JP6047205B2 - Service authentication system - Google Patents

Description

  The present invention relates to a service authentication system for services provided to store users at various stores and facilities including restaurants (hereinafter collectively referred to as “stores”).

  In stores such as restaurants, various services are provided to receive various benefits such as reduction of charges and addition of services in order to encourage users to use the stores. There is a coupon as an example of the service. Services offered by stores, including coupons, are typically printed and distributed on the street, coupon magazines, printed advertisements, website printed papers are presented to store clerks, or mobile terminals By displaying a predetermined screen on a display device (portable communication terminal such as a mobile phone, a smartphone, a PHS, and a netbook) and presenting it to the store clerk, the store user can enjoy the service. For example, in the case of a system using a coupon, the following patent document can be cited as an example.

JP 2003-208535 A JP 2004-326303 A

  The system according to the above-mentioned patent document or the prior art is beneficial in that the store user can easily enjoy profits by presenting paper or a portable terminal on which predetermined contents are printed and displayed when using the store. It is.

  However, in the case of a coupon that prints a screen on a website, at least a log indicating that a printing instruction has been made by the user remains on the server, but the coupon is distributed on the street and distributed freely by a coupon magazine. In the case of distribution of, authentication cannot be performed at all. In spite of these issues, in actual store management, the store clerk often confirms the use of the service by checking the paper and screen, and for the store, whether the service was actually used or not Confirmation depends on the goodwill of the clerk. Therefore, for example, if the store clerk registers that the service has been used by malicious intent, there may be sales by the store clerk.

  For example, assume that a certain store, for example, a restaurant, has issued a coupon with a 10% discount. When a user of the store pays 10,000 yen at a regular fee (a fee not using a coupon), 10,000 yen is recorded as the store sales. However, a malicious store clerk may perform processing by assuming that the user has paid using a coupon.

  In this case, 9000 yen (10% discount of 10,000 yen) is registered as sales of the store, while the clerk wears the remaining 1000 yen. As a store, it is entrusted to the store clerk to check whether or not the coupon is actually used, so there is no way to check it. In other words, in the case of a coupon printed on paper, it is usually easy to print the coupon, so the store clerk printed it in advance and presented it to the user, replacing it with the store record. Can end up. In the case of the coupon screen of the mobile terminal display device, if the store clerk claims that the user has shown the coupon screen of the mobile terminal display device, there is no way to confirm it.

  As one countermeasure against such a problem, there is a method in which an entry field for a user's address and name is provided at a predetermined location on paper, and the user is asked to enter it. However, due to increased awareness of personal information, it is not easy to have the information entered voluntarily, and it is not easy to force it from the store. For this reason, even if it is not filled in, there are many cases where it must be accepted from the viewpoint of the store user service. Also, even if you request entry, there is no guarantee that the real address and name will be written there, and there is a risk that the fictitious store clerk will fill in the fictitious address and name on the coupon printed by himself.

  As described above, in the case of using a conventional paper or a display device of a portable terminal, the goodwill of the store clerk is assumed. However, in reality, it is not that there are no malicious clerk, and for a store, the creation of paper and screens as confirmation for performing a service can be a double-edged sword. For this reason, there are also stores that are reluctant to provide such services.

  Therefore, a service authentication system that can confirm that the user has actually used the service is desired.

  The inventor has invented a service authentication system in view of the above-described problems.

1st invention is the service authentication system which can confirm that a user used the coupon in the store, Comprising: The application information of the coupon which the said user received from the user terminal which a user uses is received. From the service selection receiving unit stored in the authentication information storage unit and the R / W device installed in the store that can communicate with the user terminal or the user terminal when the user uses a coupon at the store An authentication processing unit that receives usage information and determines that the application information has been authenticated when application information including information that matches the usage information exists in the authentication information storage unit; for shop terminal, based on the authentication information storage unit, anda record reference unit to send the actual information for the use of the coupon, the line item, the user terminal And another to the user terminal identification information includes the store identification information for identifying the store provided by the coupon, the utilization information includes said user terminal identification information, and the store identification information The store terminal is a service authentication system that further extracts information that does not have an authenticated flag from the performance information in the store acquired from the service authentication system.

