JP2024008654A - Program, information processing apparatus, and information processing method - Google Patents

Abstract

To provide a technique for reducing a construction load of a system that has a mechanism for performing confirmation regarding a user.SOLUTION: A program causes a computer to execute an information processing method that comprises: receiving, via a communication unit, authentication information of a user input via a terminal apparatus in order to request for provision of a first service by a first service provider to the user; and transmitting a confirmation result regarding the user based on a comparison result between attribute information of the user indicated by the authentication information and attribute information of the user stored in a first server apparatus for use of a second service provided by a second service provider, to a second server apparatus that provides an interface for use of the first service via the communication unit.SELECTED DRAWING: Figure 1

Description

The present invention relates to a program, an information processing device, and an information processing method.

During a transaction or provision of a service, some verification about the user may be performed, such as whether the user is who he says he is, his trustworthiness, etc. Patent Document 1 discloses a technology for verifying a user by checking fingerprints, voice, etc. in electronic commerce.

Japanese Patent Application Publication No. 2001-043276

Building a system for confirming users for each system used for transactions or service provision requires a high system construction load.

An object of the present invention is to provide a technique for reducing the construction load of a system having a mechanism for confirming users.

The program according to one embodiment causes the computer to receive the user's authentication information, which is input via the terminal device in order to request the user to provide the first service by the first business operator, through the communication unit. and a comparison result between the user's attribute information indicated by the authentication information and the user's attribute information stored in the first server device for use of the second service provided by the second business operator. transmitting, via the communication unit, a result of confirmation regarding the user based on the information processing method to a second server device that provides an interface for using the first service.

An information processing device according to an embodiment includes a control unit and a communication unit, and the control unit receives an input via a terminal device for requesting a first service provider to provide a first service to a user. Receiving authentication information of the user via the communication unit, and storing attribute information of the user indicated by the authentication information in a first server device for use of a second service provided by a second provider. transmitting a result of confirmation regarding the user based on a result of comparison with the attribute information of the user, to a second server device that provides an interface for use of the first service, via the communication unit; Execute.

An information processing method according to an embodiment includes receiving, via a communication unit, authentication information of the user input via a terminal device in order to request provision of a first service by a first business operator to the user. and based on the comparison result between the user's attribute information indicated by the authentication information and the user's attribute information stored in the first server device for use of the second service provided by the second business operator. The method further includes transmitting a result of confirmation regarding the user to a second server device that provides an interface for using the first service via the communication unit.

According to the present invention, it is possible to provide a technique for reducing the construction load of a system having a mechanism for confirming users.

FIG. 1 is a conceptual diagram illustrating an overview of an exemplary system in one embodiment. FIG. 1 is a conceptual diagram illustrating an overview of an exemplary system in one embodiment. FIG. 1 is a conceptual diagram illustrating an overview of an exemplary system in one embodiment. FIG. 1 is a conceptual diagram illustrating an overview of an exemplary system in one embodiment. FIG. 1 is a conceptual diagram showing an example of a system configuration in an embodiment. FIG. 2 is a block diagram schematically showing an example of a functional configuration of a server device in an embodiment. FIG. 2 is a sequence diagram for explaining an overview of exemplary processing by the system in one embodiment. FIG. 2 is a block diagram schematically showing an example of a functional configuration of a control unit in an embodiment. FIG. 2 is a sequence diagram illustrating an example of the hardware configuration of a computer in an embodiment.

A system according to an embodiment of the present invention will be described in detail with reference to the drawings. However, the embodiments described below are merely examples, and there is no intention to exclude the application of various modifications and techniques not specified below. That is, the present invention can be implemented by various modifications or combinations of the embodiments without departing from the spirit thereof. In addition, in the description of the drawings below, the same or similar parts are denoted by the same or similar symbols.

