JP7266743B1 - Service providing device, service providing method, and program - Google Patents

Abstract

An object of the present invention is to maintain an effect of suppressing unauthorized use of a service while minimizing user's convenience. A service providing device for providing a service to a user via a terminal device of the user, the user applying for account creation when the user applies for account creation for the service. The phone number of the applicant's terminal device is acquired as essential registration information, and the SIM type corresponding to the acquired phone number is set for each of the plurality of phone numbers acquired in advance and stored in the storage unit. A service providing apparatus comprising an account creation management unit that searches for and acquires SIM type data associated with included information, and performs predetermined processing when the acquired SIM type is a data communication-only SIM. [Selection drawing] Fig. 4

Description

The present invention relates to a service providing device, a service providing method, and a program.

When you start using services such as electronic payment, an account may be created with your phone number as one of the registration information, and SMS (Short Message Service) authentication using your phone number may be performed as part of identity verification. (For example, Patent Document 1). SMS authentication refers to sending a short message using the phone number registered by the user to the user's terminal device, and having the user enter the authentication code described in the short message. It is to confirm that the user is actually using the terminal device on which the Subscriber Identity Module (or SIM card) is installed, and to indirectly verify the identity of the user.

JP 2013-62563 A

A phone number is issued in association with a SIM. There are two types of SIMs: voice call SIMs that allow voice calls through lines provided by communication carriers, and data communication-only SIMs that, in principle, do not allow voice calls. Note that even when a SIM dedicated to data communication is used, it may be possible to make a voice call using an application program (call application) provided by a company other than the communication carrier. Some SIMs dedicated to data communication can use SMS, and some do not. Since a contract for a SIM dedicated to data communication is generally cheaper than a SIM for voice communication, there is a certain level of need to use a SIM dedicated to data communication.

Since voice call SIM is subject to the Mobile Phone Improper Use Prevention Act, personal identification is required between the contractor and the communication carrier when the phone number is assigned. On the other hand, data communication-dedicated SIMs are not subject to the Act on Prevention of Unauthorized Use of Mobile Phones. Therefore, if the service is used with the phone number associated with the data communication SIM as registration information, the effectiveness of identity verification is reduced or lost, and the effect of suppressing unauthorized use of the service by verifying the phone number. may be reduced.

In addition, for some services, identity verification is performed by phone to confirm that the SIM used by the user is a voice call SIM, and the service cannot be used with the phone number associated with the data communication SIM. However, in this case, it is troublesome for the user to answer the phone. convenience may be lost.

The present invention has been made in consideration of such circumstances. And one of the purposes is to provide a program.

One aspect of the present invention is a service providing device that provides a service to a user via a terminal device of the user, wherein when the user applies to create an account for the service, the user who applied for creating the account is provided. For each of a plurality of phone numbers acquired in advance and stored in the storage unit, the phone number of the terminal device of the applicant who is the applicant is acquired as essential registration information, and the SIM type corresponding to the acquired phone number is stored in the storage unit. A service providing apparatus comprising an account creation management unit that searches for and acquires SIM type data associated with information including a SIM type, and performs predetermined processing when the acquired SIM type is a data communication-only SIM. .

ADVANTAGE OF THE INVENTION According to one aspect of the present invention, it is possible to maintain the effect of suppressing unauthorized use of a service while minimizing user's convenience.

1 is a diagram showing an example of a configuration for realizing an electronic payment service; FIG. 1 is a sequence diagram (1) illustrating a rough flow of electronic payment; FIG. FIG. 2 is a sequence diagram (part 2) exemplifying a rough flow of electronic payment; 1 is a configuration diagram of a settlement server 100 according to a first embodiment; FIG. 4 is a diagram showing an example of contents of user information 172. FIG. 4 is a diagram showing an example of contents of member store/store information 176. FIG. 4 is a flow chart showing an example of the flow of processing executed by an account creation management unit 154 of the first embodiment; FIG. 13 is a flow chart showing an example of the flow of processing executed by an account creation management unit 154A of the second embodiment; FIG. It is the figure which schematized the grade of the service provided to the user in 3rd Embodiment. FIG. 14 is a flow chart showing an example of the flow of processing executed by an account creation management unit 154B of the third embodiment; FIG.

