WO2004006194A1 - 取引システムおよび取引端末装置 - Google Patents
取引システムおよび取引端末装置 Download PDFInfo
- Publication number
- WO2004006194A1 WO2004006194A1 PCT/JP2002/006794 JP0206794W WO2004006194A1 WO 2004006194 A1 WO2004006194 A1 WO 2004006194A1 JP 0206794 W JP0206794 W JP 0206794W WO 2004006194 A1 WO2004006194 A1 WO 2004006194A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- transaction
- card
- user
- memory
- authentication
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F19/00—Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
- G07F19/20—Automatic teller machines [ATMs]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/18—Payment architectures involving self-service terminals [SST], vending machines, kiosks or multimedia terminals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/355—Personalisation of cards for use
- G06Q20/3558—Preliminary personalisation for transfer to user
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/357—Cards having a plurality of specified features
- G06Q20/3576—Multiple memory zones on card
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4093—Monitoring of device authentication
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F19/00—Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
- G07F19/20—Automatic teller machines [ATMs]
- G07F19/201—Accessories of ATMs
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
Definitions
- the present invention relates to credit cards and cash cards such as transactions at ATM (Automated Teleler Macine) terminals using bank cash cards, transactions with debit cards at stores, and shopping Z cashing with credit cards of credit companies.
- the present invention relates to a system suitable for transactions using a payment card such as a shuffle card, and a transaction terminal device used in the system.
- a magnetic stripe is attached to the surface of a bank cash card or a credit card of a credit company (hereinafter, these cards are collectively referred to as a payment card), and account information (counterparty bank) is included in the magnetic stripe. Numbers and account numbers) are encrypted and recorded as magnetic data.
- the account information recorded on the magnetic stripe is read by the magnetic stripe reader, and the account information is transmitted to the host together with the password (usually 4 digits) entered by the user at the ATM terminal. .
- the host retrieves the user's PIN from the customer database based on the account information received from the ATM terminal, and compares the PIN with the PIN sent from the ATM terminal to authenticate the user. Done. If the passwords match and the user is authenticated, the host notifies the ATM terminal of the fact and initiates a transaction with the user.
- IC card storing an IC (Integrated Circuit) memory such as a FRAM (Ferroelectoric Random Access Memory) has appeared.
- IC Integrated Circuit
- FRAM Feroelectoric Random Access Memory
- Such an IC card is already used as a JR (Japan Railways) commuter pass.
- IC capability generally has the following features (1) to (3). (1) Data can be written.
- a four-digit password is usually used to authenticate a user.
- the terminal device such as an ATM terminal sends the operation-input ⁇ identification number and transaction information in the magnetic stripe (for example, a bank account number, a card number) to the host, and the host identifies the user. Authentication is being performed.
- the above-mentioned IC card has been proposed and used as a new payment card. Since the IC card holds the memory inside the payment card instead of the magnetic stripe, unlike the conventional payment method using the magnetic stripe, the data payment has many magnetic stripes and the conventional payment In addition to being able to store more information than a card, it has the characteristic that it can not only read information from the memory but also write information into the memory. It is expected to replace traditional payment cards.
- the present invention has been made in view of such a problem, and it is possible to install a tori I terminal device which can correspond to an IC card type payment card with a built-in memory without changing the configuration on the host side. It functions effectively when migrating from a system that uses a conventional payment card with a magnetic stripe to a system that uses an IC-based payment card, greatly promoting the spread of IC-based payment cards. It is an object of the present invention to provide a transaction system and a transaction terminal device that can contribute to the above.
- the present invention can be used even if the user does not have a special card writing device (IC power and dry key), and the user does not have to line up with an ATM terminal or a window to rewrite the memory contents.
- IC power and dry key IC power and dry key
- the transaction system of the present invention comprises a magnetic stripe on which transaction information necessary for transaction is recorded, and a memory capable of reading and writing electronic data.