[System overview]
With reference to FIG. 1, an overview and usage example of an exemplary system according to this embodiment will be described. System 1 has an interface function (service interface function) for using services provided by other systems (in the example of FIG. 1, open banking services provided by a banking system) and user attribute information stored in other systems. It has a function (circumscribed trust function) to confirm the user who used the service. Verification regarding the user may include, for example, verification that the user is who he claims to be or is trustworthy. In this embodiment, confirmation regarding the user is also referred to as user confirmation.

The open banking service is a service that allows operations such as reference to bank account information and transfer of funds in a bank account via an API (Application Programming Interface). The external trust function uses user attribute information registered in the banking system to enable user verification.

The service interface function and external trust function of the system 1 function as follows, for example. First, a user who wishes to transfer funds in a bank account must authenticate by entering a user ID and password through the system of a customer front provider that is a payment service provider or a funds transfer service provider. Thereafter, an instruction to transfer funds to the account (account instruction) is given (S11). The service interface function of the system 1 receives the account instruction via the customer front provider's system (S12), and sends a user confirmation request to the external trust function (S13). In response to receiving the user confirmation request, the external trust function of the system 1 presents the user with a user interface that accepts authentication information for user confirmation, and receives the authentication information from the user (S14). The external trust function of System 1 uses the attribute information indicated by the authentication information received from the user (or the attribute information acquired from the database of System 1 based on the authentication information) and the user attribute information stored in the bank system. (S15). The circumscribed trust function performs user verification through this verification. The result of the user confirmation may be stored in the database of the system 1 as a confirmation history. The circumscribed trust function sends the user confirmation result to the service interface function (S16). The user confirmation result may be transmitted in the form of an electronic certificate (or an electronic signature; the same applies to the following description). In response to receiving the result indicating that the user verification was successful in S16, the service interface function sends an instruction corresponding to the account instruction received in S12 to the banking system (S17), thereby confirming that the account instruction is Runs in the banking system.

As described above, according to the system 1 according to the present embodiment, even if the banking system itself does not have a user confirmation function, the banking system can perform user confirmation in order to provide open banking services to users. It is possible. That is, by using the already constructed system 1, the bank can perform user verification while reducing the burden of constructing a system having the user verification mechanism.

In FIG. 1, an account instruction is sent from the customer front provider to the service interface function (S12), and a user confirmation request is sent from the service interface function to the external trust function, but the flow is not limited to this. For example, before an account instruction is sent from the customer front provider to the service interface function, a user confirmation request may be sent from the customer front provider to the external trust function.

With reference to FIG. 1, an example has been described in which the system 1 cooperates with a banking system to provide an interface function for using open banking services. The system may be linked with a system of a business operator or another financial institution (financial business operator) including a funds transfer business operator, and may provide an interface function for use of other financial transaction services.

An example in which the system 1 according to the present embodiment provides an interface function for using services other than financial services such as open banking service will be described with reference to FIGS. 2 to 4.

Similar to the example shown in FIG. 1, the system 1 shown in FIG. 2 has a service interface function and a circumscribed trust function. The service interface function functions as an interface for executing processing for establishing some kind of contract with a user by the system (that is, processing for a contract service). The establishment of the contract may be, for example, the establishment of a credit card subscription contract between the user and the credit card operator, or the establishment of a gym membership contract between the user and the gym operator. There may be.

In the example shown in FIG. 2, a user who wishes to establish a contract with a certain business operator first performs user authentication via the customer front provider's system, and then requests a contract application ( S21). The service interface function of the system 1 receives the contract application via the customer front provider's system (S22), and transmits a user confirmation request to the external trust function (S13). Thereafter, similarly to the example described with reference to FIG. 1, the circumscribed trust function performs the processes of receiving authentication information (S14), verifying attributes (S15), and transmitting confirmation results (S16). In response to receiving the result indicating that the user confirmation was successful in S16, the service interface function executes processing for establishing a contract corresponding to the contract application received in S22 (S27). The process for establishing a contract may include a process of signing a contract or a process of registering a contract applicant as a contractee in a database.

