JP2020068032A - Financial institution system - Google Patents

Abstract

To provide a financial institution system in which less burdens is put on a financial institution and a financial institution system managed by the financial institution in order to provide the financial services, when a financial institution such as a bank who provides various kinds of financial services provides API-based financial services.SOLUTION: Provided is a financial institution system 1 which is used for a commodity and service provider who carries out commodity sale, etc., for users such as consumers receives an API from a financial institution system to execute, on the basis of the user's approval, an API-based financial service function on user account information provided in the financial institution. The financial institution system includes an intermediate handler information management processing unit that manages an intermediate handler ID that is an identifier for specifying an intermediate handler who intermediates between the commodity and service provider and the financial institution and scope information that is an identifier for specifying a combination of the API-based financial service function and the commodity and service provider.SELECTED DRAWING: Figure 2

Description

  The present invention relates to a financial institution system using API (Application Programming Interface).

  In recent years, a field called FinTech, which is a combination of information technology and financial services, such as transfer using a smartphone, has been attracting attention. In the FinTech field, an API (Application Programming Interface), which is a program that allows people other than the bank to connect to the bank's system and use its functions, is known. There is known an open API that provides an API to a user and authorizes access to the bank system based on the consent of the user.

  Patent Document 1 discloses an example of an open API system that allows a user to grant a FinTech trader access authority to a bank system in order to access the user's bank account information and provide various services to the user. However, there has been proposed an invention in which the method of issuing an access token for accessing the bank system adopted in the above system is improved.

JP, 2008-49667, A

  Banks may provide financial services by providing APIs to companies by using open APIs. As this financial service, for example, a product sales / service providing company sells products to users such as consumers and provides services, and the product purchase amount when the user purchases a product or receives a service. For example, there is a method in which the user makes a payment (that is, payment) using a bank account provided in the bank.

  In this case, what kind of financial services (for example, immediate account transfer, balance inquiry, transfer inquiry, etc.) should be provided by the bank for each product sales / service providing company, and the API that specifies each financial service should be For each product sales and service provider company, it will be necessary to construct each financial service to be provided, and the burden on the bank side will be heavy.

  The present invention provides a financial institution and a relevant financial institution when a financial institution that is a person who provides various financial services such as a bank, a securities company, an insurance company, and a virtual currency exchange business provides financial services using API. The purpose is to propose a financial institution system in which the burden on the financial institution system side managed by the institution for providing financial services is small.

[1]
A product / service provider who sells products or provides services to users such as consumers receives an API from a financial institution and, based on the authorization of the user, updates the user account information included in the financial institution. On the other hand, a financial institution system used for executing a financial service function by the API,
An intermediate handler ID issued by the financial institution system as an identifier for identifying the intermediate handler for each intermediate handler interposed between the product / service provider and the financial institution, and the financial institution system A combination of the financial service function based on the API and the product / service provider, which is issued by the financial institution system by the product / service provider, is issued in association with each of the intermediate handler IDs. A financial institution system that includes an intermediate handler information management processing unit that manages scope information, which is an identifier that identifies a person.

[2]
A product / service provider who sells products or provides services to users such as consumers receives an API from a financial institution and, based on the authorization of the user, updates the user account information included in the financial institution. On the other hand, a computer program used for executing the financial service function by the API,
Computer,
An intermediate handler ID issued by the financial institution system managed by the financial institution as an identifier for identifying the intermediate handler for each intermediate handler interposed between the product / service provider and the financial institution. The financial institution system issues the intermediate handling person ID in association with each other, the financial institution system receives an execution request from the product / service provider, and the financial service function by the API and the product / service A computer program that functions as an intermediate handler information management processing unit that manages scope information, which is an identifier that identifies a combination with a provider.

[3]
A product / service provider who sells products or provides services to users such as consumers receives an API from a financial institution and, based on the authorization of the user, updates the user account information included in the financial institution. On the other hand, in the financial institution system used to execute the financial service function by the API, the financial institution system and the product / service by the API that the financial institution system has been requested to execute by the product / service provider. A scope issuing method for issuing scope information, which is an identifier that identifies a combination with a provider,
For each intermediate handler interposed between the product / service provider and the financial institution, the intermediate handler issues an intermediate handler ID issued by the financial institution system as an identifier for identifying the intermediate handler. An intermediate handling person ID issuance processing step issued to the intermediate handling person terminal to be used,
The financial institution system issues the scope information issuing processing step of issuing the scope information linked to each of the intermediate handler IDs to the intermediate handler terminal.

  According to the present invention, it is possible to provide a financial institution system that reduces the technical burden on the financial institution side when providing a financial service function by API to a product sales / service providing company.

It is a figure showing an example of the composition of the system which combined the financial institution system of the present invention and other terminals. It is a conceptual diagram of provision of a financial service function by API using the financial institution system of the present invention. It is a figure showing an example of composition of a financial institution system of the present invention. It is a figure showing an example of the input screen of the authentication information displayed on a user terminal. It is a figure showing an example of composition of an intermediate handling person terminal connected to a financial institution system of the present invention. (A)-(c) is a figure showing the detail of a part structure of the structure of the intermediate handling person terminal shown in FIG. (A) It is a figure showing an example of the information memorize | stored in goods and service provider DB with which an intermediate handler terminal is equipped. (B) It is a figure showing an example of the information memorize | stored in the access token DB with which an intermediate handler terminal is equipped. It is a flow chart showing an example of processing of a financial institution system of the present invention. FIG. 9 is a flowchart showing an example of processing following FIG. 8.

  Hereinafter, an example of an embodiment of the present invention will be described with reference to the accompanying drawings.

  According to the present invention, a product / service provider that sells products or provides services to users such as consumers receives an API from a financial institution, and the financial institution is provided based on the authorization of the user. A financial institution system used for executing a financial service function by the API for user account information, a method executed by the system, and a computer program for executing the method by a computer.

  The financial institution is a person who provides various financial services such as a bank, a securities company, an insurance company, and a virtual currency exchange company.

  In the present embodiment, a product / service provider who sells products or provides services to users such as consumers receives the API from a financial institution, and the financial institution provides the API based on the authorization of the user. An example of a financial institution system used to execute the financial service function by the API for the account information of the user who is present will be described.

