KR101248058B1 - Internet settlement system - Google Patents

Abstract

(Problem) Providing an internet payment aid that can carry out Internet commerce more stably without risk of eavesdropping and altering card number and password.

(Solution means) The display 11, the card information storage unit 13 stored in advance in a state where card information of the card contractor cannot be read from the outside, and the prestored state in which the authentication information of the contractor can not be read from the outside. The authentication information storage unit 15, the OTP generation information storage unit 17 stored in advance in the state that the OTP generation information cannot be read from the outside, and the input information from the numeric keys 12a and the numeric keys 12a. Authorization means 14 for displaying the card information on the display 11 by authenticating the operator based on the user, and generating the OTP for generating the one-time password based on the OTP generation information and displaying the card information on the display 11 after the card information is displayed. The means 16 is provided, and the contractor's identity is authenticated by the one-time password, which enables internet commerce.

Internet payment aid

Description

Internet payment system {INTERNET SETTLEMENT SYSTEM}

The present invention relates to an internet payment assistant.

Conventionally, card identification information (card number) such as a credit card or bank card and a password are stored in a mobile phone, and the card number is displayed on the display of the mobile phone when the password entered in the mobile phone and the stored password match. There is a cellular phone which also functions as a card by displaying it (see Patent Document 1, for example).

However, the mobile phone to which such a card function is provided has the subject described below.

Patent Document 1: Japanese Patent Publication No. 2002-64597

The storage, erasure, etc. of data to the cellular phone to which the card function of patent document 1 was given are performed by communication. That is, it is assumed that this cellular phone is connected to the network.

In this way, if a card number or password is stored in a mobile phone that can be connected to a network, there is little risk of eavesdropping or altering the card number or password by a malicious third party due to unauthorized access. do.

Thus, if the mobile phone is configured to be unable to connect to the network, the above-mentioned eavesdropping or alteration concerns may be eliminated.

However, it has been practically difficult to make a mobile phone incapable of connecting to a network, in which it has become common for a mobile phone to have a network communication function in addition to a basic call function. In addition, in order to prevent the stored card number or password from being read from the outside while maintaining the structure of the cellular phone in the current state, an encryption program or the like must be provided, which makes the configuration complicated.

In addition, in the case of the mobile phone of Patent Document 1, even if it is not exposed to the above-mentioned network, the card number displayed on the display of the mobile phone is exposed to a third party once, and the third party uses the card number to access the Internet. It becomes possible to perform internet commerce by credit settlement on the security, and security at this point is also low.

In addition, in view of the situation that the patent applicant can perform internet commerce using only the card number as described above, the card member's identity is authenticated by the presentation of a fixed password predetermined by the card member in addition to the presentation of the card number. The operation of the Internet payment system, which says that Internet commerce cannot be performed without passing through the service, is started.

However, once this fixed password is also known to a third party, it becomes possible to conduct Internet commerce by pretending that the third party is a card member, and it cannot be said that it is necessarily secure.

SUMMARY OF THE INVENTION The present invention has been made in view of the above-described conventional problems, and an object thereof is that there is no risk of eavesdropping or altering a card number or password due to unauthorized access or the like, and furthermore, Internet payment which enables more secure internet commerce. It is to provide an auxiliary device.

The invention of claim 1,

A portable Internet payment assistant, comprising: a display and a card information storage unit previously stored in a state where card information including at least identification information of a card contractor such as a credit card or a debit card cannot be read from the outside; And an OTP generation information unique to the Internet payment aid in connection with the card information, which is stored in advance in a state in which the authentication information for authenticating the contractor cannot be read from the outside. OTP generation information storage unit stored in advance in a state that can not be stored, an input means for inputting the authentication information, and the user authentication whether or not the operator of the Internet payment auxiliary device is the contractor based on the input information input from the input means When the identity is confirmed, at least the identification information of the card information is read and the An authentication means for displaying on the display and a one-time password generating means for generating a one-time password based on the OTP generation information and displaying it on the display after the card information is displayed. When the identity is confirmed and the identity is confirmed, the Internet payment assisting apparatus is characterized in that Internet commerce by payment using the identification information is enabled.

According to a second aspect of the present invention,

In an Internet payment system in which a contractor terminal, such as a cellular phone or a personal computer of a card contractor such as a credit card or a debit card, and an authentication server for authenticating the contractor, are connected to each other in a network, A portable Internet payment assistance device used when conducting Internet commerce by means of the above, the Internet payment assistance device includes a display and card information previously stored in a state that card information including at least the identification information of the contractor cannot be read from the outside. OTP generation information unique to the storage unit, the authentication information storage unit stored in advance in the state that the authentication information for authenticating the contractor can not be read from the outside, and the Internet payment assistant in relation to the card information Stores OTP generation information stored in advance that cannot be read from the outside And inputting means for inputting the authentication information, and authenticating whether or not the operator of the Internet payment assisting apparatus is the contractor based on the input information inputted to the inputting means, and when the identity is confirmed, the card information. Authentication means for reading at least the identification information of the identification information and displaying the card information on the display, and generating the one-time password based on the OTP generation information and displaying the identification information on the display after the card information is displayed. The contractor terminal transmits the one-time password to the authentication server, whereby the contractor's identity is authenticated and the Internet commerce is enabled when the identity is confirmed.

According to the invention of Claims 1 and 2, if the identity of the contractor is not verified by the Internet payment aid device, even if the contractor himself is not able to know the card information, the card information cannot be read from the outside. Unlike the conventional credit card, where the card information is exposed, the card information is increased in confidentiality, thereby preventing unauthorized use of the card information in Internet commerce.

In addition, since the Internet payment assistance device is a portable type, it is possible to conduct secure internet commerce using a mobile phone, a personal computer at home, or a personal computer at a business trip, wherever the contractor is located, thereby increasing convenience of internet commerce.

In addition, since the one-time password created based on the contractor's own OTP generation information stored in the Internet payment assistance device is used for authentication of the contractor, even if a third party obtains, for example, the one-time password, it cannot be used for the next Internet commerce.

Since OTP generation information for one-time password generation is stored in a state that cannot be read from the outside, even the contractor cannot know the OTP generation information. Know your password. In other words, since one-time password generation by a third party is impossible, the safety of Internet commerce is more guaranteed.

In addition, since the one-time password is not generated after the card information is displayed on the Internet payment aid, a third party who does not have the Internet payment aid cannot generate the one-time password even if only the identification information is known. . In addition, even if a third party steals the Internet payment aid, one-time password cannot be generated without authentication information input to the Internet payment aid.

That is, the contractor is authenticated by the authentication means of the Internet payment aid, and further authenticated by the authentication server, and finally authenticated based on two different authentication information until internet commerce is possible. Since it is necessary to go through the third party, it is possible to prevent the third party from acting more securely, thereby increasing the safety of Internet commerce.

According to a third aspect of the present invention,

The authentication information is a password predetermined by the contractor, and the input means is an Internet payment aid, characterized in that the numeric key.

According to the invention of claim 3, since the input means and the authentication means can be configured relatively inexpensively, the use of the Internet payment assistance apparatus is facilitated.

The invention of claim 4,

The authentication information is an internet payment assistance device, characterized in that the biometric information quantified the biological characteristics such as fingerprint, iris, vocal cord, face photograph of the contractor.

According to the invention of claim 4, since the contractor's identity can be authenticated with high accuracy, the Internet payment assistance device is not likely to be misused even if the Internet payment assistance device is stolen.

The invention of claim 5,

The OTP generation information is a common key, and the one-time password generation means detects the pressing of a predetermined operation key, and encrypts the temporary data consisting of the date and time when the operation key is pressed with the common key to generate a one-time password. Internet payment aid.

The invention of claim 6,

The OTP generation information is composed of a common key and usage count information updated each time the one-time password is generated. The one-time password generation means detects pressing of a predetermined operation key and stores the usage count information by a common key. And a one-time password generated by encryption, and updating the number of times of use in the OTP generation information storage unit after the one-time password is generated.

The one-time password generated here is encrypted by using the common key, the date and time data consisting of the date and time when a predetermined key is pressed or the usage frequency information updated each time the one-time password is generated. That is, since the password can be created only by the contractor who is operating the Internet payment aid, the third party who does not have the Internet payment aid cannot act as a contractor, thereby further increasing the safety of the Internet commerce. .

The invention of claim 7,

The internet payment aid is an internet payment aid characterized in that it has a tamper resistance (Tamper Resistance).

According to the invention of claim 7, since the Internet payment assistance apparatus is provided with tamper resistance, better security for eavesdropping and alteration of card information, authentication information, and OTP generation information by a third party is achieved.

(Effects of the Invention)

According to the Internet payment aid of the present invention, if the identity is not confirmed as a result of the contractor's identity authentication by the Internet payment aid, even if the contractor himself is not able to know the card information, the card information can not be read from the outside Unlike the conventional credit card, where the card information is exposed, the card information is increased in confidentiality, thereby preventing unauthorized use of the card information in Internet commerce.

In addition, since the Internet payment assistance device is portable, the convenience of Internet commerce is increased because a secure internet commerce can be performed using a mobile phone, a personal computer at home, or a personal computer at a business trip, even wherever the contractor is located.

