JP2020074188A - Called party leadership based communication method, communication system, and electronic settlement system - Google Patents

Abstract

To effectively utilize communication resources and additional devices by controlling a communication device as intended by an owner of the communication device, and to achieve an efficient routing guide service system and a secure and convenient electronic settlement and moving body charge collection system by eliminating nuisance communication, reducing useless communication traffics, and utilizing supervision, anonymous communication and other additional devices of the communication device.SOLUTION: A ruler player of a communication device issues an instruction to an electronic secretary interposed between the communication device and a network beforehand. There are provided a plurality of handling methods from rejection to control permission for the electronic secretary to respond to each communication request from a caller after identifying the caller or communication content in accordance with instruction content of the ruler player, in order to process communication requests arriving from the inside and the outside.SELECTED DRAWING: Figure 69

Description

  The present invention relates to communication using electronic devices on a communication network, and more particularly, to a step of establishing a communication connection and ensuring security of communication. It relates to the integration of communication and remote control functions, which determine all operations according to the wishes of the called party or the party controlling the called communication equipment.

Telecommunications have become widespread. Various information technology services utilizing the Internet have rapidly spread to the general public, high-speed, large-capacity, always-on communication has spread to general households, and caller number notification has also become common. The caller is now in control of the communication.
However, unsolicited communications against the recipient's will, fraudulent fraudulent identity, emails that adversely affect youth, "attacks" due to frequent mass emails, and infection by just looking at the screen of the incoming email A virus and a "one-way" incomplete call have caused a failure in the telecommunications carrier's network, causing serious damage such as a situation where the telephone line is extensively paralyzed for a long time. Negative problems such as paralysis and deterioration of communication infrastructure and drowning of normal communication also emerged. Weaknesses in existing public communication systems are causing the above illegal and legal acts.
There are some conventional unsolicited communication prevention technologies that are divided into different alert levels. However, there is nothing that can handle various situations at the same time. For example, the "designation refusal" rejects the reception to the designated partner, but there is a problem that it is impossible to specify all the unspecified number of partners. In the "designated reception", only the designated party receives the data, but "conflict principle" is set (see, for example, Patent Document 1 and Non-Patent Documents 1 and 2). According to the method of Patent Document 6, it is possible to enhance the convenience when registering and canceling the rejection number. Receiving is rejected according to the receiving condition specified by the recipient, and the e-mail sender determines whether or not to transfer the e-mail. However, it is difficult to determine the condition itself, and there is also a problem that the e-mail cannot be specified. 2 and 3). There is also a method in which unsent mail is recorded in the received junk mail and the sender is reversely charged (for example, refer to Patent Document 4). There is also one that extracts the identification information of the sender from the arrived e-mail (for example, see Patent Document 5).

However, these techniques are (a) how to deal with at least once an unwanted communication occurs (see, for example, Patent Document 6), and legal regulations such as an opt-out method can You are forced to respond to the caller, which has little effect, especially for email. The reason is: 1. The number of callers is huge. It is annoying to make only one call, and it is not realistic to make a reject reply one by one. Even if the refusal registration is made, the number of storage areas that can be registered is limited and cannot be increased indefinitely. If the above laws and regulations cannot be resolved, for example, how to regulate the contents of foreign language transmissions, the existence of a country that does not have a legal system for controlling transmissions, and prosecuting a violator is not the case when the sender is an individual, Not realistic. 2. Unable to deal with one-off unsolicited communication. 3. We cannot deal with criminal acts such as "Oreore fraud" by disguising the identity of the sender, and the problem that the home confirmation phone is used by burglar offenders.
(B) A perfect reception condition cannot be set. There is a good chance that important communications will not be received by the "specified reception" technique. Strict laws and regulations, and the opt-in method that allows only registered users to make calls, hinders freedom of expression and business. As a concept of unsolicited email, there is no common standard that cannot determine the content of the email to be the unsolicited email without the subjective element of each recipient. Known techniques such as junk mail sender database filtering etc. cannot reflect the subjectivity of the called party at all, and there is a clear limit to the fact that the sender address is constantly changing.

(C) Generally, conventional communication systems are premised on the concept that communicating parties know each other's identities. For example, a personal telephone number plays the role of a personal identity. Therefore, if you easily announce your phone number to an unknown party, some danger will be hidden. On the other hand, when anonymous communication is required until the beginning or the end in activities such as person-to-person, person-to-company transactions, etc. for the general public on the network, once you invite the other party, your email address or telephone number Because it is disclosed in, you can not easily break the relationship with the other person when you want to pull yourself. Patent Document 10 discloses a method of establishing a communication channel that removes the identity information of both parties from the communication content through a dedicated anonymous communication center, which requires two steps for anonymous communication.
(D) With the progress of technology, small portable communication devices have become multifunctional. Utilization of accessory functions such as accessory camera of communication equipment, accessory position information device, etc., children, elderly people, unattended people can be safely used as communication means and for custody, and potential needs are not satisfied. For example, regarding the utilization of the position information, some have a control means for setting a traveling route, but the amount of calculation is large and it is not suitable for a small device such as a mobile phone (for example, see Patent Documents 7 and 8). There are some mobile phones equipped with a means for receiving radio waves from GPS satellites, but there is no means for preventing undesired communication (for example, see Patent Document 9).
Patent Documents 19 to 20 and 27 to 29 disclose techniques of using a mobile device for payment. However, the settlement PIN cannot be used safely. Patent Documents 30 to 31 disclose techniques relating to cashlessness during commercial transactions. However, the liquidity of funds is impaired.
JP-A-5-14488 (claim 1, FIG. 1-4) JP, 2002-344524, A (claim 1-15, Drawing 1-19). Japanese Patent Laid-Open No. 2000-10880 (Claims 1-5, 1-18) Japanese Patent No. 3283873 (Claims 1-2 and 1-3) Japanese Patent No. 30034040 (Claims 1-2 and 1-2) JP 2002-290566 A (full text, FIG. 1-3) Japanese Patent No. 3460033 Japanese Patent Publication No. 6-60821 (Claim 1-2, FIG. 1) Japanese Patent No. 3039536 (full text, Fig. 1-7) US Pat. No. 5,884,270 (full text, FIG. 1-9) US Pat. No. 6,070,149 US Pat. No. 6,370,235 US Pat. No. 6,691,156 JP 2001-148094 A (full text, FIG. 1-7) Japanese Patent Laid-Open No. 10-307993 JP, 9-22497, A Japanese Patent No. 3488192 Japanese Patent No. 3028796 Japanese Patent Laid-Open No. 8-339407 JP, 2001-338250, A JP, 2003-141043, A JP 2002-374307 A JP, 2003-36230, A JP 2001-217861 A JP, 2003-333097, A JP, 2003-216548, A Japanese Patent Publication No. 2004-51902 Japanese Patent No. 3497144 Japanese Patent No. 3339843 JP-A-2000-242717 JP 2001-306982 A JP 2000-48283 A JP-A-2002-42273 JP, 11-234393, A JP, 2003-18636, A Study Group on How to Deal with Spam Mail, "Interim Report", [online], January 24, 2002, Ministry of Internal Affairs and Communications, p. 10, [January 9, 2004 search], Internet <URL: http://www.soumu.go.jp/s-news/2002/020124_4.html> Study Group on How to Deal with Spam Mail, "Report", [online], October 7, 2002, Ministry of Internal Affairs and Communications, p. 3-5 [Search on January 9, 2004], Internet <URL: http://www.soumu.go.jp/s-news/2002/021007_1.html> J. Myers, "RFC 1939, POP3 (Post Office Protocol-Version 3)", [online], May 1996, IAB (Internet Architecture Board) standard recommendation document RFC (Request for Comments), p. 11 [January 12, 2004 search], Internet <URL: (ftp://ftp.rfc-editor.org/in-notes/rfc1939.txt) J. Klensin, "RFC 2821, (Simple Mail Transfer Protocol)", [online], April 2001, IAB (Internet Architecture Board) standard recommendation document RFC (Request for Comments), p. 32, [January 14, 2004 search], Internet <URL: (ftp://ftp.rfc-editor.org/in-notes/rfc2821.txt) P. Resnick, "RFC 2822, (Internet Message Format)", [online], April 2001, IAB (Internet Architecture Board) standard recommendation document RFC (Request for Comments), p. 26 [January 20, 2004 search], Internet <URL: (ftp://ftp.rfc-editor.org/in-notes/rfc2822.txt)

  These are all the intentions of the administrator of an electronic device (hereinafter referred to as a communication device) having a communication function and a function related to communication, that is, wanting to prevent the operation of the device by another person's intention including unsolicited communication, and the device from its own intention. It is about the will to control. The problem with the prior art is that this intention cannot be satisfied. It is an object of the present invention to solve this problem and satisfy the will of the parties. Specifically, it is an object of the present invention to efficiently utilize communication resources efficiently as the parties concerned intend. Communication, function to control communication device, eliminate open communication normally without spoiling conventional communication function, reduce unnecessary communication volume, custody, emergency communication, anonymous communication, efficient mobile device It is an object of the present invention to utilize an auxiliary device of a communication device such as a location information service. It is also an object of the present invention to provide a route guidance service, grasp traffic conditions without providing dedicated equipment, and realize a safe and convenient electronic payment and mobile charge collection system.

In order to solve the above problems, as shown in FIG. 1, according to the present invention, an administrator of a communication device issues an instruction to an electronic secretary in advance between the communication device and a network, and the electronic secretary instructs the administrator. According to the contents, a plurality of methods are provided for a communication request arriving from the inside or outside (communication device or network), and when the communication request is received, one is selected from the plurality of processing methods, Treating the communication request; the treatment method in this specification is called "treatment", and means a method of performing a specific treatment for a specific communication request determined by an administrator.
The conventional concept of communication is usually initiated by the sender, and it has been considered that the other party should receive it when he / she calls the other party. Since the response method is also simple, there is no need to describe it in special terms. The present invention has a variety of response methods, and there is no suitable technical term to be expressed concisely. Therefore, the term "treatment" is used to express the relationship between both parties.
The reception refusal treatment is a statement of intention to completely reject the caller, the communication permission treatment is a conventional communication need, the control permission treatment is a potential need, and a statement of desire to give the caller control of the communication device. is there.
As used in this specification, the term "control permission" refers to the intention of an administrator to allow a communication facility to be in a controlled state and execute a caller's command or start a specified function or program. Represents For example, when the caller can remotely activate the camera attached to the communication device to monitor the receiving side and receives a communication request for confirmation of electronic payment, the personal authentication program is activated.
The idea of the invention begins with the communication of all callers obtaining prior permission. When an unknown caller makes a call without permission, the caller first asks for the name of the caller, determines the caller's identity, and decides whether or not to communicate. This is called application acceptance. This flow can be compared to the example of a receptionist or secretary. Instruct the secretary in advance of the prescribed rules, the secretary will respond when the instructed visitor comes, the reception is handled in the instructed manner, and if the unknown visitor comes, ask for the name and the requirement, Based on the rules taught by the boss, decide whether to pass the visitor. For example, if the boss is interested in the visitor's business, let him know. If it turns out to be an old acquaintance of the boss, let him pass. A clever secretary will be able to remember the visitor and quickly decide whether to treat the second visitor kindly or in advance.

If the boss himself comes, follow the order. This is because the boss has control. This is like remotely controlling a communication machine.
According to the present invention, a party issues an instruction in advance to an electronic secretary that realizes the role of the secretary, and the electronic secretary processes a communication request according to the instruction content of the party. The electronic secretary is instructed of the first rule consisting of a caller ID and a treatment to be given, and a communication request is first dealt with based on the first rule. Also, tell the electronic secretary the second rule consisting of a question, a correct answer, and treatment, and if you do not know the treatment method according to the first rule, ask the sender and take the correct answer based on the second rule. Then, the sender's ID and treatment are stored as the first rule. Also, the electronic secretary is instructed how to deal with the caller who did not get the correct answer.
The second rule can include the personal information of the parties. For example, if the rule is to know the names of the parties, a caller who does not know the name of the called party can be rejected. It is also possible to judge family members and relatives by secret passwords and passwords. In the case of telephone communication, voice recognition and voiceprint recognition can also be used.
The types of treatment include reception rejection and communication permission for communication requests arriving from the outside, and transmission rejection and transmission permission for communication requests originating from the inside. A virtual account (described later) is introduced for payment.

(A) Preventing unwanted e-mail and unwanted calls. The greatest feature of the present invention is that the occurrence of undesired communication is logically prevented even before it occurs even once. 1. Communication is not allowed unless the sender ID and recipient ID match. Even if the sender ID can be forged, it cannot match the recipient ID pair. If the sender ID cannot be forged, such as notification of the sender's number, the unknown sender will be given the opportunity to apply for a limited number of times, and then unconditionally rejected to prevent the program from automatically attempting unwanted communication. it can. 2. Sanctions can be given to a person who wants to make a one-off call because the application procedure automatically starts and the sender charges the communication fee. 3. Since it is automatically confirmed according to the procedure decided for the person who is not registered, it is possible to deal with "Oreore fraud" in which an old person is inadvertently deceived.
(B) At the same time, in the case of the person who answers the question of the called party accurately, for example, when the name of the called party can be answered, the communication function is not compromised normally and openly as in the conventional case. The freedom of the caller is not restricted. If you want to sell or advertise things, and only if the other person is interested, it will be a mutual benefit. The present invention is provided with a means for expressing the interest to the called party in advance, and does not refuse the communication which benefits both parties.
(C) When the present invention is applied to the receiving server, it can be blocked at the time of issuing a communication request for unwanted communication. It is possible to reduce the amount of communication due to a large amount of useless mail in the public network, effectively use the equipment, and save the communication company's nuisance communication compensation. Even if you do not operate on the receiving server, you can reduce the social burden of changing communication contracts and implementing legal maintenance, and save time for manual judgment and deletion processing of junk mail. By eliminating unsolicited communication, the utilization of communication means will eventually expand.
(D) Simple anonymous communication, one-way communication in which only one side allows outgoing calls. It will be easier and easier for people to engage in job-hunting and job-hunting activities through public communication networks.
(E) The other party is automatically identified in accordance with the subjective consciousness of each of the parties, and even if the other party obtains an unauthorized communication permission due to a problem of automatic processing, the permission can be canceled.
(F) The communication device and the communication accessory device can be efficiently utilized in accordance with the intention of the manager of the communication machine on the receiving side. It is possible to integrate custody, crime prevention, emergency communication, and vehicle guidance functions. Therefore, new uses and new needs are created.
In addition, problems, means, and effects will be described for each example.

  The term "communication request" used in this specification means the communication content that reaches the electronic secretary before the original communication purpose of the caller is achieved, for example, a connection request or a callee Before receiving, the email or data received by the electronic secretary or a request for consent is a communication request .- "Rule" is a pair of search conditions for the processing target and definition information of actions when the search conditions are satisfied. Means the knowledge used to control the process, and the "first rule" is a condition part having an application condition relating to the sender ID (sender's identifier) and the action corresponding to the treatment. It is a rule having an execution unit for instructing execution, and "when actually receiving a communication request from a caller, the ID of the caller detected from the communication request (hereinafter referred to as" actual caller ID ") is If it matches the sender ID in the condition section The “first rule set” is a set of first rules, and in the present specification, a first rule is created. Adding to the first rule set is to give treatment to the caller. ・ The "second rule" is a condition part that has application conditions related to the expected application content, and an execution that directs the action corresponding to the treatment. Is a rule having a section, and represents that “if the expected application content is detected from the communication request, the communication request is treated based on the treatment”, and the “third rule” is , A rule having a condition part having an application condition relating to a caller ID and a reception time, and an execution part for instructing the execution of an action corresponding to the treatment, and "If the fact caller ID detected from the communication request is "If the caller ID of the copy matches the specified time, and if a predetermined time has not passed from the reception time, the communication request is processed based on the treatment". "Rule 4" is a rule having a question to be presented to the caller, a condition part having an application condition regarding the correct answer to the question, and an action execution part regarding the score, and "if the answer to the question from the caller is given. Is the correct answer, the points are added up, and the total points are added up. "The" fifth rule "is a condition part having an applicable condition regarding the called party ID and the calling time. , If the destination ID (the ID of the called party) matches the called party ID of the condition section, and is predetermined from the calling time. Has not passed the time Then, "the sender request is dealt with based on the treatment", "the sender" means one selected from the group consisting of the party and the equipment requesting the start of communication. However, "the treatment information" is the information of the called party ID and the first rule set. However, if there is only one called party ID, it means the first rule set, and "ID" is the communication. It means the identifier provided by the service provider to the party who uses the communication service, and it is possible to provide multiple identifiers to one party. ・ "Communication permission" conveys the communication request to the called party. It means that the electronic secretary determines that the communication can be permitted, transmits the communication request to the called party, puts the communication request of the conventional communication means in the same state as when receiving the call, and determines whether the called party can communicate. You can make a final decision on the "Ianto" means a device that can collect the mail of the callee stored on the server, such as a mobile phone that receives the mail and a standard recommendation document RFC (Request for Comments) issued by the IAB (Internet Architecture Board). This corresponds to a host that is trying to use a service that complies with POP3 (Post Office Protocol-Version 3) specified in). ・ `` Sending client '' means a device that sends mail, for example, sending mail. Corresponds to a client terminal that operates, an ISP server that sends mail, "server" means a service provider, a telephone exchange corresponds to a server, and "reception server" receives mail. A device that provides a service for storing and delivering stored mail to the called party when accessed by the called party, such as a mail center of a mobile phone carrier and a POP3 server. The host providing the service is applicable, "communication" means transmitting information and control signals, "mail" means electronic mail, and "advance application" means that the parties It means disclosing information including one's own ID (identifier), causing the caller to apply for communication permission, and applying for communication permission to the party before the caller issues a communication request, "Identity registration" identifies a party who uses a communication service by an ID, and the provider of the communication service provides the ID to the party, and from the group consisting of the provider of the communication service and a third party. What is selected means to register the identification information of said party, and "listening permission" means to allow the caller to acquire the voice signal acquired by the transmitter of the communication device of the called party. , ・ "Monitoring permission" is received by the caller It means that the image signal acquired by the imaging device installed on the called party's side is acquired through the side communication device. It means that the location information acquired by the location acquisition means is acquired. ・ “Alert attention” means that the caller outputs the information through the communication device on the callee side to call the callee's attention. However, "information transfer permission" means that the caller transfers information to the communication device on the called side, and "first expected treatment" is applied when the treatment cannot be determined by the rule set to be applied. , Means preset treatment, ・ “Subject” means informational fields that have the purpose of having the content of information read by a person included in the mail header, and · “sender email address "Means the destination email address that includes the reply destination email address specified by the sender and sends the email to the sender .-" Treatment application "means applying for communication permission Is also considered as a form of treatment application.- "Relationship relationship" is a relationship established by the treatment that both parties give to each other.- "Treatment set" means a set of treatments. "Content of application" means the content of requesting permission for communication, and "Expected content of application" means the content of the application expected by the called party. For example, when asking the other party for the name of the called party, Is the expected application content, that is, the correct answer of the question is the expected application content, or you can specify the topic you are interested in, the keyword or the expected application content. Means that permits execution of a program on the incoming side communication apparatus to the sender, said communication device comprises means for executing the CPU or the like program.

