JPH0142439B2 - - Google Patents

Description

[Detailed Description of the Invention] [Industrial Application Field] The present invention relates to an unauthorized use prevention device in a transaction processing device, and particularly in a device capable of processing transactions using a recording medium on which customer identification information is recorded.
The present invention relates to an unauthorized use prevention device in a transaction processing device that prevents unauthorized use of a recording medium.

[Prior Art] Generally, transaction processing devices have been proposed that perform various transaction processing using a recording medium such as a magnetic card on which customer-specific identification information is recorded. Examples of such transaction processing devices include automatic teller machines, electronic cash registers that allow payment with credit cards, and sales management devices at gas stations that allow refueling using magnetic cards.
POS systems are known. When processing transactions using these transaction processing devices, in order to ensure the reliability of transaction processing and to ensure that only specific customers with magnetic cards can perform transactions, it is necessary to present the magnetic card at the time of transaction processing and to ensure that the customer has the magnetic card. customers were required to enter a PIN code known only to them.

By the way, conventional transaction processing devices allow the user to re-enter the PIN code a predetermined number of times (for example, three times) if the PIN code is entered incorrectly, and if the PIN code is input incorrectly a predetermined number of times, the magnetic card is removed. The user was asked to import or return the PIN code, and was prohibited from entering the PIN code in the future.

However, if a magnetic card is retrieved when the PIN code is incorrectly entered a predetermined number of times, if the user is the user of the magnetic card, the staff must return the card after determining its validity. The disadvantage was that the process for the staff was complicated and the customers had to wait for a long time. In addition, if a magnetic card is returned if the incorrect PIN code is entered a certain number of times, even if the magnetic card is stolen, the card will be returned, so a person who misuses another person's magnetic card can There was a problem in that after entering the PIN code repeatedly, the correct PIN code could be found and the magnetic card could be used illegally.

Therefore, in order to prevent unauthorized use of magnetic cards, the applicant of this application set the valid number of times that a PIN code can be entered incorrectly to a relatively small number, and that the number of incorrect entries that are allowed exceeds the valid number of times. We have proposed a PIN code discriminator that prohibits judgment of the validity of a PIN code even if the PIN code is input for a relatively long period of time. The previously proposed PIN code recognition device provides a relatively long period of time required to confirm the correct PIN code if the user of the magnetic card is the original user, and can be used by someone who misuses another person's magnetic card. If so, the advantage is that by repeatedly extending the acceptable period for each incorrect input, you can buy time to report theft.

[Problems to be Solved by the Invention] The transaction processing device using the PIN code discrimination method proposed earlier can judge the validity of the PIN code again after a certain period of time has elapsed, so it is possible to check the validity of the PIN code again at regular intervals. While entering the password, the correct pin code was discovered by chance, and the magnetic card was used fraudulently.

By the way, experience has shown that when conventional magnetic cards are used illegally, the PIN code is often entered relatively many times, and incorrect entries are made many times in a relatively short period of time. Are known. Therefore, if the number of inputs that exceed the specified number of unconditionally acceptable entries exceeds the number of times that the card should be invalidated, which is determined by a relatively large number of times, then that card could be regarded as invalid, and future transaction processing could be prohibited.
This will simplify and save labor for the clerk in charge when the specified number of erroneous entries are made, and it will also be possible to prevent unauthorized use of the magnetic card.

Therefore, an object of the present invention is to provide an unauthorized use prevention device for a transaction processing device, which can simplify and speed up processing in the event of incorrect input of a PIN code, and can prevent unauthorized card use. It is to provide.

[Means for Solving the Problems] An unauthorized use prevention device in a transaction processing device according to the present invention includes a reading means for reading customer identification information recorded on a recording medium, and a password code corresponding to the customer identification information. an input means for inputting;
Storage means that includes an input number storage area that cumulatively stores the number of times the PIN code was input by the input means in correspondence with customer identification information, and an input time storage area that stores the latest time at which the PIN code was input. and a validity determining means for determining the validity of the recording medium according to the customer identification information and the PIN code. an erasing means for erasing the memory contents of the storage means corresponding to the customer identification information;
a first setting means for setting a number of times, and a second setting means for setting a second number of times that is relatively larger than the first number of times and is determined to invalidate the use of the recording medium. The setting means compares the cumulative number of inputs of the PIN code stored in the input frequency storage area with the first number of times set in the first setting means, and determines that the cumulative number of inputs of the PIN code is equal to the first number of times. a first determination means for determining whether the cumulative number of inputs of the PIN code exceeds the first number of times; a validity determination prohibition means that prohibits the validity determination means from making a determination until a predetermined time has elapsed from the latest input time stored in the input number storage area; a second determining means for determining whether the cumulative number of inputs of the PIN code exceeds the second number of times by comparing the number of times set in the second setting means; The apparatus further includes a fraud processing means that performs fraud processing in response to determining that the cumulative number of inputs of the PIN code exceeds the second number of times.

