JP2021163469A - Financial transaction method, financial transaction system, and financial transaction program - Google Patents

Abstract

To easily discriminate fraudulent account inquiries with high accuracy.SOLUTION: According to one embodiment of the present invention, a financial transaction system includes: an account inquiry history information acquisition unit that acquires account inquiry history information including an inquiry result corresponding to each of multiple pieces of account information transmitted from a first financial institution server; and an account inquiry determination unit that determines whether an account inquiry is fraudulent based on the acquired account inquiry history information. The multiple pieces of account information may be transmitted from a terminal of a user and associated with an identifier of the user.SELECTED DRAWING: Figure 2

Description

The present invention relates to financial transaction methods, financial transaction systems and financial transaction programs.

An integrated ATM system is currently in operation as a financial transaction method that connects financial institutions. By using an integrated ATM system, ATMs (Automatic Teller Machines) and CDs (Cash Dispensers) of each financial institution are connected via a network, making it easy to make cash payments, balance inquiries, and transfers to other banks using ATMs of other banks. It can be carried out. Patent Document 1 discloses a transfer method using an integrated ATM system. By using the integrated ATM system, transfers to other banks can be processed in a batch, which greatly improves user convenience.

Japanese Unexamined Patent Publication No. 2012-53615

When processing transfers to other banks in a batch in an integrated ATM system, it is common practice to acquire account information (account inquiry) in advance before the transfer processing. While it is convenient to be able to acquire account information in advance, there is a risk that account information will be illegally acquired. In addition, the number of account inquiries is enormous, and it is complicated to monitor each case for fraudulent account inquiries.

In addition, when making an account inquiry, it may take time to arrange the terms and conditions in order to make the integrated ATM system available to the entire financial institution.

In view of such a problem, one of the objects of the present invention is to easily and highly accurately discriminate fraudulent account inquiries. Alternatively, one of the objects of the present invention is to quickly determine fraudulent account inquiries. Alternatively, one of the objects of the present invention is to promptly inquire accounts between financial institutions.

According to one embodiment of the present invention, it is determined whether or not the account inquiry is fraudulent based on the account inquiry history information including the inquiry result corresponding to each of the plurality of account information transmitted from the first financial institution server. A financial transaction method is provided.

In the financial transaction method, the plurality of account information may be transmitted from the user's terminal and associated with the user's identifier.

In the above financial transaction method, when the plurality of account information is a predetermined number or more, it may be determined that the account inquiry is fraudulent.

In the above financial transaction method, when the plurality of account information includes a predetermined number or more consecutive account numbers, it may be determined that the account inquiry is fraudulent.

In the above financial transaction method, when the first number or more consecutive account numbers are arranged in order in the plurality of account information, it may be determined that the account inquiry is fraudulent.

In the above financial transaction method, the account information data set including the plurality of account information is a second number or more, and each of the second number or more account information data sets is continuous less than the first number. When the account numbers are arranged in order, it may be determined that the account inquiry is fraudulent.

In the above financial transaction method, the plurality of account information and the actual account information stored in the first financial institution server are inquired, and when the first number or more of the inquiry results do not match, a fraudulent account is used. It may be determined that it is an inquiry.

In the financial transaction method, the account information data set including the plurality of account information is a second number or more, and the plurality of account information and the first first in each of the second number or more account information data sets. The actual account information stored in the financial institution server may be inquired, and when the inquiry results less than the first number do not match, it may be determined that the account inquiry is fraudulent.

In the above financial transaction method, when the transfer date for which the transfer process is performed using the account information based on the inquiry result is different from the scheduled transfer date based on the account information by a predetermined number of days or more, it is determined that the account inquiry is fraudulent. You may.

In the above financial transaction method, when it is determined that the account inquiry is fraudulent, predetermined information may be notified to the user's terminal.

According to one embodiment of the present invention, an account inquiry history information acquisition unit that acquires account inquiry history information including inquiry results corresponding to each of a plurality of account information transmitted from the first financial institution server, and the acquired account inquiry history information acquisition unit. A financial transaction system is provided that includes an account inquiry determination unit that determines whether or not an account inquiry is fraudulent based on the account inquiry history information.

In the financial transaction system, the plurality of account information may be transmitted from a user's terminal and associated with the user's identifier.

In the financial transaction system, the account inquiry determination unit may determine that the account inquiry is fraudulent when the plurality of account information is a predetermined number or more.

In the financial transaction system, the account inquiry determination unit may determine that the account inquiry is fraudulent when the plurality of account information includes a predetermined number or more consecutive account numbers.

In the financial transaction system, even if the account inquiry determination unit determines that the account inquiry is fraudulent when the first number or more consecutive account numbers are arranged in order in the plurality of account information. good.

In the financial transaction system, the account information data set including the plurality of account information is the second number or more, and the account inquiry determination unit is the second number or more in each of the second number or more account information data sets. When consecutive account numbers less than the number of 1 are arranged in order, it may be determined that the account inquiry is fraudulent.

In the financial transaction system, the account inquiry determination unit inquires the plurality of account information and the actual account information stored in the first financial institution server, and the first number or more of the inquiry results do not match. At some point, it may be determined that the account inquiry is fraudulent.

In the financial transaction system, the account information data set including the plurality of account information is a second number or more, and the account inquiry determination unit is the plurality of account information data sets including the second number or more. And the actual account information stored in the first financial institution server are inquired, and when the inquiry result less than the first number does not match, it is determined that the account inquiry is fraudulent. May be good.

In the financial transaction system, the account inquiry determination unit is fraudulent when the transfer date for performing the transfer process using the account information based on the inquiry result is different from the scheduled transfer date based on the account information by a predetermined number of days or more. It may be determined that it is an account inquiry.

In the financial transaction system, when the account inquiry determination unit determines that the account inquiry is fraudulent, it may include a notification unit that notifies a user's terminal of predetermined information.

According to one embodiment of the present invention, the computer acquires the user's account inquiry request information including the inquiry purpose information, and the relationship between the account inquiry request information and the information stored in advance in the storage device can be inquired. When is satisfied, a financial transaction method is provided that directs the account inquiry process associated with the account inquiry request information.

In the above financial transaction method, the information stored in advance may include the consent user information of the user whose account inquiry has been accepted or the inquiry purpose information capable of making an account inquiry.

In the financial transaction method, the inquiry-possible condition may include that the account inquiry request information and the consenting user information or the inquiry purpose information that can be inquired about the account match at least in part.

In the financial transaction method, the consent user information includes the consent user identification information and the consent user parameters associated with the consent user identification information, and the account inquiry request information is an account inquiry parameter different from the inquiry purpose information. When the relationship between the consent user parameter and the account inquiry parameter satisfies the second inquiry possibility condition, the account inquiry process associated with the account inquiry request information may be instructed.

In the financial transaction method, when the account inquiry request information further includes an account inquiry parameter different from the inquiry purpose information and the relationship between the inquiry purpose information and the account inquiry parameter satisfies the second inquiry possibility condition, the above. You may instruct the account inquiry process associated with the account inquiry request information.

In the financial transaction method, the account inquiry parameter may include a group parameter to which the user belongs.

In the financial transaction method, the account inquiry request information is a plurality, and the computer satisfies a predetermined condition in the relationship between the account inquiry availability data for the plurality of account inquiry request information and the account inquiry parameter. Occasionally, the account inquiry associated with the account inquiry request information may be stopped.

In the financial transaction method, the computer may transmit the correction instruction information of the stopped account inquiry request information to the terminal of the user.

In the financial transaction method, the computer may delete the consent user information of the user whose account inquiry has been stopped from the storage device.

According to one embodiment of the present invention, there is provided a financial transaction program that causes the computer to execute the financial transaction method.

According to one embodiment of the present invention, the relationship between the account inquiry request information acquisition unit that acquires the user's account inquiry request information including the inquiry purpose information, the inquiry purpose information, and the information stored in advance in the storage device is When the inquirable condition is satisfied, a financial transaction system is provided, which includes an account inquiry instruction unit that instructs an account inquiry process associated with the account inquiry request information.

In the financial transaction system, the information stored in advance may include the consent user information of the user whose account inquiry has been accepted or the inquiry purpose information capable of making an account inquiry.

In the financial transaction system, the inquiry-possible condition may include that the account inquiry request information and the consenting user information or the inquiry purpose information that can be inquired about the account match at least in part.

In the financial transaction system, the consent user information includes the consent user identification information and the consent user parameters associated with the consent user identification information, and the account inquiry request information is an account inquiry parameter different from the inquiry purpose information. Further, the account inquiry instruction unit instructs the account inquiry process associated with the account inquiry request information when the relationship between the consent user parameter and the account inquiry parameter satisfies the second inquiry possibility condition. You may.