Explanation of email related terms. The flow of mail transmission is generally from a sender terminal (sending client) to a sending mail server (receiving server), a sending mail server (sending client) to a receiving server, and a receiving server to a recipient terminal (receiving client). The outgoing mail server has two roles, a receiving server and a sending client.
Hereinafter, embodiments of the present invention will be described with reference to the drawings.
FIG. 1 is a diagram showing a schematic configuration example of an embodiment of the present invention. The party's terminal 101 communicates in the network 104 via the electronic secretary 102, and the electronic secretary may be incorporated in the party's terminal side or the server side providing the communication service, and in the case of telephone communication, may be incorporated in the telephone side or the exchange side. .
When it is installed on the server side, it is connected to the party's terminal through a communication channel. The instruction file 103 may be embedded in the electronic secretary or independent of the electronic secretary. The administrator may directly enter the data in the instruction file (not shown in the figure). The instruction file is stored in the data storage device. As long as it is a storage device that achieves the object of the present invention, an optical storage medium or the like can be adopted in addition to an electronic memory circuit such as a magnetic storage device, RAM, or ROM. The preferred implementation of the instruction file is a database that organizes and integrates interrelated data, including multimedia information, and makes it easy to search. Hereinafter, the same reference numerals are used for common or similar components in each drawing.
FIG. 2B is a layout diagram of records showing the contents of a data database (hereinafter referred to as R1DB) which records a first rule set relating to items and treatment. There can be multiple items. For example, there are two items, a calling number and a command, in the condition section of the “communication confirmation” treatment described later.

The table contains all the data in the database. A table is a collection of columns. The data is organized in rows and columns. Each row represents a record and each column represents a field in that record. The layout of a record consists of information organized by "field name" (left side of the table shown in the figure) and "field characteristics" (right side of the table shown in the figure). The rows match each field. The primary key is a column that contains a value that uniquely identifies each row in the table. The foreign key is a column for setting a link between data in two tables.
The R1DB has fields for a sender ID and a treatment ID.
FIG. 2A is a layout diagram of records showing the contents of a data database (hereinafter referred to as TDB) which records an example of a treatment set. The specific realization of each treatment differs depending on the communication device, and the total number of types of treatment that can be realized depends on the communication device. The treatment set can be expanded and simplified according to the individual needs of the parties. The treatment ID is used to identify the processing method (function) to be called within the program, and the text is used to display the content of the function to the user.
FIG. 2C is a layout diagram of records showing the contents of a data database (hereinafter referred to as GDB) that records an example of presentation information. When the presentation information includes a question to be presented to the sender, it may be in the format shown in FIG. 2F.
FIG. 2D is a layout diagram of records showing the contents of a data database (hereinafter referred to as R2DB) which records an example of the second rule set relating to expected application contents and treatment.
FIG. 2E is a layout diagram of records showing the contents of a data database (hereinafter referred to as R3DB) that records an example of a third rule set relating to the sender, the reception time, and the treatment.

FIG. 2F is a layout diagram of a record showing the contents of a data database (hereinafter referred to as R4DB) that records a question to be presented to the caller, a correct answer to the question, and an example of a fourth rule set relating to the score. The question and the presentation information stored in the GDB include one selected from the group consisting of text, voice, and image.
FIG. 2G is a layout diagram of records showing the contents of a data database (hereinafter referred to as R5DB) which records an example of the fifth rule set relating to the called party ID, the calling time, and the treatment.
FIG. 2H is a layout diagram of records showing the contents of a data database (hereinafter referred to as TRDB) which records an example of a treatment relation master.
FIG. 4 is a flowchart of one embodiment of the present invention.
A method of performing communication through an electronic secretary system (hereinafter, referred to as “electronic secretary”) that supports communication in a telecommunication network, in which an administrator issues an instruction to the electronic secretary in advance, and the electronic secretary communicates with a communication device by telecommunication. Installed between networks, the electronic secretary processes a communication request from the inside (communication device) or the outside (telecommunication network) according to the instructions of the administrator, and the method includes (a) the electronic secretary. A step of inputting data for constructing an instruction file for instructing business, a condition section having application conditions regarding items, in which the instruction file has the following, and an execution section for instructing execution of an action corresponding to the treatment And a first set of rules (herein referred to as "first rule set") described by a rule having At this time, if the item detected from the communication request (hereinafter referred to as “factual item”) matches the item in the condition section, the communication request is treated based on the treatment ”. In the present specification, creating the first rule and adding it to the first rule set is to treat the caller.) (B) Communication is performed using the electronic secretary capable of the following operations. And a step of performing. (1) Detecting the item from the communication request from the sender, (2) Accessing the instruction file, (3) Applicable conditions are established for all rules in the first rule set Finding a rule that is present and executing the rule execution unit (hereinafter, simply applying a predetermined set of rules), (4) transmitting the communication request to the called party for each communication request (Hereinafter, referred to as “communication permission”) and a plurality of treatment methods (hereinafter, referred to as “treatment set”), and when the communication request is received, one of the plurality of treatment methods is selected. , Deal with the communication request.
When a communication request from an internal or external caller is received, the item, that is, a fact item, is detected from the communication request (401), the instruction file is read (402), and the first rule set is applied by the following first rule set application procedure. Apply. That is, for all the rules in the first rule set relating to items and treatment, a rule for which the application condition is satisfied is found, and R1DB (see FIG. 2B) is searched under the condition that the item and the actual item match ( 403), it is judged whether or not it is found (404), and when the record is detected, that is, when a rule satisfying the applicable condition is found, the treatment given to the sender can be extracted from the treatment ID field. . Then, the execution part of the rule is executed (406). If not found, the communication request is treated based on a predetermined treatment method, that is, the initial expected treatment (405).

A rule set is a description of control of processing by data having a structure. That is, there are multiple different data in the same rule set. Different data in the same rule set is used to control similar processing. In the present specification, in the case of the same rule set described with different data, it is called a rule set for any purpose.
First, a case where a communication request from the outside is processed and treatment is given to each sender will be described. In the first rule set, the item is a sender ID (sender's identifier), the treatment for rejecting the communication request is called “reception refusal”, and the treatment for accepting the communication request is called “application acceptance”.
The acceptance of the application means that the caller permits the callee to express the desire to communicate, and the act can convey the communication requirement including the information for identifying the caller to the electronic secretary, Moreover, the original communication purpose of the sender cannot be achieved after the presentation information is presented to the sender and before the sender's reaction is received and it is determined that the communication request can be permitted based on the reaction.
The term "communication requirement" means a communication that establishes a communication connection between the caller and the electronic secretary and requests communication with the callee who reaches the electronic secretary before the caller's original communication purpose is achieved. Means content. For example, in the case of telephone communication, the sender's name, telephone number, and message are recorded and transmitted to the recipient, and the electronic secretary sends a voice guidance and receives the sender's reply, but it is judged that the reply contents are correct. Do not allow conversation with the recipient before Repeated questions and answers are possible. It is possible to make a judgment immediately and make a judgment after the callee. A reply can be received by dial number or voice identification.
For the purposes of this invention, the term "acceptance of application" refers to any interaction that facilitates the ongoing cycle of presenting an invitation message and receiving a response.

In the case of e-mail communication, you receive the e-mail address, subject, etc., but do not pass it to the recipient before it is judged that the contents are correct, and the electronic secretary returns the presentation information and the sender's reply according to the presentation information Do not give to the recipient before the content is judged to be correct.
The recipient can freely decide the presented information. For example, it is possible to ask the caller for personal information such as the name of the callee.
Some conventional telephone technologies have the function of being out of the house. The present invention is different from confirming the other party only when the sender is unknown, making communication possible if confirmed, and making a call or rejecting when the sender is known.
FIG. 5 is a flowchart of another embodiment of the present invention. The instruction file includes presentation information to be presented to the sender, and the electronic secretary can perform an operation to present the presentation information to the sender. The instruction file has a second set of rules described by a rule having a condition part having an application condition regarding expected application contents and an execution part instructing execution of an action corresponding to treatment ("in this specification". 2nd rule set)) (the second rule represents a matter of "if the expected application content is detected from the communication request, treat the communication request based on the treatment"). The application acceptance includes the following operations, (a) detects the expected application content from the communication request, and (b) applies the second rule set. The ID is detected (501), the instruction file is read (502), the first rule set is applied (503), the result is judged (504), and the application acceptance is the second rule set related to the expected application content and treatment. Among all the rules in the above, the rule for which the applicable condition is satisfied is found (505), and it is judged whether or not it is found (506). If not found, the predetermined treatment method, that is, the first expected treatment is applied. Take action based on

For example, the presentation information is presented to the sender and then the reception is rejected. Alternatively, the reception is rejected without presenting any guidance. It is desirable for the parties to decide. It is desirable to select the initial treatment from the treatment set excluding the application acceptance treatment (507). When the rule satisfying the application condition of the first rule set is not found, use whether to execute the application acceptance treatment. Can be selected by the person.
When a rule satisfying the applicable condition is found, the communication request is processed based on the given treatment, that is, the treatment described in the rule execution unit (508). The treatment includes permission of communication and refusal of reception.Allows a part of communication and records the caller's requirement. It is possible to specify according to the will of the person. For example, when the communication facility has only a basic communication function, the communication contents are passed so that the execution of the communication permission treatment of the electronic secretary does not interfere, and when the communication is not permitted, all the communication contents are simply cut off.
A communication facility incorporating one embodiment of the present invention has a basic communication function and a control function. The electronic secretary is instructed to perform control permission treatment so that the communication facility is in a controlled state, and then the communication contents including the caller's instruction are passed. Furthermore, various controlled states such as information transfer permission, alerting permission, position acquisition permission, listening permission, and monitoring permission can be realized.
By issuing a password to the sender using the second rule set, phishing (sender identity forgery) fraud can be prevented.
Communication can be permitted based on the contents of communication using the second rule set. Freedom to call is unlimited. It is possible to do mail-order sales and advertisements that benefit both parties.

The communication request from the inside can be processed similarly to the mechanism of processing the communication request from the outside. For example, the first rule set for outgoing call in which the item is the called party ID (identification of the called party) can be used. A treatment of refusing a communication request of "call rejection", a treatment of permitting a communication request of "call permission", and a treatment of "call origination authentication" can be used. The outgoing call authentication treatment allows the outgoing call when the authentication program is started and the authentication by the password verification is successful. For example, in the case of a company, the invention can be used to manage outgoing calls such as international calls.
In the present specification, giving a treatment to a certain communication request means performing a specific treatment for the communication request having a specific communication content.
FIG. 6 is a flowchart of another embodiment of the present invention described in the explanation of FIG. The communication is electronic mail communication, the sender ID is the sender's mail address (return address), the presentation information includes a description of conditions for receiving the electronic mail, and the communication permission treatment is electronic mail. It is to receive, the presenting is to reply to the caller, and when the communication request arrives, the electronic secretary first applies the first rule set, and the applicable condition is satisfied. If the rule is not found, the application is accepted, and in the step of accepting the application, when the second rule set is applied, the rule satisfying the applicable condition is not found, that is, the treatment cannot be determined. In this case, the communication request is rejected after the presentation information is presented to the sender.
The sender's mail address is detected (601), the instruction file is read (602), the first rule set is applied (603), the result is judged (604), the second rule set is applied (605), The result is judged (606), the presentation information includes an explanation of the condition for receiving the mail, and the communication permission treatment is to receive the mail. That is, the electronic secretary passes the mail, and the recipient receives the mail. The reception refusal treatment does not receive an e-mail (608), and presenting the presentation information to the sender means returning the presentation information to the sender (607).
FIG. 7 is a diagram showing a configuration of another embodiment in the present invention described in the explanation of FIG. The electronic secretary and instruction files R1DB, GDB, R2DB are incorporated in the receiving client side user terminal 701. Reference numeral 702 represents an ISP (Internet Service Provider) receiving server.

FIG. 8 is a flowchart of another embodiment of the present invention described in the explanation of FIG. The electronic secretary is installed on the receiving client side, and refusing the communication request means sending a delete command to the receiving server to delete the electronic mail from the receiving server. The way to apply for permission is to include the content of the application in the subject line of the email. The presentation information includes at least a content prompting the subject of the e-mail to describe the content of the application. For example, a question is presented and the answer is prompted to be entered in the subject.
Then, the user logs in to the receiving server (801) and detects the sender's ID, that is, the sender's mail address from the header of the mail (802). For example, by sending the command "TOP 10" described in POP3 (Non-Patent Document 3), which is a general mail reception protocol, and receiving and analyzing the header of the first mail from the POP3 server, the sender electronic Can detect email addresses.
Then, when the instruction file is read (803), the first rule set is applied in the first rule set application procedure (804, 805, 809), and no rule satisfying the application condition is found from the first rule set. The second rule set is applied in the following exemplary procedure (806, 807). First, the correct answer contents are extracted one by one for all the records in the R4DB (see FIG. 2F), and based on the extracted contents, the corresponding contents are retrieved from the subject included in the header of the mail and scored. ..
Then, for all the records in the R2DB, a record that matches the score value is detected, and when detected, that is, when a rule satisfying the application condition is found, the treatment ID can be extracted from the treatment ID field. .. Then, the rule execution unit is executed (809). The initial treatment is processed (808).

There is also an invention that extracts the identification information of the sender from the arrived e-mail (Patent Document 5). The present invention differs in that the sender ID is extracted from the header of the arrived electronic mail. The present invention can achieve the object without opening the mail body. Therefore, as compared with the above-described invention in which the main body of the mail is opened, the communication amount of the charging portion of the communication with the server such as a mobile phone can be significantly reduced.
FIG. 9 is a diagram showing the configuration of another embodiment of the present invention described in the explanation of FIG. An electronic secretary and instruction files R1DB, GDB, R2DB are incorporated in the receiving server 901 side. Reference numeral 902 indicates a receiving client. Reference numeral 903 denotes a mail transmission client.
FIG. 10 is a flowchart of another embodiment of the present invention described in the explanation of FIG. The way to apply for permission of communication to present to the sender is to describe the content of the application in the subject line of the email. The presentation information includes at least a content prompting to describe the application content in the subject of the email, the electronic secretary is installed on the receiving server side, and refusing the communication request means that the email sending client This is to notify the occurrence of an error and then stop the communication, receive the envelope (1001), detect the sender's mail address, read the instruction file (1002), and apply the first rule set. The first rule set is applied in the procedure (1003, 1004, 1009). If a rule satisfying the application condition is not found from the first rule set, in order to receive the subject of the mail, the header including the subject of the mail is also received (1005), and the second rule set application procedure is performed. Then, the second rule set is applied (1006, 1007, 1009). The initial treatment is processed (1008).

FIG. 11 is a partial flowchart of the early decision processing of another embodiment in the present invention described in the explanation of FIG. The early decision means that the reception of the mail is rejected and executed before the reception of the mail body is finished. The present invention can decide to reject the reception of the mail body by judging the content of the subject of the mail. However, prior art SMTP compliant mail senders have the step of checking for authorization after sending the envelope of the mail and before sending the content, but once the sending of the mail content begins, before sending the body, There is no step to check whether it is authorized (see Non-Patent Document 4). Therefore, a sending client that is forcibly stopped (that is, an early decision) by closing the communication channel during the transmission of content will be sent by a mail sender that ignores the error code returned when it is terminated and resends it. It may exist. The present invention can realize an early decision that can prevent the generation of wasteful communication amount even when receiving from such a sender of the prior art.
The early decision process starts from the time when a rule satisfying the application condition of the step of applying the first rule set (1004 in FIG. 10) is not found. The third rule set is applied by the following procedure for applying the third rule set. That is, the R3DB is searched based on the conditions that the sender ID (the sender's mail address in this embodiment) matches and that a predetermined time has not elapsed from the reception time to the search time (1101), When the result is judged (1102) and the record is detected, that is, when the rule satisfying the application condition is found, the treatment can be extracted from the treatment ID field. Then, the execution part of the rule is executed (1110). If no rule satisfying the application condition is found, the header including the subject of the mail is received (1103), and the second rule set is applied by the second rule set application procedure (1104, 1105, 1112). , Process the first expected treatment (1106). However, if reception refusal is included in the treatment and first expected treatment of the second rule set execution unit (judgment: 1107), the third rule is set based on the fact sender ID, reception time, and reception refusal treatment. In addition to the third rule set (1108), the communication request is processed based on the treatment, the reception refusal during the treatment is returned to the sending client with a temporary error state, and then the communication is forcibly stopped ( 1109), otherwise, the communication request is treated based on the given treatment (1112). The purpose of the execution of the third rule is to terminate the prior art SMTP compliant sender before the prior art formal step: header reception. Since it only has to be executed once, when the execution unit of the third rule is executed, the corresponding rule is deleted (1111).

