JP6020089B2 - Fraud detection system - Google Patents

Description

  The present invention relates to a fraud detection system for detecting fraud related to an information code.

  Conventionally, information codes such as two-dimensional codes have been used in various fields as means for easily acquiring predetermined information. In particular, as a means for guiding consumers who use terminal devices such as mobile phones and smartphones to a desired website such as a website on which a corporate advertisement is posted, for example, disclosed in Patent Document 1 below. An information distribution system is known. In this system, the URL information can be acquired by reading an information code obtained by encoding the URL information of the target website with a terminal device, and such a method is widely used. Along with this, each terminal device is configured with a program (application) for optically reading an information code installed in advance or configured to be installable via the Internet or the like. It is an environment where a readable reading device can be possessed.

JP 2008-234530 A

  By the way, if the URL information obtained by reading the information code has been tampered with illegally, there is no way to check whether this URL information is safe or not, and a connection to a website different from the desired website is possible. Will be. In this case, there is a problem in that if a connection is made to a malicious website or the like in which a virus or malware is loaded, the reading device is infected.

  Such a problem is not limited to URL information. When an information code whose information has been tampered with is read, that is, when there is a fraud related to the information code, there is no way to confirm the fraud. There is a problem that damage caused by reading the information code occurs.

  The present invention has been made to solve the above-described problems, and an object of the present invention is to provide a fraud detection system capable of detecting fraud related to an information code.

In order to achieve the above object, the invention described in claim 1 is obtained by optically reading the information code (C, 100, 100a) displayed on the article (R) by the optical information reader (20). The fraud detection system (10) includes a fraud detection device (30) for detecting fraud related to the information code based on the information to be detected, and the information code detects fraud related to the predetermined information and the information code. Information for detection is coded so as to be optically readable, and the optical information reader includes an imaging means (22) for imaging the information code, and an imaging imaged by the imaging means. Reading side decoding means (21) for decoding the information code based on the code image of the information code included in the image, and reading side communication means capable of communicating with the fraud detection device Using the means (26) and the reading side communication means, information relating to the detection information obtained at the time of decoding is transmitted to the fraud detection device, and the verification received from the fraud detection device in response to this transmission The fraud detection device comprises: a determination unit (21) that determines whether there is a fraud related to the information code based on a result; and a notification unit (25) that notifies a determination result by the determination unit. Or collation side communication means (33) capable of communicating with two or more optical information readers, a database (32a) in which collation information for collation with the detection information is recorded, and the collation side communication means The collation side communication means uses the result of collating the detection information obtained from the information related to the detection information received via the collation information in the database as the collation result Characterized in that it comprises a collation means (31) to be transmitted to the optical information reader through.
In addition, the code | symbol in each said parenthesis shows the correspondence with the specific means as described in embodiment mentioned later.

  According to the first aspect of the present invention, when an information code encoded so as to include the detection information is picked up by the optical information reader, information relating to the detection information obtained at the time of decoding is transmitted to the fraud detection device. The Then, the result of collating the detection information obtained from the information related to the received detection information with the collation information stored in the database is transmitted to the optical information reading device as a collation result by the collation means of the fraud detection device. . When the determination unit of the optical information reading device determines whether or not there is a fraud regarding the information code based on the collation result received from the fraud detection device, the determination result is notified by the notification unit. The

As a result, the user who has read the information code using the optical information reading device is notified of the determination result based on the collation result transmitted from the fraud detection device, so that whether or not there is any injustice regarding the read information code. Can be recognized. In particular, since the verification information is recorded in the database of the fraud detection device, it is not necessary to store the verification information in the optical information reader, and even if the optical information reader is stolen, the verification information Since the device is not stolen, the confidentiality of the verification information can be improved.
Therefore, it is possible to detect fraud related to the information code while improving the confidentiality related to the verification information.

  In the invention of claim 2, since the information code is configured such that the detection information is encrypted so as to be decipherable by any one of a plurality of encryption keys, reading for the purpose of illegal acquisition of the detection information is prevented. can do. Thereby, the fraud regarding the information code can be detected while enhancing the secrecy regarding both the verification information and the detection information.

  In the invention of claim 3, the information related to the detection information transmitted to the fraud detection device is information including a portion corresponding to the detection information in the arrangement information in the code image, and is checked by the collation side decoding means of the fraud detection device. The detection information is obtained by decoding the received information about the detection information using the corresponding encryption key.

  For this reason, even an optical information reader that does not have an encryption key can obtain a collation result corresponding to the encrypted detection information, so that it is not necessary to store the encryption key in the optical information reader. Thus, even if the optical information reader is stolen, even the encryption key can be prevented from being stolen. Thereby, the fraud regarding the information code can be detected while further improving the confidentiality regarding the detection information and the encryption key.

  In the invention of claim 4, since the information for detection is set in accordance with the predetermined information based on a predetermined rule, even if the predetermined information is tampered with, the information code is illegal. It cannot be tampered with. Then, in the information code that has been tampered with, the detection information that should be set based on the predetermined rule from the predetermined information obtained at the time of decoding matches the detection information that is also obtained at the time of decoding. Therefore, fraud related to information codes can be detected.

  In the invention of claim 5, the information code is replaced by a pattern group corresponding to an exclusive OR of the first brightness value of the first area and the second brightness value of the second area. It is a two-dimensional code formed. Then, in the optical information reading device, as the information related to the detection information obtained at the time of decoding, the acquisition information at the time of decoding including the binarized data of the first area and the second area of the code image obtained at the time of decoding And the re-coding acquisition information including the binarized data of the first region of the two-dimensional code obtained at the time of re-coding is transmitted to the fraud detector. Then, in the fraud detection device, based on the position information stored in the database, exclusive OR of the first brightness value of the first area and the second brightness value of the second area included in the acquired information at the time of decoding, A result obtained by collating the first brightness value of the first region included in the re-encoding acquired information is transmitted as a collation result between the detection information and the collation information.

  As a result, when the two-dimensional code is illegally forged, the pattern group in the first area is not replaced. Since the 1 brightness value does not match, by detecting this mismatch, it is possible to reliably detect fraud related to the two-dimensional code.

  In the invention of claim 6, the two-dimensional code corresponds to an exclusive OR of a value obtained by encrypting one of the first brightness value and the second brightness value and the other value of the pattern group in the first area. It is formed by replacing with a pattern group consisting of a bright color pattern and a dark color pattern. Then, an exclusive OR of a value obtained by decrypting one of the encrypted values included in the acquired information at the time of decoding and the other value, and the first area included in the acquired information at the time of recoding A result obtained by collating the first brightness value is transmitted as a collation result between the detection information and the collation information.

  As described above, since one of the first brightness value and the second brightness value is encrypted, the pattern group in the first area is a bright color corresponding to the exclusive OR of the first brightness value and the second brightness value. Compared to a case where the pattern group is composed of a pattern and a dark color pattern, the two-dimensional code can be more effectively prevented from being counterfeited, and the security can be further enhanced.

  In the invention of claim 7, when the arrangement state of each pattern of the code image obtained at the time of decoding matches the arrangement state of each pattern of the two-dimensional code obtained at the time of re-encoding, Since it is clear that a two-dimensional code in which the pattern group in one area is not replaced is read, in this case, information relating to detection information is not transmitted to the fraud detection device. In this case, by not determining that there is no fraud related to the information code, unnecessary transmission / reception to the fraud detection device can be eliminated, and the processing load related to fraud detection can be reduced.

