JPH09319875A - Signature authentication system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To safely and accurately identify a user, without leaking the warrantable signature to others in the signature authentication system which is used to confirm the validity of the user at the time of use of a credit card or the like. SOLUTION: The signature of the card user is inputted by a pen input device 222 of a card authentication terminal 12, the inputted signature is transmitted to a central processing unit 11 through a communication network 14. In the central processing unit 11, it is collated with the signature of the card owner, which has been read in advanced by a signature reader 212 and is stored in a signature memory 213 at the time of card registration, on a display device 214, and the signature authentication result based on the collation processing is returned to the card authentication terminal 12. Thus, the signature of the owner himself is not forged, even if he card itself is stolen, and he is safely and accurately identified.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a signature authentication system used for confirming the legitimacy of a user when using a credit card or the like.

[0002]

2. Description of the Related Art For example, when paying a fee using a credit card, it is necessary to confirm that the user of the credit card is the same person as the owner of the card.

In general, when a credit card is used, the user's validity is confirmed by checking the signature of the card holder, which is pre-filled on the card, and the signature written on the spot by the card user on the spot. Will be done after confirming that they have the same sign.

FIG. 18 is a diagram showing an example of a conventional signature authentication method in a card payment system.

For example, a central processing unit 11 is installed at a credit card issuer, and card authentication terminals 12 and 13 are installed at credit card handling locations.
The central processing unit 11 and the card authentication terminals 12 and 13 are
It is connected online via the communication network 14.

[0006] Normally, the card authentication terminals 12 and 13 are provided with a card reader for reading a card number and the like, a keyboard for inputting the amount of money used, a character display for displaying keyboard input and credit results, and a slip output for the results. A printer and the like are provided.

[0007] That is, for example, when an article is purchased using a card at a card handling shop in which the card authentication terminal 12 is installed, the number of the card used and the like are displayed.
The card number of the used card read by the card reader No. 2 and the payment amount entered by the keyboard are transmitted to the central processing unit 11 which is the card issuer via the communication network 14.

Then, in the central processing unit 11, the credit status of the card holder is confirmed based on the number information of the used card transmitted from the card authentication terminal 12, and when the payment amount is within the credit amount. , The confirmation number is generated and returned to the card authentication terminal 12.

At the card authentication terminal 12, the card processing confirmation number is sent from the central processing unit 11 so that the validity of the card itself is confirmed.
The card owner's signature pre-filled on the card and the card user's signature written on the payment slip on the spot are visually collated to confirm that the card user is the card owner himself. Be done.

[0010]

However, in the above-described conventional signature authentication method, when the card is stolen by another person, the stolen person imitates the signature of the cardholder previously written on the back surface of the card. By doing so, there is a problem that the cardholder can be easily impersonated when the signature is written on the payment slip at the card handling place.

That is, when the credit card is used, the process of confirming the credit amount based on the card number read by the card authentication terminal 12 is a process executed according to the information of the card itself. It is not possible to confirm the identity of the person and, moreover, the identity verification by the above-mentioned signature can be imitated by a thief by learning because the signature of the owner himself is written on the card. It is a difficult problem to accurately authenticate whether the owner is the owner.

The present invention has been made in view of the above-mentioned problems, and a signature authentication system capable of safely and accurately confirming the identity of a person without the legitimate signature being known to others. The purpose is to provide.

[0013]

In the signature authentication system according to claim 1 of the present invention, in the card authentication terminal,
When the card user's signature is entered, the entered signature is transmitted to the central processing unit, which is collated with the card owner's signature stored in advance at the time of card registration at the central processing unit. The result of signature verification based on it is returned to the card authentication terminal, so even if the card itself is stolen, the signature of the owner himself will not be imitated, and it will be confirmed safely and accurately that he is the person himself. It will be possible.

In the signature authentication system according to claim 2 of the present invention, when a card user's signature is entered at the card authentication terminal, the stroke order of the entered signature is identified together with the entered signature and transmitted to the central processing unit. The card itself is checked by the processing device with the cardholder's signature and its stroke order stored in advance when registering the card, and the signature verification result based on the verification process is returned to the card verification terminal. Even if it is stolen, the signature of the owner himself is not imitated, and it is possible to safely and more accurately confirm the identity of the owner.

In the signature authentication system according to claim 3 of the present invention, there is provided a system in which a card authentication terminal can be appropriately connected to each of the regional processing devices distributed in a plurality of regions through a communication network. When a card user's signature is entered at a card authentication terminal connected to an arbitrary regional processing device, card-specific information (for example, a card number) read by the card information reading means together with the entered signature is used as an authentication request for regional processing. Transmitted to the device. Then, in this area processing device, it is determined whether or not the information specific to the used card is stored in the belonging card information storage means that stores the specific information of each card belonging to the area. When it is determined that the unique information is stored in the belonging card information storage means, the signature of the card user is compared with the signature of the card holder stored in the signature storage means, and the comparison is performed. The signature verification result based on the processing is returned to the card verification terminal. If the determination unit determines that the information specific to the used card is not stored in the belonging card information storage unit, the information specific to the card does not belong to the area stored in the unaffiliated card storage unit. Authentication that is searched from the unique information of each card, the communication route to the regional processing device to which the card belongs is read, and the card user's signature transmitted from the card authentication terminal and the card-specific information The request is transferred to the regional processing device to which the used card belongs, the same signature verification as described above is performed, and the signature authentication result based on the verification processing is returned to the card authentication terminal. Therefore, it is possible to efficiently and efficiently use the communication network of each area and to confirm the identity of the person safely and accurately.

In the signature authentication system according to claim 4 of the present invention, when a card user's signature is entered in the card authentication terminal, card-specific information read by the card information reading means together with the entered signature (for example, a card Number) is transmitted to the central processing unit as an authentication request. Then, in the central processing unit, the signature of the used card owner stored in the owner information storage means corresponding to the transmitted information specific to the used card is read out and returned to the card authentication terminal for card authentication. It is collated with the inputted card user's signature at the terminal. Therefore, the load on the central processing unit can be reduced, and it is possible to safely and accurately confirm the identity of the person.

In the signature authenticating system according to claim 5 of the present invention, when the card user's signature and personal identification number are entered in the card authenticating terminal, the entered personal identification number is unique to the card read by the card information reading means. It is transmitted to the central processing unit together with the information (eg card number). Then, in the central processing unit, the personal identification number and the signature of the card owner stored in the owner information storage means are retrieved in correspondence with the transmitted information specific to the used card, and the personal identification number and the card of the card user are retrieved. When it is determined that the password coincides with the owner's personal identification number, the corresponding cardholder's signature is returned to the card authentication terminal, and at the card authentication terminal, the entered card user's signature and the central processing unit are returned. The cardholder's signature is verified. Therefore, the signature of the cardholder is returned to the card authentication terminal for verification processing only when it is determined that the cardholder is the cardholder himself by verifying the personal identification number. As a result, the signature of the cardholder will not be stolen, and the identity of the cardholder can be confirmed safely and accurately.

In the signature authentication system according to claim 6 of the present invention, when a card user's signature and personal identification number are entered in the card authentication terminal, information specific to the used card read by the card information reading means (for example, card number). ) Is transmitted to the central processing unit. Then, the central processing unit retrieves the personal identification number and the signature of the cardholder stored in the owner information storage means in correspondence with the transmitted information unique to the used card, and encrypts the signature with the personal identification number. And sent back to the card authentication terminal.
Then, in the card authentication terminal, the encrypted and returned signature of the cardholder is decrypted by the personal identification number entered by the card user, and is collated with the entered signature of the card user. Therefore, only when the card user's personal identification number matches the card owner's personal identification number, the cardholder's signature is revealed and verified in the card authentication terminal. Will not be stolen, and you will be able to confirm your identity safely and more accurately.

In the signature authenticating system according to claim 7 of the present invention, when an IC card is connected to the card authenticating terminal and the signature of the card user is inputted, the possession of the card stored in the signature storing means of the IC card is carried out. Since the signature of the person is read out and verified, it is possible to efficiently and safely and accurately identify the person only by the communication processing with the card itself.

In the signature authentication system according to the eighth aspect of the present invention, when the IC card is connected to the card authentication terminal and the signature of the card user is inputted, the inputted signature of the card user is transmitted to the IC card. , The IC card's signature stored in the IC card's signature storage means is verified, and the result of signature verification based on the verification process is returned to the card authentication terminal. It is possible to efficiently, safely and accurately confirm the identity of the person without reading the signature of the owner.

In the signature authentication system according to claim 9 of the present invention, a card authentication terminal that moves between regions is connected to each of the regional processing devices distributed in a plurality of regions via a wireless communication network. In a system in which the plurality of regional processing units are connected to a central processing unit via a communication network, information from the card authentication terminal that has been moved to a certain region (for example, a terminal number) ) Is transmitted to the regional processing unit of the relevant area and transferred to the central processing unit, the matching terminal unique information is retrieved from the information unique to each registered card authentication terminal stored in the terminal information storage means. Then, the terminal authentication information according to the search result is returned to the regional processing device. Then, in the regional processing device, the card-specific information transmitted from the card authentication terminal together with the card user's signature is transferred to the central processing device and stored in the owner information storage means in correspondence with this card-specific information. The signed cardholder's signature is retrieved and returned to the regional processing unit. Then, the card user's signature input and transmitted at the card authentication terminal and the card owner's signature returned from the central processing unit are collated, and the signature authentication result based on the collation processing is sent to the card authentication terminal. Will be returned. Then, the history information associated with the card use performed with the card authentication terminal in the regional processing device is transmitted to and stored in the central processing device, and the continuity of the card usage information is maintained. Therefore, the mobility of the card authentication terminal can be ensured, the convenience of using the card can be expanded, and the identity of the person can be confirmed safely and accurately.

