JP4640767B2 - IC card new issuing method and apparatus, and server - Google Patents

Description

  The present invention relates to information processing technology related to services using biometric authentication and an IC card.

  For example, in customer authentication performed at a bank, in general, when a deposit is withdrawn from a terminal device such as an ATM (Auto Teller Machine), the cash card and PIN are stored at the bank counter. In the case of withdrawal, a bankbook and its bank seal are used. Such an authentication method requires information that can only be possessed by the deposit account holder or information that can only be known by the deposit account holder, and ideally only the deposit account holder. It should not be possible to withdraw deposits. However, if the cash card is stolen and the PIN is leaked or using a PIN that can be easily guessed, or if the bankbook and bank seal are stolen, the name of the account holder Otherwise, the withdrawal of the deposit, etc. will be carried out, and the holder of the deposit account will suffer unexpected damage.

  On the other hand, there is a so-called bio-account, which is a deposit account that enables the use of biometric information, which is a physical feature unique to an individual in customer authentication, for a service that is newly provided in a bank and targeted to an individual customer, for example. is there. If a bio account is opened, the damage caused by theft as described above can be prevented by biometric authentication using biometric information. In other words, authentication is performed using information that has a high identification rate, such as fingerprints and palm vein patterns, and is not stored because it is in-vivo information, preventing unauthorized withdrawal of deposits, etc. Can do.

  However, using biometric information in authentication creates another problem. In other words, biometric information such as fingerprints is particularly important personal identification information among customer personal information. For example, when it is attempted to perform centralized management in a bank management server, it may be impossible to obtain customer understanding. In addition, since the bank side has a certain responsibility to retain the customer's personal information, it is necessary to spend considerable cost to prevent the leakage. Therefore, even if biometric authentication is performed, there is a problem in maintaining the biometric information used for biometric authentication on the bank side.

  Therefore, the biometric information used for biometric authentication is stored in the IC card held by the customer. If the IC card is properly managed by the customer, the bank side manages it as described above. Such a problem will not occur.

  In this way, a technique for holding biometric information for biometric authentication in an IC card already exists. For example, Japanese Patent Application Laid-Open No. 2000-076412 provides an IC card that stores a fingerprint pattern that enables strict authentication, prevents the outflow of private data, and can easily cope with a card update. Techniques to do this are disclosed. According to this technology, biometric information, which is important personal information such as fingerprint information, is held only in the IC card, so that it is possible to prevent the biometric information from leaking due to, for example, a bank information system defect.

  By the way, there are procedures necessary for a customer to hold an IC card in which biometric information is registered. In other words, when a card contract is made and biometric information is registered in an IC card, the contractor's own person and the person in charge of the card issuing company (including the company issuing the card issuance) are present. It is necessary to register biometric information in the IC card. Specifically, the contractor must confirm that his / her biometric information is registered in the IC card, and the person in charge of the card issuing company confirms that the biometric information registrant is the contractor himself / herself. Is necessary.

  On the other hand, in Japanese Patent Application Laid-Open No. 2004-110365, when the IC card needs to be updated regularly, the time is secured within the business hours of the card issuing company and the card issuing company's sales office is visited. A technique for relieving the contractor's restriction that the biometric information registration operation for the IC card as described in 1) must be performed again is disclosed. In other words, authentication is performed using biometric information registered in the IC card before update, and only when it is determined that authentication is successful, biometric information is unregistered and newly sent from the card issuing company The biometric information is copied from the IC card before update to the IC card. By using such a method, it is possible to prevent unauthorized registration of biometric information other than the contractor for the IC card for update. Therefore, the person in charge of the card issuing company does not need to attend the registration work of the biometric information for the IC card, and can automatically perform update registration with a terminal device such as an ATM. If the available time of the terminal device is sufficiently long and the terminal device is installed in many places, the restrictions on the contractor are considerably relaxed when the IC card is updated.

  However, even when this technology is used, when a new IC card is issued, the contractor secures time within the business hours of the card issuing company, goes to the card issuing company's sales office, and biometric information on the IC card. Registration work must be carried out.

When opening a bio account, that is, applying for a new IC card at a bank counter, for example, if the IC card with biometric information registered cannot be handed to the applicant, the contractor will go to the bank counter again. Biometric information needs to be registered in the IC card. That is, the labor of the contractor is increasing. Although it is theoretically possible to deliver an IC card with biometric information registered to the applicant by mail, etc., from the viewpoint of leakage of biometric information, etc. It is not preferable for the person to manage the IC card, and procedures such as mailing to the contractor are not considered. It is also possible to apply for the opening of a bio account via mail or the Internet. In such a case, it is necessary to go to a bank window and register biometric information in an IC card. In other words, if it is not a bio account, it is possible to open an account without going to a bank window or the like, whereas the time and effort of an applicant for opening a bio account is increasing.
JP 2000-076412 A JP 2004-110365 A

  As described above, according to the prior art, when a new IC card for registering biometric information is newly issued, the contractor is not reduced at all, and the contractor has a severe time and geographical restriction. There is a problem that I have to go to the window.

  On the other hand, there are also customers who use biometric authentication but do not want to register their own biometric information in the IC card. For example, biometric information may be registered in a bank-side management server or the like. However, as described above, when managing the biometric information on the bank side, the bank incurs a cost to prevent the leakage, but the cost of the IC card itself is almost the same, and the IC card There is no balance in terms of cost with customers who register their biometric information.

  Accordingly, an object of the present invention is to provide a technique for relaxing restrictions on customers when a new IC card is issued in which biometric information used in biometric authentication is registered.

  Another object of the present invention is to provide a technique for enabling provision of a new service according to a storage location of biometric information for verification used in biometric authentication.

  A novel IC card issuance method according to the first aspect of the present invention includes a biometric information reading device and a terminal device having an IC card reader / writer for reading biometric information, which is a physical characteristic peculiar to an individual, from a user, and a user In a system including a management server having an information storage unit, a new issuance method for an IC card that is executed without using an IC card other than an unregistered IC card, and the biometric information of a specific user is When an unregistered IC card is inserted into the IC card reader / writer, identification information including at least one of biometric information and password stored in advance in the user information storage unit and the specific usage acquired this time The authentication step of performing authentication using the identity verification information of the user, and if the authentication step determines that the authentication is successful, the IC card reader / writer Biometric information There are including the step of writing the biometric information of a particular user to unregistered IC card.

  Thus, if a user who has received an IC card with unregistered biometric information is authenticated by at least one of biometric information and a password in the terminal device, the user himself / herself is registered in the IC card with unregistered biometric information. Biometric information is newly written. Therefore, if the usage time of the terminal device is sufficiently long and the terminal device is installed in many places, the restriction for the user when the IC card is newly issued is considerably relaxed. In addition, the card issuer's person in charge of registering the biometric information for the IC card does not have to be present, and the cost of the card issuer is reduced. The biometric information reader of the terminal device is used when performing biometric authentication in the authentication step described above.

  Also, a writing result determination step for determining whether or not a specific user's biometric information has been normally written in an IC card for which biometric information is not registered, and an IC card for which biometric information is not registered in the writing result determination step If it is determined that the user's biometric information has been written normally, the method may further include a step of deleting the identification information of the specific user stored in advance in the user information storage unit.

  As described above, when it is determined that the biometric information of a specific user is normally written in an IC card in which the biometric information is not registered, the specific user stored in advance in the user information storage unit Since the personal identification information is deleted, the card issuing company can minimize the cost required for preventing leakage of biometric information.

  In addition, when an IC card in which the biometric information of a specific user is not registered is inserted into the IC card reader / writer, the IC card reader / writer uses the inspection information acquired from the IC card, and the biometric information is not registered in the IC card reader / writer. An IC card determination step for determining whether the card is normally issued, and a specific user when it is determined in the IC card determination step that an IC card whose biometric information is not registered is not normally issued And a step of canceling the new IC card issuance process.

  Thus, by determining whether the IC card has been issued normally, it is possible to prevent forgery of the IC card, registration of illegal biometric information on the IC card, and the like. For example, if the inspection information assigned to each specific individual is registered in advance in the IC card, it is possible to prevent forgery of the IC card and registration of illegal biometric information in the IC card. Further, for example, a result obtained by performing a predetermined operation on data registered in the IC card is further registered in the IC card, and is registered in the IC card in the IC card determination step described above. It is also possible to perform processing such as performing the same calculation on the data and confirming whether the same result can be obtained.

  Further, when it is determined in the IC card determination step that the IC card whose biometric information is not registered is not normally issued, not only the new IC card issuance processing for a specific user is stopped, but also, for example, Error information indicating that it is determined that the inserted IC card has not been properly issued may be written to the IC card. Further, the IC card may be collected by the terminal device.

  An information processing method according to a second aspect of the present invention is an information processing method executed by a terminal device having a biological information reading device and an IC card reader / writer that reads biological information from a user, and a specific user When an IC card is inserted into an IC card reader / writer and a specific user requests service provision through the terminal device, the storage location of the biometric information of the specific user is connected to the IC card and the other device connected to the terminal device; If it is determined that the biometric information of a specific user is stored in the IC card in the storage location determination step and the storage location determination step, a fee table relating to a fee that is a consideration for service provision, A fee table used when it is determined that the biometric information of a specific user is not stored in the IC card in the storage location determination step; And a step of switching to a different fee table.

  As described above, there is a balance in terms of costs borne by the bank between customers who register their biometric information in the IC card and customers registered in the management server on the bank side, for example. Not. Therefore, as described above, it is possible to correct the cost imbalance by switching the fee table according to the storage location of the user's biometric information and changing the fee paid by the user. It becomes.

  It is also possible to create a program for causing a computer to execute the method according to the present invention, and the program is a storage medium such as a flexible disk, a CD-ROM, a magneto-optical disk, a semiconductor memory, and a hard disk. Alternatively, it is stored in a storage device. Moreover, it may be distributed as a digital signal via a network. Note that data being processed is temporarily stored in a storage device such as a memory.

