JP5605973B2 - Electronic payment system and electronic payment method - Google Patents

Description

The present invention relates to an electronic payment system and an electronic payment method.

  As security technologies related to mobile terminals such as mobile phones and PHS terminals, for example, there are technologies disclosed in Patent Documents 1 and 2 below.

That is, Patent Documents 1 and 2 below disclose a technique for restoring phone book data to a mobile phone by backing up phone book data of the mobile phone in advance on a server. According to such a conventional technique, when a part or all of the phone book data is lost, the user's own phone book data stored in advance in the server can be acquired from the server and used continuously.
JP 2002-132717 A JP 2003-338867 A

By the way, the above prior art has the following problems.
That is, for example, when the phone book data of a lost mobile phone is to be taken into a newly purchased mobile phone and used, it is necessary to back up the phone book data to the server before the loss in the above prior art. Since the phone book data of the lost mobile phone cannot be used with a newly purchased mobile phone when it is not performed before the loss, the above-described prior art lacks practicality.

In addition, since the phone book data is updated sequentially every day, in order to use the phone book data of the mobile phone lost by the above-mentioned conventional technology with the newly purchased mobile phone, the phone book data is used in the process of using the lost mobile phone. Therefore, the telephone book data must be backed up every time the data is updated. Therefore, the above prior art is not practical.
In recent years, electronic payment systems using communication terminals such as mobile phones have become widespread, but if a mobile phone is lost as described above, a malicious third party can pick up the mobile phone. However, there is a risk of making an electronic payment by impersonating the original user.

The present invention has been made in view of the above-described circumstances, and an object thereof is to provide more practical security technology for mobile terminals.
In addition, more specifically, the present invention has an object to easily use user data of a mobile terminal that cannot be directly operated due to loss or the like on another mobile terminal.
In addition, for the purpose of providing security technology for electronic payment systems, more specifically, an electronic payment system in which a malicious third party impersonates the original user using a communication terminal that cannot be directly operated due to loss, etc. The purpose is to prevent the use of.

In order to achieve the above object, an electronic payment system according to the present invention is an electronic payment system comprising a communication terminal having an authentication function and a server device, wherein authentication data including a verification password is transmitted to a first communication terminal. A second communication terminal including a second transmission unit that transmits and transmits a request for a predetermined process to the server device, a storage unit that stores in advance a password to be compared with the verification password, and the authentication A first communication terminal comprising: a receiving unit that receives data; a control unit that compares the password with a verification password included in the authentication data and performs user authentication of the second communication terminal; and and a server device that performs the predetermined processing based on a processing request made, the second transmission unit, the said user authentication is by the first communication terminal a predetermined The request to stop the processing of electronic payment function of the relative said server device first communication terminal transmits to the server apparatus as a management request, the server apparatus, the stop of the electronic settlement function by the second transmission unit When a processing request is transmitted , the electronic payment function is stopped as the predetermined processing.

  And a 1st communication terminal is provided with the 1st transmission part which transmits the result of the said user authentication with respect to a said 2nd communication terminal, It is characterized by the above-mentioned.

  The second transmission unit transmits the stop request together with a solid identifier of the first communication terminal to the server device when user authentication of the second communication terminal is performed by the first communication terminal. It is characterized by.

In addition, in order to achieve the above object, an electronic payment method according to the present invention is an electronic payment method using a communication terminal having an authentication function and a server device, in which a password to be compared with a verification password is set in advance. A storing step for storing; a first transmitting step in which the second communication terminal transmits authentication data including the verification password to the first communication terminal; a receiving step for receiving the authentication data; and the password and the authentication step of performing user authentication of the second communication terminal compares the collation password included in the data for authentication, if said user authentication by the first communication terminal is, the relative said server device first It includes a request transmitting step of transmitting a request for the stop process electronic payment function of the first communication terminal, and a stop processing step of performing a stop process of the electronic payment function And wherein the door.

