JP2018097760A - User related information management system, management server, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a system that prevents a provision range of a service from being limited and can improve users' convenience.SOLUTION: A user terminal device transmits a card request to a management server via a provider server, and the management server generates and stores an authentication QR code, transmits a URL for display of the authentication QR code to the user terminal device via the provider server, permits access to a QR code when there is effective access from the user terminal device on the basis of the URL for display of the QR code, and lets the user terminal device display the QR code. When the QR code read by a store terminal device is effective, the management server permits update of points possessed by a user.SELECTED DRAWING: Figure 7

Description

  The present invention relates to a user-related information management system that manages user-related information, a management server according to the user-related information management system, and a program.

  In recent years, service providers have provided platforms for exchanging messages and the like between a plurality of user terminals via a network. In addition, service providers publish API (Application Programming Interface) in order to provide an automatic interactive service using a platform, and promote the development of interactive bot applications. As an example of such an interactive bot application, there is one that generates a message obtained by translating a message between user terminals from a first language into a second language and automatically transmits it to the other party (Patent Document 1).

JP2015-179519A

  However, the API is limited to predetermined message information (a character string code such as a JSON code) in terms of the load and security of the server managed by the service provider. For this reason, even in the conventional interactive bot application, the response to a message such as a character string remains, and an image cannot be directly responded. As a result, there is a possibility that the service provision range is limited to automatic message responses.

  The present invention has been conceived in view of such a situation, and an object of the present invention is to provide a system capable of preventing a service provision range from being limited and improving user convenience. It is.

  In order to achieve the above object, a user-related information management system according to an aspect of the present invention identifies a user terminal device having an image display unit, a store terminal device installed in a store and capable of reading an image, and a user A management server that manages user identification information for the user, user-related information related to the user corresponding to the user identification information, and a provider server for enabling transmission and reception of information between a plurality of user terminal devices The user terminal device includes request message information output means for outputting request message information for requesting an authentication image to the management server via the provider server, and the management server receives the request message information. When received, an authentication image for generating an authentication image including user identification information of the user who is the output source of the request message information is received. Image generation means, authentication image storage means for storing the generated authentication image, and authentication image permission means for allowing access from the user terminal device to the authentication image stored in the authentication image storage means, The user terminal device includes an authentication image display unit that displays an authentication image permitted to be accessed by the authentication image permission unit on the image display unit, and the store terminal device can be specified from an image read from the image display unit Specific information output means for outputting specific identification information to the management server, the management server corresponding to the user identification information when the user identification information is identified based on the identification information from the store terminal device. Update permission means for permitting update of user-related information managed by the management server, wherein the management server further includes the authentication image storage means. Access message information output means for outputting access message information for allowing access to the authentication image to the user terminal device that is the request message information output source via the provider server when storing, The authentication image permission means permits access to the authentication image from the user terminal device in response to access from the user terminal device based on the access message information. The management server can communicate with the provider server only by predetermined message information (for example, a character string code).

  A management server according to an aspect of the present invention includes a user terminal device having an image display unit, a store terminal device installed in a store and capable of reading an image, and a business for enabling transmission and reception of information between a plurality of user terminal devices A management server that can communicate with each user server and manages user identification information for identifying the user and user related information related to the user corresponding to the user identification information, and responding to a request for an authentication image Authentication image generation means for generating an authentication image including user identification information of the user who is the request message information output source when the received request message information is received from the user terminal device via the provider server, and the generated authentication Authentication image storage means for storing an image, and user terminal device to the authentication image stored in the authentication image storage means An authentication image permission unit that allows access, and user identification based on specific information that the store terminal device reads and outputs an image displayed on the image display unit when access is permitted by the authentication image permission unit Update permission means for allowing update of user-related information managed in correspondence with the user identification information when the information is specified, and when the authentication image storage means stores the authentication image, Access message information output means for outputting access message information for allowing access to the authentication image to the user terminal device that is the request message information output source via the provider server, and the authentication image permission means In response to an access from the user terminal device based on the access message information. Allowing the access to the authentication image from.

  Preferably, the authentication image generation unit generates an authentication image including information obtained by encrypting the user identification information with a predetermined encryption key, and the update permission unit decrypts the specific information with a predetermined decryption key. It is determined whether or not user identification information is specified from the information.

  Preferably, an access token generating unit that generates an access token when the request message information is received, the authentication image generating unit generates an authentication image including the user identification information and the access token, and the update The permitting means permits updating of the user related information on condition that the access token specified based on the specifying information is valid.

  Preferably, when the authentication image storage means stores the authentication image, the authentication image storage means includes an allowable access token generation means for generating an access token for permission to permit access to the authentication image, and the access message information is , Including an allowable access token generated by the allowable access token generating means, and the authentication image permitting means includes the access on the condition that the allowable access token specified based on the access message information is valid. Access to the authentication image from the user terminal device based on the message information is permitted.

  A program according to an aspect of the present invention includes a user terminal device having an image display unit, a store terminal device installed in a store and capable of reading an image, and an operator for enabling transmission and reception of information between a plurality of user terminal devices A program for causing a computer to execute processing for communicating with each server, user identification information for identifying a user, and processing for managing user-related information about the user in association with the user identification information, The program includes, when the request message information corresponding to the request for the authentication image is received from the user terminal device via the provider server, the authentication image including the user identification information of the user who is the output source of the request message information. Generating the authentication image, and storing the generated authentication image in a predetermined storage area; Allowing the user terminal device to access the authentication image stored in the predetermined storage area, and reading the store terminal device from the image displayed on the image display unit when the access is permitted; When user identification information is identified based on the output identification information, a step of allowing updating of user related information managed in correspondence with the user identification information is executed, and the authentication image is stored. Sometimes, a step for outputting access message information for permitting access to the authentication image to the user terminal device that is the request message information output source via the provider server is executed, and The step of permitting access from the user terminal device is performed from the user terminal device based on the access message information. Depending on the access, comprising the step of allowing access to the authentication image from the user terminal.