The second invention is a service authentication system capable of confirming that a user has used a coupon at a store, accepting application information for the coupon selected by the user from a user terminal used by the user, While generating PID which is the information which identifies the said user or application, the said application information matched with the information which specifies the said PID is memorize | stored in an authentication information storage part, and the output data containing the said PID are the said A service selection receiving unit to be sent to the user terminal, and an input of the PID displayed on the paper output based on the output data is received from the store terminal used by the store, and the authentication is performed based on the received PID. It is determined whether or not the corresponding application information can be specified in the information storage unit. If the application information can be specified, the application information is authenticated. Constant and has an authentication processing section to be stored in the authentication information storage unit, with respect to the store terminal, based on the authentication information storage unit, and a record reference unit to send the actual information for the use of the coupon, the The store terminal further extracts information that does not have an authenticated flag from the record information in the store acquired from the service authentication system.

  By configuring as in these inventions, when the user enjoys the service by presenting the screen displayed on the display device of the user terminal to the clerk, the paper showing that the service can be presented to the clerk When the service is enjoyed, the record that the user actually used the service remains. Therefore, based on the result information, the store side can confirm whether there is an unauthorized use of the service by the store clerk.

  In the above-mentioned invention, the store terminal further compares the performance information in the store acquired from the service authentication system with the sales information in the store, and uses authentication information without corresponding sales information, or use of a coupon It can be configured as a service authentication system that extracts sales information that has registered information but does not have authentication information corresponding to the sales information.

  When the store side determines whether or not the service is illegally used, it can be automatically determined by performing the above-described process at the store terminal.

  With this configuration, authentication can be performed for each service selected by the user using the user terminal.

  With the service authentication system of the present invention, the store side can confirm that the user actually applied for use before visiting the store and the user actually received the service after visiting the store. Can be prevented from being illegally used.

It is a figure which shows typically an example of the system configuration | structure of the service authentication system of Example 1. FIG. It is a figure which shows an example of the hardware constitutions of a server typically. 3 is a flowchart schematically illustrating an example of processing according to the first exemplary embodiment. It is a figure which shows an example of a service information storage part typically. It is a figure which shows an example of an authentication information storage part typically. It is a figure which shows typically an example of the authentication information memory | storage part at the time of applying for service utilization. It is a figure which shows typically an example of the system configuration | structure of the service authentication system of Example 2. FIG. It is a figure which shows typically an example of the paper on which PID was displayed. 10 is a flowchart schematically illustrating an example of processing according to the second embodiment.

  There are mainly two aspects in the present invention. One is a case where the service is confirmed by a screen displayed on the display device of the portable terminal (Example 1), and the other is a case where the service is confirmed by printing on paper (Example 2). .

  In the server 2 in the present embodiment, the service is confirmed on the screen displayed on the display device of the mobile terminal. An example of the system configuration in this case is shown in FIG. In the service authentication system 1 of the present invention, information can be transmitted / received to / from a computer terminal, a portable terminal, an IC card (hereinafter referred to as “user terminal 3”) and a user terminal 3 that are used by the user. A R / W device 4, a server 2, and a store terminal 5 that is a computer terminal used by the store.

  The server 2 includes an arithmetic device 70 such as a CPU that executes arithmetic processing of a program, a storage device 71 such as a RAM and a hard disk for storing information, a display device 72 such as a display (screen), a keyboard and a pointing device (mouse). And an input device 73 such as a numeric keypad and the like, and a communication device 74 that transmits and receives processing results of the arithmetic device 70 and information stored in the storage device 71 via a network such as the Internet or a LAN. Each function (each unit) realized on the computer is executed when a unit (program, module, etc.) for executing the process is read into the arithmetic unit 70. When the information stored in the storage device 71 is used in the processing, each function reads the corresponding information from the storage device 71 and uses the read information for processing in the arithmetic device 70 as appropriate. FIG. 2 schematically shows an example of the hardware configuration of the server 2. Further, the processing in the server 2 may have its functions distributed to a plurality of servers 2.