In the financial transaction system, the account inquiry request information further includes an account inquiry parameter different from the inquiry purpose information, and the account inquiry instruction unit has a second inquiry regarding the relationship between the inquiry purpose information and the account inquiry parameter. When the possible condition is satisfied, the account inquiry process associated with the account inquiry request information may be instructed.

In the financial transaction system, the account inquiry parameter may include a group parameter to which the user belongs.

In the financial transaction system, the account inquiry request information is a plurality, and when the relationship between the account inquiry availability data for the plurality of account inquiry request information and the account inquiry parameter satisfies a predetermined condition, the said It may include an account inquiry suspension unit that suspends the account inquiry associated with the account inquiry request information.

In the financial transaction system, a transmission unit that transmits correction instruction information of the stopped account inquiry request information to the user's terminal may be included.

In the financial transaction system, the account inquiry suspension unit may delete the inquiry request user information of the user whose account inquiry has been suspended from the storage device.

By using one embodiment of the present invention, fraudulent account inquiries can be easily and highly accurately identified. Alternatively, by using one embodiment of the present invention, fraudulent account inquiries can be quickly determined. Alternatively, by using one embodiment of the present invention, it is possible to make a quick account inquiry between financial institutions.

It is a figure which shows the structure of the hardware in the financial transaction system which concerns on 1st Embodiment of this invention. A functional block diagram composed of each component of the financial transaction system according to the first embodiment of the present invention is shown. This is an example of the data structure of account inquiry history information. It is a flow chart of the financial transaction method which concerns on 1st Embodiment of this invention. This is an example of an account information input interface. It is a flow chart of the financial transaction method which concerns on 1st Embodiment of this invention. This is an example of a data structure of account inquiry history information indicating fraudulent account inquiry. This is an example of a data structure of account inquiry history information indicating fraudulent account inquiry. This is an example of a data structure of account inquiry history information indicating fraudulent account inquiry. This is an example of a data structure of account inquiry history information indicating fraudulent account inquiry. This is an example of a data structure of account inquiry history information indicating fraudulent account inquiry. It is a flow chart of the financial transaction method which concerns on 2nd Embodiment of this invention. This is an example of an input interface for bank transfer information. It is a flow chart of the financial transaction method which concerns on 2nd Embodiment of this invention. A functional block diagram composed of each component of the financial transaction system according to the third embodiment of the present invention is shown. This is an example of the data structure of account inquiry request information. This is an example of the data structure of the industry code. This is an example of the data structure of financial institution information. This is an example of the data structure of the accepted user information. It is a flow chart of the financial transaction method which concerns on 3rd Embodiment of this invention. This is an example of an input interface for account inquiry acceptance request information. It is a flow chart of the financial transaction method which concerns on 3rd Embodiment of this invention. This is an example of an input interface for account inquiry request information. This is an example of the data structure of the judgment result of the account inquiry request information. It is a flow chart of the financial transaction method which concerns on 3rd Embodiment of this invention. It is a flow chart of the financial transaction method which concerns on 3rd Embodiment of this invention. This is an example of the data structure of account inquiry request information.

Hereinafter, embodiments of the present invention will be described with reference to drawings and the like. However, the present invention can be implemented in many different modes and is not construed as being limited to the description of the embodiments illustrated below. The drawings may be schematically shown for the sake of clarity, but they are merely examples and do not limit the interpretation of the present invention.

In addition, the letters "1st" and "2nd" for each element are convenient signs used to distinguish each element, and have more meaning unless otherwise specified. No. In addition, in the drawing referred to in this embodiment, the same code or a similar code (a code obtained by simply adding A, B, 1, 2, etc. to the number xxx) is attached to the same part or the part having the same function. However, the repeated description may be omitted. In addition, a part of the configuration may be omitted from the drawing. In addition, if it can be recognized by a person who has ordinary knowledge in the field to which the present invention belongs, no particular explanation will be given.

<First Embodiment>
The financial transaction system and the financial transaction method according to the first embodiment of the present invention will be described in detail with reference to the drawings.

(1-1. Hardware configuration of financial transaction system)
FIG. 1 shows the hardware configuration of the financial transaction system 1. In a part of the configuration of the financial transaction system 1, the determination process of whether or not there is a fraudulent account inquiry is easily and highly accurately executed by using the account inquiry history information obtained by adding the account inquiry result to the account information. As shown in FIG. 1, the financial transaction system 1 includes a bank server 10 (also referred to as a first financial institution server), an integrated ATM server 20, another bank server 30 (also referred to as a second financial institution server), and a user terminal 40. include. The own server 10 functions as a database and an application server for monitoring fraudulent account inquiries for account information transmitted from the user terminal 40. The integrated ATM server 20 functions as a server that transmits information requested to be processed by the own server 10 to another server. The other bank server 30 (also referred to as a second financial institution server) is a server that performs an account inquiry according to account information and a transfer process according to an account transfer request. The user terminal 40 is a terminal that makes an account inquiry request and an account transfer request to the own server 10. In FIG. 1, two other-bank servers 30 (other-bank server 30-1 and other-bank server 30-2) are provided, but one or three or more may be provided. For the sake of explanation, it will be described as one other bank server 30 in the following description. Further, the financial transaction system 1 may be composed of the own bank server 10, the integrated ATM server 20, and the other bank server 30. Next, the configuration of each hardware will be described below.

The own server 10 has a control unit 11, a storage unit 12, a communication unit 13, and a display unit 14. The control unit 11, the storage unit 12, the communication unit 13, and the display unit 14 are connected via a bus.

The control unit 11 is one of the computers, and uses a CPU (Central Processing Unit), an ASIC (Application Specific Integrated Circuit), an FPGA (Field Programmable Gate Array), or an FPGA (Field Programmable Gate Array), or other arithmetic processing circuit. Controls processing based on the instructions specified in the software (program) for monitoring fraudulent account inquiries. Further, a user interface for executing the fraudulent account inquiry monitoring program may be provided to the display unit 14 by an instruction from the control unit 11.

In the storage unit 12, in addition to SSD (Solid State Drive) semiconductor memory and the like, a magnetic recording medium (magnetic tape, magnetic disk, etc.), an optical recording medium, an optical magnetic recording medium, and other storable elements are used. The storage unit 12 has a function as an account inquiry history information database that stores the fraudulent account inquiry monitoring program and stores the account information used in the fraudulent account inquiry monitoring program and the account inquiry history information that stores the account inquiry result. The storage unit 12 may be appropriately provided on a server different from the own server 10 and function as a database. Therefore, the storage unit 12 can also be called a storage device.

The communication unit 13 has a transceiver and communicates account information, account transfer information, and other related information with the integrated ATM server 20, the user terminal 40, and the other bank server 30 via the network 50. The Internet (specifically, SSL (Secure Sockets)) is used for communication between the communication unit 13 and the integrated ATM server 20, the user terminal 40, and the other bank server 30.
Layer) / TLS (Transport Layer Security) or VPN (Virtual Private Network)) is used.

The integrated ATM server 20 includes a control unit 21, a storage unit 22, a communication unit 23, and a display unit 24. The control unit 21, the storage unit 22, the communication unit 23, and the display unit 24 are connected via a bus.

The control unit 21 is one of the computers, and controls the financial transaction processing based on the instruction specified by the integrated ATM server 20 by using the CPU, ASIC, FPGA, or other arithmetic processing circuit. The control information may be displayed on the display unit 24.

The storage unit 22 stores the financial transaction processing program and other related information in the integrated ATM server 20.

The communication unit 23 performs information communication with the own server 10, the other server 30, and the user terminal 40 via the network 50. The Internet (specifically, SSL / SSL or VPN) is used for communication between the communication unit 23 and the own server 10, the other server 30, and the user terminal 40.

The other bank server 30 has a control unit 31, a storage unit 32, a communication unit 33, and a display unit 34. The control unit 31, the storage unit 32, the communication unit 33, and the display unit 34 are connected via a bus.

The control unit 31 is one of the computers, and controls the processing based on the instruction specified in the account inquiry, the transfer processing, and other financial transaction programs by using the CPU, ASIC, FPGA, or other arithmetic processing circuit. At the same time, various processes are controlled based on the instructions specified by the program related to the fraudulent account inquiry monitoring program. Further, the user interface for executing the above program may be displayed on the display unit 34 by an instruction from the control unit 31.

The storage unit 32 stores information related to the transfer processing program and the fraudulent account inquiry monitoring program in the server 30 of the other bank.

The communication unit 33 performs information communication with the own server 10 and the integrated ATM server 20 via the network 50. The Internet (specifically, SSL / SSL or VPN) is used for communication between the communication unit 33 and the own server 10 and the integrated ATM server 20.