In addition, since the one-time password created based on the contractor's unique OTP generation information stored in the Internet payment aid is used for the contractor's identity authentication, even if a third party obtains, for example, the one-time password, it cannot be used for the next Internet commerce.

Since OTP generation information for one-time password generation is stored in a state that cannot be read from the outside, even the contractor cannot know the OTP generation information. Know your password. That is, since one-time password generation by a third party is impossible, the safety of internet commerce is more guaranteed.

In addition, since the one-time password is not generated after the card information is displayed on the Internet payment aid, a third party who does not have the Internet payment aid cannot generate the one-time password even if only the identification information is known. . In addition, even if a third party steals the Internet payment aid, it is impossible to generate a one-time password without authentication information input to the Internet payment aid.

That is, the contractor is authenticated by the authentication means of the Internet payment aid, and further authenticated by the authentication server, and finally authenticates the user based on two different authentication information until internet commerce is possible. Since it must go through, third-party bans are more prevented, and the safety of Internet commerce is increased.

1 is a block diagram showing the appearance and electrical hardware configuration of the Internet payment aid of the present invention.

2 is a schematic connection configuration diagram of an internet payment system using an internet payment assistance device.

3 is a diagram illustrating an example of a process flow of internet commerce in an internet payment system.

4 is a diagram illustrating an example of a screen displayed on a member terminal in a process flow of internet commerce in an internet payment system.

5 is a diagram illustrating an operation procedure and a display screen transition of the Internet payment aid.

Fig. 6 is a schematic connection configuration diagram of a system required for registering a password for authenticating a card member in advance when the card member uses an internet payment system that does not use the Internet payment aid.

Description of the Related Art

1: Internet payment aid 10: Housing

11: display 12: key control panel

12a: Numeric Key 12b: Start Key

13: card information storage unit 14: authentication means

15: authentication information storage unit 16: OTP generating means

17: OTP generation information storage unit 18: time measurement means

19: driving power supply 2: member terminal

3: Merchant Terminal 4: Merchant Management Company Terminal

5: mediation server 6: card issuer terminal

7: authentication server 9a: network

9b: dedicated line

EMBODIMENT OF THE INVENTION Hereinafter, preferred embodiment of this invention is described in detail based on an accompanying drawing. 1 (a) is an external view of the Internet payment assistant 1, Figure 1 (b) is a block diagram of the electrical hardware of the Internet payment assistant (1).

Internet payment assistance device 1 is a network connection between a contractor terminal (such as a mobile phone or a personal computer) of a card contractor such as a credit card or a debit card, and an authentication server (usually held by a card company) that authenticates the contractor. In the established Internet payment system, the contractor is used when conducting Internet commerce such as Internet shopping by payment using the identification information of the contractor. As shown in FIG. And the housing 10 which is ultra-thin and can be carried, and the display 11 and the key operation part 12 are exposed on the outer surface of the housing 10. As shown in FIG.

In addition, the display 11 of this embodiment is an eight-digit display display, and the key operation part 12 is comprised of the numeric keys 12a of 0-9, and the start key 12b.

As shown in FIG. 1 (b), the interior of the housing 10 includes a card information storage unit 13, an authentication information storage unit 15, and an authentication unit 14 in addition to the display 11 and the key operation unit 12. , Hardware (CPU, memory) for functioning as the OTP generating means 16, the OTP generating information storage unit 17, and the time measuring means 18, and these hardware electrical components (display 11, key operation unit 12). ), A CPU, and a memory] are constituted by a driving power supply 19 (battery).

In addition, the housing 10 of the present embodiment is provided with a slot for embedding an IC card, such as a SIM, in addition to the display 11, the key operation unit 12, and the driving power source 19, and the IC card in the slot. Insert and use The CPU and memory use what is included in this IC card. As will be described later, since different information is stored for each contractor in the card information storage unit 13, the authentication information storage unit 15, and the OTP generation information storage unit 17, such information is stored in the memory of the IC card and stored in the slot. By inserting and using the housing 10 itself, a common one can be used without a contractor, and since the housing 10 itself does not hold personal information, the productivity of the housing 10 is improved and the handling and management of the housing 10 can be improved. Becomes easy.

In addition, although the driving power supply 19 of this embodiment is a button battery, a solar cell, a rechargeable battery, etc. may be sufficient. In addition, the Internet payment assistance device 1 may be in a power-off state at normal times, and may be powered up when, for example, any one of the key operation units 12 has been operated.

The card information storage unit 13, the authentication information storage unit 15, and the OTP generation information storage unit 17 of the present embodiment are specifically configured as a memory for storing card information, authentication information, and OTP generation information, which will be described later. The memory may be one memory that physically stores these information, or may be two or more memories.

Specifically, the authentication means 14 and the OTP generating means 16 of the present embodiment are constituted by a program stored in a memory, and the CPU in the Internet payment assistant 1 reads and executes the program from the memory to execute these. The functions of the authentication means 14 and the OTP generating means 16 are realized. In addition, in the Internet payment assistance apparatus that does not include a CPU and a memory, the functions of the authentication means 14 and the OTP generating means 16 may be realized in a circuit using electronic components.

The Internet payment aid 1 according to the present embodiment is an individual card member from a card issuing company (is a debit card, a bank or a card issuing company that issues a debit card) that issues a credit card based on a license agreement with a credit card brand. For the contractor, the card issuer distributes the card with unique card information, authentication information, and OTP generation information in the memory (distribution type is good for both loan and transfer). Information storage unit 13, authentication information storage unit 15, and OTP generation information storage unit 17].

In addition, even the contractor himself who has distributed the Internet payment aid 1 cannot read the recorded contents of the memory from the outside. Only when the contractor himself / herself has been authenticated and confirmed as the contractor, the card information is displayed on the display 11 so that only the card information can be known. In other states, the card information is hidden.

The storage contents of the memory cannot be read from the outside because the Internet payment assistance device 1 is a non-net type terminal that does not have an interface connected to a network such as the Internet.

In addition, in order to improve the security of eavesdropping and tampering with the stored contents of the memory, an IC card such as an Internet payment assistant 1 or a SIM embedded in the Internet payment assistant 1 can be used to prevent tampering. Attempting to read the recorded contents directly from the memory may erase the recorded contents of the memory or prevent the program from starting.

Hereinafter, the detail of each part of the internet payment assistance apparatus 1 is demonstrated.

The card information storage unit 13 is a memory stored in advance in a state in which card information including at least the identification information of the contractor cannot be read from the outside, and the card information of the present embodiment is unique to the contractor's identification information (card number) and is valid. Security code (3-digit decimal number pre-encrypted by a predetermined method, usually printed on the sign panel of a plastic-type credit card. This number confirms the authenticity of the card) It consists of. It may also include a person's name. Also, the card information may consist only of the identification information. It is not necessary for the card information to include all of the expiration date, the security code, and the name of the person named, and the card information may be configured by combining one or more as appropriate.

The authentication information storage unit 15 reads authentication information for verifying the contractor's identity from the outside, such as a password determined by the contractor and biometric information that quantifies biometric characteristics such as a fingerprint, iris, vocal cord, and face photograph of the contractor. It is a pre-stored memory that cannot be loaded.

In addition, the authentication information stored in the authentication information storage unit 15 is different from the authentication information used by the authentication server in the Internet payment system for the contractor's identity authentication. Authentication information required for the execution. The authentication information in the authentication server and the authentication information in the Internet payment assistance device 1 are different from each other.

The OTP generation information storage unit 17 is a memory previously stored in a state in which the OTP generation information unique to the Internet payment assistance device 1 cannot be read from the outside, and the OTP generation information of the present embodiment is the Internet payment assistance device 1. Is a common key, which is stored in the card information storage unit 13 in a server (authentication server in the embodiment described later) that verifies the one-time password generated by the OTP generating means 16. Associated with the identification information.

In addition, the common key is a key stored only in the authentication server for authenticating the contractor in internet commerce and the Internet payment assistant 1, and in this embodiment, the OTP generating means 16 described later generates a one-time password. Used.

The authentication means 14 is a means for authenticating whether or not the operator of the Internet payment assistance device 1 is a contractor (card member) who can use the identification information stored in the card information storage unit 13, and input means. In the present embodiment, the input information input from the numeric keys 12a and the authentication information stored in the authentication information storage unit 15 are checked to match. Is a means for reading the identification information among the card information stored in the card information storage unit 13 and displaying it on the display 11 as the contractor.

The authentication means 14 of the present embodiment is activated by receiving the press detection of the start key 12b by the operator pressing the start key 12b of the key operation unit 12. Further, after that, when the operator presses the numeric key 12a corresponding to the input means and inputs a four digit number, the authentication means 14 checks whether the input number matches the password stored in the authentication information storage 15. The card information is displayed on the display 11 in the case of a match.

If the authentication information is a password as in the present embodiment, a numeric key may be used as an input means, and the matching determination process between the input information and the authentication information is also easily performed. Therefore, the Internet payment device 1 is realized with a relatively inexpensive configuration. Use promotion of (1) is planned.

