JP7341207B2 - Terminal, its control method, and program - Google Patents

Description

The present invention relates to a terminal , a control method thereof, and a program.

In recent years, FIDO (Fast Identity Online) has been attracting attention as a new authentication system including biometric authentication. If biometric information such as fingerprints and veins used in biometric authentication is leaked to the outside, unlike passwords in ID/password authentication, the information cannot be rewritten, so information leakage would be fatal. In contrast, with FIDO, authentication work is not performed on a server via the Internet, but on a terminal in the user's hands. Therefore, biometric information does not flow over the network, reducing the risk of information leakage.

On the other hand, in recent years, many remittance systems have been put into operation that allow money to be sent and received from mobile terminals such as smartphones. There have also been cases of misuse of these systems, such as fraud cases where impersonation is used to make fraudulent remittance requests, and extortion cases where unilateral remittances are made and then extortion of loans is made. Due to the prevalence of such incidents, users of remittance systems may become wary of fraud or extortion caused by impersonation, and may avoid using online remittance functions. In Patent Document 1, a remittance source user and a remittance destination user mutually manage a common reception code, thereby realizing remittance after mutually verifying the identity of each other. This makes it possible to prevent fraud due to mistaken remittances or impersonation.

Japanese Patent Application Publication No. 2011-013959

In Patent Document 1, there is a problem in usability because the remittance source user needs to share the reception code with the remittance destination user by any method such as telephone or direct conversation.

The present invention aims to improve convenience for both remittance source users and remittance destination users, while eliminating user concerns when using online remittance functions.

In order to solve the above problems, the present invention has the following configuration. In other words, it is a terminal that executes an application for using a social network service, and a display that accepts a selection designation of another user registered in the social network service by the user of the terminal, and a remittance to the other user. through means for providing a display that accepts an instruction for remittance, a display that accepts an instruction for the remittance amount in the remittance instruction , and a means for reading biometric information provided in the terminal when the remittance instruction is accepted. Upon successful authentication processing performed on the terminal using the obtained biometric information of the user , signature data created using a private key held in association with the biometric information in the terminal. a transmission means for transmitting the signature data to a management system that manages a public key that is a pair of the private key ; A message sent from the management system when remittance processing based on the remittance amount according to the remittance instructions to the user is executed, and the message indicates that the remittance processing has been performed. and receiving means for receiving the message, and the providing means further includes a message that is received by the receiving means on a screen on which a message posted between the user and the other user in the social network service is displayed. provides a display of the message that has been sent.

According to the present invention, it is possible to improve the convenience of both the remittance source user and the remittance destination user, and to eliminate user concerns when using an online remittance function.

1 is a diagram showing an example of the overall configuration of a system according to the present invention. FIG. 2 is a diagram showing an example of the hardware configuration of a remittance source terminal and a remittance destination terminal according to the present invention. 1 is a diagram showing an example of the hardware configuration of a remittance management server according to the present invention. FIG. 1 is a diagram showing an example of a software configuration according to the present invention. The figure which shows the example of UI of the remittance source terminal and the remittance destination terminal based on 1st Embodiment. FIG. 3 is a diagram showing a biometric information registration sequence according to the present invention. FIG. 3 is a diagram showing a biometric information authentication sequence according to the present invention. FIG. 3 is a diagram showing a sequence from remittance processing to receipt processing according to the first embodiment. FIG. 3 is a diagram showing a sequence from a remittance request to remittance processing according to the first embodiment. 5 is a flowchart showing remittance-related message generation processing by the remittance management server according to the present invention. The figure which shows the example of UI of the remittance source terminal and the remittance destination terminal based on 2nd Embodiment. FIG. 7 is a diagram showing a sequence from a remittance request to remittance processing according to the second embodiment. The figure which shows the example of UI of the remittance source terminal and the remittance destination terminal based on 3rd Embodiment.

DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, embodiments for carrying out the invention will be described with reference to the drawings.

<First embodiment>
[Overall system configuration]
FIG. 1 is a diagram showing an example of the overall configuration of a system according to this embodiment.

In the system according to this embodiment, a remittance source terminal 100, a remittance destination terminal 110, and a remittance management server 120 are connected via a network 130. The network 130 is, for example, a LAN such as the Internet, a WAN, a dedicated digital line, or a communication network realized by a combination of these.

The remittance source terminal 100 and the remittance destination terminal 110 are mobile terminals, and communicate with the remittance management server 120 to perform remittance processing. Further, the remittance source terminal 100 and the remittance destination terminal 110 are equipped with sensors for acquiring biometric information for authenticating individuals, and also run programs for verifying and authenticating the biometric information. Further, a plurality of remittance source terminals 100 and a plurality of remittance destination terminals 110 may each exist. In this embodiment, the remittance source terminal 100 requests the remittance management server 120 to send a remittance to the remittance destination terminal 110. On the other hand, the remittance destination terminal 110 requests the remittance management server 120 to request or receive remittance from the remittance source terminal 100 . Please note that the remittance destination terminal and sender terminal are names given for convenience of explanation, and do not mean that each terminal is limited to only being able to send or receive money. do not have. Furthermore, the remittance source terminal 100 and the remittance destination terminal 110 can utilize social network services (SNS) by linking and connecting with various servers.

The remittance management server 120 is a server computer that provides remittance functions such as a remittance function and a remittance request function. Note that although only one remittance management server 120 is shown in FIG. 1, the configuration is not limited to this, and a management system configured in a distributed manner using a plurality of cases may be used.

[Hardware configuration]
FIG. 2 is a diagram showing an example of the hardware configuration of the remittance source terminal 100 and the remittance destination terminal 110 according to the present embodiment.

A system bus 201 controls the flow of data within the device. Each part provided in the device is communicably connected via a system bus 201. A CPU (Central Processing Unit) 202 controls the entire device. The CPU 202 executes application programs, an OS (Operating System), etc. stored in an HDD (Hard Disc Drive) 205. Further, the CPU 202 controls the RAM (Random Access Memory) 203 to temporarily store information, files, etc. necessary for executing the program.

The RAM 203 is a temporary storage means and functions as the main memory, work area, etc. of the CPU 202. A ROM (Read Only Memory) 204 is a nonvolatile storage means, and stores various data such as basic I/O programs therein. The HDD (Hard Disc Drive) 205 is one of external storage means, functions as a large-capacity memory, and stores application programs such as a web browser, programs of a service server group, an OS, related programs, and the like.

A TPM (Trusted Platform Module) 206 is a storage device (chip) with tamper resistance that prevents stored data from being read from the outside for the purpose of processing or storing confidential information. In this embodiment, authenticators 420 and 450, which will be described later, are used to store feature amounts and secret keys of biometric information used for authentication.

The TPM 206 is a security chip that functions independently of the Operating System (OS) and other hardware, and serves as a tamper-resistant storage means for processing and storing confidential information. In the present invention, the TPM 221 stores biometric information of a user (or its feature amount) used for biometric authentication and a secret key required for authentication processing to be described later. In addition, as an alternative storage means with tamper resistance to TPM, in order to achieve tamper resistance, a secure memory space that operates isolated from others on one chip is secured in the terminal, and the memory space is It is also possible to adopt a method of managing the user's biometric information (or its characteristics), private key, etc.

A NIC (Network Interface Card) 207 is used when the device exchanges data with an external device via the network 130.

The biometric information sensor 208 is a sensor that reads the user's biometric information, and for example, reads information such as the user's fingerprint, iris, vein, etc., and converts it into a signal. In this embodiment, a fingerprint reading sensor and a camera will be used as examples of the biometric information sensor 208, but the biometric information sensor 208 is not limited thereto, and other biometric information sensors may be used. Alternatively, a configuration may be adopted in which fingerprint information or facial information is read at the same time as the user touches the touch panel 209 or performs input, and converts it into an electrical signal. Further, the type of biometric information is not particularly limited to the above information, and may be configured to be selectable by the user, for example.

The touch panel 209 has two functions: display and input. It displays the application screen, keyboard, etc., and also displays the screen position touched by the user by applying pressure to the screen with a hand or a special pen. Outputs information as an information signal. By using the output signal information by the application, the user can operate the application through the touch panel 209.

