JPH10124603A - System for processing transaction of automatic transaction device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To effectively prevent a phenomenon in which the secrecy of a password is lost even when the execution of a transaction processing necessitating an ID recording medium and a password is left to a third person. SOLUTION: The owner of an IC card can register an arbitrary second password by using a telephone line 29 for a host computer 15. This second password is invalidated when a preliminarily set valid period passes, or when a certificate issuing processing using the pertinent second password is operated more than the preliminarily set upper limit number of times. In a state in which the second password is registered in the host computer 15, an automatic certificate issuing machine 2 permits the issuing processing of a certificate when individual identification information read from the ID card inserted into a card reader 3 and a password inputted from a touch panel 7 provided on the surface of a CRT display 6 match the combined data of individual identification information and the second password registered in the host computer 15.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an automatic certificate issuing machine for automatically issuing various certificates such as a resident card,
Alternatively, an ID recording medium such as an ID card and a password are required for transaction processing, such as an ATM (automatic teller machine) or a CD (automatic teller machine) for receiving and paying cash. The present invention relates to a transaction processing method in an automatic transaction device.

[0002]

2. Description of the Related Art Conventionally, in a financial institution such as a bank, it is common to install an ATM or a CD for performing a deposit payout operation using an ID card (cash card). In recent years, for example, municipalities such as municipalities have installed an automatic certificate issuing machine that automatically issues various certificates such as a seal stamp certificate and a resident card using an ID card. Have been done.

[0003] In an automatic transaction apparatus such as the ATM or the automatic certificate issuing machine, in order to improve security, personal identification information read from an ID card and a password input by a user are used. Is compared with the combination data of personal identification information and a password registered in advance in the host computer which is the management device, and only when the result of the comparison is appropriate, the state is switched to a state in which the predetermined transaction processing is permitted. It is common to use

[0004]

When the above-described automatic transaction apparatus is used, basically, the person who has been issued an ID card must go to the place where the automatic transaction apparatus is installed. However, in practice, it often happens that the owner of the ID card does not go directly to the place where the automatic transaction apparatus is installed for some reason (for example, hospitalization). Needs to be delegated to a third party (ie, an agent).

[0005] In the case of performing the above-mentioned delegation, it is necessary not only to hand the ID card to the agent (acceptor) but also to notify the password. In this case, for example, when a member of the family is used as an agent, there is almost no risk of confidentiality of the personal identification number, but when another person is used as an agent, the possibility of confidentiality of the personal identification number increases. There is a problem.

SUMMARY OF THE INVENTION The present invention has been made to solve the above-described problems, and has as its object to delegate the execution of transaction processing that requires an ID recording medium and a password to a third party. Even if there is a problem, it is an object of the present invention to provide a transaction processing method of an automatic transaction apparatus that has an effect of effectively preventing a situation in which the security of a password is lost.

[0007]

According to the first aspect of the present invention,
ID issued to an individual to achieve the above purpose
The personal identification information read from the recording medium and the password input by the user are compared with the combination data of the personal identification information and the password registered in advance in the management device,
In a transaction processing method of an automatic transaction apparatus configured to allow a predetermined transaction processing only when the collation result is appropriate, the automatic transaction apparatus combines the personal identification information with the personal identification information using the registered password. In the state where the second password is registered in the management device, the second password is input by the user in a state where the second password is registered in the management device. It is configured to be used for collation with a personal identification number.

[0010] According to this configuration, the owner of the ID recording medium uses the pre-registered personal identification number to notify the management device of the second personal identification number combined with the personal identification information registered in advance. You can register temporarily. Then, in a state where the second password is registered, the personal identification information of the ID recording medium is read by the automatic transaction apparatus, and when the second password is input, the reading is performed as described above. The entered personal identification information and the input personal identification number are collated with the combination data of the personal identification information and the second personal identification number registered in the management device, and the predetermined transaction processing is permitted only when the collation result is appropriate. Become so.

