JP2017005460A - Card authentication system, portable electronic device for card authentication, terminal device for card authentication, server for card authentication, card authentication method, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To authenticate the validity of a user, and to prevent the illegal use of a game card or the like without recording various information by mounting an IC chip on the game card or the like, or storing the authentication information of the user in a device side which uses the game card or the like.SOLUTION: A card authentication system includes: a terminal device for card authentication having authentication data generation means for generating authentication data by reading identification information provided in a card, encrypted data acquisition means for acquiring encrypted data by encrypting the authentication data generated by the authentication data generation means with a cryptographic key by a portable electronic device for card authentication, and transmission means for transmitting the authentication data and the encrypted data; and a server for card authentication having reception means for receiving the authentication data and the encrypted data transmitted by the transmission means, and authentication means for authenticating the validity of the authentication data received by the reception means on the basis of the encrypted data received by the reception means.SELECTED DRAWING: Figure 2

Description

  The present invention relates to a card authentication system that authenticates the validity of a card such as a game card used in a card game, a portable electronic device for card authentication, a terminal device for card authentication, a server for card authentication, a card authentication method, and a program. Is.

A game card can be set by a user on a game machine to enjoy a card game, and a representative trading card is a card that is exchangeable between users. In this trading card, unique information about the character drawn on one side is printed as a digital watermark in the title text and background drawn on the other side, and the user sets the trading card in the game machine. Thus, the card game can be played by causing the game machine to read the unique information printed as a digital watermark on the trading card.
Japanese Unexamined Patent Application Publication No. 2011-151533 (Patent Document 1) discloses a digital watermark printed matter that can be read even with a small digital watermark.
However, even if the digital watermark printed on the trading card is made small and invisible, when the picture printed on the trading card is copied and the trading card is forged, the digital watermark is also copied together with other pictures, There is a problem in that a forged trading card can be set in a game machine and a game can be played, and illegal use of the trading card due to forgery is constantly occurring.

In JP2013-141564A (Patent Document 2), an IC chip is mounted on a trading card and registration state information is stored in the IC chip. Disclosed is a trading card utilization system that prevents individual information from being read from a terminal and allows only one user to use a single trading card.
However, in the above trading card utilization system, it is necessary to mount an IC chip on the trading card and store various information such as registration status information on the IC chip, which not only makes the trading card expensive. There is a problem in that it takes time to store various information in the trading card.

By the way, since IC cards are difficult to counterfeit and have high security, they are used for authentication of various systems, and even for game machines that can play games by connecting to a server via a communication line, authentication of authorized users It is also used as a product.
For example, in Japanese Patent Application Laid-Open No. 11-66008 (Patent Document 3), a modem device can be attached, and the modem device is attached and then connected to a server via a communication line, and authentication information is transmitted to the server. In the game device that can receive a certain service when receiving authentication as a regular user, a recording medium in which the card ID and authentication information of an IC card given to the regular user is recorded is provided in the modem device. A game device is disclosed in which the recorded authentication information is transmitted to the server when the card ID of the IC card inserted into the modem device matches the card ID recorded on the recording medium.
However, the game device does not play a game by reading information from a game card or the like, and the game device has the trouble of storing a card ID and authentication information in a modem device (game device side). Furthermore, even if an attempt is made to apply the above game device to a game device used by many users such as arcade games installed in a public space such as a game center, all the card IDs and authentication of the user on the game device side There was a problem that information could not be stored.

JP 2011-151533 A JP 2013-141564 A Japanese Patent Laid-Open No. 11-66008

  The problem to be solved by the present invention is that various information is recorded by mounting an IC chip on a game card or the like, or the user authentication information is not stored on the device side using the game card or the like. It is to authenticate the user's legitimacy and prevent illegal use of game cards and the like.

  The present invention provides an authentication data generation means for generating authentication data by reading identification information provided on a card, and the authentication data generated by the authentication data generation means is encrypted with an encryption key by a card authentication portable electronic device. Encrypted data acquisition means for acquiring encrypted data, a card authentication terminal device including the authentication data and a transmission means for transmitting the encrypted data, the authentication data transmitted by the transmission means, and the A card authentication server comprising: receiving means for receiving encrypted data; and authentication means for authenticating validity of the authentication data received by the receiving means based on the encrypted data received by the receiving means. A card authentication system provided is provided to solve the above problems.

  In the present invention, the authentication unit collates data obtained by encrypting the authentication data received by the receiving unit with the same encryption key as the encryption key, and collates the encrypted data received by the receiving unit. A card authentication system that authenticates the validity of authentication data is provided to solve the above problems.

  The present invention solves the above problems by providing a card authentication system in which the identification information provided on the card is formed by a digital watermark printed on a game card.