Note that the above configuration is an example, and is not limited to the configuration example shown in FIG. 2. For example, the storage location of data and programs can be changed to RAM 203, ROM 204, HDD 205, etc. depending on their characteristics. The device may also be equipped with a USB interface. The biological information sensor 208 can also be realized by external hardware connected via USB. Further, if the device is a mobile phone or the like, it is also possible to include other components (not shown) such as hardware for a telephone call function. When the CPU 202 executes processing based on the program stored in the HDD 205, a software configuration as shown in FIG. 4 is realized.

FIG. 3 is a diagram showing an example of the hardware configuration of the remittance management server 120 according to this embodiment.

A system bus 301 controls the flow of data within the device. Each part provided in remittance management server 120 is communicably connected via system bus 301. The CPU 302 controls the entire device. The CPU 302 executes application programs, OS, etc. stored in the HDD 305. Further, the CPU 302 controls the RAM 303 to temporarily store information, files, etc. necessary for executing the program.

The RAM 303 is a temporary storage means and functions as the main memory, work area, etc. of the CPU 302. The ROM 304 is a nonvolatile storage means, and stores various data such as basic I/O programs therein. The HDD 305 is one of external storage means, functions as a large-capacity memory, and stores application programs such as a web browser, programs of a service server group, an OS, related programs, and the like.

The TPM 306 is a storage means (chip) having tamper resistance that prevents stored data from being read from the outside for the purpose of processing or storing confidential information. In this embodiment, information registered in cooperation with the remittance source terminal 100 and the remittance destination terminal 110 connected via the network 130 is held. The NIC 307 is used when the remittance management server 120 exchanges data with an external device via the network 130.

Note that the above configuration is an example, and is not limited to the configuration example shown in FIG. 3. For example, the storage location of data and programs can be changed to RAM 303, ROM 304, HDD 305, etc. depending on their characteristics. Further, the remittance management server 120 can also include a USB interface. The software configuration shown in FIG. 4 is realized by the CPU 302 executing processing based on the program stored in the HDD 305.

[Software configuration]
FIG. 4 is a diagram showing an example of the software configuration according to this embodiment. Here, a configuration is shown in which a remittance source terminal 100 and a remittance destination terminal 110 are connected via a remittance management server 120 so that data can be sent and received.

First, the configuration of the remittance source terminal 100 will be explained. The remittance source terminal 100 includes a remittance terminal application 400, an authentication client 410, and an authenticator 420. The remittance terminal application 400 is stored in the HDD 205 of the remittance source terminal 100 and executed by the CPU 202. The remittance terminal application 400 is configured to include a communication section 401 and a message control section 402. The communication unit 401 communicates with the remittance management server 120 via the NIC 207 . Message control unit 402 displays on touch panel 209 the remittance related message received by communication unit 401 from remittance management server 120 . Details of the remittance-related messages will be described later.

Authentication client 410 is stored in HDD 205 of remittance source terminal 100 and executed by CPU 202. The authentication client 410 includes a registration control section 411 and an authenticator management section 412. Note that in a system to which FIDO is applied, the authentication client 410 corresponds to the FIDO client. The FIDO client uses a well-known configuration, and a detailed explanation will be omitted. The registration control unit 411 manages information necessary for authentication with the remittance management server 120. The authenticator management unit 412 manages one or more authenticators. In this embodiment, it is assumed that the authenticator management unit 412 manages the authenticator 420.

The authenticator 420 is stored in the HDD 205 of the remittance source terminal 100 and executed by the CPU 202. The authenticator 420 includes a biometric information registration processing section 421, a biometric authentication processing section 422, and an authentication information storage section 423. The biometric information registration processing unit 421 executes biometric information registration processing. The biometric information registration process is a process for registering biometric information input by the user, and details will be described later. The biometric authentication processing unit 422 executes biometric authentication processing. The biometric authentication process is a process of determining whether or not the biometric information to be used is valid, depending on the biometric information to be used, and the details will be described later. Further, the authentication information storage unit 423 stores information necessary for authentication, such as a private key that becomes a pair of the public key to be registered with the remittance management server 120, in the TPM 206.

Next, the configuration of the remittance destination terminal 110 will be explained. The remittance destination terminal 110 includes a remittance terminal application 430, an authentication client 440, and an authenticator 450. The remittance terminal application 430, the authentication client 440, and the authenticator 450 are stored in the HDD 205 of the remittance destination terminal 110 and executed by the CPU 202. The remittance terminal application 430, the authentication client 440, and the authenticator 450 have the same configurations as the remittance terminal application 400, the authentication client 410, and the authenticator 420 provided in the remittance source terminal 100, respectively. Therefore, detailed explanations of these will be omitted.

Next, the configuration of remittance management server 120 will be explained. The remittance management server 120 includes a remittance management service 460, a remittance information DB 470, and a user information DB 480. Remittance management service 460 is stored in HDD 305 of remittance management server 120 and executed by CPU 302. The remittance management service 460 includes a communication section 461, an authentication processing section 462, a remittance information control section 463, a user information control section 464, and a message generation section 465.

The communication unit 461 communicates with the remittance source terminal 100 and the remittance destination terminal 110. The authentication processing unit 462 provides a function of registering authentication functions and information related to authentication necessary for using the remittance related functions provided by the remittance management server 120. The remittance information control unit 463 manages the remittance information DB 470 and controls information regarding the remittance processing of the remittance source user and the remittance destination user. The user information control unit 464 manages the user information DB 480 and controls user information for the remittance management service 460. The message generation unit 465 generates a remittance completion message to the remittance source terminal 100 and a remittance request message to the remittance destination terminal 110. Note that these messages are collectively referred to as remittance-related messages.

The remittance information DB 470 is a database that manages information regarding remittances between terminals. The user information DB 480 is a database that manages information on users who use the remittance service. The remittance information DB 470 and the user information DB 480 are configured in, for example, the HDD 305 included in the remittance management server 120. Note that each database may be configured in a storage area provided outside the remittance management server 120.

[User interface]
FIG. 5 is a diagram showing a configuration example of a UI (user interface) of the remittance source terminal 100 and the remittance destination terminal 110 according to the present embodiment. The screen transitions will be explained along with the flow of operations. In each message screen shown in FIG. 5, a balloon from the left side indicates a message from the other party's terminal, and a balloon from the right side indicates a message from the own terminal. Furthermore, in each message screen, the character string shown at the top indicates the user (user account) of the other party's terminal.

FIG. 5(a) shows an example of the configuration of the menu selection screen. The menu selection screen is a screen drawn on the touch panel 209 when the remittance terminal application 400, 430 is activated. When the remittance button 500 is tapped, the screen changes to the remittance amount input screen shown in FIG. 5(d). When the remittance request button 501 is tapped, the screen transitions to the remittance request amount input screen shown in FIG. 5(g). When the biometric information registration button 502 is tapped, the screen transitions to a biometric authentication screen shown in FIG. 5(b).

On the biometric authentication screen shown in FIG. 5(b), if authentication using already registered biometric information or password authentication is successfully completed, the screen transitions to the biometric registration screen shown in FIG. 5(c). The biometric authentication screen shown in FIG. 5B is a screen for the remittance terminal applications 400 and 430 to acquire authentication information in order to use various remittance functions, and is drawn on the touch panel 209. The biometric information input instruction area 510 prompts the user to input biometric information. At this time, the user presents the biometric information to the biometric information sensor 208, thereby acquiring the biometric information. When the cancel button 511 is tapped, the authentication process is interrupted and the screen changes to the menu selection screen shown in FIG. 5(a). When the password authentication button 512 is tapped, authentication is performed using a password instead of biometric information.

The biometric registration screen shown in FIG. 5C is a screen for registering biometric information used when performing biometric authentication, and is drawn on the touch panel 209. The biometric information input instruction area 520 prompts the user to input biometric information. At this time, the user presents the biometric information to the biometric information sensor 208, thereby acquiring the biometric information. When the cancel button 521 is tapped, the authentication process is interrupted and the screen changes to the menu selection screen shown in FIG. 5(a).

The remittance amount input screen shown in FIG. 5D is a screen for the remittance source user to input the amount to be remitted to the remittance destination user, and is drawn on the touch panel 209. The remittance amount input area 530 is an area for inputting the amount to be remitted. The remittance destination selection area 531 is an area for selecting a remittance destination. In this embodiment, it is assumed that the remittance destination selection area 531 selects a user in a pull-down format, but the selection method is not particularly limited. For example, the user may be able to specify a new remittance destination. Here, it is assumed that "receive-user" is specified as the remittance destination user. Note that the remittance source user here will be explained as "send-user." When the next button 532 is tapped, the screen transitions to the biometric authentication screen shown in FIG. 5(b). If the biometric authentication is successfully completed on the biometric authentication screen, the screen transitions to the remittance message screen shown in FIG. 5(e).