  According to said structure, even if a management server transmits / receives message information between provider servers, an authentication image can be displayed on a user terminal device in response to a request from a user, and a store terminal The user-related information can be updated by determining that the authentication image read by the apparatus is valid. As a result, user convenience can be improved. Also, an authentication image in the store is obtained by transmitting request message information to the store to be used from a user terminal device that is less likely to be lost or forgotten by the user than an authentication medium (for example, a point card). it can. As a result, the convenience can be further improved, and the usage rate / utilization rate of the service for updating the user-related information can be improved.

It is the schematic of a service system structure. It is a block diagram of a management server. It is a figure for demonstrating the information memorize | stored in the memory | storage part of a management server. It is a figure for demonstrating the outline | summary of the point service which a management server provides. It is a figure for demonstrating a shop registration process. It is a figure for demonstrating QR code recognition processing. It is a figure for demonstrating QR code recognition processing. It is a figure for demonstrating QR code recognition processing. It is a figure for demonstrating QR code recognition processing. It is a figure for demonstrating premium exchange processing. It is a figure for demonstrating premium exchange processing. It is a figure for demonstrating premium exchange processing. It is a figure for demonstrating a store account creation process. It is a figure for demonstrating a store application login process.

  Hereinafter, an embodiment of the present invention will be described in detail with reference to the drawings.

  [System configuration example]

  FIG. 1 is a schematic diagram of a service system configuration according to an embodiment of the present invention. The service system 600 provides a service that can update a user's possession points according to purchase of a product and the like by specifying a user without using a point card issued for each store. As shown in FIG. 1, the service system 600 includes a user terminal device 100, an operator server 200, a store terminal device 300, and a management server 400. The user terminal device 100, the store terminal device 300, the business server 200, and the management server 400 can communicate with each other via the network 500. In FIG. 1, although 100a and 100b are shown as the user terminal device 100, communication with other user terminal devices is also possible. Moreover, although 300a and 300b are shown as the store terminal device 300 in FIG. 1, it can communicate with other store terminal devices.

  The user terminal devices 100a and 100b are communication terminal devices owned by each user, and correspond to portable terminals such as smartphones and tablet terminals. A message application provided by a business operator is installed in each of the user terminal devices 100a and 100b. The user can send and receive information to / from other user terminal devices registered (friend registration) via the operator server 200 by logging in by inputting a user ID or password using a message application. Information that can be transmitted and received between user terminal devices includes text, voice, images, and moving images.

  The management server 400 is a robot server (so-called bot server) that provides a point service for managing owned points for each user in a partner store. The management server 400 performs a process of outputting information according to a request from a partner store or a user. The point service is a service that gives users points that can be used for gift exchange or product purchase, depending on the purchase of products sold at stores (product purchases) or the use of services provided (service use). Say. The management server 400 manages points owned for each user.

  Also, the management server 400 issues, for example, a QR code (registered trademark) corresponding to a two-dimensional barcode as authentication information that can identify the user in response to a request from the user, and causes the user terminal device 100 to display the QR code. be able to. Thereby, the user can perform user authentication by presenting the QR code at the store.

  The business server 200 is a server managed by a business that provides a message service. The business entity server 200 performs a process of outputting information for a specific user received from the user terminal devices 100a and 100b to the user terminal device to which the specific user is logged in. The company server 200 manages (stores) a user ID, a password, a user display name (nickname), and the like registered at the start of using the message application, and specifies another user (so-called friend) registered as a friend by the user. Manage friend information and more.

  The business server 200 can transmit and receive information such as text, sound, image, and video to and from the user terminal device 100. On the other hand, the provider server 200 restricts information that can be transmitted to and received from the management server 400 to predetermined message information (character string code such as JSON code) that has a relatively small amount of data such as a character string. Yes. As a result, even if the business server 200 can provide the point service by communicating with the management server 400, the communication load with the management server 400 is suppressed and security is easily secured. It is possible to prevent the information transmission / reception (message service) from being affected.

  The store terminal devices 300a and 300b are communication terminal devices installed in each store, and correspond to, for example, a tablet terminal, a POS (Point of sale system), and the like. The stores include a wide variety of stores such as restaurants, beauty salons, drug stores, and electrical stores. A point application provided by an administrator who manages the management server 400 is installed in the store terminal devices 300a and 300b. Each of the store terminal devices 300a and 300b includes a barcode reader as a reading device capable of reading an image such as a barcode. The management server 400 reads the QR code presented by the user using a point application. By communicating with, user authentication and user point update can be performed.

  FIG. 2 is a block diagram of the management server 400. As shown in FIG. 2, the management server 400 includes a communication unit 410, a storage unit 430, an input unit 440, a control unit 420, and the like.