  In the invention of claim 8, since the acquisition information at the time of decoding is the binarized data of the first area and the binarized data of the second area of the code image obtained at the time of decoding, for example, the acquisition information at the time of decoding As compared with the case where all the information of the code image obtained at the time of decoding is transmitted, the amount of information at the time of transmitting the acquired information at the time of decoding is reduced and the processing load can be reduced.

  In the invention of claim 9, since the re-encoding acquisition information is binary data of the first region of the two-dimensional code obtained at the time of re-encoding, for example, the re-encoding acquisition information is Compared with the case where all the information of the two-dimensional code obtained at the time of encoding is transmitted, the amount of information at the time of transmission of the re-encoded acquired information is reduced and the processing load can be reduced.

It is explanatory drawing which shows roughly the structure of the fraud detection system which concerns on 1st Embodiment. 4 is a flowchart illustrating a flow of reading processing in the mobile terminal according to the first embodiment. It is a flowchart which illustrates the flow of the collation process in the fraud detection apparatus which concerns on 1st Embodiment. FIG. 4A is an explanatory diagram illustrating a display example of the second display process, and FIG. 4B is an explanatory diagram illustrating a display example of the third display process. It is a flowchart which illustrates the flow of the reading process in the portable terminal which concerns on 2nd Embodiment. It is a flowchart which illustrates the flow of the collation process in the fraud detection apparatus which concerns on 2nd Embodiment. It is explanatory drawing for demonstrating the basic composition of the fraud detection code employ | adopted in 3rd Embodiment. FIG. 8A is an explanatory diagram showing a QR code generated based on the read information, and FIG. 8B shows a fraud detection code generated based on the QR code of FIG. It is explanatory drawing shown. It is a flowchart which illustrates the flow of the reading process in the portable terminal which concerns on 3rd Embodiment. It is a flowchart which shows the production | generation method of the fraud detection code which concerns on 4th Embodiment. It is explanatory drawing explaining embedding of authentication information. It is a flowchart which shows the flow of the information collation process for a detection in the fraud detection apparatus which concerns on 4th Embodiment.

[First Embodiment]
The fraud detection system according to the first embodiment of the present invention will be described below with reference to the drawings. FIG. 1 is an explanatory diagram schematically showing the configuration of a fraud detection system 10 according to the first embodiment.
The fraud detection system 10 shown in FIG. 1 includes a fraud detection device 30 for detecting fraud related to an information code based on information obtained by optically reading the information code displayed on the article by the mobile terminal 20. It is a system equipped.

  Here, the information code is a code configured by arranging a plurality of bright color patterns and dark color patterns according to information to be read, and includes a one-dimensional code such as a barcode, a QR code (registered trademark), It is configured by a two-dimensional code such as a data matrix code or a maxi code, or a partially private code described later. The case where the information code is illegal includes, for example, cases where the information obtained by reading the information code is incorrect information, or the article displaying the information code is not a genuine product.

  In this embodiment, the fraud detection code C is employed as the information code having a function of detecting fraud related to the information code. The fraud detection code C is configured such that the read information to be acquired in response to the reading of the information code and the detection information for detecting fraud related to the information code are coded separately and optically readable. Has been. In the present embodiment, the detection information is set as a numerical value unrelated to the reading information. The fraud detection code C configured in this way is displayed on an article R such as advertising paper or a packing box, as illustrated in FIG.

Next, the configuration of the mobile terminal 20 will be described.
For example, the mobile terminal 20 can perform a reading process by installing a fraud detection application program described later on a mobile phone having a camera function, and can optically read an information code including the fraud detection code C. It is a terminal comprised as a static information reader. The mobile terminal 20 includes a control unit 21 that can process image data captured based on pixel signals from the imaging unit 22 having a camera function, in addition to normal communication processing as a mobile phone.

  The control unit 21 is configured mainly with a microcomputer, has a CPU, a system bus, an input / output interface, and the like, and functions as an information processing apparatus together with the storage unit 23. The storage unit 23 is configured by a known semiconductor memory such as a ROM, a RAM, and a nonvolatile memory, and the storage unit 23 includes a predetermined program for realizing the above-described call function and communication function. The fraud detection application program is stored in advance. Accordingly, the mobile terminal 20 is configured as a device that reads an information code such as a one-dimensional code or a two-dimensional code included in the image data. The imaging unit 22 corresponds to an example of an “imaging unit” described in the claims.

  The mobile terminal 20 includes an operation unit 24, a display unit 25, and a communication unit 26. The operation unit 24 includes a plurality of keys and the like, and has a function of inputting information corresponding to the key operation to the control unit 21. The display unit 25 is composed of a liquid crystal display or the like, and is controlled by the control unit 21 and has a function of displaying and notifying predetermined information such as a result of reading an information code. The communication unit 26 is controlled by the control unit 21 and has a function of communicating with the fraud detection device 30 and the like via the network N such as the Internet. The display unit 25 corresponds to an example of “notification unit” described in the claims, and the communication unit 26 corresponds to an example of “reading-side communication unit” described in the claims.

Next, the configuration of the fraud detection device 30 will be described.
The fraud detection device 30 is a device that functions as a server that can communicate with one or a plurality of portable terminals 20 via the network N. The fraud detection device 30 mainly includes a storage unit 32 that stores a database 32a in which information for collating detection information obtained by reading the fraud detection code C is stored, and the network N and the like. A communication unit 33 that enables communication via the network, and a control unit 31 that performs overall control thereof.
The control unit 31 is configured mainly with a microcomputer, has a CPU, a system bus, an input / output interface, and the like, and functions as an information processing apparatus together with the storage unit 32. The control unit 31 may correspond to an example of a “collation unit” described in the claims.

  The storage unit 32 is configured by a known semiconductor memory such as a ROM, a RAM, and a nonvolatile memory. The storage unit 32 is used for executing a collation process to be described later in addition to the database 32a described above. Application programs are stored in advance. In the database 32a, various pieces of collation information are recorded in advance as information for collating the detection information. Here, for example, if the detection information is “12345”, the collation information for collating the detection information is also “12345”. In other words, in the present embodiment, all the detection information that may be obtained by reading the fraud detection code C is recorded as collation information in the database 32a.

  The communication unit 33 is controlled by the control unit 31 and has a function of communicating with one or more portable terminals 20 and the like via the network N. The communication unit 33 may correspond to an example of a “verification side communication unit” described in the claims.

  Next, in the fraud detection system 10 configured as described above, a reading process performed by the mobile terminal 20 and a collation process performed by the fraud detection apparatus 30 in order to detect fraud related to the information code are shown in FIG. 2 and FIG. FIG. 2 is a flowchart illustrating the flow of the reading process in the mobile terminal 20 according to the first embodiment. FIG. 3 is a flowchart illustrating the flow of the collation process in the fraud detection device 30 according to the first embodiment.

First, the reading process performed by the portable terminal 20 will be described in detail with reference to the flowchart shown in FIG.
When the user performs a predetermined key operation on the operation unit 24 to execute the fraud detection application program and performs an image capturing operation with the camera of the image capturing unit 22 facing the information code, the control unit 21 reads the image. Processing is started. When the reading process is started, first, the imaging process shown in step S101 of FIG. 2 is performed, and the information code is captured by the imaging unit 22.

  Next, the decoding process shown in step S103 is performed. In this process, based on the code image of the information code included in the captured image captured by the imaging process, the information code is decoded based on a known decoding method. The control unit 21 that performs the decoding process shown in step S103 may correspond to an example of “reading-side decoding unit” described in the claims.