- a memory having a memory in which user authentication information necessary for user authentication is pre-recorded as the electronic data; a magnetic stripe reader for reading the information from the magnetic stripe of the card and the memory; and
- a transaction terminal device having a memory reader, a memory device for writing the electronic data in the memory, and an input unit for inputting authentication data to authenticate a user of the card; and the transaction terminal device.
- the authentication data is input from the input unit, the notes An authentication unit for authenticating that a person who has input the authentication data is a user of the card by comparing the user authentication information read from the memory by a rereader; If the person who has input the password is authenticated by the authentication unit to be a user of the card, the transaction information read by the magnetic stripe reader and the transaction information read by the memory reader
- the transaction authentication information is transmitted from the transaction terminal device to the host server, and the host server executes the transaction using the transaction information from the transaction terminal device and the transaction authentication information.
- the memory writer writes the card into the memory or rewrites the content recorded in the memory. It is a symptom.
- the transaction system of the present invention is a card in which transaction information necessary for a transaction is recorded, a transaction terminal device having a reader for reading the transaction information from the card, and communicably connected to the transaction terminal device, A host server for performing the transaction based on the transaction information read from the card, wherein an electronic mail address of a user of the card is registered in advance in the card or the host server; Alternatively, each time the host server performs the transaction, the host server transmits the contents of the transaction to the electronic mail address.
- the transaction system of the present invention is a transaction terminal device comprising: a card on which transaction information necessary for transaction is recorded; a reader for reading the transaction information from the card; and a transaction terminal device capable of communicating with the transaction terminal device.
- a transaction terminal device Connected to the host server for performing the transaction based on the transaction information read from the card, and at the time of executing the transaction, registering information on a business partner of a user of the card in the card.
- the transaction terminal device is provided in the transaction terminal device.
- the transaction terminal device of the present invention is a magnetic stripe on which transaction information necessary for the transaction is recorded, and a memory capable of reading and writing electronic data, which is required for authentication prior to the transaction using the transaction information.
- Magnetic stripes for reading the information from the magnetic stripe and the memory respectively.
- the present invention functions effectively at the time of the system transition as described above, and contributes to greatly promoting the spread of the IC card type payment card.
- the transaction terminal device performs writing to the memory of the card or rewriting of the content recorded in the memory by the memory line.
- the transaction terminal device performs writing to the memory of the card or rewriting of the content recorded in the memory by the memory line.
- the user can use the card.
- a desired transaction by the transaction terminal device At the same time, the contents can be written or rewritten to the memory of the card.
- the transaction conditions set in advance for the card user are recorded in the memory of the card, and by executing the transaction in accordance with the transaction conditions, the contents of the transaction that the user can perform are described in the transaction. It can be limited to the range set by the conditions.
- the user authentication information for a plurality of users is recorded in the memory of the card, and the transaction conditions (for example, the withdrawable amount) preset for each user are recorded, and the authentication data from the input unit is stored. If one of the user authentication information matches, the transaction is executed according to the transaction conditions corresponding to the user, so that one card, that is, one transaction account, can be shared by multiple users. And the content of transactions (for example, cash withdrawal) that the user can perform for each user can be limited within the range set by the transaction conditions (for example, the amount that can be withdrawn). .
- the transaction conditions in the memory of the card are rewritten by the memory writer based on the result of the transaction performed on the host server, and the transaction conditions are changed according to the transaction contents. Can be updated.
- the reset timing at which the transaction conditions should be reset and the initial conditions of the transaction conditions are set, and when the transaction using the card is executed for the first time after the reset timing, the memory of the card is written by the memory writer.
- the host server receives a content write request or a content rewrite request from the personal terminal device to the memory of the card, the new content (eg, user authentication information, transaction conditions, card user (E-mail address, etc.) temporarily, and then, when the transaction is executed for the first time with the target card, the memory writer of the transaction terminal writes the new contents to the memory of the card, or By rewriting the contents of the memory to the new contents, even if the user does not have a special card writing device (IC card writer), the user can rewrite the memory contents. It is possible to write or rewrite the contents of the card when the user apparently wants it, without having to line up with ATM terminals or counters.
