JP2024029716A - Payment terminal and program - Google Patents

Abstract

[Problem] To provide a payment terminal and a program that can detect existing malware as one task. A payment terminal according to the present embodiment includes a memory section and a control section. The memory unit stores task information that registers tasks and tasks that are permitted to be executed. The control unit reads the tasks and task information from the memory unit, checks whether any tasks that are not registered in the task information are stored in the read tasks, and if any tasks that are not registered in the task information are found, the control unit reads the tasks and task information from the memory unit. Perform a shutdown. [Selection diagram] Figure 6

Description

Embodiments of the present invention relate to a payment terminal and a program.

Conventionally, there is a possibility that the files stored inside the payment terminals used for card payments may be infected with malware, and the information on the card used for card payments may be stolen. In order to prevent damage caused by such malware, there are payment terminals that are equipped with a virus check program that checks for the presence of infected files.
Malware that infects such payment terminals includes bots and RAM scrapers. Some bots and RAM scrapers exist as a single task and illegally leak credit card information stored in payment terminals. These malwares are recognized by the terminal as one of the tasks that are activated within the payment terminal, making it difficult for the virus check programs mentioned above to detect them.

Japanese Patent Application Publication No. 2012-174075

The problem to be solved by the present invention is to provide a payment terminal and a program that can detect existing malware as one task.

In order to achieve the above object, the payment terminal of this embodiment includes a memory section and a control section. The memory unit stores task information that registers tasks and tasks that are permitted to be executed. The control unit reads the tasks and task information from the memory unit, checks whether any tasks that are not registered in the task information are stored in the read tasks, and if any tasks that are not registered in the task information are found, the control unit reads the tasks and task information from the memory unit. Perform a shutdown.

FIG. 1 is a block diagram showing an example of a POS system according to a first embodiment. FIG. 2 is a block diagram showing an example of a payment terminal according to the first embodiment. 2 is a memory map showing an example of a white list stored in a storage unit according to the first embodiment. 2 is a flowchart illustrating an example of a confirmation process when starting up the payment terminal according to the first embodiment. 3 is a flowchart illustrating an example of activation processing of the payment terminal according to the first embodiment. 3 is a flowchart illustrating an example of a virus monitoring task of the payment terminal according to the first embodiment. FIG. 2 is a schematic diagram showing an example of a virus detection message displayed by the payment terminal according to the first embodiment.

(First embodiment)
This embodiment will be described below with reference to the drawings. This embodiment describes a payment terminal that is introduced into a store such as a supermarket and performs payment of transactions. Furthermore, in this embodiment, malware such as bots and RAM scrapers will also be described as viruses.

FIG. 1 is a block diagram showing an example of a POS (Point of Sales) system 1 according to the first embodiment. The POS system 1 includes a product sales data processing device 10, a payment terminal 11, a reader/writer 12, and an FDL (File Download) server 13. Further, the product sales data processing device 10, the payment terminal 11, and the reader/writer 12 are connected by wire or wirelessly. Further, the product sales data processing device 10, the payment terminal 11, and the FDL server 13 are connected by wire or wirelessly. In addition to the FDL server 13, the payment terminal 11 is connected to a central server of a credit card company, financial institution, electronic money, etc. (not shown) in order to perform various payment operations such as credit cards and electronic money.

The product sales data processing device 10 performs product registration processing for registering products and accounting processing. When paying with a credit card, electronic money, etc., the product sales data processing device 10 performs transaction settlement processing in conjunction with the payment terminal 11 connected to the product sales data processing device 10.

The product sales data processing device 10 includes a clerk side display section, a customer side display section, a keyboard, a product reading section, and a receipt printer (not shown). The clerk-side display section and the customer-side display section are composed of LCDs (Liquid Crystal Displays) or LCDs with touch panels, and display information such as the product name and price read by the product reading section, as well as product registration and accounting such as the total amount at the time of transaction. Display the necessary information. The keyboard is equipped with a preset key for entering a specific amount, a cash payment key or credit card key for selecting a payment method, and a subtotal key for moving from product registration to accounting processing. The receipt printer is provided in the product sales data processing device 10 and issues a receipt that is the details of a transaction.

The payment terminal 11 reads information stored in a medium such as a credit card from an IC card, a magnetic card, a one-dimensional code such as a bar code, a two-dimensional code, etc., and performs payment by communicating with a server of a card company, etc. It has a payment function that performs processing. Further, the payment terminal 11 has a unique terminal number.

The reader/writer 12 accesses contactless media such as electronic money cards and mobile terminals that store financial information electronically using near field communication technology such as NFC (Near Field Communication). The reader/writer 12 acquires the monetary information stored in the medium and uses it for payment to execute payment processing, and transmits the acquired monetary information to the payment terminal 11. Further, the reader/writer 12 can also update the information received from the payment terminal 11 by writing it into the monetary information stored in the non-contact medium.