Hereinafter, embodiments of a service providing apparatus, a service providing method, and a program control method of the present invention will be described with reference to the drawings. The services provided by the service providing device are network-related services provided via the user's terminal device, and include all services for which an account is opened with the user's telephone number as essential registration information. For example, the service is an electronic payment service provided in cooperation with an application program (payment application) installed on the user's terminal device. In the following description, it is assumed that the service providing device provides an electronic payment service, and the service providing device is called a payment server.

An electronic payment service is a service that supports payment related to purchase of goods and services at a store. The store is, for example, a physical store (actual store) that exists in the real space, but may also include a virtual store for electronic commerce. Virtual stores may include those provided by entities other than the operator of the electronic payment service. In that case, the screen is controlled to transition to the interface screen of the electronic payment service at the time of payment for shopping at the virtual store. In the electronic payment service, a store is treated as belonging to, for example, a member store (brand), and processing such as settlement when a purchase is made at the store is mainly performed between the user and the member store. Alternatively, processing such as settlement may be performed between the user and the store. The settlement server may provide not only services related to settlement, but also additional services (non-settlement services) such as remittance between users (P2P remittance) and chat.

<First embodiment>
[Electronic payment service]
FIG. 1 is a diagram showing an example of a configuration for realizing an electronic payment service. An electronic payment service is implemented centering on the payment server 100 . The settlement server 100 communicates with each of, for example, one or more user terminal devices 10, one or more first store terminal devices 50, one or more second store terminal devices 70, and the SIM type data providing server 200 via the network NW. to communicate. The network NW includes, for example, the Internet, a LAN (Local Area Network), wireless base stations, provider devices, and the like.

The user terminal device 10 is, for example, a portable terminal device such as a smart phone or a tablet terminal. The user terminal device 10 is a computer device having at least an optical reading function, a communication function, a display function, an input reception function, and a program execution function. In the following description, configurations for realizing these functions are respectively referred to as a camera, a communication device, a touch panel, a CPU (Central Processing Unit), and the like. In the user terminal device 10, the payment application 20 is executed by a processor such as a CPU, and operates in cooperation with the payment server 100 to provide electronic payment services to the user. The payment application 20 is installed in the user terminal device 10 from an application store, for example, and controls a camera, a communication device, a touch panel, and the like.

The first store terminal device 50 is installed, for example, in a store. The first store terminal device 50 is a computer device having at least a product price acquisition function, an optical reading function, a program execution function, and a communication function. The first store terminal device 50 includes a so-called POS (Point of Sale) device, and the POS device may realize the product price acquisition function and the optical reading function. The store code image 60 is placed in a store and is a code image such as a QR code (registered trademark) printed on a medium such as paper or plastic. Note that the store code image 60 may be displayed on a display placed in the store (a display of a terminal device such as a smart phone may be used).

The second store terminal device 70 is used by the member store operator. The second store terminal device 70 is a smart phone, a tablet terminal, a personal computer, or the like. A member store interface 72 operates on the second store terminal device 70 . The merchant interface 72 may be a merchant application or a browser. The member store interface 72 accepts coupon settings and the like from the member store operator and transmits them to the settlement server 100 . The second store terminal device 70, which is a smartphone, has a function of displaying a code image corresponding to the store code image and reading a code image displayed by the user terminal device 10 by executing an application for member stores. have.

The payment server 100 realizes electronic payment based on payment information received from the user terminal device 10 or the first store terminal device 50 . The first store terminal device 50 may include a POS device and a member store server. In this case, payment information is transmitted from the POS device to the payment server 100 via the member store server. In the following explanation, it is assumed that the payment information is transmitted from the first store terminal device 50 without distinguishing between them.

2 and 3 are sequence diagrams illustrating the general flow of electronic payment. There may be two types of electronic payment: pattern 1 and pattern 2.

