JP5248927B2 - Authentication system, authentication method, and authentication program - Google Patents

Description

  The present invention relates to an authentication system, an authentication method, and an authentication program for performing authentication for logging in to a service site from an arbitrary terminal device.

  Conventionally, there is a so-called one-time password authentication in which a password for login is issued (generated) each time a user logs in to a service site from any terminal device, and authentication is performed using the issued password (for example, the following) (See Patent Document 1). In one-time password authentication, for example, a password is generated using a random number generation logic embedded in a token issued exclusively for each service providing site, and the security is maintained by periodically updating the token. . A server that accepts a password for one-time password authentication includes a dedicated product or application that verifies the authenticity of the accepted password.

JP 2008-108084 A

  However, the above-described conventional technique has a problem that it is troublesome to manage tokens because it is necessary to prepare a dedicated token for each service providing site and it is necessary to periodically update the token. For example, when two service providing sites are used, two different tokens are required, and the token management becomes more complicated as the number of service providing sites to be used increases.

  In addition, in the conventional technology described above, a password issued from the service providing site is used for one-time authentication, so that it is difficult for the user to remember the password. For example, each time the user enters the password, In comparison, it is necessary to confirm that the correct password has been entered, and there has been a problem that the work at the time of login is troublesome.

  Moreover, in the above-described conventional technology, it is necessary to incorporate a dedicated product or application on the server side that verifies the authenticity of a token received from an arbitrary terminal device that is a login request source. And there was a problem that the risk of incorporation was high. In order to prevent analysis of random number generation logic, for example, maintenance operations such as frequent maintenance to increase the strength of security must be taken into account, resulting in troublesome management and high management costs. .

  The present invention provides an authentication system, an authentication method, and an authentication program that can secure the security and improve the convenience of users and service providers in order to solve the above-described problems caused by the prior art. For the purpose.

  In order to solve the above-described problems and achieve the object, the authentication system according to the present invention performs at least verification processing for verifying the principal for logging in to the service site from an arbitrary terminal device (the principal's personal terminal device). A device that can be regarded as equivalent to a portable terminal device of the above), and an arbitrary terminal device inputs information generated by an action performed on the spot by a user. A service site server that operates the service site, including: a reception unit that receives the information; and a transmission unit that transmits information received by the reception unit to the service site in response to a login instruction of the user. Means for storing information related to the authentication server set in advance by the device, and information transmitted from the arbitrary terminal device Receiving means for receiving, information relating to the authentication server set in advance by the principal, extracted from the storage means, and transmitting means for transmitting the information received by the receiving means to the authentication server; and by the transmitting means An authentication result receiving unit that receives an authentication result of transmitted information, and a determination unit that determines whether or not to log in based on the authentication result received by the authentication result receiving unit.

  According to the present invention, the mobile terminal device of the authentication server set in advance by the user using information generated by the user himself / herself at the time of login (a device that can be regarded as equivalent to the mobile terminal device of the user) Because authentication is performed using a user, it is easy for the user to understand without using a common key or common logic synchronized between any terminal device and the service site server. Whether or not the user is the user can be authenticated using the information. In addition, since authentication is performed outside the service site server, it is possible to easily integrate authentication upon login to a plurality of different service sites.

  In addition, the authentication system according to the present invention is a device that can be regarded as a mobile terminal device of the user (equivalent to the mobile terminal device of the user) in order to log in to the service site from any terminal device. ) In which the arbitrary terminal device receives information including at least one of an arbitrary character string, image, voice, and biometric information in response to a user's login instruction. A service for operating the service site, comprising: generating means for generating; output means for outputting the information generated by the generating means; and transmitting means for transmitting the information generated by the generating means to the service site. A storage means for storing information related to an authentication server set in advance by the principal, and the arbitrary terminal device Receiving means for receiving the transmitted information; and transmitting means for extracting information on the authentication server set in advance by the principal from the storage means and transmitting the information received by the receiving means to the authentication server; An authentication result receiving means for receiving an authentication result of the information transmitted by the transmitting means; and a determining means for determining whether or not to log in based on the authentication result received by the authentication result receiving means. It is characterized by.

  According to the present invention, the mobile terminal device of the authentication server set in advance by the user using the arbitrary information generated at the time of login without the user inputting the password (equivalent to the mobile terminal device of the user). The authentication is performed using a device that can be used for thinning, so users can use different information for each login without using a common key or logic that is synchronized between any terminal device and service site server. It is possible to authenticate whether or not the person is the person. In addition, since authentication can be performed outside the service site server, it is possible to easily integrate authentication upon login to a plurality of different service sites.

  In the authentication system according to the present invention, in the above invention, the service site server includes a time measuring unit that measures a time from when the transmitting unit transmits the information to the authentication server, The means determines whether or not to log in based on whether or not the authentication result receiving means has received the authentication result within a predetermined time counted by the time measuring means. According to the present invention, it is possible to determine whether or not to log in without receiving the authentication result from the authentication server, so that multi-factor authentication can be performed without increasing the burden on the user. In addition, the communication process between the authentication server and the service site for receiving the authentication result can be omitted, and the communication load can be reduced.

  In the authentication system according to the present invention as set forth in the invention described above, the authentication server is the personal mobile terminal device (device regarded as equivalent to the personal mobile terminal device). According to this invention, every time there is a login instruction, authentication is performed in the personal mobile terminal device (a device that can be regarded as equivalent to the personal mobile terminal device). Can be communicated to the principal through the portable terminal device of the person, and the authentication can be performed with the consent of the principal, or part or all of the authentication process can be entrusted to the terminal device equipped with the authentication function. Become.

  In the authentication system according to the present invention as set forth in the invention described above, the transmission means of the service site server transmits the information to the arbitrary terminal device using SMS. According to the present invention, since transmission / reception of a short message is established when a service site server and an arbitrary terminal device are connected by a telephone line, the authentication result can be obtained in real time without leaking information related to authentication. Can be sent.

  In addition, the authentication method according to the present invention is a device for verifying at least a person's verification process for logging in to a service site from an arbitrary terminal apparatus (equivalent to the mobile terminal apparatus of the user's own mobile terminal apparatus). An authentication method executed by an authentication system that performs an authentication including an operation performed in step (b), and accepting an input of information generated by an action performed on the spot by a user, which is executed by the arbitrary terminal device; In accordance with the user's login instruction, the transmission process for transmitting the information received in the reception process to the service site and the service site server operating the service site are executed in advance by the principal. A storage step for storing information relating to the authentication server, and information transmitted from the arbitrary terminal device is received. A transmitting step for extracting information about the authentication server set in advance by the principal from the storing step, and transmitting the information received by the receiving step to the authentication server; and transmitting by the transmitting step. An authentication result receiving step for receiving the authentication result of the information, and a determination step for determining whether or not to log in based on the authentication result received by the authentication result receiving step.

  According to the present invention, the mobile terminal device of the authentication server set in advance by the user using information generated by the user himself / herself at the time of login (a device that can be regarded as equivalent to the mobile terminal device of the user) Because authentication is performed using a user, it is easy for the user to understand without using a common key or common logic synchronized between any terminal device and the service site server. Whether or not the user is the user can be authenticated using the information. In addition, since authentication is performed outside the service site server, it is possible to easily integrate authentication upon login to a plurality of different service sites.

  In addition, the authentication method according to the present invention is a device for verifying at least a person's verification process for logging in to a service site from an arbitrary terminal apparatus (equivalent to the mobile terminal apparatus of the user's own mobile terminal apparatus). ), An authentication method executed by an authentication system that performs authentication, including the operation performed in step (3), in which arbitrary character strings, images, voices, and biometric information are executed according to a user's login instruction to be executed by the arbitrary terminal device. A generation step for generating information consisting of at least one, an output step for outputting the information generated by the generation step, a transmission step for transmitting the information generated by the generation step to the service site, and the service site A storage device that stores information related to the authentication server set in advance by the person, which is executed by the service site server that operates And a receiving step of receiving information transmitted from the arbitrary terminal device, and extracting information related to the authentication server set in advance by the principal from the storing step, and receiving the authentication server by the receiving step. And determining whether to log in based on the authentication result received in the authentication result receiving step, the authentication result receiving step receiving the authentication result of the information transmitted in the transmission step, and the authentication result receiving step. And a determining step.

  According to the present invention, the mobile terminal device of the authentication server set in advance by the user using the arbitrary information generated at the time of login without the user inputting the password (equivalent to the mobile terminal device of the user). The authentication is performed using a device that can be used for thinning, so users can use different information for each login without using a common key or logic that is synchronized between any terminal device and service site server. It is possible to authenticate whether or not the person is the person. In addition, since authentication is performed outside the service site server, it is possible to easily integrate authentication upon login to a plurality of different service sites.

  In addition, the authentication program according to the present invention is a device that can at least verify a person's verification process for logging in to a service site from an arbitrary terminal device (a device that can be regarded as equivalent to the user's mobile terminal device). An authentication program that is executed by an authentication system that performs authentication, including receiving the information, and receiving an input of information generated by an action performed on the spot by a user on the arbitrary terminal device; and In response to a user's login instruction, the transmission step of transmitting the information received in the reception step to the service site is executed, and the person sets in advance the service site server that operates the service site. A storage step for storing information related to the authentication server and information transmitted from the arbitrary terminal device are received. A receiving step, information relating to the authentication server set in advance by the person is extracted from the storing step, and the information received in the receiving step is transmitted to the authentication server, and transmitted by the transmitting step. An authentication result receiving step for receiving an authentication result of the information thus obtained and a determination step for determining whether or not to log in based on the authentication result received by the authentication result receiving step are executed.

  According to the present invention, the mobile terminal device of the authentication server set in advance by the user using information generated by the user himself / herself at the time of login (a device that can be regarded as equivalent to the mobile terminal device of the user) Because authentication is performed using a user, it is easy for the user to understand without using a common key or common logic synchronized between any terminal device and the service site server. Whether or not the user is the user can be authenticated using the information. In addition, since authentication is performed outside the service site server, it is possible to easily integrate authentication upon login to a plurality of different service sites.

  In addition, the authentication program according to the present invention is a device that can at least verify a person's verification process for logging in to a service site from an arbitrary terminal device (a device that can be regarded as equivalent to the user's mobile terminal device). ) To be executed by an authentication system that performs authentication including performing at least one of an arbitrary character string, image, voice, and biometric information in accordance with a user's login instruction. A generation step of generating information consisting of the above, an output step of outputting the information generated by the generation step, and a transmission step of transmitting the information generated by the generation step to the service site, Information related to the authentication server set in advance by the principal is stored in the service site server that operates the service site. A memory step, a receiving step for receiving information transmitted from the arbitrary terminal device, and information relating to the authentication server set in advance by the principal is extracted from the storage step, and the receiving step for the authentication server is performed by the receiving step. Based on the authentication result received by the authentication result received by the transmission process which transmits the received information, the authentication result reception process which receives the authentication result of the information transmitted by the transmission process, and the authentication result reception process, And a determining step for determining.

