JP2019220206A - System, method and program to process right information - Google Patents

Abstract

To provide suppression on forgery of right information, proper circulation of the right information, and an effective authentication mechanism for the right information.SOLUTION: The present invention relates to a right information authentication system such that a portable terminal includes a first string output section; and an authentication device includes a coincidence detection section which outputs a coincidence result indicative of whether an effective string output by a second string output section coincides with an effective string output by the first string output section, an authentication result output section which outputs an authentication result showing that extracted right information is formal right information related to an owner when the coincidence result indicates a coincidence, and a notification section which gives notice of the authentication result, the second string output section outputting a plurality of strings as many as those that the first string output section outputs, and the same string that the second string output section outputs as the string of the first string output section being output substantially in the same timing and effective substantially for the same duration.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a system, method, and program for processing rights information.

  2. Description of the Related Art Conventionally, a system for processing tickets (event tickets, airline tickets, etc.) using a mobile terminal such as a mobile phone has been known.

  In a conventional ticket processing system, for example, ticket data is downloaded to a mobile terminal such as a smartphone by a ticket purchase process by a user.

  Then, the ticket displayed on the screen of the smartphone is presented to the attendant when passing through the entrance of the event or when passing through the gate for boarding procedures at the airport. This electronic ticket is read by a reader at the entrance. The computer checks the read information to confirm the validity of the ticket. The confirmation result of the ticket validity is displayed on a reading machine or sounds an electronic sound, so that the fact that the validity of the ticket has been confirmed is fed back to a staff member at the entrance. If the ticket is valid, the ticket owner can pass through the entrance (gate) according to the instruction of the attendant.

For example, in recent years, the market size of live music events has been expanding, and it has become important for both event operators and fans to improve the convenience of issuing, distributing, and authenticating tickets, which are qualifications for live events. I have. However, the following problems have occurred in ticket issuance, distribution, and authentication.

(1) Counterfeit Tickets As the value of tickets increases, the number of cases where counterfeit electronic tickets are used to illegally participate in events or sell to genuine tickets and counterfeit fans is increasing. In particular, it is sometimes difficult to determine whether a ticket is a counterfeit ticket due to the recent increase in the performance of the screen shot function of the screen of a copier, a scanner, a camera, a mobile terminal, and the like and the spread to general households. .

(2) Cost of Counterfeiting Countermeasures As described above, so-called electronic tickets, in which tickets are issued by an electromagnetic method as described above, instead of paper sheets, have appeared as countermeasures against counterfeiting and resale. Specifically, there is a simple type that displays authentication information such as a QR code (registered trademark) on an electronic terminal, or a type that uses an electronic terminal or a card in which an IC chip or the like is incorporated. However, the former can be copied by an easy method such as copying an image as it is / photographing / taking a screen shot. In the latter case, it is necessary to incorporate a mechanism for realizing the security function on both the ticket side and the authentication device side, and the cost of treating these devices is incurred.

  (3) Tickets for popular live events are bought by resale people or traders, and the original fans cannot participate or are forced to purchase from resellers at unreasonably high prices.

  In addition, for event managers, the inability of the original fans to participate in the event means that the opportunity to sell venue goods, which is an important source of income for live events, will be lost, and the original fans will lose customer satisfaction. There is a benefit.

(4) Loss of opportunity of user when resale is prohibited As an example of a measure against the above-mentioned problem (1), an event operator may prohibit resale of tickets. In other words, the ticket acquired by resale of the ticket is invalidated at all, and the fan who acquired the ticket by resale refuses to participate in the event.

  However, even a fan who really wants to participate in the event may be forced to give up due to another schedule after purchasing the ticket. In such a case, taking a measure that the ticket cannot be transferred to a third party at all may cause a hesitation to purchase the ticket because the purchase price of the ticket is wasted.

  In addition, even if the event manager buys tickets at an unreasonably high price, it refuses to join the enthusiastic fans who wished to participate in the event, which is disadvantageous.

  As described above, in ticket issuance / distribution, there is a demand for a security technique that balances deterrence against counterfeiting with cost and enables an operator to control ticket distribution as necessary.

Conventionally, for example, a mobile terminal downloads an electronic ticket from a ticket management server, and the mobile terminal unilaterally receives a signal from a signal transmission device that transmits a predetermined signal to the mobile terminal that has downloaded the electronic ticket. Update the usage status of the electronic ticket from “unused” to “used” as a condition. Then, an updated icon indicating the update is displayed on the display unit. There is a technique in which an electronic ticket owner shows an updated icon to a venue attendant, and the attendant confirms the icon, thereby permitting entry (see Patent Document 1).

  Also, a first step of loading the ticket data downloaded from the server to the portable terminal device, the program being downloaded to the portable terminal device, and displaying an image corresponding to the ticket data on a screen when a predetermined input operation is detected. And a predetermined input operation is detected on the condition that a predetermined operation or a predetermined voice input is detected on the screen on which the image is displayed in the second step. A third step of updating status data indicating a history of use of the ticket data on condition that an input instruction is detected, and performing a ticket authentication process even in an environment where communication with a server cannot be performed by using a program. There is a program technology that can perform the program (see Patent Document 2).

JP-A-2006-71544 JP 2014-96137 A

  It is an object of the disclosed technology to suppress forgery of rights information, provide an appropriate distribution of rights information, and provide an effective authentication mechanism for rights information.

The disclosed technology is a rights information authentication system that includes a mobile terminal and an authentication device that authenticates right information associated with the mobile terminal, wherein the mobile terminal sequentially outputs a plurality of strings. A string output unit, wherein each of the plurality of strings is valid for a given duration from an output time, a first string output unit, the right information, and an owner of the right information. A first storage unit for storing associated owner identification information in association with each other, at least the owner identification information stored in the first storage unit, and the validity output from the first string output unit. An authentication information generating unit that generates authentication information by encryption processing using a unique string; and an authentication information output unit that outputs the authentication information. The authentication device includes a plurality of strings. A second string output unit that sequentially outputs a plurality of strings, wherein each of the plurality of strings is valid for a given duration from the output time, the second string output unit, the right information, A second storage unit that stores owner identification information in association with the authentication information obtaining unit that obtains the authentication information from the authentication information output unit; and a second storage unit that obtains the authentication information. A string receiving unit that receives a valid string output from a string output unit, and a decryption process corresponding to the encryption process, whereby at least the owner identification information and the second A second decryption unit that decrypts the valid string output from the first string output unit, and uses the decrypted owner identification information to store the corresponding right information in the second storage. A right information extraction unit, and a match indicating whether or not a valid string output from the second string output unit matches a valid string output from the first string output unit. A match detection unit that outputs a result, and an authentication result output that outputs an authentication result indicating that the extracted right information is valid right information related to the owner when the match result indicates a match. Department and
A notification unit for notifying the authentication result, wherein the second string output unit sequentially outputs the same plurality of strings as the first string output unit, and is output by the second string output unit. The same string as the string of the first string output unit is output at substantially the same timing, and is valid for substantially the same duration.

  According to the disclosed technology, it is possible to suppress forgery of right information, provide an appropriate distribution of right information, and provide an effective authentication mechanism for right information.

FIG. 2 is a diagram illustrating a configuration of the first embodiment. It is a figure showing composition of a 2nd embodiment. It is a figure showing composition of a 3rd embodiment. It is a figure showing composition of a 4th embodiment. FIG. 2 is a diagram showing an operation sequence of the first embodiment shown in FIG. 1 by taking the processing of an electronic ticket of an event A as an example. FIG. 13 is a diagram showing an operation sequence of the second embodiment shown in FIG. 2 by taking the processing of the electronic ticket of event A as an example. FIG. 13 is a diagram showing an operation sequence of the second embodiment shown in FIG. 2 by taking an example of processing of an electronic ticket of event B using position information. It is a figure showing an embodiment concerning purchase of a ticket. It is a figure showing an embodiment about resale of a ticket in an auction etc. FIG. 14 is a diagram showing a flow for ensuring the consistency between the encryption processing and the decryption processing. It is a figure which shows the aspect of the specific specification of a portable terminal, a reception terminal, and a server apparatus. It is a figure showing an example of a display of a barcode containing authentication information. FIG. 4 is a diagram illustrating an example of information stored in a first storage unit and a second storage unit. FIG. 2 is a diagram illustrating a hardware configuration of a mobile terminal, a reception terminal, and a server device. FIG. 11 is a diagram illustrating another embodiment for changing the owner of a ticket.