[0009] As a result, the owner of the ID recording medium, when entrusting the transaction processing in the automatic transaction apparatus to an agent who is a third party, registers the second password and then asks the agent. Handing over the ID recording medium and transmitting the second personal identification number. Therefore, even when the agent is entrusted with performing the transaction processing that requires the ID recording medium and the password, the confidentiality of the password can be ensured because there is no need to teach the original password of the ID recording medium. Be able to hold. In addition, since the second password is only temporarily registered, it is possible to minimize a decrease in security of the ID recording medium.

In this case, as in the second aspect of the present invention,
The second security code may be registered in the management device via a communication line.
According to this configuration, when the owner of the ID recording medium delegates the issuing operation of the certificate to the agent, the registration of the second password can be performed by remote control through a communication line. This is very convenient in actual operation, for example, the operation for registering the second password can be simplified. Here, the communication line is a concept that includes not only a wired type such as a normal telephone line but also a wireless type.

Further, the invention may be configured such that the second password registered in the management device is deleted and invalidated when the transaction processing is completed, as in the invention according to claim 3. According to this configuration, even when a third party requests transaction processing in the automatic transaction apparatus, there is no possibility that extra transaction processing will be performed, so that a decrease in security of the ID recording medium 1 can be suppressed to a minimum. Become like

[0012] Further, as in the invention according to claim 4, the second security code registered in the management device is deregistered and invalidated when a predetermined validity period has passed. Alternatively, the second password registered in the management device is deleted and invalidated when the transaction processing is performed more than a preset upper limit number of times, as in the invention according to claim 5. It can also be configured. According to each of these configurations, the second password is set when the preset validity period has passed, or when the transaction processing using the second password has been performed for a predetermined number of times or more. Therefore, the security of the ID recording medium can be minimized.

[0013] As in the invention according to claim 6, when the transaction processing based on the second password is performed, the transaction history may be stored and held. According to such a configuration, when a transaction is performed by an agent,
Since information relating to the transaction processing is stored and held as transaction history data, the existence of the transaction history data can function as a binding force against the unauthorized use of the ID recording medium by the agent.

[0014]

DESCRIPTION OF THE PREFERRED EMBODIMENTS An embodiment in which the present invention is applied to a certificate issuing machine will be described below with reference to the drawings. FIG. 5 shows the front appearance of an ID card 1 as an ID recording medium used in this embodiment. The ID card 1 is made of a magnetic card to which a tape-shaped magnetic recording section 1a is affixed, and has at least a card title 1b printed on its surface and a card number unique to the ID card 1 or the like. Is formed by embossing.

In this case, the magnetic recording unit 1a includes, for example, a confirmation code for specifying the issuer of the ID card 1,
A card number (user ID identification code) for specifying an individual user, personal identification information including expiration date data indicating the card expiration date, and the like are recorded. However, the ID card is not limited to a magnetic card, but may be an IC card or an optical card on which an IC chip is mounted.

The ID card 1 is issued in advance in response to a user's application, for example, at a window for performing a certificate issuing business. In this case, the personal identification number applied from the user side is used. It is registered in the host computer described later in a state of being combined with the above member number on a one-to-one basis. Further, when the ID card 1 is issued, the identity is confirmed by an identification card or the like. In the following,
For convenience of explanation, the password registered as above
Let's call it the PIN.

FIG. 4 shows an external view of an automatic certificate issuing machine 2 as an automatic transaction apparatus. In FIG. 4, a card insertion slot 3 for inserting the ID card 1 is provided in a panel 2a provided on the front left side of the automatic certificate issuing machine 2.
a card reader (indicated by reference numeral 3 in FIG. 1) for taking in the inserted ID card 1 and reading the recorded data is disposed at the back. A pilot lamp 4 for prompting card insertion is provided at a position adjacent to the card insertion slot 3a, and a call button 5 for calling an attendant is provided near the card insertion slot 3a.

A CRT display 6 for displaying guidance such as an operation method and an operation menu is provided at a position above the card insertion slot 3a on the panel 2a. A transparent panel-shaped touch panel 7 having a well-known configuration is provided.