  The present invention is the portable electronic device for card authentication used in the card recognition system, wherein authentication data acquisition means for acquiring authentication data obtained from identification information provided on a card, and the authentication data An encryption key storage means for storing an encryption key for encryption; an encryption means for encrypting the authentication data acquired by the authentication data acquisition means with the encryption key stored in the encryption key storage means; A portable electronic device for card authentication comprising an encrypted data output means for outputting encrypted data encrypted by the encryption means is provided to solve the above-mentioned problems.

  The present invention provides a portable electronic device for card authentication characterized in that the identification information provided on the card is formed by a digital watermark printed on a game card. To do.

  The present invention is the card authentication terminal device used in the card recognition system, wherein the authentication data generating means for reading the identification information provided on the card and generating authentication data, and the authentication data generating means The authentication data includes encrypted data acquisition means for acquiring encrypted data obtained by encrypting the authentication data with an encryption key by the card authentication portable electronic device, and transmission means for transmitting the authentication data and the encrypted data. A terminal device for card authentication is provided to solve the above problem.

  The present invention solves the above problems by providing a card authentication terminal device in which the identification information provided on the card is formed by a digital watermark printed on a game card.

  The present invention is the card authentication server used in the card recognition system, in which the authentication data obtained from the identification information provided on the card and the authentication data are stored in an encryption key by the card authentication portable electronic device. A card authenticating device comprising: a receiving unit that receives encrypted encrypted data; and an authentication unit that authenticates the validity of the authentication data received by the receiving unit based on the encrypted data received by the receiving unit. A server is provided to solve the above problems.

  In the present invention, the authentication unit collates data obtained by encrypting the authentication data received by the receiving unit with the same encryption key as the encryption key, and collates the encrypted data received by the receiving unit. A card authentication server for authenticating the authenticity of authentication data is provided to solve the above-mentioned problems.

  The present invention solves the above problems by providing a card authentication server in which the identification information provided on the card is formed by a digital watermark printed on a game card.

  The present invention includes a generation step of generating identification data by reading identification information provided on a card, and an encryption in which the authentication data generated in the generation step is encrypted with an encryption key by the card authentication portable electronic device An acquisition step of acquiring data, a transmission step of transmitting the authentication data generated in the generation step and the encrypted data acquired in the acquisition step, and the authentication data and the encrypted data transmitted in the transmission step. A card authentication method comprising: a receiving step for receiving; and a step of authenticating the validity of the authentication data received in the receiving step based on the encrypted data received in the receiving step. Is a solution.

  According to the present invention, in the authentication step, the data obtained by encrypting the authentication data received in the reception step with the same encryption key as the encryption key is compared with the encrypted data received in the reception step. A card authentication method for authenticating the authenticity of authentication data is provided to solve the above problem.

  The present invention solves the above problems by providing a card authentication method in which the identification information provided on the card is formed by a digital watermark printed on a game card.

  The present invention provides a program for causing a computer to execute the card authentication method to solve the above-described problems.

  In the card authentication system of the present invention, on the card authentication terminal device side, the authentication data generation means reads the identification information provided on the card to generate authentication data, and the encrypted data acquisition means includes the authentication data generation means. The authentication data generated by the card authentication portable electronic device is encrypted with an encryption key, and the transmitting means transmits the authentication data and the encrypted data on the card authentication server side. The receiving means receives the authentication data and the encrypted data transmitted by the transmitting means, and the authenticating means receives the authentication data received by the receiving means based on the encrypted data received by the receiving means. In order to authenticate the validity, various information can be recorded by mounting an IC chip on the card side, or the user authentication information can be stored on the device side using the card. Without benefit, an effect that can prevent unauthorized use of the card to authenticate the validity of the user.

  In the card authentication system of the present invention, the authenticating unit encrypts the authentication data received by the receiving unit with the same encryption key as the encryption key, and the encrypted data received by the receiving unit. In order to verify the validity of the authentication data by collating, various information is recorded by mounting an IC chip on the card side or the user authentication information is stored on the device side using the card. Thus, it is possible to authenticate the validity of the user and prevent unauthorized use of the card.

  In the card authentication system of the present invention, since the identification information provided on the card is formed by a digital watermark printed on the game card, various information can be obtained by mounting an IC chip on the game card side. Without authenticating or storing the user's authentication information on the device side that uses the game card with the identification information printed with a digital watermark, authenticating the user's legitimacy and preventing unauthorized use of the game card There is an effect that it can be prevented.

  The portable electronic device for card authentication of the present invention is used in the card recognition system. In the portable electronic device for card authentication of the present invention, the authentication data obtained from the identification information provided on the card by the authentication data acquisition means. And the encryption key storage means stores an encryption key for encrypting the authentication data, and the encryption means stores the authentication data acquired by the authentication data acquisition means in the encryption key storage means. Encrypted with the encryption key, the encrypted data output means outputs the encrypted data encrypted by the encryption means, so that various information can be recorded by mounting an IC chip on the card side, etc. There is an effect that the authenticity of the user can be authenticated and unauthorized use of the card can be prevented without storing the authentication information of the user on the device side to be used.