In the signature authentication system according to claim 10 of the present invention, the personal number as the billing information is stored as I
In a wireless communication system in which the C card is connected to a wireless terminal and the wireless terminal is used as an individual one, when the signature of the wireless terminal user is input at the wireless terminal, the signature is read from the signature storing means of the IC card. The personal number as the billing information stored in the personal number storage means of the IC card can be read out only when it is collated with the issued cardholder's signature, and it is stolen, for example. With the IC card, the signatures cannot be matched with each other, illegal use can be prevented, and the identity of the person can be confirmed safely and accurately.

In the signature authentication system according to the eleventh aspect of the present invention, the personal number is stored as the billing information.
In a wireless communication system in which the C card is connected to a wireless terminal and the wireless terminal is used as an individual, when the signature of the wireless terminal user is input in the wireless terminal, the input is made in the IC card. Only when the signature of the terminal user and the signature of the IC card owner stored in the signature storage means are collated, and if they match each other,
Since the personal number as the billing information stored in the personal number storage means of the IC card can be read out,
For example, in the case of a stolen IC card, the signatures cannot be matched and the signature of the cardholder is never read out, so it is possible to prevent unauthorized use more reliably, and be safe and accurate. You will be able to confirm that.

According to the twelfth aspect of the signature authentication system of the present invention, the I number in which the personal number as the billing information is stored.
In a wireless communication system in which the C card is connected to a wireless terminal and the wireless terminal is used as an individual, when the signature of the wireless terminal user is input in the wireless terminal, the input is made in the IC card. The signature of the terminal user and the signature of the IC card owner stored in the signature storage means are collated, and if they coincide, the collation time is stored in the collation time storage means. And
When a request for reading out the personal number is issued from the wireless terminal, the individual as the billing information stored in the personal number storage means is set only within the set time from the signature collation time stored in the collation time storage means. Since the number is readable, for example, even if the IC card is still connected to the wireless terminal, the cardholder's signature will not be read to the outside, and it must be within the set time from the signature verification matching time. You cannot read your personal number, so
Unauthorized use can be surely prevented, and it is possible to safely and accurately confirm the identity of the user.

According to a thirteenth aspect of the sign authentication system of the present invention, there is provided a wireless communication system in which a base station receives a communication request from a wireless terminal used by an unspecified user and connects a line, When the signature of the wireless terminal user is input at the terminal, the individual as the billing information of each registered individual stored in the personal information storage means and the input terminal user signature at the base station. Since the personal number can be read out only when the number is collated and the collation coincides, it is possible to confirm the identity of the person more safely and accurately without using an IC card.

[0026]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described below with reference to the drawings.

[First Embodiment] FIG. 1 is a block diagram showing the arrangement of a signature authentication system in a card payment system according to the first embodiment of the present invention.

In this card payment system, for example, a central processing unit 11 installed at a card issuer and a card authentication terminal 12 installed at a card handling store are connected via a communication network 14, and the central processing unit 11 is connected to the central processing unit 11. , A processing unit 211 including a CPU, a signature reading device 212, a signature memory 213, and a display 214, and the card authentication terminal 12 includes a pen input device 222.

The signature reading device 212 reads the signature of the card holder by an image pattern or the like, for example, when a card user registers a credit card in a card company, and the card read by the signature reading device 212. The owner's signature is stored and registered in the signature memory 213 in association with a card number or the like.

The display 214 is, for example, the card user's signature transmitted from the card authentication terminal 12 to the central processing unit 11 via the communication network 14 and the signature memory 21.
The signature of the cardholder's signature stored in FIG. 3 is collated and displayed, and the signature authentication result based on this collation display and the credit information of the card are returned from the processing unit 211 to the card authentication terminal 12 via the communication network 14. To be done.

On the other hand, the pen input device 222 inputs the signature of the card user as an image pattern or the like. The signature of the card user input by the pen input device 222 is sent from the card authentication terminal 12 to the communication network 14. Is transmitted to the central processing unit 11 via.

That is, a user who intends to use the card first applies for the card application form with the signature used by the card issuer attached.

At the card issuer, the signature written in the application form is stored in the signature memory 213 in the central processing unit 11 together with the information of the applicant in the signature memory 213 as digitized information and registered.

When a card is used, at a card handling store, the card authentication terminal 12 executes the input process of the card usage information such as the usage amount and the card number. The pen input device 222 converts the signature of the card user into electronic information, and the communication network 14 together with the card usage information.
To the central processing unit 11 via.

In the central processing unit 11, when the information from the card authentication terminal 12 is received, the processing section 211 confirms the credit based on the card usage limit amount and the past payment status, and further, the used card number. The signature of the cardholder registered corresponding to is read from the signature memory 213 and is collated and displayed on the display 214 together with the signature of the card user received from the card authentication terminal 12.

The operator in the central processing unit 11 is
The two signatures of the card user and the cardholder, which are collated and displayed on the display 214, are compared to authenticate the signature, and the credit result information and the authentication result information are sent to the card authentication terminal 12 via the communication network 14. Send it back.

As a result, the card authentication terminal 12 can obtain the credit information of the card and the signature authentication information as to whether the card user is the owner himself.

Therefore, according to the signature authentication system of the first embodiment, it is not necessary to write the signature of the cardholder on the credit card itself, so that, for example, when the card is lost and is picked up and misused, Even if it is misused due to theft, the signature of the owner himself is not stolen and imitated, and the signatures of the card user and the card holder are collated and displayed on the display 214 for authentication. Therefore, secure and accurate card authentication can be performed.

Note that the central processing unit 11 can store and manage the card usage information transmitted from the card authentication terminal 12 as a card usage record.

[Second Embodiment] FIG. 2 is a block diagram showing the arrangement of a signature authentication system in a card payment system according to the second embodiment of the present invention.

The signature authentication system of the second embodiment is the central processing unit 11 of the signature authentication system of the first embodiment (see FIG. 1), and further comprises an automatic signature verification unit 215. .

That is, the automatic signature verification device 215
The signature of the card user transmitted from the card authentication terminal 12 through the communication network 14 and the signature of the card holder read from the signature memory 213 are automatically collated by pattern recognition processing. Based on the verification result by the verification device 215, the signature authentication result information and the card credit result information are sent to the card authentication terminal 12
Will be returned to.

Therefore, according to the signature authentication system of the second embodiment, since the automatic signature verification device 215 is installed in the central processing unit 11, there is no need to perform artificial verification of the signature at all, and the verification work is greatly performed. It will be possible to improve the accuracy while shortening the time.

[Third Embodiment] FIG. 3 is a block diagram showing the arrangement of a signature authentication system in a card payment system according to the third embodiment of the present invention.

The signature authentication system according to the third embodiment is the same as the signature authentication system according to the second embodiment (see FIG. 2), and further includes a stroke order memory 216, a pen input device 217 for the central processing unit 11. Stroke order analysis device 21
In addition, the card authentication terminal 12 is provided with a stroke order analysis device 223.

That is, when the card owner's signature is entered by the pen input device 217 of the central processing unit 11 when registering the card, the stroke order of the signature is the stroke order analyzer 2.
18, along with the pattern data of the signature itself read by the signature reading device 212,
It is stored and registered in the signature memory 213 and the stroke order memory 216 in association with the card number or the like.

When the card is used at a card handling store, the pen input device 222 of the card authentication terminal 12 is used.
When the signature of the card user is input, the stroke order is analyzed by the stroke order analyzer 223 together with the pattern data of the signature, and is further transmitted to the central processing unit 11 via the communication network 14 together with the card usage information.

Then, in the central processing unit 11, the card user's signature transmitted from the card authentication terminal 12 and its stroke order, the card owner's signature read from the signature memory 213 and the stroke order memory 216, and the stroke order thereof. Is verified by the automatic signature verification device 215, and the signature verification result information based on the verification process is returned to the card verification terminal 12 together with the credit verification result information.

Therefore, according to the signature authentication system of the third embodiment having the above-mentioned configuration, the automatic signature verification device 215 is installed in the central processing unit 11, and the signature verification process involves verification by pattern recognition of the signature itself. In addition, since the stroke order of the signature is also verified, not only can the verification processing speed of the signature be shortened, but the identification rate in automatic verification can be greatly improved, and safe and more accurate card authentication can be performed. it can.

[Fourth Embodiment] FIG. 4 is a block diagram showing the configuration of a signature authentication system in a card payment system according to a fourth embodiment of the present invention.

The signature authentication system according to the fourth embodiment includes regional processing devices 51 distributed in a plurality of regions.
Communication networks 141, 142, ...
Is based on a card payment system capable of connecting each card authentication terminal 501, 502, ...
Each card authentication terminal 501, 50 dispersed in a wide area
Since it is difficult to directly perform the card authentication process with the central processing unit 11 from all of 2, ..., It is difficult because of the problem of communication capacity.
Card authentication terminals 501, 50 between 11, 512, ...
The card authentication process for 2, ... Is performed.

For example, the application for card registration is centrally managed by the central processing unit 11, and the information of the card holder and the card usage information are the regional processing devices 511, 512, ... Of the area where the card is most frequently used. Be stored in.

