JP7336394B2 - Money handling system and money handling method - Google Patents

Description

The present invention relates to a money handling system and a money handling method that can accurately and efficiently notify a management device of money information related to deposits or withdrawals to or from a money handling device while efficiently coping with unauthorized access by spoofing. .

Conventionally, cashiers in commercial facilities such as supermarkets and department stores take out coins stored in a storage unit of a change dispenser provided at the cash register and store the coins in a sales deposit machine provided in the commercial facility. Money handling systems are known. In such a money processing system, a person in charge of a security transport company whose job is to transport money takes out money from the sales deposit machine, transports it to the cash center, and counts the number of coins. Then, in the terminal device of the security transportation company, the amount of the counted money is transferred to the customer's bank account of the commercial facility (see, for example, Patent Document 1).

In such a money handling system, if the sales money deposit machine installed in the commercial facility and the terminal device of the security transportation company are communicatively connected, the amount of money collected from the sales money deposit machine will be sent to the security transportation company. The terminal device will be notified, and the terminal device of the security transportation company will transfer the collected money amount to the customer's bank account. In this way, when the sales deposit machine is operated online, it is possible to specify the amount of money to be transferred to the customer's bank account by the terminal device of the security transportation company.

JP 2016-162140 A

However, if the sales proceeds depositing machine is operated online as in the conventional technology, a terminal device of a malicious and unauthorized person can impersonate the sales proceeds depositing machine and illegally access the security delivery company's management device or relay management device. , there is a possibility that fraud such as falsification of the amount of money collected from the sales deposit machine or falsification of the bank account of the transfer destination may occur.

In addition, there are cases where sales proceeds deposit machines installed in conventional commercial facilities are operated offline. This is not efficient and may result in input errors.

For this reason, it is an important issue how to efficiently notify the terminal device of the security transportation company of the correct amount of money collected from the sales deposit machine while efficiently dealing with unauthorized access by spoofing. This problem occurs not only in the case of using the money depositing machine but also in the case of using various money handling devices. is also a problem. Furthermore, the same problem arises when notifying a management device other than a terminal device of a security transportation company.

SUMMARY OF THE INVENTION The present invention has been made to solve the above-described problems of the prior art. It is an object of the present invention to provide a money handling system and a money handling method capable of notifying a management device of

In order to solve the above-described problems and achieve the object, the present invention provides a portable terminal possessed by a user who deposits or withdraws money to or from a money handling machine, and at least a mobile terminal for depositing or withdrawing money to or from the money handling machine. and a relay management device for performing relay processing of money information related to the money, wherein the money handling device electronically signs the money information of the deposited or withdrawn money when depositing or withdrawing money. 1 signature data is generated and transferred to the mobile terminal, and the relay management device determines that the money information is valid based on the restoration conversion result of the first signature data acquired from the mobile terminal. For example, the electronic signature of the money information is generated to generate second signature data, and the generated signature data is transmitted to a management device that manages the money information.

Further, according to the present invention, in the above invention, when the money information included in the second signature data received from the relay management device is payment information to be paid to the money processing device, the management device It is characterized in that the amount of money to be deposited included in the deposit information is transferred to a predetermined financial institution account.

Further, the present invention includes a money handling device to which a first secret key (d1) and a first public key (e1) are assigned , and a second secret key (d2) and a second public key (e2). a portable terminal to which a third secret key (d3) and a third public key (e3) are assigned; The processing device generates encrypted data by encrypting first signature data obtained by electronically signing the deposit information with the first private key (d1) with the second public key (e2) , The generated encrypted data is transferred to the portable terminal, and the portable terminal decrypts the encrypted data transferred from the money handling apparatus with the second secret key (d2) to generate signature data, and generates the signature data. The signature data is transmitted to the relay management device, and the relay management device restores and converts the signature data received from the portable terminal by using the first public key (e1) to convert the deposit information included in the signature data into If it is determined that the payment information is valid, the electronic signature is applied to the payment information using a third secret key (d3) assigned to the own device, and the second is generated, and the generated second signature data is transmitted to a management device that manages the deposit information.

Further, according to the present invention, in the above invention, the management device restores and converts the second signature data received from the relay management device with a third public key (e3) assigned to the relay management device. It is determined whether or not the deposit information included in the second signature data is valid, and if the deposit information is determined to be valid, the deposit amount included in the deposit information is transferred to a predetermined financial institution account. It is characterized by performing transfer processing to .

Further, according to the present invention, in the above invention, the relay management device restores and converts the first signature data received from the portable terminal using the first public key (e1) to obtain the first signature data. It is determined whether or not the included deposit information is valid, and if the deposit information is determined to be valid, the deposit information is electronically signed with a third secret key (d3) assigned to the device itself. is performed to generate second signature data, and the generated second signature data is transmitted to the portable terminal.

Further, according to the present invention, in the above invention, the mobile terminal is a mobile terminal owned by a person in charge of a store who deposits money into the money handling apparatus.

Further, according to the present invention, in the above invention, the money handling device displays, on a predetermined display section, a graphic code obtained by converting the first signature data obtained by electronically signing the deposit information into a graphic code. The terminal is characterized by capturing an image of a predetermined display unit of the money processing device with a predetermined image capturing unit and acquiring the first signature data based on the captured image of the graphic code.

Further, according to the present invention, in the above-described invention, the money processing device transmits first signature data obtained by electronically signing the deposit information to the mobile terminal by short-range wireless communication.

Further, according to the present invention, in the above invention, the relay management device converts the signature data to the first public key for a trained model generated by supervised learning using a plurality of pieces of deposit information for learning. Deposit information obtained by restoration conversion in (e1) is input, and whether or not the deposit information included in the signature data is valid is determined based on the output result from the learned model. do.

Further, the present invention comprises a portable terminal possessed by a user who deposits money into a money handling machine, and a relay management device that performs relay processing of deposit information of at least the money deposited into the money handling machine, The processing device delivers first signature data obtained by applying a first electronic signature to the deposit information to the mobile terminal, and the mobile terminal restores and converts the first signature data to the first signature data. When the deposit information included in the signature data is determined to be valid, the second signature data obtained by applying a second electronic signature to the deposit information included in the first signature data is relayed and managed. device, and if the relay management device determines that the deposit information included in the second signature data is valid based on the restoration conversion result of the second signature data, the second signature data and transmitting third signature data obtained by applying a third electronic signature to the deposit information contained in the billing information to a management device that manages the deposit information.

Further, according to the present invention, in the above-described invention, when the management device determines that the deposit information included in the third signature data is valid based on the restoration conversion result of the third signature data, the It is characterized in that the deposit amount of the deposit information included in the signature data of 3 is transferred to a predetermined financial institution account.

Further, the present invention includes a money handling device to which a first secret key (d1) and a first public key (e1) are assigned, and a second secret key (d2) and a second public key (e2). A portable terminal possessed by a user who dispenses money to the money handling machine, and a third secret key (d3) and a third public key (e3) are assigned to the money handling machine. and a relay management device that performs relay processing of payment information of money that has been paid, wherein the money processing device applies an electronic signature to the payment information with the first private key ( d1 ) . 1 signature data is encrypted with the second public key (e2) , and the generated encrypted data is delivered to the mobile terminal, and the mobile terminal receives the The encrypted data is decrypted with the second secret key (d2) to generate signature data, the generated signature data is transmitted to the relay management device, and the relay management device receives the signature data from the portable terminal. is restored and converted by the first public key (e1) to determine whether or not the withdrawal information included in the signature data is valid, and if it is determined that the withdrawal information is valid, Electronically sign the payment information with a third secret key (d3) assigned to the device to generate second signature data, and manage the payment information with the generated second signature data. It is characterized by transmitting to a management apparatus.

Further, the present invention comprises a portable terminal possessed by a user who withdraws money from a money handling machine, and a relay management device for relaying at least payment information of the money dispensed from the money handling machine. , the money handling device delivers first signature data obtained by applying a first electronic signature to the payment information to the mobile terminal, and the mobile terminal restores and converts the first signature data to A second electronic signature that affixes a second electronic signature to the payment information included in the first signature data when it is determined that the payment information included in the first signature data is valid When the signature data is transmitted to the relay management device, and the relay management device judges that the withdrawal information included in the second signature data is valid based on the restoration conversion result of the second signature data, and transmitting third signature data obtained by applying a third electronic signature to the payment information included in the second signature data to a management device that manages the payment information.