Although the authentication information of the present embodiment is a four-digit password, the authentication method and the authentication information are not limited thereto, and authentication means by a plurality of authentication methods may be appropriately combined. As a result, abuse of the Internet payment aid by a third party is prevented.

For example, if the authentication means 14 employs a biometrics authentication method, the authentication information is biometric information (data quantifying biometric features such as fingerprints, irises, vocal cords, face photos), and the like. The input means may be a scanner, a microphone, a digital camera, or the like for inputting these biometric information.

Since the biometric authentication method is a high-accuracy authentication method, even if the Internet payment aid 1 is stolen by a third party, the Internet payment aid 1 is not used unless the Internet payment aid 1 is distributed. It can not be used to prevent abuse.

In addition, the password, which is the authentication information of the present embodiment, may include alphabets in addition to numbers. In this case, it is necessary for the Internet payment assistance apparatus to include alphabet keys in addition to the numeric keys.

After the card information is displayed by the authentication means 14, the OTP generation means 16 generates a one-time password based on the OTP generation information (common key in this embodiment) stored in the OTP generation information storage unit 17. It is a means to display on the display 11.

This one-time password is sent from the contractor terminal to the authentication server, and is used for matching with the one-time password generated based on the OTP generation information in the authentication server when the authentication server performs authentication of the contractor. And if the matching result of these one-time passwords match and identity verification is performed by the authentication server, internet commerce by payment using the identification information of the said contractor is attained.

In this embodiment, when the operator presses the start key 12b after authentication by the authentication means 14 is performed and the card information is displayed on the display 11, it is the OTP generating means 16 that the start key 12b is pressed. A one-time password is generated and displayed as an opportunity to start the operation.

In addition, the OTP generating means 16 of this embodiment generates a one-time password by the time synchronization method mentioned later in detail, but other generation methods, for example, a counter synchronization method and a challenge and response, The one-time password may be generated by the method.

The time measuring means 18 is a means required by the OTP generating means 16 of this embodiment to generate a one time password by a time synchronous method, and means for measuring time. In addition, the time measuring means 18 may be constituted by a real time clock, and a time measuring program is stored in a memory so that the CPU can read and execute the time measuring program to realize a time measuring function. You may be. In addition, when the OTP generating means 16 generates a one-time password in a manner other than the time synchronization method, the time measuring means 18 is not necessary, and means necessary for each generation method is added instead.

In the present embodiment, as described above, the OTP generating means 16 receives the authentication means 14 displaying the card information on the display 11 and enters the standby detection detection state of the start key 12b. The OTP generating means 16 transmits the press detection to the time measuring means 18 when the press of the start key 12b is detected. The time measuring means 18 measures the date and time when the start key 12b is pressed, and passes the date and time data (year, month, day, hour, second, second in units of 30 seconds) to the OTP generating means 16.

The OTP generating means 16 reads the common key from the OTP generating information storage unit 17, encrypts the transferred temporary data with the read common key, converts it into a decimal number, and displays it on the display 11. The encryption method of the present embodiment employs a common key encryption method, but other encryption methods may be used.

According to the Internet payment assisting device 1 described above, when the contractor's identity is verified by the Internet payment assisting device 1 and confirmed to be the user, the card information displayed by the authentication means 14 is a merchant that can accept card payment. After being input from the card information input screen transmitted from the web site or the authentication server to be displayed on the contractor terminal, it is possible to transmit to the web site or the authentication server.

As such, if the contractor's identity is verified by the Internet payment assistant 1 and not confirmed as the person, that is, if the input information does not match the authentication information stored in the Internet payment assistant, the contractor himself is the card. Since the information is unknown and the card information is stored in a state that cannot be read from the outside, unlike the conventional credit card that exposes the card information, the card information becomes more confidential and illegal use of the card information in Internet commerce. This is avoided.

In addition, since the Internet payment assistance device is portable, the convenience of Internet commerce is increased because a secure internet commerce can be performed using a mobile phone, a personal computer at home, or a personal computer at a business trip, even wherever the contractor is located.

In addition, the one-time password displayed by the OTP generating means 16 is transmitted from the authentication server for authenticating the contractor, inputted on the one-time password input screen displayed on the contractor terminal, and then transmitted to the authentication server, and generated by the authentication server. In the case of a match with a one-time password, the identity is verified and the internet commerce can be made by payment using the contractor's identification information.

In this way, since the one-time password created based on the contractor's own OTP generation information stored in the Internet payment aid is used for the contractor's identity authentication, even if a third party obtains, for example, the one-time password, it cannot be used for the next Internet commerce.

Since OTP generation information for one-time password generation is stored in a state that cannot be read from the outside, even the contractor cannot know the OTP generation information, and only the contractor who is operating the Internet payment assist device can generate the one-time password. It can be seen. That is, since one-time password generation by a third party is impossible, the safety of internet commerce is more guaranteed.

In addition, since the one-time password is not generated after the card information is displayed on the Internet payment aid, a third party who does not have the Internet payment aid cannot generate the one-time password even if only the identification information is known. . In addition, even if a third party steals the Internet payment aid, one-time password cannot be generated without authentication information input to the Internet payment aid.

In other words, the contractor is authenticated by the authentication means of the Internet payment aid, and further authenticated by the authentication server, and finally authenticates himself based on two different authentication information until internet commerce is possible. Since it must go through, third-party bans are more prevented, and the safety of Internet commerce is increased.

In addition to the above-mentioned authentication information, the authentication information storage unit 15 receives the number of times of re-input of the input information when the input information and the authentication information do not match in the matching determination processing performed by the authentication means 14 (error Allowable number of times) may be stored in advance. In that case, the Internet payment assistance apparatus 1 or the authentication means 14 is also provided with a counting means (counter).

Then, in the flow in which the authentication means 14 performs the coincidence determination process, when the input information and the authentication information do not match, the counting means counts up from 1 each time, and the counted up number is compared with the number of error allowances. If the counted-up number exceeds the number of error allowances, then, the authentication means 14 prevents its processing from being performed, and also prevents the OTP generating means 16 from starting, and thereby the authentication flow and the OTP generation flow. Do not do it.

Accordingly, it is possible to prevent the malicious third party from stealing the Internet payment aid 1 and inputting the authentication information as soon as possible, so that the card information or the one-time password are not displayed on the display 11.

When the counted up number does not exceed the number of errors allowed and the input information and the authentication information coincide, the authentication means 14 causes the display 11 to display the card information. It is assumed to be reset (initialized) to zero.

Here, an example of the operation procedure of the Internet payment assistance apparatus 1 and the screen transition of the display 11 is shown in FIG. The display 11 of this embodiment is an eight-digit alphanumeric and symbol display.

First, when the start key 12b is pressed by the operator, the power supply of the Internet payment aid 1 is activated (S200), and is displayed as "APPLI" on the display 11 (S210), and also the start key 12b. After pressing (S225), the operator presses " 1 " on the numeric key 12a (S230) to change the authentication information (password). 2 " (S330).

When "1" is pressed (S230), since "PIN" is displayed on the display 11, the operator selects and presses a four-digit password from the numeric keys 12a as authentication information (S240). Thereafter, when the start key 12b is pressed (S245) and the pressed password matches the authentication information stored in the authentication information storage unit 15, among the card information stored in the card information storage unit 13, first, identification is made. The eight digits above the information (hereinafter referred to as the card number) are displayed on the display 11 (S250).

Subsequently, when the start key 12b is pressed (S255), eight digits below the card number are displayed on the display 11 (S260).

Subsequently, when the start key 12b is pressed (S265), the expiration date and the security code are displayed on the display 11 (S270). In addition, the flow of S265 and S270 is not essential, but only the card number of card information may be displayed.

Subsequently, when the start key 12b is pressed (S275), "OTP = 1" is displayed on the display 11, and a selection is made whether to generate and display a one-time password or to terminate it. Here, when the start key 12b is pressed (S290) and "1" of the numeric keys 12a is pressed (S295), "PIN" for prompting input of authentication information is displayed on the display 11 (S305). The operator again presses the four-digit password from the numeric keys 12a and presses the start key 12b (S310).

If the pressed password matches the authentication information stored in the authentication information storage unit 15, a one-time password is generated based on the OTP generation information stored in the OTP generation information storage unit 17, which is displayed on the display 11. It is displayed (S315).

When the start key 12b is pressed again (S320), the power of the Internet payment aid 1 is cut off.

When a key other than "1" of the numeric keys 12a is pressed or a predetermined predetermined time has elapsed without any key being pressed (S300), the power supply of the Internet payment assistance device 1 is automatically cut off.

The passwords inputted at S240 and S305 may be respective passwords for displaying card information and generating one-time passwords, and in this case, the respective passwords are stored separately in the authentication information storage unit 15.

In addition, in the present embodiment, before the flow S315 for displaying the one-time password on the display 11, the operator is urged to input authentication information again in S305. However, S305 is omitted and the disposable key is only pressed by pressing the start key 12b of S310. A password may be generated.

After S225, when "2" of the numeric keys 12a is pressed (S330), "CHANGE?" Is displayed on the display 11 (S335).