  In the portable electronic device for card authentication of the present invention, the identification information provided on the card is formed by a digital watermark printed on the game card, so that an IC chip is mounted on the game card side, etc. The game card authenticates the legitimacy of the user without recording the various information or storing the user authentication information on the device side using the game card on which the identification information is printed with a digital watermark. This has the effect of preventing unauthorized use.

  The card authentication terminal device of the present invention is used in the card recognition system. In the card authentication terminal device of the present invention, the authentication data generation means reads the identification information provided on the card to generate authentication data, and The encrypted data acquisition means acquires encrypted data obtained by encrypting the authentication data generated by the authentication data generation means with an encryption key by the card authentication portable electronic device, and the transmission means transmits the authentication data and the encrypted data. Authenticates the legitimacy of a user without recording various information by mounting an IC chip on the card side or storing user authentication information on the device side that uses the card. As a result, it is possible to prevent unauthorized use of the card.

  In the card authentication terminal device according to the present invention, since the identification information provided on the card is formed by a digital watermark printed on the game card, an IC chip is mounted on the game card side, etc. It is illegal to play a game card by authenticating the user's validity without recording various information or storing the user's authentication information on the device that uses the game card with identification information printed with a digital watermark. There is an effect that the use can be prevented.

  The card authentication server of the present invention is used in the card recognition system. In the card authentication server of the present invention, the receiving means authenticates the authentication data obtained from the identification information provided on the card and the authentication data. The portable electronic device receives the encrypted data encrypted with the encryption key, and the authenticating unit authenticates the validity of the authentication data received by the receiving unit based on the encrypted data received by the receiving unit Therefore, the card authenticates the legitimacy of the user without recording various information by mounting an IC chip on the card side or storing the authentication information of the user on the device side using the card. This has the effect of preventing unauthorized use.

  In the card authentication server of the present invention, the authentication unit encrypts the authentication data received by the reception unit with the same encryption key as the encryption key, and the encrypted data received by the reception unit. In order to authenticate the authenticity of the authentication data by verifying, the various information is recorded by mounting an IC chip on the card side, or the user authentication information is stored on the device side using the card. Thus, it is possible to authenticate the validity of the user and prevent unauthorized use of the card.

  In the card authentication server according to the present invention, since the identification information provided on the card is formed by a digital watermark printed on the game card, there are various types such as mounting an IC chip on the game card side. Unauthorized use of a game card by authenticating the user's validity without recording information or storing the user's authentication information on the device side using the game card with identification information printed with a digital watermark The effect that can be prevented.

  In the card authentication method of the present invention, identification data provided on the card is read to generate authentication data, and the card authentication portable electronic device generates encrypted data obtained by encrypting the generated authentication data with an encryption key. Acquire, transmit the generated authentication data and the acquired encrypted data, receive the transmitted authentication data and the encrypted data, and based on the received encrypted data, the received the received In order to authenticate the validity of the authentication data, the user can record various information by mounting an IC chip on the card side or store the authentication information of the user on the device side that uses the card. The authenticity of the card can be authenticated and unauthorized use of the card can be prevented.

  In the card authentication method of the present invention, the authentication data is validated by collating the received authentication data with the same encryption key as the encryption key and the received encrypted data. To authenticate, the user's legitimacy is authenticated without recording various information by mounting an IC chip on the card side or storing the user's authentication information on the device side that uses the card. Thus, the card can be prevented from being illegally used.

  In the card authentication method of the present invention, since the identification information provided on the card is formed by a digital watermark printed on the game card, various information such as mounting an IC chip on the game card side, etc. Without authenticating or storing the user's authentication information on the device side that uses the game card with the identification information printed with a digital watermark, authenticating the user's legitimacy and preventing unauthorized use of the game card There is an effect that it can be prevented.

  The program of the present invention has the same effects as the card authentication method.

It is an external appearance block diagram which shows the external appearance of the whole structure of one Embodiment of the card | curd authentication system of this invention. It is a block diagram which shows the function structure of the card | curd authentication system of FIG. It is a block diagram which shows the function structure of IC card 3 used as the portable electronic device for card | curd authentication. 3 is a block diagram showing a functional configuration of a card authentication terminal device 4. FIG. 3 is a block diagram showing a functional configuration of a card authentication server 6. FIG. It is a figure for demonstrating the structure of card information DB60. It is a figure explaining an example of the issue / sales route of the game card 2 and the IC card 3. 3 is a flowchart showing an outline of the operation of the card authentication system 1. 5 is a flowchart showing the operation of the card authentication terminal device 4. 3 is a flowchart showing the operation of the IC card 3. 5 is a flowchart showing the operation of the card authentication server 6.