  According to the present invention, the mobile terminal device of the authentication server set in advance by the user using the arbitrary information generated at the time of login without the user inputting the password (equivalent to the mobile terminal device of the user). The authentication is performed using a device that can be used for thinning, so users can use different information for each login without using a common key or logic that is synchronized between any terminal device and service site server. It is possible to authenticate whether or not the person is the person. In addition, since authentication is performed outside the service site server, it is possible to easily integrate authentication upon login to a plurality of different service sites.

  According to the authentication system, the authentication method, and the authentication program according to the present invention, the user generates the information used for the authentication every time the user logs in, thereby ensuring the security without storing the information used for the authentication for a long time. By ensuring authentication and performing authentication outside the service site server without bothering the user for token management, etc., the burden on the service provider can be reduced and user-friendly authentication can be performed. This is advantageous in that the instruction can be transmitted to the person before the intended authentication act is established.

  Exemplary embodiments of an authentication system, an authentication method, and an authentication program according to the present invention will be described below in detail with reference to the accompanying drawings.

(Embodiment 1)
(Outline of authentication system)
First, the outline | summary of the authentication system of Embodiment 1 concerning this invention is demonstrated. FIG. 1 is an explanatory diagram showing an overview of the authentication system according to the first embodiment of the present invention. In FIG. 1, the authentication system includes a client terminal 110 as an arbitrary terminal device, a service site server 120, and an integrated one-time authentication server 130 as an authentication server. The client terminal 110 is a terminal device for using the contents of the service site operated by the service site server 120, and includes an authentication application (authentication application) 111 that performs authentication when logging in to the service site. The client terminal 110 communicates with the service site using HTTPS or the like.

  In the authentication system, when logging in to the service site from the client terminal 110, so-called authentication using different password information (hereinafter referred to as “one-time password information”) is performed each time the user logs in. The one-time authentication includes performing at least a verification process for confirming the person using the portable terminal device of the principal (a device that can be regarded as equivalent to the portable terminal device of the principal). The personal mobile terminal device (a device that can be regarded as equivalent to the personal mobile terminal device) is a mobile terminal device to which the right of ownership, occupation right, pledge, etc. of the mobile terminal device belong.

  The one-time password information is configured by information including at least one of an arbitrary character string, image, sound, and biological information (physical information), and is information that can specify that the user of the client terminal 110 is the user. Good. Specifically, the person may be a user who is registered in advance as a user of the client terminal 110, for example. The client terminal 110 may include a one-time password issuing function 112 that supports a series of authentication operations and generates, for example, one-time password information.

  As biometric information, either information using physical features (body information) or information using behavioral features may be used. The physical features can be specified mainly using static information such as fingerprints, palms, retinas, irises, faces, blood vessels, voices (voiceprints), ears, DNAs, and the like. Behavioral features use handwriting information using data that detects (measures) wrinkles, such as changes in the trajectory, speed, and writing pressure during writing, and data that detects (measures) wrinkles of keyboard keystroke speed and timing Use dynamic information such as keystroke information, lip movement information using data that detects (measures) lip movements during speech, and information that measures the amount of change in the black eye area caused by blinking. Can be specified. In addition to this, biometric information used for known biometric authentication can be used as the biometric information of this embodiment.

  The biological information is not limited to information derived from humans, but may be information derived from various animals (pets, domestic animals) such as dogs, cats, cows, horses, and pigs. This makes it possible, for example, to manage the entrance of a management area (animal-only area) where only pets can enter or food locations using the iris information of the animals entering the management area or location. In addition, by using the one-time authentication of this embodiment, it is possible to entrust the owner to determine whether or not the animal enters the corresponding management area or place.

  The one-time password information in this embodiment is not limited to one-time use, and may be usable a predetermined number of times, for example, three times or five times. The predetermined number of times may be constant, or may be an arbitrary number set in advance by the person. The one-time password information may be usable only for a predetermined period such as 5 minutes or 10 minutes. The predetermined period may be constant or may be an arbitrary time set by the person. The one-time password information may be composed of an attached file. In this case, every time one-time authentication is performed, the user operates the client terminal 110 to select an arbitrary file, and performs an operation of designating the selected arbitrary file as one-time password information.

  The service site server 120 operates the service site and provides content (actual service) used by the client terminal 110 to the client terminal 110 permitted to log in to the service site. The service site server 120 includes an address information (cumulative ledger) file 121 that stores the identification information of the client terminal 110 (information that can identify the operator of the client terminal 110) and the identification information of the integrated one-time authentication server 130 in association with each other. ing.

  The identification information of the client terminal 110 is, for example, a terminal number that identifies the client terminal device 110, an identification number that identifies a person who has been determined in advance, or a fixed IP address that identifies the client terminal device 110 Or line identification information. The identification information of the client terminal 110 includes address information such as the telephone number, E-mail address, IP address, domain, URL, and URI of the client terminal 110. The identification information of the client terminal 110 is information that can be easily extracted using the client terminal 110 of the person who is used for login when an application for use of the one-time authentication system that is performed in advance of login is performed on the website. Good. As identification information of the integrated one-time authentication server 130, for example, a fixed IP address or domain that identifies the integrated one-time authentication server 130, an address such as a URL or a URI, and the like may be used.

  The one-time authentication in this embodiment is performed by, for example, identifying information of the client terminal 110 of the principal registered in advance in the service site server 120 by the principal and identification of the client terminal 110 of the principal stored in the integrated one-time authentication server 130. This is performed using the identification information of the client terminal 110 that matches the identification information of the client terminal 110 at the time of login. The integrated one-time authentication server 130 side uses the operator identification information that can be specified by using the identification information of the client terminal 110 of the principal registered in advance by the principal in the service site server 120, so that the address information (the ledger) The file 133 is searched. The address information (cumulative ledger) file 133 is linked to the identification information of the person registered in advance. The address information (cumulative ledger) file 133 will be described later.

  The identification information of the client terminal 110 in the address information (cumulative ledger) file 121 can be designated in advance by the principal. Upon receiving the login request output from the client terminal 110, the service site server 120 identifies the corresponding integrated one-time authentication server 130 using the address information (cumulative ledger) file 121, and identifies the specified integrated one-time authentication server An authentication request is output to 130.

  The integrated one-time authentication server 130 is realized by a computer device different from the service site server 120, and performs one-time authentication using information included in the authentication request output from the service site server 120. The service site server 120 and the integrated one-time authentication server 130 are operated in cooperation based on a contract between the administrators of the servers 120 and 130.

  The integrated one-time authentication server 130 includes an integrated one-time reception server 131 and an integrated one-time verification server 132. The integrated one-time reception server 131 has a function for receiving an authentication request from the service site server 120 and a function for answering the received authentication request. The integrated one-time reception server 131 and the service site server 120 can communicate with each other using HTTPS, SMS, E-mail, or the like. The information transmitted between the integrated one-time reception server 131 and the service site server 120 is preferably subjected to secure communication for preventing leakage to a third party by encrypting the information with a common key.

  SMS is a service for transmitting a predetermined number of characters (or information having a predetermined capacity or less) inserted into a message described in a predetermined format to a transmission destination. In SMS, a short message is transmitted by designating the telephone number of a portable telephone as a transmission destination as a destination. The transmission of the processing result is not limited to the one using SMS, and any message system that can prevent (or detect) falsification and duplication may be used.

  The SMS transmits a short message directly from the transmission source of the short message to the transmission destination when the line between the transmission source and the transmission destination of the short message is connected. SMS transmits / receives a short message when the transmission source and the transmission destination of the short message are connected via a telephone line without going through the public network 230 such as the Internet. Accordingly, the short message can be transmitted in real time without leaking the short message (information included in the short message).

  In SMS, a short message is stored in a dedicated server when a mobile phone as a transmission destination is in a call or out of service area, and the stored short message is periodically transmitted for a predetermined period. Note that the SMS is not limited to providing a server for storing a short message, but may be a method that does not transmit a short message when the transmission source of the short message cannot be connected to the transmission destination.

  For example, SMS may be performed based on a standard different for each telecommunications company (carrier), or may be performed based on a standard unified among all carriers. Instead of SMS, EMS (Enhanced Messaging Service) or MMS (Multimedia Messaging Service) can also be used.

  Since there is a limit to the amount of information that can be inserted into a short message, when sending an authentication request or the like using SMS, it is preferable to preferentially include information with high priority. The priority order of information included in the short message can be arbitrarily set by, for example, the person or his / her family. As a result, even when there is a limit on the amount of information that can be transmitted, effective information can be transmitted in the one-time authentication.

  When there is a limit on the amount of information that can be inserted into the SMS, a series of information may be divided and transmitted to a plurality of SMSs in order to avoid the limit. In this case, it is desirable to describe link information such as a transaction identification number for each SMS as a group. The link information is desirably identification information that can explain that the link information is unique within the effective period of the SMS. As a result, SMS can be applied even in transactions where the amount of information increases.

  The integrated one-time reception server 131 includes an address information (cumulative ledger) file 133. The address information (cumulative ledger) file 133 stores identification information of the client terminal of the person responsible for one-time authentication as identification information of the client being operated. The integrated one-time reception server 131 can uniquely identify the integrated one-time information verification function 135 occupied by the person, using the address information (cumulent ledger) file 121 and the address information (cumulative ledger) file 133. .

  The integrated one-time verification server 132 searches the address information (cumulative ledger) file 133 based on the identification information of the client terminal 110 and identifies the one-time information verification function 135 of the person. The integrated one-time verification server 132 may store an address information (cumulative ledger) file 133. Further, the address information (cumulative ledger) file 133 provided in the integrated one-time verification server 132 is not limited to the information in the address information (cumulative ledger) file 133 provided in the integrated one-time receiving server 131. Gender, age, transaction upper limit, pre-registration type one-time authentication rule for automatically verifying login may be stored in association with information about the user of the client terminal.

  The integrated one-time verification server 132 includes a one-time information verification function 135. The integrated one-time verification server 132 has, as input information for the one-time information verification function 135, a one-time password issuing function in the client terminal 110 and the integrated one-time authentication server 130, as in the RSA one-time token. In the case, the password information synchronized with the password generated on the client side can also be generated on the server side, and the one-time information verification function 135 verifies both password information as arguments. The one-time password information in this case is generated using a one-time token of RSA. Since the random number generator and the one-time token of RSA are publicly known techniques, the description thereof is omitted.

  Further, the one-time information verification function 135 may require the person himself / herself to input password information for verification. In this case, the one-time information verification function 135 matches the one-time password information for verification input at the client terminal 110 and the one-time password information acquired by the integrated one-time verification server 132 via the service site server 120. Verify whether or not. Also, the one-time information verification function 135 reproduces and expresses the personal identification information input by the client terminal 110 (obtained by the integrated one-time verification server 132 via the service site server 120) to the person for verification. May be. In this case, the person himself / herself makes the subject of verification whether or not the content of the reproduction expression is memorized. Further, the one-time information verification function 135 may require the person to input one-time password information. In this case, the one-time information verification function 135 may verify the reproduction content and verify whether or not the one-time password information matches. If the operator and the login user of the service site can be regarded as the same, OK may be answered, and if the timing, contents, and context are not satisfactory, NG may be answered. Good.