On the other hand, the card user may use the card in an area where the owner information is not stored.

In this case, each regional processing device 51
, 512, ... By transferring the card authentication request (card user's signature, card number, usage amount, etc.) to the regional processing device in the area where the owner information of the used card is stored, The authentication process can be completed.

Here, the distance from the card authentication terminal 501 using the card to the regional processing unit 512 in which the owner information of the used card is stored is the central processing unit 1.
If it is longer than the distance to 1, the card authentication request may be transferred to the central processing unit 11.

Further, the area processing devices 511, 512,
When ... are distributed overseas, it is highly likely that the card user who started using the card in a certain region overseas will continue to use the card in the same region for several days. May be transferred to the corresponding overseas regional processing device.

By doing so, the central processing unit 11
It is possible to reduce the direct exchange of information with and to improve the efficiency of card authentication.

FIG. 5 is a block diagram showing the configuration of the area processing devices 511 and 512 in the signature authentication system of the fourth embodiment.

The regional processing units 511 and 512 have basically the same configuration as the central processing unit 11, and the processing units 211,
The signature memory 213 and the signature automatic verification device 215 are used as a basis, and further information of the cardholder is
For example, an information memory 262 that stores the card number and the information of the regional processing device to which the card belongs in association with each other, a routing map memory 261 that stores information of a communication route to another regional processing device, and transfer data temporarily. A temporary memory 263 for storing is provided.

FIG. 6 is a flow chart showing a card authentication process (No. 1) in the signature authentication system of the fourth embodiment.

For example, when a card is used in the card authentication terminal 503 and the card number, the card user's signature, the amount of money used, etc. are transmitted to the communication network 142 as a card authentication request, the card authentication transmitted to this communication network 142 is used. The request is received by the regional processor 512 (step S
1, S2).

The area processing device 512 searches for the card number stored in the information memory 262 corresponding to the card number of the used card received as the authentication request, and the area processing device to which the card holder belongs belongs to itself. It is determined whether or not it is the area processing device 512 of the area (step S3).

Here, when the card number of the used card is retrieved from the information memory 262, the card belongs to this area processing device 512 based on the information of the area processing device stored correspondingly. If it is determined that the cardholder's signature stored in the signature memory 213 in association with the card number is captured by the processing unit 211 and the card user's signature received as the card authentication request, The signature of the cardholder is verified by the automatic signature verification device 215 (step S3 → S).
4, S5).

Then, the result information of the signature authentication and the result information of the credit card based on the signature verification process are returned to and received by the card authentication terminal 503 (step S).
6, S9).

On the other hand, in step S3, when the card number of the used card is retrieved from the information memory 262, the card is determined to be the other regional processing device 511 based on the information of the regional processing device stored correspondingly. If it is determined that the area processing device 51 belongs to
The communication route up to 1 is the routing map memory 261.
The card authentication request received from the card authentication terminal 503 is notified to the regional processing device 511 (steps S3 → S7, S8).

Then, in the area processing device 511, according to the authentication request from the card authentication terminal 503 notified by the area processing device 512, the card authentication terminal 50
The same sign authentication processing and credit judgment processing as described above are executed by direct information access with the card No. 3, and the resulting information is returned to the card authentication terminal 503 and received.

FIG. 7 is a flow chart showing the card authentication processing (No. 2) in the signature authentication system of the fourth embodiment.

Regarding the processing steps similar to the card authentication processing (No. 1) in the flowchart of FIG.
The same step numbers are given and the description thereof is omitted.

That is, in step S3, when the card number of the used card is retrieved from the information memory 262, the card is stored in another area processing device 511 based on the information of the area processing device stored correspondingly. If it is determined to belong to the area processing device 51
The communication route up to 1 is the routing map memory 261.
Is searched from (step S3 → S7).

Then, it is judged whether or not the communication charge with the regional processing device 511 is within the range in which information can be accessed, and if it is within the range, the card received from the card authentication terminal 503 is judged. The authentication request is relayed and transferred to the regional processing device 511 together with the information that the regional processing device 512 is a relay device (step S11 →
S12).

As a result, in the area processing device 511 to which the used card belongs, the same sign authentication processing and credit judgment processing as described above are executed, and the result information is relayed and stored in the area processing device 512. Along with
It is returned to the card authentication terminal 503 and received (step S13).

On the other hand, when it is determined in step S11 that the communication charge with the regional processing device 11 is higher than the set range, the card user determines that the card authentication terminal 5
No. 03 is present in the area for a while (the high communication charge indicates that the geographical distance from the area to which the mobile terminal belongs is long, and it is determined that the user cannot easily make a round trip). The use of expensive lines is less likely to be relayed.

Therefore, the regional processing device 5 for relaying
In 12, data request, reception, storage, change processing of address classification table and the like are performed between the card authentication terminal 503 and the regional processing device 511 to which the used card belongs, as required (steps S11 → S14, S15, S1
6).

In this way, the authentication of a card user who has temporarily moved from another area is treated as if it were a cardholder who belongs to his / her area without using an expensive communication line each time it is used. Will be able to.

FIG. 8 is a block diagram showing a configuration necessary for an area processing device that relays between a card authentication terminal connected to its own area and an area processing device in another area in the signature authentication system of the fourth embodiment. .

That is, in the area processing device required for relaying between the card authentication terminal and another area processing device to which the owner of the used card belongs, the card number and the card ownership Sign memory 213 that stores the person's signature in association with it, and temporary memory 9 that temporarily stores the data received from other regional processing devices.
1. A route memory 92 for storing a communication route to another area processing device is provided.

Therefore, according to the signature authentication system of the fourth embodiment having the above-mentioned configuration, the communication networks 141, 142, ...
By introducing the regional processing devices 511, 512, ... Separated by, it is possible to reduce direct information access to the central processing device 11 and improve the efficiency of card authentication.

Further, the regional processing devices 511, 512,
By including a routing map memory 261, an information memory 262, and a temporary memory 263 in ..., It is possible to effectively use the communication network, and it is possible to significantly improve the utilization efficiency.

Therefore, even in the geographically distributed card payment system, highly efficient, safe and accurate card authentication can be performed.

[Fifth Embodiment] FIG. 9 is a block diagram showing the arrangement of a signature authentication system in a card payment system according to the fifth embodiment of the present invention.

The signature authentication system according to the fifth embodiment has a communication line in a state in which the amount of communication from the card authentication terminals 12, ... The configuration should be such that the usage efficiency of is generally improved.

That is, in the card authentication terminal 12,
When the number of the used card and the used amount of money are transmitted to the central processing unit 11 as an authentication request, the central processing unit 11 outputs the signature of the owner of the used card from the signature memory 213 corresponding to the received card number. It is read out and returned to the card authentication terminal 12 together with the credit result information obtained by the processing unit 211.

Then, in the card authentication terminal 12, the signature of the card holder received from the central processing unit 11 is output to the signature collating device 228, and collated and compared with the signature of the card user inputted from the pen input device 222. It

As a result, it is confirmed whether the card user is the card owner himself.

In this case, the signature collation device 228 connected to the card authentication terminal 12 is an automatic collation device only by pattern recognition of a signature, a collation device which also performs stroke order analysis, and a visual signature. It may be any of the collating devices using a display device for collating.

Therefore, according to the signature authenticating system of the fifth embodiment having the above-mentioned configuration, the card authenticating terminal 1 performs the collation process of the signature of the card user and the signature of the cardholder.
Since the processing is performed on the second side, the load on the central processing unit 11 can be reduced, the amount of communication from the card authentication terminal 12 side to the central processing unit 11 side can be reduced, and the communication line that the card authentication terminal 12 should have. The load on the card authentication terminal 12 can be reduced, and the spread of the card authentication terminal 12 is promoted.

[Sixth Embodiment] FIG. 10 is a block diagram showing the arrangement of a signature authentication system in a card payment system according to the sixth embodiment (1) of the present invention.

In the signature authentication system of the sixth embodiment (part 1), for example, when the holder of the card authentication terminal 12 is malicious, even if someone else's card is picked up, the signature of the card holder is used for card authentication. The terminal 12 is configured so as not to be read and stolen.

That is, based on the signature authentication system of the fifth embodiment (see FIG. 9), the central processing unit 11 is further provided with the signature of the cardholder stored in the signature memory 213. Is provided with an encryption device 231 for encrypting with the personal identification number, and the card authentication terminal 12 further includes a personal identification number input device 230 for inputting the personal identification number of the card user, and a card number of the used card. A decryption device 229 for decrypting the encrypted cardholder's signature read out and returned from the central processing unit 11 according to the above-mentioned personal identification number input device 230 by the personal identification number input by the card user.
Prepare for.

That is, when the card number of the used card is read at the card authentication terminal 12 and transmitted to the central processing unit 11 as an authentication request, the central processing unit 11
Sign memory 2 associated with the received card number
The card owner's signature and personal identification number stored in 13 are read, the cardholder's signature is encrypted by the cardholder's personal identification number in the encryption device 231, and the used card obtained by the processing unit 211. Is returned to the card authentication terminal 12 together with the credit result information.

Then, in the card authentication terminal 12, the encrypted signature received from the central processing unit 11 is decrypted by the decryption device 229 based on the personal identification number of the card user input by the personal identification number input device 230. , And is sent to the signature verification device 228 and verified with the card user's signature input by the pen input device 222.