According to the example shown in FIG. 2, a business operator (for example, a credit card business or a sports gym business) uses user attribute information registered in another business's system, such as a banking system, to perform notarization. It is possible to perform the user confirmation while ensuring security and auditability.

The system 1 shown in FIG. 3 has a service interface function and a circumscribed trust function similarly to the example shown in FIG. The service interface function is a process for a digital data provider (a business providing digital data) to transfer or set rights (e.g., ownership) regarding digital data to a certain user (i.e., a rights management service). functions as an interface for executing (processing). The digital data may be, for example, video content or music content.

In the example shown in Figure 3, a user who wishes to acquire ownership of digital data provided by a digital data provider first performs user authentication via the digital data provider's system, and then requests rights registration. (S31). The service interface function of the system 1 receives the request for right registration via the customer front provider's system (S32), and transmits a user confirmation request to the circumscribed trust function (S13). Thereafter, similarly to the example described with reference to FIG. 1, the circumscribed trust function performs the processes of receiving authentication information (S14), verifying attributes (S15), and transmitting confirmation results (S16). In addition, in the example shown in FIG. 3, in S14, in addition to receiving authentication information for user confirmation of a user who desires to acquire ownership of digital data, the circumscribed trust function determines that the digital data provider is the user. For user confirmation, authentication information is received from the digital data provider via the terminal device. In S15, the circumscribed trust function compares the attribute information of the digital data provider indicated by the authentication information with the corresponding attribute information received from the bank system. The external trust function verifies the user of the digital data provider through the verification. The external trust function sends the results of the two user verifications to the service interface function. In response to receiving the result indicating that the above two user confirmations were successful in S16, the service interface function sets and registers the ownership of the digital data corresponding to the right registration request received in S32 to the corresponding user. The process for doing so is executed (S37). Note that the digital data provider and the business entity that manages the transfer of ownership of digital data or the registration of settings (digital data rights management business entity) may be the same or different.

According to the example shown in FIG. 3, a digital data provider or a digital data rights management business uses user attribute information registered in another business's system, such as a banking system, to improve notarization and auditability. It is possible to confirm the user while ensuring security. That is, according to this embodiment, user verification, transfer of rights regarding digital data, registration of settings, etc. can be performed using a simple mechanism without using technology such as blockchain technology or NFT (Non-Fungible Token). It is possible to perform the following processing.

The system 1 shown in FIG. 4 has a service interface function and a circumscribed trust function similarly to the example shown in FIG. The service interface function functions as an interface for executing processing for recording transaction history between a plurality of parties including individuals or businesses (that is, transaction history service processing). The above-mentioned transactions include, for example, transactions of objects for which traceability is required. The object for which traceability is required may be, for example, an electric vehicle battery (EV battery). The service interface function is provided, for example, by an organization that provides traceability services. The customer front provider is, for example, an institution that provides traceability services, but it may also be another institution or business operator.

In the example shown in Figure 4, first, a business such as an automobile factory, an automobile supplies store, a car dealer, or a used car sales shop that installs, collects, and repairs EV batteries, which are objects for which traceability is required. It is assumed that (user) performs user authentication via the system of the business operator, and then requests registration of information regarding collection (transfer) of EV batteries (S41). The service interface function of the system 1 receives a request for information registration of the transfer via the customer front provider's system (S42), and sends a request for operator (user) confirmation to the external trust function ( S13). Thereafter, similarly to the example described with reference to FIG. 1, the circumscribed trust function performs the processes of receiving authentication information (S14), verifying attributes (S15), and transmitting confirmation results (S16). In response to receiving the result indicating that the user confirmation was successful in S16, the service interface function executes processing for registering information on EV battery transfer corresponding to the request for registering information on transfer received in S42. (S47). The process for registering transfer information includes, for example, storing information indicating that the ownership of the EV battery has been transferred from the user to the auto parts store in a system that tracks the ownership of the EV battery.

