JP2020112839A - Information processing system - Google Patents

Abstract

To provide a technique capable of reducing a risk of leakage of personal information or the like in settlement processing by an electronic method.SOLUTION: A service code acquisition unit 102 of a user terminal 2 acquires an authentication service code generated in a store terminal 1. A C-OTID generation unit 104 generates a C-OTID indicating that the user terminal 2 is a regular terminal to which an authentication service is applied. A user terminal information generation unit 106 generates user terminal information. A user authentication unit 203 of an authentication server 3 acquires the user terminal information transmitted from the user terminal 2 and authenticates as a user. A user parameter conversion unit 204 generates a user parameter indicating the user authentication result based on a user authentication result. An authentication server information transmission control unit 205 transmits the authentication service code and the user parameter to a settlement server as authentication server information executed by the store terminal, the settlement server, the user terminal and the authentication server.SELECTED DRAWING: Figure 4

Description

The present invention relates to an information processing system.

Conventionally, for example, an electronic settlement method using a credit card or the like has been widely used.
While such an electronic settlement method is very convenient for the user, there is an inherent risk of leakage of personal information and fraudulent settlement. Therefore, how to eliminate such risks and ensure security in the electronic settlement method is a big issue.
In this regard, for example, a technique for preventing unauthorized use of a credit card has been proposed (for example, see Patent Document 1).

JP, 2005-152952, A

However, according to the conventional techniques including the technique of Patent Document 1 described above, for example, it is impossible to avoid the process of transmitting the personal information of the user to the terminal of the store that closes the accounts.
That is, since the user's personal information is always transmitted to the store terminal once, the user's personal information is inevitably stored in the store terminal.
Therefore, the personal information of the user stored in the terminal of the store may be misused by an employee of the store, or the personal information may be leaked from the terminal of the store.

The present invention has been made in view of such a situation, and an object of the present invention is to reduce the risk of personal information leakage in electronic settlement processing.

In order to achieve the above object, an information processing system of one embodiment of the present invention is
A request source device managed by a service request source that requests payment as an authentication service,
A user terminal managed by a user who executes the authentication service,
An authentication server for authenticating the user,
A payment server that executes payment processing for the user;
In an information processing system including
The user terminal is
Service code acquisition means for acquiring from the request source device an authentication service code used by the user as a general-purpose authentication code for executing the authentication service;
First authenticator generating means for generating a first one-time authenticator indicating that the user terminal is legitimate;
A first transmission information generation that generates an encrypted password by encrypting the input password, and generates the first transmission information including the encrypted password, the authentication service code, and the first one-time authenticator. Means and
First transmission control means for controlling transmission of the first transmission information to the authentication server,
Equipped with
The authentication server is
First reception control means for controlling to receive the first transmission information from the user terminal,
A user parameter indicating an authentication result of the user is generated based on the password obtained by decrypting the encrypted password included in the first transmission information and the first one-time authenticator included in the first transmission information. User authentication means to
Second transmission control means for controlling to transmit the second transmission information including the authentication service code included in the first transmission information and the user parameter to the payment server;
Equipped with.

The information processing device and the program according to one embodiment of the present invention are also provided as devices and programs corresponding to the information processing system according to the one embodiment of the present invention.

According to the present invention, it is possible to reduce the risk of personal information leakage or the like in settlement processing by an electronic method.

It is a figure which shows the structure of the information processing system which concerns on 1st Embodiment of this invention. It is a block diagram which shows an example of the hardware constitutions of a user terminal in the information processing system of FIG. It is a block diagram which shows an example of the hardware constitutions of an authentication server in the information processing system of FIG. It is a functional block diagram which shows an example of a functional structure for performing a payment support process among the functional structures of the user terminal of FIG. 2, and the authentication server of FIG. It is a figure which shows the outline of the flow of the payment support process performed by the user terminal of FIG. 4, an authentication server, etc. 5 is an arrow chart showing a flow of payment support processing executed by the user terminal, the authentication server, and the like of FIG. 4. 7 is a flowchart illustrating a detailed flow of a series of processes mainly executed in the user terminal of FIG. 2 among the payment support processes of FIGS. 5 and 6. 7 is a flowchart illustrating a detailed flow of a series of processes mainly executed by the authentication server of FIG. 3 among the payment support processes of FIGS. 5 and 6. 7 is a flowchart illustrating a detailed flow of a series of processes mainly executed in the payment server of FIG. 1 among the payment support processes of FIGS. 5 and 6. Of the payment support processing of FIGS. 5 and 6, it is a series of processing mainly executed by the store terminal of FIG. 1, the payment server, and the user terminal of FIG. 2, and includes processing P4-4, processing P4-2, and processing P4-2. It is a flow chart explaining the detailed flow of processing after P4-1. It is an example of the structure of the information processing system which concerns on 2nd Embodiment of this invention, and is a figure which shows 2nd Embodiment of this invention. It is a functional block diagram which shows an example of a functional structure of the store terminal of FIG. 11, a payment server, a user terminal, and an authentication server, and is a figure which shows an example different from the example of FIG. It is a figure which shows the outline of the flow of the payment support process performed by the store terminal of FIG. 12, a payment server, a user terminal, and an authentication server. It is an arrow chart which shows the flow of the payment assistance process performed by the store terminal of FIG. 12, a payment server, a user terminal, and an authentication server, and is a figure which shows an example different from the example of FIG. It is a flowchart explaining the detailed flow of a series of processes mainly performed in the user terminal of FIG. 11 among the payment support processes of FIG. 13 and FIG. 14, and is a figure which shows an example different from FIG. 7 etc. .. 13 is a flowchart illustrating a detailed flow of a series of processes mainly executed in the authentication server of FIG. 11 among the payment support processes of FIGS. 13 and 14, and is a diagram illustrating an example different from FIG. 8 and the like. .. 13 is a flowchart illustrating a detailed flow of a series of processes mainly executed in the user terminal of FIG. 11 among the payment support processes of FIGS. 13 and 14, and is a diagram illustrating an example different from FIG. 9 and the like. .. It is a flowchart explaining the flow of the payment result display process performed by the store terminal of FIG. 12, a payment server, and a user terminal, and is a figure which shows the example different from the example of FIG. 10 thru|or FIG.

[First Embodiment]
Hereinafter, the first embodiment of the present invention will be described with reference to the drawings.
FIG. 1 is a diagram showing an outline of an information processing system according to the first embodiment of the present invention.

