JP2023044913A - Portable electronic device, ic card, and program for data disclosure setting - Google Patents

Abstract

To provide a portable electronic device, an IC card, and a program for data disclosure setting which can easily perform data disclosure.SOLUTION: According to an embodiment, a portable electronic device has a memory unit, a communication interface, and a processor. The memory unit stores data. The communication interface performs communication connection with a terminal. The processor, after a success in user authentication by authentication information input in a first terminal connected with the communication interface, sets data whose disclosure is designated by the first terminal as disclosure data disclosed to another terminal without the user authentication and transmits the disclosure data to a second terminal connected with the communication interface, different from the first terminal.SELECTED DRAWING: Figure 2

Description

Embodiments of the present invention relate to a portable electronic device, an IC card and a program for setting data disclosure.

In recent years, portable electronic devices such as IC cards have been increasingly used as certificates. In such an IC card, it is conceivable to store personal information and information indicating items to be certified in an internal memory, and to output the information stored in the internal memory to a terminal device when user authentication by a password or the like is successful. be done. It is also considered that the IC card is used not only as one certificate but also as a plurality of certificates.

It is conceivable that the IC card used as a certificate as described above cannot display the information printed (displayed) on the surface of the ticket in the conventional certificate. For example, for an IC card that has the functions of both a driver's license and a health insurance card, it is considered difficult to write both the information of the driver's license and the information of the health insurance card on the card. In order to disclose information stored in the internal memory such as personal information and certification items not written on the face of the card, the IC card is connected to a terminal (for example, a terminal owned by the police or a reception terminal at a hospital). User authentication using a password, etc., is required.

If the terminal that refers to the IC card data is not owned by the IC card owner, the user needs to input the password to the other person's terminal. If you enter your password into someone else's device, your password may be intercepted.
In addition, in business involving reference to IC card data, for example, the owner of the IC card may take time to enter the password, or may have to re-enter the password due to inconsistency due to a password entry error. If the user spends time inputting the password, the task involving reference to the data in the IC card will take a long time, resulting in poor work efficiency.

WO2015/045174

SUMMARY OF THE INVENTION In order to solve the above-described problems, an object of the present invention is to provide a portable electronic device, an IC card, and a program for setting data disclosure that can easily disclose data.

According to embodiments, a portable electronic device has a storage unit, a communication interface, and a processor. The storage unit stores data. The communication interface communicates with the terminal. After successful user authentication based on authentication information input by the first terminal connected to the communication interface, the processor discloses data designated to be disclosed by the first terminal to other terminals without user authentication as disclosure data. The disclosure data is transmitted to a second terminal different from the first terminal connected to the communication interface.

FIG. 1 is a diagram for schematically explaining a configuration example of a data disclosure system including an IC card as a portable electronic device according to an embodiment. FIG. 2 is a block diagram showing a configuration example of an IC card as a portable electronic device according to the embodiment. FIG. 3 is a block diagram showing a configuration example of a terminal in the data disclosure system according to the embodiment. FIG. 4 is a sequence for explaining disclosure setting processing in the first operation example by the data disclosure system according to the embodiment. FIG. 5 is a sequence for explaining disclosure processing in which an IC card discloses disclosure data to a terminal as a first operation example in the data disclosure system according to the embodiment. FIG. 6 is a sequence for explaining disclosure setting processing in the second operation example by the data disclosure system according to the embodiment. FIG. 7 is a sequence for explaining disclosure processing in which an IC card discloses disclosure data to a terminal as a second operation example in the data disclosure system according to the embodiment.

Hereinafter, embodiments will be described with reference to the drawings.
First, a data disclosure system 1 including an IC card 2 as a portable electronic device according to an embodiment will be described.
FIG. 1 is a diagram for schematically explaining a configuration example of a data disclosure system 1 including an IC card 2 as a portable electronic device according to an embodiment.
A data disclosure system 1 according to the embodiment includes an IC card 2, a terminal (terminal for setting) 3A, a terminal (terminal for disclosure) 3B, and the like.

The IC card 2 is an example of a portable electronic device possessed by a user. The IC card 2 may be a non-contact IC card or a contact IC card. Also, the IC card 2 may be a portable electronic device such as a smart phone or a tablet terminal.

The IC card 2 has a memory that stores information about the holder. For example, the IC card 2 stores in its memory information about the holder such as driver's license information or health insurance card information. The IC card 2 discloses part or all of the information stored in the memory to the terminal 3 when authentication by a password or the like is successful. The IC card 2 according to the embodiment has a function of disclosing information set to be disclosed by a disclosure setting process executed while connected to the terminal 3A, without password authentication, etc., when the information is connected to the terminal 3B.

Terminal 3A and terminal 3B are information processing devices to which IC card 2 is connected. Terminals 3A and 3B are, for example, smart phones, tablet PCs, personal computers, and the like. The terminals 3A and 3B are provided with card reader/writers (RW) that communicate with the IC card 2 . The terminal 3A may also have an interface for connecting a card reader/writer as an external device that communicates with the IC card 2. FIG.