  In the embodiment shown in FIG. 1, a financial institution system 1 managed by a conventionally known financial institution that provides various financial services includes a user terminal 2 used by a plurality of users and a product used by a plurality of products / service providers. -Service provider terminal 3, intermediate handler terminal 4 used by a plurality of intermediate handlers interposed between a product / service provider and a financial institution, an internet communication network, and a wireless communication network defined by a wireless communication standard. Are communicatively connected via a communication network 5 such as.

  In this embodiment, the product / service provider is, for example, a product sales company that sells products by electronic commerce or the like, or a service providing company that provides various services.

  In this embodiment, the user is a consumer or a user who purchases a product from a product sales company or receives a service from a service providing company. When the person who uses the financial institution system 1 of the present embodiment is a securities company, an insurance company, a virtual currency exchange business operator, etc., the products and services handled and provided by the product / service provider and the user are It corresponds to each.

  The intermediary handler is that the product / service provider receives the API provided by the financial institution, and based on the authorization of the user, the account information of the user provided in the financial institution is financed by the API. A person who intervenes between the product / service provider and the financial institution when executing a service function. For example, when a user pays a product purchase price and a service price to a product / service provider through his / her financial institution account and makes a payment, the company acts as a payment agent.

  In the present embodiment, as shown in FIG. 2, the financial institution issues an intermediate handler ID as an identifier for identifying the intermediate handler for each intermediate handler through the financial institution system 1. In addition, the financial institution that manages the financial institution system 1 uses the scope information, which is an identifier that identifies the combination of the financial service function requested by the product / service provider and the product / service provider, by the financial institution. , Is issued in association with each intermediate handler ID via the financial institution system 1.

  As financial service functions that the financial institution that manages the financial institution system 1 has been requested to execute by the product / service provider, there are various financial service functions by API (hereinafter, in this specification and the drawings, “by API”). "Financial service function" is referred to as "API function"). Examples of the API function include a reference API such as a balance inquiry of a financial institution account in the user account information, and an update API such as a settlement instruction to the financial institution account in the user account information. When the person who uses the financial institution system 1 of the present embodiment is a securities company, an insurance company, a virtual currency exchange business operator, etc., the API functions correspond to each.

[User terminal configuration]
The user terminal 2 is a computer such as a personal computer, a smart phone, a tablet terminal, a mobile phone, a smart speaker, or the like used by each of a plurality of users.

  The user terminal 2 is communicatively connected to the financial institution system 1, the product / service provider terminal 3, and the intermediate handler terminal 4 via the communication network 5.

  Although not shown, the user terminal 2 includes an arithmetic processing unit configured by a CPU or the like for processing and computing various data, a storage unit for storing various data such as a memory, and an information output unit such as a liquid crystal display and a speaker. And an information input unit such as a touch panel and a microphone, and a communication unit that transmits and receives various data. Specific configurations of the information output unit and the information input unit to be adopted differ depending on the type of the user terminal 2.

  In the storage unit of the user terminal 2, processing operations relating to API functions such as product purchase price payment (settlement), service purchase price payment (settlement), balance inquiry, and transfer inquiry using the financial institution system 1 of the present embodiment. A computer program for controlling the CPU by the arithmetic processing unit is stored. By executing this computer program, each function provided in the user terminal 2, for example, a function of giving the product / service provider terminal 3 the access right to the account information of the user registered in the financial institution is realized. To be done.

[Product / Service Provider Terminal Configuration]
The product / service provider terminal 3 is a computer such as a product sales company that sells products through electronic commerce, a server used by a product / service provider that is a service providing company that provides various services, and the like.

  The product / service provider terminal 3 is communicably connected to the financial institution system 1, the user terminal 2, and the intermediate handler terminal 4 via the communication network 5.

  Although not shown, the product / service provider terminal 3 includes a calculation processing unit configured by a CPU or the like for processing and calculating various data, a storage unit for storing various data such as a memory and a hard disk, and various data. And a communication unit that performs transmission and reception.

  The storage unit of the product / service provider terminal 3 uses the financial institution system 1 of the present embodiment to perform payment of product purchase price (settlement), service purchase price payment (settlement), balance inquiry, and transfer inquiry. A computer program for controlling the processing operation related to the API function such as, by the arithmetic processing unit is stored. By executing this computer program, each function provided in the product / service provider terminal 3, for example, a function of using the settlement instruction service to the financial institution account in the account information of the user by the API provided by the financial institution, Etc. are realized.

[Configuration of financial institution system]
The financial institution system 1 is a system including various servers managed by the financial institution. In the present embodiment, the financial institution system 1 is a system including a Web system 7, an API control system 8 and an accounting system 9 as shown in FIG. Although not shown, the function in the Web system 7 and the function in the API control system 8 may be arranged in the same system without passing through the communication network 10.

1. Web System Configuration The web system 7 is composed of one or a plurality of web servers. In the illustrated embodiment, the Web system 7 is communicably connected to the user terminal 2 and the intermediate handler terminal 4 via the communication network 5, and the API control system 8 via the communication network 10 such as a leased line. And accounting system 9 are communicatively connected to each other. Although not shown, a load balancer may be provided in order to distribute the load on the Web server due to the concentrated access from the user terminal 2 and the intermediate handler terminal 4.

  The Web system 7 shown in FIG. 3 includes an information transmission / reception unit 12, a control unit 13, an intermediate handler information management processing unit 14, a first confirmation processing unit 17, an authentication processing unit 18, and an authorization code transmission processing unit 19. .

  The information transmitting / receiving unit 12 transmits / receives information to / from the user terminal 2, the intermediate handler terminal 4, the API control system 8, and the accounting system 9.

  The control unit 13 controls the information processing performed by each processing unit included in the Web system 7 by an arithmetic processing unit such as a CPU and a RAM.

  The intermediate handler information management processing unit 14 includes an intermediate handler ID issuance processing unit 15 and a scope information issuance processing unit 16. The intermediate handler information management processing unit 14 manages the following information.

・ Intermediate handler ID
The intermediate handler ID is issued by the financial institution via the financial institution system 1, and is an identifier that identifies the intermediate handler for each intermediate handler. The intermediate handler ID is issued by the intermediate handler ID issuing processing unit 15 and is notified to the intermediate handler terminal 4. For example, as shown in FIG. 7 (a), an intermediate handling person ID consisting of a character string different for each financial institution is issued from the intermediate handling person ID issuing processing unit 15 to each intermediate handling person, and each intermediate handling person is dealt with. The intermediate handler terminal 4 used by each person is notified. The intermediate handler ID is registered in an intermediate handler ID database 22 included in the API control system 8 described later (hereinafter, "database" is referred to as "DB" in the present specification and drawings).

