JP6899202B2 - E-commerce authentication system - Google Patents

Description

The present invention relates to an electronic commerce authentication system suitable for personal authentication of electronic commerce.

In order for both consumers and sellers to carry out commercial transactions safely in electronic transactions, it is necessary to authenticate their identity. The authentication system described in Patent Document 1 is known as a technique for personal authentication in such electronic transactions. This authentication system uses the consumer's electricity bill withdrawal account information to determine the identity of the person and the suitability of commercial transactions. This authentication system is characterized by increasing the certainty of personal authentication by using a utility charge withdrawal account, which is important in consumer life, and it is possible to predict the security of transactions by referring to the withdrawal history. Therefore, it is assumed that it is suitable for personal authentication and conformity judgment of electronic transactions.

Japanese Unexamined Patent Publication No. 2001-297286

However, the above-mentioned conventional authentication system can only handle a specific consumer. That is, when multiple family members, friends, etc. live in one residence, it is normal to withdraw utility charges from the account in the name of a specific person, and therefore other people use the authentication system. It becomes difficult to use. In particular, when friends live together, there is a problem that identity verification cannot be performed accurately. The present invention has been made to solve such a problem.

The electronic commerce authentication system according to the present invention is an identity verification material data acquisition means for acquiring the identity verification material of an applicant for electronic commerce and acquiring the information contained in the identity verification material as identity verification material data, and a communication business. Basic information data acquisition means for acquiring basic information about the applicant including the telephone number of the voice communication device that identifies the applicant and other unique information that is confidentially managed by the person as basic information data, and the identity verification material data and It is characterized by being provided with an identity verification means for selecting the same type of information that identifies the identity included in the basic information data, comparing them, and verifying the identity based on the match / mismatch.

The identity verification material is a material issued by a public institution such as a driver's license or a health insurance card. These materials issued by public institutions are highly reliable as identity verification materials. A telecommunications carrier is typically a telecommunications carrier that provides voice communication services such as mobile phones and smartphones. Since it is extremely likely that the owner of a mobile phone is always carrying it, and the act of lending it to another person or family is not normally considered, the identity of the person can be reliably identified by using the mobile phone or the like. And since the unique information such as the telephone number is linked to the mobile phone that the applicant always possesses, the name of the applicant and the unique information are strongly linked, and the contact information after the identity is confirmed. Can be used reliably as. In the identity verification means, the information contained in the identity verification material data and the basic information data are compared, but here, for example, the name, address, and date of birth are likely to be described in both data, and at least the name, address, and The date of birth will be compared, and whether or not the applicant is the person himself / herself will be determined based on the match / mismatch. As described above, in the authentication system according to the present invention, identity verification can be performed accurately.

Further, in the above invention, at least a result display means for displaying the identity verification result on the voice communication device specified by the unique information and a message including a personal identification number used for applying for electronic commerce on the voice communication device are used as the unique information. It is preferable to include a message transmitting means for transmitting based on the above.

In the result display means, the identity verification result is displayed on the voice communication device owned by the applicant. This identity verification result may include information on whether or not electronic commerce is possible, in addition to information on match / mismatch. As a result, the applicant can immediately know the possibility of conducting electronic commerce. In addition, since it is displayed on the voice communication device owned by the person himself / herself, the result is not known to others. Further, the personal identification number used in the electronic commerce is transmitted by the message transmission means by the message transmission means. Typically, the message is a so-called short message and is sent to a telephone number, which is unique information. That is, it is extremely likely that the PIN will be sent directly to the applicant by sending it to the telephone number, and as a result, only the applicant is likely to apply for electronic commerce using the PIN. It becomes. According to the present invention, it is possible to transmit a message including a personal identification number only to the applicant himself / herself and proceed with electronic commerce using the personal identification number, so that highly reliable transactions can be realized.

The invention may further include a transaction history acquisition means that acquires the transaction history between the telecommunications carrier and the applicant and acquires the information included in the transaction history as data.