The terminal 3A is a setting terminal for setting the IC card 2 to disclose information. It is assumed that the terminal 3A is an information processing device operated by a user. With the IC card 2 connected, the terminal 3A executes start setting processing for setting information selected from the information stored in the IC card 2 to be disclosed to another terminal (disclosure terminal) 3B.

The terminal 3B is a disclosure terminal that discloses information set to be disclosed in the IC card 2 without authentication procedures such as a password. It is assumed that the terminal 3B is an information processing device operated by a third party other than the user who checks the information stored in the IC card 2. FIG. With the IC card 2 connected, the terminal 3B acquires information (disclosure information) that is set to be disclosed in the IC card 2 without authentication such as a password, and displays the acquired disclosure information on a display unit or the like.

Next, the configuration of the IC card 2 as the portable electronic device according to the embodiment will be described.
FIG. 2 is a block diagram showing a configuration example of the IC card 2 as a portable electronic device according to the embodiment.
The IC card 2 is an example of a portable electronic device that is activated (becomes operable) by power supplied from an external device. The IC card 2 is also called a smart card. As shown in FIG. 2, the IC card 2 has a main body C. As shown in FIG. The main body C is formed in a card shape from plastic or the like. A control module M is embedded in the main body C of the IC card 2 . The control module M is integrally formed with a communication interface connected to one or more IC chips.

In the configuration example shown in FIG. 2 , the control module M has a processor 21 , ROM 22 , RAM 23 , NVM (data memory) 24 and communication interface 25 .
Processor 21 includes circuitry that performs various processes. The processor 21 is, for example, a CPU (Central Processing Unit). The processor 21 controls the IC card 2 as a whole. The processor 21 implements various processing functions by executing programs stored in the ROM 22 or NVM 24 . However, some or all of various functions executed by the processor 21, which will be described later, may be realized by hardware circuits.

The ROM 22 is a non-volatile memory that functions as a program memory. The ROM 22 stores control programs and control data in advance. The ROM 22 is incorporated in the IC card 2 in a state in which control programs, control data, etc. are stored in the manufacturing stage. Control programs and control data stored in the ROM 22 are incorporated in advance according to the specifications of the IC card 2 . For example, the ROM 22 stores a program for causing the processor 21 to execute a process according to a command received from an external device (card reader/writer).

A RAM 23 is a volatile memory that functions as a working memory. The RAM 23 also functions as a buffer that temporarily stores data being processed by the processor 21 . For example, the RAM 23 functions as a communication buffer that temporarily stores data transmitted/received to/from an external device via the communication interface 25 .

The NVM 24 is a storage unit that stores data. The NVM 24 is composed of a non-volatile memory in which data can be written and rewritten. The NVM 24 functions, for example, as a data memory in which programs and various data are written according to the operational use of the IC card 2 .

Program files, data files, etc. are defined in the NVM 24, and control programs and various data are written in these files. For example, when the IC card 2 is used as a plurality of certificates, the NVM 24 may store data of each certificate in a data folder defined for each certificate. Part or all of the NVM 24 has tamper resistance and can securely store data. Authentication information and key information used for security settings are stored in the secure storage area of the NVM 4 . In addition, in this embodiment, the NVM 24 has a dedicated (disclosure) storage area 24a for storing (storing) disclosure data, which will be described later.

The communication interface 25 has a communication control section and an interface section, and constitutes a communication section. The communication interface 25 is an interface for communication connection with a card reader/writer (RW) 36 provided in the terminal 3 or a card reader/writer connected to the terminal 3 via an interface. The communication interface 25 implements a communication function according to a communication method compatible with the interface of the card RW 36 of the terminal 3 . Also, the communication interface 25 may be configured to support a plurality of communication methods (for example, contact communication and non-contact communication).

When the IC card 2 is implemented as a contactless IC card, the communication interface 25 performs contactless (wireless) communication with the card RW provided in the terminal 3 or the card RW connected to the terminal 3 via an interface. compose the department. In this case, the communication interface 25 includes an antenna for transmitting and receiving radio waves, and includes a modulation circuit for generating radio waves to be transmitted from the antenna and a demodulation circuit for generating a signal from the radio waves received by the antenna.

Further, when the IC card 2 is implemented as a contact type IC card, the communication interface 25 is a communication unit that contacts and communicates with the card RW provided in the terminal 3 or the card RW connected to the terminal 3 via an interface. configure. In this case, the communication interface 25 includes a contact portion that physically and electrically contacts the contact portion provided on the card RW, and is configured by a communication control circuit or the like that controls transmission and reception of signals via the contact portion.

