TW201113070A - Management system, game device, management device and program - Google Patents

Management system, game device, management device and program Download PDF

Info

Publication number
TW201113070A
TW201113070A TW099125602A TW99125602A TW201113070A TW 201113070 A TW201113070 A TW 201113070A TW 099125602 A TW099125602 A TW 099125602A TW 99125602 A TW99125602 A TW 99125602A TW 201113070 A TW201113070 A TW 201113070A
Authority
TW
Taiwan
Prior art keywords
unit
identification information
management
information
authentication
Prior art date
Application number
TW099125602A
Other languages
Chinese (zh)
Inventor
Nobuhiro Goto
Hirokatsu Yamaguchi
Yusuke Kobayashi
Original Assignee
Konami Digital Entertainment
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Konami Digital Entertainment filed Critical Konami Digital Entertainment
Publication of TW201113070A publication Critical patent/TW201113070A/en

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Slot Machines And Peripheral Devices (AREA)
  • Pinball Game Machines (AREA)

Abstract

The object of the invention is to simultaneously establish a simple procedure and the needed structure for guaranteeing security of token management and certification. The solution of the invention is that a management device (30) includes: a first certification part (321) for acquiring a first certification result using identification information (U ID_IN) and organism information (B ID_IN); and a management part (324) for using the identification information (U ID_IN) as certified Information (A) and storing in the management memory part (342) when the certification is affirmed. A game device (26) includes: a storage part (542) for memorizing the number of used tokens (C B); a receiving part (560) for receiving input of the identification information (U ID_IN); a notification part (62) for notifying the management part (324) to confirm whether the certified Information (A) that contains the identification information (U ID_IN) is memorized in the management memory part (342); and a permission part (64) for allowing of token transfer between the number of possessed tokens (C A) of a memory device (14) and the number of used tokens (C B) of the storage part (542) when the notification result is affirmed.

Description

201113070 六、發明說明: 【發明所屬之技術領域】 本發明係關於管理在遊戲裝置中使用之代額的技術。 • 【先前技術】 從先前提案有使將利用者保有之代額的總數(保有代 額數)與利用者的識別資訊建立對應並加以記憶之資料庫 ,利用於遊戲裝置之代額的管理之技術。例如,於專利文 獻1係揭示有從利用者的1C卡將識別資訊傳送至遊戲裝 置,對應此識別資訊而使記憶於資料庫之保有代額數’因 應來自利用者的指示而增減的技術。 [先前技術文獻] [專利文獻] [專利文獻1]日本特開2008-295 1 3號公報 【發明內容】 [發明所欲解決之課題] 但是,以專利文獻1的技術爲基礎的話,因爲利用將 識別資訊傳送至遊戲裝置而允許保有代額數的增減’故有 難以充分確保代額管理的安全性之問題。例如’如果撿到 他人的1C卡之第三者使遊戲裝置讀取1C卡的識別資訊的 話,可利用正規利用者的保有代額數來執行遊戲。 雖然也想定在遊戲的執行時實施利用生物體資訊之認 201113070 證的構造,但是,必須於多數遊戲裝置個別設置取得生物 體資訊之機器(例如,指紋感測器或靜脈感測器),故由 費用的觀點來說並不實際。又,每於代額的增減(存入或 提領),必須進行用以生物體認證之繁雜的作業(例如, 將手舉至靜脈感測器的動作),故也有會損及利用者的便 利性之問題。考慮以上狀況,目的係實現使代額管理之安 全性的確保與認證所需之構造及手續的簡潔化之兩立。 [用以解決課題之手段] 以下說明爲了解決以上課題,本發明採用之手段。再 者,爲了容易理解本發明,以下爲了方便將圖面之參照符 號以括弧附記,但是,並不爲將本發明限定於圖示之形態 的趣旨。 本發明的管理系統(100),係包含管理裝置(30) 與複數遊戲裝置(26),其特徵爲:管理裝置(30)係具 備:受理部(3 62 ),係受理第1識別資訊(U ID_IN) ;產生部(364 ),係產生表示利用者之生物體特徵的生 物體資訊(B I D_IN );第1認證部(3 21 ),係取得利 用第1識別資訊(U ID_IN )與生物體資訊(B ID_IN ) 之第1認證的結果;及管理部(3 24 ),係在第1認證的 結果是肯定時,將第1識別資訊(U ID_IN )作爲已認證 資訊(A )而記憶於管理記億部(342 );複數遊戲裝置 (26 )係個別具備:貯留部(542 ),係記憶因爲在該當 遊戲裝置(26 )之代額的消費或獲得而增減之第1代額數 -6- 201113070 (C B );終端側受理部(5 6 〇 ) ’係受理第1確認用識 別資訊(U I Ε> _ IΝ ) •’照會部(6 2 ),係照會管理部( 3 2 4 ),確g忍一致於第1確認用識別資訊(^〗D —丨Ν )之 第1識別資訊(U ID_IN )是否作爲已認證資訊(A )而 B己憶於管理§5彳思部(3 4 2 );及允許部(6 4 ),係在照會 的結果疋:同定時’允許記憶於貯留部(5 4 2 )之第1代額 數(C B )和與第丨識別資訊(U ID )建立對應而記憶 於記億裝置(14)之第2代額數(c A)之從一方對於另 一方的代額之轉移。 於以上構造中’因應遊戲裝置(2 6 )的終端側受理部 (5 60 )所受理之第1確認用識別資訊(u ID_IN)是否 作爲已認證資訊(A )而記憶於管理裝置(3 〇 )的管理記 憶部(3 4 2 ) ’決定代額轉移的可否。所以,不需在遊戲 裝置(26 )實施利用生物體資訊(b ID_IN )之第1認證 。另一方面’對於允許在遊戲裝置(26)之代額轉移來說 (對於爲了將識別資訊(U ID_IN )作爲已認證資訊(a )而記憶於管理記憶部(3 4 2 )來說),因爲需要在管理 裝置(3 0 )之第1認證(生物體認證),故可確保代額管 理的安全性。亦即’可使代額管理之安全性的確保與認證 所需之構造及手續的簡潔化兩立。 所謂「代額」係代表在遊戲中使用(消費或賦予)之 價値的數量(虛擬貨幣),典型上來說,具有相當於遊藝 媒體之父換價値的數値(遊藝價値)。例如,藉由遊藝媒 體的投入或在遊戲中之事件的獲得而代額增加,藉由在遊 201113070 戲的開始時之消費或遊藝媒體的支付又或在遊戲中之事件 的使用而代額減少。所謂「遊藝媒體」係包括關於遊戲而 具有價値之所有要素的槪念。具體來說,利用者爲了參加 遊戲所需之媒體及作爲因應遊戲結果的優惠而賦予利用者 之媒體則相當於遊藝媒體。例如,代幣(硬幣)或鑄碼( 代用硬幣(token coin))或硬幣或票券等的有形物該當 於遊藝媒體。 受理部(3 62 )係包含取得第1識別資訊(U ID_IN )的所有手段。例如,從電性或磁性記錄第1識別資訊( U ID_IN )之記錄媒體,讀取第1識別資訊(U ID_IN ) 的讀取器、光學讀取被印刷於讀取面之第1識別資訊( U ID_IN )的讀取器、利用者進行操作而輸入第1識別資 訊(U ID_IN)的輸入機器都包含於受理部(362 )的槪 念。又,取得第1認證之結果的第1認證部(321 ),係 包含取得在外部執行之第I認證的結果之手段,與自身執 行第1認證而取得結果之手段雙方之槪念。 於「第2代額數(C A)與第1代額數(C B)之從 —方對於另一方之代額的轉移」係包含從第1代額數( C B)對於第2代額數(C A)之單方向的代額之轉移( 存入)、從第2代額數(CA)對於第1代額數(CB) 之單方向的代額之轉移(提領)、第1代額數(C B)與 第2代額數(C A)之間雙方向的代額之轉移的3種類樣 態》所以,允許部(64 )僅允許單方向之代額的轉移之構 造也包含於本發明的範圍。又,被轉移之代額係第1代額 -8- 201113070 數(C B)或第2代額數(C A)的全部亦可,一部份亦 可。 於本發明的適切樣態中,管理裝置(3 〇 )係具備:取 得部(3 66 ),係取得第2識別資訊(P ID_IN,R ID ) ;及第2認證部(3 22 ),係取得利用第2識別資訊( P ID_IN,R ID)之第2認證的結果;管理部(324), 係在第1認證及第2認證雙方的結果是肯定時,將第丨識 別資訊(U ID_IN )作爲已認證資訊(a )而記憶於管理 記憶部(342 );複數遊戲裝置(26 )係個別具備:終端 側取得部(562 ),係取得第2確認用識別資訊( P ID_IN,R ID );及終端側認證部(524 ),係取得利 用第2確認用識別資訊(p ID_IN,R ID )之終端側認證 的結果;照會部(6 2 ),係在終端側認證的結果是肯定時 ’照會管理部(3 2 4 ),確認一致於第1確認用識別資訊 (U ID_IN )之第1識別資訊(U ID_IN )是否作爲已認 證資訊(A )而記憶於管理記憶部(3 24 )。於以上樣態 中’因爲在第1認證及第2認證雙方的結果是肯定時,第 1識別資訊( U ID_IN)作爲已認證資訊(A)而記憶於管理記憶部( 3 42 ),故相較於僅第1認證被肯定時會記億第1識別資 訊(U ID_IN)的構造,可提升在管理裝置(3〇)之認證 的確實性。 第2識別資訊(P ID_IN,R ID )的典型例係從利用 者直接受理之識別資訊(例如,適用於遊戲裝置(26 )之 -9- 201113070 存檔資料的識別所利用之遊戲卡的識別資訊(P ID _ IN ) )及對應從利用者受理之識別資訊(p id_in )而被管理 之識別資訊(R ID )。亦即,本發明的「取得部」係除 了從利用者受理第2識別資訊(P ID_IN )的受理部( 3 66 )之外,也包含取得從利用者受理之識別資訊( P ID_IN )所對應之第2識別資訊(R ID )的要素(例如 ,從管理兩者的對應之伺服器裝置取得第2識別資訊( R ID )的要素)之槪念。「受理第2識別資訊(P ID_IN ,R ID )的受理部(3 66 )」係包含受理第2識別資訊( P ID_IN,R ID )之所有手段的槪念,例如,除了直接輸 入第2識別資訊(P ID_IN,R ID )的要素(例如輸入機 器或讀取器)之外,也包含使利用者選擇事先登記之第2 識別資訊(P ID_IN,R ID )的有效/無效之槪念。「終 端側取得部」也相同,除了從利用者受理第2確認用識別 資訊(P ID_IN )的受理部(562 )之外,包含取得從利 用者受理之識別資訊(P ID_IN )所對應之第2確認用識 別資訊(R ID )的要素(例如,從管理兩者的對應之伺 服器裝置取得第2確認用識別資訊(P ID )的要素)之 槪念。 又,因爲在利用遊戲裝置(26 )的終端側取得部( 5 62 )取得之第2確認用識別資訊(P ID_IN,R ID )的 終端側認證的結果是肯定時,則執行照會部(62 )所致之 照會,故相較於無關於第2確認用識別資訊(P ID_IN, R ID )的適合與否(終端側認證的結果),皆執行照會 -10- 201113070 部(62 )所致之照會的構造,有可減輕管理部(324 )之 處理的負荷之優點。進而於適切樣態中’複數遊戲裝置( 2 6 ),係個別具備:密碼受理部(5 64 ),係受理密碼( P WD_IN )的輸入;終端側認證部(5 2 4 ),係取得利用 第2確認用識別資訊(P ID_IN ’ R ID )與密碼( P WD_IN )之終端側認證的結果。依據以上樣態,因爲 終端側認證需要密碼(P WD_IN ),故有可防止得知第2 確認用識別資訊(P ID_IN,R ID )之第三者(例如,撿 到記錄第2確認用識別資訊(P ID_IN,R ID )之記錄媒 體者)所致之代額的轉移之優點。密碼(P WD_IN )係 例如文字或數字的排列。 再者,第2認證部(322 )係與第1認證部(321 )相 同,包含取得在外部執行之第1認證的結果之手段,與自 身執行第1認證而取得結果之手段雙方。關於終端側認證 部(524 )也與第1認證部(321 )及第2認證部(322) 相同,不問執行終端側認證之主體是終端側認證部(524 )或其他要素。 關於本發明之其他樣態的管理系統(1 0 1 ),係包含 管理裝置(30)與複數遊戲裝置(26),其特徵爲:管理 裝置(3 0 )係具備:受理部(3 62 ),係受理第1識別資 訊(UID_IN);產生部( 3 64 ),係產生表示利用者之 生物體特徵的生物體資訊(B ID_IN ):第1認證部( 321 ) ’係取得利用第1識別資訊(u ID_IN )與生物體 資訊(B ID_IN )之第1認證的結果;取得部(72 ),係 -11 - 201113070 取得第3識別資訊(X ID );通知部(74 ),係將第3 識別資訊(X ID )通知給利用者;及管理部(3 24 ),係 在第1認證的結果是肯定時,將第3識別資訊(χ id ) 作爲已認證資訊(A )而記憶於管理記憶部(342 );複 數遊戲裝置(26 )係個別具備:貯留部(542 ),係記憶 因爲在該當遊戲裝置(26)之代額的消費或獲得而增減之 第1代額數(C B );終端側受理部(5 60 ),係受理第1 確認用識別資訊(X ID_IN );照會部(62 ),係照會管 理部(3 24 ),確認一致於第1確認用識別資訊( X ID_IN )之第3識別資訊(X ID )是否作爲已認證資訊 (A )而記憶於管理記憶部(3 42 ):及允許部(64 ), 係在照會的結果是肯定時,允許記憶於貯留部(542 )之 第1代額數(C B )和與第1識別資訊(U ID )建立對 應而記億於記憶裝置(1 4 )之第2代額數(C a)之從— 方對於另一方的代額之轉移。再者,各用語的意義係如上 所述。 於以上構造中,因應遊戲裝置(2 6 )的終端側受理部 (5 60 )所受理之第1確認用識別資訊(χ iD_IN)是否 作爲已認證資訊(A )而記憶於管理裝置(3 0 )的管理記 憶部(3 42 ),決定代額轉移的可否。所以,不需在遊戲 裝置(26 )實施利用生物體資訊(B ID_IN )之第1認證 。另一方面,對於允許在遊戲裝置(26)之代額轉移來說 (對於爲了將第3識別資訊(X ID )作爲已認證資訊(a )而記憶於管理記憶部(342)來說),因爲需要在管理 -12- 201113070 裝置(3 0 )之第1認證(生物體認證),故可確保代額管 理的安全性。亦即,可使代額管理之安全性的確保與認證 所需之構造及手續的簡潔化兩立。 於關於本發明之管理系統(1 〇 〇,1 〇 1 )的適切樣態中 ,管理裝置置(3 0 ),係具備:密碼受理部(3 6 8 ),係 受理密碼(P WD_IN)的輸入;第2認證部(3 22 ),係 取得利用第2識別資訊(p ID_IN,R ID )與密碼( P WD_IN )之第2認證的結果。於以上樣態中,因爲在 管理裝置(30 )的第2認證需要密碼(P WD_IN ),故 相較於僅將第2識別資訊(P ID_IN,R ID )利用於第2 認證的構造,可提升認證的確實性。 於本發明的適切樣態中,管理部(3 24 ),係以所定 條件的成立作爲契機,將管理記憶部(3 4 2 )的已認證資 訊(A )設爲無效。於以上樣態中,因爲以所定條件的成 立作爲契機而已認證資訊(A )成爲無效,故相較於已認 證資訊(A )涵蓋長期間被維持爲有效的構造,可提升代 額管理的安全性。例如,如果因所定條件成立而已認證資201113070 VI. Description of the Invention: TECHNICAL FIELD OF THE INVENTION The present invention relates to a technique for managing a proxy used in a game device. • [Previous technique] A technique for the management of the amount of the game device by using a database that matches and memorizes the total number of shares held by the user (the number of retained shares) and the user's identification information. . For example, Patent Document 1 discloses a technique in which identification information is transmitted from a user's 1C card to a game device, and the number of retained credits stored in the database is increased or decreased in response to an instruction from the user in response to the identification information. [PRIOR ART DOCUMENT] [Patent Document 1] [Patent Document 1] Japanese Laid-Open Patent Publication No. 2008-295 No. 3 (Concerned) [Problems to be Solved by the Invention] However, based on the technique of Patent Document 1, The transmission of the identification information to the game device allows the increase or decrease of the number of shares to be maintained. Therefore, it is difficult to sufficiently ensure the security of the code management. For example, if the third party of the 1C card of another person causes the game device to read the identification information of the 1C card, the game can be executed using the retained number of the regular user. Although it is also intended to implement the structure of the 201113070 certificate using the biometric information at the time of execution of the game, it is necessary to separately set up a machine for acquiring biometric information (for example, a fingerprint sensor or a vein sensor) in most game devices. It is not practical from the point of view of cost. In addition, every increase or decrease in the amount of money (storing or withdrawal) requires complicated work for biometric authentication (for example, the action of lifting the hand to the vein sensor), so it may damage the user. The issue of convenience. In view of the above situation, the objective is to achieve the simplification of the structure and procedures required for ensuring the security of the micro-management management and certification. [Means for Solving the Problem] The following describes the means adopted by the present invention in order to solve the above problems. In the following, in order to facilitate the understanding of the present invention, the reference numerals of the drawings are attached to the parentheses in the following, but the present invention is not limited to the illustrated embodiments. The management system (100) of the present invention includes a management device (30) and a plurality of game devices (26), wherein the management device (30) includes a receiving unit (3 62) that receives the first identification information ( U ID_IN) The generating unit (364) generates biometric information (BI D_IN ) indicating the biometric characteristics of the user, and the first authenticating unit (3 21 ) acquires the first identifying information (U ID_IN ) and the living creature. The result of the first authentication of the body information (B ID_IN ); and the management unit (3 24 ), when the result of the first authentication is affirmative, the first identification information (U ID_IN ) is stored as the authenticated information (A) The management unit (342); the plurality of game devices (26) are provided with a storage unit (542) for storing the first generation amount of the increase or decrease due to the consumption or acquisition of the game device (26). -6- 201113070 (CB); Terminal-side reception unit (5 6 〇) 'Receives the first confirmation identification information (UI Ε> _ IΝ) • 'Notes (6 2), and the management department (3 2 4) ), the first identification information (U ID_IN) that is consistent with the first confirmation identification information (^〗 D - 丨Ν) No as certified information (A) and B has recalled management §5彳思(3 4 2 ); and permission department (6 4 ), the result of the note 疋: same time 'allow memory in the storage department (5 4 2) The first generation amount (CB) and the second generation amount (c A) of the second generation amount (c A) that is associated with the second identification information (U ID) and the other party's quota Transfer. In the above configuration, whether or not the first confirmation identification information (u ID_IN) accepted by the terminal side receiving unit (56) of the game device (2 6) is stored in the management device as the authenticated information (A) (3) The management memory (3 4 2 ) 'determines the possibility of transfer of the amount of money. Therefore, it is not necessary to implement the first authentication using the biometric information (b ID_IN) in the game device (26). On the other hand, 'for the permission transfer in the game device (26) (for the purpose of storing the identification information (U ID_IN) as the authenticated information (a) in the management memory (3 4 2)), Since the first authentication (biometric authentication) of the management device (30) is required, the security of the generation management can be ensured. That is to say, it is possible to ensure the security of the generation management and the simplification of the structure and procedures required for certification. The so-called "substitute" is the number (virgin currency) that is used (consumed or endowed) in the game. Typically, it has a number equivalent to the price of the father of the entertainment media (game price). For example, by the input of the entertainment media or the acquisition of events in the game, the amount of the increase is increased by the amount of the consumption of the entertainment or entertainment media at the beginning of the 201113070 play or the use of events in the game. . The so-called "game media" includes the commemoration of all the elements of the price of the game. Specifically, the media that the user uses to participate in the game and the media that is given to the user as a result of the game is equivalent to the entertainment media. For example, tokens (coins) or cast yards (token coins) or tangibles such as coins or tickets should be used as entertainment media. The receiving unit (3 62 ) includes all means for acquiring the first identification information (U ID_IN ). For example, a reader that reads the first identification information (U ID_IN ) from the recording medium that electrically or magnetically records the first identification information (U ID_IN ), and optically reads the first identification information that is printed on the reading surface ( The reader of the U ID_IN ) and the input device that the user inputs and inputs the first identification information (U ID_IN) are included in the reception unit (362). In addition, the first authentication unit (321) that obtains the result of the first authentication includes both the means for obtaining the result of the first authentication performed externally, and the means for performing the first authentication by itself and obtaining the result. The transfer of the second generation amount (CA) and the first generation amount (CB) from the other party's quota includes the first generation amount (CB) for the second generation amount (CA). Transfer of the transfer of the direction (storage), the transfer of the second-generation amount (CA) to the one-way quota of the first generation (CB) (retraction), the first generation amount (CB), and the second The three types of transitions in the bidirectional direction between the number of tokens (CA). Therefore, the configuration in which the permitting unit (64) allows only the transfer of the unidirectional subdivision is also included in the scope of the present invention. In addition, the transferred amount of the first generation is -8-201113070 (C B) or the second generation (C A), and part of it is also acceptable. In a preferred aspect of the present invention, the management device (3) includes an acquisition unit (3 66) that acquires second identification information (P ID_IN, R ID ) and a second authentication unit (3 22 ). The result of the second authentication using the second identification information (P ID_IN, R ID) is obtained; and the management unit (324) sets the third identification information (U ID_IN) when the result of both the first authentication and the second authentication is affirmative. It is stored in the management memory unit (342) as the authenticated information (a), and the plurality of game devices (26) are provided with the terminal side acquisition unit (562), and the second identification information (P ID_IN, R ID) is acquired. And the terminal side authentication unit (524) obtains the result of the terminal side authentication using the second identification identification information (p ID_IN, R ID ); and the photo session unit (62) confirms that the terminal side authentication is affirmative In the event management unit (3 2 4), it is confirmed whether or not the first identification information (U ID_IN) consistent with the first confirmation identification information (U ID_IN) is stored in the management memory unit as the authenticated information (A). ). In the above aspect, the first identification information (U ID_IN) is stored in the management memory unit (3 42 ) as the authenticated information (A) because the results of both the first authentication and the second authentication are positive. Compared with the structure in which only the first identification information (U ID_IN) is recognized when the first authentication is affirmed, the authenticity of the authentication in the management device (3〇) can be improved. A typical example of the second identification information (P ID_IN, R ID ) is identification information directly received from the user (for example, the identification information of the game card used for the identification of the archive material for the game device (26) -9-201113070 (P ID _ IN )) and identification information (R ID ) managed in accordance with the identification information (p id_in ) accepted by the user. In other words, the "acquisition unit" of the present invention includes the acquisition unit (3 66) that receives the second identification information (P ID_IN) from the user, and includes the identification information (P ID_IN) received from the user. The second identification information (R ID ) element (for example, an element that acquires the second identification information (R ID ) from the server device that manages both). The receiving unit (3 66 ) that accepts the second identification information (P ID_IN , R ID ) includes all the means for accepting the second identification information ( P ID — IN, R ID ), for example, in addition to directly inputting the second identification. In addition to the elements of the information (P ID_IN, R ID) (for example, an input device or a reader), it also includes the effect of enabling/disabling the second identification information (P ID_IN, R ID ) of the user to register in advance. In the same manner, the terminal side acquisition unit includes the acquisition unit (562) that receives the second confirmation identification information (P ID_IN) from the user, and includes the identification information (P ID_IN) received from the user. (2) Confirmation of the element of the identification information (RID) (for example, the element for obtaining the second identification information (PID) from the server device that manages both). In addition, when the result of the terminal side authentication of the second confirmation identification information (P ID_IN, R ID ) acquired by the terminal side acquisition unit (5662) of the game device (26) is affirmative, the execution unit (62) is executed. Because of the fact that the identification information (P ID_IN, R ID ) of the second confirmation is not appropriate (the result of the terminal side authentication), the implementation of the note -10- 201113070 (62) The structure of the note has the advantage of reducing the load of the processing of the management unit (324). Further, in the appropriate aspect, the 'multiple game device (2 6 ) is provided with a password accepting unit (5 64 ), which is an input of a password (P WD — IN ), and a terminal side authentication unit (5 2 4 ). The result of the terminal side authentication of the second identification identification information (P ID_IN ' R ID ) and the password ( P WD_IN ). According to the above aspect, since the terminal side authentication requires a password (P WD_IN ), there is a third party that can prevent the second identification identification information (P ID_IN, R ID ) from being recognized (for example, the identification of the second confirmation for recording) The advantage of the transfer of the amount of money caused by the information (P ID_IN, R ID). The password (P WD_IN ) is an arrangement of words or numbers, for example. Further, the second authentication unit (322) is the same as the first authentication unit (321), and includes means for obtaining the result of the first authentication performed externally, and means for obtaining the result by executing the first authentication by itself. The terminal side authentication unit (524) is also the same as the first authentication unit (321) and the second authentication unit (322), and the main body that performs terminal side authentication is the terminal side authentication unit (524) or other elements. The management system (1 0 1 ) according to another aspect of the present invention includes a management device (30) and a plurality of game devices (26), wherein the management device (30) includes: an accepting unit (3 62) The first identification information (UID_IN) is received, and the generating unit (3 64) generates biometric information (B ID_IN) indicating the biometric characteristics of the user: the first authentication unit (321)' acquires the first identification The result of the first authentication of the information (u ID_IN) and the biological information (B ID_IN); the acquisition unit (72), the -11 - 201113070 acquires the third identification information (X ID ); the notification unit (74), the 3 The identification information (X ID) is notified to the user; and the management unit (3 24) remembers the third identification information (χ id ) as the authenticated information (A) when the result of the first authentication is affirmative The management memory unit (342); the plurality of game devices (26) are provided with a storage unit (542) for storing the first generation amount (CB) which is increased or decreased because of the consumption or acquisition of the game device (26). ); the terminal side receiving unit (5 60 ) accepts the first confirmation identification information (X ID_IN ); the note department (62) The photo management unit (3 24) confirms whether or not the third identification information (X ID) matching the first confirmation identification information (X ID_IN) is stored in the management memory unit as the authenticated information (A). 3 42 ): and the permission unit (64 ), when the result of the note is affirmative, allows the first generation number (CB) stored in the storage unit (542) to be associated with the first identification information (U ID) The transfer of the second generation amount (C a) of the memory device (1 4 ) to the other party's proxy. Furthermore, the meaning of each term is as described above. In the above configuration, the first confirmation identification information (χ iD_IN) accepted by the terminal side receiving unit (56) of the game device (26) is stored in the management device (3) as the authenticated information (A). The management memory (3 42 ) determines whether the transfer of the proxy can be made. Therefore, it is not necessary to implement the first authentication using the biometric information (B ID_IN) in the game device (26). On the other hand, for allowing the transfer of the game device (26) (for the purpose of storing the third identification information (X ID) as the authenticated information (a) in the management memory (342)), Because it requires the first certification (biological certification) of the management -12-201113070 device (30), the security of the generation management can be ensured. That is, the security of the generation management can be clarified with the simplification of the structure and procedures required for certification. In the case of the management system (1 〇〇, 1 〇 1 ) of the present invention, the management device sets (3 0 ), and includes a password accepting unit (3 6 8 ), which accepts a password (P WD_IN). The second authentication unit (3 22 ) obtains the result of the second authentication using the second identification information (p ID_IN, R ID ) and the password (P WD_IN ). In the above aspect, since the password (P WD — IN ) is required for the second authentication of the management device ( 30 ), the second identification information (P ID — IN, R ID ) can be used for the second authentication structure. Improve the authenticity of certification. In the appropriate aspect of the present invention, the management unit (3 24) invalidates the authenticated information (A) of the management memory unit (3 4 2 ) with the establishment of the predetermined condition. In the above situation, the certification information (A) becomes invalid because the established conditions are established. Therefore, the security of the generation management can be improved compared to the structure in which the certified information (A) is maintained for a long period of time. Sex. For example, if the conditions are established, the funds have been certified.