  Further, in order to assist the one-time information verification function 135, the person may register an automatic verification rule (one-time verification rule) in the address information (cumulative ledger) file 133 in advance in preparation for verification that will occur in the future. . One-time verification rule is a system that temporarily returns approval by returning pre-validation, transaction details such as period, number of times, time and amount, and third-party identification information as automatic approval rules in advance. It is possible to provide a proxy verification function to a third party.

  At least the integrated one-time verification server 132 and the client terminal 110 may cooperate by communicating via a communication means that only the principal can inquire and update. Specifically, for example, it is possible to cooperate using PUSH type message communication capable of specifying a destination such as SMS, HTTPS or E-Mail with on-authentication. Further, the integrated one-time verification server 132 acquires the one-time password information generated by the client terminal 110 through communication with the client terminal 110, and the integrated one-time password information and the service site server 120 are used for the integrated one-time password information. It may be verified whether the one-time password information acquired by the verification server 132 matches.

  The integrated one-time verification server 132 in this embodiment can be realized by a single portable terminal device together with the client terminal 110. The integrated one-time reception server 131 may be mounted on a single portable terminal device together with the client terminal 110, and the client terminal 110, the integrated one-time reception server 131, and the integrated one-time verification server 132 are different from each other. It may be realized by a computer device. In this case, it is preferable to perform secure information communication between individuals using VPN, HTTPS, SMS, E-Mail, or the like between the servers 110, 131, and 132.

  The address information (cumulent ledger) file 133 included in the integrated one-time reception server 131 may store the same information as the address information (cumulative ledger) file 121. The address information (cumulative ledger) file 133 may also store the integrated one-time verification server 132. The address information (cumulative ledger) file 121 stores at least identification information of a partner one-time authentication system (partner authentication system) and identification information of the person who designates the partner authentication system as a real problem. Just do it. In this case, the address information (cumulative ledger) file 121 stores the minimum necessary information related to the one-time authentication, and it becomes unnecessary to register a lot of information unnecessarily on the service site server 120.

  The address information (cumulent ledger) file 121 may be configured to be acquired from the address information (cumulative ledger) file 133 using the address information (cumulative ledger) file 133 provided in the integrated one-time reception server 131. The identification information for identifying the person is not limited to the information specified by the information stored in the address information (cumulent ledger) file 121, but the information stored in the address information (cumulative ledger) file 121 and the address information (cumulative ledger). What is necessary is just to be able to specify using the information stored in the file 133.

  If there is only one partner authentication system, the address information (cumulative ledger) file 121 provided in the service site server 120 does not need to be a variable item, and the identification information of one partner authentication system is targeted. Hard coding may be performed. As a result, the registration change operation of the person is not required, and the burden on the registration operation can be reduced.

  Further, for example, when a plurality of people (for example, three people) are registered in the OS of the portable terminal because a plurality of people such as a company or family share one portable terminal, an integrated one-time verification server 132 may include the same information as the address information (cumulative ledger) file 121. In this case, it is possible to identify who is currently using the portable terminal or who is currently logged in using information stored in the memory of the portable terminal. it can. In this case, the identification information (operator identification information) received from the client terminal 110 at the time of one-time authentication needs to match the logged-in person. The same can be applied to the case where one individual owns a plurality of accounts and uses a plurality of accounts on one portable terminal.

  That is, the identification information of the client terminal 110 in this embodiment may be “address information up to terminal specification + operator identification information” or “address information up to terminal specification (including the account identification information of the user)”. Either is good. When the identification information of the client terminal 110 is “address information up to terminal identification + operator identification information”, it cannot be specified that the person who occupies the mobile terminal by specifying the mobile terminal is the person, It is preferable to check at the terminal whether the person who is logged in at that moment is the other party who should be transmitted.

  If the identification information of the client terminal 110 is “address information until the terminal is specified (including the account identification information of the user)”, the mobile terminal is not specified but the user is specified based on the identification information of the client terminal 110. Will be. The identification information of the client terminal 110 in this embodiment includes not only information for identifying the client terminal 110 but also information that can identify the person. At this time, information that can identify the person can be acquired from the address information (cumulent ledger) file 121 and the address information (cumulative ledger) file of the integrated one-time reception server 131.

  The integrated one-time verification server 132 is provided with an address information (cumulent ledger) file, and information that can identify the person is classified into an address information (cumulative ledger) file 121, an address information (cumulative ledger) file 133, and a comprehensive one-time verification server 132. May be obtained from the address information (cumulative ledger) file provided in Further, in this case, in the integrated one-time verification server 132, the mail address of the person to be linked from the identification information of the operator by the address information (cumulative ledger) file provided in the integrated one-time verification server 132. It is good to have a mechanism to search and sort (mailbox).

  The address information (cumulent ledger) file 133 is provided in the integrated one-time reception server 131. However, the address information (cumulative ledger) file 121 provided in the service site server 120 also includes an address information (cumulative ledger) file such as name and other attributes. 133 may be stored. In particular, when registering an automatic answer rule that can be automatically authenticated under certain conditions, either the integrated one-time reception server 131 or the integrated one-time verification server 132 may include the address information (cumulative ledger) file 133. May have.

  The integrated one-time authentication server 130 may have a one-time password issuing function synchronized with the one-time password issuing function 112. This one-time password issuing function may or may not be used for one-time authentication, and is not limited to that provided by the integrated one-time verification server 132, but may be provided by the integrated one-time reception server 131. Good. Further, in an aspect where the operating company of the service site server 120 and the operating company of the integrated one-time authentication server 130 are the same company, the service site server 120 may have a one-time password issuing function.

  In one-time authentication, the screen display at the time of verification displayed on the client terminal 110 is almost always (1) displaying a password on the screen and returning the ultimate OK or NG, or (2) on the screen. If the password is entered and the program matches, OK is returned. In the case of (1) above, in addition to whether or not the person permits the authentication (whether or not the passwords match), for example, the product to be purchased if the one-time authentication at the time of product purchase (FIGS. 7-1 and An additional situation for determining whether to buy a teddy bear in 7-2 can also be considered.

  In the case of the above (2), in addition to the one-time authentication, the intention to express permission for the act of buying the product to be purchased (the bear stuffed animal in FIGS. 7-1 and 7-2) is not included. If the one-time authentication is rejected in this case, the authentication can be made NG by not inputting the password or inputting the wrong password at the client terminal of the principal. Alternatively, it is possible to reject the one-time authentication by providing an NG button at the corner of the display screen that prompts input regarding whether or not the one-time authentication is possible and pressing the NG button without inputting a password.

  In the case of (2) above, it is not essential for the integrated one-time verification server 132 to include the one-time information verification function 135, and the integrated one-time reception server 131 may be included. The flow of the one-time authentication in this case is OK if the function 135 existing in the integrated one-time reception server 131 matches the authentication information received from the verification server 132 and the client 110, and is NG if they are different. It is executed by automatically returning.

  The address information (cumulative ledger) file, the one-time password issuing function, and the one-time information verification function may be distributed anywhere in the service site server 120, the integrated one-time reception server 131, and the integrated one-time verification server 132. In particular, it is important that the address information (cumulative ledger) file is information that can identify an individual (user or person) ahead of the client terminal 110, and each function sum has one meaningful function ( What is necessary is just to implement | achieve the further individual (user and the person who identifies) of the client terminal 110).

(System configuration of authentication system)
Next, a system configuration of the authentication system according to the first embodiment of the present invention will be described. FIG. 2 is an explanatory diagram showing the system configuration of the authentication system according to the first embodiment of the present invention. In FIG. 2, the authentication system is configured by connecting a plurality of computer apparatuses 210 and a plurality of portable terminal apparatuses (portable telephones) 220 via a network 230 such as the Internet so that they can communicate with each other.

  The computer device 210 implements a service site server 120 and an integrated one-time authentication server 130. The computer apparatus 210 may independently implement the integrated one-time reception server 131 and the integrated one-time verification server 132 in the integrated one-time authentication server 130. The hardware configuration of the computer device 210 will be described later.

  The mobile terminal device 220 implements the client terminal 110. The mobile terminal device 220 may realize both the client terminal 110 and the integrated one-time authentication server 130. The mobile terminal device 220 can also implement only the integrated one-time verification server 132 in the integrated one-time authentication server 130. The hardware configuration of the mobile terminal device 220 will be described later.

(Hardware configuration of computer device 210)
FIG. 3 is a block diagram illustrating a hardware configuration of the computer apparatus 210. The computer apparatus 210 illustrated in FIG. 3 implements the service site server 120. The computer apparatus 210 can also realize the client terminal 110 and the integrated one-time authentication server 130 (which can be either the integrated one-time reception server 131 or the integrated one-time verification server 132).

  In FIG. 3, the computer apparatus 210 includes an example of a CPU 301, a ROM 302, a RAM 303, an HDD (hard disk drive) 304, an HD (hard disk) 305, an FDD (flexible disk drive) 306, and a removable recording medium. FD (flexible disk) 307, display 308, KB (keyboard) 309, mouse 310, scanner 311, and network I / F (interface) 312. Each component is connected by a bus 313.

  Here, the CPU 301 controls the entire computer device 210. The ROM 302 stores a program such as a boot program. The RAM 303 is used as a work area for the CPU 301. The HDD 304 controls reading / writing of data with respect to the HD 305 according to the control of the CPU 301. The HD 305 stores data written under the control of the HDD 304.

  The FDD 306 controls reading / writing of data with respect to the FD 307 according to the control of the CPU 301. The FD 307 stores data written under the control of the FDD 306. In addition to the FD 307, the removable recording medium may be a CD-ROM (CD-RW), MO, DVD (Digital Versatile Disk), or the like. The display 308 displays a window (browser) related to data such as a document, an image, and function information as well as a cursor, icons, and tool boxes, and can be realized by a CRT, a TFT liquid crystal display, a plasma display, or the like.

  The KB 309 includes keys for inputting characters, numerical values, various instructions, etc., and performs data input. The mouse 310 performs cursor movement, range selection, window movement, size change, and the like. A trackball, a joystick, or the like may be used instead of or in addition to the mouse 310 as long as it has the same function as a pointing device. The scanner 311 optically reads an image. The network I / F 312 is connected to the network 230 through a communication line, and is connected to an external device through the network 230. The network I / F 312 controls an interface between the network 230 and the inside, and controls input / output of data from another computer device 210 or the mobile terminal device 220.

(Hardware configuration of portable terminal device 220)
FIG. 4 is a block diagram illustrating a hardware configuration of the mobile terminal device 220. 4 can realize the client terminal 110 and the integrated one-time authentication server 130 (or only the integrated one-time verification server 132 in the integrated one-time authentication server 130). 4, the mobile terminal device 220 includes a CPU 401, a ROM 402, a RAM 403, a display 404, a KB 405, a communication I / F 406, a camera 407, a microphone 408, and a speaker 409. Each component is connected by a bus 410.

