JP2019139740A - Ic card use system, ic card use method, server and control method thereof, and control program - Google Patents

Abstract

To provide an IC card use technique using one non-contact IC card that implements hierarchical security processing.SOLUTION: An IC card use system using one non-contact IC card having a transmission function of a beacon signal and a short-range wireless communication function includes: a first authentication unit that authenticates a non-contact IC card or a user carrying around the non-contact IC on the basis of receiving the beacon signal transmitted from the non-contact IC card; and a second authentication unit that authenticates a non-contact IC card or a user carrying around the non-contact IC by short-range wireless communication with the non-contact IC card.SELECTED DRAWING: Figure 3A

Description

  The present invention relates to a technique for using a non-contact type IC card.

  In the above technical field, Patent Document 1 discloses a technique for providing a wireless communication device in which a wireless LAN unit and an NFC unit that performs near field communication are formed in one chip. Patent Document 2 discloses a system using a smartphone that detects an approach by a beacon wave and is authenticated by NFC.

JP 2008-283568 A JP 2017-126140 A

  However, the technology described in the above document only discloses the configuration of an IC chip or a smartphone, and these technologies can be applied to an IC card using a single contactless IC card that realizes hierarchical security processing. Could not provide usage technology.

  The objective of this invention is providing the technique which solves the above-mentioned subject.

In order to achieve the above object, an IC card utilization system according to the present invention comprises:
An IC card utilization system that uses one contactless IC card having a beacon signal transmission function and a short-range wireless communication function,
First authentication means for performing authentication of the non-contact IC card or authentication of a user carrying the non-contact IC card based on reception of a beacon signal transmitted from the non-contact IC card;
Second authentication means for performing authentication of the non-contact type IC card or authentication of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
Is provided.

In order to achieve the above object, an IC card utilization method according to the present invention includes:
An IC card utilization method using a single contactless IC card having a beacon signal transmission function and a short-range wireless communication function,
Based on reception of a beacon signal transmitted from the non-contact type IC card using a beacon signal transmission function of the non-contact type IC card, authentication of the non-contact type IC card or the non-contact type IC card A first authentication step for authenticating a user carrying the card;
A second authentication step of performing authentication of the non-contact type IC card or authentication of a user carrying the non-contact type IC card using a short-range wireless communication function of the non-contact type IC card;
An execution step of executing the first authentication step and the second authentication step by the one non-contact type IC card sequentially or in parallel according to the movement of the user;
including.

In order to achieve the above object, the server according to the present invention provides:
Based on reception of a beacon signal transmitted from one non-contact type IC card having a beacon signal transmission function and a short-range wireless communication function, authentication of the non-contact type IC card or the non-contact type First authentication means for authenticating a user carrying an IC card;
Second authentication means for performing authentication of the non-contact type IC card or authentication of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
Is provided.

In order to achieve the above object, a server control method according to the present invention includes:
Based on reception of a beacon signal transmitted from one non-contact type IC card having a beacon signal transmission function and a short-range wireless communication function, authentication of the non-contact type IC card or the non-contact type A first authentication step for authenticating a user carrying an IC card;
A second authentication step of performing authentication of the non-contact type IC card or authentication of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
including.

In order to achieve the above object, a server control program according to the present invention provides:
Based on reception of a beacon signal transmitted from one non-contact type IC card having a beacon signal transmission function and a short-range wireless communication function, authentication of the non-contact type IC card or the non-contact type A first authentication step for authenticating a user carrying an IC card;
A second authentication step of performing authentication of the non-contact type IC card or authentication of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
Is executed on the computer.

  ADVANTAGE OF THE INVENTION According to this invention, the utilization technique of the IC card using one non-contact-type IC card which implement | achieves hierarchical security processing can be provided.

It is a block diagram which shows the structure of the non-contact-type IC card which concerns on 1st Embodiment of this invention. It is a figure which shows the outline | summary of the IC card utilization system which uses the non-contact-type IC card which concerns on 2nd Embodiment of this invention. It is a block diagram which shows the structure of the IC card utilization system which uses the non-contact-type IC card which concerns on 2nd Embodiment of this invention. It is a sequence diagram which shows the operation | movement procedure in the IC card utilization system which uses the non-contact-type IC card which concerns on 2nd Embodiment of this invention. It is a sequence diagram which shows the operation | movement procedure in the IC card utilization system which uses the non-contact-type IC card which concerns on 2nd Embodiment of this invention. It is a figure which shows the structure of the non-contact-type IC card which concerns on 2nd Embodiment of this invention. It is a figure which shows the specific structure of the non-contact-type IC card which concerns on 2nd Embodiment of this invention. It is a flowchart which shows the manufacturing method of the non-contact-type IC card which concerns on 2nd Embodiment of this invention. It is a block diagram which shows the function structure of the non-contact-type IC card which concerns on 2nd Embodiment of this invention. It is a block diagram which shows the other function structure of the non-contact-type IC card which concerns on 2nd Embodiment of this invention. It is a block diagram which shows the hardware constitutions of the non-contact-type IC card which concerns on 2nd Embodiment of this invention. It is a flowchart which shows the process sequence of the non-contact-type IC card which concerns on 2nd Embodiment of this invention. It is a flowchart which shows the procedure of the NFC communication process which concerns on 2nd Embodiment of this invention. It is a block diagram which shows the function structure of the cloud server which concerns on 2nd Embodiment of this invention. It is a flowchart which shows the process sequence of the cloud server which concerns on 2nd Embodiment of this invention. It is a block diagram which shows the function structure of the position management server which concerns on 2nd Embodiment of this invention. It is a block diagram which shows the structure of the communication information database which concerns on 2nd Embodiment of this invention. It is a block diagram which shows the structure of the user position database which concerns on 2nd Embodiment of this invention. It is a flowchart which shows the process sequence of the position management server which concerns on 2nd Embodiment of this invention. It is a block diagram which shows the function structure of the entrance / exit management server which concerns on 2nd Embodiment of this invention. It is a block diagram which shows the structure of the card information database which concerns on 2nd Embodiment of this invention. It is a flowchart which shows the process sequence of the entrance / exit management server which concerns on 2nd Embodiment of this invention. It is a block diagram which shows the function structure of the payment server which concerns on 2nd Embodiment of this invention. It is a block diagram which shows the structure of the payment information database which concerns on 2nd Embodiment of this invention. It is a flowchart which shows the process sequence of the payment server which concerns on 2nd Embodiment of this invention. It is a figure which shows the structure of the non-contact-type IC card which concerns on 3rd Embodiment of this invention. It is a figure which shows the non-contact-type charging system of the non-contact-type IC card which concerns on 3rd Embodiment of this invention. It is a block diagram which shows the function structure of the non-contact-type IC card which concerns on 3rd Embodiment of this invention. It is a flowchart which shows the process sequence of the non-contact-type IC card which concerns on 3rd Embodiment of this invention. It is a figure which shows the outline | summary of the IC card utilization system which uses the non-contact-type IC card which concerns on 4th Embodiment of this invention. It is a figure which shows the structure of the non-contact-type IC card which concerns on 4th Embodiment of this invention. It is a figure which shows the communication function which the non-contact-type IC card which concerns on 4th Embodiment of this invention has. It is a flowchart which shows the process sequence of the non-contact-type IC card which concerns on 4th Embodiment of this invention. It is a figure which shows the outline | summary of the IC card utilization system which uses the non-contact-type IC card which concerns on 5th Embodiment of this invention. It is a block diagram which shows the structure of the card information database which concerns on 5th Embodiment of this invention. It is a figure which shows the outline | summary of the IC card utilization system which uses the non-contact-type IC card which concerns on 6th Embodiment of this invention. It is a block diagram which shows the structure of the card information database which concerns on 6th Embodiment of this invention.

  Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the drawings. However, the constituent elements described in the following embodiments are merely examples, and are not intended to limit the technical scope of the present invention only to them.

[First Embodiment]
A non-contact type IC card 100 as a first embodiment of the present invention will be described with reference to FIG. The non-contact type IC card 100 is an IC card equipped with a plurality of different communication functions.

  As shown in FIG. 1, the non-contact type IC card 100 includes a card substrate 110, a short-range wireless communication device 121, a beacon transmitter 131, an antenna 132, and a battery 133. The card substrate 110 is a rectangle that has elasticity and can be bent. The short-range wireless communication device 121, the beacon transmitter 131, the antenna 132, and the battery 133 are arranged avoiding the middle portion 111 of the card substrate 110 in the long side direction. The short-range wireless communication device 121 performs short-range wireless communication. The beacon transmitter 131 transmits a beacon signal. The antenna 132 radiates a beacon signal from the beacon transmitter 131. The battery 133 supplies power to at least the beacon transmitter 131.

  According to this embodiment, since a plurality of different communication functions are installed, it is possible to provide a single non-contact type IC card that realizes hierarchical security processing.

[Second Embodiment]
Next, a non-contact IC card and a system for using the same according to a second embodiment of the present invention will be described. One non-contact type IC card according to this embodiment is used for transactions including acquisition of position information of a user carrying the non-contact type IC card, user authentication (card authentication), and settlement. The Note that one non-contact type IC card according to the present embodiment includes a non-volatile storage unit that stores a common key or a common identifier that is commonly used by the beacon transmitter and the short-range wireless communication device. The common key is used for encryption and decryption of data and identifiers. The common key and the common identifier are data unique to the non-contact type IC card and are stored in a non-rewritable manner during the manufacturing process of the non-contact type IC card. The common key and the common identifier are data unique to the issuer that issues the non-contact type IC card, and are stored in an unrewritable manner in the process of issuing the non-contact type IC card. The common key and the common identifier are data unique to the user carrying the non-contact type IC card, and are stored in a non-rewritable manner in the process of issuing the non-contact type IC card.

<IC card usage system>
With reference to FIG. 2A thru | or FIG. 3B, the IC card utilization system which uses the non-contact-type IC card based on this embodiment is demonstrated.

(Overview)
FIG. 2A is a diagram showing an outline of an IC card utilization system 200 that uses the non-contact type IC card 210 according to the present embodiment.

  The IC card utilization system 200 in FIG. 2A shows a state in which a user 211 carrying a single non-contact type IC card 210 uses various functions mounted on the non-contact type IC card 210 as he / she moves in the company. Has been.

  The user 211 receives the beacon signal transmitted from the non-contact type IC card 210 by the beacon receiver 240 at the entrance (guard office) of the company premises, and the beacon signal or the beacon signal is received by the entrance / exit management server 270. The associated card identifier (hereinafter referred to as card ID) and user identifier (hereinafter referred to as user ID) are authenticated, and the user 211 is allowed to enter the company site. Next, the user 211 touches the short-range wireless communication device 230 as an authentication device at the entrance of the company building with the non-contact type IC card 210, whereby the user 211 is authenticated by the user ID and the card ID. Access to the building is permitted. Thereafter, in the company, the beacon receiver 240 installed in the company receives the beacon signals transmitted from the non-contact type IC card 210 and collects them by the location management server 260, whereby the location of the user 211 or The movement route can be grasped. Although not shown in FIG. 2A, authentication at the time of entering / leaving a conference room in the company is performed by exchanging data between the non-contact type IC card 210 and the short-range wireless communication device 230 as an authentication device. .

  For example, in an employee cafeteria where company payments can be made in a company building, the payment can be made by touching a non-contact IC card 210 to a POS (Point of sale system) machine 250. The settlement of the price is processed by the settlement server 280.

  The cloud server 290 can collect data from the entrance / exit management server 270, the location management server 260, and the settlement server 280, perform statistical analysis, and make a proposal for more efficient environment maintenance.

  In FIG. 2A, one entry / exit management server 270, location management server 260, and settlement server 280 are shown, but the number is not limited. In FIG. 2A, the location information collection of the user 211 outside the company is not shown because it is complicated, but the beacon signal transmitted from the non-contact type IC card 210 is received by the beacon arranged in the city. It can also be received by a machine, and the user 211 can be tracked or watched. Furthermore, the preference of the user 211 can be determined by statistical analysis in the cloud server 290. On the other hand, by making the identifier included in the beacon signal unique to the company, the user 211 can be tracked or watched only within the company, but not outside the company.

(Constitution)
FIG. 2B is a block diagram showing a configuration of an IC card utilization system 200 that uses the non-contact type IC card 210 according to the present embodiment.

  The IC card utilization system 200 includes an entrance / exit controller 231 to 23m, a beacon receiver 241 to 24n, a POS machine 251 to 25p, a position management server 260, and an entrance / exit management server, each connected to a network 201. 270, a settlement server 280, and a cloud server 290.

  Each of the entrance / exit controllers 231 to 23m, the beacon receivers 241 to 24n, and the POS machines 251 to 25p performs various functions through communication with one non-contact type IC card 210. The position management server 260, the entrance / exit management server 270, and the settlement server 280 control the beacon receivers 241-24n, the entrance / exit controllers 231-23m, and the POS machines 251-25p, respectively, and information To collect. The cloud server 290 collects information from the location management server 260, the entrance / exit management server 270, and the settlement server 280, performs statistical analysis, and makes a proposal.

  The entrance / exit management server 270 and the entrance / exit controllers 231 to 23m may be connected by a sub-network 202 virtually set in the network 201. Further, the location management server 260 and the beacon receivers 241 to 24n may be connected by a sub-network 204 that is virtually set in the network 201. Further, the settlement server 280 and the POS machines 251 to 25p may be connected by a sub-network 205 virtually set in the network 201. 2B shows one entry / exit management server 270, location management server 260, and settlement server 280, but the number is not limited. You may put everything on a local cloud server.

(Operation sequence)
3A and 3B are sequence diagrams showing an operation procedure in the IC card utilization system 200 using the non-contact type IC card 210 according to the present embodiment. 3A and 3B, information transmission from the beacon receiver 240 and the short-range wireless communication device 230 to each server is omitted in order to avoid complication, and the beacon receiver 240 and the short-range wireless communication device 230 are omitted. Is described as if to process. 3A and 3B, the arrow indicates the movement of the user 211. 3A and 3B illustrate that each communication function is executed sequentially, a plurality of communication functions may be executed in parallel.

  FIG. 3A shows an operation procedure until the user 211 enters the site from the guardhouse and enters the target position (room) in the company using the single contactless IC card 210 according to the present embodiment. It is a sequence diagram.

  The user 211 stops at the guardhouse. In step S301, the beacon receiver 240 installed in the guardhouse receives a beacon signal from the non-contact type IC card 210 carried by the user 211. In step S303, the entrance / exit management server 270 authenticates the non-contact type IC card 210 (user 211) based on the received beacon signal. In step S 305, the non-contact type IC card 210 (user 211) is confirmed, the position (guard office) and time are confirmed, and the entry management record is performed on the position management server 260.

  The user 211 arrives at the company building entrance. In step S307, short-range communication between the short-range wireless communication device 230 installed at the entrance of the company building and the non-contact type IC card 210 carried by the user 211 is established. In step S309, the entrance / exit management server 270 authenticates the non-contact type IC card 210 (user 211), confirms the location (entrance of the company building) and the time, and records the entrance to the location management server 260. .