When the start key 12b is pressed (S340), "PIN" is displayed on the display 11 to prompt the input of the password. Therefore, the operator presses the four-digit password from the numeric key 12a (S345), and then starts it. When the key 12b is pressed (S350) and the pressed password matches the authentication information stored in the authentication information storage unit 15, "NEW1" for prompting input of the changed password is displayed on the display 11, The operator presses the password after the change from the numeric key 12a (S355), and also presses the start key 12b (S360).

Next, since the display 11 displays "NEW2" for prompting input of the changed password again, the operator presses the changed password again from the numeric key 12a (S365) and starts the start key. Press 12b (S370).

If the password pressed in S355 and the password pressed in S365 match, "COMPLETE" is displayed on the display 11 indicating that the password has been changed (S375). If the start key 12b is pressed after the confirmation, (S380) The password change procedure is completed and the power is cut off.

In addition, even if an input is made from the numeric keys 12a in S355 and S365 for improved security, the input value is preferably not displayed on the display 11.

Example 1

Hereinafter, a credit card member (hereinafter referred to as a card member) that is a credit card contractor who distributes the Internet payment assistant 1 shown in FIG. 1 is a personal computer having a communication function by using the Internet payment assistant 1. One embodiment of the case where network commerce (hereinafter referred to as Internet commerce) such as Internet shopping is performed from a mobile phone by payment using the card number of the card member is described.

The system configuration and network connection relationship of the Internet payment system of this embodiment are shown in the system configuration diagram of FIG. In addition, the flowchart of the internet commerce in the internet payment system of this embodiment is shown in the flowchart of FIG.

Further, in this embodiment, it is a credit card brand to provide an internet commerce service in the internet payment system.

A card member applies for a credit card to a card issuing company in advance, and receives a credit card. Furthermore, the card member obtains authentication information unique to each card member from the card issuing company. It is assumed that the Internet payment assistance device 1 stores the biometric information such as fingerprint information), card information (card number unique to each card member, expiration date), and OTP generation information (common key).

In the present embodiment, among the configurations of the Internet payment assistant 1 shown in Fig. 1B, the configuration excluding the display 11, the key operation unit 12 and the driving power source 19 is an IC such as a SIM. The function of the Internet payment assistant 1 is realized by inserting the IC card into an IC card slot (not shown) previously stored in the card and formed in the housing 10, but the Internet payment assistant must be provided with an IC card. If it is not necessary, and the IC card is not provided, the Internet payment assistant itself may have a CPU or a memory.

In addition, the Internet payment assistance device 1 of the present embodiment is used for payment using the cardholder's identification information, that is, for the Internet commerce using the card payment, but the cardholder only wants the Internet commerce, If a real face-to-face transaction by a credit card consisting of a magnetic card, an IC card, or the like is not desired, a credit card may not be issued.

In addition, when the credit card brand is also performing the business of the card issuing company, the Internet payment assistance device 1 may be distributed from the credit card brand.

The member terminal 2 is a terminal of a contractor, and a card member is a terminal for conducting Internet commerce using the Internet payment aid 1, and a terminal such as a personal computer or a mobile phone having at least a communication function and a browser display function. to be.

The merchant terminal 3 provides a virtual store (website) to the member terminal 2, accepts an order for a product or service, and requests the card issuer to verify the identity of the card member who placed the order. Authorization [credit of amount of goods or services ordered] to merchant management company [performs acquisition, contract, management of merchant based on license agreement with credit card brand] after identity verification It is a terminal that checks whether a credit line remains in the card member and, if credit lines remain, secures that amount for payment.

The affiliated store management company terminal 4 is a terminal for re-requesting the badgering request received from the affiliated store terminal 3 to the card issuing company.

The intermediary server 5 is responsible for intermediary role of the merchant terminal 3 and the authentication server 7 described later, that is, mediating the authentication service of the card member between the member terminal 2 and the merchant terminal 3. The server in charge.

In this embodiment, the mediation server 5 is a server operated by a credit card brand, and affiliated store identification information identifying an affiliated store corresponding to an internet commerce service using the internet payment assistant 1, and an internet payment assistant ( The card issuing company identification information identifying the card issuing company corresponding to the Internet commerce service using 1) is stored.

In addition, in the Internet payment system of the present embodiment, when internet commerce services that do not use the Internet payment aid 1 are mixed, the mediation server 5 may not be connected to the Internet commerce service using the Internet payment aid 1. It is necessary to store identification information of the corresponding affiliated store and the card issuing company separately from the affiliated store identification information and the card issuer identification information.

The card issuing company terminal 6 is a terminal that receives badger requests from the affiliated store management company terminal 4 and performs badgerization.

The authentication server 7 is a server which authenticates the cardholder's identity prior to badgerization when performing Internet commerce. In the present embodiment, the authentication server 7 is a server operated by the card issuing company, which is connected to the card issuing company terminal 6 and which is capable of conducting Internet commerce using the Internet payment aid 1. Card information (card number, expiration date) and OTP generation information (common key unique to the Internet payment assistance device 1) are stored in a state of being associated with each other. That is, card information and OTP generation information are associated with one card member and stored in the authentication server 7.

The information stored in the authentication server 7 is stored at or before or after the same time as the distribution of the Internet payment assistance device 1 to the cardholder.

In Fig. 2, the member terminal 2, the affiliated store terminal 3, the mediation server 5, and the authentication server 7 are connected to each other by a network 9a such as the Internet, and the affiliated store terminal 3, The affiliated store management company terminal 4 and the card issuing company terminal 6 are connected by a dedicated line 9b, respectively.

In addition, the card issuing company terminal 6 and the authentication server 7 are separately prepared for each card issuing company, and each is connected to the member terminal 2, the merchant management company terminal 4, and the intermediary server 5 with a network 9a. Is connected by a dedicated line 9b.

In addition, the affiliated store terminal 3 is also separately prepared for each affiliated store so that each can be connected to the member terminal 2, the mediation server 5, and the affiliated store management company terminal 4 by the network 9a and the dedicated line 9b. do.

Hereinafter, the flow of internet commerce using the internet payment assistance device 1 will be described based on the flowchart of FIG. 3 and the system configuration diagram of FIG. 2. The card member accesses the affiliated store terminal 3 which is a virtual store (Web site) from the member terminal 2 via the network 9a, and browses goods and services. When the product to be ordered and the desired service are determined, the member terminal 2 transmits to the affiliated store terminal 3 the desire for internet commerce by card payment with respect to the ordered product or the desired service.

The affiliated store terminal 3 displays the card information input screen 100 as shown in Fig. 4A on the member terminal 2, inputs the card number and the expiration date of the card to the member terminal 2, and sends it. Ask.

Thus, when the card member presses the start key 12b of the Internet payment aid 1, the authentication means 14 of the Internet payment aid 1 is activated and the Internet payment aid 1 is placed in a standby state for authentication. . Subsequently, the card member inputs input information (four-digit password in this embodiment) necessary for identity verification from the numeric key 12a. In addition, the four-digit password inputted here is set in advance by the card member at the time of card application, and is already stored in the authentication information storage part 15 in the Internet payment aid 1.

The authentication means 14 reads the authentication information stored in the authentication information storage unit 15 and checks whether or not it matches the input information input from the numeric key 12a. If both match, the authentication means 14 reads out the card number as the card information and the expiration date from the card information storage unit 13 and displays it on the display 11.

Then, when both the card number and the expiration date are displayed on the display 11, the authentication means 14 transmits to the OTP generating means 16 that the display is finished. As a result, the OTP generating means 16 enters the one-time password generation standby state described later.

Further, in the present embodiment, since the displayable digit of the display 11 is limited to eight digits, the authentication means 14 stores the card number read from the card information storage unit 13 into the upper eight digits and the lower eight digits. After the division process, the display 11 first displays the eight digits above the card number. The card member inputs eight digits above the card number in the card number input box 100a of the card information input screen 100 based on the display.

After entering the eight digits above the card number, the card member presses the start key 12b. The authentication means 14 receives the press detection of the start key 12b, and displays on the display 11 the eight digits below the card number. The card member inputs eight digits below the card number in the card number input box 100a of the card information input screen 100 based on the display.

After entering the eight digits below the card number, the card member presses the start key 12b. The authentication means 14 receives the press detection of the start key 12b, and displays the expiration date in four digits [MM (month) / YY (year)]. The card member inputs an expiration date into the expiration date input field 100b of the card information input screen 100 based on the display.

In addition, when there is room in the display area of the display and the number of displayable digits, the card number may be displayed on the display all at once, and both the card number and the expiration date may be displayed at once. On the contrary, in the case where the displayable digits of the display is less than eight digits, the authentication means 14 divides the card information read from the card information storage unit 13 in advance in accordance with the displayable digits, and starts the start key 12b. It is also possible to display card information sequentially divided by detecting the press of an arbitrary key.