The information processing system shown in FIG. 1 includes a store terminal 1, a user terminal 2, an authentication server 3, and a payment server 4.
The shop terminal 1, the user terminal 2, the authentication server 3, and the payment server 4 are mutually connected via a predetermined network N such as the Internet.
The number of each of the store terminal 1, the user terminal 2, the authentication server 3, and the payment server 4 may be any number of 1 or more.

The store terminal 1 is managed in a store that provides products or services (hereinafter, referred to as “products and the like”) to users, and generates an authentication service code.
The store is a trader or the like that provides products and the like to the user on the condition that the user pays the price.
The authentication service code is a general-purpose authentication code for a user to execute a payment service for products and the like (hereinafter, referred to as “this service”).

The user terminal 2 is operated by the user, has the authentication server 3 authenticate that it is a proper device to which the service is applied, and requests the payment service 3 to execute the service (execute the payment). ..
That is, the user operates the user terminal 2 to execute the service (execute the payment), and receives a product or the like from the store.

As described above, the authentication server 3 authenticates whether the user terminal 2 is a proper device to which this service is applied, and notifies the settlement server 4 of the result of the authentication.
The payment server 4 is managed by various payers such as a credit company, and executes this service (executes payment) based on the authentication result transmitted from the authentication server 3.

FIG. 2 is a block diagram showing an example of the hardware configuration of the user terminal 2 in the information processing system of FIG.

The user terminal 2 is composed of a smartphone or the like.
The user terminal 2 includes a CPU (Central Processing Unit) 11, a ROM (Read Only Memory) 12, a RAM (Random Access Memory) 13, a bus 14, an input/output interface 15, a touch operation input unit 16, and a display. The unit 17 includes an input unit 18, a storage unit 19, a communication unit 20, and a drive 21.

The CPU 11 executes various processes according to a program recorded in the ROM 12 or a program loaded from the storage unit 19 into the RAM 13.
The RAM 13 also appropriately stores data and the like necessary for the CPU 11 to execute various processes.

The CPU 11, ROM 12, and RAM 13 are connected to each other via a bus 14. An input/output interface 15 is also connected to the bus 14. A touch operation input unit 16, a display unit 17, an input unit 18, a storage unit 19, a communication unit 20, and a drive 21 are connected to the input/output interface 15.

The touch operation input unit 16 includes, for example, a capacitance type or resistance film type (pressure sensitive type) position input sensor stacked on the display surface of the display unit 17, and detects the coordinates of the position where the touch operation is performed.
Here, the touch operation refers to an operation of touching or approaching an object with respect to the touch operation input unit 16. The object that comes into contact with or approaches the touch operation input unit 16 is, for example, a user's finger or a touch pen. Note that, for example, in the present embodiment, the user inputs the password by touch operation.
The display unit 17 is composed of a display such as a liquid crystal and displays various images such as an image showing the result of payment.
As described above, in the present embodiment, the touch operation input unit 16 and the display unit 17 form a touch panel.

The input unit 18 is configured by various kinds of hardware and inputs various kinds of information according to a user's instruction operation.
The storage unit 19 is configured by a DRAM (Dynamic Random Access Memory) or the like, and stores various data.
The communication unit 20 controls communication with other devices (the authentication server 3, the payment server 4, etc. in the example of FIG. 1) via the network N including the Internet.

The drive 21 is provided as needed. A removable medium 22 including a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is appropriately mounted on the drive 21. The program read from the removable medium 22 by the drive 21 is installed in the storage unit 19 as needed. In addition, the removable medium 22 can also store various data stored in the storage unit 19 in the same manner as the storage unit 19.

FIG. 3 is a block diagram showing an example of the hardware configuration of the authentication server in the information processing system of FIG.

The authentication server 3 includes a CPU 31, a ROM 32, a RAM 33, a bus 34, an input/output interface 35, an output unit 36, an input unit 37, a storage unit 38, a communication unit 39, and a drive 40. There is.
The configuration of the authentication server 3 is the same as the configuration of the user terminal 2 of FIG. 2 excluding the touch panel, and therefore the description thereof is omitted here.
Further, the configuration of the authentication server 3 is the same for the store terminal 1 and the payment server 4 in FIG. 1, and therefore the description thereof is omitted here.

By the cooperation of various hardware and various software of the shop terminal 1, the user terminal 2, the authentication server 3, and the payment server 4, it is possible to execute various processing such as payment support processing. The settlement support process refers to various processes such as user authentication for supporting the settlement process when the store provides a product or the like to the user.
FIG. 4 is a functional block diagram showing an example of a functional configuration for executing a payment support process among the functional configurations of the user terminal of FIG. 2 and the authentication server of FIG.

As shown in FIG. 4, in the CPU 11 of the user terminal 2, the higher-level request unit 101, the service code acquisition unit 102, the PW input unit 103, the C-OTID generation unit 104, the PW encryption unit 105, and the user. The terminal information generation unit 106, the user terminal information transmission control unit 107, the server authentication unit 108, the authentication seed update unit 109, the settlement result acquisition unit 110, and the presentation unit 111 function.

The upper request unit 101 executes a higher request to the payment server 4. Here, the upper request means to request the settlement server 4 to receive the settlement result.

The service code acquisition unit 102 acquires the authentication service code generated in the store terminal 1.
Here, the method of acquiring the authentication service code is not particularly limited.
For example, a QR code (registered trademark) indicating an authentication service code is displayed on a display unit (not shown) of the store terminal 1, and an image capturing unit (not shown) of the user terminal 2 displays a display unit including the QR code (registered trademark). A method of acquiring the authentication service code by capturing an image may be adopted.
Further, for example, a method of acquiring the authentication service code from the store terminal 1 by using short-range wireless communication such as NFC (Near Field Communication) (registered trademark) may be adopted.
The user terminal 2 transmits this authentication service code to the payment server 4 via the authentication server 3 as information for specifying the store to be paid. This eliminates the need to send and receive the user's personal information at the time of payment between the user terminal 2 and the store terminal 1, and thus reduces the risk that personal information at the time of payment will flow out from the store terminal 1.

The PW input unit 103 receives a password input from the user on the touch panel.