The remittance message screen shown in FIG. 5E is a screen on which the remittance-related processing by the remittance source user is displayed in a timeline message format, and is drawn on the touch panel 209 of the remittance source terminal 100. Note that the timeline message format is a method in which messages are displayed in chronological order. The remittance source message 540 is a message indicating that a remittance notification has been sent to the remittance destination terminal 110 of the remittance destination user (here, "receive-user"). At this time, the phrase "Identity Verified" is displayed on the biometric authentication screen shown in FIG. 5(b) displayed on the remittance source terminal 100. -user") has performed biometric authentication, it will be displayed. On the other hand, if authentication is performed using a password, this message will not be displayed. Note that the phrase "identity verified" that is displayed when biometric authentication is successfully performed is just one example, and other phrases may be used. Furthermore, other display formats such as fonts and character sizes may be used. The receipt notification message 541 is a message indicating that the remittance destination user (here, the "receive-user" operating the remittance destination terminal 110) has completed the receipt. At this time, the phrase "Identity Verified" will be displayed if the recipient user has performed biometric authentication on the biometric authentication screen shown in FIG. If you do, it will not be displayed.

The receiving message screen shown in FIG. 5(f) is a screen that displays the remittance-related process of the remittance user in a timeline message format. It is drawn on the touch panel 209. The remittance destination message 550 is a message indicating that remittance has been made from the remittance source user (here, "send-user"). At this time, the phrase "Identity Verified" is displayed on the biometric authentication screen shown in FIG. 5(b) displayed on the remittance source terminal 100. -user") has performed biometric authentication, it will be displayed. On the other hand, if authentication is performed using a password, this message will not be displayed. When the remittance destination message 550 is tapped, the screen changes to the biometric authentication screen shown in FIG. 5(b) in order to receive the money. The receiving source message 551 is a message indicating that the receiving has been completed. At this time, the phrase "Identity Verified" is displayed on the biometric authentication screen shown in FIG. "receive-user") is displayed if the user performs biometric authentication. On the other hand, if authentication is performed using a password, this message will not be displayed.

The remittance request amount input screen shown in FIG. 5(g) is a screen for the remittance destination user to input the amount of remittance request from the remittance source user, and is drawn on the touch panel 209. The remittance request amount input area 560 is an area for inputting the amount to be requested for remittance. The remittance request destination selection area 561 is an area for selecting a destination to which a remittance request is made. In this embodiment, it is assumed that the remittance request destination selection area 561 is used to select a user in a pull-down format, but the selection method is not particularly limited. For example, the user may be able to specify a new remittance request destination. Here, it is assumed that "send-user" is specified as the remittance request destination. Note that the remittance requesting user here will be described as a "receive-user." When the next button 562 is tapped, the screen transitions to the biometric authentication screen shown in FIG. 5(b). If the biometric authentication is successfully completed on the biometric authentication screen, the screen transitions to the remittance request message screen shown in FIG. 5(h).

The remittance request message screen shown in FIG. 5(h) is a screen in which processing related to the remittance request of the remittance user is displayed in a timeline message format, and is drawn on the touch panel 209 of the remittance destination terminal 110. The request source message 570 is a message indicating that a remittance request notification has been sent to the remittance source terminal 100 of the remittance source user (here, "send-user"). At this time, the phrase "Identity Verified" is displayed on the biometric authentication screen shown in FIG. -user") has performed biometric authentication, it will be displayed. On the other hand, if authentication is performed using a password, this message will not be displayed. The contents of the request destination message 571 and the operation when tapped are the same as the remittance destination message 550 on the received message screen in FIG. 5(f), so the details will be omitted.

The remittance response message screen shown in FIG. It is drawn on the touch panel 209 of the terminal 100. The request source message 580 is a message indicating that a remittance request has been made from a remittance destination user (here, "receive-user"). At this time, the phrase "Identity Verified" indicates that the remittance destination user (here, "receive-user") has performed biometric authentication on the biometric authentication screen shown in FIG. 5(b) displayed on the remittance terminal 110. If you authenticate using a password, it will not be displayed. When the request source message 580 is tapped, the screen transitions to a biometric authentication screen shown in FIG. 5(b) in order to perform remittance. The request destination message 581 is similar to the remittance source message 540 on the remittance message screen of FIG. 5(e), so a description thereof will be omitted.

[Biometric information registration process]
FIG. 6 is a diagram showing a biometric information registration sequence according to this embodiment. Registration of biometric information is a process of registering biometric information necessary for biometric authentication with the remittance management service 460 used via the remittance management server 120. In this embodiment, the biometric information registration process of the remittance source user who is the user of the remittance source terminal 100 will be described, but the biometric information registration process of the remittance destination user who is the user of the remittance destination terminal 110 is also similar. It shall be possible to carry out the procedure. The premise is that the remittance source user has tapped the biometric information registration button 502 on the menu selection screen shown in FIG. 5(a) and authenticated with a password on the biometric authentication screen shown in FIG. 5(b). do.

Further, each process is realized by the CPUs of the remittance source terminal 100 and the remittance management server 120 reading and executing programs stored in a ROM or the like.

At S600, the communication unit 401 of the remittance terminal application 400 requests the remittance management server 120 to register biometric information.

In S601, the communication unit 461 of the remittance management service 460 receives a biometric information registration request from the remittance terminal application 400, and the authentication processing unit 462 creates an Attestation Challenge. Attestation Challenge is used as verification data for challenge-response authentication. A random number or the like is used as the Attestation Challenge, but the method for creating it is not particularly limited.

In S602, the communication unit 461 of the remittance management service 460 returns the information including the Attestation Challenge created in S601 to the remittance source terminal 100.

In S603, the communication unit 401 of the remittance terminal application 400 receives information including the Attestation Challenge. Further, the authenticator management unit 412 of the authentication client 410 transmits a credential creation request to the authenticator 420. At the same time, the registration control unit 411 of the authentication client 410 displays the biometric registration screen shown in FIG. 5C on the touch panel 209.

In S604, the remittance source user presents biometric information to the biometric information sensor 208 on the biometric registration screen (FIG. 5(c)). At this time, the biometric information registration processing unit 421 of the authenticator 420 acquires the feature amount of the biometric information of the remittance source user. The feature amount of biometric information is a value that is unique to an individual, such as a fingerprint pattern, converted into a value that does not impair the uniqueness. Biometric authentication is the process of identifying individuals using their unique features. As mentioned above, the information used for biometric authentication is not particularly limited.

In S605, the biometric information registration processing unit 421 of the authenticator 420 generates a biometric information ID for uniquely identifying biometric information. Thereafter, the authentication information storage unit 423 of the authenticator 420 stores the combination of biometric information ID and biometric information in the TPM 206.

In S606, the biometric information registration processing unit 421 of the authenticator 420 creates a public key/private key pair. The biometric information registration processing unit 421 of the authenticator 420 creates an authentication information ID for uniquely identifying the combination of the biometric information ID generated in S605 and the created private key, and the authentication information storage unit 423 Store in. Here, Table 1 shows an example of a table held by the TPM 206 and in which a private key is registered.

In Table 1, the authentication information ID column is a unique ID (identification information) for each piece of authentication information. The service ID column stores information on the top level domain and second level domain of the remittance management service 460. This information may be received from the remittance management server 120 together with the Attestation Challenge in S602. The biometric information ID column stores IDs corresponding to feature amounts of biometric information. The secret key string stores the secret key created as described above.

In S607, the biometric information registration processing unit 421 of the authenticator 420 creates a credential. The credentials include the authentication information ID, the public key created in S606, and the signature. A signature is generated from the Attestation Challenge received in S602 using the private key created in S606.

In S608, the communication unit 401 of the remittance terminal application 400 transmits a credential registration request to the remittance management server 120. Here, the parameters of the credential registration request include the credential created in S607.