[Overall configuration of card authentication system]
First, the overall configuration of the card authentication system of the present invention will be described.
FIG. 1 is an external configuration diagram showing the external appearance of the overall configuration of an embodiment of the card authentication system of the present invention. In the figure, 1 is a card authentication system, 2 is a game card, 3 is a portable electronic device for card authentication, 4 is a terminal device for card authentication, 5 is an Internet line, and 6 is a server for card authentication. As shown in the figure, the card authentication terminal device 4 is connected to a card authentication server 6 via an Internet line 5. In this embodiment, the card authentication portable electronic device 3 is an IC card, and the game card 2 is a trading card.

2 is a block diagram showing a functional configuration of the card authentication system of FIG. 1, in which 10 is an authentication data generation unit, 11 is an encrypted data acquisition unit, 12 is a transmission unit, 13 is a reception unit, and 14 is A storage unit 15 is an authentication unit. As shown in the figure, the card authentication terminal device 4 includes an authentication data generation unit 10, an encrypted data acquisition unit 11, a transmission unit 12, and the like. The card authentication server 6 includes a reception unit 13, a storage unit 14, The authentication unit 15 is configured.
The authentication data generation unit 10 reads the identification information provided on the game card (trading card) 2 and generates authentication data. This authentication data is encrypted by the card authentication portable electronic device 3 using the encryption key.
The encrypted data acquisition unit 11 acquires encrypted data from the card authentication portable electronic device 3.
The transmission unit 12 transmits the authentication data generated by the authentication data generation unit 10 and the encrypted data acquired by the encrypted data acquisition unit 11 to the card authentication server 6 via the Internet line 5.
The receiving unit 13 receives authentication data and encrypted data transmitted from the transmitting unit 12.
The storage unit 14 stores the same encryption key as the encryption key stored in the card authentication portable electronic device (IC card) 3 and other various information.
The authentication unit 15 encrypts the authentication data received by the reception unit 13 with the encryption key stored in the storage unit 14, collates the encrypted data with the encrypted data received by the reception unit 13, 13 authenticates the validity of the received authentication data.
The authentication result of the authentication unit 15 is transmitted from the transmission unit (not shown) of the card authentication server 6 to the card authentication terminal device 4 via the Internet line 5.

[Game cards (trading cards) 2]
A game card (trading card) is a card made of paper or plastic, and various patterns are printed on the front side thereof. On the back side thereof, a T card ID for identifying the card and a game in which the card can be used are displayed. An application code for identifying the type, an authentication code indicating that the card is valid, and the like are printed in a form that cannot be visually recognized as a digital watermark in characters and background. This authentication code corresponds to the identification information provided on the card of the present invention. The game card 2 is sold as a set of one or a plurality of cards.

[Portable electronic device for card authentication (IC card) 3]
FIG. 3 is a block diagram showing a functional configuration of the IC card 3 which is a portable electronic device for card authentication, in which 30 is an antenna, 31 is a communication control unit, 32 is an authentication data acquisition unit, and 33 is an encryption. A key storage unit 34 is an encryption operation unit.
The antenna 30 receives data transmitted from a reader / writer (R / W) provided in the card authentication terminal device 4 and transmits data to the reader / writer (R / W).
The communication control unit 31 controls transmission and reception of data between the antenna 30 and a reader / writer (R / W) provided in the card authentication terminal device 4.
The authentication data acquisition unit 32 acquires authentication data sent from the card authentication terminal device 4 via the antenna 30 and the communication control unit 31, and sends this authentication data to the encryption calculation unit 34.
The encryption key storage unit 33 stores an encryption key for performing an encryption operation.
The encryption operation unit 34 performs encryption operation on the authentication data sent from the authentication data acquisition unit 32 with the encryption key stored in the encryption key storage unit 33 to create encrypted data.
The communication control unit 31, the authentication data acquisition unit 32, the encryption key storage unit 33, and the encryption calculation unit 34 are provided in an IC chip (not shown) of the IC card 3.
Note that the IC card 3 of the present embodiment is a non-contact type provided with the antenna 30, but has a function of a contact type provided with a contact portion instead of the antenna 30 or both a contact type and a non-contact type. May be a hybrid card or a dual interface card.