The user terminal 40 has a display unit 41, a control unit 42, a storage unit 43, an operation unit 44, and a communication unit 45. The display unit 41, the control unit 42, the storage unit 43, the operation unit 44, and the communication unit 45 are connected via a bus. The user terminal 40 includes a smartphone, a mobile phone (feature phone), a tablet terminal, a notebook PC (Personal Computer), a desktop PC, and an IoT (Internet of Things) device (for example, a power supply mechanism, a communication function, and an information storage mechanism). It may be a device provided) or the like, and is applicable as long as it can communicate with the own server 10 through the network. Examples of the user who uses the user terminal 40 include a non-life insurance company, a life insurance company, and a credit card company.

The display unit 41 is a display device such as a liquid crystal display or an organic EL (Electroluminescence) display, and the display content is controlled by a signal input from the control unit 42.

The control unit 42 is one of the computers, and includes a CPU, an ASIC, an FPGA, or another arithmetic processing circuit. The control unit 42 executes a program stored in a storage unit 43 such as a memory based on the operations of the display unit 41 and the operation unit 44. Further, the control unit 42 transmits information for instructing the execution of the process related to the fraudulent account inquiry monitoring program stored in the storage unit 12 of the own server 10.

The operation unit 44 includes a controller, a button, or a switch. When the user performs an operation such as moving, pressing, or rotating up / down / left / right using the operation unit 44, information based on the operation is input to the control unit 42. If the display device (touch panel) has a touch sensor, the display unit 41 and the operation unit 44 may be arranged at the same location.

The communication unit 45 has a function of transmitting and receiving to and from the own server 10. For example, a transceiver via a LAN is used for the communication unit 45. The communication unit 45 is not limited to a transceiver via LAN, and may be provided with a transceiver for communication for mobile terminals (for example, LTE communication), or may be provided with a transceiver for short-range wireless communication. You may. The user terminal 40 is connected to the own server 10 via the network 50.

(1-2. Configuration of fraudulent account inquiry monitoring control unit 100)
FIG. 2 shows a functional block diagram composed of each component of the financial transaction system 1.

The own server 10 has a fraudulent account inquiry monitoring control unit 100 that controls a program (a fraudulent account inquiry monitoring program) that realizes a fraudulent account inquiry monitoring function. The fraudulent account inquiry monitoring control unit 100 includes an account inquiry history information acquisition unit 110, an account inquiry determination unit 120, and a notification unit 130.

The account inquiry history information acquisition unit 110 inquires corresponding to each of a plurality of account information account information to be inquired associated with an identifier transmitted from the user terminal 40 and a plurality of account information transmitted from another bank server. It has a function to acquire the result as account inquiry history information. The information acquired by the account inquiry history information acquisition unit 110 is stored in the account inquiry history information database 12a of the storage unit 12 of the own server 10.

FIG. 3 is an example of the data structure of the account inquiry history information 111 stored in the account inquiry history information database 12a in the storage unit 12. The account inquiry history information 111 includes the account information 113 and the inquiry result 115. The requester 112a, the requester identification number 112b, the request file 112c for account inquiry, and the account information 113 are the information input by the user terminal 40. In this example, the account information 113 includes a request number 113a, a purpose code 113b, a financial institution name 113c, a branch name 113d, a deposit type 113e, an account number 113f, and an account holder 113g.

The requester 112a refers to a user who requests an account inquiry. The user in this case is a user who uses the user terminal 40. For example, the user may be a corporation such as a non-life insurance company, a life insurance company, or a credit card company. The person is not limited to a corporation and may be a natural person.

A plurality of account information 113s that require an account inquiry are provided in the request file 112c (also referred to as an account information data set). In this example, the ten account information is provided in the request file 112c whose one request file name is A001.

The request number 113a (also referred to as a transaction serial number) is an identifier associated with each account information. In this example, the request number 113a consists of seven characters including alphabets and numbers, and is arranged in order from the top. The request number 113a may be further combined with the date.

The purpose code 113b indicates the purpose of the account inquiry. For example, when the purpose is only an account inquiry, the purpose code 113b describes only the inquiry (0A). When making a transfer after making an account inquiry, it is described as inquiry + transfer (1A1W). More specifically, 1A01 if the transfer is made one day after the account inquiry, 1A1W if the transfer is made one week after the account inquiry, 1A1M if the transfer is made one month after the account inquiry, and the account inquiry. If the transfer is made 12 months later, it will be described as 1A12M.

In the inquiry result 115, the result of the account inquiry corresponding to each account information 113 is described. In this example, a match or a mismatch is determined depending on whether or not each of the information described in the account information completely matches the account information recorded in the server 30 of the other bank. In this case, if even one character is different, it is determined as a mismatch. In addition, as a description in the case of inconsistency, a difference in account number, a difference in account holder, or a difference in deposit type may be specifically described.

The account inquiry determination unit 120 has a function of determining whether or not the account information is fraudulent based on the account inquiry history information. When the account inquiry history information meets the predetermined conditions, the account inquiry determination unit 120 determines that the account inquiry is fraudulent.

When the account inquiry determination unit 120 determines that the account information transmitted from the user terminal 40 is an invalid account inquiry, the notification unit 130 stops the account inquiry corresponding to the user's identification number (identifier). It has a function of notifying the user terminal 40.

The integrated ATM server 20 instructs another bank server 30 to execute financial transaction processing based on an instruction specified in the financial transaction processing program stored in the storage unit 22, and is a program related to a fraudulent account inquiry monitoring program. The process is executed based on the instruction specified in. The integrated ATM server 20 includes a receiving unit 210 and a transmitting unit 220 as functional units. The receiving unit 210 receives the financial transaction request information (in this example, the account information or the transfer request information) transmitted from the own server 10. The transmission unit 220 transmits the financial transaction request information to the server 30 of another bank.

The other bank server 30 executes the account inquiry process and the transfer process based on the instruction specified by the financial transaction processing program stored in the storage unit 32, and also executes the instruction specified by the program related to the fraudulent account inquiry monitoring program. Perform processing based on. The other bank server 30 includes a receiving unit 310, an account inquiry processing unit 320, a transfer processing unit 330, and a transmitting unit 340 as functional units. The receiving unit 310 receives the financial transaction request information (account information or transfer request information in this example) transmitted from the integrated ATM server 20. The account inquiry processing unit 320 executes the account inquiry processing based on the account information. The transfer processing unit 330 executes a transfer (remittance) process to a predetermined account based on the transfer request information. The transmission unit 340 transmits financial transaction information (in this example, account inquiry result or transfer completion information) to the integrated ATM server 20.

The user terminal 40 executes the financial transaction processing stored in the storage unit 43 or the processing specified in the program related to the fraudulent account inquiry monitoring control program. The user terminal 40 has a receiving unit 410 and a transmitting unit 420 as functional units, respectively. The receiving unit 410 has a function of receiving various transaction information including the account inquiry result from the own server 10. The transmission unit 420 has a function of transmitting various request information to the own server 10.

(1-3. Financial transaction method)
Next, a financial transaction method based on an instruction by the fraudulent account inquiry monitoring program in the fraudulent account inquiry monitoring control unit 100 will be described. In the present embodiment, a method for monitoring fraudulent account inquiries when only account inquiries are made will be described.

4 and 6 are flow charts of financial transaction methods. As shown in FIG. 4, first, the account information to be the target of the account inquiry is input on the user terminal 40 (S101). The account information is input on the input screen of the own bank's Internet banking displayed on the display unit 41 of the user terminal 40.

FIG. 5 is an example of a user interface for inputting account information that is the target of an account inquiry. The user is the requester 112a, the requester identification number 112b, the purpose code 113b, the financial institution name 113c, the branch name 113d, the deposit type 113e, the account number 113f, the account holder 113.
Enter g. When making a plurality of account inquiry requests, the following account information can be input by pressing the add button 117. When all the inputs are completed, the request number is set for each account information by pressing the input completion button 119. When the account information is input consecutively, the request file number is set as an account information data set including a plurality of account information.

After the input of the account information is completed, the account information to be inquired is transmitted as a request message from the transmission unit 420 of the user terminal 40 to the own server 10 (S103). When there are a plurality of account information to be inquired, a data file may be generated and stored in advance in the user terminal 40, and the information may be uploaded to the own server 10 via the network. When the own server 10 receives the account information, the account information is stored in the account inquiry history information database 12a (S105).

Next, the own server 10 transmits the account information to the integrated ATM server 20 (S107). When the integrated ATM server 20 receives the account information (S109), the integrated ATM server 20 transmits the account information to the other bank server 30 corresponding to the account information (S111).