[Operation] In this invention, each time the PIN code is input until a predetermined number of times is exceeded, it is determined whether the input PIN code is correct or not. If it is correct, the transaction is processed, and if it is incorrect, the customer code is changed. Correspondingly, the number of inputs of the PIN code and the latest input time are stored. If the password code has been input more than the predetermined number of times, determination of whether or not the password code is correct is prohibited until a certain period of time has elapsed since the latest input time. During this time, the number of inputs is updated each time the password code is input. An unauthorized cardholder repeatedly enters a pin code many times in a short period of time in an attempt to process a transaction, such as withdrawing cash. In this way, when the cumulative number of PIN code entries exceeds a predetermined relatively large number of times, the card is deemed invalid.
Unauthorized processing is performed.

On the other hand, if the customer using the card is the customer himself/herself, he or she will return home, confirm the PIN code, and then re-enter it. In other words, the personal identification code is input by the person himself/herself after a certain period of time has elapsed from the latest input time. In this case,
It is determined whether the PIN code is correct or not, and if it is correct, the number of input times and input time of the PIN code stored in correspondence with the customer code are erased, and transaction processing becomes possible.

[Embodiments of the Invention] Below, an embodiment will be described in which a personal identification code is determined when dispensing cash using a magnetic card, which is an example of a recording medium, in an automatic teller machine, which is an example of a transaction processing device.

FIG. 1 is a block diagram of an automatic teller machine which is an example of a transaction processing device according to an embodiment of the present invention. 1st
In the configuration shown in the figure, transaction processing device 10 includes a central processing unit (hereinafter referred to as CPU) 11 such as a microprocessor or microcomputer. A customer service operation section 20 shown in FIG. 2, which will be described later, is connected to the CPU 11. This customer service operation section 20 is
Card reader 21, keyboard 22, display 23
and a buzzer 24. The CPU 11 includes a printer 12, a cassette deck 13, a clock circuit 14,
A bill discharging mechanism 16 and a coin discharging mechanism 17 are connected. This printer 12 is used to print and record transaction processing data (for example, payment amount, account number, transaction date, etc.) and issue a receipt. The cassette deck 13 is used when the transaction processing device 10 is not connected online to a central processing device such as a center (that is, when it is offline).
used to collect and record processed data on magnetic tape. Therefore, transaction processing device 1
0 is online and connected to the center, the cassette deck 13 becomes unnecessary. The clock circuit 14 measures the current time. moreover,
Connected to the CPU 11 are a memory (ROM) 15 for storing a program shown in FIG. 4, which will be described later, and a memory (RAM) 30, for temporarily storing processing data, which will be described in detail in FIG. 3, which will be described later. .

FIG. 2 is an illustrative view of the customer service operation section 20.
A card insertion slot (not shown) is formed on or near the panel of the customer service operation section 20. The card reader 21 is provided on the back side of the card insertion slot. The card reader 21 reads data recorded on the magnetic card when the magnetic card inserted into the card insertion slot is transferred. On this magnetic card, for example, a customer code unique to the customer who owns the magnetic card and an issue place code indicating the place where the magnetic card is issued are magnetically recorded. Further, if necessary, information such as the validity date of the PIN code is recorded on the magnetic card. When a customer code is read from such a magnetic card to obtain a personal identification code, a four-digit number is obtained based on a conventionally known calculation formula for a personal identification code. For example, a method for calculating a PIN code by processing an appropriate arithmetic expression and a customer code and determining that the PIN code matches an input PIN code; A method of determining a customer code by performing arithmetic processing on the basis of the magnetic card and determining that the customer code matches the customer code read from the magnetic card, and a method of calculating the customer code and the first calculation formula as appropriate. There is a method of processing the code and the second arithmetic expression as appropriate to determine whether or not the two match. It is assumed that the calculation formulas for determining these password codes are set and stored in the ROM 15 in advance.