A system for tracking ownership of EV batteries may store and manage information regarding purchase, installation, trade-in, resale, disposal, or repair of EV batteries. In addition, the above-mentioned EV battery car factories, auto parts stores, or used car dealers are businesses that participate in the tracking activities by the EV battery ownership tracking system, and other businesses are not included. You can. Users of the system 1 may include end users of EV batteries in addition to business operators such as automobile factories, automobile parts stores, car dealers, and used car dealers.

According to the example shown in Figure 4, a person who participates in an activity to track an object or an institution that operates the activity uses attribute information of users registered in another business's system, such as a banking system. This makes it possible to confirm the user while ensuring notarization and auditability. That is, according to the present embodiment, user confirmation or object traceability can be realized using a simple mechanism without using blockchain technology or technology such as NFT (Non-Fungible Token).

[System configuration]
An example of the configuration of the system 1 in this embodiment will be described with reference to FIG. 5. The system 1 includes a server device 10 (10a, 10b) and a terminal device 20. The devices are configured to be able to communicate with each other via the network N.

The server device 10 is an information processing device such as a server computer. The server device 10 may be configured by one information processing device (or computer; the same applies hereinafter), or may be configured by multiple information processing devices using cloud computing technology, distributed computing technology, etc. good.

The terminal device 20 is configured by an information processing device such as a personal computer, a mobile device, or a dedicated terminal. The terminal device 20 may be configured to be able to communicate with the server device 10 configured using cloud computing technology.

The network N is composed of a wireless network and a wired network. The network N includes, for example, any network such as the Internet, a mobile communication network, or a LAN (Local Area Network).

System 1 communicates with external systems or devices and performs processing. For example, system 1 may communicate with and process a bank system 2 or customer front provider's server device 3 (customer front provider's system), but this is the external system or device with which system 1 communicates. but not limited to.

In the example shown in FIG. 5, the system 1 includes two server devices 10 and one terminal device 20, but the number of devices included in the system 1 is not limited to this. , may include any number of devices. For example, the system 1 may include three or more server devices 10 or may include two or more terminal devices 20. Note that in the following description, at least a part of the processing described as processing of either the server device 10 or the terminal device 20 may be executed by another device. For example, some of the processing described as processing by the server device 10 may be executed by the terminal device 20, and some of the processing described as processing by the terminal device 20 may be executed by the server device 10. may be done.

[Functional configuration]
The functions of the server device 10 will be explained with reference to FIG. 6. The server device 10 (10a, 10b) has a communication section 11 (11a, 11b), a database 12 (12a, 12b), and a control section 13 (13a, 13b) as main functional components.

The server device 10 may have other functional configurations that an information processing device such as a general information processing device or a dedicated device has. The functional configuration of the server device 10 is such that, for example, a control device such as a CPU (Central Processing Unit) included in the server device 10 reads and executes a computer program stored in a storage device, thereby processing a computer program (software) and hardware. This is realized through the cooperation of hardware.

The communication unit 11 receives and transmits various information through communication with external devices. The database 12 stores various information including information received by the communication unit 11, information necessary for processing by the server device 10, or information generated by the server device 10. The control unit 13 controls processing of various functions executed by the server device 10.

[Processing flow]
An example of the processing flow in the system 1, the bank system 2, and the server device 3 will be described with reference to FIG. Each processing step described below is performed by, for example, the control unit of the server device 10 and the terminal device 20 reading and executing a computer program stored in a storage unit, whereby the computer program (software) and hardware cooperate. This is realized by

In the following example description, it is assumed that the server device 10a has the above-mentioned service interface function, and the server device 10b has the above-mentioned circumscribed trust function, but the present invention is not limited to this.