Since voice communication equipment is indispensable as a means of communication with the outside in modern times, most voice communication equipment owners strive to maintain contracts with carriers. Therefore, by checking the transaction history with the telecommunications carrier, the past payment status can be accurately known. In particular, when conducting continuous electronic commerce, such information becomes important information in deciding whether or not electronic commerce is possible. In addition, if the transaction history can be obtained from the applicant-only page provided by the telecommunications carrier, it is not necessary to provide the bank account information containing extra information to the operator, so it is easy for the applicant as well. This authentication system can be used.

Further, in the above invention, a falsification prevention means for adding information for falsification prevention to the identity verification material data and the basic information data may be further provided. According to this, it is possible to prevent fraudulent electronic commerce applications in advance.

It is a block diagram which shows the authentication system which concerns on embodiment of this invention. It is explanatory drawing which shows the operation of the authentication system shown in FIG. It is explanatory drawing which shows the screen example of the authentication system shown in FIG. It is explanatory drawing which shows the screen example of the authentication system shown in FIG. It is explanatory drawing which shows the screen example of the authentication system shown in FIG. It is explanatory drawing which shows the screen example of the authentication system shown in FIG. It is explanatory drawing which shows the screen example of the authentication system shown in FIG. It is a flowchart which shows the operation of the authentication system shown in FIG. It is explanatory drawing which shows another screen example of the authentication system shown in FIG. It is a flowchart which shows the process of identity determination of identity verification material.

The present invention is an authentication system suitable for performing personal authentication in electronic commerce, and particularly for performing personal authentication using a mobile terminal. Suitable electronic commerce to which the present invention is applied are finance, buying and selling of high-priced goods, and the like. In addition, the following applicant means a person who applies for a contract by this electronic commerce, and means a person who owns a mobile terminal having a unique telephone number for voice communication. A business operator is a business operator that operates an authentication system for this electronic commerce. A telecommunications carrier is a telecommunications carrier that provides telecommunications services to an applicant using a mobile terminal owned by the applicant. In addition, the telecommunications carrier is a person who manages the personal information of the applicant.

FIG. 1 is a configuration diagram showing an authentication system according to an embodiment of the present invention. FIG. 2A is a hardware configuration diagram showing the entire authentication system, and FIG. 2B is an explanatory diagram showing a data flow. The authentication system 100 is composed of a server 101 provided by a business operator and a client 102 that can be connected to the server 101 via a network 104 and is configured on the applicant's mobile terminal (displayed in FIG. 2). Carrier servers are not included). The client 102 can access the server 103 of the telecommunications carrier via the network 104.

The authentication system 100 is the identity verification material data acquisition unit 1 that acquires the identity verification material of the applicant for electronic commerce and acquires the information contained in the identity verification material as data, and the telecommunications carrier manages confidentially. Identify the applicant The basic information data acquisition unit 2 that acquires basic information about the applicant including the telephone number of the voice communication device and other unique information as data, and the identity verification material data and the person included in the basic information data. The same type of information is selected, compared, and the identity verification unit 3 that confirms the identity based on the match / mismatch, and at least the result display that displays the identity verification result on the voice communication device specified by the unique information. Acquires the transaction history between the telecommunications carrier and the applicant, the unit 4 and the message transmission unit 5 that transmits a message including a password used for applying for an electronic commerce to the voice communication device based on the unique information. It is provided with a transaction history acquisition unit 6 for acquiring information included in the transaction history as data. Each of these parts consists of a combination of computer hardware and software. Further, the server may be composed of one computer or a plurality of computers connected by a network.

The client 102 is a mobile terminal having a voice call function and a shooting function such as a smartphone. The client 102 may be one computer owned by the applicant, or may be composed of a plurality of computers connected by a network.

3 to 7 are explanatory views showing a screen example of the authentication system shown in FIG. FIG. 8 is a flowchart showing the operation of the authentication system shown in FIG. A so-called smartphone capable of voice communication shall be used as the mobile terminal. The applicant downloads the application program from the server of the business operator to the mobile terminal and installs it on the mobile terminal. The client 102 is configured by the application program and the hardware and software of the mobile terminal. Further, the information from the server of the business operator may be displayed by the browser of the mobile terminal, and the information may be transmitted to the server.