  Each means in the present invention is only logically distinguished in function, and may be physically or practically the same area.

  The user terminal 3 is a computer terminal, a portable terminal, or an IC card used by the user, and can send and receive information with or without contact with the R / W device 4 described later. In the user terminal 3, UDID (user terminal identification information) that can identify the user terminal is stored in the storage device of the user terminal 3. Therefore, in the present invention, the server 2 is not intended to identify the user individually, but merely to identify the terminal used by the user. Of course, although not shown, in the case of a configuration in which a member information storage device or the like storing user member information is connected to the server 2, the member and the device are associated by associating the UDID and the member information in advance. As a result, the user who uses the service may be uniquely identified.

  The R / W device 4 is a device that can communicate with the user terminal 3 by contact or non-contact, and can identify the store or the R / W device 4 (hereinafter collectively referred to as “RID” (store identification). Information) is stored. There are various communication methods for communication between the R / W device 4 and the user terminal 3. For example, RFID such as NFC (Near Field Communication) is used as an example. However, the present invention is not limited to this. The R / W device 4 can be either a device that can communicate over a network such as the Internet or a device that cannot communicate over a network.

  In the case of the R / W device 4 capable of communication on the network, the UDID stored in a predetermined storage device of the user terminal 3 is read, and the read UDID and RID are transmitted to the server 2 as usage information. Note that the R / W device 4 capable of communication on the network here has a built-in communication function in the R / W device 4 itself, and can communicate on the network connected to the R / W device 4. This includes the case of a possible device (for example, a POS cash register or a computer terminal).

  In the case of the R / W device 4 that cannot communicate on the network, the RID stored in the R / W device 4 is sent to the user terminal 3, and the UDID and RID are used as usage information from the user terminal 3 to the server 2. Send. In this case, the R / W device 4 also sends information about the server 2 as an access destination to the user terminal 3 together with the RID, and the user terminal 3 sends usage information to the server 2 based on the information.

  The server 2 includes a service registration reception unit 20, a service information storage unit 21, a service selection reception unit 22, an authentication information storage unit 23, an authentication processing unit 24, and a result inquiry unit 25.

  The service registration accepting unit 20 accepts information about a service (for example, a coupon, the same applies hereinafter) provided by the store to the store user from the store terminal 5. For example, information on coupons is one example, but the information is not limited thereto.

  The service information storage unit 21 stores information related to services provided by each store. Information relating to the service includes RID for identifying the store, SID (service identification information) for identifying the service, contents of each service, for example, information on the contents of the coupon such as 20% discount every Monday if the service is a coupon, etc. Are stored in association with each other. FIG. 4 schematically shows an example of the service information storage unit 21.

  The service selection receiving unit 22 receives application information indicating selection of a service of a store that the user desires to use from the user terminal 3 used by the store user, and stores the application information in an authentication information storage unit 23 described later. Let Specifically, RID, SID, and UDID are applied from the user terminal 3 to the server 2 by selecting the service that the user desires to use from the information related to the service acquired by the user at the user terminal 3. The information is sent and stored in the authentication information storage unit 23.

  For example, there is a method of accessing information about the service at the user terminal 3 by accessing the website of the server 2 from the user terminal 3 and selecting a coupon to be used from the information about the service stored in the service information storage unit 21. Alternatively, in the user terminal 3, application software related to a service such as a coupon is acquired, the application software is activated, and from the information related to the service stored in the service information storage unit 21, a store that the user desires to use, There is also a method of selecting a coupon for each service.

  The authentication information storage unit 23 stores authentication information. The authentication information includes RID, SID, application date / time, UDID at the time of application, UDID at the time of authentication, an authenticated flag, information on the authentication date / time, and the like. The authentication information is associated with an identifier (GID) for uniquely identifying itself. Therefore, application information and usage information are included in the authentication information. FIG. 5 schematically shows an example of the authentication information storage unit 23.