The FDL server 13 is a server for transmitting configuration files and programs to the payment terminal 11 and the like, as well as for acquiring terminal logs. The FDL server 13 may cause the virus-infected payment terminal 11 to download a virus removal program. Further, the FDL server 13 may be a maintenance server. The terminal log includes, for example, the date and time the payment terminal 11 was activated, the date and time of virus infection, and the terminal number.

FIG. 2 is a block diagram showing an example of the payment terminal 11 according to the first embodiment. The payment terminal 11 includes, for example, a control section 101, a memory section 102, a display section 103, an operation section 104, a card reading section 105, a printing section 106, a communication I/F 107, an internal clock 108, and the like. Furthermore, each part is connected via a bus.

Control unit 101 controls payment terminal 11 .
The control unit 101 includes a CPU (Central Processing Unit) 1011, a ROM (Read Only Memory) 1012, and a RAM (Random Access Memory) 1013. The CPU 1011 controls each part of the payment terminal 11. The ROM 1012 stores various programs and data such as programs used to drive the CPU 1011. The RAM 1013 is used as a work area for the CPU 1011, and stores various software and data stored in the ROM 1012 and the memory unit 102, data acquired from each unit, and the like. The control unit 101 reads information stored in a medium such as a credit card and performs payment functions by operating according to a program developed in the RAM 1013. In addition, the control unit 101 performs a startup process to check whether the payment terminal 11 is infected with a virus when the payment terminal 11 is started, and also monitors whether the payment terminal 11 is infected with a virus while it is activated. Start and run virus monitoring tasks and turn on and off infection flags. The infection flag indicates whether or not the payment terminal 11 is infected with a virus. Furthermore, when virus infection is confirmed, the control unit 101 not only stops the payment terminal 11 but also controls the transmission of terminal logs and the like to the FDL server 13.

The memory unit 102 is a nonvolatile memory whose contents are saved even when the power is turned off, and stores programs including the control program 1021. The memory unit 102 is made up of a storage medium such as a HDD (Hard Disc Drive) or a flash memory. Further, the memory unit 102 includes a storage unit 1022, which stores an operating system, tasks for executing various tasks, a white list, an infection flag, and the like. Examples of tasks described in this embodiment include tasks for executing various payment methods. The payment terminal is composed of a plurality of tasks to perform payment operations, including a payment operation task, an NFC operation task, a point operation task, a totaling task, a setting menu task, a printing task, and an operation menu task.

The display unit 103 displays images for use in operations for executing various payment operations. The display unit 103 is an LCD equipped with a touch panel. In addition to images for switching between various payment operations, the display section 103 also displays images that display a numeric keypad for entering credit card security codes, images that guide card reading, and virus detection messages that are displayed when a virus infection is detected. etc. will be displayed. The display unit 103 displays a virus detection message S as shown in FIG. 7, for example, to notify that a virus has been detected. The virus detection message S includes, for example, an error code, words such as "The device has failed. Please contact the terminal manufacturer.", and contact information for the manufacturer.

The operation unit 104 is a touch panel included in the display unit 103, and by touching an area included in an image displayed on the display unit 103, a command corresponding to the area is transmitted to the control unit 101.

The card reading unit 105 reads information stored magnetically or electrically in a medium such as a credit card.

The printing unit 106 outputs details of payment information. The printing unit 106 is housed inside the payment terminal 11, has a thermal head, etc., and outputs payment information on receipt paper.

The communication I/F 107 sends and receives information to and from external devices. The communication I/F 107 is connected to the product sales data processing device 10, the reader/writer 12, and the FDL server 13. The communication I/F 107 sends and receives information regarding payments to and from the product sales data processing device 10 and the reader/writer 12. The communication I/F 107 not only receives configuration files and programs to the FDL server 13, but also transmits information related to virus monitoring such as terminal logs.

The terminal clock 108 functions as a time information source for the payment terminal 11. The control unit 101 measures the current date and time based on time information measured by the internal terminal clock 108.

FIG. 3 is a memory map showing an example of the white list stored in the storage unit 1022 according to the first embodiment. The white list stored in the storage unit 1022 is task information in which information regarding tasks that the payment terminal 11 is permitted to execute in advance is registered. The information regarding the task includes, for example, the task name. Therefore, tasks other than those with task names registered in the whitelist are considered unauthorized and unauthorized tasks (viruses). The task names of the tasks registered as a whitelist are shown in Figure 3: virus monitoring task, various APIs, payment task, NFC task, point task, aggregation task, setting menu task, printing task, and task menu. I have a task. In this embodiment, the whitelist is task information composed of task names, but the whitelist is not limited to this, and may be information that can specify a task, such as a source code.