When the applicant applies for a loan to a business operator, for example, first, as shown in FIG. 3A, the applicant launches the business operator's application installed on the mobile terminal (step S1). By installing the application on the mobile terminal, the client 102 of the authentication system 100 is configured, and the authentication system 100 is configured by the client 102 and the server 101 of the business operator. First, the applicant presses the application button 51 in order to proceed to the loan application.

Subsequently, as shown in FIG. 3B, the applicant photographs the identity verification material using the photographing function of the identity verification material data acquisition unit 1 (step S2). Specifically, the camera of the mobile terminal is pointed at the identity verification document 53 placed on the desk, and the shooting button 52 is pressed. When it can be confirmed on the screen 54 that the image of the identity verification document 53 has been clearly captured, it is saved by pressing the save button 55 (step S2).

When the save button 55 is pressed, as shown in FIG. 3C, the identity verification material 53 is displayed on the screen 54 as an image file 56. The identity verification document 53 is preferably a property issued by a public institution such as a driver's license or health insurance card. After confirming that the image file 56 has been saved, click the "Next" button 57. It is preferable to use the same identity verification material 53 submitted by the applicant to the telecommunications carrier. The use of the identity verification material 53 is stipulated by law so that the telecommunications carrier collects the properties issued by the public institution at the time of the contract. Therefore, the identity verification material 53 is extremely accurate identity verification information. Because it becomes.

In the next step, the basic information data acquisition unit 2 first selects a telecommunications carrier (step S3). As shown in FIG. 4A, a representative telecommunications carrier is displayed on the screen of the applicant's mobile terminal with the button 58. Each button 58 has a link added to the contract confirmation page of each telecommunications carrier and the page for reaching the contract confirmation page.

The applicant presses the button 58 of the telecommunications carrier with which he / she has a contract, and displays the page of the telecommunications carrier on the screen of the mobile terminal as shown in FIG. 4 (b) (step S4). In the example of the figure, the ID and password input fields 59 for entering the contract confirmation page of the telecommunications carrier are displayed. At this time, since the application is running on the mobile terminal, the shooting button 60 and the save button 61 are displayed at the upper part of the screen of the mobile terminal.

When the applicant inputs the ID and password in the input field 59 (step S5), the applicant's basic information 62 is displayed on the screen as shown in FIG. 4 (c). The basic information 62 refers to information such as the telephone number, contract period, name, address, and date of birth of the mobile terminal used by the applicant. As described above, this basic information 62 is created based on the identity verification material 53 issued by the public institution provided by the applicant to the telecommunications carrier, or is created after confirming the identity verification material 53. The information is highly credible as the information of the applicant himself / herself. The applicant saves the screen on which the basic information 62 is displayed by pressing the save button 61 (step S6). If the image cannot be saved, the screenshot function is used to take a picture by pressing the shooting button 60 at the top of the screen.

As a result, as shown in FIG. 5A, the image file 63 of the basic information 62 is generated together with the image file 56 of the identity verification material 53, and is displayed on the screen 64 of the mobile terminal. These image files 56 and 63 are transmitted to the server 101 of the business operator by the applicant pressing the send button 65 by the identity verification material data acquisition unit 1 and the basic information data acquisition unit 2 (step S7).

The identity verification material data acquisition unit 1 and the basic information data acquisition unit 2 acquire character data from the image files 56 and 63 transmitted from the applicant's mobile terminal by ORC processing (step S8). Specifically, information such as name, address, and date of birth is character-recognized from the identity verification material 53, and these are acquired as identity verification material data. In addition, the name, address, date of birth, telephone number, etc. are character-recognized from the basic information 62 of the applicant registered in the telecommunications carrier and acquired as basic information data. Then, the identity verification unit 3 compares the identity verification material data with the basic information data (step S9). For example, name, address, and date of birth shall be compared.

When the result of the comparison by the identity verification unit 3 (step S10), the name, the address, and other predetermined information match, the result display unit 4 transmits the result to the applicant's mobile terminal, and the screen of the applicant's mobile terminal. In addition, as shown in FIG. 5 (b), the display 66 of "match" is performed (step S11).