Accordingly, as long as the card user is the card owner himself, the personal identification number input by the personal identification number input device 230 does not match the personal identification number stored in the signature memory 213 of the central processing unit 11. , The accurate signature of the cardholder is not sent to the signature verification device 228, and for example, the cardholder's signature cannot be stolen and misused by another person's card found by the operator of the card authentication terminal 12. Absent.

FIG. 11 shows the sixth embodiment of the present invention (part 2).
FIG. 3 is a block diagram showing the configuration of a signature authentication system in the card payment system according to the present invention.

The signature authentication system of the sixth embodiment (Part 2) is similar to the signature authentication system of the sixth embodiment (Part 2), for example, when the holder of the card authentication terminal 12 is malicious, Even if you pick up the card of
The signature of the cardholder is read by the card authentication terminal 12 so that it cannot be stolen.

That is, the card authentication terminal 12 is based on the signature authentication system of the fifth embodiment (see FIG. 9).
Further, the personal computer is further provided with a personal identification number input device 230 for inputting a personal identification number by the card user, and the central processing unit 11 is further provided with a signature memory 213 in which a signature of the cardholder is associated with each card number. An encryption device 232 is provided for determining whether or not the stored personal identification number and the personal identification number of the card user input by the personal identification number input device 230 of the card authentication terminal 12 match.

That is, when the card number of the used card is read in the card authentication terminal 12 and the personal identification number of the card user is input by the personal identification number input device 230 and transmitted as an authentication request to the central processing unit 11. In the central processing unit 11, the signature and PIN of the card holder stored in the signature memory 213 in association with the received card number are read, and the received PIN is the PIN of the card holder. The encryption device 232 determines whether the personal identification numbers of the users match. When the encryption device 232 determines that the personal identification number input by the card user coincides with the personal identification number of the card holder, the signature of the card owner read out together with the personal identification number of the card owner is used for card authentication. It is returned to the terminal 12.

Then, in the card authenticating terminal 12, the signature of the card holder received from the central processing unit 11 is sent to the signature collating device 228 and collated with the signature of the card user inputted by the pen input device 222. It

As a result, as long as the card user is the card owner himself, the personal identification number entered by the personal identification number input device 230 does not match the personal identification number stored in the signature memory 213 of the central processing unit 11. , The cardholder's signature is not sent to the card authentication terminal 12, and for example, the cardholder's signature cannot be stolen and misused by another person's card found by the operator of the card authentication terminal 12.

Therefore, according to the signature authentication system of the sixth embodiment having the above-mentioned configuration, the personal identification number input by the card user at the card authentication terminal 12 and the personal identification number of the card holder registered in the central processing unit 11 are stored. If the two do not match, the signature of the cardholder cannot be obtained and is not given to the signature verification device, so the signature of the cardholder can be prevented from being stolen on the card authentication terminal 12 side,
It becomes possible to perform secure and accurate card authentication.

Also in the sixth embodiment, the signature collation device 228 connected to the card authentication terminal 12 is an automatic collation device only by pattern recognition of a signature, or a collation device that also performs stroke order analysis, Further, it may be any one of a collating device using a display device that visually collates a signature.

[Seventh Embodiment] FIG. 12 is a block diagram showing the arrangement of a signature authentication system according to the seventh embodiment of the present invention.

The signature authentication system of the seventh embodiment has a structure in which, for example, a credit card is converted into an IC card and the signature of the card holder is stored in the card itself.

Here, in FIG. 12, the illustration of the communication network and the central processing unit for obtaining the credit information of the used card is omitted.

That is, the IC card 1300 stores the card number of the card, owner information such as the owner's address, name, telephone number, etc., the signature of the card owner, and past transaction information. A memory 1301 is provided, and the card authentication terminal 12 has a pen input device 222 for inputting a card user's signature, and the card owner's signature input and the card possessed read from the IC card 1300. A signature verification device 228 for verifying the signature of the person is provided.

That is, in the card authentication terminal 12, I
When the card user inputs a signature with the pen input device 222 after connecting the C card 1300, the IC card 130
0 of the card owner's signature stored in the memory 1301 of each interface circuit 1303, 1
It is read out via 310 and collated by the signature collating device 228.

The result of signature verification in the card authentication terminal 12 is transferred to the central processing unit via a communication network (not shown) and stored as a usage history.

Therefore, according to the signature authentication system of the seventh embodiment having the above-mentioned configuration, the IC card is used to store the signature of the card holder which cannot be easily read from the outside, so that the signature authentication is performed. It is possible to eliminate information access to the central processing unit associated with the above, reduce the amount of use of the communication network, and perform secure and accurate card authentication.

Also in the seventh embodiment, the signature collating device 228 connected to the card authentication terminal 12 is an automatic collating device only by pattern recognition of a signature, or a collating device which also performs stroke order analysis, Further, it may be any one of a collating device using a display device that visually collates a signature.

[Eighth Embodiment] FIG. 13 is a block diagram showing the arrangement of a signature authentication system according to the eighth embodiment of the present invention.

The signature authentication system of the eighth embodiment is similar to the signature authentication system of the seventh embodiment,
For example, a credit card is converted to an IC card, the signature of the card holder is stored on the card itself, and the I
The C card side performs signature verification, and it is not necessary to read out the signature of the card holder to the outside.

Here, in FIG. 13, the illustration of the communication network and the central processing unit for obtaining the credit information of the used card is omitted.

That is, the IC card 1300 stores the card number of the card, owner information such as the owner's address, name, telephone number, etc., the card owner's signature, and past transaction information. A processing unit 1 including a memory 1301 and a CPU for performing signature verification processing and the like.
302, and the card authentication terminal 12 has a pen input device 22 for inputting a signature of a card user.
2 are provided.

That is, in the card authentication terminal 12, I
When the C card 1300 is connected and the card user inputs a signature using the pen input device 222, the input card user's signature is transferred to the IC card 1300, and the I
It is sent to the processing unit 1302 of the C card 1300. Then, the signature of the cardholder stored in the memory 1301 is read out, collated by the processing unit 1302, and the collation result information is returned to the card authentication terminal 12.

Then, the signature verification result obtained at the card authentication terminal 12 is transferred to the central processing unit via the communication network (not shown) together with the authentication information of the usage amount and stored as a usage history.

Therefore, according to the signature authentication system of the eighth embodiment having the above-mentioned configuration, the IC card is used to store the signature of the card holder which cannot be easily read from the outside, and the card can be used. Since the signature verification process with the person in charge is also performed inside the card,
Information access with the central processing unit associated with signature authentication can be eliminated, the amount of communication network usage can be reduced, and it is not necessary to read the signature of the cardholder to the outside, making it safer and more accurate. You will be able to perform card authentication.

[Ninth Embodiment] FIG. 14 is a block diagram showing the arrangement of a signature authentication system according to the ninth embodiment of the present invention.

The signature authentication system of the ninth embodiment is such that the regional processing devices 15 are dispersedly arranged in a plurality of regions.
, 1512, ... For each of the card authentication terminals 1510 moving between regions, the wireless data transmission network 152
, Which is connectable to the central processing unit through a communication network (not shown).

That is, the central processing unit (not shown)
In addition to the processing unit consisting of a CPU, a terminal number memory for storing and registering each terminal number of a card authentication terminal belonging to this card company, associating the registered card number with the signature of the card holder Area for storing signature memory for storing information from the card authentication terminal 1510
1, 1512, ... A terminal confirmation device and a regional processing device for searching the terminal number memory for a terminal number that matches the terminal number received via the terminal number memory and confirming the validity of the card authentication terminal 1510. A history information memory for storing history information associated with card use received from 1511, 1512, ...
510 is provided with a pen input device for inputting a card user's signature, and further, each regional processing device 151.
, 1512, ... Temporary memory for temporarily storing the terminal number of the card authentication terminal received from the card authentication terminal 1510, the signature of the card user received from the card authentication terminal 1510, and the central processing unit. A signature verification device is provided for verifying the cardholder's signature received from.

For example, in the card authentication terminal 1510 having a wireless function installed in a moving train, the terminal number of the card authentication terminal 1510 is transmitted as a terminal authentication request with the use of the card, and the pen input device is used. Card user's signature and card number entered by
When the usage amount is transmitted as a card authentication request, both the terminal authentication request and the card authentication request transmitted from this card authentication terminal 1510 are received by the base station 1531 installed in the current moving area, and wireless data transmission is performed. Net 152
1 and the communication network 141, and is transferred to and received by the regional processing device 1511 in the corresponding region.

Then, in the regional processing device 1511, first, the terminal number received as a terminal authentication request from the card authentication terminal 1510 and stored in the temporary memory is the communication network 141.
Is transferred to a central processing unit (not shown) through a relay device 52 or a repeater 52, and a terminal confirmation device of the central processing unit performs a match search with the terminal number registered in the terminal number memory,
The legitimacy is confirmed.

Then, the authenticity of the card authentication terminal 1510 is confirmed, and the authentication result information is used as the area processing device 15
When returned to 11 and received, the card number and the usage amount of the used card received as the card authentication request and stored in the temporary memory are further transferred to a central processing unit (not shown).

Then, in the central processing unit, the signature of the cardholder stored in the signature memory is read out in correspondence with the card number of the used card transferred via the regional processing unit 1511 and processed. It is returned to the regional processing device 1511 together with the credit result information obtained by the department.

Then, in the regional processing unit 1511, the signature of the card holder received from the central processing unit and the signature of the card user stored in the temporary memory are sent to the signature collating unit for collation. The signature authentication result information is returned together with the credit result information from the communication network 141 to the card authentication terminal 1510 via the wireless data transmission network 1521 and the base station 1531 and is received.