  In this specification and the like, the term “ticket” is used in the description of the embodiments. Note that the ticket is not limited to an entrance ticket to an event venue or the like. It should be noted that "ticket" is used as an example of a right. In this specification, an “electronic ticket (or electronic ticket)” is simply referred to as a “ticket”. The ticket includes, for example, a legitimate owner who has the right to receive the provision of the purchased product or service, the right to own the product, the right to possess the property, etc., in order to receive the provision of the product or service paid in advance. General rights information indicating that This right information includes tickets, electronic data, images, colors, signals extracted from devices such as IC chips, or electronic signals transmitted via media such as wires, radio waves, light, and magnets. It is needless to say that information that is distributed by using is included.

<Configuration of First Embodiment>
FIG. 1 is a diagram illustrating the configuration of the first embodiment. The first embodiment has a portable terminal 100 and an authentication device 180, and the authentication device 180 further includes a reception terminal 120 and a server device 130. In the first embodiment, the authentication device 180 is configured to include the reception terminal 120 and the server device 130. However, the functions of the reception terminal 120 and the server device 130 are separated for convenience. However, the present invention is not limited to this configuration. Therefore, for example, in the authentication device 180, the reception terminal 120 may include all the functions of the server device 130. In this case, the server device 130 may be omitted. It should be noted that the flexibility regarding the arrangement of various functions as described above applies to all the other embodiments.

  The mobile terminal 100 includes a first storage unit 102, a first string output unit 104, a clock generation unit 106, an authentication information generation unit 108, and an authentication information output unit 110.

  The mobile terminal 100 may be a mobile phone, a music playback device, a tablet terminal, or the like.

  The reception terminal 120 has an authentication information acquisition unit 122 and a notification unit 124.

  The server device 130 includes a second string output unit 132, a clock generation unit 134, a string reception unit 136, a decryption unit 138, a match detection unit 140, a second storage unit 142, a right information extraction unit 146, and an authentication result output unit 148. Having.

  For example, a ticket for an event such as a concert includes the right information to be able to sit on a predetermined seat in the concert venue. In the present embodiment, the authentication device 180 can check the validity of such a concert ticket. The check result is notified by the reception terminal. If the validity of the ticket can be confirmed, the person holding the mobile terminal 100 can enter the concert hall and can sit on a predetermined seat and enjoy the concert.

<Operation of First Embodiment>
In FIG. 1, the authentication device 180 authenticates the right information existing in the mobile terminal 100 and, for example, notifies the authentication result to determine whether the right information existing in the mobile terminal 100 is valid right information. Can be.

  In the mobile terminal 100, the first string output unit 104 provides the authentication information generation unit 108 with the first string, for example, by acquiring a time signal from the clock generation unit 106. The first string may be, for example, information obtained by truncating information less than minutes from the information on time (year, month, day, hour, minute, second). In this case, the first string is a string that increments every minute, and each of the plurality of strings that are sequentially generated is a string that is valid for one minute.

  When the current time is 18:23:03 on October 11, 2020, for example, “2020101118203” may be output as a currently valid string. Alternatively, a different string may be generated every minute from “2020101118203” using a predetermined algorithm. In this case, the effective time of each string is one minute. A different algorithm may be used to generate a different string every 30 seconds. In this case, the valid time of the string is 30 seconds.

  In the first storage unit 102, for example, information (owner identification information) for specifying a person holding the mobile terminal 100 and information of tickets purchased by the person are stored in association with each other. I have. Alternatively, the passenger of the airplane and the information of the air ticket may be stored in association with each other. It is desirable that the information for specifying the person holding the mobile terminal 100 is information that can uniquely specify the person. By using such information, it can be used as information for identifying the owner of the ticket (owner identification information). For example, the information may be a personal number such as a telephone number of the mobile terminal 100 or a personal number associated with the person. By using information that can uniquely identify that person or information that has such a function, it is possible to discover with high accuracy that a very large number of tickets for the same event are to be purchased. That is, when the number of pieces of ticket information of the same event is to be stored in the first storage unit 102 in association with the same owner identification information by a predetermined threshold or more, the purchase of tickets by a specific person is You can discover in advance what is going to happen. The processing related to the purchase of tickets will be described later.

The authentication information generation unit 108 determines at least the owner identification information (for example, the telephone number of the mobile terminal 100) obtained from the first storage unit 102 and the currently valid information provided from the first string output unit 104. The authentication information is generated using the string. It is desirable that the authentication information generation unit generates the authentication information using, for example, an encryption algorithm. The authentication information is transmitted to the reception terminal as described later. The reason for encrypting the authentication information is that it is desirable to prevent the owner identification information and the like from being easily leaked from the authentication information.

  The generated authentication information is provided to the authentication information output unit 110. The authentication information output unit 110 may display the authentication information on the display screen of the mobile terminal in the form of image information such as a barcode or a QR code (registered trademark). Alternatively, the authentication information may be transmitted to the reception terminal 120 using wireless communication such as Bluetooth (registered trademark), NFC (Near Field Communication), WIFI (wireless LAN), or infrared communication.

  The reception terminal 120 and the server device included in the authentication device 180 are connected, for example, by a network such as the Internet or a wireless or wired LAN.

  The reception terminal 120 may be, for example, a mobile phone, a tablet, or the like.

  The authentication information acquisition unit 122 may be a camera installed on the back of a mobile phone or tablet. The authentication information may be obtained by reading a barcode displayed on the screen of the mobile terminal 100 using this camera. The notification unit 124 may be, for example, a display screen and / or a speaker of a mobile phone or a tablet. The notifying unit 124 has a function of notifying the operator of the reception terminal of the authentication result from the authentication result output unit 148 of the server device 130. The way of notification is not limited to these.

  In the server device 130, the decryption unit 138 receives the authentication information acquired by the authentication information acquisition unit 122. When a plurality of encryption algorithms are used, information specifying the used encryption algorithm may be received together. Alternatively, when the encryption algorithm used in the mobile terminal 100 has been upgraded, the version number may be received. In this case, when transmitting the authentication information, the mobile terminal 100 can also transmit information specifying the encryption algorithm to the receiving terminal. In this case, the decryption unit 138 decrypts the authentication information using an appropriate decryption algorithm corresponding to the used encryption algorithm. The information included in the decrypted authentication information is used in the server device 130. The information to be decrypted includes at least the owner identification information and a valid first string.

  The string receiving unit 136 acquires the timing at which the decryption unit receives the authentication information, and receives a valid second string from the second string output unit 132 based on the timing. The second string output unit outputs a valid second string for a fixed time based on the time information from the clock generation unit 134. The received valid second string is sent to the match detection unit 140.

  Preferably, the first string output unit 104 and the second string output unit 132 are designed to output the same string having the same validity period based on the current time. Note that the clock generation unit 106 used by the first string output unit 104 and the clock generation unit 134 used by the second string output unit 132 are different clocks. May have occurred. For example, if one minute is set as the validity period, during the one minute period, the same valid string will be obtained from both parties at substantially the same validity time. Further, in the mobile terminal 100, since the time required from the generation of the authentication information to the decryption of the authentication information by the decryption unit 138 is very short, the effective first decryption by the decryption unit is performed. The string and the second string received are very likely to match. The match detection unit 140 in the server device checks whether the first string and the second string match, and outputs a match signal when they match.

  In consideration of a difference in effective time, processing time, transmission time, and the like due to use of different clock generation units, for example, the authentication information is generated at a timing immediately before the end of the effective time of the first string. In some cases, a match may not be detected. Considering this case as well, the match detection unit 140 compares the first string valid before the decoded valid first string with the valid second string, and May be detected, a match signal may be output. Alternatively, the decrypted valid first string is compared with a second string that was valid one time before the received second string, and a match signal is detected if a match is detected. May be output.