Here, when the type of the identity verification material is displayed on the contract confirmation page of the telecommunications carrier, the identity verification material submitted to the telecommunications carrier by the identity verification unit 10 at the time of the contract and the book. The identity of the type of the identity verification material 53 transmitted to the business operator by the authentication system 100 may be determined. It is stipulated that a telecommunications carrier must submit a public certificate at the time of contract from an applicant who receives a voice communication service. It is highly likely that the applicant is the person who owns or can be issued the official certificate, and what kind of material is submitted to the telecommunications carrier. It is the applicant himself who is aware of it. For example, in the case of a driver's license, it is the person who owns the license, and it is the applicant who recognizes that the material submitted to the telecommunications carrier is a license.

If the identity verification material submitted to the telecommunications carrier and the identity verification material 53 transmitted to the carrier by the authentication system 100 are the same, the title and display content of the material are the same. For example, if the identity verification material is a license, the characters "license", the license number, and the like should be the same. Therefore, the identity verification material identity determination unit 10 targets these for comparison. The identity verification material identity determination unit 10 compares the identity of the transmitted identity verification material 53.

FIG. 10 is a flowchart showing the process of determining the identity of the identity verification material. If the result of comparison by the identity verification material identity determination unit 10 (step S51) and the identity verification material 53 are the same, the result is transmitted to the applicant's mobile terminal (step S52), and the result is displayed on the screen of the applicant's mobile terminal. , As shown in FIG. 9A, the display 91 of “material match” is performed (step S53). If the identity verification materials 53 are not the same, the result is transmitted to the applicant's mobile terminal (step S54), and “material mismatch” is displayed on the screen of the applicant's mobile terminal as shown in FIG. 9 (b) 92. And display 93 requesting the change of the identity verification document 53 (step S55). The applicant confirms this content and either processes the application again from the beginning or cancels it.

Returning to FIG. 5B, when the applicant presses the “Next” button 67, the process proceeds to the credit process. If the credit process is omitted, the process proceeds from step S10 to step S16, which will be described later.

The transaction history acquisition unit 6 requests the payment status document 70 to confirm the monthly payment status to the telecommunications carrier as an arbitrary process (step S12). Specifically, as shown in FIG. 5D, a display 71 indicating that the applicant's mobile terminal is requested to send the payment status document 70 is displayed. The applicant causes the transaction history acquisition unit 6 to display the monthly transaction status page of the telecommunications carrier in order to acquire the payment status document 70, as shown in FIG. 5 (c). The image of this page is photographed by the photographing function of the transaction history acquisition unit 6. When the payment status document 70 is photographed by the photographing button 72 and the image is confirmed, the save button 73 is pressed to save the image (step S13). In the case of credit card payment, the monthly card withdrawal history of the card withdrawal account shall be displayed and photographed. You may take an image of Internet banking or a passbook of the transaction history of the withdrawal bank account.

Next, when the applicant saves the payment status material 70 by the transaction history acquisition unit 6, the image file 74 is generated and displayed on the screen of the mobile terminal as shown in FIG. 6A. By pressing the send button 75 for the image file 74, the transaction history acquisition unit 6 transmits the image file 74 to the server 101 of the business operator (step S14). The transaction history acquisition unit 6 recognizes the character information contained in the image file 74 by OCR processing and acquires it as payment status data (step S15). Then, the transaction history acquisition unit 6 determines whether or not there is a problem in payment based on the payment status data by a predetermined procedure (step S16). The determination result is transmitted to the mobile terminal of the applicant by the transaction history acquisition unit 6, and as shown in FIG. 6B, the display 76 of "contract is possible" is displayed on the screen (step S17). At the same time, the message transmission unit 5 transmits a short message to the applicant's mobile terminal (step S18). The short message includes information such as the telephone number of the business operator for applying for the contract and the one-time password given to the applicant. In order to read this short message, a mailer activation button 77 is provided on the screen of the mobile terminal.