Then, the card use information and the authentication information processed with the card authentication terminal 1510 in the area processing device 1511 are transferred to the central processing device and stored in the history information memory, so that the card handling can be continued. Secured.

Therefore, according to the sign authentication system of the ninth embodiment having the above-mentioned structure, the card authentication terminal is provided with mobility by using the wireless communication network, and the card authentication terminal itself is authenticated by the area of the communication area. Since it is executed via the processor, and all card usage information is transferred to the central processing unit for storage and storage, it is possible to ensure the reliability of moving the card authentication terminal and to use the card conveniently. It is possible to expand the property and perform a safe and accurate card authentication process.

[Tenth Embodiment] FIG. 15 shows the first embodiment of the present invention.
It is a block diagram which shows the structure of the signature authentication system in the telephone wireless system concerning 0 embodiment (the 1).

In the signature authentication system of the tenth embodiment (part 1), an IC card in which a personal number as billing information is stored is connected to a portable wireless terminal so that the portable wireless terminal can be used as an individual. The wireless communication system is based on the wireless communication system described above, and is configured so as to prevent the IC card from being abused and the call charges used by others being charged when the IC card is stolen.

That is, the portable radio terminal 1700 has a C
In addition to the processing unit 1706 including a PU, a wireless unit 170 for performing wireless communication with the base station transceiver device 1750.
1, a pen input unit 1702 having a touch panel, a keyboard 1703 having a numeric keypad or a symbol key, a temporary memory 1704 for temporarily storing a personal number read from the IC card 1710, and a device number of the wireless terminal 1700 are stored. The IC card 1710 is provided with a device number memory 1705, and the IC card 1710 stores a personal number memory 1711 in which a personal number as billing information of the card holder is stored and a signature memory 1712 in which a signature of the card holder is stored. Is provided.

The terminal authentication center 176 on the base station side
0 is a device number list memory 17 that stores the device numbers of the portable wireless terminals registered in the base station.
61, an individual number list memory 1762 for storing individual numbers as billing information for each individual registered in the base station.

That is, when the user of the wireless terminal 1700 connects his / her IC card 1710 and inputs a telephone number with the keyboard to start a call, the user is required to input a signature.

When the signature of the terminal user is input by the pen input unit 1702, the signature of the terminal user and the signature of the cardholder read from the signature memory 1710 of the IC card 1710 are sent to the processing unit 1706. It is collated and the person is confirmed.

When the authenticity of the person is confirmed by matching the signature of the terminal user with the signature of the card holder, the personal number stored in the personal number memory 1711 of the IC card 1710 is read out. Temporary memory 17
No. 04, and the terminal device number stored in the device number memory 1705 is transmitted from the wireless unit 1701 to the base station side.

Then, the personal number of the IC card owner and the terminal device number received via the base station transceiver 1750 are the registered personal numbers stored in the personal number list memory 1762 of the terminal authentication center 1760. The wireless terminal 170 is authenticated by collating with the registered device numbers stored in the device number list memory 1761.
The call processing according to the telephone number input by the 0 keyboard 1703 is started.

When the legitimacy of the terminal user is confirmed by the collation processing of the signature of the terminal user and the signature of the card holder, the signature is temporarily read out from the personal number memory 1711 of the IC card 1710. The personal number stored in the memory 1704 is erased after a certain period of time from the time when the signature verification is confirmed. Further, the personal number stored in the temporary memory 1704 is erased, and the telephone number input from the keyboard 1703 or the like is monitored, so that the outside of the office can be monitored. Or calls with large charges such as international calls are restricted.

Therefore, according to the signature authentication system in the telephone wireless system of the tenth embodiment (No. 1) of the above-mentioned configuration, the billing is performed only when the signature of the terminal user and the signature of the IC card owner match. Since the personal number, which is information, is read out and the call processing is started, I
Even if the C card 1710 is found by another person, the IC
It is possible to prevent the wireless terminal 1700 from being illegally used by misusing the card 1710.

In addition, according to the matching verification of the signature, the IC
The personal number as the billing information read from the card 1710 is erased after a certain period of time, and moreover, a call with a large billing is restricted, so that the IC from the wireless terminal 1700 is set.
Even if the user forgets to remove the card 1710, it is possible to prevent the wireless terminal 1700 from being used illegally by another person and making a call.

FIG. 16 is a block diagram showing the arrangement of a sign authentication system in a telephone wireless system according to the tenth embodiment (part 2) of the present invention.

In the signature authentication system of the tenth embodiment (part 2), like the signature authentication system of the tenth embodiment (part 1), an IC card in which a personal number as billing information is stored is carried wirelessly. It is based on a wireless communication system that connects to a terminal and enables the portable wireless terminal to be used as an individual one.
When the card is stolen, it not only prevents the IC card from being misused and the mobile wireless terminal from being illegally used,
Personal number is read out of the card and stored,
The cardholder's signature is prevented from being read out of the card.

That is, the tenth embodiment (part 2)
The signature authentication system of is based on the signature authentication system of the tenth embodiment (part 1) “see FIG. 15”,
The IC card 1710 itself is provided with a processing unit 1714 including a CPU for performing signature verification, and a temporary memory 1713 for storing and holding a personal number read out in association with signature verification.

That is, when the signature of the terminal user is input from the pen input unit 1702 of the portable wireless terminal 1700, the input signature is processed by the processing unit 1706 as necessary, such as stroke order analysis. After that, IC card 1
710, the processing unit 17 of the IC card 1710.
At 14, the card owner's signature read from the signature memory 1712 is collated.

Here, when the signatures of the terminal user and the card holder are collated and matched, the collated and matched time is stored in the temporary memory 1713.

When a call start operation is performed by the portable wireless terminal 1700, the terminal device number is read from the device number memory 1705 and the wireless terminal 17 is also read.
The processing unit 1706 of 00 sends a request to the IC card 1710 to read the current time and the personal number which is the billing information, and the processing unit 1714 of the IC card 1710
When it is determined that the time difference between the current time given from the wireless terminal 1700 and the signature verification matching time stored in the temporary memory 1713 is within the specified time, the personal number as the billing information is stored in the personal number memory 1711. Is read and sent to the wireless terminal 1700.

Then, the wireless section 170 of the wireless terminal 1700.
The personal number and the terminal device number of the IC card owner, which are transmitted together with the terminal device number from 1 and are received via the base station transmitting / receiving device 1750, are stored in the personal number list memory 1762 of the terminal authentication center 1760. Registered personal number and device number list memory 17
Authentication is performed by collating with the registered device number stored in 61, and the call processing according to the telephone number input by the wireless terminal 1700 is started.

Therefore, according to the sign authentication system in the telephone wireless system of the tenth embodiment (part 2) of the above-described configuration, the signature of the terminal user is signed, as in the sign authentication system of the tenth embodiment (part 1). Only when the signature of the IC card owner and the signature of the IC card owner match, the personal number, which is the billing information, is read and the call processing is started. Therefore, even if the IC card 1710 is found by another person, 1710 is abused and wireless terminal 170
It is possible to prevent 0 from being illegally used.

Further, only when the time difference between the signature verification coincidence time and the time required to read out the personal number accompanying the start of the call is within a preset time, the IC card 171
Since the personal number is read out from 0 and given to the wireless terminal 1700 to make a call, the wireless terminal 1700 can make an IC call.
Even if the user forgets to remove the card 1710, it is possible to prevent the wireless terminal 1700 from being used illegally by another person and making a call.

Moreover, since the personal number is not read out of the IC card 1710 and stored and held, and the signature of the cardholder is not read out of the IC card 1710, it is possible to construct a more secure system. it can.

[Eleventh Embodiment] FIG. 17 shows the first embodiment of the present invention.
1 is a block diagram showing a configuration of a signature authentication system in a telephone wireless system according to one embodiment.

The sign authentication system of the eleventh embodiment is based on a wireless communication system in which a base station accepts a communication request from a wireless terminal used by an unspecified user to connect a line, and uses an IC card. Instead, the terminal user's signature is authenticated to enable communication.

That is, the portable wireless terminal 1700 of the signature authentication system of the 11th embodiment has the same configuration as the signature authentication system of the 10th embodiment (part 1) “see FIG. 15”, and is composed of a CPU. In addition to the unit 1706, data is input from a wireless unit 1701 for performing wireless communication with the base station transmission / reception device 1750, a pen input unit 1702 having a touch panel, a keyboard 1703 having numeric keys and symbol keys, and a pen input unit 1702. Temporary memory 170 for temporarily storing the signature of the terminal user
4. A device number memory 1705 for storing the device number of the wireless terminal 1700 is provided.

The terminal authentication center 176 on the base station side
0 is a device number list memory 17 that stores the device numbers of the portable wireless terminals registered in the base station.
61, a signature / individual number list memory 1762a in which individual numbers as individual billing information registered in the base station and respective individual signatures are stored in association with each other,
A processor 1763 including a CPU is provided.

In other words, when the portable user terminal 1700 is used, if the signature of the terminal user is input by the pen input unit 1702, the signature of the terminal user is stored in the temporary memory 17.
It is stored in 04.

When a telephone number is input by the keyboard 1703 and a call start operation is performed, the terminal device number stored in the device number memory 1705 together with the terminal user's signature stored in the temporary memory 1704 is displayed. It is read out, transmitted from the wireless section 1701 to the base station side, and received by the terminal authentication center 1760 via the base station transmitting / receiving apparatus 1750.