-Scope information The scope information is an identifier that identifies a combination of the API function that the financial institution that manages the financial institution system 1 has received an execution request from the product / service provider and the product / service provider. The financial institution issues scope information via the API system 1 in association with each intermediate handler ID. The scope information is issued by the scope information issuance processing unit 16 and notified to the intermediate handler terminal 4. For example, for a combination of an API function provided by each financial institution and the product / service provider who requests and uses the financial institution system 1 to execute the API function, the characters as shown in FIG. One scope information consisting of a column is issued by the scope information issuance processing unit 16 and is notified to the intermediate handler terminal 4. This scope information is registered in the scope DB 23 included in the API control system 8 described later.

-Intermediate handler secret The intermediate handler secret is a valid access to the financial institution system 1 received from the intermediate handler having the intermediate handler ID through the intermediate handler terminal 4 used by the intermediate handler. It is information that proves that there is. This intermediate handler secret is registered in the intermediate handler ID DB 22 described later.

  The first confirmation processing unit 17 performs a process of confirming that these are authentic from the combination of the intermediate handler ID and the scope information acquired by the information transmission / reception unit 12 which is the information acquisition unit.

  In the present embodiment, when the intermediate handling terminal 4 requests the financial institution system 1 to issue an access token, which will be described later, the intermediate handling terminal 4 changes from the product / service provider terminal 3 to the user terminal 2. A user ID that identifies the user and a session identifier between the user terminal 2 and the product / service provider terminal 3 are acquired.

  The intermediate handler terminal 4 specifies the scope information and the intermediate handler ID, which are the combination of the API function and the product / service provider, based on the acquired user ID and session identifier, and the specified scope information and intermediate handler. The ID is sent to the web system 7.

  The authentication processing unit 18 passes the product / service provider terminal 3 through the intermediate handler terminal 4 to the user terminal 2 used by the user relating to the scope information confirmed by the first confirmation processing unit 17. Authentication information for permitting a request for issuing an access token for the product / service provider terminal 3 to access the financial institution system 1 via the intermediate handling terminal 4 performed by the financial institution system 1. Prompt for input. In this case, the information transmission / reception unit 12 which is an information transmission unit, the intermediate handler information indicating the intermediate handler associated with the intermediate handler ID, the API function associated with the scope information, and the API. Combination information indicating a combination with the product / service provider who receives the provision of the function is transmitted to the user terminal, and the information is displayed on the user terminal. Then, the authentication process is performed based on the authentication information acquired from the user terminal 2.

  In the present embodiment, as shown in FIG. 4, in the authentication processing unit 18, the product / service provider “Hanamaru Shokai” provides an immediate API function “○ △ □ online bank provided through an intermediate handling operator“ Net Payment Co., Ltd. ”. A message to the effect that the user wishes to use the "fund transfer function, identity verification function" is displayed on the user terminal 2, and the login ID and password are entered and the product / service provider "Hanamaru Shokai" is the intermediate operator "Net Payment Co. Through the, you are prompted to select whether or not to permit the use of the API function "immediate account transfer function and identity verification function provided by Internet bank." The user inputs a predetermined login ID and password and selects permission or rejection. The authentication processing unit 18 authenticates the login ID and the password by referring to a user DB 33 included in the accounting system 9 described later that stores information about the user.

  The authorization code sending processing unit 19 performs processing for sending the authorization code issued by the API control system 8 described later to the intermediate handler terminal 4.

2. Configuration of API Control System The API control system 8 is composed of one or a plurality of API control servers. The API control system 8 is communicatively connected to the user terminal 2 and the intermediate handler terminal 4 via the communication network 5, respectively, and the Web system 7 and the accounting system 9 are connected to each other via the communication network 10 such as a leased line. Connected for communication. Although not shown, a load balancer may be provided to distribute the load on the API control server due to the concentrated access from the user terminal 2 and the intermediate handler terminal 4.

  The API control system 8 shown in FIG. 3 includes an information transmitting / receiving unit 20, a control unit 21, an intermediate handler ID DB 22, a scope DB 23, an access token DB 24, an authorization code issuance processing unit 25, a second confirmation processing unit 26, and an access token issuance processing. It includes a unit 27, an access token transmission processing unit 28, a third confirmation processing unit 29, and an API function execution completion information transmission processing unit 30.

  The information transmitting / receiving unit 20 transmits / receives information to / from the user terminal 2, the intermediate handler terminal 4, the Web system 7, and the accounting system 9.

  The control unit 21 controls information processing performed by each processing unit included in the API control system 8 by a calculation processing unit such as a CPU and a RAM.

  The intermediate handler ID DB 22 stores the above-described intermediate handler ID and the intermediate handler secret.

  The above-mentioned scope information is stored in the scope DB 23.

  The access token DB 24 stores an authorization code issued by an authorization code issuance processing unit 25 described later, an access token issued by an access token issuance processing unit 27 described later, and a refresh token. The access token is a token associated with the authorization code confirmed by the second confirmation processing unit 26, which will be described later, and is valid for a combination of the intermediate handler ID and the scope information related to the authorization code. Then, the token that identifies the user and authorizes the product / service provider to use the API function via the intermediate handler terminal 4. For example, an access token composed of a character string as shown in FIG. 7B is stored. The access token shown in FIG. 7B has a first expiration date (access token expiration date) for access to the financial institution system 1. The refresh token is a token associated with the authorization code confirmed by the second confirmation processing unit 26, which will be described later, and is valid for a combination of the intermediate handler ID related to the authorization code and the scope information. Then, by re-accessing the financial institution system 1 after the elapse of the first expiration date, a token that authorizes the intermediate handler to be granted a new token having the same function as the access token. is there. For example, a refresh token composed of a character string as shown in FIG. 7B is stored. Further, the refresh token shown in FIG. 7B has a second expiration date (refresh token expiration date) for access to the financial institution system 1.

  The authorization code issuance processing unit 25 performs processing for issuing an authorization code associated with the user ID that identifies the user who has been authenticated by the authentication processing unit 18, the intermediate handler ID, and the scope information. . In the present embodiment, the user permits the product / service provider to use the API function through the intermediate handler when the authentication of the login ID and the password is successful in the authentication processing unit 18 of the Web system 7. In this case, the authorization code issuance processing unit 25 causes the first confirmation processing unit 17 of the Web system 7 to acquire the scope information and the intermediate handler ID at the time of the confirmation processing, and the authentication processing unit 18 to perform the authentication processing. The authorization code associated with the user ID acquired at the time of is issued. The authorization code is sent to the intermediate handler terminal 4 by the authorization code sending processing unit 19 of the Web system 7. At this time, the intermediate handler ID associated with the authorization code and the scope information may be transmitted.