  According to the present invention, instead of a communication terminal that cannot be directly operated due to loss or the like, a communication terminal such as another mobile phone can instruct the electronic payment center to stop the electronic payment process. Therefore, according to the present invention, it is possible to provide a suitable security technique for electronic payment using a communication terminal such as a mobile phone.

  Hereinafter, an embodiment of the present invention will be described with reference to the drawings. That is, this embodiment relates to a PHS (Personal Handy-phone System) terminal which is one of communication terminals, and a user data management system and method thereof.

FIG. 1 is a system configuration diagram of a user data management system according to the present embodiment. FIG. 2 is a functional block diagram of the PHS terminal A according to the present embodiment.
As shown in FIG. 1, the user data management system includes PHS terminals A, B, A ′, a base station C, a data server D, an electronic payment server E, the Internet F, and the like. As shown in FIG. 2, the PHS terminal A includes a communication unit 1, a storage unit 2, an operation unit 3, a display unit 4, a control unit 5, and the like. The PHS terminals B and A ′ also have a functional configuration equivalent to that of the PHS terminal A.

  The PHS terminal A is a PHS terminal that can no longer be directly operated due to loss or the like, and performs transmission / reception of various signals described later with the PHS terminal B and the data server D via the base station C. The PHS terminal B is a PHS terminal that remotely controls the PHS terminal A and obtains user data of the PHS terminal A, and transmits and receives various signals described later with the PHS terminal A and the electronic payment server E via the base station C. I do. The PHS terminal A ′ is a PHS terminal that acquires user data, and performs transmission and reception of various signals described later with the data server D and the electronic payment server E via the base station C.

The base station C is provided in an area (cell) where the PHS terminals A and B exist, and is connected to the PHS terminals A and B wirelessly, and is connected to the data server D and the electronic payment server E via the Internet F. Connected with. The base station C mediates mutual communication among the PHS terminals A and B, the data server D, and the electronic payment server E.
The data server D stores user data received from the PHS terminal A and provides the stored user data in response to a request from the PHS terminal A ′.
The electronic payment server E is a server managed by the electronic payment center, and stops the payment of the PHS terminal A in response to the request received from the PHS terminal A ′.

Next, the PHS terminal A will be described. The communication unit 1 uses an external PHS terminal B, a data server D, and an electronic payment server E based on an instruction input from the control unit 5 and a control signal received from the base station C. Various signals to be described later are transmitted / received to / from.
The storage unit 2 stores and reads user data such as telephone directory data, mail data, and PIM (Personal Information Manager) data based on instructions input from the control unit 5.
The operation unit 3 includes various operation keys such as a power key, various function keys, and a numeric keypad, and outputs user operation instructions for these operation keys to the control unit 5. The display unit 4 is, for example, a liquid crystal monitor or an organic EL monitor, and displays various images and characters based on a display signal input from the control unit 5.

  The control unit 5 controls the communication unit 1, the storage unit 2, the operation unit 3, and the display unit 4 based on the control program stored therein, the signal received by the communication unit 1, and the operation instruction input from the operation unit 3. Control all over. The control unit 5 includes an e-mail processing unit 5a as one of internal function components. The e-mail processing unit 5a creates an e-mail (outgoing mail) to be transmitted to the outside via the communication unit 1, displays the e-mail (received mail) received from the outside by the communication unit 1 on the display unit 4, and the like. . Details of the control processing by the control unit 5 will be described later.

Next, operations of the user data management system and the PHS terminal A configured as described above will be described in detail with reference to sequence diagrams shown in FIGS.
First, the user data management system and the user data storage process of the PHS terminal A will be described with reference to the sequence diagram of FIG.

  First, the PHS terminal B performs voice transmission with a destination subaddress which is a kind of subaddress to the PHS terminal A via the base station C (step S1). This destination subaddress is a remote command including a command for instructing the external storage of user data and a predetermined password. The communication unit 1 of the PHS terminal A receives the voice incoming signal based on the voice transmission via the base station C, and notifies the control unit 5 of the reception of the voice incoming signal and the destination subaddress.