Then, in the processing unit 1763 of the terminal authentication center 1760, the terminal device number received from the wireless terminal 1700 is collated and authenticated with the registered device number stored in the device number list memory 1761. . The signature of the terminal user received from the wireless terminal 1700 is the signature / personal number list memory 17
62a is checked against the registered signature stored in
When a registered signature that matches the signature of the terminal user is retrieved, the personal number stored corresponding to the matched signature is read as billing information,
Call processing according to the telephone number input by the keyboard 1703 of the wireless terminal 1700 is started.

When using the portable wireless terminal 1700, it is assumed that the user's own telephone number as well as the terminal user's signature must be entered, and the person's signature is retrieved from the telephone number registered on the base station side. Then, the collation authentication is performed, and the personal number stored correspondingly may be charged.

Therefore, according to the signature authentication system of the eleventh embodiment having the above-described configuration, the terminal user's signature input at the wireless terminal 1700 can be sent to the base station side without requiring a physical medium such as an IC card. Authenticate by comparing with the registered signature stored in, and the use of the wireless terminal 1700 is permitted by charging the corresponding personal number stored, so that the IC card may be forgotten to be removed or stolen. It is possible to prevent the misuse of personal information and improve the safety of the entire system.

[0156]

As described above, according to the signature authentication system according to the first aspect of the present invention, when the signature of the card user is input at the card authentication terminal, the input signature is transmitted to the central processing unit. , The central processing unit collates with a card owner's signature stored in advance at the time of card registration, and the signature verification result based on the verification process is returned to the card authenticating terminal. Even if it is stolen, the signature of the owner himself is not imitated, and it becomes possible to confirm the identity of the owner safely and accurately.

According to the signature authenticating system according to the second aspect of the present invention, when the card user's signature is entered in the card authenticating terminal, the stroke order together with the entered signature is identified and transmitted to the central processing unit. In the central processing unit, the signature of the card owner and the stroke order thereof, which are stored in advance at the time of card registration, are collated, and the signature authentication result based on the collation processing is returned to the card authentication terminal. Even if the card itself is stolen, the signature of the owner is not imitated, and it is possible to confirm the identity of the owner safely and more accurately.

According to the sign authentication system of claim 3 of the present invention, a card authentication terminal can be appropriately connected to each of the regional processing devices distributed in a plurality of regions via a communication network. Then, when the card user's signature is entered at the card authentication terminal connected to any regional processing device, the card-specific information (for example, card number) read by the card information reading means together with the entered signature is authenticated. It is transmitted to the regional processing device as a request. Then, with this regional processing device,
It is determined whether or not the information unique to the used card is stored in the belonging card information storage unit that stores the unique information of each card belonging to the area, and the determination unit determines the information unique to the used card as the belonging card information. When it is determined that the signature is stored in the storage means, the signature of the card user and the signature of the cardholder stored in the signature storage means are collated, and the signature authentication result based on the collation processing is It will be returned to the card authentication terminal.
If the determination unit determines that the information specific to the used card is not stored in the belonging card information storage unit, the information specific to the card does not belong to the area stored in the unaffiliated card storage unit. Authentication that is searched from the unique information of each card, the communication route to the regional processing device to which the card belongs is read, and the card user's signature transmitted from the card authentication terminal and the card-specific information The request is transferred to the regional processing device to which the used card belongs, the same signature verification as described above is performed, and the signature authentication result based on the verification processing is returned to the card authentication terminal. Therefore, it is possible to safely and accurately confirm the identity of the person by efficiently using the communication network of each area.

Further, according to the signature authentication system of claim 4 of the present invention, when the signature of the card user is entered in the card authorization terminal, the signature unique to the card read by the card information reading means together with the entered signature. The information (eg card number) is transmitted to the central processing unit as an authentication request. Then, in the central processing unit, the signature of the used card owner stored in the owner information storage means corresponding to the transmitted information specific to the used card is read out and returned to the card authentication terminal for card authentication. It is collated with the inputted card user's signature at the terminal. Therefore, the load on the central processing unit can be reduced, and it is possible to safely and accurately confirm the identity of the person.

According to the signature authentication system of claim 5 of the present invention, when the card user's signature and password are entered in the card authentication terminal, the entered password is read by the card information reading means. The card-specific information (for example, card number) is transmitted to the central processing unit. Then, in the central processing unit, the personal identification number and the signature of the card owner stored in the owner information storage means are retrieved in correspondence with the transmitted information specific to the used card, and the personal identification number and the card of the card user are retrieved. When it is determined that the password coincides with the owner's personal identification number, the corresponding cardholder's signature is returned to the card authentication terminal, and at the card authentication terminal, the entered card user's signature and the central processing unit are returned. The cardholder's signature is verified. Therefore, the signature of the cardholder is returned to the card authentication terminal for verification processing only when it is determined that the cardholder is the cardholder himself by verifying the personal identification number. As a result, the signature of the cardholder is not stolen, and it is possible to safely and accurately confirm the identity of the cardholder.

Further, according to the signature authentication system of claim 6 of the present invention, when the card user's signature and personal identification number are entered in the card authentication terminal, the information specific to the used card read by the card information reading means. The (eg card number) is transmitted to the central processing unit. Then, the central processing unit retrieves the personal identification number and the signature of the cardholder stored in the owner information storage means in correspondence with the transmitted information unique to the used card, and encrypts the signature with the personal identification number. And sent back to the card authentication terminal. Then, in the card authentication terminal, the encrypted and returned signature of the cardholder is decrypted by the personal identification number entered by the card user, and is collated with the entered signature of the card user. Therefore, only when the card user's personal identification number matches the card owner's personal identification number, the cardholder's signature is revealed and verified in the card authentication terminal. Will not be stolen, and you can safely and more accurately confirm your identity.

According to the signature authentication system of claim 7 of the present invention, when an IC card is connected to the card authentication terminal and the signature of the card user is input, the signature is stored in the signature storage means of the IC card. Since the signature of the card holder who is present is read out and collated, it is possible to efficiently and safely and accurately confirm the identity of the person only by communication processing with the card itself.

Further, according to the sign authentication system of claim 8 of the present invention, when an IC card is connected to the card authentication terminal and the signature of the card user is inputted, the inputted signature of the card user becomes IC. Is transmitted to the card and the I
Since the signature of the card holder stored in the signature storing means of the C card is collated and the result of signature verification based on the collation processing is returned to the card authenticating terminal, the card holder outside the card. It becomes possible to efficiently, safely and accurately confirm the identity of the person without having to read out the signature.

Further, according to the sign authentication system of claim 9 of the present invention, the card authentication terminals that move between areas are distributed to the area processing devices distributed in a plurality of areas. In a system in which the plurality of regional processing units are connected to a central processing unit via a communication network, the information unique to the terminal from a card authentication terminal moved to a certain region. When (for example, a terminal number) is transmitted to the regional processing device of the relevant area and transferred to the central processing unit, for example, the information unique to each registered card authenticating terminal stored in the terminal information storage means is unique to the matching terminal. Information is searched for, and terminal authentication information corresponding to the search result is returned to the regional processing device. Then, in the regional processing device, the card-specific information transmitted from the card authentication terminal together with the card user's signature is transferred to the central processing device and stored in the owner information storage means in correspondence with this card-specific information. The signed cardholder's signature is retrieved and returned to the regional processing unit. Then, the card user's signature input and transmitted at the card authentication terminal and the card owner's signature returned from the central processing unit are collated, and the signature authentication result based on the collation processing is sent to the card authentication terminal. Will be returned. Then, the history information associated with the card use performed with the card authentication terminal in the regional processing device is transmitted to and stored in the central processing device, and the continuity of the card usage information is maintained. Therefore, the mobility of the card authentication terminal can be ensured, the convenience of using the card can be expanded, and it is possible to safely and accurately confirm the identity of the person.

Further, according to the sign authentication system of the tenth aspect of the present invention, an IC card in which a personal number as billing information is stored is connected to a wireless terminal, and the wireless terminal is used as an individual wireless terminal. In the communication system, when the signature of the user of the wireless terminal is input to the wireless terminal, the signature is collated with the signature of the cardholder read from the signature storing means of the IC card. Since the personal number as the billing information stored in the personal number storage means of the IC card can be read out, for example, in the case of a stolen IC card, the signatures cannot be matched and the illegal use can be prevented and the safety can be secured. In addition, it becomes possible to accurately confirm the identity of the person.

According to the sign authentication system of claim 11 of the present invention, an IC card storing a personal number as billing information is connected to a wireless terminal, and the wireless terminal is used as an individual wireless terminal. In the communication system, when the signature of the wireless terminal user is entered in the wireless terminal, the entered signature of the terminal user and the I stored in the signature storage means are stored in the IC card.
The signature of the C card owner is collated, and the personal number as the billing information stored in the personal number storage means of the IC card can be read out only when the collation matches, so that, for example, the stolen IC With a card, the signature cannot be matched and the signature of the cardholder is not read out to the outside, so it is possible to prevent unauthorized use more reliably, and to confirm the identity of the person safely and accurately. Will be able to.