  ADVANTAGE OF THE INVENTION According to this invention, the restriction | limiting for a customer can be eased at the time of the new issue of the IC card in which the biometric information used in biometric authentication is registered.

  As another aspect of the present invention, a new service can be provided according to the storage location of biometric information for verification used in biometric authentication.

[Overview]
First, the business flow from the opening of a bio account to the registration of biometric information to an IC card in the first embodiment of the present invention will be briefly described with reference to FIG. In the first embodiment, a case where an application for opening a bio account is made at a bank branch or the like is handled, and a case where an application for opening a bio account is made via the Internet is handled in the second embodiment.

  The account opening applicant goes to a bank branch or the like and fills in the necessary items on the bio account opening account application (step 101). Here, in addition to the entry of personal data such as the account holder name necessary for conventional account opening, the management location of the biometric information used for biometric authentication is entered. The biometric information management location can be selected from a bank and an IC card. Here, an IC card is selected and entered.

Next, the applicant submits the completed account opening application form to the person in charge of the branch office or the like, and the person in charge of the window accepts the account opening application (step 102). The person in charge confirms that the person entered in the account opening application form as the account holder is the applicant based on the account opening application form and the certificate of the applicant's license, etc., which is the identity verification document. (Step 103). If it is confirmed that the applicant is the person himself / herself, an account number is determined and a new account corresponding to the account number is opened (step 104). Then, the contact person operates a terminal such as a branch office and registers personal data such as the account holder name and the management location data of the biometric information in the bank management server in association with the opened account (step) 105).

  The above is the process related to opening an account. Hereinafter, processing for issuing an IC card and registering biometric information for the IC card will be described.

  The person in charge of the window causes the biometric information reader to read the biometric information of the applicant who is the account holder, and registers the biometric information in the management server in association with the opened account, for example, using a terminal such as a branch office (step 106). This biometric information is used for identity verification performed when biometric information is registered in the IC card in a terminal device such as an ATM having a function of registering biometric information in the IC card. Note that a password or the like may be used instead of the biometric information as information used for identity verification.

  Next, the contact person requests the card issuing company to create an IC card in which personal data such as the account holder name and information such as the account number are registered (step 107). The card issuer may be the same entity as the bank. The card issuing company accepts an IC card creation request from a bank branch or the like (step 108), and creates an IC card according to the requested content (step 109). The created IC card is mailed from the card issuing company to the account holder (step 110). When the account holder receives the mailed IC card (step 111), the bank branch or the like in which a terminal device such as an ATM having a function of registering biometric information is installed to register biometric information on the IC card. (Step 112). In the following description, biometric information is registered by an ATM.

  When the account holder inserts the IC card into the ATM, the ATM IC card reader / writer reads information such as the account number registered in the IC card (step 113). The ATM communicates with the bank management server and obtains the biometric information registered in the management server corresponding to the read account number (step 114). Here, the biometric information reader of ATM reads the biometric information of the account holder (step 115), and the read biometric information is compared with the biometric information acquired from the management server (step 116). If the biometric information satisfies a predetermined condition as a result of the collation, it is determined that the person whose biometric information has been read is the account holder. Therefore, the ATM writes the read biometric information or the biometric information acquired from the management server into the IC card as that of the account holder (step 117), and discharges the IC card when the writing is completed (step 118). In this way, the account holder can get a valid IC card.

  Here, since biometric authentication is completed normally and biometric information is registered in the IC card, the biometric information registered in the management server is no longer necessary. Therefore, the ATM transmits an instruction to delete biometric information managed by the management server to the management server (step 119). The management server receives the biometric information erasure instruction from the ATM (step 120), and erases the biometric information (step 121).

  As mentioned above, even if an IC card is not issued when a bio-account opening applicant goes to a branch office, etc., and the IC card is mailed by a card issuing company, etc., the identity of the person is confirmed by ATM. By carrying out automatically, it is not necessary for a person in charge such as a bank branch to attend the registration work, and it is possible to reduce the cost of the bank. As a bio-account opening applicant, biometric information can be automatically registered by a terminal device such as an ATM having a function of registering biometric information in an IC card. If the time is long enough and the terminal device is installed in many places, there is a considerable restriction of the conventional restriction that it is necessary to secure time within the business hours of the bank branch and go to the branch of the bank. Will be alleviated. In addition, as described above, when biometric authentication is used for identity verification when registering biometric information to an IC card, the identity between the bio-account open applicant and the biometric information registrant can be directly and more than human. It can be determined with high accuracy. Therefore, it is possible to further prevent the fraud that the bio-account opening applicant and the biometric information registrant are switched, and biometric information different from that of the bio-account opening applicant who is the account holder is registered in the IC card. Furthermore, after biometric authentication is successfully completed and biometric information is registered in the IC card, the bank side minimizes the cost of preventing biometric information leakage by deleting the biometric information registered in the management server. Can be suppressed.

  Next, the business flow from the opening of a bio account to the registration of biometric information to an IC card in the second embodiment of the present invention will be briefly described with reference to FIG.

  The account opening applicant uses a terminal device such as a PC (Personal Computer) that can be connected to the Internet to make an application for opening a bio account from the homepage of the bank that opens the account (step 201). Here, the applicant selects a bio account as the type of account to apply for opening, and inputs personal data such as the name and address of the applicant into the application form. When the applicant finishes filling out the application form and instructs the PC or the like to transmit, the input data is transmitted to the bank customer center server, and the customer center server accepts an application for opening a bio account (step 202). The person in charge at the customer center sends an application form for opening a bio account to the address of the applicant entered in the application form (step 203).

  When the applicant receives the bio-account opening application (step 204), the applicant fills in the necessary items for the account opening application (step 205). Here, in addition to the entry of the account holder or the like necessary for the conventional account opening, the management location and password of the biometric information used for biometric authentication are entered. The biometric information management location can be selected from a bank or an IC card. The password is used for identity verification when registering biometric information for the IC card. When the applicant completes the application form for opening the bio account, the applicant sends a copy of the certificate such as the applicant's license, which is the identity confirmation document, to the customer center together with the application form (step 206).

  When the person in charge at the customer center receives the account opening application, etc. (step 207), the person who is filled in the account opening application as the account holder is based on the account opening application and the identity verification document. (Step 208). If it is confirmed that the applicant is the person himself / herself, an account number is determined and a new account corresponding to the account number is opened (step 209). Then, the person in charge operates the terminal of the customer center and registers personal data such as the account holder name and the management location data of the biometric information in the bank management server in association with the opened account (step 210). ). Further, the person in charge operates the terminal of the customer center and registers the password in the bank management server in association with the opened account (step 211).

  The above is the process related to opening an account. Hereinafter, processing for issuing an IC card and registering biometric information for the IC card will be described.

  Next, the person in charge at the customer center of the bank requests the card issuing company to create an IC card in which personal data such as the account holder name and information such as the account number are registered (step 212). The card issuing company accepts an IC card creation request from a bank branch or the like (step 213), and creates an IC card according to the requested content (step 214). The created IC card is mailed from the card issuing company to the account holder (step 215). When the account holder receives the mailed IC card (step 216), a terminal device such as an ATM having a function of registering the biometric information in the IC card is installed to register the biometric information in the IC card. Go to a facility such as a convenience store (step 217). In the following, it is assumed that biometric information is registered in the ATM.

  When the account holder inserts the IC card into the ATM IC card reader / writer, the ATM IC card reader / writer reads information such as the account number registered in the IC card (step 218). The ATM communicates with the management server and obtains a password registered in the management server corresponding to the read account number (step 219). Here, when the account holder inputs the password to the ATM, the ATM accepts the input of the password (step 220), and collates the input password with the password acquired from the management server (step 221). If these passwords match as a result of verification, it is determined that the person who entered the password is the account holder. Therefore, the process of registering the biometric information of the person who entered the password at the ATM as the biometric information of the account holder is performed. First, the biometric information reader of ATM reads the biometric information of the account holder (step 222). Here, when the IC card is selected as the biometric information management location, the ATM writes the read biometric information on the IC card (step 223). On the other hand, when the bank is selected as the management location of the biometric information, the ATM registers the read biometric information in the management server in association with the read account number (step 224). When writing of biometric information to the IC card described above or registration of biometric information to the management server is completed, the ATM ejects the IC card (step 225). In this way, the account holder can get a valid IC card.

  Here, since the password authentication is normally completed and the biometric information is registered in the IC card, the password managed in the management server is no longer necessary. Therefore, the ATM transmits an instruction to delete the password managed by the management server to the management server (step 226). The management server receives the password deletion instruction from the ATM (step 227), and deletes the password (step 228).

  As mentioned above, even if an IC card is not issued when a bio-account opening applicant goes to a branch, etc., and the IC card is mailed by a card issuing company, etc. later, the identity verification is done at the ATM. By carrying out automatically, it is not necessary for a person in charge such as a bank branch to attend the registration work, and it is possible to reduce the cost of the bank. As a bio-account opening applicant, biometric information can be automatically registered in a terminal device such as an ATM having a function of registering biometric information in an IC card. If the terminal device is installed long enough and the terminal device is installed in many places, the conventional restriction that it is necessary to secure time within the business hours of the bank branch and go to the bank branch, etc. is considerably relaxed. Will be. Then, after the biometric information is registered in the IC card, even if the password used for identity verification at the time of registration of the biometric information on the IC card is leaked, by using the leaked password, illegal biometric information is used. Cannot be registered in the IC card. However, there is a possibility that the bio-account opening applicant has set a password that is the same as that of the cash card of another financial institution held by the bio-account opening applicant. Therefore, the biometric information is registered in the management server after the biometric information is registered in the IC card, and the bank side can minimize the password management cost by deleting the password that is no longer necessary.

[Specific configuration example]
FIG. 3 shows a system schematic diagram according to the first and second embodiments of the present invention. In a network 1 such as the Internet or a dedicated line, a management server 2, one or a plurality of sales office terminals 3, one or a plurality of customer center terminals 4 installed in a customer center, and an IC card issuing company are installed. One or a plurality of card issuing company terminals 5 and one or a plurality of ATMs 6 installed in a bank or the like are connected.