  The storage unit 430 is configured by various recording media such as a hard disk drive (HDD), a solid state drive (SSD), and a flash memory, and has a function of storing various programs and data for controlling the operation of the management server 400. The storage unit 430 stores user-related information related to the user such as owned points for each user ID for identifying a user who uses the point service in order to provide the point service. In particular, the storage unit 430 includes an authentication image storage unit 431 that stores a QR code for user authentication generated in response to a request from the user. Moreover, the memory | storage part 430 memorize | stores the shop relevant information relevant to a shop for every shop ID for identifying the shop of the partner who provides a point service.

  Here, the information stored in the storage unit 430 will be described with reference to FIG. FIG. 3A shows user related information. In FIG. 3A, the horizontal axis indicates a user ID, and the vertical axis indicates a plurality of types of user related information. As the user-related information, various types such as a user display name to be displayed when using the message application in correspondence with the user ID, an access token generated in the processing described in FIG. 5 and subsequent figures, and the number of points owned by the user at each store Information is stored. Note that the user-related information is not limited to that illustrated in FIG. 3A, and may include, for example, a user purchase history.

  FIG. 3B shows store related information. In FIG. 3B, the horizontal axis indicates the store ID, and the vertical axis indicates a plurality of types of store related information. As store-related information, various types of information such as a password generated in the processing described in FIG. 13 and subsequent figures and a key for encryption / decryption are stored in association with the store ID. The store-related information is not limited to that shown in FIG. 3B, and may include business hours, telephone numbers, and the like.

  Returning to FIG. 2, the communication unit 410 has a function of communicating with the business server 200, the user terminal devices 100 a and 100 b, the store terminal devices 300 a and 300 b, and the like via the network 500 in accordance with an instruction from the control unit 420. . The communication unit 410 includes a reception unit 411 that receives information and a transmission unit 412 that transmits information. The management server 400 can transmit and receive information such as text, voice, images, and videos between the user terminal devices 100 a and 100 b and the store terminal devices 300 a and 300 b, while between the business server 200. Can transmit and receive only predetermined message information.

  The control unit 420 is a processor having a function of controlling each unit of the management server 400. The control unit 420 controls the management server 400 based on the control program stored in the storage unit 430. The control unit 420 includes an information processing unit 421, an information input unit 422, an authentication image generation unit 423, and the like. The information processing unit 421 performs processing for transmitting and receiving various types of information to and from the user terminal device 100, the store terminal device 300, the business server 200, and the like via the communication unit 410. The information input unit 422 performs processing for receiving information input from the input unit 440 and storing it in the storage unit 430. The input unit 440 may be, for example, a keyboard or a mouse, or may be a personal computer connected to the management server 400. Information stored in the storage unit 430 can be updated by an input from the input unit 440. The authentication image generation unit 423 performs processing for generating a QR code for user authentication in response to a request from the user and storing it in the authentication image storage unit 431.

  Although the configuration example of the management server 400 has been described with reference to FIG. 2, the control unit that performs processing for providing the message service, the various programs and data for providing the message service, similarly for the business server 200. And a communication unit for transmitting / receiving information to / from other devices. Similarly, the user terminal device 100 and the store terminal device 300 store a control unit that performs control processing for controlling each terminal device, and various programs (including applications) and data for performing control processing. And a communication unit for transmitting and receiving information to and from other devices, and further includes a reception unit that receives an operation from a user and the like, a display unit that displays information, a speaker, and the like.

  [Outline of Point Service]

  With reference to FIG. 4, the outline | summary of the point service which the management server 400 provides is demonstrated. The user activates the message application installed in the user terminal device 100a and the like, logs in, and uses the point service of the store by registering the store that the user intends to use from among the affiliated stores. can do.

  FIG. 4 shows an example when the user a registers the store A as a friend. When the store A is registered as a friend, the business server 200 associates the store A with the user ID of the user a, and the management server 400 manages the user ID of the user a. As a result, the user a can communicate with the store A via the business operator server 200. As an example of the communication, when a message such as “map” is transmitted to the store A, the address of the store A and the link of the map are returned as a response message.

  FIG. 4A shows a display of the user terminal device 100a when the user a starts up a message application installed in the user terminal device 100a, logs in, and transmits a request message such as “point card” to the store A. Indicates the state. In the upper part of the display part of the user terminal device 100a, the destination “Store A” is displayed, and the request message “Point card” has been transmitted. The request message is transmitted to the management server 400 via the business server 200. Receiving this, the management server 400 generates a QR code corresponding to the point card for the user a in the store A.

  FIG. 4B shows a state where a QR code is displayed on the user terminal device 100a as a response message to the request message to the store A. A QR code is displayed as a response along with a message such as “Your point card is here”.

  The user a presents a QR code when purchasing goods at the store A. A store clerk or the like of the store A operates the bar code reader of the store terminal device 300a to read the QR code. Thereby, user authentication of the user a can be performed. When it is specified that the user is user a in the user authentication, it is possible to give the user a a point corresponding to the purchase of the product by the operation of the store terminal device 300a, or to use the point.

  FIG.4 (c) has shown the display state of the shop terminal device 300a when a point is provided with respect to the user a by the shop terminal device 300a. On the screen, “Mr. XXX” corresponding to user a is displayed, and if the current point is “10” points and the point to be added in this purchase is “1” point, it is added. It is shown that the later point becomes “11”. In this state, the current point can be changed by the operation of the store clerk. When “OK” is pressed, the point input at this time is given to the user “a”, the display screen is closed, and the screen returns to the normal screen. It should be noted that the current point when the screen of FIG. 4C is displayed may be “1” as a default, and corresponds to the amount paid by the user by purchase or the like. The point may be displayed.