訊(A )被無效化,可防止得知第2識別資訊(p ID_IN ,R ID )的第三者執行代額轉移(假裝成正規利用者) 〇 再者,所謂「將已認證資訊設爲無效」係代表設定爲 無法參照已認證資訊(A )之狀態。例如,已認證資訊( A )的消除係已認證資訊(A )的無效化之典型例,但是 ,用以使已認證資訊(A )無效化的具體處理係爲任意。 -13- 201113070 例如,使附加於已認證資訊(A )之旗標從有效變化成無 效的處理也包含於已認證資訊(A )的無效化之槪念。當 然,從減輕管理部(3 24 )所致之處理(例如旗標的設定 )的負荷之觀點來看,消除已認證資訊(A )的構造特別 適合。 再者,成爲使已認證資訊(A )無效化之契機的條件 係爲任意,但是,例如也可採用以所定時刻的到來作爲契 機而管理部(3 24 )將已認證資訊(A )設爲無效的構造 ,或以依每一已認證資訊(A )設定之有效期間的期滿作 爲契機而將已認證資訊(A )設爲無效的構造。依據前者 的構造,相較於後者的構造,有可減輕管理部(3 24 )的 負荷之優點。另一方面,依據後者的構造,因爲依每一已 認證資訊(A )設定有效期間,故例如無關於已認證資訊 (A)的產生時刻,可涵蓋所定時間將已認證資訊(a ) 設爲有效。 於本發明的適切樣態中,複數遊戲裝置(26 )係個別 具備:操作部(5 8 ),係包含指示從第1代額數(C B ) 對於第2代額數(C A)之代額的轉移(存入)之存入操 作部(5 82 ),與指示從第2代額數(C A )對於第1代 額數(C B )之代額的轉移(提領)之提領操作部(584 )至少一方;操作部(5 8 ),係在允許部(64 )允許代額 的轉移時成爲可操作。於以上樣態中,因爲在代額的轉移 被允許時,操作部(5 8 )成爲可操作,故在允許部(64 ) 不允許代額的轉移時,則不需要受理來自利用者之操作的 -14- 201113070 處理。所以’有可減輕遊戲裝置(26)的處理負荷之優點 。再者,作爲控制操作部的操作之可否的方法,係可例示 控制對於操作部的操作之受理的有效/無效之方法,及以 在附觸控面板功能的顯示裝置中受理操作的構造爲基礎, 控制畫面上之操作部的顯示(有效)/非顯示(無效)之 方法。 於本發明的適切樣態中,管理部(3 2 4 ),係使已認 證資訊(A)包含生物體資訊(B ID_IN,B ID )而記憶 於管理記憶部(3 4 2 ),在從遊戲裝置(2 6 )被指示代額 的轉移時,則對於管理將第1識別資訊(U ID )與生物 體資訊(B ID )與第2代額數(C A )建立對應並加以 記憶之記憶裝置(1 4 )的伺服器裝置(1 2 ),發送已認證 資訊(A )的第1識別資訊(U ID_IN )與生物體資訊( B ID_IN,B ID )。於以上樣態中,因爲在被指示代額的 轉移時,第1識別資訊(U ID_IN )與生物體資訊( B ID_IN,B ID)從管理裝置(30)發送至伺服器裝置( 12),故在代額的轉移時,可在伺服器裝置(1 2 )執行利 用第1識別資訊(U ID_IN )與生物體資訊(B ID_IN, B ID )的認證。所以,相較於僅將第丨識別資訊( U ID_IN )從管理裝置(30 )發送至伺服器裝置(12 )而 轉移代額的構造,可提升代額管理的安全性。又,因爲從 管理部(3 2 4 )對於伺服器裝置(1 2 )發送第1識別資訊 (U ID_IN )與生物體資訊(B ID_IN,B ID ),故例如 可使以利用第1識別資訊(U ID_IN )與生物體資訊( -15- 201113070 B ID_IN )的認證作爲要件而執行遊藝媒體(例如代幣) 之支付及存入的裝置(例如代幣處理裝置(丨6))相關之 伺服器裝置(12)的處理,與對於管理裝置(3〇)的伺服 器裝置(12)之處理共通化。所以,有可易於將管理裝置 (3 0 )導入至伺服器裝置(i 2 )管理代額的系統之優點。 於其他樣態中’管理部(324 ),係使已認證資訊( A)包含特定資訊(α )而記億於管理記憶部(3 4 2 ), 在從遊戲裝置(26 )被指示代額的轉移時,則對於管理將 第1識別資訊(U ID)與特定資訊(α )與第2代額數 (C Α)建立對應並加以記憶之記憶裝置(14)的伺服器 裝置(1 2 ) ’發送已認證資訊(a )的第】識別資訊( U ID_IN )與特定資訊(;α)。於以上樣態中,因爲在被 指示代額的轉移時’第1識別資訊(U ID_IN )與特定資 訊(α )從管理裝置(3〇)發送至伺服器裝置(12),故 在代額的轉移時’可在伺服器裝置(丨2 )執行利用第1識 別資訊(U ID_IN )與特定資訊(α )的認證。所以,相 較於僅將第1識別資訊(U I D _ IΝ )從管理裝置(3 0 )發 送至伺服器裝置(12)而轉移代額的構造,可提升代額管 理的安全性。特定資訊(α )的與型例係在任意方法中採 用之一次性密碼。再者,產生特定資訊(α )的主體係爲 任意。例如’可採用伺服器裝置(1 2 )產生之特定資訊( α )被通知管理部(324 )而包含於已認證資訊(α)的 構造’與管理部(324 )產生之特定資訊(α )被通知伺 服器裝置(12 )而與第丨識別資訊(u ID )及第2代額 -16- 201113070 數(C A)—起記億於記憶裝置(14)的構造。 本發明亦可作爲關於前述各樣態之管理系統(1 00 ) 所利用之遊戲裝置(26)而特定。關於本發明的遊戲裝置 (26 ),係與具備在利用輸入至管理裝置(30 )之第1識 別資訊(U ID_IN)及生物體資訊(B ID_IN)之第1認 證的結果是肯定時,將第1識別資訊(U ID_IN )作爲已 認證資訊(A )而記憶於管理記憶部(3 4 2 )之管理部( 324)的管理裝置(30)進行通訊的遊戲裝置(26),其 特徵爲具備:貯留部(5 42 ),係記憶因爲在該當遊戲裝 置(26)之代額的消費或獲得而增減之第1代額數(c B );終端側受理部(5 60 )’係受理第1確認用識別資訊 (U ID_IN );照會部(62 ),係照會管理部(324 ), 確認一致於第1確認用識別資訊(U ID_IN )之第1識別 資訊(U ID — IN )是否作爲已認證資訊(a )而記憶於管 理SS憶部(3 4 2 );及允許部(6 4 ),係在照會的結果是 肯定時’允許記憶於貯留部(5M )之第!代額數(c B )和與第1識別資訊(U ID )建立對應而記憶於記憶裝 置(14)之第2代額數(C A)之從—方對於另—方的代 額之轉移。依據以上的遊戲裝置(26),也可實現與本發 明的管理系統(1 〇 〇 )相同的效果。 又’本發明亦可作爲關於前述各樣態之管理系統( 1 0 0 )所利用之管理裝置(3 〇 )而特定。關於本發明的管 理裝置(3 0 ),其特徵爲具備:受理部(3 62 ),係受理 第1識別資訊(ϋ ID_IN);產生部(3 64 ),係產生表 -17- 201113070 示利用者之生物體特徵的生物體資訊(B ID_IN );第1 認證部(32 1 ),係取得利用第1識別資訊(U ID_IN ) 與生物體資訊(B ID _ IN )之第1認證的結果;及管理部 (3 24 ),係在第1認證的結果是肯定時,將第1識別資 訊(U ID_IN )作爲已認證資訊(A )而記憶於管理記憶 部(342);管理部(324)係將一致於遊戲裝置(26)的 終端側受理部所受理之第1確認用識別資訊(U ID_IN ) 的第1識別資訊(U ID_IN )是否作爲已認證資訊(A ) 而記憶於管理記憶部(342 )的判定之結果,通知該當遊 戲裝置(2 6 ),在判定的結果是肯定時,在具備記憶因爲 在該當遊戲裝置(26)之代額的消費或獲得而增減之第1 代額數(C B )的貯留部(5 42 )之遊戲裝置(26 ),和 與第1識別資訊(U ID )建立對應而記憶第2代額數( C A )之記憶裝置(14 )之間,因應從遊戲裝置(26 )發 送之代額的轉移之要求,仲介第1代額數(C B)與第2 代額數(C A)之從一方對於另一方的代額之轉移。依據 以上的管理裝置(30),也可實現與本發明的管理系統( 100 )相同的效果。 進而,本發明也可作爲使電腦作爲遊戲裝置(26 )及 管理裝置(3 0 )而作用之程式來特定。關於本發明之第1 形態的程式,其特徵爲使與具備在利用輸入至管理裝置( 30)之第1識別資訊(U ID_IN)及生物體資訊( B ID_IN )之第1認證的結果是肯定時,將第1識別資訊 (ϋ ID_IN )作爲已認證資訊(A )而記憶於管理記憶部 -18- 201113070 ( 342 )之管理部( 3 24 )的管理裝置(3〇)進行通訊的電 腦作爲遊戲裝置(2 6 )而作用,其特徵爲使電腦作爲以下 構件而作用:貯留部(542 ),係記億因爲在該當遊戲裝 置(26)之代額的消費或獲得而增減之第1代額數(c B );終端側受理部(5 60 ),係受理第1確認用識別資訊 (U ID_IN );照會部(62 ),係照會管理部(3 24 ), 確認一致於第1確認用識別資訊(U ID_IN )之第1識別 資訊(U ID_IN)是否作爲已認證資訊(a )而記億於管 理記憶部(342 );及允許部(64 ),係在照會的結果是 肯定時,允許記憶於貯留部(542 )之第1代額數(C B )和與第1識別資訊(U ID )建立對應而記憶於記憶裝 置(14)之第2代額數(C A)之從一方對於另一方的代 額之轉移。依據以上的程式,也可實現與本發明的遊戲裝 置(26 )相同的效果。 又,關於本發明之第2樣態的程式,係使電腦作爲以 下構建而作用:受理部(3 62 ),係受理第1識別資訊( U ID_IN );產生部(3 64 ),係產生表示利用者之生物 體特徵的生物體資訊(B ID_IN );第1認證部(321 ) ,係取得利用第1識別資訊(U ID_IN )與生物體資訊( B ID_IN )之第1認證的結果;及管理部(3 24 ),係在 第1認證的結果是肯定時,將第1識別資訊(U ID_IN ) 作爲已認證資訊(A )而記憶於管理記憶部(3 42 ):其 特徵爲:管理部(3 24 )係將一致於遊戲裝置(26 )所受 理之第1確認用識別資訊(U ID_IN )的第1識別資訊( -19- 201113070 U ID_IN)是否作爲已認證資訊(A)而記憶於管理記憶 部(3 42 )的判定之結果,通知該當遊戲裝置(26 ),在 判定的結果是肯定時,在具備記憶因爲在該當遊戲裝置( 2 6 )之代額的消費或獲得而增減之第1代額數(C B)的 貯留部(542)之遊戲裝置(26),和與第1識別資訊( U ID )建立對應而記憶第2代額數(C A )之記憶裝置 (14)之間,因應從遊戲裝置(26)發送之代額的轉移之 要求,仲介第1代額數(C B)與第2代額數(C A)之 從一方對於另一方的代額之轉移。依據以上的程式,也可 實現與本發明的管理裝置(30)相同的效果。 以上所例示之各樣態的程式係除了以被儲存於電腦可 讀取的記錄媒體之形態下提供給利用者而安裝於電腦之外 ’也可以介由通訊網的遞送之形態下從伺服器裝置提供而 安裝於電腦。 【實施方式】 < A :第1實施形態〉 < A-1 :第1實施形態的構造> 圖1係關於本發明的第1實施形態之管理系統1 〇 〇的 區塊圖。管理系統1 0 0係例如構築於遊戲中心等之遊藝設 施的電腦網路系統。如圖1所示,管理系統丨00係包含第 1系統10與第2系統20與管理裝置30而構成。 第1系統1 0係使用於遊戲之代幣的管理(存入及提 領)所利用之系統。欲利用第1系統1 〇所致之代幣的管 -20- 201113070 理之利用者係必須事先接受登記(以下稱爲「第!登記」 )。對於接受第1登記之利用者賦予識別資訊U ID ( user ID )。識別資訊U ID係例如記憶於發派給利用者之i c卡 等之可搬送型的記錄媒體(以下稱爲「管理卡」)。 如圖1所示,第1系統10係具備第1伺服器裝置12 與記憶裝置1 4與代幣處理裝置1 6。第1伺服器裝置1 2 與代幣處理裝置16係介由通訊網18相互通訊。通訊網 18係例如構築於遊藝設施內之LAN ( local area network )。但是,第1系統10的一部份係可設置於遊藝設施的 外部。在第1系統1 0的一部份設置於遊藝設施的外部之 構造,通訊網1 8的一部份係以例如利用網際網路之WAN (wide area network)或 VPN ( virtual private network) 來實現。 記憶裝置1 4係依每一第1登記設定記錄R丨的資料庫 。如圖2所示’各記錄R1係包含接受第1登記之利用者 的識別資訊U I D (記憶於正規的管理卡之識別資訊u ID )及生物體資訊B ID,與其利用者保有之代額的總量( 以下稱爲「保有代額數」)C A而構成。生物體資訊 B ID係表示利用者之生物體特徵的資訊。具體來說,表 示手(手掌及手指)之靜脈紋路的生物體資訊B ID被記 億於記憶裝置1 4。再者,也採用與識別資訊u ID個別建 立對應,將生物體資訊B ID與保有代額數C A儲存於個 別的記憶裝置之構造。第1伺服器裝置1 2係執行儲存於 g己憶裝置14之資料的管理(讀出及寫入)。再者,在圖 -21 - 201113070 1作爲個別物體的要素而圖示之第1伺服器裝置121 憶裝置14也可作爲一體的裝置而構成。 圖1的代幣處理裝置1 6係利用者爲了代幣的存 支付而進行操作之終端裝置,包含控制部1 62與受理 164與產生部166而構成。再者,也可採用個別裝置 代幣的存入與支付之構造。控制部1 62係執行代幣的 及支付所需之各種處理。The message (A) is invalidated to prevent the third party who knows the second identification information (p ID_IN , R ID ) from performing a generative transfer (pretending to be a regular user). The "invalid" system is set to be unable to refer to the status of the authenticated information (A). For example, the elimination of the authenticated information (A) is a typical example of the invalidation of the authenticated information (A), but the specific processing for invalidating the authenticated information (A) is arbitrary. -13- 201113070 For example, the process of changing the flag attached to the authenticated information (A) from valid to invalid is also included in the invalidation of the authenticated information (A). Of course, the structure for eliminating the authenticated information (A) is particularly suitable from the viewpoint of the load of the processing (e.g., setting of the flag) by the management unit (3 24 ). Further, the condition for causing the authentication information (A) to be invalidated is arbitrary. However, for example, the management unit (3 24) may set the authenticated information (A) as a trigger for the arrival of the predetermined time. The invalid structure or the structure in which the authenticated information (A) is invalidated by the expiration of the valid period set for each authenticated information (A). According to the structure of the former, compared with the structure of the latter, there is an advantage that the load of the management unit (3 24 ) can be reduced. On the other hand, according to the latter configuration, since the valid period is set for each authenticated information (A), for example, regardless of the generation timing of the authenticated information (A), the authenticated information (a) can be set to cover the predetermined time. effective. In a suitable aspect of the present invention, the plurality of game devices (26) are individually provided with an operation unit (58) for indicating a transfer from the first generation number (CB) to the second generation amount (CA). The depositing operation unit (582) of (storing) and the instruction operation unit (584) indicating at least the transfer (retraction) of the second generation amount (CA) for the first generation amount (CB) One of the operations; the operation unit (58) is operable when the permission unit (64) allows the transfer of the token. In the above aspect, since the operation unit (58) becomes operable when the transfer of the quota is permitted, it is not necessary to accept the operation from the user when the permission unit (64) does not allow the transfer of the quota. The processing of -14- 201113070. Therefore, there is an advantage that the processing load of the game device (26) can be reduced. In addition, as a method of controlling the operation of the operation unit, a method of controlling the validity/invalidation of the operation of the operation unit and a structure for accepting the operation in the display device with the touch panel function can be exemplified. , Controls the display (valid)/non-display (invalid) of the operation unit on the screen. In the appropriate aspect of the present invention, the management unit (3 2 4) causes the authenticated information (A) to contain the biometric information (B ID_IN, B ID ) and is stored in the management memory unit (3 4 2 ). When the game device (26) is instructed to transfer the proxy, the memory device for managing the first identification information (UID) and the biometric information (BID) and the second generation amount (CA) is managed and memorized. The server device (1 2 ) of (1 4 ) transmits the first identification information (U ID_IN ) of the authenticated information (A) and the biometric information (B ID_IN, B ID ). In the above aspect, the first identification information (U ID_IN ) and the biometric information (B ID_IN, B ID) are transmitted from the management device (30) to the server device (12) when the transfer of the indicated quota is performed, Therefore, at the time of transfer of the proxy, the authentication using the first identification information (U ID_IN ) and the biometric information (B ID_IN, B ID ) can be performed in the server device (1 2 ). Therefore, the security of the proxy management can be improved as compared with the configuration in which only the third identification information (U ID_IN) is transmitted from the management device (30) to the server device (12) and the transfer amount is transferred. Further, since the management unit (3 2 4 ) transmits the first identification information (U ID_IN ) and the biometric information (B ID_IN, B ID ) to the server device (1 2 ), for example, the first identification information can be utilized. (U ID_IN) and the authentication of the biometric information ( -15- 201113070 B ID_IN ) as a requirement to perform the payment and storage of the game media (for example, tokens) (for example, the token processing device (丨6)) The processing of the device (12) is common to the processing of the server device (12) for the management device (3). Therefore, there is an advantage that it is easy to introduce the management device (30) into the server device (i2) management system. In other aspects, the management department (324) causes the authenticated information (A) to contain the specific information (α) and the billions in the management memory (3 4 2 ), and the slave device (26) is instructed to perform the quota. At the time of the transfer, the server device (1 2) for managing the memory device (14) that associates the first identification information (U ID) with the specific information (α) and the second generation amount (C Α) and memorizes 'Send the first information of the authenticated information (a)' identification information (U ID_IN) and specific information (;α). In the above aspect, since the first identification information (U ID_IN) and the specific information (α) are transmitted from the management device (3〇) to the server device (12) when the transfer of the indicated quota is performed, the quota is At the time of the transfer, the authentication using the first identification information (U ID_IN ) and the specific information (α) can be performed on the server device (丨2). Therefore, the security of the charge management can be improved as compared with the structure in which only the first identification information (U I D _ I Ν ) is transmitted from the management device (30) to the server device (12) and the transfer amount is transferred. The specific information (α) and the model are one-time passwords used in any method. Furthermore, the main system for generating specific information (α) is arbitrary. For example, the specific information (α) generated by the server device (1 2 ) may be notified to the management unit (324) and included in the configuration 'of the authenticated information (α)' and the specific information (α) generated by the management unit (324). It is notified to the server device (12) and the second identification information (u ID) and the second generation-16-201113070 (CA) - the structure of the memory device (14). The present invention can also be specified as a game device (26) used in the management system (100) of the above-described various aspects. The game device (26) according to the present invention is provided with a result of the first authentication using the first identification information (U ID_IN) and the biological information (B ID_IN) input to the management device (30). The first identification information (U ID_IN ) is a game device (26) that communicates with the management device (30) of the management unit (324) of the management memory unit (32) as the authenticated information (A), and is characterized in that The storage unit (5 42 ) stores the first generation amount (c B ) that is increased or decreased by the consumption or acquisition of the game device (26); the terminal side reception unit (5 60 ) accepts The first identification identification information (U ID_IN); the notification unit (62), the photo management unit (324), and whether the first identification information (U ID — IN ) matching the first confirmation identification information (U ID_IN) is confirmed As the authenticated information (a), it is stored in the management SS memory section (3 4 2 ); and the permission section (6 4 ) is the first to allow memory in the storage section (5M) when the result of the photo is positive! The number of credits (c B ) and the transfer of the second generation amount (C A) of the memory device (14) corresponding to the first identification information (U ID) to the other party's amount. According to the above game device (26), the same effects as the management system (1 〇 〇) of the present invention can be achieved. Further, the present invention can also be specified as a management device (3 〇) used in the management system (1 0 0) of the above-described various aspects. The management device (30) of the present invention is characterized in that it includes a receiving unit (3 62) that receives the first identification information (ϋ ID_IN), and a generating unit (3 64) that generates the use table -17-201113070 The biometric information (B ID_IN ) of the biometric feature of the person; the first authentication unit (32 1 ) obtains the result of the first authentication using the first identification information (U ID_IN ) and the biometric information (B ID _ IN ) And the management unit (3 24), when the result of the first authentication is affirmative, the first identification information (U ID_IN) is stored in the management memory unit (342) as the authenticated information (A); and the management unit (324) Is the first identification information (U ID_IN) of the first confirmation identification information (U ID_IN) accepted by the terminal side receiving unit of the game device (26) as the authenticated information (A) and stored in the management memory. As a result of the determination by the unit (342), the game device (26) is notified, and when the result of the determination is affirmative, the memory is provided with the first increase or decrease due to consumption or acquisition of the game device (26). Game device (26) of the storage unit (5 42 ) of the number of credits (CB), and the first knowledge The information (U ID) establishes a correspondence between the memory devices (14) that memorize the second generation number (CA), and the first generation amount (CB) of the intermediary is required in response to the transfer of the tokens sent from the game device (26). The transfer of the second generation amount (CA) from one party to the other. According to the above management device (30), the same effects as the management system (100) of the present invention can be achieved. Furthermore, the present invention can also be specified as a program that causes a computer to function as a game device (26) and a management device (30). The program according to the first aspect of the present invention is characterized in that the result of the first authentication including the first identification information (U ID_IN) and the biological information (B ID_IN) input to the management device (30) is affirmative. When the first identification information (ϋ ID_IN) is used as the authenticated information (A), the management device (3〇) of the management unit (3 24) of the management memory unit -18-201113070 (342) performs communication as a computer. The game device (26) functions to cause the computer to function as a storage unit (542), which is the first one to increase or decrease because of the consumption or acquisition of the game device (26). The number of the credits (c B ); the terminal side receiving unit (5 60 ) accepts the first confirmation identification information (U ID_IN ), and the photographing unit (62) and the photograph management unit (3 24 ) confirm the match with the first confirmation. Whether the first identification information (U ID_IN) of the identification information (U ID_IN) is used as the authenticated information (a) and is recorded in the management memory unit (342); and the permission unit (64) is determined when the result of the photo is positive. Allows to store the first generation (CB) of the storage unit (542) and the first identification The UID establishes a transfer of the second generation amount (C A) of the memory device (14) from one party to the other party. According to the above program, the same effects as the game device (26) of the present invention can be achieved. Further, in the second aspect of the present invention, the computer functions as follows: the receiving unit (3 62 ) receives the first identification information (U ID_IN ), and the generating unit (3 64 ) generates a representation. Biometric information (B ID_IN ) of the biometric characteristics of the user; the first authentication unit (321 ) obtains the result of the first authentication using the first identification information (U ID_IN ) and the biometric information (B ID_IN ); The management unit (3 24 ), when the result of the first authentication is affirmative, stores the first identification information (U ID_IN ) as the authenticated information (A) in the management storage unit (3 42 ): the management is: management The part (3 24) memorizes whether or not the first identification information ( -19- 201113070 U ID_IN) of the first confirmation identification information (U ID_IN ) accepted by the game device (26) is stored as the authenticated information (A). As a result of the determination by the management memory unit (3 42 ), the game device (26) is notified, and when the result of the determination is affirmative, the memory is provided because the consumption or acquisition of the game device (26) is increased. Game device (2) of the storage unit (542) of the first generation (CB) 6), between the memory device (14) that memorizes the second generation amount (CA) in association with the first identification information (UID), and the request for transfer from the game device (26) The transfer of the first generation amount (CB) and the second generation amount (CA) from one party to the other. According to the above program, the same effects as the management device (30) of the present invention can be achieved. The programs of the various modes exemplified above are installed outside the computer in the form of being stored in a computer-readable recording medium, and can also be delivered from the server device via the communication network. Provided and installed on a computer. [Embodiment] <A: First Embodiment> <A-1: Structure of First Embodiment> Fig. 1 is a block diagram of a management system 1 according to a first embodiment of the present invention. The management system 100 is, for example, a computer network system built in a game facility such as a game center. As shown in Fig. 1, the management system 丨00 includes the first system 10, the second system 20, and the management device 30. The first system 10 is a system used for management (storing and providing) of game tokens. To use the tokens of the first system 1 -20 -20- 201113070 The user must be registered in advance (hereinafter referred to as "the !! registration"). The identification information U ID (user ID) is given to the user who accepts the first registration. The identification information U ID is, for example, a portable recording medium (hereinafter referred to as a "management card") that is stored in an i c card or the like that is distributed to the user. As shown in FIG. 1, the first system 10 includes a first server device 12, a memory device 14 and a token processing device 16. The first server device 1 2 and the token processing device 16 communicate with each other via the communication network 18. The communication network 18 is, for example, a LAN (local area network) built in a game facility. However, a portion of the first system 10 can be placed outside of the amusement facility. A portion of the first system 10 is disposed outside the amusement facility, and a portion of the communication network 18 is implemented by, for example, a wide area network (WAN) or a VPN (virtual private network). The memory device 14 records a database of R丨 for each first registration setting. As shown in FIG. 2, each record R1 includes the identification information UID (identification information u ID stored in the regular management card) and the biological information B ID of the user who receives the first registration, and the amount of the biometric information B ID held by the user. The total amount (hereinafter referred to as "holding the number of shares") CA is formed. Biological Information B ID is information that indicates the characteristics of the user's organism. Specifically, the biological information B ID indicating the vein pattern of the hand (palm and finger) is recorded in the memory device 14. Further, a configuration in which the biometric information B ID and the retained credit number C A are stored in separate memory devices is also established in association with the identification information u ID. The first server device 1 2 performs management (reading and writing) of the data stored in the device. Further, the first server device 121 shown as an element of an individual object in Fig. 21-201113070 can also be configured as an integrated device. The token processing device 16 of Fig. 1 is a terminal device that is operated by a user for the payment of a token, and includes a control unit 1 62 and an accepting unit 164 and a generating unit 166. Furthermore, the construction of deposit and payment of individual device tokens can also be employed. The control unit 1 62 executes various processes required for the token and payment.