As described above, since the Internet payment assistant 1 displays the card information on the display 11 only when the input information input matches the authentication information stored in the authentication information storage unit 15, the authentication information is displayed. If you do not know, even if the third party stealing the Internet payment aid (1) can not know the card information inside. Therefore, the security is higher than that of a conventional credit card to which card information is printed, and there is no fear that the card information may be misused for Internet commerce.

When the card member finishes inputting the card number and the expiration date (also not shown in the card information input screen 100 of FIG. 4, information such as the ordered product / service name, amount, order date, merchant name, and destination of the product is displayed. May be displayed in the same screen]. Click the send button 100c in the card information input screen 100. [0035] FIG. When the send button 100c is clicked, the card information input to the affiliated store terminal 3 side is transmitted (S10).

Merchant terminal that has received order information on the product / service name, price, order date, merchant name, shipping destination of the product, etc., and card information such as the card number and expiration date used for payment of the ordered product from the member terminal 2 (3), in addition to the received card information, the affiliated store identification information assigned to each affiliated store is transmitted to the intermediary server 5 connected through the network 9a, and the card member uses the Internet using the Internet payment aid 1; It is required to confirm whether the member can receive the commerce service (confirmation of whether the authentication is executed) (S20).

The mediation server 5 confirms whether or not the received affiliated store identification information matches the affiliated store identification information held (merchant authentication). If these information match, it is said that there was access to the mediation server 5 from the affiliated store terminal 3 of the affiliated store which participates in the internet commerce service using the internet payment aid 1. If it does not match, the access is from the merchant terminal 3 not participating in the Internet commerce service using the Internet payment assistance device 1, or because the access is illegal.

The mediation server 5 is a card issuing company in which the card number of the card member has been issued based on the card information of the card member received from the merchant terminal 3 participating in the Internet commerce service using the Internet payment aid 1. The card information, and transmits the card information to the authentication server 7 of the specified card issuing company, and confirms whether or not the card member is a member who can receive the Internet commerce service using the Internet payment aid 1 (authentication execution). Check whether or not (S30).

In the mediation server 5 of this embodiment, card issuing company identification information for identifying a card issuing company is stored, and the mediation server 5 searches for card issuing company identification information based on the received card information, and the card issuing company Specifies.

That is, the mediation server 5 of the present embodiment does not directly check whether the authentication is executed, but also performs authentication of the merchant and the card number of the card member of the card member is issued based on the card information received from the merchant terminal 3. It is responsible for specifying the issuing company, transmitting the card information to the authentication server 7 of the specified card issuing company, and transmitting the result of the authentication execution received from the authentication server 7 to the merchant terminal 3. Doing.

In addition, in this embodiment, the mediation server 5 is a server operated by the credit card brand, but this may be provided by the individual merchant terminals 3, in which case the authentication server directly from the merchant terminal 3. It is required to confirm whether or not authentication is performed in (7). In addition, affiliated store authentication may be performed in the authentication server 7.

The authentication server 7 checks whether or not the card information received from the intermediary server 5 is registered in the authentication server 7 so that the card member having the card information can use the Internet payment assistance device 1 for internet commerce. It is checked whether or not the card member can receive the service (confirmation of whether authentication is performed), and the result is returned to the intermediary server 5 (S40). In addition, the result of the authentication execution confirmation is " enabled " if the card information received from the intermediary server 5 is registered in the authentication server 7, and " impossible "

Then, the intermediary server 5 receiving the verification result of the authentication execution transmits the result to the affiliated store terminal 3 (S50).

If the card member's authentication is confirmed to be "enabled", the card member can receive the Internet commerce service using the Internet payment aid 1, so that the merchant terminal 3 is the person of the card member. The flow proceeds to a flow for making an authentication request (S60). Specifically, the affiliated store terminal 3 transmits the URL information of the authentication server 7 of the card issuing company which first confirmed whether the authentication was executed or not, with the result of the authentication execution to the member terminal 2.

On the basis of the received URL, the member terminal 2, which has received the authentication request from the affiliated store terminal 3, first accesses the same authentication server 7 that the mediation server 5 has accessed and makes an authentication request (S70). The flow of S70 is performed as a series of flows from S60, and can be realized by using a redirect function or the like that a personal computer used as the member terminal 2 or a browser of a mobile phone generally includes. This flow is automatically processed inside the member terminal 2 without being aware of it.

The authentication server 7 prompts the member terminal 2 to transmit the one-time password, and authenticates the card member based on the one-time password received from the member terminal 2 (S80).

Specifically, the authentication server 7 receives the card information and the order information from the member terminal 2 which has been accessed, and the card member having this card information has opened the intermediary server 5 from the merchant terminal 3 a while ago. Check whether the card member has been asked to confirm whether or not authentication has been performed. This confirmation leaves a log of whether or not the card information of the card member has been received from the intermediary server 5 before the predetermined predetermined time, and the card information of the card member received from the member terminal 2 is logged before the predetermined time. This is done by checking whether or not it matches the card information left in the.

In addition, the order information may be transmitted from the affiliated store terminal 3 to the authentication server 7 via the intermediary server 5 in the flow of S20, 30, not from the member terminal 2, and from the affiliated store terminal 3; When the URL information of the authentication server 7 is transmitted to the member terminal 2, it may be transmitted together to be transmitted to the authentication server 7 when the member terminal 2 accesses the authentication server 7.

The card member of the member terminal 2 accessed by the authentication server 7 and the card member which received the authentication request confirmation from the merchant terminal 3 are the same as well as the card information. The information may be received from both the member terminal 2 and the affiliated store terminal 3 (directly, the mediation server 5), and they may be used in combination.

When the authentication server 7 confirms that the card member has received access from the Internet payment assistant 1 of the card member who has been requested to confirm whether or not authentication has been performed, the authentication server 7 based on the received order information, FIG. A one time password input screen 101 as shown in b) is created and transmitted to the member terminal 2 which has been accessed.

On the one-time password input screen 101 of FIG. 4B, the name of the affiliated store that the card member is the partner of the Internet commerce, the amount of goods and services to be ordered, and the order date are displayed.

When the one-time password input screen 101 is displayed on the member terminal 2, the card member presses the start key 12b of the Internet payment aid 1. When the OTP generating means 16 of the Internet payment aiding apparatus 1 detects the press of the start key 12b, it moves from the one-time password generation standby state to the one-time password generation flow.

The OTP generating means 16 reads the common key stored in the OTP generating information storage unit 17, and the date and time data (date, month, month, second, etc.) of the date and time when the start key 12b timed by the time measuring means 18 is pressed. Is a one-time password by encrypting the unit by 30 seconds, and displays it on the display 11 as a decimal number. In addition, the encryption method of this embodiment employs a common key encryption method. In addition, since the displayable digit of the display 11 of this embodiment is eight digits, it is assumed that the display 11 displays six to eight digits above the generated one-time password.

The card member inputs the one-time password displayed on the display 11 of the Internet payment aid 1 in the password input field 101a of the one-time password input screen 101 displayed on the member terminal 2, and presses the send button 101b. When clicked, the one-time password entered is sent to the authentication server 7.

In addition, after the one-time password is inputted, the card member presses the start key 12b of the Internet payment aid 1 again so that the one-time password displayed on the display 11 of the Internet payment aid 1 is hidden. It is preferable from the viewpoint of security. At the same time, it is preferable to turn off the power supply from the viewpoint of energy saving.

The authentication server 7 which has received the one-time password from the member terminal 2 first checks that the member terminal 2 is a partner who first requested the transmission of the one-time password, or the identification number of the member terminal 2 or the like. Then, the member terminal 2 confirms whether or not it is a reply to the one-time password input screen 101 generated and transmitted individually.

After confirmation, the authentication server 7 withdraws the common key registered in association with this card number from the OTP generation information based on the card information of the card member received before requesting the one-time password transmission, and the authentication server The temporary data (the date, month, day, and seconds are in units of 30 seconds), which is composed of the date and time at which 7 receives the one-time password from the member terminal 2, is encrypted with this common key to generate a one-time password, which is converted to decimal. In addition, the encryption method of this embodiment employs a common key encryption method.

In this way, the authentication server 7 confirms whether the one-time password generated by the authentication server 7 and the one-time password received from the member terminal 2 match first. If this coincides, this one-time password is surely proved to be a one-time password created at about the same time by a common key stored only in the Internet payment aid 1 and the authentication server 7.

That is, the Internet payment assistance device 1 in which the operator of the member terminal 2 which has sent the one time password to the authentication server 7 stores the common key used for generating the one time password and card information related to the common key. The user of the card member who is an operator of and who can use the card information, thereby confirms the identity of the card member who has requested internet commerce.

In addition, when the one-time password generation method adopts the time synchronization method as in the present embodiment, the date and time used by the Internet payment assistant 1 for generating the one-time password and the authentication server 7 used for the one-time password generation are as follows. The date and time are not exactly the same, therefore, after the authentication server 7 generates the one-time password, the card member presses the start key 12b of the Internet payment aid 1, and the Internet payment aid 1 In consideration of the time difference until the one-time password is generated, the second resolution of the temporary data is set to 30 seconds in this embodiment.