The C-OTID generation unit 104 updates the one-time ID, for example, at the time of executing the previous payment as an authenticator indicating to the authentication server 3 that the user terminal 2 is a proper device to which this service is applied. It is generated based on the generated authentication seed and common encryption key.
As will be described later, since the authentication server 3 side also generates a one-time ID, the one-time ID generated by the C-OTID generation unit 104 is hereinafter referred to as a “C-OTID” in order to distinguish it. ..

The PW encryption unit 105 generates an encrypted password by encrypting the password accepted by the PW input unit 103 by a predetermined method.

The user terminal information generation unit 106 stores the encrypted password generated by the PW encryption unit 105, the authentication service code acquired by the service code acquisition unit 102, and the C-OTID generated by the C-OTID generation unit 104. The included information is generated as user terminal information.

The user terminal information transmission control unit 107 executes control for transmitting the user terminal information generated by the user terminal information generation unit 106 to the authentication server 3 via the communication unit 20.

In this way, the user terminal information (particularly the C-OTID and the encrypted password) transmitted from the user terminal 2 to the authentication server 3 is used in the authentication server 3 for various processes such as user authentication.
The authentication server 3 also generates an S-OTID, which will be described later, and transmits the S-OTID to the user terminal 2.
Therefore, the server authentication unit 108 acquires the S-OTID and the updated authentication seed information via the communication unit 20, and authenticates the authentication server 3 based on the acquired S-OTID.
The authentication seed updating unit 109 updates the authentication seed based on the result of authentication by the server authentication unit 108.

The payment result acquisition unit 110 receives the higher-order request from the higher-order request unit 101, and acquires the result of the payment processing transmitted from the payment server 4 via the communication unit 20. The presentation unit 111 presents the result of the payment processing acquired by the payment result acquisition unit 110 to the user by displaying the result of the payment processing on the display unit 17.

Next, the functional configuration of the authentication server 3 will be described.
In the authentication server 3, a user terminal information acquisition unit 201, a decryption unit 202, a user authentication unit 203, a user parameter conversion unit 204, an authentication server information transmission control unit 205, and an S-OTID generation/update unit 206. Function.
A UPDB (User Parameter Database) 301 is provided in one area of the storage unit 38 of the authentication server 3.

The user terminal information acquisition unit 201 acquires the user terminal information transmitted from the user terminal 2 via the communication unit 39.
The decryption unit 202 decrypts the above password from the encrypted password included in the user terminal information acquired by the user terminal information acquisition unit 201.

The user authentication unit 203 applies the service to the user terminal 2 based on the password decrypted by the decryption unit 202 and the C-OTID included in the user terminal information acquired by the user terminal information acquisition unit 201. Authentication of being a legitimate terminal (hereinafter appropriately referred to as “user authentication”) is performed.

The user parameter conversion unit 204 generates a parameter indicating the result of user authentication by the user authentication unit 203 as a user parameter and stores it in the UPDB 301.
The form of the user parameter is not particularly limited as long as it shows the result of the user authentication. Specific examples of user parameters adopted in this embodiment will be described later with reference to FIGS. 8 and 9.

The authentication server information transmission control unit 205 uses, as the authentication server information, information including the authentication service code of the user terminal information acquired by the user terminal information acquisition unit 201 and the user parameter generated by the user parameter conversion unit 204. , Executes control for transmission to the payment server 4 via the communication unit 39.

Upon receiving the authentication server information, the payment server 4 recognizes the authentication result of the user based on the user parameter in the authentication server information.
The payment server 4 executes a predetermined payment process when the user authentication is successful, executes a predetermined error process when the user authentication is unsuccessful, and a payment result indicating the execution content. Is transmitted to each of the store terminal 1 and the user terminal 2.
Here, the payment process refers to a series of processes related to the execution of this service, that is, a series of processes for a user who purchases a product or the like at a store until payment for the product or the like is paid.

The S-OTID generation/update unit 206 of the authentication server 3 generates a one-time ID as an authenticator indicating that the authentication server 3 is legitimate, based on the authentication seed and the common encryption key updated at the time of the previous payment. .. Then, the S-OTID generation/update unit 206 executes control for transmitting the generated S-OTID to the user terminal 2 via the communication unit 39.
Since the user terminal 2 side also generates the one-time ID as described above, the one-time ID generated by the S-OTID generation/update unit 206 will be hereinafter referred to as “S-OTID” in order to distinguish it from the one-time ID. .. The S-OTID is an authenticator indicating that the authentication server 3 is legitimate.
That is, in the present embodiment, not only the authentication server 3 authenticates the user, but also the user terminal 2 employs mutual authentication in which the authentication server 3 is authenticated. Therefore, the S-OTID is generated by the S-OTID generation/update unit 206 and transmitted to the user terminal 2.

Further, the two one-time IDs C-OTID and S-OTID are generated using the authentication seed created (updated) in advance. Therefore, a mechanism of authentication using the authentication seed will be briefly described.
In the first embodiment, an authentication seed and a common encryption key common to one or more services are used.
Specifically, for example, the C-OTID generation unit 104 of the user terminal 2 copies the authentication seed and the common encryption key common to one or more services to the operation stack on the RAM 13 and uses the copied authentication seed as the authentication seed. Based on this, the C-OTID is generated and is transmitted to the authentication server 3. The C-OTID generation unit 104 also updates the authentication seed at the same time.
The user authentication unit 203 of the authentication server 3 authenticates the validity of the user terminal 2 based on the C-OTID transmitted from the user terminal 2.
On the other hand, the S-OTID generation/update unit 206 of the authentication server 3 generates an S-OTID based on the previously updated authentication seed and common encryption key, and transmits the S-OTID to the user terminal 2. The S-OTID generation/update unit 206 also updates the authentication seed at the same time.
The server authentication unit 108 of the user terminal 2 determines the authenticity of the authentication server 3 based on the S-OTID transmitted from the authentication server 3.

The functional configuration for executing the payment support processing by the user terminal 2 and the authentication server 3 has been described above with reference to FIG. Subsequently, the flow of the payment support process executed by the user terminal 2, the authentication server 3, and the like will be described with reference to FIGS. 5 and 6.

FIG. 5 is a diagram showing an outline of the flow of payment support processing executed by the user terminal, the authentication server, and the like shown in FIG.
FIG. 6 is an arrow chart showing a flow of payment support processing executed by the user terminal, the authentication server, and the like shown in FIG.