  If this decoding is successful (Yes in S105) and the read information code is, for example, a normal two-dimensional code, and the read information does not include detection information, the determination process shown in step S107 is performed. No is determined. Then, the first display process shown in step S109 is performed, and the read information is displayed on the display unit 25 as a result of reading the information code. In the first display process, the reading result is displayed by the display unit 25, and the detection information is not read, so that it is not determined whether or not there is a fraud related to the information code. May be displayed. If decoding fails (No in S105), the processing from step S101 is performed again.

  On the other hand, since the fraud detection code C is imaged in the imaging process shown in step S101, when the reading information and the detection information described above are decoded in the decoding process shown in step S103 (in S105 and S107). Yes), the detection information transmission process shown in step S111 is performed. In this process, the detection information acquired by decoding is transmitted to the fraud detection device 30 via the communication unit 26.

  Then, in response to the transmission of the detection information, when the verification result information described later is received from the fraud detection device 30 (Yes in S113), the determination process shown in step S115 is performed, and the reading is performed based on the verification result information. A determination is made as to whether there is an irregularity regarding the information code. If it is determined that there is no injustice regarding the read information code based on the collation result information (No in S115), the second display process shown in step S117 is performed. In this process, the display unit 25 displays the read information as a result of reading the information code, and displays and notifies that the read information is safe information without fraud.

  On the other hand, if it is determined that there is a fraud related to the read information code based on the collation result information received from fraud detection device 30 (Yes in S115), a third display process shown in step S119 is performed. In this process, the display unit 25 displays the read information as a result of reading the information code, and displays and notifies that the read information is likely to be invalid information. The control unit 21 that performs the determination process shown in step S115 may correspond to an example of a “determination unit” recited in the claims.

Next, the collation process performed in the fraud detection apparatus 30 will be described in detail with reference to the flowchart shown in FIG.
When the verification process is started by the control unit 31 of the fraud detection device 30, the determination of No is repeated until the detection information is received from any one of the mobile terminals 20 as shown in step S201 of FIG. It is.

  When the detection information from the portable terminal 20 is received via the communication unit 33 (Yes in S201), the detection information matching process shown in step S203 is performed. In this process, it is verified whether the received detection information matches any verification information stored in the database 32a. Subsequently, collation result information transmission processing shown in step S205 is performed. In this process, information related to the verification result in the detection information verification process, for example, information indicating that there is matching verification information is transmitted to the mobile terminal 20 that has received the detection information as verification result information. The

  Here, as a specific example of the reading process and the collation process described above, the URL information “http: // www... A case where the fraud detection code C or the like configured by encoding “12345” is read will be described below with reference to FIG. FIG. 4A is an explanatory diagram illustrating a display example of the second display process, and FIG. 4B is an explanatory diagram illustrating a display example of the third display process.

  When the URL information and the detection information are decoded by capturing the fraud detection code C with the mobile terminal 20, only the detection information “12345” is transmitted to the fraud detection device 30. When this detection information is received by the fraud detection device 30, it is verified whether the detection information “12345” matches any of the verification information stored in the database 32a (S203). Since there is matching matching information “12345”, matching result information indicating that there is matching matching information is transmitted to the mobile terminal 20 that has transmitted the detection information (S205). When the collation result information is received by the mobile terminal 20 (Yes in S113), the received collation result information is information indicating that there is matching collation information, and therefore it is determined that there is no fraud with respect to the read information code. (No in S115). In this case, the second display process is performed, and as illustrated in FIG. 4A, URL information “http: // www... At the same time, the message “* The website of this URL information is a safe site” is displayed as an indication that the information is safe without fraud. Thereby, the user using the portable terminal 20 can easily recognize that the URL information read from the fraud detection code C is the URL information of a safe website simply by reading the fraud detection code C. Can do.

  On the other hand, an information code (hereinafter referred to as unauthorized information) created by coding URL information of malicious website (hereinafter referred to as unauthorized URL information) and information imitating detection information (hereinafter referred to as non-detected information). A case where the information code is captured by the mobile terminal 20 will be described below. Here, as the illegal URL information, for example, a part of “http: // www... //Www....DELTA..DELTA..DELTA. ".

  When the illegal URL information and the non-detection information are decoded by imaging the illegal information code with the portable terminal 20, the non-detection information is transmitted to the fraud detection device 30 as detection information. When the non-detection information is received by the fraud detection device 30, it is verified whether the non-detection information matches any of the verification information stored in the database 32a (S203). Since there is no matching information for matching, matching result information indicating that there is no matching matching information is transmitted to the mobile terminal 20 that has transmitted the non-detection information (S205). When the collation result information is received by the mobile terminal 20 (Yes in S113), the received collation result information is information indicating that there is no matching collation information, so it is determined that there is an injustice regarding the read information code. (Yes in S115). In this case, the third display process is performed, and as illustrated in FIG. 4B, the display unit 25 displays illegal URL information “http: // www... Is displayed, and as a display indicating that there is a high possibility that the information is invalid, a message “The website of this URL information may be an unauthorized site” is displayed. Thereby, even when the user who uses the mobile terminal 20 reads the illegal information code created by imitating the detection information, the illegal URL information read from the illegal information code may be the URL information of the illegal site. Can be easily recognized.

  As described above, in the fraud detection system 10 according to the present embodiment, when the mobile terminal 20 captures an image of an information code encoded so as to include the detection information, the detection information obtained at the time of decoding is acquired. Is transmitted to the fraud detection device 30. Then, the result of collating the detection information obtained from the information related to the received detection information with the collation information stored in the database 32a is transmitted to the portable terminal 20 as a collation result. When the portable terminal 20 determines whether or not there is a fraud related to the information code based on the collation result received from the fraud detection device 30, the determination result is notified by display on the display unit 25.

Thereby, the user who has read the information code using the mobile terminal 20 is notified of the determination result based on the collation result transmitted from the fraud detection device 30, so that whether or not there is a fraud regarding the read information code. Can be recognized. In particular, since the verification information is recorded in the database 32a of the fraud detection device 30, it is not necessary to store the verification information in the mobile terminal 20, and even if the mobile terminal 20 is stolen, the verification information may be lost. Since the user is not stolen, the confidentiality of the verification information such as the verification information database 32a and the authentication process can be enhanced.
Therefore, it is possible to detect fraud related to the information code while improving the confidentiality related to the verification information.

  In particular, the display unit 25 informs whether the read URL information is a safe website registered in the database as the determination result. It is possible to easily recognize whether or not the URL information is URL information of a safe website simply by reading the information code in which the information and the detection information are encoded.

[Second Embodiment]
Next, the fraud detection system according to the second embodiment will be described with reference to FIGS. FIG. 5 is a flowchart illustrating the flow of the reading process in the mobile terminal 20 according to the second embodiment. FIG. 6 is a flowchart illustrating the flow of collation processing in the fraud detection device 30 according to the second embodiment.

  In the second embodiment, the detection information is encrypted in order to further enhance the secrecy regarding the detection information and the like, and the reading process and the collation process described above are replaced with the flowcharts shown in FIGS. And the point which is calculating based on the flowchart shown in FIG. 6 differs mainly from the fraud detection system which concerns on the said 1st Embodiment. Therefore, substantially the same components as those in the fraud detection system of the first embodiment are denoted by the same reference numerals, and description thereof is omitted.