Further, the present invention performs relay processing of money information related to at least the money deposited or withdrawn to or from the money handling device with a portable terminal possessed by a user who deposits or withdraws money to or from the money handling device. A money handling method in a money handling system having a relay management device, wherein when the money handling device deposits or withdraws money, the money information of the deposited or withdrawn money is electronically signed. and delivering the signature data to the mobile terminal, and determining that the money information is valid based on the restoration conversion result of the first signature data acquired from the mobile terminal by the relay management device. If so, the step of generating second signature data obtained by electronically signing the money information and transmitting the second signature data to a management device that manages the money information.

Further, the present invention includes a money handling device to which a first secret key (d1) and a first public key (e1) are assigned, and a second secret key (d2) and a second public key (e2). A portable terminal possessed by a user who is assigned and deposits money into the money handling apparatus, and a third secret key (d3) and a third public key (e3) are assigned and deposits into the money handling apparatus. A money handling method in a money handling system having a relay management device for relaying deposited money information, wherein the money handling device electronically processes the deposited money information with a first secret key (d1). a step of generating encrypted data obtained by encrypting the signed first signature data with the second public key (e2) and delivering the generated encrypted data to the mobile terminal; a step of decrypting the encrypted data delivered from the processing device with the second secret key (d2) to generate signature data, and transmitting the generated signature data to the relay management device; restoring and converting the signature data received from the portable terminal with the first public key ( e1 ), determining whether or not the deposit information included in the signature data is valid, and determining whether the deposit information is valid. If it is determined that there is, electronic signature is performed on the deposit information with the third secret key (d3) assigned to the device to generate second signature data, and the generated second signature data is and transmitting the deposit information to a management device that manages the deposit information.

Further, the present invention is a money handling system comprising: a portable terminal possessed by a user who deposits money into a money handling machine; wherein the money handling apparatus transfers to the portable terminal first signature data obtained by applying a first electronic signature to the deposit information; and When it is determined that the deposit information included in the first signature data is valid as a result of restoration conversion of the first signature data, the deposit information included in the first signature data is subjected to a second electronic transmitting the signed second signature data to the relay management device; if it is determined that the deposit information contained in the second signature data is subjected to a third electronic signature, the third signature data is transmitted to a management device that manages the deposit information. and a step.

According to the present invention, it is possible to accurately and efficiently notify a management device of money information relating to deposits or withdrawals to a money handling device while efficiently coping with unauthorized access by spoofing.

FIG. 1 is an explanatory diagram for explaining an overview of the money handling system according to the embodiment. FIG. 2 is a diagram showing an external configuration of the money handling apparatus shown in FIG. 1. As shown in FIG. 3 is a diagram showing the internal configuration of the banknote processing unit shown in FIG. 2. FIG. 4 is a configuration diagram showing the internal configuration of the coin processing unit shown in FIG. 2. FIG. FIG. 5 is a diagram showing the configuration of a control system in the money handling apparatus shown in FIG. 1. As shown in FIG. FIG. 6 is a diagram showing an example of the balance data, deposit data, self-device secret key data, and portable terminal public key data shown in FIG. FIG. 7 is a functional block diagram showing the configuration of the mobile terminal shown in FIG. 1; FIG. 8 is a diagram showing an example of own device secret key data, relay management device public key data, and deposit data shown in FIG. FIG. 9 is a diagram showing the internal configuration of the relay management device shown in FIG. FIG. 10 is a diagram showing an example of the own device secret key data and money handling device public key data shown in FIG. FIG. 11 is a functional block diagram showing the configuration of the management device shown in FIG. 1; 12 is a diagram showing an example of the relay management device public key data and transfer processing data shown in FIG. 11. FIG. FIG. 13 is a flow chart showing the processing procedure of the money handling apparatus according to the embodiment. FIG. 14 is an explanatory diagram for explaining the outline of the money handling system according to the modification. FIG. 15 is a perspective view showing an overview of the banknote recognition and counting machine.

Preferred embodiments of a money handling system and a money handling method according to the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that in the embodiments shown below, the case where public key cryptography called RSA cryptography is applied to the present invention will be mainly described.

<Overview of Money Handling System According to Embodiment>
First, an overview of the money handling system according to the present embodiment will be described. FIG. 1 is an explanatory diagram for explaining the outline of the money handling system according to this embodiment. The store shown in FIG. 1 is provided with a POS cash register, a change machine, and a money handling device 100 (not shown). The money stored in the change dispenser to be the sales proceeds is transported to the money handling machine 100 by a cashier or the like and deposited in the money handling machine 100 . Specifically, the banknotes stored in the change machine to be the sales proceeds are deposited into the money handling apparatus 100 via, for example, a detachable banknote cassette of the change machine, and the coins stored in the change machine to be the sales proceeds are , is transported to the money handling machine 100 in a bagged state, and deposited into the money handling machine 100. - 特許庁After that, the money in the money handling apparatus 100 is transported to a cash center by a security delivery company or the like, and a management device 40 of the security delivery company or the like transfers the amount deposited in the money handling machine 100 to the bank account of the store. .

Here, if this money handling device 100 is operated online, a terminal device of a malicious and unauthorized person impersonates the money handling device 100 and illegally accesses the management device 40 of a security delivery company or the relay management device 30, There is a possibility that fraud such as falsification of the amount of money collected from the money handling apparatus 100 or falsification of the bank account to which the money is to be transferred is made.

Further, there are cases where the money handling apparatus 100 installed in conventional commercial facilities are operated offline. This is not efficient and may result in input errors.

Therefore, it is important how to efficiently notify the management device 40 of a security transportation company or the like of the correct amount of money collected from the money handling device 100 while efficiently dealing with unauthorized access by spoofing.

Therefore, in the money handling system according to the present embodiment, the signature data obtained by electronically signing the deposit data to the money handling device 100 is delivered to the mobile terminal 20 possessed by the cashier, and the mobile terminal 20 transfers the signature to the relay management device 30. The relay management device 30 authenticates the validity of the deposit data, and the relay management device 30 transmits the signature data of the deposit data to the management device 40 on the condition that the deposit data is valid. are doing. As a result, it is possible to accurately and efficiently notify the management device 40 of the deposit data of the money handling device 100 while efficiently dealing with unauthorized access by spoofing.

Next, an outline of each device will be described. As a preliminary preparation, it is assumed that a public key and a private key are assigned in advance to the money handling device 100, the mobile terminal 20, and the relay management device 30, respectively. Specifically, private key d1 and public key e1 are assigned to money handling device 100, private key d2 and public key e2 are assigned to mobile terminal 20, and private key d3 and public key e2 are assigned to relay management device 30. Assume that a public key e3 is assigned.

The money handling device 100 is a device installed in a store such as a supermarket and operated offline. A private key d1 and a public key e2 are stored in the storage unit of the money handling apparatus 100, and a program for generating a two-dimensional code such as a QR code (registered trademark) and an electronic signature for performing an electronic signature using the private key d1. An encryption program that performs encryption using a program and public key e2 is installed. Since the money handling machine 100 is operated offline, the person in charge of maintenance of the money handling machine 100 performs a predetermined operation to shift the money handling machine 100 to the offline mode, and uses the attendant terminal to enter the secret key. d1 and public key e2 are set. Other setting procedures for the secret key d1 and the public key e2 for the money handling apparatus 100 will be described in a later modified example.

When the money handling apparatus 100 accepts a money deposit, it generates deposit data, applies an electronic signature to the deposit data using a private key d1 to generate signature data, and generates signature data using a public key e2. Encrypt to generate cipher data. After that, this encrypted data is converted into a two-dimensional code, and the two-dimensional code is displayed on the operation display section. The encrypted data is transferred to the mobile terminal 20 by reading the two-dimensional code with the camera of the mobile terminal 20 .

The mobile terminal 20 is a mobile communication terminal device such as a smart phone owned by a cashier or the like, and is communicably connected to the relay management device 30 via a wireless communication network. A secret key d2 is stored in the storage unit of the mobile terminal 20, and a two-dimensional code reader application for reading a two-dimensional code with a camera and a decryption application for decryption using the secret key d2 are installed.

