JP2829986B2 - Electronic device stop function release system - Google Patents

Description

Description: BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a system for releasing a function stop state due to an authentication failure of an electronic device such as an intelligent card used in a firm banking system.

2. Description of the Related Art Recently, an intelligent card storing data relating to a transaction with a bank is prepared, and this card is attached to a terminal device connected to a host computer of the bank. A farm banking system that enables transactions with banks has been put into practical use.

In such a farm banking system, the data is created by the person in charge considering the importance of the transaction data, and then the data is approved by the administrator. Also PIN (PI
N) is assigned to manage data at their own responsibility. In this case, the personal identification numbers (PINs) assigned to the persons in charge and the administrator are limited in the number of times each PIN is checked in order to prevent a third party from accessing the system. For this reason,
If the PIN verification fails continuously and the number of times exceeds a predetermined number, the card function is automatically stopped and the card function is disabled.

When the card function is stopped in this way, if the cause of this is the failure of matching the PIN of the person in charge, the function stop can be released by matching the administrator PIN, but if the matching of the administrator PIN fails, Since the card function is stopped at the administrator stage, which has an important role of data approval, the function stop cannot be easily released, and in this case, a method of collecting the card stop at a bank center is considered.

[Problems to be Solved by the Invention] By the way, PIs of such personnel and managers
N can be arbitrarily changed on the user side. For this reason, in particular, collation failure often occurs immediately after the PIN is changed. However, the use of cards in such a system is often close to the deadline at the bank, and during such times the card was stopped due to the suspension of the card function, so if the cards were collected, the bank would have to do business with the bank. The processing almost stagnated, which could cause a serious situation.

The present invention has been made in view of the above circumstances, and it is an object of the present invention to provide a system for releasing a function stop state due to a password mismatch, which can easily release a function stop without impairing the safety of the system. I do.

[Means for Solving the Problems] According to the present invention, the storage means for storing the first password information and the second password information, and the input password information and the password information stored in the storage means are compared. A system comprising an electronic device having an authentication unit for authenticating the validity of use of the electronic device and an external device for creating cryptographic information by a predetermined process, wherein the electronic device performs the same process as the external device to obtain the cryptographic information Encryption information creating means for creating the first password information, and first control means for setting the electronic device to a first function stop state when authentication of the first password information cannot be obtained by the authentication means;
In the first function halt state, when the authentication means authenticates the input of the second password information, the first release means for releasing the first function halt state, and the second password information by the authentication means A second control unit for setting a second function stop state when the authentication is not obtained; and in the second function stop state, the authentication unit responds to the input of the encryption information created by the external device. When authentication is performed by comparing the encryption information created by the creation unit with the input encryption information, a second release unit that releases the second function suspension state is provided.

Hereinafter, an embodiment of the present invention will be described with reference to the drawings.

FIG. 1 is a schematic diagram of a firm banking system to which the present invention is applied. In the figure, reference numeral 1 denotes a bank center, and a terminal 5 of a user 4 is connected to a host computer 2 of the center 1 via a public line 3. The terminal 5 is provided with a card 6 on which data relating to bank transactions is written so as to be freely inserted and removed.

In addition, a terminal 9 of a peripheral business consignment company 8 is connected to the bank center 1 via a dedicated line 7. This peripheral business consignment company 8 is about to perform business related to system operation on behalf of a bank. In this case, the terminal 8 of the peripheral service outsourcing company 8 has a function of calculating encrypted data by a predetermined algorithm using date data obtained by a clock means (not shown) and the company code (account number) of the user as parameters. .

Next, FIG. 2 shows a circuit configuration of the card 6 used by the user 4. In the figure, reference numeral 11 denotes a key input unit. Key input data from the key input unit 11 is provided to a control unit 13 via an input control unit 12. The control unit 13 controls each circuit according to a program stored in the system program memory 10.

The above-mentioned terminal 5 is connected to the I / O unit 14 to supply a clock signal and power required for operation, and to exchange data. The input buffer 15 has a key input section
In addition to the personal identification number PIN given by 11, the encrypted data calculated by the terminal 9 of the above-mentioned peripheral business consignment company 8 is given. The data in the input buffer 15 is provided to the comparison unit 16. The comparison section 16 includes a first PIN memory 17, a second PIN
Data of the memory 18 and the encryption memory 19 are given. Here, the first PIN memory 17 stores a person in charge PIN, and the second PIN memory 18 stores an administrator PIN. In addition, the encryption data calculated by the encryption calculation unit 20 is written in the encryption memory 19. In this case, the cryptographic operation unit 20 receives the date data from the clock unit 21 and uses the date data and the company code (account number) of the user as parameters to perform encryption using the same algorithm as the above-described cryptographic operation by the peripheral business consignment company. Data is calculated.