Next, the configuration of the terminals 3 (3A, 3B) in the data disclosure system 1 according to the embodiment will be described.
FIG. 3 is a block diagram showing a configuration example of terminals 3 (3A, 3B) in the data disclosure system according to the embodiment.
The terminal 3 is an electronic device on which various application programs are executed on an operating system (OS). The terminal 3 is an electronic device used by a user as a cardholder holding the IC card 2 . For example, the terminal 3 is a mobile terminal device including a card RW, such as a personal computer, a smart phone, a tablet terminal, or a mobile phone, or a mobile terminal device including an interface for connecting the card RW. Also, the terminal 3 may be a personal computer (PC) provided with the card RW or a PC provided with an interface for connecting the card RW.

In the configuration example shown in FIG. 2, the terminal 3 includes a processor 31, a ROM 32, a RAM 33, a data memory 34, a network (NW) communication unit 35, a card reader/writer (RW) 36, a display unit 37, an input unit 38, and the like. have.

The processor 31 executes various processes by executing programs. The processor 31 is, for example, a CPU (Central Processing Unit). The processor 31 is connected to each section within the terminal 3 via a system bus, and transmits and receives data to and from each section.

Processor 31 cooperates with ROM 32 and RAM 33 to perform operations such as control and data processing in terminal 3 . For example, processor 31 implements various processing functions by executing application programs stored in ROM 32 or data memory 34 . However, some or all of various functions executed by the processor 31, which will be described later, may be realized by hardware circuits.

A ROM (Read Only Memory) 32 is a non-volatile memory that stores programs and control data for realizing basic operations of the terminal 3 . For example, the ROM 32 stores programs that control basic operations such as an operating system (OS). Further, the ROM 32 may store application programs and the like for realizing the functions of the terminal 3 . The ROM 32 may be composed of a rewritable non-volatile memory.

A RAM (Random Access Memory) 33 is a volatile memory that temporarily stores data. RAM 33 functions as a working memory when processor 31 executes a program.

The data memory 34 is a storage unit that stores various data. The data memory 34 is composed of a rewritable non-volatile memory. For example, the data memory 34 may be a flash ROM, a semiconductor device memory such as an SSD (Solid State Drive), or a storage device such as an HDD (Hard Disc Drive).

The data memory 34 stores programs, operation setting information, and the like. The data memory 34 of the terminal 3A stores a program for operating as a setting terminal for setting disclosure data to be disclosed to the IC card 2 without authentication. The data memory 34 of the terminal 3A stores a program (data disclosure setting program) for executing information disclosure setting processing for the IC card 2, which will be described later.

In addition, the data memory 34 of the terminal 3B stores a program for operating as a disclosure terminal for disclosing disclosure information set in the IC card 2 . That is, the terminal 3B stores a program for executing a process of disclosing information set in advance to be disclosed in the IC card 2, which will be described later.

The NW communication unit 35 is a communication interface for communicating with external devices. The NW communication unit 35 communicates with external devices via a network. The NW communication unit 35 may perform wireless communication, or may perform wired communication.

The card reader/writer 36 has a function of communicating with the IC card 2 . The card reader/writer 36 performs power supply, clock supply, reset control, and data transmission/reception to/from the IC card 2 . After activating (activating) the IC card 2, the card reader/writer 36 transmits various commands and receives responses to the transmitted commands under the control of the processor 31. FIG. Note that the terminal 3 may be configured to include an interface for connecting to a card reader/writer as an external device.

The card reader/writer 36 has a configuration corresponding to the communication system that the IC card 2 has. For example, when the IC card 2 is implemented as a contactless IC card, the card reader/writer 36 communicates with the IC card 2 in a contactless (wireless) manner using a communication protocol conforming to the communication system of the contactless IC card. connect. When the IC card 2 is realized as a contact type IC card, the card reader/writer 36 has a contact portion that is in physical and electrical contact with the contact portion (interface) of the IC card 2. Send and receive data via

The display unit 37 is a display device such as a liquid crystal panel. The input unit 38 is an operation device for inputting operation instructions to the terminal 3 . The input unit 38 includes, for example, a touch panel. The display unit 37 and the input unit 38 may be configured by a display device with a touch panel (hereinafter referred to as a touch screen). Further, the input unit 38 may include an operation key configured by a button switch, a touch sensor that detects touch by an operator's finger based on a change in capacitance, or the like.

Next, a first operation example for displaying data set for disclosure by the IC card 2 in the data disclosure system 1 according to the present embodiment on a terminal of another person will be described.
The first operation example realizes a process of displaying the data in the IC card 2 specified by the user only once on the disclosure terminal 3B, which is a terminal of another person, without authentication processing using a password or the like.

A first operation example includes a disclosure setting process of setting disclosure so that the data (disclosure data) specified by the user using the terminal 3A is disclosed to the terminal of another person only once without authentication by the IC card 2; Disclosure processing is included in which the terminal 3B discloses the disclosure data for which the IC card 2 is set to be disclosed to the terminal 3B as a terminal of another party only once.