  If the match detection unit 140 does not detect a match, it is highly possible that, for example, the barcode generated based on the output result of the authentication information generated in the past is copied and used, and the authentication information is It can be determined that there is a high possibility that the information is not information but copied information.

  The output of the match detection unit 140 is provided to the authentication result output unit 148.

  The second storage unit 142 stores ticket information, which is right information belonging to the owner, corresponding to the owner identification information.

  The right information extraction unit 146 extracts the right information corresponding to the owner identification information from the second storage unit 142 using the owner identification information decrypted by the decryption unit 138. For example, information of a ticket including information such as a seat number of a concert S held on a specific date and time, which is associated with the owner identification information, is extracted.

  The authentication result output unit 148 outputs an authentication result of the extracted ticket based on the result of the match detection unit 140. That is, when a match is not detected by the match detection unit 140, for example, a case where a barcode obtained by copying a screen of the mobile terminal 100 is displayed on the mobile terminal is assumed. In this case, there is a high possibility that the ticket extracted from the second storage unit 142 is not for the owner of the portable terminal 100. Therefore, in this case, it is determined that the person holding the mobile terminal 100 is not the owner of the ticket, and a signal denying the authentication is output from the authentication result output unit 148 to the notification unit 124. .

  On the other hand, when the match is detected by the match detection unit 140, the authentication information displayed on the screen of the mobile terminal 100 is likely to be valid authentication information. In this case, there is a high possibility that the extracted ticket belongs to the holder of the mobile terminal 100. Therefore, in this case, the person holding the mobile terminal 100 is determined to be the owner of the ticket, and a signal that affirms the authentication is output from the authentication result output unit 148 to the notification unit 124. .

  The notification unit 124 notifies the operator of the authentication result based on a positive signal or a negative signal from the authentication result output unit 148. As a method of notification, in the case of affirmative, a screen of “OK”, “Passable”, or a blue color is displayed on the display unit of the reception terminal 120 to indicate that the authentication is successful. By transmitting a predetermined sound from the speaker, it is possible to inform the operator that the authentication is successful. If the authentication result is negative, the display unit of the reception terminal 120 displays an “entry NO”, “impossible to pass”, or a red screen to indicate that the authentication is unsuccessful. Then, a predetermined beep sound or the like is emitted from the speaker, so that the operator can be notified that the authentication has failed. Alternatively, a gate (not shown) may be automatically opened and closed based on a signal from the authentication result output unit 148.

  When the authentication result output unit 148 outputs a positive authentication, the authentication result output unit 148 stores the right in the right information stored in the second storage unit 142 corresponding to the extracted right information. It is desirable to set a flag to indicate that it has been used. It can be understood that the right information with this flag set is already used (if the right has been exercised, that is, if the ticket is a used ticket).

  The authentication result output unit 148 can determine that the right information for which this flag is set is already used, and does not output a positive authentication result to the notification unit 124. By doing so, it is possible to prevent the admission ticket from being used illegally multiple times.

  It is preferable that the authentication result output unit 148 outputs an appropriate authentication result based on the right information extracted by the right information extraction unit 146. For example, when the extracted right information is a ticket for entering a concert, an instruction is given to the notifying unit to display "OK". For example, when the extracted right information is the right information indicating that the purchase price of the product such as “stuffed toy” has been paid in advance, the notification unit is displayed to display “providing one stuffed animal”. You can give instructions.

  Since the association between the ticket and the ticket owner is centrally managed by the server device 130, the ticket is forged even if the screen information of the ticket is illegally copied by taking a quick snapshot of the ticket. It is not possible. Also, even if a portable terminal having a different telephone number is used, the ticket cannot be used, so that unauthorized use of the ticket can be prevented.

<Configuration and Operation of Second Embodiment>
FIG. 2 is a diagram illustrating the configuration of the second embodiment. Components similar to those in FIG. 1 are denoted by the same reference numerals as in FIG. In the second embodiment, an example is shown in which the information of the electronic ticket is transmitted from the portable terminal 100 to the authentication device 180 while being included in the authentication information.

  The main difference from the first embodiment shown in FIG. 1 is that the portable terminal 100 includes a right information instruction unit 216, and the reception terminal 120 includes a right information type instruction unit 226. It is a point.

  For example, assume the following situation. At the event Z venue, regarding the goods C and the goods D already paid on the net, at the event Z venue, two tickets, a ticket for receiving the product C and a ticket for receiving the product D, are stored in the portable terminal 100 of the owner K. Is stored in the first storage unit 102 in association with the owner identification information of the owner K.

  It is assumed that the owner P wants to receive the product D immediately before returning because he / she has received the product D at the event site first because the product C is a small item and the product D is large. In this case, first, in response to the ticket for receiving the product C being selected by the owner K in the mobile terminal 100, the authentication information generation unit 108 reads the owner K from the first storage unit 102. The information of the reception ticket of the product C corresponding to the item (1) is extracted.

  Then, the authentication information generation unit 108 can generate the authentication information by encrypting the owner identification information, the ticket information of the product C, and the valid first string. In this way, the information on the ticket for receiving the product C can be transmitted to the authentication device 180 by adding the information on the ticket for receiving the product C to the authentication information.

  The right information type instructing unit 226 of the reception terminal 120 can specify, for example, what kind of event is being held at the place where the reception terminal 120 exists. For example, in response to the operator selecting event Z in the right information type instructing unit 226, the right information type instructing unit 226 sends the event information Z to the right information extracting unit 146 from the second storage unit. And the right information associated with the owner identification information obtained from the decryption unit is extracted from the second storage unit. The extracted right information is also sent to the match detection unit 140.

  The coincidence detection unit 140 determines the information of the received ticket of the decrypted product C and the first string, and the right information related to the owner identification information extracted from the second storage unit acquired from the right information extraction unit 146. Are compared. If there is a matching right, the matching detection unit 140 outputs to the authentication result output unit that the information matches the information of the matching right.

  The authentication result output unit 148 is configured to output the product C to the owner P at the event Z based on the matching information obtained from the matching detecting unit 140 and the right information obtained from the right extracting unit. (Based on the information), and instructs the notifying unit 124 to notify that the merchandise C is to be provided, and the notifying unit 124 notifies that effect. Then, the authentication result output unit 148 sets a flag indicating that the product C related to delivery of the product C related to the owner identification information has been delivered to the second storage unit 142, so that the plurality of products C are delivered. To prevent that.

  If the right to provide the product C to the owner P is not stored in the second storage unit 142, the match detection unit 140 stores the information on the received ticket of the decrypted product C and the right Since the right information related to the owner identification information extracted from the second storage unit acquired from the information extraction unit 146 does not match, the authentication result output unit 148 indicates that the product C is not provided. The notification unit 124 is instructed to perform the notification, and the notification unit 124 notifies the effect.

  As described above, in the portable terminal 100, when the owner has a plurality of rights, the right information instruction unit 216 can receive an instruction to select a right from the owner.

  In addition, by providing the reception terminal 120 with the right information type instructing unit 226, the operator is instructed (selected) to instruct what type of service can be provided in the vicinity of the reception terminal 120. be able to. For example, in a case where the reception terminal 120 is installed at a place where a concert ticket is to be checked in a concert entrance area, an operator instructs information such as a concert name, date and time, and location as concert identification information. It is desirable that the right information type instruction unit 226 receives the information. By receiving such an instruction, appropriate right information can be extracted from the second storage unit 142.

  In the second embodiment, the authentication information is generated using the information of the ticket, so that unauthorized use of the ticket can be more securely prevented.

<Configuration and Operation of Third Embodiment>
FIG. 3 is a diagram illustrating a configuration of the third embodiment.

  In the third embodiment, the first storage unit 102 and the second storage unit 142 store the right information and the place (area) where the right is used in association with the owner identification information such as a mobile phone number, respectively. It shall be stored.

  The mobile terminal 100 includes a position detection unit 318 and a communication control unit 319.