- the new content eg, user authentication information, transaction conditions, card user (E-mail address, etc.
- the user's e-mail address is recorded in the memory of the card or the host server, and the transaction terminal device or the host server immediately transmits the contents of the transaction to the e-mail address after the transaction is completed.
- the user can save the contents of the transaction as e-mail (electronic data), and if the card is illegally used, the user can immediately know the unauthorized use. is there.
- the contents of the transaction are written and stored in the memory of the card by the memory writer, so that the company to which the host server belongs (for example, a bank, a credit company, etc.) does not need to issue the transaction details on paper.
- the company to which the host server belongs for example, a bank, a credit company, etc.
- the memory can be used effectively.
- the user's e-mail address is recorded in the memory of the card, and in response to a transaction content read request, when the transaction is executed, the transaction content is read by a memory reader and then sent to the e-mail address.
- the user can obtain the transaction details recorded in the memory of the card as e-mail (electronic data).
- FIG. 1 is a block diagram showing a configuration of a transaction system according to a first embodiment of the present invention.
- FIG. 2 is a diagram for describing a first operation example of the first embodiment.
- FIG. 3 is a flowchart for explaining a first operation example of the first embodiment.
- FIG. 4 is a diagram showing an example of a password and transaction conditions in the first embodiment.
- FIG. 5 is a diagram for explaining a second operation example of the first embodiment.
- FIG. 6 is a flowchart for explaining a second operation example of the first embodiment.
- FIG. 7 is a flowchart for explaining a third operation example of the first embodiment.
- FIG. 8 is a flowchart for explaining a fourth operation example of the first embodiment.
- FIG. 9 is a flowchart for explaining a fifth operation example of the first embodiment.
- FIG. 10 is a flowchart for explaining a sixth operation example of the first embodiment.
- FIG. 11 is a block diagram showing a configuration of a transaction system according to a second embodiment of the present invention.
- FIG. 12 is a flowchart for explaining a first operation example of the second embodiment.
- FIG. 13 is a flowchart for explaining a second operation example of the second embodiment.
- FIG. 14 is a block diagram showing a configuration of a transaction system according to a third embodiment of the present invention.
- FIG. 15 is a block diagram showing a configuration of a certificate authority in the third embodiment.
- FIG. 16 is a block diagram showing a configuration of a personal terminal device (user terminal device) according to the third embodiment.
- FIG. 17 is a block diagram showing the configuration of the host server (bank server) in the third embodiment.
- FIGS. 18 (A) to 18 (C) are diagrams for explaining the basic operation of the transaction system of the third embodiment in comparison with the operation of a general transaction system.
- FIG. 19 is a flowchart for explaining a first operation example of the third embodiment.
- FIG. 20 is a flowchart for explaining a second operation example of the third embodiment.
- FIG. 21 is a block diagram showing a modification of the password authentication function according to the present invention. BEST MODE FOR CARRYING OUT THE INVENTION
- FIG. 1 is a block diagram showing a configuration of a transaction system according to a first embodiment of the present invention.
- the transaction system according to the first embodiment includes an IC card 10 and an IC card. It consists of an authentication terminal 20, a host server 30, a user terminal 40, a network 51 and a network 52.
- the IC card (IC card type payment card) 10 is used, for example, as a cash card, a debit card, a credit card, and the like.
- a magnetic stripe 11 is attached to the outer surface thereof, and IC memory 12 is embedded inside.
- transaction information necessary for the transaction (for example, account information such as a counterparty bank number and an account number) is recorded in advance as magnetic data.
- the IC memory 12 is a memory that can read and write electronic data.
- the IC memory 12 stores, for example, the following information (1) to (4) as electronic data. Is recorded in advance.
- the password has a format different from that of the conventional password (four-digit number). For example, a character string consisting of alphanumeric characters, hiragana, katakana, kanji, and symbols is used. Further, as described later with reference to FIG. 4, for example, a plurality of user authentication information (password) corresponding to each family may be recorded.
- the transaction conditions as will be described later with reference to FIG. 4, for example, permission Z disapproval of various transactions, withdrawable amount, etc. are set. Note that multiple user authentication information is stored in the IC memory 12.