The virus monitoring task 10221 is a task for monitoring whether the payment terminal 11 is infected with a virus. In other words, the virus monitoring task 10221 is a task for checking whether tasks that are not registered in the white list are stored. The virus monitoring task 10221 reads the white list stored in the storage unit 1022, which is one of the areas in the memory unit 102. The virus monitoring task 10221 monitors tasks by comparing the read whitelist and the task name of the task stored in the memory unit 102. Therefore, the virus monitoring task 10221 extracts and reads the task name from the tasks stored in the memory unit 102. The virus monitoring task 10221 turns on/off the infection flag. Further, the virus monitoring task 10221 is activated in parallel even while other tasks are activated. In this embodiment, the virus monitoring task 10221 extracts the task name from the task, but the task itself may be read.

Various APIs 10222 are interfaces used by various applications to exchange information.

The payment task 10223 is a task for executing various payments. Specifically, the various payments include credit card payments, electronic money payments, debit card payments, and UnionPay card payments. The payment task 10223 performs processing for displaying an image used for the above-described payment method switching operation, and transmits the selected payment method to the control unit 101.

The NFC business task 10224 is a task activated when using NFC. When a contactless medium is used for payment, the NFC business task 10224 is activated to read information necessary for payment, works with the reader/writer 12 to obtain the information, and transmits it to the control unit 101 .

Point business task 10225 is activated when points are awarded. The point business task 10225 executes processing related to points, such as sending and receiving information to and from a point vendor, such as code payment and point payment.

The aggregation task 10226 is a task for aggregating transaction details. The aggregation task 10226 aggregates and displays the daily total, which is the aggregation result of the transaction contents for one day, and the interim total, which is the aggregation result of the transaction contents up to the present, during the day.

The settings menu task 10227 is a task that displays a settings menu and executes input commands. The settings menu task 10227 performs a process of displaying a settings menu as an image that displays options such as communication settings, device settings, business settings, remote maintenance, and log transmission as items, and a process of sending input commands to the control unit 101. Execute.

The print task 10228 is a task that executes printing on receipt paper. The print task 10228 executes a process for printing payment information and a process for printing a total result obtained by executing the above-mentioned total task as a total slip.

The business menu task 10229 is a task for displaying a business menu and executing input commands. The business menu task 10229 executes a process of displaying a business menu, which is an image for selecting a payment method, and a process of transmitting an input command to the control unit 101.

FIG. 4 is a flowchart illustrating an example of a confirmation process when the payment terminal 11 is activated according to the first embodiment. The process shown in FIG. 4 is a process to check whether the payment terminal 11 is infected with a virus, which is executed when the payment terminal 11 is started up.

The control unit 101 performs a flag check (ACT101). The control unit 101 accesses the memory unit 102 and checks whether the infection flag is turned on (ACT102). Specifically, the control unit 101 accesses the memory unit 102 to confirm whether the payment terminal 11 is infected with a virus at the startup stage, reads out the infection flag, expands it to the RAM 1013, and confirms it.

As a result of checking the infection flag, if the infection flag is on (ACT 102: YES), the control unit 101 displays a virus detection message (ACT 103). The control unit 101 outputs a virus detection message to be displayed on the display unit 103. The virus detection message displays the message "The terminal has broken down. Please contact the terminal manufacturer." and contact information, such as the virus detection message S shown in FIG. 7, for example.

After displaying the virus detection message S, the control unit 101 stops the payment terminal 11 (ACT104). The control unit 101 performs a process of shutting down the payment terminal 11 and turns off the main body power.

If the infection flag is off (NO in ACT 102), the control unit 101 performs OS load processing (ACT 105). The control unit 101 reads the operating system from the memory unit 102.

The control unit 101 executes loading of various drivers (ACT106). The control unit 101 loads various drivers to use built-in devices such as a printing unit and peripheral devices such as the reader/writer 12.

FIG. 5 is a flowchart showing an example of the activation process of the payment terminal 11 according to the first embodiment. The control unit 101 loads the task and library (ACT201). The control unit 101 reads out from the memory unit 102 a library that provides tasks and task functions that are registered as a whitelist for executing an application program, and executes the tasks. Furthermore, the control unit 101 executes the virus monitoring task in parallel with other tasks (ACT202). The control unit 101 displays a business menu screen (ACT203). The control unit 101 displays an image of a business menu on the display unit 103. After displaying the business menu screen, the control unit 101 changes the payment method based on the selected item (ACT 204).

FIG. 6 is a flowchart showing an example of the virus monitoring task of the payment terminal 11 according to the first embodiment.