Next, when the other bank server 30 receives the account information (S113), the account inquiry process is executed (S115). Specifically, a match or a mismatch is determined depending on whether or not each of the information described in the account information completely matches the account information recorded in the server 30 of the other bank. In this case, if even one character is different, it is treated as a mismatch. The inquiry result is input in association with the request number. If the inquiry results do not match, simple input such as mismatch, NG, etc. may be used, or specific input such as account number difference (no account), account holder difference, or deposit type difference may be made. After the account inquiry is completed, the other bank server 30 transmits the account inquiry result to the integrated ATM server 20 (S117).

Next, when the integrated ATM server 20 receives the account inquiry result (S119), the integrated ATM server 20 transmits the account inquiry result to the own server 10 based on the request number corresponding to the account inquiry result (S121).

Next, when the account inquiry history information acquisition unit 110 of the own server 10 receives the account inquiry result (S123), as shown in FIG. 6, the account inquiry result is combined with the account information associated with the same request number. It is stored in the account inquiry history information database 12a as inquiry history information (S201).

When the account inquiry history information is stored, the account inquiry determination unit 120 determines whether or not the requested account inquiry is a fraudulent account inquiry (S203). At this time, the account inquiry determination unit 120 determines whether the same user has made an account inquiry in the past (S205). If there is no account inquiry by the same user in the past (S205; No), it is determined whether or not the account inquiry is fraudulent based on the current account inquiry history information. When the same user has made an account inquiry in the past (S205; Yes), the determination may be made in combination with the past account inquiry history information (S206). For example, there is a case where the same user makes an account inquiry using a predetermined number (specifically, 3) of request files immediately before this determination.

The account inquiry determination unit 120 determines whether the account inquiry history information meets the predetermined conditions. The method of determining fraudulent account inquiry when the purpose is only account inquiry will be described below.

FIG. 7 is an example of fraudulent account inquiry. In the case of the account inquiry history information of FIG. 7, in the account inquiry request history information in the same request file, consecutive account numbers are inquired in order of a predetermined number or more (10 in total in this example). In this case, even if the account inquiries match in one of the ten cases, it is determined that the account inquiry request of the requester xxxxxx is a fraudulent account inquiry.

FIG. 8 is an example of fraudulent account inquiry. In the case of the account inquiry history information of FIG. 8, inquiries are made so that there are a predetermined number or more (10 in total in this example) of consecutive account numbers in the account inquiry request history information in the same request file. In this case, even if some of the account inquiries in the request file match, it is determined that the requester's account inquiry request is an invalid account inquiry.

FIG. 9 is an example of fraudulent account inquiry. In the case of the account inquiry history information of FIG. 9, in the account inquiry request history information in the same request file (account information data set) A001), there are more than a predetermined number of account inquiry inconsistencies (10 in total in this example). do. In this case, it is determined that the requester's account inquiry request is a fraudulent account inquiry.

FIG. 10 is an example of fraudulent account inquiry. The account inquiry history information of FIG. 10 includes a predetermined number (also referred to as a second number, three in this example) request files (account information data set) A001, A002, and A003 by the same requester. At this time, less than 10 consecutive account numbers are continuously inquired in the account information of the request file A001, the request file A002, and the request file A003. In this case, unlike the case of FIG. 7, even if the number of consecutive account numbers in one request file is less than a predetermined number (also called the first number, a total of 10 in this example), the requester xxxxxx The account inquiry request is determined to be a fraudulent account inquiry.

FIG. 11 is an example of fraudulent account inquiry. The account inquiry history information of FIG. 10 includes a predetermined number (also referred to as a second number, 10 in this example) request files (account information data set) A001 to A010 by the same requester. At this time, in the account information of the request files A001 to A010, there is a mismatch of the account inquiry with less than 10 account numbers and a match of one account inquiry. In this case, unlike the case of FIG. 9, even if the account numbers in one request file are less than a predetermined number (also called the first number, a total of 10 in this example), the requester does not match. It is determined that the xxxxxx account inquiry request is a fraudulent account inquiry.

In addition to the above, even when the number of account information to be inquired from the same requester exceeds a predetermined number, it may be determined that the account inquiry is fraudulent.

When the account inquiry history information does not correspond to any of the above cases, the account inquiry determination unit 120 determines that the account inquiry request of the requester xxxxxx is a legitimate account inquiry (S207; No). At this time, the own server 10 transmits the account inquiry result to the user terminal 40 (S209). When the user terminal 40 receives the account inquiry result (S211), the user terminal 40 may display on the display unit 41 that the account inquiry result has been received.

On the other hand, when the account inquiry history information corresponds to any of the above cases, the account inquiry determination unit 120 determines that the account inquiry request of the requester xxxxxx is an illegal account inquiry (S207; Yes). At this time, the account inquiry determination unit 120 of the own server 10 suspends the account inquiry by the requester xxxxxx (identification number 12345) (suspends the account) (S213).

When the account inquiry suspension process is completed, the notification unit 130 sends a telegram to the user terminal 40 to notify that the account inquiry by the requester xxxxxx has been stopped (S215). After receiving the message of suspension of account inquiry (S217), the user terminal 40 is in a state where the requester xxxxxx cannot request the account inquiry.

By using this embodiment, it is possible to easily and accurately determine fraudulent account inquiries even when a huge number of account inquiry requests are made.

<Second Embodiment>
In the present embodiment, a method for monitoring fraudulent account inquiries when the transfer process is performed together with the account inquiries will be described. In this embodiment, the flow after (S211), in which the user terminal 40 is determined to be a legitimate account inquiry at the stage of the account inquiry and the user terminal 40 receives the account inquiry result, will be described.

12 and 13 are flow charts of financial transaction methods. As shown in FIG. 12, based on the received account inquiry result, the account transfer information to be the target of the account transfer is input to the user terminal 40 (S301). The account information is input on the input screen of the own bank's Internet banking displayed on the display unit 41 of the user terminal 40.

FIG. 13 is an example of a user interface for inputting account transfer information. The user inputs the requester 312a, the requester identification number 312b, the purpose code 313b, the financial institution name 313c, the branch name 313d, the deposit type 313e, the account number 313f, the account holder 313g, and the transfer date 313h in the account transfer information 313. .. When requesting a plurality of bank transfers, the next bank transfer information can be input by pressing the add button 317. When all the input of the account transfer information is completed, the request number is set for each account transfer information by pressing the input completion button 319. In addition, when the account transfer information is continuously input, the request file number is set as the account transfer information data set.

After the input of the account transfer information is completed, the account transfer information is transmitted as a request message from the transmission unit 420 of the user terminal 40 to the own server 10 (S303). When there are a plurality of account transfer information, a data file may be generated and stored in advance in the user terminal 40, and the information may be uploaded to the own server 10 via the network 50. When the own bank server 10 receives the account transfer information, the account transfer information may be stored in the account inquiry history information database 12a (S305).

After the account transfer information is stored, the account inquiry determination unit 120 determines whether the account transfer information meets a predetermined condition. Specifically, the transfer date included in the account transfer information and the scheduled transfer date included in the account information are compared (S307). If the transfer date included in the account transfer information and the scheduled transfer date included in the account information match or are within a predetermined date (for example, 5 business days), the account inquiry determination unit 120 determines that the account transfer information is valid. It is determined that the information is based on the account inquiry (S309; No), the account transfer information is transmitted to the integrated ATM server 20 and the other bank server 30, and the transfer process is executed (S311).

On the other hand, if the transfer date included in the account transfer information is different (elapsed) from the scheduled transfer date included in the account information by a predetermined date (for example, 5 business days) or more, the account inquiry determination unit 120 will display the account transfer information. It is determined that it is based on a fraudulent account inquiry (S309; Yes). At this time, the account inquiry determination unit 120 tells the user terminal 40 why the transfer date included in the account transfer information is different from the scheduled transfer date included in the account information by a predetermined date (for example, 5 business days) or more. Instruction information (answer input instruction information) for inputting the answer information of the above may be generated (S313) and transmitted (S315). When the receiving unit 410 of the user terminal 40 receives the answer input instruction information (S317) and the answer information is input (S319), the transmitting unit 420 of the user terminal 40 transmits the answer information to the own server 10. (S321). When the own server 10 receives the response information (S323), the account inquiry determination unit 120 may redetermine whether or not the account inquiry is fraudulent based on the content of the response information (S325). If it is determined that the account inquiry is legitimate (S325; No), the transfer process is performed (S327). When it is determined again that the account inquiry is fraudulent (S325; Yes), the account inquiry determination unit 120 of the own server 10 suspends the account inquiry by the requester xxxxxx (identification number 12345) (suspends the account) (suspends the account). S329). The account inquiry determination unit 120 does not necessarily have to transmit instruction information (answer input instruction information) for inputting answer information.

When the account inquiry suspension process is completed, the notification unit 130 sends a telegram to the user terminal 40 to notify that the account inquiry by the requester xxxxxx has been stopped (S331). After receiving the message of suspension of account inquiry (S333), the user terminal 40 is in a state where the requester xxxxxx cannot request the account inquiry.