- transaction conditions may be set for each user, as described later with reference to FIG. 4, and the transaction conditions may be recorded in association with the user authentication information of each user. .
- IC card authentication terminals ATM terminals for IC cards, transaction terminal devices
- ATM terminals for IC cards, transaction terminal devices
- the IC card authentication terminal control unit 21 and the memory It consists of a memory 22, a memory writer 23, a magnetic stripe reader 24, an input unit 25, a display unit 26, a pass-pad authentication unit 27, a transaction control unit 28, and a network communication unit 29. ing.
- the IC card authentication terminal control unit 21 manages and controls the operation of each unit (codes 22 to 29) constituting the IC card authentication terminal 20.
- the memory reader 22 reads out a personal identification number and a password from the IC memory 12 when conducting a transaction using the IC card 10, and the magnetic stripe reader 24 uses a magnetic stripe when conducting a transaction using the IC card 10. It reads the customer's bank number and account number from 1.
- the memory writer (writer) 23 receives instructions from the host server 30 and the IC card authentication terminal control unit 21 when the user executes a transaction using the IC password 10 with the IC password authentication terminal 20. In response to this, the electronic data is newly written in the IC memory 10 or the electronic data (contents) written in the IC memory 10 is rewritten as described later.
- the contents newly written or rewritten in the IC memory 10 by the memory writer 23 include, for example, the above-described transaction authentication information (password), user authentication information (password or passphrase), and transaction conditions. , E-mail address, etc.
- the input section 25 is for inputting various information (transaction details, etc.) necessary for the user to make a transaction using the IC card 10.
- the input section 25 is a keyboard or a touch panel that also serves as a display section 26 described later. It is constituted as.
- the input unit 25 of the present embodiment is configured such that the user performs authentication on the IC card authentication terminal 20 (pass-pass authentication unit 27) so that the user can authenticate himself or herself with the IC force 10. It is also used to enter an overnight message (here, the password).
- the display unit 26 is controlled by the IC card authentication terminal control unit 21 to display the display state.
- the display unit 26 displays the above-mentioned touch panel and displays various information necessary for proceeding with the transaction to the user. is there.
- the display unit 26 is realized by, for example, a CRT (Cathode Ray Tube) or an LCD (Liquid Crystal Display).
- the password authentication unit (authentication unit) 27 includes a password input by the user from the input unit 25 and a password read from the IC memory 12 by the memory reader 22. The password is compared with the password, and if they match, the user who entered the password (password input person) is authenticated as the user (owner) of the IC card 10.
- the password authentication unit 27 if the password input from the input unit 25 matches any one of the plurality of passwords, It authenticates that the password input user is the user himself. Then, when the password authentication unit 27 authenticates that the password input user is the user, the password authentication unit 27 notifies the IC card authentication terminal control unit 21 of that fact.
- the transaction control unit 28 controls transactions in accordance with the transaction contents input from the input unit 25, and transmits information such as instructions and requests according to the transaction contents to the network communication unit 29 and The data is sent to the host server 30 via the network 51. Further, when the password input user is authenticated as the user himself and the transaction condition corresponding to the password is read from the IC memory 12 by the memory reader 22, the transaction control unit 2 of the present embodiment 8 also has a function of determining whether or not the transaction content input from the input unit 25 is within the range set by the transaction conditions. When the transaction control unit 28 determines that the transaction is within the above range by the same function, the transaction control unit 28 continues the transaction processing, and when the transaction control unit 28 determines that the transaction is outside the above range, the transaction control unit 28 cannot accept the transaction content. To the IC card authentication terminal control unit 21 to notify the transaction requester (user of the IC card 10) of the transaction. The notification is performed using, for example, the display unit 26.
- the network communication unit 29 functions as a communication interface for exchanging data with the host server 30 via the network 51.
- the network communication unit 29 receives information related to transactions from the host server 30 and a password. If the input user is authenticated as the user, the account information read by the magnetic stripe reader 24, the password read by the memory reader 22 and the transaction control unit 28 The information about these transaction contents is transmitted to the host server 30.