After acquiring the encrypted data from the money handling device 100 , the mobile terminal 20 decrypts the encrypted data with the secret key d 2 to generate signature data, and transmits the generated signature data to the relay management device 30 .

The relay management device 30 is a relay device that transmits to the management device 40 only the signature data received from the portable terminal 20 in which the payment data included in the signature data is valid. In other words, when fake signature data is received from an unauthorized terminal device impersonating the portable terminal 20 , the signature data is discarded and not notified to the management device 40 . In addition, in order to cope with the case where an unauthorized terminal device impersonating this relay management device 30 transmits false payment data to the management device 40, the relay management device 30 authenticates that the payment data is valid. , the deposit data is electronically signed with the private key d3 of its own device to generate signature data, and the generated signature data is transmitted to the management device 40. FIG.

A private key d3 and a public key e1 are stored in the storage unit of the relay management device 30, and a restoration conversion program for restoring and converting an electronic signature using the public key e1 and an electronic signature for electronic signature using the private key d3. program is installed.

The management device 40 is a management device installed in a security transportation company, and performs transfer processing to the depositor's account based on the deposit data received from the relay management device 30 . Specifically, the management device 40 restores and converts the signature data received from the relay management device 30 with the public key e3, and authenticates the validity of the deposit data. As a result, if the deposit data is authenticated as valid, the deposit amount included in the deposit data is transferred to the depositor's account.

A public key e3 is stored in the storage unit of the management device 40, and a restoration conversion program for restoring and converting the electronic signature using the public key e3 and a transfer program for transferring the payment amount to the bank account of the depositor. Program is installed.

Next, the flow of processing when money is deposited into the money handling apparatus 100 according to the present embodiment will be described with reference to FIG. A cash register clerk attaches a banknote cassette removed from a change machine (not shown) to the money handling apparatus 100 and deposits it (step S1). In addition, although the case where a banknote cassette is used is demonstrated here, a banknote cassette is not used. A cash register clerk may manually take out banknotes from the change dispenser and manually deposit the taken-out banknotes into the money handling apparatus 100 .

When the money handling apparatus 100 accepts the deposit of banknotes, the money handling apparatus 100 generates deposit data including the amount of the deposited banknotes, performs an electronic signature with the private key d1 assigned to the money handling apparatus 100, and generates signature data ( step S2). It is also possible to obtain a hash value from the deposit data and electronically sign the obtained hash value with the private key d1. and Thereafter, the money handling apparatus 100 encrypts the signature data using the public key e2 assigned to the mobile terminal 20 to generate encrypted data (step S3). A detailed description of the authentication process and the encryption process will be given later.

The money processing device 100 converts the encrypted data into a two-dimensional code and displays it on the operation display unit, and the cashier activates the two-dimensional code reader application of the mobile terminal 20, and the code is displayed on the operation display unit. A two-dimensional code is read (step S4). The portable terminal 20 decrypts the encrypted data contained in the read two-dimensional code with the private key d2 (step S5), and transmits the decrypted signature data to the relay management device 30 (step S6).

Upon receiving the signature data, the relay management device 30 restores and converts the signature data with the public key e1 (step S7), and authenticates the validity of the deposit data (step S8). If the deposited data is valid, the deposited data is electronically signed with the secret key d3 assigned to the relay management device 30 to generate signature data (step S9), and the generated signature data is transmitted to the management device 40 (step S9). step S10).

When receiving the signature data, the management device 40 restores and converts the signature data with the public key e3 (step S11), and authenticates the validity of the deposit data (step S12). Then, if the deposit data is valid, the deposit amount of the deposit data is transferred to the account of the store from which the deposit was made (step S13).

As described above, in the money handling system according to the present embodiment, the signature data obtained by electronically signing the deposit data to the money handling device 100 is transferred to the mobile terminal 20 possessed by the cashier. The relay management device 30 authenticates the validity of the deposit data, and the relay management device 30 transmits the signature data of the deposit data to the management device 40 on the condition that the deposit data is valid. It is configured as follows. As a result, it is possible to accurately and efficiently notify the management device 40 of the deposit data of the money handling device 100 while efficiently dealing with unauthorized access by spoofing.

<Configuration of money handling device 100>
Next, the configuration of the money handling apparatus 100 will be described with reference to FIGS. 2 to 6. FIG. As shown in FIG. 2 and the like, the money handling apparatus 100 according to the present embodiment includes a substantially rectangular parallelepiped housing 101. Inside the housing 101, a banknote deposit process and a banknote withdrawal process are performed. A banknote processing unit 110, a coin processing unit 150 for depositing and dispensing coins, and wrapped coins (coins of the same denomination are grouped into a fixed number (for example, 20 or 50) into a stick shape and wrapped in a film or wrapping paper). etc.) are accommodated. As shown in FIG. 2, the bill processing unit 110 and the coin processing unit 150 are arranged side by side when viewed from the front side of the money processing apparatus 100, and below the bill processing unit 110 and the coin processing unit 150. A wrapped coin storage unit 180 is arranged in .

As shown in FIGS. 2 and 3, the banknote processing unit 110 includes a banknote receiving section 120 provided on the right side of the front side of the housing 101 and a banknote receiving section 120 provided below the banknote receiving section 120 on the front side of the housing 101. a banknote dispensing unit 122, a transport unit 130 that transports banknotes one by one inside the housing 101, and a plurality of banknote storage units that store banknotes inside the housing 101 and can feed out the stored banknotes. and portions 134 and 136 . 3, the right side surface of the housing 101 is the front surface of the banknote processing unit 110, and the leftward direction in FIG. 3 is the depth direction of the banknote processing unit 110.

As shown in FIG. 3, the conveying section 130 is composed of a circular conveying section 130a and a plurality of connecting conveying sections 130b, which are arranged at the central position in the upper portion of the housing 101. As shown in FIG. In addition, a banknote receiving unit 120, a banknote dispensing unit 122, a rejecting unit 124, a cassette mounting unit 126 to which a banknote cassette of a change machine can be detachably mounted, a collection cassette 140, and two banknote storage units 134, 136 each rotate. It is arranged so as to surround the transport section 130a.

Further, as shown in FIG. 3 , each of the plurality of connection transport units 130b operates a banknote receiving unit 120, a banknote dispensing unit 122, a rejecting unit 124, a cassette mounting unit 126, a recovery cassette 140, and two banknote storage units 134 and 136. are connected to each other and the circulating transport section 130a. In addition, the circulating transport section 130a is provided with an identification section 132. The recognizing section 132 identifies the denomination, authenticity, fitness, front and back, transport state, etc. of the banknotes transported by the circulating transport section 130a. conduct.

The revolving transport unit 130a can transport banknotes one by one in both clockwise and counterclockwise directions in FIG. Further, in the transport section 130, a route switching section (not shown) for switching the banknote transport path between the circular transport section 130a and each connection transport section 130b is arranged along the circular transport section 130a.

As shown in FIGS. 2 and 3, the front surface of the housing 101 is provided with a banknote receiving opening 120a of the banknote receiving section 120 and a banknote outlet 122a of the banknote dispensing section 122, respectively. A door 126a is provided on the front side of the cassette mounting portion 126. By opening the door 126a, the banknote cassette is mounted on the cassette mounting portion 126, and the banknote cassette is taken out from the cassette mounting portion 126.例文帳に追加be able to.

Further, as shown in FIG. 5, the cassette mounting portion 126 has a reader/writer for writing various data to the IC tag attached to the banknote cassette mounted on the cassette mounting portion 126 and for reading various data from the IC tag. 128 are provided.

A banknote feeding mechanism 121 is provided in the banknote receiving unit 120. When it is detected that one or more banknotes have been inserted into the banknote receiving port 120a, the banknote feeding mechanism 121 is driven to Banknotes are delivered one by one to the side of the revolving transport section 130a via the connection transport section 130b.

The banknote dispensing unit 122 discharges the banknotes delivered from the banknote storage units 134 and 136 to the circulating transport unit 130a to the outside of the housing 101 through the banknote outlet 122a.