The comparison result in the comparison unit 16 is provided to the control unit 13. In this case, when the PIN of the person in charge and the contents of the first PIN memory 17 do not match, this number is counted by the counter 24. If the predetermined number of times, for example, three times, continues, the flag (F1) 22 is set, and the management is similarly performed. If the user PIN does not match the contents of the second PIN memory 18, the number of times is counted by the counter 24. If the predetermined number of times, for example, three consecutive times, the flag (F2) 23 is set. When these flags 22 and 23 are set, the card function is stopped and becomes unusable.

Further, the control unit 13 sets the flag 22 in a state where the flag 22 is set.
(2) When the administrator PIN of the PIN memory 18 matches the administrator PIN input from the key input unit 11, or when the flag 23 is set, the encrypted data of the encryption memory 19 and the input buffer 15 are written. When the encrypted data from the peripheral business consignment company 8 matches, the stopped state of the card function is released respectively.

Reference numeral 25 denotes a data memory which stores farm banking data, a company code (account number), and the like. Data writing and reading of the data memory 25 are controlled via an R / W control unit 26. Reference numeral 27 denotes a display unit, and the display on the display unit 27 is controlled by an output control unit 28.

 Next, the operation of the embodiment configured as described above will be described.

First, the processing in the card 6 used by the user 4 will be described with reference to the flow shown in FIG. In this case, in order to create data relating to the bank transaction, the person in charge PIN is input from the key input unit 11 in step A1. This person in charge PIN is written into the input buffer 15. Next, proceed to step A2,
PIN verification is performed. In this case, the person in charge PIN written in the input buffer 15 is compared with the person in charge PIN stored in the first PIN memory 17. Here, if the PINs match and YES is obtained in step A2, data is created in step A3. In this case, the card 6 is mounted on the terminal 5, and data is input from a key input unit (not shown) of the terminal 5.

The card 6 in which the data is created in this manner is stored in the terminal 5
It is removed and handed over to the administrator, and the data is checked in step A4. If the result is OK, the process proceeds to step A5, and the administrator PIN is input from the key input unit 11. This administrator PIN is written into the input buffer 15. Next, the process proceeds to step A6, where PIN collation is performed. In this case, the administrator PIN written in the input buffer 15 is
This is compared with the administrator PIN stored in the N memory 18. Here, if the PINs match and the answer is YES in step A6, the process proceeds to step A7, where data transmission is performed. In this case, the card 6 is mounted on the terminal 5 and data is transmitted to the host computer 2 of the bank center 1 via the public line 3.

By the way, if the PIN does not match and the answer is NO in step A2, the process proceeds to step A8, where the counter
24 is incremented by one. Next, the process proceeds to step A9, where it is determined whether the counter 24 has counted up three times in a row. Here, if NO, the process returns to step A1 and the input of the person in charge again is permitted. Then, in step A2, the person in charge is collated again. Here, if the answer is YES, the process proceeds to the operation after step A3. If the answer is NO, the process proceeds to step A8, and the counter 24 is further counted up by +1. Hereinafter, the same operation is repeated until a match is obtained in the PIN matching of the person in charge, but in step A9,
If YES, the process proceeds to step A10, where the flag 22 is set and the card function is stopped.

At the stage of such person PIN verification, the card 5 whose card function has been stopped has its function recovered by the flow shown in FIG. First, in step B1, the card 5 is powered on. Then, the process proceeds to Step B2. In this case, since the flag (F1) 22 is set,
Proceed to B3 and wait for the input of the administrator PIN. Here, when the administrator PIN is input from the key input unit 11, the administrator PIN is written into the input buffer 15. Then, proceed to step B4,
PIN verification is performed. In this case, the administrator PIN written in the input buffer 15 is compared with the administrator PIN stored in the second PIN memory 18. If the PINs match and the answer is YES in step B4, the process proceeds to step B5, where the flag (F1) 2
2 is reset and the card function is restored in step B6.

If NO is determined in the administrator PIN verification in step B4, the flag 23 is set and the card function is stopped in step B7. The recovery operation of the card function in this case will be described later.

On the other hand, if the PIN does not match and becomes NO in the administrator PIN verification in step A6 shown in FIG. 3, the process proceeds to step A11, and the counter 24 is incremented by +1. Next, the process proceeds to step A12, where it is determined whether the counter 24 has counted up three times in a row. Here, if NO, the process returns to step A5, and the input of the person in charge again is permitted. Then, in step A6, the administrator PIN is collated again. Here, if the answer is YES, the data transmission in step A7 becomes possible, but if the answer is NO, the process proceeds to step A11, and the counter 24 is further counted up by +1. Less than,
The same operation is repeated until a match is obtained in the PIN matching of the administrator, but if YES in step A12, step A1
Proceeding to 3, the flag 23 is set, and the card function is stopped.