  The reception terminal 120 includes a position detection unit 328.

  The server device 130 includes a communication control unit 349.

  The position detection unit 318 of the mobile terminal 100 detects the position information of the mobile terminal, and provides the detected position information to the authentication information generation unit 108. The authentication information generation unit 108 extracts the right information related to the position from the first storage unit 102 based on the position information, and uses the extracted information to generate authentication information.

  For example, assume that the owner presents a ticket for Concert Y at a place where the user enters Concert Y. The position detection unit 318 gives the position information of the mobile terminal 100 to the authentication information generation unit 108. If the concert is also held on a different day, position information and right information related to the current time are acquired from the first storage unit using the current date and time from the clock generation unit 106 of the concert, and the acquired information is acquired. The authentication information is generated using the right information. By doing so, tickets for a concert held at an appropriate place and date can be extracted and included in the authentication information. The authentication information is passed to the decryption unit of the server device 130 via the authentication information acquisition unit 122 of the reception terminal 120. The decryption unit 138 passes the right information (concert ticket information) to the coincidence detection unit 140.

  The position detection unit 328 of the reception terminal 120 detects the position of the reception terminal 120 and passes the detected position information to the right information extraction unit 146. The right information extraction unit 146 similarly extracts right information from the second storage unit 142 using the current time and the owner identification information as needed. The extracted right information is passed to the match detection unit 140.

  The match detection unit 140 checks the right information in addition to the string check described in the first embodiment, and checks whether all match. The check result of the match detection unit 140 is provided to the authentication result output unit 148.

  As in the second embodiment, the authentication result output unit 148 checks the right information and, when determining that the right information is valid, instructs the notification unit 124 to perform a positive notification. . For example, if the strings match and the rights information also matches, the notification unit performs a positive notification in accordance with the contents of the rights information.

  Specifically, if the owner of the mobile terminal 100 has a concert ticket to be held on a predetermined day near the positions of the mobile terminal 100 and the reception terminal 120, entry to the concert venue is prohibited. The notification unit 124 notifies the user of the permission.

  3, the first string output unit 104 acquires the second string from the second string output unit 132 via the communication control unit 319 and the communication control unit 349, and acquires the acquired second string. May be used as the first string. This makes it easy to synchronize the generation timings of both strings.

  The communication control unit 319 and the communication control unit 319 are connected via an appropriate network such as the Internet. If the network connection is unstable or interrupted, the first string output unit 104 of the mobile terminal 100 may use the clock generation unit 106 as needed. The process in which the first string output unit 104 acquires a string from the second string output unit 132 may be employed in the other embodiments described above.

<Configuration and Operation of Fourth Embodiment>
FIG. 4 is a diagram illustrating the configuration of the fourth embodiment. Specifically, it is a diagram illustrating a configuration of an embodiment in a case where a ticket is purchased or a ticket is bought or sold at an auction or the like. FIG. 4 shows a configuration related to ticket purchase and ticket transfer.

  The mobile terminal 420 has a first storage unit 102, an SMS communication control unit 424, and a ticket purchase / exhibition control unit 422.

  Further, the sales / auction server device 400 includes a second storage unit 142, an SMS communication control unit 402, a ticket trading control unit 404, and a ticket number check unit 408.

  In order to buy and sell tickets, it is desirable that a person who purchases a ticket has acquired an ID and a password as a member of a ticket trading site operated under the sales / auction server device 400.

  The SMS communication control unit 424 of the portable terminal 420 performs SMS (Short Message Service) communication with the SMS communication control unit 424 of the sales / auction server device 400. The SMS communication is a service for transferring a message by a text document or the like using a mobile phone number, for example. In the SMS communication, since a mobile phone number is used, the identity of a person who can use the mobile phone number is relatively accurately grasped due to the nature of the mobile phone number. In the fourth embodiment, the SMS is used, but as another communication mode, an SNS (Social Networking Service) can be cited. In the SNS, the identity of the user is confirmed more slowly than in the SMS. In order to prevent tickets from being occupied, it is desirable to use communication that cannot easily transfer an account to another person. For this purpose, the identification of the identity such as the above-mentioned SMS is relatively reliable. Communication means capable of confirming the identity can be selected according to the required level, such as prevention of ticket purchase and forgery prevention. By performing the SMS communication first, the mobile phone number of the mobile terminal can be specified. By associating the specified mobile phone number with the ticket information, the owner of the mobile phone number can detect an act such as buying up a ticket beforehand.

  In addition to a mobile phone number, personal identification information uniquely assigned to an individual, such as a my number, a driver's license number, and an insurance card number, can also be used. If there is no means for electronically reading such personal identification information, the operator must check the information visually when he / she becomes a member of the ticket sales and purchase. It can be used in terminals and the like.

<Purchase of tickets>
When purchasing a ticket, the user logs in to a website managed by the sales / auction server device 400. Thereafter, the ticket purchase / exhibition control unit 422 and the ticket sales control unit 404 communicate with each other, whereby the ticket to be purchased is specified based on the instruction of the mobile phone holder operating the mobile phone. Is

  When the ticket is specified, the SMS communication control unit 424 and the SMS communication control unit 402 perform the SMS communication, so that the sales / auction server device 400 acquires the mobile phone number of the operated mobile terminal.

  The ticket trading control unit 404 accesses the second storage unit 142 using the telephone number obtained by the SMS communication, and checks the type and the number of purchased tickets associated with the same telephone number, An instruction is given to the ticket number check unit 408 together with information on the ticket to be purchased.

  The ticket number check unit 408 checks the type and quantity of purchased tickets associated with the same telephone number based on the instruction, and determines the type of ticket to be purchased and the same type (such as tickets for the same concert). It is checked whether the number of tickets has reached a predetermined threshold. The number-of-tickets checking unit 408 transmits whether the number of tickets of the same type has reached a predetermined threshold to the ticket trading control unit.

  If the number of tickets has reached the threshold value, the ticket trading control unit 404 returns to the ticket purchase / exhibition control unit 422 that no more tickets of the same type can be sold. Then, the purchase procedure ends.

  If the number of tickets has not reached the threshold value, the ticket trading control unit 404 returns to the ticket purchase / exhibition control unit 422 that the ticket desired to be purchased cannot be sold. Then, when the settlement procedure is normally completed, the ticket trading control unit 404 gives the ticket purchase / exhibition control unit 422 permission to download the ticket with the ticket information.

  When the download permission is obtained, the ticket purchase / exhibition control unit 422 downloads the ticket from the sales / auction server device 400 and stores the ticket information in the first storage unit in association with the mobile phone number. . In general, one telephone number is assigned to the mobile terminal. In this case, the telephone number is stored in the storage unit, and the ticket is stored in the first storage unit without being associated with the telephone number. Information may be stored.

  When the download is normally performed, the ticket trading control unit 404 stores information on the sold ticket in the second storage unit 142 in association with the telephone number.

  In the fourth embodiment, information such as a telephone number and a sold ticket are associated with each other and stored in the second storage unit 142 of the sales / auction server device 400, so that the purchase of the ticket can be preempted. Can be prevented.

<Buying and selling tickets at auctions, etc.>
In a ticket auction or the like, the ownership of the ticket does not transfer before the auction is completed, but the ownership of the ticket transfers when the auction is completed.

  The transfer of ownership when an auction is established is performed, for example, as follows.

  The sales / auction server device 400 centrally manages the ownership of the ticket in association with the mobile phone number. Therefore, the transfer of the ownership of the ticket is performed by, in the second storage unit 142 of the sales / auction server device 400, by changing the ticket associated with the telephone number of the owner of the transfer source of the ticket to the ownership of the transfer destination of the ticket. The ownership of the ticket can be transferred by associating with the telephone number of the person. At the same time, the ticket purchase / exhibition control unit 422 is instructed to delete the ticket information in the first storage unit 102 of the transfer source mobile terminal 420, and the ticket transfer destination mobile terminal 420 is deleted. It is possible to send the ticket information to the first storage unit 102 and instruct the ticket purchase / exhibition control unit 422 to store the ticket information in the first storage unit 102 in association with the telephone number of the purchaser. desirable.