  The second confirmation processing unit 26 confirms that the intermediate handler ID acquired from the intermediate handler terminal 4, the scope information, the authorization code, and the intermediate handler secret are authentic. Perform processing. In the present embodiment, the intermediate handler terminal 4 acquires the authorization code, the intermediate handler ID relating to the issuance of the authorization code, and the scope information from the Web system 7, and then acquires the authorization code and the intermediate handler. The ID, the scope information, and the intermediate handler secret previously set in association with the intermediate handler ID are sent to the API control system 8 to request issuance of an access token. The second confirmation processing unit 26 of the API control system 8 determines whether the acquired authorization code is the information stored in the access token DB 24, the intermediate handler ID and the intermediate handler secret are the intermediate handler ID DB 22. It is confirmed whether or not the information is stored in the scope DB 23 and whether the scope information is information stored in the scope DB 23.

  The access token issuance processing unit 27 performs a process of issuing the above-described access token associated with the authorization code confirmed by the second confirmation processing unit 26.

  Further, the access token issuance processing unit 27 issues a refresh token in which a second expiration date for re-access to the financial institution system 1 after the first expiration date for access to the financial institution system 1 has been set. Perform processing to

  The access token issue processing unit 27 includes an access token having the same function as the access token used when the API function execution processing unit 34 of the accounting system 9 described later executes the API function and a refresh token associated with the access token. Is newly issued.

  The access token sending processing unit 28 performs processing for sending the access token issued by the access token issuing processing unit 27 and the refresh token to the intermediate handler terminal 4. At this time, the intermediate handler ID and the scope information associated with the access token may be transmitted.

  The third confirmation processing unit 29 performs processing for confirming that the intermediate handler ID acquired from the intermediate handler terminal 4, the scope information, and the access token are authentic. In the present embodiment, when the product / service provider terminal 3 requests the financial institution system 1 to execute the API function described later, the intermediate handler terminal 4 sends the user ID from the product / service provider terminal 3 to the user ID. , Obtains a financial institution ID that identifies the financial institution related to the API function. The intermediate handler terminal 4 identifies the intermediate handler ID, the scope information, and the access token based on the acquired user ID and financial institution ID, and sends them to the financial institution system 1. The third confirmation processing unit 29 of the API control system 8 determines whether or not the acquired intermediate handler ID is information stored in the intermediate handler ID DB 22, and the scope information is information stored in the scope DB 23. It is confirmed whether or not the access token is the information stored in the access token DB 24.

  The API function execution completion information transmission processing unit 30 provides the processing completion information indicating that the execution of the API function related to the execution request from the product / service provider terminal 3 performed in the accounting system 9 described later is completed to the intermediate handler. Processing for sending to the terminal 4 is performed. In the present embodiment, after the API function execution processing unit 34 of the accounting system 9 described below executes the API function related to the execution request from the product / service provider terminal 3, the API control system 8 displays the execution result. The API function execution completion information transmission processing unit 30 acquires and outputs the execution result to the intermediate handler terminal 4, and the intermediate handler terminal 4 sends the execution result to the user terminal 2 via the product / service provider terminal 3. Send out.

3. Structure of Accounting System The accounting system 9 is composed of a financial institution server that performs one or more accounting processes. The accounting system 9 is communicably connected to the Web system 7 and the API control system 8 via a communication network 10 such as a dedicated line.

  The accounting system 9 shown in FIG. 3 includes an EAI (Enterprise Application Interaction) 31, a product / service provider DB 32, a user DB 33, and an API function execution processing unit 34. Although not shown, the user DB 33 may be arranged in the Web system 7, and the product / service provider DB 32 may be arranged in the API control system 8, so that the system may be configured.

  The EAI 31 is a system that integrates and links applications between the Web system 7 and the API control system 8.

  The product / service provider DB 32 stores information about the product / service provider related to the product / service provider terminal 3 connected to the financial institution system 1.

  The user DB 33 stores user account information such as the user's bank account, the user ID, the password, and other information about the user.

  The API function execution processing unit 34 is specified by the access token from the intermediate handler ID confirmed by the third confirmation processing unit 29 of the API control system 8, the access token, and the scope information. The financial institution account of the user account information associated with the user ID is executed to execute the API function specified by the scope information.

[Configuration of intermediate handler terminal]
The intermediate handler terminal 4 is a computer such as a server used by the intermediate handler, which is interposed between the product / service provider and the financial institution.

  The intermediate handler terminal 4 is communicably connected to the financial institution system 1, the user terminal 2, and the product / service provider terminal 3 via the communication network 5.

  The intermediate handler terminal 4 shown in FIG. 5 includes an information transmitting / receiving unit 35, a control unit 36, an information registration processing unit 37, a storage unit 38, an access token issuance request management processing unit 39, and an API function execution request management processing unit 40. There is.

  The information transmitting / receiving unit 35 transmits / receives information to / from the financial institution system 1, the user terminal 2, and the product / service provider terminal 3, respectively.

  The control unit 36 controls the information processing performed by each processing unit included in the intermediate handling terminal 4 by a calculation processing unit such as a CPU and a RAM.

  The information registration processing unit 37 performs a process of registering various information sent from the financial institution system 1 in a DB included in the storage unit 38 described later.

  The storage unit 38 includes a product / service provider DB 41 and an access token DB 42. In the product / service provider DB 41, information for identifying the product / service provider relating to the product / service provider terminal 3 connected to the intermediate handling terminal 4 and, as shown in FIG. 7A, , The intermediate handler ID issued by the Web system 7 and the scope information are stored. As shown in FIG. 7B, the access token DB 42 stores the access token and the refresh token issued by the API control system 8 for each of the scope information.

  The access token issuance request management processing unit 39 includes a product / service provider information confirmation processing unit 43, a financial institution list creation / transmission processing unit 44, an intermediate handling person ID / scope information specifying processing unit 45, an intermediate handling person ID / scope information. A transmission processing unit 46, an access token issuance request processing unit 47, and an access token issuance completion information transmission processing unit 48 are provided.