At the upper part of the main door 2b provided on the front right side of the automatic certificate issuing machine 2, a coin insertion slot 8a and a bill insertion slot 9a for paying a certificate issuance fee are provided. In this case, a well-known coin mech (FIG. 1) is provided in the automatic certificate issuing machine 2 at a position communicating with the coin slot 8a.
And a well-known building burr (shown by reference numeral 9 in FIG. 1) is provided at a position communicating with the bill insertion slot 9a. At a position adjacent to the bill insertion slot 9a, a pilot lamp 10 for urging payment of a fee is provided.

At the center of the main door 2b, a certificate discharge port 11 for discharging a certificate, which is a document to be issued, and an auxiliary discharge port 12 for discharging change and receipts are arranged side by side. Is provided. A pilot lamp 13 for notifying that a certificate, change, or receipt has been discharged is provided at a position adjacent to the certificate discharge port 11.

FIG. 1 shows the electrical configuration of the automatic certificate issuing machine 2 and the parts related thereto by combination of functional blocks, which will be described below. That is,
The automatic certificate issuing machine 2 has a CPU 1 for its operation control.
The CPU 14 is a host computer 15 (corresponding to a management device in the present invention).
And the data transfer operation between them can be performed using the communication control device 16.

In the automatic certificate issuing machine 2, the CPU 14
Are connected to the card reader 3, the CRT display 6, the touch panel 7, the coin mech 8, and the bill validator 9, a laser printer 17 for printing on a certificate sheet, and a receipt printer 1 for printing a receipt.
8. Stapler 1 for binding multiple certificate sheets
9, a stamping machine 20 for stamping a certificate with, for example, a punching pattern, a paper transport unit 21 for transporting a certificate paper, and a completed certificate for the certificate outlet 11
Paper discharge unit 22 for discharging paper to the printer, a voice generating device 23 for guiding operation methods, a ROM 24 storing a control program, etc., and a RAM 2 for temporarily storing data and transferring data during operation control.
5. An HDD (hard disk device) 26 for storing various data and an I / O interface unit 27 are connected.

Here, although not specifically shown, the various I / O interface units 27 are, for example, the call button 5, the pilot lamps 4, 10, 13 and a group of sensors for detecting an abnormal conveyance of a certificate. , Certificate automatic issuing machine 2
It is provided for transmitting and receiving signals to and from various components necessary for the communication.

On the other hand, the host computer 15 is configured so as to be able to manage a plurality of certificate issuing machines 2 through a network, and includes a certificate such as a resident's card and a seal registration certificate. A state in which data necessary for issuance (including personal identification information such as a membership number relating to the ID card 1 and the first personal identification number registered as described above, in addition to basic data such as resident data) is arranged. Is connected. The host computer 15 is connected to, for example, a telephone line 29 as a communication line via a response device 30 having a response function based on voice guidance, thereby transmitting and receiving data to and from an external general telephone set 31. Can be performed.

The host computer 15
Is configured so that a second password can be registered in the database 28 in response to a remote operation through the general subscriber telephone set 31. Specifically, when the user who has been issued the ID card 1 accesses through the general subscriber telephone set 31, the following control is performed.

... Voice guidance through the response device 30 prompts the user to input the issued card number of the ID card 1 (this card number input operation is performed, for example, on the general subscriber telephone 31 side). This is performed through a push button, and the same applies to each input operation described below.)

... When the card number is input, the user is prompted by voice guidance through the response device 30 to input the first personal identification number registered for the ID card 1.

... When the password is inputted, whether the combination of the password and the member number inputted as described above matches the combination of the first password and the member number registered in the database 28. Check whether or not.

... If the collation result is correct, voice guidance through the response device 30 prompts the user to input a second password. In this case, it is desirable to output together with voice guidance for instructing the input second password to be different from the registered first password.
In addition, the owner of the ID card 1 has the second password,
When requesting a third party (that is, an agent) to perform the work of receiving a certificate using the ID card 1, the password is temporarily registered for use by the agent.

... If the collation result is incorrect,
If the above collation result is not in an appropriate state even after re-executing the above control and executing such control a plurality of times, accepting registration of the second password After outputting a message to the effect that the call cannot be made through the answering device 30, the telephone line 29 is shut off.