- the network communication unit 29 also has a function of receiving a write request from the host server 30 to, for example, the IC memory 12 or a request to rewrite the contents of the IC memory 12.
- Host server (bank server) 30 is installed in banks, credit companies, etc.
- the IC card authentication terminal 20 is communicably connected to the IC card authentication terminal 20 via the network 51, and receives account information, a password and transaction details from the IC card authentication terminal 20, and receives the received account information, The transaction is based on the password and the details of the transaction.
- the host server 30 is communicably connected to the user terminal 40 via the network 52.
- the host terminal 30 requests a write from the user terminal 40 to the IC memory 12 or rewrites the contents of the IC memory 12.
- the request and the written contents Z are temporarily stored, and the transaction using the IC card 10 that is the target of the request is actually performed by the IC card authentication terminal 20 and the host server.
- the request and the contents of the writing Z are transferred to the IC authentication terminal 20 when the communication is performed with the terminal 30.
- the host server 30 is composed of a host server control unit 31, a network communication unit 32, a customer database 33, an account authentication unit 34, a transaction control unit 35, and a network server 3. 6, network communication section 37 and user request storage section 38.
- the host server control unit 31, network communication unit 32, customer database 33, account authentication unit 34, and transaction control unit 35 are used by banks, credit companies, and the like. It can also be provided by a host server.
- the host server control unit 31 manages and controls the operation of each unit (reference numerals 32 to 38; also including the transaction statement generation unit 39 (see FIG. 11) in the second embodiment) constituting the host server 30. Is what you do.
- the network communication section 32 functions as a communication interface for exchanging data with the IC card authentication terminal 20 via the network 51, and authenticates information (including various requests, etc.) relating to transactions with the IC card. It transmits the information to the terminal 20 and the information about the transaction, together with the account information and the password, from the IC card authentication terminal 20.
- the customer database 33 stores various information about the customer who opened the account. This customer database 33 contains, for each account number, whether a formal PIN registered in advance or whether the account corresponding to the account number is available for trading. The status of the rejection is stored as the various information.
- the account information is received by the network communication unit 32, the personal identification number and status corresponding to the account number in the account information are read out from the customer data 33 to the account authentication unit 34. It is getting to be.
- the account authentication section 34 refers to the status from the customer database 33 to determine whether or not the account to be traded is in a transactable state, and also determines the password and network from the customer database 33. The user is authenticated by comparing the password received by the communication unit 32 with the password. Then, if the account is in a state in which the account can be transacted, and if the two passwords described above match and the user is authenticated, the account authenticating unit 34 controls the host server to that effect (transaction permission). Notify Part 31 to start trading. If the account cannot be traded or the two passwords do not match, the host server control unit 31 and the network communication unit 32 After notifying the IC card authentication terminal 20 via the network 51 and ending the processing without starting the transaction.
- the transaction control unit 35 When the transaction control unit 35 receives the transaction permission notification from the account authentication unit 34 via the host server control unit 31, the transaction control unit 35 refers to the information on the account to be traded from the customer database 33 and performs network communication. It controls the transaction in accordance with the transaction content received in part 32.
- the host server 30 of the present embodiment executes transactions permitted by the transaction control unit 28 of the IC force authentication terminal 20 (that is, transactions within the range set by the transaction conditions).
- the transaction control is performed by the transaction control unit 35, that is, the transaction according to the transaction conditions registered in advance in the IC memory 12 is executed.
- the network server 36, the network communication unit 37, and the user request storage unit 38 are necessary when a user makes a request for an IC card 10 or an account from a user terminal 40 such as a home or office. This unit is added to the host server.
- the network server 36 and the network communication unit 37 are provided for users to exchange data with the host server 30. It is desirable that the server 36 be configured as a server that can be accessed by standard browser software such as a WWW (World Wide Web) server so that the user can access in a general Internet environment.