[Card Authentication Terminal Device 4]
FIG. 4 is a block diagram showing a functional configuration of the card authentication terminal device 4, in which 40 is a camera, 41 is an image processing unit, 42 is an authentication data storage unit, and 43 is a reader / writer (R / W). , 44 are encrypted data storage units. The authentication data generation unit 10 is configured by the camera 40, the image processing unit 41, the authentication data storage unit 42, and the like, and the encrypted data is acquired from the reader unit (reception unit) of the reader / writer 43, the encrypted data storage unit 44, and the like. Part 11 is configured.
The camera 40 photographs various information such as a T card ID, a T application code, and an authentication code printed as a digital watermark on the game card 2, and sends the obtained image data to the image processing unit 41.
The image processing unit 41 performs image processing such as pattern extraction from image data sent from the camera 40, and identifies a T card ID (identifying the game card 2) and a T application code (available game type). And the authentication code and the like are extracted, and the extracted authentication code is sent as authentication data to the authentication data storage unit.
The authentication data storage unit 42 stores the authentication data among the data extracted by the image processing unit 41 and sends the stored authentication data to the reader / writer 43 and the transmission unit 12.
The reader / writer 43 transmits / receives various data to / from the IC card 3, transmits authentication data from the authentication data storage unit 42 to the IC card 3, encrypted data transmitted from the IC card 3, and M card An ID (identifying the IC card 3), an M application code (identifying a usable game type), and the like are received.
The encrypted data storage unit 44 stores the encrypted data from the IC card 3 received by the reader / writer 43 and sends the stored encrypted data to the transmission unit 12.
The transmission unit 12 transmits the authentication data from the authentication data storage unit 42 and the encrypted data from the encrypted data storage unit 44 to the card authentication server 6 via the Internet line 5. Note that the T card ID, M card ID, and the like are also transmitted from the transmission unit 12 to the card authentication server 6 together with the authentication data and the encrypted data.
Further, in the present embodiment, the card authentication terminal device 4 has a game function (not shown), and a game device capable of playing a card game by setting the game card 2 in a card setting unit (not shown). It has become.
Further, the card authentication terminal device 4 includes a receiving unit (not shown), receives an authentication result (described later) transmitted from the card authentication server 6, and if the authentication result is valid, the game Can be started.

[Card authentication server 6]
FIG. 5 is a block diagram showing a functional configuration of the card authentication server 6, in which 60 is a card information database (DB), 61 is an encryption operation unit, and 62 is a collation determination unit. The card information database (DB) 60 is set in the storage unit 14, and the encryption calculation unit 60, the collation determination unit 61, and the like constitute the authentication unit 15.

[Card information DB 60]
FIG. 6 is a diagram for explaining the structure of the card information DB 60. As shown in the figure, the card information DB 60 includes a master card information table 60a (FIG. 6 (a)) and a game card information table 60b (FIG. 6 ( b)).
The master card information table 60a includes an “M card ID” for identifying the IC card 3 serving as a master card, an “M application code” for identifying the type of game that can be used, an “encryption key” for encryption, It consists of an “expiration date” indicating the expiration date of the IC card 3 and a “status flag” indicating the usage status of the IC card 3 (“0” for unregistered, “1” during operation, “2” for discard). . For example, the M application code, encryption key, expiration date, and status flag of the IC card 3 (master card) with the M card ID “001” are “aaa”, “XXX”, “2016.12”, “ 1 ”.
The game card information table 60b includes a "T card ID" for identifying the game card (trading card) 2, a "T application code" for identifying the type of game that can be used, and a "T application code" for authenticating the validity of the card. “Authentication code”, “expiration date” indicating the expiration date of the game card 2, “registrant ID” indicating the owner of the game card 2, “status flag” indicating the usage status of the game card 2 (“0” if not registered) "1" during operation and "2" for destruction. For example, the T application code, the authentication code, the expiration date, the registrant ID, and the status flag of the game card 2 with the T card ID “1001” are “aaa”, “xxx”, “2016.12”, “001”, respectively. , “1”.
The “registrant ID” in the game card information table 60b contains the “M card ID” in the master card information table 60a, and the IC card 3 (master card) and the game card 2 are associated with each other. For example, since the registrant ID of the game card 2 with the T card ID “1001” is “001”, the game card 2 with the T card ID “1001” and the IC card 3 with the M card ID “001” are owned. Will be in common.

[Authentication unit 15 (encryption calculation unit 60, verification determination unit 61)]
The encryption calculation unit 61 searches the master card information table 60a with the M card ID received by the reception unit 13, and encrypts the authentication data received by the reception unit 13 using the encryption key of the matching M card ID. The encryption operation is performed to create encrypted data.
The collation determining unit 62 collates the encrypted data received by the receiving unit 13 with the encrypted data created by the encryption calculating unit 61. If they match, the game card 2 gives an authentication result indicating that the game card 2 is valid. If there is, the authentication result that the game card 2 is not valid is issued.
Then, the authentication result issued by the collation determination unit 62 is transmitted from the transmission unit (not shown) of the card authentication server 6 to the card authentication terminal device 4 via the Internet line 5.
The matching determination unit 62 searches the game card information table 60b by the T card ID received by the receiving unit 13, compares the registrant ID of the matching T card ID with the M card ID received by the receiving unit 13, If they match, an authentication result that the game card 2 is valid is issued, and if they do not match, an authentication result that the game card 2 is not valid is issued.