  When the store user actually receives the service, the authentication processing unit 24 holds the user terminal 3 over the R / W device 4 to obtain the RID and UDID from the user terminal 3 or the R / W device 4. The included usage information is received and stored in the authentication information storage unit 23. When the application information including the RID and the UDID at the time of application, which is the same as the RID and UDID in the usage information, is stored in the authentication information storage unit 23, a flag is set as authenticated and the date and time information of the authentication is authenticated. The information is stored in the information storage unit 23. Further, when application information having the same RID and UDID in the usage information is not stored in the authentication information storage unit 23, the authenticated flag is not set.

  The result inquiry unit 25 sends information on the results of services used within a predetermined period at the store to the store terminal 5 periodically or in response to a request from the store terminal 5. Specifically, an input of a period is received from the store terminal 5, and a part or all of the authentication information stored in the authentication information storage unit 23 having the RID of the store within the period is extracted and stored in the store terminal 5. send. If it is normally used, the authenticated flag and the authentication date and time are stored in the authentication information. If it is not used normally, the authenticated flag and the authentication date and time are not stored. The authentication information acquired from the server 2 is compared with the sales information managed in the store, and the authentication information acquired from the server 2 is used in spite of the use of the service stored in the store. If there is no corresponding item, the store can suspect fraud.

  Next, an example of processing in the present embodiment will be described with reference to the flowchart of FIG.

  First, a store that desires to provide a service by using the service authentication system 1 of the present invention performs a predetermined operation on the store terminal 5 to input information related to a service such as a coupon, and stores it in the server 2. send. The service registration receiving unit 20 of the server 2 receives information about the service and stores it in the service information storage unit 21 (S100).

  At this time, the SID may be automatically assigned when information related to the service is newly stored in the service information storage unit 21, or may be arbitrarily input by the store user. The RID may be information used by the store when logging in to input information about the service.

  The user accesses the server 2 by performing a predetermined operation from the user terminal 3, and selects a service that the user desires to use (S110). By this selection process, the RID of the store where the user wants to use the service, the SID for identifying the service, and the UDID for identifying the user terminal 3 are sent from the user terminal 3 to the server 2. The service selection receiving unit 22 receives RID, SID, and UDID as application information from the user terminal 3 and stores them in the authentication information storage unit 23. FIG. 6 schematically shows the authentication information storage unit 23 in this state. Note that the application date and time may be stored at the authentication information storage unit 23 or may be selected by the user. Further, GID can be arbitrarily given.

  By doing as described above, the user can register the use of the service of the store. When the user visits the store, the user terminal 3 is held over the R / W device 4 installed at a predetermined location of the store (S120). As a result, the RID and UDID are sent as usage information from the R / W device 4 or the user terminal 3 to the server 2 and received by the authentication processing unit 24.

  When the authentication processing unit 24 receives the RID and UDID of the usage information, the authentication processing unit 24 applies the application information associated with the GID for which the authenticated flag has not been raised among the information stored in the authentication information storage unit 23. It is determined whether there is application information including the same RID and UDID (UDID at the time of application). If there is, the UDID at the time of authentication (UDID of the usage information received from the R / W device 4 or the user terminal 3) is written, the authentication flag is turned on, and the authentication process is executed by writing the authentication date and time. (S130). FIG. 5 schematically shows the authentication information storage unit 23 in this state.

  In addition, if there is no authentication information that includes the RID and UDID of the application information that is the same as the RID and UDID of the usage information, the service is not registered for use. You may transmit to the user terminal 3 or the shop terminal 5, and you may progress to the next step as it is.

  Then, in response to a predetermined timing (for example, one day, one week, one month, etc.) or a request from the store terminal 5, the result inquiry unit 25 stores part or all of the authentication information in a predetermined period as authentication information. Extracted from the unit 23 and sent to the store terminal 5 (S140). The store that has received this authentication information at the store terminal 5 compares the authentication information that does not have an authenticated flag with the sales information that is managed at the store. If there is no sales information corresponding to information for which an authenticated flag is not set, it is information that has been registered for use but has not actually used the service. Therefore, there is a possibility of fraud. In some cases, there may be sales information managed in the store even though the authentication information acquired from the server 2 does not exist. Even in this case, there is a possibility of fraud on the store side.