First, the terminal device 20 displays, for example, a web page provided by the server device 3 on the display unit, and sends a user authentication request including a user ID and password to the server device 3 in response to user input to the web page. Send (S71). The server device 3 authenticates the user based on the received user ID and password (S72), and transmits the user authentication result to the terminal device 20.

If the user authentication in step S72 is successful, the terminal device 20 transmits a service provision request to the server device 3 in response to the user's operation input (S73). The service (first service) may be, for example, the above-mentioned open banking service, contract service, rights management service, or transaction history service.

The service provision request received by the server device 3 is transmitted to the server device 10a (S74) and then to the server device 10b (S75).

Thereafter, the display on the display section of the terminal device 20 is redirected from the web page provided by the server device 3 to the web page provided by the server device 10b. The terminal device 20 transmits the user confirmation request to the server device 10b in response to the user's operation input on the redirected web page displayed on the display unit of the terminal device 20 (S76).

The method of transmitting the user confirmation request to the server device 10b is not limited to the method using redirection, and any method can be adopted. For example, the user confirmation request may be transmitted from the terminal device 20 to the server device 10a, and may be transmitted from the server device 10a to the server device 10b in response to a user operation.

In response to receiving the user confirmation request in step S76, the server device 10b requests the bank system 2 to transmit the attribute information of the user (S77). In response to receiving the request, the bank system 2 transmits the attribute information of the corresponding user to the server device 10b (S78). User attribute information includes, for example, the user's bank account number, customer name (name, corporate name, trade name, etc.), family name, employee name, address, location, telephone number, email address, date of birth, gender, etc. It may include at least a part of it.

The server device 10b uses the user attribute information included in the user confirmation request received in step S76 (or the user attribute information acquired from the database of the server device 10b in response to reception of the user confirmation request) and the user attribute information included in the user confirmation request received in step S76. The user attribute information received from the bank system 2 in S78 is verified (compared or matched) (S79). The verification (comparison or matching) may be performed by the bank system 2. That is, the user attribute information included in the user confirmation request received in step S76 is transmitted to the bank system 2, and the bank system 2 stores the attribute information received from the server device 10b and the user attribute information in the bank system 2. The attribute information may be compared with the attribute information, and the comparison result may be sent to the server device 10b. If it is determined that the attribute information matches as a result of the comparison, the server device 10b transmits a user confirmation result indicating that the user confirmation was successful to the server device 10a (S80). Note that in step S80, the server device 10b may generate an electronic certificate indicating the user confirmation result and transmit the electronic certificate to the server device 10a.

In response to receiving the user confirmation result indicating that the user confirmation was successful in step S80, the server device 10a calls a service corresponding to the service provision request received in step S74 (S81). For example, if the service is an open banking service, the server device 10a may make an API call to the bank system 2 for operations such as referring to bank account information or transferring funds in a bank account.

Among the processes shown in FIG. 7, at least some of the processes by the server device 10b are embodied as processes by the communication unit 11b, the database 12b, and the control unit 13b as follows. That is, the communication unit 11b receives a user confirmation request including user authentication information input via the terminal device 20 to request provision of the first service to the user (S76). The first service provided by the first business operator is, for example, an open banking service provided by the above-mentioned bank, a credit card contract service (contract act) provided by a credit card company, a rights management service provided by a digital data rights management company, or a transaction history management business. It may also be a transaction history management service provided by a person. Thereafter, the control unit 13b uses the user attribute information indicated by the authentication information received by the communication unit 11b and the server device of the bank system 2 ( The user confirmation result based on the comparison result with the user's attribute information stored in the first server device) is transmitted via the communication unit 11b to the server device 10a that provides an interface for using the first service. (S80).

Further, the above authentication information is received via the communication unit 11b after the user has been successfully authenticated by the customer front provider (third provider) who mediates and provides the first service by the first provider. There may be.

The customer front provider (third provider) may be, for example, a payment service provider or a funds transfer service provider. A funds transfer service provider is, for example, a provider that provides a service for transferring funds between bank accounts in response to a request from a user.