  As described above, when a product is purchased at a store, a message for requesting a card is transmitted to the store using a message application in the same manner as when a message is transmitted to another user. QR codes can be issued, and points can be earned by presenting them at stores. For this reason, it is possible to earn points without having a medium such as a point card, and as a result, it is possible to improve user convenience. In the following, details of processing for receiving the point service will be described.

  [Process for store registration]

  In order to receive the point service, the user first needs to register the store to be used on the message application as a friend. FIG. 5 is a diagram for explaining store registration processing for a user to register a store. In FIG. 5, the processes of the user terminal device 100, the management server 400, and the provider server 200 are shown from the left. FIG. 5 illustrates an example in which the user a registers the store A as a friend.

  First, in the user terminal device 100a that the user a owns, the user a activates a message application, logs in, searches for and selects the store A, and performs an operation for adding a friend. SA01 shows a case where the user a performs an operation of adding the store A as a friend. Thereby, a message indicating “add friend” for adding the store A to the friend of the user “a” is transmitted to the business server 200.

  The company server 200 determines the type of the received message. In SA03, it is determined that the received message is a message indicating that the store A is to be added as a friend. Further, the business server 200 determines that the store A is a store managed by the management server 400, and transmits a message indicating "add friend" to the management server 400 as shown in SA03.

  The management server 400 executes message interpretation processing for determining the type of the received message. In SA05, as the message interpretation process, it is determined whether or not the type of the received message is “add friend”. If it is determined that it is not “add friend”, processing corresponding to the received message is executed in SA07. For example, in the case of a text message, the content of the text message is analyzed and processing corresponding to the content is performed.

  On the other hand, when it is determined in SA05 that the type of the message received is “add friend”, a message for requesting user information of the user a is output to the business server 200 in SA09. The company server 200 manages users (user ID, user display name, etc.) for each user who uses the message application. The business entity server 200 outputs a message for specifying user information regarding the user a to the management server 400 in SA11.

  The management server 400 performs a process of registering a user based on the received user information in SA13. For example, the management server 400 stores the user display name and the initial point at the store A in the storage unit 430 in association with the user ID (see FIG. 3A). In addition, when a user ID already exists and when a store different from the already registered store is registered as a friend, the initial point number of the store is stored corresponding to the user ID. . The initial point can be set for each store, and is stored in the storage unit 430 as store-related information.

  When the user registration is completed, a message indicating “registration complete” is output to the operator server 200 in SA15. As a result, the business entity server 200 outputs a message indicating “registration complete” to the user terminal device 100a as the friend addition request source in SA17. In the user terminal device 100a, in SA19, a registration completion message indicating that the registration is completed (for example, a message such as “Your friend added store A!”) Is displayed. Thereby, friend registration of the store A by the user a is completed, and thereafter, when the user a uses the store A, an QR code for authentication can be issued.

  [QR code recognition processing]

  Next, a QR code recognition process for issuing and authenticating a QR code will be described with reference to FIGS. Below, the process at the time of updating the point for the store A which is a user's a owned point is demonstrated as an example. First, in the user terminal device 100a that the user a owns, the user a starts a message application, logs in, and transmits a card request message to the store A in which a friend is added, as indicated by SB01. As the card request message, for example, messages such as “card”, “point card”, “QR”, and the like are defined (see FIG. 4A). The card request message is transmitted to the operator server 200.

  When the business server 200 determines that the received information is information for another user, the business server 200 outputs the received information to the other user. This card request message is information for the store A. Therefore, the management server 400 notifies (transmits) the text message including the card request message to the management server 400 in SB03.

  In the management server 400, message interpretation processing is performed in SB05, and it is determined whether or not the message type is a text message. If it is determined in SB05 that the message is not a text message, processing corresponding to the message is executed in SB07. On the other hand, when it is determined in SB05 that it is a text message, it is determined in SB09 whether the text message is a predetermined card request message. If it is determined in SB09 that the message is not a card request message, processing corresponding to the text message is executed in SB11.

  When it is determined in SB09 that the message is a card request message, in SB13, an access token for managing the access state from the user a and an expiration date of the access token are generated and stored in correspondence with the user ID. It memorize | stores in the part 430 (refer Fig.3 (a)). The expiration date of the access token is uniformly set to 5 minutes, for example, but the time set uniformly can be changed by an input operation by the input unit 440 or the like.

  In SB15, the access token and the user ID are encrypted using the encryption key issued for the store A. The encryption key is generated in a store account creation process which will be described later with reference to FIG. In SB17, a QR code image is generated using the encrypted data encrypted in SB15. In SB19, the generated QR code image is stored in the authentication image storage unit 431 in association with the user ID (see FIG. 3A).

  In SB21, an access token for QR code display for enabling access to the stored QR code and an expiration date of the access token for QR code display are generated, and the storage unit 430 is associated with the user ID. (See FIG. 3A). The validity period of the access token for QR code display is uniformly set to a time shorter than the validity period of the access token (for example, 10 seconds), but can be changed by an input operation using the input unit 440 or the like.

  Subsequently, in SB23 in FIG. 7, a URL for authentication for accessing the QR code, which includes a QR code display access token and a user ID, is generated. In SB 25, the generated QR code display URL is transmitted to the operator server 200. In SB27, the business entity server 200 transmits the received QR code display URL to the requesting user terminal device 100a.

  When receiving the QR code display URL by the function of the message application, the user terminal device 100a automatically transmits a QR code request message including the QR code display URL to the management server 400, and the QR code is displayed. Access the display URL.