  Thus, by comparing the authentication information acquired from the server 2 with the sales information managed at the store (preferably, the correspondence is specified based on the authentication date and the sales date based on the key), fraud prevention, or It is possible to confirm fraud. This comparison may be performed automatically. That is, sales information for a period corresponding to the period of authentication information acquired from the server 2 is acquired from a terminal that manages sales information (for example, a POS terminal), and the authentication information and sales information are matched based on the date and time information. Then, authentication information for which there is no corresponding sales information is extracted / displayed, or sales information with service usage registration (for example, discount by coupon), and sales information for which there is no corresponding authentication information is extracted and displayed. Can be processed automatically. Further, when matching, even if the date and time information does not completely match, it can be determined that the date and time information is matched within a predetermined range (such as within 30 minutes).

  In the server 2 in this embodiment, the service is confirmed by paper. An example of the system configuration in this case is shown in FIG. The service authentication system 1 of the present invention includes a server 2 and a store terminal 5 that is a computer terminal used by the store. The store terminal 5 is the same as that in the first embodiment.

  The server 2 in this embodiment includes a service registration reception unit 20, a service information storage unit 21, a service selection reception unit 22, an authentication information storage unit 23, an authentication processing unit 24, and a result inquiry unit 25. The service registration receiving unit 20, the service information storage unit 21, the authentication information storage unit 23, and the result inquiry unit 25 are the same as those in the first embodiment. The user terminal 3 of the first embodiment is mainly a mobile terminal or an IC card, but the user terminal 3 of the present embodiment is mainly a computer terminal.

  In addition to the functions in the first embodiment, the service selection receiving unit 22 receives a service selection input from the user terminal 3 and then identifies the user or application to the user terminal 3 by a predetermined method. Is generated, issued, and output data including it is sent to the user terminal 3. The user terminal 3 receives the output data including the PID from the server 2 and prints it on paper. A PID is displayed on the printed paper. An example is shown in FIG. In order to generate the PID, it can be generated by any method using one or more of GID, RID, SID, and UDID. The PID may be the same as GID or UDID. That is, the PID may be generated by any method as long as it can identify the user or the application. An example of paper on which “1234567” is displayed as a PID is shown. In this embodiment, the case where the PID is generated based on the GID will be described. Moreover, although the above-mentioned PID is described by numbers, it may be a character, a symbol, or the like, or may be figured with a predetermined code such as a bar code or a two-dimensional code.

  The authentication processing unit 24 receives the input of the PID displayed on the paper printed with the PID that the user presented to the store clerk from the store terminal 5, converts the PID into GID based on the PID, and performs the authentication process. Run. For example, when an input of PID “1234567” is received from the store terminal 5, it is converted into GID “00001” by a predetermined method, and the UDID at the time of application corresponding to the UDID at the time of authentication corresponding to the GID in the authentication information storage unit 23. Is written, the authenticated flag is turned ON, and the date and time of authentication are written. As a result, authentication processing is performed. If there is no corresponding GID, an error notification is made or the process of the next step is executed as it is, as in the first embodiment.

  Next, an example of processing in the present embodiment will be described with reference to FIG. First, a store that desires to provide a service by using the service authentication system 1 of the present invention performs a predetermined operation on the store terminal 5 to input information related to a service such as a coupon, and stores it in the server 2. send. The service registration receiving unit 20 of the server 2 receives information about the service and stores it in the service information storage unit 21 (S200).

  The user accesses the server 2 by performing a predetermined operation from the user terminal 3, and selects a service that the user desires to use (S210). With this selection process, RID, SID, and UDID are sent as application information from the user terminal 3 to the server 2. The service selection receiving unit 22 receives RID, SID, and UDID as application information from the user terminal 3 and stores them in the authentication information storage unit 23. Application information of RID, SID, and UDID is stored in the authentication information storage unit 23 in association with the GID for identifying them. Further, the service selection receiving unit 22 generates a PID for identifying a user or an application based on the GID (S220), and sends output data including information regarding the generated PID and the content of the service to the user terminal 3, The user outputs it on paper (S230).