The applicant activates the mailer by pressing the start button 77 of the mailer and displays a short message from the server 101. At this time, since the application of the business operator is running, the telephone button 78 and the save button 79 are displayed at the upper part of the screen of the mobile terminal. As shown in FIG. 6C, the short message includes information such as the telephone number of the business operator for applying for the contract and the one-time password given to the applicant. You can make a call automatically by pressing the telephone button 78 at the top of the screen to which the telephone number of the business operator is associated. Further, the applicant can save the short message information such as the one-time password by pressing the save button 79.

The applicant calls the telephone number of the business operator and tells the operator the password (step S19). This completes the identity verification and completes the contract application. The ID is the telephone number of the applicant. Further, the applicant may reply to the business operator by a short message (step S20). At this time, the ID and password are transmitted to the business operator. Short messages can be treated in the same way as telephone applications because they use a telephone line. It should be noted that the password may be invalidated after a certain period of time has passed since the short message was sent. In this case, the message transmitting unit 5 causes the mobile terminal of the applicant to display so that the business operator is called within a predetermined time. Furthermore, a new PIN may be issued in response to a request from the applicant and sent by short message.

In addition, when the applicant calls the business operator within the specified time and the mobile phone number is displayed to make a call, the number display confirms whether the provided phone numbers match. By doing so, the person may be surely authenticated. Since it is generally difficult to make a call by displaying another number technically, it is highly possible that the call is from the applicant himself / herself when the telephone number of the applicant himself / herself is displayed. high. In this case, the identity verification unit 3 acquires the information displayed on the number display, compares it with the telephone number related to the basic information of the applicant, and determines whether or not there is a match. If they match, the match is announced to the applicant, or a short message is sent to the applicant's mobile terminal via the message transmission unit 5. Then proceed to the electronic commerce contract as it is. On the other hand, if there is a discrepancy, a display is made so that the telephone number related to the basic information is used for calling.

In the case of non-notification, the identity verification unit 3 acquires the information to that effect on the number display, displays the telephone number, and announces to call. If you do not contact us within a certain period of time after sending the short message, it will be processed and terminated as if you could not withdraw your intention to apply or confirm your identity.

On the other hand, in the above, when the identity verification unit 3 determines that the identity verification material 53 and the basic information 62 do not match, as shown in FIG. 7A, the result display unit 4 is the mobile terminal of the applicant. Display 80 of "mismatch" is performed on the screen of (step S21). Further, a "detailed display" button 81 is displayed below the button 81, and when the applicant presses this button 81, as shown in FIG. 7B, a typical reason for the mismatch is displayed and the application is made. Notify the person (step S22). The applicant confirms this content and presses the redo button 82 to process the application again from the beginning or cancel the application.

As described above, in this authentication system 100, the telecommunications carrier uses the telephone number as the ID for voice communication and data communication, and legally strict identity verification is required to use this voice communication. To. Further, whether or not the telephone number is used for voice communication can be determined by whether or not the short message can be used. This is because the short message communicates using the voice communication band. With ordinary e-mail, it is not possible to confirm that the recipient is the applicant, so there is a high possibility of spoofing, but since short messages are sent to the telephone number, the recipient is the person. It is very likely that

Therefore, it is preferable to use the property issued by the public institution as the identity verification material 53 as the identity verification material 53, and particularly to use the same identity verification material submitted to the telecommunications carrier for the application for electronic commerce. Then, the basic information 62 of the applicant is indirectly acquired from the data held by the telecommunications carrier, and the identity is confirmed. As a result, accurate personal authentication can be performed. In addition, since it is extremely unlikely that the voice communication device will be shared by multiple people, the connection between the voice communication device and the person is certain, and each applicant will be able to use the environment of one voice communication device for each applicant. You will be able to authenticate yourself using this system. Furthermore, a short message is sent to a voice communication device that is highly likely to be possessed by the person himself / herself to a telephone number, and the password used for the application is included in the message. Since the PIN is sent to a voice communication device owned by an individual, it is extremely unlikely that a third party will obtain it. Therefore, there is a high possibility that the application will be made by the applicant himself / herself, and as a result, electronic commerce can be carried out safely.