At the stage of such administrator PIN verification, the function of the card 6 whose card function has been stopped is measured by the flow shown in FIG. First, in step B1, the card 5 is powered on. Then, the process proceeds to Step B2. In this case, since the flag (F2) 23 is set,
Proceed to B8. In step B8, the cryptographic operation unit 20 calculates the encryption. In this case, the cryptographic operation unit 20 uses the date data output from the clock unit 21 and the user's company code (account number) read from the data memory 25 as parameters and performs the same as the cryptographic operation performed by the peripheral business consignment company 8 described below. The cryptographic data is calculated by the algorithm. This encrypted data is written into the memory 19.

In this state, the manager notifies the peripheral business consignment company 8 that the card function has been stopped by telephone. The communication in this case may be made via the bank center 1. Consignment company 8
Then, after confirming the manager of the user 4, the cryptographic data is calculated by a predetermined algorithm using the date data of the clock section and the company code (account number) of the user as parameters.
This is notified to the administrator of the user 4. In step B9, the administrator inputs the encrypted data received from the peripheral business consignment company 8 by telephone from the key input unit 11. This encrypted data is written into the input buffer 15. Next, the process proceeds to step B10, where it is determined whether the encrypted data matches. In this case, the encrypted data written in the input buffer 15 and the encrypted data stored in the encryption memory 19 are compared. Here, if they match, and the answer is YES in step B10, the process proceeds to step B11, the flag (F2) 23 is reset, and the card function is restored in step B6.

On the other hand, in step B10,
When it becomes O, the process proceeds to step B12, and the card is invalidated. Card invalidation in this case is something that does not recover semipermanently,
If you want to recover the card, you must collect the card once and issue it again.

In addition, in the case of NO in the administrator PIN verification in step B4, the flag 23 is set, and the card function is stopped,
The operation of the above-described steps B8 to B11 makes it possible to recover the card function.

In addition, this invention is not limited only to the said Example, It can change and implement suitably in the range which does not change a summary. For example, in the above-described embodiment, the date data and the company code of the user are used as the parameters of the cryptographic operation, but other parameters may be used.

[Effects of the Invention] According to the present invention, when the authentication of the first password information is not obtained and the function of the electronic device is stopped, the function is stopped by inputting the second password information and obtaining the authentication. Can be released,
When the function of the electronic device is stopped because authentication is not obtained for the second password information, the function stop can be released by inputting the encryption information created by the external device and obtaining the authentication. Therefore, when the electronic device is used at two levels, for example, a person in charge, a person in charge, etc., if the person in charge has an authentication error, the person in charge can easily release the error by obtaining the authentication. Even if there is an authentication error of the user, the function suspension state can be released by executing the prescribed procedure and obtaining the cryptographic information, so that flexibility is maintained to maintain security and avoid unnecessary business disruption. This is advantageous for building a certain system.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a firm banking system to which one embodiment of the present invention is applied, FIG. 2 is a block diagram showing a circuit configuration of a card used in the embodiment, and FIGS. It is a flow chart for explaining operation of the example. 1 ... Bank center, 2 ... Host computer, 4 ...
User, 5: Terminal, 6: Card, 8: Peripheral contractor, 9: Terminal, 11: Key input unit, 13: Control unit, 15: Input buffer, 16: Comparison Department, 17, 18 ……
PIN memory, 19: Encryption memory, 20: Encryption operation unit, 21
…… Timer, 22, 23 …… Flag, 24 …… Counter, 25…
... data memory.

Claims (1)

(57) [Claims] 1. An authentication device for storing first password information and second password information, and comparing the input password information and the password information stored in the storage device to authenticate the validity of use. A system comprising an electronic device having means and an external device for creating cryptographic information by a predetermined process, wherein the electronic device performs the same process as the external device to create cryptographic information, and A first control unit that sets the electronic device to a first function stop state when the authentication unit does not obtain authentication for the first password information; and a second password unit in the first function stop state. First canceling means for canceling the first function suspension state when the authentication means authenticates the input of the information, and second function when the authentication means cannot authenticate the second password information. Put into a stop state In the second function stop state, in response to the input of the encryption information created by the external device, the authentication unit compares the encryption information created by the encryption creation unit with the input encryption information. And a second release means for releasing the second function stop state upon authentication.