[Issuance and sale of game cards 2 and IC cards 3]
FIG. 7 is a diagram for explaining an example of the issuance / sales route of the game card 2 and the IC card 3. In the figure, M is the manufacturer of the game card 2, S is the store of the game card 2, and U is the game card 2. A user who purchases Hereinafter, the issuance / sales route of the game card 2 and the IC card 3 will be described.
(A) The manufacturer M issues a game card 2 and an IC card 3. On the back side of the game card 2 to be issued, a T card ID, a T application code, an authentication code, and the like are printed in a character or background in a manner that cannot be visually recognized as a digital watermark. Further, an M card ID, an M application code, an encryption key, and the like are written (stored) in the storage unit (including the encryption key storage unit 33) of the IC chip of the IC card 3 to be issued.
Then, the T card ID, T application code, authentication code, and expiration date of the game card 2 are registered in the game card information table 60b, and the M card ID, M application code, encryption key, and expiration date of the IC card 3 are master. It is registered in the card information table 60a.
At this stage, the game card 2 and the IC card 3 are not associated with each other, no data is written in the registrant ID of the game card information table 60b, and the status flags of both tables are “0” (not yet). Registration).
(B) The manufacturer M sells the issued game card 2 and IC card 3 to the store S. In this case, usually, one IC card 3 is attached to a set (one or a plurality) of game cards 2 and sold.
(C) In the store S, an IC card is attached to the set of the game cards 2 and sold to the user U. In this case, one set of game cards 2 may be sold with one IC card, or a plurality of sets of game cards 2 may be sold with one IC card. The user U first registers (to be described later) the purchased game card 2 and the IC card 3, and then installs the game card 2 and the IC card 3 in a store S, a game center, or the like. It can be set in the authentication terminal device 4) to play a card game.

[Initial registration of game card 2 and IC card 3]
When the user U purchases the game card 2 and the IC card 3 from the store S, the game card 2 and the IC card 3 are not associated with each other, and data is written in the registrant ID of the game card information table 60b. Not. For this reason, the user U needs to perform initial registration for associating the purchased game card 2 with the IC card 3. This initial registration is performed according to the following procedures (1) to (10).
(1) The user U sets the game card 2 and the IC card purchased at the store S in the card authentication terminal device 4.
(2) First, in the card authentication terminal device 4, the reader / writer 43 reads the M card ID and M application code of the IC card 3, and performs application authentication. This application authentication is to authenticate whether the type of game that can be used with the IC card 3 matches the type of game that can be used with the terminal device 4 for card authentication. Specifically, it is determined by the application authentication function of the card authentication terminal device 4 whether the M application code matches the application code registered in the card authentication terminal device 4.
(3) In parallel with the processing of (2), the card authentication terminal device 4 reads the T card ID, T application code, authentication code (authentication data), etc. of the game card 2 to perform application authentication. This application authentication is to authenticate whether the type of game that can be used with the game card 2 matches the type of game that can be used with the card authentication terminal device 4. Specifically, it is determined by the application authentication function of the card authentication terminal device 4 whether the T application code and the application code registered in the card authentication terminal device 4 match.
(4) In the application authentication of (2) and (3) above, if it is confirmed that the M application code and the T application code match the application code of the card authentication terminal device 4, the card authentication terminal device 4 Authentication code (authentication data) is transmitted to the IC card 3.
(5) In the IC card 3, the authentication code (authentication data) transmitted from the card authentication terminal device 4 is encrypted to create encrypted data, and the generated encrypted data is transmitted to the card authentication terminal device 4. .
(6) The card authentication terminal device 4 transmits the T card ID, T application code, authentication code (authentication data), encrypted data, M card ID, and M application code to the card authentication server 6.
(7) The card authentication server 6 searches the master card information table 60a with the M card ID, specifies the corresponding encryption key, and decrypts the encrypted data with the specified encryption key to create decrypted data. Further, the game card information table 60b is searched by the T card ID, and the corresponding authentication code (authentication data) is specified.
(8) Then, it is confirmed whether the decrypted data created with the encryption key searched with the M card ID matches the authentication code (authentication data) searched with the T card ID.
Since the encrypted data is obtained by encrypting the authentication code (authentication data) with the encryption key, when the encrypted data is decrypted with the same encryption key, the original authentication code (authentication data) is obtained.
Thereby, the legitimacy of the game card 2 and the IC card 3 in the initial registration is confirmed.
For example, if the M card ID is “001”, the corresponding encryption key is “XXX”, and decrypted data is generated by decrypting the encrypted data with this encryption key “XXX”. On the other hand, if the T card ID is “1001”, the corresponding authentication code (authentication data) is “xxx”. If the decrypted data matches the authentication code (authentication data) “xxx”, the encrypted data is data obtained by encrypting the authentication code “xxx” of the T card ID “1001” with the encryption key “XXX”. That is, it is confirmed that the IC card 3 is a valid card with the M card ID “001” and the game card 2 is a valid card with the T card ID “1001”.
(9) When the validity of the game card 2 and the IC card 3 is confirmed in this way, the M card ID corresponding to the registrant ID of the game card information table 60b is written, and the master card information table 60a and the game card The status flag of the information table 60b is “1” (in operation).
(10) Finally, the authentication result, that is, the result of whether or not the initial registration has been performed, is transmitted from the card authentication server 6 to the card authentication terminal device 4, and the initial registration is completed.