In the case of pattern 1 (hereinafter referred to as user scan) shown in FIG. 2, the user terminal device 10 with the payment application 20 activated decodes the shop code image 60 by the optical reading function (S1). The store code image 60 includes store URL (Uniform Resource Locator) information. The store URL is a domain of the electronic payment service to which information that can identify the store is added, and is associated with the member store ID, the store ID, and the like in the settlement server 100 (described later). The payment application 20 transmits the first payment information including the store URL and the account ID to the payment server 100 (S2). The payment server 100 retrieves store information (described later) from the member store ID and store ID corresponding to the store URL, acquires the member store name and store name information (S3), and transmits them to the settlement application 20 (S4). . The user inputs the settlement amount into the user terminal device 10 on the screen displaying the member store name and store name (S5). Then, the user terminal device 10 generates second payment information including at least the payment amount, and transmits the second payment information to the payment server 100 (S6). The payment server 100 performs electronic payment based on the received second payment information (S7). The payment server 100 then transmits a payment completion notification (information for displaying a payment completion screen) to the payment application 20 (S8), and the payment application 20 displays the payment completion screen (S9). When the store code image 60 is displayed on a display placed in a store, the store code image 60 may include not only the store URL but also the payment amount information. In this case, the procedure for the user to input the settlement amount is omitted, and the information of the settlement amount is included in the first settlement information and transmitted to the settlement server 100 . Information on the name of the member store and the name of the store may be included and displayed on the payment completion screen.

In the case of pattern 2 (hereinafter referred to as store scan) shown in FIG. 3, when the payment application 20 is activated, when a payment operation is performed in the payment application 20, and when the automatic update timing (for example, every minute) comes. , and at other timings, the payment application 20 transmits a one-time code issuance request to the payment server 100 (S11). The payment server 100 generates a one-time code (S12) and transmits it to the payment application 20 (S13). The payment application 20 displays a code image such as a QR code or barcode generated based on the one-time code (S14). The user holds up (presents) the display surface of the user terminal device 10 to the first store terminal device 50, and the first store terminal device 50 decodes the code image by the optical reading function and acquires the one-time code and the like. (S15). The first store terminal device 50 then generates payment information including the one-time code, payment amount, member store ID, store ID, etc., and transmits the payment information to the payment server 100 (S16). The information on the payment amount is acquired in advance by reading a bar code, manually inputting it, or the like. The payment server 100 identifies the user corresponding to the one-time code based on the received information, and performs electronic payment (S17). The payment server 100 then transmits a payment completion notification to the payment application 20 (S18), and the payment application 20 displays a payment completion screen (S19).

It should be noted that electronic payment may be performed using only one of the above patterns. Also, the "account ID" described in FIG. 2 may be other information (such as a telephone number) that can be used as user identification information. Alternatively, the issuance of the one-time code may be omitted in the store scan, and the payment application 20 may display a code image generated based on the user's account ID. In that case, the settlement server 100 identifies the user corresponding to the account ID instead of identifying the user corresponding to the one-time code.

[Settlement server]
FIG. 4 is a configuration diagram of the settlement server 100 according to the first embodiment. The payment server 100 includes, for example, a communication unit 110, a payment content providing unit 120, a payment processing unit 130, a non-payment service processing unit 140, an information management unit 150, and a storage unit 170. Information management unit 150 includes SIM type data acquisition unit 152 and account creation management unit 154 . Components other than communication unit 110 and storage unit 170 are implemented by, for example, a hardware processor such as a CPU executing a program (software). Some or all of these components are hardware (circuit part; circuitry) or by cooperation of software and hardware. The program may be stored in advance in a storage device (a storage device with a non-transitory storage medium) such as a HDD (Hard Disk Drive) or flash memory, or may be stored in a removable storage such as a DVD or CD-ROM. It may be stored in a medium (non-transitory storage medium) and installed in the storage device by loading the storage medium into the drive device.

The storage unit 170 is an HDD, flash memory, RAM (Random Access Memory), or the like. The storage unit 170 may be a NAS (Network Attached Storage) device that can be accessed by the settlement server 100 via a network. The storage unit 170 stores information such as user information 172, payment content information 174, member store/store information 176, SIM type data 178, and the like.

The communication unit 110 is a communication interface for connecting to the network NW. The communication unit 110 is, for example, a network interface card.

The payment content providing unit 120 has, for example, a function of a web server, and provides the user terminal device 10 with information (contents) for displaying various screens of the electronic payment service. The payment content providing unit 120 appropriately reads necessary content from the payment content information 174 and provides it to the user terminal device 10 . The user terminal device 10 accepts various inputs from the user while the content is being reproduced by the payment application 20 , and transmits the above-described payment information and the like to the payment server 100 .

The payment processing unit 130 performs payment processing based on the payment information transmitted from the user terminal device 10 or the first store terminal device 50 . The payment processing unit 130 performs payment processing while referring to the user information 172 .