受理部1 64係受理利用者所致之識別資訊U I D_ 輸入。作爲受理部1 64,例如可採用將被儲存於管理 識別資訊U ID作爲識別資訊U ID_IN來讀取之公知 取器。正規接受第1登記之利用者所輸入之識別資設 U ID_IN係一致於記憶於記憶裝置1 4之識別資訊U 產生部1 66係產生表示利用者之生物體特徵的§ 資訊B ID_IN。作爲產生部1 66,例如可採用檢測出 者的手(手掌及手指)的靜脈紋路而產生生物體資設 B ID_IN之公知的靜脈感測器。正規接受第丨登記;^ 者之生物體資訊B ID_IN係一致於記億裝置14之生 資訊B ID 。 圖3係利用代幣處理裝置1 6之代幣的存入及支 關之動作的流程圖。以對於代幣處理裝置i 6之所定 作爲契機,開始圖3的處理。希望代幣處理裝置1 6 之代幣的存入或支付之利用者,係將識別資訊U ID_ 入至受理部164 ( S A10 )之同時,使產生部1 66產 物體資訊B ID_IN ( S A1 1 )。控制部162係將包含 吳記 入及 【部 執行 ]存入 _IN的 卡之 的讀 ID。 i物體 利用 1利用 物體 付相 操作 所致 _IN輸 生生 利用 -22- 201113070 者所輸入之識別資訊U ID_IN與生物體資訊B ID_IN的 認證要求,發送至第1伺服器裝置1 2 ( S A 1 2 )。 接受認證要求時(S B10),第1伺服器裝置12係 執行利用包含於其認證要求之識別資訊U I D_IN與生物體 資訊B ID_IN的認證(生物體認證)(S b 1 1 )。具體來 說,第1伺服器裝置1 2係判定識別資訊U ID_IN與生物 體資訊B ID_IN的組合是否儲存於記憶裝置1 4 (符合識 別資訊U ID_IN之識別資訊U ID與符合生物體資訊 B ID_IN之生物體資訊B ID是否在1個記錄R1內建立 對應而儲存於記憶裝置1 4 )。第1伺服器裝置1 2係將認 證結果發送至代幣處理裝置1 6 ( S B 1 2 )。代幣處理裝置 1 6的控制部1 6 2係接收認證結果(S A 1 3 )。 控制部1 6 2係在認證結果是否定時,將認證的失敗通 知利用者而結束處理,在認證結果是肯定時(S A 1 4.: YES ),允許代幣的支付及存入。例如,在利用者指定所 希望枚數(以下稱爲「提領數」)N OUT而要求代幣的 支付時(S A 1 5 ),控制部1 62係將包含識別資訊 U ID_IN與生物體資訊B ID_IN與提領數N OUT的提領 要求,發送至第1伺服器裝置12( S A16)。在接收提 領要求時(S B 1 3 ),第1伺服器裝置1 2係從對應識別 資訊U ID_IN而記憶於記憶裝置1 4之保有代額數C A, 減去提領數N OUT (SB14),將代表保有代額數CA 的更新結束之提領通知發送至代幣處理裝置1 6 ( S B 1 5 ) 。接收提領通知之控制部1 62係從支付機(斗)支付相當 -23- 201113070 於提領數N OUT之枚數的代幣(S A17 )。 另一方面,利用者將代幣投入至代幣處理裝置16的 投入口(省略圖示)而指示代幣的存入時,計數器(省略 圖示)會計算被投入至投入口之代幣的枚數(以下稱爲「 存入數」)N IN ( S A1 8 )。控制部1 62係將包含識別 資訊U ID_IN與生物體資訊B ID_IN與存入數N IN的存 入要求,發送至第1伺服器裝置12( S A19)。接收存 入要求之第1伺服器裝置12( S B16)係將存入數n IN 加算至對應識別資訊U ID_IN而記憶於記憶裝置1 4之保 有代額數CA(SB17),將代表保有代額數CA的更新 結束之存入通知發送至代幣處理裝置1 6 ( S B 1 8 )。控制 部162係接收存入通知(S A20 )。利用第1系統1 〇之 代幣的支付及存入的順序係如上所述。 圖1的第2系統20係利用者用以執行遊戲的系統, 具備第2伺服器裝置22與記憶裝置24與複數遊戲裝置 26。複數遊戲裝置26係包含提供不同遊戲的兩種以上遊 戲裝置26。第2伺服器裝置22與各遊戲裝置26係介由 通訊網2 8相互通訊。通訊網2 8係與通訊網1 8相同,例 如構築於遊藝設施內之LAN。但是’第2系統20的一部 份係可設置於遊藝設施的外部。在第2系統2 0的一部份 設置於遊藝設施的外部之構造’通訊網28的一部份係以 例如利用網際網路之WAN或VPN來實現。於通訊網1 8 及通訊網28之內部的通訊路徑’係適切配置閘道器及路 由器等的通訊機器。 -24- 201113070 欲利用第2系統20 (各遊戲裝置26 )之利用者可事 先接受登記(以下稱爲「第2登記」)。對於接受第2登 記之利用者賦予識別資訊P ID ( player ID )。識別資訊 P ID係例如記憶於發派給利用者之1C卡等之可搬送型的 記錄媒體(以下稱爲「遊戲卡」)。 記億裝置24係依每一第2登記設定記錄R2的資料庫 。如圖4所示,各記錄R2係包含接受第2登記之利用者 的識別資訊P ID (記憶於正規的遊戲卡之識別資訊p id )及密碼P WD,與其利用者之遊戲資料(存檔資料) D G而構成。遊戲資料D G係包含利用者過去所執行之 遊戲進行狀況等的遊戲相關之各種資訊而構成。再者,也 採用將遊戲資料D G記憶於與記憶識別資訊p id及密碼 P WD之記憶裝置24不同之記憶裝置的構造。第2伺服 器裝置2 2係執行儲存於記憶裝置2 4之資料的管理(讀出 及寫入)。再者,在圖1作爲個別物體的要素而圖示之第 2伺服器裝置22與記憶裝置24也可作爲一體的裝置而構 成。 圖5係管理裝置30及遊戲裝置26的區塊圖。在圖5 ,僅代表性圖不1個遊戲裝置26,但是,其他遊戲裝置 26也爲相同構造。又,介在於管理裝置3〇與各遊戲裝置 26之間的通訊網28在圖5中省略。 遊戲裝置26係包含運算處理裝置(cpu) 52與記憶 裝置54與輸入受理部5 6與操作部5 8而構成之電腦系統 。運算處理裝置5 2係利用記憶於記憶裝置5 4之程式的執 -25- 201113070 行,實現複數功能(遊戲處理部522,終端側認證部524 ’照會部62,允許部64,控制部66 ) » 輸入受理部56係受理來自利用者之輸入的要素,包 含受理部560與受理部562與受理部564而構成。受理部 5 60係受理利用者所致之識別資訊u id_IN的輸入。例如 ’受理部5 60係以利用者操作之複數操作子(鍵盤)所構 成。再者,作爲受理部560,也可採用附觸控面板功能的 顯示裝置所顯示之操作子(鍵盤)。受理部5 62係受理利 用者所致之識別資訊P ID_IN的輸入。與受理部5 60相同 ’作爲受理部5 62,例如可採用將被儲存於遊戲卡之識別 資訊P ID作爲識別資訊P ID_IN來讀取之公知的讀取器 。受理部5 64係受理利用者所致之密碼P WD_IN的輸入 。例如,受理部5 64係以利用者操作之複數操作子(鍵盤 )所構成。再者,作爲受理部564,也可採用附觸控面板 功能的顯示裝置所顯示之操作子(鍵盤)》 適用遊戲資料D G而欲執行遊戲之利用者,係必須 接受利用識別資訊P ID_IN與密碼P WD_IN之終端側認 證。終端側認證係利用者是否接受第2登記的判定。亦即 ’終端側認證係相當於判定識別資訊P ID_IN與密碼 P WD_IN的組合是否儲存於記憶裝置24 (符合識別資訊 P ID_IN之識別資訊P ID與符合密碼P WD_IN之密碼 P WD是否在1個記錄R2內建立對應而儲存於記憶裝置 24 )的處理》 圖5的終端側認證部524係取得終端側認證的結果。 -26- 201113070 在終端側認證的結果是肯定時(終端側認證成功時),儲 存於記憶裝置24之複數遊戲資料D G中對應識別資訊 P ID — IN與密碼p WD_iN的遊戲資料d G係從第2伺服 器裝置22發送至遊戲裝置26。遊戲處理部522係適用從 記憶裝置2 4取得之遊戲資料D G,執行各種遊戲處理( 用以使利用者執行遊戲的處理)。所以,利用者係可從自 身過去執行遊戲時的狀況再次開始遊戲。 記憶裝置5 4係記憶運算處理裝置5 2執行之程式及各 種資料。具體來說,記憶使用代額數C B的記憶區域(以 下稱爲「貯留部」)5 42被記億裝置54設定。使用代額 數C B係代表與遊戲裝置26之遊戲開始及進行(例如事 件的發生)一起增減之代額的數量。例如,遊戲的開始所 需之所定數代額被消費時則使用代額數C B會減少,在遊 戲的進行(例如事件的達成)中獲得代額時則使用代額數 C B會增加。作爲記億裝置5 4,可任意採用半導體記錄 媒體或磁性記錄媒體等之公知的記錄媒體(或複數種記錄 媒體的組合)。 利用者係可利用對於遊戲裝置26之代幣的投入,使 使用代額數C B增加。進而,接受第1登記及第2登記雙 方的利用者’係可在第1系統1 〇被管理之保有代額數 C A與記憶於遊戲裝置26的貯留部542之使用代額數 C B之間’轉移代額(以下稱爲「代額轉移」)。於代額 轉移’係有代額從保有代額數C A轉移至使用代額數C B 而利用在遊戲裝置26之遊戲的處理(提領),與將因代 -27- 201113070 幣的投入或在遊戲中之獲得而發生之代額,從使用代額數 C B轉移至保有代額數C A的處理(存入)。亦即,利 用者可不處理實際的代幣而執行代額轉移。 圖1的管理裝置3 0係認證(本人認證)希望代額轉 移之利用者是否是接受第1登記及第2登記之本人之後, 管理在各遊戲裝置26之代額轉移。亦即,管理裝置30係 實現管理保有代額數C A的第1系統10,與管理利用使 用代額數C B之各遊戲裝置26的第2系統20之統合。 如圖1所示,管理裝置30係設置於遊藝設施內,連 接第1系統10與第2系統20。具體來說,管理裝置30 係介由專用線路,連接第1系統10的第1伺服器裝置12 ,與第1伺服器裝置12進行通訊。再者,也採用管理裝 置30介由通訊網18,連接於第1伺服器裝置12的構造 。又,管理裝置30係連接於第2系統20的通訊網28, 與第2伺服器裝置22及各遊戲裝置26進行通訊。 如圖5所示,管理裝置30係包含運算處理裝置32與 記憶裝置34與輸入受理部36而構成之電腦系統。運算處 理裝置32係利用記億於記憶裝置34之程式的執行,實現 複數功能(第1認證部321,第2認證部3U,管理部 3 24 )。記憶裝置34係記億運算處理裝置32執行之程式 及各種資料》作爲記憶裝置34,可任意採用半導體記錄 媒體或磁性記錄媒體等之公知的記錄媒體(或複數種記錄 媒體的組合)。 輸入受理部36係受理來自利用者之輸入的要素,包 -28- 201113070 含受理部3 62與產生部3 64與受理部3 6 6與受理部3 68而 構成。受理部3 62係受理利用者所致之識別資訊U ID_IN 的輸入。例如,受理部3 62係與受理部5 60相同,以利用 者操作之複數操作子(鍵盤)所構成。再者,作爲受理部 362,也可採用附觸控面板功能的顯示裝置所顯示之操作 子(鍵盤)。產生部364係產生表示利用者之生物體特徵 的生物體資訊B ID_IN。與代幣處理裝置16的產生部166 相同,作爲產生部3 64而採用檢測出手(手掌及手指)的 靜脈紋路而產生生物體資訊B ID_IN的靜脈感測器。 受理部3 6 6係受理利用者所致之識別資訊P ID_IN的 輸入。與遊戲裝置26的受理部562相同,作爲受理部 3 66,例如可採用將遊戲卡之識別資訊p id作爲識別資訊 P ID —IN來讀取的讀取器。受理部3 6 8係受理利用者所致 之密碼P WD_IN的輸入。例如,受理部3 6 8係與受理部 5 64相同,以利用者操作之複數操作子(鍵盤)所構成。 再者,作爲受理部3 68,也可採用附觸控面板功能的顯示 裝置所顯示之操作子(鍵盤)。 第1認證部321係取得利用輸入至受理部3 62之識別 資訊U ID_IN與產生部3 64所產生之生物體資訊B ID_IN 的認證(以下稱爲「第1認證」)的結果。第〗認證係判 定第1登記之有無的處理。亦即,第1認證係相當於判定 識別資訊U ID_IN與生物體資訊B ID_IN的組合是否儲 存於記憶裝置1 4 (符合識別資訊U ID_IN之識別資訊 U ID與符合生物體資訊b ID_IN之生物體資訊B ID是 -29- 201113070 否在1個記錄R1內建立對應而儲存於記憶裝置1 4 )的處 理。 另一方面,第2認證部3 22係取得利用輸入至受理部 3 66之識別資訊P ID_IN與輸入至受理部3 66之密碼 P WD_IN的認證(以下稱爲「第2認證」)的結果。第 2認證係判定第2登記之有無的處理。亦即,第2認證係 相當於判定識別資訊P ID_IN及密碼P WD_IN的組合是 否儲存於記憶裝置24 (符合識別資訊P ID_IN之識別資 訊P ID與符合密碼P WD_IN之密碼P WD是否在1個記 錄R2內建立對應而儲存於記憶裝置24 )的處理。 管理部3 24係在第1認證及第2認證雙方的結果是肯 定時(亦即,已確認利用者接受第1登記及第2登記時) ,產生已認證資訊A,並記憶於記憶裝置34的所定記憶 區域(以下稱爲「管理記憶部」)3 42。已認證資訊A係 如圖5所示,將輸入至受理部3 62之識別資訊U ID_IN ( U ID )與產生部3 64所產生之生物體資訊B ID_IN ( B ID )建立關聯的記錄(資料列)。對應不同利用者之 複數已認證資訊A依序被產生而儲存於管理記憶部3 42。 記憶於管理記憶部342之已認證資訊A係以所定時 刻的到來作爲契機而被消除。例如,在遊藝設施的開店前 或關店後的所定時刻到來時,管理部3 24係消除記憶於管 理記億部342之複數已認證資訊A (亦即,在最近開店時 所產生之已認證資訊A)。 各遊戲裝置26的照會部62係針對實際在遊戲裝置 -30- 201113070 2 6欲執行遊戲之利用者’確認在管理裝置3 〇之認證(第 1認證及第2認證)是否被肯定。具體來說,照會部6 2 係照會管理裝置30的管理部324,輸入至遊戲裝置26的 受理部5 60之識別資訊U ID_IN是否作爲已認證資訊A 而記憶於管理裝置30的管理記憶部3 42 (亦即,針對將 識別資訊U ID_IN輸入至遊戲裝置26之利用者,第1認 證與第2認證是否已被肯定)。照會部62所致之照會係 在終端側認證部5 24所致之認證的結果是肯定時被執行。 允許部64係在對於管理部3 24之照會的結果是肯定時允 許代額轉移,在照會的結果是否定時禁止代額轉移。 操作部5 8係因應來自利用者的操作而指示代額轉移 的方向(存入/提領)與數量。本實施形態的操作部5 8係 附觸控面板功能的顯示裝置,如圖6 ( B )所示,顯示包 含存入操作部5 82與提領操作部5 84的操作畫面。存入操 作部5 82係因應來自利用者的操作而指示代額的存入(從 使用代額數C B至保有代額數C A的代額轉移)與存入 數N IN。提領操作部584係因應來自利用者的操作而指 示代額的提領(從保有代額數C A至使用代額數C B的 代額轉移)與提領數N OUT。圖1的控制部66係因應來 自操作部5 8的指示而執行代額轉移。操作部5 8所致之操 作的受理與控制部66所致之代額轉移,係在允許部64允 許代額轉移時被執行,在允許部64不允許代額轉移時不 被執行。 -31 - 201113070 < A-2 :第1實施形態的動作> (1 )認證時的動作 接著,說明以上說明之管理系統1 00的動作。來到遊 藝設施之利用者係移動至管理裝置30,接受第1認證及 第2認證。圖7係揭示關於第1認證及第2認證的管理系 統1 00之動作的流程圖。以對於管理裝置3 0之所定操作 作爲契機,開始圖7的處理。 管理裝置30的受理部366受理識別資訊P ID_IN的 輸入(SC10),受理部368受理密碼PWD_IN的輸入 時(S C 1 1 ),第2認證部3 2 2係將包含識別資訊 P ID_IN與密碼P WD_IN的第2認證要求,發送至第2 伺服器裝置22 ( S C 1 2 )。第2伺服器裝置22係接收第 2認證要求(S D 1 0 ),判定第2認證要求內的識別資訊 P ID_IN及密碼P WD_IN是否作爲識別資訊P ID及密碼 P WD而儲存於記憶裝置24 (第2認證)(S D 1 1 )。然 後’第2伺服器裝置22係將第2認證的結果(第2認證 結果)發送至管理裝置30( S D12)。 接收第2認證結果時(S C13 ),第2認證部322係 判定第2認證的結果是否是肯定(S C14),在結果是否 定時,則將第2認證的失敗通知利用者而結束處理(省略 ϋ示)。另一方面,在第2認證的結果是肯定時,則執行 以下處理。 受理部3 62受理識別資訊U ID_IN時(S C15 ),第 1認證部3 2 1係將包含識別資訊U ID IN的預備認證要求 -32- 201113070 ,發送至第1伺服器裝置1 2 ( S C 1 6 )。接收預備認證要 求時(S B20 ),第1伺服器裝置12係判定預備認證要 求內的識別資訊U ID_IN是否作爲識別資訊U ID而儲存 於記憶裝置1 4 ( S B2 1 ),並將預備認證的結果(預備認 證結果)發送至管理裝置30 ( S B22)。從第1伺服器裝 置1 2接收預備認證結果時(S C 1 7 ),第1認證部3 2 1 係判定預備認證的結果是否是肯定(S C 1 8 ),在結果是 否定時,則將預備認證的失敗通知利用者而結束處理。另 一方面,在預備認證的結果是肯定時,則以以下順序執行 第1認證。 產生部364產生生物體資訊B ID_IN時(S C19), 第1認證部3 2 1係將包含在步驟S C 1 5受理之識別資訊 U ID_IN與生物體資訊B ID_IN的第1認證要求,發送 至第1伺服器裝置12( S C20)。再者,也可採用選擇性 適用靜脈紋路的檢測方法及生物體資訊B ID_IN的產生方 法不同之複數動作模式任一的構造。亦即,指定在生物體 資訊B ID的產生時(例如第1登記時)實際被適用之動 作模式的模式資訊與識別資訊U ID及生物體資訊B ID — 起被儲存於記憶裝置1 4,包含模式資訊的預備認證結果 (S B22)從第1伺服器裝置12被發送至管理裝置30。 管理裝置30的產生部3 64係在預備認證結果內的模式資 訊所指定之動作模式中產生生物體資訊B ID_IN。 第1伺服器裝置1 2係接收第1認證要求(S B23 ) ’判定第1認證要求內的識別資訊U ID_IN與生物體資訊 •33- 201113070 B ID_IN是否作爲識別資訊U ID及生物體資訊B ID而 儲存於記億裝置14 (第1認證)(S B24 )。然後’第1 伺服器裝置1 2係將第1認證的結果(第1認證結果)發 送至管理裝置30(SB25)。 接收第1認證結果時(S C21 )’第1認證部3 21係 判定第1認證的結果是否是肯定(S C22 ) ’在結果是否 定時,則將第1認證的失敗通知利用者而結束處理。另一 方面,在第1認證的結果是肯定時’管理部3 24係產生將 在步驟S C15輸入之識別資訊U ID_IN(U ID)與在步 驟S C19產生之生物體資訊B ID_IN ( B ID)建立關聯 的已認證資訊A,並儲存於管理記億部342 ( S C23 )。 如前述般,記憶於管理記憶部342之已認證資訊A係在 所定時刻的到來時被消除。再者,也採用在第1認證的_ 果是肯定,且有保有代額數C A的殘量時,於顯示裝虞 顯示保有代額數C A的殘量之構造。 (2)遊戲時的動作 在以上順序中接受第1認證及第2認證的利用者,係 移動至遊藝設施內之所希望的遊戲裝置26,爲了可進行 保有代額數C A與使用代額數C B之間的代額轉移,使 遊戲裝置26執行圖8及圖9的處理。以對於遊戲裝置26 之所定操作作爲契機,開始圖8的處理。 遊戲裝置26的受理部5 62受理識別資訊P ID_IN的 輸入(S E20 ) ’受理部5 64受理密碼P WD_IN的輸入 -34- 201113070 時(S E21 ) ’終端側認證部524係將包含識別資訊 P ID —IN與密碼P WD_IN的終端側認證要求,發送至第 2伺服器裝置22 ( S E22)。第2伺服器裝置22係接收 終端側認證要求(S D20 ),判定終端側認證要求內的識 別資訊P ID_IN及密碼p WD_IN是否作爲1個記錄R2 的識別資訊P ID及密碼p WD而儲存於記憶裝置24 ( S D2 1 )。然後,第2伺服器裝置22係將終端側認證的 結果(終端側認證結果)發送至遊戲裝置26 ( S D22 ) 〇 接收終端側認證結果時(S E23 ),終端側認證部 5 24係判定終端側認證結果的結果是否是肯定(s E24 ) ’在結果是否定時,則將終端側認證的失敗通知利用者而 結束處理。另一方面,在終端側認證的結果是肯定時,受 理部5 60受理識別資訊U ID_IN的輸入(S E25 )。然後 ’照會部62係將用以照會利用者在管理裝置30之第1認 證及第2認證是否成功的照會要求,發送至管理裝置3 〇 (S E26 )。於照會要求係包含在步驟S E25輸入之識別 資訊U ID —IN。又,在終端側認證的結果是肯定時,遊戲 裝置26從記億裝置24取得遊戲資料D G並適用於遊戲 (省略圖示)。 在接收照會要求時(S C 3 0 ),管理部3 2 4係依序對 照記憶於管理記憶部342之各已認證資訊A的識別資訊 U ID_IN與包含於照會要求的識別資訊U ID_IN ( S C31 ),判定包含照會要求內之識別資訊U ID_IN的已認證資 -35- 201113070 訊A是否記憶於管理記億部342 (亦即,針對輸入識別資 訊U ID_IN至遊戲裝置26之利用者,在管理裝置30之第 1認證及第2認證是否成功)(S C32 )。 在包含識別資訊U ID_IN的已認證資訊A記憶於管 理記憶部342時(S C32 : YES),管理部3 24係將包含 其已認證資訊A內的生物體資訊B ID_IN與本次之識別 資訊U ID_IN的殘量要求(保有代額數C A的確認要求 )發送至第1伺服器裝置12( S C33)。在接收殘量要求 時(S B 3 0 ),第1伺服器裝置1 2係從記憶裝置1 4檢索 對應包含於殘量要求之識別資訊U ID_IN ( U ID )及生物 體資訊B ID_IN ( B ID )的保有代額數C A ( S B3 1 ), 並將包含此保有代額數C A的殘量通知發送至管理裝置 30 ( S B32 )。殘量通知係利用管理部3 24接收(S C34 )。另一方面,包含識別資訊U ID_IN的已認證資訊A 並未記憶於管理記億部342時(S C32 ·· NO ),則不執 行步驟S C33及步驟S C34的處理。 管理部3 24係將照會結果(包含識別資訊U ID_IN的 已認證資訊A是否記憶於管理記憶部3 42 )發送至遊戲裝 置26 ( S C3 5 )。在照會的結果是肯定時(包含識別資訊 U ID_IN的已認證資訊A在步驟S C3 1從管理記憶部3 42 被檢索出時),則使在步驟SC34接收之殘量通知的保有 代額數C A包含於照會結果。 在照會部62接收照會結果時(S E26 ),允許部64 係判定照會結果是否是肯定(S E27 )。在照會結果是肯 -36- 201113070 定時(S E27 : YES ) ’用以開始代額轉移的存入.提領 按鍵(指令按鍵或圖示等的指示子)會顯示於遊戲裝置的 顯示畫面而成爲可操作(有效)狀態(S E30) »另一方 面,在照會結果是否定時(S E27 : NO ),不會顯示存 入•提領按鍵。所以’利用者無法指示代額轉移的開始。 在利用者操作照會結果是肯定時所顯示之存入.提領 按鍵時,允許部6 4係使操作部5 8顯示包含照會結果所包 含之保有代額數C Α的顯示之圖6(A)的操作畫面。在 圖6(A)的操作畫面’在可受理來自利用者的提領指示 之狀態下顯示(有效化)提領操作部5 8 4。另一方面,在 開始遊戲裝置2 6的操作之初始的階段,使用代額數c B 爲〇。所以’如圖6的部份(A )所示,於操作畫面作爲 使用代額數C B而顯示〇,指示從使用代額數c B對於保 有代額數C A的代額轉移之存入操作部5 8 2係被控制爲 無效之狀態(例如非顯示或灰視而不受理來自利用者的操 作之狀態)。 如上所述,提領操作部5 84有效化時,因應對於提領 操作部5 84之來自利用者的操作,執行從保有代額數c a 對於使用代額數CB的代額轉移(提領)。管理裝置30 的管理部3 2 4係在記憶使用代額數c B的貯留部5 4 2與記 憶保有代額數C A的記憶裝置1 4之間,因應從遊戲裝置 26發送之代額轉移的要求(提領要求),仲介從保有代 額數C A對於使用代額數C B的代額轉移。 首先’在提領操作部5 84受理代額之提領的指示與提 -37- 201113070 領數N OUT的指定時(S E3 1 ),控制部66係將包含在 步驟S E20輸入之識別資訊P ID_IN與在步驟S E3 1指 定之提領數N OUT的提領要求發送至管理裝置30 ( S E32)。再者’提領數N OUT的指定方法係爲任意。 例如,可採用利用者作爲提領數N OUT而指定保有代額 數C A之範圍內的任意數量的方法,及利用提領操作部 584的1次操作來指定所定數量(例如100枚)之提領數 N OUT的方法。又,也適合將所定期間(例如1天)內 的提領數N OUT之合計限制於所定値(上限値)的構造 〇 在接收提領要求時(S C40 ),管理裝置30係從管 理記憶部342檢索對於包含於此提領要求的識別資訊 U ID_IN以已認證資訊A而對應之生物體資訊B ID_IN ( S C41 )。然後,管理部324係將包含提領要求所包含之 識別資訊U ID_IN及在步驟S C4 1檢索之生物體資訊 B ID_IN的提領要求,發送至第1伺服器裝置12( S C42)。 在接收提領要求時(S B40),第1伺服器裝置12 係從對應此提領要求內的識別資訊U ID_IN及生物體資訊 B ID_IN而記憶於記憶裝置1 4之保有代額數C A,減去 提領要求的提領數N OUT ( S B41 ),將代表保有代額數 C A的更新之提領通知發送至管理裝置30 ( S B42 )。 管理裝置3 0的管理部3 24係將從第1伺服器裝置1 2接收 之提領通知,發送至遊戲裝置26 ( S C43 )。在接收提領 -38- 201113070 通知時(S E33),遊戲裝置26的控制部66係將在步驟 S E31指定之提領數N OUT,加算至貯留部542的使用 代額數C B ( S E34 )。 藉由以上說明之代額的提領及在遊戲中的獲得而還有 使用代額數C B的殘數時,利用者操作存入•提領按鍵的 話’允許部64係如圖6 ( B )所示,將現階段的保有代額 數C A與使用代額數C B顯示於操作畫面,在可受理來 自利用者之代額轉移的指定之狀態下,使操作部5 8顯示 (有效化)存入操作部5 82及提領操作部5 84雙方。再者 ,在沒有保有代額數C A的殘數時,如圖6 ( C )所示, 作爲保有代額數C A而顯示〇之同時,提領操作部584 係被控制爲無效之狀態(例如非顯示或灰視而不受理來自 利用者的操作之狀態)。 如上所述,存入操作部5 82有效化時,因應對於存入 操作部5 82之來自利用者的指示,執行從使用代額數C B 對於保有代額數C A的代額轉移(存入)。管理裝置30 的管理部3 24係與代額的提領時相同,在記億使用代額數 C B的貯留部5 42與記憶保有代額數C A的記憶裝置1 4 之間,因應從遊戲裝置26發送之代額轉移的要求(存入 要求),仲介從使用代額數CB對於保有代額數CA的 代額轉移。 首先,在存入操作部582受理代額之存入的指示與存 入數N IN的指定時(S E35 ),控制部66係將包含在步 驟S EM輸入之識別資訊U ID_IN與在步驟S E35指定 -39- 201113070 之存入數N IN的存入要求發送至管理裝置3〇( s E3 6) 。再者’存入數N IN的指定方法係爲任意。例如,可採 用利用者作爲存入數N IN而指定使用代額數C B之範圍 內的任意數量的方法,及利用存入操作部5 82的1次操作 來指定所定數量(例如100枚)之存入數N IN的方法。 在接收存入要求時(S C44),管理裝置30的管理 部3 24係與步驟S C41及步驟S C42相同,由管理記憶 部3 42檢索對應包含於存入要求之識別資訊U ID_IN的生 物體資訊B ID_IN ( S C45 ),並使存入要求包含識別資 訊U ID_IN及存入數N IN而發送至第1伺服器裝置12( S C46)。 在接收提領要求時(S B43 ),第1伺服器裝置12 係將存入要求的存入數N IN加算至對應此存入要求內的 識別資訊U ID_IN及生物體資訊B ID_IN而記億於記憶 裝置14之保有代額數C A ( S B44),將代表保有代額 數C A的更新之存入通知發送至管理裝置30( S B45) 。存入通知係介由管理裝置30的管理部324而被傳送至 遊戲裝置26( S C47)。在接收存入通知時(S E37), 遊戲裝置26的控制部66係從貯留部542的使用代額數 C B,減去在步驟S E35指定之存入數N IN(S E38)。 在使用代額數C B的全數量轉移至保有代額數C A時, 使用代額數C B則成爲〇。利用將使用代額數C B設定爲 0,利用者係從受理部562 (讀取器)使遊戲卡排出而使 遊戲結束。 -40- 201113070 如以上說明’於本實施形態中,因應被輸入至遊戲裝 置26的識別資訊U ID_IN是否作爲已認證資訊a而記憶 於管理裝置30的管理記億部3 42,決定代額轉移的可否 。亦即’不需要在遊戲裝置2 6的第1認證(生物體認證 )。所以’不需要將產生生物體資訊B ID的機器(例如 靜脈感測器)個別設置於複數遊戲裝置2 6。另一方面, 對於爲了利用對於遊戲裝置26的操作而讓代額轉移被允 許來說(對於爲了使識別資訊U ID_IN作爲已認證資訊a 而記億於管理記憶部3 4 2 )’因爲利用者必須在管理裝置 3 〇接受第1認證(生物體認證),儘管是不需要在遊戲 裝置26的第1認證之構造’也可充分確保代額管理的安 全性。亦即,依據本實施形態,可使代額管理之安全性的 確保與認證所需之構造及手續的簡潔化兩立。 又’本實施形態之已認證資訊A係除了識別資訊 U ID_IN之外,也包含生物體資訊B ID_IN,故可使從管 理裝置30發送至第1伺服器裝置12之要求(圖9的步驟 S C42之提領要求及步驟S C46之存入要求)包含識別 資訊U ID_IN與生物體資訊B ID —IN。另一方面,因爲對 於在代幣處理裝置1 6之代幣的支付及存入需要生物體認 證’故於從代幣處理裝置16發送至第1伺服器裝置12之 要求(圖3的步驟S A16之提領要求及步驟S A19之存 入要求)也包含識別資訊U ID_IN與生物體資訊b ID_IN 。亦即’因爲來自管理裝置30的要求及來自代幣處理裝 置16的要求任一皆包含識別資訊u ID_IN與生物體資訊 -41 - 201113070 B I D_IN,故針對來自管理裝置30的要求與來自代幣處 理裝置16的要求,可使在第1伺服器裝置12的處理共通 化。所以,例如有可不改變第1伺服器裝置1 2的處理, 而將管理裝置30導入第1系統1〇存在的環境(可統合第 2系統20)之優點。尤其,在管理裝置30介由通訊網18 而連接於第1伺服器裝置12的構造,第1伺服器裝置12 係可等價處理管理裝置30與代幣處理裝置16。 < B :第2實施形態〉 接著,針對本發明的第2實施形態加以說明。再者, 於以下例示之各樣態中針對作用或功能與第1實施形態相 同之要素,附加與以上相同之符號而適切省略個別詳細說 明。 圖1 〇係第2實施形態之已認證資訊A的模式圖。如 圖1 〇所示,已認證資訊A係除了識別資訊u ID_IN與生 物體資訊B ID_IN之外,也包含認證時刻T A而構成。 認證時刻T A係指定第1認證及第2認證結束之時刻( 產生已認證資訊A的時刻)的資訊。 圖1 1係管理裝置3 0的動作之一部份(圖7的步驟 S C20之後的部份)的流程圖。如圖1 1所示,從第1伺 服器裝置1 2在S C2 1步驟接收之第1認證結果是肯定時 (S C22 : YES ),管理裝置30的管理部324係從計算 時刻之計時電路(省略圖示)取得現在時間點的時刻(認 證時刻)T A ( S C24 )。管理部3 24係產生使在步驟 -42- 201113070 S C24取得之認證時刻Τ A對應識別資訊U ID_IN和生 物體資訊B ID_IN的已認證資訊A,並儲存於管理記億部 342 ( S C25 )。 管理部3 24係從管理記憶部342消除記憶於管理記憶 部3 42之複數已認證資訊A中從認證時刻Τ A經過所定 時間T 0的已認證資訊A。亦即,相對於在第1實施形態 中將管理記憶部342之所有已認證資訊A於所定時刻一 起消除,於第2實施形態中,係依每一已認證資訊A設 定以認證時刻Τ A作爲起始點而涵蓋時間T 0的有效期 限,以有效期限的期滿作爲契機來個別消除各已認證資訊 A。再者,有效期限的時間T 0係可依每一已認證資訊A 設定爲可變。 在以所定時刻的到來作爲契機而消除各已認證資訊A 的第1實施形態,因爲管理裝置3 0所致之第1認證及第 2認證的時刻越早則到已認證資訊A的消除爲止之時間越 長,例如會提升遺失遊戲卡而被他人利用之可能性(亦即 ,難以確保代額管理的安全性)。另一方面,在第2實施 形態,因爲從認證時刻Τ A開始,所定時間T 0作爲有 效期限而依每一已認證資訊A個別設定,故有無關於認 證時刻Τ A的先後,皆可充分確保代額管理的安全性之 優點。當然,依據在所定時刻消除已認證資訊A之第1 實施形態,因爲不需要每一已認證資訊A之有效期限的 管理’故有管理部3 2 4所致之處理的負荷相較於第2實施 形態較爲減輕之優點。又,於第1實施形態中不需要使已 -43- 201113070 認證資訊A包含認證時刻T A,故也有可減少已認證資訊 A的資料量(進而可減少管理記憶部342所需之容量)之 優點。 再者,依每一已認證資訊A以有效期限的期滿作爲 契機來消除已認證資訊A的方法並不限定於以上例示。 例如,也可採用在第1認證及第2認證的結束後,使已認 證資訊A包含所定計數値T B而儲存於管理記憶部342 之同時,依序使計數値T B減少,從管理記憶部3 42消除 計數値T B到達所定下限値(例如〇 )之已認證資訊A的 構造。依據以上構造,有可因應計數値T B,依每一已認 證資訊A個別設定已認證資訊A的有效期限之優點。 < C :第3實施形態> 圖12係管理裝置30及第1伺服器裝置12的動作之 一部份(圖7的步驟S C20之後的部份)的流程圖。如圖 12所示,因應來自管理裝置30的第1認證要求(S C20 ,S B23 )而執行第1認證時(S B24 ),第1伺服器裝 置12係產生特定資訊a (S B26)。特定資訊α係依每 一第1認證個別設定之符號。作爲特定資訊α,例如可適 切採用每一第1認證而變化之一次性密碼。第1伺服器裝 置1 2係將對應第1認證要求內之識別資訊U ID_IN的保 有代額數C A與特定資訊α建立對應並加以記憶(s B2 7 )。進而,第1伺服器裝置1 2係將使特定資訊α包含第 1認證結果並發送至管理裝置30( S Β28)。 -44 - 201113070 從第1伺服器裝置1 2在步驟S C2 1接收之第1認證 結果是肯定時(S C22 : YES ),管理裝置30的管理部 3 24係如圖1 3所示,產生將包含於第1認證結果之特定 資訊α與識別資訊U ID_IN建立關聯的已認證資訊A並 儲存於管理記憶部342 ( S C26 )。亦即,已認證資訊A 並不包含生物體資訊B ID_IN。 從遊戲裝置26指示代額轉移時,管理裝置30的管理 部3 24係使提領要求及存入要求包含特定資訊α,來代替 在第1實施形態的生物體資訊B ID_IN,並發送至第1伺 服器裝置1 2。例如,被指示代額的提領時,管理部324 係從管理記憶部342檢索對應在圖8的步驟S E25輸入之 識別資訊U ID_IN的特定資訊α (圖9的步驟S C41), 並將包含識別資訊U ID_IN與特定資訊α與提領數 N OUT的提領要求,發送至第1伺服器裝置12 ( S C42 )。第1伺服器裝置1 2係從記憶裝置1 4檢索對應包含於 提領要求之識別資訊U ID_ IN及特定資訊α之組合的保有 代額數C Α,並減去提領數N OUT ( S Β41 )。 被指示代額的存入時也相同,管理部3 24係從管理記 憶部342檢索對應在圖8的步驟S E25輸入之識別資訊 U ID_IN的特定資訊α (圖9的步驟S C45 ),並使識別 資訊U ID_IN及存入數N IN —起包含於存入要求而發送 至第1伺服器裝置12 ( S C46)。第1伺服器裝置12係 將對應包含於存入要求之識別資訊U ID_IN及特定資訊α 之組合的保有代額數C A,加算至存入數N IN ( S Β44 ) -45- 201113070 於以上構造中,因爲代額轉移時在管理裝置30與第 1伺服器裝置12之間不收授生物體資訊B ID_IN,故有可 減低身爲利用者之個人資訊的生物體資訊B ID_IN之流出 的危險性之優點。又,生物體資訊B ID_IN係例如相較於 特定資訊α,有資料量易於增大的傾向。於第3實施形態 中,因爲已認證資訊Α包含特定資訊α來代替生物體資 訊B ID_IN,故相較於第1實施形態,有可減少已認證資 訊A的資料量(進而可減少管理記憶部342所需之容量 )之優點。當然,也採用使已認證資訊A包含生物體資 訊B ID_IN及特定資訊α雙方的構造。再者,也可將以有 效期限的期滿作爲契機而消除已認證資訊Α之第2實施 形態的構造,適用於第3實施形態。 < D :第4實施形態> 圖1 4係關於本發明的第4實施形態的管理系統1 0 1 之管理裝置30及遊戲裝置26的區塊圖。相對於在第1實 施形態,產生使識別資訊U ID_IN與生物體資訊B ID_IN 對應的已認證資訊A,在第4實施形態,產生代替識別資 訊U ID_IN而使識別資訊X ID對應生物體資訊B ID_IN 的已認證資訊A。識別資訊X ID係每一第1登記(亦即 ,記憶裝置1 4的每一記錄R 1 )被固有賦予的符號。例如 與第3實施形態的特定資訊α相同,作爲識別資訊X ID ,適合採用設定爲可變之一次性密碼。 -46 - 201113070 如圖1 4所示,第4實施形態的管理系統1 〇 1之管理 裝置30係除了第1實施形態的要素之外,具備取得部72 及通知部74。取得部72係取得第1伺服器裝置1 2所產 生之識別資訊X ID。通知部74係對於接受管理裝置3 0 所致之認證的利用者,通知取得部72所取得之識別資訊 X ID。作爲通知部74,例如可採用顯示識別資訊X ID之 顯示機器或印刷識別資訊X ID的印刷機器又或以聲音輸 出識別資訊X ID的放音機器。再者,通知利用者之識別 資訊X I D的形態係爲任意。例如,除了將表示識別資訊 X I D的文字列通知利用者的方法之外,也可採用以可光 學讀取之圖表(例如條碼或QR碼(註冊商標))的形態 ,將識別資訊X ID通知給利用者的方法。 圖1 5係管理裝置3 0所致之認證時的動作的流程圖。 利用從管理裝置3 0接收之第1認證要求而執行第1認證 時(S B23,S B24 ),第1伺服器裝置12係判定第1 認證的結果是否是肯定(S B60 )。在第1認證的結果是 肯定時,第1伺服器裝置1 2係產生識別資訊X ID ( S B61 )。進而,第1伺服器裝置12係如圖16所示’對 於記億於記憶裝置1 4之複數識別資訊U ID中合致於第1 認證要求內的識別資訊U ID_IN的識別資訊U ID ’使其 對應識別資訊X ID並加以記憶(S B62 )。亦即’識別 資訊X ID與保有代額數C A建立對應。然後,第1伺服 器裝置1 2係將包含在步驟S B 6 1產生之識別資訊X 的第1認證結果發送至管理裝置30 ( S B63 )。另一方面 -47- 201113070 ,在第1認證的結果是否定時(S B60 ·· NO ) ’第1伺 服器裝置1 2係不執行識別資訊X ID的產生及記憶( S B61,S B62 ),將表示第1認證之失敗的第1認證結 果發送至管理裝置3〇 ( S B63 )。 接收第1認證結果時(S C21 ),管理部3 24係判定 第1認證的結果是否是肯定(S C 2 2 ),在結果是否定時 ,則將第1認證的失敗通知利用者而結束處理。另一方面 ,在第1認證的結果是肯定時(S C22 : YES ),通知部 74將取得部72根據第1認證結果而取得之識別資訊X ID ,通知利用者(S C2 7 )。利用者係利用通知部74所致 之通知而得知識別資訊X ID。管理部3 24係產生使取得 部72取得之識別資訊X ID與在步驟S C19中產生部364 所產生之生物體資訊B ID_IN對應的已認證資訊A,並儲 存於管理記憶部342 ( S C28 )。 以以上順序而管理裝置3 0所致之認證結束時,利用 識別資訊X ID來執行圖8及圖9的處理,代替第1實施 形態的識別資訊U ID。移動至遊藝設施內的所希望之遊 戲裝置26的利用者,係輸入識別資訊p ID_IN及密碼 P WD_IN而接受終端側認證(S E20〜S E24,S D20〜 S D22 )’以在管理裝置30之認證時從通知部74通知之 識別資訊X ID作爲識別資訊X ID_IN,輸入至受理部560 (S E25 )。照會部62係將包含識別資訊X :m_lN的照 會要求發送至管理裝置30( S E2 6)。管理裝置3〇的管 理部3 2 4係將判定包含合致於識別資訊X I d _ I n之識別資 -48- 201113070 訊X ID的已認證資訊A是否被儲存於管理記憶部3 4 2之 判定的結果(照會結果)(S C3 1,S C32 )之同時,將 判定的結果發送至遊戲裝置26 ( S C3 5 )。 在照會的結果是肯定時,遊戲裝置26的控制部66係 因應對於操作部58的操作,產生包含識別資訊X id_IN 與代額之轉移數N (提領數N OUT或存入數n IN )的轉 移要求(圖9之步驟S E32的提領要求或步驟s E3 6的 存入要求)’並發送至管理裝置30。管理裝置30的管理 部324係將包含識別資訊X ID_IN ( X ID)及轉移數N與 在已認證資訊A對應該當識別資訊X ID_[n之生物體資 訊B ID_IN的轉移要求(步驟S C42的提領要求及步驟 S C46的存入要求),發送至第1伺服器裝置12»第1 伺服器裝置12係因應轉移數N而更新對應轉移要求內之 識別資訊X ID_IN及生物體資訊B ID_IN而記憶於記憶 裝置14的保有代額數C A( S B41,S B44)。 其他的動作係與第1實施形態相同。於第4實施形態 中也可實現與第1實施形態相同的效果。再者,也可於第 4實施形態採用將以有效期限的期滿作爲契機而消除已認 證資訊A之第2實施形態的構造,及利用特定資訊α來 代替生物體資訊B ID_IN的第3實施形態的構造。 < E :變形例> 以上各形態也可多樣變形。以下例示具體的變形樣態 。從以下例示任意選擇之2以上的樣態也可適切合倂。 -49- 201113070 (1 )變形例1 於以上各形態中’雖然使已認證資訊A包含產生部 364所產生之生物體資訊B ID_IN,但是,也可採用管理 部3 24從第1伺服器裝置1 2取得記憶於記憶裝置1 4之生 物體資訊B ID而使其包含於已認證資訊a的構造。再者 ’對於爲了用以針對將識別資訊U ID_IN輸入至遊戲裝置 26之利用者’判定在管理裝置30之認證是否結束來說, 只要第1認證成功之識別資訊U ID_IN作爲已認證資訊A 而記憶於管理記億部3 4 2即可。所以,已認證資訊a包 含生物體資訊B ID_IN的構造(第1實施形態)及已認證 資訊A包含特定資訊〇:的構造(第3.實施形態)可適切 省略:亦即’已認證資訊A係作爲包含第1認證被肯定 時的識別資訊U ID_IN的資料而總結,不問生物體資訊 B ID_IN及特定資訊α等其他資訊的有無。 (2 )變形例2 於以上各形態中作爲受理部3 62已例示利用者操作之 複數操作子(鍵盤)’但是,受理識別資訊U ID_IN的輸 入之方法可爲任意。作爲受理部3 62,例如可採用作爲識 別資訊U ID_IN而讀取記憶於可搬型記錄媒體(例如管理 卡或行動通訊終端)之識別資訊U ID的讀取器(例如以 非接觸來讀取識別資訊U ID的非接觸型讀取器)、光學 。賣取被印刷於讀取面之識別資訊U ID _ IN的讀取器、根據 -50- 201113070 利用者發出之聲音來辨識識別資訊U ID_IN的聲音 置等’受理識別資訊U ID_IN的輸入之各種要素。 理識別資訊U ID_IN及識別資訊X id_IN的輸入之 部5 60、受理識別資訊p id_IN之輸入的受理部( 5 62 ) ’進而受理密碼p WD_IN的輸入之受理部( 564)也相同’可採用針對受理部362而例示之各| (操作子、非接觸型讀取器、光學讀取器、聲音辨 (3 )變形例3 於以上各形態中,第1認證部321執行第1認 的發送(圖7的步驟S C20 )與第1認證結果的接 驟S C21 ),第1伺服器裝置12執行第1認證(沒 S B24 ) ’但是,也可採用第1認證部321執行第 的構造。例如,第1認證部3 21從第1伺服器裝置 得對應被輸入至受理部3 62之識別資訊U ID_IN的 資訊B ID。第1認證部3 2 1係對照從第1伺服器裝 取得之生物體資訊B ID與產生部364所產生之生f 訊B ID_IN (第1認證),在對照的結果是肯定時 已認證資訊A。由以上說明可知,第1認證部3 2 1 取得利用識別資訊U ID_IN與生物體資訊B ID_IN 認證的結果之要素而總結,不問執行第1認證的場 如是否利用管理裝置3 0及第1伺服器裝置1 2任一 1認證)。針對利用識別資訊P ID_IN之第2認證 辨識裝 關於受 .受理 366, 3 6 8, 重要素 識裝置 證要求 收(步 ?驟 1認證 12取 生物體 ,置12 勿體資 則產生 係作爲 之第1 所(例 執行第 也相同 -51 - 201113070 ,也可採用第2認證部322將從第2伺服器裝置22取得 之識別資訊P ID及密碼P WD對照識別資訊P ID_IN及 密碼P WD_IN (第2認證)的構造。相同地,遊戲裝置 26的終端側認證部524可執行終端側認證。 又,在以上各形態,於管理裝置3 0的第2認證部 3 22所致之第2認證,利用識別資訊P ID_IN及密碼 P WD_IN雙方,但是,針對第2認證可省略密碼 P WD_IN的利用。亦即,在圖7的步驟S C12中第2認 證部3 22將包含識別資訊P ID_IN的第2認證要求(不包 含密碼P WD_IN)發送至第2伺服器裝置22,在步驟 S D 11中第2伺服器裝置22判定以第2認證要求指定之 識別資訊P ID_IN是否儲存於記憶裝置24 (第2認證) 。由以上說明可知,第2認證部3 22係作爲取得利用識別 資訊P ID_IN之第2認證的結果之要素(不問第2認證的 主體及密碼P WD_IN的利用之有無)而總結。相同地, 針對遊戲裝置26之終端側認證,可省略密碼P WD_IN的 利用。所以,終端側認證部5 24係作爲取得利用識別資訊 P ID之終端側認證的結果之要素(不問終端側認證的結 果及密碼P WD JN的利用之有無)而總結。 當然,管理裝置30之第2認證及遊戲裝置26之終端 側認證於本發明中並不必要。亦即,可省略在管理裝置 30之第2認證(S C10〜S C14,S D10〜S D12)及在 遊戲裝置2 6之終端側認證(S E 2 0〜S E 2 4,S D 2 0〜 S D22)。 -52- 201113070 (4 )變形例4 於第1實施形態中以所定時刻的到來作爲條件而消除 已認證資訊A,於第2實施形態中以有效期限的期滿作爲 條件而消除已認證資訊A,但是,消除已認證資訊A的條 件(契機)可適切變更。例如,也可採用以管理裝置3 0 的啓動或停止作爲契機(例如在啓動之後或停止之前)而 消除管理記憶部342之已認證資訊A的構造,或以對於 管理裝置3 0的所定操作(例如遊藝設施的店員所致之消 除按鍵的操作)作爲契機而消除已認證資訊A的構造。 又,於以上各形態中消除已認證資訊A,但是,使已 認證資訊A無效化的方法(遷移至管理部324無法參照 之狀態的方法)可適切變更。例如,將表示有效/無效的 資訊(以下稱爲「狀態旗標」)附加至已認證資訊A的 構造也合適。管理部3 2 4係在第1認證及第2認證結束時 將狀態旗標設定爲有效,以所定條件的成立(例如所定時 刻的到來或有效期限的期滿)作爲契機而將狀態旗標設定 爲無效。但是’如以上各形態般,依據消除已認證資訊A 的構造’因爲不需要每一已認證資訊A之狀態旗標的管 理,故有可減輕管理部324的負荷之優點。 由以上說明可知’管理部3 24係作爲以所定條件的成 立(例如所定時刻的到來或有效期限的期滿)作爲契機而 使已認證資訊A無效(例如消除已認證資訊a或將狀態 旗標設定爲無效)的要素而總結。當然,對於代額管理之 安全性的確保與認證所需之構造及手續的簡潔化兩立之所 -53- 201113070 期望的課題之解決來說’已認證資訊A的無效化並不是 必須要件。 (5 )變形例5 於第4實施形態中產生識別資訊X id的要素係不限 定於第1伺服器裝置12。例如,也可採用管理裝置3〇的 取得部72產生識別資訊X ID的構造。取得部72所產生 之識別資訊X ID係被通知第丨伺服器裝置1 2,與對應在 步驟S C15輸入之識別資訊U ID_IN的保有代額數C A 建立對應並記憶於記憶裝置1 4 » (6 )變形例6 在以上各形態,已例示在管理裝置40的認證時受理 部3 66受理識別資訊P ID_IN的輸入(讀取器所致之讀取 )之構造,但是,也可採用利用者指示在第2登記中事先 賦予利用者之識別資訊P ID的有效/無效之構造。例如, 識別資訊P ID (單數或複數)在第2登記時與識別資訊 U ID建立對應’爲了在管理裝置40的第1認證而輸入識 別資訊U ID_IN ( U ID )時,針對對應其識別資訊 U ID_IN的各識別資訊P ID,從利用者指示有效/無效。 識別資訊P ID的有效化相當於以上各形態之識別資訊 P ID_IN的輸入。亦即,本案之「識別資訊的受理」係除 了識別資訊的輸入(例如讀取或手輸入)之外,也包含利 用者有效化(選擇)事先登記之識別資訊的操作之槪念。 -54 - 201113070 (7 )變形例7 在以上各形態,將記憶於遊戲卡之識別資訊p ID ( P I D_IN )使用於管理系統loo內的各處理,但是,也可 採用將與識別資訊P ID_IN ( P ID )建立對應之其他識別 資訊(以下稱爲「參照用識別資訊」)R ID ( reference ID ) ’代替識別資訊P ID_IN (PID),使用於管理系 統100內的各處理之構造。具體來說,伺服器裝置(以下 稱爲「ID管理伺服器裝置」)將賦予利用者之參照用識 別資訊R ID與遊戲卡的識別資訊p id建立對應並加以管 理’於在管理裝置40及遊戲裝置26的處理,適用因應從 利用者受理之識別資訊P ID_IN,而ID管理伺服器裝置 所特定之參照用識別資訊R ID,來代替在前述各形態之 識別資訊P ID — IN (PID)。再者,也可採用作爲id管 理伺服器裝置兼用第2伺服器裝置22的構造,或使id管 理伺服器裝置獨立於第2伺服器裝置22而設置的構造。 管理裝置40的第2認證部322係從ID管理伺服器裝 置取得對應受理部3 6 6所受理之識別資訊p丨D j n的參照 用識別資訊R I D ’取得利用參照用識別資訊r I d與密碼 P WD_IN之第2認證的結果。另—方面,遊戲裝置26的 終端側認證部5 2 4係從ID管理伺服器裝置取得對應受理 部5 6 2所受理之識別資訊p ID _ I n的參照用識別資訊 R ID ’取得利用參照用識別資訊r I d之終端側認證的結 果。依據以上構造,例如即使利用者遺失遊戲卡之狀況, -55- 201113070 利用將新發派之遊戲卡與參照用識別資訊R ID建立對應 ’可利用新遊戲卡的識別資訊p ID來特定對應利用者所 遺失之遊戲卡的遊戲資料。 由以上例示可知’本發明的「第2識別資訊」係除了 從利用者直接受理之識別資訊(p ID_IN)之外,也包含 對應從利用者受理之識別資訊(P 1D_IN )而被管理之其 他識別資訊(R ID )的槪念。所以,從利用者受理識別 資訊P ID — IN的受理部3 66及從ID管理伺服器裝置取得 對應識別資訊P ID_IN的參照用識別資訊r id之管理裝 置40的要素(第2認證部3 22 ),係作爲取得本發明的 第2識別資訊(p iD_IN,R ID )之要素(取得部)而總 結。又,於遊戲裝置2 6中也相同,從利用者受理識別資 訊P ID — IN的受理部5 62及從id管理伺服器裝置取得對 應識別資訊P ID — IN的參照用識別資訊r ID之要素(終 端側認證部524 ),係作爲取得第2識別資訊(p ID_IN ’ R ID )之要素(終端側取得部)而總結。 (8 )變形例8 生物體資訊B ID ( B ID_IN )係不限定於靜脈紋路。 作爲生物體資訊B ID ( B ID_IN ),例如可任意採用指紋 或虹膜或聲音(聲紋)等利用者固有之特徵量。 【圖式簡單說明】 [圖1 ]揭示關於本發明的第1實施形態之管理系統的 -56- 201113070 區塊圖。 [圖2]第1系統的記憶裝置所記憶之資料的模式圖。 [圖3]用以進行代幣的支付及存入之動作的流程圖。 [圖4]第2系統的記憶裝置所記憶之資料的模式圖。 [圖5]管理裝置及遊戲裝置的區塊圖。 [圖6]代額轉移所使用之操作畫面的模式圖。 [圖7]第1認證及第2認證之動作的流程圖。 [圖8]遊戲時之動作的流程圖。 [圖9]遊戲時之動作的流程圖。 [圖1 0]第2實施形態之已認證資訊的模式圖。 [圖1 1 ]第2實施形態之動作的流程圖。 [圖12]第3實施形態之動作的流程圖。 [圖1 3 ]第3實施形態之已認證資訊的模式圖。 [圖14]第4實施形態之管理裝置及遊戲裝置的區塊圖 〇 [圖15]第4實施形態之第1認證及第2認證之動作的 流程圖。 [圖1 6 ]第4實施形態之第1系統的記億裝置所記懷之 資料的模式圖。 