  The CPU 401 controls the entire mobile terminal device 220. The ROM 402 stores programs such as a boot program and a point exchange application. The point exchange application may be installed in advance when the portable terminal device 220 is manufactured, or may be downloaded by a user operation. The RAM 403 is used as a work area for the CPU 401. The display 404 displays a set mode (manner mode, drive mode, etc.) and various marks, icons, tool boxes, and the like indicating the reception state of radio waves, and is mainly realized by a liquid crystal display such as a TFT liquid crystal display.

  The KB 405 includes keys for inputting characters, numerical values, various instructions, etc., and performs data input. The communication I / F 406 is connected to the network 230 through a communication line and manages an interface between the network 230 and the mobile terminal device 220. The communication I / F 406 controls data input / output with another portable terminal device 220 or computer device 210 via the network 230. The camera 407 captures an imaging target by operating the KB 405 and generates image data. The generated image data is stored in the RAM 403 or the like. The microphone 408 inputs voice data obtained by analog / digital conversion of the user's voice, and the speaker 409 outputs voice obtained by digital / analog conversion of voice data transmitted from the other party.

(Functional configuration of authentication system)
Next, a functional configuration of the authentication system according to the present invention will be described. FIG. 5 is a block diagram showing a functional configuration of the authentication system. In FIG. 5, the authentication system includes a client terminal 110, a service site server 120, and an integrated one-time authentication server 130. Both the client terminal 110 and the integrated one-time authentication server 130 in this embodiment are realized by a portable telephone (hereinafter referred to as “personal portable telephone”) 220 owned by the principal.

  In the authentication system, in order to log in from the client terminal 110 to the service site, authentication including at least verification processing for confirming the identity is performed in the personal mobile terminal device 220 is performed. In the verification process for confirming the identity, the client terminal 110 is used to verify whether the user who requests login to the service site is a registered user or a user who has obtained the consent of the identity.

  The client terminal 110 includes a reception unit 511, a generation unit 512, an output unit 513, and a transmission unit 514. The accepting unit 511 accepts input of one-time password information. The one-time password information received by the receiving unit 511 can be information generated by an action performed on the spot by the user.

  For example, when the client terminal 110 is realized by the portable terminal device 220, an action performed on the spot by a user such as a character string input operation by the KB405 operation, an image pickup by the camera 407, and a voice input by the microphone 408, etc. The information input by this act can be converted into one-time password information as it is, and the information that has been subjected to reversible conversion or digest-like irreversible conversion can be converted to one-time information. It can also be password information.

  In addition, for example, when the client terminal 110 is realized by the mobile terminal device 220 with a built-in acceleration sensor, the mobile terminal device 220 as a whole is acted on the spot such as shaking the mobile terminal device 220. The input information may be converted into data and used as it is as one-time password information. In these cases, specifically, the function as the receiving unit 511 can be realized by, for example, the KB 405, the camera 407, the microphone 408, or the acceleration sensor. Furthermore, information obtained by applying reversible transformation or digest-like irreversible transformation to the input information can be used as one-time password information.

  For example, the client terminal 110 may be realized by a computer device 210 such as a personal computer. In this case, an action such as a character string input operation by operating the KB 309 or the mouse 310 is performed on the spot by the user. The information input by this action can be converted into data and used as it is as one-time password information. In this case, the function as the reception unit 511 can be realized by the KB 309 and the mouse 310, and information obtained by performing reversible transformation or digest-like irreversible transformation on the input information is used as one-time password information. You can also.

  The generation unit 512 generates one-time password information according to a login instruction of a user of the mobile terminal device 220 as the client terminal 110. The one-time password information generated by the generation unit 512 is preferably information including any character string, image, sound, and biological information.

  Specifically, for example, when the client terminal 110 is realized by the mobile terminal device 220, a program stored in the ROM 402 by using information input through the KB 405, the camera 407, and the microphone 408 together with a predetermined input operation in the KB 405. Can be generated by the CPU 401 using the RAM 403 as a work area. In this case, the function as the generation unit 512 can be realized by the CPU 401, the ROM 402, and the RAM 403.

  The output unit 513 outputs the one-time password information generated by the generation unit 512 to the outside of the mobile terminal device 220. For example, the one-time password information generated by the generation unit 512 is output by being displayed on the display 404. In this case, specifically, the function as the output unit 513 can be realized by the display 404, for example.

  Further, specifically, the output unit 513 may output, for example, the one-time password information generated by the generation unit 512 to the integrated one-time authentication server 130. Since the integrated one-time authentication server 130 in this embodiment is realized by the mobile terminal device 220 of the person who implements the client terminal 110, the one-time password information is transmitted as an E-Mail addressed to the own device. The one-time password information generated by the generation unit 512 can be output. In this case, specifically, the function as the output unit 513 can be realized by the communication I / F 406, for example.

  Note that the integrated one-time authentication server 130 in this embodiment is realized by the personal portable terminal device 220 that implements the client terminal 110, and thus the one-time personal identification information generated by the generating unit 512 is stored in the personal portable information device. You may output with respect to the memory with which the terminal device 220 is provided. The client terminal 110 and the integrated one-time authentication server 130 are realized by a single computer device 210, and the one-time password information generated by the generation unit 512 is transmitted as an E-Mail designating the own device as a destination. It may be output. In this case, the function as the output unit 513 can be realized by the network I / F 312.

  The transmission unit 514 sends a login request including the one-time password information received by the receiving unit 511 or the one-time password information generated by the generating unit 512 when the user performs a login instruction operation to the service site. Send to. For example, when a predetermined operation is performed in the KB 405, the transmission unit sends a login request including the one-time password information received by the reception unit 511 or the one-time password information generated by the generation unit 512. Transmit to the service site via F406. In this case, specifically, the function as the transmission unit 514 can be realized by the communication I / F 406, for example.

  The service site server 120 includes a storage unit 521, a reception unit 522, a transmission unit 523, an authentication result reception unit 524, a timing unit 525, and a determination unit 526. The storage unit 521 stores an address information (cumulative ledger) file 121. Specifically, the identification information of the integrated one-time authentication server 130 can be, for example, an E-Mail address, an IP address, or a domain of the mobile terminal device 220 that implements the integrated one-time authentication server 130.

  In this embodiment, specifically, for example, the storage unit 521 can be realized by a memory such as the ROM 302, the HD 305, or the FDD 307 provided in the computer apparatus 210 that implements the service site server 120. The storage unit 521 may be realized by a computer device 210 different from the service site server 120 that can be referred to by the service site server 120 via communication. When the integrated one-time authentication server 130 is realized by the computer apparatus 210, a URL or URI may be used as identification information of the integrated one-time authentication server 130 instead of the E-Mail address or the IP address.

  The receiving unit 522 receives the login request transmitted from the client terminal 110. Specifically, in this embodiment, for example, the function as the reception unit 522 can be realized by the network I / F 312 provided in the computer apparatus 210 that implements the service site server 120.

  When the reception unit 522 receives the login request, the transmission unit 523 extracts the identification information of the integrated one-time authentication server 130 associated with the client terminal 110 that is the transmission source of the login request from the storage unit 521. An authentication request including the one-time password information included in the login request received by the receiving unit 522 is transmitted to the integrated one-time authentication server 130 specified by the extracted identification information.

  In this embodiment, since the client terminal 110 and the integrated one-time authentication server 130 are both realized by the same mobile terminal device 220, the same identification information as the identification information of the client terminal 110 that is the transmission source of the login request. Are extracted as identification information of the integrated one-time authentication server 130, and an authentication request is transmitted to the client terminal 110 that is a transmission source of the login request. In this embodiment, specifically, for example, a program stored in the ROM 302 provided in the computer apparatus 210 that implements the service site server 120 is executed by the CPU 301 while using the RAM 303 as a work area, thereby making a one-time password. The function as the transmission unit 523 can be realized by generating an authentication request including information and transmitting the generated authentication request via the network I / F 312.

  When the client terminal 110 and the integrated one-time authentication server 130 are realized by different mobile terminal devices 220, the mobile terminal device of the user associated with the identification information of the client terminal 110 that is the transmission source of the login request Is extracted as the identification information of the integrated one-time authentication server 130, and an authentication request is transmitted to the mobile terminal device having the extracted identification information.

  The authentication result receiving unit 524 receives the authentication result of the one-time authentication performed by the integrated one-time authentication server 130 using the one-time password information included in the authentication request transmitted by the transmission unit 523. The authentication result may be information indicating whether or not login is possible, or may be information indicating whether or not an input operation has been performed within a predetermined time after receiving the one-time password information in the authentication server. . In this embodiment, specifically, for example, the authentication result receiving unit 524 can be realized by the network I / F 312 provided in the computer apparatus 210 that implements the service site server 120.

  The time measuring unit 525 measures the time after the transmission unit 523 transmits an authentication request to the integrated one-time authentication server 130. In this embodiment, specifically, the function as the timer unit 525 can be realized by the timer function of the CPU 301 provided in the computer device 210 that implements the service site server 120, for example.

  The determining unit 526 determines whether or not to log in based on the authentication result received by the authentication result receiving unit 524. The determination unit 526 may determine whether or not to log in based on whether or not the authentication result reception unit 524 has received the authentication result. In this case, the authentication result receiving unit 524 receives the authentication result after the transmission unit 523 transmits the authentication request to the integrated one-time authentication server 130 until the time measuring unit 525 counts the predetermined time. Whether or not to log in can be determined depending on whether or not. Specifically, in this embodiment, for example, the program stored in the ROM 302 included in the computer device 210 that implements the service site server 120 is executed by the CPU 301 while using the RAM 303 as a work area, thereby determining the determination unit 526. The function can be realized.

  The determination result by the determination unit 526 is transmitted to the client terminal 110 by the transmission unit 523. The transmission unit 523 transmits information that guides whether authentication is possible or not to the client terminal 110 that is the transmission source of the login request using SMS. The information that guides whether or not authentication is possible is, for example, screen information of a display screen (see reference numeral 723 in FIG. 7B) that displays a service provided by a service site to which the mobile terminal device 220 has transmitted a login request. Can do.

  The integrated one-time authentication server 130 includes a receiving unit 531 that receives an authentication request transmitted by the transmitting unit 523, and a response unit 532 that responds with an authentication result of one-time authentication according to the received authentication request. ing. In this embodiment, since both the client terminal 110 and the integrated one-time authentication server 130 are realized by the same mobile terminal device 220, specifically, for example, the function as the receiving unit 531 is performed by the communication I / F 406. Can be realized.

  The response unit 532 acquires the authentication result of the one-time authentication according to the content of the input operation regarding whether or not the one-time authentication is permitted by the principal, and transmits the acquired authentication result to the service site server 120 that is the transmission source of the authentication request. To do. Further, the response unit 532 has a function of responding an authentication result within a predetermined time after receiving the authentication request, and an input as to whether one-time authentication can be performed even if the predetermined time has elapsed after receiving the authentication request. If there is no operation, the authentication result may be determined based on the absence of an input operation. Specifically, for example, an authentication result of one-time authentication is acquired by executing a program stored in the ROM 402 by the CPU 401 while using the RAM 403 as a work area, and the acquired authentication result is transmitted via the communication I / F 406. can do. In this case, the function as the response unit 532 can be realized by the CPU 401, the ROM 402, the RAM 403, and the communication I / F 406.