  By doing as described above, the user can register the use of the service of the store. When the user visits the store, the paper displayed with the PID output in S230 is presented to the store clerk (S240), and the service displayed on the paper (selected by the user in S210) is received. I can do it.

  On the other hand, the store clerk inputs the PID displayed on the paper presented in S240 from the store terminal 5 at a predetermined timing. When the PID is coded, it may be input using a reading device such as a barcode reader. With this input, the PID and RID are sent from the store terminal 5 to the server 2 and accepted by the authentication processing unit 24 of the server 2 (S250). Then, the PID is converted into GID by a predetermined method (reverse conversion when GID is converted to PID), and if the corresponding GID exists in the authentication information storage unit 23, the authentication corresponding to the GID in the authentication information storage unit 23 The UDID at the time is written based on the UDID at the time of application, the authentication flag is turned on, and the authentication date and time are written to execute the authentication process (S260).

  If the GID cannot be converted or if the corresponding GID does not exist in the authentication information storage unit 23, an error notification such as, for example, that the service has not been registered for use is sent to the user terminal 3 or the store terminal 5 May be transmitted, or may proceed to the next step as it is.

  The subsequent processing is the same as S140 in the first embodiment.

  By doing so, it is possible to execute authentication for the use of the service even in the case of a paper medium.

  The above-described service authentication system 1 allows the user to actually apply for use before visiting the store, and the store can confirm that the user has received the service after actually visiting the store. Can be prevented from being illegally used.

1: Service authentication system 2: Server 3: User terminal 4: R / W device 5: Store terminal 20: Service registration reception unit 21: Service information storage unit 22: Service selection reception unit 23: Authentication information storage unit 24: Authentication Processing unit 25: Record inquiry unit 70: Computing device 71: Storage device 72: Display device 73: Input device 74: Communication device

Claims (3)

It is a service authentication system that can confirm that a user has used a coupon at a store,
A service selection accepting unit that accepts application information of a coupon selected by the user from a user terminal used by the user and stores it in the authentication information storage unit;
When the user uses a coupon at a store, the user terminal receives information on usage from the user terminal or an R / W device installed in the store that can communicate with the user terminal, and matches the usage information. If the application information to be included is present in the authentication information storage unit, it is determined that the application information has been authenticated, and an authentication processing unit to be stored in the authentication information storage unit ;
For the store terminal, based on the authentication information storage unit, having a result inquiry unit that sends result information for the use of the coupon ,
The application information includes user terminal identification information for identifying the user terminal, and store identification information for identifying a store that provides the coupon,
The usage information includes the user terminal identification information and the store identification information ,
The store terminal further includes:
Of the performance information in the store acquired from the service authentication system, extract information that does not have an authenticated flag,
Service authentication system, wherein a call. It is a service authentication system that can confirm that a user has used a coupon at a store,
The application information of the coupon selected by the user is received from the user terminal used by the user, and a PID that is information for identifying the user or the application is generated and associated with the information for specifying the PID. A service selection receiving unit that stores the received application information in an authentication information storage unit and sends output data including the PID to the user terminal;
The input of the PID displayed on the paper output based on the output data is received from the store terminal used by the store, and the corresponding application information can be specified in the authentication information storage unit based on the received PID. Whether the application information can be identified, it is determined that the application information has been authenticated, an authentication processing unit to be stored in the authentication information storage unit ,
For the store terminal, based on the authentication information storage unit, having a result inquiry unit that sends result information for the use of the coupon,
The store terminal further includes:
Of the performance information in the store acquired from the service authentication system, extract information that does not have an authenticated flag,
Service authentication system, wherein a call. The store terminal further includes:
The sales information obtained from the service authentication system is compared with the sales information in the store and the corresponding sales information is authentication information or sales information with coupon usage registration. Extract sales information without corresponding authentication information,
The service authentication system according to claim 1 or 2 , characterized in that

Images