In step Sa0-1, the shop terminal 1 generates an authentication service code.
In step Sa0-2, the service code acquisition unit 102 of the user terminal 2 acquires the authentication service code generated in the store terminal 1.

In step Sa1, the higher-level request unit 101 executes a higher-level request to the payment server 4. That is, the higher-level request unit 101 requests the payment server 4 to receive the payment result.

In step Sa2, the PW input unit 103 receives a password input from the user via the touch operation input unit 16. Then, the PW encryption unit 105 generates an encrypted password by encrypting the password.

In step Sa3, the C-OTID generation unit 104 generates a C-OTID based on the previously updated authentication seed and common encryption key.

In step Sa4, the user terminal information generation unit 106 outputs the user terminal information including the encrypted password generated in step Sa2, the authentication service code acquired in step Sa0, and the C-OTID generated in step Sa3. To generate.

In step Sa5, the user terminal information transmission control unit 107 transmits the user terminal information generated in step Sa4 to the authentication server 3.

In step Sa6, the user authentication unit 203 performs user authentication (client authentication) based on the password and C-OTID included in the user terminal information transmitted from the user terminal 2 in step Sa5.

In step Sa7, the decryption unit 202 of the authentication server 3 decrypts the encrypted password included in the user terminal information transmitted from the user terminal 2 in step Sa5 into the password described above.

In step Sa8, the S-OTID generation/update unit 206 generates an S-OTID based on the authentication seed and the common encryption key updated in step Sa3 of the previous payment support process, and updates the authentication seed.

In step Sa9-1, the authentication server information transmission control unit 205 transmits the authentication server side information including the S-OTID generated in step Sa8 and the updated authentication seed information to the user terminal 2.

In step Sa9-2, the server authentication unit 108 of the user terminal 2 acquires the authentication server side information transmitted in step Sa9-1, that is, the S-OTID and the like. The server authentication unit 108 authenticates the authentication server 3 based on the acquired S-OTID.

In step Sa9-3, the authentication seed updating unit 109 updates the authentication seed based on the result of being authenticated by the server authenticating unit 108.

In step Sa10, the user parameter conversion unit 204 generates a user parameter indicating the user authentication result performed in step Sa7.

In step Sa11, the authentication server information transmission control unit 205 provides the authentication server information including the authentication service code included in the user terminal information transmitted from the user terminal 2 in step Sa5 and the user parameter generated in step Sa10. It is transmitted to the payment server 4.

In step Sa12, the payment server 4 executes a payment process or an error process based on the authentication server information transmitted from the authentication server 3 in step Sa11, that is, the authentication service code and the user parameter.

In step Sa13-1, the payment server 4 transmits the result of the payment process or the error process executed in step Sa12 (hereinafter referred to as “payment result”) to the store terminal 1.
In step Sa13-2, the shop terminal 1 acquires the payment result transmitted from the payment server 4 in step Sa13-1, and the shop terminal 1 displays the acquired payment result.

In step Sa14, the payment server 4 transmits the payment result executed in step Sa12 to the user terminal 2.
In step Sa15, the payment result acquisition unit 110 of the user terminal 2 acquires the payment result transmitted from the payment server 4 in step Sa14. Then, the presentation unit 111 displays the settlement result on the display unit 17.

By implementing such payment support processing, when the payment processing is performed in the payment server 4, the user terminal 2 does not need to perform any communication other than acquisition of the authentication service code with the store terminal 1. There is no possibility that the personal information of the user will be transmitted to the store terminal 1.
Therefore, since the personal information of the user is not stored in the store terminal 1, there is no possibility that the personal information of the user will be misused by the employee of the store or the personal information will not be leaked from the store terminal 1 unlike the conventional case.
As described above, in the settlement of accounts by the electronic method, it is possible to reduce the risk of leakage of personal information.
Further, the details of the payment support process capable of producing such an effect will be described below with reference to FIGS. 7 to 10.

FIG. 7 is a flowchart illustrating a detailed flow of a series of processes mainly executed in the user terminal 2 of FIG. 2 among the payment support processes of FIG.

In step Sa0-1, the shop terminal 1 generates or receives an authentication service code. Note that the subsequent processing of the store terminal 1 will be described later with reference to FIG. 10 as processing P4-1.
In step Sa0-2, the service code acquisition unit 102 of the user terminal 2 acquires the authentication service code generated in the store terminal 1 in step Sa0-1. As described above, the method of acquiring the authentication service code is not particularly limited.

When the authentication service code is acquired in step Sa0-2, in step Sa1, the upper request unit 101 executes an upper request to the payment server 4, that is, a request to receive the payment result. Note that the receiving process of the settlement server 4 for this upper request is executed as a process P4-4-1, and the process of step Sa14 of FIG. 10 is executed as a response process thereof. The process of step Sa14 will be described later with reference to FIG.

In step Sa2, the PW input unit 103 receives a password input from the user via the touch operation input unit 16. Then, the PW encryption unit 105 encrypts the password accepted in step Sa2 to generate an encrypted password.
In step Sa3, the C-OTID generation unit 104 generates a C-OTID.
In step Sa4, the user terminal information generation unit 106 generates an authentication server transmission packet.
That is, the user terminal information generation unit 106 receives the encrypted password generated in step Sa2, the authentication service code acquired by the service code acquisition unit 102 in step Sa0-2, and the C-OTID generated in step Sa3. The user terminal information including is generated.
The user terminal information is composed of a plurality of packets in this embodiment. This packet corresponds to the above authentication server transmission packet.

In step Sa5, the user terminal information transmission control unit 107 transmits the authentication server transmission packet generated in step Sa4 to the authentication server 3.
As the subsequent processing of the user terminal 2, processing P4-2 is executed. The process P4-2 will be described later with reference to FIG.

When the authentication server transmission packet is transmitted to the authentication server 3 in step Sa4, the authentication server 3 executes processing P2-3.
Therefore, the process P2-3 in the authentication server 3 will be described below with reference to FIG.
FIG. 8 is a flowchart illustrating a detailed flow of a series of processes mainly executed by the authentication server 3 of FIG. 3 among the payment support processes of FIG.

In step Sa6, the user authentication unit 203 of the authentication server 3 performs client authentication (user authentication) based on the C-OTID transmitted from the user terminal 2, that is, the user terminal 2 is a target to which this service is applied. Authenticate that it is a terminal.

In step Sa7, the decryption unit 202 of the authentication server 3 decrypts the encrypted password included in the user terminal information transmitted from the user terminal 2 into the password described above.