  In the present embodiment, as the fraud detection code C, a partially private code having a public area and a private area (an area where encrypted data encrypted with a predetermined encryption key is recorded) is adopted. ing. The fraud detection code C is configured by recording the reading information in a public area and recording the detection information in a non-public area. As a result, a reader that does not have a corresponding encryption key can prevent reading for the purpose of illegal acquisition of the detection information because the detection information cannot be read even if the read information can be read. Note that the information recorded in the private area is encrypted with a predetermined encryption key set in accordance with the read information or the like among a plurality of types of encryption keys prepared in advance.

  Further, in the present embodiment, unlike the first embodiment, the reading process performed by the mobile terminal 20 includes an encrypted portion (described later) of the sequence information generated in the process of decoding the fraud detection code C. Based on the collation result information transmitted to fraud detection device 30 and received from fraud detection device 30 in response to this transmission, it is determined whether there is any fraud regarding the read information code. For this reason, the storage unit 32 of the fraud detector 30 stores the above-described multiple types of encryption keys in advance. As a result, it is not necessary to store the encryption key in the mobile terminal 20, and it is possible to prevent the encryption key from being stolen even if the mobile terminal 20 is stolen.

Hereinafter, in the fraud detection system 10 according to the present embodiment, a reading process performed by the mobile terminal 20 and a matching process performed by the fraud detection apparatus 30 will be described with reference to FIGS. 5 and 6.
First, the reading process performed by the portable terminal 20 will be described in detail using the flowchart shown in FIG. In the following description, a case where a QR code configured as a QR code or a partially private code is read will be described as an example.

  Similar to the first embodiment, when the imaging process shown in step S101 of FIG. 5 is performed and the information code is captured by the imaging unit 22, the code position detection process shown in step S121 is performed. In this process, when an information code is included in the captured image captured by the imaging process, a code position occupied by the information code in the captured image is detected. For example, when the acquired captured image includes a QR code, a code position occupied by the QR code in the captured image is detected by extracting a QR code position detection pattern (finder pattern).

  When the code image of the information code included in the captured image is extracted by detecting the code position as described above, the binarization process shown in step S123 is performed. In this processing, the extracted code image is divided into a light level and a dark level based on a predetermined threshold value, and array information corresponding to the array state of each light color pattern and dark color pattern constituting the information code is generated. .

  If the binarization process is successful (Yes in S125), the model information extraction process shown in step S127 is performed, and the model number of the QR code is read out based on the sequence information based on the arrangement information. Subsequently, a mask removal process shown in step S129 is performed. In this process, the array information is changed so that the mask pattern specified from the model information or the like is removed, and the information is read from the array information.

  When the information code from which the mask pattern is removed in this way is configured as a partly private code, the sequence information is a part corresponding to information recorded in the public area (hereinafter referred to as a non-encrypted part). And a portion corresponding to information recorded in the non-public area (hereinafter referred to as an encrypted portion).

  As described above, when the array information is ready to be read, it is determined whether or not the array information includes an encrypted portion in the determination process shown in step S131. Here, if the read information code is partially different from the private code and does not include the encrypted part (No in S131), the data extraction process shown in step S133 is performed, and the mask pattern is removed. Processing for extracting predetermined information from the array information is performed. Note that the processing from the code position detection processing to the data extraction processing shown in step S121 corresponds to processing obtained by subdividing the decoding processing shown in step S103 described in the first embodiment.

  Then, when the decoding is successful and the information is read (Yes in S135), the first display process shown in step S109 is performed, and the read information displays the information code by the display unit 25 as in the first embodiment. Displayed as a result of reading. In the first display process, the result of reading is displayed by the display unit 25, and since the detection information is not read, it is not determined whether there is any fraud related to the information code. May be displayed. If decoding fails (No in S135), the processing from step S101 is performed again.

  On the other hand, if the read information code is a partly private code and includes an encrypted part (Yes in S131), an encrypted part information transmission process shown in step S137 is performed. In this process, information on the encrypted portion of the array information is transmitted to the fraud detection device 30 via the communication unit 26. Subsequently, unencrypted partial data extraction processing shown in step S139 is performed. In this process, based on the non-encrypted part of the sequence information, a process for extracting the information recorded in the public area of the partially private code is performed.

  Then, in response to the transmission of the encrypted partial information, verification result information described later is received from the fraud detection device 30 (Yes in S113), and based on this verification result information, it is determined that there is no fraud related to the read information code. If so (No in S115), the second display process shown in step S117 is performed. In this process, as in the first embodiment, the display unit 25 displays the read information as a result of reading the information code, and displays that the read information is safe information without fraud. (See FIG. 4A). On the other hand, if it is determined that there is an injustice regarding the read information code based on the collation result information (Yes in S115), a third display process shown in step S119 is performed. In this process, as in the first embodiment, the display unit 25 displays the read information as a result of reading the information code, and it is highly likely that the read information is incorrect information. Is displayed (see FIG. 4B).

Next, the collation process performed by the fraud detection device 30 will be described in detail with reference to the flowchart shown in FIG.
When the verification process is started by the control unit 31 of the fraud detection device 30 and the encrypted partial information from the mobile terminal 20 is received via the communication unit 33 (Yes in S201a in FIG. 6), the decryption process shown in step S202 is performed. The In this process, the detection information is decoded by decrypting the encrypted partial information using any one of the encryption keys stored in the storage unit 32. In addition, the encryption key used at the time of a decoding can be easily selected by including the information for specifying the encryption key required for a decoding in encryption part information. Moreover, the control part 31 which performs the decoding process shown to step S202 can correspond to an example of the "collation side decoding means" as described in a claim.

  When the detection information is decoded in this way, the detection information matching process shown in step S203 is performed, and the detection information is stored in any of the verification information stored in the database 32a as in the first embodiment. Match or match. Subsequently, collation result information transmission processing shown in step S205 is performed, and collation result information related to the collation result in the detection information collation processing is transmitted to the mobile terminal 20 that has received the detection information.

  As described above, in the fraud detection system 10 according to the present embodiment, the fraud detection code C is detected because the detection information is configured to be decrypted by any one of a plurality of encryption keys. Reading for the purpose of unauthorized acquisition of business information can be prevented. Thereby, the fraud regarding the information code can be detected while enhancing the secrecy regarding both the verification information and the detection information.

  In particular, the information related to the detection information transmitted to the fraud detection device 30 is information including a portion corresponding to the detection information in the arrangement information in the code image, and the information related to the detection information received by the fraud detection device 30. Is detected using the corresponding encryption key, and the detection information is acquired (S202).

  For this reason, since the collation result corresponding to the encrypted detection information can be obtained even in the portable terminal 20 that does not have the encryption key, it is not necessary to store the encryption key in the portable terminal 20, and the portable terminal 20 Even if 20 is stolen, even the encryption key can be prevented from being stolen. Thereby, the fraud regarding the information code can be detected while further improving the confidentiality regarding the detection information and the encryption key.

  In the present embodiment, not only the encrypted portion of the sequence information is decoded by the fraud detector 30 but also the information including the encrypted portion or the sequence including the non-encrypted portion of the sequence information. All of the information may be decoded by the fraud detection device 30. In this case, the mobile terminal 20 can detect fraud related to the information code by transmitting the decoding result decoded by the fraud detection device 30 to the mobile terminal 20 together with the collation result.