FIG. 4 is a sequence for explaining disclosure setting processing in the first operation example by the data disclosure system 1 according to the embodiment.
The holder (user) of the IC card 2 uses the terminal 3A operated by himself/herself to disclose specific data stored in the IC card 2 to another terminal only once without authentication by a password or the like. Disclosure setting processing for setting disclosure data to be disclosed to a terminal of another person is executed for the IC card 2 .

First, the user presents the IC card 2 that the user owns to the card reader/writer 36 of the terminal 3A. The processor 31 of the terminal 3A establishes communication connection with the IC card 2 presented to the card reader/writer 36 (ST11). When the connection with the IC card 2 is established, the processor 31 supplies commands to the IC card 2 according to the user's operation on the input unit 38 to cause the IC card 2 to execute various processes.

When the connection between the terminal 3A and the IC card 2 is established, the user uses the input unit 38 of the terminal 3A to instruct disclosure setting to disclose the data in the IC card 2 only once without authentication. When the user instructs the data disclosure setting of the IC card 2 through the input unit 38, the processor 31 executes the disclosure setting processing program (data disclosure setting program) stored in the data memory 34 to set the disclosure setting. Execute the process. When executing disclosure setting processing, processor 31 transmits a disclosure data setting command requesting disclosure data setting to IC card 2 (ST12).

After the IC card 2 is connected to the card reader/writer 36 of the terminal 3A via the communication interface 25, it waits for a command input from the terminal 3A. Here, after connecting to the card reader/writer 36 of the terminal 3A, the IC card 2 receives the disclosed data setting command from the terminal 3A through the communication interface 25. FIG.

When the disclosure data setting command is received, processor 21 of IC card 2 requests terminal 3A for a password as authentication information in order to confirm whether the user is a person authorized to set data disclosure (ST13). ).

The terminal 3A receives the password input request from the IC card 2 by the card reader/writer 36. FIG. When receiving the password input request from the IC card 2, the processor 31 of the terminal 3A accepts the input of the password as the authentication information requested from the IC card 2 (ST14).

For example, the processor 31 displays on the display unit 37 a prompt for inputting a password already set in the IC card 2 and accepts input of a password from the user on the input unit 38 . When the password instructed by the user is entered, the processor 31 transmits the entered password to the IC card 2 through the card reader/writer 36 (ST15).

IC card 2 receives the password from terminal 3A through communication interface 25 . The processor 21 of the IC card 2 collates the password acquired from the terminal 3A with the password stored in the secure storage area of the NVM 24 .

When the password from the terminal 3A matches the password registered in the NVM 24, the processor 21 obtains a list of data (disclosable data) that can be disclosed (displayed) on the terminal among the data stored in the NVM 24. to generate

For example, the processor 21 uses data to be written on a certificate such as a driver's license or a health insurance card as data that can be disclosed. Information such as address, name, date of birth, facial image, license number, and information on the type of vehicle that can be driven is written on the face of the existing driver's license. Therefore, if the IC card 2 is used as a driver's license, the processor 21 of the IC card 2 stores information such as address, name, date of birth, facial image, license number, and information on the type of vehicle that can be driven. Information such as address, name, date of birth, insurance card number, type of insurance, etc. is written on the surface of the existing health insurance card. Therefore, if the IC card 2 is used as a health insurance card, the processor 21 of the IC card 2 treats information such as address, name, date of birth, insurance card number, type of insurance as disclosing data. do.

On the other hand, authentication information such as a password held by the IC card 2, or key information for security processing or the like is not disclosed, so it is possible to operate such that it is not included in the data that can be disclosed.

Also, if the IC card 2 is an authentication medium having multiple functions (for example, a driver's license and a health insurance card), the processor 21 may generate multiple lists of data that can be disclosed for each function. , a list of data that can be disclosed in a function specified by the user may be generated.

When the IC card 2 generates a list of data that can be disclosed that can be set to be disclosed, the processor 21 transmits the generated list of data that can be disclosed to the terminal 3A through the communication interface 25 (ST16).

The terminal 3A receives the list of data that can be disclosed from the IC card 2 by the card reader/writer 36. FIG. Upon receiving the list of disclosing data, processor 31 of terminal 3A accepts selection of data to be set to be disclosed from the received list of disclosing data (ST17). For example, the processor 31 displays a list of the disclosing data received from the IC card 2 on the display unit 37, and selects data specified by the user using the input unit 38 from the displayed disclosing data as disclosure data to be disclosed. do.

Further, the processor 31 may designate (select) each genre of data that can be disclosed (for example, age confirmation, personal confirmation by face image, etc.). For example, the processor 31 may select the date of birth and face image as disclosure data when the user designates age confirmation using the input unit 38 . Further, when the user designates a qualification (certificate) name using the input unit 30, the processor 31 may select information on the designated qualification as disclosure data. As a specific example, the processor 31 selects a name, a face image, a type of vehicle that can be driven, and an expiration date as disclosure data when a driver's license is specified, or selects a name and an insurance policy when health insurance is specified. A certificate number (symbol) and an insurer number may be selected as disclosure data.