The reject unit 124 rejects bills that cannot be identified by the identification unit 132 due to transport abnormalities such as double feeding or skewing among the bills fed from the respective bill storage units 134 and 136 during the withdrawal process. Store as Among the banknotes taken into the housing 101 from the banknote receiving unit 120, banknotes that cannot be identified by the recognition unit 132 due to stains or the like during the deposit processing are returned to the banknote dispensing unit 122 as deposited rejected banknotes. .

Each banknote storage unit 134 , 136 stores banknotes by denomination based on the identification result of the identification unit 132 . These banknote storage units 134 and 136 store banknotes to be dispensed from the money processing apparatus 100 as banknotes for the change fund to the change machine. For example, the banknote storage unit 134 stores 1,000 yen bills, and the banknote storage unit 136 stores 5,000 yen bills. Note that the 10,000-yen bill is stored in a collection cassette 140, which will be described later. In addition, banknote feeding mechanisms 135 and 137 are provided in the banknote storage units 134 and 136, respectively. Sheets are delivered one by one to the side of the circulating transport section 130a via the transport section 130b.

A collection cassette 140 is accommodated in a lower area inside the housing 101, and banknotes to be collected by the security transportation company are stored in the collection cassette 140. As shown in FIG. Specifically, the banknotes identified by the identifying unit 132 are sent from the circular conveying unit 130a to the recovery cassette 140 via the connecting conveying unit 130b. A door 140a is provided on the front side of the recovery cassette 140. By opening the door 140a, the recovery cassette 140 can be accommodated inside the housing 101 or the recovery cassette 140 can be taken out from the inside of the housing 101. can do.

Next, the configuration of the coin processing unit 150 will be described. As shown in FIGS. 2 and 4, the coin processing unit 150 includes a coin receiving section 152 provided on the left side of the front side of the housing 101 and a coin receiving section 152 provided on the front side of the housing 101 below the coin receiving section 152. and a plurality of storing/feeding portions 160 which store coins inside the housing 101 and can feed the stored coins.

The coin receiving unit 152 takes in the coins received through the coin slot into the housing 101 one by one in a one-layer, one-row state. Specifically, the coin receiving portion 152 is provided with a coin feeding mechanism 153 (see FIG. 5) comprising a feeding belt or the like. As a result, the coin feeding mechanism 153 feeds the coins into the housing 101 one by one. In addition, as shown in FIG. 4 , the coin receiving section 152 is connected to a deposit conveying section 154 that conveys coins fed into the housing 101 by the coin receiving section 152 .

As shown in FIG. 4, an identification unit 156 for identifying coin denomination, authenticity, fitness, front and back, conveying state, etc., and a first branching unit 158 are provided in the middle of the deposit transport unit 154. It is The first branching unit 158 branches the coins to be dispensed from the coin dispensing unit 166 (rejected coins, etc.) from the deposit transport unit 154 and guides them to the disbursement transport unit 162 based on the identification results of the coins by the discriminating unit 156 . .

On the other hand, coins (normal coins, etc.) to be stored in the housing 101 are transported to each storing and feeding unit 160 by the deposited transport unit 154 . The storing and feeding unit 160 stores coins by denomination and is configured to be able to feed the stored coins. For example, there are six storing and feeding units 160 corresponding to six denominations of coins (500-yen coin, 100-yen coin, 50-yen coin, 10-yen coin, 5-yen coin, and 1-yen coin) circulating in Japan. are provided, and coins are stored by denomination in each storing/feeding unit 160 in descending order from the upstream side (that is, the lower side in FIG. 4) of the deposit transport unit 154 . Further, the storing and feeding unit 160 is provided with a coin feeding mechanism 153 (see FIG. 5) that feeds out the coins stored in the storing and feeding unit 160 one by one to the dispensing transport unit 162 .

The payout transport unit 162 transports the coins fed from the storage and feed unit 160 to the coin payout unit 166 . In addition, the withdrawal transport section 162 transports the rejected coins or the like branched from the deposit transport section 154 by the first branching section 158 to the coin dispensing section 166 .

A collection cassette 170 is accommodated in the lower area inside the housing 101, and coins to be collected by the security transportation company are stored in the collection cassette 170. As shown in FIG. Specifically, as shown in FIG. 4, a second branching portion 164 is provided in the middle of the withdrawal transportation portion 162, and the second branching portion 164 branches from the withdrawal transportation portion 162. Coins are sent to a recovery cassette 170 and stored in this recovery cassette 170 . A door 170a is provided on the front side of the recovery cassette 170. By opening the door 170a, the recovery cassette 170 can be accommodated inside the housing 101 or the recovery cassette 170 can be taken out from the inside of the housing 101. can do.

<Configuration of control system of money handling device>
Next, the configuration of the control system of the money handling apparatus 100 will be described. FIG. 5 is a block diagram showing the configuration of the control system in the money handling apparatus 100. As shown in FIG. As shown in FIG. 5 , a control unit 102 is provided inside a housing 101 of the money handling apparatus 100 , and the control unit 102 controls each of the banknote handling unit 110 , the coin handling unit 150 and the wrapped coin storage unit 180 . components are controlled.

Specifically, the control unit 102 is connected with the banknote feeding mechanism 121, the transport unit 130, the identification unit 132, the banknote feeding mechanisms 135 and 137, the cassette mounting unit 126, the reader/writer 128, and the like of the banknote processing unit 110. , bill identification information from the identification unit 132 and data read by the reader/writer 128 from the IC tag provided in the bill cassette are sent to the control unit 102 , and the control unit 102 sends information to each component of the bill processing unit 110 . These components are controlled by sending command signals.

The control unit 102 also includes a coin feeding mechanism 153 of the coin processing unit 150, a deposit transport unit 154, an identification unit 156, a first branch unit 158, each storage and feed unit 160, a payment transport unit 162, and a second branch unit 164. etc. are connected, the identification information of the coin by the identification unit 156 is sent to the control unit 102, and the control unit 102 sends a command signal to each component of the coin processing unit 150, thereby controlling these components. I do.

Further, the control unit 102 is connected to the lock mechanism 184 of the wrapped coin storage unit 180, the weighing scale 186, and the like. By sending a command signal to the lock mechanism 184, the lock mechanism 184 is controlled.

The locking mechanism 184 is a mechanism for locking the drawer portion of the wrapped coin storage unit 180 inside the housing 101 , and locks the drawer portion inside the housing 101 when the drawer portion is locked inside the housing 101 . It is not possible to pull it out from the front side, and the storing and taking out of the wrapped coins are restricted. The weight scale 186 measures the weight of the wrapped coins stored in the wrapped coin storage unit 180 . Based on the weight of the wrapped coins measured by the weighing scale 186, the controller 102 detects the number of wrapped coins stored in the wrapped coin storage unit 180. FIG.

Further, as shown in FIG. 5, an operation display unit 104 and a storage unit 105 are connected to the control unit 102, respectively. The operation display unit 104 is composed of a touch panel or the like provided on the upper part of the housing 101, and includes an operation screen for operation by an operator, and an operation display unit 110, a coin processing unit 150, and a wrapped coin storage unit 180. The operation display unit 104 displays information related to the amount of money in hand. Further, in the operation display unit 104 as described above, the operator can input various commands to the control unit 102 by touching the operation buttons on the operation screen with a finger.

The storage unit 105 is a storage device such as a non-volatile memory or hard disk device, and stores balance data 105a, deposit data 105b, own device secret key data 105c, and portable terminal public key data 105d. The amount-of-money data 105 a indicates the amount of money stored in each of the banknote processing unit 110 , the coin processing unit 150 , the wrapped coin storage unit 180 , the recovery cassette 140 and the recovery cassette 170 .

The deposit data 105b is data relating to deposit by the money handling apparatus 100, and includes deposit date/time, depositor ID, and deposit amount. The self-device private key data 105c is data indicating the private key assigned to the money handling device 100, and corresponds to the private key d1 shown in FIG. The mobile terminal public key data 105d is data relating to the public key assigned to the mobile terminal 20, and corresponds to the public key e2 shown in FIG.