  It should be noted that since the tickets are centrally managed in the sales / auction server device 400, even if the information of the invalid tickets is transmitted and received between the portable terminals, the transfer of the ticket right is not established. Therefore, the information of the ticket held by the mobile terminal 420 is information for confirming the ticket information even when the mobile terminal is off-line or the like. This is the sales / auction server device 400. Therefore, when the mobile terminal 420 is online, it is desirable that the mobile terminal 420 can access the sales / auction server device 400 as necessary to check the tickets (rights) owned by the mobile terminal 420.

<Operation Sequence of First Embodiment>
FIG. 5 is a diagram showing an operation sequence of the first embodiment shown in FIG. 1 by taking the processing of the electronic ticket of event A as an example. Although FIG. 5 illustrates the authentication of a ticket for entering the event A as an example, it is needless to say that the ticket can be applied to authentication of general rights.

  In S502, the mobile terminal 100 generates “authentication information” obtained by encrypting the “telephone number” of the mobile terminal and “year, month, day, hour, minute” which is a valid first string.

  In step S <b> 504, by displaying the “barcode” on the display of the mobile terminal 100, the barcode image reaches the reception terminal 120. The reception terminal 120 reads the barcode with the camera unit and acquires “authentication information”.

  In S506, the reception terminal 120 transmits “authentication information” to the server device 130.

  In S508, the server device 130 decodes the "telephone number" and the "year / month / day / hour / minute" from the "authentication information".

  In S510, server device 130 accesses second storage unit 142 and extracts an “electronic ticket” corresponding to the “phone number”.

  In S512, the server device 130 checks whether or not the decrypted “year / month / day / minute / minute” matches the “year / month / day / minute / minute” generated by the server device 130.

  In S514, when the result in S512 indicates a match (YES), the reception terminal 120 causes the notification unit (display) of the reception terminal 120 to display “entrance permitted” so as to display “entrance” permission. .

  In S516, the reception terminal 120 returns notification completion to the server device 130.

  In S518, the server device 130 sets the used flag of the “electronic ticket” stored in the second storage unit 142.

  In S520, when the result in S512 indicates a mismatch (NO), the reception terminal 120 displays “Entry not permitted” on the notification unit (display) of the reception terminal 120 so as to display “Entry not permitted”. Display.

  The above is the outline of the operation sequence of the first embodiment shown in FIG. 1 in the case where the processing of the electronic ticket of “entry permission” is taken as an example. It should be noted that the operation sequence indicates the main operation sequence of the first embodiment for the sake of understanding.

  If the electronic ticket cannot be extracted in S510, "entry is not permitted" is displayed.

<Operation Sequence of Second Embodiment>
FIG. 6 is a diagram showing an operation sequence of the second embodiment shown in FIG. 2 by taking the processing of the electronic ticket of event A as an example. In FIG. 6, a ticket authentication for entering the event A is illustrated as an example, but it is needless to say that the ticket can be applied to general right authentication.

  In S601, the right information type instructing unit 226 of the reception terminal 120 receives a setting instruction of “information of event A” which is a type of right information from the operator. That is, since the reception terminal 120 performs a check at the entrance of the event A, the reception terminal 120 transmits to the server apparatus 130 that a ticket of “information of event A” is to be handled as the type of right information in step S606. Become.

  In step S <b> 602, the mobile terminal 100 encrypts the “telephone number” of the mobile terminal, “year, month, day, hour, minute”, which is a valid first string, and “electronic ticket” information to generate “authentication information”. .

  In step S <b> 604, by displaying the “barcode” on the display of the mobile terminal 100, the barcode image reaches the reception terminal 120. The reception terminal 120 reads the barcode with the camera unit and acquires “authentication information”.

  In S606, the reception terminal 120 transmits “authentication information” and “information of event A” to the server device 130.

  In S608, the server device 130 decodes the "telephone number", "year, month, day, hour, minute" and "electronic ticket" from the "authentication information".

  In S610, server device 130 extracts “electronic ticket” from the second storage unit based on “telephone number” and “information of event A”.

  In S612, the server device 130 extracts the decrypted “electronic ticket” from the second storage unit in which the decrypted “year, month, date, and time” matches the “year, month, date, and time” of the server device. Check if it matches the “electronic ticket”.

  In S614, if the result in S610 indicates a match (YES), the authentication result output unit 148 displays “Event A” on the notification unit (display) of the reception terminal 120 so as to display “Event A admission permission”. Is displayed.

  In S616, the reception terminal 120 returns notification completion to the server device 130.

  In S618, the server device 130 sets the used flag of the “electronic ticket” stored in the second storage unit 142.

  In S620, when the result in S612 indicates a mismatch (NO), the server device 130 displays “Entry not permitted” on the notification unit (display) of the reception terminal 120 so as to display “Event A entry not permitted”. Is displayed.

  The above is the outline of the operation sequence of the second embodiment shown in FIG. 2 in the case of processing the electronic ticket of event A as an example. It should be noted that the operation sequence shows an outline of the operation sequence of the second embodiment to facilitate understanding.

<Operation Sequence of Third Embodiment>
FIG. 7 is a diagram showing an operation sequence of the second embodiment shown in FIG. 2 by taking as an example the processing of the electronic ticket of event B using the position information. In FIG. 6, the ticket authentication for entering the event B is illustrated as an example, but it is needless to say that the ticket can be applied to the authentication of general rights.

  In S700, the mobile terminal 100 extracts information of “electronic ticket” from the first storage unit 102 based on “mobile terminal position information” of the position detection unit 318. Note that, for example, by storing position information when an electronic ticket is used as an electronic ticket, an electronic ticket to be used at that position can be extracted from “portable terminal position information”.

  In step S701, the reception terminal 120 acquires “position information of the reception terminal” from the position detection unit 328 of the reception terminal 120. That is, since the reception terminal 120 checks the entrance at the position where the event B is held, the reception terminal 120 transmits “position information of the reception terminal” to the server device 130 in step S706 later.

  In step S702, the mobile terminal 100 encrypts the “telephone number” of the mobile terminal, “year, month, day, hour, minute”, which is a valid first string, and “electronic ticket” information to generate “authentication information”. .

  In step S <b> 704, by displaying the “barcode” on the display of the mobile terminal 100, the barcode image reaches the reception terminal 120. The reception terminal 120 reads the barcode with the camera unit and acquires “authentication information”.

  In S706, server device 130 transmits “authentication information” and “position information of the reception terminal” to server device 130.

  In S708, the server device 130 decodes the information of “telephone number”, “year, month, day, hour, minute” and “electronic ticket” from “authentication information”.

  In step S710, the “electronic ticket” is extracted from the second storage unit based on the “phone number” and the “position information of the reception terminal”.

  In step S712, the server device 130 extracts the decrypted “electronic ticket” from the second storage unit, in which the decrypted “year / month / day / minute / minute” matches the “year / month / day / hour / minute” of the server device. Check if it matches the “electronic ticket”.

  In S714, if the result in S712 indicates a match (YES), the server device 130 displays the message “Event B entry” on the notification unit (display) of the reception terminal 120 so as to display “Event B entry permission”. Is displayed.

  In S716, the reception terminal 120 returns notification completion to the server device 130.

  In S718, the server device 130 sets the used flag of the “electronic ticket” stored in the second storage unit 142.

  In S720, if the result in S712 indicates a mismatch (NO), the server device 130 displays “Event B entry” on the notification unit (display) of the reception terminal 120 so as to display “Event B entry disapproval”. "No entry allowed" is displayed.

The above is the outline of the operation sequence of the second embodiment shown in FIG. 2 in the case of processing the electronic ticket of event B as an example. Note that the operation sequence is second
It should be noted that the outline of the operation sequence of the embodiment is shown. In addition, regarding the position information, a predetermined allowable range is determined, and in determining the coincidence of the position information, it is possible to determine that the positions match even if there is an error in the position information within the predetermined allowable range. desirable.