However, unless the one-time passwords generated by the two parties coincide completely, the cardholder does not recognize the authenticity of the card member, and the card member presses the start key 12b of the Internet payment aid 1 to generate the one-time password. Then, when 30 seconds or more have elapsed while the authentication server 7 receives the one-time password from the member terminal 2, the situation that the one-time password becomes inconsistent and cannot be authenticated alone increases, Rather, the convenience of Internet commerce is impaired.

Therefore, even if the one-time password received from the member terminal 2 does not match, the authentication server 7 shifts the date and time when the one-time password was received from the member terminal 2 by N times x 30 seconds before and after the authentication server 7. When the one-time password is generated again on the) side and matches the one-time password generated on the member terminal 2 side, the identity of the card member is confirmed.

N is determined in advance in consideration of security accuracy. In other words, N is set to be small when the security precision is to be increased, and N is set to be large when the security precision is to be lowered to give priority to the convenience of the card member side.

The authentication server 7 transmits the authentication result of the card member by the one-time password matching to the member terminal 2 (S90). In addition, specifically, the authentication server 7 transmits URL information of the affiliated store terminal 3 to the member terminal 2 in addition to the authentication result, and authenticates to the affiliated store terminal 3 from the member terminal 2. Allow the results to be sent.

The member terminal 2 receiving the authentication result also transmits the corresponding authentication result (person authentication OK, personal authentication NG) to the affiliated store terminal 3 (S100). In addition, the flow of S100 is performed as a series of flows from S90 similarly to S70, and can be realized by the redirect function of the browser of the member terminal 2, and in practice, the card member is automatically aware of the inside of the member terminal 2 without being aware of it. The flow being processed.

The affiliated store terminal 3 receives the authentication result from the member terminal 2, and if the identity of the card member is confirmed (identification of the identity of the card member) as a result of the authentication, in order to request a badger of the card member to the merchant management company. In addition, the authentication result is transmitted to the affiliated store management company terminal 4 in addition to the transaction data consisting of the card information of the card member and the amount of payment desired (the amount of goods and services the card member is trying to order) (S110). . Further, the transaction data may have already been generated at the time when the order information and the card information are transmitted from the member terminal 2 in S10, and may be stored in the merchant terminal 3.

The merchant management company terminal 4 specifies a card issuer which is a card issuer (issuer) based on the card number of the card member of the identity verification OK based on the transaction data and the authentication result received from the merchant terminal 3, The transaction data and the authentication result are transmitted to the card issuing company terminal 6 of the specified card issuing company (S120).

The card issuing company terminal 6 that has received the transaction data and the authentication result has a settlement desired amount included in the transaction data based on the member information or credit information for each member stored in the member database not shown in the drawing. Check if the cardholder who has been requested to badger is within the credit line. If the desired amount of payment is within the range of the credit line, badger OK is used to secure the credit line for the desired amount of payment.

Then, the card issuing company terminal 6 transmits the result of the badger (badger OK, badger NG) to the affiliated store management company terminal 4 (S130), and the affiliated store management company terminal 4 is an affiliated store terminal ( 3) the badger transmission result is transmitted (S140).

Then, the affiliated store terminal 3 receives the badger result from the affiliated store management company terminal 4, and then notifies the member terminal 2 of the result (S150). Specifically, when the badger result is OK, a screen indicating that Internet commerce is established between the merchant and the card member by using the card number of the card member is transmitted to the member terminal 2, and the member terminal. (2) is indicated. When the badger result is NG, the screen indicating that Internet commerce has not been established is transmitted to the member terminal 2 and displayed.

In the present embodiment, the personal authentication using the one-time password in the authentication server 7 is performed whenever internet commerce is performed between the member terminal 2 and the affiliated store terminal 3. That is, since the one-time password generated by the OTP generating means 16 of the present embodiment is effective for one-time Internet commerce, even if a third person who does not have an Internet payment assistance device taps the one-time password, the third party can register the card member. Since it is impossible to carry out Internet commerce afterwards, the safety of internet commerce is further improved.

Example 2

Then, the card member who has distributed the Internet payment aid 1a (not shown) uses the card number of the card member from a personal computer or mobile phone having a communication function by using the Internet payment aid 1a. By the way, an embodiment in the case of performing Internet commerce will be described.

The difference between the first embodiment and the first embodiment is that the one-time password generation method of the OTP generation means 16 included in the Internet payment assistance device, the contents of the OTP generation information storage unit 17, and FIG. The contents of the authentication flows S80 and S90 between the member terminal 2 and the authentication server 7 (referred to as the authentication server 7a in this embodiment).

That is, in the first embodiment, the one-time password generation method is used as the time synchronization method, but the use number synchronization method is adopted in the present embodiment. As a result, in the Internet payment aiding apparatus 1a of the present embodiment, the time measuring means 18 described in FIG. 1 is changed to the counting means 18a (not shown).

Since the configurations other than the above-described differences and the flows other than S80 and S90 are the same as those shown in Figs. 1 to 3 with respect to the Internet payment assistants 1 and 1a and the authentication servers 7 and 7a, Hereinafter, the detailed flow of only the part of S80, S90 of FIG. 3 is demonstrated using FIGS.

The OTP generation information stored in the OTP generation information storage unit 17 of the present embodiment is composed of a common key unique to the Internet payment assistance device 1a and usage frequency information.

Among them, the common key is stored in the OTP generation information storage unit 17 in a non-rewritable state, and the card information storage unit is used in the authentication server 7a for verifying the one-time password generated by the OTP generation means 16. It is associated with the card number stored in (13).

The usage count information is associated with the card number stored in the card information storage unit 13 in the authentication server 7a similarly to the common key.

That is, these OTP generation information are stored in the authentication server 7a in association with the card number, and when the authentication server 7a receives the one-time password from the member terminal 2, authentication is performed like the member terminal 2. The server 7a also generates one-time passwords and checks whether they match, thereby validating the one-time passwords and authenticating card members.

The number of times of use is information that can be rewritten only when there is a rewrite instruction from the OTP generating means 16. The counting means 18a adds one by one, such as 0, 1 or 2 times. Alternatively, after subtracting one by one, such as 100 times, 99 times, and 98 times, the value after addition or subtraction is stored in the OTP generation information storage unit 17 to update the usage frequency information. In addition, whether to add or subtract is determined previously.

The counting means 18a may be included in the OTP generating means 16, or may be formed separately from the OTP generating means 16. In the latter case, the OTP generating means 16 selects the counting means 18a. It is necessary to control and rewrite the frequency information.

In S80 of FIG. 3, the authentication server 7a prompts the member terminal 2 to send the one time password and authenticates the card member based on the one time password received from the member terminal 2.

Specifically, the authentication server 7a receives the card information and the order information from the member terminal 2 which has been accessed, and the card member having this card information has opened the intermediary server 5 from the merchant terminal 3 a while ago. Check whether the card member is requested to verify the authentication. This confirmation leaves a log of whether or not the card information of the card member has been received from the intermediary server 5 before a predetermined time, and the card information of the card member received from the member terminal 2 is logged before the predetermined time. This is done by checking whether or not it matches the card information left in the.

In addition, the order information may be transmitted from the affiliated store terminal 3 to the authentication server 7a via the intermediary server 5 in the flow of S20, 30, not from the member terminal 2, and from the affiliated store terminal 3; When the URL information of the authentication server 7a is transmitted to the member terminal 2, it may be transmitted together and transmitted to the authentication server 7a when the member terminal 2 accesses the authentication server 7a.

In addition, the confirmation of whether the card member of the member terminal 2 accessed by the authentication server 7a and the card member which received the authentication execution confirmation request from the affiliated store terminal 3 are the same is not only a check of the card information but also an order. The information may be received from both the member terminal 2 and the affiliated store terminal 3 (directly, the mediation server 5), and they may be used in combination.

When the authentication server 7a confirms that the card member has received access from the Internet payment aid 1 of the card member who has been requested to confirm whether to perform authentication, the authentication server 7a based on the received order information, FIG. ), A one time password input screen 101 is created, and transmitted to the member terminal 2 which has access.

On the one-time password input screen 101 of FIG. 4B, the name of the affiliated store that the card member is the partner of the Internet commerce, the amount of goods and services to be ordered, and the order date are displayed.

When the one-time password input screen 101 is displayed on the member terminal 2, the card member presses the start key 12b of the Internet payment aid 1. When the OTP generating means 16 of the Internet payment aiding apparatus 1 detects pressing of the start key 12b, it shifts from the one-time password generation standby state to the one-time password generation flow.

The OTP generating means 16 reads the common key and the usage count information stored in the OTP generation information storage unit 17, encrypts the usage count information with the common key, generates a one-time password, and displays it as a decimal number. ).

In the present embodiment, the one-time password is generated using the number of times of information using a predetermined one-time password generation algorithm.

In addition, since the displayable digit of the display 11 of the present embodiment is eight digits, the display 11 displays six to eight digits above the generated one-time password.

The OTP generation information is arbitrary information that can be known only by the other Internet payment aid 1a and the authentication server 7a in addition to the use frequency information and the common key (for example, a policy, etc.). May be included, in which case, the usage count information and the corresponding arbitrary information may be encrypted with a common key to generate a one-time password.