In S609, the communication unit 461 of the remittance management service 460 of the remittance management server 120 receives the credentials from the remittance source terminal 100, and the authentication processing unit 462 executes the credential registration process. In the credential registration process, the signature data included in the received credential is decrypted using the public key also included in the credential to verify that the credential registration request is correct. If the credential registration request is verified to be correct, the authentication processing unit 462 registers the combination of the authentication information ID, public key, and user ID included in the credential in the table of the user information DB 480. The user ID corresponds to, for example, the one used at the time of password authentication performed before the processing sequence is started. Here, Table 2 shows an example of a table in which credentials are registered.

In Table 2, the user ID column stores an ID for uniquely identifying a user who uses remittance management service 460. In this embodiment, the user ID of the remittance destination user is "receive-user" and the user ID of the remittance source user is "send-user."

In S610, the communication unit 401 of the remittance management service 460 returns the result of the credential registration process executed in S609 to the remittance source terminal 100. As described above, the biometric information registration process is completed according to the sequence shown in FIG.

Although a detailed explanation will be omitted here, the authentication process using a password involves storing account information (user ID, etc.) and password in correspondence on the server side, and using the user's input on the terminal. Authentication may also be performed. Additionally, as a configuration for authentication processing using other passwords, the terminal and the server may maintain tables similar to those shown in Tables 1 and 2, and the configuration may be configured using the same flow as authentication using biometric information. . In this case, for example, the terminal side may hold the authentication information ID, service ID, user ID, password, and private key in association with each other. Further, on the server side, the authentication information ID, user ID, and public key may be stored in association with each other. This table may be used to perform authentication processing when the password authentication button 512 on the biometric authentication screen shown in FIG. 5(b) is pressed.

[Biometric authentication processing]
FIG. 7 is a diagram showing an authentication sequence using biometric information according to this embodiment. In this embodiment, the biometric authentication process of the remittance source user who is the user of the remittance source terminal 100 will be explained, but the biometric authentication process of the remittance destination user who is the user of the remittance destination terminal 110 is also performed using the same procedure. It shall be possible to do so. It is assumed that the remittance source user has executed the biometric information registration process sequence shown in FIG. 6 before executing this process.

It is assumed that each process is realized by the CPUs of the remittance source terminal 100 and the remittance management server 120 reading and executing a program stored in a ROM or the like.

In S700, the communication unit 401 of the remittance terminal application 400 of the remittance source terminal 100 requests biometric authentication from the remittance management server 120.

In S701, the communication unit 461 of the remittance management service 460 of the remittance management server 120 receives a biometric authentication request from the remittance terminal application 400, and the authentication processing unit 462 creates an Assertion Challenge. Assertion Challenge is data used to perform challenge-response authentication. A random number or the like is used as the Assertion Challenge, but the method for creating it is not particularly limited. The Assertion Challenge here is different from the one created in S601 of FIG.

In S702, the communication unit 461 of the remittance management service 460 returns the information including the Assertion Challenge created in S701 to the remittance source terminal 100.

In S703, the communication unit 401 of the remittance terminal application 400 receives information including the Assertion Challenge. Furthermore, the authenticator management unit 412 of the authentication client 410 transmits an assertion creation request to the authenticator 420. At the same time, the registration control unit 411 of the authentication client 410 displays the biometric authentication screen shown in FIG. 5(b) on the touch panel 209 of the remittance source terminal 100.

In S704, the remittance source user presents biometric information to the biometric information sensor 208 on the biometric authentication screen (FIG. 5(b)). At this time, the biometric authentication processing unit 422 of the authenticator 420 acquires the feature amount of the biometric information of the remittance source user.

In S705, the biometric authentication processing unit 422 of the authenticator 420 executes biometric information verification processing. In the biometric information verification process, biometric information that matches the biometric information acquired in S704 is searched from the biometric information already registered in the TPM 206, and the biometric information ID of the matching biometric information is acquired. Next, the table (Table 1) stored in the TPM 206 is searched for information that matches the combination of the acquired biometric information ID and service ID, and the authentication information ID and secret key of the matching information are acquired. Here, if the authentication information can be uniquely identified, it is determined that the biometric authentication is successful, and the process advances to S706. On the other hand, if the authentication information cannot be uniquely identified, it is determined that biometric authentication has failed, and this sequence ends. In this case, the sender user may be notified of this fact.

In S706, the biometric authentication processing unit 422 of the authenticator 420 creates an assertion. Here, the assertion includes the authentication information ID and signature data acquired in S705. Signature data is created from the Assertion Challenge received in S702 using the private key obtained in S705.

In S707, the communication unit 401 of the remittance terminal application 400 transmits an assertion verification request to the remittance management server 120. Here, the assertion created in S706 is included in the parameters of the assertion verification request.

In S708, the communication unit 461 of the remittance management service 460 receives the assertion from the remittance source terminal 100, and the authentication processing unit 462 executes verification processing of the assertion. In the assertion verification process, the table shown in Table 2 is searched for a credential that matches the authentication information ID included in the received assertion, and the public key of the matching credential is obtained. Next, the signature data included in the received assertion is decrypted using the public key to verify that the assertion is correct. Here, if the assertion is verified to be correct, the process advances to S709. On the other hand, if the authentication information cannot be uniquely identified, the communication unit 461 of the remittance management service 460 returns an error to the remittance source terminal 100 and ends this sequence.

In S709, the authentication processing unit 462 of the remittance management service 460 issues a token for the user whose assertion was verified to be correct in S708. Tokens are used by users to use various functions such as remittance functions and remittance request functions.

At S710, the communication unit 461 of the remittance management service 460 returns the token created at S709 to the remittance source terminal 100. As described above, the biometric authentication process is completed according to the sequence shown in FIG.

[Remittance processing and receipt processing]
FIG. 8 is a diagram showing a sequence from remittance processing by the remittance source terminal 100 to receipt processing by the remittance destination terminal 110 according to the present embodiment. As a premise, it is assumed that the remittance source user and the remittance destination user have executed the biometric information registration processing sequence shown in FIG. 6 before executing this process.

Further, each process is realized by the CPUs of the remittance source terminal 100, the remittance destination terminal 110, and the remittance management server 120 reading and executing a program stored in a ROM or the like.

In S800, when the remittance source user taps the remittance button 500 on the menu selection screen shown in FIG. 5(a), the remittance amount input screen shown in FIG. Is displayed.

In S801, the remittance source user inputs the remittance amount in the remittance amount input area 530 and selects the remittance destination user in the remittance destination selection area 531 on the remittance amount input screen (FIG. 5(d)). Subsequently, when the remittance source user taps the next button 532, a biometric authentication screen (FIG. 5(b)) is displayed on the touch panel 209 of the remittance source terminal 100. In this embodiment, it is assumed that the remittance source user inputs "12,000 yen" in the remittance amount input area 530 and selects "receive-user" in the remittance destination selection area 531. explain. Due to this user operation, the biometric authentication sequence described in FIG. 7 is executed.

After the biometric authentication sequence is successfully completed, the communication unit 401 of the remittance terminal application 400 issues a remittance request to the remittance management server 120 in S802. At this time, the remittance request parameters include the remittance amount input in S801, the remittance destination user ID, and the token acquired in the sequence shown in FIG.

In S803, the communication unit 461 of the remittance management service 460 of the remittance management server 120 receives the remittance request transmitted from the remittance source terminal 100. Subsequently, the remittance information control unit 463 updates the information in the remittance information table of the remittance information DB 470. Here, Table 3 shows the state of the remittance information table at the time of completion of S803.

In Table 3, the remittance information ID column is a unique ID for each remittance information. The remittance source user ID column stores the ID of the user who makes the remittance. In this embodiment, "send-user", which is the ID of the remittance source user who is the user of the token included in the remittance request, is stored. The remittance destination user ID column stores the ID of the user who receives the remittance. In this embodiment, "receive-user" which is the remittee user ID included in the remittance request is stored. The amount is stored as the remittance amount in the remittance process. In this embodiment, "12,000", which is the remittance amount included in the remittance request, is stored. The unit of currency here will be explained as yen. The status column indicates the current status of a series of remittance processing. In this embodiment, when a remittance request is made, "remittance request in progress" is made, "remittance in progress" is performed when remittance is made, and "received" when mutual confirmation between remittance source and remittee is performed. The status of is stored. At the time of completion of S803, since the remittance has been made, "remittance in progress" is stored. In addition, in this embodiment, the unit of currency is described as yen, but for example, when supporting a plurality of currencies, the units may be further associated and managed in Table 3. In this case, the unit of currency is input on the remittance amount input screen shown in FIG. 5(d). Further, date and time information when the status etc. were updated may also be managed.