【主要元件符號說明】 1()〇:管理系統 10 :第1系統 12 :第1伺服器裝置 -57- 201113070 1 4 :記憶裝置 1 6 :代幣處理裝置 2 0 :第2系統 22 :第2伺服器裝置 24 :記憶裝置 26 :遊戲裝置 30 :管理裝置 32,52:運算處理裝置 3 21 :第1認證部 3 2 2 :第2認證部 3 2 4 :管理部 34,54 :記憶裝置 342 :管理記憶部 3 6 :輸入受理部 542 :貯留部 5 6 :輸入受理部 5 8 :操作部 5 8 2 :存入操作部 5 84 :提領操作部 5 22 :遊戲處理部 524 :終端側認證部 62 :照會部 64 :允許部 66 :控制部 -58-The accepting unit 1 64 accepts the identification information U I D_ input by the user. As the accepting unit 1 64, for example, a known extractor that is stored in the management identification information U ID as the identification information U ID_IN can be used. The identification resource U ID_IN input by the user who normally receives the first registration is consistent with the identification information U generation unit 1 66 stored in the memory device 14 to generate the § information B ID_IN indicating the biometric characteristics of the user. As the generating unit 1 66, for example, a well-known vein sensor that generates a biological resource B ID_IN can be generated by detecting the vein pattern of the hand (palm and finger) of the person. Formal acceptance of the third registration; ^ The biological information B ID_IN is consistent with the life of the billion device 14 information B ID. Fig. 3 is a flow chart showing the operation of depositing and supporting the tokens of the token processing device 16. The processing of Fig. 3 is started with the assumption of the token processing device i6. It is desirable that the user who deposits or pays the token of the token processing device 16 enters the identification information U ID_ into the accepting unit 164 (S A10 ), and causes the generating unit 1 66 product body information B ID_IN (S A1 1 ). The control unit 162 is a read ID of a card including the umbilical entry and the [partial execution] stored in the _IN. i object uses 1 to use the phase manipulation operation of the object _IN. The input information U ID_IN and the identification information of the biological information B ID_IN are sent to the first server device 1 2 ( SA 1 2 ). When the authentication request is received (S B10), the first server device 12 executes authentication (biological authentication) (S b 1 1 ) using the identification information U I D_IN and the biometric information B ID_IN included in the authentication request. Specifically, the first server device 1 2 determines whether the combination of the identification information U ID_IN and the biometric information B ID_IN is stored in the memory device 14 (the identification information U ID and the biometric information B ID_IN conforming to the identification information U ID_IN) Whether the biometric information B ID is associated with one record R1 is stored in the memory device 1 4). The first server device 1 2 transmits the authentication result to the token processing device 16 (S B 1 2 ). The control unit 1 6 2 of the token processing device 16 receives the authentication result (S A 1 3 ). The control unit 162 terminates the processing when the authentication result is negative, notifies the user of the failure of the authentication, and allows the payment and deposit of the token when the authentication result is affirmative (S A 1 4.: YES ). For example, when the user specifies the desired number of pieces (hereinafter referred to as "the number of withdrawals") N OUT and requests payment of the token (SA 1 5 ), the control unit 1 62 will include the identification information U ID_IN and the biological information. The request for the removal of the B ID_IN and the number of pulls N OUT is sent to the first server device 12 (S A16). When receiving the request for withdrawal (SB 1 3), the first server device 1 2 subtracts the number of withdrawals N OUT (SB14) from the number of retained credits CA stored in the memory device 14 from the corresponding identification information U ID_IN. A notification of the withdrawal of the update on behalf of the retained share number CA is sent to the token processing device 1 6 (SB 1 5 ). The control unit 1 62 that receives the offer notification pays a token (S A17 ) equivalent to the number of withdrawals N -11 - 201113070 from the payout machine. On the other hand, when the user inputs the token to the input port (not shown) of the token processing device 16 to instruct the deposit of the token, the counter (not shown) calculates the token that is put into the input port. The number of pieces (hereinafter referred to as "storage number") N IN (S A1 8 ). The control unit 1 62 transmits the storage request including the identification information U ID_IN and the biometric information B ID_IN and the deposit number N IN to the first server device 12 (S A19). The first server device 12 (S B16) that receives the deposit request adds the stored number n IN to the corresponding identification information U ID_IN and stores the retained credit CA (SB17) in the memory device 14 to represent the retained number of shares. The deposit notification of the end of the update of the CA is sent to the token processing device 16 (SB 18). The control unit 162 receives the deposit notification (S A20 ). The order of payment and deposit using the token of the first system 1 is as described above. The second system 20 of Fig. 1 is a system for a user to execute a game, and includes a second server device 22, a memory device 24, and a plurality of game devices 26. The plurality of game devices 26 are comprised of two upstream devices 26 that provide different games. The second server device 22 and each of the game devices 26 communicate with each other via the communication network 28. The communication network 2 8 is the same as the communication network 18, for example, a LAN built in a game facility. However, a portion of the second system 20 can be placed outside of the amusement facility. A portion of the communication system 28 that is disposed outside of the amusement facility in part of the second system 20 is implemented, for example, by a WAN or VPN using the Internet. The communication path inside the communication network 18 and the communication network 28 is a communication device such as a gateway and a router. -24- 201113070 The user who wants to use the second system 20 (each game device 26) can accept registration in advance (hereinafter referred to as "second registration"). The identification information P ID (player ID) is given to the user who accepts the second registration. The identification information P ID is, for example, a portable recording medium (hereinafter referred to as a "game card") that is stored in a 1C card or the like that is distributed to the user. The Billion Device 24 records the database of R2 for each second registration setting. As shown in FIG. 4, each record R2 includes identification information P ID (recognition information p id memorized in a regular game card) and password P WD of the user who receives the second registration, and game data of the user (archive data) ) DG is composed. The game material D G is composed of various pieces of information related to the game such as the state of the game performed by the user in the past. Further, a configuration in which the game material D G is stored in a memory device different from the memory device 24 of the memory identification information p id and the password P WD is also employed. The second server device 2 2 performs management (reading and writing) of the data stored in the memory device 24. Further, the second server device 22 and the memory device 24, which are illustrated as elements of the individual object in Fig. 1, may be configured as an integrated device. FIG. 5 is a block diagram of the management device 30 and the game device 26. In Fig. 5, only one representative device is not included in the game device 26. However, the other game devices 26 have the same configuration. Further, the communication network 28 interposed between the management device 3 and each game device 26 is omitted in FIG. The game device 26 includes a computer system including a calculation processing device (cpu) 52, a memory device 54, and an input receiving unit 56 and an operation unit 58. The arithmetic processing unit 5 2 realizes the plural function by using the program stored in the program of the memory device 5 - 201113070 (the game processing unit 522, the terminal side authentication unit 524 'the illuminating unit 62, the permission unit 64, and the control unit 66) The input accepting unit 56 accepts elements input from the user, and includes an accepting unit 560, a receiving unit 562, and an accepting unit 564. The accepting unit 5 60 accepts the input of the identification information u id_IN by the user. For example, the 'receiving unit 560' is constructed by a plurality of operators (keyboards) operated by the user. Further, as the accepting unit 560, an operator (keyboard) displayed by a display device with a touch panel function can be used. The accepting unit 5 62 accepts the input of the identification information P ID_IN by the user. The receiving unit 5 60 is similar to the receiving unit 5 60. For example, a known reader that reads the identification information P ID stored in the game card as the identification information P ID_IN can be used. The accepting unit 5 64 accepts the input of the password P WD_IN by the user. For example, the receiving unit 5 64 is configured by a plurality of operators (keyboards) operated by the user. Further, as the accepting unit 564, an operator (keyboard) displayed by the display device with a touch panel function may be used. The user who wants to execute the game data DG is required to receive the identification information P ID_IN and the password. Terminal side authentication of P WD_IN. The terminal side authentication is a determination as to whether or not the user accepts the second registration. That is, the terminal side authentication is equivalent to determining whether the combination of the identification information P ID_IN and the password P WD_IN is stored in the memory device 24 (whether the identification information P ID matching the identification information P ID_IN and the password P WD matching the password P WD_IN are in one The process of storing the correspondence in the record R2 and storing it in the memory device 24) The terminal side authentication unit 524 of Fig. 5 obtains the result of the terminal side authentication. -26- 201113070 When the result of the terminal side authentication is affirmative (when the terminal side authentication is successful), the game data d G corresponding to the identification information P ID — IN and the password p WD — iN stored in the plurality of game materials DG of the memory device 24 The second server device 22 transmits to the game device 26. The game processing unit 522 applies the game data D G acquired from the storage device 24, and executes various game processes (processing for causing the user to execute the game). Therefore, the user can start the game again from the situation when the game was executed in the past. The memory device 504 is a program executed by the memory arithmetic processing device 52 and various materials. Specifically, the memory area (hereinafter referred to as "storage unit") 5 42 that stores the used credit number C B is set by the counter device 54. The usage credit number C B represents the number of tokens that are incremented or decremented together with the start and progress of the game of the game device 26 (e.g., the occurrence of an event). For example, if the fixed amount required for the start of the game is consumed, the amount of use of the C B will be reduced, and when the game is performed (for example, the event is reached), the amount of the used C B will increase. As the recording device 5 4, a known recording medium (or a combination of plural kinds of recording media) such as a semiconductor recording medium or a magnetic recording medium can be arbitrarily used. The user can increase the usage credit C B by using the input to the token of the game device 26. Further, the user who accepts both the first registration and the second registration is 'transferred generation' between the number of retained shares CA managed by the first system 1 and the used credit CB of the storage unit 542 stored in the game device 26. Amount (hereinafter referred to as "sub-transfer"). In the transfer of the amount of money from the holding amount CA to the use of the number of CBs, the processing of the game in the game device 26 (withdrawal), and the input of the -27-201113070 coin or in the game The amount of the occurrence of the acquisition is transferred from the use of the number of shares CB to the process of retaining the number of shares CA (storing). That is, the user can perform the transfer of the gene without processing the actual token. The management device 30 of Fig. 1 is a certificate (self-certification). Whether or not the user who wishes to transfer the money is the person who accepts the first registration and the second registration, manages the transfer of the amount of the game device 26. In other words, the management device 30 realizes the integration of the first system 10 that manages the retained credit number C A and the second system 20 that manages the game devices 26 that use the used credit C B . As shown in Fig. 1, the management device 30 is installed in the amusement facility and connects the first system 10 and the second system 20. Specifically, the management device 30 is connected to the first server device 12 of the first system 10 via a dedicated line, and communicates with the first server device 12. Further, the configuration in which the management device 30 is connected to the first server device 12 via the communication network 18 is also employed. Further, the management device 30 is connected to the communication network 28 of the second system 20, and communicates with the second server device 22 and each game device 26. As shown in Fig. 5, the management device 30 includes a computer system including the arithmetic processing device 32, the memory device 34, and the input accepting unit 36. The arithmetic processing unit 32 realizes a plurality of functions (the first authentication unit 321, the second authentication unit 3U, and the management unit 3 24) by executing the program of the memory device 34. The memory device 34 is a program (and a combination of a plurality of types of recording media) such as a semiconductor recording medium or a magnetic recording medium. The input accepting unit 36 accepts elements input from the user, and the package -28-201113070 includes a receiving unit 3 62 and a generating unit 3 64 and a receiving unit 366 and a receiving unit 3 68. The accepting unit 3 62 accepts the input of the identification information U ID_IN by the user. For example, the receiving unit 3 62 is the same as the receiving unit 560, and is configured by a plurality of operators (keyboards) operated by the user. Further, as the accepting unit 362, an operator (keyboard) displayed by a display device with a touch panel function can also be used. The generating unit 364 generates the biometric information B ID_IN indicating the biometric characteristics of the user. Similarly to the generating unit 166 of the token processing device 16, a vein sensor that detects the vein pattern of the hand (palm and finger) and generates the biological information B ID_IN is used as the generating unit 3 64. The receiving unit 366 accepts the input of the identification information P ID_IN by the user. Similarly to the accepting unit 562 of the game device 26, as the accepting unit 3 66, for example, a reader that reads the identification information p id of the game card as the identification information P ID — IN can be used. The receiving unit 386 receives the input of the password P WD_IN by the user. For example, the reception unit 386 is the same as the reception unit 5 64, and is configured by a plurality of operators (keyboards) operated by the user. Further, as the accepting unit 3 68, an operator (keyboard) displayed by the display device with the touch panel function can also be used. The first authentication unit 321 obtains the result of the authentication (hereinafter referred to as "first authentication") of the biometric information B ID_IN generated by the identification information U ID_IN input to the reception unit 3 62 and the generation unit 3 64. The first authentication is a process for determining the presence or absence of the first registration. That is, the first authentication is equivalent to whether the combination of the determination identification information U ID_IN and the biological information B ID_IN is stored in the memory device 14 (the identification information U ID that conforms to the identification information U ID_IN and the organism that conforms to the biological information b ID_IN) The information B ID is -29-201113070. The processing of storing in the memory device 1 4 ) is established in correspondence with one record R1. On the other hand, the second authentication unit 3 22 obtains the result of the authentication (hereinafter referred to as "second authentication") of the identification information P ID_IN input to the reception unit 3 66 and the password P WD_IN input to the reception unit 3 66. The second authentication is a process of determining the presence or absence of the second registration. That is, the second authentication is equivalent to determining whether the combination of the identification information P ID_IN and the password P WD_IN is stored in the memory device 24 (whether the identification information P ID matching the identification information P ID_IN and the password P WD matching the password P WD_IN are in one The process of establishing a correspondence in R2 and storing it in the memory device 24) is recorded. The management unit 3 24 generates the authenticated information A when the result of both the first authentication and the second authentication is affirmative (that is, when the user is confirmed to accept the first registration and the second registration), and is stored in the memory device 34. The predetermined memory area (hereinafter referred to as "management memory unit") 3 42. As shown in FIG. 5, the authenticated information A is a record (data) associated with the identification information U ID_IN ( U ID ) input to the receiving unit 3 62 and the biometric information B ID_IN (B ID ) generated by the generating unit 3 64. Column). The plurality of authenticated information A corresponding to different users are sequentially generated and stored in the management memory unit 3 42. The authenticated information A memorized in the management memory unit 342 is eliminated as a result of the arrival of the timing. For example, when the scheduled time of the amusement facility is opened or after the store is closed, the management unit 3 24 eliminates the plurality of authenticated information A stored in the management unit 342 (that is, the authenticated product generated at the time of the recent store opening) Information A). The photographing unit 62 of each game device 26 confirms whether or not the authentication (first authentication and second authentication) in the management device 3 is confirmed by the user who is actually executing the game in the game device -30-201113070 26 . Specifically, the management unit 324 of the photo management unit 30 inputs the identification information U ID_IN input to the receiving unit 5 60 of the game device 26 as the authenticated information A and is stored in the management memory unit 3 of the management device 30. 42 (that is, whether the first authentication and the second authentication have been confirmed for the user who inputs the identification information U ID_IN to the game device 26). The photograph due to the photographing unit 62 is executed when the result of the authentication by the terminal side authentication unit 524 is affirmative. The permission unit 64 allows the transfer of the denomination when the result of the note to the management unit 324 is affirmative, and prohibits the transfer of the code at the timing of the result of the photo. The operation unit 5.8 instructs the direction (storing/removing) and the number of the transfer of the code in response to the operation from the user. The operation unit 58 of the present embodiment is a display device with a touch panel function, and as shown in Fig. 6(B), an operation screen including the deposit operation unit 582 and the pull operation unit 584 is displayed. The depositing operation unit 5 82 instructs the deposit of the denomination (from the use of the number of credits C B to the transfer of the retained credit number C A ) and the deposit number N IN in response to the operation from the user. The withdrawal operation unit 584 indicates the withdrawal of the denomination (from the retention of the number of credits C A to the transfer of the used amount C B ) and the number of withdrawals N OUT in response to the operation from the user. The control unit 66 of Fig. 1 performs a generative transfer in response to an instruction from the operation unit 58. The acceptance of the operation by the operation unit 58 and the transfer of the amount by the control unit 66 are executed when the permission unit 64 permits the transfer of the code, and is not executed when the permission unit 64 does not allow the transfer of the code. -31 - 201113070 <A-2: Operation of the first embodiment> (1) Operation at the time of authentication Next, the operation of the management system 100 described above will be described. The user who comes to the amusement facility moves to the management device 30 and accepts the first authentication and the second authentication. Fig. 7 is a flow chart showing the operation of the management system 100 for the first authentication and the second authentication. The processing of Fig. 7 is started with an operation determined by the management device 30. The receiving unit 366 of the management device 30 receives the input of the identification information P ID_IN (SC10), and the receiving unit 368 accepts the input of the password PWD_IN (SC 1 1 ), and the second authentication unit 32 2 includes the identification information P ID_IN and the password P. The second authentication request of WD_IN is sent to the second server device 22 (SC 1 2 ). The second server device 22 receives the second authentication request (SD 1 0 ), and determines whether the identification information P ID_IN and the password P WD_IN in the second authentication request are stored in the memory device 24 as the identification information P ID and the password P WD ( 2nd certification) (SD 1 1). Then, the second server device 22 transmits the result of the second authentication (the second authentication result) to the management device 30 (S D12). When the second authentication result is received (S C13 ), the second authentication unit 322 determines whether or not the result of the second authentication is affirmative (S C14), and when the result is negative, notifies the user of the failure of the second authentication and ends the process ( Omit the description). On the other hand, when the result of the second authentication is affirmative, the following processing is executed. When the reception unit 3 62 receives the identification information U ID_IN (S C15 ), the first authentication unit 3 2 1 transmits the preliminary authentication request -32-201113070 including the identification information U ID IN to the first server device 1 2 ( SC 1 6). When receiving the preliminary authentication request (S B20 ), the first server device 12 determines whether or not the identification information U ID_IN in the preliminary authentication request is stored in the memory device 14 (S B2 1 ) as the identification information U ID, and the preliminary authentication is performed. The result (pre-certification result) is sent to the management device 30 (S B22). When the preliminary authentication result is received from the first server device 1 2 (SC 1 7 ), the first authentication unit 3 2 1 determines whether or not the result of the preliminary authentication is affirmative (SC 1 8 ), and if the result is negative, the preliminary authentication is performed. The failure informs the user to end the processing. On the other hand, when the result of the preliminary authentication is affirmative, the first authentication is performed in the following order. When the generating unit 364 generates the biometric information B ID_IN (S C19), the first authenticating unit 3 2 1 transmits the first authentication request including the identification information U ID_IN and the biometric information B ID_IN received in step SC 15 to The first server device 12 (S C20). Further, it is also possible to adopt a configuration in which the detection method of the vein pattern is selectively applied and the method of generating the biological information B ID_IN is different in any of the plural operation modes. That is, the mode information specifying the action mode actually applied when the biometric information B ID is generated (for example, at the time of the first registration) is stored in the memory device 14 together with the identification information U ID and the biometric information B ID. The preliminary authentication result (S B22) including the mode information is transmitted from the first server device 12 to the management device 30. The generating unit 3 64 of the management device 30 generates the biometric information B ID_IN in the operation mode designated by the mode information in the preliminary authentication result. The first server device 1 2 receives the first authentication request (S B23 ) 'determines the identification information U ID_IN and the biological information in the first authentication request. 