[Third Embodiment]
Next, the fraud detection system according to the third embodiment will be described with reference to FIGS. FIG. 7 is an explanatory diagram for explaining the basic configuration of the fraud detection code 100 employed in the third embodiment. FIG. 8A is an explanatory diagram showing a QR code Q generated based on the read information, and FIG. 8B is a fraud detection code generated based on the QR code of FIG. FIG. FIG. 9 is a flowchart illustrating the flow of a reading process in the mobile terminal 20 according to the third embodiment.

  In the third embodiment, the fraud detection code 100 with enhanced security is adopted in order to further increase the confidentiality of the detection information and the like, and the above-described reading process is replaced with the flowchart shown in FIG. The main difference from the fraud detection system according to the first embodiment is that arithmetic processing is performed based on the flowchart shown in FIG. Therefore, substantially the same components as those in the fraud detection system of the first embodiment are denoted by the same reference numerals, and description thereof is omitted.

  In the present embodiment, a fraud detection code 100 is employed instead of the fraud detection code C described above. The fraud detection code 100 is a QR code, and the read information is a white cell (light pattern). ) And black cells (dark pattern), and a correction area for expressing correction information for correcting errors by the arrangement state of white cells and black cells.

  Specifically, as shown in FIG. 7, the fraud detection code 100 includes three positioning symbols 104A, 104B, 104C, an information code recording area 106, a timing cell 108, a format code 109, and the like. The three positioning symbols 104A, 104B, and 104C are arranged at three vertices among the four vertices of the fraud detection code 100 having a rectangular shape. The timing cell 108 is arranged as a linear reference pattern in which white cells and black cells are alternately combined between the positioning symbols 104A, 104B, and 104C. The timing cell 108 is used as an index of each data cell position. The format code 109 is arranged in the vicinity of the positioning symbol 104A, and indicates version information defined in advance for the format of the information area recorded in the information code recording area 106.

  The version information in the QR code standard is composed of a combination of 1 to 40 versions and four error correction levels L, M, Q, and H (in order from L to H) for each version. . Versions 1 to 40 mainly correspond to the total number of symbols composed of 8 cells corresponding to 8 bits. Further, the error correction level (L, M, Q, H) corresponds to a high ratio of allowing unreadable symbols out of all symbols, that is, a high allowable defect rate. The allowable defect rate of each level is about 30% for error correction level, about 25% for error correction level Q, about 15% for error correction level M, and about 7% for error correction level L. In the present embodiment, a QR code of error correction level H is used in version 5 where the total number of symbols is 134, and the version information is represented as “5-H”. The present invention is not limited to this, and the version and error correction level of the QR code are arbitrary and may be any of versions 1 to 40. The error correction levels are L, M, Q, Any of H may be sufficient.

  The information code recording area 106 is composed of two types of cells (monochrome patterns are omitted) having different optical characteristics, and a code pair of an information area Cd and a corresponding RS (Reed-Solomon) area Ce is obtained. Contains. The information area Cd is obtained by encoding the read information, and the read information is expressed by a cell distribution pattern (cell pattern) included in the information area Cd. The RS area Ce is obtained by encoding correction information obtained by encoding the read information using RS (Reed-Solomon), and correction for correcting an error by a cell pattern included in the RS area Ce. It expresses business information.

  In the present embodiment, an example of encoding using an RS code is illustrated as one of optimal examples. However, the present invention is not limited to this, and encoding may be performed using another encoding method. For example, a BCH code or the like can be suitably applied to the present invention. Also, Golay codes, Hadamard codes, Reed-Muller codes, low-density parity check codes, Goppa codes, fire codes, convolutional codes, turbo codes, cyclic hamming and RS code concatenation codes, etc. are applicable to the present invention. is there.

  The information code recording area 106 is composed of a total of 134 symbols: 44 information symbols constituting the information area Cd and 90 RS symbols constituting the RS area Ce. The information code recording area 106 is divided into four blocks B1 to B4. Of these, two blocks B1 and B2 have a total of 33 pieces of 11 information symbols and 22 RS symbols corresponding thereto. The remaining two blocks B3 and B4 are composed of a total of 34 symbols including 11 information symbols and 23 RS symbols corresponding thereto.

Next, a characteristic configuration of the fraud detection code 100 will be described with reference to FIG.
The fraud detection code 100 binarizes the lightness and darkness of each cell constituting the first region of the information region Cd and the RS region Ce that does not affect the correction (number of cells below the allowable defect rate). When the value obtained by binarizing the brightness and darkness of each cell constituting the second area composed of the same number of cell areas in the area different from the first area is the first brightness value, the first brightness value is the first brightness value. The cell group in the region is formed by being replaced with a cell group composed of a white cell and a black cell corresponding to the exclusive OR of the first brightness value and the second brightness value.

Hereinafter, a specific method for generating the fraud detection code 100 will be described.
In the present embodiment, as shown in FIGS. 8A and 8B, the first region 111 is set in advance so as to include four cells among the cells constituting the RS region Ce. The second area 112 is set in advance so as to include the same number of cells in an area different from the one area 111. Then, based on the read information, a QR code Q is generated so as to include the information area Cd and the RS area Ce. In the QR code Q illustrated in FIG. 8A, the cell group of the first region 111 is arranged in the order of white cell, white cell, black cell, and black cell, and the cell group of the second region 112 is White cells, black cells, white cells, and black cells are arranged in this order.

  When the QR code Q is generated in this way, for the cell group in the first area 111 and the cell group in the second area 112, the white cell is binarized with “0” and the black cell with “1”, and the first A first brightness value obtained by binarizing the cell group in the region 111 and a second brightness value obtained by binarizing the cell group in the second region 112 are obtained. In the QR code Q illustrated in FIG. 8A, the first brightness value is “0011”, and the second brightness value is “0101”.

  Then, a cell group corresponding to the exclusive OR of the first brightness value and the second brightness value is obtained. In the QR code Q illustrated in FIG. 8A, since the exclusive OR of the first brightness value and the second brightness value is “0110”, the cell group corresponding to this exclusive OR is white. Cells, black cells, black cells, and white cells are arranged in this order. The fraud detection code 100 shown in FIG. 8B is generated by replacing the thus generated cell group with the cell group in the first region 111 in FIG. 8A. That is, the arrangement state of each cell of the QR code Q shown in FIG. 8A and the arrangement state of each cell of the fraud detection code 100 shown in FIG. 8B are all the same except for the cell group in the first area 111. It becomes an array state. Further, the exclusive OR of the first brightness value “0110” of the first area 111 of the fraud detection code 100 and the second brightness value “0101” of the second area 112 is the first OR of the QR code Q before replacement. It corresponds to the first brightness value “0011” of the region 111.

  In the present embodiment, the RS region Ce is a region that is difficult to analogize compared to the information region Cd in which the read information is encoded. Therefore, in order to improve security, the first region and the RS region Ce A second area is set.

  Next, using the fraud detection code 100 generated as described above, a reading process and a fraud detection device that are performed in the mobile terminal 20 in order to detect forgery of the fraud detection code 100 (fraud related to the information code). The matching process performed at 30 will be described with reference to FIGS. 9 and 3.

First, the reading process performed by the portable terminal 20 will be described in detail using the flowchart shown in FIG.
As in the first embodiment, when the imaging process shown in step S101 of FIG. 9 is performed and the fraud detection code 100 is captured by the imaging unit 22, the decoding process shown in step S103 is performed. In the fraud detection code 100, each cell group of the first area 111 is replaced as described above, but the first area 111 is an area composed of a number of cells equal to or less than an allowable defect rate that does not affect correction. Therefore, the decoding succeeds (Yes in S105), and the read information is acquired.