When the user selects the data (disclosure data) for which the disclosure setting is specified by the user, the processor 31 of the terminal 3A transmits information indicating the disclosure data to be disclosed to the IC card 2 through the card reader/writer 36 ( ST18).

The IC card 2 receives information from the terminal 3A through the communication interface 25 indicating disclosure data that can be disclosed at the terminal 3B without password authentication. When the processor 21 of the IC card 2 receives the information indicating the disclosure data selected by the terminal 3A, the disclosure data stored in the NVM 24 is stored in the disclosure data (dedicated) storage area 24a for storing the disclosure data provided in the NVM 24. Copy (ST19). After storing the disclosure data in the disclosure storage area 24a, the processor 21 transmits to the terminal 3A a notification indicating that the disclosure setting for the disclosure data has been completed (ST20).

The terminal 3A receives the disclosure data setting completion notification from the IC card 2 by the card reader/writer 36 . Upon receiving the disclosure data setting completion notification, the processor 31 of the terminal 3A notifies that the disclosure setting has been completed so that the data specified by the user can be disclosed on the other terminal 3B (ST17). For example, the processor 31 displays on the display unit 37 information indicating the data set as the disclosure data and that the data has been set to be disclosed to the other terminal 3B without authentication.

By the disclosure setting process of the first operation example as described above, the IC card 2 is set so that the data selected by the terminal 3A can be disclosed by the other terminal 3B without authentication. By presenting the IC card 2 to another terminal 3B, the user can disclose the disclosed data to the terminal 3B without authentication using a password or the like.

Next, as a first operation example of the data disclosure system 1 according to the embodiment, disclosure processing for disclosing disclosure data set by the IC card 2 to the terminal 3B will be described.
FIG. 5 is a sequence for explaining disclosure processing in which the IC card 2 discloses disclosure data to the terminal 3B as a first operation example in the data disclosure system 1 according to the embodiment.
The user presents to the terminal 3B of the other person the IC card 2 on which the disclosure data disclosure setting has been performed by the disclosure setting process described above. The processor 31 of the terminal 3A establishes communication connection with the IC card 2 presented to the card reader/writer 36 (ST31).

When the connection between the terminal 3B and the IC card 2 is established, the processor 31 of the terminal 3A authenticates the IC card 2 through communication with a verification server for verifying the validity of the IC card 2 and mutual authentication with the IC card 2. The validity of the IC card 2 is verified by confirming that the IC card 2 is not illegally created by forgery or duplication (ST32).

When the processor 31 of the terminal 3A confirms the legitimacy of the IC card 2 connected to the card reader/writer 36, it transmits to the IC card 2 a disclosure data acquisition command requesting disclosure data from the IC card 2 (ST33).
Instead of the disclosure data acquisition command, the processor 31 may supply the IC card 2 with a data acquisition command designating to refer to the disclosure storage area 24a without authentication.

The IC card 2 receives the disclosed data acquisition command from the terminal 3B through the communication interface 25. FIG. When the processor 21 of the IC card 2 receives the disclosure data acquisition command from the terminal 3B, it writes the disclosure data stored in the disclosure (dedicated) storage area 24a to the RAM 23 (ST34). For example, the processor 21 forms response data to the disclosure data acquisition command in the RAM 23 and sets the disclosure data in the response data.

After writing the disclosure data to the RAM 23, the processor 21 clears the data in the disclosure (dedicated) storage area 24a (ST35). After clearing the disclosure storage area 24a, the processor 21 transmits the response data including the disclosure data stored in the RAM 23 to the terminal 3A (ST36). As a result, the disclosure storage area 24a of the IC card 2 is cleared, and the setting as disclosure data is cleared.

Terminal 3B receives data including disclosure data from IC card 2 by card reader/writer 36 . Upon receiving the disclosed data from the IC card 2, the processor 31 of the terminal 3B displays the received disclosed data on the display section 37 (ST37). As a result, the disclosure data set in the IC card 2 can be disclosed so that others can check it using the terminal 3B without authentication using a password or the like.

The disclosure data stored in the disclosure storage area 24a may be cleared when it continues for a predetermined period of time without being read. As a result, the IC card 2 can invalidate (cannot be disclosed) the disclosed data after a predetermined period of time has elapsed since the data was set to be disclosed by storing the data in the disclosure storage area 24a.

According to the first operation example as described above, the user presets disclosure data to be disclosed only once without authentication processing such as a password in the IC card possessed by the user. Disclosure data set in the IC card can be displayed without performing authentication processing or the like.