FIG. 5 is a diagram showing an example of the contents of the user information 172. As shown in FIG. The user information 172 is an example of user registration information. The user information 172 includes, for example, user URL, account ID, telephone number, password, email address, user ID, registration date, flag information indicating whether or not identity verification has been completed, identity verification result, Information such as SIM type, charge balance, deferred payment setting, deferred payment frame, deferred payment amount, deferred payment available amount, payment method setting, bank account, credit card number, charge history information, payment history information, etc. . The user URL is used for remittance processing (P2P remittance) between users. When registering for the electronic payment service, it is mandatory to register a phone number and password. The account ID is issued to the user by the settlement server 100, and the user ID is an ID that can be set arbitrarily by the user (does not need to be set). Likewise, the e-mail address is information that the user can arbitrarily set (does not need to set). The registration date is the date when the user registers for the electronic payment service (the date when the account is created). The result of identity verification will be described later. The SIM type is the type of SIM associated with the telephone number registered by the user. Hereinafter, a user instance (electronic settlement account) associated with these pieces of information will be referred to as an account.

The charge balance is information indicating the balance of electronic money set by the user transferring money to the account in advance. Methods of remittance include remittance from an ATM (Automatic Teller Machine) of a designated trader (bank), remittance from a registered bank account, and the like. The deferred payment setting is information indicating whether or not the setting for enabling electronic settlement by deferred payment has been completed, and is set to either "done" or "not completed". The deferred payment limit is the maximum amount of deferred payment that can be used each month, the amount of deferred payment is the amount of deferred payment that has already been used in the current month, and the available deferred payment amount is calculated by subtracting the amount of deferred payment from the deferred payment limit. , is the amount of deferred payment available in the current month. Although only one deferred payment frame is shown in the figure, there are actually more daily upper limits and the like, and the lower one of them may be set as the deferred payment frame. Further details of postpayment are provided below. The payment method setting is setting information indicating whether the user will make an electronic payment based on the charge balance at that point in time or make a payment by deferred payment. Each of the bank account and credit card number is information (account number, card number) of a bank account or credit card number that can deposit money into the electronic payment service. The charge history information is a history of the user's advance remittance to the electronic payment service to increase the charge balance. The payment history information is information indicating details of payments made by the user (date and time, shop ID of the shop where the purchase was made, payment amount, payment method, etc.) for each payment.

FIG. 6 is a diagram showing an example of the contents of the member store/store information 176. As shown in FIG. The member store/store information 176 includes, for example, a first table 176A in which store URLs are associated with member store IDs and store IDs, and member store names and sales proceeds (described above) are associated with member store IDs. and a third table 176C in which store IDs are associated with store IDs. The member store/store information 176 may include, in addition to this information, information such as the category of the member store or store, the location of the store, and the payment pattern.

The non-payment service processing unit 140 provides services other than electronic payment. For example, the non-settlement service processing unit 140 provides services such as P2P remittance and chat to the user via the settlement application 20 .

The information management unit 150 manages user information 172 and member store/store information 176 based on information acquired from the user terminal device 10 and the second store terminal device 70 . The information management unit 150 adds, edits, and deletes new records for the user information 172 and member store/store information 176 . Addition of a new record in the user information 172 is performed by the account creation management unit 154 . Functions of the SIM type data acquisition unit 152 and the account creation management unit 154 will be described later.

[Electronic payment]
When payment information is acquired from the user terminal device 10 or the first store terminal device 50, the payment processing unit 130 refers to the user information 172 and acquires the user's "settlement method setting." The payment processing unit 130 performs electronic payment as follows for a user whose "payment method setting" is set to "charge balance". The payment processing unit 130 performs electronic payment, for example, by decreasing the charge balance managed in association with the user ID and increasing the item value of the sales proceeds of the member store. For example, the item value of the sales proceeds of the member store is not used as electronic money per se, but the amount corresponding to the item value of the sales proceeds is calculated in a cycle according to the agreement between the member store and the electronic payment service. transferred to a bank account.

The payment processing unit 130 performs electronic payment as follows for a user whose "setting information" is set to "pay later". Deferred payment is set separately from "credit payment" in cooperation with a credit card company, which is a separate entity from the operator of the electronic payment service, and the operator of the electronic payment service is the creditor. , allows electronic payment independent of the charge balance within the deferred payment frame. In order to receive the deferred payment service, it may be necessary to obtain a credit card provided by the operator of the electronic payment service. The amount used for the deferred payment is collected for one month and settled on the next month's payment date, for example, by debiting from a bank account. In this case, the settlement processing unit 130 performs provisional settlement by adding the settlement amount to the deferred payment usage amount and subtracting the same amount from the deferred payment available amount. process to withdraw to If the settlement amount exceeds the postpaid available amount at the time of provisional settlement, an error notification is sent back to the settlement application 20 .