  The product / service provider information confirmation processing unit 43 provides the user ID for identifying the user associated with the user terminal 2 from the user terminal 2 via the product / service provider terminal 3, the user terminal 2, and the product / service provision. A session identifier with the person terminal 3 is acquired, and processing is performed to confirm whether the product / service provider associated with the session identifier is stored in the product / service provider DB 41.

  The financial institution list creating / sending processing unit 44 creates a list of the financial institutions contracted by the product / service provider information confirmed by the product / service provider information confirmation processing unit 43, and the created financial institution list. Is transmitted to the user terminal 2. For example, when the product / service provider confirmation processing unit 43 confirms the product / service provider “Hanamaru Shokai” from the product / service provider DB 41 shown in FIG. 7A, the financial institution list is created. The sending processing unit 44 creates a list of financial institutions “○ △ □ bank” and “△△ bank” contracted by the product / service provider “Hanamaru Shokai”, and uses the created financial institution list by the user. The ID and the session identifier are sent to the user terminal 2.

  The financial institution list is displayed or voice-outputted on the user terminal 2. The user selects a financial institution required for the access token issuing process.

  The intermediate handler ID / scope information identification processing unit 45 links the intermediate handler ID and the scope information associated with the combination of the financial institution selected by the user terminal 2 and the product / service provider related to the session identifier. Is specified from the product / service provider DB 41. For example, when the user selects "○ △ □ bank" from the list of financial institutions "○ △ □ bank" and "△△ bank" contracted by the product / service provider "Hanamaru Shokai", The intermediate handler ID / scope information identification processing unit 45 is managed by the product / service provider management numbers “1” and “2” from the product / service provider DB 41 shown in FIG. 7A. Specify the intermediate handler ID and scope information that are available.

  The intermediate handler ID / scope information transmission processing unit 46 performs processing for transmitting the intermediate handler ID / scope information specified by the intermediate handler ID / scope information specification processing unit 45 and the scope information to the financial institution system 1. In the financial institution system 1, the first confirmation processing unit 17 of the Web system 7 performs the above confirmation processing.

  The access token issuance request processing unit 47 acquires the authorization code from the authorization code transmission processing unit 19 of the Web system 7, and then acquires the authorization code, the intermediate handler ID associated with the authorization code, and the scope information. The intermediate handler secret previously set in association with the intermediate handler ID is sent to the financial institution system 1 to perform a process of requesting issuance of an access token. In the financial institution system 1, the second confirmation processing unit 26 of the API control system 8 performs the above confirmation processing.

  After obtaining the access token and the refresh token from the access token transmission processing unit 28 of the API control system 8, the access token issuance completion information transmission processing unit 48 outputs processing completion information indicating that the access token issuance is completed. Processing for sending to the product / service provider terminal 3 is performed.

  In addition, at this time, the information registration processing unit 37 performs a process of registering the acquired access token and the refresh token in the access token DB 42 by associating the acquired access token with the user ID as a key, as shown in FIG. 7B. To do.

  The product / service provider terminal 3 records predetermined registration completion information in the storage unit of the product / service provider terminal 3, and sends the information to the user terminal 2.

  The API function execution request management processing unit 40 includes a product / service provider information specifying processing unit 49, an intermediate handler ID specifying processing unit 50, a scope information specifying processing unit 51, an access token specifying processing unit 52, and an API function execution request processing unit. 53, and an API function execution completion information transmission processing unit 54.

  The product / service provider information identification processing unit 49 uses the user ID for identifying the user of the user terminal 2 acquired from the user terminal 2 via the product / service provider terminal 3 and the product / service provider. Based on the financial institution ID related to the API function to be used, a process of identifying the product / service provider from the product / service provider DB 41 is performed.

  The intermediate handler ID identification processing unit 50 identifies the intermediate handler ID associated with the product / service provider identified by the product / service provider information identification processing unit 49 from the product / service provider DB 41. I do.

  The scope information identification processing unit 51 performs a process of identifying scope information associated with the product / service provider identified by the product / service provider information identification processing unit 49 from the product / service provider DB 41.

  The access token identification processing unit 52 is associated with the user ID based on the intermediate operator ID identified by the intermediate operator ID identification processing unit 50 and the scope information identified by the scope information identification processing unit 51. A process of identifying an access token from the access token DB 42 is performed.

  The API function execution request processing unit 53 sends out the specified intermediate handler ID, the scope information, and the access token to the financial institution system 1, and performs processing for requesting execution of the API function related to the scope information. . In the financial institution system 1, the third confirmation processing unit 29 of the API control system 8 performs the above-mentioned processing.

  The API function execution completion information transmission processing unit 54 is processing completion information indicating that the execution of the API function related to the execution request from the product / service provider terminal 3 performed by the accounting system 9 or the accounting system 9 is completed. The user account information associated with the user ID acquired by executing the API function related to the execution request from the product / service provider terminal 3 is acquired from the API control system 8, and the processing completion information or A process of transmitting the user account information to the product / service provider terminal 3 is performed.

  At this time, the latest access token and refresh token are acquired from the access token issue processing unit 27 and the access token transmission processing unit 28 of the API control system 8, and the information registration processing unit 37 is stored in the access token DB 42. Update information.

  The product / service provider terminal 3 sends predetermined API execution completion information to the user terminal 2.

  As described above, in the financial institution system 1 of the present embodiment, for each of the plurality of intermediate handler terminals 3, one intermediate handler ID for identifying the intermediate handler is issued, and the API function to be executed and its API function are executed. The system is such that a plurality of pieces of scope information specifying a combination with a product / service provider to be used are linked to the intermediate handler ID and issued.

  Therefore, there is no need to issue, register, and manage a client ID that identifies the product / service provider for each product / service provider and the API function to be executed, as in the conventional case, and a plurality of product / service provider terminals can be provided. When the financial institution 3 is connected to the financial institution system 1, the financial institution is required to make network settings only with the intermediate handling terminal 4, so that the technical burden on the financial institution is greatly reduced.

[Processing flow using financial institution system]
An example of the process flow of this embodiment will be described with reference to FIGS. 4 and 7 to 9. In this processing flow, a financial institution is a “○ △ □ bank”, a product / service provider who receives an API function from the “〇 △ □ bank” is a “Hanamaru Shokai”, a user purchases a product, and pays a service. When you try to make payment by paying goods to a service provider through your own bank account, "Net Payment Co., Ltd.", which is the company acting on behalf of the payment, is the intermediate handling agent, and the API function is "immediate account". Transfer and identity verification ”.