  Therefore, even if it is possible to authenticate using SMS, an empty mail without a comment is returned to the mail if possible (SMS and E-MAIL reply operations using a mobile phone are common. It may be as simple as two clicks, and the operation load is the least if the existing function is used.) If not, the mail may not be returned. The response unit 532 can determine that the authentication result is “No” when there is no operation.

  In this embodiment, the integrated one-time authentication server 130 is a mobile terminal device such as the mobile phone 220 owned by the person (hereinafter referred to as “personal mobile terminal apparatus 220”). In this case, the portable terminal device 220 of the principal notifies the principal of the request for authentication in the one-time authentication, and inputs whether or not the one-time authentication is possible with the one-time personal identification information included in the authentication request. Displays a screen prompting the user to perform an operation. As a result, the principal can operate the mobile terminal device 220 to enter the permission of one-time authentication. For example, when a malicious third party who attempts to impersonate the person sends a login request, the intention of the principal Unauthorized login can be eliminated.

  When transmitting a login request using information generated by an action performed on the spot by the person himself / herself as login password information, one-time password information that is easy to remember can be used. Thereby, while ensuring high security by using the one-time password information for each login, it is possible to eliminate the troublesomeness of taking a note of the one-time password information and carrying it. This makes it possible to provide one-time authentication that has high security and is easy to use, unlike authentication with a password that is unilaterally issued from a service site or the like.

  Also, when a login request is transmitted using the one-time password information generated by the user using his / her mobile terminal device 220, the one-time password transmitted by the user within a predetermined time after the login request is transmitted. Whether or not one-time authentication with information is permitted is input. For this reason, whether the one-time authentication can be performed or not can be input while the person correctly remembers the one-time password information. This eliminates the hassle of taking a note of the one-time password information and carrying it with you, and saves you from having to enter the one-time password information. Use one-time password information for each login. It is possible to provide easy-to-use one-time authentication while ensuring high security.

  In addition, the integrated one-time authentication server 130 displays the screen prompting the user to perform an input operation regarding whether or not one-time authentication is possible with the one-time password information included in the authentication request, and then performs one-time authentication for a predetermined time. It may be determined whether or not one-time authentication is possible based on the absence of any input operation regarding whether or not it is possible, and the determination result may be transmitted to service site server 120 as an authentication result.

  Specifically, for example, when an input operation is not performed within a predetermined time after receiving the one-time password information, an authentication result indicating that authentication is impossible is transmitted to the service site server 120. Alternatively, if the input operation is not performed within a predetermined time after receiving the one-time password information, the authentication permission authentication result may be transmitted to the service site server 120. Alternatively, if no input operation is performed during a predetermined time after receiving the one-time password information, no information may be transmitted to the service site server 120.

(One-time authentication operation procedure and data flow)
Next, an operation procedure and data flow of one-time authentication in the one-time authentication system will be described. 6-1, FIG. 6-2, FIG. 6-3, FIG. 6-4, FIG. 6-5, FIG. 6-6 and FIG. 6-7 are explanatory diagrams showing the operation procedure and data flow of the one-time authentication. It is. In the one-time authentication in the one-time authentication system, the user operates the mobile terminal device 220 in a state where the one-time authentication login screen 610 is displayed on the display 404 of the mobile terminal device 220, and the user determines an arbitrary one determined by the user. One-time password information is input to a predetermined input field 611 (see FIG. 6A). At this time, the user may be the person himself / herself, or may be assumed to be a person other than the person himself / herself.

  Next, the user selects and operates the “login” key 621 in a state where the one-time password information is input in the predetermined input field 611. In accordance with the selection operation of the “login” key 621, the mobile terminal device 220 transmits a login request with the one-time password information input in the predetermined input field 611 to the service site server 120 (see FIG. 6-2). reference). At this time, by displaying the one-time password information in a predetermined input field 611 of the display 404 and outputting it, the one-time password information can be stored in the brain of the user (person) of the mobile terminal device 220. At this time, the one-time password information included in the transmitted login request is output to a predetermined storage area of the mobile terminal device 220, and the one-time password information is stored in the predetermined storage area. Good.

  When the service site server 120 receives the login request transmitted from the mobile terminal device 220, the service site server 120 acquires the identification information of the mobile terminal device 220 that is the transmission source of the received login request, and is associated with the acquired identification information. The identification information of the integrated one-time authentication server 130 (authentication system) is extracted (see FIG. 6-3). Thereby, the integrated one-time authentication server 130 can be specified. In this embodiment, if there is no fraud and normal login, the mobile terminal device 220 that is the transmission source of the login request is specified as the personal mobile terminal device.

  Then, a request for one-time authentication with the one-time password information included in the login request is transmitted to the integrated one-time authentication server 130 of the extracted identification information (see FIG. 6-4). Transmission of the authentication request from the service site server 120 to the portable terminal device 220 may be performed using SMS. Security can be ensured by performing push-type communication specifying the destination using SMS. The transmission of the authentication request from the service site server 120 to the mobile terminal device 220 may be performed using an E-Mail address instead of the SMS.

  When the mobile terminal device 220 receives the authentication request, the mobile terminal device 220 checks the received authentication request. In the check, first, whether or not the client terminal 110 that is the transmission source of the authentication request is its own device, that is, whether or not the identification information of the transmission source of the authentication request matches the identification information of the mobile terminal device 220 itself. (See FIG. 6-5). As a result, it is possible to eliminate a login request made in the computer device 210 other than the mobile terminal device 220, and to secure security.

  If the mobile terminal device 220 determines that the identification information of the transmission source of the authentication request matches the identification information of the mobile terminal device 220 itself, the mobile terminal device 220 extracts and extracts the one-time password information included in the authentication request. It is determined whether or not the one-time password information matches the one-time password information stored in a predetermined storage area (see FIG. 6-5). Whether or not they match may be determined by an input operation of the user (person) of the mobile terminal device 220. If there is a predetermined input operation, it is determined that they match, and the predetermined input A case where an operation different from the operation is performed or a case where no input operation is performed for a predetermined time can be determined to be inconsistent. Specifically, for example, the predetermined input operation may be an operation of returning a blank mail to the service site server 120. Among the methods utilizing the existing functions, the reply to the blank mail has the smallest number of operation clicks, and the predetermined input operation is an operation to reply the blank mail, so that the one-time authentication of this embodiment is OK. The burden of the operation performed by the person who decides / NG can be reduced as much as possible.

  For example, if the terminal is allowed to use the button function even in HTML mail (high-function mobile phone, PDA, mobile PC), an authentication approval / disapproval mail incorporating OK and NG buttons can be transmitted to the personal mobile terminal. In this case, the person only needs to display the intention on the button. Specifically, for example, when an OK or NG button is pressed, an OK or NG server-side script (Web server API built in a language such as PHP, CGI, or Servlet) is called by secure communication such as SSL, and a response unit From 532, the authentication result can be returned to the service site.

  The portable terminal device 220 transmits a blank mail to the service site server 120 when a predetermined input operation is performed (see FIG. 6-6). The service site server 120 determines whether or not an email transmitted from the mobile terminal device 220 (registered address) to which the authentication request is transmitted is received within a predetermined time after transmitting the authentication request. In this case, the client terminal 110 (mobile terminal device 220) that is the transmission source of the login request is permitted to log in (see FIG. 6-7). At this time, whether or not a mail is received is determined regardless of the content of the mail transmitted from the portable terminal device 220 that is the transmission destination of the authentication request.

(Display screen example)
Next, a display screen example in the mobile terminal device 220 will be described. FIG. 7A and FIG. 7B are explanatory diagrams illustrating display screen examples in the mobile terminal device 220. 7A and 7B, the display screen 711 is displayed while the mobile terminal device 220 is connected to a predetermined service site (here, a mail-order sales site using the mobile terminal device 220). When the connection to the service site is established, a login screen 712 is displayed on the display 404 of the mobile terminal device 220. When the login screen 712 is displayed, the user logs in by inputting the password registered at the time of member registration performed in advance (in this case, this case is treated as sub-authentication of two-factor authentication). When the login screen 712 is displayed, the user inputs a fixed password designated for logging in to a predetermined service site, not a password for one-time authentication. As a result, a portal screen 713 of a predetermined service site is displayed.

  When the user performs an input operation in accordance with the portal screen 713 and the display screen that can be transitioned from the portal screen 713 and designates a product to be purchased (here, a bear stuffed animal), the display 404 of the mobile terminal device 220 displays an intention. A display screen 714 is displayed. The intention display screen 714 is a screen for inputting whether or not there is an intention to purchase, and the user performs an operation according to the display content of the portal screen 713 and designates a product to be purchased (here, a teddy bear). Displayed. When “Confirm” is selected and operated on the intention display screen 714, a one-time authentication application is activated on the mobile terminal device 220 and a login screen 610 is displayed.

  On the login screen 610, the user inputs one-time password information (in this case, “964432”, but “black bear” may be used as “961169”), and the “login” key 621 is operated. Then, the one-time authentication process shown in FIGS. 6-1 to 6-7 is performed between the mobile terminal device 220 and the service site server 120. While the one-time authentication process is being performed, a display screen 721 is displayed on the display 404 of the mobile terminal device 220.

  Further, when the authentication request transmitted from the service site server 120 is received while the one-time authentication process is being performed, it is not known whether it is the same as the mobile terminal device 220 described above, but the display 404 of the personal mobile terminal device 220 is not known. A display screen 722 is displayed. The display screen 722 displays the one-time password information “964432” input by the user and a message that prompts a reply operation when the authentication with the one-time password information is permitted. The display screen 722 displays the date and time of reception of a message for displaying the display screen 722.

  The owner of the mobile terminal device 220 on which the display screen 722 is displayed, that is, the person himself / herself transmits a blank e-mail to the service site server 120 when there is no objection to the contents of the display screen 722. In general, the mobile terminal device 220 can reply to an empty mail by selecting “reply” for the received mail and then operating “execute”. In other words, by confirming that the user (the person) is willing to purchase by simply performing a simple operation, authentication at the time of purchase determination added to the login screen 712 is eliminated, and impersonation is eliminated. Sex can be secured. A display screen 723 is displayed on the display 404 of the portable terminal device 220 indicating the purchase intention of the product to be purchased, thereby completing the purchase processing of one product.

  Note that a blank e-mail reply key may be displayed on the display screen 722. In this way, the person can send a blank email with a single click. In addition, when authentication is permitted (or authentication is prohibited) as an authentication result for an authentication request, a blank e-mail is sent (replyed). However, the method of displaying the will of the person regarding whether or not authentication is possible is not limited to this. Absent.