  The management server 2 includes an account opening processing unit 21, a writing result processing unit 22, a management table 23, a determination processing unit 24, and a communication control unit 25. The account opening processing unit 21 includes an account data registration unit 211, an account number generation processing unit 212, and a temporary PIN number generation processing unit 213. The determination processing unit 24 includes an effective period determination processing unit 241 and a validity determination processing unit 242. Note that details of each processing unit will be described later in the description of the processing flow, and here, processing related to the management table 23 will be briefly described. The account data registration unit 211 performs a registration process for the management table 23 based on the data output from the account number generation processing unit 212, the temporary password generation processing unit 213, and the communication control unit 25. The write result processing unit 22 performs a change process on the management table 23 based on the data output from the communication control unit 25. The validity period determination processing unit 241 performs processing based on the data output from the communication control unit 25 and the data acquired from the management table 23, and outputs the result to the validity determination processing unit 242 and the communication control unit 25. Based on the result, a change process for the management table 23 is performed. The validity determination processing unit 242 performs processing based on the data output from the validity period determination processing unit 241 and the data acquired from the management table 23, outputs the result to the communication control unit 25, and based on the result. Then, change processing for the management table 23 is performed. The communication control unit 25 communicates with different terminals via the network 1 and exchanges data with an appropriate processing unit.

  The branch office terminal 3 includes a display unit 31, a biometric information reading interface 32, a biometric information reading device 33, an input device 34, an account opening reception processing unit 35, and a communication control unit 36. When the communication control unit 36 receives data via the network 1, the communication control unit 36 outputs the received data to the account opening reception processing unit 35, and the account opening reception processing unit 35 outputs the output data to the display unit 31. To do. When the biometric information reading device 33 reads the biometric information, it outputs the read biometric information to the biometric information reading interface 32, and the biometric information reading interface 32 sends the output biometric information data to the account opening reception processing unit 35. Output. The input device 34 outputs the input data to the account opening reception processing unit 35. The account opening acceptance processing unit 35 outputs the data output from the biometric information reading interface 32 and the input device 34 to the communication control unit 36. Further, the communication control unit 36 transmits the data output from the account opening reception processing unit 35 to the management server 2 via the network 1.

  The customer center terminal 4 includes a display unit 41, an input device 42, an account opening reception processing unit 43, and a communication control unit 44. When receiving data via the network 1, the communication control unit 44 outputs the received data to the account opening reception processing unit 43, and the account opening reception processing unit 43 outputs the output data to the display unit 41. To do. The input device 42 outputs the input data to the account opening reception processing unit 43, and the account opening reception processing unit 43 outputs the output data to the communication control unit 44. Further, the communication control unit 44 transmits the data output from the account opening reception processing unit 43 to the management server 2 via the network 1.

  The card issuing company terminal 5 includes a communication control unit 51, an IC card creation request receiving unit 52, an IC card creation processing unit 53, an IC card shipping processing unit 54, a display unit 55, an input device 56, and a printing device. 57 and an IC card reader / writer 58. The communication control unit 51 outputs the data received from the management server 2 via the network 1 to the IC card creation request receiving unit 52. The IC card creation request receiving unit 52 outputs the output data to the IC card creation processing unit 53. Output to. The IC card creation processing unit 53 performs data writing to the IC card and printing processing on the surface of the IC card based on the data output from the IC card creation request receiving unit 52, and the created IC card data is transferred to the IC card. The data is output to the shipping processing unit 54. Based on the data output from the IC card creation processing unit 53, the IC card shipping processing unit 54 performs a printing process on the surface of the shipping envelope and a process for instructing the shipping person to ship the IC card. Is completed, the IC card creation request receiving unit 52 is notified of the completion of the shipping instruction process.

  The ATM 6 includes an ATM main body 6000, an IC card reader / writer 6501, and a biological information reader 6601. A detailed functional block diagram of the ATM 6 is shown in FIG. The ATM main body 6000 includes a communication control unit 6100, a data storage unit 6300, an IC card processing unit 6400, an IC card access interface 6500 connected to the IC card reader / writer 6501, and a biological information connected to the biological information reading device 6601. It includes an information reading interface 6600, a touch panel 6700 serving as both a display device and an input device, and an ATM basic control unit 6800. The data storage unit 6300 includes a biometric information storage unit 6301, a password storage unit 6303, and an IC card data storage unit 6305. The IC card processing unit 6400 includes an IC card writing result determination processing unit 6410 and a verification processing unit 6420, and the verification processing unit 6420 further includes a password verification processing unit 6421 and a biometric information verification processing unit 6422. . The ATM basic control unit 6800 includes a fee setting processing unit 6810, a normal fee table 6821, and a preferential fee table 6822. The fee setting processing unit 6810 performs the fee setting processing by switching between the two tables described above. The ATM basic control unit 6800 includes a processing unit for performing basic control of ATM and a processing unit for performing normal processing such as deposit / withdrawal, but is not illustrated here. Details of each processing unit will be described later in the description of the processing flow, and here, processing related to the data storage unit 6300 will be briefly described.

  The communication control unit 6100 registers the biometric information received from the management server 2 in the biometric information storage unit 6301 and registers the password received from the management server 2 in the password storage unit 6303. The IC card access interface 6500 registers the IC card data read from the IC card by the IC card reader / writer 6501 in the IC card data storage unit 6305. The password verification processing unit 6421 performs processing with reference to the password storage unit 6303, and the biometric information verification processing unit 6422 performs processing with reference to the biometric information storage unit 6301. The ATM basic control unit 6800 performs processing with reference to the IC card data storage unit 6305. Further, the communication control unit 6100 transmits the data acquired from the data storage unit 6300 to the management server 2 via the network 1.

  Next, FIG. 5A shows an example of the table configuration of the management table 23. In the table example of FIG. 5A, an account number column 501, a biometric information column 502, an opening date column 503, a temporary password number column 504 for checking the validity of an IC card, An information management location column 505, a password column 506, a name column 507, and other personal data are included. In the management location column 505, either IC or BK is registered. The IC indicates that the management location of biometric information is an IC card, and BK indicates that the management location of biometric information is a bank. Indicates. In addition, as described in the outline, there is a case where biometric information is used for identity verification performed when biometric information is registered in an IC card. Accordingly, in FIG. 5A, biometric information is also registered for an account registered as an IC in the management location column 505, but this biometric information is normally biometrically authenticated and the biometric information is stored in the IC card. Since it becomes unnecessary when it is registered in, it will be deleted.

  FIG. 5B shows an example of IC card data included in the IC card. Note that the IC card data storage unit 6305 of the ATM 6 also stores similar data. In the example of FIG. 5B, the account number 521, the biometric information 522, the establishment date 523, the temporary security code 524 for checking the validity of the IC card, the management location 525 of the biometric information, the name 526, and the validity flag 527 And other data. In the example of FIG. 5B, since the value of the management location 525 is IC, that is, the biological information is stored in the IC card, the biological information 522 is registered, but when the value of the management location 525 is BK, Since the biometric information is bank management, the biometric information 522 is not registered. The validity flag 527 contains a value indicating the validity of the IC card. That is, if the value of the valid flag 527 is 1, it indicates that the normal registration of the biometric information has been completed and the IC card can be used effectively. Further, if the value of the valid flag 527 is 2, it means that the biometric information cannot be properly registered and the IC card is invalid. If the value of the valid flag 527 is 3, it indicates that normal registration of biometric information has not been completed and biometric information can be registered.

  FIG. 5C shows an example of the table configuration of the normal fee table 6821. The example of FIG. 5C includes an overtime fee column 541, a transfer fee column 542 of another branch, and a transfer fee column 543 of another bank.

  FIG. 5D shows an example of the table configuration of the preferential fee table 6822. The example of FIG. 5D includes a column 561 for overtime fees, a column 562 for transfer fees for other branches, and a column 563 for transfer fees for other banks. Although the table configurations of FIG. 5C and FIG. 5D are the same, the values of FIG. 5D are smaller when the values of the corresponding columns are compared. That is, the fee registered in the preferential fee table 6822 is cheaper than the fee registered in the normal fee table 6821. Therefore, for example, when a user makes a transfer to another bank, by switching these tables according to the management location of the user's biometric information, for a user who manages biometric information with an IC card It is possible to set a lower fee compared to a user who manages biometric information at a bank.

  Next, the bio-accounting opening process according to the first embodiment will be described with reference to FIG. First, the bio-account opening applicant submits the completed bio-account opening application form to a person in charge of a bank branch or the like. Here, when the contact person confirms that the person described in the application form as the account holder is the applicant himself, the contact person starts the account opening process. The input device 34 of the branch office terminal 3 in FIG. 3 accepts an input of an account opening instruction from the person in charge of the window (FIG. 6: step S101), and outputs the account opening instruction data to the account opening reception processing unit 35. The account opening reception processing unit 35 causes the communication control unit 36 to perform transmission processing of account opening instruction data to the bank management server 2 (step S103). When receiving the account opening instruction data (step S105), the communication control unit 25 of the management server 2 outputs the account opening instruction data to the account data registration unit 211. The account data registration unit 211 causes the account number generation processing unit 212 to generate an account number, and registers the generated account number in the management table 23 as the account number of the new account (step S107).

  Next, when the contact person inputs personal data such as the account holder name and biometric information management location data, the input device 34 of the branch terminal 3 accepts the input of the data (step S109), and the data is stored in the account. The data is output to the establishment reception processing unit 35. The account opening reception processing unit 35 causes the communication control unit 36 to perform the data transmission processing to the bank management server 2 (step S111). When the communication control unit 25 of the management server 2 receives the data (step S113), the communication control unit 25 outputs the data to the account data registration unit 211. The account data registration unit 211 registers data including personal data and biometric information management location data in the management table 23 in association with the account number of the new account (step S115).