1. Initial registration flow (S101)
A user who purchases products from "Hanamaru Shokai" pays for the products purchased from "Hanamaru Shokai" through his / her bank account (that is, using the API function "immediate account transfer and identity verification"). ), The user accesses the product / service provider terminal 3 of the “Hanamaru Shokai” through the user terminal 2 and informs that he / she desires initial registration for this purpose.

(S102)
The product / service provider terminal 3 gives a user ID for identifying the user who has made an access, and also gives a session identifier between the user terminal 2 and the intermediate handler terminal 4 to the user terminal 2, which made an access. And prompt the redirect to the intermediate handler terminal 4. The user terminal 2 redirects to the intermediate handler terminal 4 based on the acquired information.

(S103)
In the intermediate handling terminal 4, the product / service provider information confirmation processing unit 43 confirms whether the product / service provider “Hanamaru Shokai” related to the acquired session identifier is stored in the product / service provider DB 41. Perform processing to

(S104)
When the product / service provider confirmation processing unit 43 confirms the product / service provider “Hanamaru Shokai” from the product / service provider DB 41 shown in FIG. The processing unit 44 creates a list of the financial institutions "○ △ □ bank" and "△△ bank" that the product / service provider "Hanamaru Shokai" has contracted to use the API function "immediate account transfer and identity verification". Then, the created financial institution list is sent to the user terminal 2 together with the user ID and the session identifier. The financial institution list is displayed on the user terminal 2.

(S105)
The user uses the user terminal 2 to select the financial institution “○ Δ □ bank” that uses the API function “immediate account transfer and identity verification”, and sends it to the intermediary handler terminal 4.

(S106, S107)
In the intermediate handler terminal 4, the intermediate handler ID / scope information identification processing unit 45 uses the product / service provider management number “1” from the product / service provider DB 41 shown in FIG. 7A. The managed intermediate handler ID and scope information are specified. In addition, a session identifier between the user terminal 2 and the Web system 7 is given, the session identifier is transmitted to the accessing user terminal 2, and a redirect to the Web system 7 in the financial institution system 1 is prompted. The user terminal 2 redirects to the Web system 7 of the financial institution system 1 based on the acquired information.

(S108)
In the Web system 7 of the financial institution system 1, the first confirmation processing unit 17 refers to the information stored in the intermediate handler ID DB 22 and the scope DB 23 included in the API control system 8 and acquires the intermediate handler ID. It is confirmed from the combination of the above and the scope information that these are legitimate.

(S109)
If the first confirmation processing unit 17 confirms that the product is authentic, then the authentication processing unit 18 issues an access token for the product / service provider terminal 3 to access the financial institution system 1. The user terminal 2 is prompted to input authentication information for permitting the request for the request. In this case, the information transmission / reception unit 12 of the Web system 7 connects the intermediate handler ID indicating the intermediate handler “net settlement company” and the scope information. The combination information indicating the combination of the API function "immediate account transfer and identity verification" and the product / service provider "Hanamaru Shokai" receiving the API function is transmitted to the user terminal. The user terminal 2 indicates that the product / service provider “Hanamaru Shokai” as shown in FIG. 4 wants to use the API function “immediate account transfer and identity verification” through the intermediary operator “net settlement company”. Allows message, login ID, password input and the product / service provider “Hanamaru Shokai” to use the API function “immediate account transfer and identity verification” through the intermediary operator “Net Payment Co., Ltd.” Prompt you to choose whether or not. The user inputs a predetermined login ID and password and selects permission or rejection.

(S110, S111)
When the authentication information is input from the user terminal 2, the authentication processing unit 18 refers to the information about the user stored in the user DB 33 included in the accounting system 9 to authenticate the login ID and the password. I do.

(S112)
After the authentication processing unit 18 is authenticated, the authorization code issuance processing unit 25 specifies the user ID for identifying the user authenticated by the authentication processing unit 18, the intermediate handler ID, and the scope information. Issue the authorization code associated with.
The authorization code issued by the authorization code issuance processing unit 25 is transmitted to the user terminal 2 by the authorization code transmission processing unit 19 of the Web system 7 together with the intermediate handler ID and the scope information associated with the authorization code. 2 is redirected to the intermediate handler terminal 4.

(S113)
In the intermediate handler terminal 4 that has received the redirect from the user terminal 2, the access token issuance request processing unit 47 assigns the acquired authorization code, the intermediate handler ID, the scope information, and the intermediate handler ID in advance. The intermediate handler secret that is set in association with each other (if the access to the bank system 1 received from the intermediate handler having the intermediate handler ID via the intermediate handler terminal 4 used by the intermediate handler is valid) (Information to prove that there is)) to the financial institution system 1.

(S114)
In the financial institution system 1 that has obtained the authorization code, the intermediate handler ID, the scope information, and the intermediate handler secret from the intermediate handler terminal 4, the second confirmation processing unit 26 receives the intermediate handling. A process is performed to confirm that the intermediate handler ID, the scope information, the authorization code, and the intermediate handler secret acquired from the worker terminal 4 are authentic.

(S115)
When it is confirmed by the second confirmation processing unit 26 that it is authentic, the access token issuance processing unit 27 issues an access token associated with the authorization code.
The access token issuance processing unit 27 also issues a refresh token in which a second expiration date for access to the financial institution system 1 after the first expiration date for access to the financial institution system 1 has been set. Perform processing.
The access token and the refresh token issued by the access token issue processing unit 27 are transmitted by the access token transmission processing unit 28 to the intermediate handler terminal 4 together with the intermediate handler ID and the scope information associated with the access token. To be done.
Alternatively, the access token and the refresh token issued by the access token issuance processing unit 27 are transmitted to the user terminal 2 by the access token transmission processing unit 28 together with the intermediate handler ID and the scope information associated with the access token. And may be redirected from the user terminal 2 to the intermediate handler terminal 4.

(S116)
In the intermediate handler terminal 4, the information registration processing unit 37 performs processing of registering the acquired access token and refresh token in the access token DB 42 in association with each other using the user ID as a key.

(S117)
After the registration is completed, the access token issuance completion information sending processing unit 48 sends the processing completion information indicating that the access token issuance is completed to the user terminal 2 and the information is the product / service provider terminal. Redirected to 3.

(S118)
The merchandise / service provider terminal 3 that has received the redirect from the user terminal 2 records that the user who is using the user terminal 2 has completed the initial registration, and sends to the user terminal 2 a message that the initial registration procedure has been completed. .