When the second password is inputted in accordance with the control of..., The second password is registered in the database 28 in a state where the second password is associated with the member number, and the second password is registered. After outputting a message indicating that the registration of the number has been accepted through the response device 30, the telephone line 29 is shut off. In this case, the second
It is desirable to output together with voice guidance for guiding the validity period of the personal identification number and how to use it.

In short, as a result of the above-described control being performed on the host computer 15 side, the user who has been issued the ID card 1 can use the agent to issue the certificate through the automatic certificate issuing machine 2. In this case, an arbitrary second password associated with the card number of the ID card 1 can be registered through the general subscriber telephone set 31. In the present embodiment, the registered second security code is set in advance when its validity period has expired, or in a transaction process (certificate issuance process) using the second security code. The registration is deleted and invalidated when the number of times has been exceeded.

FIG. 2 shows an example of the operation of the automatic certificate issuing machine 2, which will be described below together with the contents of operations performed on the host computer 15 side. Note that the user of the automatic certificate issuing machine 2 can apply for the certificate issuing service at a window for performing the certificate issuing in advance.
The D card 1 is obtained in advance.

In FIG. 2, the automatic certificate issuing machine 2 selects a certificate to be issued to the user on the CRT display 6 in a normal state, that is, in a standby state in which no operation is performed by the user. FIG. 3 (a) for prompting operation
A "menu selection screen" of a format as shown in FIG. 1 is displayed (S1), and in this state, the process waits until a selection operation is performed through the touch panel 7 (step S1).
2). When the above-described display is being performed, the user can perform an operation of selecting the certificate through the touch panel 7 by touching the portion where the desired certificate name is displayed with his / her finger.

When the user selects a certificate to be issued from the standby state as described above, the automatic certificate issuing machine 2 issues a message prompting insertion of the ID card 1 into the card insertion slot 3a. A “card insertion screen” (not shown) is displayed on the CRT display 6 (step S3), and in this state, the system stands by until the ID card 1 is inserted (step S4).

The user inserts the ID card 1 into the card insertion slot 3a in accordance with the display of the "card insertion screen" as described above. In this case, the automatic certificate issuing machine 2 constantly monitors the insertion state of the ID card 1 into the card insertion slot 3a, and when the insertion of the ID card 1 is detected, the recording data of the ID card 1 is transferred to the card reader 3. (Step S5).

In the state where the record data of the ID card 1 is read in this way, a transaction type collation routine S6 is executed. In the collation routine S6, a transaction type collation signal including the personal identification information (card number, expiration date data, etc.) in the read data as described above is transmitted to the host computer 15 via the communication control device 16, and Waits until one of the agent transaction confirmation signal and the normal transaction confirmation signal is answered back from the host computer 15, and when the signal is answered back, the process proceeds to the next step S7.

Here, when the host computer 15 receives the transaction type collation signal, the host computer 15 accesses the database 28 to obtain a state corresponding to the card number in the personal identification information included in the collation signal. Second
It checks whether the personal identification number of the transaction is registered, and if it is registered, answers the agent transaction confirmation signal to the certificate issuing machine 2 which is the transmission source of the transaction type collation signal, and registers it. If not, the normal transaction confirmation signal is answered back.

In step S7, it is determined whether or not the transaction is made by an agent based on the answer backed signal. That is, when the agent transaction confirmation signal is answered back, it is determined that the transaction is performed by the agent, and when the normal transaction confirmation signal is answered back, it is determined that the transaction is the normal transaction.

If "YES" is determined in the step S7, the touch panel 7
3 for prompting the input operation of the second password through
"Client PIN input screen" as shown in (b)
Is displayed (step S8), and when it is determined to be "NO", as shown in FIG. 3C for prompting the CRT display 6 to input the first password through the touch panel 7. Then, a "normal password input screen" is displayed (step S9).

Note that the “client's password” displayed in FIG. 3B indicates the second password, and FIG.
The "password" displayed in (c) indicates the first password. Further, in each of the above-mentioned "password input screens", a ten-key figure for indicating the input position of the password on the touch panel 7 is displayed.