  The management server 400 performs access restriction confirmation processing in SB31. In the access restriction confirmation process, it is determined whether or not the user ID specified from the QR code display URL included in the received QR code request message and the QR code display access token are valid. For example, the QR code display access token specified from the QR code display URL is a QR code display access token stored in the storage unit 430 in association with the user ID specified from the QR code display URL. It is determined whether or not they match, and whether or not the current access timing is within the validity period of the QR code display access token stored in the storage unit 430 is determined.

  When it is determined that the user ID and the QR code display access token are not valid, such as when the QR code display access token does not match or when the expiration date has passed, the process ends at SB33. This makes it impossible to access a QR code whose QR code display access token is invalid or whose expiration date has expired. In this case, the management server 400 may transmit an error message such as “Please try again from the beginning” to the user terminal device 100a.

  On the other hand, when it is determined to be valid in SB31, access to the QR code image stored in the authentication image storage unit 431 corresponding to the user ID is permitted (allowed). As a result, the user terminal device 100a can display the QR code image generated in SB17 on the display unit in SB35 (see FIG. 4B). As shown in SB37, the user a can perform user authentication by presenting the QR code displayed on the user terminal device 100a to the store A.

  In the store A, a store terminal device 300a is installed. The store terminal device 300a can read the QR code as shown in SB39 when the store clerk operates the barcode reader in a state where the point application is activated and logged in. Thereby, the encrypted data encrypted in SB41 is acquired. Subsequently, the store terminal apparatus 300a transmits the acquired encrypted data, store access token, and store ID to the management server 400 in SB43 of FIG. The store access token and the store ID are generated in a store account creation process and a store application login process, which will be described later with reference to FIGS. 13 and 14, and are managed in both the store terminal device 300a and the management server 400 (FIG. 3). (See (a)).

  The management server 400 executes store application authentication processing in SB45. In the store application authentication process, it is determined whether or not the store access token and the store ID are valid. Specifically, it is determined whether or not the transmitted store access token and store ID match the store access talk and store ID managed in the management server 400, and the current access timing is stored in the storage unit 430. It is determined whether or not the store access token stored in is within the expiration date.

  If it is determined in SB45 that the store access token or the store ID is not valid, an error message such as “Not valid. Please log in again” is transmitted in SB47. Thereby, the store terminal device 300a displays an error message in SB49.

  On the other hand, when it is determined in SB45 that the store access token and the store ID are valid, the encrypted data is decrypted in SB51 using the decryption key corresponding to the store ID. Thereby, an access token, a user ID, etc. can be specified from the encrypted data. The decryption key is generated in the store account creation process described later with reference to FIG.

  In SB53, QR code access token authentication processing is performed. In the QR code access token authentication process, it is determined whether or not the user ID and access token specified from the encrypted data by decryption are valid. For example, it is determined whether the access token identified from the encrypted data by decryption matches the access token generated in the SB 13 and stored in the storage unit 430 in association with the user ID, and the access timing Is determined to be within the validity period of the access token generated in SB13 and stored in the storage unit 430.

  When it is determined in SB53 that the user ID or access token is not valid, an error message such as “QR code is not valid” or “the expiration date has passed” is transmitted in SB55. Thereby, the store terminal device 300a displays an error message in SB57.

  On the other hand, when it is determined in SB53 that the user ID or access token is valid, in SB59 in FIG. 9, a point grant page for specifying the current point for the store A corresponding to the user a is transmitted. Thereby, the update of the point is permitted. In store terminal device 300a, a point grant page is displayed in SB61. Thereby, for example, the display state shown in FIG. When the store terminal device 300a inputs the number of points according to the purchase of the product of the user a to the current point column by the operation of the store clerk and selects “OK”, the number of points after the addition in SB63 It transmits to the management server 400.

  The management server 400 performs processing to update the number of points for the store A received among the points owned by the user a. In SB65, it is determined whether or not the updated number of points has reached a preset number of points that can be exchanged for prizes. When it is determined in SB65 that the number of points that can be exchanged has not been reached, a point number message for specifying the current number of points is transmitted to the business server 200 as a message addressed to the user a in SB67. Thereby, the provider server 200 transmits a point number message to the user terminal device 100a of the user a in SB69. As a result, the user terminal device 100a displays the current number of points on the display unit in SB71. Thereby, when the user a purchases a product at the store A, the point of the store A can be updated and the number of current points after the update can be grasped.

  On the other hand, when it is determined in SB65 that the number of points that can be exchanged has been reached, a message token and an expiration date of the message token are generated and stored in the storage unit 430 in SB73 (see FIG. 3A). . In SB 75, a prize action message that can specify a prize that can be exchanged for a message token is transmitted to the business server 200. Thereby, the business entity server 200 transmits a premium action message to the user terminal device 100a of the user a in SB77. As a result, the user terminal device 100a displays a premium action message on the display unit in SB79. For example, “Congratulations. Now that you have 10P, you can exchange for a coupon that you can use. Do you want to use this coupon today?” And “Yes” and “No” icons are displayed. .

  [Premium exchange process]

  Next, with reference to FIGS. 10 to 12, a free gift exchange process using the acquired points will be described. Below, the process at the time of the user a exchanging prizes using the point for shop A is demonstrated as an example.

  When the user terminal device 100a selects either “Yes” or “No” in the state where the premium action message is displayed in SB79 of FIG. 9, the message token and “Yes” or “No” are selected in SC01. A free gift exchange message including information specifying any of them is transmitted to the business server 200. The company server 200 notifies the management server 400 of a free gift exchange message in SC03.