After generating the one-time password, the OTP generating means 16 adds or subtracts the usage count information read first to the counting means 18a, and rewrites and updates the usage count information of the OTP generation information storage unit 17. .

The card member inputs the one-time password displayed on the display 11 of the Internet payment aid 1 in the password input field 101a of the one-time password input screen 101 displayed on the member terminal 2 and clicks the send button 101b. Then, the one-time password entered is transmitted to the authentication server 7a.

After the one-time password is input, the card member presses the start key 12b of the Internet payment aid 1 again to reset the one-time password displayed on the display 11 of the Internet payment aid 1. It is preferable to make it non-display from a security viewpoint. At the same time, it is preferable to turn off the power supply from the viewpoint of energy saving.

The authentication server 7a, which has received the one-time password from the member terminal 2, first checks that the member terminal 2 is a partner who first requested the transmission of the one-time password, or the like, such as an identification number of the member terminal 2 or the like. Then, the member terminal 2 confirms whether or not it is a reply to the one-time password input screen 101 generated and transmitted individually.

After confirmation, the authentication server 7a withdraws the common key and the number of usage information registered in association with this card number from the OTP generation information based on the card information of the card member received before requesting the one-time password transmission. We generate a one-time password by encrypting the usage count information with a common key and convert it to decimal.

In the present embodiment, the one-time password is generated using the usage count information using a predetermined one-time password generation algorithm. If arbitrary information is included in the OTP generation information, the arbitrary information is also encrypted with a common key in addition to the usage count information.

In this way, the authentication server 7a checks whether the one-time password generated by the authentication server 7a matches the one-time password received from the member terminal 2 first. If this coincides, it is proved that this one-time password is certainly a one-time password created by use frequency information and a common key stored only in the Internet payment aid 1 and the authentication server 7a.

That is, the operator of the member terminal 2 which has sent the one-time password to the authentication server 7a stores the number of times of use and the common key used for generating the one-time password, and card information related to the number of times of use and the common key. The identity of the card member who is the operator of the Internet payment aid 1 and who is the card member who can use the card information is requested by the Internet commerce.

The authentication server 7a transmits the card member's authentication result (personal authentication OK, identity verification NG) by the one-time password verification to the member terminal 2, and uses the predetermined number of times of information used for generating the one-time password beforehand. The calculation result is added or subtracted, and the result of the calculation is rewritten and updated as information on the number of times of use in the authentication server 7a (S90).

In addition, when the one-time password generation method adopts the use frequency synchronization method as in the present embodiment, even if the operator of the member terminal 2 and the Internet payment assistance device 1a is a legitimate card member, the Internet payment assistance device 1a The number of times of information used for generating a one-time password and the number of times of information used by the authentication server 7a for generating a one-time password are different, and the one-time password may not match.

Even if the card member generates a one-time password in the Internet payment aid 1a, there is no guarantee that it will be sent to the authentication server 7a, and if the card member interrupts the internet commerce on the way, or does not perform the internet commerce in the first place. Even if it does not, the one-time password may be generated in vain by operating the Internet payment aid 1a. In such a case, the usage count information of the authentication server 7a is not updated even though the usage count information of the Internet payment assistance device 1a is updated, and the one-time password generated naturally becomes different.

However, if the one-time passwords generated by both parties do not coincide completely, the fact that the authenticity of the cardholder is not recognized will increase the authentication NG, which would rather impair the convenience of internet commerce.

Therefore, the authentication server 7a stores the usage count information stored in the authentication server 7a in a predetermined range (for example, usage count information + N) even when the one-time password received from the member terminal 2 does not match. When the password is changed, the one-time password is corrected and generated on the authentication server 7a side, and it matches with the one-time password generated on the member terminal 2 side.

N is determined in advance in consideration of security accuracy. In other words, N is set to be small when the security precision is to be increased, and N is set to be large when the security precision is to be lowered to give priority to the convenience of the card member side.

As described above, when the Internet commerce is performed using the Internet payment aid of the present invention, when the card information is input to the card information input screen, the input information input to the Internet payment aid is stored in the authentication information stored in the Internet payment aid. If they do not match, the card information cannot be known even by the card member itself. Therefore, unlike the conventional credit card to which the card information is exposed, the confidentiality of the card information is increased, and the illegal use of the card information in internet commerce is prevented.

In addition, since the Internet payment assistance device is portable, even when a card member is located, it is possible to conduct secure internet commerce using a mobile phone, a personal computer at home, or a personal computer at a business destination, thereby increasing convenience of internet commerce.

In addition, identity verification of a card member when internet commerce is performed is performed by whether or not the one-time password generated by the Internet payment assistance device and the one-time password generated by the authentication server match.

This one-time password is unique to the Internet payment assistant and is stored only on the Internet payment assistant and the authentication server, and is also a temporary data or one-time data that consists of a date and time when a predetermined key press is detected using a common key that even the card member cannot know. The number of usage information that is updated each time a password is generated is encrypted.

In the end, since authentication information can be created only by the card member operating the Internet payment aid, a third party who does not possess the Internet payment aid cannot act as a card member to perform internet commerce. It is further improved.

In addition, since the one-time password is not generated unless the card information is displayed on the Internet payment aid, a third-party who does not have the Internet payment aid cannot generate the one-time password even if only the card number is known. . In addition, even if a third party steals the Internet payment aid, one-time password cannot be generated without authentication information input to the Internet payment aid. In other words, regardless of whether or not a third party obtains an internet payment assistance device, the third party cannot perform internet commerce as a card member, thereby ensuring the safety of the internet commerce.

The method for generating a one-time password is not limited to the time synchronization method of the above embodiment, and may be a method capable of authenticating a card member who owns the Internet payment assistant device between the Internet payment assistant device and the authentication server.

In addition, since the Internet payment assistant adopts a net connectionless configuration, once the card information, authentication information, and OTP generation information stored in the Internet payment assistant cannot be read by unauthorized access, the Internet payment assistant is distributed. Even the cardholder who received it cannot read it.

For example, if the Internet payment assistant is accessible to a terminal such as a personal computer or a mobile phone, if any failure occurs while connecting the Internet payment assistant and the terminal, is the cause of the failure on the Internet payment assistant? Responsibility decomposition point whether it exists in the terminal side becomes unclear. Therefore, the Internet payment assistance device employing the net connectionless configuration is effective even in the sense that the point of responsibility breakdown becomes clear.

Here, Fig. 6 shows a system configuration and flow of pre-registration when a card member who does not have an internet payment assistance apparatus performs internet commerce with the internet payment system of the present embodiment.

The cardholder accesses the WEB site for cardholders operated by the card company (credit card brand or card issuer) from the member PC, and enters the member information (date of birth, phone number, account number, etc.) that only the cardholder knows. To the WEB site (in Fig. 6, (1)).

The web site of the card company which has received the member information accesses the card system of the card company in which the member information is registered, and requests the card system to compare the received member information with the member information registered in the period system. 6, (2)]. The period system returns the collation result to the WEB site (Fig. 6, (3)).

If the result of the check is OK, the identity of the card member is confirmed, and the registration of the password is requested to the member PC from the WEB site. The member PC transmits the password to the WEB site (Fig. 6 (4)).

The WEB site receiving the password from the member PC registers the password in the card company's authentication server 7 (in Fig. 6 (5)).

The password registered here is a fixed password, not a one-time password as generated by the Internet payment aid. In other words, when a card member who does not have an internet payment assistant makes an Internet payment on the Internet payment system, the card member authentication method is only a fixed password method. When the card number and the fixed password are known to a third party, After that, it becomes possible for a third party to make an Internet payment by pretending to be a card member.

In addition, a card member who does not have an Internet payment assistance apparatus must access the card company's WEB site to register a password, and perform a password registration operation after authenticating himself, which is a great burden on the card member side.

In addition, not only card members but also card companies need to establish a web site for registering passwords with card members and to establish a period system for authenticating card members.

In addition, the Internet payment assisting device is configured such that the card number is not normally displayed without the card number being exposed and only the card member can be known or the authentication information only the card member is input. Since the password used for authenticating the card member is a one-time password rather than a fixed password, it is very difficult for a third party to act as a card member to conduct internet commerce.

As mentioned above, although the Example of the Internet payment assistance apparatus 1 was demonstrated, the Internet payment assistance apparatus of this invention is not limited to the Internet payment assistance apparatus 1 provided with all the structure requirements demonstrated in the said Example, Various changes and modifications are possible, and the Internet payment assistance apparatus of the present invention can be constituted by arbitrarily combining the configuration requirements necessary for realizing the respective objects. It goes without saying that such changes and modifications fall within the scope of the claims of the present invention.

For example, although the embodiment has described Internet payment using a credit card number, an embodiment using a card such as a debit card in addition to a credit card is also provided if the card can make internet payment at least by the card number. Belongs to the scope of the claims.

In addition, although the present embodiment is used for internet commerce using card payment, the card member only wishes to internet commerce, and does not wish to face-to-face transaction with a credit card made of a conventional plastic type magnetic card or IC card. Otherwise, it is not necessary to accept the issuance of a credit card, and the owner of the Internet payment aid of the present invention does not necessarily have to have a conventional plastic type credit card.