Issuing the socket disconnect command (close) of the TCP protocol is an example of the forced termination. The third rule set is used as a refusal history if the sender conforming to the SMTP retries transmission after a certain time. If the history can detect the aborted sender's retry, the system rejects the content transmission by the standard method of SMTP. Delete old reject history if no retries occur. In this way, it is possible to realize an early decision that can prevent the generation of wasteful communication traffic. The third rule set for this purpose is called the third rule set for cancellation.
The embodiments shown in FIGS. 30 and 31 are proposed as an extended function of the conventional SMTP. When the sender implementing this function and the invention shown in FIG. 10 are used at the same time, the electronic secretary of the receiver does not have to deal with the above-mentioned retry, and the forced termination means by the command of the TCP layer located in another layer than SMTP It is possible to reduce the communication volume of the public network and the processing of the connected mail server against unsolicited e-mail without having to rely on the.
If the third rule is set to have a predetermined time longer than the retry interval (see Non-Patent Document 4), the re-execution transmission is surely caught (YES at 1102), the sender is abandoned, and the unwanted repetition Can prevent execution.
In step 1109, a failure response may be returned to the sending client instead of the temporary error state. It may be determined that the junk e-mail is the correct answer to the question after receiving some or all of the content instead of the header, or the expected keyword is not detected or is detected.
FIG. 12 is a flowchart of another embodiment of the present invention described in the explanation of FIG. The presentation information presented to the sender makes a communication permission application, the presentation information includes at least content prompting to describe the application content in the email, the electronic secretary is installed on the receiving server side, and Rejecting the communication request is to notify the sending client of the electronic mail that an error has occurred and then stop the communication, and when the electronic secretary receives the communication request, first, the fact sender ID is sent. Received up to the envelope of the e-mail containing the above, applied the first rule set, and if the rule satisfying the applicable condition is not found, the content of the e-mail is received. , Accept the application. Receiving up to the envelope (1201), detecting the sender's mail address, reading the instruction file (1202), and applying the first rule set in the first rule set application procedure (1203, 1204, 1209). ). When a rule satisfying the application condition is not found from the first rule set, the content is received (1205), and the second rule set is applied in the second rule set applying procedure (1206, 1207, 1209). .. The initial treatment is processed (1208).

FIG. 13 is a flowchart of another embodiment of the present invention described in the explanation of FIG. When applying the second rule set, if a second rule satisfying the application condition is found, the sender is given the treatment of the execution unit of the found second rule. The ID is detected (1301), the instruction file is read (1302), the first rule set is applied (1303), the result is judged (1304), the second rule set is applied (1305), and the result is judged ( 1306), the initial expected treatment is processed (1307). The difference from FIG. 5 is that when the second rule for which the application condition is satisfied is found, the storage condition is further determined (1310), and when the condition is satisfied, the electronic secretary finds the second rule. It is to give the caller a treatment of the rule execution part. That is, a first rule is created based on the sender ID and the treatment, added to the first rule set (1309), and the communication request is treated based on the treatment (1308). Normally, one of the storage conditions is that the found treatment of the execution unit of the second rule is not acceptance of the application. Storage conditions can be specified or changed by the parties.
This process is called automatic examination. In case of correctly answering the question specified by the callee, if this method is used, all related parties who have contacted the recipient even once are automatically stored in the first rule, and the same question is asked the second time. Not done. Application acceptance treatment is usually not given to a specific person. When you demote a person who has been granted communication permission treatment and give him / her an application acceptance treatment, it is useful as a record of communication with that person.
In step 1307, treatment is performed based on the initial expected treatment. The first expected treatment in this example is to present the presentation information to the sender and then reject the reception. When the sender is unknown, it is necessary to present the presentation information in order to request the sender to apply for communication permission. If the presentation information is not presented in the exchange of application acceptance, it can be presented in this step. It is also possible not to present at the will of the parties.
14 is a flowchart of a portion of another embodiment of the invention described in the description of FIG. The processing of this part is included in the processing block of initial expected treatment (507 in FIG. 5). That is, when the treatment is not determined by the first and second rules, the third rule set is applied in the third rule set application procedure (1401, 1402, 1405). When applied, the corresponding rule is deleted from the third rule set (1406), a first rule is created based on the caller ID and a predetermined treatment, and added to the first rule set (1407). If no rule satisfying the applicable condition is found, a third rule is created based on the sender ID, the reception time, and the predetermined treatment, and added to the third rule set (1403). The electronic secretary executes the original expected treatment (1404).

When the originator is unknown, the present invention automatically replies to the originator and confirms the identity of the originator. However, the reply address of most spam emails is currently forged. If you reply automatically, you may create a new spam mail. According to the present invention, when the second mail is received from the reply destination address, if the information that can confirm the predetermined identity is not included, if the parties specify the predetermined treatment as refusal of reception, for example, it is applicable. Ignore the address and give a reception refusal, and then refuse the reception without automatic reply.
As with the third rule, the time element may be incorporated in the condition part of the first rule. For example, the first rule having a refusal treatment is deleted after one month or more has passed. Then, the rejected caller can be returned to the initial expected treatment again, and the enlargement of the first rule set can be prevented. Immediately reject forged non-replyable addresses.
In the case of telephones, the invention can prevent attacks by repeated subscriptions. The present invention provides a finite number of application opportunities to the other party and handles repeated application by machines and the like. It can be realized by putting the number of times into the execution condition or giving a limited number of application treatments. It should be noted here that the purpose of use of the third rule set is different from the purpose of use for forced termination.
FIG. 15 is a diagram showing a configuration of another embodiment in the present invention described in the explanation of FIG. The electronic secretary and instruction files R1DB, GDB, R2DB are incorporated in the party terminal side 1501. Means for communicating through real-time interactions. The party terminal 1502 having the control right can communicate with the called party terminal 1501 without intervention of the called party, and can send the control command 1510 to the terminal 1501. The party terminal 1503 given the communication permission treatment can perform normal bidirectional communication 1520 with the terminal 1501. Communication and control can coexist.
FIG. 16 is a flowchart of another embodiment of the present invention described in the explanation of FIG. The communication is telephone communication, the presentation information includes a description of the conditions for receiving the communication, and when the communication request arrives, the electronic secretary first applies the first rule set, and the rule is satisfied. If the application is not found, the application is accepted, and in the step of accepting the application, the presentation information is presented to the sender, the reaction of the sender is received, and the second rule set is applied. If no rule satisfying the condition is found, that is, if the treatment cannot be determined, the communication request is processed based on the initial expected treatment. The ID is detected (1601), the instruction file is read (1602), the first rule set is applied, and the result is judged (1603, 1604). If no rule satisfying the condition is found, the presentation information is transmitted. After receiving the caller's reaction (1605), applying the second rule set and judging the result (1606, 1607), the communication request is treated based on the initial expected treatment or the given treatment according to the result. (1608, 1609).

FIG. 17 is a flowchart of another embodiment of the present invention described in the explanation of FIG. The presentation information includes a question to be presented to the caller, the expected application content is an answer to the question that has obtained a predetermined total score, and the instruction file is the question to be presented to the caller and the question. A fourth set of rules (hereinafter referred to as a “fourth rule set”) described by a rule having a condition part having an applicable condition regarding the correct answer and an action executing part regarding the score (the fourth rule is If the answer to the question from the sender is correct, the score is added and the total score is added. ”), And the electronic secretary can further perform the following operations. Is. (A) present the question to the caller, (b) receive the caller's answer to the question, and (c) apply the fourth set of rules.
The process of this part exemplifies the procedure of presenting a repeat guide message, receiving a reaction, and determining the accuracy of the reaction. This corresponds to the processing block (1605 in FIG. 16) of “presenting presentation information to the sender and receiving the reaction of the sender” in FIG. It is judged from the R4DB that the processing of the data record of the rule is completed (1701), extracted (1702), the question is presented to the sender, and the answer of the sender is received (1704). A question may have multiple correct answers. For example, when confirming the identification number, there are a plurality of identification numbers. In this embodiment, the mechanism for confirming a plurality of correct answers (1705) does not ask the same question, but verifies whether the answer received at the time of the previous question is the next correct answer. It is judged by adding a question presentation unnecessary sign to the R4DB or by leaving the question field blank (1703). In some cases it is not necessary to present all the questions. For example, there are cases where the identity of the other party can be judged by the first question. This embodiment has a mechanism to end the question and answer early if the total score (1706) exceeds a predetermined score (1707). The system that performs the processing of this part includes means for receiving the reaction of the caller according to the type of presentation information. For example, when the answer is obtained by pressing the dial number of the telephone, a means for recognizing the pressed number is provided.

In the case of a telephone call, the caller is identified by the calling telephone number. The present invention can identify the sender by the identification number or password issued by the parties. It is possible to communicate from an unspecified calling terminal using the identification number.
FIG. 18 is a diagram showing the configuration of another embodiment of the present invention. The electronic secretary and the instruction file are incorporated in the communication service providing server 1801 side. It has an instruction file for each party and can be used by multiple parties. The party having the usage right inputs data in order to construct his / her instruction file from any terminal 1803 or telephone (1820). The communication request or control command of the sender terminal 1802 is sent via the electronic secretary server (1810).
FIG. 19 is a diagram showing the configuration of another embodiment of the present invention. The electronic secretary has a means to access (1930) the instruction file through the network, and one ruler uses multiple electronic secretaries (1901, 1904). The plurality of electronic secretaries access one instruction file 103. Reference numeral 1940 indicates a mail via the server 1904. The fifth rule set (R5DB in FIG. 2G) created by the electronic secretary is also stored in the instruction file 103 (not shown in FIG. 19).
FIG. 20 is a partial transmission processing flowchart of another embodiment of the present invention described in the explanation of FIG.
The instruction file further includes a fifth rule set (5), which is described as a rule having a condition part having an applicable condition relating to the called party ID and the calling time, and an execution part instructing execution of an action corresponding to the treatment. (Hereinafter referred to as "fifth rule set"), and the electronic secretary can further perform the following operations. (A) apply the fifth rule set, (b) send a communication request to the callee and receive treatment, (c) create the fifth rule and add it to the fifth rule set.

For all the rules in the fifth rule set relating to the recipient's recipient's ID, originating time, and treatment, rules that meet the applicable conditions are found, the result is judged (2001, 2002), and the applicable conditions are met. If the rule is found, the outgoing request is processed based on the given treatment (2004). If the rule is not found, a communication request is sent to the called party and the treatment is received (2003). In the case of the electronic secretary of the present invention, the called party determines the treatment received by a predetermined return code and communicates (2005, 2006). When the other party of the incoming call uses the conventional technology, for example, the conventional mail receiving server, it is desirable to regard it as a refusal of reception when a permanent error code is received.
If the received treatment is "immediate communication is not possible", a fifth rule is created based on the callee ID, the transmission time, and the treatment, and added to the fifth rule set (2007). The main purpose of this invention is to prevent unwanted communication at the source. Preferably, it is operated by the server as shown in FIGS. 18 and 19, and the caller cannot block the entry (2007) of the “not immediately communicable” treatment including the reception refusal treatment into the R5DB. When the treatment given to the other party is the refusal of reception, repeated transmission is blocked within a predetermined time. It is desirable that the server administrator set the predetermined time. For example, if a treatment such as "please call again after one hour" is given, it can be performed on the transmission server side. If the R5DB is not cleared, the number of R5DB records indiscriminately increases by the sender of mass nuisance communication. Depending on the number of R5DB records, the server administrator can reduce the transmission efficiency of the sender or issue a warning.
For the communication request transmitted from the inside, the treatment can be performed by the first rule set for transmission set by the administrator of the communication device. Please note that the first and fifth rulesets for outgoing have different purposes.

FIG. 21 shows a system for performing anonymous communication between electronic secretary users. The first and second parties are users of the electronic secretary of the present invention. As shown in FIG. 1, the electronic secretary operates between the terminal and the communication network, and is incorporated in the party terminal side or the server side that provides the communication service (not shown in FIG. 21). The first and second data are personal information of the first and second parties, respectively. These pieces of information are shown in FIG. 3A, which describes the PDDB, and include party IDs such as telephone numbers, names, writing names, addresses, educational backgrounds, work history ... The server system 2103 stores the personal information PDDB and VDB of a party who desires anonymous communication, and provides services such as searching for a communication partner in order to start anonymous communication.
This form relates to anonymous communication between two or more parties. For contrasting background art, see Patent Document 10 mainly. Realize easy and easy anonymous communication. The main method is to create a communication channel between the parties by controlling permission treatment.
FIG. 3A is a layout diagram of records showing the contents of the party data database (hereinafter referred to as PDDB) of the example regarding the party data.
FIG. 3B is a layout diagram of records showing the contents of a confirmation data database (hereinafter referred to as VDB) according to an embodiment regarding data for recording a confirmation request.
FIG. 3C is a layout diagram of records showing the contents of a verifier data database (hereinafter referred to as VRDB) according to an embodiment regarding data for recording verifier information.
FIG. 22 is a partial flowchart of the processing of the first party. FIG. 23 is a partial flowchart of the process of the second party. FIG. 24 is a flowchart of the server search, data transmission, and treatment exchange processing part.
The present invention can be used by two or more parties simultaneously. The description below is that the first party inputs the treatment given to the data disclosure partner to the PDDB, gives the proxy treatment to the server (2202), and the second party sends a search request to the server (2302). And
See Example 4 for another example of party data other than PDDB.

The parties 2101, 2102 input the first and second data, at least one party rule for disclosing the data, and the server 2103, and give communication permission treatment to the server (2110, 2111, 2201, 2301). ). The server receives the party data and the party rules and stores them in the PDDB (2401). The party rules include information about the disclosure of information, the profile of candidates not disclosing, whether confirmation is required before disclosing the information, and what information is disclosed to which candidate. Save to authorization profile. The second party sends a search request containing search criteria (2112, 2302), which the server receives and searches the PDDB (2402). The search result such as the number of records satisfying the above criteria is sent to the second party (2303, 2403). It is determined whether the first data satisfies the search criteria (2404), and if there is the first data satisfying the search criteria, it is determined whether the first party rule is met (2405), and if the first data satisfies the search criteria. , Send the first data to the second party (2113, 2303, 2406). When the first party gives the server a substitute permission treatment and inputs the treatment given to the second party to which the first data is disclosed to the PDDB, the server acts on behalf of the first party, The second party is given a treatment for giving the disclosed object included in the first data to the second party (2113, 2407). It is determined whether the second party rule is satisfied (2408), and if so, the second data of the second party is sent to the first party (2114, 2203, 2409).
It is possible that the party rules may include a confirmation of the individual as a requirement before disclosing the information. It is possible to specify in the party rule on condition that information about the party has been confirmed.
It is possible to ask the server to confirm the information about the parties. The information regarding confirmation is stored in the confirmation database VDB, and the verifier information is stored in the verifier data database VRDB.

When the party's instruction file is stored in a server in the network, the user logs in to the server based on the access permission information (ID, password) and inputs data to the instruction file. Execution of proxy authorization is entered in the instruction file based on the access authorization information entered by the client. When the instruction file is stored locally, the execution of proxy authorization is realized by giving the information transfer permission treatment to the server and inputting it to the local instruction file.
The server processes the search request and determines whether the first data satisfies the search criteria, and whether the first (second) data disclosing first (second) party rule is satisfied. Implementation of the determining process is known from US Pat. There are many search techniques you can use, including keywords, fuzzy logic and natural language search tools.
According to the present invention, since the called party determines the success or failure of communication, the connection between the party ID such as a telephone number and the identity can be disconnected. Only connect to private telephones or people with whom you can easily send email. The effect of a private network in a public network can be obtained. According to the present invention, even if the public network communication ID used and known to the other party is used, the communication of the other party can be refused later. Therefore, unless the identity is made public, anonymity can be maintained and a normal number can be used easily. , Anonymous communication that can use all communication functions can be realized. For example, the present invention does not require the intervention of a dedicated central controller to remove the identity from the communication. There is no need to create a special communication channel.
Compared with a technique of anonymous communication that requires two steps for data exchange between the parties via a dedicated central controller (see Patent Document 10), the present invention easily realizes anonymous communication and easy data exchange. You can do it.
A communication service provider provides an ID to a party who uses the communication service, and a method selected from the group consisting of the communication service provider and a third party registers the identification information of the party. Utilizing, the identity verification information of the parties is stored in the server. A third party such as a communication service provider who manages the server or a security service provider who cooperates with the server has a legal obligation to protect information. In the case of damage caused by illegal activities, you can communicate with peace of mind because you can check the background of the other party by legal means.

If you set the recipient's treatment to be refusal of reception, you can disconnect the communication. If necessary, an additional ID is used and a new telephone number dedicated to anonymous communication is newly contracted in addition to the telephone number normally used. For example, NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION can use an additional number service in addition to the original subscriber line number, and can also use the additional number as a caller number. In case of email, new address can be used as additional ID. If the need for anonymous communication is no longer necessary and it is burdensome to set the treatment to refusal of reception, the contract for the additional ID may be abolished. The concept of normal language treatment is a giving and receiving relationship. The term treatment of the present invention is also related to giving and receiving, but "treatment exchange" is not necessarily simultaneous exchange. The present invention allows only one to grant communication permission and only the other to communicate.
FIG. 25 is a flowchart of another embodiment in which control permission treatment is added to the present invention described in the explanation of FIG. FIG. 26 is a diagram showing a configuration of an embodiment in the present invention described in the explanation of FIG. The administrator of the terminal A 2601 gave the information transfer permission and the program execution permission treatment to the terminal C 2603. When the information is transferred from the terminal C to the terminal A, the data is written in the storage device 13 of the terminal A (2610), and the alert permission treatment is given, the information is output to the display unit 18 through the terminal A and the speaker 17 outputs a voice. It is possible to draw the attention of a nearby party. The terminal B 2602 and the terminal A perform normal bidirectional communication (2620).
When the information requesting confirmation of the electronic payment of the bank is received from the terminal C, the authentication program is activated, the holder of the terminal A inputs the fingerprint through the fingerprint sensor, and the authentication program is registered based on the input fingerprint information. The fingerprint information is collated with the registered fingerprint information, and only when the fingerprint information matches, the pre-registered personal identification number is transmitted to the terminal C to confirm the settlement.

