that the risk is smaller than a certain level (step 7050), an authentication process corresponding to the risk is executed, the result is transmitted to the ticket gate (step 7060), and the process is terminated. To do. If it is determined that the risk is not smaller than a certain level, the authentication request program of the combination authentication server is called, the authentication result is transmitted to the ticket gate (step 7070), and the process is terminated. The ticket gate performs an operation of opening the gate if the determination is OK, and closing the gate if the determination is NG, according to the transmitted determination result.

  Next, the processing of the station server when entering the ticket gate will be described using the flowchart of FIG. This processing is executed at the timing when the station equipment such as an automatic ticket gate recognizes the medium held by the user such as an IC card and requests the station server to enter the outside of the ticket gate from the automatic ticket gate. Shall.

  First, it is checked whether or not the corresponding ID is registered in the black list table (step 8010). It is assumed that the black list table has been transmitted from the combination authentication server in advance. Here, for example, a medium ID read from the medium is used as the ID to be checked. Alternatively, a personal ID or ticket ID may be stored in a storage area of the medium, and the ID may be read and used. If the ID corresponding to the black list is registered, a determination NG is transmitted to the ticket gate (step 8030), and the process is terminated. If the ID corresponding to the black list is not registered, it is next checked whether the ID corresponding to the white list table is registered and whether the assessment date in the record is within a certain time from the current date ( Step 8020). It is assumed that the white list table has been transmitted from the combination authentication server in advance. If a certain period of time has passed since the assessment date and time, security can be improved by performing risk assessment again. Further, the average boarding time of the ticket section may be added to the assessment date and time to check whether or not the time is within a certain time from the current date and time.

  If it corresponds to step 8020, the authentication process corresponding to the risk is executed, the result is transmitted to the ticket gate (step 8060), and the authentication result is registered in the authentication information in the association table of the combination authentication server. Exit. For example, when it is assessed that the risk is small because the ticket amount is small, the ticket authentication is omitted, the fare calculation is performed by the station server, and the authentication is successful if the fare is equal to or less than the ticket amount. If not in step 8020, the risk of using the ticket is assessed (step 8040). Here, as a risk assessment method, for example, the risk is determined using the methods (1) to (5) described in Step 5040. As a result of assessing the risk, if it is determined that the risk is smaller than a certain level (step 8050), an authentication process corresponding to the risk is executed, the result is transmitted to the ticket gate (step 8060), and the process is terminated. To do. If it is determined that the risk is not smaller than a certain level, the authentication request program of the combination authentication server is called, the authentication result is transmitted to the ticket gate (step 8070), and the process is terminated. The ticket gate performs an operation of opening the gate if the determination is OK, and closing the gate if the determination is NG, according to the transmitted determination result.

  Next, FIG. 14 shows a screen example of the station staff operating terminal. This screen is a list of risk assessments / reasons and authentication information 14010 for each user ID / medium ID / ticket ID, an interface 14020 for searching a specific record by specifying a keyword, user information 14030, medium information 14040, ticket information 14050. When a specific record on the list 14010 is designated, attribute information corresponding to the user ID, medium ID, and ticket ID of the record is displayed in 14030, 14040, and 14050. This screen can be displayed by referring to the association table on the combination authentication server 1060 by the station service equipment 1020 operated by the station staff. Station staff can use this screen to check the ticket usage status of a specific user.

  As described above, the present embodiment has described the processing example in the case where the risk assessment and the authentication process are performed when the ticket gate is entered and when the ticket gate is entered. However, the present invention is not limited to this, and risk assessment and authentication processing may be performed using another station service device (for example, a conductor portable terminal in a boarding train). Alternatively, in order to speed up the ticket gate process, a part of the authentication process may be performed when entering the ticket gate, and the authentication process may be continued at the conductor portable terminal when entering the ticket gate or on the train. In this case, for example, authentication processing may be divided into medium authentication when entering a ticket gate, personal authentication when using a conductor portable terminal, and ticket authentication when entering a ticket gate. Alternatively, risk assessment may be performed when entering the ticket gate, and only when the risk is greater than a certain level, additional authentication processing may be performed during train boarding using the conductor portable terminal.

  According to the present invention, it is possible to perform processing at high speed and securely in a thin client station equipment. Thereby, even at the time of commuting rush, etc., it is possible to prevent people from lining up before the ticket gate. Furthermore, illegal boarding due to ticket counterfeiting can be prevented.