In step SP3-1, the user authentication unit 203 determines whether or not the C-OTID used in the client authentication in step Sa6 is generated by an authorized terminal.
If the C-OTID is not generated by a regular terminal, NO is determined in step SP3-1, and the process proceeds to step Sa10-3. The processing after step Sa10-3 will be described later.
On the other hand, if the C-OTID is generated by a legitimate terminal, YES is determined in step SP3-1 and the process proceeds to step Sa8.

In step Sa8, the S-OTID generation/update unit 206 generates an S-OTID based on the previously updated authentication seed and common encryption key, and updates the authentication seed.

In step Sa9, the authentication server information transmission control unit 205 transmits the authentication packet to the user terminal 2.
That is, the authentication server information transmission control unit 205 transmits the authentication server side information including the S-OTID generated in step Sa8 and the updated authentication seed information to the user terminal 2. This authentication server side information is composed of a plurality of packets in this embodiment. This packet corresponds to the above authentication packet.
When the authentication server information transmission control unit 205 transmits the authentication server information to the user terminal 2, the process P4-2 is executed in the user terminal 2. The process P4-2 will be described later with reference to FIG.

In step SP3-2, the user parameter conversion unit 204 determines whether or not the password decrypted in step Sa7 has been input by a legitimate terminal.

If the password is entered on a legitimate terminal, YES is determined in step SP3-2, and the process proceeds to step Sa10-1.
In step Sa10-1, the user parameter conversion unit 204 determines that the C-OTID used in the client authentication in step Sa6 has been generated by a legitimate terminal and the password decrypted in step Sa7 is a legitimate terminal. An arbitrary user parameter is generated from the C-OTID in order to indicate the case where it is input.

On the other hand, when the acquired password is not the one input by the authorized terminal, NO is determined in step SP3-2, and the process proceeds to step Sa10-2.
In step Sa10-2, the user parameter conversion unit 204 is the one in which the C-OTID used in the client authentication in step Sa6 is generated by the regular terminal, and the password decrypted in step Sa7 is the regular terminal. "-2" is generated as a user parameter to indicate the case where the input is not made.

Further, as described above, when the C-OTID used in the client authentication in step Sa6 is not generated by a legitimate terminal, NO is determined in step SP3-1, and the process proceeds to step Sa10-3. move on.
In step Sa10-3, the user parameter conversion unit 204 generates "-1" as the user parameter when the C-OTID used in the client authentication in step Sa6 is not generated by a legitimate terminal.

That is, the case where the user parameter is “−2” or “−1” is the case where the user authentication (client authentication) in the authentication server 3 is NG, and the user parameter notifies the NG code. ..
In this way, when any one of the steps Sa10-1 to 10-3 (the step S10 in FIGS. 5 and 6) is executed to generate the user parameter, the process proceeds to step Sa11. ..

In step Sa11, the authentication server information transmission control unit 205 determines which of the authentication service code included in the user terminal information transmitted from the user terminal 2 in step Sa5 (FIG. 7) and steps Sa10-1 to 10-3. The authentication server information including the user parameters generated in those steps is transmitted to the payment server 4 as a packet.

When the authentication server information is transmitted to the payment server 4, the payment server 4 executes the process P3-4 of FIG.
FIG. 9 is a flowchart illustrating a detailed flow of the process after the process P3-4, which is a series of processes mainly executed in the payment server 4 of FIG. 1 in the payment support process of FIG. The process shown in FIG. 9 corresponds to the process of step Sa12 in FIGS. 5 and 6.

In step SP4-0, the payment server 4 receives the packet of the authentication server information transmitted from the authentication server 3 in step Sa11 as a payment packet.

In step SP4-1, the payment server 4 determines the user parameter included in the authentication server information.

When the payment server 4 extracts the user parameter “−1” in step SP4-1, the process proceeds to step SP4-2.
In step SP4-2, the payment server 4 generates a payment result of “payment result NG” indicating that the payment process is not normally completed and a reason code of “−1” indicating the reason.

When the payment server 4 extracts the user parameter “−2” in step SP4-1, the processing proceeds to step SP4-3.
In step SP4-3, the payment server 4 generates a payment result of “payment result NG” indicating that the payment process is not normally completed and a reason code of “−2” indicating the reason thereof.

The settlement server 4 advances the process to step SP4-4 when other user parameters are extracted in step SP4-1, that is, when the user parameter indicating that the user authentication is successful is extracted.
In step SP4-4, the payment server 4 executes the payment process based on the user parameters.

In step SP4-5, the payment server 4 determines whether the payment processing executed in step SP4-4 is OK.

If the payment server 4 determines that the payment process is NG, the process proceeds to step SP4-6.
In step SP4-6, the payment server 4 generates a payment result of “payment result NG” indicating that the payment process is not normally completed and a reason code of “−3” indicating the reason thereof.

On the other hand, if the settlement server 4 determines that the settlement process is OK, the settlement server 4 advances the process to step SP4-7.
In step SP4-7, the payment server 4 generates a payment result “payment result OK” indicating that the payment process has been normally completed.

In this way, when the settlement result or the like is generated in any of steps SP4-2, SP4-3, SP4-6, SP4-7, the processing proceeds to processing P4-4.
Therefore, the process P4-4 in the settlement server 4, the process P4-2 in the user terminal 2 and the process P4-1 in the shop terminal 1 will be described below with reference to FIG.

10 is a series of processes mainly executed by the store terminal 1 of FIG. 1, the payment server 4 and the user terminal 2 of FIG. 2 in the payment support process of FIG. 6, and includes process P4-4 and process P4. 2 is a flowchart illustrating a detailed flow of processing after the processing P4-1.

First, the processing after P4-4 performed by the payment server 4 will be described centering on the payment server 4 that is the center of the processing.
In step SP4-8, the payment server 4 creates a payment result packet for store terminals.
That is, the payment server 4 sends the authentication service code transmitted from the authentication server 3 in step Sa11 and the payment result generated in any of the above-mentioned steps SP4-2, SP4-3, SP4-6, SP4-7. The payment server information for store terminals including (and reason code in the case of NG) is generated in a packet. This packet is a payment result packet for store terminals.

In step Sa13, the payment server 4 transmits the payment server-side information for store terminals generated in step SP4-8 to the shop terminal 1.
Then, in step Sa13-2, the store terminal 1 acquires the payment server information for store terminals transmitted from the payment server 4 in step Sa13 and displays it.