  Next, the account opening acceptance processing unit 35 of the sales office terminal 3 displays a biometric information reading screen on the display unit 31 in order to prompt the counter person in charge to read the biometric information of the bioaccount opening applicant. Step S117). When the biometric information reading device 33 reads the biometric information of the bio-account opening applicant according to the biometric information reading screen (step S119), the communication control unit 36 transmits the read biometric information to the management server 2 (step S121). ). When the communication control unit 25 of the management server 2 receives the biometric information from the branch terminal 3 (step S123), the communication control unit 25 outputs the biometric information to the account data registration unit 211. The account data registration unit 211 registers the biometric information in the management table 23 in association with the account number of the new account (step S125).

  Further, the account data registration unit 211 of the management server 2 acquires the system time of the management server 2 as the account opening date data, and uses the acquired date data of the system time as the account opening date data to the account number of the new account. Correspondingly, it is registered in the management table 23 (step S127). Further, the account data registration unit 211 causes the temporary security code generation processing unit 213 to generate a temporary security code, and registers the generated temporary security code in the management table 23 in association with the account number of the new account. (Step S129). The temporary security code is, for example, a random number, but may be a symbol or the like instead of a number.

  Since the account opening process is now complete, the management server 2 transmits an account opening end notice to the branch terminal 3 (step S131). When the communication control unit 36 of the branch office terminal 3 receives the notification from the management server 2, the communication control unit 36 outputs the notification to the account opening reception processing unit 35, and the account opening reception processing unit 35 displays the account opening end screen on the display unit 31. Is displayed (step S133).

  Although not shown in the figure, after this, the person in charge of the window requests the card issuing company to create an IC card, and the card issuing company executes processing for sending the IC card to the bio-account opening applicant.

  That is, when the account opening process ends, the person in charge of the window inputs an IC card creation request instruction to the input device 34 of the branch office terminal 3, and the input device 34 sends an account opening reception processing unit 35 to the account opening processing unit 35 according to the instruction. An IC card creation request instruction is output. In response to the IC card creation request instruction, the account opening reception processing unit 35 causes the communication control unit 36 to transmit an IC card creation request notification including the account number and the like to the management server 2.

  The communication control unit 25 of the management server 2 receives the IC card creation request notification and outputs it to the account opening processing unit 21. In response to the IC card creation request notification, the account opening processing unit 21 searches the management table 23 using the account number included in the notification and writes data to be written in the IC card (account number, account opening date, temporary PIN number). , Management location, name, etc.). The account opening processing unit 21 causes the communication control unit 25 to transmit an IC card creation request notification including data to be written to the IC card to the card issuing company terminal 5.

  The communication control unit 51 of the card issuing company terminal 5 receives the IC card creation request notification from the management server 2 and outputs it to the IC card creation request receiving unit 52. The IC card creation request receiving unit 52 receives the IC card creation request notification and outputs data (hereinafter referred to as IC card data) to be written to the IC card included in the notification to the IC card creation processing unit 53. The IC card creation processing unit 53 receives the IC card data from the IC card creation request receiving unit 52 and causes the display unit 55 to display an IC card insertion instruction screen. This IC card insertion instruction screen is displayed to prompt the person in charge of the card issuing company to insert the IC card into the IC card reader / writer 58. When the IC card is inserted into the IC card reader / writer 58, the IC card creation processing unit 53 causes the IC card reader / writer 58 to write the IC card data, and further causes the printer 57 to store the account holder name and account number. Are printed on the surface of the inserted IC card. In some cases, the account holder name and the account number are embossed instead of being printed on the surface of the IC card. Next, the IC card creation processing unit 53 outputs an IC card creation end notification including the IC card data to the IC card shipping processing unit 54. The IC card shipping processing unit 54 receives the IC card creation end notification, and causes the printing device 57 to print the account holder name and the address of the account holder included in the notification on a shipping envelope or the like. When printing is completed, the IC card shipping processing unit 54 causes the display unit 55 to display a screen for instructing the person in charge of the card issuing company to ship the IC card. The person in charge of the card issuing company confirms the created IC card in accordance with the instruction on the screen and encloses it in a printed envelope. Next, the person in charge of the card issuing company requests a delivery company or the like to deliver the envelope. When the request is completed, the person in charge of the card issuing company inputs shipping completion to the input device 56, and the input device 56 notifies the IC card shipping processor 54 of shipping completion in response to the input. In response to the notification, the IC card shipping processing unit 54 notifies the IC card creation request receiving unit 52 of the completion of shipping. This is the end of the IC card creation process. The management server 2 may be notified of the completion of shipment.

  The bio-account opening applicant receives the IC card sent from the card issuing company, and then performs biometric information registration processing for the IC card.

  Next, biometric information registration processing for an IC card according to the first embodiment will be described with reference to FIGS. 7 to 9 and FIGS. 11 to 13. In the first embodiment, an example in which biometric information is registered in ATM is shown, but other terminal devices having similar functions other than ATM may be used.

  First, a bio-account opening applicant who is an account holder receives an IC card sent from a card issuing company and goes to a branch of a bank where an ATM having a function of registering biometric information for the IC card is installed. . The ATM basic control unit 6800 of the ATM 6 displays an initial screen on the touch panel 6700 (FIG. 7: Step S135). In this initial screen, as shown in the example of FIG. 11A, in addition to the menu items for performing normal transactions such as balance inquiry, deposit withdrawal, transfer, deposit, and transfer, a transition is made to submenus for various procedures. Various procedure menu items 151 are included. Here, when the account holder selects and inputs one of the menu items displayed on the touch panel 6700, the touch panel 6700 accepts the selection input (step S137), and the data of the menu item selected and input is ATM basic control. To the unit 6800. The ATM basic control unit 6800 receives the menu item data from the touch panel 6700, and determines whether a menu item other than the various procedure menu items 151 has been selected from the data (step S139).

  If it is determined that a menu item other than the various procedure menu items 151 has been selected (step S139: No route), processing such as deposit / withdrawal is performed (step S600). Details of this deposit and withdrawal will be described later. On the other hand, when it is determined that the various procedure menu items 151 are selected (step S139: Yes route), the ATM basic control unit 6800 displays various procedure screens on the touch panel 6700 (step S140). In this various procedure screens, as shown in FIG. 11 (b), in addition to menu items for procedures such as change of PIN and address change, the account holder of the bio account newly registers biometric information. Menus (IC card registration menu item 152 and bank registration menu item 153) are included in the right part of this screen. In this example, the registration destination of the biometric information is selected from the IC card and the bank, but since the biometric information management location has already been specified when the bio account is opened, the specified management location is used here. Must be selected. Here, in order to explain biometric information registration processing with respect to an IC card, it is assumed that an IC card is selected as a biometric information management location when an account is opened, and an IC card registration menu item 152 is selected. Note that the processing related to procedures such as password change and address change is the same as that in the prior art, and therefore the description thereof is omitted here. Further, in the first embodiment, when the management location of the biometric information is a bank, it is only necessary to register with the bank management server 2 when first going to a bank branch for opening an account. The bank is not selected as the biometric information management location. In the second embodiment, when the management location of biometric information is a bank, the bank registration menu item 153 is selected to perform biometric information registration processing with respect to the bank management server 2. Processing in this case will be described later.

  Next, when the account holder selects and inputs the biometric information IC card registration menu item 152 from the menu items displayed on the touch panel 6700, the touch panel 6700 accepts the selection input (step S141), and the selected menu is input. The item data is output to the ATM basic control unit 6800. The ATM basic control unit 6800 receives the menu item data from the touch panel 6700 and determines that the IC card registration menu item is selected from the menu item data. Then, the ATM basic control unit 6800 displays an IC card insertion instruction screen on the touch panel 6700 (step S143). This IC card insertion instruction screen is displayed in order to prompt the account holder to insert an IC card into the ATM 6, as shown in FIG. When the account holder inserts the IC card into the ATM card reader / writer 6501 of the ATM 6, the IC card reader / writer 6501 of the ATM 6 accepts the IC card, and the IC card reader / writer 6501 registers the IC card registered in the inserted IC card. Read data (step S145). The IC card reader / writer 6501 outputs the IC card data to the IC card access interface 6500. The IC card access interface 6500 registers the IC card data received from the IC card reader / writer 6501 in the IC card data storage unit 6305.

  Next, a process of determining whether biometric information can be newly registered in the IC card is performed by each processing unit of the ATM 6 based on the IC card data read from the IC card. First, whether or not new biometric information can be registered is determined based on the value of the valid flag 527 included in the IC card data. Specifically, the IC card processing unit 6400 refers to the value of the validity flag 527 of the IC card stored in the IC card data storage unit 6305, and determines whether the value is other than 3 (step S147). If the value of the valid flag 527 is other than 3, it is determined that new registration of biometric information is impossible (step S147: No route), and the IC card processing unit 6400 has an error indicating that it is an illegal IC card, for example. The cause is displayed on the touch panel 6700 (step S149). The process proceeds to the process of FIG. 9 via the terminal A, and the IC card processing unit 6400 causes the IC card reader / writer 6501 to eject the IC card (FIG. 9: Step S223).

  On the other hand, when the value of the valid flag 527 is 3, it is determined that biometric information can be newly registered (step S147: Yes route), and further, it is confirmed whether biometric information can be registered in the IC card. Move on to processing. The IC card processing unit 6400 refers to the value of the management location 525 stored in the IC card data storage unit 6305, and determines whether the value is an IC (step S151). When the value of the management location 525 is not IC but BK, it is determined that biometric information cannot be registered in the IC card (step S151: No route), and the IC card processing unit 6400, for example, registers biometric information. An error cause indicating that the destination is invalid is displayed on the touch panel 6700 (step S153). Then, the process proceeds to step S223 in FIG. On the other hand, when the value of the management location 525 is IC, it is determined that new biometric information can be registered in the IC card (step S151: Yes route). Therefore, the processing shifts to the processing in FIG.