  DESCRIPTION OF SYMBOLS 1010 ... IC card, 1020 ... Station service equipment, 1030, 1050 ... Network, 1040 ... Station server, 1060 ... Combination authentication server, 1070 ... Personal authentication server, 1080 ... Medium authentication server, 1090 ... Ticket authentication server, 2010, 3010 ... Main control unit, 2020, 3020 ... input unit, 2030, 3030 ... output unit, 2040, 3040 ... communication processing unit, 2050, 3050 ... storage management unit

Claims (15)

An authentication system comprising a combination authentication device and an authentication device,
The combination authentication device assesses risks based on electronic ticket information relating to electronic tickets for using transportation facilities, and creates a list including the risks, a registration processing unit,
An authentication request is made according to the risk assessed when entering the ticket gate using the list created by the registration processing unit, and the risk assessed when entering the ticket gate using the list created by the registration processing unit And an authentication request unit for making an authentication request
The authentication system that receives the authentication request includes an authentication unit that performs authentication. The electronic ticket information is an electronic ticket amount or electronic ticket type, and the registration processing unit assesses a risk level according to the electronic ticket amount or electronic ticket type. The authentication system according to Item 1. The amount of the electronic ticket is a balance of electronic money related to the electronic ticket, the type of the electronic ticket is the content of a commuter pass, and the registration processing unit is configured to use the balance of the electronic money or the commuter pass. 3. The authentication system according to claim 2, wherein the risk level is assessed on the basis of the content of. The authentication system according to claim 3, wherein the registration processing unit stores usage history data of the electronic ticket and assesses a risk level according to contents of the usage history data. The registration processing unit acquires a purchase time of an electronic ticket stored in the usage history data, and assesses that a risk level is low when a ticket gate is entered within a predetermined time from the purchase time. Item 5. The authentication system according to item 4. A registration processing unit that assesses risks based on electronic ticket information related to electronic tickets for using transportation facilities, and creates a list including the risks;
Using the list created by the registration processing unit, an authentication request is made according to the risk assessed at the entrance of the ticket gate, and an authentication request is made according to the risk assessed at the entrance of the list ticket created by the registration processing unit. An authentication request section to perform;
A combination authentication device comprising: The electronic ticket information is an electronic ticket amount or electronic ticket type, and the registration processing unit assesses a risk level according to the electronic ticket amount or electronic ticket type. Item 7. The combination authentication device according to Item 6. The amount of the electronic ticket is a balance of electronic money related to the electronic ticket, the type of the electronic ticket is the content of a commuter pass, and the registration processing unit is configured to use the balance of the electronic money or the commuter pass. The combination authentication apparatus according to claim 7, wherein the risk level is assessed based on the content of. 9. The combination authentication apparatus according to claim 8, wherein the registration processing unit stores usage history data of the electronic ticket and assesses a risk level according to contents of the usage history data. The registration processing unit acquires a purchase time of an electronic ticket stored in the usage history data, and assesses that a risk level is low when a ticket gate is entered within a predetermined time from the purchase time. Item 10. The combination authentication device according to Item 9. An authentication method comprising a combination authentication device and an authentication device,
A first step in which a registration processing unit of the combination authentication device assesses risks based on electronic ticket information related to electronic tickets for using transportation facilities, and creates a list including the risks;
A second step in which an authentication requesting unit of the combination authentication device makes an authentication request according to the risk assessed at the time of ticket gate entry using the list created in the first step;
A third step in which the authentication device receiving the authentication request performs authentication;
A fourth step in which an authentication request unit of the combination authentication device makes an authentication request according to the risk assessed at the time of ticket gate participation using the list created in the first step;
A fifth step in which the authentication device that has received the authentication request performs authentication;
A combination authentication method characterized by comprising: The electronic ticket information is an electronic ticket amount or electronic ticket type, and the registration processing unit assesses a risk level according to the electronic ticket amount or electronic ticket type. Item 12. The combination authentication method according to Item 11. The amount of the electronic ticket is a balance of electronic money related to the electronic ticket, the type of the electronic ticket is the content of a commuter pass, and the registration processing unit is configured to use the balance of the electronic money or the commuter pass. The combination authentication method according to claim 12, wherein the risk level is assessed based on the content of. 14. The combination authentication method according to claim 13, wherein the registration processing unit stores usage history data of the electronic ticket, and assesses a risk level according to contents of the usage history data. The registration processing unit acquires a purchase time of an electronic ticket stored in the usage history data, and assesses that a risk level is low when a ticket gate is entered within a predetermined time from the purchase time. Item 15. The combination authentication method according to Item 14.

Images