Next, in the data disclosure system 1 according to the present embodiment, a second operation example will be described in which the data set to be disclosed in the IC card 2 is displayed on another person's terminal without authentication.
The second operation example realizes the process of displaying the data in the IC card 2 specified by the user on the terminal for disclosure (other person's terminal) 3B for the number of times specified by the user without authentication by a password or the like. be. In the second operation example, disclosure setting processing is performed to set data (disclosure data) specified by the user using the terminal 3A to be disclosed by the IC card 2 without authentication for the number of times specified by the user; 2, a disclosure process for disclosing the disclosure data set for disclosure up to the set number of times without authentication.

FIG. 6 is a sequence for explaining disclosure setting processing in the second operation example by the data disclosure system 1 according to the embodiment.
When the possessor (user) of the IC card 2 discloses specific information recorded in the IC card 2 to the terminal 3B of another person for the specified number of times, the owner (user) of the IC card 2 uses the terminal 3A operated by himself/herself to access the IC card 2. Execute data disclosure setting processing. The user presents his/her IC card 2 to the card reader/writer 36 of the terminal 3A.

The processor 31 of the terminal 3A establishes communication connection with the IC card 2 presented to the card reader/writer 36 (ST51). When the connection with the IC card 2 is established, the processor 31 accepts a user's operation and causes the IC card 2 to execute various processes according to the user's operation. Here, the user uses the input unit 38 to instruct the setting to disclose the data of the IC card 2 while the connection with the IC card 2 is established.

When the user instructs the data disclosure setting of the IC card 2, the processor 31 executes the disclosure setting processing program stored in the data memory 34 to perform the disclosure setting processing. When executing disclosure setting processing, processor 31 transmits a disclosure data setting command requesting disclosure data setting to IC card 2 (ST52).

After the IC card 2 is connected to the card reader/writer 36 of the terminal 3A via the communication interface 25, it waits for a command input from the terminal 3A. Here, after being connected to the card reader/writer 36 of the terminal 3A, the IC card 2 receives the disclosed data setting command from the terminal 3A through the communication interface 25. FIG.

When the disclosure data setting command is received, the processor 21 of the IC card 2 requests the terminal 3A for a password as authentication information in order to confirm whether the user is a person who has the authority to set data disclosure (ST53). ).

The terminal 3A receives the password input request from the IC card 2 by the card reader/writer 36. FIG. When receiving the password input request from the IC card 2, the processor 31 of the terminal 3A accepts the password input as the authentication information requested from the IC card 2 (ST54). When the user enters a password, the processor 31 transmits the entered password to the IC card 2 through the card reader/writer 36 (ST55).

IC card 2 receives the password from terminal 3A through communication interface 25 . The processor 21 of the IC card 2 collates the password acquired from the terminal 3A with the password stored in the secure storage area of the NVM 24 .

When the password from the terminal 3A and the password registered in the NVM 24 match (user authentication is successful), the processor 21 is set to disclose (display) the data stored in the NVM 24 to another person's terminal. Generate a list of data that can be disclosed (discloseable data).

As a first operation example, as described above, the processor 21 treats data to be written on the face of a certificate as disclosing data, and data such as authentication information and security setting information as disclosing data. do not.

Also, in the second operation example, the processor 21 specifies the upper limit of the number of times of disclosure for the data that can be disclosed. The upper limit of the number of times of disclosure may be set for each data, or may be set for each type of data.

When the IC card 2 generates a list of data that can be disclosed that can be set to be disclosed, the processor 21 transmits the generated list of data that can be disclosed and the upper limit of the number of times of disclosure to the terminal 3A through the communication interface 25 (ST56). .

The terminal 3A receives the list of data that can be disclosed and the upper limit of the number of times of disclosure from the IC card 2 by the card reader/writer 36 . Upon receiving the list of data that can be disclosed and the upper limit of the number of times of disclosure, the processor 31 of terminal 3A accepts the selection of data to be disclosed from the received list of data that can be disclosed and the designation of the number of times of disclosure that is equal to or less than the upper limit. (ST57). For example, the processor 31 displays on the display unit 37 a list of the data that can be disclosed and the upper limit of the number of times of disclosure received from the IC card 2, and the user uses the input unit 38 to set disclosure based on the displayed data that can be disclosed. Specify the data and the number of disclosures below the upper limit.

Here, the processor 31 may allow the user to specify (select) disclosure data and the number of times of disclosure for each genre (for example, age verification, personal verification by face image, etc.). For example, when the user uses the input unit 38 to specify the age confirmation and the number of times of disclosure, the processor 31 may specify the number of times of disclosure for the date of birth and face image as disclosure data. In addition, when the user designates a qualification (certificate) name and the number of times of disclosure using the input unit 30, the processor 31 treats the information about the designated qualification as disclosure data and designates the number of times of disclosure in the disclosure data. You can do it.

When the disclosure data and the number of times of disclosure are specified, the processor 31 of the terminal 3A transmits information indicating the disclosure data to be set for disclosure and the number of times of disclosure to the IC card 2 through the card reader/writer 36 (ST58).