  Next, a process for determining whether biometric information can be newly registered in the IC card is based on the data registered in the management table 23 of the management server 2 and the data registered in the IC card. 2 is performed by each processing unit of 2. Therefore, the IC card processing unit 6400 causes the communication control unit 6100 to transmit to the management server 2 determination instruction data as to whether biometric information can be newly registered in the IC card (FIG. 8: step S155). The communication control unit 25 of the management server 2 receives the determination instruction data from the ATM 6 (step S157). Next, the IC card processing unit 6400 causes the communication control unit 6100 to transmit the IC card data read from the IC card to the management server 2 (step S159). Since the IC card data is also held in the management table 23 of the management server 2, for example, only the account number and the temporary security code may be used as the transmitted IC card data. In addition, the IC card processing unit 6400 displays an IC card inquiry waiting screen on the touch panel 6700 (step S161). For example, while the inquiry waiting screen for the IC card as shown in FIG. 12A is being processed in the management server 2 to determine whether biometric information can be newly registered in the IC card, the touch panel 6700 of the ATM 6 is displayed. Is displayed. And the communication control part 25 of the management server 2 receives IC card data from ATM6 (step S163). The communication control unit 25 outputs the received IC card data to the valid period determination processing unit 241.

  In this embodiment, a validity period is set for the IC card sent from the card issuing company to the account holder. That is, the account holder must perform regular registration of the biometric information within the valid period using the IC card received from the card issuing company. The valid period is, for example, a predetermined number of days from the account opening date. For this reason, the validity period determination processing unit 241 of the management server 2 determines whether the new registration procedure of the biometric information for the IC card by the account holder this time, that is, whether the determination instruction data has been received within the validity period (step S167). ). Specifically, the validity period determination processing unit 241 acquires the value of the account opening date column 503 from the management table 23 using the value of the account number 521 included in the IC card data, Get the system time. Next, the validity period determination processing unit 241 calculates the number of days between the date of the system time and the opening date of the account, and if the calculated number of days is within the predetermined number of days, it is within the validity period. judge. On the other hand, when the calculated number of days exceeds the predetermined number of days, it is determined that it is outside the valid period.

  The effective period determination processing unit 241 causes the communication control unit 25 to transmit the effective period determination processing result to the ATM 6 (step S169). If a determination process result indicating that the period is outside the valid period is obtained (step S171: No route), the process proceeds to the process of FIG. Initialization is performed (FIG. 9: Step S231). Details of this processing will be described later.

  The communication control unit 6100 of the ATM 6 receives the validity period determination processing result from the management server 2 (step S173), and outputs the validity period determination processing result to the IC card processing unit 6400. The IC card processing unit 6400 receives the valid period determination processing result from the communication control unit 6100, and confirms whether or not it is determined that it is within the valid period (step S175). If the result of the determination process is that it is outside the valid period (step S175: No route), the process proceeds to the process in FIG. The processing is performed by the IC card reader / writer 6501 through the IC card access interface 6500 (FIG. 9: Step S219). More specifically, the value of the valid flag 527 is updated to 2. Then, the touch panel 6700 is caused to display an error cause indicating that it is out of the valid period (step S221). On the other hand, if the result of the determination process is that it is within the valid period (step S175: Yes route), the process waits until the next data is received from the management server 2.

  Returning to the description of the processing in the management server 2, when a determination processing result within the effective period is obtained (step S <b> 171: Yes route), the effective period determination processing unit 241 sends a validity determination processing unit 242 to the validity determination processing unit 242. The IC card data received from the ATM 6 is output, and a process for determining the validity of the IC card is executed (step S177). In the present embodiment, the validity determination processing unit 242 performs management using the value of the temporary security code 524 included in the IC card data received from the ATM 6 and the account number included in the IC card data received from the ATM 6. The value in the column 504 of the temporary security code obtained from the table 23 is collated. When the collation result indicates that the temporary passwords match, it is determined that the current IC card is a legitimate IC card that has been properly issued by the IC card issuing company. On the other hand, if the collation result indicates that the provisional security codes do not match, it is determined that the current IC card is not a legitimate IC card that has been properly issued by the IC card issuer. The

  After such validity determination processing, the validity determination processing unit 242 causes the communication control unit 25 to perform transmission processing of the validity determination result for the ATM 6 (step S179). Also, in the case of a determination result that the current IC card has no validity (step S181: No route), the process proceeds to the process of FIG. 9 via the terminal D, and the validity determination processing unit 242 Record initialization is performed (step S231).

  The communication control unit 6100 of the ATM 6 receives the validity determination result from the management server 2 (step S183), and outputs the validity determination result to the IC card processing unit 6400. The IC card processing unit 6400 receives the validity determination result from the communication control unit 6100 and confirms the validity determination result. If it is determined that the current IC card is not valid (step S185: No route), the IC card processing unit 6400 proceeds to step S219 in FIG. In step S221 executed after step S219, an error cause indicating that the IC card is invalid is displayed on the touch panel 6700 as an error cause.

  On the other hand, when it is determined that the current IC card is valid (step S185: Yes route), the IC card processing unit 6400 causes the biometric information reader 6601 to read the biometric information to the account holder. The biometric information reading screen is displayed on the touch panel 6700 (step S187). For example, a biological information reading screen as shown in FIG. In this embodiment, since the palm vein is handled as biometric information, in FIG. 12B, the account holder is prompted to hold the palm up. However, the biological information is not limited to the palm vein pattern, and a fingerprint or the like may be read as the biological information.

  When the biometric information reading device 6601 starts to read the biometric information of the account holder (step S189), the IC card processing unit 6400 indicates that the biometric information is being read, for example, as shown in FIG. The screen is displayed on the touch panel 6700. When the reading of the biological information is finished, the biological information reading device 6601 outputs the read biological information to the biological information reading interface 6600. The biometric information reading interface 6600 receives the biometric information from the biometric information reading device 6601 and stores the biometric information in the biometric information storage unit 6301. The processing shifts to the processing in FIG.

  The IC card processing unit 6400 displays, on the touch panel 6700, a screen indicating that biometric information registration processing, for example, as illustrated in FIG. 13A is being performed (FIG. 9: Step S191). And the process which confirms whether the person whose biometric information was read is the account holder himself is performed using the read biometric information. For this reason, the ATM 6 waits until the biometric information used for verification is transmitted from the management server 2.

  Here, returning to the description of the processing in the management server 2, when the determination result that the current IC card is valid is obtained (step S <b> 181: Yes route), the validity determination processing unit 242 receives from the ATM 6. Using the value of the account number 521 included in the IC card data, the value of the corresponding biometric information column 502 is read from the management table 23, and the communication control section 25 is made to transmit the biometric information to the ATM 6 (step S193). ). On the other hand, the communication control unit 6100 of the ATM 6 receives the biometric information (step S195) and stores it in the biometric information storage unit 6301.

  Here, the biometric information matching processing unit 6422 performs a matching process between the biometric information read by the biometric information reading device 6601 and the biometric information received from the management server 2 (step S197). If it is determined in the verification process that the biometric information is more than a predetermined reference, it is determined that the person whose biometric information has been read is the account holder, and the authentication is successful. On the other hand, if it is not determined that the biometric information is similar to a predetermined standard or higher in the verification process, it is determined that the person whose biometric information has been read is not the account holder and authentication fails. It will be done. Then, the biometric information matching processing unit 6422 causes the communication control unit 6100 to perform processing for transmitting the authentication result to the management server 2 as a matching result (step S199).

  If it is determined that the authentication has failed (step S201: No route), the process proceeds to step S219. That is, the biometric information matching processing unit 6422 causes the IC card reader / writer 6501 to perform error data writing processing on the IC card through the IC card access interface 6500 (step S219). More specifically, the value of the valid flag 527 is updated to 2. Further, for example, an error cause indicating that biometric information not recognized as an account holder is detected is displayed on the touch panel 6700 (step S221). On the other hand, when it is determined that the authentication is successful (step S201: Yes route), the process proceeds to step S209.

  In addition, the communication control unit 25 of the management server 2 receives the authentication result as a verification result from the ATM 6 (step S205), and outputs the determination result to the validity determination processing unit 242. The validity determination processing unit 242 confirms the authentication result (step S207). When it is determined that the authentication has failed (step S207: No route), the process proceeds to step S231. On the other hand, when it is determined that the authentication is successful (step S207: Yes route), the process waits for the writing result to be transmitted from the ATM 6.

  Returning to the description of the ATM6 process, when it is determined that the authentication is successful (step S201: Yes route), the biometric information matching processing unit 6422 reads the biometric information read by the biometric information reading device 6601 (or from the management server 2). The process of writing the received biometric information) to the IC card is performed by the IC card reader / writer 6501 through the IC card access interface 6500 (step S209). At this time, the value of the valid flag 527 is also updated to 1.

  Then, the IC card writing result determination processing unit 6410 determines whether biometric information has been normally written to the IC card (step S211). Specifically, the IC card writing result determination processing unit 6410 causes the IC card reader / writer 6501 to read the value of the biological information 522 registered in the IC card through the IC card access interface 6500, and the read biological information. It is stored in the biological information storage unit 6301. Since the biometric information written to the IC card is stored in the biometric information storage unit 6301, the IC card writing result determination processing unit 6410 stores the biometric information and the biometric information read from the current IC card. Obtained from the unit 6301 and performs a collation process. As a result of the collation processing, if it can be determined that the biometric information matches, it is determined that the registration is successful. In addition to the case where the biometric information does not match as a result of the collation process, the case where writing into the IC card and reading of the data from the IC card cannot be performed is also determined as registration failure. The IC card writing result determination processing unit 6410 causes the communication control unit 6100 to perform processing for transmitting the writing result to the management server 2 (step S213).

  If the writing result indicates registration failure (step S215: No route), the process proceeds to step S219. That is, the IC card writing result determination processing unit 6410 causes the IC card reader / writer 6501 to perform error data writing processing on the IC card through the IC card access interface 6500 (step S219). More specifically, the value of the valid flag 527 is updated to 2. Further, for example, an error cause indicating that writing has failed is displayed on the touch panel 6700 (step S221).