[Create Account]
Below, the processing when creating an account in the first embodiment will be described. The SIM type data acquisition unit 152 acquires the SIM type data 178 from the SIM type data providing server 200 at arbitrary timing and stores it in the storage unit 170 . SIM type data 178 is data in which information including a SIM type is associated with each of a plurality of telephone numbers. The SIM type data providing server 200 is a server device operated by an information provider that determines the SIM type based on, for example, line sound and provides information on telephone numbers. The SIM type data acquisition unit 152 may automatically acquire the SIM type data 178 in the form of an API (Application Programming Interface) or the like. The SIM type data 178 attached to the e-mail sent from the terminal device to the operator of the electronic payment service may be obtained. The SIM type data acquisition unit 152 acquires (updates) the SIM type data 178 at a frequency such as once a day or once a week.

When a user applies for service account creation, the account creation management unit 154 acquires the telephone number of the user terminal device 10 of the user who applied for account creation (hereinafter referred to as the applicant) as essential registration information. , the SIM type corresponding to the telephone number obtained by being input to the payment application 20 by the applicant is obtained by searching the SIM type data 178 . If the acquired SIM type is voice call SIM, the account creation management unit 154 creates an account for the applicant through SMS authentication. On the other hand, the account creation management unit 154 performs predetermined processing when the obtained SIM type is a data communication-only SIM.

The predetermined process in the first embodiment is a process of requesting the applicant for identity verification different from SMS authentication using the applicant's terminal device, and creating an account for the applicant through SMS authentication and identity verification. .

FIG. 7 is a flow chart showing an example of the flow of processing executed by the account creation management unit 154 of the first embodiment. It should be noted that part or all of the processing that is assumed to be performed by the payment application 20 in the following description may not be actually performed by the payment application 20 alone, but may include notification to the payment server 100, approval request, and the like. .

First, when the payment application 20 accepts the applicant's account creation application (S300), it accepts the applicant's input of the telephone number and password (S302). The settlement application 20 transmits the accepted applicant's phone number and password to the settlement server 100 (S304).

The account creation management unit 154 of the settlement server 100 performs SMS authentication as follows (S306-S312). First, the account creation management unit 154 sends a short message including the authentication code issued by the settlement server 100 to the telephone number (S306). The applicant's user terminal device 10 should receive the short message if the telephone number is valid. The payment application 20 accepts input of the authentication code described in the short message (S308). The payment application 20 transmits the entered authentication code to the payment server 100 (S310). The account creation management unit 154 of the settlement server 100 determines whether the received authentication code is correct (S312). Since SMS authentication is performed in this way, it is impossible to create an account using a data communication-only SIM that cannot use SMS.

If it is determined in S312 that the authentication code is correct, the account creation management unit 154 searches the SIM type data 178 using the phone number received from the payment application 20 (S314), and confirms that the SIM type of the SIM corresponding to the phone number is It is determined whether or not the SIM is dedicated to data communication (S316).

If it is determined in S316 that the SIM type is not a data communication-only SIM, the account creation management unit 154 creates an account for the applicant using the telephone number and password received from the payment application 20 as registration information (S318). Account creation management unit 154 adds a new record to user information 172 .

If it is determined in S316 that the SIM type is a data communication-only SIM, the account creation management unit 154 transmits information requesting identity verification to the user terminal device 10 of the applicant (S320). The settlement application 20 of the user terminal device 10 performs identity verification using the functions of the user terminal device 10, and transmits the verification result to the settlement server 100 (S322).

As identity verification, the payment application 20 collects (1) information scanned from the IC chip of the My Number card and name in kana, (2) information scanned from the IC chip of the driver's license, photograph of the face, and name in kana, (3) personal We will ask for your number card, a photo of your driver's license, etc., your face photo, and your name in kana. The payment application 20 acquires these pieces of information using the short-range communication function, camera function, etc. of the user terminal device 10 . The payment application 20 transmits the acquired image and text information to the payment server 100 as they are or after processing such as compression. This form of identity verification is merely an example, and other forms of identity verification may be performed.