Note that the card reader 21 may be one that reads data recorded on a magnetic card when manually scanning the magnetic card. Such a manual scanning type card reader is advantageously used, for example, when the transaction processing device is a POS system for a gas station.

Keyboard 2 provided in the customer service operation section 20
2 specifies that the numeric keypad 221 is used to input the password code and the requested payment amount, the correction key 222 is used to issue a command to correct the entered password code or the requested payment amount, and that the unit of the requested payment amount is 10,000. It includes a key 223, a key 224 for specifying that the unit is thousands, a yen key 225, and a balance inquiry key 226.

Display device 23 provided in the customer service operation section 20
, a procedure display 231 that displays the keyboard operation procedure, and an amount display 23 that displays the payment request amount.
2. It includes a digit number display section 234 that displays the number of input digits of the PIN code, and a determination result display section 233 that displays the determination result (result of determining whether transaction processing is possible or not possible).

Furthermore, if necessary, the customer service operation section 20 may include:
A sound extraction hole 25 is formed. On the back side of the sound hole 25, there is a buzzer 24 or a piezoelectric vibrator (not shown) that generates a sound each time a PIN code is input or notifies you of a predetermined number of consecutive incorrect inputs.
will be provided.

FIG. 3 is a diagram schematically showing the storage area of the RAM 30. In Figure 3, RAM30
includes a comparison buffer area 31 for temporarily recording processed data, a fixed time storage area 32, a specified number of times storage area 33, a combination table 34, an invalid number of times storage area 35, and an invalid registration table 36. The compared buffer area 31 includes a customer code storage area 311 that stores a customer code, a current time storage area 312 that stores the current time, and a number storage area 313 that stores the number of times a PIN code has been input in an updated manner.

The predetermined time storage area 32 stores a predetermined period of time during which the input of the PIN code is prohibited from the last input time of the PIN code when the PIN code is incorrectly input a predetermined number of times or more.
This fixed period of time is not known to the customer and can be chosen differently depending on the type of transaction processing device or user. Preferably, the predetermined period of time is selected to be a period of time (for example, 2 hours) that allows the customer to realize that he/she made an error when entering the PIN code, and to confirm the correct PIN code upon returning home. The specified number of times storage area 33 is an area for storing the number of times (for example, two times) that is allowed even if an incorrect password code is input. This fixed time storage area 32
and each information stored in the specified number of times storage area 33, if set fixedly,
Store it on the ROM15 side, or store it on the ROM15 side.
In order to read and transfer the settings stored on the side when the power is turned on, or to change them at certain intervals,
The information may be entered at the start of business hours on that day.

The combination table 34 includes storage areas 341 to 34n at multiple addresses, each of which includes a customer storage area 34a, a time (or day, hour, minute) storage area 34b, and an input frequency storage area 34c.
including. In this storage area 34b, the last time or date and minute when the personal identification code was input is written for each customer code. The storage area 34c stores the cumulative number of inputs of the PIN code in a certain period for each customer code. In addition, the combination table 34
The number of addresses is set to a certain number (for example, 100), so if more than a certain number of incorrectly entered customer codes are entered, the data corresponding to the earliest stored customer code will be deleted and the subsequent data will be deleted. is sequentially 1
The addresses are shifted and memorized.

The invalidation count storage area 35 stores the number of invalidations (transfer limit (number of times) is set and stored in advance.

The invalidation registration table 36 includes a plurality of customer code storage areas, and stores a customer code unique to the card when the total number of inputs exceeds the number of invalidations. A magnetic card having the same customer code as the customer code stored in the invalidation registration table 36 will be invalidated from transaction processing thereafter.

FIG. 4 is a flowchart for explaining the operation of one embodiment of the present invention. Next, specific embodiments of the present invention will be described with reference to FIGS. 1 to 4.

First, we will discuss the case where the PIN code has been entered correctly. The customer inserts the magnetic card into the card slot. Accordingly, the magnetic card is taken in by an appropriate transfer means and transferred to the position where the card reader 21 is installed. At this time, a detection switch (not shown) provided near the card insertion slot detects the insertion of the card. In response, the CPU 11 starts the operation of the flowchart shown in FIG.