[Outline of operation of card authentication system 1]
FIG. 8 is a flowchart showing an outline of the operation of the card authentication system 1.
As shown in the figure, the operation of the card authentication system 1 is performed by the card authentication terminal device 4 reading various data from the game card 2 and the IC card 3 and performing application authentication (S1). The step includes the step of encrypting the code (authentication data) (S2), and the step of authenticating the validity of the authentication code (authentication data) in the card authentication server 6 (S3).
Hereinafter, operations of the card authentication terminal device 4, the IC card 3, and the card authentication server 6 will be described.

[Operation of Card Authentication Terminal Device 4]
FIG. 9 is a flowchart showing the operation of the card authentication terminal device 4. The operation of the card authentication terminal device 4 will be described below.
First, the reader / writer 43 reads the M card ID and M application code written in the storage unit of the IC card 3, and temporarily stores them in the storage unit (not shown) of the card authentication terminal device 4 (S10). ).
Next, application authentication is performed to determine whether the M application code matches the application code registered in the card authentication terminal device 4 (S11).
Next, the camera 40 captures the game card 2, and the image processing unit 41 extracts the T card ID, T application code, and authentication code (authentication data) from the captured image, and temporarily stores them in the storage unit (authentication data storage unit). Save (S12).
Next, application authentication is performed to determine whether the T application code matches the application code registered in the card authentication terminal device 4 (S13).
Next, the reader / writer 43 transmits an authentication code (authentication data) to the IC card 3 (S14).
Next, encrypted data obtained by encrypting the authentication code (authentication data) is received from the IC card 3 and temporarily stored in the storage unit (including the encrypted data storage unit) (S15).
Finally, the transmission unit 12 transmits the T card ID, T application code, authentication code (authentication data), encrypted data, M card ID, and M application code to the card authentication server 6 (S16).

[Operation of IC card 3]
FIG. 10 is a flowchart showing the operation of the IC card 3. Hereinafter, the operation of the IC card 3 will be described.
First, the M card ID and the M application code written in the storage unit of the IC card 2 are transmitted from the antenna 30 to the reader / writer 43 of the card authentication terminal device 4 (S20).
Next, the antenna 30 receives an authentication code (authentication data) from the reader / writer 43 of the card authentication terminal device 4 (S21).
Next, the authentication data acquisition unit 32 acquires the received authentication data, and the encryption operation unit 34 encrypts the authentication data sent from the authentication data acquisition unit 32 with the encryption key stored in the encryption key storage unit 33. The encryption operation is performed to create encrypted data (S22).
Finally, the created encrypted data is transmitted from the antenna 30 to the reader / writer 43 of the card authentication terminal device 4 (S23).
When the IC card 3 is a contact type provided with a contact portion, the contact portion transmits / receives data to / from the reader / writer 43 instead of the antenna 30.

[Operation of Card Authentication Server 6]
FIG. 11 is a flowchart showing the operation of the card authentication server 6. The operation of the card authentication server 6 will be described below.
First, the receiving unit 13 receives a T card ID, a T application code, an authentication code (authentication data), encrypted data, an M card ID, and an M application code from the card authentication terminal device 4 (S30).
Next, the master card information table 60a is searched by the received M card ID, the game card information table 60b is searched by the received T card ID, and each received data is stored in the card information DB 60 (master card information table 60a and game card information). It is confirmed whether it exists in the table 60b) (S31).
When it is confirmed that the encryption operation unit 61 exists, the encryption operation unit 61 encrypts the received authentication data using the encryption key of the M card ID associated with the master card information table 60a. The encrypted data is created (S32), and if it is not confirmed that it exists, it is determined that the game card 2 is not valid (authentication result) (S36).
For example, if the M card ID is “001” and the authentication code (authentication data) is “xxx”, the corresponding encryption key is “XXX”, and the authentication code (XXX) is used with the encryption key “XXX”. Authentication data) “xxx” is encrypted to create encrypted data.
Next, the collation determination unit 61 collates the encrypted data received in S30 with the encrypted data created in S32, and determines whether or not they match (S33). If they match, the game card 2 is valid. Is determined (authentication result) (S34), and if they do not match, the game card 2 is determined to be invalid (authentication result) (S36).
For example, the encrypted data received in S30 is the data obtained by encrypting the authentication code (authentication data) “xxx” of the T card ID “1001” and the encryption key of the M card ID “001” using “XXX”. If there is, it matches the encrypted data created in S32, and the game card 2 is determined to be valid.
Finally, a determination result (authentication result) is transmitted to the card authentication terminal device 4 (S35).
By determining the legitimacy of the game card using the data encrypted with the encryption key in the IC card that is difficult to copy, illegal use of the game card can be surely prevented.