For example, the user attribute information stored in the first server device for use of the second service provided by the second business operator may include, for example, the bank service (second service) provided by the bank (second business operator). ), but is not limited to this. The user attribute information stored for use of the second service provided by the second business operator is, for example, user information of the credit card service (second service) provided by the credit card business operator (second business operator). Alternatively, the information may be user information of a mobile phone service (second service) provided by a communication carrier (second operator). In addition, the user attribute information stored for use of the second service provided by the second business operator may be, for example, user attribute information stored in a ledger of a public institution (for example, a local government or government It may also be user attribute information (user attribute information stored in a server device of an administrative agency that provides administrative services).

The user attribute information indicated by the authentication information received by the communication unit 11b may be included in the authentication information, or may be attribute information stored in advance in the database 12b as attribute information corresponding to the authentication information. good.

As described above, according to the system 1 according to the present embodiment, for example, even if the banking system 2 itself does not have a user confirmation function, the banking system 2 can provide the user with an open banking service in order to provide the user with an open banking service. It is possible to confirm. That is, by using the already constructed system 1, the bank can perform user verification while reducing the burden of constructing a system having the user verification mechanism.

Regarding the transmission of the user confirmation result from the server device 10b to the server device 10a in step S80, the control unit 13b generates an electronic certificate indicating the user confirmation result, and the communication unit 11b sends the electronic certificate to the server device 10a. You may also send it to

The first business operator whose service provision is mediated by the customer front provider (third business operator) is the same business operator as the second business operator that provides the user's attribute information in step S78, in order to collate the attribute information. There may be one company or a different company.

For example, in the above, the first business operator is a financial institution (including, for example, a bank, credit card business, or funds transfer business operator), a digital data rights management business, or a transaction history management business. For example, a case has been described in which the second business entity is a bank, a credit card company, a communication carrier, or a public institution.

[Detailed function configuration]
With reference to FIG. 8, examples of various functions executed by the control unit 13b of the server device 10b will be described in more detail. As shown in FIG. 8, the functions executed by the control unit 13b include, for example, an attribute inquiry function 131, an electronic signature/electronic certificate issuing function 132, a service provider function 133, and a notary/audit function 134. The control unit 13b may further execute functions other than those described above, or may not execute some of the above functions.

(A) Attribute inquiry function 131
The attribute inquiry function 131 has functions relating to financial institution information inquiry, financial institution information mastering, user identification, and user authentication, which will be described next.

(A-1) Financial institution information inquiry This is a function to inquire of a financial institution (bank, card company, etc.) about attribute information regarding a user (regardless of individual or corporation) who is a customer of the financial institution. For example, the control unit 13b may call an API for attribute information inquiry provided by a financial institution and obtain the user's attribute information. User attribute information includes, for example, the user's bank account number, customer name (name, corporate name, trade name, etc.), family name, employee name, address, location, telephone number, email address, date of birth, gender, etc. It may include at least a portion. In order to call the API for attribute information inquiry, part of the above attribute information may be used as a key, or another identifier may be used.

(A-2) Financial institution information master This function acquires user attribute information stored in a financial institution, and stores and manages it as master information of the financial institution's user attribute information in the database 12b of the server device 10b. The attribute information of the user of the financial institution is used for the above verification of the attribute information. The user attribute information stored in the financial institution may be acquired at a predetermined timing using a dedicated line or the like.

(A-3) User identity verification This is a function that performs user identity verification. In this embodiment, the identity verification may be the identity verification under the Act on Prevention of Transfer of Criminal Proceeds. The control unit 13b uses the user attribute information included in the identity verification request received from the server device 10a (or the user attribute information acquired from the database of the server device 10b in response to reception of the identity verification request), Verify with the user's attribute information received from the financial institution. As a result of the comparison, if the attribute information matches or there is no contradiction between the two, the control unit 13b determines that the user's identity verification has been successful. If the attribute information does not match or there is a contradiction between the two, it is determined that the user's identity verification has failed. To verify the user's identity, eKYC may be performed, or identification may be performed using a digital copy of a public certificate (eg, a driver's license or passport). The user's identity verification may be performed each time a service provision request is received from the terminal device 20 via the customer front provider, or may be performed at other timings.