The control unit 101 reads the white list (ACT301). The control unit 101 reads the white list stored in the memory unit 102 and expands it in the RAM 1013.

The control unit 101 reads the task name (ACT302, ACT303). The control unit 101 extracts the task name from the tasks stored in the memory unit 102 and expands it to the RAM 1013. After being expanded to the RAM 1013, the control unit 101 checks whether the task in the payment terminal is a task registered in the whitelist or an unregistered task by comparing the extracted task name with the read whitelist.

As a result of the confirmation, if the control unit 101 is unable to confirm any tasks that are not registered in the whitelist (NO in ACT 303), it waits for processing (ACT 304). The control unit 101 waits for processing until a preset standby time elapses, and returns to ACT 302 when the standby time elapses.

When detecting a task that is not registered in the whitelist (ACT 303: YES), the control unit 101 acquires the date and time of occurrence and the terminal log (ACT 305). In order to obtain the terminal log, the control unit 101 obtains the virus detection time and date and the terminal startup date and time based on the time information measured by the terminal internal clock 108, and obtains the terminal number from the memory unit 102.

The control unit 101 transmits the date and time of occurrence and the terminal number to the FDL server 13 (ACT306). The control unit 101 transmits the acquired time and date when the virus was detected and the terminal number to the FDL server 13 via the communication I/F 107.

The control unit 101 turns on the infection flag (ACT307). When the control unit 101 detects a task that is not registered in the whitelist, it turns on the infection flag.

The control unit 101 displays a virus detection message (ACT308). The control unit 101 displays a virus detection message S on the display unit 103 to notify that virus detection has been confirmed.

The control unit 101 cuts off communication (ACT309). The control unit 101 controls the communication I/F 107 and disconnects from other devices, whether wired or wireless.

The control unit 101 stops the payment terminal 11 (ACT310). The control unit 101 turns off the main body power of the payment terminal 11 and shuts down the payment terminal 11.

The payment terminal 11 executes the virus monitoring task after removing tasks that are not registered in the whitelist using a virus removal program or manual operation. If only tasks stored in the whitelist are being executed or stored, the control unit 101 turns off the infection flag.

In the embodiment described above, the payment terminal 11 can detect bots and the like, which were recognized as tasks within the terminal and were difficult to detect, while being completed within the terminal.

Further, when the infection flag is turned on, the control unit 101 shuts off the communication I/F 107 until the infection flag is turned off.

Further, in the embodiment, the payment terminal 11 and the product sales data processing device 10 are described as separate bodies, but they may be housed in one housing. Further, the payment terminal 11 and the reader/writer 12 may be integrated.

In addition, virus monitoring tasks, startup confirmation processing, etc. executed by the payment terminal 11 of the embodiment are files in an installable or executable format that can be stored on a CD-ROM, flexible disk (FD), CD-R, or DVD. The information may be provided by being recorded on a computer-readable recording medium such as a (Digital Versatile Disk).

Although several embodiments of the invention have been described, these embodiments are presented by way of example and are not intended to limit the scope of the invention. These novel embodiments can be implemented in various forms, and various omissions, substitutions, and changes can be made without departing from the gist of the invention. These embodiments and their modifications are included within the scope and gist of the invention, as well as within the scope of the invention described in the claims and its equivalents.

10...Product sales data processing device 11...Payment terminal 13...FDL server 101...Control unit 102...Memory unit 1022...Storage unit

Claims (5)

a memory unit that stores task information that registers tasks and tasks that are permitted to be executed;
Read the tasks and task information from the memory section, check whether any tasks that are not registered in the task information are stored in the read tasks, and shut down if any tasks are found that are not registered in the task information. a control unit that performs
A payment terminal equipped with 2. The payment terminal according to claim 1, wherein when the control unit confirms a task that is not registered in the task information, the control unit displays a notification on a display unit and then shuts down the payment terminal. Equipped with a communication section that sends and receives information to external devices,
The memory unit stores a terminal number,
The payment method according to claim 1, wherein when the control unit confirms a task that is not stored in the task information, the control unit reads the terminal number from the memory unit and transmits the terminal number to the external device via the communication unit. terminal. 2. The payment terminal according to claim 1, wherein when the control unit confirms a task that is not stored in the task information, it turns on an infection flag and performs control to cut off the communication unit until the infection flag is turned off. At the payment terminal that obtains information for payment,
a storage step for storing task information in which tasks to be executed by the payment terminal and tasks that are permitted to be executed are registered;
a task information reading procedure for reading the task information;
a task reading procedure for reading the task;
a task confirmation procedure for confirming whether a task that is not stored in the task information is stored in the read task;
a control procedure for shutting down if a task not stored in the task information is confirmed;
A program that realizes this.

Images