FIG. 27 is a conceptual diagram showing the configuration of another embodiment of the present invention. The ruler of the mobile device 2701 gave the location acquisition permission treatment to the originator of the terminal A2702. The position information acquisition command 2711 is issued from the terminal A, and the mobile device acquires the position information by the position acquisition means installed in accordance with the command and transfers the acquired position information to the terminal A (2712). The position information is based on a received GPS (Global Positioning System) position signal, position information converted from the received GPS position signal, current position information of a PHS (Personal handy phone) terminal, and mobile phone base station position information. Those selected from the group consisting of the provided mobile terminal location information (hereinafter referred to as "specific location") are included. The specific position is the GPS position signal received from the GPS satellite 2704, the position information converted from the received GPS position signal, the current position information provided based on the base station 2705 position information of the PHS terminal, and the mobile phone base station 2706. It includes one selected from the group consisting of mobile terminal location information provided based on location information. When the mobile communication device (hereinafter referred to as “mobile device”) issues a communication request to the terminal A having an ID registered in advance, the communication device on the called side detects the speed or the position information and detects the terminal A. (2714), the transfer plan information is transferred to the terminal A, and the terminal A is further treated with (a) information transfer permission and (b) attention calling permission. The terminal A transfers information to the mobile device, causes the information display means of the mobile device to output the information, and calls the attention of the nearby party through the caution device of the mobile device (2715).
For example, a mutual position notification requesting group such as a moving vehicle, a mountaineer, or the like located nearby can notify and display the mutual position. The speed of the mobile device can be acquired in the same manner as the position information acquisition command for the terminal A that has given the speed acquisition permission. Then, the movement information can be acquired from the mobile device only when the terminal A is required. The electric configuration of a mobile device, the calculation of the moving speed and the direction, and the estimation of the traffic state are known from Patent Document 14. Calling attention includes causing the mobile device to select from the group consisting of voice, light, and vibration. The movement plan information includes arrival destination information, and the information transferred to the mobile device includes information selected from the group consisting of map information, recommended route, current route, forward traffic jam information, detour information and weather information. The position information includes a specific position. The terminal B2703 and the mobile device perform normal bidirectional communication (2713).
A system to protect wandering old people appeared a few years ago. The present invention is not limited to the element that can acquire (control) the location information of the called party. It should be noted that the present invention includes an element that can also make a call.

FIG. 28 is a flowchart of another embodiment of the present invention regarding dynamic route guidance (see FIG. 27). The purpose of this example is to efficiently provide a vehicle driving guidance function to a mobile terminal having a position information acquisition function, for example, a GPS-equipped mobile phone. When issuing a communication request to the server terminal of the fixed machine having the ID registered in advance, the current location and destination information of the mobile station is transmitted to the server, and the server receives it (2801). When the server searches the recommended route and transmits it to the mobile device (2802), searches the recommended route congestion information at a predetermined interval (2803), determines whether the congestion occurs (2804), and if it occurs , The server to which the position acquisition permission treatment is given acquires the current position of the mobile device, checks the traveling route (2805), and searches for a detour (2806, 2807) when congestion occurs before the traveling route. ), If there is a detour, the server given the information transfer permission and the alerting permission treatment transfers the detour information to the mobile device, and then informs the driver by voice (2808).
The route search requires a lot of calculation amount and speed. Retrieving dynamic road traffic information from mobile devices is inefficient. The present invention entrusts the server with an operation that cannot be performed by an inexpensive portable mobile terminal, communicates with the mobile device only when there is a traffic jam that may be involved, and informs the detour information. By giving the control permission treatment to the server, it is not necessary for the terminating driver to perform the operation himself. The route search and the detour search are known from Patent Documents 7 and 8.
FIG. 29 is a conceptual diagram of another embodiment of the present invention regarding position information and the like. When the mobile device 2701 detects a position change, the mobile device 2701 transfers the changed position information to the terminal A 2702 having the ID registered in advance (2911). The terminal A gives the mobile device the information transfer permission and the attention calling permission. The control permission includes the listening permission. It is assumed that the master of the mobile device gives the sender of the terminal A permission to listen and monitor.
A communication request, a listening command, and a monitoring command are issued from the terminal A (2921). In accordance with the command, the mobile device sends to the terminal A the audio signal acquired by the installed transmitter and the image signal acquired by the imaging device (2922). This example can be used for mobiles to take care of children. For example, parents can check the whereabouts of their children and listen to their activities such as playing in the park or attending school. The position information changed when the child is at school or moving is automatically transferred to the parent terminal A. The mobile device preferably uses PHS, and information is transferred by mail, which is packet communication. The terminal A preferably uses a personal computer that is always connected to the Internet through an ADSL line or the like, and displays the whereabouts of a child carrying a mobile device on a map in real time. It can also be used for car crime prevention. The owner will be alerted and tracked of any unscheduled vehicle movements. It is desirable to use GPS position acquisition means when high positional accuracy is required such as in taxis and transportation operations.

An image display unit that adds position information of a mobile device to map data and displays the image on an image is known from Patent Document 9.
The first rule set of the present invention is a mechanism led by the callee (administrator) and can give location acquisition permission treatment to any caller determined by the administrator. Therefore, unlike the invention shown in Patent Document 9, the caller can directly obtain the position of the mobile device without relying on relaying by a third party such as a service center fixed to the receiver.
FIG. 30 is a diagram showing the configuration of a mail transmission client for operating as a pair with the mail reception embodiment (FIG. 10) of the embodiment of the system according to claim 131. The electronic mail 3003 stored in the storage device 13 of the sending client 3001 is sent to the receiving server 3002. See the prior art SMTP (Non-Patent Document 4, Non-Patent Document 5) for an example of the configuration of the electronic mail 3003. 31 is a flow chart of an embodiment of the sending client of the method of claim 113 utilized by the system of claim 131. Session initialization, sending client initialization (3101). Envelope transmission (3102) is performed by issuing an SMTP-compliant command: MAIL command, RCPT command, the sender and recipient mail addresses are transmitted to the receiving server, and it is checked whether the envelope has been accepted (3103). The processing up to this point is the same as that of SMTP. Since the authorization to send the body is determined by the information included in the header, the information field included in the header is sent (3104), and the information field contains the information that allows the called party to determine the specified reception condition and is authorized. It is checked (3105). In the present invention, this step is called "INFO command". Based on the received envelope and the information field, the receiving server can match the receiving condition specified by the called party and determine whether to authorize the transmission of the next body. If approved, the conventional DATA command is issued and the content is transmitted (3106). If authorized and accepted, normal processing of transmission is performed, and the transmitted mail is deleted from the storage device 13 (3107, 3109). If not authorized, error processing is performed (3108).

Prior art SMTP authorizes the envelope and then sends the content as a block for authorization checking. When using only the commands of the hierarchy of the mail transfer protocol, the reception of the content cannot be rejected until the reception of the entire content is completed. Therefore, even if it can be judged that the reception should be rejected depending on the content, wasteful communication will already occur. On the other hand, in the content specification (Non-Patent Document 5) that has already been used extensively, the information fields called Subject, Comments, and Keywords have the purpose of having the content of the information read by the person. Can describe the information that can judge the specified reception condition. Even existing mail communication software has a means for writing information in the field. When the caller first does not know the receiving condition of the called party, the receiving server side informs the calling party of the receiving condition of the called party by the automatic reply means. Furthermore, the mail address of the sender who satisfied the reception condition is recorded only once, and the second and subsequent transmissions were judged from the sender address included in the envelope, and the sender satisfied the reception condition last time. If the information field is not checked, the content is allowed to pass. As described above, the receiving server can determine whether to authorize the transmission of the body based on the received envelope and the information received before the body is received.
It is desirable to separate the information field from the header and send it before the content as a body sending authorization standard, but in order to make maximum use of existing communication software, the information field is extracted from the header and sent first. Once approved, the content may be transmitted without changing the conventional content, that is, a DATA command for transmitting the conventional content (3106). Alternatively, the header may be sent first and the body may be sent if authorized.
As described above, the present invention constructs an efficient mail communication system capable of preventing unsolicited mail communication by using the subject field that has already been widely accepted.

  When the present invention is operated on the server side, the effects of preventing unwanted communication and reducing the communication volume of the entire network can be obtained at the same time. When the control permission function is used at the same time, a multifunctional terminal is realized. A payment system consisting of connection by packet communication, treatment based on a virtual account, and authentication by a fingerprint recognition function attached to a mobile phone enables strong and convenient cashless commerce.

Multifunctional telephone (3201)
FIG. 32 is a block diagram showing the configuration. Reference numeral 17 is a microphone and a speaker. 33A-D show TDB, R1DB, R2DB, R4DB). The presentation information is a question presented to the sender. The question is a prerecorded audio file. In this example, the fact that the question field is blank indicates that the question is not required to be presented, and the predetermined total score for ending the question and answer is 3 (see FIG. 17, 1707). If the total score is 5, the condition automatically gives the caller the treatment of the second rule execution unit (see FIGS. 13 and 1310).
FIG. 34 is a schematic flowchart of the process, and the basic part is the same as FIG. In the present embodiment, the party's terminal is a telephone, or the party's terminal function is incorporated in a personal computer, or can be realized as an external adapter dedicated to the telephone. For the first time, the question message is sent to the person who receives a call from a telephone number that the called party does not know, and the person answers by pressing the dial button. Judge the response and decide the treatment.
FIG. 35 is a diagram showing an example of an operation in which automatic treatment is automatically applied to the telephone numbers of the parties concerned so that they can normally call.
Various functions can be set from the basic unwanted communication prevention function. The instruction file setting of this example can realize the following functions. It is necessary to receive the designated call (treatment ID = 4), reject the designation (treatment ID = 1) for each person's phone number, and accept the application for unknown parties. The side is charged a communication fee. As a result, it is possible to give financial sanctions to the originator of the incomplete call (single cut) call from the machine, and because the originator does not receive an accurate reply, total score = 0, treatment ID = 0, reject , No number is recorded in the reception history.
However, the other party who has given permission sounds the same ring tone as usual and is not charged until the recipient receives the call. If you make a mistake in the callee's name in the first question, you will be immediately denied access. In other cases, if you press 4, the second question will be sent out, prompting you to press the dial button of 1 for real estate sales, 2 for English conversation, 3 for daily life goods, 4 for sports goods. When each selection is made, it automatically sounds the ring tone according to the score, records without ringing the sound, disconnects the call, does not automatically store the caller ID even if the call is made, or it is automatically stored To do. When the personal identification number 5678 is pressed, the call is automatically connected without ringing. This makes it possible to monitor and listen to babysitters and children at home. For example, a parent can call or listen to a child's cell phone.

The first question in this example is simple, but it can be complicated depending on the actual usage. For example, if you present your family name and given name in two questions and present them in order (the first answer is correct and then the second is presented), and each of the five options is presented, answer randomly and answer correctly. The probability of becoming will fall to 1/25.
The number set in the correct answer field can have various functions depending on the device. For example, it can be used as an extension number, and if the guidance question is "please press the extension number", the call of the person who knows the number can be received regardless of the calling number.
If the calling number of the other party's home phone is given a treatment, if the same person calls from a public telephone, you will be asked to enter the other party's home number as an identification message in the guidance message, and the entered number will be checked against the treatment information. You can determine the treatment.
The specific method of examining the treatment application depends on the specific configuration of the device of the party. Various methods can be adopted as long as they are obtained by achieving the purpose of the examination stage of the present invention. For example, it is possible to utilize voice recognition and image recognition.
In existing automatic telephone transactions used in banks and the like, voice guidance is sent to the caller, and the caller presses a dial button to operate it to confirm the customer himself / herself with a personal identification number. The present invention is different in that the response method is different for each calling number and that the caller does not need to register the personal identification number in advance.
In this example, the electronic secretary accepts the intention of the parties based on rules and points, but it is also possible to accept in natural language. For example, "Receive a phone call from someone who knows my name.", "Receive a solicitation about used car sales." The electronic secretary can listen to these requests by a known rule-based technique (see, for example, Patent Document 11), prompt the user to input the missing information, and organize the necessary rules.
The electronic secretary of the present invention can be installed on the telephone exchange and the related service providing server side by a known technique (see, for example, Patent Document 6).
Reference numeral 21 is an electric lock control unit, and reference numeral 22 is an electric lock of the controlled device. When the number 8765 is pressed, a score = 10, a treatment ID = 6, an unlock signal is output, and the entrance door is unlocked. As the unlocking communication line, short-distance communication means such as infrared rays may be used other than the telephone line.
The present invention is different from the invention shown in Patent Document 21 in that it includes an element called a second rule set that does not depend on the sender ID to determine whether communication is possible. Therefore, the sender can be authenticated from the communication content and real-time control can be performed.

Answering machine (3601)
FIG. 36 is a diagram showing a telephone configuration of this embodiment. 37A to 37C show a data database (GDB) that records TDB, R1DB, and response guidance (presentation information).
This example illustrates the concept of the invention, that all communications are permissive with multiple treatments and provide a means to grant admission to unauthorized parties. This example records a call made by an unknown person and does not receive it directly. We protect the weak such as old people from fraud crime than this. It is suitable for users with a somewhat limited communication range, except when used for unspecified parties such as business. It is also possible to reject all calls from outsiders without registration, and with the accumulation of usage time, the treatment setting will be completed naturally, and the purpose can be achieved without undue burden on the parties.
The first expected treatment is an absence, and you can make a call immediately if you can identify yourself by the voice of the other party. It is desirable to devise the convenience of operation such that the number of the person who made the last call can be easily registered with one button. If you have an important customer, you can register the other party's number in advance.
The originator can be identified by a group. For example, it is possible to identify by the area code and give the communication permission to the hometown number. This example is simple, easy to use, and low in manufacturing cost. It can be implemented on an external adapter dedicated to the telephone or on the server side that provides the exchange and related services.

In the past, when paying for a communication request, the receiving side was supposed to receive it. However, with the development of communication networks, the cost of issuing communication requests is becoming lower and the number of people who can access the communication networks is increasing, and there is no reason to receive communication requests from anyone. . You should at least be able to reject calls from people who have nothing to do with them. Conversely, except for public services, the person making a call usually knows the person he / she wants to talk with in advance and usually has a business requirement. Therefore, the communication according to the permission system of the present invention can prevent undesired communication without sacrificing the conventional communication function.
The invention shown in Patent Document 12 differs from the invention shown in Patent Document 12 in that depending on the absence treatment, a one-way call can be made with the called party such as a mail-order salesperson, which does not violate the recipient's intention. Having the call refusal treatment is different from the invention disclosed in Patent Document 34.

Mail Receiving Client System In this embodiment, the electronic secretary is incorporated in the party terminal side. It is planned to be commercialized as a PC (personal computer) application (URL: http://www.netinfotech.co.jp, http://www.Emailship.com) and will be publicly sold soon.
FIG. 38 is a block diagram showing the configuration of the third embodiment. In this figure, reference numeral 10 is an ISP server device. Reference numeral 381 is a mail service party terminal. This embodiment is a client of an ISP mail service server, and reference numeral 11 is a processor, which is composed of a CPU and the like, and controls various parts, transfers data, performs various calculations, temporarily stores data, etc. To do. Reference numeral 12 is an input / output control means, which controls data input from a server connected via a communication line and controls data output to the server. Reference numeral 15 is a communication transfer device, which is connected to the ISP. Reference numeral 16 indicates a keyboard and a display unit, and reference numeral 13 is a storage device.
First, such a program is used in the processor 11. Composed.
Next, the storage device 13 stores data such as an instruction file. A magnetic storage medium is adopted as the storage device. 39A-D show TDB, R1DB, R2DB, and GDB. Automatically reply to the caller with questions and presentation information. FIG. 40 is a schematic flowchart of the reception process. The basic part is the same as in FIG.

The processor 11 displays a question input screen as shown in FIG. 41 on the display unit of the terminal 381, and the terminal operator has a criterion for determining this treatment, that is, a request confirmation question, a correct answer, and a correct treatment. Is prompted to input (4101). When an email from a sender without permission arrives at the server, it will automatically reply to the sender with the presentation information that guides the permission application and the question, and will ask you to enter the answer to the confirmation question in the subject of the response email during application guidance. Most of junk mail is automatically sent by a machine.
For example, if you get the correct answer to the confirmation question such as "How much is one plus one?", You know that the sender is a human rather than a machine. Unlike the case of machines, etc., the recipient can decide whether he wants to receive it in the future or the receiver himself. Of course, there are many machines that can be added, but it would not be profitable to automatically create a machine that can understand the question sentence issued by each person.
The present invention can achieve the object without opening the mail body. In particular, the amount of communication in the charging portion of connection with a server such as a mobile phone can be greatly reduced. If a correct answer is detected from the subject or body of the email, for example, the name of the recipient or the keyword of the category of interest is detected, a predetermined treatment is given. In other words, the permission application procedure can be implicitly performed to provide convenience to the caller. When searching from the text, it is desirable to use the form resident on the server side of the present invention.
The processor 11 causes the display unit of the terminal 381 to display a screen as shown in FIG. 42 and prompts the terminal operator to select the initial expected treatment 4202 from the list 4201. FIG. 39A is a treatment set adopted in this example, and a specific implementation of the treatment of the application acceptance type is one treatment of “reply a request confirmation question to the sender and reject the reception”. If necessary, you can add "reply request confirmation question to sender and receive only subject".

The concrete realization of the type of treatment that partially allows communication is "Receive a limited size, save it in a temporary folder, and notify the recipient". Furthermore, it is a condition of "receive" necessary for manual examination. The "receive and give treatment to receive" treatment gives the sender a treatment to receive after receiving. If it is received from an unknown email address, the request confirmation question is returned to the sender as the first expected treatment and the reception is rejected.
In the initial setting of the product of this embodiment, first, with the confirmation of the parties, the reception permission treatment (treatment ID = 4) is given to the other party described in the address book of the existing mail software (FIG. 42, 4203), and thereafter. At any time, you can individually enter the reception permission, reception rejection address and domain name, and you can set and change the treatment for each sender. Further, it is possible to extract the destination address from the mail sent by the parties and automatically set the reception permission treatment.
39A to 39D are examples of the set treatment information, and the following functions can be realized at the same time. That is, designated reception (treatment ID = 4) and designation refusal (treatment ID = 1) for each address or domain,
Reject unwanted emails sent automatically by the machine (treatment ID = 2), receive limited emails sent by unrelated people (1 + 1 = 2 answers) and wait for manual treatment examination (treatment) ID = 3), the caller is given a treatment to receive the mail sent by the person who knows the name of the callee. Treatment ID = 5).
In this embodiment, multilingual processing of presentation information is performed based on the character code information included in the mail header information and the area information included in the suffix of the domain name of the sender address.
The present invention differs from Patent Document 21 in that it includes an element called a second rule set that does not depend on the caller ID to determine whether communication is possible. Therefore, issuing a password (5678 in FIG. 39C) to the sender can prevent phishing fraud in which the sender address is forged. It is equipped with a means for expressing interest to the sender through the presentation information (FIG. 39D), and the answer or keyword of the other party can be searched from the subject or the main body, and communication that is beneficial to both parties becomes possible.