According to the twelfth aspect of the signature authentication system of the present invention, the IC card in which the personal number as the billing information is stored is connected to the wireless terminal, and the wireless terminal is used as an individual wireless terminal. In the communication system, when the signature of the wireless terminal user is entered in the wireless terminal, the entered signature of the terminal user and the I stored in the signature storage means are stored in the IC card.
The signature of the C card owner is collated, and if the collation coincides, the collation time is stored in the collation time storage means. When a request for reading the personal number is issued from the wireless terminal, the billing information stored in the personal number storage means is stored only within the set time from the signature collation time stored in the collation time storage means. Since the personal number of the card holder can be read out, even if the IC card is still connected to the wireless terminal, the signature of the cardholder is not read out to the outside, and moreover within the set time from the signature matching coincidence time. Otherwise, the personal number cannot be read out, so that the unauthorized use can be surely prevented, and the identity of the person can be confirmed safely and accurately.

According to the thirteenth aspect of the sign authentication system of the present invention, there is provided a radio communication system in which a base station accepts a communication request from a radio terminal used by an unspecified user to connect a line. Then, when the signature of the wireless terminal user is input in the wireless terminal, the input terminal user's signature and the billing information of each registered individual stored in the personal information storage means are input in the base station. The individual number can be read and the individual number can be read only when the individual numbers match. Therefore, the IC card is not required, and it is possible to confirm the identity of the individual more safely and accurately. become able to.

Therefore, according to the present invention, it is possible to provide a signature authentication system capable of securely and accurately confirming the identity of a person without the legitimate signature being known to others.

[Brief description of drawings]

FIG. 1 is a block diagram showing the configuration of a signature authentication system in a card payment system according to a first embodiment of the present invention.

FIG. 2 is a block diagram showing the configuration of a signature authentication system in a card payment system according to a second embodiment of the present invention.

FIG. 3 is a block diagram showing the configuration of a signature authentication system in a card payment system according to a third embodiment of the present invention.

FIG. 4 is a block diagram showing the configuration of a signature authentication system in a card payment system according to a fourth embodiment of the present invention.

FIG. 5 is a block diagram showing a configuration of an area processing device in the signature authentication system of the fourth embodiment.

FIG. 6 is a flowchart showing a card authentication process (No. 1) in the signature authentication system of the fourth embodiment.

FIG. 7 is a flowchart showing a card authentication process (No. 2) in the signature authentication system of the fourth embodiment.

FIG. 8 is a block diagram showing a configuration necessary for an area processing device that relays between a card authentication terminal connected to its own area and an area processing device of another area in the signature authentication system of the fourth exemplary embodiment.

FIG. 9 is a block diagram showing the configuration of a signature authentication system in a card payment system according to a fifth embodiment of the present invention.

FIG. 10 is a block diagram showing the configuration of a sign authentication system in a card payment system according to a sixth embodiment (part 1) of the present invention.

FIG. 11 is a block diagram showing the configuration of a signature authentication system in a card payment system according to a sixth embodiment (part 2) of the present invention.

FIG. 12 is a block diagram showing the configuration of a signature authentication system according to a seventh embodiment of the present invention.

FIG. 13 is a block diagram showing the configuration of a signature authentication system according to an eighth embodiment of the present invention.

FIG. 14 is a block diagram showing the configuration of a signature authentication system according to a ninth embodiment of the present invention.

FIG. 15 is a block diagram showing the configuration of a sign authentication system in a telephone wireless system according to a tenth embodiment (1) of the present invention.

FIG. 16 is a block diagram showing the configuration of a sign authentication system in a telephone wireless system according to a tenth embodiment (2) of the present invention.

FIG. 17 is a block diagram showing the configuration of a sign authentication system in a telephone wireless system according to an eleventh embodiment of the present invention.

FIG. 18 is a diagram showing an example of a conventional signature authentication method in a card payment system.

[Explanation of symbols]

11 ... Central processing unit, 12, 501-504, 1510 ... Card authentication terminal, 14, 141, 142 ... Communication network, 211, 1302, 1706, 1714 ... Processing unit, 212 ... Sign reading device, 213, 1712 ... Sign memory , 214 ... Display, 215 ... Automatic signature verification device, 216 ... Stroke order memory, 217, 222 ... Pen input device, 218, 223 ... Stroke order analysis device, 228 ... Sign verification device, 229 ... Cryptanalysis device, 230 ... PIN input Device, 231 ... Encryption device, 232 ... Encryption device, 261 ... Routing map, 262 ... Information memory, 263 ... Temporary memory, 511, 512, 1511, 1512 ... Regional processing device, 1300, 1710 ... IC card, 1301 ... Memory , 1303, 1310 Interface circuit, 1521, 1522 ... Wireless data transmission network, 1531, 1532 ... Base station, 1700 ... Portable wireless terminal, 1701 ... Wireless section, 1702 ... Pen input section, 1703 ... Keyboard, 1704, 1713 ... Temporary memory, 1705 ... Equipment Number memory, 1711 ... Personal number memory, 1750 ... Base station transceiver device, 1760 ... Terminal authentication center, 1761 ... Device number list memory, 1762 ... Personal number list memory, 1762a ... Sign / personal number list memory, 1763 ... Processing device.

Claims (13)