33- 201113070 B ID_IN is used as the identification information U ID and the biological information B The ID is stored in the Billion Device 14 (first authentication) (S B24 ). Then, the first server device 1 2 transmits the result of the first authentication (the first authentication result) to the management device 30 (SB25). When the first authentication result is received (S C21 ), the first authentication unit 3 21 determines whether or not the result of the first authentication is affirmative (S C22 ). When the result is negative, the user is notified of the failure of the first authentication and the processing is terminated. . On the other hand, when the result of the first authentication is affirmative, the management unit 3 24 generates the identification information U ID_IN (U ID) input at step S C15 and the biological information B ID_IN (B ID) generated at step S C19. ) Establish associated authenticated information A and store it in Management Department 342 (S C23 ). As described above, the authenticated information A stored in the management memory unit 342 is eliminated when the predetermined time comes. In addition, when the first authentication is affirmative, and there is a residual amount of the retained credit number C A , the structure of the remaining amount of the retained credit number C A is displayed on the display device. (2) Operation at the time of the game The user who receives the first authentication and the second authentication in the above order moves to the desired game device 26 in the amusement facility, in order to maintain the number of credits CA and the number of used credits CB. The transfer between the two causes the game device 26 to execute the processes of Figs. 8 and 9. The processing of Fig. 8 is started with the operation of the game device 26 as a trigger. The receiving unit 5 62 of the game device 26 receives the input of the identification information P ID_IN (S E20 ). When the receiving unit 5 64 accepts the input of the password P WD_IN -34-201113070 (S E21 ), the terminal side authentication unit 524 will include the identification information. The terminal side authentication request of P ID —IN and password P WD —IN is transmitted to the second server device 22 (S E22). The second server device 22 receives the terminal side authentication request (S D20 ), and determines whether or not the identification information P ID_IN and the password p WD_IN in the terminal side authentication request are stored as the identification information P ID and the password p WD of the one record R2. Memory device 24 (S D2 1 ). Then, the second server device 22 transmits the result of the terminal side authentication (the terminal side authentication result) to the game device 26 (S D22 ) and receives the terminal side authentication result (S E23 ), and the terminal side authentication unit 5 determines the result. Whether the result of the terminal side authentication result is affirmative (s E24 ) 'When the result is negative, the user is notified of the failure of the terminal side authentication and the processing is terminated. On the other hand, when the result of the terminal side authentication is affirmative, the processing unit 560 accepts the input of the identification information U ID_IN (S E25 ). Then, the illuminating unit 62 transmits a request for the first authentication of the management device 30 and the success of the second authentication to the management device 3 (S E26 ). The request information includes the identification information U ID —IN input at step S E25 . Further, when the result of the authentication on the terminal side is affirmative, the game device 26 acquires the game material D G from the information device 24 and applies it to the game (not shown). When receiving the photo request (SC 3 0 ), the management unit 324 sequentially compares the identification information U ID_IN of each authenticated information A memorized in the management memory unit 342 with the identification information U ID_IN included in the photo request (S C31) ), determining whether the certified information including the identification information U ID_IN in the request for the photo-35-201113070 is stored in the management unit 342 (that is, the user who inputs the identification information U ID_IN to the game device 26 is under management) Whether the first authentication and the second authentication of the device 30 are successful) (S C32 ). When the authenticated information A including the identification information U ID_IN is stored in the management memory unit 342 (S C32 : YES), the management unit 3 24 will include the biometric information B ID_IN in the authenticated information A and the current identification information. The remaining amount request of U ID_IN (requesting request for retaining the number of credits CA) is transmitted to the first server device 12 (S C33). When receiving the residual amount request (SB 3 0 ), the first server device 1 2 searches for the identification information U ID_IN ( U ID ) and the biological information B ID_IN (B ID) corresponding to the remaining amount request from the memory device 14. The possession number CA (S B3 1 ) is held, and the residual amount notification including the retained credit CA is transmitted to the management device 30 (S B32 ). The remaining amount notification is received by the management unit 3 24 (S C34 ). On the other hand, when the authenticated information A including the identification information U ID_IN is not stored in the management unit 342 (S C32 ·· NO ), the processing of steps S C33 and S C34 is not executed. The management unit 3 24 transmits the result of the photo (whether or not the authenticated information A including the identification information U ID_IN is stored in the management storage unit 3 42 ) to the game device 26 (S C3 5 ). When the result of the note is affirmative (when the authenticated information A including the identification information U ID_IN is retrieved from the management memory unit 3 42 in step S C3 1), the retained credit CA of the remaining amount notification received at step SC34 is made. Included in the results of the note. When the photographing unit 62 receives the photographing result (S E26 ), the permitting unit 64 judges whether or not the photographing result is affirmative (S E27 ). The result of the photo is Ken-36-201113070 Timing (S E27 : YES ) 'The deposit used to start the transfer of the amount. The button (instruction button, icon, etc.) is displayed on the display screen of the game device. Becomes an operational (valid) state (S E30) » On the other hand, if the result of the photo is negative (S E27 : NO ), the deposit/retract button is not displayed. Therefore, the user cannot indicate the beginning of the transfer of the code. When the button is pressed for display when the result of the user's operation is affirmative, the permission unit 64 causes the operation unit 58 to display the display including the retained number C 包含 included in the result of the photo. FIG. 6(A) Operation screen. In the operation screen ’ of Fig. 6(A), the pull-out operation unit 548 is displayed (activated) in a state in which the instruction for withdrawal from the user is accepted. On the other hand, at the initial stage of starting the operation of the game device 26, the number of bases c B is used as 〇. Therefore, as shown in part (A) of Fig. 6, the operation screen is displayed as the usage quota CB, indicating that the deposit operation unit 5 8 2 for the transfer of the retained amount CA from the usage quota c B is used. The state is controlled to be invalid (for example, non-display or gray-out without accepting the state of the operation from the user). As described above, when the pull-out operation unit 584 is activated, the transfer from the retained share number c a to the use-substitute number CB is performed in response to the operation from the user of the pull-out operation unit 584. The management unit 324 of the management device 30 is required to transfer the transfer amount from the game device 26 between the storage unit 524 that stores the used credit number c B and the memory device 14 that stores the retained credit CA. To withdraw the request), the agent transfers from the holding amount CA to the use of the amount of the CB. First, when the instruction of the deduction of the denomination and the designation of the number N OUT (S E3 1 ) are received, the control unit 66 includes the identification information input in step S E20. The pull request of P ID_IN and the number of pulls N OUT specified in step S E31 is sent to the management device 30 (S E32). Furthermore, the method of specifying the number N OUT is arbitrary. For example, an arbitrary number of methods in which the user specifies the number of reserved credits CA as the number of withdrawals N OUT can be employed, and a predetermined number (for example, 100 pieces) of the withdrawal is specified by one operation of the withdrawal operation unit 584. The method of counting N OUT. Further, it is also suitable to limit the total number of withdrawals N OUT in a predetermined period (for example, one day) to a predetermined threshold (upper limit 値), when receiving a request for withdrawal (S C40 ), and the management device 30 is from the management memory. The part 342 searches for the biometric information B ID_IN ( S C41 ) corresponding to the authenticated information A for the identification information U ID_IN included in the request for the withdrawal. Then, the management unit 324 transmits the request for the withdrawal including the identification information U ID_IN included in the request for withdrawal and the biometric information B ID_IN searched in step S C4 1 to the first server device 12 (S C42). When receiving the request for withdrawal (S B40), the first server device 12 stores the number of retained credits CA stored in the memory device 14 from the identification information U ID_IN and the biological information B ID_IN in the request for the withdrawal. To obtain the requested number of withdrawals N OUT (S B41 ), a notification of the withdrawal of the update on behalf of the retained credit number CA is sent to the management device 30 (S B42 ). The management unit 3 24 of the management device 30 transmits the pull notification received from the first server device 12 to the game device 26 (S C43 ). When receiving the notification-38-201113070 notification (S E33), the control unit 66 of the game device 26 adds the number of withdrawals N OUT specified in step S E31 to the usage credit CB (S E34 ) of the storage unit 542. . With the above-mentioned description of the denomination and the acquisition in the game, and when the residual number of the CB is used, the user operates the deposit/retract button. The permission unit 64 is as shown in Fig. 6(B). In the state in which the number of retained credits CA and the number of used credits CB are displayed on the operation screen, the operation unit 58 displays (validates) the operation unit in a state in which the designation of the transfer from the user is accepted. 5 82 and the withdrawal operation unit 5 84 both sides. Further, when the residual number of the credit number CA is not retained, as shown in FIG. 6(C), the deferred operation unit 584 is controlled to be inactive (for example, non-display) while displaying the diurnal number CA. Or gaze and not accept the state of the operation from the user). As described above, when the depositing operation unit 582 is activated, the transfer of the retained amount C A from the used credit C B is performed in response to an instruction from the user to the depositing operation unit 528. The management unit 3 24 of the management device 30 is the same as the one at the time of the withdrawal of the denomination, and is transmitted from the game device 26 between the storage unit 5 42 for storing the used credit number CB and the storage device 14 for storing the retained credit CA. The requirement for the transfer of the amount of the transfer (the deposit requirement), the transfer from the use of the number of CBs for the transfer of the share of the CA. First, when the deposit operation unit 582 accepts the instruction to store the token and the designation of the deposit number N IN (S E35 ), the control unit 66 associates the identification information U ID_IN input in step S EM with the step S E35 specifies that the deposit request for the deposit number N IN of -130-201113070 is sent to the management device 3〇 (s E3 6). Furthermore, the method of specifying the number of N IN is arbitrary. For example, an arbitrary number of methods in which the user specifies the use credit amount CB as the deposit number N IN can be employed, and a predetermined number (for example, 100 pieces) can be specified by one operation of the deposit operation unit 528. The method of entering the number N IN. When receiving the deposit request (S C44), the management unit 3 of the management device 30 is the same as the step S C41 and the step S C42, and the management memory unit 32 searches for the creature corresponding to the identification information U ID_IN included in the deposit request. The body information B ID_IN (S C45 ) is transmitted to the first server device 12 (S C46) by including the identification information U ID_IN and the number N IN of the deposit request. When receiving the request for withdrawal (S B43 ), the first server device 12 adds the number N IN of the deposit required to the identification information U ID_IN and the biological information B ID_IN corresponding to the deposit request. The credit number CA (S B44) is held in the memory device 14, and the update notification of the update of the retained credit number CA is transmitted to the management device 30 (S B45). The deposit notification is transmitted to the game device 26 via the management unit 324 of the management device 30 (S C47). When receiving the deposit notification (S E37), the control unit 66 of the game device 26 subtracts the deposit number N IN specified in step S E35 from the use credit C B of the storage unit 542 (S E38). When the full amount of the used number C B is transferred to the retained amount C A , the use of the number of C B is 〇. By setting the used credit number C B to 0, the user causes the game card to be ejected from the receiving unit 562 (reader) to end the game. -40- 201113070 As described above, in the present embodiment, whether or not the identification information U ID_IN input to the game device 26 is stored as the authenticated information a is stored in the management unit 30 of the management device 30. Can it be. That is, the first authentication (biometric authentication) of the game device 26 is not required. Therefore, it is not necessary to individually set the machine (e.g., the vein sensor) that generates the biological information B ID to the plurality of game devices 26. On the other hand, in order to allow the transfer of the code to be permitted by the operation of the game device 26 (for the purpose of making the identification information U ID_IN as the authenticated information a, it is recorded in the management memory unit 3 4 2 )] because the user It is necessary to receive the first authentication (biometric authentication) in the management device 3, and it is necessary to sufficiently ensure the security of the generation management even though the configuration of the first authentication of the game device 26 is not required. That is, according to the present embodiment, it is possible to ensure the security of the generation management and the simplification of the structure and procedures required for the certification. Further, the authenticated information A of the present embodiment includes the biometric information B ID_IN in addition to the identification information U ID_IN, so that the request from the management device 30 to the first server device 12 can be transmitted (step S of FIG. 9). The request for withdrawal of C42 and the deposit requirement of step S C46) include identification information U ID_IN and biological information B ID —IN. On the other hand, since the biometric authentication is required for the payment and deposit of the token processing unit 16, the request is transmitted from the token processing device 16 to the first server device 12 (step S of FIG. 3). The request for withdrawal of A16 and the deposit requirement of step S A19) also include identification information U ID_IN and biological information b ID_IN . That is, since both the request from the management device 30 and the request from the token processing device 16 include the identification information u ID_IN and the biometric information -41 - 201113070 BI D_IN, the request from the management device 30 and the token from the token The processing of the first server device 12 can be made common to the requirements of the processing device 16. Therefore, for example, it is possible to introduce the management device 30 into the environment in which the first system 1 is present (the second system 20 can be integrated) without changing the processing of the first server device 12. In particular, in the structure in which the management device 30 is connected to the first server device 12 via the communication network 18, the first server device 12 can equally process the management device 30 and the token processing device 16. <B: Second Embodiment> Next, a second embodiment of the present invention will be described. In the respective aspects exemplified below, the same reference numerals are given to the same elements as those of the first embodiment, and the individual detailed descriptions are omitted. Fig. 1 is a schematic diagram showing the authentication information A of the second embodiment. As shown in Fig. 1, the authenticated information A is composed of the authentication time T A in addition to the identification information u ID_IN and the biological information B ID_IN. The authentication time T A is information specifying the time at which the first authentication and the second authentication are completed (the time at which the authenticated information A is generated). Fig. 11 is a flow chart showing a part of the operation of the management device 30 (portion after step S C20 of Fig. 7). As shown in FIG. 11, when the first authentication result received by the first server device 1 in the step S C2 1 is affirmative (S C22 : YES ), the management unit 324 of the management device 30 is the timing circuit from the calculation time. (Omitted illustration) The time (authentication time) TA (S C24 ) at the current time point is obtained. The management unit 3 24 generates the authenticated information A corresponding to the authentication time U corresponding to the identification information U ID_IN and the biological information B ID_IN obtained at the step-42-201113070 S C24, and stores it in the management unit 342 (S C25 ) . The management unit 3 24 eliminates the authenticated information A that has passed the predetermined time T 0 from the authentication time Τ A in the plurality of authenticated information A stored in the management memory unit 342 from the management memory unit 342. In other words, in the second embodiment, all the authenticated information A of the management memory unit 342 is eliminated at the predetermined time. In the second embodiment, the authentication time A is set for each authenticated information A. The starting point covers the expiration date of the time T 0 , and each of the authenticated information A is individually eliminated by the expiration of the expiration date. Furthermore, the time T 0 of the expiration date can be set to be variable according to each authenticated information A. In the first embodiment in which each of the authenticated information A is eliminated as a result of the arrival of the predetermined time, the earlier the time of the first authentication and the second authentication by the management device 30 is until the authentication information A is eliminated. The longer the time, for example, the possibility of being lost by the use of the lost game card (ie, it is difficult to ensure the security of the generation management). On the other hand, in the second embodiment, since the predetermined time T 0 is set as the expiration date and the authentication information A is individually set from the authentication time Τ A, the presence or absence of the authentication time Τ A can be sufficiently ensured. The advantages of security for generation management. Of course, according to the first embodiment in which the authenticated information A is eliminated at a predetermined time, since the management of the validity period of each authenticated information A is not required, the load of the processing by the management unit 324 is compared with the second. The advantages of the embodiment are reduced. Further, in the first embodiment, it is not necessary to include the authentication time TA in the authentication information A of the -43-201113070. Therefore, the data amount of the authenticated information A can be reduced (and the capacity required for the management memory unit 342 can be reduced). . Further, the method of eliminating the authenticated information A based on the expiration of the expiration date of each of the authenticated information A is not limited to the above illustration. For example, after the end of the first authentication and the second authentication, the authenticated information A may be stored in the management storage unit 342 including the predetermined count 値 TB, and the count 値 TB may be sequentially decreased from the management storage unit 3. 42 The configuration of the authenticated information A that the count 値 TB reaches the predetermined lower limit 値 (for example, 〇). According to the above configuration, there is an advantage that the validity period of the authenticated information A can be individually set for each of the authenticated information A in response to the count 値T B . <C: Third Embodiment> Fig. 12 is a flowchart showing a part of the operation of the management device 30 and the first server device 12 (portion after step S C20 in Fig. 7). As shown in Fig. 12, when the first authentication (S B24 ) is executed in response to the first authentication request (S C20 , S B23 ) from the management device 30, the first server device 12 generates the specific information a (S B26). The specific information α is a symbol set individually for each of the first authentications. As the specific information α, for example, a one-time password which varies depending on each first authentication can be used. The first server device 1 2 associates and stores the retained credit number C A corresponding to the identification information U ID_IN in the first authentication request with the specific information α (s B2 7 ). Further, the first server device 12 causes the specific information α to include the first authentication result and transmits it to the management device 30 (S Β 28). -44 - 201113070 When the first authentication result received by the first server device 1 in step S C2 1 is affirmative (S C22 : YES ), the management unit 32 of the management device 30 is generated as shown in FIG. The authenticated information A associated with the specific information α included in the first authentication result and the identification information U ID_IN is stored in the management storage unit 342 (S C26 ). That is, the authenticated information A does not include the biometric information B ID_IN. When the game device 26 instructs the transfer of the amount of the transfer, the management unit 32 of the management device 30 causes the request for the withdrawal and the request for deposit to include the specific information α, instead of the biometric information B ID_IN of the first embodiment, and transmits it to the first 1 server device 1 2. For example, when the instructed denomination is requested, the management unit 324 retrieves the specific information α corresponding to the identification information U ID_IN input in step S E25 of Fig. 8 from the management memory unit 342 (step S C41 of Fig. 9), and The request for the removal of the identification information U ID_IN and the specific information α and the number of withdrawals N OUT is transmitted to the first server device 12 (S C42 ). The first server device 1 2 retrieves the retained credit C Α corresponding to the combination of the identification information U ID_ IN and the specific information α included in the request for withdrawal from the memory device 1 and subtracts the number of withdrawals N OUT (S Β 41 ). The management unit 3 24 searches for the specific information α corresponding to the identification information U ID_IN input in step S E25 of Fig. 8 from the management memory unit 342 (step S C45 of Fig. 9), and the same. The identification information U ID_IN and the number of deposits N IN are included in the deposit request and transmitted to the first server device 12 (S C46). The first server device 12 adds the retained credit CA corresponding to the combination of the identification information U ID_IN and the specific information α included in the deposit request to the deposit number N IN ( S Β 44 ) -45 - 201113070 in the above configuration. Since the biometric information B ID_IN is not received between the management device 30 and the first server device 12 during the transfer of the code, there is a risk of reducing the outflow of the biometric information B ID_IN which is the personal information of the user. The advantages. Further, the biometric information B ID_IN tends to increase the amount of data, for example, compared to the specific information α. In the third embodiment, since the authenticated information Α includes the specific information α instead of the biometric information