Next, a process is performed to generate a message to notify the remittance source terminal 100 and the remittance destination terminal 110 that the remittance has been made. This process will be explained using FIG. 10.

FIG. 10 is a flowchart showing remittance-related message generation processing by the remittance management server 120 in the present invention. This processing flow is realized by the CPU 302 of the remittance management server 120 reading and executing a program stored in the ROM 304 or the like.

In S1000, remittance information control unit 463 of remittance management service 460 determines the type of remittance processing requested by remittance source terminal 100 or remittance destination terminal 110. If the type of requested remittance process is "remittance request", the process advances to S1001. If the requested remittance processing type is "receipt request", the process advances to S1003. If the type of requested remittance process is "remittance request request", the process advances to S1005.

In S1001, the remittance information control unit 463 of the remittance management service 460 generates a message to notify the remittance source terminal 100 that made the remittance request that the remittance process has been accepted. The message generated here corresponds to the remittance source message 540 in FIG. 5(e) and the request destination message 581 in FIG. 5(i), but at this point, the words "identity verified" are not added. do not have.

In S1002, the remittance information control unit 463 of the remittance management service 460 generates a message to notify the remittance destination terminal 110 that the remittance has been made. The message generated here corresponds to the remittance destination message 550 in FIG. 5(f) and the request destination message 571 in FIG. do not have. After that, the process advances to S1007.

In S1003, the remittance information control unit 463 of the remittance management service 460 generates a message to notify the remittance destination terminal 110, which made the receipt request, that the receipt has been completed. The message generated here corresponds to the recipient message 551 in FIG. 5(f), but at this point, the message "identity verified" is not added.

In S1004, the remittance information control unit 463 of the remittance management service 460 generates a message to notify the remittance source terminal 100 that the remittance has been received. This corresponds to the receipt notification message 541 in FIG. 5(e), but at this point, the words "identity confirmed" are not added. After that, the process advances to S1007.

In S1005, the remittance information control unit 463 of the remittance management service 460 generates a message to notify the remittance destination terminal 110 that made the remittance request that the remittance request process has been accepted. This corresponds to the requester message 570 in FIG. 5(h), but at this point, the wording "identity verified" is not added.

In S1006, the remittance information control unit 463 of the remittance management service 460 generates a message to notify the remittance source terminal 100 that a remittance request has been made. This corresponds to the requester message 580 in FIG. 5(i), but at this point, the phrase "identity confirmed" is not added. After that, the process advances to S1007.

In S1007, the remittance information control unit 463 of the remittance management service 460 refers to the token issued through authentication processing using biometric information. Then, the remittance information control unit 463 determines whether the user of the remittance source terminal 100 or the remittance destination terminal 110 requests remittance-related processing after verifying the user's identity using biometric authentication. If it is determined that the identity verification has been performed (YES in S1007), the process advances to S1008. If it is determined that the identity verification has not been performed (NO in S1007), this processing flow ends.

At S1008, the remittance information control unit 463 of the remittance management service 460 adds the words "identity verified" to the messages generated at each of S1001 to S1006. Then, this processing flow ends.

Returning to the explanation of the sequence in FIG. 8. The following explanation will be given assuming that after the process of S803, the type of remittance process is determined to be "remittance request" in S1000 of FIG. 10, and that the identity verification is performed in S1007.

In S804, the communication unit 461 of the remittance management service 460 returns a remittance acceptance completion notification to the remittance source terminal 100. Here, the remittance acceptance completion notification includes the remittance source message generated in FIG. 10 with the words "identity confirmed" added, and the remittance information ID generated in S803.

In S805, the communication unit 401 of the remittance terminal application 400 receives a remittance acceptance completion notification from the remittance management server 120. Further, the message control unit 402 displays a remittance source message 540 on the remittance message screen shown in FIG. 5E on the touch panel 209 of the remittance source terminal 100.

In S806, the communication unit 461 of the remittance management service 460 of the remittance management server 120 transmits a remittance notification to the remittance destination terminal 110. Here, the remittance notification includes the remittance message generated in FIG. 10 with the words "identity confirmed" added, and the remittance information ID generated in S803.

In S807, the communication unit 431 of the remittance terminal application 430 of the remittance destination terminal 110 receives the remittance notification from the remittance management server 120. Furthermore, the message control unit 432 displays a remittance destination message 550 on the received message screen shown in FIG. 5F on the touch panel 209 of the remittance destination terminal 110. Here, the remittance destination user can confirm that the remittance source user himself/herself has performed biometric authentication before remittance of currency by checking the wording "Identity Verified" in the remittance destination message 550. . Next, when the remittance destination user taps the remittance destination message 550 on the receipt message screen shown in FIG. 5(f), the biometric authentication screen shown in FIG. 5(b) is displayed on the touch panel 209 of the remittance destination terminal 110. Ru. Thereafter, the biometric authentication sequence described using FIG. 7 is executed based on the user's operation.

In S808, the communication unit 431 of the remittance terminal application 430 requests the remittance management server 120 to receive the remittance. At this time, the parameters of the receipt request include the remittance information ID received in S807 and the token acquired in the sequence shown in FIG.

In S809, the communication unit 461 of the remittance management service 460 of the remittance management server 120 receives the receipt request transmitted from the remittance destination terminal 110. Subsequently, the remittance information control unit 463 updates the information in the remittance information table of the remittance information DB 470. Here, Table 4 shows the state of the remittance information table at the time of completion of S809.

In Table 4, the remittance information control unit 463 of the remittance management service 460 searches the remittance information ID column for information that matches the remittance information ID included in the receipt request, and sets the matching remittance information status column to "Received". Update.

Thereafter, the process shown in FIG. 10 is performed to generate a message to notify the remittance source terminal 100 and the remittance destination terminal 110 that the receipt has been made. In this embodiment, after the process of S809, the type of remittance process is determined to be "receipt request" in S1000 of FIG. 10, and it is determined that the identity verification is performed in S1007. The following explanation will be given.

At S810, the communication unit 461 of the remittance management service 460 transmits a receipt completion notification to the remittance destination terminal 110. Here, the reception completion notification includes the recipient message generated in FIG. 10 to which the phrase "identity verified" has been added.

In S811, the communication unit 431 of the remittance terminal application 430 of the remittance destination terminal 110 receives a receipt completion notification from the remittance management server 120. Furthermore, the message control unit 432 displays a recipient message 551 on the receiving message screen shown in FIG. 5(f) on the touch panel 209 of the remittance destination terminal 110.

In S812, the communication unit 461 of the remittance management service 460 of the remittance management server 120 transmits a remittance completion notification to the remittance source terminal 100. Here, the remittance completion notification includes the receipt notification message generated in FIG. 10 to which the words "identity verified" have been added.

In S813, the communication unit 401 of the remittance terminal application 400 of the remittance source terminal 100 receives a receipt completion notification from the remittance management server 120. Furthermore, the message control unit 402 displays a receipt notification message 541 on the remittance message screen shown in FIG. 5(e) on the touch panel 209 of the remittance source terminal 100. Here, the remittance source user can confirm that the remittance user himself/herself has performed biometric authentication and received the currency by checking the wording "Identity verified" in the receipt notification message 541. .

As described above, according to the sequence shown in FIG. 8, the remittance processing by the remittance source terminal 100 and the receiving processing by the remittance destination terminal 110 are completed. In addition, both the remittance source user and the remittance destination user can remit and receive currency after mutually verifying their identity just by operating the terminal. Therefore, while achieving high usability, it is possible to improve safety when using the online remittance function. Furthermore, it is possible to reduce resistance to online remittance functions.

[Remittance request processing and remittance processing]
FIG. 9 is a diagram showing a sequence from remittance request processing by the remittance destination terminal 110 to remittance processing by the remittance source terminal 100 according to the present embodiment. As a premise, it is assumed that the remittance source user and the remittance destination user have executed the biometric information registration processing sequence shown in FIG. 6 before executing this process.

Further, each process is realized by the CPUs of the remittance source terminal 100, the remittance destination terminal 110, and the remittance management server 120 reading and executing a program stored in a ROM or the like.