  Note that the mobile terminal 100 may use the second embodiment, and the authentication device 180 may use the third embodiment. Further, the mobile terminal 100 may use the third embodiment, and the authentication device 180 may use the second embodiment.

  Each of the embodiments herein is not exclusive. Therefore, it is needless to say that a part of the embodiment can be combined with a part of another embodiment flexibly without contradiction.

<Embodiment related to ticket purchase>
FIG. 8 is a diagram showing an embodiment relating to the purchase of a ticket.

  In step S802, it is checked whether the user has an account. If the user has an account ("Yes"), the process proceeds to step S806. If the user does not have an account ("No"), the process proceeds to step S804.

  In step S804, account registration is performed. That is, settings such as a user ID and a password are performed.

  In step S806, the mobile terminal succeeds in the SMS authentication using the telephone number. If the SMS authentication is not successful (not shown), the subsequent processing (ticket sales) is not performed. Note that a telephone number used by a ticket occupying company or the like may be stored in a blacklist. In order to prevent tickets from being occupied, a blacklist is checked, and if SMS authentication is performed using a telephone number registered in the blacklist, control is performed so that subsequent processing (ticket sales) is not performed. May be. User authentication other than SMS may be used.

  In step S808, an electronic ticket purchase procedure is performed. The user purchases a ticket by designating a ticket for a desired concert. A plurality of tickets may be purchased. In this case, as described below, it is desirable to perform a process for preventing the purchase of tickets.

  In step S810, it is checked whether the number of purchased tickets of the same event associated with the same telephone number exceeds a threshold. If the check result is "yes", the processing is terminated because there is a high possibility that the ticket is occupied. If the check result is "No", the process proceeds to step S812.

  In step S812, electronic ticket purchase processing is performed using the mobile terminal. Processing such as credit card settlement is performed. If the settlement is not completed (not shown), the subsequent processing (ticket sales) is not performed.

  In step S814, the portable terminal downloads the electronic ticket. The download may be started at an appropriate time based on a user's instruction, or may be started automatically. When the ticket is downloaded, the ticket information can be confirmed from the portable terminal.

  In step S816, the telephone number and the ticket information are stored in association with the account of the server device. By performing this process, the ownership of the ticket belongs to the user corresponding to the telephone number.

  It should be noted that the ticket downloaded to the user's portable terminal 100 is not treated as electronic information to be sold and sold, and may be provided with a position for selecting a ticket to be used by a user or the like or for confirming ticket information. desirable.

  If it is necessary to change the association between the ticket and the mobile number, such as when the user loses the mobile terminal or changes the mobile phone number, for example, after the user logs in, This may be dealt with by performing a simple SMS authentication and having the ticket re-acquired. With this procedure, the new mobile number is associated with the ticket.

  It is also possible to resell tickets using the above-described ticket re-acquisition procedure, so that accounts or mobile numbers for which ticket re-acquisition procedures are frequently performed must have a predetermined threshold or more. The reacquisition procedure of the ticket may be prohibited.

  In addition, by cooperating with an account of an artist's fan club or the like, the fan club members may be given an incentive to permit advance sales of tickets.

  Further, for a user belonging to a fan club, a setting may be made such that a threshold value related to the occupancy of tickets is changed.

<Embodiment relating to resale of tickets at auctions and the like>
FIG. 9 is a diagram showing an embodiment relating to resale of tickets at an auction or the like.

  In step S902, login is performed. If the login is successful, the process moves to step S904.

  In step S904, the mobile terminal makes the SMS authentication successful using the telephone number. If the SMS authentication is successful, the process moves to step S906. If the SMS authentication is not successful (not shown), the subsequent processing is not performed.

  In step S906, an electronic ticket in the mobile terminal is selected, and an instruction to click an exhibition button on an auction site is received. The instruction may be an operation such as a tap other than the click. Since the SMS authentication is successful, the electronic ticket stored in the server device and associated with the mobile phone number may be displayed on the mobile terminal to prompt the user to select the electronic ticket.

  In step S908, the electronic ticket information registered in the account of the server device and the telephone number associated with the electronic ticket information are extracted.

  In step S910, it is determined whether electronic ticket information to be put up for auction exists in the account. Note that in step S906, when the electronic ticket stored in the server device and associated with the mobile phone number is displayed on the mobile terminal and the user is prompted to select an electronic ticket, this check is not performed. Is also good. If the check result is "yes", the process moves to step S912. If the check result is “No”, the process ends.

In step S912, it is checked whether or not the telephone number corresponding to the electronic ticket information to be exhibited in the auction matches the SMS-authenticated telephone number. Note that in step S906, when the electronic ticket stored in the server device and associated with the mobile phone number is displayed on the mobile terminal and the user is prompted to select an electronic ticket, this check is not performed. Is also good. If the check result is "yes", the process moves to step S914. If the check result is “No”, the process ends.

  In step S914, electronic ticket information to be put up for auction is deleted from the account of the server device. As a result of this processing, the user cannot use the ticket that has been sold in the auction. It is preferable that the association between the account information, the telephone number, and the ticket be stored in the server device so that the ticket information can be restored when the auction is not successful.

  In step S916, the electronic ticket information to be put on the auction is put on the auction site. According to the auction procedure, a predetermined period is set for the exhibited tickets, and the winning bidder is determined. When the successful bidder is determined, a process for assigning the right of the ticket to the successful bidder is performed. This process may use the same process as the ticket purchase process shown in FIG.

  FIG. 10 is a diagram showing a flow for ensuring the consistency between the encryption process and the decryption process.

  For example, when the encryption algorithm is changed due to the leakage of the encryption algorithm, or when the version of the encryption algorithm is upgraded, the encryption algorithm and the decryption are changed by changing the decryption algorithm of the server device. It is necessary to ensure consistency.

  In step S1002, the server device receives the encryption method of the authentication information generation unit.

In step S1004, the server device decrypts the authentication information using a decryption method corresponding to the encryption method of the authentication information generation unit.

  By performing the above processing, the server device properly decrypts the authentication information. The encryption algorithm may be changed at random. In this case, appropriate decryption can be performed by transmitting the identification information of the used encryption algorithm to the server device.

  FIG. 11 is a diagram showing a specific mode of use of the mobile terminal, the reception terminal, and the server device.

  The mobile terminal 100 stores an S concert ticket. The content of the S concert ticket is displayed on the portable terminal 100 (1102). Then, the authentication information is displayed on the screen of the mobile terminal 100 by the QR code 1104 (registered trademark).

  The reception terminal 120 is communicably connected to the server device 130 via a network 1108 such as the Internet.

  The reception terminal 120 captures an image of the mobile terminal 100 using the rear camera, and the captured image is displayed on the screen of the mobile terminal 100 (1100). The reception terminal 120 reads the QR code (registered trademark) of the captured mobile terminal 100 and transmits it to the server device 130.

The server device 130 decrypts the authentication information sent from the mobile terminal via the QR code (registered trademark) using the decryption algorithm according to the various embodiments described above. The server device 130 inspects the decrypted authentication information and returns an authentication result to the reception terminal 120. When the ticket is authenticated by the authentication information, the ticket is displayed on the display screen of the reception terminal 120, for example, as "OK" (1106). Based on this display, the operator of the reception terminal permits the owner of the mobile terminal 100 to enter the concert hall.

  FIG. 12 is a diagram illustrating an example of displaying a barcode including authentication information.

  The horizontal axis indicates the time axis. The origin is set to time 0, and a scale is provided every minute. A QR code (registered trademark) is shown as an example of the barcode. The QR code 1202 (registered trademark) is displayed for only one minute from time 0. After one minute, a different QR code 1204 (registered trademark) is displayed for one minute from one minute to two minutes later. Thereafter, similarly, different QR codes 1206, 1208, and 1210 (registered trademark) are sequentially displayed for one minute.

  As described above, since the display of the effective QR code (registered trademark) changes every minute, the ticket cannot be forged by copying and using the screen of the mobile terminal 100 as a screen shot. This is because the copied QR code (registered trademark) is valid for only one minute, and thereafter becomes an invalid QR code (registered trademark).