The control unit 102 is a control unit that performs overall control of the money handling apparatus 100, and has a deposit management unit 102a, an electronic signature processing unit 102b, an encryption processing unit 102c, an encoding processing unit 102d, and a display control unit 102e. Actually, by loading and executing these programs in a CPU (Central Processing Unit), the deposit management unit 102a, the electronic signature processing unit 102b, the encryption processing unit 102c, the encoding processing unit 102d, and the display control unit 102e will execute the corresponding process.

The deposit management unit 102a is a processing unit that manages the amount of deposit. The deposit management unit 102a instructs the banknote processing unit 110 to store banknotes when the banknote cassette is attached. When the banknote processing unit 110 draws out and stores the banknotes from the banknote cassette, the deposit management unit 102a updates the deposit data 105b with the amount of the stored banknotes. In addition, the deposit management unit 102a manages the amount of money stored in the money processing apparatus 100 as balance data 105a. Further, when the deposit management unit 102a receives a predetermined deposit data transfer operation from the operation display unit 104, the deposit management unit 102a instructs the electronic signature processing unit 102b to apply an electronic signature to the deposit data 105b.

When the electronic signature processing unit 102b receives an instruction from the deposit management unit 102a, it electronically signs the deposit data 105b using its own apparatus secret key data 105c. For example, if a prime number n commonly used in this money handling system is determined, the device's private key data 105c is "d1", and the deposit data 105b is M, then
S=M^d1 mod n (1 formula)
to generate the signature data S. In the present embodiment, "^" indicates exponentiation, and "mod" indicates remainder operation. After generating the signature data, the electronic signature processing unit 102b instructs the encryption processing unit 102c to perform encryption. Further, it is assumed that the electronic signature described in this embodiment is processed in the same manner. Here, the electronic signature is applied to all the deposit data 105b, but it is also possible to apply the signature only to the total amount obtained by adding the deposit amount of each cashier ID.

The encryption processing unit 102c encrypts the signature data S using the mobile terminal public key data 105d. For example, if the mobile terminal public key data 105d is "e2" and the signature data is S,
C=S^e2 mod n (2 equations)
to generate encrypted data C. After generating the encrypted data, the encryption processing unit 102c instructs the encoding processing unit 102d to perform encoding.

The encoding processing unit 102d is a processing unit that encodes the encrypted data C into a two-dimensional code. Since such two-dimensional encoding is a well-known technique, detailed description thereof will be omitted here. After completing the encoding process, the display control unit 102e is instructed to control the display of the two-dimensional code. The display control unit 102e displays the two-dimensional code encoded by the encoding processing unit 102d on the operation display unit 104. FIG.

Next, an example of data stored in the storage unit 105 of the money handling apparatus 100 shown in FIG. 5 will be described. FIG. 6 is a diagram showing an example of the balance data 105a, deposit data 105b, own device secret key data 105c, and portable terminal public key data 105d shown in FIG.

As shown in FIG. 6A, the balance data 105a manages the amount of money stored in the money handling apparatus 100 by denomination. FIG. 6A shows a state where the number of 10,000-yen bills is "47" and the number of 5,000-yen bills is "3".

In addition, as shown in FIG. 6B, the deposit data 105b includes the deposit date and time, the cashier ID and the deposit amount. Specifically, the deposit data 105b is associated with the deposit date and time “2020/01/01 20:35:00”, the cashier ID “U001”, and the deposit amount “213,000 yen”. The deposit data 105b is associated with the deposit date and time “2020/01/01 20:57:00”, the cashier ID “U013”, and the deposit amount “365000 yen”.

Further, as shown in FIG. 6(c), the own device private key data 105c indicates that the private key assigned to the money handling device 100 is "abcdefg1234567". Further, as shown in FIG. 6D, the mobile terminal public key data 105d indicates that the public key assigned to the mobile terminal 20 is "zxcvbnm2345678".

<Configuration of mobile terminal 20>
Next, the configuration of the mobile terminal 20 shown in FIG. 1 will be described. FIG. 7 is a functional block diagram showing the configuration of mobile terminal 20 shown in FIG. As shown in FIG. 7 , the mobile terminal 20 has an operation display section 21 , a camera 22 , a communication section 23 , a storage section 24 and a control section 25 . For the convenience of explanation, explanations of parts and functional units that are not directly related to the present invention will be omitted here.

The operation display unit 21 is an input/output device such as a liquid crystal touch panel. The camera 22 is an imaging device provided on the back surface of the mobile terminal 20 or the like. The communication unit 23 is an interface unit for communicating with other terminals via a wireless communication network.

The storage unit 24 is a storage device composed of a non-volatile memory or the like, and stores own device secret key data 24a, relay management device public key data 24b, and deposit data 24c. The self-device private key data 24 a is data indicating the private key assigned to the mobile terminal 20 . The relay management device public key data 24 b is data indicating the public key assigned to the relay management device 30 . The deposit data 24c is data relating to the deposit amount of the depositor.

The control unit 25 is a control unit that performs overall control of the mobile terminal 20, and has a deposit management unit 25a, a decryption processing unit 25b, and a restoration conversion processing unit 25c. Actually, by loading these programs into the CPU and executing them, the deposit management unit 25a, the decryption processing unit 25b, and the restoration conversion processing unit 25c are caused to execute corresponding processes.

The deposit management unit 25 a is a processing unit that manages the deposit amount of the depositor based on the deposit data included in the signature data transmitted from the relay management device 30 .

The decryption processing unit 25 b is a processing unit that decrypts the encrypted data encrypted with the public key assigned to the mobile terminal 20 . If the private key data 24a of the device itself is "d2", the encrypted data is C, and the signature data is S,
S=C^d2 mod n (3 equations)
to generate the signature data S. After generating the signature data, the decryption processing unit 25 b transmits the signature data to the relay management device 30 .

The restoration conversion processing unit 25c is a processing unit that, upon receiving the signature data transmitted from the relay management device 30, restores and converts the signature data. Specifically, if the deposit data is M, the signature data is S, and the public key of the relay management device public key data 24b is e3,
M=S^e3 mod n (4 equations)
restores and transforms the deposit data M. Here, if the reconverted deposit data M is meaningful (for example, it has meaning as deposit data), the reconverted deposit data M is authenticated as valid. If the received data M is authenticated as valid, the received data M is instructed to be managed by the received money management unit 25a.

Next, an example of data stored in the storage unit 24 of the mobile terminal 20 shown in FIG. 7 will be described. FIG. 8 is a diagram showing an example of the device private key data 24a, the relay management device public key data 24b, and the deposit data 24c shown in FIG.

As shown in FIG. 8A, the device private key data 24a indicates that the device private key assigned to the mobile terminal 20 is "bcdefgh0123456". Also, the relay management device public key data 24b shown in FIG. 8B indicates that the public key assigned to the relay management device 30 is "poiuytr4567890".

In addition, as shown in FIG. 8(c), the deposit data 24c includes deposit date and time, deposit amount, and deposit confirmation date and time. Specifically, the deposit data 24c associates the deposit date and time “2020/01/01 21:00:00”, the deposit amount “578000 yen”, and the deposit confirmation date and time “2020/01/01 21:00:30”. ing.

<Configuration of Relay Management Device 30>
Next, the configuration of the relay management device 30 shown in FIG. 1 will be described. FIG. 9 is a block diagram showing the configuration of relay management device 30 shown in FIG. As shown in FIG. 9 , the relay management device 30 is connected to a display section 31 and an input section 32 and has a communication section 33 , a storage section 34 and a control section 35 .

The display unit 31 is a display device such as a liquid crystal panel or a display device. The input unit 32 is an input device such as a keyboard and mouse. The communication unit 33 is an interface unit for connecting to the Internet.

The storage unit 34 is a storage device such as a non-volatile memory or a hard disk device, and stores own device secret key data 34a and money handling device public key data 34b. The self-device private key data 34a is data indicating the private key assigned to the relay management device 30, and corresponds to the private key d3 shown in FIG. The money handling apparatus public key data 34b is data indicating the public key assigned to the money handling apparatus 100, and corresponds to the public key e1 shown in FIG.

The control unit 35 is a control unit that performs overall control of the relay management device 30, and has a deposit management unit 35a, a restoration conversion processing unit 35b, and a signature processing unit 35c. Actually, by loading these programs into the CPU and executing them, the deposit management section 35a, the restoration conversion processing section 35b, and the signature processing section 35c are caused to execute their corresponding processes.