Internet Videophone and Monitoring System In this embodiment, an electronic secretary operating on the server side and a party's videophone terminal communicating with the client side via the electronic secretary are completed.
1: FIG. 43 is a block diagram showing the overall configuration. FIG. 44 is a block diagram showing the internal structure of the first embodiment. In this figure, reference numeral 430 is a server, which is connected to the Internet via a route control device and a telephone line. Reference numerals 431 to 434, ... Are various terminals and are connected to the Internet in the same manner as the server 430. Here, each of the terminals 431, 432, ... Has an output unit such as a CRT, an LCD, a speaker, etc., an input unit such as a keyboard, a mouse, a camera, a microphone, etc., and a function of executing a videophone program.
1-1: Configuration of Server Next, a detailed configuration of the server 430 will be described. FIG. 44 is a block diagram showing the configurations of the server 430 and the terminal. In this figure, reference numeral 11 is a processor, which is composed of a CPU and the like, and controls various parts, transfers data, performs various calculations, temporarily stores data, and the like. Reference numeral 12 is an input / output control unit that controls data input from a terminal connected via the Internet and controls data output to the terminal. Reference numeral 15 is a communication transfer device, which is connected to the Internet. Reference numerals 13 to 14 are storage devices, and store and store the following files, respectively.
First, the storage device 14 stores a main program. The main program is used in the processor 11, and includes, for example, a program for displaying a treatment application screen on the display unit of the terminal, a treatment examination program for displaying detailed information of the party who has transmitted the treatment application, and communication of the parties. It is composed of the public name of the party who has applied for treatment in the book, the status display of other parties, the program for starting the videophone program and displaying the icon to be sent to the other party.

Next, the storage device 13 stores a party master database table and a treatment relationship master database table. A party information record is stored in the party master. One party information record is composed of party-specific information such as party ID, password, mail address, IP address, self-introduction, etc. (see PDDB for another example of party data).
The party ID in this embodiment is automatically given by the processor 11 when a new registration for service participation is made, but the execution of identity registration can be performed at this stage. The password, the mail address, and the self-introduction store the information registered and transmitted by the parties from the terminals 431, 432, ....
As the IP address, the address of the terminal transmitted when the videophone communication program of the terminals 431, 432, ... Is stored. A treatment information record is stored in the treatment relation master. One treatment information record includes treatment information and treatment application marking information.
The present invention records the treatment given to the other party by R1DB when operating on the client side. When operating on the server side, the highly efficient master relation TRDB (see FIG. 2H) of this embodiment is desirable. The treatment information is composed of the ID of the called party itself, the caller ID given to the called party by the called party, and the given treatment. The treatment information and the treatment application marking information are information input from the user interface of the program for displaying the treatment application screen on the display unit of the terminal, and are information transmitted from the terminals 431, 432, ....
2: The operation will be described. Here, the terminals 431, 432, ... Are each connected to the server 430 to perform communication, and both function as terminals of the parties involved in the videophone. Explain. When the terminal 431 is connected to the server 430, the processor 11 detects this connection via the input / output control means 12 and controls the terminal 431 according to the main program. FIG. 45 is a flowchart showing the operation of the main program.

2-1: To explain the process of creating the party information record, it is assumed that the terminal operator is a new party. The new registration will be explained. In step Sa1 shown in FIG. 45, the processor 11 causes the display unit of the terminal 431 to display a main menu screen as shown in FIG. 46, and prompts the terminal operator to log in to use the service. ”And“ new registration ”are prompted to be selected.
On such a main menu screen, a mouse cursor MC is displayed, and various operations can be performed by clicking a predetermined place. For example, when the mouse cursor MC is positioned and clicked in the display area of either of the link buttons 4601 and 4602, the processing indicated in the display area is performed. Here, the terminal operator positions the mouse cursor MC in the display area of the link button 4602 and then performs a click operation (this operation is simply referred to as a click hereinafter) to perform the “new registration” process. select. Then, the processor 11 which has detected this advances the procedure to step Sa2 shown in FIG. 45, and in this step, the terminal operator is prompted to input the name, mail address and password.
If it is determined that the input mail address is not used by the party master, the user ID is automatically assigned by the processor 11 based on the input information, and the user ID is used as the public ID of the party. The processing of the next step Sa3 is performed. In step Sa3, the processor 11 controls the terminal 431 to display the contact book screen shown in FIG.
In the following steps Sa4 to Sa7, the contact book screen and the main menu screen can be returned at any time by a predetermined operation. In the case of a newly registered party, no contact is displayed on this contact book screen, but for convenience of explanation, a screen where several people already exist will be used for explanation.

First, the addition of a new partner will be described. In order to communicate with a partner, the present invention first applies for treatment to the partner. Adding a new party is a specific procedure for applying for treatment. On the screen for adding a new partner, at the same time as the treatment application is made to the partner, the treatment to be given to the partner is designated.
Prompt the terminal operator to add members. The terminal operator clicks the link button 4701. Then, the processor 11 performs the process of the next step Sa4. In step Sa4, the processor 11 controls the terminal 431 to display the member addition screen shown in FIG. 48 to prompt the terminal operator to input the public ID information.
Here is an example of prior application. The public ID is disclosed by the parties themselves on a bulletin board on the Internet or a chat on a communication network, or is directly taught by the other party. On this member addition screen, ID and self-introduction input boxes 4801 and 4802 are displayed, and regarding the information disclosure treatment to be given to the other party, "publish email address to this member", "publish private email address", " Check buttons 4803 to 4807 corresponding to "Publish homepage address", "Publish profile address", "Publish my status to this member" are displayed, and "Call accept" is supported for call acceptance treatment given to the other party. A selection box 4808 is displayed to prompt the terminal operator to input and select, and the terminal operator inputs the public ID of the other party in 200 and the “identification ID” box, and introduces himself / herself. ···. ”In the“ Introduction ”box, and then click the execute link button 4810.
In the treatment set of the present embodiment, there are three types of permission for incoming call to the incoming call answering method of the videophone, that is, “automatic reception refusal”, “every inquiry”, and “automatic reception”. "Automatic reception" is control permission treatment. It is possible to instruct the callee side communication device: a TV telephone terminal that the caller has the control right, and to communicate with the caller without intervention of the callee. Of course, the terminal must always be ready for reception.

Regarding the range of information disclosure to the other party, "Publish your email address to this member", "Publish your private email address", "Publish your homepage address", "Publish your profile address", "Publish your status to this member" Yes, it is possible to select multiple options (4809). There are two types of treatment application: "treatment application permission" and "treatment application refusal", and the default initial expected treatment is "every inquiry" and all information must be disclosed. , "Treatment application permission". This embodiment does not include the function of changing the initial expected treatment.
By this operation, the procedure executes the next execution process of the treatment application (see FIG. 49). Here, the terminal operator is the party a, the other party with whom communication is desired is party b, and the public ID of the party b is 200. The processor 11 first searches the already created party master to see whether the party a already exists in the sender list of the party b in order to process the application for treatment based on the treatment given to the party a by the party b. (4901), if present, the party b checks the treatment given to the treatment application by the party b (4902), and if the given treatment is “rejection of treatment application”, it is displayed on the display unit of the terminal 431. After controlling to display "Rejection of member addition" (Sa8), the procedure is returned to step Sa3 and the contact book screen is displayed again, and the party a does not exist in the sender list of the party b and gives it. If the treatment is not “rejection application refusal”, a predetermined initial expected treatment is given to the party a, and a new treatment consisting of b and a's ID, initial expected treatment and treatment application marking information is given. Create a multi-address records, stored in the treatment relationship master, returns to the People screen.
In step Sa3, the processor 11 controls the terminal 431 to display the contact book screen shown in FIG. Prompt the terminal operator to confirm personal settings. The terminal operator clicks the link button 4702. Then, the processor 11 performs the process of the next step Sa7.

In step Sa7, the processor 11 controls the terminal 431 to display the personal setting screen of the party shown in FIG. 50, displays the public ID 5001 to the terminal operator, and writes the public ID display area. The personal information 5002 is prohibited so that the personal information 5002 can be changed.
2-2: Login, in 2-1 it is assumed that the operator of the terminal 431 is the party a and has completed the treatment application for the party b. Here, it is assumed that the existing party b is operating the terminal 432.
For convenience of explanation, the screen displayed on the terminal 431 in the explanation of 2-1 and the screens shown in FIGS. 46 and 47 here on the terminal 432 of the party b will be used for the following description. The following description will be made assuming that the terminal 432 is connected to the server 430. When the terminal 432 is connected to the server 430, the processor 11 detects this connection via the input / output control means 12 and controls the terminal 432 according to the main program. FIG. 51 is a flowchart showing the login processing operation of the main program.
Now, in step Sa1 shown in FIG. 45, the processor 11 causes the display unit of the terminal 432 to display a main menu screen as shown in FIG. 46, and allows the terminal operator to use the service. Prompt to select the desired process from "Login" and "New registration". Here, the terminal operator inputs a mail address and password in the “mail address” input box 4603 and the “password” input box 4604, clicks the link button 4601 and selects the “login” process. Then, the processor 11 that detects this checks by searching for the party master that has already been created based on the input mail address and password (FIGS. 51 and 5101).

Here, if the processor 11 determines that the e-mail address and the password are not correct, the processor 11 advances the procedure to step Sa7 and controls the display unit of the terminal 432 to display "Incorrect e-mail address or password". After that, the procedure is returned to step Sa1 and the main menu screen is displayed again. On the other hand, if the processor 11 determines that the input mail address and password are correct, it performs the processing of the next step Sa3.
In step Sa3, the processor 11 controls the terminal 432 to display the contact book screen shown in FIG. 47, extracts the partner who newly applied for treatment from the treatment relation master, informs the party b, and informs the party b. The party a who has applied for the treatment is displayed in green and the public name souss of the party a in the contact book (4705), and the state is disclosed by the color and the icon according to the information disclosure treatment given to the party b by the other party ( 4706), the mail creation icon is displayed for the person who has published the email address (4703), the link icon is displayed for the person who has published the profile address (4704), and the detailed information of the person whom the pencil icon corresponds is displayed. To control.
When the link button (4707) is clicked, the processor 11 performs the process of the next step Sa5. In step Sa5, the processor 11 controls the terminal 432 to display the friend list item edit screen shown in FIG. 52, performs treatment examination and treatment change on this screen, and sends a treatment application to the party b. By displaying the detailed information 5203 of the party a and controlling the treatment 5201 given to the party a, the party b examines the treatment application of the party a, determines the treatment given to the party a, and determines the treatment contents. Encourage you to choose. Further, not only the examination of the treatment application, but also the treatment given to the existing partner is changed on the item edit screen of the friend list.

Now, the party b selects each treatment content and clicks the link button 5204. Then, the processor 11 updates the treatment information record based on the selected treatment content and stores it in the treatment relation master. When the relationship with the other party is cut off, the link button 5202 is clicked to delete the other party. Then, the processor 11 performs the process of step Sa6. In step Sa6, the processor 11 controls the terminal 432 to display the treatment application qualification designation screen shown in FIG. 53, and if “treatment application denial” is selected for the treatment application qualification 5301, the processor 11 Can be disconnected. The party b clicks the link button update 5302. Then, the processor 11 updates the treatment information record based on the selected treatment content and stores it in the treatment relation master.
This example illustrates the implementation of the anonymous communication functionality of the present invention. As long as the parties do not disclose their own identities, anonymous communication can be easily realized using normal numbers (ID) while maintaining anonymity and using all communication functions. The server here is not a dedicated central controller that removes the identity from the communication, nor does it need to create a special communication channel. In order to prevent crime, it is sufficient to properly register the ID at the acquisition stage.
2-3: Videophone communication From the processing described in 2-1 and 2-2, it is assumed that the party a and the party b have established a treatment relationship, and the server 430 is connected to the terminal 431 of the party a and the terminal 432 of the party b. Suppose FIG. 54 is a flowchart showing the operation of the videophone communication program. In step Sa3, the processor 11 performs control to display the contact book screen shown in FIG. 47, and the party b clicks the link button “activate program” (4708). Then, the processor 11 activates the videophone communication program on the terminal of the party b and passes "-" as the activation parameter. When the videophone communication program is activated, the IP address of the terminal is transmitted to the server (5401), and then it is determined whether the activation parameter is the IP address (5402). If it is determined that the parameter is not the IP address, The connection waiting screen is displayed and the connection is waited (Sb3: Connection waiting screen, FIG. 55). The standby connection request is checked (5405). The processor 11 updates the information record of the party b based on the IP address information sent by the terminal videophone communication program of the party b, and stores it in the party master.

Then, the status display icon of the party b (FIGS. 47 and 4709) is displayed on the contact book screen of the party a as the camera icon. The party a clicks the camera icon 4709 of the party b. Then, the processor 11 extracts the IP address of the party b from the party master, activates the videophone communication program of the terminal 431 of the party a, passes the IP address as a parameter (5403), and notifies the caller ID, A connection is requested to the destination IP address, that is, the call is sent to the party b and the response of the videophone communication program of the callee b is received (5404).
When the connection request is received, the videophone communication program of the callee b inquires of the processor 11 using the caller ID as an inquiry parameter, and the processor 11 receiving the inquiry receives the treatment information from the treatment relation master of the server 430 based on the caller ID. Is extracted (5406) and the treatment given to the caller party a is returned to the videophone communication program as a result of the inquiry.
When the treatment given to the caller party a is “automatic reception” (5407, YES), the electronic secretary instructs the callee side communication device TV telephone terminal that the caller has the control right. The videophone communication program of the callee b does not ring the bell, allows the communication request without displaying the input request screen and without the input request, sends a connection approval response, causes automatic connection, and acquires by the camera. When the image signal is acquired by the other party, that is, the image signal is transmitted, and at the same time when the image signal transmitted by the other party is received, it is displayed on the screen and the videophone communication in-progress screen (Sb2: videophone communication in-progress screen, FIG. 56) is displayed. Let
On the other hand, the videophone communication program of the caller party a receives the approval response, and after steps 5404 and 5409, the received image signal is displayed on the videophone communication in-progress screen for communication or monitoring (Sb2). When the treatment given to the caller party a is "every time inquiry" (FIG. 54, 5408, YES), the videophone communication program of the callee b rings the input request screen (Sb4: approval inquiry screen: "parties""It took from a. Do you want to receive it?" is displayed), and the party b of the called party is inquired whether or not to connect.

At the same time, the caller's videophone communication program displays the other party's approval screen (Sb1: Approval waiting screen: "Waiting for the other party's approval ..."). When the callee b approves the connection (FIG. 54, 5410, YES), the videophone communication program displays a videophone communication in-progress screen, and the videophone communication program of the calling party a responds that the connection is approved. The videophone communication program running on the terminal of the caller party a judges this response (5409, YES), displays the videophone communication in progress screen, and communicates.
When the callee b does not approve the connection (FIG. 54, 5410, NO), the videophone communication program displays the screen waiting for connection (status display: 5501) and refuses the connection to the videophone communication program of the calling party a. Then, the videophone communication program running on the terminal of the caller party a judges this response (5409, NO), and “access is denied” is displayed on the terminal display section of the party a ( 55, 5502, 54, and 5411), and after displaying the connection result, the connection waiting screen is displayed to wait for the connection (Sb3: connection waiting screen, FIG. 55). In the case where the treatment given to the calling party a is "rejection automatic reception" (FIG. 54, 5408, NO), the same processing as when the called party b does not approve the connection is performed.
3: Outline of Flow Next, FIG. 57 shows a flow of establishing a treatment relationship with the called party via the public ID. In order to receive the communication service of the present invention, the party a first logs in to the server 5702 via the Internet using the terminal 5701 and uses the public ID: 200 published by the party b A treatment application will be made to (b) to express the desire to communicate (1).
The party a who applies for treatment inputs the public ID: 200 of the called party b (FIGS. 48 and 4801), and at the same time, the party a gives the party b “inquiry every time” (4808). The server stores the treatment “every time inquiry” given to the designated party b by the party a in the treatment relation master (5703). If the party a is not in the sender list of the party b, the first expected treatment of the party b “automatic reception” Rejection "is given to the party a (5704). In this state, the party b can make a call and communicate with the party a. Cannot communicate in the opposite direction. The called party takes the initiative. The server informs the party a that the application has been accepted by the party a (3), (4). When the party b uses the terminal 5705 to log in to the server, the party b who newly applied for the treatment is extracted from the treatment relationship master and notified to the party b (5) to (8). The party a who has applied for treatment in the book is displayed in green with the public name souss of the party a (4705), and the state is disclosed with a color and an icon according to the information disclosure treatment given to the party b by another party (4706). ).

FIG. 52 shows detailed information of the party a who has sent a treatment application to the party b. The party b examines the treatment-related application and determines the treatment to be given to the partner a (FIGS. 52 and 5201). The treatment "every inquiry" given to the partner a is replaced with the treatment "reception automatic rejection" stored in the server (10). As a result, the parties a and b can mutually send a connection request to the other party of the videophone.
In this embodiment, any one or a plurality of callers can be given a control permission treatment, the caller can directly control the receiving side equipment, the receiving side TV communication program can be started, and the receiving side and the data can be transmitted. You can send and receive. Instead of controlling the camera of the TV phone of this embodiment, it is also possible to control the GPS receiver of the mobile phone. The point that any caller who has been given control permission treatment can directly acquire and display the position information of the receiver is shown in Patent Document 9 in which only a fixed position information center can acquire the position information at the product design stage. Different from the prior art. Since there is no need for a third-party location information center, there is a significant effect that the operating costs of hardware equipment and users are significantly reduced. A model having a means for displaying its own position information on a mobile phone can acquire original data for display from the other party's mobile phone and display it on its own display means.