In step SP4-9, the payment server 4 creates a payment result packet for the user terminal.
That is, the payment server 4 performs the authentication service code transmitted from the authentication server 3 in step Sa11 and the above-mentioned steps SP4-2, SP4-3, SP4-6, SP4-7, similarly to step SP4-8. The payment server information for the user terminal including the payment result (and the reason code in the case of NG) generated in any one is generated in a packet. This packet is the settlement result packet for the user terminal.

In step Sa14, the payment server 4 sets the user terminal 2 payment server information generated in step SP4-8 on condition that the higher-level request is transmitted from the user terminal 2 (process P4-4-1). Send to.
In step Sa15, the payment result acquisition unit 110 of the user terminal 2 acquires the payment server information for the user terminal (payment result) transmitted from the payment server 4 in step Sa14. The presentation unit 111 displays it.

The user terminal 2 also executes the following process before step Sa15.
That is, in step Sa9-2, the server authentication unit 108 of the user terminal 2 receives the S-OTID authentication packet transmitted from the authentication server 3.
That is, the server authentication unit 108 acquires, in packet units, the S-OTID transmitted from the authentication server 3 and the updated authentication seed in step Sa9-1.

In step SP3-3, the server authentication unit 108 determines whether the S-OTID acquired in step Sa9-1 is OK.
When the acquired S-OTID is NG, NO is determined in step SP3-3, and the process on the user terminal 2 side ends.
On the other hand, when the acquired S-OTID is OK, YES is determined in step SP3-3 and the process proceeds to step Sa9-3.
In step Sa9-3, the authentication seed updating unit 109 updates the authentication seed.

Here, in the above-described first embodiment, a series of payment support processing is realized by adopting the information processing system including the store terminal 1, the user terminal 2, the authentication server 3, and the payment server 4.
However, in order to realize such payment support processing, it is not always necessary to adopt the information processing system including the store terminal 1, the user terminal 2, the authentication server 3, and the payment server 4. For example, products and the like are provided not at actual stores but also at EC sites such as online shops.
Therefore, as another embodiment of the information processing system to which the present invention is applied, that is, a second embodiment, an information processing system including an EC site, a user terminal 2, an authentication server 3, and a payment server 4 is adopted. Good.
By adopting the second embodiment, the service provider can provide a wider range of payment services.
A server that manages such an EC site is hereinafter referred to as a "service server". The service server is managed by a company that operates an EC site and issues an authentication service code.

Here, the hardware configurations of the user terminal 2 and the authentication server 3 in the second embodiment are similar to those in the first embodiment shown in FIGS. 2 and 3, respectively. The hardware configuration of the service server 5 newly adopted in the second embodiment is the same as the hardware configuration of the authentication server 3 described above.

FIG. 11 is an example of the configuration of the information processing system according to the second embodiment of the present invention, and is a diagram showing the second embodiment of the present invention.
The information processing system shown in FIG. 11 includes a user terminal 2, an authentication server 3, a payment server 4, and a service server 5.
The user terminal 2, the authentication server 3, the settlement server 4, and the service server 5 are mutually connected via a predetermined network N such as the Internet.
The number of each of the user terminal 2, the authentication server 3, the settlement server 4, and the service server 5 may be any number of 1 or more.

In the second embodiment of the present invention, the payment support process is executed by the information processing system shown in FIG.
Here, FIG. 12 to FIG. 18 are a functional block diagram, a schematic diagram, an arrow chart, and a flowchart in the second embodiment of the present invention. These are basically the same except that the service server 5 is adopted instead of the store terminal 1, and therefore the description other than this point is omitted here.

That is, unlike the first embodiment, in the second embodiment, as shown in FIG. 13, the user terminal 2 uses higher-level application software (hereinafter, “high-level application software” for communicating with the service server 5 to provide products and the like. Called "app"). In addition, the user terminal 2 has an authentication module for communicating with the authentication server 3 without communicating with the service server 5 as communication for performing user authentication or the like.

In step Sb0-1, the service code acquisition unit 102 of the higher-level application of the user terminal 2 makes an access (service access) for requesting a settlement service for providing a product or the like to the service server 5.
In step Sb0-2, the service server 5 generates an authentication service code. In step Sb0-3, the service server 5 transmits the authentication service code to the user terminal 2. The service code acquisition unit 102 of the upper application of the user terminal 2 receives the authentication service code.

In the second embodiment, as indicated by the dotted line in FIG. 13, the upper request unit 101 of the upper application does not execute the upper request to the payment server 4 as in the first embodiment, but to the service server 5. , Request receipt of the settlement result (step Sb1).

In step Sb2, the PW input unit 103 of the higher-level application receives a password input from the user via the touch operation input unit 16.
In step Sb3-0, the upper application sends the authentication service code and the password to the authentication module.
Therefore, in step Sb3-2, the PW encryption unit 105 of the authentication module generates an encrypted password by encrypting the password.

In step Sb3-1, the C-OTID generation unit 104 of the authentication module generates a C-OTID based on the previously updated authentication seed and common encryption key.

In step Sb4, the user terminal information generation unit 106 of the authentication module, the encrypted password generated in step Sb3-2, the authentication service code acquired in step Sb0-3, and the C generated in step Sb3-1. User terminal information including the OTID (authentication server transmission packet generated in step Sb3-3 of FIG. 15) is transmitted to the authentication server 3.

Since the subsequent processing of the authentication server 3 and the payment processing of the payment server 4 are executed in the same manner as in the first embodiment, the description thereof will be omitted here.

Similar to the first embodiment, in step Sb9-1, the authentication server 3 transmits the S-OTID (authentication packet in FIG. 16) to the user terminal 2.
In step Sb13-1, the server authentication unit 108 of the authentication module of the user terminal 2 authenticates the authentication server 3 based on the S-OTID.
In step Sb13-2, the authentication seed updating unit 109 of the authentication module updates the authentication seed based on the result of being authenticated by the server authenticating unit 108.