  When the integrated one-time authentication server 130 is realized by the mobile terminal device 220, “OK” or “NG” can be obtained by using an extended function of E-Mail such as decoration mail, decoration mail, deco mail, and HTML mail. A blank mail reply key indicating “OK” or “NG” may be displayed according to the type of the operated key. As a result, it is possible to prevent a situation in which authentication is not permitted (or authentication is prohibited) because the authentication request has been received but not noticed. Alternatively, a text mail addressed to the corresponding service site server may be created, and the intention indication “OK” or “NG” may be displayed by this text mail. In any case, it is possible to specify that the user is the user when the intention indication “OK” or “NG” is displayed from the integrated one-time authentication server 130.

  The mobile terminal device 220 that displays the display screen 722 is not limited to the mobile terminal device 220 that has selected a product to be purchased. The display screen 722 is displayed on the mobile terminal device 220 of the user even when, for example, a product to be purchased is selected without the user's knowledge and one-time authentication is performed. In this case, the person himself / herself will receive confirmation of the purchase intention of the product that he / she does not remember, but he / she will not be willing to purchase by leaving it without sending a blank e-mail to the service site. Can show.

(Processing procedure of portable terminal device 220)
Next, a processing procedure of the mobile terminal device 220 will be described. FIG. 8 is a flowchart illustrating a processing procedure of the mobile terminal device 220. The flowchart shown in FIG. 8 is executed when the connection to the service site is established. In the flowchart of FIG. 8, first, when a connection to the service site is established, a login screen 610 is displayed on the display 404 (step S801), and a login instruction by operating the “login” key 621 on the login screen 610. It is determined whether or not there is (step S802).

  If there is no login instruction in step S802 (step S802: No), the process proceeds to step S805. If there is a login instruction (step S802: Yes), it is determined whether or not one-time password information is input in a predetermined input field 611 on the login screen 610 (step S803). S803: No) waits until the one-time password information is input.

  If one-time password information is input in step S803 (step S803: Yes), a login request including the one-time password information is transmitted to the service site server 120 (step S804). Then, it is determined whether or not an authentication request has been received by transmitting a login request (step S805). If an authentication request has not been received (step S805: NO), the process returns to step S802.

  If an authentication request is received in step S805 (step S805: Yes), the identification information of the transmission source of the received authentication request and the one-time password information included in the request are extracted (step S806). It is determined whether or not is the own terminal (step S807). In step S807, the identification information of the transmission source of the authentication request is compared with the identification information of the own terminal, and if they match, it is determined that the transmission source is the own terminal. If the transmission source is not the terminal itself (step S807: No), the series of processing ends.

  In step S807, when the transmission source is the own terminal (step S807: Yes), it is determined whether or not an authentication OK is input (step S808). In step S808, it is determined whether or not there has been an input operation for sending a reply to the authentication request received by the mobile terminal device 220. If there is an input operation, it is determined that an authentication OK has been input. When the authentication OK is input (step S808: Yes), an authentication result indicating the authentication OK is transmitted to the service site server 120 (step S809).

  After that, it waits until it receives service screen information that displays a screen representing the service to be provided, such as the display screen 723 (step S810: No), and receives the service screen information (step S810: Yes), the received service screen information A service screen (such as the display screen 723) based on the above is displayed (step S811), and the series of processing ends.

  On the other hand, if there is no authentication OK input in step S808 (step S808: No), it is determined whether authentication NG has been input (step S812). In step S812, it is determined whether or not there has been an input operation for closing or deleting the display screen 722 displayed on the mobile terminal device 220. If there is an input operation, it is determined that an authentication NG has been input. If authentication NG is input (step S812: Yes), an authentication result indicating authentication NG is transmitted to the service site server 120 (step S813), and the series of processing ends.

  If no authentication NG is input in step S812 (step S812: No), it is determined whether or not a predetermined time has elapsed after receiving the authentication request (step S814). Step S814: No) returns to Step S808. If the time has elapsed (step S814: Yes), the series of processing ends.

(Processing procedure of service site server 120)
Next, a processing procedure of the computer apparatus 210 that implements the service site server 120 will be described. FIG. 9 is a flowchart showing the processing procedure of the computer device that implements the service site server 120. The flowchart shown in FIG. 9 is executed when the login screen 610 needs to be displayed in the mobile terminal device 220 that is using the service provided by the service site server 120. In the flowchart of FIG. 9, first, login screen information is transmitted (step S901), and it waits until a login request transmitted from the mobile terminal device 220 is received according to the transmitted login screen information (step S902: No). If a login request has not been received even after a predetermined time has elapsed since the login screen information was transmitted, the series of processing may be terminated as it is.

  In step S902, when a login request is received (step S902: Yes), identification information of the mobile terminal device 220 as the client terminal 110 that is the transmission source of the request is acquired from the received login request (step S903). ), The identification information of the integrated one-time authentication server 130 associated with the acquired identification information is extracted with reference to the address information (cumulative ledger) file 121 (step S904).

  Then, an authentication request is generated using the identification information acquired in step S903 and the identification information extracted in step S904 (step S905), and generated for the mobile terminal device 220 that is the transmission source of the login request. An authentication request is transmitted (step S906). Also, the counting of the elapsed time after transmitting the authentication request is started (step S907).

  Next, it is determined whether or not an authentication result indicating authentication OK or authentication NG has been received (step S908). If the authentication result is received (step S908: Yes), whether the received authentication result is authentication OK. It is determined whether or not (step S909). When the authentication OK authentication result is received (step S909: Yes), the service screen information corresponding to the mobile terminal device 220 specified by the identification information acquired in step S903 is transmitted (step S910), and a series of steps are performed. The process ends. On the other hand, if the received authentication result is not OK in step S909 (step S909: No), an authentication failure display screen is displayed to the mobile terminal device 220 specified by the identification information acquired in step S903. The authentication failure notification information is transmitted (step S911), and the series of processing ends.

  In step S908, it is determined whether or not a predetermined time has elapsed since the authentication request was transmitted based on the elapsed time from which the count was started in step S907 (step S912). : No) returns to step S908, and when it has elapsed (step S912: Yes), the mobile terminal device 220 determines that the authentication result could not be received because the authentication is not permitted, and the process proceeds to step S911.

  As described above, according to the authentication system of the first embodiment, authentication is performed in an authentication server set in advance by the user using information generated by the user himself / herself during login. Without using a common key or common logic that is synchronized between the client terminal 110 that logs in and the service site server, the user uses information that is easy for the user to understand (easy to judge correctness). It is possible to authenticate whether or not the person is the person. As a result, authentication using a plurality of factors (multiple factor authentication) can be performed without using a fixed password that is difficult to remember because it is unilaterally determined by a service site or the like.

  Further, according to the authentication system of the first embodiment, since authentication is performed outside the service site server 120, one integrated one-time authentication server 130 that performs one-time authentication even when using a plurality of service sites is provided. Can be unified. Thus, regardless of the service site to be used, any one-time password information may be input at the time of login, and authentication at the time of login can be easily integrated.

  As described above, according to the authentication system of the first embodiment, it is possible to use the service without increasing the burden on the user such as making the input operation complicated by using it together with authentication using a fixed password or the like. Security can be improved without introducing a new authentication system to the site server 120. As a result, it is possible to ensure high security and improve convenience for users and service providers.

  Further, according to the authentication system of the first embodiment, since the service site server 120 does not receive the authentication result within a predetermined time after transmitting the authentication request, it determines whether or not login is possible. Whether or not to log in can be determined without receiving the authentication result from the time authentication server 130. As a result, the user only needs to perform an input operation on the mobile terminal device 220 when the user intends to indicate whether to permit or exclude login, and can perform multi-factor authentication without increasing the burden on the user. And security can be improved. In addition, the communication process between the authentication server and the service site for receiving the authentication result can be omitted.

  Further, according to the authentication system of the first embodiment, since the integrated one-time authentication server 130 is realized by the personal portable terminal device 220 together with the client terminal 110, the personal portable terminal device 220 is provided every time there is a login instruction. Therefore, every time there is a login instruction, the fact that the instruction has been given is transmitted to the principal through the portable terminal device 220 of the principal, and the authentication can be performed with the consent of the principal. Thereby, in addition to the verification of the one-time password information, the timing for performing the one-time authentication can be verified, so that the security can be further improved.

  Further, according to the authentication system of the first embodiment, the service site server 120 and an arbitrary terminal device are connected by a telephone line by using SMS for communication from the service site server 120 to the client terminal 110. Only in some cases, transmission / reception of a short message can be established, and an authentication result can be transmitted in real time without leaking information related to one-time authentication. As a result, it is possible to improve security and to realize quick one-time authentication to improve user convenience.

  According to the authentication system of the first embodiment, for example, even if the person does not carry the mobile terminal device 220 at the time when the one-time authentication is requested, the one-time password information for the planned future one-time authentication. Also, specify and register in the authentication site such as the integrated one-time verification server 132 in advance with logical conditions such as AND, OR, NOT, and XOR, combining the actions of date and time, place, and purchased product content (product keyword such as upper limit amount and bear) If a one-time rule is registered in advance, an automatic process such as automatic approval for one-time login can be realized. The password authentication is based on this automatic approval rule, which is conventional password authentication. In this embodiment, unlike such automatic approval, for example, if only event contents are registered in advance, the event It is possible to automatically approve logins at.

(Embodiment 2)
Next, an authentication system according to the second embodiment of the present invention will be described. In the second embodiment, the same parts as those in the first embodiment are denoted by the same reference numerals, and description thereof is omitted. In the authentication system according to the second embodiment of the present invention, the one-time password information input method is different from that in the first embodiment, and the one-time password generated by the one-time password issuing function provided in the mobile terminal device 220 is used. A login request including information is transmitted to the service site server 120.

(Processing procedure of portable terminal device 220)
FIG. 10 is a flowchart showing a processing procedure of the mobile terminal device 220 in the authentication system according to the second embodiment of the present invention. In the flowchart of FIG. 10, first, the process waits until the connection to the service site is established and the login screen information for displaying the login screen 610 on the display 404 is received (step S1001: No). When the login screen information is received (step S1001: Yes), one-time password information is generated by the one-time password issuing function (step S1002), and a predetermined input is made using the generated one-time password information and login screen information. A login screen 610 on which the one-time password information is displayed in the column 611 is displayed (step S1003).

  And it waits until there is a login instruction by operating the “login” key 621 on the login screen 610 (step S1004: No), and when there is a login instruction (step S1004: Yes), the service site server 120 A login request including the one-time password information is transmitted (step S1005). Then, it is determined whether or not an authentication request has been received by transmitting a login request (step S1006). If an authentication request has not been received (step S1006: NO), the process returns to step S1004.

  In step S1006, when an authentication request is received (step S1006: Yes), identification information of the transmission source of the received authentication request and one-time password information included in the request are extracted (step S1007). It is determined whether or not is the own terminal (step S1008). In step S1008, the identification information of the transmission source of the authentication request is compared with the identification information of the own terminal, and if they match, it is determined that the transmission source is the own terminal. If the transmission source is not the terminal itself (step S1008: No), the series of processing is terminated as it is.