Mail Server System FIG. 58 is a block diagram showing the configuration of this embodiment, and illustrates the operation of the electronic secretary 5801 of the present invention on the mail server side of the ISP 5812. The electronic secretary is independent of the existing mail server and receives the allowed mail before forwarding it to the conventional mail server 5802. Mail transmission from the ISP 5812 client is processed directly via the electronic secretary.
When handling the business contact address of a public agency that provides services to unspecified callers or a merchandise sales company, the electronic secretary 5801 writes keywords such as its business scope or service in the guide information and communicates in advance. When a request to send a mail that is not given permission treatment is received, if specific keywords are not detected from the header of the mail according to the second rule, guidance information is presented (replied) to the sender and mail reception is rejected.
For example, the Japan Patent Office applicant registration-related inquiry email address is PA1670@jpo.go.jp (abbreviated as "F" in Fig. 58), and the guidance information (Fig. 60) for this address is "This address is Please contact the person in charge of registration of applicants, etc. at the Japan Patent Office, Application Support Division. If you are using this, please write <Inquiries regarding applicant registration> in the subject line of the email and resend it. ” Make settings (ID = 5, FIG. 59, FIG. 61) for the electronic secretary to temporarily receive the email describing “Inquiry regarding applicant registration” in the set (FIG. 61), but do not give treatment to the sender. Think about the case.

The email address of the applicant terminal 5804 is fe1@netinfotech.co.jp (“A” in FIG. 58). The applicant obtains the inquiry e-mail address on the JPO homepage and preferably posts the guidance information on the homepage. Then, the applicant describes in the subject line the character string "Inquiries regarding the applicant's registration relationship, how to register", and mails it to the address PA1670@jpo.go.jp (F) (Fig. 58, (a1) To: F, Application Person registration relationship ...) is sent. The electronic secretary is permitted to receive the mail according to the second rule and is transferred to the mail server 5802. The mail is placed in F's mailbox. The reply (a2) from the application support section is sent via the electronic secretary.
When the applicant sends an email for the first time without knowing the keyword, the electronic secretary immediately makes an automatic reply and informs the applicant of guidance information. Even outside business hours of the JPO, the applicant can receive the guide information in a short time. The automatic reply route of the guide information is: applicant → transmission server 5803 → reception server 5801 → transmission server 5803 → applicant. In the environment of actual ADSL line, URL: mail.netinfotech.co.jp and mail.yahoo.co.jp server, the sending and receiving of the sender → the sending server → the receiving server → the receiver were tested. The time taken was 5 seconds or less. Therefore, it can be re-sent to the applicant according to the guide with almost no delay.
The terminal 5805 that sends unsolicited emails using the robot notifies the guide information by the electronic secretary when sending an email (FIG. 58, (b1) To: F, oooxxx ...) to the application support section for product sales. Automatically reply (b2) and then reject the reception. Normally, it is impossible for the robot to understand the guidance information and retransmit it according to the guidance.
When an email attack occurs intentionally by a human according to the guide information, it is possible to manually set the communication refusal.
When the e-mail bomb attacker 5806 frequently sends a large amount of e-mails using a robot, when the e-mail secretary sends the e-mail (Fig. 58, (c1) To: F, oooxxx ...) to the application support section, the electronic secretary sends guidance information. Reject the message after sending an automatic reply (c2). When the electronic secretary using the method according to claim 9 (see FIG. 14) is an automatic reply, the third rule is set based on the sender's mail address, the reception time, and the predetermined reception refusal treatment (ID = 0). Create and add to attack prevention third rule set (Fig. 63). The constants used in this embodiment are shown in FIG. Third rule condition part for attack prevention The predetermined time is set to 60 minutes, the predetermined treatment is no reply, and the reception is rejected. Then, if the second mail (c3) of the attacker is sent within 60 minutes, the reception refusal without reply is given (1407 in FIG. 14), and the attack thereafter is immediately rejected by looking at the mail envelope. .

A preferable modification of the present invention adds the number of mails reaching the condition part of the third rule. For example, when the fifth attacker's mail arrives within 60 minutes, the communication request is treated based on the treatment.
Since the electronic secretary determines the sender by the envelope or header of the mail (claim 5), it is not necessary to receive the body of the mail. The amount of communication on the public network can be greatly reduced.
In the conventional technique shown in Patent Document 13, when the sender is unknown, the mail is temporarily received, a confirmation mail created by the server is automatically returned to the sender, and when the sender is confirmed, the received mail is delivered to the recipient. As described above, the present invention does not generate a large amount of useless communication in the public network, there is no concern that the communication bandwidth will be squeezed by the mail attack and the server storage area will be punctured. It is different from the above-mentioned conventional technology that the mail itself can be a large number of new spam mails and the subjective intention of each recipient can be reflected. In addition, the present invention is characterized in that, when operated on the client side such as a mobile phone, a recipient who is disturbed by unsolicited emails will not be charged unreasonably.
As described above, it is possible to completely reject error mails, machine-transmitted junk mails and attack mails while guaranteeing normal business execution.
A preferred variant of the invention stores the IP address of the abnormal sender and rejects the TCP connection by the IP address.
When the sender uses the conventional mail transmission server (SMTP client), the electronic secretary determines the sender's identity from the header of the mail and does not receive the body of the mail, and the underlying delivery system. The communication is forcibly stopped by closing the connection (claim 6, FIG. 11). Since the sending server whose communication has been forcibly stopped will retry, the forced stopped status will be recorded using the dedicated third rule set, and when the sending server retries, the sender ID recorded by the electronic secretary will be recorded. Judge the other party to stop the communication normally. FIG. 65 shows the dedicated third rule set (R3DB2). It should be noted that data different from the attack prevention third rule set (R3DB1) shown in FIG. 63 is recorded.

When the mail transmission server replaces the conventional technique and uses the transmission system utilizing claims 99 and 100, since the authorization for transmitting the body is determined by the information included in the header, the information field included in the header (FIGS. 31, 3104), and the electronic secretary on the receiving server side receives the information field containing the subject and then applies the second rule set (FIGS. 10, 1006, 1007, 1009), It is determined whether or not to authorize the transmission, and if the authorization is given, that is, if the communication is permitted, the sender is notified and the communication is continued (FIG. 31, 3106). By using the inventions of claims 99 and 100 and the electronic secretary at the same time, the amount of unnecessary communication is further reduced, and it is not necessary to forcibly cancel the communication. The communication control process becomes clear.
When sending a mail from the electronic secretary, unwanted communication can be blocked from the source (see claim 26 and FIG. 20). D: The mail bomb attacker (5807) sends a mail (Fig. 58, (d1) To: A, oooxxx ...) to the A: applicant and uses the electronic secretary 5803 operated by A on the server side. Suppose Since the electronic secretary 5803 receives (d1) and the sender D does not have permission to receive the message, an automatic reply (d2) notifying the applicant's guide information is sent to the sender to reject the reception. The electronic secretary 5801 that transmitted (d1) receives the reception refusal treatment from 5803, creates the fifth rule, and saves it in the instruction file of the sender D in addition to the fifth rule set R5DB (FIG. 66). If D further transmits (d3) within the time (one day) set in the fifth rule condition section, the electronic secretary 5801 applies the fifth rule, and therefore the transmission is rejected (FIG. 20, 2004). .. Before the unwanted communication as described above enters the public network 5813, it is rejected by the first sending client. For example, if the caller uses Microsoft Outlook, pressing the send button causes Outlook to immediately report undeliverable.

While the system is operating, the third and fifth rules that have passed the predetermined time in the condition section from the created time are deleted.
Companies and organizations that provide services to specific callers have business contacts that communicate only to a limited extent. Public telecommunications networks of the prior art are cheap and can communicate quickly. However, due to its open nature to the public, it is not applicable to the above-mentioned business. INDUSTRIAL APPLICABILITY The present invention can provide a closed communication effect for a public telecommunications network.
For example, the Japan Patent Office currently handles only inquiries about the status of patent examination undertaking by mail. The present invention proposes work by the following email.
The E-mail address of the inquiry is E (FIG. 58, 5808). In the guide information of E, "This is the contact information for the status of the start of patent examination. If you are a new user, please fill in the application number: reference number" in the subject line of the email and re-send it. Example: "Japanese Patent Application 2003" -70953: 0302-001 ””, and when an email arrives, according to the second rule, the sender with the correct application number and reference number is given a communication permission treatment to receive the email, and the given treatment is given. Save to the first rule set.
"Application number: reference number" is the role of the password for obtaining communication permission for the first time. Instead, a password decided by the JPO or the applicant can be used. The password notice will be included in the application delivery document.
The treatment ID includes the predetermined recording condition of claims 101 and 102. When the treatment ID determined by the second rule is 6, the treatment is saved. That is, the password is not checked in the second and subsequent mails of the sender.
When the business system has many communication parties and changes dynamically, it is difficult for some people to maintain the instruction file. This problem is solved by the instruction file input component according to claims 131 and 132.

FIG. 67 illustrates the layout of the user interface of the instruction file input component.
FIG. 68 shows data passed to the instruction file input component according to the user interface.
Electronic secretary 5801 runs on a Microsoft Windows®-based computer. (Who) Input constant information such as constants and guide information into the instruction file on the web server via the Internet.
The input component runs on a Microsoft Windows (registered trademark) -based computer, and the terminal 5810 extracts the application number and reference number from the data 5811 of the pending patent case of the Patent Office, and passes it to the component. Alternatively, the data is input to the instruction file by calling the component from the business system at the time of saving it in the business data that determines the application number. Preferably, the input component stores the authorized caller ID and the related information of the second rule set, and deletes the related information from the instruction file after the application case is no longer pending with the Patent Office.
As described above, even if there are many parties involved and they change dynamically, it is possible to create a communication environment such as a secure dedicated communication network for parties concerned, without maintaining it dynamically by hand. .
Although the electronic secretary 5801 sends the mail directly to the Internet 5813, the mail other than the automatic reply may be transferred via the conventional mail server 5802, such as 5808 to 5801 to 5802 to 5813 ( (Not shown in Figure 58). Then, since the mail transfer (5801 to 5802) inside the ISP is quick, the electronic secretary can omit the management of the queue of the outgoing mail, and the functions such as the queue management of the conventional mail server can be fully utilized.
A conventional mail server such as Sendmail running on a Unix (registered trademark) -based computer can be used.
The present invention may be used as a component of a mail server.

Embodiment, electronic payment system.
FIG. 69 is a block diagram showing a method and system for electronic payment.
[Field] The present invention relates to a system that enables cashless transactions. In particular, the present invention relates to an electronic payment server, an electronic payment system, an electronic payment method, and a program capable of making an immediate payment using a communication terminal such as a mobile phone.
[Background] There are payment systems for credit cards and debit cards (shopping with cash cards). There are many services for Internet business (e-business) and mobile communication devices such as mobile phones and PHS. However, card data is easily stolen. It is not safe to enter your PIN when shopping with a debit card, and it is easy to steal your PIN from the movement of your finger. If the terminal has been tampered with or the line has been intercepted, the information for withdrawing money from the account can be easily stolen. For this reason, damage has occurred due to counterfeit cash cards and stolen personal identification numbers. Patent Documents 30 and 31 disclose techniques for opening a dedicated account in which a large amount of damage does not occur. However, the deposit and withdrawal work is required between the ordinary account and the dedicated account, and the liquidity of the ordinary account funds is impaired.
[Issue] A settlement method / system that is convenient, has a high level of safety without damage, and has liquidity of funds.

[Means] In order to promote electronic payment, any type of financial institution or payment center (hereinafter also referred to as “bank”) account (eg, debit card, credit card) owner (hereinafter also referred to as “buyer”) and seller ( 69,6902) in the electronic payment system and method for processing commerce payments, the buyer (FIG.69,6901) reserves the electronic payment in order to pay for the planned shopping (FIG.69,6901). , A) is sent to the bank (FIG. 69, 6903) and the product (FIG. 69, G) is purchased using the identification ID (FIG. 69, B).
Table 1 shows a simple example of reservation information, data, and operation information.

The terms used in this specification are defined as follows.
The “communication ID” means a communication destination when confirming the settlement request with the buyer. For example, a mobile phone number, a computer communication address, etc. correspond to this.
"Identification ID" means a user identifier associated with a buyer's bank account. For example, a telephone number, a vehicle identification number, etc. correspond to this.
The “virtual account” means an assumed account for making payment to a planned payee. For example, this is an assumed account for payment to a specific seller, institution, or a group of sellers such as a railway, a highway, an automatic teller machine (ATM) withdrawal, shopping, an Internet store, and the like.
The “balance upper limit amount” means a value that specifies the balance of the virtual account. By making a reservation, the balance of the virtual account is set to the balance upper limit.
“Confirmation-free limit amount” means a payment upper limit amount for which confirmation may be omitted.
The "confirmation-free cumulative limit" means a reference amount that is always confirmed. If the cumulative amount of payment without confirmation is greater than the standard amount (hereinafter referred to as "cumulative excess"), confirmation is performed and the cumulative amount is set to zero and accumulated again. do.
“Balance notification amount” means the amount that the balance is low and it is better to make a reservation.
“Automatic recovery days” means the shortest elapsed days for automatically recovering the balance to the balance upper limit amount.
"Necessity of confirmation of payment reservation" means a flag that specifies whether or not to reserve the payment request generated at the exit when the owner of the identification ID medium passes through the entrance of the pay area.

“Confirmation information” means information used to confirm a payment request. Corresponds to the PIN of the virtual account.
The information, the balance notification destination, and the personal identification number shown in Table 1 above are reservation information.
"Balance" means the balance of a virtual account.
“Communication confirmation” means one type of treatment of control permission treatment provided. See Figure 70 for the treatment ID.
The "operation information" means the information input to the authentication program activated by the communication confirmation treatment.
Table 1 shows the payment reservation confirmation necessity flag not used for the virtual account with "-".
The seller generates a payment request (FIG. 69, C) requesting payment of the usage amount and sends it to the bank to approve the payment request. The bank specifies the virtual account from the seller identifier included in the settlement request, and when the balance and the bank account balance (hereinafter referred to as “total balance”) are sufficient, the bank confirms the settlement request with the buyer. Present the confirmation request (Fig. 69, D) to the buyer. The buyer confirms the settlement request by presenting confirmation information (FIG. 69, E) to the bank. The bank sends the authorization (Fig. 69, F) to the seller and makes the settlement only after confirmation by the buyer.
The virtual account is specified by the method specified by the buyer such as industry code, seller name, and product type. The bank provides the buyer with available information, such as the seller identifier, and allows the buyer to choose to associate with the virtual account.
For the data structure and the like relating to the settlement processing of the present invention, refer to known technology, for example, Patent Documents 27 to 29.
The virtual account can freely withdraw the total balance from the bank account, unlike the conventional dedicated account, the holding deposit (a frame that cannot be freely withdrawn from the entire account balance), and the prepaid card. FIG. 73 schematically shows balances of bank accounts opened by the account holder and virtual accounts reserved. The balance of the virtual account may exceed the total balance. The settlement amount is less than or equal to both the balance and the total balance. Virtual accounts have the effect of maintaining the liquidity of funds while maintaining the security of payment. There is no inconvenience that you can not easily use the funds for other purposes if you deposit too much into multiple dedicated accounts.

The confirmation request asks the buyer to confirm the settlement request, including the billing cause and the amount.
Banks are required to process promptly. You may run your own payment center that acts as a bank.
Any information communication means can be used. Any means that can achieve the object of the present embodiment, such as a telephone, an e-mail, and the Internet, may be used. You may use the communication means always connected to a network. For example, mobile Internet Web or chat-like interaction may be used.
The buyer may call to obtain the confirmation request from the bank. The electronic secretary analyzes the communication request arriving from the inside and performs communication confirmation treatment for the communication request for confirming the payment request. For example, the authentication program is activated when the call to the electronic payment telephone number of the bank or the access to the Web page providing the electronic payment service identified by the URL is detected.
The reservation information may include confirmation criteria. If the confirmation criterion included in the reservation information is satisfied by the data included in the settlement request, the bank may approve the settlement request by omitting the transmission and reception of the confirmation request and the confirmation information. Examples of the verification criteria include, but are not limited to, seller identifiers, payment limits, settlement dates, settlement times, or combinations thereof, or other criteria that the buyer may find convenient.
The bank may confirm the settlement request with the buyer through the seller communication module, for example, a cashier terminal. You may choose to send a confirmation request to both the trading device. Alternatively, confirmation may be requested by e-mail and confirmation may be performed on the Web.
The identification ID recording medium may use any means suitable for the vendor device. For example, a barcode is displayed on a mobile display. A short-distance communication means such as a magnetic card, an ID tag, an IC card, or infrared rays may be used. The identification ID may be manually input to the seller device. Further, it may be selected to display the usage history, the balance, the total balance, etc. on the device of the store or print the receipt.

The medium in which the identification ID is recorded can be copied and used by family members. For example, a child can buy juice at a convenience store, present a card on which a bar code recording an identification ID is attached for payment to a clerk, and a parent can confirm the settlement request by carrying the cell phone at home. If the medium is copied or dropped unintentionally, unauthorized use can be easily found, so it is sufficient to abolish it.
All withdrawals can be used to confirm from your bank account. For example, when withdrawing cash from an ATM, the ATM can be regarded as a seller (FIG. 69, 6902). The user inputs the account number or unique ID into the ATM through a medium such as a magnetic card, inputs the amount of money, and the bank withdraws only after confirming that the withdrawal is performed through the user (buyer) communication module. The ATM may be used to confirm the communication by adding the conventional cash card authentication.
Furthermore, the bank generates a transaction code for each transaction and transfers it to the mobile phone, inputs the transaction code into the ATM using the short-distance communication means, verifies the transaction code, and operates the authentication program with the fingerprint so that only the person himself / herself can use it. You can prevent them from trading.
The balance is the maximum payment amount from the virtual account by electronic payment, and the payment is deducted from the balance. If the balance is insufficient, reject the payment request. The amount within the range of the balance can be used as confirmation information different from the personal identification number. The balance is the maximum loss amount when the identification ID, the confirmation information, and the buyer communication device are stolen at the same time.
Immediately notify and confirm the owner of payment attempts that exceed the verification-free limit. The confirmation-free limit is a cash-like amount that can be used only with the identification ID. When rejecting the payment request, the confirmation information may be invalidated and the virtual account may be frozen.
When the payment amount for which confirmation is omitted is accumulated in the cumulative amount and a settlement request for exceeding the confirmation-free cumulative limit occurs, the confirmation is always performed, and then the cumulative amount is reset to zero before accumulating. You can confirm the payment of a large amount. The confirmation-free cumulative limit is the maximum loss amount when the identification ID and the confirmation information are stolen at the same time.