IC card 2 receives information indicating disclosure data and the number of times of disclosure from terminal 3A to terminal 3B through communication interface 25 . When the processor 21 of the IC card 2 receives the disclosure data selected by the terminal 3A and the number of times of disclosure, the disclosure data stored in the NVM 24 is stored in the NVM 24. (ST59).

When the disclosure data is stored in the disclosure storage area 24a, the processor 21 sets the number of times of disclosure for the disclosure data written in the storage area 24a (ST60). For example, the processor 21 stores the number of times of disclosure associated with each disclosure data in the storage area 24a. When the setting of the disclosure data and the number of times of disclosure is completed, the processor 21 transmits a notification indicating that the disclosure setting is completed to the terminal 3A (ST61).

The terminal 3A receives the disclosure data setting completion notification from the IC card 2 by the card reader/writer 36 . Upon receiving the disclosure data setting completion notification, the processor 31 of the terminal 3A notifies the IC card 2 that the disclosure setting for disclosing the disclosure data specified by the user at the other terminal 3B for the specified number of times of disclosure has been completed. Notify (ST62). For example, the processor 31 guides and displays on the display unit 37 that the IC card 2 is set to a state in which the disclosure data specified by the user is disclosed to other terminals without user authentication by a password for the number of disclosure times specified by the user.

Through the disclosure setting process of the second operation example as described above, the IC card 2 is set so that the disclosure data selected by the terminal 3A can be disclosed by the other terminal 3B a specified number of times without authentication. Accordingly, by presenting the IC card 2 to another terminal 3B, the user can disclose the specified disclosure data to the terminal 3B for the specified number of times without authentication using a password or the like.

Next, as a second operation example of the data disclosure system 1 according to the present embodiment, a disclosure process will be described in which disclosure data set in the IC card 2 is disclosed to the terminal 3B by the number of times of disclosure.
FIG. 7 is a sequence for explaining disclosure processing in which the IC card 2 discloses disclosure data to the terminal 3B as a second operation example in the data disclosure system 1 according to this embodiment.
The user presents to the other person's terminal 3B the IC card 2 in which the disclosure data and the number of times of disclosure are set by the disclosure setting process of the second operation example described above. The processor 31 of the terminal 3A establishes communication connection with the IC card 2 presented to the card reader/writer 36 (ST71).

When the connection between the terminal 3B and the IC card 2 is established, the processor 31 of the terminal 3A authenticates the IC card 2 through communication with a verification server for verifying the validity of the IC card 2 and mutual authentication with the IC card 2. The validity of the IC card 2 is verified by confirming that it is not illegally created by forgery or duplication (ST72).

After confirming the validity of the IC card 2 connected to the card reader/writer 36, the processor 31 of the terminal 3A transmits to the IC card 2 a disclosure data acquisition command requesting disclosure data (ST73).

The IC card 2 receives the disclosed data acquisition command from the terminal 3B through the communication interface 25. FIG. When the processor 21 of the IC card 2 receives the disclosure data acquisition command from the terminal 3B, it decrements (-1) the number of times of disclosure set for the disclosure data (ST74). Note that when the number of times of disclosure is set to a specific value, the processor 21 may set the number of times of disclosure of the disclosure data to unlimited and omit the decrementing of the number of times of disclosure.

When the disclosure count is decremented, the processor 21 writes to the RAM 23 the disclosure data stored in the disclosure storage area 24a with the disclosure count decremented (ST75). For example, the processor 21 forms response data to the disclosure data acquisition command in the RAM 23 and sets the disclosure data in the response data.

After writing the disclosure data to the RAM 23, the processor 21 determines whether or not the disclosure count of the disclosure data written to the RAM 23 is 0 (ST76). If the disclosure data disclosure count is not 0 (ST76, NO), the processor 21 transmits response data including the disclosure data stored in the RAM 23 to the terminal 3A (ST78). As a result, in the IC card 2, disclosure data that has not reached the number of times of disclosure specified by the user is held in the disclosure storage area 24a, and can be disclosed again.

When determining that the number of times of disclosure of the disclosure data has reached 0 (ST76, NO), the processor 21 deletes (clears) the disclosure data in the storage area 24a for disclosure (ST77). After deleting the disclosure data in the disclosure storage area 24a, the processor 21 transmits response data including the disclosure data stored in the RAM 23 to the terminal 3A (ST78). As a result, in the IC card 2, the disclosure data whose number of times of disclosure has reached the set number of times of disclosure is deleted from the storage area 24a for disclosure.

Terminal 3B receives data including disclosure data from IC card 2 by card reader/writer 36 . When processor 31 of terminal 3B receives the disclosed data from IC card 2, processor 31 displays the received disclosed data on display unit 37 (ST79). As a result, the disclosure data set in the IC card 2 can be displayed by the terminal 3B without authentication by a password or the like until the number of times of actual disclosure reaches the set number of disclosures.