In S900, when the remittance destination user taps the remittance request button 501 on the menu selection screen shown in FIG. 5(a), the remittance request amount input screen shown in FIG. Is displayed.

In S901, the remittance destination user inputs the remittance request amount in the remittance request amount input area 560 on the remittance request amount input screen (FIG. 5(g)), and selects the request destination user in the remittance request destination selection area 561. . Subsequently, when the destination user taps the next button 562, a biometric authentication screen (FIG. 5(b)) is displayed on the touch panel 209 of the destination terminal 110. In this embodiment, the remittance source user inputs "12,000 yen" in the remittance request amount input area 560 and selects "remittance source user (send-user)" in the remittance request destination selection area 561. Explain as a thing. As a result, the biometric authentication sequence described with reference to FIG. 7 is executed.

If the biometric authentication sequence is successfully completed, the communication unit 431 of the remittance terminal application 430 of the remittance destination terminal 110 issues a remittance request request to the remittance management server 120 in S902. At this time, the parameters of the remittance request include the remittance request amount input in S901, the remittance source user ID, and the token acquired in the sequence shown in FIG.

In S903, the communication unit 461 of the remittance management service 460 of the remittance management server 120 receives the remittance request request transmitted from the remittance destination terminal 110. Subsequently, the remittance information control unit 463 updates the information in the remittance information table of the remittance information DB 470. Here, Table 5 shows the state of the remittance information table at the time of completion of S903.

In Table 5, the remittance source user ID column stores "send-user" which is the remittance source user ID included in the remittance request. The remittance destination user ID column stores “receive-user”, which is the ID of the remittance user who is the user of the token included in the remittance request. The amount stores the remittance request amount in the remittance request process. In this embodiment, "12,000", which is the remittance request amount included in the remittance request, is stored. At the time of completion of S903, the status column stores "remittance request in progress" because a remittance request has been made.

Thereafter, the process shown in FIG. 10 is performed to generate a message to notify the remittance source terminal 100 and the remittance destination terminal 110 that the remittance request has been made. In this embodiment, after the process of S903, it is determined in S1000 of FIG. 10 that the type of remittance process is "remittance request request", and it is determined in S1007 that identity verification has been performed. As such, the following explanation will be given.

In S904, the communication unit 461 of the remittance management service 460 returns a remittance request acceptance completion notification to the remittance destination terminal 110. Here, the remittance request acceptance completion notification includes the requester message generated in FIG. 10 with the words "identity verified" added, and the remittance information ID generated in S903.

In S905, the communication unit 431 of the remittance terminal application 430 of the remittance destination terminal 110 receives a remittance request reception completion notification from the remittance management server 120. Furthermore, the message control unit 432 displays a request source message 570 on the remittance request message screen shown in FIG. 5(h) on the touch panel 209 of the remittance destination terminal 110.

In S906, the communication unit 461 of the remittance management service 460 of the remittance management server 120 transmits a remittance request notification to the remittance source terminal 100. Here, the remittance request notification includes the request destination message generated in FIG. 10 to which the phrase "identity confirmed" has been added, and the remittance control ID generated in S903.

In S907, the communication unit 401 of the remittance terminal application 400 of the remittance source terminal 100 receives the remittance request notification from the remittance management server 120. Furthermore, the message control unit 402 displays a requester message 580 on the remittance response message screen shown in FIG. 5(i) on the touch panel 209 of the remittance source terminal 100. Here, the remittance destination user confirms that the remittance destination user himself/herself has performed biometric authentication and requested the currency remittance by checking the wording "Identity verified" in the request source message 580. I can be sure. Subsequently, the remittance source user taps the requester message 580, so that the biometric authentication screen shown in FIG. 5(b) is displayed on the touch panel 209 of the remittance source terminal 100. Thereafter, the biometric authentication sequence shown in FIG. 7 is executed.

In S908, the communication unit 401 of the remittance terminal application 400 of the remittance source terminal 100 requests the remittance management server 120 to remit. At this time, the remittance request parameters include the remittance control ID received in S907 and the token acquired in the sequence shown in FIG.

In S909, the communication unit 461 of the remittance management service 460 of the remittance management server 120 receives the remittance request transmitted from the remittance source terminal 100. Subsequently, the remittance information control unit 463 updates the information in the remittance information table of the remittance information DB 470. Here, Table 6 shows the state of the remittance information table at the time of completion of S909.

In Table 6, the remittance information control unit 463 of the remittance management service 460 searches the remittance information ID column for information that matches the remittance control ID included in the remittance request, and sets the matching remittance information status column to "Received". Update.

Thereafter, the process shown in FIG. 10 is performed to generate a message to notify the remittance source terminal 100 and the remittance destination terminal 110 that the remittance has been made. In this embodiment, after the process of S909, it is determined in S1001 of FIG. 10 that the type of remittance process is "remittance request", and it is determined in S1007 that "identity verification is being performed". As such, the following explanation is provided.

At S910, the communication unit 461 of the remittance management service 460 of the remittance management server 120 transmits a remittance completion notification to the remittance source terminal 100. Here, the remittance completion notification includes the remittance source message generated in FIG. 10 with the words "identity verified" added.

In S911, the communication unit 401 of the remittance terminal application 400 of the remittance source terminal 100 receives a remittance completion notification from the remittance management server 120. Further, the message control unit 402 displays a request destination message 581 on the remittance response message screen shown in FIG. 5(i) on the touch panel 209 of the remittance source terminal 100.

In S912, the communication unit 461 of the remittance management service 460 of the remittance management server 120 transmits a receipt completion notification to the remittance destination terminal 110. Here, the receipt completion notification includes the remittance message generated in FIG. 10 with the words "identity verified" added.

In S913, the communication unit 401 of the remittance terminal application 400 of the remittance destination terminal 110 receives a receipt completion notification from the remittance management server 120. Furthermore, the message control unit 402 displays the request destination message 571 on the remittance request message screen of FIG. 5(h) on the touch panel 209 of the remittance destination terminal 110. Here, the remittance destination user can confirm that the remittance source user himself/herself has performed biometric authentication before remittance of currency by checking the wording "Identity verified" in the request destination message 571. . Then, this processing sequence ends.

Note that in the above example, the sender of the remittance request and the remittee are the same user, but the present invention is not limited to this. For example, the present invention may be applied to a configuration in which a remittance request is made to a third party.

As described above, according to the sequence shown in FIG. 9, the remittance request processing by the remittance destination terminal 110 and the remittance processing by the remittance source terminal 100 are completed. In addition, both the remittance source user and the remittance destination user can request and send currency after mutually verifying their identity just by operating the terminal, achieving high usability and online It is possible to reduce resistance to the above remittance request function.

As described above, according to the present embodiment, the convenience for both the remittance source user and the remittance destination user is improved, and remittance-related operations are completed after mutual identity verification. This can eliminate user concerns when using online remittance functions and remittance request functions, and reduce resistance to these functions.

<Second embodiment>
As a second embodiment of the present invention, a mode will be described in which, when requesting remittance, a photograph of the face of the remittance user is taken and the request is made. In the first embodiment, a form is provided in which both the remittance source user and the remittee user confirm the "identity verified" message to mutually verify their identities and then perform remittance-related work. However, for example, in cases where the remittance destination user who made the remittance request and the remittance source user who makes the remittance have not been in contact with each other for a long time, the remittance source user may not remember the remittance user even if the remittance request is made. It is possible that there is no such thing. In such cases, even if identity verification is performed, it is impossible to recognize the person in the first place, so resistance to remittance-related functions will not be reduced. In view of the above-mentioned problems, the present embodiment provides a mode in which a face photo of the remittance destination user is taken at the time of a remittance request, and the taken face photograph (face image) is attached to the remittance request.

[User interface]
FIG. 11 is a diagram showing a configuration example of the UI of the remittance source terminal 100 and the remittance destination terminal 110 according to the present embodiment. Note that descriptions of screen configurations common to the first embodiment will be omitted.

The remittance request information input screen shown in FIG. 11A is a screen for the remittance destination user to input remittance request related information to the remittance source user, and is drawn on the touch panel 209 of the remittance destination terminal 110. The remittance request amount input area 1100 and the remittance request destination selection area 1101 are the same as the remittance request amount input area 560 and the remittance request destination selection area 561 in FIG. 5(g), so a description thereof will be omitted. When the face photo shooting button 1102 is tapped, the screen transitions to a face photo shooting screen shown in FIG. 11(c). When the message input button 1103 is tapped, the screen transitions to a remittance request message input screen shown in FIG. 11(b). Since the next button 1104 is similar to the next button 562 in FIG. 5(g), a description thereof will be omitted.