  Next, the re-encoding process shown in step S141 is performed. In this process, the read information acquired by the decoding is coded, and a QR code (hereinafter referred to as a regenerated code) is generated so as to include the information area Cd and the RS area Ce. Thus, when the fraud detection code 100 shown in FIG. 8B is captured, the QR code Q shown in FIG. 8A before the replacement of the fraud detection code 100 is re-coded and generated. The The control unit 21 that performs the re-encoding process shown in step S141 may correspond to an example of “re-encoding unit” recited in the claims.

  Subsequently, the determination process shown in step S143 is performed, and the arrangement state of each cell of the code image obtained at the time of decoding and the arrangement state of each cell of the regenerated code obtained at the time of recoding are determined. It is determined whether or not they match, that is, whether or not both codes match. When the fraud detection code 100 is imaged as described above, the arrangement state of the cell group in the first area 111 of the code image is different from the arrangement state of the cell group in the first area 111 of the regenerated code. In step S143, it is determined No. If the two codes match (Yes in S143), it is clear that the fraud detection code 100 has not been imaged, so that the processing from step S109 onward is performed assuming that a normal QR code or the like is being imaged. The

  If the two codes do not match (No in S143), the extraction process shown in step S145 is performed. In this process, binarized data of a predetermined area (hereinafter referred to as a determination area) including the first area 111 and the second area 112 is obtained from the binarized data of each cell obtained at the time of decoding. Extracted. Further, the binarized data of the determination area is extracted from the binarized data of each cell obtained at the time of the recoding. Information regarding the position of the determination area relative to the RS area Ce and information regarding the positions of the first area 111 and the second area 112 relative to the determination area are stored in advance in the database 32a of the fraud detection device 30 as collation position information. Has been.

  Next, the detection information transmission process shown in step S147 is performed. In this processing, the decoding time acquisition information consisting of the binarized data of the judgment area obtained at the time of decoding and the recoding time consisting of the binarized data of the judgment area obtained at the time of recoding The acquired information is transmitted as detection information to the fraud detection device 30 via the communication unit 26.

  Then, the verification result information is received from the fraud detection device 30 in response to the transmission of the detection information (Yes in S113), and if it is determined that there is no fraud related to the information code read based on the verification result information (S115). No), the display unit 25 displays the read information as a result of reading the information code, and displays and informs that the read information is safe information without fraud (S117). On the other hand, if it is determined that there is an injustice regarding the information code read based on the collation result information (Yes in S115), the display unit 25 displays the read information described above as a result of reading the information code. The fact that the read information is likely to be illegal information is displayed and notified (S119).

Next, the collation process performed in the fraud detection apparatus 30 will be described in detail with reference to the flowchart shown in FIG.
When the verification process is started by the control unit 31 of the fraud detection device 30 and the detection information from the mobile terminal 20 is received via the communication unit 33 (Yes in S201 in FIG. 3), the detection information verification shown in step S203 is performed. Processing is done. In this process, based on the collation position information stored in advance in the database 32a, the first brightness value and the second brightness value obtained at the time of decoding are extracted from the acquired information at the time of decoding, and at the time of recoding The first brightness value obtained at the time of recoding is extracted from the acquired information. Then, the exclusive OR of the first brightness value and the second brightness value obtained at the time of decoding matches with the first brightness value obtained at the time of recoding. As described above, since the exclusive OR of the first brightness value and the second brightness value of the fraud detection code 100 matches the first brightness value of the QR code Q before replacement, the fraud detection code 100 is read. This is because the exclusive OR of the first brightness value and the second brightness value obtained at the time of decoding matches the first brightness value obtained at the time of recoding.

  Here, since the fraud detection code 100 is read, the exclusive OR of the first brightness value and the second brightness value obtained at the time of decoding, and the first brightness and darkness obtained at the time of recoding. When the values match, information indicating that there is matching matching information is transmitted as matching result information to the mobile terminal 20 that has received the detection information (S205).

  On the other hand, when an illegally forged information code is being read, the exclusive OR of the first brightness value and the second brightness value obtained at the time of decoding and the information obtained at the time of recoding are obtained. Since the first brightness value does not match, information indicating that there is no matching information to be matched is transmitted as matching result information to the mobile terminal 20 that has received the detection information (S205).

  Note that when a normal QR code with dirt or the like is being read, it is determined No in step S143 and the detection information is transmitted to the fraud detection device 30, but is obtained at the time of decoding. Since the exclusive OR of the first light and dark values and the second light and dark values does not match the first light and dark values obtained at the time of recoding, information indicating that there is no matching information for matching is obtained. As result information, it will be transmitted with respect to the portable terminal 20 which received the said information for a detection.

  As described above, in the fraud detection system 10 according to the present embodiment, the fraud detection code 100 corresponds to the exclusive OR of the first brightness value in the first area 111 and the second brightness value in the second area 112. The QR code is formed by replacing the pattern group in the first region 111 with the pattern group to be performed. And in the portable terminal 20, the information at the time of decoding containing the binarized data of the 1st area | region 111 and the 2nd area | region 112 of the code image obtained at the time of decoding as information regarding the information for detection obtained at the time of decoding And the re-coding acquisition information including the binarized data of the first region 111 of the two-dimensional code obtained at the time of re-coding is transmitted to the fraud detector 30. And in the fraud detection apparatus 30, based on the positional information memorize | stored in the database 32a, the 1st brightness value of the 1st area | region 111 and the 2nd brightness value of the 2nd area | region 112 contained in the acquisition information at the time of decoding are exclusive. A result obtained by collating the logical sum with the first brightness value of the first area 111 included in the re-encoded information is transmitted as a collation result between the detection information and the collation information.

  As a result, since the pattern group in the first area 111 is not replaced when the fraud detection code 100 is forged, the exclusive OR of the two brightness values in the decoding time acquisition information and the recoding time acquisition information Therefore, by detecting this mismatch, it is possible to reliably detect fraud related to the fraud detection code 100.

  Furthermore, in the fraud detection code 100, only the pattern group of the first area 111 is replaced, and it is not necessary to make any changes to the information area Cd representing the read information. Therefore, the data amount of information represented by the QR code Can be prevented from being reduced.

  In particular, when the arrangement state of each pattern of the code image obtained at the time of decoding matches the arrangement state of each pattern of the QR code obtained at the time of re-encoding (Yes in S143), the first Since it is clear that a QR code or the like in which the pattern group in the area 111 is not replaced is read, in this case, it is determined that there is no fraud related to the information code without transmitting the information related to the detection information to the fraud detection device 30. do not do. Thereby, unnecessary transmission / reception with respect to the fraud detector 30 can be eliminated, and the processing load related to fraud detection can be reduced.

  The acquired information at the time of decoding can be the first brightness value and the second brightness value of the code image obtained at the time of decoding. Thereby, the information amount at the time of transmission of the acquisition information at the time of decoding is reduced, and the processing load can be reduced. On the other hand, in order to further improve security, the acquisition information at the time of decoding can be binarized data of all cells of the code image obtained at the time of decoding.

  Further, the acquisition information at the time of recoding can be the first brightness value of the two-dimensional code obtained at the time of recoding. Thereby, the information amount at the time of transmission of the re-encoding acquired information is reduced, and the processing load can be reduced. On the other hand, in order to further improve security, the re-encoding acquisition information can be binarized data of all cells of the two-dimensional code obtained at the time of re-encoding.

  In the present embodiment, the first region 111 and the second region are composed of four cells. However, the present invention is not limited to this. May be.