  In step S1008, when the transmission source is the own terminal (step S1008: Yes), it is determined whether or not an authentication OK is input (step S1009). In step S1009, it is determined whether or not there has been an input operation for returning a response to the authentication request received by the mobile terminal device 220. If there is an input operation, it is determined that an authentication OK has been input. When the authentication OK is input (step S1009: Yes), an authentication result indicating the authentication OK is transmitted to the service site server 120 (step S1010).

  After that, it waits until it receives service screen information that displays a screen representing the service to be provided, such as the display screen 723 (step S1011: No), and receives the service screen information (step S1011: Yes). A service screen (such as the display screen 723) based on the above is displayed (step S1012), and the series of processes is terminated.

  On the other hand, if there is no authentication OK input in step S1009 (step S1009: No), it is determined whether authentication NG has been input (step S1013). In step S1013, it is determined whether or not there has been an input operation for closing or deleting the display screen 722 displayed on the mobile terminal device 220. If there is an input operation, it is determined that an authentication NG has been input. If an authentication NG is input (step S1013: Yes), an authentication result indicating the authentication NG is transmitted to the service site server 120 (step S1014), and the series of processes is terminated.

  In step S1013, if there is no authentication NG input (step S1013: No), it is determined whether or not a predetermined time has passed since the authentication request was received (step S1015). Step S1015: No) returns to step S1009. When the time has elapsed (step S1015: Yes), the series of processing ends.

  As described above, according to the authentication system of the second embodiment, the integration set by the user in advance using the one-time password information generated at the time of login without the user performing an input operation such as a password. In order to perform authentication in the one-time authentication server 130, the user himself / herself is authenticated by using different information for each login without using a common key or common logic synchronized between the client terminal 110 and the service site server 120. It can be authenticated whether or not.

  As a result, the security can be improved without increasing the burden on the user such as making the input operation complicated and without introducing a new authentication system in the service site server 120. As a result, it is possible to ensure high security and improve convenience for users and service providers.

(Embodiment 3)
Next, an authentication system according to the third embodiment of the present invention will be described. In the third embodiment, the same parts as those in the first and second embodiments are denoted by the same reference numerals, and description thereof is omitted. In the authentication system according to the third embodiment of the present invention, unlike the first and second embodiments, the mobile terminal device 220 has an HTTP server function. With the HTTP server function, the client terminal 110 and the integrated one-time authentication server 130 can be synchronized using HTTP. At the time of communication between the service site server 120 and the portable terminal device 220 as the integrated one-time authentication server 130, the content of HTTP communication is encrypted using a common key method. Since encryption using the common key method is a known technique, description thereof is omitted.

(One-time authentication operation procedure and data flow)
Next, an operation procedure and data flow of one-time authentication in the one-time authentication system will be described. 11-1, FIG. 11-2, and FIG. 11-3 are explanatory diagrams showing an operation procedure and data flow of the one-time authentication according to the third embodiment of the present invention. In FIG. 11A, when there is an input operation for displaying a one-time authentication login screen 610 on the mobile terminal device 220, the one-time password issuing function 112 generates one-time password information. The generated one-time password information may be displayed on the display 404. Then, a login request with the generated one-time password information is transmitted to the service site server 120, and the generated one-time password information is stored in a predetermined memory in the portable terminal device 220.

  In FIG. 11B, upon receiving the login request transmitted from the mobile terminal device 220, the service site server 120 generates a secret key (public key), and uses the generated secret key (public key) as a login request. It transmits to the portable terminal device 220 which becomes a transmission source, and notifies a secret key (public key). In addition, the service site server 120 encrypts the one-time password information included in the login request using the secret key (public key) notified to the mobile terminal device 220.

  Furthermore, the service site server 120 acquires the identification information of the mobile terminal device 220 that is the transmission source of the login request, and extracts the identification information of the integrated one-time authentication server 130 associated with the acquired identification information. Then, a request for one-time authentication including the encrypted one-time password information is transmitted to the integrated one-time authentication server 130 of the extracted identification information. Transmission of the authentication request from the service site server 120 to the portable terminal device 220 is performed using HTTP.

  In FIG. 11C, when the mobile terminal device 220 receives the authentication request, the mobile terminal device 220 decrypts the one-time password information included in the received authentication request by using the secret key (public key) notified separately, It is verified whether or not it matches the one-time password information generated in 11-1. If they match, the display 404 displays a message such as “Do you want to continue processing?” And an operation key that displays whether or not to continue processing such as “OK” and “NG”. When the “OK” key is operated, the service site server 120 is transmitted with an email encrypted using a secret key (public key) separately notified of information indicating “OK”.

  The service site server 120 determines whether or not an email transmitted from the mobile terminal device 220 that is the transmission destination of the authentication request is received within a predetermined time after transmitting the authentication request. Decryption is performed using the private key (public key) shown in FIG. Then, according to the decrypted content, if “OK”, the login of the mobile terminal device 220 that is the transmission source of the login request is permitted (see FIG. 11-7). In this case, the login is selectively permitted depending on the content of the email transmitted from the mobile terminal device 220 that is the destination of the authentication request, but the email is received within a predetermined time regardless of such operation. Whether or not to allow login may be determined by determining only the presence or absence of the password.

  As described above, according to the authentication system of the third embodiment, the mobile terminal device 220 that implements the client terminal 110 and the integrated one-time authentication server 130 has an HTTP server function and encrypts each request with a common key. Therefore, compared with the case where communication is performed using a protocol such as HTTPS, communication with higher security can be performed without placing a burden on the user for certificate procurement.

  In the first, second, and third embodiments described above, the identification information of the mobile terminal device 220 serving as the client terminal 110 is registered as the identification information of the integrated one-time authentication server 130 at the service site operated by the service site server 120. However, it is not limited to this. For example, the integrated one-time authentication server 130 may be realized by the computer apparatus 210, and one-time authentication of the plurality of client terminals 110 may be performed by one integrated one-time authentication server 130. In this case, the integrated one-time authentication server 130 may be rented to a plurality of client terminals 110. This eliminates the need for complicated common key exchange processing between the client terminal 110 and the service site server 120 as in the authentication system of the third embodiment, and integrates the processes involving the use of the common key. The authentication server 130 can perform the aggregation.

  Furthermore, for example, an authentication request may be output from the integrated one-time authentication server 130 to the user's mobile terminal device 220, and the one-time personal identification information may be verified in the user's mobile terminal device 220. Further, the client terminal 110 may be realized by the mobile terminal device 220 of a user other than the user (for example, the family of the user). As a result, when a predetermined input operation is performed on the login screen 610 in order to allow the family of the user to do online shopping, the display screen 722 is displayed in the input operation of the personal mobile terminal device 220, and whether or not to permit login is determined. The person can decide. Accordingly, for example, a parent in a place other than the child such as a company can determine whether or not the product desired by the child at the store can be purchased.

  When such an operation is performed, information encrypted using a common key between the service site server 120 and the integrated one-time authentication server 130 and between the integrated one-time authentication server 130 and the mobile terminal device 220 of the user. Send and receive. This eliminates the need for complicated common key exchange processing between the client terminal 110 other than the user and the service site server 120, and reduces the processing load for one-time authentication.

  In Embodiments 1, 2, and 3 described above, one-time authentication at a plurality of service sites can be performed simultaneously (for a short time) using one client terminal 110 and one one-time password information. is assumed. In such a situation, there is a possibility that the mobile terminal device 220 that implements the unified one-time authentication server 130 may receive a plurality of authentication requests including the same one-time password information, and an authentication request including the same one-time password information. When a plurality of services are received, it becomes difficult to know which service site is used for authentication.

  As a countermeasure against this, it is preferable to restrict other authentication requests related to one-time authentication from being accepted until the one-time authentication in which the login request is first transmitted is completed. As another countermeasure, identification information may be attached to the service site or each service provided by the service site, and an authentication request including this identification information may be transmitted to the client terminal 110. As a result, even when a plurality of service sites are used, one-time authentication for each service site can be performed without confusion, and security can be ensured.

  Specifically, the one-time authentication realized by the authentication system of the above-described embodiment can be used together with, for example, authentication in conventional card payment. Specifically, for example, for a user who presents a card at the time of settlement, the user or the user authorized by the person (family member, etc.) is determined by performing the one-time authentication of this embodiment. Can do.

  In this case, by sending an authentication request from the card issuing company to the mobile terminal device 220 of the user, it is determined whether the user who presented the card is the user or a user (family member, etc.) authorized by the user. Therefore, it is possible to prevent card skimming and to find an unauthorized user who presents a stolen card. Further, if the user receives an authentication request when he / she is not familiar with the card, the user can immediately know that the card (or card information) has been used illegally. Thus, spoofing using a stolen card can be prevented. Also, with regard to the 4-digit password when using the card, the user can freely select a 4-digit number each time, and the effect of leaking the password can be expected. Further, when the system of this case is supported, it is also an advantage at the time of development that it is not necessary to modify the affiliated store system or card terminal.

  In addition, personal information such as a credit card number is likely to be abused by inputting a one-time password and confirming an action to the person for each payment using a credit card as in the above-described embodiments. Even in the Web transaction, it is possible to always express the will of the person, so that the effect of preventing spoofing can be further enhanced and the security can be improved.

  Further, the above-described effect can be expected even in the case of settlement using a debit card as in the above-described embodiments. In addition, due to recent unauthorized use, debit cards tend to be extremely reduced in use, and there is a growing tendency for mismatch with the needs of high-value payment markets such as auctions and home electronics mass merchandisers where debit card usage effects can be expected. On the other hand, if the one-time authentication of this embodiment is used, security improvement can be ensured, so there is an expectation that the use insurance will be extremely increased and the casualty insurance premium will be reduced.

  Moreover, each embodiment mentioned above can expect an effect also in the handling of a care recipient's card. For example, if the helper uses a card as a proxy for a bedridden caregiver's card, the cardholder (caregiver) does not want to tell the helper the PIN number of the card, and the use of the helper's card I am also worried about the desired usage. Even in such a situation, if the one-time authentication of this embodiment is used, the four-digit password may be determined each time, and the use contents of the helper can be accepted while confirming each time.

  Further, for example, when displaying the login screen 610, one-time password information is generated, the generated one-time password information is encrypted, and then a login request including the encrypted one-time password information is sent to the service site server 120. You may make it transmit. In this case, the service site server 120 that has received the login request transmits an authentication request using a predetermined secret key to the corresponding integrated one-time authentication server 130. At this time, the authentication request includes encrypted one-time password information.

  When the integrated one-time authentication server 130 receives the request for authentication including the encrypted one-time password information, the integrated one-time password information is decrypted with the secret key held in advance, and the decrypted one-time password information and It is verified whether or not the one-time password information stored in the own device matches. As a result of the verification, if they match, information indicating “OK” or “NG” is transmitted in the same manner as in FIG. As a result, the encrypted and transmitted information can be decrypted by itself, which is compared with the case where a secret key or a common key is transmitted / received among the client terminal 110, the service site server 120, and the integrated one-time authentication server 130. Thus, it is possible to reliably prevent the key from leaking in the middle.