  Thus, by sequentially changing the valid QR code (registered trademark), it is possible to effectively prevent forgery of the ticket by copying the screen of the mobile terminal 100.

  FIG. 13 is a diagram illustrating an example of information stored in the first storage unit 102 and the second storage unit 142.

  FIG. 13A illustrates an example of information stored in the first storage unit 102. The first storage unit 102 stores a telephone number 1302, a ticket 1 (1304), and a ticket 2 (1306). The telephone number is a telephone number of the mobile terminal 100. Usually, one telephone number is assigned to the mobile terminal, and therefore only one telephone number is stored in FIG. In the case of the mobile terminal 100 that can use a plurality of telephone numbers, the telephone number used in the SMS authentication at the time of purchase of the ticket is stored in association with the ticket in association with each of the ticket 1 and the ticket 2. Good. Other information is stored in the first storage unit 102.

  FIG. 13B illustrates an example of information stored in the second storage unit 142.

  A telephone number 1314 and an electronic ticket 1316 are stored in association with the user ID (1312). There is also an area (not shown) for storing the relationship between the ID and the password in order to accept the login process.

  The information stored in the first storage unit 102 and the second storage unit 142 described above is an example, and it goes without saying that various types of information can be stored in association with each other.

  FIG. 15 is a diagram illustrating another embodiment for changing the owner of a ticket.

For example, if a single mobile terminal stores a ticket that allows a plurality of people to enter the same event, some of the tickets (for example, an entrance ticket for one person) are moved to another mobile terminal. In this case, there is a need that one of them wants to enter the same event using the other portable terminal. Alternatively, for example, when a person who purchased one ticket is ill and cannot participate in the event, the ticket is urgently moved to another person's mobile terminal, and the other person's terminal is used. There is a need that the other person wants to enter the event. In such a case, there is a case where the user wants to move the ticket from one portable terminal to the other portable terminal by a simple method without performing the money transfer.

  The embodiment shown in FIG. 15 shows an example for addressing such needs.

  In step S1502, one of the mobile terminals receives an instruction to select a ticket by the operator.

  In step S1504, one of the portable terminals receives the instruction of the telephone number of the other party to whom the designated ticket is to be sent.

  In step S1506, one mobile terminal sends the telephone number of one mobile terminal, the telephone number of the other party, and ticket information to the server device.

  In step S1508, it is determined whether the number of changes of the owner of the selected ticket exceeds a threshold. In this determination, if the number of times the owner of the selected ticket has been changed exceeds a predetermined threshold, for example, it can be determined that there is a high possibility that the ticket has been resold. Therefore, in such a case, the change of the owner of the selected ticket may not be permitted. If this determination is "yes", the process ends, and the owner of the selected ticket cannot be changed. If this determination is "No," the process moves to step S1510.

  In step S1508, it is determined whether the number of times the owner of the selected ticket has been changed exceeds a threshold. However, this is an example, and the present invention is not limited to this determination. For example, when a plurality of tickets exist in one terminal, the processing of moving the ticket may be prohibited in a case where all the tickets are moved to the other terminal. That is, the movement of the ticket may be restricted so that at least one ticket cannot be moved. That is, in the case where all purchased tickets are moved, it is expected that there is a high possibility that the purpose is to resell the tickets. Therefore, such a process may be restricted. In addition, restrictions may be appropriately added to the case where there is a high possibility of ticket movement for the purpose of resale of tickets.

  In step S1510, it is determined whether the other party's telephone number is registered in the server device. The fact that the telephone number is registered in the server device means that the user has been registered in the server device with an ID and a password. As described above, when a telephone number has already been registered, information such as whether the owner of the telephone number is a trader who intends to resell can be considered. If the determination result in step S1510 is "No", the process may be terminated because the phone number is an unknown phone number and a phone number of a person who has not been registered as a user. If the determination is "yes", the flow proceeds to step S1512. In the case of the embodiment of FIG. 15, if the telephone number is registered in the server device, the process proceeds to step S1512, but it is determined that the telephone number is the telephone number of the reseller. If so, the processing may be terminated.

  In step S1512, the server device performs SMS communication with the other party's telephone number, and sends, for example, a URL to the other portable terminal.

  In step S1514, the other mobile terminal accesses the URL and acquires a ticket based on the instruction of the other party.

  In step S1516, the server associates the other party's telephone number with the selected ticket. By this processing, the ownership of the ticket is transferred.

  In step S1518, the server device invalidates the ticket of one mobile terminal. The tickets are managed centrally by the server device. For this reason, the ticket existing in the mobile terminal is positioned as information for enabling the user to grasp the contents of the ticket even when the mobile terminal is offline or for allowing the user to select a ticket to be used. be able to. Therefore, in an environment where the mobile terminal can access the server device, the server device can be accessed and the ticket associated with the mobile terminal can be accurately confirmed. Therefore, the invalidation of the ticket in one terminal does not necessarily have to be performed.

  As described above, in the embodiment in FIG. 15, it is possible to exchange tickets between terminals without performing financial exchange. Also in this case, by providing a check function for preventing an action such as resale of a ticket as described above, transfer of ownership of a ticket appropriate for the user can be realized.

  FIG. 14 is a diagram illustrating a hardware configuration of the mobile terminal 100, the reception terminal 120, and the server device 130. In FIG. 14, the hardware configurations of the mobile terminal 100, the reception terminal 120, and the server device 130 are collectively described.

  The hardware configuration includes a display control unit 1402, display unit 1403, CPU 1404, memory 1406, communication control unit 1408, external memory control unit 1410, storage medium 1411, input interface 1420, various sensors 1422, camera 1424, microphone 1426, output An interface 1430, a speaker 1432, a display 1434, a vibrator 1436, a touch panel control unit 1440, a touch panel 1442, and the like are provided.

  Some of the hardware of the mobile terminal 100, the reception terminal 120, and the server device 130 may not be present, and other hardware may be present.

Note that all or part of the present embodiment can be implemented by a program. This program can be stored in the storage medium 1411. The storage medium 1411 refers to one or more non-transitory storage media having a structure. For example, the storage medium 1411 includes a magnetic recording medium, an optical disk, a magneto-optical recording medium, a nonvolatile memory, and the like. The magnetic recording medium includes an HDD, a flexible disk (FD), a magnetic tape (MT), and the like. The optical disc includes a DVD (Digital Versatile Disc), a DVD-RAM, a CD-ROM (Compact Disc-Read Only Memory), and a CD-R (Recordable) / RW (ReWritable). The magneto-optical recording medium includes an MO (Magneto-Optical disk) and the like. By reading a program stored in a recording medium and executing the program by the CPU, all or a part of each embodiment can be implemented.
It should be noted that each embodiment is for understanding the invention and not for limiting the scope of the invention. Further, the above embodiments are not mutually exclusive. Therefore, it should be noted that the elements of different embodiments are also intended to be combined as long as no inconsistency arises. In the invention according to the method and the program described in the claims, the order of processing may be changed as long as there is no contradiction, or a plurality of processing may be performed simultaneously. It goes without saying that these embodiments are also included in the technical scope of the invention described in the claims.

The functions of the above-described embodiments are not only realized by the computer executing the program code read out by the computer, but also other programs such as an OS running on the computer are executed based on the instructions of the program code. It goes without saying that the present invention includes a case where some or all of the actual processing is performed and the functions of the embodiments are realized by the processing.

  In addition, each component of the various embodiments may be realized by a plurality of physically separated hardware. Further, each component of the various embodiments of the present invention may be implemented by being distributed to a plurality of virtual machines operating on one computer.

  The following effects can be expected by providing a ticket service using the present technology.

  By realizing the ticket discovery / authentication function with the forgery prevention function, which tends to be expensive, by a widely-used mobile terminal such as a smartphone, it becomes possible to provide a service at low cost.

  In ticket authentication, by generating authentication information based on constantly changing information such as time, the authentication information is always and automatically updated easily. Also, even if authentication information is generated by unauthorized means, such as leakage of authentication information generation logic, take immediate and inexpensive measures by updating the application and changing the generation logic. Is possible.