B ID_IN, the amount of data of the authenticated information A can be reduced as compared with the first embodiment (and the management memory can be reduced). The advantage of 342 required capacity). Of course, the configuration in which the authenticated information A includes both the biometric information B ID_IN and the specific information α is also employed. In addition, the structure of the second embodiment of the certified information can be eliminated by the expiration of the expiration date, and the third embodiment can be applied. <D: Fourth Embodiment> FIG. 14 is a block diagram of the management device 30 and the game device 26 of the management system 1 0 1 according to the fourth embodiment of the present invention. In the first embodiment, the authenticated information A corresponding to the identification information U ID_IN and the biometric information B ID_IN is generated. In the fourth embodiment, the identification information U ID_IN is generated and the identification information X ID is associated with the biometric information B. Certified Information A for ID_IN. The identification information X ID is a symbol that is inherently assigned to each of the first registrations (i.e., each record R 1 of the memory device 14). For example, similarly to the specific information α of the third embodiment, as the identification information X ID, a one-time password set to be variable is suitably used. -46 - 201113070 The management device 30 of the management system 1 第 1 of the fourth embodiment includes an acquisition unit 72 and a notification unit 74 in addition to the elements of the first embodiment. The acquisition unit 72 acquires the identification information X ID generated by the first server device 12. The notification unit 74 notifies the user who has received the authentication by the management device 30 of the identification information X ID acquired by the acquisition unit 72. As the notification unit 74, for example, a printing device that displays the identification information X ID or a printing device that prints the identification information X ID or a sound emitting device that outputs the identification information X ID by sound may be used. Furthermore, the form of the identification information X I D of the notification user is arbitrary. For example, in addition to the method of notifying the user of the character string indicating the identification information XID, the identification information X ID may be notified to the optically readable chart (for example, a barcode or a QR code (registered trademark)). User's method. Fig. 15 is a flowchart showing the operation at the time of authentication by the management device 30. When the first authentication is executed by the first authentication request received from the management device 30 (S B23, S B24 ), the first server device 12 determines whether or not the result of the first authentication is affirmative (S B60 ). When the result of the first authentication is affirmative, the first server device 12 generates the identification information X ID (S B61 ). Further, the first server device 12 is configured to display the identification information U ID of the identification information U ID_IN in the first authentication request for the complex identification information U ID of the memory device 14 as shown in FIG. Corresponding to the identification information X ID and memorizing (S B62 ). That is, the 'identification information X ID is associated with the retained credit number C A . Then, the first server device 12 transmits the first authentication result including the identification information X generated in step S B 61 to the management device 30 (S B63 ). On the other hand, -47-201113070, whether the result of the first authentication is timed (S B60 ·· NO ) 'The first server device 1 2 does not execute the generation and memory of the identification information X ID (S B61, S B62 ), The first authentication result indicating the failure of the first authentication is transmitted to the management device 3 (S B63 ). When receiving the first authentication result (S C21 ), the management unit 3 24 determines whether or not the result of the first authentication is affirmative (S C 2 2 ), and when the result is negative, notifies the user of the failure of the first authentication and ends the process. On the other hand, when the result of the first authentication is affirmative (S C22 : YES ), the notification unit 74 notifies the user of the identification information X ID acquired by the acquisition unit 72 based on the first authentication result (S C2 7 ). The user knows the identification information X ID by the notification by the notification unit 74. The management unit 3 24 generates the authenticated information A corresponding to the identification information X ID acquired by the acquisition unit 72 and the biometric information B ID_IN generated by the generation unit 364 in step S C19, and stores it in the management storage unit 342 (S C28). ). When the authentication by the management device 30 is completed in the above order, the processing of Figs. 8 and 9 is executed by the identification information X ID instead of the identification information U ID of the first embodiment. The user who has moved to the desired game device 26 in the amusement facility receives the identification information p ID_IN and the password P WD_IN and accepts the terminal side authentication (S E20 to S E24, S D20 to S D22 ) to the management device 30. At the time of authentication, the identification information X ID notified from the notification unit 74 is input as the identification information X ID_IN to the receiving unit 560 (S E25 ). The photographing unit 62 transmits a photograph request including the identification information X:m_lN to the management device 30 (S E26). The management unit 3 2 4 of the management device 3 determines whether or not the authenticated information A including the identification information of the identification information XI d _ I n is stored in the management storage unit 342. At the same time as the result (photograph result) (S C3 1, S C32 ), the result of the determination is transmitted to the game device 26 (S C3 5 ). When the result of the illuminating is affirmative, the control unit 66 of the game device 26 generates the number of transitions N (the number of withdrawals N OUT or the number of deposits n IN ) including the identification information X id_IN and the quota in response to the operation of the operation unit 58. The transfer request (the request for the step S E32 of FIG. 9 or the deposit request of the step s E3 6) is transmitted to the management device 30. The management unit 324 of the management device 30 includes a transfer request including the identification information X ID_IN (X ID) and the number of transfers N and the biometric information B ID_IN corresponding to the authenticated information A as the identification information X ID_[n (step S C42) The request for the withdrawal and the storage request of the step S C46 are transmitted to the first server device 12» The first server device 12 updates the identification information X ID_IN and the biological information B in the corresponding transfer request in response to the transfer number N ID_IN is stored in the memory device 14 with the retained credit number CA (S B41, S B44). The other operations are the same as in the first embodiment. Also in the fourth embodiment, the same effects as those of the first embodiment can be achieved. Further, in the fourth embodiment, the second embodiment in which the second information of the authenticated information A is eliminated by the expiration of the expiration date and the third information of the biometric information B ID_IN using the specific information α may be employed. The structure of the form. <E: Modifications> Each of the above aspects may be variously modified. The specific deformation modes are exemplified below. It is also possible to appropriately combine the two or more types arbitrarily selected from the following examples. -49- 201113070 (1) Modification 1 In the above embodiments, the authentication information A includes the biometric information B ID_IN generated by the generation unit 364, but the management unit 3 24 may be employed from the first server device. 1 2 A structure in which the biometric information B ID of the memory device 14 is included in the authenticated information a is obtained. Further, 'for the user who inputs the identification information U ID_IN to the game device 26' to determine whether or not the authentication at the management device 30 is completed, the identification information U ID_IN of the first authentication is successful as the authenticated information A. Remember in the management of the billion section 3 4 2 can be. Therefore, the structure in which the authenticated information a includes the biometric information B ID_IN (the first embodiment) and the structure in which the authenticated information A includes the specific information (: (the third embodiment) can be appropriately omitted: that is, the authenticated information A This is summarized as the data including the identification information U ID_IN when the first authentication is affirmed, regardless of the presence or absence of other information such as the biometric information B ID_IN and the specific information α. (2) Modification 2 In the above embodiments, the plurality of operators (keyboards) operated by the user have been exemplified as the receiving unit 3 62. However, the method of accepting the input of the identification information U ID_IN may be arbitrary. As the accepting unit 3 62, for example, a reader that reads the identification information U ID stored in the portable recording medium (for example, a management card or a mobile communication terminal) as the identification information U ID_IN can be used (for example, reading and identifying by non-contact) Information U ID non-contact reader), optical. The reader that sells the identification information U ID _ IN printed on the reading surface, and the sound of the recognition information U ID_IN is recognized according to the sound of the user from -50 to 201113070, and the input of the acceptance identification information U ID_IN is accepted. Elements. The input unit 5 of the identification information U ID_IN and the identification information X id_IN 5 60, the receiving unit ( 5 62 ) that accepts the input of the identification information p id_IN and the receiving unit ( 564 ) that accepts the input of the password p WD — IN are also the same. Each of the examples exemplified by the receiving unit 362 (operator, non-contact type reader, optical reader, and voice recognition (3) Modification 3 In the above aspects, the first authentication unit 321 performs the transmission of the first recognition. (Step S C20 of FIG. 7) and the first authentication result (S C21), the first server device 12 executes the first authentication (No S B24 ) ' However, the first authentication unit 321 may be used to execute the first configuration. . For example, the first authentication unit 3 21 receives the information B ID corresponding to the identification information U ID_IN input to the receiving unit 3 62 from the first server device. The first authentication unit 3 2 1 compares the biometric information B ID obtained from the first server device with the biometric information B ID_IN (first authentication) generated by the generating unit 364, and the authenticated information is confirmed when the result of the comparison is affirmative. A. As can be seen from the above description, the first authentication unit 3 2 1 obtains the elements of the result of the authentication information U ID_IN and the biometric information B ID_IN authentication, and does not ask whether or not the field for executing the first authentication uses the management device 30 and the first servo. Device 1 2 is 1 certified). For the second authentication identification using the identification information P ID_IN, the acceptance of the acceptance 366, 3 6 8, the important knowledge device certificate is required to receive (step 1 certification 12 to take the organism, set 12 to the body to generate the system as the In the first embodiment (the same applies to the example -51 - 201113070, the second authentication unit 322 can also use the identification information P ID and the password P WD obtained from the second server device 22 against the identification information P ID_IN and the password P WD_IN ( In the same manner, the terminal side authentication unit 524 of the game device 26 can perform the terminal side authentication. Further, in the above aspects, the second authentication by the second authentication unit 32 of the management device 30 The identification information P ID_IN and the password P WD_IN are both used, but the use of the password P WD_IN can be omitted for the second authentication. That is, the second authentication unit 32 will include the identification information P ID_IN in step S C12 of FIG. 7 . The second authentication request (excluding the password P WD_IN) is transmitted to the second server device 22, and in step SD11, the second server device 22 determines whether or not the identification information P ID_IN specified by the second authentication request is stored in the memory device 24 ( 2nd certification) As described above, the second authentication unit 322 is summarized as an element for obtaining the result of the second authentication using the identification information P ID_IN (the presence or absence of the use of the second authentication subject and the password P WD_IN). The terminal side authentication of the device 26 can be omitted, and the use of the password P WD_IN can be omitted. Therefore, the terminal side authentication unit 5 24 is an element for obtaining the result of the terminal side authentication using the identification information P ID (the result of the terminal side authentication and the password P WD are not required). It is to be noted that the second authentication of the management device 30 and the terminal side authentication of the game device 26 are not necessary in the present invention. That is, the second authentication at the management device 30 can be omitted (S C10 ~S C14, S D10~S D12) and terminal side authentication of the game device 26 (SE 2 0 to SE 2 4, SD 2 0 to S D22). -52- 201113070 (4) Modification 4 in the first In the embodiment, the authenticated information A is eliminated on the condition that the predetermined time comes, and in the second embodiment, the authenticated information A is eliminated on the expiration of the expiration date, but the condition of the authenticated information A is eliminated (the opportunity) Appropriate For example, the configuration of the authenticated information A of the management memory unit 342 may be eliminated by starting or stopping the management device 30 (for example, after startup or before stopping), or may be determined for the management device 30. The operation (for example, the operation of eliminating the button by the clerk of the amusement facility) eliminates the structure of the authenticated information A as an opportunity. Further, in the above embodiments, the authenticated information A is eliminated, but the method of invalidating the authenticated information A (the method of transitioning to the state that the management unit 324 cannot refer to) can be appropriately changed. For example, it is also appropriate to attach a message indicating that valid/invalid information (hereinafter referred to as "status flag") to the authenticated information A. The management unit 3 2 4 sets the status flag to be valid at the end of the first authentication and the second authentication, and sets the status flag as a trigger for the establishment of the predetermined condition (for example, the arrival of the predetermined time or the expiration of the expiration date). Invalid. However, as in the above various forms, the configuration of the state information flag for eliminating the authenticated information A does not require the management of the state flag of each authenticated information A, so that the load of the management unit 324 can be reduced. As can be seen from the above description, the management unit 3 24 invalidates the authenticated information A (for example, eliminating the authenticated information a or the status flag) as a trigger for the establishment of a predetermined condition (for example, the arrival of a predetermined time or the expiration of the expiration date). Summarized by the elements that are set to invalid. Of course, it is not necessary to clarify the security of the management of the amount of money and the simplification of the structure and procedures required for the certification. -53- 201113070 The resolution of the desired problem is not necessary. (5) Modification 5 The element for generating the identification information X id in the fourth embodiment is not limited to the first server device 12. For example, the configuration of the identification information X ID may be generated by the acquisition unit 72 of the management device 3〇. The identification information X ID generated by the acquisition unit 72 is notified to the second server device 1 2, and is associated with the retained credit CA corresponding to the identification information U ID_IN input in step S C15 and stored in the memory device 1 4 » (6) (Modification 6) In the above-described respective embodiments, the authentication receiving unit 3 66 accepts the input of the identification information P ID_IN (read by the reader), but the user's instruction may be employed. In the second registration, the valid/invalid structure of the identification information P ID of the user is given in advance. For example, the identification information P ID (singular or plural) is associated with the identification information U ID at the time of the second registration. In order to input the identification information U ID_IN (U ID ) in the first authentication of the management device 40, the identification information is corresponding thereto. Each identification information P ID of the U ID_IN is valid/invalid from the user indication. The activation of the identification information P ID is equivalent to the input of the identification information P ID_IN of each of the above forms. That is to say, the "acceptance of identification information" in the present case includes the input of the identification information (for example, reading or hand input), and also includes the operation of the user to validate (select) the identification information registered in advance. -54 - 201113070 (7) Modification 7 In the above aspects, the identification information p ID (PI D_IN ) stored in the game card is used for each process in the management system loo, but the identification information P ID_IN may be employed. (P ID) A configuration is established in which the other identification information (hereinafter referred to as "reference identification information") R ID (reference ID) is used instead of the identification information P ID_IN (PID) for each processing in the management system 100. Specifically, the server device (hereinafter referred to as "ID management server device") associates the reference identification information R ID given to the user with the identification information p id of the game card and manages it in the management device 40 and In the processing of the game device 26, the identification information P ID_IN received from the user and the identification information R ID specified by the ID management server device are applied instead of the identification information P ID — IN (PID) in each of the above forms. . Further, a configuration in which the second server device 22 is used as the id management server device or a configuration in which the id management server device is provided independently of the second server device 22 may be employed. The second authentication unit 322 of the management device 40 acquires the reference identification information RID 'the use identification information r I d and the password for the identification information p丨D jn received by the correspondence receiving unit 366 from the ID management server device. The result of the second certification of P WD_IN. On the other hand, the terminal side authentication unit 524 of the game device 26 acquires the reference identification information R ID 'acquisition reference for the identification information p ID _ I n received from the correspondence receiving unit 562 from the ID management server device. The result of the terminal side authentication using the identification information r I d . According to the above configuration, for example, even if the user loses the status of the game card, -55-201113070 uses the newly issued game card to associate with the reference identification information R ID, and the identification information p ID of the new game card can be used for specific use. Game data of the game card lost by the player. As described above, the "second identification information" of the present invention includes the identification information (p ID_IN) directly received from the user, and includes other management information (P 1D_IN ) that is received from the user. The tribute to identification information (R ID). Therefore, the receiving unit 3 66 that receives the identification information P ID — IN from the user and the element of the management device 40 that receives the reference identification information r id corresponding to the identification information P ID_IN from the ID management server device (the second authentication unit 3 22) It is summarized as an element (acquisition unit) that acquires the second identification information (p iD_IN, R ID ) of the present invention. Further, in the game device 26, the receiving unit 5 62 that receives the identification information P ID — IN from the user and the element of the reference identification information r ID that receives the identification information P ID — IN from the id management server device are also the same. (Terminal side authentication unit 524) is summarized as an element (terminal side acquisition unit) that acquires second identification information (p ID_IN 'R ID ). (8) Modification 8 The biological information B ID (B ID_IN ) is not limited to the vein pattern. As the biometric information B ID (B ID_IN ), for example, a feature amount inherent to the user such as a fingerprint or an iris or a sound (soundprint) can be arbitrarily used. BRIEF DESCRIPTION OF THE DRAWINGS [Fig. 1] A block diagram of -56-201113070 of the management system according to the first embodiment of the present invention is disclosed. [Fig. 2] A schematic diagram of data memorized by the memory device of the first system. [Fig. 3] A flow chart for the action of performing payment and deposit of tokens. [Fig. 4] A schematic diagram of data memorized by the memory device of the second system. FIG. 5 is a block diagram of a management device and a game device. [Fig. 6] A pattern diagram of an operation screen used for the transfer of the code. FIG. 7 is a flowchart of the operations of the first authentication and the second authentication. [Fig. 8] A flow chart of the action at the time of the game. [Fig. 9] A flowchart of the action at the time of the game. [Fig. 10] A schematic diagram of authenticated information in the second embodiment. [Fig. 1 1] A flowchart of the operation of the second embodiment. Fig. 12 is a flow chart showing the operation of the third embodiment. [Fig. 13] A schematic diagram of the authenticated information of the third embodiment. [Fig. 14] Block diagram of the management device and the game device of the fourth embodiment [Fig. 15] A flowchart of the operations of the first authentication and the second authentication in the fourth embodiment. [Fig. 16] A schematic diagram of the data of the memory of the first system of the first system of the fourth embodiment. [Description of main component symbols] 1()〇: Management system 10: First system 12: First server device-57-201113070 1 4: Memory device 1 6: Token processing device 2 0: System 2 22: 2 server device 24: memory device 26: game device 30: management device 32, 52: arithmetic processing device 3 21: first authentication unit 3 2 2: second authentication unit 3 2 4 : management unit 34, 54: memory device 342 : Management memory unit 3 6 : Input reception unit 542 : Storage unit 5 6 : Input reception unit 5 8 : Operation unit 5 8 2 : Storage operation unit 5 84 : Extraction operation unit 5 22 : Game processing unit 524 : Terminal Side authentication unit 62: photo session unit 64: permission unit 66: control unit -58-