That is, in step 1, data such as a customer code recorded on the magnetic card is read by the card reader 21. In step 2, the customer code just read is stored in the storage area 311 of the buffer area 31 for comparison. In step 3, it is determined whether the customer code read from the magnetic card is stored in the invalid registration table 36. If invalid registration table 3
If the magnetic card is not stored in step 6, the magnetic card is usable, and the process advances to step 4. In step 4, it is determined whether the customer code read from the magnetic card is stored in the storage area 34a at any address in the combination table 34. This determination is to determine whether an input has been made that exceeds a specified number of times, although it does not reach the invalid number of times. At this time, if the customer has not entered the PIN code incorrectly by then, the process proceeds to step 5 because the customer code is not stored in the storage area 34a at any address in the combination table 34. In step 5, it is determined whether the input PIN code matches a predetermined PIN code of the customer. This determination is made using the various determination methods described above.
Now, assuming that the PIN code has been entered correctly, in step 6, as in step 4 above, it is determined whether the customer code is stored in the storage area 34a at any address in the combination table 34. Ru. If the customer has not entered the password incorrectly by then, the process proceeds to step 7 because the customer code is not stored in the storage area 34a at any address. In step 7, a lamp included in the judgment result display section 233 indicating normality is lit and displayed. This completes the operation in the case where the correct password code has been input.

Note that the operation after steps 1 to 7 are determined to be normal is that transaction processing is permitted and proceeds to a predetermined transaction processing operation determined by the type of transaction processing device, but this is not explained here. omitted.

Next, we will explain what happens when you have never entered your PIN code incorrectly before, and this is the first time you have entered it incorrectly.

First, if the PIN code is entered incorrectly the first time, after performing steps 1 to 3 above,
In step 4, it is determined that the same customer code as the customer code stored in the storage area 33a is not stored in the storage area 34a at each address of the combination table 34. Subsequently, in step 5, it is determined that the password codes do not match, and the process proceeds to step 8. In step 8, it is again determined whether or not the combination table 34 contains the same customer code as the customer code read from the magnetic card. At this time, in the first incorrect input, the same customer code is entered in the combination table 3.
Since it is not registered in step 4, proceed to step 9.
In step 9, the number of inputs (initially 1) is written into the storage area 313, and the current time clocked by the clock circuit 14 is written into the storage area 312. Subsequently, in step 10, the entire data stored in the combination table 34 is shifted one address at a time in the direction of larger addresses. In step 11, the data (i.e., customer code, current time, and number of inputs) stored in the compared buffer area 31 is transferred to the address (i.e., the first address) where the latest data of the registration table 34 is to be stored.
is memorized. Subsequently, in step 12, a lamp indicating an erroneous input is displayed on the judgment result display section 233, and the buzzer 24 issues an alarm.

The customer then operates the numeric keypad 221 again to input the password. Accordingly, after the operations of steps 1 to 3 described above are performed, step 4 is performed.
In this step, it is determined that the customer code stored in the storage area 311 is stored at address 1 of the combination table 34. Next, step 13
In this step, it is determined whether the number of inputs stored in the storage area 34c is equal to or less than a specified number of times. If the password is input again after the first incorrect input, the number of inputs is less than the specified number of times, so the process proceeds to step 5 described above. If the second input of the PIN code is an incorrect input, it is again determined in step 5 that the PIN code is incorrectly input. Next, step 8
At , it is determined that the same customer code is stored in the combination table 34, and the process proceeds to step 14. In step 14, the data of the same customer code is transferred to the compared buffer area 31, and the contents of the storage area 313 are incremented by 1.
And the current time is written to the storage area 312.
Thereafter, in step 15, the data from the newest address (first address) in the combination table 34 to the immediately previous address where the same customer code is stored is shifted one address at a time to a larger address. That is, when the customer code read from the magnetic card and the customer code stored in the combination table 34 match, the data of the customer code is erased. Then follow the steps mentioned above.
After the same actions as 11 and 12 are performed, the series of actions ends.

On the other hand, if the second password code is not entered incorrectly, it is determined in step 5 that the password codes match. Subsequently, in step 6, it is determined that the same customer code is stored in the combination table 34, and the process proceeds to step 18. In step 18, combination table 3
The data at each address from the data one item older than the address storing the same customer code stored in No. 4 to the oldest data is stored in an updated manner by shifting one address in the direction of smaller addresses. As a result, the incorrectly input customer code, the number of inputs, and the latest input time previously stored in the combination table 34 are deleted. Thereafter, after performing the operation in step 7, the series of operations ends.