By using this embodiment, it is possible to easily and accurately determine fraudulent account inquiries even when a huge number of account inquiry requests are made.

<Third Embodiment>
In this embodiment, a method of monitoring an account inquiry different from that of the first embodiment will be described. Specifically, an example of monitoring the account inquiry at the time of acquiring the account inquiry request information will be described. The description of the configuration overlapping with the first embodiment will be omitted as appropriate.

(3-1. Configuration of fraudulent account inquiry monitoring control unit 100A)
FIG. 15 shows a functional block diagram composed of each component of the financial transaction system 1A.

As shown in FIG. 15, the own server 10A has a fraudulent account inquiry monitoring control unit 100A that controls a program (a fraudulent account inquiry monitoring program) that realizes a fraudulent account inquiry monitoring function. The fraudulent account inquiry monitoring control unit 100A includes an account inquiry request information acquisition unit 1010, an identification information acquisition unit 1020, an account inquiry determination unit 1030, an account inquiry instruction unit 1040, an account inquiry stop unit 1050, a notification unit 1060, and a transmission unit 1070. ..

The account inquiry request information acquisition unit 1010 has a function of acquiring account inquiry request information including inquiry purpose information, financial institution information, and user information from the user terminal 40. The information acquired by the account inquiry request information acquisition unit 1010 is stored in the account inquiry information database 12Aa of the storage unit 12A of the own server 10A (financial institution server).

FIG. 16 is an example of the data structure of the account inquiry request information 600 stored in the account inquiry information database 12Aa in the storage unit 12A. The account inquiry request information 600 includes user information 601 (also referred to as inquiry request user information) and account inquiry request data 602 (also referred to as account inquiry financial institution information). The user information 601 includes a user name 601a, a user code 601b, and an industry code 601c.

The user name 601a is a user who requests an account inquiry. The user in this case is a user who uses the user terminal 40. For example, the user outsources business from a non-life insurance company, a life insurance company, a credit card company, a corporation, a distribution company such as a supermarket / retail, various corporations such as government offices, local public organizations, or independent administrative corporations, or the above corporations. The corporation that received it can be mentioned. The person is not limited to a corporation and may be a natural person.

The user code (also referred to as user identification information or member store code) 601b refers to information associated with each user requesting an account inquiry. In this example, the user code 601b consists of a 10-digit number. Alternatively, the user code 601b consists of a 9-digit serial number, and the remaining 1 digit may be used for checking. In this case, the user code 601b is
It is composed of modulus 10.

Further, the industry code 601c refers to a number assigned to each user's industry. The industry code 601c can also be said to be a group parameter to which the user belongs. In this example, the insurance company (02) is written as the industry code. FIG. 17 is a data structure of the industry code 601c. The industry code 601c includes the industry name 601c1 and the industry code 601c2. As shown in FIG. 17, an industry code determined for each industry is assigned. The industry code 601c does not have to be newly provided. In this case, of the 10-digit numbers, the 10th-digit number may be assigned to each industry.

The account inquiry request data 602 includes an account inquiry request number 602a, a purpose code 602b, a financial institution name 602c, a financial institution code 602d (financial institution identification number), a branch name 602e, a deposit type 602f, an account number 602g, and an account holder 602h. including. The purpose code 602b is also referred to as inquiry purpose information. Among the account inquiry request information, the industry code 601c, the financial institution name 602c, the financial institution code 602d, the branch name 602e, the deposit type 602f, the account number 602g, and the account holder 602h are also referred to as account inquiry parameters.

In this example, the account inquiry request data 602 that requests an account inquiry has 10 account inquiry information as one data set (request file).

The request number 602a (also referred to as a transaction serial number) is an identifier associated with each account inquiry request data. In this example, the request number 602a consists of seven characters including alphabets and numbers, and is arranged in order from the top. The request number 602a may be further combined with the date.

The purpose code 602b (inquiry purpose information) indicates the purpose of the account inquiry. For example, the purpose code for the purpose of prior confirmation before making a public account transfer is written as "1. Public use". On the other hand, "2. Commercial use" is written in the purpose code for the purpose of prior confirmation before making a private (commercial) account transfer. When the account inquiry request information 600 includes the purpose code 602b, the account inquiry determination unit 1030 performs the determination process as described later. On the other hand, when the purpose code 602b is not included in the account inquiry request information 600, it is not necessary for the account inquiry determination unit 1030 to perform the determination process because the inquiry purpose is unknown. Alternatively, if the purpose code is not registered in the account inquiry information DB 12Aa, the account inquiry determination unit 1030 may determine that the request is an unauthorized inquiry.

The financial institution code (financial institution identification information) 602d is a number associated with the name of the financial institution. In this example, the financial institution code 602d consists of a four-digit number.

The identification information acquisition unit 1020 has a function of acquiring financial institution information capable of inquiring an account, consent user information of a user who has been accepted for an account inquiry, and purpose information capable of inquiring an account. The purpose information (purpose code) that can be inquired about an account is, for example, information such as "1. Public use (account inquiry)".

FIG. 18 is an example of the data structure of the financial institution information 610 stored in the account inquiry information database 12Aa in the storage unit 12A. In this example, the financial institution information 610 includes a financial institution name 610a and an account inquiry compatible financial institution code 610b. The financial institution name 610a and the financial institution code 610b corresponding to the account inquiry are registered based on the information transmitted from the server 30 of the other bank.

The financial institution name 610a refers to a financial institution that can make an account inquiry with its own bank. The financial institution code 610b for account inquiry is unique identification information associated with the financial institution name 610a.
In this example, the financial institution code 610b for account inquiry is a 4-digit number. In principle, financial institutions not included in the data structure of FIG. 18 cannot receive account inquiry instructions.

FIG. 19 is an example of the data structure of the consent user information 620 stored in the account inquiry information database 12Aa in the storage unit 12A. In this example, the consent user information 620 includes the consent user name 620a, the consent user code (also referred to as the consent user identification information) 620b, the industry code 620c, the number of related corporations 620d, and the reliability 620e. The consent user name 620a, the consent user code 620b, the industry code 620c, the number of related corporations 620d, and the reliability 620e are registered based on the information transmitted from the user terminal 40. Each data of the industry code 620c, the number of affiliated corporations 620d, and the reliability 620e is also referred to as a consent user parameter.

The accepted user name 620a indicates the user name for which the account inquiry has been accepted. The consent user code 620b is unique identification information associated with the consent user name 620a. In this example, the consent user code 620b is a 10-digit number.

The industry code 620c refers to group information assigned to each industry of the consenting user.

The number of related corporations 620e means the number of related corporations for the consenting user. A related corporation is a corporation (group corporation) that is related to the operation of the corporation in terms of business or capital with the user. For example, when the number of related corporations is "0", it means that it is a single corporation. When the number of related corporations is "5", it means that there are five group corporations related to the consenting user. It can be said that the larger the number of related corporations, the more corporations are connected.

The reliability level 620e means the reliability level of the consenting user. The reliability 620e may be set based on the industry code and the number of related corporations. For example, the reliability may be set in 10 steps. If the industry is a local public entity, the reliability may be set high. On the other hand, if the number of affiliated corporations is large, the reliability may be set low from the viewpoint of information leakage to affiliated corporations.

The account inquiry determination unit 1030 has a function of determining whether or not an account inquiry is possible based on the account inquiry request information. In this example, in the account inquiry determination unit 1030, whether the inquiry purpose information matches the inquiry purpose information that can be inquired about the account stored in the storage unit 12A, or the user code of the account inquiry request information is stored in the storage unit 12A. Account inquiry is possible depending on whether the consent user code of the accepted user information matches or the financial institution code of the account inquiry request information matches the account inquirable financial institution code stored in the storage unit 12A. Determine if.

The account inquiry instruction unit 1040 performs an account inquiry associated with the account inquiry request information when the relationship between the account inquiry request information and the information stored in advance in the storage unit 12A (storage device) satisfies a predetermined account inquiry enablement condition. It has a function to instruct processing.

The account inquiry suspension unit 1050 has a function of suspending the account inquiry associated with the account inquiry request information. In this example, when the relationship between the account inquiry availability data for a plurality of account inquiry request information and the account inquiry request parameter satisfies a predetermined condition, the account inquiry associated with the account inquiry request information is stopped. Specifically, the industry code sets a set value of the account inquiry possibility rate according to the number of related corporations, and stops the account inquiry when the set value is exceeded.

When the account inquiry determination unit 1030 determines that the account inquiry request information transmitted from the user terminal 40 is an invalid account inquiry, the notification unit 1060 stops the account inquiry corresponding to the user identification number (identifier). Has a function of notifying the user terminal 40.