  The user 211 moves within the company building. In step S311, the beacon receiver 240 installed in the building receives a beacon signal from the non-contact IC card 210 carried by the user 211. In step S313, the non-contact type IC card 210 (user 211) is authenticated in the entrance / exit management server 270 based on the received beacon signal. In step S 315, the non-contact type IC card 210 (user 211) is confirmed, the position (inside the building) and the time are confirmed, and the movement route is recorded on the position management server 260.

  The user 211 arrives at the entrance of the target room. In step S317, near field communication between the near field communication device 230 installed at the entrance of the room and the non-contact type IC card 210 carried by the user 211 is established. In step S319, the non-contact IC card 210 (user 211) is authenticated in the entrance / exit management server 270, the position (room entrance) and time are confirmed, and the entrance management record is recorded in the location management server 260. .

  The above steps S317 and S319 were user authentication by the short-range wireless communication device 230, but user authentication with higher security is possible. That is, in step S321, the beacon receiver 240 installed near the entrance of the room was installed at the entrance of the room while receiving the beacon signal from the non-contact type IC card 210 carried by the user 211. Short-distance communication with the same non-contact type IC card 210 as the short-range wireless communication device 230 is established. In step S319, while receiving the beacon signal, the entrance / exit management server 270 authenticates the non-contact type IC card 210 (user 211), confirms the position (room entrance) and time, A room entry record is made to the management server 260.

  As described above, authentication of only beacon signals (low authentication level), authentication of short-range wireless communication only (medium authentication level), authentication of both beacon signals and short-range wireless communication (high authentication level), and multiple levels of authentication levels (Security level) can be set. For example, executive rooms, meeting rooms, safe rooms, warehouses and computer rooms with confidential information such as customer information are set to a high authentication level. In addition, finer security management is possible by combining card levels that rank mobile users. For example, it becomes possible to finely manage security such as a place where only engineers can enter and leave, or a locker room where only users can enter and leave. Furthermore, the movement path of the user 211 can be added to the authentication conditions. For example, when the user 211 takes a suspicious movement route, it is conceivable that entry / exit is not permitted.

  FIG. 3B is a sequence showing an operation procedure until the user 211 exits from the target position (room) in the company and exits from the guardhouse using the single contactless IC card 210 according to the present embodiment. FIG.

  The user 211 leaves the room. In step S325, near field communication between the near field communication device 230 installed at the entrance of the room and the non-contact type IC card 210 carried by the user 211 is established. In step S319, the non-contact type IC card 210 (user 211) is authenticated in the entrance / exit management server 270, the position (room entrance) and time are confirmed, and the exit management is recorded in the position management server 260. .

  Steps S311 to S315 are the movement paths of the user 211 based on the beacon signal from the non-contact type IC card 210 carried by the user 211 by the beacon receiver 240 installed in each place in the building shown in FIG. 3A. It is tracking. Therefore, steps S311 to S315 are not limited to the number of times shown in FIG. 3B. When the user 211 arrives at a position where the beacon signal reaches the beacon receiver 240, the user 211 receives all and records the position and time.

  Here, it is assumed that the user 211 has eaten in the company cafeteria. In step S331, the user 211 establishes short-range communication between the short-range wireless communication device 230 installed in the employee cafeteria and the non-contact IC card 210 carried by the user 211. In step S333, the payment server 280 authenticates the non-contact type IC card 210 (user 211), confirms the position (in-house cafeteria) and time, and records payment to the payment server 280.

  The user 211 leaves the office building entrance. In step S341, short-range communication between the short-range wireless communication device 230 installed at the entrance of the company building and the non-contact type IC card 210 carried by the user 211 is established. In step S343, the non-contact type IC card 210 (user 211) is authenticated in the entrance / exit management server 270, the position (company building entrance) and time are confirmed, and the exit record is recorded in the position management server 260. Is called.

  The user 211 stops at the guardhouse. In step S345, the beacon receiver 240 installed in the guardhouse receives a beacon signal from the non-contact type IC card 210 carried by the user 211. In step S347, the non-contact type IC card 210 (user 211) is authenticated in the entrance / exit management server 270 based on the received beacon signal. In step S349, the non-contact type IC card 210 (user 211) is confirmed, the position (guard office) and time are confirmed, and the leaving record is recorded on the position management server 260.

<Configuration of contactless IC card>
FIG. 4A is a diagram showing a configuration of the non-contact type IC card 210 according to the present embodiment. FIG. 4A shows a configuration when the beacon transmission function and the short-range wireless communication are realized by separate components.

  Except for the intermediate portion 411 in the long side direction of the rectangular non-contact type IC card 210, each component mounted on the non-contact type IC card 210 is arranged. In FIG. 4A, on the left side (one side), a short-range wireless communication device (hereinafter also referred to as an NFC device) 421, a beacon transmitter 431, an antenna 432 that radiates a beacon signal from the beacon transmitter 431, and this A common key / common identifier storage unit 451 (hereinafter referred to as a common key / common ID storage unit 451) that stores a common key or a common identifier used in the contactless IC card 210. A battery 441 that supplies electric power to the beacon transmitter 431 is provided on the right side (the other side) across the intermediate portion 411 in the long side direction. The common key or the common identifier is used for key generation for increasing security.

  Here, the reason for excluding the vicinity of the middle portion 411 in the long side direction is to prevent malfunction, failure, and destruction due to load applied to each component due to the elastic deformation of the non-contact type IC card 210. The arrangement of the non-contact type IC card 210 is not limited to the arrangement shown in FIG. 4A. For example, the beacon transmission function and the short-range wireless communication may be integrally realized as one IC chip. In the future, if each part is miniaturized, in particular, the battery is miniaturized, an arrangement different from that shown in FIG. 4A becomes possible.

(Specific configuration)
FIG. 4B is a diagram showing a specific configuration of the non-contact type IC card 210 according to the present embodiment. In FIG. 4B, the same components as those in FIG. 4A are denoted by the same reference numerals, and redundant description is omitted.

  The card substrate 410 of the non-contact type IC card 210 is preferably made of a polycarbon resin or ABS resin having a thickness of 2.2 mm, a long side of 85.6 mm, and a short side of 54.0 mm. As shown in FIG. 4A, the common key / common ID storage unit 451 is provided separately from the beacon transmitter 431 and the short-range wireless communication device 421, or provided in either of them, or provided in both. May be. In addition, the dimensions of FIG. 4B are not limited to this, but it is a particularly noteworthy feature that a thickness of 2.2 mm can be manufactured. In the non-contact type IC card 210 having the dimensions shown in FIG. 4B, the width of the intermediate portion 411 is desirably 2 mm or less, and is in the range of 1.5 mm ± 0.5 mm.

(Manufacturing method of non-contact type IC card)
FIG. 4C is a flowchart showing a method for manufacturing the non-contact type IC card 210 according to the present embodiment.

  In step S401, the front and back surfaces to be card substrates are manufactured. The card substrate of the present embodiment is made of a polocarbon resin or ABS resin having a thickness of 2.2 mm, a long side of 85.6 mm, and a short side of 54.0 mm. However, it is not limited to such dimensions and materials. It is desirable that the dimensions and weight be portable by the user and have elasticity to withstand card destruction.

  In step S403, as shown in FIG. 4A and FIG. 4B, for example, the constituent elements are arranged and fixed on the card substrate except for the intermediate portion 411 in the long side direction. In step S405, card formation is performed while maintaining the arrangement of the components.

  After the card formation, in step S407, the common key or common ID is written in the common key / common ID storage unit 451 in a nonvolatile manner. The common key / common ID storage unit 451 may be a nonvolatile memory or hardware such as a fuse. In the case of hardware such as a fuse, the common key / common ID storage unit 451 can be arranged in the middle portion 411 in the long side direction. Here, the common ID is at least one of a card ID of a non-contact type IC card, an issuer ID of an issuer issuing a non-contact type IC card, and a user ID of a user carrying the non-contact type IC card. including. The common key includes an encryption key such as various IDs and a decryption key. The common key or common ID may be written in the card issuing process.