For example, in the embodiment, the card information of one card member having one type of card information is stored in the card information storage unit 13 of one Internet payment aid 1, and the authentication information storage unit 15 is stored. Although the case where one type of authentication information is stored in the above has been described, a plurality of card numbers may be stored in the card information storage unit 13. In this case, the authentication information may be common authentication information for displaying a plurality of card numbers, the card number and the authentication information correspond to each other, and the card numbers displayed on the display 11 are different according to the input authentication information. You may be.

In addition, when a plurality of persons use the same or a plurality of card numbers, such as a family card, different authentication information for each person may be stored in the authentication information storage unit 15, or common authentication information may be stored. .

In the above embodiment, although the card information and the OTP generation information are described in the Internet payment assistants 1 and 1a and the authentication server 7 and 7a, respectively, they are related to each other. Even if the information and the OTP generation information are related directly or indirectly, it is assumed that the information is included in the scope of the claims.

Specifically, the card information input from the member terminal 2 in S10 of FIG. 3 passes through the affiliated store terminal 3 and the mediation server 5 in S20 and 30, and finally, the authentication server 7 and 7a. However, the authentication server 7, 7a converts the card number among the received card information into a unique number different from the corresponding card number, and passes through the intermediary server 5 to the affiliate store. It transmits to the terminal 3 (in S40, 50).

This unique number is transmitted from the affiliated store terminal 2 to the member terminal 2 and transmitted to the authentication servers 7 and 7a via the member terminal 2 (in S60 and 70).

The authentication server (7, 7a) receiving the unique number converts the unique number to the card number according to the conversion rule opposite to the first conversion of the card number to the unique number, and relates to the converted card number. OTP generated information is used to generate a one-time password.

In this way, the card number does not flow on the network 9a except that the card number is transmitted in S10, S20, and S30 by associating the card number with the unique number other than the card number and the OTP generation information. The likelihood of eavesdropping is significantly lowered, contributing to improved security.

In the above embodiment, the member terminal 2 transmits the card information to the affiliated store terminal 3, and the authentication servers 7 and 7a perform the card in S80 of FIG. 2 based on a request from the affiliated store terminal 3. Although the case where the member authenticates himself is demonstrated, this invention is not necessarily limited to this.

For example, the previous member terminal 2 accesses the authentication servers 7 and 7a, and the authentication servers 7 and 7a transmit the authentication information input screen dedicated to the card member to the member terminal 2, The card member is authenticated between the member terminal 2 and the authentication servers 7 and 7a on the basis of the card information and the one-time password entered on the authentication input screen. For example, the member terminal 2 may be able to access the web site of the affiliated store terminal 3 and conduct internet commerce within a predetermined time, a predetermined number of times, a predetermined affiliated store, and the like.

In other words, the Internet payment aiding apparatus of the present invention is used for the cardholder's identity authentication between the member terminal 2 and the authentication servers 7 and 7a of the card company side, and after authentication, it is actually carried out in the merchant's website or the like. It is based on being able to do this, and does not necessarily presuppose the identity authentication request from the merchant terminal 2 at all.

Each means and database in the present invention are merely logically distinct in their functions, and may be in the same physical or virtual area. It goes without saying that the data file may be used instead of the database, and the description of the database also includes the data file.

In the above embodiment, the terminal or the server on the Internet payment system is a credit card brand (provider of the Internet commerce service), a card issuing company (card issuance, card issuance subject to the card member), the merchant management company (the acquisition of the merchant) Although the purpose of each of the contracts and management is to be operated by each of the affiliated stores, they are all distinct in concept and role. In some cases, the card issuer and the affiliated store management company may be the same. In some cases, the credit card brand, card issuer, and merchant management company may be the same.

Therefore, for example, in the present specification, the Internet payment aids 1 and 1a are not limited to those distributed from the card issuing company. In addition, the provider of the Internet payment system does not necessarily have to be a credit card brand. The card issuing company terminal 6, the authentication servers 7 and 7a, and the affiliated store management company terminal 4 may be the same. In addition, the intermediate server 5 may be the same as any of other terminals and servers.

Further, in carrying out the present invention, it is also realized by supplying a storage medium on which a program of software for realizing the functions of the present embodiment to a system, and the computer of the system reading out and executing the program stored in the storage medium.

In this case, the program itself read from the storage medium realizes the functions of the above embodiments, and the storage medium storing the program constitutes the present invention.

As a storage medium for supplying a program, for example, a magnetic disk, a hard disk, an optical disk, a magneto-optical disk, a magnetic tape, a nonvolatile memory card, or the like can be used.

In addition, by executing the program read by the computer, not only the functions of the above-described embodiments are realized, but also the operating system or the like running on the computer based on the instruction of the program performs part or all of the actual processing, and the processing. By the way, the function of the above embodiment is also included in the present invention.

Further, after the program read from the storage medium is recorded in the nonvolatile or volatile storage means included in the function expansion board inserted into the computer or the function expansion unit connected to the computer, the function expansion board or The present invention also includes a case where an arithmetic processing unit or the like provided in the function expansion unit performs part or all of the actual processing, and the above-described functions are realized by the processing.

Claims (15)

An internet payment assisting device, a contractor terminal used by a contractor of a credit card, a plurality of authentication servers performing identity verification of the contractor, a merchant terminal used by a merchant of the credit card, and between the merchant terminal and the authentication server An internet payment system that uses an intermediary server to broker The Internet payment assistant is a portable Internet payment assistant having a display, a driving power supply and a card slot, and no CPU and memory for authentication processing. The card slot can be detachable IC card having a CPU and a memory, The memory of the IC card, A card information storage unit previously stored in a state in which card information including at least identification information of the contractor of the credit card cannot be read from the outside; An authentication information storage unit previously stored in a state in which authentication information, which is a password for performing authentication of the contractor or biometric information indicating biometric characteristics of the contractor, cannot be read from the outside; An OTP generation information storage unit pre-stored in a state in which OTP generation information related to the card information and unique to the contractor cannot be read from outside, CPU of said IC card, By comparing the input information input from the Internet payment assistant device with the authentication information stored in the authentication information storage unit of the memory of the IC card, the user authentication of whether the operator of the Internet payment assistant device is the contractor is performed and identity verification is performed. Authentication means for reading the identification information from the card information storage unit of the memory of the IC card and displaying the identification information on a display of the Internet payment assistance device; OTP generation means for generating a one-time password using the OTP generation information after the identification information is displayed on the display of the Internet payment aid device, In the Internet payment system, The authentication means of the IC card inserted into the Internet payment assistance device, The user information is authenticated by comparing the input information input to the Internet payment assistance device with the authentication information stored in the authentication information storage unit, and when the identity is confirmed, the contractor identification stored in the card information storage unit. Read the information and display it on the display, The merchant terminal, Receive at least the identification information displayed on the display of the Internet payment aid device from the contractor terminal received from the contractor, and transmits the order information of the contractor and merchant identification information identifying the identification information and the affiliated store to the intermediary server. , The mediation server, Check whether the merchant identification information received from the affiliated store terminal matches the merchant identification information previously held by the intermediary server, and if it matches, use the identification information received together with the merchant identification information to pay the credit card. Specifying an authentication server for performing authentication of the server, transmitting the identification information to the specified authentication server, The authentication server, By checking whether the received identification information is registered in advance in the authentication server, the contractor authenticates whether or not the contractor is a contractor who can receive an internet commerce service using the internet payment assistance device, and the authentication result is relayed. Transmitting to the affiliated store terminal through a server, The merchant terminal, If the authentication result is valid, the authentication result and information indicating an access destination to the authentication server are transmitted to the contractor terminal. OTP generating means of the IC card inserted into the Internet payment aid device, The one-time password is generated and displayed on the display by encrypting the temporary data or the number of times of use information at a predetermined timing with the OTP generation information. The authentication server, The contractor receives access from the contractor terminal by using the information indicating the access destination to the authentication server received from the affiliated store terminal, receives the one-time password and the identification information displayed on the display of the Internet payment assistance device from the contractor. By receiving from the terminal and specifying OTP generation information corresponding to the received identification information, the contractor's identity is authenticated using the received one-time password and the specified OTP generation information, and the authentication result by the one-time password. And information indicating the access destination to the affiliated store terminal, to the contractor terminal, The merchant terminal, Receive access from the contractor terminal by the information indicating the access destination to the affiliated store terminal received from the authentication server, and receive the authentication result by the one-time password received by the contractor terminal from the authentication server from the contractor terminal And transmitting the transaction data including the contractor's identification information and the authentication result by the one-time password to the affiliated store management company terminal used by the merchant management company when the authentication result by the one-time password is justified. The badger indicating that a crediting request for the credit card settlement is sent to the card issuing terminal used by the card issuing company via the company terminal, and that a credit range for the amount of money in the order information is secured for settlement Demands As a result the Internet payment system characterized in that it receives through the merchant terminal management company from the card issuer terminal. delete delete delete delete delete delete delete delete delete delete delete delete delete delete

Images