The transmission unit 1070 has a function of transmitting various information to the integrated ATM server 20, the other bank server 30, and the user terminal 40. Further, the transmission unit 1070 may have a function of transmitting correction instruction information of the stopped account inquiry request information to the user terminal 40.

(3-2. Financial transaction method)
Next, a financial transaction method based on an instruction by the fraudulent account inquiry monitoring program in the fraudulent account inquiry monitoring control unit 100A will be described.

20, FIG. 22, FIG. 25 and FIG. 26 are flow charts of financial transaction methods. The financial transaction method includes a first financial transaction control method S1100, a second financial transaction control method S1200, and a third financial transaction control method S1300. The first financial transaction control method S1100 includes generation, reception and storage processing of inter-financial institution account inquiry acceptance information, and generation and storage processing of account inquiry acceptance information. The second financial transaction control method S1200 includes acquisition, determination, and account inquiry instruction processing of account inquiry request information. The third financial transaction control method S1300 includes an account inquiry process and an account inquiry determination. This will be described in detail below.

In the first financial transaction control method S1100, the own server 10A first generates inter-financial institution account inquiry acceptance request information as shown in FIG. 20 (S1101). The inter-financial institution account inquiry acceptance request information may be generated based on the information input from the terminal. The own bank server 10A transmits the generated inter-financial institution account inquiry acceptance request information as a request message to the other bank server 30 (S1103).

When the other bank server 30 receives the inter-financial institution inquiry acceptance request information (S1105), the other bank server 30 generates the inter-financial institution account inquiry acceptance information (S1107). The inter-financial institution account inquiry consent information includes a financial institution code that allows account inquiry. The other bank server 30 transmits the generated inter-financial institution account inquiry acceptance information as a request message to the own bank server 10A (S1109).

The identification information acquisition unit 1020 of the own server 10A receives the inter-financial institution account inquiry acceptance information and then stores it in the account inquiry information DB 12Aa (S1111). The above processes S1101 to S1111 may be repeatedly executed in response to a request for an account inquiry from each financial institution. As a result, the data structure of the financial institution information 610 shown in FIG. 18 is generated.

On the other hand, the user terminal 40 generates account inquiry acceptance request information (S1113). The account inquiry acceptance request information is generated in the user interface of the own bank's Internet banking displayed on the display unit 41 of the user terminal 40. FIG. 21 is an example of a user interface 640 for generating account inquiry acceptance request information. As shown in FIG. 21, the account inquiry acceptance request user interface 640 includes a user name 640a, a corporation type 640b, the presence / absence of an affiliated corporation 640c, and the number of affiliated corporations 640d. The corporate type 640b indicates the type of business of the user and can be selected from the displayed list. For the presence / absence of related corporations 640c and the number of related corporations 640d, the presence / absence of corporations related to the user and the number of group companies can be described. When the input of the account information is completed, the input completion button 642 is pressed, and the close button 644 is pressed. As a result, the account inquiry acceptance request information is transmitted as a request message from the transmission unit 420 of the user terminal 40 to the own server 10A (S1115).

When the own server 10A receives the account inquiry acceptance request information (S1117), the own bank server 10A generates the account inquiry acceptance information and the accepted user information based on the account inquiry acceptance request information, and stores the information in the account inquiry information DB 12Aa (S1119). The own server 10A transmits the generated account inquiry acceptance information to the user terminal 40 (S1121).

The user terminal 40 receives the account inquiry acceptance information (S1123). S1113 to S above
The process of 1123 is repeatedly executed each time a plurality of users request an account inquiry. As a result, a data structure including the information of the plurality of consenting users shown in FIG. 19 is generated. The reliability of the accepted user shown in FIG. 19 may be generated at a timing different from the account inquiry acceptance information. Further, the order of generating the account inquiry acceptance request information and the generation of the inter-financial institution account inquiry acceptance request information may be different. As a result, the first financial transaction control method S1100 is completed. According to the first financial transaction control method, the financial institution information capable of inquiring the account and the consent user information of the user who has accepted the account inquiry can be stored in advance in the storage unit 12A (storage device).

In the above-mentioned example, the account inquiry consent information is generated after the inter-financial institution account inquiry consent information is generated, but the present invention is not limited to this. The inter-financial institution account inquiry consent information and the account inquiry consent information may be generated in parallel. Further, various information including the inquiry purpose information that can be inquired about the account may be stored in the account inquiry information DB 12Aa in advance, or may be generated based on the telegram including the request information transmitted from the user terminal 40.

Next, the second financial transaction control method S1200 will be described. The second financial transaction control method S1200 starts with the end of the first financial transaction control method S1100. The first financial transaction control method S1100 and the second financial transaction control method S1200 may not be performed in order, and may be processed in parallel as appropriate.

First, as shown in FIG. 22, the user terminal 40 generates account inquiry request information (S1201). FIG. 23 is an example of the account inquiry request user interface 650 for the user to input to generate the account inquiry request information. As shown in FIG. 23, the user has a user name 651a, a user code 651b, a purpose code 651c, a financial institution name 651d, a financial institution code 651e, a branch name 651f, and a deposit type 651g for the account inquiry request user interface 650. Enter the account number 651h and the account holder 651i. When requesting a plurality of account inquiries, the following account transfer information can be input by pressing the add button 653. When all the input of the account transfer information is completed, the request number is set for each account inquiry request information by pressing the input completion button 655. Further, when the account inquiry request information is continuously input, the request file number is set as the account inquiry request information data set. The user terminal 40 transmits the generated account inquiry request information as a request message to the own server 10A (S1203).

When the own server 10A receives (acquires) the account inquiry request information, the own server 10A stores the account inquiry request information in the account inquiry information DB 12Aa (S1205). When there are a plurality of account information to be inquired, a data file may be generated and stored in advance in the user terminal 40, and the user terminal 40 may upload the data file to the own server 10A via the network. When the own server 10A receives the account inquiry request information, the account inquiry request information is stored in the account inquiry information database 12Aa.

Next, the account inquiry determination unit 1030 of the own server 10A determines whether the received account inquiry request information satisfies (matches) a predetermined inquiry possibility condition (S1207). At this time, if at least a part of the received account inquiry request information and at least a part of the information stored in the account inquiry information DB12Aa match, it is determined that the account inquiry information satisfies a predetermined inquiry possibility condition. Will be done. Specifically, it is determined whether or not the objective code 602b included in the account inquiry request information 600 shown in FIG. 16 and the objective code that can be inquired about the account stored in the account inquiry information DB 12Aa match. At this time, it may be determined whether or not the purpose code 602b is included in the account inquiry request information 600. Similarly, it may be determined whether or not the purpose code capable of inquiring the account is stored (registered) in the account inquiry information DB 12Aa. If the purpose code 602b is not included in the account inquiry request information 600, or if the purpose code is not registered in the account inquiry information DB 12Aa, the account inquiry determination unit 1030 may determine that the request is an unauthorized inquiry.

Alternatively, the account inquiry determination unit 1030 uses the user code 601b included in the account inquiry request information shown in FIG. 16 and the consent user code 620b of the user who has accepted the account inquiry stored in the account inquiry information DB 12Aa shown in FIG. They may be matched to determine if they match. Further, the account inquiry determination unit 1030 collates the financial institution code 602d included in the account inquiry request information 600 shown in FIG. 16 with the financial institution code 610b capable of making an account inquiry stored in the account inquiry information DB 12Aa shown in FIG. Then, it may be determined whether or not they match. Further, the account inquiry determination unit 1030 determines the industry code 601c included in the account inquiry request information 600 shown in FIG. 16 and the industry code 620c of the user whose account inquiry is accepted in the account inquiry information DB 12Aa shown in FIG. You may collate and determine if they match.

Here, when the purpose code 602b of the received account inquiry request information and the purpose code of the information stored in the account inquiry information DB12Aa match the purpose code of which the account can be inquired (S1209; Yes), the own server 10A has an account. Generate account inquiry instruction information according to the inquiry request information (S1211). That is, in the present embodiment, when the relationship between the account inquiry request information and the information stored in advance in the storage device satisfies the inquiry possibility condition, it can be said that the account inquiry process associated with the account inquiry request information is instructed. ..

By using this embodiment, when the purpose code of the account inquiry request information and the purpose code capable of inquiring the account of the account inquiry information DB12Aa match, for example, when the purpose code is "1. Public use", the local public As in the case of a corporation that has received business from an organization, it is possible to instruct an account inquiry even if the financial institution code and the user code of the account inquiry request information do not match the data stored in the account inquiry information DB12Aa.