  Finally, in step S409, the communication processing function as the non-contact type IC card 210 is tested. An endurance test or the like may be performed.

<Functional configuration of contactless IC card>
FIG. 5A is a block diagram showing a functional configuration of the non-contact type IC card 210 according to the present embodiment. FIG. 5A is a functional configuration diagram when the short-range communication function and the beacon transmission function are separated as shown in FIG. 4A.

  The non-contact type IC card 210 includes an NFC processing unit 521, a communication data receiving unit 522, a communication data transmitting unit 523, an authentication ID storage unit 524, a non-volatile common key / common as a short-range wireless communication device 421. An ID storage unit 525 and a new ID generation unit 526 are provided. The non-contact type IC card 210 includes a beacon transmitter 431, a beacon transmitter 531, a beacon signal generator 532, a beacon ID storage unit 533, a nonvolatile common key / common ID storage unit 534, a new An ID generation unit 535. The non-contact type IC card 210 includes a battery 441 that supplies power to the beacon transmitter 431.

  The NFC processing unit 521 performs non-contact communication with an NFC reader / NFC writer including an electromagnetic induction coil. The communication data receiving unit 522 receives communication data from the NFC reader / NFC writer via the NFC processing unit 521. The communication data transmission unit 523 transmits communication data to the NFC reader / NFC writer via the NFC processing unit 521. Please refer to the NFC portal site for NFC processing (https://www.nfc-world.com/about/03.html).

  The authentication ID storage unit 524 stores an authentication ID such as a card ID or a user ID for maintaining the security of communication data. The non-volatile common key / common ID storage unit 525 stores a common key or shared ID shared by a plurality of communication functions of the non-contact type IC card 210 in a non-volatile manner. The new ID generation unit 526 generates a new ID with further improved security based on the authentication ID stored in the authentication ID storage unit 524 and the common key or common ID stored in the common key / common ID storage unit 525.

  The beacon transmission unit 531 transmits the generated beacon signal including the antenna 432. The beacon signal generation unit 532 generates a beacon signal based on the beacon ID from the beacon ID storage unit 533 and the common ID from the common key / common ID storage unit 534. The beacon ID storage unit 533 stores a beacon ID for specifying a card or a user carrying the card. As for the beacon signal, for example, Bluetooth (registered trademark) Low Energy (BLE) is used, and the specification thereof is referred to (https://www.bluetooth.com/).

  The non-volatile common key / common ID storage unit 534 stores the same common key or shared ID as the common key / common ID storage unit 525 shared by a plurality of communication functions of the contactless IC card 210 in a non-volatile manner. The new ID generation unit 535 generates a new ID with further improved security based on the beacon ID stored in the beacon ID storage unit 533 and the common ID stored in the common key / common ID storage unit 534.

  FIG. 5B is a block diagram showing another functional configuration of the non-contact type IC card 210 according to the present embodiment. FIG. 5B is a functional configuration diagram in which a part of the short-range communication function and the beacon transmission function are shared, or a shared part is provided outside. In FIG. 5B, the common key / common ID storage unit 451 and the new ID generation unit 553 are shared by the short-range communication function and the beacon transmission function, but the present invention is not limited to this. In FIG. 5B, the same reference numerals are given to the same components as those in FIG. 5A, and duplicate descriptions are omitted.

  The nonvolatile common ID storage unit 451 stores a shared key or shared ID shared by a plurality of communication functions of the contactless IC card 210 in a nonvolatile manner. The new ID generation unit 553 uses the authentication ID stored in the authentication ID storage unit 524 and the common ID stored in the common key / common ID storage unit 451 for the short-range wireless communication function (NFC function). ID is generated. Further, the new ID generation unit 553 generates a new ID with further improved security based on the authentication ID of the beacon ID storage unit 533 and the common ID of the common key / common ID storage unit 451 for the beacon transmission function. .

(Hardware configuration)
FIG. 5C is a block diagram showing a hardware configuration of the non-contact type IC card 210 according to the present embodiment.

  The non-contact type IC card 210 includes an IC chip in which a short-range wireless communication device 421 and a beacon transmitter 431 are integrated, two crystal oscillators 561 and 562 that provide operation clocks of different frequencies to the IC chip, a battery 441, a beacon transmission unit 531 including an antenna, and a logic block 563 including a common key / common ID storage unit 451, for example.

《Non-contact IC card processing procedure》
FIG. 6 is a flowchart showing a processing procedure of the non-contact type IC card 210 according to the present embodiment. This flowchart shows a processing procedure when the non-contact type IC card 210 is used as one processing device.

  In step S611, the non-contact type IC card 210 determines whether or not NFC is started. If NFC is started, the non-contact type IC card 210 executes NFC processing in step S613.

  On the other hand, if NFC is not started, the non-contact type IC card 210 determines in step S621 whether or not it is a beacon transmission timing. If it is the timing of beacon transmission, the non-contact type IC card 210 determines whether or not there is a response from the beacon receiver 240 in step S623. If there is no response from the beacon receiver 240, the non-contact type IC card 210 determines in step S625 whether or not a timeout has occurred. If not time-out, the non-contact type IC card 210 waits for a response from the beacon receiver 240 in step S623. If it is time-out, the non-contact type IC card 210 ends the process.

  When there is a response from the beacon receiver 240 in step S623, the non-contact type IC card 210 transmits, for example, a user ID, a card ID, a common ID, etc. as a beacon ID to the beacon receiver 240 in step S627. To do. Alternatively, the user ID and the card ID may be transmitted after being encrypted using the common key or the common ID as a key.

  In the beacon transmission process of FIG. 6, the response from the beacon receiver 240 is determined, but the non-contact IC card 210 only transmits a beacon signal including a beacon ID periodically, and does not determine the response. It may be a process.

(NFC communication processing)
FIG. 7 is a flowchart showing a procedure of NFC communication processing (S613) according to the present embodiment. Note that the NFC communication processing can be performed by a plurality of applications separated into a plurality of hierarchies or a plurality of blocks when a plurality of services are provided. In FIG. Please refer to each specification for each application.

  In step S701, the non-contact type IC card 210 activates an application corresponding to the NFC communication target. In step S703, the non-contact type IC card 210 selects security information that is a target of the application. In step S705, the non-contact type IC card 210 provides the selected security information to the NFC reader / NFC writer. At this time, if the security information is encrypted with the common ID, security can be further enhanced.

  Step S707 is optional, and the non-contact type IC card 210 may execute further processing corresponding to the application. Again, the common ID may be used to increase security.

<Functional configuration of cloud server>
FIG. 8A is a block diagram illustrating a functional configuration of the cloud server 290 according to the present embodiment.

  The cloud server 290 includes a communication control unit 801, a user location information acquisition unit 802, an entrance / exit information acquisition unit 803, a payment information acquisition unit 804, a learning database 805, an analysis request reception unit 807, and an analysis processing unit 808. And an analysis result notifying unit 809.

  The communication control unit 801 controls communication with another server or directly via the network 201. The user position information acquisition unit 802 acquires position information associated with the user from the position management server 260. The entrance / exit information acquisition unit 803 acquires entrance / exit information associated with the user from the entrance / exit management server 270. The payment information acquisition unit 804 acquires the payment information associated with the user from the payment server 280. The learning database 805 accumulates the acquired information so that it can be searched and sorted, or subjected to classification processing.

  The analysis request receiving unit 807 receives an analysis request for accumulated data from each server or directly from the terminal. The analysis processing unit 808 reads accumulated data corresponding to the analysis request from the learning database 805 and performs statistical analysis. The analysis result notification unit 809 notifies the analysis request source of the analysis result by the analysis processing unit 808.