  In SC05, the management server 400 performs message interpretation processing, and determines whether or not the message type is user feedback related to prize exchange. If it is determined in SC05 that it is not user feedback, processing corresponding to the message received in SC07 is performed.

  On the other hand, when it is determined in SC05 that the user feedback, access restriction confirmation processing is performed in SC09. In the access restriction confirmation process, it is determined whether or not the message token included in the received free gift exchange message is valid. Specifically, whether the message token included in the received free gift exchange message matches the message token generated in the SB 73 and stored in the storage unit 430, and whether the access is within the validity period of the message token. It is determined whether or not.

  When it is determined in SC09 that the message token is not valid, an error message such as “Not valid. Please try again” is transmitted to the operator server 200 in SC11. Thereby, the provider server 200 transmits an error message to the user terminal device 100a of the user a in SC13. As a result, the user terminal device 100a displays an error message on the display unit in SC15.

  On the other hand, when it is determined in SC09 that the message token is valid, action interpretation processing is performed in SC17 and SC19 in FIG. In the action interpretation process, it is determined whether the received action type is a prize exchange decision action (SC17) or a prize exchange selection action (SC19). For example, when the prize action message is displayed, if “Yes” is selected, it is determined that the action is a prize exchange determination action, and if “No” is selected, it is determined that the action is a prize exchange selection action.

  If it is determined in SC17 that the action is not a prize exchange decision action, and if it is determined in SC19 that it is not a prize exchange selection action, processing corresponding to the corresponding type is performed. On the other hand, when it is determined in SC17 that the action is not a prize exchange decision action and it is determined in SC19 that it is a prize exchange selection action, that is, when “No” is selected when a prize action message is displayed, it is transmitted last time. A prize action message different from the prize action message is transmitted to the business server 200. Thereby, the business entity server 200 transmits a premium action message to the user terminal device 100a of the user a in SC27. As a result, the user terminal device 100a displays a premium action message on the display unit in SC29. This time, for example, “Yes” and “No” icons are displayed along with a message such as “You can exchange for product A at 5P out of 10P. A gift exchange message corresponding to the request will be transmitted.

  If there are no other prizes that can be exchanged within the possession points, the previous points until the current addition, the points acquired this time, and the current points after the addition are displayed. Even if there is a prize that can be exchanged within the possession point, if “No” is selected for a predetermined number of times (for example, three times) continuously, it is considered that there is no intention to exchange the prize and the prize is present. The exchange may be terminated.

  On the other hand, when it is determined in SC17 that the action is a free gift exchange decision action, that is, when “Yes” is selected when the free gift action message is displayed, in SC31 of FIG. A point subtraction process is performed to subtract the points corresponding to the given prize. In SC33, the current point number message for displaying the current point after the prize exchange is transmitted to the business server 200 as a message addressed to the user a. Thereby, the provider server 200 transmits a current point number message to the user terminal device 100a of the user a in SC35. As a result, the user terminal device 100a displays the current number of points on the display unit in SC37. In this way, the points can be exchanged for prizes or the like using the possession points.

  [Store account creation process]

  Next, store account creation processing for creating an account of a partner store will be described with reference to FIG. The partner store can use the point service provided by the administrator by creating an account. The store ID and the key for encryption / decryption described above are generated in the store account creation process. Hereinafter, a case where a store clerk of the store A performs store account creation processing using the store terminal device 300a will be exemplified. Note that the store account creation process may be performed when the administrator of the management server 400 obtains information on the store A and then the administrator operates the input unit 440 of the management server 400.

  When the store terminal device 300a installs and starts the point application, the store terminal device 300a displays an account creation screen. In the account creation screen, an account creation request is transmitted to the management server 400 in SD01 by selecting an account creation icon in a state where information related to the store A such as the name, location, telephone number, and business type of the store A is entered. The account creation request includes information about the store A such as the name, location, telephone number, and type of business of the store A.

  In SD03, the management server 400 performs an account generation process for generating an account corresponding to the store A. The generated information includes, for example, a store ID for specifying the store A, a password required at the time of login, and the like. Further, the generated information is stored in the storage unit 430 as store related information (see FIG. 3B).

  In SD05, processing for generating an encryption / decryption key of the store A is performed. In SD07, information for specifying the generated encryption / decryption key is stored in the storage unit 430 corresponding to the store ID of the store A (see FIG. 3B). In SD09, an account creation end notification for notifying that the account creation has ended is transmitted to the store terminal device 300a. The account creation end notification includes information (store ID, password, etc.) generated in SD03. As a result, the store terminal device 300a displays the account of the store A and a message such as “Please keep it carefully!” At SD11 and that the account creation has been completed. Note that the account generated in SD03 may be separately notified to the store A by mail.

  [Store app login process]

  Next, with reference to FIG. 14, a store application login process for enabling communication with the management server 400 in the store terminal apparatus will be described. The store terminal device can update points by inputting the account information created by the store account creation process and logging in. Below, an example of a process when a store application login process is performed using the store terminal device 300a of the store A will be described.

  The store terminal device 300a activates the point application, displays a login screen in SE01, and inputs a store ID and a password that are account information. Then, the store ID and password are transmitted to the management server 400.

  In SE03, the management server 400 determines whether or not the transmitted store ID and password match the store ID and password stored in the storage unit 430. If it is determined in SE03 that they do not match, an error message is transmitted in SE05. Thereby, the store terminal device 300a displays an error message such as “Store ID or password is incorrect” in SE07.