  On the other hand, when the writing result indicates that the registration is successful (step S215: Yes route), the IC card writing result determination processing unit 6410 displays, for example, a new registration completion screen as shown in FIG. 13B on the touch panel 6700. (Step S217), the IC card reader / writer is caused to eject the IC card (Step S223).

  Returning to the description of the processing of the management server 2, the communication control unit 25 of the management server 2 receives the write result from the ATM 6 (step S225), and outputs the write result to the write result processing unit 22. The write result processing unit 22 receives the write result from the communication control unit 25 and confirms the write result (step S227). When it is determined that the write result indicates registration failure (step S227: No route), the write result processing unit 22 initializes the record of the management table 23 (step S231). More specifically, the values in the biometric information column 502 and the password column 506, which are data necessary for registering biometric information in the ATM, are deleted. In addition, the value in the temporary password number column 504 may be deleted. In such a case, the account holder goes to the bank branch etc. again, and after a predetermined procedure, the biometric information is registered in the IC card.

  If it is determined that the writing result indicates successful registration (step S227: Yes route), the biometric authentication has been completed normally and the biometric information has been registered in the IC card. Therefore, the biometric information has been registered in the management table 23. Biometric information is no longer needed. Therefore, the writing result processing unit 22 deletes the value in the biometric information column 502 (step S229).

  Note that processing such as deposit / withdrawal (FIG. 7: step S600) is similar to the deposit / withdrawal processing according to the second embodiment, and will be described later.

  Next, the bio-account opening process according to the second embodiment will be described. In the second embodiment, when a bio-account opening applicant applies for a bio-account opening from a bank homepage or the like, the person in charge at the bank's customer center sends the bio-account opening application to the applicant. . Next, the applicant fills in the bio-account opening application and sends a copy of the completed bio-account opening application and a certificate such as the applicant's license, which is an identity verification document, to the customer center. Here, when the person in charge at the customer center confirms that the person listed in the application form as the account holder is the applicant, the person in charge at the customer center starts the account opening process. To do.

  The following processing is almost the same as when the account opening processing is started at a bank branch or the like described with reference to FIG. However, since the account holder himself / herself goes to the bank branch etc. at the bank branch etc., the biometric information is read using the biometric information reading device 33 of the branch terminal 3 and is stored in the management table 23 of the management server 2. Although it can be stored, the account holder himself cannot go to the customer center, so the biometric information cannot be read. Therefore, the following processing is performed in place of steps S117 to S125 of FIG.

  That is, the person in charge at the customer center inputs a password used for identity verification at the time of registration of biometric information to the IC card, and the input device 42 of the customer center terminal 4 accepts the input of the password, and the input password is Output to the account opening reception processing unit 43. Then, the account opening reception processing unit 43 causes the communication control unit 44 to perform transmission processing of the password to the bank management server 2. When the communication control unit 25 of the management server 2 receives the password from the customer center terminal 4, the communication control unit 25 outputs the password to the account data registration unit 211. The account data registration unit 211 registers the password in the management table 23 in association with the account number of the new account.

  If replaced with such processing, the IC card is sent from the customer center to the account holder.

  Next, biometric information registration processing for an IC card according to the second embodiment will be described. The difference between the second embodiment and the first embodiment is that customer authentication is performed using a password without using biometric information in customer authentication. Therefore, steps S187 and S189 in FIG. 8 and steps S191 to S197 in FIG. 9 may be replaced with the following processing.

  That is, the IC card processing unit 6400 displays a password input screen on the touch panel 6700 in order to prompt the account holder to input a password. For example, a password input screen including a numeric keypad as shown in FIG. When the account holder sequentially selects and inputs a numeric key corresponding to the password from the numeric keys displayed on touch panel 6700, touch panel 6700 accepts the selected and input password and stores it in password storage unit 6303. Note that not only numbers but also other symbols may be adopted as a password.

  Next, the IC card processing unit 6400 causes the touch panel 6700 to display a screen indicating that password verification processing, for example, as illustrated in FIG. And the process which confirms whether the person who input the password is an account holder himself is used using the input password. For this reason, the ATM 6 waits until the password used for verification is transmitted from the management server 2.

  Next, the validity determination processing unit 242 of the management server 2 reads the value of the corresponding password column 506 from the management table 23 using the value of the account number 521 included in the IC card data received from the ATM 6, and reads the ATM 6 The communication control unit 25 is made to transmit the password for In response to this, the communication control unit 6100 of the ATM 6 receives the password and stores it in the password storage unit 6303.

  Here, the password verification processing unit 6421 performs a verification process between the password input from the touch panel 6700 and the password received from the management server 2. If these passwords match in the verification process, it is determined that the person who entered the password is the account holder and authentication is successful. On the other hand, if these passwords do not match in the verification process, it is determined that the person who entered the password is not the account holder, and authentication has failed.

  By performing the processing in place of such processing, biometric information can be registered in the IC card as in the first embodiment.

  In the second embodiment, when the management location of biometric information is a bank, biometric information registration processing with respect to the bank management server 2 is performed. As a difference between the biometric information registration process for the bank management server 2 and the biometric information registration process for the IC card described above according to the second embodiment, the account holder selects and inputs from the touch panel 6700 at the ATM 6. It is determined that the menu item is not the IC card registration menu 152 but the bank registration menu item 153 and whether the biometric information can be registered in the bank management server 2 instead of the biometric information in the IC card in the ATM 6. There is a point that. Therefore, steps S141 and S151 in FIG. 7 in the biometric information registration process for the IC card described above may be replaced with the following processes.

  That is, when the account holder selects and inputs the biometric information bank registration menu item 153 from the menu items displayed on the touch panel 6700, the touch panel 6700 accepts the selection input, and the data of the selected and input menu item is ATM basic. The data is output to the control unit 6800. The ATM basic control unit 6800 receives the menu item data from the touch panel 6700 and determines that the bank registration menu item 153 is selected from the menu item data. As described above, in step S143 to step S147, the IC card data is read by the IC card reader / writer 6501, and it is determined that biometric information can be registered from the value of the valid flag 527 included in the IC card data. Then, the process proceeds to a process for confirming whether biometric information can be registered in the bank management server 2. The IC card processing unit 6400 refers to the value of the management location 525 stored in the IC card data storage unit 6305, and determines whether the value is BK. If the value of the management location 525 is not BK but IC, it is determined that biometric information cannot be registered in the bank management server 2, and the process proceeds to step S153. On the other hand, when the value of the management location 525 is BK, it is determined that the biometric information can be newly registered in the bank management server 2.

  Furthermore, as a difference between the biometric information registration process for the bank management server 2 and the biometric information registration process for the above-described IC card according to the second embodiment, the biometric information is stored in the management server 2 instead of the IC card. There is a point of writing to the management table 23. Therefore, steps S209 to S213 in FIG. 9 in the biometric information registration process for the IC card described above are replaced with the following processes.

  That is, when the password authentication is successful, the IC card processing unit 6400 displays a biometric information reading screen on the touch panel 6700 in order to prompt the account holder to read the biometric information with the biometric information reading device 6601. For example, a biological information reading screen as shown in FIG. When the biometric information reading device 6601 starts reading the biometric information of the account holder, the IC card processing unit 6400 displays a screen indicating that biometric information is being read, for example, as shown in FIG. 6700. When the reading of the biological information is finished, the biological information reading device 6601 outputs the read biological information to the biological information reading interface 6600. The biometric information reading interface 6600 receives the biometric information from the biometric information reading device 6601 and causes the communication control unit 6100 to transmit the account number included in the IC card data and data including the biometric information to the management server 2. Next, the IC card processing unit 6400 causes the touch panel 6700 to display a screen indicating that biometric information registration processing, for example, as illustrated in FIG. When the communication control unit 25 of the management server 2 receives the data from the ATM 6, the communication control unit 25 outputs the data to, for example, the write result processing unit 22 or the account data registration unit 211. Then, the writing result processing unit 22 registers the biometric information included in the data in the biometric information column 502 of the management table 23 in association with the value of the account number 521 included in the data. When the registration process ends, the writing result processing unit 22 causes the communication control unit 25 to perform a process of transmitting a registration end notification to the ATM 6. Then, the communication control unit 6100 of the ATM 6 receives the notification from the management server 2.

  By performing the processing in place of such processing, the biological information can be registered in the bank management server 2 in the second embodiment.

  Next, with reference to FIG. 10, the processing of deposit / withdrawal and the like (FIG. 7: step S600) according to the first and second embodiments of the present invention will be specifically described.

  First, in the initial screen shown in the example of FIG. 11A, the ATM basic control unit 6800 that has determined that other than the various procedure menu items 151 has been selected displays an IC card insertion instruction screen on the touch panel 6700 (step S601). ). This IC card insertion instruction screen is displayed in order to prompt the account holder to insert an IC card into the ATM 6, as shown in FIG. When the account holder inserts an IC card into the ATM card reader / writer 6501 of ATM 6, the IC card reader / writer 6501 of ATM 6 accepts the IC card and reads the IC card data registered in the inserted IC card (step) S603). The IC card reader / writer 6501 outputs the IC card data to the IC card access interface 6500. The IC card access interface 6500 registers the IC card data received from the IC card access interface 6500 in the IC card data storage unit 6305.

  Next, the process of determining whether or not the biometric information has been properly registered and the inserted IC card can be used effectively is based on the IC card data read from the IC card. This is performed by the unit 6400. Specifically, the IC card processing unit 6400 refers to the value of the IC card validity flag 527 stored in the IC card data storage unit 6305, and determines whether the value is 1 (step S605). When the value of the valid flag 527 is other than 1, it is determined that the IC card is invalid (step S605: No route), and the IC card processing unit 6400 has an error indicating that it is an illegal IC card, for example. The cause is displayed on the touch panel 6700 (step S635). On the other hand, when the value of the validity flag 527 is 1, it is determined that the IC card can be used effectively (step S605: Yes route), and the process proceeds to biometric authentication. Specifically, the IC card processing unit 6400 displays a biometric information reading screen on the touch panel 6700 to prompt the account holder to read the biometric information with the biometric information reading device 6601 (step S607). For example, a biological information reading screen as shown in FIG. In this embodiment, since the palm vein is handled as biometric information, in FIG. 12B, the account holder is prompted to hold the palm up.