The deposit management unit 35a is a processing unit that manages the amount of deposits related to all the money handling apparatuses 100 included in the money handling system.

Upon receiving the signature data, the restoration conversion processing unit 35b restores and converts the signature data using the money handling apparatus public key data 34b of the money handling apparatus 100 that is the legitimate sender. Specifically, if the deposit data is M, the signature data is S, and the public key of the money handling device public key data 34b is e1,
M=S^e1 mod n (5 equations)
restores and transforms the deposit data M. Here, if the reconverted deposit data M is meaningful (for example, it has meaning as deposit data), the reconverted deposit data M is authenticated as valid. If the received data M is authenticated as valid, the received data M is instructed to be managed by the received money management unit 35a, and the signature processing unit 35c is instructed to sign the received money data M. FIG.

When the signature processing unit 35c receives a signature instruction from the restoration conversion processing unit 35b, the signature processing unit 35c electronically signs the deposit data M using the self-device secret key data 34a. For example, if the device private key data 105c is "d3",
S2=M^d3 mod n (6 equations)
generates the signature data S2, and transmits the generated signature data to the management device 40 and the portable terminal 20. FIG.

Next, an example of data stored in the storage unit 34 of the relay management device 30 shown in FIG. 9 will be described. FIG. 10 is a diagram showing an example of the own device secret key data 34a and the money handling device public key data 34b shown in FIG.

As shown in FIG. 10A, the device private key data 34a indicates that the device private key assigned to the relay management device 30 is "cdefghi9012345". Further, as shown in FIG. 10B, the money handling apparatus public key data 34b indicates that the public key assigned to the money handling apparatus 100 is "mnbvcxz5678901".

<Configuration of management device 40>
Next, the configuration of the management device 40 shown in FIG. 1 will be described. FIG. 11 is a functional block diagram showing the configuration of management device 40 shown in FIG. As shown in FIG. 11 , the management device 40 is connected to a display section 41 and an input section 42 and has a communication section 43 , a storage section 44 and a control section 45 .

The display unit 41 is a display device such as a liquid crystal panel or a display device. The input unit 42 is an input device such as a keyboard and mouse. The communication unit 43 is an interface unit for connecting to the Internet.

The storage unit 44 is a storage device composed of a non-volatile memory or the like, and stores relay management apparatus public key data 44a and transfer processing data 44b. The relay management device public key data 44a is data indicating the public key assigned to the relay management device 30, and corresponds to the public key e3 shown in FIG. The transfer processing data 44b is data indicating the transfer amount transferred to the depositor's account.

The control unit 45 is a control unit that performs overall control of the management device 40, and has a restoration conversion processing unit 45a and a transfer processing unit 45b. Actually, by loading these programs into the CPU and executing them, the restoration conversion processing section 45a and the transfer processing section 45b are caused to execute their corresponding processes.

Upon receiving the signature data S2 transmitted by the relay management device 30, the restoration conversion processing unit 45a restores and converts it using the relay management device public key data 44a corresponding to the relay management device 30 that is the transmission source. Specifically, if the deposit data is M, the signature data is S2, and the public key of the relay management device public key data 44a is e3,
M=S2^e3 mod n (equation 7)
restores and transforms the deposit data M. Here, if the reconverted deposit data M is meaningful (for example, it has meaning as deposit data), the reconverted deposit data M is authenticated as valid. If the deposit data M is authenticated as valid, the transfer processing unit 45b is instructed to perform the deposit processing based on the deposit data M. FIG.

The transfer processing unit 45b is a processing unit that performs transfer processing to the depositor's account. In the present embodiment, each cash register clerk of the store deposits money into the money handling apparatus 100, so the total deposit amount is deposited into the depositor's account (that is, the store's account). In addition, when a plurality of tenants share the money handling apparatus 100, the amount to be paid is transferred to each tenant's account.

Next, an example of data stored in the storage unit 44 of the management device 40 shown in FIG. 11 will be described. FIG. 12 is a diagram showing an example of the relay management device public key data 44a and transfer processing data 44b shown in FIG.

As shown in FIG. 12A, the relay management device public key data 44a indicates that the public key assigned to the relay management device 30 is "poiuytr4567890".

In addition, as shown in FIG. 12(b), the transfer processing data 44b includes transfer date and time, transfer destination account and transfer amount. Specifically, the transfer processing data 44b is associated with the transfer date and time “2020/01/01 21:00:00”, the account of the transfer destination “AAA”, and the transfer amount “578000 yen”.

Next, a processing procedure of the money handling apparatus 100 will be described. FIG. 13 is a flow chart showing the processing procedure of the money handling apparatus 100. As shown in FIG. First, when a banknote cassette is accepted (step S101), banknotes are stored (step S102), and the deposit data 105b is updated based on the deposit amount (step S103).

An electronic signature is applied to the data of the updated portion of the deposit data 105b using the device's own private key data 105c to generate signature data (step S104), and the signature data is encrypted using the portable terminal public key data 105d. (step S105).

The encrypted data is converted into a two-dimensional code or the like and displayed on the operation display unit 104 (step S106), and if an operation to finish reading the display data is received from the operation display unit 104 (step S107; Yes), processing is performed. exit.

As described above, in the money handling system according to the present embodiment, the signature data obtained by electronically signing the deposit data to the money handling device 100 is delivered to the mobile terminal 20 possessed by the cashier, and relay management is performed from the mobile terminal 20. The signature data is transmitted to the device 30, and the relay management device 30 authenticates the validity of the deposit data. Since it is configured to transmit, it is possible to accurately and efficiently notify the management device 40 of the deposit data of the money handling device while efficiently coping with unauthorized access by spoofing.

In the present embodiment, a case is shown in which bills dispensed from a change machine installed at each cash register of a store using a bill cassette are deposited into the money handling apparatus 100, but the present invention is limited to this. Instead, it can be applied to a case where a cash register clerk manually withdraws bills from a change machine and manually deposits the dispensed bills into the money handling apparatus 100 . Also, it can be applied to the case of depositing coins as well as banknotes.

In addition, in the present embodiment, the case of depositing money into the money handling apparatus 100 has been shown, but the present invention is not limited to this, and the present invention is not limited to a change machine in a store, a teller machine, or an automatic teller machine in a financial institution. It can also be applied when depositing money to each device such as.

In addition, in the present embodiment, the case of depositing money into the money handling apparatus 100 with money dispensed from a change machine installed at each register of a store such as a supermarket has been described, but the present invention is limited to this. A money handling device 100 shared by commercial facilities where a plurality of tenants enter is provided, and money dispensed from a change machine installed at each tenant's cash register is deposited into the money handling device 100.例文帳に追加It can also be applied in case In this case, each tenant's bank account is the transfer destination, so it is necessary to manage the deposit data for each tenant.

Also, in the present embodiment, the case of depositing money into the money handling apparatus 100 has been described, but the present invention is not limited to this, and the case of dispensing money such as a change reserve from the money handling apparatus 100 is described. can also be applied to This is because the management device 40 is useful when grasping the status of deposits and withdrawals of money. In this case, the transfer processing in the management device 40 shown in step S13 of FIG. 1 is not executed, but other processing is performed in the same manner as in FIG.

Further, in the present embodiment, the signature data is encrypted only when the deposit data or the like is transferred from the money handling device 100 to the mobile terminal 20, but the present invention is not limited to this, and the mobile terminal 20 to the relay management device 30, when the signature data is transmitted from the relay management device 30 to the management device 40, and when the signature data is transmitted from the relay management device 30 to the portable terminal 20, the same encryption is performed. processing can also be performed.

Further, in the present embodiment, when the signature data is restored and converted, if the restoration-converted payment data M is meaningful (for example, it has meaning as payment data), the restoration-converted payment data M Although the data M is authenticated as valid, the present invention is not limited to this. For example, a multi-layer neural network (CNN) is made to perform supervised learning by deep learning to generate a trained model, input the deposit data M restored from the signature data to the trained model, and output from the trained model. It is also possible to authenticate that the deposit data M is valid based on the probability that the deposit is made. In this case, the data patterns of correct and incorrect deposit data are used for the teacher data.