《Cloud server processing procedure》
FIG. 8B is a flowchart showing a processing procedure of the cloud server 290 according to the present embodiment. This flowchart is executed by the CPU that controls the cloud server 290 using a RAM or the like, and realizes the functional configuration unit of FIG. 8A.

  In step S811, the cloud server 290 determines whether it is acquisition of the user position. If the user position is to be acquired, the cloud server 290 stores the position information in the learning database 805 in association with the user ID (card ID, common key or common ID) in step S813.

  If it is not acquisition of a user position, the cloud server 290 will determine whether it is acquisition of entrance / exit information in step S821. If the entrance / exit information is to be acquired, the cloud server 290 stores the entrance / exit information in the learning database 805 in association with the user ID (card ID, common key or common ID) in step S823.

  If it is not acquisition of a user position but acquisition of entrance / exit information, the cloud server 290 determines whether it is acquisition of payment information in step S831. If the payment information is to be acquired, the cloud server 290 stores the payment information in the learning database 805 in association with the user ID (card ID, common key or common ID) in step S833.

  If it is not acquisition of user position, acquisition of entrance / exit information, and payment information, the cloud server 290 determines in step S841 whether it is an analysis request. If it is an analysis request, the cloud server 290 collects accumulated data necessary for analysis from the learning database 805 in step S843. In step S845, the cloud server 290 executes the requested analysis process. In step S847, the cloud server 290 notifies the analysis request source of the analysis result.

<< Functional configuration of location management server >>
FIG. 9A is a block diagram showing a functional configuration of the location management server 260 according to the present embodiment.

  The location management server 260 includes a communication control unit 901, a communication information reception unit 902, a communication information database 903, a user position (card position) generation unit 904, a user position database 905, a user movement path generation unit 906, A user movement route transmission unit 907.

  The communication control unit 901 controls communication with the beacon receivers 241 to 24n, the entrance / exit controllers 231 to 23m, and the cloud server 290 via the network 201. The communication information receiving unit 902 receives communication information including a communication device ID and a card ID from the beacon receivers 241 to 24n and the entrance / exit controllers 231 to 23m. In addition, even if it is the structure which receives the beacon signal as it is received by the beacon receivers 241 to 24n and extracts the beacon ID from the beacon signal, the reception by the communication information receiving unit 902 is extracted by the beacon receivers 241 to 24n. The structure which receives beacon ID may be sufficient. The communication information database 903 stores the installation position in association with the ID of the beacon receiver or the ID of the entrance / exit controller.

  The user position (card position) generation unit 904 is a beacon receiver ID that receives a beacon signal, a card ID included in the beacon signal, a user ID, or a short-range wireless communication device ID or card ID that establishes short-range wireless communication. The user position or the card position is generated from the user ID and the position information acquired from the communication information database 903. The user position database 905 stores the user position generated by the user position (card position) generation unit 904 in association with the user. Further, the card position is stored in association with the card.

  The user movement path generation unit 906 refers to the accumulated data in the user position database 905, grasps the current position of the user, and generates a user movement path. The user movement route transmission unit 907 transmits the current position of the user and the movement route of the user generated by the user movement route generation unit 906 to the cloud server 290 and other inquiry sources.

(Communication information database)
FIG. 9B is a block diagram showing a configuration of the communication information database 903 according to the present embodiment. The communication information database 903 is used to generate a card position and a user position based on beacon signal reception by a beacon receiver and short-range wireless communication by a short-range wireless communication apparatus.

  The communication information database 903 stores a device type 932 and a device installation position 933 in association with a communication device ID 931 that has received a beacon signal or short-range wireless communication.

(User location database)
FIG. 9C is a block diagram showing a configuration of the user position database 905 according to the present embodiment. The user position database 905 accumulates the position history generated by the user position (card position) generation unit 904 in association with the user ID (card ID), and uses it to generate a user movement route.

  The user location database 905 stores a history of a set of a time stamp 953 and a card authentication location 954 in association with the card ID 951 and the user ID 952.

<< Processing procedure of location management server >>
FIG. 9D is a flowchart illustrating a processing procedure of the location management server 260 according to the present embodiment. This flowchart is executed by the CPU that controls the location management server 260 using a RAM or the like, and implements the functional component shown in FIG. 9A.

  In step S901, the location management server 260 receives device information and card information from a beacon receiver or a short-range wireless communication device. In step S903, the position management server 260 acquires the user position and the card position where the non-contact type IC card 210 is carried from the communication information database 903 based on the device information. In step S905, the position management server 260 stores the user position and the card position in the user position database 905.

  In step S907, the location management server 260 refers to the user location database 905, grasps the current location of the user, and generates a user movement history. In step S909, the location management server 260 transmits the user current location and the user movement history to the cloud server 290 or the venue management server.

《Entry / exit management server》
FIG. 10A is a block diagram showing a functional configuration of the entrance / exit management server 270 according to the present embodiment.

  The entrance / exit management server 270 includes a communication control unit 1001, a card information receiving unit 1002, a card information database 1003, a user / card authentication unit 1004, and an entrance / exit opening / closing instruction unit 1006.

  The communication control unit 1001 controls communication with the beacon receivers 241 to 24n, the entrance / exit controllers 231 to 23m, and the cloud server 290 via the network 201. The card information receiving unit 1002 receives card information including a communication device ID, a card ID, and a user ID from the beacon receivers 241 to 24n and the entrance / exit controllers 231 to 23m. In addition, even if it is the structure which receives the beacon signal as it is received by the beacon receivers 241 to 24n and extracts the beacon ID from the beacon signals, the reception by the card information receiving unit 1002 is extracted by the beacon receivers 241 to 24n. The structure which receives beacon ID may be sufficient. The card information database 1003 stores the authentication conditions in association with the card ID, the user ID, the ID of the beacon receiver and the ID of the entrance / exit controller.

  The user / card authentication unit 1004 authenticates the user or the card with reference to the card information database 1003 based on the card information including the communication device ID, the card ID, and the user ID received by the card information receiving unit 1002. The entrance / exit opening / closing instruction unit 1006 instructs opening / closing of the entrance / exit based on the authentication result of the user / card authentication unit 1004. In the present embodiment, it is instructed to open the entrance / exit, and the gate is maintained if there is no instruction.

(Card information database)
FIG. 10B is a block diagram showing the configuration of the card information database 1003 according to this embodiment. The card information database 1003 is used to perform multi-step authentication of a user or a card based on card information including a communication device ID, a card ID, and a user ID received by the card information receiving unit 1002.

  The card information database 1003 includes a card information table 1010 for storing beacon signal information and NFC communication information unique to the card, an authentication level table 1020 for storing an authentication level at an entrance / exit, and an entrance corresponding to a user carrying the card. And a card level table 1030 for storing possible / impossible areas.

  The card information table 1010 stores a user ID 1012 of a user carrying the card, card information 1013 unique to the card, and a card level 1014 in association with the card ID 1011. Here, the card information 1013 includes beacon signal information and NFC information. The authentication level table 1020 stores an authentication level 1022 and a card level 1023 in association with the entrance / exit ID 1021. Here, the authentication level 1022 indicates a combination of beacon authentication and NFC authentication. In FIG. 10B, necessary authentication is indicated by “◯”, and unnecessary authentication is indicated by “X”. The card level table 1030 stores a target person 1032 who is a user carrying a card, an area 1033 where the target person 1032 can enter, and an area 1034 where the target person 1032 is impossible in association with the card level 1031.

  The authentication level is a low authentication level for only beacon authentication, a medium authentication level for only NFC authentication, and an AND of beacon authentication and NFC authentication for a high authentication level. Although not shown in FIG. 10B, multilayer and multi-stage security can be realized by combining the authentication level and the card level. Furthermore, a delicate security classification can be realized by considering the user movement route.