Claims (1)

201113070 七、申請專利範圍. 1 . 一種管理系統,係包含管理裝置與複數遊戲裝置, 其特徵爲: 前述管理裝置係具備: . 受理部,係受理第1識別資訊; 產生部,係產生表示利用者之生物體特徵的生物體資 訊; 第1認證部,係取得利用前述第1識別資訊與前述生 物體資訊之第1認證的結果:及 管理部,係在前述第1認證的結果是肯定時,將前述 第1識別資訊作爲已認證資訊而記憶於管理記億部; 前述複數遊戲裝置係個別具備: 貯留部,係記憶因爲在該當遊戲裝置之代額的消費或 獲得而增減之第1代額數; 終端側受理部,係受理第1確認用識別資訊; 照會部,係照會前述管理部,確認一致於前述第1確 認用識別資訊之第1識別資訊是否作爲前述已認證資訊而 記憶於前述管理記憶部;及 允許部,係在前述照會的結果是肯定時,允許記憶於 前述貯留部之前述第1代額數和與第1識別資訊建立對應 而記憶於記憶裝置之第2代額數之從一方對於另一方的代 額之轉移。 2 如申請專利範圍第1項所記載之管理系統,其中, 前述管理裝置係具備: -59- 201113070 取得部’係取得第2識別資訊;及 第2認證部’係取得利用前述第2識別資訊之第2認 證的結果; 前述管理部’係在前述第1認證及前述第2認證雙方 的結果是肯定時’將前述第丨識別資訊作爲已認證資訊而 記憶於前述管理記憶部; 前述複數遊戲裝置係個別具備: 終端側取得部,係取得第2確認用識別資訊;及 終端側認證部’係取得利用前述第2確認用識別資訊 之終端側認證的結果; 前述照會部’係在前述終端側認證的結果是肯定時, 照會前述管理部’確認一致於前述第1確認用識別資訊之 第1識別資訊是否作爲前述已認證資訊而記憶於前述管理 記憶部。 3·—種管理系統,係包含管理裝置與複數遊戲裝置, 其特徵爲: 前述管理裝置係具備: 受理部,係受理第1識別資訊; 產生部,係產生表示利用者之生物體特徵的生物體資 訊; 第1認證部,係取得利用前述第1識別資訊與前述生 物體資訊之第1認證的結果; 取得部,係取得第3識別資訊; 通知部,係將前述第3識別資訊通知給利用者;及 -60- 201113070 管理部’係在前述第丨認證的結果是肯定時,將前述 第3識別資訊作爲已認證資訊而記憶於管理記憶部; 前述複數遊戲裝置係個別具備·· 貯留部’係記憶因爲在該當遊戲裝置之代額的消費或 獲得而增減之第1代額數; 終端側受理部,係受理第1確認用識別資訊; 照會部’係照會前述管理部,確認一致於前述第1確 認用識別資訊之第3識別資訊是否作爲前述已認證資訊而 記憶於前述管理記憶部;及 允許部,係在前述照會的結果是肯定時,允許記憶於 前述貯留部之前述第1代額數和與第3識別資訊建立對應 而記憶於記億裝置之第2代額數之從一方對於另一方的代 額之轉移。 4.如申請專利範圍第2項或第3項所記載之管理系統 ,其中, 前述管理裝置,係具備:密碼受理部,係受理密碼的 輸入; 前述第2認證部,係取得利用前述第2識別資訊與前 述密碼之前述第2認證的結果。 5 .如申請專利範圍第1項或第3項所記載之管理系統 ,其中, 前述管理部,係以所定條件的成立作爲契機,將前述 管理記億部的前述已認證資訊設爲無效。 6.如申請專利範圍第5項所記載之管理系統,其中, -61 - 201113070 前述管理部’係以所定時刻的到來作爲契機,將前述 已認證資訊設爲無效。 7 ·如申請專利範圍第5項所記載之管理系統,其中, 前述管理部,係以從前述管理記憶部消除前述已認證 資訊,將該當已認證資訊設爲無效。 8 ·如申請專利範圍第1項或第3項所記載之管理系統 ,其中, 前述複數遊戲裝置係個別具備: 操作部,係包含指示從前述第1代額數對於前述第2 代額數之代額的轉移之存入操作部,與指示從前述第2代 額數對於前述第1代額數之代額的轉移之提領操作部至少 —方: 前述操作部,係在前述允許部允許代額的轉移時成爲 可操作。 9.如申請專利範圍第丨項或第3項所記載之管理系統 ,其中, 前述管理部,係使前述已認證資訊包含生物體資訊而 記憶於前述管理記憶部, 在從前述遊戲裝置被指示代額的轉移時,則對於管理 將第1識別資訊與生物體資訊與第2代額數建立對應並加 以記憶之前述記憶裝置的伺服器裝置,發送前述已認證資 訊的前述第1識別資訊與前述生物體資訊。 1 〇·如申請專利範圍第1項或第3項所記載之管理系 統,其中, -62- 201113070 前述管理部,係使前述已認證資訊包含 憶於前述管理記億部, 在從前述遊戲裝置被指示代額的轉移時 將第1識別資訊與特定資訊與第2代額數建 記憶之前述記憶裝置的前述伺服器裝置,發 資訊的前述第1識別資訊與前述特定資訊。 11. 一種遊戲裝置,係與具備在利用輸 之第1識別資訊及生物體資訊之第1認證的 ,將前述第1識別資訊作爲已認證資訊而記 部之管理部的管理裝置進行通訊的遊戲裝置 備: 貯留部,係記憶因爲在該當遊戲裝置之 獲得而增減之第1代額數; 終端側受理部,係受理第1確認用識別: 照會部,係照會前述管理部,確認一致: 認用識別資訊之第1識別資訊是否作爲前述 記億於前述管理記憶部;及 允許部,係在前述照會的結果是肯定時 前述貯留部之前述第1代額數和與第1識別 而記憶於記憶裝置之第2代額數之從一方對 額之轉移。 12. —種管理裝置,其特徵爲具備: 受理部,係受理第1識別資訊; 產生部,係產生表示利用者之生物體特 特定資訊而記 ,則對於管理 立對應並加以 送前述已認證 入至管理裝置 結果是Η疋時 億於管理記憶 ,其特徵爲具 代額的消費或 資訊; 於前述第1確 已認證資訊而 ,允許記憶於 資訊建立對應 於另一方的代 徵的生物體資 -63- 201113070 訊; 第1認證部,係取得利用前述第1識別資訊與前述生 物體資訊之第1認證的結果;及 管理部,係在前述第1認證的結果是肯定時,將前述 第1識別資訊作爲已認證資訊而記憶於管理記憶部; 前述管理部,係將—致於輸入至遊戲裝置之第1確認 用識別資訊的第1識別資訊是否作爲前述已認證資訊而記 憶於前述管理記億部的判定之結果,通知該當遊戲裝置, 在前述判定的結果是肯定時,在具備記憶因爲代額的 消費或獲得而增減之第1代額數的貯留部之前述遊戲裝置 ,和與第1識別資訊建立對應而記憶第2代額數之記憶裝 置之間,因應從前述遊戲裝置發送之代額的轉移之要求, 仲介前述第1代額數與前述第2代額數之從一方對於另一 方的代額之轉移。 1 3 . —種程式,係使電腦作爲以下構件而作用: 受理部,係受理第1識別資訊; 產生部,係產生表示利用者之生物體特徵的生物體資 訊; 第1認證部,係取得利用前述第1識別資訊與前述生 物體資訊之第1認證的結果;及 管理部,係在前述第1認證的結果是肯定時’將前述 第1識別資訊作爲已認證資訊而記憶於管理記憶部; 其特徵爲: 前述管理部,係將一致於輸入至遊戲裝置之第1確認 -64- 201113070 用識別資訊的第1識別資訊是否作爲前述已認證資訊而記 憶於前述管理記憶部的判定之結果’通知該當遊戲裝置’ 在前述判定的結果是肯定時,在具備記憶因爲代額的 消費或獲得而增減之第1代額數的貯留部之前述遊戲裝置 ’和與第1識別資訊建立對應而記憶第2代額數之記憶裝 置之間,因應從前述遊戲裝置發送之代額的轉移之要求, 仲介前述第1代額數與前述第2代額數之從一方對於另一 方的代額之轉移。 -65-201113070 VII. Patent application scope 1. A management system includes a management device and a plurality of game devices, wherein: the management device includes: a receiving unit that receives the first identification information; and a generation unit that generates and utilizes The first authentication unit obtains the result of the first authentication using the first identification information and the biometric information: and the management unit, when the result of the first authentication is affirmative The first identification information is stored in the management information unit as the authenticated information. The plurality of game devices are provided with: the storage unit is the first one to increase or decrease the consumption or the acquisition of the game device. The terminal side receiving unit receives the first confirmation identification information, and the photo management unit checks whether the first identification information that matches the first confirmation identification information is stored as the authenticated information. The management memory unit and the permission unit allow the memory to be stored in the foregoing when the result of the foregoing note is affirmative The generation of the first amount and the number of the memory of the correspondence and the amount of generation of transfer from one to the other in the second memory means Generation Amount and the first identification information. (2) The management system according to the first aspect of the invention, wherein the management device includes: -59-201113070, the acquisition unit 'obtains the second identification information; and the second authentication unit' obtains the second identification information As a result of the second authentication, the management unit 'stores the second identification information as the authenticated information in the management storage unit when the result of both the first authentication and the second authentication is affirmative; the plural game Each of the devices includes: a terminal-side acquisition unit that acquires second identification identification information; and a terminal-side authentication unit that acquires terminal-side authentication using the second confirmation identification information; the notification unit is located in the terminal When the result of the side authentication is affirmative, the management unit 'checks whether the first identification information matching the first confirmation identification information is stored in the management storage unit as the authenticated information. The management system includes a management device and a plurality of game devices, wherein the management device includes: a receiving unit that receives the first identification information; and a generation unit that generates a living creature that indicates the user's biological characteristics. The first authentication unit obtains the result of the first authentication using the first identification information and the biometric information; the acquisition unit acquires the third identification information; and the notification unit notifies the third identification information User---60-201113070 The management department's the third identification information as the authenticated information is stored in the management memory unit when the result of the above-mentioned third certification is affirmative; the plurality of game devices are individually provided with ·· The department's memory is the number of first generations that are increased or decreased by the consumption or acquisition of the game device. The terminal-side reception unit accepts the first confirmation identification information. The photo-receiving department's management unit confirms the agreement. Whether the third identification information of the first confirmation identification information is stored in the management memory unit as the authenticated information; and The permission unit is configured to allow the first generation amount of the memory stored in the storage unit and the second generation amount stored in the second generation information to be stored in the other party. Transfer of the quota. 4. The management system according to the second or third aspect of the invention, wherein the management device includes: a password accepting unit that accepts an input of a password; and the second authentication unit acquires the second The identification information and the result of the aforementioned second authentication of the aforementioned password. 5. The management system according to the first or third aspect of the patent application, wherein the management unit invalidates the authentication information of the management unit of the company by the establishment of the predetermined condition. 6. The management system described in claim 5, wherein -61 - 201113070 the management unit is invalidated by the arrival of the predetermined time. 7. The management system according to claim 5, wherein the management unit eliminates the authenticated information from the management memory unit and invalidates the authenticated information. The management system according to the first or third aspect of the invention, wherein the plurality of game devices are provided separately: the operation unit includes a quota indicating the number of the second generation amount from the first generation amount The transfer operation unit and the withdrawal operation unit for instructing the transfer of the second generation amount to the first generation amount of the transfer amount are at least one of the following: the operation unit allows the transfer of the allowance in the permission unit It becomes operational. 9. The management system according to claim 3, wherein the management unit includes the biometric information included in the management information and is stored in the management memory unit, and is instructed from the game device. In the case of transferring the token, the first identification information of the authenticated information is transmitted to the server device that manages the memory device that associates and stores the first identification information and the biometric information with the second generation amount. Biological information. 1 〇 如 如 如 如 如 如 如 如 如 如 如 如 如 如 如 - - 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 62 The first identification information and the specific information of the information are transmitted by the server device of the memory device in which the first identification information and the specific information and the second generation amount are built in the transfer of the indicated code. 11. A game device, which is a game device that communicates with a management device that manages the first identification information as the authentication information and the management unit that uses the first identification information and the biometric information. In the storage unit, the storage unit is the first generation of the number of digits that is added or subtracted by the acquisition of the game device. The terminal-side reception unit accepts the identification of the first confirmation: The photographing unit checks the agreement with the management unit: Whether the first identification information of the identification information is used as the aforementioned management memory unit or the permission unit, and the first generation amount of the storage unit and the first recognition are stored in the memory when the result of the photo notification is affirmative The transfer of the second generation of the device from one of the balances. 12. A management device, comprising: a receiving unit that receives the first identification information; and a generating unit that records the biometric specific information indicating the user, and sends the authenticated to the management correspondence The result of entering the management device is that the time is in the management memory, which is characterized by the consumption or information of the quota; in the above-mentioned first confirmed information, it is allowed to memorize the information to establish the organism corresponding to the other party's token.资-63-201113070; The first certification unit obtains the result of using the first identification information and the first authentication of the biometric information; and the management unit, when the result of the first authentication is affirmative, The first identification information is stored in the management memory unit as the authenticated information. The management unit stores the first identification information input to the first confirmation identification information of the game device as the authenticated information. The result of the judgment of the management unit is notified to the game device. When the result of the above determination is affirmative, there is memory for the consumption of the denomination. Or the game device of the storage unit of the first generation amount that is increased or decreased, and the memory device that stores the second generation amount in association with the first identification information, and the transfer of the token transmitted from the game device It is required that the amount of the first generation of the above-mentioned first generation and the amount of the second generation of the above-mentioned second generation be transferred from one party to the other. In the program, the computer functions as the following means: the receiving unit receives the first identification information; the generating unit generates the biological information indicating the biometric characteristics of the user; the first authentication unit acquires a result of the first authentication information and the first authentication of the biometric information; and the management unit, when the result of the first authentication is affirmative, 'memorizes the first identification information as the authenticated information in the management memory unit The management unit is configured to match the result of the determination of whether the first identification information of the identification information input to the game device is stored in the management memory unit as the first authentication information of the identification information input to the game device. When the result of the above-described determination is affirmative, the game device of the storage unit that stores the first generation amount of the amount of increase or decrease due to the consumption or acquisition of the token is associated with the first identification information. Between the memory devices that memorize the second generation amount, in response to the request for the transfer of the tokens sent from the aforementioned game device, the first generation of the above-mentioned first generation And the second generation of Amount of Amount transferred from one party to the other party's behalf. -65-
TW099125602A 2009-10-07 2010-08-02 Management system, game device, management device and program TW201113070A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2009233085 2009-10-07