The remittance request message input screen shown in FIG. 11B is a screen for inputting a message to accompany the remittance request, and is drawn on the touch panel 209 of the remittance destination terminal 110. The remittance request message input area 1110 is an area for inputting a remittance request message. When the confirm button 1111 is tapped, the message input in the remittance request message input area 1110 is confirmed, and the screen returns to the remittance request information input screen shown in FIG. 11(a).

The face photo shooting screen shown in FIG. 11(e) is a screen for taking a face photo to be added to the remittance request, and is drawn on the touch panel 209 of the remittance destination terminal 110. The photographing result display area 1120 is a screen showing the photographing results. When the shooting button 1121 is tapped, a camera (not shown) attached to the terminal takes a photo, and the shooting result is displayed in the shooting result display area 1120. When the confirm button 1122 is tapped, the face photo data displayed in the photographed result display area 1120 is confirmed, and the screen returns to the remittance request information input screen shown in FIG. 11(a).

The remittance response message screen shown in FIG. It is drawn on the touch panel 209 of the terminal 100. When the request source message 1130 is tapped, the screen changes to a remittance request information confirmation screen shown in FIG. 11(e).

The remittance request information confirmation screen shown in FIG. 11(e) is a screen for confirming the information input by the remittance requester user, and is drawn on the touch panel 209 of the remittance source terminal 100. The remittance request information display area 1140 displays a remittance request message input by the remittance requesting user and a photographed facial photograph. When the remittance button 1141 is tapped, the screen transitions to the biometric authentication screen shown in FIG. 5(b) in order to perform remittance. When the cancel button 1142 is tapped, the remittance is not performed and the screen returns to the remittance response message screen shown in FIG. 11(d).

[Remittance request processing and receipt processing]
FIG. 12 is a diagram showing a sequence from remittance request processing by the remittance destination terminal 110 to remittance processing by the remittance source terminal 100 in this embodiment. As a premise, it is assumed that the remittance source user and the remittance destination user have executed the biometric information registration processing sequence shown in FIG. 6 before executing this process.

Further, each process is realized by the CPUs of the remittance source terminal 100, the remittance destination terminal 110, and the remittance management server 120 reading and executing a program stored in a ROM or the like.

In S1200, when the remittance destination user taps the remittance request button 501 on the menu selection screen shown in FIG. 5(a), the remittance request information input screen shown in FIG. will be displayed.

In S1201, the remittance destination user inputs the remittance request amount in the remittance request amount input area 1100 and selects the request destination user in the remittance request destination selection area 1101 on the remittance request information input screen shown in FIG. 11(a). . Here, the explanation will be made assuming that "12,000 yen" is input as the remittance request amount and "send-user" is specified as the transmission request destination.

In S1202, the remittance destination user taps the face photo capture button 1102 on the remittance request information input screen shown in FIG. 11(a) to transition to the face photo capture screen shown in FIG. 11(c). Further, the remittance destination user taps a photograph button 1121 on the face photographing screen shown in FIG. 11C to take a photograph of the face, and then taps a confirm button 1122.

In S1203, the remittance destination user taps the message input button 1103 on the remittance request information input screen shown in FIG. 11(a) to transition to the remittance request message input screen shown in FIG. 11(k). Furthermore, after inputting a remittance request message in the remittance request message input area 1110 of the remittance request message input screen shown in FIG. 11(k), the user taps the confirm button 1111. This returns to the remittance request information input screen shown in FIG. 11(a). Note that the processing flow of S1201 to S1203 is not limited to this, and may be replaced. Furthermore, each process may be executed again for correction. Subsequently, by tapping the next button 1104 in FIG. 11(a), the biometric authentication screen shown in FIG. 5(b) is displayed on the touch panel 209 of the remittance destination terminal 110. Thereafter, the biometric authentication sequence shown in FIG. 7 is executed based on the user's operation.

In S1204, the communication unit 431 of the remittance terminal application 430 of the remittance destination terminal 110 issues a remittance request request to the remittance management server 120. At this time, the parameters of the remittance request request include the remittance request amount inputted in S1201, the remittance request message inputted in S1202, the face photo data taken in S1203, the remittance source user ID, and the remittance source user ID obtained in the sequence shown in FIG. Include the token you created.

The processing in S1205 to S1207 is the same as that in S903 to S905 in FIG. 9 described in the first embodiment, so a description thereof will be omitted.

In S1208, the communication unit 461 of the remittance management service 460 of the remittance management server 120 transmits a remittance request notification to the remittance source terminal 100. Here, the remittance request notification includes the request destination message generated in FIG. 10 with the phrase "Identity verified", the remittance control ID generated in S1203, the remittance request message sent in S1204, and the face photo. Contains data.

In S1209, the communication unit 401 of the remittance terminal application 400 of the remittance source terminal 100 receives the remittance request notification from the remittance management server 120. Furthermore, the message control unit 402 displays a requester message 1130 on the remittance response message screen shown in FIG. 11(d) on the touch panel 209 of the remittance source terminal 100. Here, the remittance destination user confirms that the remittance destination user himself/herself has performed biometric authentication and requested the currency remittance by checking the wording "Identity verified" in the request source message 1130. I can be sure.

Next, the remittance source user taps the requester message 1130 to cause the screen to transition to the remittance request information confirmation screen shown in FIG. 11(e). The remittance source user confirms the remittance request information confirmation screen shown in FIG. 11(e) and taps the remittance button 1141, so that the biometric authentication screen shown in FIG. displayed above. Thereby, the remittance source user can check the remittance destination user's face photo and remittance request message on the remittance request information confirmation screen shown in FIG. 11(e). Therefore, even if the remittance source user does not remember the remittance destination user, there is a possibility that the remittance source user will be able to remember the remittance destination user.

The processing in S1210 to S1215 is the same as S908 to S913 in FIG. 9 described in the first embodiment, so a description thereof will be omitted.

As described above, according to this embodiment, the remittance request processing by the remittance destination terminal 110 and the remittance processing by the remittance source terminal 100 are completed.

As described above, according to the present embodiment, it is possible to provide a form in which, when requesting money transfer, the user takes a picture of the face of the recipient user before making the request. Even more than in the first embodiment, the user's concerns when using the online remittance function and remittance request function can be eliminated, and resistance to these functions can be reduced.

<Third embodiment>
As a third embodiment of the present invention, a mode will be described in which authentication other than biometric authentication cannot be performed if the amount exceeds a threshold value at the time of remittance or request for remittance.

In the first embodiment, a mode has been described in which both the remittance source user and the remittee user confirm the identity of each other by confirming the "identity verified" message, and then perform remittance-related work. On the other hand, in consideration of users who are reluctant to use biometric authentication itself, it is also possible to perform authentication using a password. However, since biometric authentication is not used for authentication, if the remittance source terminal 100 or the remittance destination terminal 110 falls into the hands of a malicious user and the password is discovered, there is concern that there will be major damage. There are challenges. In view of the above-mentioned issues, this embodiment minimizes damage by providing a form in which authentication other than biometric authentication cannot be performed if the amount exceeds a certain amount when remitting or requesting remittance. The purpose is to

[User interface]
FIG. 13 is a diagram showing a configuration example of the UI of the remittance source terminal 100 and the remittance destination terminal 110 according to the present embodiment. The limited biometric authentication screen shown in FIG. 13 is a screen for the remittance terminal applications 400 and 430 of the remittance source terminal 100 and the remittance destination terminal 110 to acquire authentication information in order to use various remittance functions. is drawn on the touch panel 209 of. The biometric information input instruction area 1310 and the cancel button 1311 are the same as the biometric information input instruction area 510 and the cancel button 511 in FIG. 5(b), respectively, so a description thereof will be omitted. The password authentication button 1312 is shown in a state where it cannot be tapped. In other words, authentication processing using a password is prohibited. In this state, no particular process is performed even if the password authentication button 1312 is tapped.