- standard browser software such as a WWW (World Wide Web) server
- the network communication section 37 functions as a communication interface for exchanging data with the user terminal 40 via the network 52.
- the user request storage unit 38 Upon receiving a write request to the IC memory 12 or a request to rewrite the contents of the IC memory 12 from the user terminal 40, the user request storage unit 38 temporarily stores the request and the contents of the write / rewrite. This is actually realized by the existing memory (RAM, hard disk) that forms the host server 30.
- the IC card is first reset after the resetting timing.
- the transaction using 10 is executed, the transaction conditions in the IC memory 12 of the IC card 10 are reset by the memory writer 23 according to the initial condition. Such a reset operation will be described later with reference to FIG.
- the host server 30 accepts a write request to the IC memory 12 of the IC card 10 or a request to rewrite the content recorded in the IC memory 12 from the user terminal 40 and requests and writes the content. If the rewrite content is stored in the user request storage unit 38, the transaction is first executed after the request is accepted, using the IC card 10 that is the target of the write request rewrite request. In the memory line 23, IC The new contents are written to the IC memory 12 of the card 10 or the contents recorded in the IC memory 12 are rewritten to the new contents. Such a write operation Z rewrite operation will be described later with reference to FIGS. 9 and 10.
- the contents to be rewritten include (1) password (passphrase), (2) transaction conditions set for each password (passphrase), and (3) e-mail address of the IC card 10 user.
- 4 Information (such as account information) on the business partner of the user of the IC card 10 can be considered. It should be noted that a specific example of writing information about the customer of the user (4) will be described in detail in the third embodiment.
- the user terminal 40 is connected to the host server 30 via a network 52 so as to be communicable, is installed in a home or office, and is a personal terminal device such as a personal computer owned by a user of the IC card 10. is there.
- the user terminal 40 may be a personal computer, a mobile phone, or a PDA (Personal Data Associates) connected to the mobile phone.
- the user terminal 40 is used when the user makes a write request to the IC memory 12, a request for rewriting the contents of the IC memory 12, or a request for an account. 4 1, a network communication section 42 and an input section 43.
- the user terminal control unit 41 manages and controls the operation of each unit (reference numerals 42 and 43) constituting the user terminal 40.
- the network communication unit 4 2 functions as a communication interface for exchanging data with the host server 30 via the network 52, and requests for writing to the IC memory 12 and the contents of the IC memory 12. It sends a request for rewriting the account or a request for an account to the host server.
- the input section 43 is for inputting various information (transaction contents, etc.), and is constituted by a general keyboard or mouse.
- the write request to the IC memory 12 described above and It is used to input a request for rewriting the contents of the IC memory 12 or a request for an account.
- the network 51 between the IC card authentication terminal 20 and the host server 30 is different from the network 52 between the host server 30 and the user terminal 40.
- these networks 51 and 52 are the same network. It may be realized by a network. However, in this case, if an open network such as the Internet is used as the network, it is necessary to ensure security.
- a VPN virtual private network
- IPS ec Security Architecture for the Internet Protocol
- the host server is installed.
- Security between the user terminal 40 and the user terminal 40 is ensured by equipping the host server 30 with SSL (Secure Socket Layer) or the like. In this case, physically the same network is used, but since different security measures are adopted, they can be regarded as logically different networks.
- the magnetic stripe 11 of the IC card 10 stores the account information used in the existing magnetic stripe type payment card (conventional card), and the IC memory 12 stores the password and the like. Stores various information necessary for realizing IC card services, such as customer information (a password that has been manually entered in conventional systems).
- the IC-capable terminal By storing the existing information in the magnetic stripe 11 and storing the information for the IC-capable service in the IC memory 12 in this way, the IC-capable terminal (IC card authentication terminal 20) can use the IC capability. Terminals that can receive the service for ID card 10 and do not support IC card 10 (for example, conventional card authentication terminal 20 A shown in Fig. 2) can use the magnetic stripe 11 only. Services for magnetic stripe payment services.