  Here, the called subaddress is an information element used in ISDN (Integrated Services Digital Network), and can be used in ISDN or a PHS using the ISDN. As an example, a number having a predetermined number of digits is added after the destination telephone number with “*” as a delimiter. The operator of the PHS terminal B performs an input operation on the operation unit 3 in the order of “destination telephone number” → “*” → “destination subaddress”, so that a destination subaddress as a remote command is transmitted from the PHS terminal B to the PHS. Transmit to terminal A.

  When the destination subaddress is input from the communication unit 1, the control unit 5 verifies the password included in the destination subaddress and the password stored in the storage unit 2 in advance, thereby authenticating the user of the operator of the PHS terminal B. (Step S2), and the user authentication result is output to the communication unit 1. As a result, the communication unit 1 transmits the user authentication result to the PHS terminal B (step S3).

  Then, when the user authentication result is “authorization” and the user is authenticated as an authorized user, the operator of the PHS terminal B requests to stop the electronic payment function together with the individual identifier (eg, telephone number or terminal number) of the PHS terminal A. Is transmitted to the electronic settlement server E (step S4). As a result, the electronic payment server E stops the electronic payment related to the PHS terminal A (step S5).

  On the other hand, when the user authentication process is completed, the control unit 5 of the PHS terminal A sets the operation mode of the PHS terminal A to the lock mode (step S6). This lock mode is an operating state in which the PHS terminal A does not accept any operation instruction input to the operation unit 3 or any instruction by various signals received by the communication unit 1.

  When the control unit 5 sets the PHS terminal A in such a lock mode, the user data from the storage unit 2, the network address (storage destination address) of the data server D indicating the storage destination of the user data, the password, and the PHS terminal A Are read out and output to the communication unit 1. As a result, the communication unit 1 transmits the user data, the telephone number of the PHS terminal A, and the password to the data server D (step S7). The storage address is the URL (Uniform Resource Locator) of the data server D.

  When the data server D receives the user data, the telephone number of the PHS terminal A and the password from the PHS terminal A, the data server D stores the user data and the password in association with the telephone number of the PHS terminal A (step S8).

  Next, the user data management system and the user data acquisition process of the PHS terminal A ′ will be described with reference to FIG. The PHS terminal A ′ is a PHS terminal newly used by the user of the PHS terminal A in place of the PHS terminal A that cannot be directly operated due to loss or the like, and has the same individual identifier (phone number) as the PHS terminal A have.

  When the user of the PHS terminal A ′ designates a password and a storage destination address and inputs a user data acquisition request from the data server D, the PHS terminal A ′ transmits the acquisition request to the data server D. (Step S9). When the data server D receives the acquisition request, the data server D collates the password received from the PHS terminal A ′ with the password previously received and stored together with the user data from the PHS terminal A, thereby regarding the user of the PHS terminal A ′. An authentication process is performed (step S10).

  When the result of the user authentication is “authorization”, the data server D transmits user data to the PHS terminal A ′. As a result, the PHS terminal A ′ acquires and stores user data (step S11). Then, the PHS terminal A ′ makes an electronic payment restart request to the electronic payment server E together with the individual identifier of the PHS terminal A ′ (same as the individual identifier of the PHS terminal A) (step S12). As a result, the electronic payment center restarts the electronic payment function of the PHS terminal A ′ (step S13).

  As described above, according to the present embodiment, the user data of the PHS terminal A is stored in the external data server D by transmitting the destination subaddress to the PHS terminal A as a remote command. Can be easily used by a PHS terminal A ′ other than the PHS terminal A, and thus a more practical PHS terminal security technique can be provided.

In addition, this invention is not limited to the said embodiment, For example, the following modifications can be considered.
(1) In the above embodiment, the destination subaddress included in the voice incoming signal is a remote command, but the present invention is not limited to this. For example, a specific code may be described in the title or body of an email sent from the PHS terminal B to the PHS terminal A, and the code may be used as a remote command.