When the balance falls below the balance notification amount, the fact is transmitted to the designated balance notification destination. Furthermore, when certain conditions are met, the balance is automatically restored to the balance upper limit amount (automatic recovery). For example, if the condition that the number of automatic recovery days has passed since the last reservation or automatic recovery was performed, automatic recovery is performed.
The confirmation information has different properties from the authentication information such as a personal identification number. It can be used according to the importance of payment and the usage environment. When using the virtual account for payment in a public environment, it is better to use confirmation information different from the personal identification number. For the confirmation information of the virtual account for the environment that can be safely entered at the ATM corner, the same code as the personal identification number may be used.
The term "communication confirmation" means to alert the owner of the incoming communication request with a ring tone or vibration, receive the information and present it visually or audibly, and automatically activate the authentication program. Including doing. The authentication program includes a process of collating with the registered operation information on the basis of the input operation information and transmitting the registered information registered in advance to the outside (bank) only when they match. The operation information includes information selected from the group consisting of human physical characteristics (biological information) such as simple button operation, approval code, voice, password, and fingerprint.
Confirmation information is used as the registration information.
If necessary, a plurality of communication confirmation treatments as shown in FIG. 70 can be provided.
Reservations are made on the Internet, by telephone, at the bank counter, etc. based on the identification ID or account number and PIN. You may be able to reserve only the counter.

Preferably, the password (authentication information) uses a one-time password (OTP). Since a different password is used for each communication, the damage of communication interception can be prevented. For example, the authentication program has a function for realizing OTP. You can also make a reservation temporarily with a public phone, and you may set a daily usage limit to prevent damage by wiretapping. Further, the confirmation information may use OTP.
Preferably, the electronic payment is validated (the payment can be approved) through personal authentication. For example, the instruction file is accessed to give the bank a communication confirmation treatment. Alternatively, if a valid / invalid flag for electronic payment is set in the instruction file and the flag is set to invalid, the communication confirmation treatment rejects the communication.
The personal authentication uses personal authentication means attached to the communication device.The buyer registers personal identification information in advance in the device, and when the personal authentication means is activated, the device identifies the personal identity to the operator. The user is prompted to enter information, the entered information is compared with the registered personal identification information, and if the verification results match (successful authentication), the next operation is permitted. The personal identification information includes biometric information such as a fingerprint or a password.
Preferably, the electronic payment is made invalid (a state in which the payment cannot be approved) after a predetermined time, for example, 4 hours has passed since the electronic payment was validated.
[effect]
If you want the maximum degree of security, reserve the balance to the planned usage amount, the confirmation-free limit to zero, the communication destination to your mobile phone number, and confirm with your fingerprint before going shopping.
It is possible to make a payment only by storing the communication destination by making a reservation at the store side for those who remember the identification ID and confirmation information and manually inputting the identification ID and confirmation information at the store.

For daily payment, do not use PIN code during input operation and communication. When making a reservation, you can safely use your PIN. You can choose not to use your PIN at all.
You can freely control the outflow rate of money by account from the account, there is no possibility of high cost damage due to card forgery above the outflow rate, and within the planned outflow rate range, there is no need to make a reservation by automatic recovery, household planning The nature is enhanced.
Detailed Description Details of the conventional technology (communication software, command transmission, program execution, IC card, OTP, etc.) used are omitted.
70 and 71 show TDB and R1DB of an embodiment of a mobile telephone having an electronic payment function of the present invention. Block diagram showing configuration Basically the same as FIG. The R1DB is an example of that shown in FIG. 2B. Use the calling number because it is easy to explain. As in the fourth embodiment, it is possible to use communication means such as always-on Internet connection and packet communication, and it is also possible to identify the sender by ID such as mail address.
FIG. 74 is a flow chart of transaction processing in the virtual account schematic diagram shown in FIG. 73. FIG. 75 is a flowchart of the approval process shown in FIG.
Next, the reservation of the virtual account "shopping" will be explained. The communication ID "090-1234-5678, store", the identification ID "045-1234-5678", the confirmation information "456", and other reservation information shown in Table 1 are transmitted. The confirmation information and the buyer fingerprint shown in Table 1 are stored in the instruction file.
The communication ID means that the confirmation request is sent to both the mobile phone and the terminal of the store. On the back side of the mobile phone, a bar code recording a home telephone number as an identification ID is attached.

The seller reads the identification ID with a bar code reader such as a cashier terminal and sends the identification ID, the seller account number, the store name, the amount charged (A), etc. to the bank to request settlement (FIG. 74, 7401). If the buyer forgets to carry his / her mobile phone, he / she manually inputs the home number into the cashier terminal.
The bank searches for the account number from the identification ID. For example, if the initial payment amount A is 500 yen and the total balance (B) is 200,000 yen, B is sufficient and the process continues (7402, YES), If the specific virtual account cannot be identified, the shopping account is selected (7403). A does not exceed the balance of 100,000 yen (7404, YES), the approval process (7405) is performed, and the confirmation-free limit of 1,000 yen is not exceeded (Fig. 75,7501), so the bank skips confirmation and requests payment immediately. Approving and acknowledging the payment amount 500 yen is accumulated in the accumulated amount (C) (Fig. 75,7502), C becomes 500 yen, A will be deducted from the account and transferred to the seller's account. At the same time, A is withdrawn from the virtual account, and the new total balance is 200,000-500 = 199,500 yen, and the balance is 100,000-500 = 99,500 yen (7407).
If the payment amount A for the second purchase is 600 yen, C will be 1,100 yen when accumulated in C, which exceeds the confirmation-free cumulative limit (7503, YES), so the bank searches for the mobile number from the identification ID. Then, the call is sent to the mobile phone to confirm the settlement request, and at the same time, the confirmation request is also displayed on the cashier terminal (7504). The buyer confirms the payment request by inputting the confirmation information "456" at the cash register or by inputting the fingerprint through the fingerprint sensor into the authentication program activated on the mobile phone. If the settlement request is not confirmed due to incorrect confirmation information (7505, NO), the transaction is rejected (7406). If confirmed, the transaction is approved, and in the case of cumulative excess, the cumulative amount C is set to 0 yen (7506), the new total balance is 200,000-1,100 = 198,900 yen, and the balance is 100,000-1,100 = 98,900 yen. .

FIG. 72 is a block diagram of still another form of the present invention relating to a ticket.
[Category] A toll collection system for pay areas (hereinafter referred to as "roads") such as trains, buses, highways, city centers, parking lots, and event venues that do not require cash [Means] Use electronic payment shown in FIG. The seller (road, Fig. 72,6902) reads the user identification ID at the entrance (Fig. 72,7204) (Fig. 72,1) and reserves the settlement including the identification ID and the cause. 2) Send the information to the bank to book the payment. The bank sends a confirmation request to confirm the reservation (Figs. 72, 3) to the user. The user confirms the confirmation request and sends confirmation information (Fig. 72, 4) to the bank. The bank sends the reserved (Fig. 72,5) information to the seller only after confirmation by the user. The seller reads the identification ID (Fig. 72, 7205) at the exit (Fig. 72, 7205), adjusts the usage fee, and sends a settlement request (Fig. 72, 7) to the bank. The bank sends a confirmation request (Fig. 72, 8) confirming the settlement request to the user. The user confirms the confirmation request and sends confirmation information (Figs. 72, 8) to the bank. The bank sends the authorization (Fig. 72, 10) to the seller and makes the payment only after being confirmed by the user.
When the payment reservation confirmation necessity flag is reserved to "required", admission control is possible based on the reservation approval / rejection result.
Detailed Description In a particular embodiment, payment of rail fare. The identification ID is recorded on the non-contact IC card. For reservation of virtual account "railroad company", communication ID "090-1234-5678", identification ID "IC card number", confirmation information "456", settlement reservation confirmation necessity "not required", and other table 1 are shown Reservation information is sent.

The boarding station ticket gate (7204) reads the identification ID and transfers it to the server (installed in FIG. 72, 6902, not shown). The server creates an admission record that records the identification ID, boarding station, and time, sends payment reservation information including the identification ID and boarding station name (different from the virtual account reservation information) to the bank, and the payment reservation confirmation necessity flag is "not required. If so, the bank omits confirmation (Figs. 72, 3, and 4), sends the reserved information to the ticket gate, and is admitted.
The drop-off station ticket gate setstles the boarding fare of the passenger identified by the read identification ID, transmits a settlement request to the bank, and permits the exit when receiving the approval.
When boarding within the boarding charge range that does not exceed the confirmation-free limit, the bank omits confirmation (Figs. 72, 8, and 9), which has the effect of speeding up the exit determination process.
If the payment reservation confirmation necessity flag is "required", and if the identification ID read by the entrance ticket gate is valid, the entrance ticket is admitted and a payment reservation is sent to the bank, and the alighting station receives the reserved information. In such a case, the exit request may be permitted, and then the settlement request may be sent to the bank. This has the effect of speeding up the entrance / exit determination process.
Further, in order to reduce the cost required for high-speed processing and payment request processing, the payment amount without confirmation may be accumulated in the IC card or the server. Cumulative and entry / exit decisions can be approved offline without contacting the bank. For offline approval, the seller obtains the required buyer-configured booking information from the bank.

FIG. 76 is a flowchart of offline approval. When the seller terminal reads the identification ID and determines that the product price does not exceed the confirmation unnecessary limit amount (FIG. 76,7601), the seller side adds the product price to the accumulated amount saved by the seller (7602). In the case of cumulative excess, a settlement request is created using the accumulated amount as a product price, and approval is requested from the bank by the procedure shown in FIG. 74 (hereinafter referred to as “online approval”) (7605). If the transaction is approved (7606, YES), the cumulative amount is reset to zero (7607). If it is not a cumulative excess, it is to approve the sales transaction without communicating with the bank. In this system, this process is called “offline approval”.
An ID (IC card, etc.) will be released at a guaranteed amount, and if payment is rejected, the payment will be cleared in cash. When requesting the abolition of the identification ID, the amount used may be subtracted from the guarantee amount to be refunded. The confirmation-free cumulative limit and the guarantee amount may be limited to the same amount. It has the effect of guaranteeing the collection of payment. For example, when using an identification ID that has been released or activated for 1,000 yen, boarding up to 990 yen is permitted, and when boarding the next 120 yen section, 1110 yen will be charged at the exit. If the payment is refused, the exit payment amount is 120 yen, and if the identification ID is requested to be abolished, the refund amount is 10 yen.
Multiple sellers can independently store the cumulative amount and approve it offline for one identification ID. For example, there is an effect that the same mobile phone number can be used as an identification ID and can be applied to trains of different railway companies.
In addition, passengers will be given location acquisition permission treatment to the seller to speed up entry and exit. The boarding gate can judge in advance the validity of the passenger identification ID in the vicinity. The exit ticket gates can be used for provisional settlement of payment (assuming that you get off at the station closest to the passenger's location). You can get the location of your phone from the phone company's system and you do not have to connect directly to your phone.

In the case of processing a ticket for entering an event site or the like, a customer orders a ticket to a ticket shop or the like prior to entering, and an entrance management server corresponds to a bank and stores ticket information. The ticket information includes data such as a venue name, an event name, a date and time of the event, the number of people, and seat positions, in addition to the identification ID. Then, the server sends a call to the mobile phone corresponding to the identification ID read by the entrance ticket gate, authenticates the person, and then permits the entrance.
The seller may operate his own settlement center. Instead of public communication means, you may directly communicate with the ticket gate using non-contact short-range communication means such as infrared, DSRC (Dedicated Short Range Communication), and Bluetooth (registered trademark) of your mobile phone, and directly activate your personal identification program. ..
In yet another particular embodiment, road toll collection.
[Background] Japan's automatic toll collection system (ETC system) consists of an ETC on-board unit, an ETC card that stores personal information and contract information, or electronic currency, an entrance / exit gate, and a road-vehicle high-speed communication (DSRC) device. To be done. However, it is required to pass through the gate at a speed that "can be stopped at any time." Also, the cost is high. On the other hand, in Singapore, there is a method of charging for the number plate of a passing vehicle at a speed of 180 km / h or less with a camera for ERP. The existing technology, camera-based billing, can realize a free-flow tollgate that allows high-speed passage, but it is difficult to separate the car owner from the payer.
[Problem] To realize a low cost free flow fee system that does not require cash.
[Means] The electronic settlement shown in FIG. 69 is used. The registration number of the vehicle is used as the user identification ID. For reservation of virtual account "Expressway", communication ID "090-1234-5678", identification ID "license plate number", confirmation information "456", settlement reservation confirmation necessity "necessary", and other Table 1 are shown. Reservation information is sent.

The seller photographs the license plate with the digital camera at the entrance (7204), reads the identification ID by the image recognition means, and sends a settlement reservation including the identification ID, entrance name, etc. to the bank. When the reserved information is received, the exit is permitted, the payment is settled based on the entry record, and the settlement request is transmitted to the bank.
The entry / exit record will also include the vehicle type, photo, etc. according to the charge category and leave it as proof of use. When the payment reservation or the payment request is rejected or the electronic payment is not reserved, the user (owner) of the vehicle is identified by the identification ID and billed by a method such as sending a bill. You may charge by adding the administrative fee that was invoiced.
If there is an entrance gate, the identification ID is virtual account settlement, or if the reserved information is received, the entrance is permitted.
If there is an exit gate, the identification ID is virtual account settlement, or if the reserved information is received or the approval is received, the exit is permitted.
Preferably, the vehicle is guided by a lightning signal and a voice to the mobile phone according to the determination result. A non-stop lane for electronic payment and a conventional toll gate may be installed together.
In addition, even if you install a camera at the first position of the entrance lane or acquire the position information of your mobile phone, you can judge the payment method of the car approaching the entrance, make a provisional payment, and make a high-speed judgment of the entrance and exit gates. good.
Preferably, a road use schedule (period) is specified, and when the schedule has passed, the reservation of the virtual account is deleted.
In the case of a system in which a charge is made every time a border line of a pay area such as the central part of the city is passed (hereinafter referred to as "passage charge"), a process similar to that of the exit may be performed at the border line.

It is possible to realize a billing method based on the distance traveled (hereinafter referred to as distance billing). When the user gives the location acquisition treatment to the system and enters the toll area, the system almost continuously recognizes the location of the mobile phone. For example, mobile location information (location cell, GPS information, etc.) may be acquired from the server and tracked. The charge amount is calculated as the travel distance of the mobile phone. If the battery of the mobile phone runs out, or if the location cannot be specified, a fixed charge may be applied.
The camera for reading the vehicle information may be replaced with other vehicle information acquisition means necessary for billing, such as a license plate provided with a communication function.
[Operation] The ETC system needs to recognize a vehicle running at high speed instantly when passing through a gate or boundary line, and to instantaneously perform two-way communication with the vehicle and transfer of electronic currency. Precision and high reliability are required, and security functions such as the confidentiality of credit card information and the prevention of data tampering are required, so a large amount of processing is required instantaneously. This is the reason for the high cost of ETC systems. The present invention only needs to photograph the car and read the license plate, and the signal processing technology therefor is mature. In addition, since confidential information is not transferred, a large amount of instantaneous processing when passing through a gate is not required, and an on-vehicle device and an ETC card are not required, both road and vehicle costs can be reduced. It also solves problems such as counterfeit highway cards. It is also easy to separate the car owner from the payer. Non-stop at toll gates can be easily realized. Since the card is not used, there is no need to worry about forgery of the card, shortage of electronic currency balance, and complicated increase.

FIG. 69 is a block diagram showing another payment method and system.
In an electronic payment system and method for processing commercial payments between a bank, a buyer and a seller, the buyer uses the identification ID (FIG. 69, 1) to purchase an item (FIG. 69, 6) from the seller. The seller generates a payment request (FIG. 69, 2) requesting the payment of the usage amount, and sends the payment request to the bank (FIG. 69, 6903) to approve the payment request. The bank presents the confirmation request (FIGS. 69, 3) to the buyer in order to confirm the settlement request to the buyer. The buyer confirms the settlement request by transmitting authentication information such as a personal identification number (FIGS. 69 and 4) to the bank through the buyer communication module. The bank sends the authorization (Figs. 69, 5) to the seller only after being confirmed by the buyer.
Communication confirmation treatment is implemented for communication requests for confirming payment requests. The registration information transmitted by the authentication program activated in the communication confirmation treatment includes the authentication information. There is an effect that the input of the authentication information can be avoided in a public place. Preferably, the electronic payment is invalidated after confirming the payment request. Then, before each payment, the electronic payment is validated so that the user is always authenticated and there is no risk of damage even if the mobile phone is lost.

Mobile phone key [Field] A mobile phone is used as a key for a home door, safe, car, etc.
[Means] When unlocking, the electric lock control system confirms the unlocking to the user through the communication module. Only unlock after confirmation by the user. The confirmation is performed by sending authentication information such as a personal identification number to the electric lock control system.
FIG. 32 illustrates the configuration of the electric lock control system. In the first embodiment, the case of unlocking by making a mobile phone call has been described. In this example, the electric lock side of the controlled device is the originator. When the user operates the unlocking operation means such as the unlocking operation button to unlock, the system sends a message to the user. 70 and 71 show an example of giving communication confirmation treatment to an unlock confirmation communication request. The system unlocks only after receiving the predetermined authentication information.
The unlocking operation may be collated with the password input by the ten keys.
The unlocking operation may simply be performed by pressing the call push button that also serves as the intercom. You may make a call between the intercom and the mobile phone. Can be unlocked remotely.
[Effect] A strong lock can be realized by the result of personal authentication such as biometric authentication without a key or keyhole.