In a state where either the "client password input screen" or the "normal password input screen" is displayed, the process waits until a password is input through the touch panel 7 (step S10). Then, when a password is input in response to the operation of the numeric keypad portion of the touch panel 7 by the user, a password collation routine S11 is executed. In this collation routine S11, a password collation signal including the personal identification number input as described above and the personal identification information read in step S5 is transmitted to the host computer 15, and the host computer 15 responds accordingly. The process waits until either the acceptance signal or the non-acceptance signal is answered back, and when the signal is answered back, the process proceeds to the next step S12.

Here, when the host computer 15 receives the password collation signal, the host computer 15 accesses the database 28 to determine whether the password contained in the collation signal is proper. to decide.

More specifically, when the transaction by the agent is selected (when "YES" is determined in step S7), the transaction corresponding to the card number in the received password collation signal is performed. It is determined whether or not the second password is registered, and whether or not the second password matches the received password. If the second password is matched, the reception signal is answered back. In the case of, the rejection signal is answered back.

If the normal transaction has been selected (if "NO" is determined in step S7), the first password is associated with the card number in the received password collation signal. In addition to judging whether or not the first password is registered, it is determined whether or not the first password matches the received password. If the first password is matched, the received signal is answered back. Answer back.

In step S12, it is determined whether or not the collation result of the password is correct based on the answer backed signal. That is, when the received signal is answered back, it is determined that the input personal identification number is appropriate, and when the unaccepted signal is answered back, it is determined that it is inappropriate.

If it is determined that the ID card 1 is inappropriate, the ID card 1 is ejected from the card insertion slot 3a and returned (step S24), and thereafter, the initial state (a state where the "menu selection screen" is displayed). Return to It should be noted that, when it is determined that the input personal identification number is inappropriate, control may be performed to permit re-input of the personal identification number a predetermined number of times.

On the other hand, if it is determined that the input password is appropriate, it is determined again whether or not the transaction is made by an agent (step S13). That is, if the transaction is a normal transaction, the process returns to the initial state via the step S24 for returning the ID card 1 after executing the issuing process routine S22.

In the issuance processing routine S22, although not specifically shown, the operation of collecting the issue fee for the certificate to be issued selected by the user through the "menu selection screen" and the printing of the certificate are performed. An operation of reading necessary data (corresponding to the ID card 1 from which the data has been read in step S5) from the database 28, an operation of editing the read data into an output format of a certificate, and generating print data, The operation of creating a certificate by driving the laser printer 17, the paper transport unit 21, etc. based on the data.
1 and an operation of printing a receipt by the receipt printer 18 and discharging it to the auxiliary discharge port 12.

On the other hand, if "YES" is determined in the step S13, that is, if the transaction is made by an agent, the ID card 1 taken in by the card reader 3 is ejected from the card insertion slot 3a. And return it (step S14). After performing such a return operation, the CR
A "card insertion screen" as shown in FIG. 3D is displayed on the T display 6 (step S15),
In this state, it waits until the ID card 1 is inserted (step S16). In addition, the "card insertion screen" notifies that the transaction by the agent has been accepted, receives the returned ID card 1, and displays the card insertion slot 3a.
The content prompts the user to newly insert the ID card 1 issued to the agent himself.

The user (in this case, the agent) inserts the ID card 1 issued to himself into the card insertion slot 3a in accordance with the contents displayed on the "card insertion screen" as described above.
In response, "YES" is determined in step S16, and in this case, the recording data of the ID card 1 is read through the card reader 3 (step S1).
7).

After reading the recorded data of the ID card 1 in this manner, the first personal identification number corresponding to the ID card 1 (that is, the ID number of the agent's own ID card 1 is registered on the CRT display 6). PIN)
3 (e) for prompting the user to perform an input operation is displayed (step S1).
8).

"Agent password input screen" as described above
In the display state of (1), the process stands by until a password is input (step S19). When a password is input by operating the touch panel 7, the password collation routine S20 is executed. In the collation routine S20, a password collation signal including the password input as described above and the personal identification information read in step S15 is transmitted to the host computer 15, and the host computer 15 responds accordingly. The process waits until one of the accepted signal and the unaccepted signal is answered back, and when the signal is answered back, the process proceeds to the next step S21.