Further, in the present embodiment, a case where an electronic signature is applied using the deposit data itself as a message has been shown, but the present invention is not limited to this, and a hash value obtained by applying a one-way function to the deposit data Data including electronically signed data and deposit data can also be used as signature data. In this case, since the deposit data itself is included in the signature data, it is desirable to perform encryption processing separately.

Also, in this embodiment, the case of using encryption by RSA encryption and electronic signature has been shown, but the present invention is not limited to this, and can also be applied to the case of using other encryption and electronic signature. can be done.

Further, in the present embodiment, a case has been described in which the deposit data of the money handling device 100 is transferred to the management device 40, but the present invention is not limited to this, and the virtual currency of the money handling device 100 is transferred to the management device 40. It can also be applied when passing to Further, in the present embodiment, the signature data obtained by converting the deposit data of the money handling device 100 into a two-dimensional code is displayed, and the two-dimensional code is read by the camera of the mobile terminal. However, the present invention is not limited to this. Alternatively, the signature data can be transferred from the money processing device 100 to the portable terminal 20 by short-range wireless communication.

In the above embodiment, a two-dimensional code such as a QR code (registered trademark) is used. Graphical codes can also be used.

Further, in the above embodiment, the electronic signature is performed using a finite field GF(n) based on a prime number n, but the present invention is not limited to this. It is also possible to use an extension field GF(p^m) of a finite field based on

<Modification 1>
In the above embodiment, the relay management device 30 and the management device 40 perform the authentication process, but the present invention is not limited to this, and the mobile terminal 20 can also perform the authentication process.

Specifically, it comprises a mobile terminal 20 possessed by a cashier who deposits money into the money handling apparatus 100, and a relay management apparatus 30 that performs relay processing of at least the deposit data deposited into the money handling apparatus 100. The processing device 100 delivers the first signature data obtained by applying the first electronic signature to the deposit data to the mobile terminal 20, and the mobile terminal 20 executes the money processing by the delivery source based on the restoration conversion result of the first signature data. If it is determined to be the device 100, the second signature data obtained by adding the second electronic signature to the first signature data is transmitted to the relay management device 30, and the relay management device 30 sends the second signature data to the relay management device 30. When it is determined that the notification source is the mobile terminal 20 based on the restored conversion result of the signature data, the third signature data obtained by adding the third electronic signature to the deposit data included in the second signature data is managed. It will be configured to notify the device.

<Modification 2>
In the above-described embodiment, a case has been described in which data such as the self-device secret key data 105c and the mobile terminal public key data 105d are set offline for the money handling device 100 before the operation of the money handling system is started. The invention is not limited to this, and can be configured to set or update necessary data before or during operation of the money handling system. In this modified example, a case of setting or updating data of the money handling apparatus 100 online using the setting information processing terminal 200 will be described.

First, an overview of the money handling system according to this modified example will be described. FIG. 14 is an explanatory diagram for explaining the outline of the money handling system according to this modification. The money processing device 100, the setting information management device 300, and the authentication device 400 shown in FIG. 14 can communicate via a communication network such as the Internet. Further, the money processing device 100 and the setting information processing terminal 200 can communicate by short-range wireless communication such as BLUETOOTH (registered trademark).

The setting information processing terminal 200 receives terminal authentication by communicating with the authentication device 400 when setting data of the money processing device 100 (step S21). At this time, terminal authentication is also performed for the money handling apparatus 100 (step S22). The authentication device 400 notifies the terminal authentication result to the setting information management device 300 (step S23).

The setting information processing terminal 200 downloads the setting data related to the money handling device 100 from the setting information management device 300 (step S24), and sets the money handling device 100 based on the setting data (step S25).

When the settings for the money handling device 100 are completed, the setting information processing terminal 200 transmits to the setting information management device 300 the completion of the setting and the location information of the setting location using the GPS function of the setting information processing terminal 200 ( step S26). The setting information management device 300 stores the setting status for the money handling device 100 and the position information of the setting place (step S27).

Thus, in the money handling system according to this modification, by configuring the setting information management device 300 and the authentication device 400, the data of the money handling device 100 can be set or updated online using the setting information processing terminal 200. can do.

In the modified example above, data setting for the money handling device 100 has been described, but the present invention is not limited to this, and devices such as change machines, ticket vending machines, lockers, money changers, and fare adjustment machines in shops are used. It can also be configured for

<Modification 3>
The present invention can also be applied to a money counting machine such as a banknote validating and counting machine that does not have a storage section. FIG. 15 is a perspective view showing an overview of the banknote recognition and counting machine 501. As shown in FIG. In the figure, the banknote recognition and counting machine 501 has a hopper section 503 in which banknotes are stacked in a stacked state on the upper front side of a housing 502, and a banknote counting machine 501 on the front surface of the housing 502 below the hopper section 503. - An operation display unit 504 is provided for performing various settings when performing identification processing and for displaying the processing status and the like. The operation display unit 504 has a plurality of operation buttons 504A for inputting processing operations and the like, and a display panel 504B for displaying information input by the operation buttons 504A and the counting state. By the input operation of , for example, bill counting/identification processing of a plurality of countries is executed.

In addition, the banknote recognition and counting machine 501 includes a stacker unit 505 in which the counted banknotes are aligned and stacked on the lower front side of the housing 502, and above the stacker unit 505, the banknotes excluded from the counting target are stacked. A portion 506 is provided. A member denoted by reference numeral 505A is an impeller for receiving bills conveyed to the stacker section 505 and aligning and stacking them in the stacker section 505 .

The banknote identification and counting machine 501 has a deposit mode and a withdrawal mode. It is possible to execute a transaction in which banknotes counted during the mode are treated as payment data.

In addition, each configuration illustrated in the above embodiment and modified examples is functionally schematic, and does not necessarily need to be physically configured as illustrated. That is, the form of distribution/integration of each device is not limited to the illustrated one, and all or part of them can be functionally or physically distributed/integrated in arbitrary units according to various loads and usage conditions. Can be configured.

A money handling system and a money handling method according to the present invention can be used when notifying a management device of money information relating to deposits or withdrawals to or from a money handling device while efficiently coping with unauthorized access by spoofing. Useful.

20 mobile terminal 21 operation display unit 22 camera 23 communication unit 24 storage unit 24a own device private key data 24b relay management device public key data 24c deposit data 25 control unit 25a deposit management unit 25b decryption processing unit 25c restoration conversion processing unit 30 relay Management device 31 Display unit 32 Input unit 33 Communication unit 34 Storage unit 34a Own device private key data 34b Money processing device public key data 35 Control unit 35a Deposit management unit 35b Restoration conversion processing unit 35c Signature processing unit 40 Management device 41 Display unit 42 Input unit 43 Communication unit 44 Storage unit 44a Relay management device public key data 44b Transfer processing data 45 Control unit 45a Restoration conversion processing unit 45b Transfer processing unit 100 Money processing unit 101 Housing 102 Control unit 102a Deposit management unit 102b Electronic signature processing unit 102c Encryption processing unit 102d Coding processing unit 102e Display control unit 104 Operation display unit 105 Storage unit 105a Balance data 105b Deposit data 105c Own device secret key data 105d Portable terminal public key data 110 Banknote processing unit 120 Banknote receiving unit 120a Banknote Receiving port 121, 135, 137 Banknote delivery mechanism 122 Banknote dispensing unit 122a Banknote outlet 124 Reject unit 126 Cassette mounting unit 126a, 140a, 170a Door 128 Reader/writer 130 Transport unit 130a Revolving transport unit 130b Connection transport unit 132, 156 Identification unit 134, 136 banknote storage units 140, 170 collection cassette 150 coin processing unit 152 coin receiving unit 153 coin feeding mechanism 154 deposit transport unit 156 identification unit 158 first branch unit 160 storage and feed unit 162 withdrawal transport unit 164 second branch unit 166 Coin dispensing unit 180 Wrapped coin storage unit 184 Lock mechanism 186 Weighing scale 200 Setting information processing terminal 300 Setting information management device 400 Authentication device 501 Banknote identification counter 502 Housing 502
503 Hopper section 504 Operation display section 504
504A Operation button 504B Display panel 505 Stacker 505A Impeller 506 Reject part

Claims (16)