(A-4) User authentication This is a function that performs user authentication. Authentication of the user may be performed, for example, after (A-3) user identification. User authentication may be based on a user ID and password, two-factor authentication, FIDO (Fast Identity Online) authentication, or other authentication methods.

(B) Electronic signature/electronic certificate issuing function 132
The electronic signature/electronic certificate issuing function 132 has functions of receiving an electronic certificate issuing request, inquiring attributes/retrieving results, issuing an electronic signature/electronic certificate, and recording signature/certificate history, which will be described next.

(B-1) Acceptance of electronic certificate issuance request This is a function that accepts an electronic signature/electronic certificate issuance request from the above service interface function (server device 10a). For example, the control unit 13b receives, via the communication unit 11b, an electronic certificate issuance request indicating the result of the user confirmation described above. Further, the control unit 13b may receive a request for issuance of an electronic certificate of information regarding a business providing a service (for example, connection information, business information, etc.). The electronic certificate may include information about the financial institution, an electronic signature, or a timestamp (if identification of the financial institution is required).

(B-2) Attribute inquiry/result acquisition This is a function that calls the attribute inquiry function 131 in response to the acceptance of the above-mentioned electronic certificate issuance request. The result of matching the user's attribute information by the attribute inquiry function 131 is obtained.

(B-3) Issuance of electronic signature/electronic certificate In response to a successful verification result of the user's attribute information, an electronic signature or electronic certificate indicating the user confirmation result is generated. A digital signature or certificate may be generated in any format or manner.

(B-4) Signature/certificate history recording This is a function to store the above user confirmation results, electronic signatures, or electronic certificates in the database 12b.

(C) Function for service providers 133
The service provider function 133 stores information on a service provider (for example, an open banking service provider) in advance in the database 12b, and when a service provision request is received, the service provision request is made based on the information. Determine whether it is legitimate or not.

Further, the service provider function 133 provides the electronic signature or electronic certificate issued above to the service provider (or the server device 10a).

(D) Notary/audit function 134
The notary/audit function 134 has a function of verifying the electronic signature or electronic certificate issued and provided above. Specifically, by providing the service provider with a verification tool such as a public key, it is possible to support the verification of electronic signatures or electronic certificates on the service provider side.

Further, the notarization/auditing function 134 functions as an interface that receives an inquiry request for the user confirmation result, electronic signature, or electronic certificate stored in the database 12b described above. In response to the inquiry request, the user confirmation result, electronic signature, or electronic certificate stored in the database 12b is inquired.

[Hardware configuration]
With reference to FIG. 9, an example of the hardware configuration of the computer 800 will be described when the server device 10 and the terminal device 20 are implemented by the computer 800. Note that the functions of each device can also be realized by dividing into a plurality of devices.

As shown in FIG. 9, the computer 800 includes a processor 801, a memory 803, a storage device 805, an input I/F section 807, a data I/F section 809, a communication I/F section 811, and a display device. Contains 813. Although not shown, the computer 800 may include various actuators (eg, motors), positioning modules (eg, GPS modules), or various sensors.

The processor 801 is a control unit that controls various processes in the computer 800 by executing programs stored in the memory 803.

The memory 803 is, for example, a storage medium such as a RAM (Random Access Memory). The memory 803 temporarily stores program codes of programs executed by the processor 801 and data required when executing the programs.

The storage device 805 is, for example, a nonvolatile storage medium such as a hard disk drive (HDD) or flash memory. A storage device 805 stores an operating system and various programs for realizing each of the above configurations. Note that the storage device 805 may be the same device as the memory 803.