Here, the host computer 15, when receiving the password collation signal, accesses the database 28 to determine whether or not the password included in the collation signal is appropriate. Specifically, it is determined whether or not the first password is registered in correspondence with the card number in the received verification signal, and whether or not the first password matches the received password. Is determined, and if they match, the received signal is answered back; otherwise, the unaccepted signal is answered back.

In step S21, it is determined whether or not the collation result of the personal identification number is correct on the basis of the answer backed signal. If it is determined that the result is incorrect, the ID card 1 for returning the ID card 1 is determined. After executing step S24, the process returns to the initial state. When it is determined that the input personal identification number is incorrect, a control may be performed to permit re-input of the personal identification number a predetermined number of times.

On the other hand, if it is determined that the personal identification number is appropriate, an issuance processing routine S23 for printing and issuing a certificate is executed, and then the process returns to the initial state via the return step S24. I do.

The contents of the issuing process routine S23 are specifically the same as those of the issuing process routine S22 described above. That is, in the issuance processing routine S23, the operation of collecting the issuance fee for the certificate to be issued selected by the user through the "menu selection screen", the data necessary for printing the certificate (the data is The operation of reading the read client's ID card 1) from the database 28, the operation of editing the read data into the output format of the certificate to create the print data, and the operation of the laser printer 1 based on the print data.
7. An operation of creating a certificate by driving the paper transport unit 21 and the like, an operation of discharging the created certificate to the certificate outlet 11 by the paper discharge unit 22, and printing a receipt by the receipt printer 18 to assist. Outlet 12
Operation such as discharging to

In addition, in the issuing process routine S23,
Information regarding the transaction processing (certificate issuance processing) by the agent (such as the type of issued certificate, issuance date and time, issuance time, and personal identification information read from the ID card 1 of the agent itself) is transmitted to the host computer 15 side. The host computer 15 stores the received transaction processing information in the database 28 as transaction history data.

In the issuance processing routine S23, an operation of creating accumulated value data indicating the number of times of transaction processing by the agent and transmitting it to the host computer 15 is performed. Stores the received accumulated value data in the database 28 as information for determining whether or not transaction processing (certificate issuance processing) using the second password has been performed a predetermined number of times or more. Hold.

In short, according to the automatic certificate issuing machine 2 described in the above embodiment, it goes without saying that the certificate issuance operation can be performed in accordance with the direct operation by the user who has been issued the ID card 1. However, the operation of issuing a certificate by the operation of the agent delegated by the user can be performed without causing the confidentiality of the password associated with the ID card 1 to be lost. .

Specifically, when the delegated agent receives a certificate in the certificate issuing machine 2,
Since it is sufficient to use the ID card 1 received from the delegate and the temporarily registered second password, the ID
It is not necessary to tell the agent the original password (the first password) of the card 1, and the confidentiality of the password can be reliably maintained. In addition, in order to register the second PIN, the first PIN that can be known only by the owner of the ID card 1 is required, so that even if the ID card 1 is lost, There is no danger that the security will decrease.

Further, the second security code may be used when a predetermined validity period has passed, or when the transaction processing (certificate issuance processing) using the second security code is equal to or more than a predetermined upper limit number. Since the configuration is such that the ID card 1 is invalidated when it is performed, the security of the ID card 1 can be minimized.

In addition, when the certificate is issued by the agent, information on the certificate issuance processing is stored and held in the host computer 15 as transaction history data. There is an advantage that the presence can function as a binding force against the unauthorized use of the ID card 1 by the agent.

When the owner of the ID card 1 delegates the operation of issuing a certificate to a third party, it is necessary to register a second password in advance.
It can be performed by a simple operation through, which is very convenient in actual operation. In other words, the situation in which the certificate issuance operation is delegated to a third party is considered to be often caused by the fact that it is difficult for the principal (delegator) to go to the place where the automatic certificate issuing machine 2 is installed. However, in such a situation, the configuration in which the telephone only needs to be used is very useful for the delegate.