A mobile terminal possessed by a user who deposits or withdraws money to or from a money handling device, and a relay management device for relaying at least money information related to the money deposited or withdrawn to or from the money handling device. ,
When depositing or withdrawing money, the money processing device generates first signature data obtained by electronically signing money information of the deposited or withdrawn money, and delivers the first signature data to the portable terminal;
When the relay management device determines that the money information is valid based on the restoration conversion result of the first signature data acquired from the portable terminal, the relay management device generates second signature data obtained by electronically signing the money information. and transmits it to a management device that manages the money information. The management device
When the money information included in the second signature data received from the relay management device is deposit information to be deposited into the money processing device, the deposit amount included in the deposit information is transferred to a predetermined financial institution account. 2. The money handling system according to claim 1, characterized in that it processes. A money handling device to which a first secret key (d1) and a first public key (e1) are assigned , and a mobile terminal to which a second secret key (d2) and a second public key (e2) are assigned , a relay management device to which a third secret key (d3) and a third public key (e3) are assigned, and which relays money deposit information to the money processing device,
The money handling device
generating encrypted data by encrypting first signature data obtained by electronically signing the deposit information with the first private key (d1 ) with the second public key (e2) , and generating encrypted data; to the mobile terminal,
The mobile terminal is
decrypting the encrypted data delivered from the money handling device with the second secret key (d2) to generate signature data, transmitting the generated signature data to the relay management device;
The relay management device
The signature data received from the portable terminal is restored and converted by the first public key (e1), and it is determined whether or not the deposit information included in the signature data is valid, and the deposit information is valid. If it is judged that the A money processing system characterized by transmitting information to a management device that manages deposit information. The management device
The second signature data received from the relay management device is restored and converted with a third public key (e3) assigned to the relay management device, and payment information included in the second signature data is valid. 4. The method according to claim 3, wherein if it is determined that the deposit information is valid, the deposit amount included in the deposit information is transferred to a predetermined financial institution account. money handling system. The relay management device
determining whether or not the deposit information included in the first signature data is valid by restoring and converting the first signature data received from the mobile terminal using the first public key (e1) ; If the deposit information is determined to be valid, the deposit information is electronically signed with a third secret key (d3) assigned to the device to generate second signature data, and the generated second signature data is generated. 4. The money handling system according to claim 3, wherein the signature data of is transmitted to the portable terminal. The mobile terminal is
6. The money handling system according to any one of claims 1 to 5, wherein said money handling device is a portable terminal possessed by a person in charge of a store who deposits money into said money handling device. The money handling device
displaying, on a predetermined display unit, a graphic code obtained by converting the first signature data obtained by electronically signing the deposit information into a graphic code;
The mobile terminal is
6. The first signature data is obtained based on the image of the graphic code obtained by capturing an image of a predetermined display unit of the money handling device with a predetermined image capturing unit. The money handling system described in 1. The money handling device
6. The money handling system according to any one of claims 3 to 5 , wherein first signature data obtained by applying an electronic signature to said deposit information is transmitted to said mobile terminal by short-range wireless communication. The relay management device
inputting payment information obtained by restoring and transforming the signature data with the first public key ( e1 ) to a trained model generated by supervised learning using a plurality of pieces of payment information for learning; The money processing according to any one of claims 3 to 5 , characterized in that whether or not the deposit information included in the signature data is valid is determined based on the output result from the learned model. system. A mobile terminal possessed by a user who deposits money into the money handling device;
The money handling device
Delivering first signature data obtained by applying a first electronic signature to the deposit information to the portable terminal;
The mobile terminal is
When the deposit information included in the first signature data is determined to be valid based on the restoration conversion result of the first signature data, a second processing is performed on the deposit information included in the first signature data. transmitting the second signature data with the electronic signature of to the relay management device;
The relay management device
When the deposit information included in the second signature data is determined to be valid based on the restoration conversion result of the second signature data, the deposit information included in the second signature data is subjected to a third A money handling system characterized by transmitting the third signature data with the electronic signature of (1) to a management device that manages the deposit information. The management device
If the deposit information included in the third signature data is determined to be valid by the restoration conversion result of the third signature data, the deposit amount of the deposit information included in the third signature data is specified. 11. The money handling system according to claim 10, wherein the money is transferred to the financial institution account of . a money handling device to which a first private key (d1) and a first public key (e1) are assigned;
a mobile terminal to which a second secret key (d2) and a second public key (e2) are assigned and possessed by a user who withdraws money to the money handling apparatus;
a relay management device to which a third secret key (d3) and a third public key (e3) are assigned and which relays payment information of money dispensed to the money handling device;
The money handling device
generating encrypted data by encrypting the first signature data obtained by electronically signing the withdrawal information with the first secret key (d1 ) with the second public key (e2) , and the generated cipher delivering data to the mobile terminal;
The mobile terminal is
decrypting the encrypted data delivered from the money handling device with the second secret key (d2) to generate signature data, transmitting the generated signature data to the relay management device;
The relay management device
determining whether or not the payment information included in the signature data is valid by restoring and converting the signature data received from the portable terminal using the first public key (e1) , and determining whether the payment information is valid; If it is determined that it is, the electronic signature is applied to the payment information with the third secret key (d3) assigned to the self device to generate the second signature data, and the generated second signature data to a management device that manages the payment information. a portable terminal possessed by a user who withdraws money from the money handling device;
The money handling device
Delivering first signature data obtained by applying a first electronic signature to the withdrawal information to the mobile terminal;
The mobile terminal is
When it is determined that the withdrawal information included in the first signature data is valid based on the restoration conversion result of the first signature data, for the withdrawal information included in the first signature data transmitting the second signature data with the second electronic signature to the relay management device;
The relay management device
If the withdrawal information included in the second signature data is determined to be valid based on the restoration conversion result of the second signature data, for the withdrawal information included in the second signature data A money handling system characterized by transmitting third signature data with a third electronic signature to a management device that manages the withdrawal information. A portable terminal possessed by a user who deposits or withdraws money to or from the money handling device, and a relay management device for relaying at least money information related to the money deposited or withdrawn from the money handling device. A money handling method in a money handling system,
a step of generating first signature data obtained by electronically signing money information of the deposited or withdrawn money and delivering the first signature data to the portable terminal when the money handling device deposits or withdraws money;
When the relay management device determines that the money information is valid based on the restoration conversion result of the first signature data acquired from the portable terminal, second signature data obtained by electronically signing the money information. and a step of generating and transmitting to a management device that manages the money information. A money handling device to which a first secret key (d1) and a first public key (e1) are assigned, and a money handling device to which a second secret key (d2) and a second public key (e2) are assigned A portable terminal possessed by a user who deposits money into the device, and deposit information of money to which a third secret key (d3) and a third public key (e3) are assigned and deposited into the money handling device. A money handling method in a money handling system having a relay management device that performs relay processing of
The money handling device generates encrypted data by encrypting first signature data obtained by electronically signing the deposit information with the first secret key (d1) with the second public key (e2). , delivering the generated encrypted data to the mobile terminal;
a step in which the mobile terminal decrypts the encrypted data delivered from the money handling device with the second secret key (d2) to generate signature data, and transmits the generated signature data to the relay management device; and,
The relay management device restores and converts the signature data received from the portable terminal using the first public key (e1), and determines whether or not the payment information included in the signature data is valid, If the deposit information is determined to be valid, the deposit information is electronically signed with a third secret key (d3) assigned to the device to generate second signature data, and the generated second signature data is generated. and a step of transmitting the signature data of the above to a management device that manages the deposit information. A money handling method in a money handling system comprising: a mobile terminal possessed by a user who deposits money into a money handling machine; hand,
a step in which the money handling device delivers first signature data obtained by applying a first electronic signature to the deposit information to the portable terminal;
the deposit information included in the first signature data when the mobile terminal determines that the deposit information included in the first signature data is valid as a result of restoration conversion of the first signature data; a step of transmitting to the relay management device second signature data obtained by applying a second electronic signature to
When the relay management device determines that the deposit information included in the second signature data is valid based on the restoration conversion result of the second signature data, the deposit information included in the second signature data and transmitting third signature data obtained by applying a third electronic signature to the information to a management device that manages the deposit information.

Images