(2) In the above embodiment, the storage address of the user data is the network address of the data server D stored in advance by the PHS terminal A, but the present invention is not limited to this. The PHS terminal B may designate the storage destination of the user data by transmitting the storage destination address from the PHS terminal B to the PHS terminal A.

(3) In the above embodiment, the password is specified from the PHS terminal B to the PHS terminal A, but the present invention is not limited to this. For example, the user data is stored in the data server D without specifying a password from the PHS terminal B to the PHS terminal A, that is, without performing authentication processing in the PHS terminal A, and the PHS terminal B is connected to the PHS terminal A The user data may be acquired by specifying the phone number of the PHS terminal A without specifying the password when acquiring the data.

(4) In the above embodiment, the remote command transmitted by the PHS terminal B includes “lock mode + user data transmission” instruction, but the present invention is not limited to this. Since the PHS terminal A which is not at hand due to loss or the like has user data remaining in the storage unit 2 even after the user data is transmitted, a malicious third party disassembles the PHS terminal A and receives the user data from the storage unit 2 It is also possible to extract. Therefore, by including a command for instructing “user data deletion” in the remote command, after the communication unit 1 transmits user data to the data server D, the user data is deleted from the storage unit 2 after the user data is transmitted. It is also good.

(5) In the above embodiment, the user data of the PHS terminal A is transmitted to the storage destination address, and the user is not notified of the storage destination address. However, the present invention is not limited to this. By storing the notification destination address in the storage unit 2 of the PHS terminal A in advance, after the communication unit 1 transmits user data to the data server D, an email is transmitted to the notification destination address, and the storage destination address is notified. May be. Further, when the notification destination address is not stored in the storage unit 2, by sending a mail for notifying the storage destination address to the address of the PHS terminal A in the lock mode setting state, the PHS terminal Alternatively, the PHS terminal A ′ may receive a mail and receive a notification of a storage destination address when the individual identifier of the PHS terminal A is registered in A ′.

1 is a system configuration diagram of a user data management system according to an embodiment of the present invention. It is a functional block diagram of PHS terminal A concerning one embodiment of the present invention. It is a sequence diagram which shows the user data management system concerning one Embodiment of this invention, and the user data preservation | save process of PHS terminal A. It is a sequence diagram which shows the user data management system concerning one embodiment of this invention, and the user data acquisition process of the PHS terminal B.

Explanation of symbols

A, B, A '... PHS terminal, C ... base station, D ... data server, E ... electronic payment server, F ... Internet, 1 ... communication part, 2 ... storage part, 3 ... operation part, 4 ... display part, 5. Control unit

Claims (3)

In an electronic payment system comprising a communication terminal and a server device having an authentication function,
A second communication terminal comprising a second transmission unit for transmitting authentication data including a verification password to the first communication terminal and transmitting a request for a predetermined process to the server device;
A storage unit that stores a password to be compared with the verification password in advance, a reception unit that receives the authentication data, the password and a verification password included in the authentication data are compared, and the second A first communication terminal comprising a control unit for performing user authentication of the communication terminal;
A server device that performs the predetermined processing based on the request for the predetermined processing,
When the user authentication is performed by the first communication terminal, the second transmission unit sends a request for the processing for stopping the electronic payment function of the first communication terminal to the server device as the request for the predetermined process. To the device,
The server device performs an electronic payment function stop process as the predetermined process when a request for the electronic payment function stop process is transmitted by the second transmission unit.
An electronic payment system characterized by this.   The electronic payment system according to claim 1, wherein the first communication terminal includes a first transmission unit that transmits a result of the user authentication to the second communication terminal.   The second transmission unit transmits the stop request together with a solid identifier of the first communication terminal to the server device when user authentication of the second communication terminal is performed by the first communication terminal. The electronic settlement system according to claim 2, wherein

Images