The client 102 may be composed of a personal computer and a mobile phone having no or limited data communication function. At this time, the camera for image acquisition may be either a personal computer or a mobile phone.

In addition, this authentication system 100 is a business in which services are provided and funds are collected for a relatively long period of time, a business in which the contract obligation of the business operator is terminated but the debt of the applicant continues for a long period of time, or a business of these businesses. This is useful when you also need to identify the person associated with the applicant (eg, guarantor). Specifically, this includes the financial industry, credit card companies, installment sales companies, and rent guarantee companies.

(Embodiment 2)
The authentication system 100 may be provided with a falsification prevention unit. The image of the site that displays the basic information of the applicant owned by the telecommunications carrier and the image that is a screenshot of this image are digital data, and are more easily tampered with than the paper-based identity verification materials issued by public institutions. There is. Further, since the identity verification material itself is a paper medium, it is difficult to falsify it, but when this is acquired as image data, the possibility of falsification increases.

Therefore, the falsification prevention unit embeds predetermined information by steganography technology when shooting with the shooting function. The information to be embedded is, for example, the shooting date, time, and the initial file size. The falsification prevention department extracts the information embedded in the image data from the image data such as the identity verification material sent from the applicant's mobile terminal, compares it with the information given to the image data, and shows whether or not there is falsification. To judge. If the embedded shooting date and time and the last storage date and time given to the image data are different, it is judged that the image has been tampered with, and the improvement prevention department will carry the applicant's mobile phone. Display the terminal to indicate that the information is not appropriate. If the embedded shooting date and time and the last storage date and time given to the image data match, the procedure is proceeded as appropriate.

In addition, if a part of the digital watermark embedded at the time of shooting is missing, it can be determined that the watermark has been tampered with in the same manner. For the lack of a digital watermark, the information related to the digital watermark embedded by the applicant is extracted from the image data transmitted from the mobile terminal, and whether or not the digital watermark is complete is compared with the sample held by the falsification prevention unit. To judge. If there are any omissions or differences, it is determined that the image has been tampered with, and the improvement prevention department causes the applicant's mobile terminal to display that the information is not appropriate. If there are no omissions, proceed with the procedure as appropriate. In addition, the information to be embedded can be appropriately determined, and a plurality of patterns can be prepared and changed by the falsification prevention unit. The falsification determination process by the falsification prevention unit is performed after the transmission of the image data in steps S7 and S14. This makes it possible to prevent fraudulent electronic commerce.

100 Authentication system 1 Identity verification data acquisition unit 2 Basic information data acquisition unit 3 Identity verification unit 4 Result display unit 5 Message transmission unit 6 Transaction history acquisition unit

Claims (4)

Identity verification material data acquisition means that acquires the identity verification material of the applicant for electronic commerce as image data and acquires the information contained in the identity verification material from this image data as identity verification material data,
An image of a screen in which the applicant displays basic information about the applicant, including the telephone number of the voice communication device that identifies the applicant and other unique information, which is confidentially managed by the telecommunications carrier, on the telecommunications carrier's page. Basic information data acquisition means to acquire as basic information data from data,
Identity verification means that selects the same type of information that identifies the identity contained in the identity verification material data and basic information data, compares them, and confirms the identity based on the match / mismatch.
E-commerce authentication system with. At least, a result display means for displaying the identity verification result on the voice communication device specified by the unique information, and
A message transmitting means for transmitting a message including a personal identification number used for applying for an electronic commerce to the voice communication device based on the unique information.
The electronic commerce authentication system according to claim 1, wherein the electronic commerce authentication system comprises. Further, a transaction history acquisition means for acquiring the transaction history between the telecommunications carrier and the applicant and acquiring the information included in the transaction history as data.
The electronic commerce authentication system according to claim 1 or 2, wherein the electronic commerce authentication system comprises. Furthermore, a feature in that a tamper preventing means for applying the information for falsification preventing identification document image data and the applicant regarding the image data of the screen and the basic information is displayed on a page of the operators of The electronic commerce authentication system according to any one of claims 1 to 3.

Images