  On the other hand, when it is determined that the store ID and password transmitted in SE03 match the store ID and password stored in the storage unit 430, a store access token and an expiration date of the store access token are generated in SE09. And it memorize | stores in the memory | storage part 430 (refer FIG.3 (b)). The stored store access token is used until the expiration date elapses, and a new store access token and an expiration date are generated and stored at the time of login after the expiration date.

  In SE11, the store access token is transmitted to the store terminal device 300a. The store terminal apparatus 300a stores the store access token received in SE13 in the application, and activates the main screen of the message application in SE15. Thereby, the management server 400 authenticates whether the access is from the store A using the store access token and the store ID (see SB45 in FIG. 8). When the login is completed, the store terminal device can execute a process for reading the QR code and updating the user's point. Further, when the store terminal device accepts a predetermined confirmation operation during login, the store terminal device communicates with the management server 400 and has user-related information (for example, a user registered as a friend with the store where the store terminal device is set). It is also possible to display the point of the store among the points owned by the user on the display unit.

  Here, main effects obtained by the management server 400 and the service system 600 including the management server 400 in the present embodiment will be described.

  (1) According to the service system 600, the management server 400, and the program for controlling the operation of the management server 400, the management server 400 generates and stores an authentication QR code in response to a card request from the user. A QR code display URL for authentication is output, and access to the QR code is permitted when there is a valid access from the user terminal device 100 based on the QR code display URL. As a result, information that can be transmitted and received between the provider server 200 and the management server 400 is limited to predetermined message information (character string code such as JSON code) that has a relatively small amount of data such as a character string. The QR code image can be displayed on the user terminal device 100 even in a situation where the user cannot transmit or receive the message. In addition, when the QR code read by the store terminal device 300 is valid, the management server 400 allows the user's possession point to be updated. As a result, points can be earned without having a medium such as a point card, and as a result, convenience for the user can be improved.

  Further, by changing the address requested by the card, the management server 400 can generate and store a QR code for the store corresponding to the address and display it on the user terminal device 100. This frees you from the hassle of having a point card for each store and does not cause you to find the point card when using it. Further, the user can receive the point service by using the message application provided by the operator. As a result, user convenience can be further improved.

  Furthermore, since the store can provide the point service without issuing the point card medium, the issuing cost can be reduced. The possibility of losing or forgetting the user terminal device is lower than that of the point card, and the possibility of carrying the user terminal device is higher than that of the point card. For this reason, it is possible to improve the usage rate / utilization rate of the point service after the first time. As a result, it is possible to increase the number of repeat customers to the store and increase sales.

  (2) According to the service system 600, the management server 400, and the program for controlling the operation of the management server 400, the QR code is encrypted by the user ID and the access talk as indicated by SB15 and SB17 in FIG. The point update is generated based on the data decrypted using the decryption key, as shown by SB51 and SB53 in FIG. Allowed when it is determined that the ID and access talk are valid. For this reason, information included in the QR code cannot be decoded except by the management server 400. As a result, it is possible to prevent points from being updated illegally.

  (3) According to the program for controlling the operation of the service system 600, the management server 400, and the management server 400, when the QR code is generated / stored as shown by SB19 and SB21 in FIG. A QR code display access token for permitting access to the QR code is generated and stored, and the QR code display access specified from the QR code request message from the user terminal device as shown by SB31 in FIG. When it is determined that the token is valid, access to the QR code is permitted. For this reason, it is possible to prevent the QR code from being displayed illegally.

  As mentioned above, although main embodiment in this invention was described, this invention is not restricted to said embodiment, A various deformation | transformation and application are possible. Hereinafter, modifications of the above-described embodiment applicable to the present invention will be described.

  In the above embodiment, the QR code is exemplified as the authentication image. However, the authentication image is not limited to this as long as it is an image that can be authenticated by the user. For example, a barcode, Chameleon Code (registered trademark), characters, numbers, Any image including alphabets, geometric patterns, figures, and arbitrarily created images may be used. Moreover, although the example corresponding to a point card was demonstrated as an authentication image, it is not restricted to this, For example, in the case where a store is a library, the image corresponding to the book card for borrowing a book may be sufficient. In the case of a hospital, the image may correspond to an examination ticket, or in the case where the store is an electrical store, the image may correspond to a warranty card for a purchased product. When the user is successfully authenticated by reading the authentication image, the rented contents / book history, examination contents / diagnosis history, guarantee contents / purchase history, etc. may be updated as user related information.

  In the above embodiment, the URL for displaying the QR code is exemplified as the access message information. However, the access message information is not limited to this as long as it is information for permitting access to the authentication image. Any password can be used.

  In the above embodiment, the points are exemplified as the user-related information to be updated. However, the user-related information to be updated is not limited to this as long as it is information about the user. For example, the purchase history, the number of times the store is used, and the final purchase It can be anything, such as a day.

  In the above embodiment, an example in which a QR code is displayed by transmitting a card request message from the user terminal device has been described. However, the present invention is not limited to this, and when the user terminal device visits a store that is registered as a friend. The QR code may be automatically displayed. For example, a BEACON may be installed near a cash register in a store, and when BEACON detects a user terminal device, the user ID of the user terminal device is identified and a QR code is generated and output to the user terminal device. .