The account creation management unit 154 acquires the result of personal identification, and checks the format and the like to see if it is valid information (S324). If the information is valid, the applicant's account is created using the telephone number and password received from the payment application 20 and the result of identity verification as registration information (S318).

If it is determined at S312 that the authentication code is not correct, and if it is determined at S324 that the result of the personal identification is invalid (defective), the processing of this flow chart ends with an error (S326). In this case, information to the effect that account creation has not been completed is transmitted from the account creation management unit 154 to the settlement application 20, and the settlement application 20 causes the user terminal device 10 to display information to that effect.

According to the first embodiment described above, when a user applies to create an account for an electronic payment service, the telephone number of the user terminal device 10 of the applicant, who is the user who applied for account creation, must be registered. SIM type data 178 in which information including the SIM type is associated with each of a plurality of phone numbers acquired in advance and stored in the storage unit 170, and the SIM type corresponding to the acquired phone number is acquired as information. If the type of SIM obtained is a data communication only SIM, the applicant is requested to confirm his/her identity, which is different from SMS authentication, and the applicant's account is created after SMS authentication and identity confirmation. By performing the processing of , it is possible to maintain the effect of suppressing unauthorized use of the electronic payment service without impairing the convenience of the user as much as possible. In other words, the applicant can receive the electronic payment service using a low-cost SIM dedicated to data communication without responding to authentication over the phone, although it takes time and effort to verify the identity of the applicant. Also, from the perspective of curbing unauthorized use, if a data communication SIM is used that does not require identity verification at the time of contract because it is not subject to the Mobile Phone Improper Use Prevention Act, the electronic payment business operator Since confirmation is performed, the effect of suppressing unauthorized use of the electronic payment service can be maintained. Improper use of electronic payment services includes, for example, money laundering and payment using a fund source (credit card, etc.) whose information has been stolen. This is because, if identity verification is performed, a certain deterrent effect can be expected against these acts.

<Second embodiment>
A second embodiment will be described below. The settlement server of the second embodiment differs from the first embodiment in the process of account creation. Hereinafter, although illustration of the configuration will be omitted, the settlement server according to the second embodiment will be referred to as 100A, and the account creation management unit will be referred to as an account creation management unit 154A.

The predetermined processing in the second embodiment is provided to each part of the settlement server 100A after the applicant's account is created, compared to the case where the SIM type corresponding to the telephone number obtained from the applicant is voice call SIM. This is a process that limits the services that are provided. Restricted services are services that are likely to be used illegally for electronic payment services, such as those related to credit cards linked with electronic payment services, those related to electronic payment settlement amounts, and those related to P2P remittances. As an example of limiting the service, for example, for a user (applicant) whose SIM type corresponding to a telephone number is a data communication-only SIM, (1) the information management unit 150 can register a credit card as a fund source; (2) The payment processing unit 130 sets a low upper limit on the amount of payment (per transaction and/or monthly); (4) The non-settlement service processing unit 140 does not provide a P2P remittance function or limits the remittance amount to a low amount. In addition, even if it includes notifying the credit card company to tighten the examination when adding the credit card to the fund source, or tightening the standards when the payment server 100A independently monitors unauthorized use. good. The settlement server 100A monitors fraudulent use based on the timing, frequency, and content of electronic settlement by the user. Also, other types of processing may be included as long as they do not differ in intent. For example, the account creation management unit 154A sets the SIM type in the user information 172 to "data communication only" for a user whose SIM type corresponding to the phone number to be used is a data communication only SIM. The settlement server 100A in the second embodiment performs some or all of the above processes for users whose SIM type in the user information 172 is set to "dedicated for data communication".

FIG. 8 is a flow chart showing an example of the flow of processing executed by the account creation management unit 154A of the second embodiment. Since the processes of S300 to S318 and S326 are the same as those described with reference to FIG. 7, the description thereof is omitted.

If it is determined in S316 that the SIM type is not a SIM dedicated to data communication, the account creation management unit 154A creates an account with service restrictions (S328). Specifically, the account creation management unit 154A creates an account for the applicant with the SIM type in the user information 172 set to "dedicated for data communication". Each unit of the settlement server 100A that refers to this restricts part of the services as described above.