In the above-described embodiment, the second password registered in the host computer 15 is changed to a transaction number (certificate issuance process) using the second password at least a predetermined upper limit number of times. Although the configuration is such that registration is canceled and invalidated when it is performed, the registration is canceled and invalidated when the transaction processing using the second PIN is completed, that is, when the certificate is issued. It is good.

In addition, the present invention is not limited to the above-described embodiment, and can be expanded or modified as described below. In the above embodiment, it is assumed that the agent who can be entrusted to issue the certificate by the automatic certificate issuing machine 2 owns the ID card 1, but the present invention is not limited to this. Of course not. That is, the operation of issuing a certificate by the automatic certificate issuing machine 2 is defined as I
The configuration may be such that it can be performed using only the D card 1 and the second password registered in association with the D card 1.

The automatic certificate issuing machine 2 has been described as an example of the automatic transaction apparatus. In addition, an ATM (automatic teller machine), a CD (automatic teller machine), or a credit as an ID recording medium may be used. Allows predetermined transaction processing based on the result of matching personal identification information read from an ID recording medium issued to an individual, such as a vending machine using a card, with a password entered by a user. The present invention can be widely applied to all automatic transaction apparatuses configured to perform the above operations.

Although the telephone line 29 is used as a communication line for registering the second personal identification number with the host computer 15, for example, a satellite communication line or a data communication line may be used. In addition, other wired or wireless communication lines can be widely used. Further, the above-described operation of registering the second password is performed through the general subscriber telephone set 31, but may be performed through a dedicated terminal device or a personal computer.

[0069]

According to the present invention, as is apparent from the above description, the personal identification information read from the ID recording medium issued to the individual and the personal identification number entered by the user are stored in the management device. In the automatic transaction apparatus configured to selectively allow predetermined transaction processing based on the result of collation with the data, the transaction processing is performed using the second password temporarily registered in the management apparatus. With this configuration, even when the performance of the transaction processing is delegated to a third party, it is possible to effectively prevent loss of confidentiality of the personal identification number registered for the ID recording medium. It has a great effect.

[Brief description of the drawings]

FIG. 1 is an overall functional block diagram showing an electrical configuration of an embodiment of the present invention.

FIG. 2 is a flowchart showing an operation example of the automatic certificate issuing machine;

FIG. 3 is a diagram showing a display example on a CRT display.

FIG. 4 is a perspective view of an automatic certificate issuing machine.

FIG. 5 is a front view of the ID card.

[Explanation of symbols]

1 is an ID card (ID recording medium), 2 is an automatic certificate issuing machine (automatic transaction device), 3 is a card reader, 6 is a CRT display, 7 is a touch panel, 14 is a CPU, 15 is a host computer (management device), 17 is a laser printer, 28 is a database, 29 is a telephone line (communication line), and 30 is a response device.

Claims (6)

[Claims] A personal identification information read from an ID recording medium issued to an individual and a personal identification number input by a user are combined with personal identification information and personal identification number combination data registered in advance in a management device. In a transaction processing method of an automatic transaction apparatus configured to perform a predetermined transaction processing only when the verification result is appropriate, the personal identification is performed on the management apparatus using the registered password. In a state where the second password combined with the information is configured to be temporarily registerable, and the second password is registered in the management device, the second password is input by the user. A transaction processing method of an automatic transaction apparatus, which is provided for comparison with a security code. 2. The transaction processing method for an automatic transaction apparatus according to claim 1, wherein the registration of the second personal identification number with the management apparatus can be performed through a communication line. 3. The automatic transaction according to claim 1, wherein the second password registered in the management device is deleted and invalidated when the transaction processing is completed. Equipment transaction processing method. 4. The system according to claim 1, wherein the second security code registered in the management device is deleted and invalidated when a predetermined validity period has passed. Transaction processing method of automatic transaction equipment. 5. The method according to claim 1, wherein the second password registered in the management device is deleted and invalidated when the transaction processing is performed more than a predetermined upper limit number. Item 3. The transaction processing method of the automatic transaction device according to item 1 or 2. 6. The transaction of the automatic transaction apparatus according to claim 1, wherein when a transaction process based on the second password is performed, the transaction history is stored and held. Processing method.