  The card authentication system, the card authentication portable electronic device, the card authentication terminal device, the card authentication server, the card authentication method and the program of the present invention record various information by mounting an IC chip on the card side, etc. Without authenticating the user authentication information on the device side using the card, it is possible to authenticate the validity of the user and prevent unauthorized use of the card.

1 Card Authentication System 2 Game Card 3 Portable Electronic Device for Card Authentication 4 Terminal Device for Card Authentication 5 Internet Line 6 Server for Card Authentication 10 Authentication Data Generation Unit 11 Encrypted Data Acquisition Unit 12 Transmission Unit 13 Reception Unit 14 Storage Unit 15 Authentication unit 30 Antenna 31 Communication control unit 32 Authentication data acquisition unit 33 Encryption key storage unit 34 Encryption operation unit 40 Camera 41 Image processing unit 42 Authentication data storage unit 43 Reader / writer (R / W)
44 Encrypted data storage unit 60 Card information database (DB)
60a Master card information table 60b Game card information table 61 Cryptographic operation unit 62 Collation determination unit M Manufacturer S Dealer U User

Claims (14)

Authentication data generation means for generating identification data by reading identification information provided on the card, and encryption in which the authentication data generated by the authentication data generation means is encrypted with an encryption key by the card authentication portable electronic device A card authentication terminal device comprising: encrypted data acquisition means for acquiring data; and transmission means for transmitting the authentication data and the encrypted data;
A receiving means for receiving the authentication data and the encrypted data transmitted by the transmitting means; and an authentication for authenticating the validity of the authentication data received by the receiving means based on the encrypted data received by the receiving means. A card authentication system comprising a card authentication server.   The authentication unit verifies the authentication data by verifying the data obtained by encrypting the authentication data received by the receiving unit with the same encryption key as the encryption key and the encrypted data received by the receiving unit. The card authentication system according to claim 1, wherein the authentication is performed.   3. The card authentication system according to claim 1, wherein the identification information provided on the card is formed by a digital watermark printed on a game card. The card authentication portable electronic device used in the card recognition system,
Authentication data acquisition means for acquiring authentication data obtained from identification information provided on the card;
Encryption key storage means for storing an encryption key for encrypting the authentication data;
Encryption means for encrypting the authentication data acquired by the authentication data acquisition means with the encryption key stored in the encryption key storage means;
A card authentication portable electronic apparatus comprising: encrypted data output means for outputting encrypted data encrypted by the encryption means.   5. The portable electronic device for card authentication according to claim 4, wherein the identification information provided on the card is formed by a digital watermark printed on a game card. The card authentication terminal device used in the card recognition system,
An authentication data generating means for generating authentication data by reading the identification information provided on the card;
Encrypted data acquisition means for acquiring the authentication data generated by the authentication data generation means, and encrypted data obtained by encrypting the authentication data with an encryption key by the card authentication portable electronic device;
A card authentication terminal device comprising: transmission means for transmitting the authentication data and the encrypted data.   7. The card authentication terminal device according to claim 6, wherein the identification information provided on the card is formed by a digital watermark printed on a game card. The card authentication server used in the card recognition system,
Receiving means for receiving authentication data obtained from identification information provided on the card and encrypted data obtained by encrypting the authentication data with an encryption key by the card authentication portable electronic device; and the encryption received by the receiving means A card authentication server comprising: authentication means for authenticating validity of the authentication data received by the receiving means based on data.   The authentication unit verifies the authentication data by verifying the data obtained by encrypting the authentication data received by the receiving unit with the same encryption key as the encryption key and the encrypted data received by the receiving unit. 9. The card authentication server according to claim 8, wherein the authentication is performed.   10. The card authentication server according to claim 8, wherein the identification information provided on the card is formed by a digital watermark printed on a game card. A generation step of generating identification data by reading identification information provided on the card;
An acquisition step in which the portable electronic device for card authentication acquires encrypted data obtained by encrypting the authentication data generated in the generating step with an encryption key;
A transmission step of transmitting the authentication data generated in the generation step and the encrypted data acquired in the acquisition step;
A receiving step for receiving the authentication data and the encrypted data transmitted in the transmitting step;
A card authentication method comprising: an authentication step of authenticating the validity of the authentication data received in the reception step based on the encrypted data received in the reception step.   In the authentication step, the authentication data received in the reception step is verified by verifying the authentication data received by verifying the encrypted data received in the reception step with data encrypted with the same encryption key as the encryption key. The card authentication method according to claim 11, wherein the authentication is performed.   13. The card authentication system according to claim 11, wherein the identification information provided on the card is formed by a digital watermark printed on a game card.   A program for causing a computer to execute the card authentication method according to any one of claims 11 to 13.

Images