  When the biometric information reading device 6601 starts to read the biometric information of the account holder (step S609), the IC card processing unit 6400 indicates that the biometric information is being read, for example, as shown in FIG. The screen is displayed on the touch panel 6700. When the reading of the biological information is finished, the biological information reading device 6601 outputs the read biological information to the biological information reading interface 6600. The biometric information reading interface 6600 receives the biometric information from the biometric information reading device 6601 and stores the biometric information in the biometric information storage unit 6301.

  Next, it is determined whether the management location of the biometric information used for biometric authentication is an IC card based on the value of the management location 525 included in the IC card data read from the IC card. Specifically, the IC card processing unit 6400 refers to the value of the IC card management location 525 stored in the IC card data storage unit 6305 and determines whether the value is an IC (step S611). When the value of the management location 525 is IC (step S611: Yes route), the process proceeds to step S621, where biometric information is collated. On the other hand, when the value of the management location 525 is not IC but BK (step S611: No route), since the management location of the biological information is a bank, the biological information registered in the management table 23 of the management server 2 of the bank. Will get. Therefore, the IC card processing unit 6400 causes the communication control unit 6100 to perform processing for transmitting the biometric information acquisition request data including the account number to the management server 2 (step S613). When the communication control unit 25 of the management server 2 receives the data from the ATM 6 (step S615), the communication control unit 25 outputs the data to the validity determination processing unit 242. The validity determination processing unit 242 reads the value of the corresponding biometric information column 502 from the management table 23 using the value of the account number 521 included in the data, and transmits the biometric information to the ATM 6 to the communication control unit 25. (Step S617). On the other hand, the communication control unit 6100 of the ATM 6 receives the biometric information (step S619) and stores it in the biometric information storage unit 6301.

  Here, the biometric information matching processing unit 6422 displays, on the touch panel 6700, a screen indicating that biometric information matching processing, for example, as illustrated in FIG. 14C is being performed (step S621). The biometric information matching processing unit 6422 is managed by the management server 2 or the IC card. The biometric information acquired from the management location and stored in the biometric information storage unit 6301 is read by the biometric information reading device 6601. Collation processing with biometric information is performed (step S623). If it is determined in the verification process that the biometric information is more than a predetermined reference, it is determined that the person whose biometric information has been read is the account holder, and the authentication is successful. On the other hand, if it is not determined that the biometric information is similar to a predetermined standard or higher in the verification process, it is determined that the person whose biometric information has been read is not the account holder and authentication fails. It will be done.

  When it is determined that the authentication has failed (step S625: No route), the biometric information matching processing unit 6422 gives an error cause to the touch panel 6700 indicating that biometric information that is not recognized as an account holder is detected, for example. It is displayed (step S635). On the other hand, when it is determined that the authentication is successful (step S625: Yes route), the process proceeds to step S627.

  Next, a fee table corresponding to the management location of biometric information is validated. Specifically, the IC card processing unit 6400 obtains the value of the IC card management location 525 stored in the IC card data storage unit 6305 and outputs the value to the fee setting processing unit 6810. Then, the fee setting processing unit 6810 determines whether the value of the management location 525 is IC (step S627). When the value of the management location 525 is not IC (step S629: No route), the fee setting processing unit 6810 validates the normal fee table 6821 (step S629). On the other hand, when the value of the management location 525 is IC (step S629: Yes route), the fee setting processing unit 6810 validates the preferential fee table 6822 (step S631). In this embodiment, the fee registered in the preferential fee table 6822 shown in the example of FIG. 5 (d) is the fee registered in the normal fee table 6821 shown in the example of FIG. 5 (c). For example, when a user makes a transfer to another bank, for a user who manages biometric information with an IC card, the transfer is made at a lower fee than a user who manages biometric information with a bank. It becomes possible.

  After the fee is set as described above, the processing related to the normal transaction is performed (step S633). In addition, since the process regarding this normal transaction is the same as the prior art, description is abbreviate | omitted here.

  By constructing and using the system configured as described above, an IC card will not be issued when a bio-account opening applicant goes to a bank branch, etc., and an IC card will be mailed later by a card issuing company, etc. Even in such a case, since the identity verification is automatically performed by the ATM, it is not necessary for a person in charge such as a bank branch to attend the registration work, and the cost of the bank can be reduced. As a bio-account opening applicant, biometric information can be automatically registered in a terminal device such as an ATM having a function of registering biometric information in an IC card. If the terminal device is installed long enough and the terminal device is installed in many places, the conventional restriction that it is necessary to secure time within the business hours of the bank branch and go to the bank branch, etc. is considerably relaxed. Will be.

  Furthermore, the bank can provide a new service for changing the transfer fee to another bank, for example, according to the storage location of biometric information for verification used in biometric authentication.

  The management server 2, the branch office terminal 3, the customer center terminal 4, the card issuing company terminal 5, and the ATM 6 are computer devices as shown in FIG. 15. In the computer device, a memory 801, a CPU 803, a hard disk, A drive (HDD) 805, a display control unit 807 connected to the display device 809, a drive device 813 for the removable disk 811, an input device 815, and a communication control unit 817 for connecting to a network are connected via a bus 819. Yes. An operating system (OS) and application programs for realizing the above functions are stored in the HDD 805, and are read from the HDD 805 to the memory 801 when executed by the CPU 803. If necessary, the CPU 803 controls the display control unit 807, the communication control unit 817, and the drive device 813 to perform necessary operations. Further, data in the middle of processing is stored in the memory 801 and stored in the HDD 805 if necessary. Such a computer realizes various functions as described above by organically cooperating hardware such as the CPU 803 and the memory 801 described above with an OS and necessary application programs.

  Although the embodiment of the present invention has been described above, the present invention is not limited to this. IC cards are not limited to those issued by banks, but may be other financial institutions such as securities companies, credit card companies, and other companies that use IC cards as their own services.

  The table configurations shown in FIGS. 5A, 5C, and 5D and the IC card data format shown in FIG. 5B are only examples, and store similar data. Therefore, another configuration may be adopted. Further, items may be added or deleted as necessary. Further, the screen configuration of ATM 6 shown in FIGS. 11 to 14 is an example, and another screen configuration may be used. Further, the functional block configuration of ATM 6 shown in FIG. 4 is an example, and may differ from the actual program module configuration. The processing flows shown in FIGS. 6 to 10 are also examples, and the processing order may be changed within a range in which similar processing results are obtained, and steps may be added or deleted as necessary. .

  Furthermore, the management server 2 may be realized by a plurality of computers. For example, the processing units included in the management server 2 may be arranged on different computers, and these computers may be connected to each other via a network.

  Moreover, although the example which performs biometric information and password collation processing in ATM6 was shown, the biometric information read by the biometric information reader 6601 of ATM6 or the password input by the touch panel 6700 is transmitted to the management server 2, and the management server In step 2, the matching process may be performed.

Moreover, although the branch office terminal 3 showed the example which has the biometric information reading interface 32, the biometric information reader 33, and the account opening reception process part 35, it is not limited to this example. In other words, the computer having the biometric information reading interface 32 and the biometric information reading device 33 and the computer having the account opening reception processing unit 35 may be different from each other, and the computers may be connected to each other via a network.

  Furthermore, you may make it prepare the exclusive apparatus which only writes the biometric information to an IC card, without integrating with normal ATM like ATM6. Moreover, you may integrate another terminal device like a kiosk terminal.

(Appendix 1)
In a system including a biometric information reading device and a terminal device having an IC card reader / writer that reads biometric information that is a physical characteristic peculiar to an individual, and a management server having a user information storage unit, no biometric information is present. A new IC card issuing method that is executed without using an IC card other than a registered IC card,
An individual who includes at least one of biometric information and password stored in advance in the user information storage unit when an IC card in which biometric information of a specific user is not registered is inserted into the IC card reader / writer An authentication step of performing authentication using the confirmation information and the identity confirmation information of the specific user acquired this time;
Writing the specific user's biometric information in an unregistered IC card using the IC card reader / writer when it is determined that the authentication is successful in the authentication step;
IC card issuance method including

(Appendix 2)
A write result determination step for determining whether the biometric information of the specific user has been normally written in an IC card in which the biometric information is not registered;
When it is determined in the writing result determination step that the biometric information of the specific user has been normally written in the IC card in which the biometric information is not registered, the specific information stored in advance in the user information storage unit Deleting the user's identity verification information,
The method for newly issuing an IC card according to appendix 1, further comprising:

(Appendix 3)
When an IC card in which the biometric information of a specific user is not registered is inserted into the IC card reader / writer, the biometric information of the specific user can be written in the IC card in which the biometric information is not registered A period determination step for determining whether the period is within the period; and
When it is determined in the period determination step that the biometric information is not within a period in which the biometric information of the specific user can be written in an unregistered IC card, a new IC card for the specific user is created. A step of canceling the issuing process;
The method for newly issuing an IC card according to appendix 1, further comprising:

(Appendix 4)
When an IC card in which the biometric information of a specific user is not registered is inserted into the IC card reader / writer, the biometric information is not registered by using the inspection information acquired from the IC card by the IC card reader / writer. An IC card determination step for determining whether the IC card is normally issued;
If it is determined in the IC card determination step that the IC card whose biometric information is not registered is not normally issued, the step of canceling the new IC card issuance process for the specific user;
The method for newly issuing an IC card according to appendix 1, further comprising:

(Appendix 5)
An information processing method executed by a terminal device having a biological information reading device and an IC card reader / writer for reading biological information from a user,
When a specific user inserts an IC card into the IC card reader / writer, and the specific user requests service provision through the terminal device, the storage location of the biometric information of the specific user is the IC card A storage location determination step for determining any of the other devices connected to the terminal device;
When it is determined in the storage location determination step that the biometric information of the specific user is stored in the IC card, a fee table relating to a fee that is a consideration for the service provision is displayed in the storage location determination step. Switching to a fee table different from the fee table used when it is determined that the biometric information of the user is not stored in the IC card;
An information processing method including:

(Appendix 6)
In a terminal device having a biometric information reading device and an IC card reader / writer for reading biometric information from a user, the IC card issuance method is executed without using an IC card other than an unregistered IC card. ,
When an IC card in which biometric information of a specific user is not registered is inserted into the IC card reader / writer, at least one of biometric information and a password stored in advance in another device connected to the terminal device An authentication step for performing authentication using the identity verification information including the identity verification information of the specific user acquired this time;
Writing the biometric information of the specific user on the IC card in which the biometric information is unregistered using the IC card reader / writer when it is determined that the authentication is successful in the authentication step;
IC card issuance method including

(Appendix 7)
A write result determination step for determining whether the biometric information of the specific user has been normally written in an IC card in which the biometric information is not registered;
When it is determined in the writing result determination step that the biometric information of the specific user has been normally written in an unregistered IC card, the biometric information is stored in advance in another device connected to the terminal device. Transmitting the data for deleting the identification information of the specific user to the other device connected to the terminal device;
The method for newly issuing an IC card according to appendix 6, further comprising:

(Appendix 8)
In a management server having a user information storage unit, a new issuance method of an IC card that is executed without using an IC card other than an IC card whose biometric information is not registered,
When identity verification information including at least one of biometric information and a password of a specific user is received from a terminal device having an IC card reader / writer and connected to the management server, the user information storage unit An authentication step for performing authentication using the identity verification information stored in advance and the received identity verification information;
When it is determined that the authentication is successful in the authentication step, a step of transmitting data for writing the biometric information of the specific user to an IC card in which the biometric information is not registered, to the terminal device;
IC card issuance method including

(Appendix 9)
When the terminal device receives data indicating that the biometric information of the specific user has been normally written in the IC card in which the biometric information is not registered, the data is stored in advance in the user information storage unit. Deleting the identification information of the specific user;
The method for newly issuing an IC card according to appendix 8, further comprising:

(Appendix 10)
A program for causing a computer to execute the new IC card issuing method according to any one of appendices 6 to 9.

(Appendix 11)
A new IC card issuing device that issues a new IC card without using an IC card other than an unregistered IC card with biometric information,
An input device;
A biometric information reader that reads biometric information from a user;
IC card reader / writer,
When an IC card in which biometric information of a specific user is not registered is inserted into the IC card reader / writer, at least biometric information and a password stored in advance in another device connected to the new issuing device Authentication means for performing authentication using identity verification information including any one of the identification information of the specific user acquired from at least one of the input device and the biometric information reading device this time;
Means for causing the IC card reader / writer to write the biometric information of the specific user to an IC card in which the biometric information is unregistered when the authentication means determines that the authentication is successful;
A new IC card issuing device.

(Appendix 12)
A server for issuing a new IC card without using an IC card other than an IC card whose biometric information is not registered,
A user information storage unit for storing identification information including at least one of biometric information and a password for each user;
When personal identification information of a specific user is received from a terminal device having an IC card reader / writer and connected to the server, the personal identification information stored in the user information storage unit is received. Authentication means for performing authentication using the identity verification information;
Means for transmitting, to the terminal device, data for writing the biometric information of the specific user to an IC card in which the biometric information is unregistered, when the authentication means determines that the authentication is successful;
Server with.

It is a figure which shows the business flow which concerns on the 1st Embodiment of this invention. It is a figure which shows the business flow which concerns on the 2nd Embodiment of this invention. It is a system outline figure concerning the 1st and 2nd embodiment of the present invention. It is a functional block diagram of ATM. (A) is a figure which shows an example of a table structure of a management table. (B) is a figure which shows an example of the IC card data format contained in an IC card. (C) is a figure which shows an example of a table structure of a normal commission table. (D) is a figure which shows an example of a table structure of a preferential handling fee table. It is a figure which shows the processing flow of the opening process of the bio account which concerns on the 1st Embodiment of this invention. It is a figure which shows the 1st processing flow of the registration process of the biometric information with respect to IC card based on the 1st Embodiment of this invention. It is a figure which shows the 2nd processing flow of the registration process of the biometric information with respect to IC card based on the 1st Embodiment of this invention. It is a figure which shows the 3rd processing flow of the registration process of the biometric information with respect to IC card based on the 1st Embodiment of this invention. It is a figure which shows the processing flow of processes, such as a deposit or withdrawal, concerning the 1st and 2nd embodiment of this invention. It is a figure which shows an example of the screen structure of ATM which concerns on the 1st and 2nd embodiment of this invention. It is a figure which shows an example of the screen structure of ATM which concerns on the 1st and 2nd embodiment of this invention. It is a figure which shows an example of the screen structure of ATM which concerns on the 1st and 2nd embodiment of this invention. It is a figure which shows an example of the screen structure of ATM which concerns on the 1st and 2nd embodiment of this invention. It is a functional block diagram of a computer.

Explanation of symbols

1 Network 2 Management Server 3 Branch Terminal 4 Customer Center Terminal 5 Card Issuing Company Terminal 6 ATM
21 Account Opening Processing Unit 22 Write Result Processing Unit 23 Management Table 24 Judgment Processing Unit 25 Communication Control Unit 31 Display Unit 32 Biometric Information Reading Interface 33 Biometric Information Reading Device 34 Input Device 35 Account Opening Reception Processing Unit 36 Communication Control Unit 41 Display Unit 42 Input Device 43 Account Opening Reception Processing Unit 44 Communication Control Unit 51 Communication Control Unit 52 IC Card Creation Request Reception Unit 53 IC Card Creation Processing Unit 54 IC Card Shipment Processing Unit 55 Display Unit 56 Input Device 57 Printing Device 58 IC Card Reader Writer 211 Account data registration unit 212 Account number generation processing unit 213 Temporary code number generation processing unit 241 Validity period determination processing unit 242 Validity determination processing unit 6000 ATM main body 6100 Communication control unit 6300 Data storage unit 6301 Biometric information storage unit 6303 Password storage 6305 IC car Data storage unit 6400 IC card processing unit 6410 IC card writing result determination processing unit 6420 verification processing unit 6421 password verification processing unit 6422 biometric information verification processing unit 6500 IC card access interface 6501 IC card reader / writer 6600 biometric information reading interface 6601 biometric information Reading device 6700 Touch panel 6800 ATM basic control unit 6810 Fee setting processing unit 6821 Normal fee table 6822 Preferential fee table

Claims (4)

In a system including a biometric information reading device and a terminal device having an IC card reader / writer that reads biometric information that is a physical characteristic peculiar to an individual, and a management server having a user information storage unit, no biometric information is present. A new IC card issuing method that is executed without using an IC card other than a registered IC card,
An individual who includes at least one of biometric information and password stored in advance in the user information storage unit when an IC card in which biometric information of a specific user is not registered is inserted into the IC card reader / writer An authentication step of performing authentication using the confirmation information and the identity confirmation information of the specific user acquired this time;
Writing the specific user's biometric information in an unregistered IC card using the IC card reader / writer when it is determined that the authentication is successful in the authentication step;
A write result determination step for determining whether the biometric information of the specific user has been normally written in an IC card in which the biometric information is not registered;
When it is determined in the writing result determination step that the biometric information of the specific user has been normally written in the IC card in which the biometric information is not registered, the specific information stored in advance in the user information storage unit Deleting the user's identity verification information,
IC card issuance method including When an IC card in which the biometric information of a specific user is not registered is inserted into the IC card reader / writer, the biometric information is not registered by using the inspection information acquired from the IC card by the IC card reader / writer. An IC card determination step for determining whether the IC card is normally issued;
If it is determined in the IC card determination step that the IC card whose biometric information is not registered is not normally issued, the step of canceling the new IC card issuance process for the specific user;
The IC card new issuing method according to claim 1, further comprising: A new IC card issuing device that issues a new IC card without using an IC card other than an unregistered IC card with biometric information,
An input device;
A biometric information reader that reads biometric information from a user;
IC card reader / writer,
When an IC card in which biometric information of a specific user is not registered is inserted into the IC card reader / writer, at least biometric information and a password stored in advance in another device connected to the new issuing device Authentication means for performing authentication using identity verification information including any one of the identification information of the specific user acquired from at least one of the input device and the biometric information reading device this time;
Means for causing the IC card reader / writer to write the biometric information of the specific user to an IC card in which the biometric information is unregistered when the authentication means determines that the authentication is successful;
A writing result determining means for determining whether the biometric information of the specific user has been normally written in an IC card in which the biometric information is not registered;
When it is determined by the writing result determination means that the biometric information of the specific user has been normally written in an IC card in which the biometric information is not registered, the specific use stored in advance in the other device Means for transmitting to the other device data indicating that the identity verification information of the person can be deleted;

A new IC card issuing device. A server for issuing a new IC card without using an IC card other than an IC card whose biometric information is not registered,
A user information storage unit for storing identification information including at least one of biometric information and a password for each user;
When personal identification information of a specific user is received from a terminal device having an IC card reader / writer and connected to the server, the personal identification information stored in the user information storage unit is received. Authentication means for performing authentication using the identity verification information;
Means for transmitting, to the terminal device, data for writing the biometric information of the specific user to an IC card in which the biometric information is unregistered, when the authentication means determines that the authentication is successful;
When data indicating that the biometric information of the specific user has been normally written in an IC card in which the biometric information is not registered is received from the terminal device, the data is stored in advance in the user information storage unit. Means for deleting the identification information of the specific user;
Server with.

Images