In this embodiment, if a value larger than a specific threshold (upper limit) is input in the remittance amount input area 530 of the remittance amount input screen shown in FIG. 5(d) and the next button 532 is tapped, , the screen transitions to the limited biometric authentication screen shown in FIG. On the other hand, when a value less than a specific threshold is input in the remittance amount input area 530 and the next button 532 is tapped, the screen transitions to the biometric authentication screen shown in FIG. 5(b). The above operation is similar to the remittance request amount input screen shown in FIG. 5(g), and the screen transition destination changes depending on the amount in the remittance request amount input area 560. Note that, as a specific threshold value, for example, 100,000 yen can be set, and this threshold value may be set arbitrarily by the user.

Further, the password authentication button 1312 may be shown in a non-tapable state, and a message may be displayed to the user to the effect that the input amount exceeds a specific threshold. In addition, the remittance request information input screen shown in FIG. 5A may also display information that the authentication method is changed depending on the remittance amount and information regarding a specific threshold value.

As described above, in this embodiment, when a specific amount is exceeded at the time of remittance or request for remittance, control is performed so that authentication other than biometric authentication cannot be performed. With this configuration, in this embodiment, it is possible to improve the safety when using the online remittance function and remittance request function while maintaining the convenience of the user with respect to the remittance function and remittance request function.

<Other embodiments>
The present invention provides a process in which a program that implements one or more functions of the above-described embodiments is supplied to a system or device via a network or a storage medium, and one or more processors in a computer of the system or device read and execute the program. But it is possible. It can also be realized by a circuit (for example, ASIC) that realizes one or more functions.

100... Remittance source terminal, 110... Remittance destination terminal, 120... Remittance management server, 130... Network, 208... Biometric information sensor, 209... Touch panel, 400... Remittance terminal application, 410... Authentication client, 420... Authenticator, 460 … Remittance management service, 470… Remittance information DB, 480… User information DB

Claims (26)

A terminal that executes an application for using a social network service,
A display that accepts a selection designation of another user registered in the social network service by a user of the terminal, a display that accepts an instruction for remittance to the other user, and an instruction for the amount to be remitted in the remittance instruction. display, and a providing means for providing;
When the remittance instruction is accepted, the authentication process executed on the terminal using the biometric information of the user obtained through the biometric information reading means provided in the terminal is successful, and the a transmitting means for transmitting signature data created using a private key held in association with the biometric information to a management system that manages a public key that is a pair of the private key;
When the management system executes a remittance process based on the remittance amount in accordance with the remittance instruction to the other user in response to the management system being able to verify the signature data using the public key. a receiving means for receiving a message sent from the management system indicating that the remittance processing has been performed ;
The providing means further provides a display of the message received by the receiving means on a screen on which messages posted between the user and the other user in the social network service are displayed. Terminal. If it is determined that the authentication process using the biometric information was successful as a result of the verification, the message containing information indicating that identity verification has been performed is generated. The terminal according to claim 1. further comprising means for accepting an image for inclusion in the message;
3. The terminal according to claim 1, wherein the message is generated including the accepted image. 4. The terminal according to claim 3, wherein the accepted image is a facial image of the user. 5. The terminal according to claim 1, wherein authentication can be performed by a second authentication process different from the authentication process using the user's biometric information. 6. The terminal according to claim 5, wherein the second authentication process is an authentication process using a password. 7. The terminal according to claim 1, wherein the private key and the user's biometric information are stored in association with each other in a tamper-resistant storage means within the terminal. 8. The terminal according to claim 1, wherein the management system manages the public key in association with account information of the management system of the user who issued the remittance instruction. A control method for a terminal running an application for using a social network service, the method comprising:
A display that accepts a selection designation of another user registered in the social network service by a user of the terminal, a display that accepts an instruction for remittance to the other user, and an instruction for the amount to be remitted in the remittance instruction. a display, and a providing process for providing;
When the remittance instruction is accepted, the authentication process executed on the terminal using the biometric information of the user obtained through the biometric information reading means provided in the terminal is successful, and the a transmission step of transmitting signature data created using a private key held in association with the biometric information to a management system that manages a public key that is a pair of the private key;
When the management system executes a remittance process based on the remittance amount in accordance with the remittance instruction to the other user in response to the management system being able to verify the signature data using the public key. a receiving step of receiving a message sent from the management system indicating that the remittance processing has been performed ;
In the providing step, the display of the message received in the receiving step is further provided on a screen on which a message posted between the user and the other user in the social network service is displayed. Characteristic control method. If it is determined that the authentication process using the biometric information was successful as a result of the verification, the message containing information indicating that identity verification has been performed is generated. The control method according to claim 9 . further comprising the step of accepting an image for inclusion in the message;
11. The control method according to claim 9, wherein the message is generated including the accepted image. 12. The control method according to claim 11 , wherein the accepted image is a face image of the user. 13. The control method according to claim 9, wherein authentication is possible by a second authentication process different from an authentication process using biometric information of the user. 14. The control method according to claim 13 , wherein the second authentication process is an authentication process using a password. 15. The control method according to claim 9, wherein the private key and the user's biometric information are stored in association with each other in a tamper-resistant storage means in the terminal. The control method according to any one of claims 9 to 15, wherein the management system manages the public key in association with account information of the management system of the user who issued the remittance instruction. . A program for using a social network service executed on a terminal,
A display that accepts a selection designation of another user registered in the social network service by a user of the terminal, a display that accepts an instruction for remittance to the other user, and an instruction for the amount to be remitted in the remittance instruction. Display and provide
When the remittance instruction is accepted, the authentication process executed on the terminal using the biometric information of the user obtained through the biometric information reading means provided in the terminal is successful, and the transmitting signature data created using a private key held in association with the biometric information to a management system that manages a public key that is a pair of the private key;
When the management system executes a remittance process based on the remittance amount in accordance with the remittance instruction to the other user in response to the management system being able to verify the signature data using the public key. Receive a message sent from the management system indicating that the remittance process has been carried out ,
Further, providing a display of the received message on a screen where messages posted between the user and the other user in the social network service are displayed;
A program that allows a computer to function in a similar way. If it is determined that the authentication process using the biometric information was successful as a result of the verification, the message containing information indicating that identity verification has been performed is generated. The program according to claim 17 . further operative the computer to accept images for inclusion in the message;
19. The program according to claim 17 or 18, wherein the message is generated including the accepted image. 20. The program according to claim 19 , wherein the accepted image is a facial image of the user. The program according to any one of claims 17 to 20, characterized in that authentication can be performed by a second authentication process different from the authentication process using the user's biometric information. 22. The program according to claim 21 , wherein the second authentication process is an authentication process using a password. 23. The program according to claim 17, wherein the private key and the user's biometric information are stored in association with each other in a tamper-resistant storage means in the terminal. 24. The program according to claim 17, wherein the management system manages the public key in association with account information of the management system of the user who issued the remittance instruction. A terminal that executes an application for using a social network service,
A display that accepts a selection designation of another user registered in the social network service by a user of the terminal, a display that accepts an instruction for remittance to the other user, and an instruction for the amount to be remitted in the remittance instruction. display, and a providing means for providing;
When the remittance instruction is accepted, the authentication process executed on the terminal using the biometric information of the user obtained through the biometric information reading means provided in the terminal is successful, and the a transmitting means for transmitting signature data created using a private key held in association with the biometric information to a management system that manages a public key that is a pair of the private key;
When the management system executes a remittance process based on the remittance amount in accordance with the remittance instruction to the other user in response to the management system being able to verify the signature data using the public key. a receiving means for receiving a message sent from the management system indicating that the remittance processing has been performed;
The terminal, wherein the providing means further provides a display of the message received by the receiving means on a screen on the terminal. A program for using a social network service executed on a terminal,
A display that accepts a selection designation of another user registered in the social network service by a user of the terminal, a display that accepts an instruction for remittance to the other user, and an instruction for the amount to be remitted in the remittance instruction. Display and provide
When the remittance instruction is accepted, the authentication process executed on the terminal using the biometric information of the user obtained through the biometric information reading means provided in the terminal is successful, and the transmitting signature data created using a private key held in association with the biometric information to a management system that manages a public key that is a pair of the private key;
When the management system executes a remittance process based on the remittance amount in accordance with the remittance instruction to the other user in response to the management system being able to verify the signature data using the public key. Receive a message sent from the management system indicating that the remittance process has been carried out,
further providing a display of the received message on a screen on the terminal;
A program that allows a computer to function in a similar way.

Images