The input I/F unit 807 is a device for receiving input from the user. Specific examples of the input I/F unit 807 include a keyboard, mouse, touch panel, various sensors, wearable devices, and the like. Input I/F section 807 may be connected to computer 800 via an interface such as a USB (Universal Serial Bus).

The data I/F unit 809 is a device for inputting data from outside the computer 800. A specific example of the data I/F unit 809 is a drive device for reading data stored in various storage media. It is also conceivable that the data I/F unit 809 is provided outside the computer 800. In that case, the data I/F section 809 is connected to the computer 800 via an interface such as a USB.

The communication I/F section 811 is a device for performing data communication with a device external to the computer 800 via the Internet N by wire or wirelessly. It is also conceivable that the communication I/F section 811 is provided outside the computer 800. In that case, the communication I/F section 811 is connected to the computer 800 via an interface such as a USB.

The display device 813 is a device for displaying various information. Specific examples of the display device 813 include, for example, a liquid crystal display, an organic EL (Electro-Luminescence) display, a wearable device display, and the like. Display device 813 may be provided outside computer 800. In that case, display device 813 is connected to computer 800 via, for example, a display cable. Further, when a touch panel is employed as the input I/F section 807, the display device 813 can be configured to be integrated with the input I/F section 807.

[Modified example]
The program for implementing the system 1 (or the server device 10 or the terminal device 20) in the above embodiment can be implemented through various recording media such as an optical disk such as a CD-ROM, a magnetic disk, or a semiconductor memory, or through a communication network. It can be installed or loaded onto a computer by downloading it via .

The present invention is not limited to the embodiments described above, and can be implemented in various other forms without departing from the gist of the present invention. The above embodiments are merely illustrative in all respects, and should not be construed as limiting.

1 System 10 Server device 11 Communication unit 12 Database 13 Control unit 20 Terminal device 800 Computer

Claims (10)

to the computer,
receiving, via a communication unit, authentication information of the user input via a terminal device in order to request provision of a first service by a first business operator to the user;
Regarding the user based on a comparison result between the user's attribute information indicated by the authentication information and the user's attribute information stored in the first server device for use of the second service provided by the second business operator. A program for executing an information processing method, comprising: transmitting a confirmation result to a second server device that provides an interface for using the first service via the communication unit. 2. The program according to claim 1, wherein transmitting the confirmation result includes transmitting an electronic certificate indicating the confirmation result to the second server device via the communication unit. The service provided by the first business operator includes an open banking service,
The request includes instructions for transferring funds to a bank account;
The program according to claim 1. The program according to claim 1, wherein the first business operator is the same business operator as the second business operator. The program according to claim 1, wherein the first business operator is a financial institution, a digital data rights confirmation service provider, or an electric vehicle battery tracking management institution. 1 . The receiving of the authentication information via the communication unit is performed after the user has been successfully authenticated by a third business operator that mediates and provides the first service by the first business operator. The program described in. The program according to claim 1, wherein the third business operator is a funds transfer service business operator. The program according to claim 1, wherein the second business operator is a bank, a credit card business, a communication carrier, or a public institution. An information processing device having a control section and a communication section, the control section comprising:
receiving, via the communication unit, authentication information of the user input via a terminal device in order to request the first service provider to provide the first service to the user;
Regarding the user based on a comparison result between the user's attribute information indicated by the authentication information and the user's attribute information stored in the first server device for use of the second service provided by the second business operator. An information processing device configured to transmit a confirmation result to a second server device that provides an interface for using the first service via the communication unit. receiving, via a communication unit, authentication information of the user input via a terminal device in order to request provision of a first service by a first business operator to the user;
Regarding the user based on a comparison result between the user's attribute information indicated by the authentication information and the user's attribute information stored in the first server device for use of the second service provided by the second business operator. An information processing method comprising: transmitting a confirmation result to a second server device that provides an interface for use of the first service via the communication unit.