By the way, if the correct PIN code is not entered and the PIN code is entered incorrectly more than a preset number of times, the PIN code will not be re-entered even if the correct PIN code is entered after a certain period of time has elapsed since the time of incorrect input. Even if the password is entered, the password code will not be checked. That is, in this case, after the operations of steps 1 to 4 described above are performed, the process proceeds to step 13. Then, in step 13, it is determined that the number of inputs has exceeded the specified number. Subsequently, in step 16, the contents of the storage area 34b at a certain address of the combination table 34 storing the same customer code as the customer code stored in the storage area 311 are read out. Then, the time read from the combination table 34 is subtracted from the current time measured by the clock circuit 14. Thereafter, it is determined whether a certain period of time has elapsed since the time when the PIN code was input incorrectly. if,
If the certain period of time has not elapsed, proceed to step 17 without proceeding to step 5. That is, if the number of inputs of the PIN code exceeds the above-mentioned specified number of times and the above-mentioned certain period of time has not elapsed since the latest input time, it will not be determined whether the PIN codes match. In this case, in step 17, it is determined whether the total number of inputs up to now exceeds the invalid number of inputs. This is because if a magnetic card is used illegally, the number of times the PIN code must be entered is relatively large, and incorrect entries are made many times in a relatively short period of time, so the cumulative number of entries within a certain period of time is This is because if the magnetic card exceeds a predetermined number of times, it is considered to be an unauthorized use and the use of the magnetic card is invalidated. If the total number of inputs does not exceed the invalid number of inputs, perform steps 8, 14, 15, and
Perform steps 11 and 12. That is, the data of the same customer code stored in the combination table 34 is transferred to the comparison buffer area 31, the contents of the storage area 313 are incremented by 1, and the current time is written to the storage area 312. be included. Then, the data of the customer code stored in the combination table 34 is erased, and the data stored in the compared buffer area 31 is newly stored in the combination table 34. An error alert is then issued. In this way, if the PIN code is entered incorrectly a specified number of times, even if the PIN code is entered many times before a certain period of time has elapsed, the validity of the PIN code will not be determined, and only the number of inputs will be counted. It is incremented by 1 and the current time at that time is updated and stored. Therefore,
If you attempt to process a transaction using a stolen card, even if you accidentally enter the same PIN code after a predetermined number of incorrect entries, the PIN code will not be checked. and therefore transaction processing is not permitted. Therefore, there is an advantage that transaction processing using a stolen card can be prevented.

By the way, if the customer using the magnetic card is the customer himself/herself, he or she should go home and check the PIN code. In such a case, the customer should return to process the transaction a certain amount of time after the last time the PIN code was entered incorrectly. In that case, the following operations are performed.

That is, after the operations in steps 1 to 4 and 13 described above are performed, it is determined in step 16 that a certain period of time has elapsed. Thereafter, in step 5, it is determined that the password code is correct. Subsequently, in step 6, it is determined that the same customer code is stored in the combination table 34. Subsequently, in step 18, the data at each address from the data one item older than the address storing the same customer code stored in the combination table 34 to the oldest data is sorted one address in the direction of smaller addresses. The information is stored in an updated manner while being shifted one by one. As a result, the incorrectly input customer code, the number of inputs, and the latest input time previously stored in the combination table 34 are deleted. Thereafter, after performing the operation in step 7, the series of operations ends.

Next, the operation when there is an input exceeding the number of invalidations, which is one of the features of the present invention, will be explained. If the cumulative number of inputs within a certain period of time exceeds the number of invalidations stored in the invalid registration count storage area 35 after a specified number of incorrect entries are made, this is determined in step 17 described above, and step Proceed to 19. In step 19, the customer code whose password code has been input more than the number of invalidations is written to a certain address in the invalidation registration table 36. Subsequently, in step 20, the contents of each address from the data one item older than the customer code stored in the combination table 34 to the oldest data are shifted one address at a time in the direction of smaller addresses. As a result, data of customer codes that have been input more than the invalid number of times are deleted from the combination table 34.
Then, in steps 21 and/or 22,
An unauthorized processing operation is performed based on the detection of unauthorized use. As an example of this fraudulent processing operation, in step 21, an alarm is issued only within the store to notify the customer of the occurrence of an invalid card, without the customer knowing. As another example of fraudulent processing, a television camera is installed near the transaction processing device 10 in step 22, and is activated based on the detection of fraudulent use to take a picture of the customer who is fraudulently using the transaction. or record the image on the unauthorized user's video tape recorder using a television camera. Thereafter, in step 12 described above, a warning is issued to the customer, and then the series of operations ends.