[Fourth Embodiment]
Next, the fraud detection system according to the fourth embodiment will be described with reference to FIGS. FIG. 10 is a flowchart showing a method for generating the fraud detection code 100a according to the fourth embodiment. 11A and 11B are explanatory diagrams for explaining the embedding of authentication information. FIG. 11A shows a state before embedding the bit string c′i, and FIG. 11B shows the state after embedding the bit string c′i. Shows the state. FIG. 12 is a flowchart showing a flow of detection information matching processing in the fraud detection device 30 according to the fourth embodiment.

  In the fourth embodiment, the fraud detection code 100a is adopted in place of the fraud detection code 100 in order to further increase the confidentiality of the detection information and the like, mainly in the fraud detection system according to the third embodiment. Different. Accordingly, components that are substantially the same as those of the fraud detection system of the third embodiment are denoted by the same reference numerals, and description thereof is omitted.

Hereinafter, in order to describe the characteristic configuration of the fraud detection code 100a, a specific method for generating the fraud detection code 100a will be described in detail with reference to FIGS.
First, based on the read information, a QR code is generated so as to include the information area Cd and the RS area Ce, and 11 information symbols are generated from each block B1 to B4 of the information code recording area 106 in the generated QR code. And an RS bit string consisting of 22 or 23 RS symbols are acquired (step S301 in FIG. 10). Then, 12 RS symbols are extracted from predetermined positions of the RS bit strings of the blocks B1 to B4 (step S303). Next, six predetermined symbols are selected from the extracted 12 RS symbols, and a bit string 192 (second correction bit string) having a bit length of 192 consisting of a total of 24 RS symbols in each block B1 to B4. Is acquired (step S305). Then, the bit string m is encrypted using elliptic curve cryptography (ECC) to obtain a bit string c (encrypted bit string) (step S307). Subsequently, the bit string c is divided into four according to the number of blocks to generate the bit string ci (i = 1 to 4) (step S309). Also, the remaining 6 symbols out of the 12 RS symbols extracted from each of the blocks B1 to B4, and a bit string l (= l1 + l2 + l3 + l4) having a bit length of 192 consisting of a total of 24 RS symbols in each of the blocks B1 to B4 (first (Correction bit string) is acquired, and exclusive OR of the bit string ci (i = 1 to 4) and the bit string li (i = 1 to 4) is calculated to generate the bit string c′i (i = 1 to 4). (Step S311). Then, as shown in FIG. 10A and FIG. 10B, the bit string c is embedded as authentication information by replacing the bit string li with the bit string c′i (step S313). Thereby, the fraud detection code 100a in which the authentication information is embedded is generated. The bit string li may correspond to an example of “first brightness value” described in the claims, and the bit string ci may correspond to an example of “second brightness value” described in the claims.

  In the present embodiment, as an optimal example, the bit string is encrypted using elliptic curve encryption, but the present invention is not limited to this, and the bit string is encrypted using another encryption method. May be. For example, an asymmetric cipher (public key cipher) such as RSA (Rivest-Shamir-Adleman) cipher or El Gamal cipher can be suitably applied to the present invention. Further, AES (Advanced Encryption Standard) encryption, DES (Data Encryption Standard) encryption, and the like are also applicable to the present invention. Elliptic curve cryptography is cryptographically strong because it depends on the mathematical difficulty of discrete logarithm problem (ECDLP) on the elliptic curve and there is no algorithm for efficiently solving ECDLP. Also, with elliptic curve cryptography, the RSA 1024-bit key length encryption strength can be realized with only 160 bits, and the processing time is short. For this reason, it is most preferable to encrypt using elliptic curve cryptography.

  Next, a verification process performed by the fraud detection device 30 to detect forgery of the fraud detection code 100a (fraud related to the information code) using the fraud detection code 100a generated as described above will be described. 3 and FIG. Note that the reading process performed by the mobile terminal 20 is basically the same process as in the third embodiment, except that the determination area is set to be an area including the information code recording area 106. Therefore, the description thereof is omitted.

  In the verification process performed by the fraud detection device 30, when the detection information from the mobile terminal 20 is received via the communication unit 33 (Yes in S201 in FIG. 3), the detection information verification process shown in step S203 is performed. Made. The detection information matching process in this embodiment will be described with reference to the flowchart shown in FIG. Information regarding the extraction position of the bit string li used when generating the fraud detection code 100a is stored in advance in the database 32a as collation information.

  First, among the binarized data of the received determination area, an information bit string composed of 11 information symbols and an RS bit string composed of 22 or 23 RS symbols are acquired from each of the blocks B1 to B4 (FIG. 12). Step S401). Next, by obtaining an exclusive OR of the binarized data at the time of decoding and the binarized data at the time of recoding, a bit string c ″ composed of 24 RS symbols is detected as an error. (Step S403). Subsequently, by calculating an exclusive OR of the bit string l extracted from the RS bit string based on the verification information and the bit string c ″ detected as an error, the bit string c ′ ″ embedded as the authentication information is calculated. Is acquired (step S405). Further, the bit string md is obtained by decrypting the bit string c ′ ″ using the decryption key corresponding to the encryption (step S407). Then, authentication is performed by determining whether or not the decrypted bit string md matches the bit string m included in the RS bit string (step S409). If the two match (Yes in S409), it is determined that there is matching matching information (Step S411). If both do not match (No in S409), there is no matching matching information. Is determined (step S413).

  When it is determined in the detection information matching process that there is matching matching information, information indicating that there is matching matching information is used as matching result information, and the portable terminal that has received the detection information 20 (S205 in FIG. 3). On the other hand, if it is determined that there is no matching verification information, information indicating that there is no matching verification information is transmitted as verification result information to the mobile terminal 20 that has received the detection information (S205). ).

  As described above, since the fraud detection code 100a according to the present embodiment embeds the encrypted bit string in the RS cell Ce as authentication information, the pattern group in the first area is exclusive of the first brightness value and the second brightness value. Forgery can be more effectively prevented and security can be further enhanced as compared with the fraud detection code 100 formed by replacing the pattern group corresponding to the logical OR.

In addition, this invention is not limited to said each embodiment, You may actualize as follows.
(1) In each of the above embodiments, the fraud detection code C is not limited to the detection information being set as a numerical value irrelevant to the read information, and the detection information corresponds to the read information based on a predetermined rule. May be set. Normally, even when the read information is tampered with in the information code generation process, it is very difficult to tamper with detection information in response to the tampering. Then, in the information code that has been tampered with illegally, the detection information that should be set based on the predetermined rule from the read information obtained at the time of decoding does not match the detection information that is also obtained at the time of decoding Therefore, it is possible to detect fraud related to the information code by notifying this mismatch.

  In this case, the determination process for determining whether or not the two pieces of detection information match can be performed during the reading process by the portable terminal 20 or during the matching process by the fraud detection device 30. . In particular, by performing the determination process during the verification process by the fraud detection device 30, it is not necessary to store information related to the predetermined rule in the mobile terminal 20, and even if the mobile terminal 20 is stolen, the predetermined process is performed. It is possible to prevent the information related to the rules from being stolen.