Publications (1)

Publication Number Publication Date
TW201113070A true TW201113070A (en) 2011-04-16

Family

ID=43887162

Family Applications (1)

Application Number Title Priority Date Filing Date
TW099125602A TW201113070A (en) 2009-10-07 2010-08-02 Management system, game device, management device and program

Country Status (3)

Country Link
JP (2) JP5208173B2 (en)
CN (1) CN102034317B (en)
TW (1) TW201113070A (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106529952B (en) * 2015-09-09 2021-09-17 腾讯科技(深圳)有限公司 Verification implementation method and system in data transfer
JP6179686B1 (en) * 2017-03-22 2017-08-16 株式会社セガゲームス Authentication system and server
JP7421053B2 (en) * 2019-03-29 2024-01-24 株式会社コナミアミューズメント Game systems and how they work

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH09313719A (en) * 1996-05-29 1997-12-09 Sophia Co Ltd Stored medium-lending game system
JP3781568B2 (en) * 1998-12-01 2006-05-31 コナミ株式会社 game machine
JP4449140B2 (en) * 2000-02-24 2010-04-14 株式会社セガ Game facility lending / depositing method and system thereof
JP2002035380A (en) * 2000-07-27 2002-02-05 Sun Corp Game information control device
JP2004081461A (en) * 2002-08-26 2004-03-18 Glory Ltd Game medium lending system
US7470191B2 (en) * 2002-12-20 2008-12-30 Tech Link International Entertainment Ltd. Responsible gaming system
JP2004295197A (en) * 2003-03-25 2004-10-21 Nec Corp Electronic ticket vending system and method
JP3632963B2 (en) * 2003-05-29 2005-03-30 コナミ株式会社 Network battle type terminal device, method and program
JP4756875B2 (en) * 2005-01-20 2011-08-24 株式会社オーイズミ Game media rental system
JP2008029513A (en) * 2006-07-27 2008-02-14 Nihon Unica Corp Medium management system for game
JP2008264289A (en) * 2007-04-23 2008-11-06 Seeds Nishitokyo:Kk Game parlor charge settling system

Also Published As

Publication number Publication date
CN102034317A (en) 2011-04-27
JP5563680B2 (en) 2014-07-30
JP5208173B2 (en) 2013-06-12
JP2013090975A (en) 2013-05-16
JP2011100439A (en) 2011-05-19
CN102034317B (en) 2013-06-26

Similar Documents

Publication Publication Date Title
US6612928B1 (en) Player identification using biometric data in a gaming environment
JP4774245B2 (en) Automatic transaction device for biometric authentication
TW200805203A (en) Net settlement assisting device
TWI332637B (en) Biometrics system and method thereof
JP4671838B2 (en) Automatic cash transaction equipment
JP2007004478A (en) Personal identification system
TW200821992A (en) Personal verifying system, method, procedure and host device thereof
JP2007114911A (en) In-ic-card authentication system
TW201113070A (en) Management system, game device, management device and program
JP5871987B2 (en) Device compatible with each device and member authentication method
JP5514438B2 (en) GAME MEDIUM MANAGEMENT SYSTEM AND GAME MEDIUM MANAGEMENT METHOD
TW201113069A (en) Management system, gaming device, management device and program
JP4834785B2 (en) Automatic cash deposit system and apparatus
JP2008129647A (en) Password operation system
JP5290645B2 (en) Recording medium processor and identification method thereof
WO2020241406A1 (en) Processing device, processing method, and program
JP2002269052A (en) System, method, and program for portable terminal authentication, and computer-readable recording medium stored with the same program
JP2005208839A (en) Prizewinning money payment system, prizewinning ticket issuing device and prizewinning ticket fare adjusting device
JP7434655B1 (en) Authentication system, terminal device, identity verification method, and program
JP6928694B1 (en) Cash withdrawal method and cash withdrawal system
JP2007310904A (en) In-ic-card authentication system
JP2008234316A (en) Portable communication terminal device, authentication server for financial institution, personal identification number request program, and personal identification number response program
JP2008004104A (en) In-ic-card authentication system
JP2011034259A (en) Portable pin code management device and card information processing system
JP2002149969A (en) Banking system