  In the above embodiment, an example in which a gift can be exchanged using points after the QR code is presented to the store and the point update is permitted has been described. However, the prize exchange may be performed not only after the point update is permitted but also at any timing of the user. For example, by sending a message such as “prize” to the store, the prize exchange message shown by SC01 in FIG. 10 is sent to the management server 400 via the business server, so that the prize exchange process is executed. May be. Moreover, although the example which replace | exchanges for a coupon, goods, etc. was demonstrated as prize exchange using a point, instead of this or in addition, you may make it possible to use 1 point as 1 yen at the time of accounting. At this time, by reaching a predetermined point (for example, 500 points), the point may be used at the time of accounting, and the upper limit point (for example, 1000 points = 1000 yen) that can be used for one accounting. Available).

  It should be understood that the embodiment disclosed this time is illustrative in all respects and not restrictive. The scope of the present invention is defined by the terms of the claims, rather than the description above, and is intended to include any modifications within the scope and meaning equivalent to the terms of the claims.

  100, 100a, 100b User terminal device, 200 business server, 300, 300a, 300b store terminal device, 400 management server, 410 communication unit, 420 control unit, 423 authentication image generation unit, 430 storage unit, 431 authentication image storage unit 440 Input section.

Claims (6)

A user terminal device having an image display unit;
A store terminal device installed in the store and capable of reading images;
A management server for managing user identification information for identifying a user and user related information related to the user in association with the user identification information;
A provider server for enabling transmission and reception of information between a plurality of user terminal devices,
The user terminal device includes request message information output means for outputting request message information for requesting an authentication image to the management server via the provider server,
The management server
Authentication image generation means for generating an authentication image including user identification information of the user who is the request message information output source when the request message information is received;
Authentication image storage means for storing the generated authentication image;
Authentication image permission means for allowing access from the user terminal device to the authentication image stored in the authentication image storage means,
The user terminal device includes an authentication image display unit that displays an authentication image permitted to be accessed by the authentication image permission unit on the image display unit,
The store terminal device includes specific information output means for outputting specific information that can be specified from an image read from the image display unit to the management server,
The management server includes update permission means that allows updating of user-related information managed in correspondence with the user identification information when the user identification information is identified based on the identification information from the store terminal device,
The management server further provides access message information for permitting access to the authentication image when the authentication image storage means stores the authentication image, via the provider server, the request message information output source. Access message information output means for outputting to the user terminal device,
The authentication image permission unit is a user-related information management system that permits access to the authentication image from the user terminal device in response to access from the user terminal device based on the access message information. A user terminal device having an image display unit, a store terminal device installed in a store and capable of reading an image, and a provider server for enabling transmission / reception of information among a plurality of user terminal devices, and a user can communicate with each other. A management server that manages user identification information for identifying the user and user related information related to the user corresponding to the user identification information,
Authentication image generation for generating an authentication image including user identification information of a user who is an output source of the request message information when request message information corresponding to the request for the authentication image is received from the user terminal device via the provider server Means,
Authentication image storage means for storing the generated authentication image;
Authentication image permission means for allowing access from the user terminal device to the authentication image stored in the authentication image storage means;
When the user identification information is identified based on the identification information that the store terminal device reads and outputs the image displayed on the image display unit when access is permitted by the authentication image permission unit. Update permission means for allowing the update of user-related information managed corresponding to the identification information,
Further, when the authentication image storage unit stores the authentication image, access message information for allowing access to the authentication image is sent to the user terminal device that is the request message information output source via the provider server. Access message information output means for outputting,
The authentication image permission means is a management server that permits access to the authentication image from the user terminal device in response to access from the user terminal device based on the access message information. The authentication image generating means generates an authentication image including information obtained by encrypting the user identification information with a predetermined encryption key;
The management server according to claim 2, wherein the update permission unit determines whether user identification information is identified from information obtained by decrypting the specific information with a predetermined decryption key. An access token generating means for generating an access token when the request message information is received;
The authentication image generating means generates an authentication image including the user identification information and the access token;
The management server according to claim 2, wherein the update permission unit permits the update of user-related information on condition that an access token specified based on the specific information is valid. When the authentication image storage unit stores the authentication image, the authentication image storage unit includes an allowable access token generation unit that generates an allowable access token for permitting access to the authentication image,
The access message information includes an allowable access token generated by the allowable access token generating means,
The authentication image permission means permits access to the authentication image from the user terminal device based on the access message information on the condition that the permission access token specified based on the access message information is valid. The management server in any one of Claims 2-4. A user terminal device having an image display unit, a store terminal device installed in a store and capable of reading an image, a process of communicating with each of the provider servers for enabling transmission and reception of information among a plurality of user terminal devices, and a user A program for causing a computer to execute user identification information for identifying a user and a process for managing user-related information related to the user in association with the user identification information,
The program is stored in the computer.
When request message information corresponding to a request for an authentication image is received from the user terminal device via the provider server, generating an authentication image including user identification information of the user who is the output source of the request message information;
Storing the generated authentication image in a predetermined storage area;
Allowing access from the user terminal device to the authentication image stored in the predetermined storage area;
When the user identification information is identified based on the identification information read and output by the store terminal device from the image displayed on the image display unit when access is permitted, the user identification information is associated with the identification information. Allowing the update of user-related information to be managed,
Further, when storing the authentication image, a step for outputting access message information for permitting access to the authentication image to the user terminal device that is the request message information output source via the provider server; Let it run
The step of permitting access from the user terminal device to the authentication image includes the step of permitting access to the authentication image from the user terminal device in response to access from the user terminal device based on the access message information. Including the program.

Images