[Claims] 1. A signature authentication system in which a card authentication terminal and a central processing unit are connected via a communication network, wherein the card authentication terminal includes a signature input means for inputting a signature of a card user, And a signature transmitting unit for transmitting the signature of the card user inputted by the signature input unit to the central processing unit, and an authentication result receiving unit for receiving the signature authentication result transmitted from the central processing unit, The central processing unit comprises a signature storing means for storing the signature of the cardholder, a signature receiving means for receiving the signature of the card user transmitted from the card authentication terminal, and a card user received by the signature receiving means. Signature verification means for verifying the signature of the cardholder and the signature of the cardholder stored in the signature storage means, A signature authentication system comprising: an authentication result transmission means for transmitting a signature authentication result based on the signature verification by the in-verification means to the card authentication terminal. 2. A signature authentication system in which a card authentication terminal and a central processing unit are connected via a communication network, wherein the card authentication terminal includes a signature input means for inputting a signature of a card user. The stroke order identification means for identifying the stroke order of the signature of the card user input by the signature input means, the signature of the card user input by the signature input means and the stroke order of the signature identified by the stroke order identification means are described above. The central processing unit comprises a signature information transmitting unit for transmitting to the central processing unit, and an authentication result receiving unit for receiving the signature authentication result transmitted from the central processing unit. A signature information storage means for storing the stroke order of the card user's signature and its signature transmitted from the card authentication terminal. And the signature order of the card user and the stroke order thereof received by the signature information reception means and the signature and the stroke order of the cardholder stored in the signature information storage means. A signature authentication system comprising: a signature information collating means and a signature result transmitting means for transmitting a signature authentication result based on the signature information collating by the signature information collating means to the card authenticating terminal. 3. A sign authentication system capable of appropriately connecting a card authentication terminal to each of regional processing devices arranged in a plurality of regions via a communication network, wherein the card authentication terminal is a card-specific device. A card information reading means for reading information, a sign input means for inputting a card user's signature, and a card user's signature inputted by the sign input means together with card-specific information read by the card information reading means. The area processing device comprises: an authentication request transmitting unit for transmitting to the regional processing device in the region to which the card authentication terminal is connected; and an authentication result receiving unit for receiving the signature authentication result transmitted from the regional processing device, wherein the regional processing device is , Belonging card information storage means for storing information unique to each card belonging to the area, A signature storing means for storing the signatures of respective card holders belonging to the card, unique information of each card not belonging to the area, and a communication route to the area processing device of the area to which the card belongs are stored in association with each other. The non-affiliated card information storage means, the authentication request receiving means for receiving the card user's signature transmitted from the card authentication terminal and the information unique to the card, and the card unique information received by the authentication request receiving means. A belonging area determining unit that determines whether or not information is stored in the belonging card information storing unit, and information unique to the card received by the authentication request receiving unit by the belonging region determining unit is the belonging card information storing unit. If it is determined that the card user's signature is received together with the information unique to the card, Sign verification means for verifying the cardholder's signature stored in the signature storage means, and card-specific information received by the authentication request reception means by the affiliated area determination means in the affiliated card information storage means. If it is determined that the card is not stored, the belonging area searching means for searching the information unique to the card from the unique information of each card not belonging to the area stored in the unaffiliated card information storage means And the card user's signature and the card-specific information received by the authentication request receiving means, in accordance with the communication route stored in association with the card-specific information searched by the belonging area search means. Authentication request transfer means for transferring to the regional processing device to which the user belongs, and a service based on the signature verification by the signature verification means. Sign the authentication system characterized in that it comprises an authentication result returning means for returning down the authentication result to the authentication request of a card authentication terminal. 4. A signature authentication system in which a card authentication terminal and a central processing unit are connected via a communication network, wherein the central processing unit includes card-specific information and a signature of the owner of each card. A corresponding owner information storage means, an authentication request receiving means for receiving the authentication request transmitted from the card authentication terminal, and a card corresponding to the card-specific information received by the authentication request receiving means. And an owner information transmission unit for transmitting the signature of the cardholder stored in the owner information storage unit to the card authentication terminal, wherein the card authentication terminal reads card-specific information. Means, a signature input means for inputting a signature of the card user, and a unique card read by the card information reading means. Authentication request transmitting means for transmitting information to the central processing unit, and owner information for receiving the signature of the card owner transmitted from the central processing unit with respect to the card-specific information transmitted by the authentication request transmitting means It is characterized by comprising: a receiving means; and a signature collating means for collating the signature of the cardholder received by the owner information receiving means with the signature of the card user input by the signature inputting means. Signature authentication system. 5. A signature authentication system in which a card authentication terminal and a central processing unit are connected via a communication network, wherein the central processing unit comprises card-specific information and a personal identification number of the owner of each card. And an owner information storage unit that stores the signature and the signature, an authentication request receiving unit that receives the authentication request transmitted from the card authentication terminal, and a card-specific information received by the authentication request receiving unit. Then, the owner information retrieval means for retrieving the personal identification number and the signature of the card owner stored in the owner information storage means, and the use of the card received together with the information peculiar to the card by the authentication request receiving means. PIN judgment for determining whether the PIN of the person who owns the card matches the PIN of the cardholder searched by the owner information searching means If the personal identification number of the card user received by the authentication request receiving means and the personal identification number of the card owner retrieved by the owner information retrieving means are coincident with each other, And a cardholder's information transmitting unit for transmitting the retrieved signature together with the personal identification number of the cardholder to the card authenticating terminal, wherein the card authenticating terminal is a card information reading unit for reading card-specific information. , A personal identification number input means for inputting a personal identification number of a card user, a signature input means for inputting a signature of a card user, information unique to the card read by the card information reading means and the personal identification number input means Authentication request transmitting means for transmitting the password of the card user to the central processing unit, and the authentication request transmitting means The card owner's information receiving means for receiving the card owner's signature transmitted from the central processing unit in response to the card-specific information transmitted and the card user's personal identification number, and the cardholder information receiving means A signature authenticating system comprising: a signature of a cardholder and a signature collating means for collating a signature of a card user inputted by the signature inputting means. 6. A signature authentication system in which a card authentication terminal and a central processing unit are connected via a communication network, wherein the central processing unit is card unique information and a personal identification number of the owner of each card. And an owner information storage unit that stores the signature and the signature, an authentication request receiving unit that receives the authentication request transmitted from the card authentication terminal, and a card-specific information received by the authentication request receiving unit. Then, the owner information retrieval means for retrieving the personal identification number and the signature of the card holder stored in the owner information storage means, and the signature of the card holder retrieved by the owner information retrieval means for the card An encryption means for encrypting with the owner's personal identification number, and the cardholder's signature encrypted by this encryption means is transmitted to the card authentication terminal. The card authentication terminal comprises card information reading means for reading information unique to the card, personal identification number input means for inputting the personal identification number of the card user, and the signature of the card user. A signature input means for inputting, a certification request transmission means for transmitting the card-specific information read by the card information reading means to the central processing unit, and a card-specific information transmitted by the authentication request transmission means. The encrypted information receiving means for receiving the signature transmitted from the central processing unit by being encrypted by the personal identification number of the card holder, and the encrypted signature of the card holder received by the encrypted information receiving means for the personal identification. Encrypted information decrypting means for decrypting with the card user's personal identification number entered by the number input means, and this encrypted information decrypting Sign authentication system characterized by comprising a signature collation means for collating the signature of the card user input by sign and the sign input means decrypted cardholder by stage. 7. A signature authentication system for connecting an IC card to a card authentication terminal to perform authentication for using the card, wherein the IC card comprises a signature storage means for storing the signature of the IC card owner. In the card authentication terminal, the signature input means for inputting the signature of the IC card user, the signature of the card user input by the signature input means and the signature storage means of the IC card are read out. A signature authentication system comprising a signature verification means for verifying a signature of a cardholder. 8. A signature authentication system for connecting an IC card to a card authentication terminal to perform authentication for using the card, wherein the card authentication terminal includes a signature input means for inputting an IC card user's signature. The IC card comprises an authentication result receiving means for receiving a signature authentication result transmitted from the IC card, the IC card storing a signature of the IC card owner, and a signature input of the card authentication terminal. Means for verifying the signature of the card user entered by the means and the signature of the cardholder stored in the signature storage means, and the authentication result based on the verification of the signature by the signature verification means for the card authentication. A signature authentication system comprising: an authentication result transmission means for transmitting to a terminal. 9. A card authentication terminal that moves between regions can be connected to each of the regional processing devices distributed in a plurality of regions via a wireless communication network.
A sign authentication system in which the plurality of regional processing devices are connected to a central processing device via a communication network, wherein the central processing device includes terminal information storage means for storing information unique to the card authentication terminal. , Owner information storage means for storing information unique to the card and a signature of the card owner in association with each other, and receiving information unique to the card authentication terminal transmitted from the card authentication terminal via the regional processing device Terminal information receiving means, and terminal information searching means for searching the card authentication terminal specific information stored in the terminal information storage means in correspondence with the card authentication terminal specific information received by the terminal information receiving means. A terminal authentication information transmitting means for transmitting terminal authentication information according to the search result by the terminal information searching means to the regional processing device; Owner information searching means for searching the cardholder's signature stored in the owner information storing means in correspondence with the card-specific information transmitted from the certificate terminal via the regional processing device; Owner information transmitting means for transmitting the cardholder's signature retrieved by the information retrieval means to the regional processing device, and history for receiving and storing the historical information associated with card use transmitted from the regional processing device An information storage unit, wherein the card authentication terminal includes a terminal information transmission unit that transmits information unique to the card authentication terminal to an area processing device in the area, a card information reading unit that reads card-specific information, A signature input means for inputting a signature of a card user, card-specific information read by the card information reading means and the signature input means. Authentication request transmitting means for transmitting the card user's signature input by the user, and signature authentication result receiving means for receiving the signature authentication result transmitted from the regional processing device, wherein the regional processing device comprises: Terminal information transfer means for receiving information specific to the card authentication terminal transmitted from the card authentication terminal and transmitting the information to the central processing unit, and authentication request receiving means for receiving the authentication request transmitted from the card authentication terminal, Authentication request transfer means for transmitting to the central processing device the card-specific information received by the authentication request receiving means in accordance with the terminal authentication information transmitted from the central processing unit, and the card-specific information transmitted by the authentication request transfer means. Owner information receiving means for receiving a cardholder's signature transmitted from the central processing unit in response to information transfer; and the authentication request receiver. The signature verification means for verifying the signature of the card user received by the step and the signature of the card holder received by the owner information receiving means, and the signature verification result based on the verification of the signature by the signature verification means. An authentication result transmitting means for transmitting to the card authenticating terminal, and a history information transmitting means for transmitting history information associated with card use performed with the card authenticating terminal to the central processing unit. Characteristic signature authentication system. 10. A signature authentication system for a wireless communication system, wherein an IC card in which a personal number as billing information is stored is connected to a wireless terminal and the wireless terminal is used as an individual, wherein the IC card comprises: The personal computer includes a personal number storage unit for storing a personal number as billing information, and a signature storage unit for storing the signature of the IC card owner, wherein the wireless terminal inputs a signature of the wireless terminal user. Input means, signature verification means for verifying the signature of the wireless terminal user entered by the signature input means and the signature of the IC card owner read from the signature storage means of the IC card, and the signature verification means. Only when the signature of the wireless terminal user and the signature of the IC card owner are matched by the above, the personal number of the IC card Sign authentication system characterized by comprising a charging information reading control means for enabling reading out the personal number as the billing information stored in 憶 means. 11. A sign authentication system of a wireless communication system, wherein an IC card storing a personal number as billing information is connected to a wireless terminal and the wireless terminal is used as an individual, the wireless terminal comprising: The IC card is provided with a signature input means for inputting a signature of the wireless terminal user, and the IC card stores a personal number storage means for storing a personal number as billing information, and a signature storage for storing the signature of the IC card owner. Means, a signature collating means for collating the signature of the wireless terminal user inputted by the signature input means of the wireless terminal with the signature of the IC card owner read from the signature storing means, and the signature collating means. Only when the signature of the wireless terminal user and the signature of the IC card owner are collated and matched, is stored in the personal number storage means. Sign authentication system characterized by comprising a charging information reading control means for enabling reading out the personal number as billing information that. 12. A sign authentication system of a wireless communication system, wherein an IC card storing a personal number as billing information is connected to a wireless terminal and the wireless terminal is used as an individual, wherein the wireless terminal comprises: The IC card is provided with a signature input means for inputting a signature of the wireless terminal user, and the IC card stores a personal number storage means for storing a personal number as billing information, and a signature storage for storing the signature of the IC card owner. Means, a signature collating means for collating the signature of the wireless terminal user inputted by the signature input means of the wireless terminal with the signature of the IC card owner read from the signature storing means, and the signature collating means. Collation time storage means for storing the collation time when the signature of the wireless terminal user and the signature of the IC card owner are collated and matched. The In conjunction to a read request personal number from the wireless terminal,
A billing information read control unit capable of reading the personal number as billing information stored in the personal number storage unit only within a set time from the signature collation time stored in the collation time storage unit. A signature authentication system characterized by: 13. A sign authentication system of a wireless communication system, wherein a base station receives a communication request from a wireless terminal used by an unspecified user and connects a line, wherein the wireless terminal uses the wireless terminal. The base station stores the personal number, which is the billing information of each individual registered in the base station, and the signature of the individual in association with each other. And a personal information storage means for performing the communication request from the wireless terminal, the signature of the wireless terminal user input by the signature input means of the wireless terminal, and the base station stored in the personal information storage means. A signature collating means for collating each registered individual signature, and a signature of the wireless terminal user and an individual signature registered in the base station by this signature collating means. A billing information read-out control unit is provided which is capable of reading out the personal number as billing information stored in the personal information storage unit in correspondence with the matched signature only when the bills match. Signature authentication system.