  Note that the client terminal 110 and the integrated one-time authentication server 130 may be realized by different devices, but may have the same configuration. In this case, the client terminal 110 and the integrated one-time authentication server 130 are not limited to being realized by a single device. For example, two portable terminal devices 220 are connected using cables, infrared communication, NFC, a transceiver function, or the like. By performing secure one-to-one communication, the same configuration may be considered.

  Further, by connecting the computer apparatus 210 and the mobile terminal apparatus 220 of the user using Felica proximity communication or VPN and establishing a secure one-to-one communication with each other, the client terminal 110 and the integrated one-time authentication server 130 May be regarded as the same one configuration. Further, by realizing the client terminal 110 and the integrated one-time authentication server 130 by the computer device 210 having a function that can be occupied only by the user, the client terminal 110 and the integrated one-time authentication server 130 are regarded as the same configuration. You may hesitate. In this case, the integrated one-time authentication server 130 is virtually provided in the computer apparatus 210 equipped with a function that can be occupied only by the person, and the virtual integrated one-time authentication server 130 and the computer apparatus are connected by VPN or special dedicated communication. It is possible to perform secure one-to-one communication.

  Further, the integrated one-time authentication server 130 is realized by a computer device mounted on a motorcycle, a car, or the like, and the client terminal 110 is realized by a vending machine provided at a gas station or a self-fueling device settlement machine. The client terminal 110 and the integrated one-time authentication server 130 may be regarded as one and the same configuration by causing the integrated one-time authentication server 130 to communicate one-to-one.

  When the client terminal 110 and the integrated one-time authentication server 130 can be regarded as the same configuration, the one-time password information and the action information such as the date and time, the place, and the purchased product content described above are used as the service site server. In addition to the transmission route to be transmitted to the integrated one-time authentication server 130 via 120, it is possible to transfer the client terminal 110 directly to the integrated one-time authentication server 130 without passing through the service site server 120. As a result, the integrated one-time authentication server 130 can automatically determine the result of authentication against the one-time rule without requiring determination of the person's authentication approval by human operation.

  In addition to this, a series of authentications can be realized by an operation for requesting the minimum intention determination of only OK and NG. In addition, if the result of the authentication judgment against the input of one-time password information, action information such as date / time, place, purchased product content, etc., against the one-time rule, is OK in the part other than OK and NG At this time, the identity verification is achieved, and the OK / NG identity determination input may be realized on the client terminal 110 in addition to the integrated one-time authentication server 130. As a result, in a situation where the rotational speed of payment such as small payment is required, hold the mobile phone over the Felica terminal at the time of payment, and if the OK / NG judgment is OK, the confirmation screen is displayed on the shop side terminal. Things are possible.

  As described above, the authentication system, the authentication method, and the authentication program according to the present invention are useful for an authentication system, an authentication method, and an authentication program that perform authentication for logging in to a service site from an arbitrary terminal device. It is suitable for an authentication system, an authentication method, and an authentication program that use different one-time password information for each login.

It is explanatory drawing which shows the outline | summary of the authentication system of Embodiment 1 concerning this invention. It is explanatory drawing which shows the system configuration | structure of the authentication system of Embodiment 1 concerning this invention. It is a block diagram which shows the hardware constitutions of a computer apparatus. It is a block diagram which shows the hardware constitutions of a portable terminal device. It is a block diagram which shows the functional structure of an authentication system. It is explanatory drawing (the 1) which shows the operation procedure and data flow of one-time authentication. It is explanatory drawing (the 2) which shows the operation procedure and data flow of one-time authentication. It is explanatory drawing (the 3) which shows the operation procedure and data flow of one-time authentication. It is explanatory drawing (the 4) which shows the operation procedure and data flow of one-time authentication. It is explanatory drawing (the 5) which shows the operation procedure and data flow of one-time authentication. It is explanatory drawing (the 6) which shows the operation procedure and data flow of one-time authentication. It is explanatory drawing (the 7) which shows the operation procedure and data flow of one-time authentication. It is explanatory drawing (the 1) which shows the example of a display screen in a portable terminal device. It is explanatory drawing (the 2) which shows the example of a display screen in a portable terminal device. It is a flowchart which shows the process sequence of a portable terminal device. It is a flowchart which shows the process sequence of the computer apparatus which implement | achieves a service site server. It is a flowchart which shows the process sequence of the portable terminal device in the authentication system of Embodiment 2 concerning this invention. It is explanatory drawing (the 1) which shows the operation procedure and data flow of the one-time authentication of Embodiment 3 concerning this invention. It is explanatory drawing (the 2) which shows the operation procedure and data flow of the one-time authentication of Embodiment 3 concerning this invention. It is explanatory drawing (the 3) which shows the operation procedure and data flow of the one-time authentication of Embodiment 3 concerning this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 110 Client terminal 120 Service site server 130 Integrated one-time authentication server 511 Reception unit 512 Generation unit 513 Output unit 514 Transmission unit 521 Storage unit 522 Reception unit 523 Transmission unit 524 Authentication result reception unit 525 Timing unit 526 Determination unit 531 Reception unit 532 Response Part

Claims (8)

For from any terminal device login to the service site, a authentication system that performs authentication including clear screen authentication server verification processing to verify the least principal,
The arbitrary terminal device is
An accepting means for accepting input of information generated by an action performed by a user on the spot;
A transmission unit that transmits information received by the reception unit to the service site in response to a login instruction of the user;
With
A service site server that operates the service site,
Storage means for storing information related to the authentication server and automatic verification rules set in advance by the principal;
Receiving means for receiving information transmitted from the arbitrary terminal device;
Based on the information received by the receiving unit, the authentication server stored in the storage unit and information on the automatic verification rule are used to determine an authentication server to perform the verification process, and the determined authentication server Transmitting means for transmitting the information received by the receiving means;
An authentication result receiving means for receiving an authentication result of the information transmitted by the transmitting means from the authentication server ;
Determining means for determining whether or not to log in based on the authentication result received by the authentication result receiving means;
An authentication system characterized by comprising: For from any terminal device login to the service site, a authentication system that performs authentication including clear screen authentication server verification processing to verify the least principal,
The arbitrary terminal device is
Generating means for generating information comprising at least one of an arbitrary character string, image, sound, and biometric information in accordance with a user's login instruction;
Output means for outputting the information generated by the generating means;
Transmitting means for transmitting the information generated by the generating means to the service site;
With
A service site server that operates the service site,
Storage means for storing information related to the authentication server and automatic verification rules set in advance by the principal;
Receiving means for receiving information transmitted from the arbitrary terminal device;
Based on the information received by the receiving unit, the authentication server stored in the storage unit and information on the automatic verification rule are used to determine an authentication server to perform the verification process, and the determined authentication server Transmitting means for transmitting the information received by the receiving means;
An authentication result receiving means for receiving an authentication result of the information transmitted by the transmitting means from the authentication server ;
Determining means for determining whether or not to log in based on the authentication result received by the authentication result receiving means;
An authentication system characterized by comprising: 3. The authentication system according to claim 1, wherein one of authentication servers set in advance by the principal concerning information stored in the storage unit is the portable terminal device of the principal. 4. The authentication system according to claim 3, wherein the arbitrary terminal device is realized by the mobile terminal device of the principal who is set in advance by the principal as one of the authentication servers. 5. For from any terminal device login to the service site, a authentication method authenticating system performs to perform authentication including clear screen authentication server verification processing to verify the least principal,
Causing the arbitrary terminal device to execute,
A reception process for receiving input of information generated by an action performed by a user on the spot;
In response to the user's login instruction, a transmission step of transmitting the information received by the reception step to the service site;
Causing a service site server that operates the service site to execute,
A storage step of storing information on the authentication server and the automatic verification rule set in advance by the principal;
A receiving step of receiving information transmitted from the arbitrary terminal device;
Based on the information received by the reception step, the authentication server and the automatic verification rule stored by the storage step are used to determine the authentication server that performs the verification process, and the determined authentication server A transmission step of transmitting information received by the reception step;
An authentication result receiving step of receiving an authentication result of the information transmitted by the transmitting step from the authentication server ;
A determination step of determining whether or not to log in based on the authentication result received by the authentication result receiving step;
The authentication method characterized by including. For from any terminal device login to the service site, a authentication method authenticating system performs to perform authentication including clear screen authentication server verification processing to verify the least principal,
Causing the arbitrary terminal device to execute,
In accordance with a login instruction of the user, a generation step for generating information consisting of at least one of an arbitrary character string, image, sound, and biological information;
An output step of outputting information generated by the generation step;
A transmission step of transmitting the information generated by the generation step to the service site;
Causing a service site server that operates the service site to execute,
A storage step of storing information on the authentication server and the automatic verification rule set in advance by the principal;
A receiving step of receiving information transmitted from the arbitrary terminal device;
Based on the information received by the reception step, the authentication server and the automatic verification rule stored by the storage step are used to determine the authentication server that performs the verification process, and the determined authentication server A transmission step of transmitting information received by the reception step;
An authentication result receiving step of receiving an authentication result of the information transmitted by the transmitting step from the authentication server ;
A determination step of determining whether or not to log in based on the authentication result received by the authentication result receiving step;
The authentication method characterized by including. For from any terminal device login to the service site, a authentication program to be executed by the authentication system that performs authentication including clear screen authentication server verification processing to verify the least principal,
In the arbitrary terminal device,
A reception process for receiving input of information generated by an action performed by a user on the spot;
In response to the user's login instruction, a transmission step of transmitting the information received by the reception step to the service site;
And execute
In the service site server that operates the service site,
A storage step of storing information on the authentication server and the automatic verification rule set in advance by the principal;
A receiving step of receiving information transmitted from the arbitrary terminal device;
Based on the information received by the reception step, the authentication server and the automatic verification rule stored by the storage step are used to determine the authentication server that performs the verification process, and the determined authentication server A transmission step of transmitting information received by the reception step;
An authentication result receiving step of receiving an authentication result of the information transmitted by the transmitting step from the authentication server ;
A determination step of determining whether or not to log in based on the authentication result received by the authentication result receiving step;
An authentication program characterized by causing For from any terminal device login to the service site, a authentication program to be executed by the authentication system that performs authentication including clear screen authentication server verification processing to verify the least principal,
In the arbitrary terminal device,
In accordance with a login instruction of the user, a generation step for generating information consisting of at least one of an arbitrary character string, image, sound, and biological information;
An output step of outputting information generated by the generation step;
A transmission step of transmitting the information generated by the generation step to the service site;
And execute
In the service site server that operates the service site,
A storage step of storing information on the authentication server and the automatic verification rule set in advance by the principal;
A receiving step of receiving information transmitted from the arbitrary terminal device;
Based on the information received by the reception step, the authentication server and the automatic verification rule stored by the storage step are used to determine the authentication server that performs the verification process, and the determined authentication server A transmission step of transmitting information received by the reception step;
An authentication result receiving step of receiving an authentication result of the information transmitted by the transmitting step from the authentication server ;
A determination step of determining whether or not to log in based on the authentication result received by the authentication result receiving step;
An authentication program characterized by causing

Images