[Field] This embodiment relates to collection of traffic information and route guidance of a mobile body.
This specification shows a mobile communication terminal device using a mobile phone. The mobile communication terminal device is not limited to a mobile phone, and an electronic information device having a communication function (notebook PC, PDA, electronic notebook, car navigation system, etc.) can be used.
[Background] A technique for collecting traffic information from a vehicle is known from Patent Documents 14 and 15. A technique for predicting a road use situation is known from Patent Document 17. The technique disclosed in Patent Document 16 is for avoiding the occurrence of traffic congestion.
[Problem] To provide efficient and efficient collection of traffic information by a mobile communication device, prevention and avoidance of traffic congestion, and guidance of a dynamic route of a mobile body.
[Means] The optimal route calculation function that includes a database of information such as traffic information, maps and facility data, and vehicle-wide elements is integrated in the traffic center, and the traffic center departs from the user (pedestrian, car) via the communication line. It collects travel plans including time and destinations and provides recommended travel plans and recommended routes to users.
When the user's mobile communication device acquires the current position information, the traffic center communicates with the mobile body to grasp the movement situation, and when a traffic jam ahead of the travel route occurs and is predicted, a vehicle that can eliminate the traffic jam Select and transfer to the avoidance route, search the necessary information when necessary, such as the map in front is newer than the map owned by the mobile body, or the mobile body does not have the map in front, and transfer it to the mobile device To do.
Every time it communicates with a mobile device, it collects movement information such as position, speed, traveling direction, and updates the traffic condition database. Transportation centers provide communication methods with mobile devices, including constant connection, interval connection, and connection only when an event is detected.
The mobile device measures the position, speed, direction of travel, etc., gives the control treatment necessary for the traffic center, such as acquisition of measurement data, transfer of map and voice information, and alerting, so that the user releases the steering wheel while driving. Instead, exchange the necessary information with the transportation center.

When a mobile device issues a communication request to the traffic center, it detects information including the position of the mobile device and transfers requests such as route search and congestion information search to the traffic center, and the traffic center sends the route and command. When the user leaves the route and operates in accordance with a command, guides the user to the received route, or requests the route to the traffic center again when the user leaves the route.
Detecting events such as intersections and vehicle speed changes at positions such as uphill, which is a cause of traffic congestion, when fog, visibility is poor, the traffic center continuously grasps the position of the vehicle, and the position of surrounding vehicles is used by the driver. Notify, recommend speed adjustment, protect safe inter-vehicle distance, assist traffic jam prevention and safe driving.
Providing danger prevention services through communication between approaching vehicles through the mediation of a traffic center. Cars that are close to you while moving are treated as a group, and the transportation center knows the position of each member of the group, and you can exchange the connection numbers of each member through the mediation of the transportation center and directly connect between vehicles, information communication between vehicles When the position of another vehicle in the group is displayed on the screen of the mobile device and the danger of a nearby vehicle approaching backward, forward, sudden braking, airbag operation, or accident is detected, an emergency call is sent to the related vehicle. And warn. The vehicle positions of all approaching groups are grasped in real time, the distance between vehicles is maintained, and data is provided to the automatic driving system installed in each vehicle.
If the traffic center lacks information, it will collect information using a mobile phone with a position detection device that is on a moving body such as a car as a mobile monitor, analyze the received information, create an information collection command, and display it on the monitor. Send it back.
One way to activate the monitor is to automatically send the information to the traffic center if the traveling speed exceeds 20km / h and the set conditions are met. One response or command of the traffic center that received the information returns the transmission interval t. Let t be a positive correlation with monitor density p. That is, when p increases, t increases. Since the possibility of duplicate information transmission increases as the density increases, it is possible to suppress wasteful information transmission by increasing the transmission interval. For example, t is calculated by t = a * p + b using constants a and b. In a specific example, if p is within a radius of 10 km and the number of monitors within 10 minutes of the difference in transmission time is 10 and a = 5 and b = 10, t is 60 minutes. That is, the monitor is instructed to transmit the information again after 60 minutes.

The specific definition (calculation) method of p and the values of a and b may differ depending on the importance of the measurement site. For example, when it is necessary to increase the measurement density in the central part of the city more than in the suburbs, the values of a and b or the count radius of p may be smaller than that in the suburbs. The center selects and uses a predetermined value depending on the current location of the monitor.
Furthermore, the following information transmission conditions may be included in the command: Do not transmit during the specified time period. Do not make a call within the specified speed range. Do not call within the specified geographical area. Send only when the speed or moving direction changes.
The operation of mobile monitors rewards information providers or launches mobile phones with built-in automatic monitors. Preferably, the reward providing method converts the amount of information provided into reward points and stores the reward points in a memory. Offer services such as route guidance in exchange for points accumulated by users.
It can control traffic flow and signal control by emergency vehicles. For example, when the expected position of the vehicle is close to the intersection, the traffic center sends a signal to grasp the vehicle position in real time and does not give an unnecessary red traffic light. The emergency vehicle can optimize the forward traffic signal by transmitting the position information in real time. The traffic center can check the position of another vehicle on the route ahead of the emergency vehicle and instruct the vehicle to evacuate.
The traffic center can monitor the behavior of overspeeding and the behavior of vehicles near the intersection, and if it detects the risk of a collision, it will immediately alert the relevant drivers and pedestrians. The traffic center can provide a route guidance service to pedestrians who have mobile terminals. The last train or the avoidance route of train suspension can be guided according to the travel plan, commuting route, current location, time, etc.

[Action, effect]
While providing traffic guidance, there is an effect that information for this realization can be collected. Increased traffic congestion → Increased demand for services → Increased amount of information that can be collected by transportation centers → Guidance based on the collected information → Feedback of reduced congestion can be expected.
By dynamically guiding the recommended route, the traffic center can realize an optimal traffic system by changing the orderless traffic flow of the past in order. It is possible to provide accurate, real-time, personalized information for individual drivers and pedestrians. It is possible to predict before the occurrence of traffic congestion and to specify the optimal avoidance route according to the route information of each vehicle, and to fully utilize the transportation capacity of the transportation network without concentrating it on a specific road. You can Compared to the case where the sensor is fixedly installed on the road, the measurement points are not limited, and it is possible to collect the traffic condition information evenly on the road evenly or according to importance.
It is possible to guide the vehicle to the dynamic route guidance and the avoidance of traffic congestion without operating the cell phone which is prohibited by the traffic law while moving or driving. Can guide pedestrians to detours in case of train operation stop accident.
It facilitates safe driving support, traffic management optimization, road management efficiency, pedestrian support, emergency vehicle operation support, alleviation of traffic congestion and prevention of traffic congestion.

  As described above, the present invention is suitable for a communication method using an electronic device on a communication network.

It is a figure which shows the basic schematic structural example of this invention. It is a layout diagram of a record showing the contents of the TDB. It is a layout diagram of a record showing the contents of R1DB. It is a layout diagram of a record showing the contents of GDB. It is a layout diagram of a record showing the contents of R2DB. It is a layout diagram of a record showing the contents of R3DB. It is a layout diagram of a record showing the contents of R4DB. It is a layout diagram of a record showing the contents of R5DB. It is a layout diagram of a record showing the contents of TRDB. It is a layout diagram of a record showing the contents of the PDDB. It is a layout diagram of a record showing the contents of the VDB. It is a layout diagram of a record showing the contents of VRDB. 3 is a flowchart of an embodiment of the present invention. It is a flowchart of another embodiment. It is a flowchart of another embodiment. It is a figure which shows the structure of another embodiment. It is a flowchart of another embodiment. It is a figure which shows another embodiment structural example. It is a flowchart of another embodiment. It is a partial flowchart of the early determination process of another embodiment. It is a flowchart of another embodiment. It is a flowchart of another embodiment. It is a flowchart of another embodiment. It is a figure which shows another embodiment structural example. It is a flowchart of another embodiment. It is a flowchart of another embodiment. It is a figure which shows the structure of another embodiment. It is a figure which shows the structure of another embodiment. It is a transmission processing partial flowchart. It is a figure which shows the system configuration regarding anonymous communication. It is a partial flowchart of a process of a 1st party. It is a partial flowchart of a process of the second party. It is a flowchart of a treatment exchange processing part. It is a flowchart of another embodiment. It is a figure which shows the structure of one Embodiment. It is a conceptual diagram which shows the structure of a position information system. It is a flow chart of a vehicle running guidance function. It is a conceptual diagram of another form of this invention regarding position information and the like. It is a figure which shows the structure of a mail transmission client. It is a mail transmission flowchart. It is a block diagram which shows the structure of a multifunctional telephone. It is a figure which shows the instruction file content of the said telephone. It is a flowchart of the said telephone. It is a figure which shows the example which gives the treatment which can be normally called to the telephone number of a person concerned by automatic examination automatically. It is a figure which shows the telephone structure of an answering machine. It is a figure which shows the instruction file content of the said telephone. It is a block diagram which shows the structure of a mail receiving client Example. It is a figure which shows the instruction file content of the said Example. It is a schematic flowchart of a reception process. It is a figure which shows a question input screen. It is a figure which shows an initial treatment selection screen. It is a block diagram showing an Internet videophone and a monitoring system configuration. It is a block diagram which shows the internal structure of the Example. It is a flowchart which shows operation | movement of a main program. It is a figure which shows a main menu screen. It is a figure which shows a contact book screen. It is a figure which shows a member addition screen. It is a figure which shows a treatment application process. It is a figure which shows a personal setting screen. It is a flow chart which shows login processing operation. It is a figure which shows a friend list edit screen. It is a figure which shows a treatment application qualification designation screen. It is a flowchart which shows operation | movement of a video-phone communication program. It is a figure which shows a connection standby screen. It is a figure which shows the screen during a video-phone communication. It is a figure which shows the flow outline which builds a treatment relationship. It is a block diagram which shows the structure of a mail server system Example. It is a figure which shows a treatment information data database. It is a block diagram which shows a guidance information data database (GDB). It is a figure which shows a 2nd rule set. It is a figure which shows a 1st rule set. It is a figure which shows the 3rd rule set for attack prevention. It is a figure which shows a usage constant. It is a figure showing the 3rd rule set for cancellation. It is a figure which shows a 5th rule set. FIG. 6 illustrates a user interface of an input component. It is a figure which shows the data passed to an input component. FIG. 6 is a block diagram illustrating a method and system for electronic payment. It is a figure which shows TDB of an electronic payment Example. It is a figure which shows R1DB of an electronic payment Example. It is a block diagram of another embodiment about a ticket. It is a figure which shows an account and a virtual account typically. It is a flow chart of transaction processing in a virtual account schematic diagram. It is a flowchart of an approval process. 8 is a flowchart of offline approval.

11, 111, 211 ... Processor 12, 112, 212 ... Input / output control means 13, 14, 114, 214 ... Storage device 15, 115, 215 ... Communication transfer device 16 ... Keyboard and display unit.
17: microphone, speaker 18: camera, keyboard and display.
19: Vibrator 20: Fingerprint sensor

Claims (68)

A method performed by a computer,
Determining whether the transaction request meets the conditions,
Transmitting information on the transaction to a terminal of a communication destination designated by the user,
In a method including
The information includes a code that causes the terminal to operate,
A method of performing the operation when the terminal receives the code. The method according to claim 1, wherein the operation includes causing the display means of the terminal to display information. The method according to claim 2, wherein the information includes at least one of a content indicating completion of acceptance of the transaction and a request to approve the transaction. The method according to any one of claims 2 to 3, wherein the information is transmitted to the terminal when the transaction amount of the transaction exceeds a threshold value. The method according to any one of claims 1 to 4, wherein the operation includes activating an informing unit of the terminal, and the informing unit draws attention of a party. The method according to claim 5, wherein the notification means includes one that utilizes at least one of visual sense, auditory sense, and vibration. 7. The method according to any one of claims 1 to 6, wherein the operation includes executing a program on the terminal. The method according to claim 7, wherein the program includes a program for transmitting user authentication information. 9. The method according to claim 7, wherein the program includes a program that authenticates a user. 10. The method according to claim 7, wherein the program includes a program that authenticates a user based on personal identification information. The method according to claim 7, wherein the program includes a program that authenticates a user based on biometric information. The method according to claim 11, wherein the biometric information includes fingerprint information. The conditions include a limit,
The method according to claim 1, wherein the transaction amount of the transaction is subtracted from the limit amount to calculate a new limit amount, that is, a balance. The method according to claim 13, wherein when the balance is below a threshold value, information for notifying the communication destination is transmitted. Information necessary for determining conditions including the balance is stored in a recording medium,
The method according to any one of claims 13 to 14, wherein the recording medium is an IC card. When the available amount of the financial instrument used for payment in the transaction is below a threshold value, it is possible to send information to that effect to the communication destination. The method described. The transaction includes a cash withdrawal transaction,
The method according to any one of claims 1 to 16. The transaction comprises at least one of a debit card transaction, a credit card transaction, a transfer, and an inter-account transfer.
The method according to any one of claims 1 to 16. Including those in which the transaction is between a payer and a payee,
Transaction information of the transaction is entered by the payee,
The transaction information is selected from a group consisting of an amount and information identifying the payee,
The method according to any one of claims 1 to 16. The transaction is a charge transaction for charging electronic money,
The electronic money is electronic data,
The electronic data is data relating to a monetary value balance amount that can be used for settlement,
The charge transaction increases the balance amount,
The method according to any one of claims 1 to 16. The terminal includes a computer,
The method according to any one of claims 1 to 20. The terminal includes a portable electronic device,
The method according to any one of claims 1 to 20. The portable electronic device includes a mobile phone,
23. The method of claim 22. Means for determining whether or not a transaction request satisfies a condition,
Means for transmitting information regarding the transaction to the terminal of the communication destination designated by the user,
In a server with
The information includes a code that causes the terminal to operate,
A server that performs the operation when the terminal receives the code. 25. The server according to claim 24, wherein the operation includes displaying information on a display unit of the terminal. 26. The server according to claim 25, wherein the information includes at least one of content indicating completion of acceptance of the transaction or a request to approve the transaction. 27. The server according to claim 25, wherein the information is transmitted to the terminal when the transaction amount of the transaction exceeds a threshold value. The server according to any one of claims 24 to 27, wherein the operation includes activating an informing unit of the terminal, and the informing unit draws attention of a party. 29. The server according to claim 28, wherein the notification unit includes one that uses at least one of visual sense, auditory sense, and vibration. The server according to any one of claims 24 to 29, wherein the operation includes causing the terminal to execute a program. The server according to claim 30, wherein the program includes a program for transmitting user authentication information. The server according to any one of claims 30 to 31, wherein the program includes a program that authenticates a user. 33. The server according to claim 30, wherein the program includes a program that authenticates a user based on personal identification information. The server according to any one of claims 30 to 33, wherein the program includes a program that authenticates a user based on biometric information. The server according to claim 34, wherein the biometric information includes fingerprint information. The conditions include a limit,
The server according to any one of claims 24 to 35, wherein a balance, which is a new limit amount, is calculated by subtracting the transaction amount of the transaction from the limit amount. The server according to claim 36, wherein when the balance falls below a threshold value, information for notifying the communication destination is transmitted to the communication destination. Information necessary for determining conditions including the balance is stored in a recording medium,
The server according to any one of claims 36 to 37, wherein the recording medium is an IC card. 39. When the available amount of a financial instrument used for payment in the transaction falls below a threshold value, information notifying that effect can be transmitted to the communication destination. The listed server. The transaction includes a cash withdrawal transaction,
The server according to any one of claims 24 to 39. The transaction comprises at least one of a debit card transaction, a credit card transaction, a transfer, and an inter-account transfer.
The server according to any one of claims 24 to 39. Including those in which the transaction is between a payer and a payee,
Transaction information of the transaction is entered by the payee,
The transaction information is selected from a group consisting of an amount and information identifying the payee,
The server according to any one of claims 24 to 39. The transaction is a charge transaction for charging electronic money,
The electronic money is electronic data,
The electronic data is data relating to a monetary value balance amount that can be used for settlement,
The charge transaction increases the balance amount,
The server according to any one of claims 24 to 39. The terminal includes a computer,
The server according to any one of claims 24 to 43. The terminal includes a portable electronic device,
The server according to any one of claims 24 to 43. The portable electronic device includes a mobile phone,
The server according to claim 45. The terminal according to any one of claims 24 to 46. A system comprising the terminal according to claim 47 and the server according to any one of claims 24 to 46. A method performed by a computer,
Determining whether or not a condition including a limit amount is met when receiving a request for a transaction related to an account,
Automatically approving the request if the condition determined based on the authentication information is satisfied,
Including the method. The method of claim 50, wherein the account is a bank account. 51. The method of claim 50, wherein the account is a credit card account. The conditions include partner information of the user of the transaction,
52. A method according to any one of claims 49 to 51. The partner information includes at least one of a name and identification information,
53. The method of claim 52. The condition includes identification information,
The method according to any one of claims 49 to 53. The identification information is assigned to a user of the transaction,
The method of claim 54. The identification information includes at least one of a cash card number and an account number,
The method of claim 55. The identification information includes an IC card number,
The method of claim 54. The transaction is a charge transaction for charging electronic money,
The electronic money is electronic data,
The electronic data is data relating to a monetary value balance amount that can be used for settlement,
The charge transaction increases the balance amount,
58. A method according to any one of claims 49 to 57. Means for determining whether or not a condition including a limit amount is satisfied when receiving a request for transaction related to an account,
Means for automatically approving the request when the condition determined based on the authentication information is satisfied,
A server containing. The server of claim 60, wherein the account is a bank account. The server of claim 60, wherein the account is a credit card account. The conditions include partner information of the user of the transaction,
A server according to any one of claims 59 to 61. The partner information includes at least one of a name and identification information,
A server according to claim 62. The condition includes identification information,
The server according to any one of claims 59 to 63. The identification information is assigned to a user of the transaction,
The server according to claim 64. The identification information includes at least one of a cash card number and an account number,
The server according to claim 65. The identification information includes an IC card number,
The server according to claim 64. The transaction is a charge transaction for charging electronic money,
The electronic money is electronic data,
The electronic data is data relating to a monetary value balance amount that can be used for settlement,
The charge transaction increases the balance amount,
A server according to any one of claims 59 to 67.