On the other hand, the payment server 4 transmits the payment result to the service server 5 in step Sb17.
Here, unlike the first embodiment, in the second embodiment, the payment server 4 does not transmit the payment result to the user terminal 2.
That is, in the second embodiment, the service server 5 receives the above-mentioned result request from the user terminal 2, and transmits the payment result acquired from the payment server 4 to the user terminal 2 in step Sb18.
In step Sb19, the payment result acquisition unit 110 of the host application of the user terminal 2 acquires the payment result transmitted from the service server 5 in step Sb18. Then, the presentation unit 111 of the upper application displays the settlement result on the display unit 17.

Also in the second embodiment, when the payment processing is performed in the payment server 4 by implementing such payment support processing, the user terminal 2 acquires the authentication service code and the payment result with the service server 5. Since there is no need to perform any communication other than the above, there is no possibility that the personal information of the user will be transmitted to the service server 5.
Therefore, since the personal information of the user is not stored in the service server 5, there is no possibility that the personal information is leaked from the EC site 5 or is misused by a person who manages the EC site, unlike the conventional case.
As described above, also in the second embodiment, just as in the first embodiment, it is possible to achieve the effect of being able to reduce the risk of leakage of personal information in the settlement processing by the electronic method.

Although the first and second embodiments of the present invention have been described above, the present invention is not limited to the above-described first and second embodiments, and modifications within a range in which the object of the present invention can be achieved, Improvements and the like are included in the present invention.

For example, the authentication service code in the above-described embodiment can be used in the following applications.
That is, the authentication service code can be used for various services such as service login, access authentication (monitoring/control, etc.), access right (voting, questionnaire, etc.), in addition to the settlement of the above embodiment.
That is, the authentication service code is information issued by the service. Then, in order to prevent unauthorized authentication from being performed by the authentication service code, the authentication server and the user terminal check the authentication information.
Specifically, the following information is set in this authentication service code.
That is, for example, the target of the service (who, what), the content of the service (what, for example, the service login or payment, etc.), the person receiving the authentication result (who), the time limit (until when, usually the service Information such as code issuance within 60 seconds) and random number (request code) for each service is set.
That is, the authentication service code is read by the user terminal (authentication client) and notified to the authentication server.
Then, the authentication server notifies the designated who (who) of the authentication service code of the user information, and the designated who (who) notifies the designated who (who) of the Result.
This Result notifies, for example, a user ID, password, payment code, payment amount, time stamp, payment service, etc. If, for example, the designated who (who) is not specified, the authentication server The Authentication Service Code Issuer is notified of the Result.

Further, for example, in the above-described embodiment, the authentication service code is described as being notified by a QR code (registered trademark), but the present invention is not particularly limited to this.
For example, it is possible to use a communication means such as NFC (Near Field Radio Communication) (registered trademark), Bluetooth (registered trademark), and optical communication.

Further, for example, in the above-described embodiment, various authenticators (for example, C-OTID and S-OTID) have been described as one-time IDs.
The one-time ID is a true random number or a pseudo random number, and the authentication server 3 and the user terminal 2 update their seeds based on this. For this reason, in the communication performed between the user terminal 2 and the authentication server 3, in order to prevent the analogy of the one-time ID due to wiretapping, the communication using the common encryption key is adopted in the above-described embodiment. However, the communication performed between the user terminal 2 and the authentication server 3 is not limited to the above-described embodiment, and so-called plain text can be used.
Further, for example, the authentication using the one-time ID itself is not particularly limited, and another authentication technique such as a fixed password can be used.

Further, for example, in the above-described embodiment, the password input by the user is encrypted, and the encrypted password obtained as a result is included in the user terminal information and transmitted from the user terminal 2 to the authentication server 3. Then, in the authentication server 3, the above password is decrypted from the encrypted password included in the user terminal information, and the user authentication is performed based on the decrypted password and the C-OTID included in the user terminal information. ..
However, the encryption of the password is not particularly essential, and the encryption may be omitted. However, it goes without saying that encryption will increase security.
Further, as the information included in the user terminal information, the password is not particularly essential, and any identifier for identifying the user is sufficient.

Further, for example, the series of processes described above can be executed by hardware or software.
In other words, the functional configurations of FIGS. 4 and 12 are merely examples and are not particularly limited.
That is, it suffices if the information processing system has a function capable of executing the above-described series of processes as a whole, and what kind of functional block is used to realize this function is particularly shown in the examples of FIGS. Not limited. The location of the functional block is not particularly limited to that shown in FIGS. 4 and 12, and may be any location.
Further, one functional block may be configured by hardware alone, software alone, or a combination thereof.

Further, for example, when a series of processes is executed by software, a program forming the software is installed in a computer or the like from a network or a recording medium.
The computer may be a computer embedded in dedicated hardware.
Further, the computer may be a computer capable of executing various functions by installing various programs, such as a server, a smartphone, a personal computer, or various devices.

Further, for example, a recording medium including such a program is not only configured by a removable medium (not shown) which is distributed separately from the device body to provide the program to the user, but also a state where the recording medium is pre-installed in the device body. It is composed of a recording medium or the like provided to the user.

In the present specification, the steps for writing the program recorded in the recording medium include, not only the processing performed in time series according to the order, but also the processing performed in parallel or individually not necessarily in time series. It also includes the processing to be executed.
In addition, in the present specification, the term system is meant to mean an overall device including a plurality of devices and a plurality of means.

In other words, the information processing system to which the present invention is applied can take various kinds of embodiments having the following configurations.
That is, the information processing system to which the present invention is applied is
A request source device (for example, the store terminal 1 in FIG. 1 or the service server 5 in FIG. 11) managed by a service request source requesting payment as an authentication service,
A user terminal managed by a user who executes the authentication service (for example, the user terminal 2 in FIG. 1 or 11),
An authentication server for authenticating the user (for example, the authentication server 3 in FIG. 1 or FIG. 11),
A payment server that executes payment processing for the user (for example, the payment server 4 in FIG. 1 or 11),
In an information processing system including
The user terminal is
A service code acquisition unit (for example, the service code acquisition unit 102 in FIG. 4 or FIG. 12) that acquires an authentication service code used by the user as a general-purpose authentication code for executing the authentication service from the request source device;
A first authenticator generating unit (for example, the C-OTID generating unit 104 in FIG. 4 or 12) that generates a first one-time authenticator (C-OTID) indicating that the user terminal is authorized;
An identifier for identifying the user, the authentication service code, and first transmission information generating means for generating first transmission information including the first one-time authenticator (for example, user terminal information generation in FIG. 4 or 12). Part 106),
A first transmission control unit (for example, a user terminal information transmission control unit 107 in FIG. 4 or 12) that controls the transmission of the first transmission information to the authentication server;
Equipped with
The authentication server is
First reception control means (user terminal information acquisition unit 201 in FIG. 4 or FIG. 12) that controls to receive the first transmission information from the user terminal,
A user authentication unit that generates a user parameter indicating an authentication result of the user based on the identifier included in the first transmission information and the first one-time authenticator included in the first transmission information (for example, FIG. 4 or the user authentication unit 203) of FIG.
Second transmission control means (control server information of FIG. 4 or FIG. 12) for controlling the transmission of the second transmission information including the authentication service code included in the first transmission information and the user parameter. Transmission control unit 205),
Is sufficient.