[Effects of the Invention] As described above, according to the present invention, if the correct PIN code is not entered within the specified number of times, and an unauthorized card user uses the recording medium within a certain period of time to make a transaction. When attempting to do so, the number of times the PIN code has been entered is simply counted without determining the validity of the PIN code, and when the number of PIN code entries exceeds the relatively high number of invalidations, the recording medium is invalidated. Since the recording medium is treated as a medium and processing is performed based on unauthorized use, transaction processing cannot be performed even if the recording medium becomes usable after a certain period of time has elapsed. Therefore, there is an effect that unauthorized use of the recording medium can be prevented. Moreover, since the fraudulent user tries to find the correct number quickly, the number of inputs quickly reaches the invalid number. Therefore, there is an effect that fraudulent processing can be carried out quickly against fraudsters who do not have time to spare.

Furthermore, if the customer using the recording medium is the customer himself/herself, even if the correct PIN code is not entered within the specified number of times, the validity of the PIN code will be determined again after a certain period of time has elapsed.
Since the opportunity to input the correct number is given, the effect is that a legitimate person who can take the time to remember the correct pin code is more likely to be able to process the transaction. Furthermore, compared to a system that imports a recording medium when a specified number of incorrect inputs are made, subsequent processing can be simplified and processing by an attendant is not required.

[Brief explanation of drawings]

FIG. 1 is a block diagram of one embodiment of the present invention. FIG. 2 is an illustrative view of the customer service operation section shown in FIG. 1. FIG. 3 is a diagram schematically showing the storage area of the RAM shown in FIG. 1. FIG. 4 is a flowchart of one embodiment of the present invention. In the figure, 10 is a transaction processing device, and 11 is a transaction processing device.
CPU, 12 is a printer, 13 is a cassette deck,
14 is a clock circuit, 15 is a ROM, 16 is a bill discharging mechanism, 17 is a coin discharging mechanism, 20 is a customer service operation section,
21 is a card reader, 22 is a keyboard, 23 is a display, 30 is a RAM, 31 is a buffer area for comparison, 32 is a specified number of times storage area, 33 is a fixed time storage area, 34 is a combination table, 35 is an invalid number of times A storage area 36 indicates an invalid registration table.

Claims (1)

[Scope of Claims] 1. A device for processing transactions using a recording medium in which customer identification information that can identify a customer is recorded in a mechanically readable manner, comprising: a device for reading customer identification information recorded on the recording medium; reading means; input means for inputting a PIN code corresponding to the customer identification information; an input number storage area for cumulatively storing the number of times the PIN code has been input by the input means in correspondence with the customer identification information; and a PIN code; storage means including an input time storage area for storing the latest time of the input; validity determining means for determining the validity of the recording medium; and upon determining that the recording medium is valid by the validity determining means, erasing the stored content of the storage means corresponding to the customer identification information of the recording medium. an erasing means; a first setting means for setting a first number of times, which is a predetermined fixed number of times and in which input of the PIN code is unconditionally allowed; a number of times relatively greater than the first number of times; and a second setting means for setting a second number of times determined to invalidate the use of the recording medium, the cumulative number of inputs of the PIN code stored in the number of inputs storage area and the first a first determining means for determining whether the cumulative number of inputs of the PIN code exceeds the first number of times by comparing it with a first number of times set in the setting means; In response to determining that the cumulative number of inputs of the PIN code exceeds the first number of times, the valid password is maintained until a predetermined time elapses from the latest input time stored in the input time storage area. validity discrimination prohibition means for prohibiting discrimination by the gender discrimination means; comparing the cumulative number of inputs of the PIN code stored in the number of inputs storage area with a second number of inputs set in the second setting means; , a second determining means for determining whether the cumulative number of inputs of the PIN code exceeds the second number; and the second determining means determines whether the cumulative number of inputs of the PIN code exceeds the second number of times. A device for preventing unauthorized use in a transaction processing device, comprising a fraudulent processing means for performing fraudulent processing in response to a determination that the amount exceeds the limit. 2. The storage means includes an invalid registration storage area, and the fraud processing means stores the customer identification information for which it is determined that the cumulative number of inputs of the PIN code exceeds the second number of times in the invalid registration storage area. An unauthorized use prevention device in a transaction processing device according to claim 1, wherein the unauthorized use prevention device is stored in a transaction processing device.