According to the second embodiment described above, when a user applies to create an account for an electronic payment service, the telephone number of the user terminal device 10 of the applicant who applied for account creation is required to be registered. SIM type data 178 in which information including the SIM type is associated with each of a plurality of phone numbers acquired in advance and stored in the storage unit 170, and the SIM type corresponding to the acquired phone number is acquired as information. If the type of SIM obtained is a data communication-only SIM, the service that is provided after the applicant's account is created will be restricted. Therefore, it is possible to maintain the effect of suppressing unauthorized use of the electronic payment service. In other words, although the content of use is restricted, the applicant can receive the electronic payment service using a low-cost SIM dedicated to data communication without responding to authentication by telephone. Also, from the viewpoint of suppressing unauthorized use, it is possible to maintain the effect of suppressing unauthorized use of the electronic payment service by restricting the provision of services that are likely to be used illegally.

<Third Embodiment>
A third embodiment will be described below. The settlement server of the third embodiment differs from the first and second embodiments in the process of creating an account. Hereinafter, although illustration of the configuration will be omitted, the settlement server according to the third embodiment will be referred to as 100B, and the account creation management unit will be referred to as an account creation management unit 154B.

The predetermined process in the third embodiment is to request the applicant to perform identity verification, which is different from SMS authentication, using the applicant's terminal device, and if identity verification is performed, the application is processed through SMS authentication and identity verification. If the applicant's account is created and the identity verification is not performed, each part of the settlement server 100B is notified that the SIM type corresponding to the telephone number obtained from the applicant is voice call SIM and the identity verification is performed. It is a process that limits the services provided after creating an applicant's account compared to the case. Limited services may be the same as in the second embodiment. In addition, the same service may be provided to a user whose SIM type is a voice call SIM and a user whose SIM type is a data communication-only SIM and whose identity has been verified. There may be differences in the degree of service provided. FIG. 9 is a schematic diagram of the degree of service provided to the user in the third embodiment. As illustrated, there are four patterns of users in the third embodiment. Here, the degree of service provided to user D is limited compared to any of users A, B, and C. The extent of service offered to B customers is limited relative to both A customers and C customers. Other relationships may be determined arbitrarily.

FIG. 10 is a flow chart showing an example of the flow of processing executed by the account creation management unit 154B of the third embodiment. Since the processes of S300 to S322 are the same as those described with reference to FIG. 7, the description thereof is omitted.

After requesting identity verification to the applicant in S320, the account creation management unit 154B determines whether or not the result of identity verification has been acquired (step S330). A case in which the result of identity verification could not be acquired is, for example, a case in which the applicant performs an operation to "skip identity verification." If the result of personal identification cannot be acquired, the account creation management unit 154B creates an account with service restrictions (S332). The processing in this case is the same as in the second embodiment.

If the result of the personal identification can be acquired, the account creation management unit 154B checks whether the result of the personal identification is valid information, such as the format (S334). If the information is valid, the applicant's account is created using the telephone number and password received from the payment application 20 and the result of identity verification as registration information (S318).

If it is determined at S312 that the authentication code is not correct, and if it is determined at S334 that the result of the personal identification is invalid (defective), the process of this flow chart ends with an error (S326).

According to the third embodiment described above, when a user applies to create an account for an electronic payment service, the telephone number of the user terminal device 10 of the applicant who applied for account creation is required to be registered. SIM type data 178 in which information including the SIM type is associated with each of a plurality of phone numbers acquired in advance and stored in the storage unit 170, and the SIM type corresponding to the acquired phone number is acquired as information. If the SIM type obtained is a data communication SIM, the applicant is requested to verify his identity, which is different from SMS authentication. Compared to when the SIM type corresponding to the number is voice call SIM (case A or B in Figure 9) and when identity verification is performed (case C in Figure 9), the applicant's account is created Since the service to be provided is restricted after the payment is made, the effect of suppressing unauthorized use of the electronic payment service can be maintained without impairing the convenience of the user as much as possible. In other words, the applicant can receive the electronic payment service using an inexpensive data communication-dedicated SIM without requiring authentication by telephone, although it takes time to verify the identity of the applicant or the service that can be used is limited. In addition, from the perspective of curbing unauthorized use, it is possible to either obtain the results of identity verification or restrict the provision of services that are likely to be used for unauthorized use of electronic payment services. The effect of suppressing fraudulent use of payment services can be maintained.

<Others>
In each of the above-described embodiments, differences between communication carriers are not taken into consideration, but even if the SIM is a SIM dedicated to data communication, a SIM issued by a specific communication carrier that voluntarily verifies the identity In some cases, it may be handled in the same manner as the voice call SIM.