<< Processing procedure of entrance / exit management server >>
FIG. 10C is a flowchart showing a processing procedure of the entrance / exit management server 270 according to the present embodiment. This flowchart is executed by the CPU that controls the entrance / exit management server 270 using a RAM or the like, and realizes the functional component of FIG. 10A.

  In step S1001, the entrance / exit management server 270 receives device information, card information, and user information from a beacon receiver or a short-range wireless communication device. In step S1003, the entrance / exit management server 270 refers to the card information database 1003 based on the device information, the card information, and the user information, and performs multi-step authentication of the card and the user. In step S1005, the entrance / exit management server 270 determines whether multi-step authentication has been performed. When the card or user is authenticated, the entrance / exit management server 270 instructs the opening of the corresponding entrance / exit in step S1007. If the card or user is not authenticated, the process is terminated without instructing the opening of the corresponding entrance / exit.

<Functional configuration of payment server>
FIG. 11A is a block diagram showing a functional configuration of the settlement server 280 according to the present embodiment.

  The payment server 280 includes a communication control unit 1101, a user (card) authentication information acquisition unit 1102, a user authentication information database 1103, a user (card) authentication unit 1104, a payment processing unit 1108, a payment information database 1109, A settlement content acquisition unit 1107 is provided.

  The communication control unit 1101 controls communication with the POS machines 251 to 25p or the cloud server 290 via the network 201. The user authentication information acquisition unit 1102 acquires user authentication information or card authentication information held in the non-contact type IC card 210 or information with enhanced security by a common key or common ID from the POS machines 251 to 25p. The user authentication information database 1103 stores authentication information for user (card) authentication in association with the registered contactless IC card 210. A user (card) authentication unit 1104 authenticates a user or a card based on user authentication information or card authentication information held in the non-contact type IC card 210 and authentication information registered in the user authentication information database 1103.

  The payment processing unit 1108 updates the payment data in the payment information database 1109 based on the payment content from the payment content acquisition unit 1107. The payment information database 1109 stores payment data in association with registered users or cards. The payment content acquisition unit 1107 acquires the payment content of the user carrying the non-contact type IC card 210 from the POS machines 251 to 25p.

(Settlement information database)
FIG. 11B is a block diagram showing the configuration of the payment information database 1109 according to this embodiment. The payment information database 1109 accumulates payment results for each user (card).

  The payment information database 1109 stores a user ID 1192 and a payment history 1193 in association with the card ID 1191.

《Payment server processing procedure》
FIG. 11C is a flowchart showing a processing procedure of the settlement server 280 according to the present embodiment. This flowchart is executed by the CPU that controls the settlement server 280 using a RAM or the like, and implements the functional configuration unit of FIG. 11A.

  In step S1101, the settlement server 280 acquires user (card) authentication information held in the non-contact type IC card 210 from the POS machines 251 to 25p. In step S1103, the settlement server 280 determines whether authentication is permitted based on the authentication information registered in the user authentication information database 1103. If the authentication is not permitted, the settlement server 280 notifies the POS machines 251 to 25p that it is not permitted in step S1109.

  On the other hand, if the authentication is permitted, the payment server 280 acquires payment information in step S1105. In step S1107, the settlement server 280 performs a settlement process by updating the settlement information database 1109.

  According to the present embodiment, it is possible to realize position information acquisition processing, security processing, and settlement processing by simply carrying a single contactless IC card.

[Third Embodiment]
Next, a non-contact type IC card according to the third embodiment of the present invention will be described. The contactless IC card according to the present embodiment is different from the second embodiment in that it is rechargeable. Since other configurations and operations are the same as those of the second embodiment, the same configurations and operations are denoted by the same reference numerals, and detailed description thereof is omitted.

<Configuration of contactless IC card>
FIG. 12A is a diagram showing a configuration of a non-contact type IC card 1210 according to this embodiment. In FIG. 12A, the same components as those in FIG. 4A are denoted by the same reference numerals, and redundant description is omitted.

  The rechargeable battery 1241 of the non-contact type IC card 1210 is a non-contact rechargeable type and has a charging power receiving unit 1242 capable of non-contact charge.

  The right side of FIG. 12A shows a state during non-contact charging. In the card installation unit 1220, a charging power transmission unit 1221 is disposed at a position opposite to the charging power reception unit 1242. The charging power transmission unit 1221 is provided with the power converted by the charging conversion unit 1222.

(Non-contact charging method)
FIG. 12B is a diagram showing a non-contact charging method of the non-contact IC card according to the present embodiment.

  The contactless charging method 1201 that can be used in this embodiment includes an electromagnetic induction method and a magnetic induction method. Hereinafter, whether each contactless charging method 1201 is a radiation type or a non-radiation type 1202, a use frequency 1203, a transmission distance 1204, transmission power 1205, transmission efficiency 1206, and the like are shown.

  Note that the non-contact charging method illustrated in FIG. 12B is an example that can be used in the present embodiment, and is not limited thereto. For example, a radiation type can be used.

<Functional configuration of contactless IC card>
FIG. 13 is a block diagram showing a functional configuration of the non-contact type IC card 1210 according to the present embodiment. In FIG. 13, the same functional components as those in FIG. 5A are denoted by the same reference numerals, and redundant description is omitted.

  The rechargeable battery 1241 is a non-contact rechargeable type and includes a charging power receiving unit 1242. Although not shown in FIG. 13, a battery remaining amount detection unit may be provided in the non-contact type IC card 1210 to provide a function of warning when the value falls below a predetermined threshold. Alternatively, it may be detected by an external device when the non-contact type IC card 1210 is used.

《Non-contact IC card processing procedure》
FIG. 14 is a flowchart showing a processing procedure of the non-contact type IC card 1210 according to this embodiment. In FIG. 14, the same steps as those in FIG. 6 are denoted by the same step numbers, and redundant description is omitted.

  If the contactless IC card 1210 times out after sending out the beacon, it determines in step S1431 whether charging is necessary. If charging is necessary, the non-contact type IC card 1210 performs a charging process in step S1433.

  In FIG. 14, the charging is performed when the beacon is transmitted. However, the charging may be performed at any timing.

  According to this embodiment, in addition to the effects of the above embodiment, a non-contact IC card that can be used semipermanently can be provided.

[Fourth Embodiment]
Next, a non-contact type IC card according to a fourth embodiment of the present invention is described. The non-contact type IC card according to this embodiment is different from the second and third embodiments in that one non-contact type IC card has another communication function. Since other configurations and operations are the same as those of the second embodiment, the same configurations and operations are denoted by the same reference numerals, and detailed description thereof is omitted. In the following embodiments, three communication functions of NFC, RFID, and beacon are shown, but the present invention is not limited to this. In addition, as for the combination type and the combination type, an appropriate communication function suitable for the use of the non-contact type IC card may be selected.

<Outline of IC card usage system>
FIG. 15 is a diagram showing an outline of an IC card utilization system 1500 that uses the non-contact type IC card 1510 according to the present embodiment. In FIG. 15, the same components as those in FIG. 2A are denoted by the same reference numerals, and redundant description is omitted.

  In the IC card utilization system 1500, a case where three different communication functions are mounted on one non-contact type IC card 1510 is illustrated. Here, the three different communication functions include an RFID (radio frequency identifier) function for performing short-distance communication of identification information using an electromagnetic field or a radio wave in addition to the NFC function and the beacon function described above. Yes.

  It is assumed that the user 211 has moved from the left to the right in FIG. When the user approaches within 100 m, the beacon receiver 240 receives the beacon transmission from the non-contact type IC card 1510, and the user's position can be confirmed by the beacon information server 1570. Further, when the user enters a building or a room, the RFID receiver 1530 receives the RFID signal transmitted from the non-contact type IC card 1510 and the RFID information server 1580 can perform user authentication. Further, when approaching, user authentication is executed by the NFC information server 1590 by NFC with the non-contact type IC card 1510.