Accordingly, the store to be settled can be specified by the authentication service code described above, and an individual at the time of settlement can be set between the user terminal and the request source device (for example, the store terminal 1 in FIG. 1 or the service server 5 in FIG. 11). There is no need to send or receive information. Therefore, it is possible to reduce the risk of leakage of personal information in the settlement processing by an electronic method.

Further, the first transmission information generation means is
As the identifier for identifying the user, an encrypted password is generated by encrypting the input password, and the encrypted password, the authentication service code, and the first one-time authenticator are included. Generate the first transmission information,
The user authentication means, based on the password obtained by decrypting the encrypted password included in the first transmission information and the first one-time authenticator included in the first transmission information, the authentication result of the user. Can be generated.
As a result, eavesdropping during communication of the identifier for identifying the user can be suppressed, and security is further enhanced.

Further, the authentication server is
A second authenticator generating unit that generates a second one-time authenticator (S-OTID) indicating that the authentication server is legitimate based on the authentication seed updated last time, and updates the authentication seed (for example, FIG. 4 or the generation function of the S-OTID generation/update unit 206 of FIG. 12),
Third transmission control means (for example, the transmission control function of the S-OTID generation/update unit 206 of FIG. 4 or 12) that controls the transmission of the second one-time authenticator (S-OTID) to the user terminal,
Further equipped with,
The first authenticator generating means of the user terminal generates the first one-time authenticator (C-OTID) based on the authentication seed updated last time,
The user terminal authenticates the authentication server based on the second one-time authenticator and updates the authentication seed (for example, the server authentication unit 108 in FIG. 4 or FIG. 12),
It is enough to further prepare.

As a result, mutual authentication between the user terminal and the request source device can be performed more accurately, so that the risk of leakage of personal information can be further reduced in the settlement process by an electronic method.

Further, the payment server recognizes the authentication result of the user based on the user parameter, executes the payment process if the authentication of the user is successful, and fails the authentication of the user. In this case, a predetermined error process is executed, and at least the request source device is notified of the settlement result indicating the execution content,
The user terminal is
An acquisition unit (for example, the payment result acquisition unit 110 in FIG. 4 or 12) that acquires the payment result from the payment server or the request source device;
Presentation means for presenting the acquired settlement result to the user (for example, the presentation unit 111 in FIG. 4 or 12),
It is enough if you have more.

According to the above configuration, the result of the payment processing executed by the payment server (payment processing result) is transmitted to the user terminal and the request source device. Then, the user terminal can present the settlement processing result to the user.
As a result, the user can accurately grasp whether or not the above-mentioned payment support processing has been normally completed.

1 Store Terminal 2 User Terminal 3 Authentication Server 4 Payment Server 5 Service Server 11 CPU
31 CPU
101 Upper Request Unit 102 Service Code Acquisition Unit 103 PW Input Unit 104 C-OTID Generation Unit 105 PW Encryption Unit 106 User Terminal Information Generation Unit 107 User Terminal Information Transmission Control Unit 108 Server Authentication Unit 109 Authentication Seed Update Unit 110 Payment Result Acquisition Part 111 Presentation part 201 User terminal information acquisition part 202 Decryption part 203 User authentication part 204 User parameter conversion part 205 Authentication server information transmission control part 206 S-OTID generation update part 301 UPDB

Claims (4)

A request source device managed by a service request source that requests payment as an authentication service,
A user terminal managed by a user who executes the authentication service,
An authentication server for authenticating the user,
A payment server that executes payment processing for the user;
In an information processing system including
The user terminal is
Service code acquisition means for acquiring from the request source device an authentication service code used by the user as a general-purpose authentication code for executing the authentication service;
First authenticator generating means for generating a first one-time authenticator indicating that the user terminal is legitimate;
An identifier for identifying the user, the authentication service code, and first transmission information generating means for generating first transmission information including the first one-time authenticator,
First transmission control means for controlling transmission of the first transmission information to the authentication server,
Equipped with
The authentication server is
First reception control means for controlling to receive the first transmission information from the user terminal,
A user authentication unit that generates a user parameter indicating an authentication result of the user based on the identifier included in the first transmission information and the first one-time authenticator included in the first transmission information;
Second transmission control means for controlling to transmit the second transmission information including the authentication service code included in the first transmission information and the user parameter to the payment server;
With
Information processing system. The first transmission information generating means,
As the identifier for identifying the user, an encrypted password is generated by encrypting the input password, and the encrypted password, the authentication service code, and the first one-time authenticator are included. Generate the first transmission information,
The user authentication means, based on the password obtained by decrypting the encrypted password included in the first transmission information and the first one-time authenticator included in the first transmission information, the authentication result of the user. Generating the user parameter indicating
The information processing system according to claim 1. The authentication server is
Second authenticator generating means for generating a second one-time authenticator indicating that the authentication server is legitimate based on the authentication seed updated last time, and updating the authentication seed;
Third transmission control means for controlling transmission of the second one-time authenticator to the user terminal;
Further equipped with,
The first authenticator generating means of the user terminal generates the first one-time authenticator based on the authentication seed updated last time,
The user terminal further includes a server authentication unit that authenticates the authentication server based on the second one-time authenticator and updates the authentication seed.
The information processing system according to claim 1. The payment server recognizes an authentication result of the user based on the user parameter, executes the payment process if the user authentication is successful, and executes the payment process if the user authentication is unsuccessful. Executes a predetermined error process, and notifies at least the request source device of a settlement result indicating the execution content,
The user terminal is
An acquisition unit that acquires the payment result from the payment server or the request source device;
Presentation means for presenting the acquired settlement result to the user,
Further comprising,
The information processing system according to any one of claims 1 to 3.

Images