Further, the account inquiry determination unit 1030 may instruct the account inquiry based on the industry code 601c and the purpose code 602b of the account inquiry request information and the industry code 620c of the consented user information. For example, when the industry code 601c or the industry code 620c is "(03) local public body" and the purpose code is "1. public use", it is included in the account inquiry request information shown in FIG. Even when the financial institution code 602d and the financial institution code 610b that can be inquired about the account stored in the account inquiry information DB 12Aa shown in FIG. 18 do not match, the account inquiry may be instructed. As a result, even if the account inquiry cannot be instructed because the contract / arrangement of the account inquiry between financial institutions has not been completed in the past, the account inquiry can be instructed as an exception handling in an emergency.

On the other hand, if the user code and the financial institution code do not match (S1209; No), it is determined that the account inquiry request is invalid, and the account inquiry stop unit 1060 of the own server 10A covers part or all of the account inquiry request information. On the other hand, the account inquiry suspension process may be performed (S1213). For example, when the purpose code 602b is not included in the account inquiry request information 600, the account inquiry suspension unit 1060 may execute the account inquiry suspension process.

FIG. 24 is an example of the data structure of the determination result of the plurality of account inquiry request information. As shown in FIG. 24, account inquiry availability data 602i is generated for each of the plurality of account inquiry request data 602. At this time, the ratio of the account inquiry request information that can be inquired about the account (account inquiry possible rate 602j) in the entire account inquiry request information data set may be calculated. In this example, the account inquiry rate is displayed as "60%".

Further, when the user codes match, and when the account inquiry possibility rate 602j of the account inquiry request information for the number of related corporations 620d of the consent user information shown in FIG. 19 reaches the set value, the account inquiry stop unit 1050 sets the account. The inquiry stop process may be executed. As the number of related corporations increases, it is expected that account inquiry request information will be generated based on the information requested by the group corporations, increasing the possibility of inconsistencies in financial institution codes. In that case, the possibility of being determined to be unauthorized access increases.

For example, when the industry code is the insurance company (02) and the account inquiry possibility rate is 80% or more, the account inquiry suspension process may be performed on the corresponding information of the account inquiry request information. For example, when the industry code is the insurance company (02) and the account inquiry possibility rate is 50%, suspension processing may be performed for all account inquiries included in the account inquiry request information. Further, when the industry code is the insurance company (02) and the account inquiry possibility rate is 40% or less, even if the consent user information of the user whose account inquiry is stopped is deleted from the account inquiry information DB 12Aa of the storage unit 12A. good.

After the account inquiry suspension process is executed, the own server 10A notifies the user terminal 40 via a telegram that the account inquiry has been suspended (S1215). When the user terminal 40 receives the account inquiry suspension notification (S1217), the second financial transaction control method S1200 is terminated.

In addition, the own server 10A may transmit the correction instruction information about the account inquiry request information processed by the account inquiry suspension together with the account inquiry suspension notification to the user terminal 40. As a result, the user can quickly correct the error in the account inquiry request information.

The third financial transaction control method (S1300) starts with the generation of account inquiry instruction information (S1211). As shown in FIG. 25, first, the own server 10A transmits the account inquiry instruction information to the integrated ATM server 20 (S1301). When the integrated ATM server 20 receives the account inquiry instruction information (S1303), the integrated ATM server 20 transmits the account inquiry instruction information to a financial institution (other bank server 30) capable of making an account inquiry corresponding to the account inquiry instruction information (S1305).

When the other bank server 30 receives the account inquiry instruction information (S1307), the other bank server 30 executes the account inquiry process (S1309). Specifically, a match or a mismatch is determined depending on whether or not each of the information described in the account information completely matches the account information recorded in the server 30 of the other bank. In this case, if even one character is different, it is treated as a mismatch. The inquiry result is input in association with the request number. If the inquiry results do not match, simple input such as mismatch, NG, etc. may be used, or specific input such as account number difference (no account), account holder difference, or deposit type difference may be made. After the account inquiry is completed, the other bank server transmits the account inquiry result to the integrated ATM server 20 (S1311).

When the integrated ATM server 20 receives the account inquiry result (S1313), the integrated ATM server 20 transmits the account inquiry result to the own server 10A (S1315).

When the own server 10A receives the account inquiry result (S1317), the own server 10A may determine the account inquiry result as shown in FIG. 26 (S1319). At this time, the account inquiry determination unit 1030 determines whether or not the account inquiry is fraudulent based on the account inquiry mismatch rate and the purpose code, industry code, or number of related corporations. Specifically, when the user's industry code is a local public entity and the purpose code is for public use, even if the account mismatch rate is 50% or more, it may be determined that the inquiry is not a fraudulent account inquiry. Alternatively, if the number of affiliated corporations is 5 or more and the account mismatch rate is 20% or more, it may be determined that the inquiry is fraudulent.

When it is determined that the inquiry is not a fraudulent account inquiry (S1321; No), the own server 10A transmits the account inquiry result to the user terminal 40 (S1323). When the user terminal 40 receives the account inquiry result (S1325), the user terminal 40 determines whether or not the account information needs to be corrected (S1327). The determination of correction of the account information may be made based on the input from the user. If it is necessary to correct the account information (S1327; Yes), the user may return to the input of the account information to be inquired (S1201). When it is not necessary to modify the account information (S1327; No), the third financial transaction control method S1300 ends. After the third financial transaction control method S1300, the account transfer processing may be instructed.

On the other hand, when it is determined that the account inquiry is fraudulent (S1321; Yes), the generation of future account inquiry request information by the user is stopped (account is suspended) (S1329).

When the account inquiry suspension process is completed, the notification unit 1050 of the own server 10A transmits a telegram for notifying the user terminal 40 that the account inquiry by the user has been stopped (S1331). After receiving the telegram for suspending the account inquiry (S1333), the user terminal 40 is in a state where the user cannot request the account inquiry. As a result, the third financial transaction control method S1300 is completed.

By using this embodiment, it is possible to easily and accurately determine fraudulent account inquiries even when a huge number of account inquiry requests are made. In addition, since monitoring can be performed before executing the account inquiry process, the burden on the system can be reduced.

In this embodiment, an example including the industry code, the number of related corporations, and the reliability is shown, but it is not always necessary to provide the example.

Further, in the present embodiment, an example in which an industry code is used as a group parameter is shown, but the user is not particularly limited as long as it can be classified.

Further, in the present embodiment, the determination result may be determined based on the matching rate calculated from each data used for collation. For example, if the account inquiry request information contains an error, it can be determined from the match rate.

Further, in the present embodiment, when at least a part of the account inquiry request information and at least a part of the information stored in the account inquiry information DB12Aa match, the account inquiry information satisfies a predetermined inquiry possibility condition. In this case, an example of generating account inquiry instruction information is shown, but the present invention is not limited to this. For example, when the combination of the purpose code 602b included in the account inquiry request information 600 and the industry code 601c satisfies a predetermined condition, flag data for priority inquiry may be generated. Specifically, when the industry code 601c is "(03) local public body" or "(06) government office" and the purpose code is "1. public use", as shown in FIG. 27. , Flag data 602k for priority inquiry may be generated. The account inquiry information DB 12Aa may store instruction information that enables account inquiry for the account inquiry request information for which flag data for priority inquiry is generated. The account inquiry determination unit 1030 can generate account inquiry instruction information based on the instruction information stored in the account inquiry information DB 12Aa for the account inquiry request information including the flag data for priority inquiry. Therefore, even if a financial institution code capable of making an account inquiry or a user code that has accepted the account inquiry has not been obtained, the account inquiry can be processed quickly by using the industry code / purpose code.

Further, in the present embodiment, an example is shown in which the account inquiry possibility rate for the industry code stops the account inquiry based on the set value, but the present invention is not limited to this. For example, the account inquiry possibility rate for the number of related corporations may be set.

(Modification example)
Within the scope of the idea of the present invention, those skilled in the art can come up with various modified examples and modified examples, and it is understood that these modified examples and modified examples also belong to the scope of the present invention. For example, those skilled in the art appropriately adding, deleting, or changing the design of each of the above-described embodiments, or adding, omitting, or changing the conditions of processing are also gist of the present invention. Is included in the scope of the present invention as long as the above is provided.

In the first embodiment of the present invention, an example in which an account inquiry is performed on a server of another bank is shown, but the present invention is not limited to this. For example, the account inquiry may be performed in the integrated ATM server 20. Further, the fraudulent account determination is not limited to the own server 10, and may be performed by the integrated ATM server or by another server.

In the first embodiment of the present invention, an example is shown in which an account inquiry is made based on the account information and it is determined whether the inquiry is a fraudulent account inquiry, but the present invention is not limited to this. For example, when the own server 10 acquires the account information, it may be determined whether or not the account information is fraudulent.

In the first embodiment of the present invention, an example is shown in which the fraudulent account inquiry monitoring control unit 100 has a notification unit 130, but it is not always necessary to provide the notification unit 130. In this case, the input of account information may be locked.