  In FIG. 15, three different communication functions are mounted on one non-contact type IC card 1510, but a plurality of communication functions may be selected according to the use of the non-contact type IC card.

<Configuration of contactless IC card>
FIG. 16A is a diagram showing a configuration of a non-contact type IC card 1510 according to this embodiment. In FIG. 16A, the same components as those in FIGS. 4A and 5A are denoted by the same reference numerals, and redundant description is omitted.

  An RFID communication device 1623 that does not require battery power supply is mounted on the right side of the non-contact type IC card 1510 except for the middle portion 411 in the long side direction. For RFID processing, refer to the GS1 EPC / RFID standard specification (http://www.dsri.jp/standard/epc/standard.html).

  The common key / common ID storage unit may have a common communication function.

(Communication function)
FIG. 16B is a diagram showing a communication function 1600 included in the non-contact type IC card 1510 according to this embodiment.

  Corresponding to each communication method 1601, a communication distance 1602 and battery necessity / unnecessity 1603 are shown. Note that the communication method 1601 that can be used in the non-contact type IC card 1510 is not limited to FIG. 16B.

《Non-contact IC card processing procedure》
FIG. 17 is a flowchart showing a processing procedure of the non-contact type IC card 1510 according to this embodiment. In FIG. 17, the same steps as those in FIG. 6 are denoted by the same step numbers, and redundant description is omitted.

  If the contactless IC card 1510 is not NFC and does not transmit a beacon, it determines in step S1741 whether it is RFID communication. If it is RFID communication, the non-contact type IC card 1510 performs RFID communication processing in step S1743.

  In FIG. 17, the timing of charging is not limited, and any timing may be used.

  According to the present embodiment, it is possible to realize from the position confirmation at a distance of 100 m to the authentication process of 3 cm by one non-contact type IC card.

[Fifth Embodiment]
Next, a non-contact type IC card according to a fifth embodiment of the present invention is described. The non-contact type IC card according to this embodiment is different from the second to fourth embodiments in that one non-contact type IC card is used in a school instead of a company. Since other configurations and operations are the same as those in the second to fourth embodiments, the same configurations and operations are denoted by the same reference numerals, and detailed description thereof is omitted.

<IC card usage system>
FIG. 18A is a diagram showing an outline of an IC card utilization system 1800 that uses the non-contact type IC card 210 according to the present embodiment. The IC card utilization system 1800 is a system when the contactless IC card 210 is applied to a school. Note that since the “employee cafeteria” in FIG. 2A is changed to “student cafeteria” and the system configuration is similar, duplicate description is omitted.

(Card information database)
FIG. 18B is a block diagram showing a configuration of a card information database according to the present embodiment. FIG. 18B shows a card level table 1830 specific to the “school system”. In addition, since the structure of the other table | surface of card information database is similar, the overlapping description is abbreviate | omitted.

  The card level table 1830 is associated with the card level 1831, the target person 1832 in the school who is the user carrying the card, the area 1833 in which the target person 1832 can enter in the school, and the target person 1832 in the school. The impossible area 1834 is stored.

  According to this embodiment, the non-contact type IC card 210 according to this embodiment can be usefully used in a school system. For example, it can be used for unlocking a locked locker. The position information is acquired by beacon communication, the qualification is inquired by NFC authentication, and the unlocking is enabled if the unlocking qualification is given to the card ID or the user ID. Then, the unlocking result may be recorded together with the front and rear position information and may be the target of search display. As a locked place in a school, for example, a place where a paper medium of student personal information, expensive tools, drugs, poisons, and the like are placed.

[Sixth Embodiment]
Next, a non-contact type IC card according to a sixth embodiment of the present invention is described. The non-contact type IC card according to this embodiment is different from the second to fifth embodiments in that one non-contact type IC card is used in a hospital instead of a company or a school. Since other configurations and operations are the same as those in the second to fifth embodiments, the same configurations and operations are denoted by the same reference numerals, and detailed description thereof is omitted.

<IC card usage system>
FIG. 19A is a diagram showing an outline of an IC card utilization system 1900 that uses the non-contact type IC card 210 according to the present embodiment. The IC card utilization system 1900 is a system when the contactless IC card 210 is applied to a hospital. Since the “employee cafeteria” in FIG. 2A has been changed to “in-hospital goods store”, the system configuration is similar, and redundant description will be omitted.

(Card information database)
FIG. 19B is a block diagram showing a configuration of a card information database according to the present embodiment. FIG. 19B shows a card level table 1930 specific to the “hospital system”. In addition, since the structure of the other table | surface of card information database is similar, the overlapping description is abbreviate | omitted.

  The card level table 1930 is associated with the card level 1931, the target person 1932 in the hospital who is the user carrying the card, the area 1933 in which the target person 1932 can enter in the hospital, and the target person 1932 in the hospital. The impossible area 1934 is stored.

  According to the present embodiment, the non-contact type IC card 210 according to the present embodiment can be usefully used in a hospital system. For example, it can be used for unlocking a locked locker. The position information is acquired by beacon communication, the qualification is inquired by NFC authentication, and the unlocking is enabled if the unlocking qualification is given to the card ID or the user ID. Then, the unlocking result may be recorded together with the front and rear position information and may be the target of search display. As a lock place in a hospital, for example, a place where a drug or a poison is contained is assumed.

[Other Embodiments]
In the present embodiment, it has been described that the contactless IC card of the present invention is suitably used in a company, school, or hospital, but the application destination is not limited. The present invention can be applied to other fields in which multi-layer / multi-stage security is realized by a single non-contact type IC card, and the same effect is achieved. For example, it can be applied to the management of firearms and bullets in the police, and the management of firearms and bullets in the Self-Defense Forces.

  Moreover, although this invention was demonstrated with reference to embodiment, this invention is not limited to the said embodiment. Various changes that can be understood by those skilled in the art can be made to the configuration and details of the present invention within the scope of the present invention. In addition, a system or an apparatus that combines various features included in each embodiment is also included in the scope of the present invention.

  In addition, the present invention may be applied to a system composed of a plurality of devices, or may be applied to a single device. Furthermore, the present invention can also be applied to a case where an information processing program that implements the functions of the embodiments is supplied directly or remotely to a system or apparatus. Therefore, in order to realize the functions of the present invention on a computer, a program installed in the computer, a medium storing the program, and a WWW (World Wide Web) server that downloads the program are also included in the scope of the present invention. . In particular, at least a non-transitory computer readable medium storing a program for causing a computer to execute the processing steps included in the above-described embodiments is included in the scope of the present invention.

In order to achieve the above object, an IC card utilization system according to the present invention comprises:
An IC card utilization system that uses one contactless IC card having a beacon signal transmission function and a short-range wireless communication function,
First authentication means for performing authentication of the non-contact IC card or authentication of a user carrying the non-contact IC card based on reception of a beacon signal transmitted from the non-contact IC card;
Second authentication means for performing authentication of the non-contact type IC card or authentication of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
First permission means for permitting entrance / exit by authentication by the first authentication means;
Second permission means for permitting entry / exit by authentication by the second authentication means;
Third permission means for permitting entry / exit by authentication by the first authentication means and the second authentication means;
Is provided.