(2) The read information encoded together with the detection information is not limited to the URL information of the website, but may be information that may be tampered with illegally. Further, in order to easily determine whether or not the product is genuine, the fraud detection codes C, 100, and 100a are displayed on the genuine product, and the corresponding matching information is displayed in the database 32a of the fraud detection device 30. It can be stored in advance. Thereby, the article which read the information code based on the collation result transmitted from fraud detection device 30 by reading the information code attached to the article which wants to judge whether it is a regular article using portable terminal 20 It is possible to determine whether or not is a genuine product. In particular, the reading information read from the fraud detection code C and the detection information are illegally generated by using a serial number stamped on a genuine product and a numerical value set according to the serial number based on a predetermined rule. As long as the serial number that can be read from the information code does not match the serial number of the counterfeit product, the counterfeit product can be reliably identified. In other words, a counterfeit product using an information code can be detected as fraud related to the information code.

(3) In each of the embodiments described above, the mobile terminal 20 including a mobile phone in which the fraud detection application program is installed is adopted as an apparatus that captures the fraud detection code C, 100, 100a. An optical information reader capable of optically reading the information code may be employed.

(4) In the second display process described above, the fact that the read information is safe information without fraud is not limited to being displayed by the display unit 25, but that fact is notified by a warning light, a buzzer, a vibrator, or the like. Also good. In the third display process described above, the display unit 25 does not necessarily display that the read information is likely to be illegal information, but that fact is notified by a warning light, a buzzer, a vibrator, or the like. Also good. In this case, the warning light, the buzzer, the vibrator, and the like may correspond to an example of “notification means” described in the claims.

(5) The information transmitted from the fraud detection device 30 to the mobile terminal 20 is not limited to the verification result information, and may be determination result information regarding whether or not there is a fraud regarding the read information code. In this case, it is possible to eliminate the determination process as to whether or not there is an injustice related to the information code read based on the collation result information performed by the mobile terminal 20.

(6) The fraud detection code is not limited to being composed of white cells and black cells, but one or more colors (brightness) of optical characteristics that are recognized as “0” by a general-purpose two-dimensional code reader. Color) and one or more colors (dark colors) of optical characteristics recognized as “1” can be arbitrarily applied, for example, a two-dimensional code. It may be a two-dimensional code with a logo on which a visible logo mark is superimposed.

(7) The fraud detection code is not limited to being generated by replacing a part of the QR code, but other matrix type two-dimensional codes such as data matrix code, aztec code, code one, array tag, box It may be generated by replacing a part of a graphic code, maxi code, peri code, soft strip, CP code, Carla code, ultra code, and the like. Alternatively, the fraud detection code may be generated by replacing a part of a stack type two-dimensional code in which one-dimensional barcodes such as PDF417, code 49, code 16k, and coder block are vertically stacked.

10 ... Fraud detection system 20 ... Portable terminal (optical information reader)
21 ... Control unit (reading side decoding means, determination means)
22 ... Imaging unit (imaging means)
25. Display section (notification means)
26. Communication unit (reading side communication means)
30 ... Fraud detection device 31 ... Control unit (collation means, collation side decoding means)
32 ... Storage unit 32a ... Database 33 ... Communication unit (verification side communication means)
C, 100, 100a ... Fraud detection code (information code)
R ... Goods

Claims (9)

A fraud detection system including a fraud detection device for detecting fraud related to an information code based on information obtained by optically reading an information code displayed on an article by an optical information reading device,
The information code is configured such that predetermined information and detection information for detecting fraud related to the information code are optically readable and encoded.
The optical information reader is
Imaging means for imaging the information code;
Reading side decoding means for decoding the information code based on the code image of the information code included in the captured image captured by the imaging means;
Reading side communication means capable of communicating with the fraud detection device;
The information on the detection information obtained at the time of decoding is transmitted to the fraud detection device using the reading side communication means, and the information based on the collation result received from the fraud detection device in response to the transmission A determination means for determining whether or not there is a code-related fraud;
Notification means for notifying the determination result by the determination means,
The fraud detection device
Collating communication means capable of communicating with one or more optical information readers;
A database in which verification information for verification with the detection information is recorded;
A result obtained by collating the detection information obtained from the information related to the detection information received via the collation side communication unit and the collation information in the database is used as the collation result through the collation side communication unit. A fraud detection system comprising: a verification unit that transmits the information to the optical information reader.   2. The fraud detection system according to claim 1, wherein the information code is configured such that the detection information is encrypted with any one of a plurality of encryption keys so that the information can be decrypted. The information code is formed by arranging a plurality of bright color patterns and dark color patterns according to the predetermined information and the detection information,
The information relating to the detection information is information including a portion corresponding to the detection information in the arrangement information according to the arrangement state of the light color pattern and the dark color pattern in the code image,
The fraud detection device
Having the plurality of encryption keys;
The collation side decoding means which acquires the information for detection by decoding the information about the information for detection received via the collation side communication means using the corresponding encryption key. 2. The fraud detection system according to 2.   The fraud detection system according to any one of claims 1 to 3, wherein the information code is set according to the predetermined information based on a predetermined rule. The information code is
An information area for expressing the predetermined information by the arrangement state of the light color pattern and the dark color pattern; and a correction area for expressing correction information for correcting an error by the arrangement state of the light color pattern and the dark color pattern. A dimension code,
The two-dimensional code includes a first light / dark value obtained by binarizing the light and darkness of each pattern constituting the first region including the number of pattern regions that do not affect the correction among the information region and the correction region. When the value obtained by binarizing the brightness and darkness of each pattern constituting the second area composed of the same number of pattern areas in an area different from the first area is a second brightness value, the pattern group of the first area is It is formed by being replaced with a pattern group consisting of a bright color pattern and a dark color pattern corresponding to an exclusive OR of the first brightness value and the second brightness value,
The optical information reader is
Re-encoding means for re-encoding the predetermined information obtained by decoding the two-dimensional code so as to include the correction area;
The determination means includes a binarized data of the first area and the second area of the code image obtained at the time of decoding as information on the detection information obtained at the time of decoding. Transmitting the acquisition information and the re-encoding acquisition information including the binarized data of the first region of the two-dimensional code obtained at the time of the re-encoding to the fraud detector;
The fraud detection device
In the database, position information of the first area and the second area is recorded as information on the verification information,
The collation means excludes the first brightness value of the first area and the second brightness value of the second area included in the decoding-acquired information based on the position information stored in the database. A result of collating the logical OR with the first brightness value of the first area included in the re-encoded information is transmitted as a collation result between the detection information and the collation information. The fraud detection system according to any one of claims 1 to 4, characterized in that: The two-dimensional code includes a light color corresponding to an exclusive OR of a value obtained by encrypting one of the first brightness value and the second brightness value and the other value of the pattern group in the first area. It is formed by replacing with a pattern group consisting of a pattern and a dark pattern,
Based on the position information stored in the database, the collating means includes the first brightness value of the first area and the second brightness value of the second area included in the decoding-time acquisition information. The result of collating the exclusive OR of the value obtained by decrypting one of the encrypted values and the other value and the first brightness value of the first area included in the re-encoding acquired information The fraud detection system according to claim 5, wherein the fraud detection system is transmitted as a collation result between the detection information and the collation information.   In the case where the arrangement state of each pattern of the code image obtained at the time of decoding matches the arrangement state of each pattern of the two-dimensional code obtained at the time of re-encoding, the determination unit The fraud detection system according to claim 5 or 6, wherein information relating to the detection information is not transmitted to the fraud detection device.   The decoding-time acquisition information is binarized data of the first area and binarized data of the second area of the code image obtained at the time of decoding. The fraud detection system according to any one of the above.   The acquisition information at the time of recoding is binarized data of the first area of the two-dimensional code obtained at the time of recoding. The fraud detection system described in.

Images