In the first embodiment of the present invention, an example in which the fraudulent account inquiry monitoring control unit 100 is provided in the own server 10 is shown, but the present invention is not limited to this. For example, the fraudulent account inquiry monitoring control unit 100 may be provided in the integrated ATM server 20.

In the first embodiment of the present invention, an example is shown in which the own server 10 first acquires the account information and then receives the inquiry result, but the present invention is not limited to this. For example, the account information and the account information may be acquired at the same time as the account inquiry history information.

In the first embodiment of the present invention, the notification unit 130 can transmit character information (for example, push notification) as a telegram when notifying the user terminal 40 of the suspension of an account inquiry. The account inquiry suspension notification may be image information or voice information.

In the first embodiment of the present invention, the case where there is an additional account inquiry request from the same client is shown, but the present invention is not limited to this. For example, if it is determined that the requesters are not the same requester but are related to each other in a plurality of account information, the account inquiry determination may be performed together.

In the first embodiment of the present invention, when the same user makes an account inquiry using a predetermined number (specifically, three) request files immediately before the account inquiry determination, the past account inquiry history information is combined. An example of determination has been described, but the present invention is not limited to this. For example, if the same user makes an account inquiry using a plurality of request files within a predetermined period (specifically, within one month), the judgment is made by combining the account inquiry history information by the same user within the predetermined period. You may. Further, in this case, the past account inquiry history may be deleted after the predetermined period has elapsed.

In addition, when determining whether the account inquiry is fraudulent, the determination conditions may be changed based on the creditworthiness of the client or the transfer record. When changing the determination condition, inquiry information (hearing information) may be transmitted to the user terminal 40.

Further, in the third embodiment of the present invention, an example of instructing an account inquiry request based on the relationship between the industry code of the consent user information and the purpose code of the account inquiry request information is shown, but the present invention is not limited to this. The account inquiry determination unit 1030 may instruct an account inquiry request based on the relationship between the number of related corporations in the accepted user information and the account inquiry possibility rate of the account inquiry request information. For example, if the number of affiliated corporations is low (for example, "1") and the account inquiry possibility rate is high (for example, 80%), an account inquiry may be instructed.

Further, in the third embodiment of the present invention, an example in which the own server 10A performs various processes is shown, but the present invention is not limited to this. Other servers, computers, or information processing devices may perform various processes.

1 ... Financial transaction system, 10 ... Own server, 11 ... Control unit, 12 ... Storage unit, 12a ... Account inquiry history information database, 13 ... Communication unit, 14 ... Display unit, 20 ... server, 21 ... control unit, 22 ... storage unit, 23 ... communication unit, 30 ... other line server, 31 ... control unit, 32 ... storage Unit, 33 ... Communication unit, 34 ... Display unit, 40 ... User terminal, 41 ... Display unit, 42 ... Control unit, 43 ... Storage unit, 44 ... Operation unit , 45 ... Communication unit, 50 ... Network, 100 ... Unauthorized account inquiry monitoring and control unit, 110 ... Account inquiry history information acquisition unit, 111 ... Account inquiry history information, 112a ... Request Person, 112b ... Requester identification number, 112c ... Request file, 113 ... Account information, 113a ... Request number, 113b ... Purpose code, 113c ... Financial institution name, 113d ...・ Branch name, 113e ・ ・ ・ Deposit type, 113g ・ ・ ・ Account holder, 115 ・ ・ ・ Inquiry result, 117 ・ ・ ・ Add button, 119 ・ ・ ・ Input complete button, 120 ・ ・ ・ Account inquiry judgment unit, 130 ... Notification unit, 210 ... Reception unit, 220 ... Transmission unit, 310 ... Reception unit, 312a ... Requester, 312b ... Requester identification number, 313b ... Purpose code , 313c ・ ・ ・ Financial institution name, 313d ・ ・ ・ Branch name, 313e ・ ・ ・ Deposit type, 313f ・ ・ ・ Account number, 313g ・ ・ ・ Account holder, 313h ・ ・ ・ Transfer date, 317 ・ ・ ・ Addition Button, 319 ... Input complete button, 320 ... Account inquiry processing unit, 330 ... Transfer processing unit, 340 ... Transmitting unit, 410 ... Receiver unit, 420 ... Transmitting unit, 600 ... .. Account inquiry request information, 601 ... User information, 602 ... Account inquiry request data, 610 ... Financial institution information, 620 ... Accepted user information, 640 ... Account inquiry consent request user interface, 650 ... Account inquiry request user interface, 1010 ... Account inquiry request information acquisition unit, 1020 ... Identification information acquisition unit, 1030 ... Account inquiry judgment unit, 1040 ... Account inquiry instruction unit, 1050.・ ・ Account inquiry stop section, 1060 ・ ・ ・ notification section, 1070 ・ ・ ・ transmission section

Claims (19)

When the computer acquires the user's account inquiry request information including the inquiry purpose information and the relationship between the account inquiry request information and the information stored in advance in the storage device satisfies the inquiry possibility condition, the account inquiry request information is used. A financial transaction method that directs the associated account inquiry process. The pre-stored information includes the consent user information of the user whose account inquiry has been accepted or the inquiry purpose information capable of making an account inquiry.
The financial transaction method according to claim 1. The inquiry-enabled condition includes that the account inquiry request information and the consented user information or the inquiry-purpose information that can be inquired about the account match at least in part.
The financial transaction method according to claim 2. The consenting user information includes the consenting user identification information and the consenting user parameters associated with the consenting user identification information.
The account inquiry request information further includes an account inquiry parameter different from the inquiry purpose information.
When the relationship between the consent user parameter and the account inquiry parameter satisfies the second inquiry possibility condition,
Instructs the account inquiry process associated with the account inquiry request information,
The financial transaction method according to claim 2 or 3. The account inquiry request information further includes an account inquiry parameter different from the inquiry purpose information.
When the relationship between the inquiry purpose information and the account inquiry parameter satisfies the second inquiry possibility condition, the account inquiry process associated with the account inquiry request information is instructed.
The financial transaction method according to claim 1. The account inquiry parameter includes a group parameter to which the user belongs.
The financial transaction method according to claim 4 or 5. The account inquiry request information is plural,
The computer stops the account inquiry associated with the account inquiry request information when the relationship between the account inquiry availability data for the plurality of account inquiry request information and the account inquiry parameter satisfies a predetermined condition.
The financial transaction method according to any one of claims 4 to 6. The computer transmits the correction instruction information of the stopped account inquiry request information to the terminal of the user.
The financial transaction method according to claim 7. The computer erases the consent user information of the user whose account inquiry has been stopped from the storage device.
The financial transaction method according to claim 7. Let the computer execute the financial transaction method according to any one of claims 1 to 9.
Financial transaction program. The account inquiry request information acquisition unit that acquires the user's account inquiry request information including the inquiry purpose information,
Finance including an account inquiry instruction unit that instructs an account inquiry process associated with the account inquiry request information when the relationship between the account inquiry request information and the information stored in advance in the storage device satisfies the inquiry possibility condition. Trading system. The pre-stored information includes the consent user information of the user whose account inquiry has been accepted or the inquiry purpose information capable of making an account inquiry.
The financial transaction system according to claim 11. The inquiry-enabled condition includes that the account inquiry request information and the consented user information or the inquiry-purpose information that can be inquired about the account match at least in part.
The financial transaction system according to claim 12. The consenting user information includes the consenting user identification information and the consenting user parameters associated with the consenting user identification information.
The account inquiry request information further includes an account inquiry parameter different from the inquiry purpose information.
The account inquiry instruction unit instructs the account inquiry process associated with the account inquiry request information when the relationship between the consent user parameter and the account inquiry parameter satisfies the second inquiry possibility condition.
The financial transaction system according to claim 13. The account inquiry request information further includes an account inquiry parameter different from the inquiry purpose information.
When the relationship between the inquiry purpose information and the account inquiry parameter satisfies the second inquiry possibility condition, the account inquiry instruction unit instructs the account inquiry process associated with the account inquiry request information.
The financial transaction system according to claim 11. The account inquiry parameter includes a group parameter to which the user belongs.
The financial transaction system according to claim 14 or 15. The account inquiry request information is plural,
When the relationship between the account inquiry availability data for the plurality of account inquiry request information and the account inquiry parameter satisfies a predetermined condition, the account inquiry stop unit for stopping the account inquiry associated with the account inquiry request information is provided. include,
The financial transaction system according to any one of claims 14 to 16. Includes a transmitter that transmits correction instruction information of the stopped account inquiry request information to the user's terminal.
The financial transaction system according to claim 17. The account inquiry suspension unit deletes the inquiry request user information of the user whose account inquiry has been suspended from the storage device.
The financial transaction system according to claim 17.

Images