2. Settlement flow of goods / service purchase amount (S201)
If the user who purchased the product at the product / service provider “Hanamaru Shokai” whose initial registration has been completed wants to pay the price for the product purchase with the registered financial service function, the user terminal 2 is used. Access the product / service provider terminal 3 of the “Hanamaru Shokai” and request that effect.

(S202)
The product / service provider terminal 3 of the “Hanamaru Shokai”, which receives the request from the user terminal 2, stores the information identifying the user, the bank specified by the user, and the information about the requested financial service function. The information is transmitted to the intermediary operator terminal 4 of the intermediary operator "net settlement company".

(S203, S204)
At the intermediary operator terminal 4 of the intermediary operator “Net Payment Co., Ltd.” that receives the request from the product / service provider terminal 3, the product / service provider information identification processing unit 49 obtains from the product / service provider terminal 3. The product / service provider is specified from the product / service provider DB 41 based on the user ID for specifying the user and the financial institution ID related to the API function used by the product / service provider. Perform processing to
The intermediate handler ID identification processing unit 50 identifies the intermediate handler ID associated with the product / service provider identified by the product / service provider information identification processing unit 49 from the product / service provider DB 41. I do.
The scope information identification processing unit 51 performs a process of identifying scope information associated with the product / service provider identified by the product / service provider information identification processing unit 49 from the product / service provider DB 41.
The access token identification processing unit 52 is associated with the user ID based on the intermediate operator ID identified by the intermediate operator ID identification processing unit 50 and the scope information identified by the scope information identification processing unit 51. A process of identifying an access token from the access token DB 42 is performed.
The API function execution request processing unit 53 sends the specified intermediate handler ID, the scope information, and the access token to the financial institution system 1 of the designated financial institution, and the API function related to the scope information. Perform the process that requires the execution of.

(S205)
In the financial institution system 1 that has acquired the above information from the intermediate operator terminal 4 of the intermediate operator "Net Payment Co., Ltd.", the third confirmation processing unit 29 causes the scope information, the intermediate operator ID, and the access. Perform processing to confirm that the token and the token are legitimate.

(S206)
If the third confirmation processing unit 29 confirms that the content is authentic, the API function execution processing unit 34 causes the third confirmation processing unit 29 to confirm the scope information, From the intermediate handler ID and the access token, the API function specified by the scope information is executed in the bank account of the user account information associated with the user ID.

(S207)
When the API function is executed by the API function execution processing unit 34, the API function completion information sending unit 30 outputs the processing completion information indicating that the API function is executed by the API function execution processing unit 34 to the intermediate handler terminal 4 Send to.
Further, the access token issue processing unit 27 newly adds an access token having a function similar to the access token used when the API function execution processing unit 34 of the accounting system 9 executes the API function and a refresh token associated with the access token. Process to issue to.

(S208, S209)
When the intermediary operator terminal 4 of the intermediary operator "Net Settlement Co., Ltd." obtains the above-mentioned processing completion information from the financial institution system 1, after recording the fact, the API function execution completion information transmission processing unit 54 The processing completion information or the user account information associated with the user ID acquired by executing the API function is sent to the product / service provider terminal 3 of the product / service providing company “Hanamaru Shokai”.
The product / service provider terminal 3 of the product / service provider “Hanamaru Shokai” that has obtained the above-mentioned processing completion information and the like from the intermediate handler terminal 4 records that fact and then notifies the user terminal 2 of the processing result. To do.
In the intermediate handler terminal 4, the information registration processing unit 37 stores the acquired access token and refresh token in the access token DB 42 and updates the information.

(S210)
Predetermined API function execution completion information is displayed on the user terminal.

1 financial institution system 2 user terminal 3 product / service provider terminal 4 intermediate handling terminal 5, 10 communication network 7 Web system 8 API control system 9 accounting system 12 information transmitting / receiving unit 13 control unit 14 intermediate handling information management processing unit 15 Intermediate handler ID issuance processing section 16 Scope information issuance processing section 17 First confirmation processing section 18 Authentication processing section 19 Authorization code sending processing section 20 Information transmitting / receiving section 21 Control section 22 Intermediate handling person IDDB
23 Scope DB
24 Access token DB
25 Authorization Code Issuing Processing Section 26 Second Confirmation Processing Section 27 Access Token Issuing Processing Section 28 Access Token Sending Processing Section 29 Third Confirmation Processing Section 30 API Function Execution Complete Information Sending Processing Section 31 EAI
32 Product / Service Provider DB
33 User DB
34 API function execution processing unit 35 Information transmission / reception unit 36 Control unit 37 Information registration processing unit 38 Storage unit 39 Access token issue request management processing unit 40 API function execution request management processing unit 41 Product / service provider DB
42 Access token DB
43 product / service provider information confirmation processing unit 44 financial institution list creation / transmission processing unit 45 intermediate handler ID / scope information identification processing unit 46 intermediate handler ID / scope information transmission processing unit 47 access token issue request processing unit 48 access Token issue completion information transmission processing unit 49 Product / service provider information identification processing unit 50 Intermediate handler ID identification processing unit 51 Scope information identification processing unit 52 Access token identification processing unit 53 API function execution request processing unit 54 API function execution completion information Send processing unit

Claims (16)