In order to achieve the above object, an IC card utilization method according to the present invention includes:
An IC card utilization method using a single contactless IC card having a beacon signal transmission function and a short-range wireless communication function,
Based on reception of a beacon signal transmitted from the non-contact type IC card using a beacon signal transmission function of the non-contact type IC card, authentication of the non-contact type IC card or the non-contact type IC card A first authentication step for authenticating a user carrying the card;
A second authentication step of performing authentication of the non-contact type IC card or authentication of a user carrying the non-contact type IC card using a short-range wireless communication function of the non-contact type IC card;
An execution step of executing the first authentication step and the second authentication step by the one non-contact type IC card sequentially or in parallel according to the movement of the user;
A first permission step for permitting entry / exit by authentication in the first authentication step;
A second permission step for permitting entry / exit by authentication in the second authentication step;
A third permission step for permitting entry / exit by authentication in the first authentication step and authentication in the second authentication step;
including.

In order to achieve the above object, the server according to the present invention provides:
Based on reception of a beacon signal transmitted from one non-contact type IC card having a beacon signal transmission function and a short-range wireless communication function, authentication of the non-contact type IC card or the non-contact type First authentication means for authenticating a user carrying an IC card;
Second authentication means for performing authentication of the non-contact type IC card or authentication of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
First permission means for permitting entrance / exit by authentication by the first authentication means;
Second permission means for permitting entry / exit by authentication by the second authentication means;
Third permission means for permitting entry / exit by authentication by the first authentication means and the second authentication means;
Is provided.

In order to achieve the above object, a server control method according to the present invention includes:
Based on reception of a beacon signal transmitted from one non-contact type IC card having a beacon signal transmission function and a short-range wireless communication function, authentication of the non-contact type IC card or the non-contact type A first authentication step for authenticating a user carrying an IC card;
A second authentication step of performing authentication of the non-contact type IC card or authentication of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
A first permission step for permitting entry / exit by authentication in the first authentication step;
A second permission step for permitting entry / exit by authentication in the second authentication step;
A third permission step for permitting entry / exit by authentication in the first authentication step and authentication in the second authentication step;
including.

In order to achieve the above object, a server control program according to the present invention provides:
Based on reception of a beacon signal transmitted from one non-contact type IC card having a beacon signal transmission function and a short-range wireless communication function, authentication of the non-contact type IC card or the non-contact type A first authentication step for authenticating a user carrying an IC card;
A second authentication step of performing authentication of the non-contact type IC card or authentication of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
A first permission step for permitting entry / exit by authentication in the first authentication step;
A second permission step for permitting entry / exit by authentication in the second authentication step;
A third permission step for permitting entry / exit by authentication in the first authentication step and authentication in the second authentication step;
Is executed on the computer.

Claims (19)

An IC card utilization system that uses one contactless IC card having a beacon signal transmission function and a short-range wireless communication function,
First authentication means for performing authentication of the non-contact IC card or authentication of a user carrying the non-contact IC card based on reception of a beacon signal transmitted from the non-contact IC card;
Second authentication means for performing authentication of the non-contact type IC card or authentication of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
IC card using system. The non-contact type IC card has a non-volatile storage means for storing a common key or a common identifier used in common by the beacon signal transmission function and the short-range wireless communication function,
The first authentication unit and the second authentication unit perform authentication of the non-contact type IC card or authentication of a user carrying the non-contact type IC card using the common key or the common identifier. Item 4. The IC card utilization system according to Item 1. First permission means for permitting entrance / exit by authentication by the first authentication means;
Second permission means for permitting entry / exit by authentication by the second authentication means;
Third permission means for permitting entry / exit by authentication by the first authentication means and the second authentication means;
The IC card utilization system according to claim 1 or 2, further comprising:   Based on the card identifier of the non-contact type IC card or the user identifier of the user carrying the non-contact type IC card, entry / exit by the first permission unit, the second permission unit, and the third permission unit. 4. The IC card utilization system according to claim 3, further comprising control means for controlling permission. First acquisition means for acquiring position information of a user carrying the non-contact type IC card based on reception of a beacon signal transmitted from the non-contact type IC card;
Second acquisition means for acquiring position information of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
The IC card utilization system according to claim 4, further comprising:   6. The IC card utilization system according to claim 5, wherein the control means controls to perform authentication by the second authentication means in accordance with the user position information acquired by the first acquisition means. The apparatus further includes a movement path generation unit that generates the movement path of the user from at least one of the position information of the user acquired by the first acquisition unit and the position information of the user acquired by the first acquisition unit. ,
The IC card according to claim 5 or 6, wherein the control means further controls permission of entry / exit by the first permission means, the second permission means, and the third permission means based on the movement route of the user. Usage system.   The IC card utilization according to any one of claims 1 to 7, further comprising a settlement unit that performs settlement by short-range wireless communication with the non-contact type IC card when authenticated by the second authentication unit. system. An IC card utilization method using a single contactless IC card having a beacon signal transmission function and a short-range wireless communication function,
Based on reception of a beacon signal transmitted from the non-contact type IC card using a beacon signal transmission function of the non-contact type IC card, authentication of the non-contact type IC card or the non-contact type IC card A first authentication step for authenticating a user carrying the card;
A second authentication step of performing authentication of the non-contact type IC card or authentication of a user carrying the non-contact type IC card using a short-range wireless communication function of the non-contact type IC card;
An execution step of executing the first authentication step and the second authentication step by the one non-contact type IC card sequentially or in parallel according to the movement of the user;
IC card usage method including Based on reception of a beacon signal transmitted from one non-contact type IC card having a beacon signal transmission function and a short-range wireless communication function, authentication of the non-contact type IC card or the non-contact type First authentication means for authenticating a user carrying an IC card;
Second authentication means for performing authentication of the non-contact type IC card or authentication of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
A server comprising The non-contact type IC card has a non-volatile storage means for storing a common key or a common identifier used in common by the beacon signal transmission function and the short-range wireless communication function,
The first authentication unit and the second authentication unit perform authentication of the non-contact type IC card or authentication of a user carrying the non-contact type IC card using the common key or the common identifier. Item 11. The server according to item 10. First permission means for permitting entrance / exit by authentication by the first authentication means;
Second permission means for permitting entry / exit by authentication by the second authentication means;
Third permission means for permitting entry / exit by authentication by the first authentication means and the second authentication means;
The server according to claim 10 or 11, further comprising:   Based on the card identifier of the non-contact type IC card or the user identifier of the user carrying the non-contact type IC card, entry / exit by the first permission unit, the second permission unit, and the third permission unit. The server according to claim 12, further comprising control means for controlling permission. First acquisition means for acquiring position information of a user carrying the non-contact type IC card based on reception of a beacon signal transmitted from the non-contact type IC card;
Second acquisition means for acquiring position information of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
The server according to claim 13, further comprising:   The server according to claim 14, wherein the control unit controls to perform authentication by the second authentication unit in response to the position information of the user acquired by the first acquisition unit. The apparatus further includes a movement path generation unit that generates the movement path of the user from at least one of the position information of the user acquired by the first acquisition unit and the position information of the user acquired by the first acquisition unit. ,
The server according to claim 14 or 15, wherein the control means further controls entry / exit permission by the first permission means, the second permission means, and the third permission means based on a movement route of the user.   The server according to any one of claims 10 to 16, further comprising a settlement unit that performs settlement by short-range wireless communication with the contactless IC card when authenticated by the second authentication unit. Based on reception of a beacon signal transmitted from one non-contact type IC card having a beacon signal transmission function and a short-range wireless communication function, authentication of the non-contact type IC card or the non-contact type A first authentication step for authenticating a user carrying an IC card;
A second authentication step of performing authentication of the non-contact type IC card or authentication of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
Server control method including: Based on reception of a beacon signal transmitted from one non-contact type IC card having a beacon signal transmission function and a short-range wireless communication function, authentication of the non-contact type IC card or the non-contact type A first authentication step for authenticating a user carrying an IC card;
A second authentication step of performing authentication of the non-contact type IC card or authentication of the user carrying the non-contact type IC card by short-range wireless communication with the non-contact type IC card;
Server control program that causes a computer to execute.

Images