  Since the system administrator manages the authentication information in a state of being associated with the user information, the transfer of the ticket can be performed under the control of the system operator. The transfer of the ticket can be performed only by changing the user information associated with the authentication information of the ticket. Therefore, it does not take much time for issuance and delivery unlike the case of a ticket on the face, and transfer is possible immediately before or on the day of the event, and the possibility of ticket transfer to a third party may be established. Can be increased.

  By systematically managing the authentication information, the system operator can freely determine whether or not the ticket can be transferred and the conditions for granting the transfer (for example, the range of the transfer price, the qualifications and attributes of the transferee). Can be controlled. For this reason, tickets can be distributed only within a range permitted by the system operator or the event operator.

  For example, an artist performing in an event may only be transferred to a fan club member, or the ticket price may be transferred to a third party with a premium within the range approved by the event operator, and a certain percentage of the premium Or as a commission.

  QR code (registered trademark) is an example of a two-dimensional barcode.

Reference Signs List 100 mobile terminal 102 first storage unit 104 first string output unit 106 clock generation unit 108 authentication information generation unit 110 authentication information output unit 120 reception terminal 122 authentication information acquisition unit 124 notification unit 130 server device 132 second string Output unit 134 Clock generation unit 136 String reception unit 138 Decryption unit 140 Match detection unit 142 Second storage unit 146 Rights information extraction unit 148 Authentication result output unit 180 Authentication device 216 Rights information instruction unit 226 Rights information type instruction unit 318 Position detection Unit 319 communication control unit 328 position detection unit 349 communication control unit 400 sales / auction server device 402 communication control unit 404 ticket trading control unit 408 number of tickets check unit 420 mobile terminal 422 ticket purchase / exhibition control unit 424 communication control unit

The disclosed technology uses rights information for identifying rights and owner identification information for identifying owners of the rights. Information managed by a server device, the method comprising identifying a first owner who owns the right. Associating the owner identification information with the rights information; Receiving an instruction to change the obtained first owner identification information to second owner identification information. And in response to the instruction, the number of times the owner identification information of the right information has changed the first threshold value. Verifying that the number has been exceeded and, in response to the instruction, The owner identification information from the first owner identification information to the second owner identification information. Performing the change; and performing the change comprises the step of confirming. If it is confirmed in the step that the number of changes exceeds the first threshold, Provide a way to prevent further changes.

Ticket buying and selling control unit 404, if the number of tickets has not yet reached the threshold value, a fact that can be sold the ticket of purchase hope, return to the ticket purchase and exhibition control unit 422. Then, when the settlement procedure is normally completed, the ticket trading control unit 404 gives the ticket purchase / exhibition control unit 422 permission to download the ticket with the ticket information.

Claims (16)

Mobile devices,
An authentication device that authenticates right information associated with the mobile terminal;
A rights information authentication system having
The mobile terminal,
A first string output unit for sequentially outputting a plurality of strings, wherein each of the plurality of strings is valid for a given duration from an output time;
A first storage unit that stores the rights information and owner identification information related to the owner of the rights information in association with each other;
An authentication information generation unit configured to generate authentication information by encryption using at least the owner identification information stored in the first storage unit and a valid string output from the first string output unit; When,
An authentication information output unit that outputs the authentication information,
Including
The authentication device,
A second string output unit for sequentially outputting a plurality of strings, wherein each of the plurality of strings is valid for a given duration from an output time;
A second storage unit that stores the rights information and the owner identification information in association with each other;
An authentication information acquisition unit that acquires the authentication information from the authentication information output unit;
A string receiving unit that receives a valid string output from the second string output unit in response to the acquisition of the authentication information;
A decryption process for decrypting at least the owner identification information and a valid string output from the first string output unit from the acquired authentication information by executing a decryption process corresponding to the encryption process. Department and
A right information extracting unit that extracts the corresponding right information from the second storage unit using the decrypted owner identification information;
A match detection unit that outputs a match result indicating whether or not the valid string output from the second string output unit matches the valid string output from the first string output unit;
When the matching result indicates a match, an authentication result output unit that outputs an authentication result indicating that the extracted right information is valid right information related to the owner,
A notifying unit for notifying the authentication result,
Including
The second string output section sequentially outputs the same plurality of strings as the first string output section, and outputs the same string as the string of the first string output section, which is output from the second string output section. Are output at substantially the same timing and are valid for substantially the same duration.
Rights information authentication system. The authentication information is an image,
The authentication information output unit displays the image,
The authentication information acquisition unit captures the image,
The notifying unit displays the authentication result;
The right information authentication system according to claim 1.   Each of the plurality of strings sequentially output by the second string output unit uses a part of the time information obtained from the clock generation unit included in the authentication device, thereby obtaining a certain period of time. 3. The rights information authentication system according to claim 1, wherein the same value is maintained. The first string output unit outputs the plurality of strings using information on time obtained by rounding down a minute from the time obtained from a clock generation unit included in the portable terminal, or via a network. Receiving a string from the second string output unit to sequentially output the plurality of strings;
The right information authentication system according to claim 3. The authentication device further includes a right information type instructing unit that instructs the type of right information extracted by the right information extracting unit from the second storage unit.
The right information authentication system according to claim 1. The mobile terminal further includes a rights information instructing unit that instructs the authentication information generating unit to generate the authentication information by further using the rights information selected by the owner,
The decryption unit decrypts the selected right information,
The match detection unit outputs a match result by further detecting a match between the selected right information and the right information extracted from the right information extraction unit,
A rights information authentication system according to claim 5. The authentication device further has a position detection unit,
The right information stored in the second storage unit includes position information where a right is used,
The position detection unit may provide position information of the mobile terminal to the right information extraction unit, so that the right information extraction unit extracts right information related to the position information from the second storage unit. The rights information authentication system according to any one of claims 1 to 4, wherein The right information stored in the first storage unit includes position information where a right is used,
The mobile terminal further includes a mobile terminal position detection unit that instructs the authentication information generation unit to generate the authentication information by further using right information corresponding to the position information of the mobile terminal,
The decryption unit decrypts the right information,
The match detection unit outputs a match result by further detecting a match between the decrypted right information and the right information extracted from the right information extraction unit.
A rights information authentication system according to claim 5. The second storage unit stores a flag indicating that the right information has been used, in association with the right information,
The authentication result output unit, when outputting an authentication result indicating that it is valid right information, sets the flag corresponding to the valid right information to used,
9. The authentication result output unit according to claim 1, wherein when the right information extraction unit extracts the right information in which the used flag is set, the authentication result output unit outputs an authentication result indicating that the right information is not valid right information. The right information authentication system according to any one of the above. The authentication information acquisition unit and the notification unit are present in a reception terminal,
The rights information authentication system according to claim 1.   The match detection unit includes a valid string output from the second string output unit and a string output one time earlier than the valid string output from the first string output unit. Or the string output one time earlier than the valid string output from the second string output unit, and the valid string output from the first string output unit 11. The rights information authentication system according to claim 1, wherein, even when the IDs match, a match result indicating the match is output. 12. The authentication information output unit further outputs information specifying the encryption process,
The decryption unit performs decryption processing using the output identifying information,
A rights information authentication system according to any one of claims 1 to 11.   The right information authentication system according to any one of claims 1 to 12, wherein the right information is ticket information for entering a venue, and the image is a one-dimensional or two-dimensional barcode. Computer
Sequentially outputting a plurality of strings, wherein each of the plurality of strings is valid for a given duration from the output time; and
From a storage unit that stores the right information associated with the computer and the owner identification information indicating the owner of the right information in association with each other, at least the owner identification information and a valid string are used for encryption. Authentication information generating step of generating authentication information by the conversion process,
A display step of displaying a barcode including the authentication information on a display screen so that the authentication device that authenticates the authentication information reads the information,
A method for displaying authentication information having:   The method of displaying authentication information according to claim 14, wherein the step of sequentially outputting the plurality of strings includes outputting the plurality of strings using information provided from the authentication device. A program for causing a computer to execute the authentication information display method according to claim 14.

Images