According to the second operation example as described above, the user can preset disclosure data to be disclosed a specified number of times without authentication processing such as a password in the IC card that the user owns. By simply presenting an IC card that has been set to disclosure data and the number of times of disclosure to a terminal of another person, the user can transmit the disclosed data set in the IC card to the terminal of the other person without performing authentication processing by the user. can be displayed.

As described above, the IC card as a portable electronic device according to the embodiment connects to a terminal operated by a user, executes user authentication based on authentication information such as a password entered at the terminal operated by the user, and authenticates the user. Disclosure data specified by a successfully authenticated user is set to be disclosed to other terminals without authentication processing such as a password. In addition, the terminal operated by the user supplies disclosure data setting comments to the IC card connected via the card reader/writer, and completes user authentication using authentication information such as a password. be set.

As a result, on a terminal of another person connected to an IC card for which disclosure has been set by the data disclosure system, disclosure data in the IC card set in advance by the user can be immediately displayed without authentication processing using a password or the like. As a result, it is possible to quickly and efficiently carry out work that requires reference to specific data in the IC card possessed by the user. In addition, since it is not necessary to input authentication information such as a password to a terminal of another person, it is possible to prevent fraud such as interception of authentication information by a terminal of another person.

In addition, the IC card may be configured to set disclosure data designated by the user on a terminal operated by the user and the number of disclosures of the disclosure data. In this case, the IC card can disclose the disclosed data on the terminal of another person without user authentication until the number of times of disclosure specified by the user in advance is reached.

Each function described in the above embodiments can be implemented not only by using hardware, but also by using software to read a program describing each function into a computer. Also, each function may be configured by selecting either software or hardware as appropriate.

While several embodiments of the invention have been described, these embodiments have been presented by way of example and are not intended to limit the scope of the invention. These novel embodiments can be implemented in various other forms, and various omissions, replacements, and modifications can be made without departing from the scope of the invention. These embodiments and their modifications are included in the scope and gist of the invention, and are included in the scope of the invention described in the claims and equivalents thereof.

1... Data disclosure system 2... IC card (portable electronic device) 3 (3A, 3B)... Terminal 21... Processor 24... NVM 24a... Storage area (memory for disclosure) 25... Communication interface 31... Processor, 34... Data memory, 35... NW communication unit, 36... Card reader/writer, 37... Display unit, 38... Input unit.

Claims (10)

a storage unit that stores data;
a communication interface for communication connection with a terminal;
After successful user authentication based on authentication information input at the first terminal connected to the communication interface, data specified for disclosure at the first terminal is set as disclosure data to be disclosed to another terminal without user authentication. a processor configured to transmit the disclosure data to a second terminal different from the first terminal connected to the communication interface;
A portable electronic device having The processor transmits to the first terminal a list of data that can be disclosed among the data stored in the storage unit after the user authentication is successful, and the data that can be disclosed is displayed on the first terminal. setting the data selected from the list as the disclosed data;
A portable electronic device according to claim 1 . When the disclosed data is disclosed to the second terminal, the processor clears the setting as the disclosed data.
A portable electronic device according to claim 1 . The processor further sets the number of times of disclosure specified by the first terminal, and clears the setting as the disclosure data when the number of times of disclosure of the disclosure data reaches the number of times of disclosure.
A portable electronic device according to claim 1 . The processor transmits, to the first terminal, an upper limit of the number of times of disclosure that can be set for the disclosure data when the user authentication is successful, and set the number of disclosures,
5. Portable electronic device according to claim 4. Furthermore, having a disclosure memory for storing the disclosure data,
The processor stores data designated to be disclosed in the disclosure memory when setting the disclosure data, and deletes the disclosure data from the disclosure memory when clearing the setting as the disclosure data. do,
A portable electronic device according to any one of the preceding claims 3-5. a storage unit that stores data, a communication interface that communicates and connects with a terminal, and disclosure is designated by the first terminal after successful user authentication based on authentication information input by the first terminal connected to the communication interface. a processor that sets the obtained data as disclosure data to be disclosed to another terminal without user authentication, and transmits the disclosure data to a second terminal that is different from the first terminal connected to the communication interface. a control module;
a main body that stores the control module;
IC card you have. An information processing device having an interface that connects to a portable electronic device,
sending a command to the portable electronic device connected to the interface, requesting setting of disclosed data to be disclosed to another terminal without user authentication;
prompting for authentication information requested from the portable electronic device;
allowing the portable electronic device to select data to be set as disclosed data when authentication in the portable electronic device based on the authentication information is successful;
transmitting to the portable electronic device to set the selected data as disclosure data;
A program for data disclosure settings that runs In the information processing device,
receiving a list of disclosing data from the portable electronic device;
selecting data to be set as disclosure data from the list of data that can be disclosed;
A program for setting data disclosure according to claim 8. In the information processing device,
Designating the number of disclosure times to disclose the disclosure data;
transmitting to the portable electronic device setting the disclosure count;
A program for setting data disclosure according to claim 8 or 9.

Images