In addition, if a user who has already created an account changes the SIM type, either or both of changing from a voice call SIM to a data communication SIM and from a data communication SIM to a voice call SIM A predetermined process (personal identification request and/or service restriction) may be performed.

Also, as an example of SMS authentication, a short message containing an authentication code is sent to the applicant's phone number, and authentication is performed by having the applicant enter the authentication code. Other forms of SMS authentication may be performed as long as it is possible to confirm that the telephone number used for the above is being used by the user terminal device 10 . For example, a short message containing an authentication URL is sent to the applicant, and the applicant operates the authentication URL to have the applicant enter an authentication code displayed by the user terminal device 10, or A method may be employed in which the applicant completes the authentication by operating the URL for authentication.

In addition, in the case of changing the telephone number without changing the SIM type, the predetermined processing is unnecessary.

As described above, the mode for carrying out the present invention has been described using the embodiments, but the present invention is not limited to such embodiments at all, and various modifications and replacements can be made without departing from the scope of the present invention. can be added.

10 User terminal device 20 Payment application 100, 100A, 100B Payment server 120 Payment content providing unit 130 Payment processing unit 140 Non-payment service processing unit 150 Information management unit 152 SIM type data acquisition unit 154, 154A, 154B Account creation management unit 172 User information

Claims (9)

A service providing device that provides a service to the user via the user's terminal device,
When a user applies to create an account for the aforementioned service, the telephone number of the terminal device of the applicant, who is the user who applied for account creation, is acquired as mandatory registration information, and the SIM type corresponding to the acquired telephone number is registered. , searching for and acquiring SIM type data in which information including the SIM type is associated with each of a plurality of telephone numbers, which has been obtained in advance and stored in a storage unit, and the obtained SIM type is a data communication-only SIM; Equipped with an account creation management unit that performs predetermined processing in some cases,
Service provider. further comprising a SIM type data acquisition unit that acquires the SIM type data and stores it in a storage unit;
The service providing device according to claim 1. The account creation management unit creates an account for the applicant through SMS authentication when the SIM type corresponding to the phone number obtained from the applicant is a voice call SIM,
The predetermined process is a process of requesting the applicant for identity verification different from the SMS authentication using the applicant's terminal device, and creating an account for the applicant through the SMS authentication and the identity verification. is
The service providing device according to claim 1. The predetermined process is a service provided to the service providing device after the applicant's account is created, compared to the case where the SIM type corresponding to the telephone number obtained from the applicant is voice call SIM. is a process that limits the
The service providing device according to claim 1. The account creation management unit creates an account for the applicant through SMS authentication when the SIM type corresponding to the phone number obtained from the applicant is a voice call SIM,
Said predetermined process requests said applicant to perform identity verification different from said SMS authentication using said applicant's terminal device, and if said identity verification is not performed, telephone number obtained from said applicant The service providing device restricts the services provided after the applicant's account is created, compared to the case where the SIM type corresponding to is a voice call SIM and the case where the identity verification is performed. be,
The service providing device according to claim 1. the service is an electronic payment service;
Limiting the amount of electronic payment or the number of credit cards linked with electronic payment as a process for limiting the service;
6. The service providing device according to claim 4 or 5. Restricting remittances between users as a process for restricting the service;
The service providing device according to any one of claims 1 to 5. A service providing device that provides a service to the user via the user's terminal device,
When a user applies to create an account for the aforementioned service, the telephone number of the terminal device of the applicant, who is the user who applied for account creation, is obtained as mandatory registration information,
obtaining a SIM type corresponding to the obtained phone number by searching for SIM type data in which information including the SIM type is associated with each of a plurality of phone numbers, which is previously obtained and stored in a storage unit;
performing a predetermined process when the acquired SIM type is a data communication-only SIM;
How we provide our services. to the processor of the service providing device that provides the service to the user via the user's terminal device,
When a user applies to create an account for the service, having the telephone number of the terminal device of the applicant, who is the user who applied for account creation, acquired as mandatory registration information,
obtaining the SIM type corresponding to the obtained telephone number by searching for SIM type data in which information including the SIM type is associated with each of a plurality of telephone numbers, which is previously obtained and stored in a storage unit;
perform a predetermined process when the obtained SIM type is a data communication-only SIM;
program.

Images