A product / service provider who sells products or provides services to users such as consumers receives an API from a financial institution and, based on the authorization of the user, updates the user account information included in the financial institution. On the other hand, a financial institution system used for executing a financial service function by the API,
An intermediate handler ID issued by the financial institution system as an identifier for identifying the intermediate handler for each intermediate handler interposed between the product / service provider and the financial institution, and the financial institution system A combination of the financial service function based on the API and the product / service provider, which is issued by the financial institution system by the product / service provider, is issued in association with each of the intermediate handler IDs. A financial institution system that includes an intermediate handler information management processing unit that manages scope information, which is an identifier that identifies a person. The intermediate handler information management processing unit further manages an intermediate handler secret, which is information certifying that access from the intermediate handler having the intermediate handler ID to the financial institution system is valid. The financial institution system according to claim 1. A first confirmation processing unit that confirms that these are authorized from the combination of the intermediate handler ID and the scope information acquired by the information acquisition unit;
From the product / service provider terminal used by the product / service provider to the financial institution system with respect to the user terminal used by the user according to the scope information confirmed by the first confirmation processing unit. The authentication information acquired from the user terminal prompts the user to input authentication information for permitting a request for issuing an access token for the product / service provider terminal to access the financial institution system. An authentication processing unit that performs authentication processing based on
A user ID that identifies the user who has been authenticated by the authentication processing unit, an intermediate handler ID, and an authorization code issuing processing unit that issues an authorization code associated with the scope information,
The financial institution system according to claim 1, further comprising: an authorization code sending processing unit that sends the authorization code to the intermediate handling person terminal. The product / service provision is performed from the product / service provider terminal to the financial institution system for the user terminal used by the user according to the scope information confirmed by the first confirmation processing unit. The intermediary operator associated with the intermediary operator ID when prompting the input of the authentication information for permitting a requester terminal to request an access token issuance request for accessing the financial institution system The information transmission unit further comprising: intermediate user information and combination information indicating a combination of the financial service function based on the API linked to the scope information and the product / service provider on the user terminal. The listed financial institution system. A second confirmation processing unit that confirms that the intermediate handler ID, the scope information, the authorization code, and the intermediate handler secret acquired by the information acquisition unit are authentic;
An access token issue processing unit that issues an access token associated with the authorization code confirmed by the second confirmation processing unit,
An access token sending processing unit for sending the access token issued by the access token issuing processing unit,
A third confirmation processing unit that confirms that the intermediate handler ID acquired by the information acquisition unit, the scope information, and the access token are authentic.
From the scope information confirmed by the third confirmation processing unit and the access token, the scope is the financial institution account of the user account information associated with the user ID specified by the access token, and the scope. An API function execution processing unit that executes a financial service function based on the API specified by information;
The financial institution system according to claim 4, further comprising: an API function execution completion information sending unit that sends processing completion information that the financial service function by the API has been executed in the API function execution processing unit. The access token has a first expiration date set for access to the financial institution system,
When the access token issuance processing unit issues the access token, the access token issuance processing unit issues a refresh token in which a second expiration date for access to the financial institution system after the passage of the first expiration date is set. The financial institution system according to any one of Items 3 to 5. An intermediate handler ID issuance processing unit that issues the intermediate handler ID to the intermediate handler terminal;
The financial institution system according to any one of claims 1 to 6, further comprising: a scope information issuance processing unit that issues the scope information to the intermediate handler terminal. A product / service provider who sells products or provides services to users such as consumers receives an API from a financial institution and, based on the authorization of the user, updates the user account information included in the financial institution. On the other hand, a computer program used for executing the financial service function by the API,
Computer,
An intermediate handler ID issued by the financial institution system managed by the financial institution as an identifier for identifying the intermediate handler for each intermediate handler interposed between the product / service provider and the financial institution. The financial institution system issues the intermediate handling person ID in association with each other, the financial institution system receives an execution request from the product / service provider, and the financial service function by the API and the product / service A computer program that functions as an intermediate handler information management processing unit that manages scope information, which is an identifier that identifies a combination with a provider. The intermediate handler information management processing unit further manages an intermediate handler secret, which is information proving that access from the intermediate handler having the intermediate handler ID to the financial institution system is valid. The computer program of claim 8, which causes the computer program to function. Computer,
A first confirmation processing unit that confirms that these are authorized from the combination of the intermediate handler ID and the scope information acquired by the information acquisition unit;
The financial institution system from the product / service provider terminal used by the product / service provider to the user terminal used by the user associated with the scope information confirmed by the first confirmation processing unit. Prompting the user to enter authentication information for permitting the request for issuing an access token for the product / service provider terminal to access the financial institution system, and for the authentication acquired from the user terminal. An authentication processing unit that performs authentication processing based on information,
A user ID that identifies the user who has been authenticated by the authentication processing unit, an intermediate handler ID, and an authorization code issuing processing unit that issues an authorization code associated with the scope information,
The computer program according to claim 8 or 9, which is caused to function as an authorization code transmission processing unit for transmitting the authorization code to an intermediate handler terminal used by the intermediate handler. Computer,
The product / service provision is performed from the product / service provider terminal to the financial institution system for the user terminal used by the user according to the scope information confirmed by the first confirmation processing unit. The intermediary operator associated with the intermediary operator ID when prompting the input of the authentication information for permitting a requester terminal to request an access token issuance request for accessing the financial institution system The information handling unit that causes the user terminal to display intermediate handling information and combination information indicating a combination of the financial service function based on the API associated with the scope information and the product / service provider is used. The described computer program. Computer,
A second confirmation processing unit that confirms that the intermediate handler ID, the scope information, the authorization code, and the intermediate handler secret acquired by the information acquisition unit are authentic;
An access token issue processing unit that issues an access token associated with the authorization code confirmed by the second confirmation processing unit,
An access token sending processing unit for sending the access token issued by the access token issuing processing unit,
A third confirmation processing unit that confirms that the intermediate handler ID acquired by the information acquisition unit, the scope information, and the access token are authentic.
From the scope information confirmed by the third confirmation processing unit and the access token, the scope is the financial institution account of the user account information associated with the user ID specified by the access token, and the scope. An API function execution processing unit that executes a financial service function based on the API specified by information;
The computer program according to claim 11, which is caused to function as an API function execution completion information sending unit that sends processing completion information that the financial service function by the API has been executed in the API function execution processing unit. The access token has a first expiration date set for access to the financial institution system,
When issuing the access token, the access token issue processing unit is configured to issue a refresh token in which a second expiration date is set for access to the financial institution system after the first expiration date has passed. The financial institution system according to any one of claims 10 to 12, which functions. Computer,
An intermediate handler ID issuance processing unit that issues the intermediate handler ID to the intermediate handler terminal;
The computer program according to any one of claims 8 to 13, which is caused to function as a scope information issuance processing unit that issues the scope information to the intermediate handler terminal. A product / service provider who sells products or provides services to users such as consumers receives an API from a financial institution and, based on the authorization of the user, updates the user account information included in the financial institution. On the other hand, in the financial institution system used to execute the financial service function by the API, the financial institution system and the product / service by the API that the financial institution system has been requested to execute by the product / service provider. A scope issuing method for issuing scope information, which is an identifier that identifies a combination with a provider,
For each intermediate handler interposed between the product / service provider and the financial institution, the intermediate handler issues an intermediate handler ID issued by the financial institution system as an identifier for identifying the intermediate handler. An intermediate handling person ID issuance processing step issued to the intermediate handling person terminal to be used,
The financial institution system issues the scope information issuing processing step of issuing the scope information linked to each of the intermediate handler IDs to the intermediate handler terminal.   A computer program causing a computer to execute the method according to claim 15.

Images