- the user can make a transaction using the IC card 10 (the magnetic stripe 11 and the IC memory 12) at the IC card authentication terminal 20 as described later. Even with the conventional card authentication terminal 20A, transactions can be performed in the same manner as in the past using the IC card 10 (only the magnetic stripe 11).
- the conventional card authentication terminal (conventional card ATM terminal)
- the OA is similar to existing ATM terminals and has no means to access the IC memory 12, but at least a magnetic stripe reader 24A, an input unit 25A and a network communication unit 29A And is communicably connected to the host server 30 via the network 51.
- the IC card 1 0 is inserted by a user, a magnetic scan Toraipuri - by da 2 4 A, the account information recorded in the magnetic stripe 1 1 of IC force one de 1 0 is read.
- the user enters a password (four digits) from the input section 25A.
- the account information and the password are transmitted to the host server 30 through the network communication unit 29A and the network 51.
- the host server 30 retrieves the user's password in the customer database 33 (see Fig. 1) based on the account information received from the terminal 2 OA, and retrieves the password and the password transmitted from the terminal 2 OA.
- the user is authenticated by comparing the number. If the passwords match and the user is authenticated, the host server 30 notifies the terminal 2 OA of the fact and starts a transaction with the user. Therefore, a transaction can be performed using the IC card 10 of the present embodiment without making any change to the existing system.
- the magnetic stripe reader 24 By transmitting the read account information and the personal identification number input by the user from the input unit 25 to the host server 30, authentication and transaction are performed in the same manner as in the related art. Therefore, in the transaction system of the present embodiment, a transaction using the conventional settlement method can be executed as before.
- FIG. 2 is a diagram for explaining the first operation example
- FIG. 3 is a flowchart (steps S1 to S7) for explaining the first operation example.
- the user When a user starts a transaction using the IC card 10 at the IC card authentication terminal 20, first, the user inserts the IC card 10 into the IC card authentication terminal 20. 21 displays a guidance on the display unit 26 and prompts the user Prompt for password. According to this guidance, the user inputs the password PW1 for authentication from the input unit 25 as shown in FIGS.
- the password PW 2 and the password are read from the IC memory 12 of the IC card 10 by the memory reader 22 (step S 1 in FIG. 3), and the password authentication unit 27
- the two passwords PW1 and PW2 are compared to determine whether they match (step S2 in FIG. 3), and the comparison result is notified to the IC card authentication terminal control unit 21. If the passwords PW 1 and PW 2 do not match (“mismatch” route in step S 2), the fact (error) is notified from the pass-word authentication unit 27 to the IC card authentication terminal control unit 21.
- the IC force authentication terminal control unit 21 displays it on the display unit 26, prompts the user to re-execute the transaction, and ends the process (step S7 in FIG. 3).
- step S2 If the passwords PW1 and PW2 match (the "match" route in step S2), it is considered that the user who has input the password is authenticated as the user (owner) of the IC card 10; As shown in FIGS. 1 and 2, the user information is read from the magnetic stripe 11 on the IC card 10 by the magnetic stripe reader 24 (step S3 in FIG. 3), and the personal identification number and the account information are transferred to the network. It is transmitted from the communication unit 29 to the host server 30 via the network 51 (step S4 in FIG. 3).
- the password authentication unit 27 transmits the network communication unit 2 via the IC card authentication terminal control unit 21. Output the transmission permission signal for 9. Then, upon receiving the transmission permission signal, the network communication unit 29 transmits the personal identification number and the account information to the host server 30. Therefore, the reading of the account information by the magnetic stripe reader 24 (step S 4 in FIG. 3) is performed almost simultaneously with the insertion of the IC card 10 (step S 1), not after the user authentication by the password authentication unit 27. At the same time).
- authentication and transactions at the host server 30 are basically executed almost in the same manner as in the past. That is, in the host server 30, when the account information and the password from the IC card authentication terminal 20 are received by the network communication unit 32, the received account Based on the information, the account database 34 refers to the customer database 33 to retrieve the personal identification number and status of the user in the customer database 33. The account authentication unit 34 refers to the status to determine whether or not the account to be traded is in a transactable state, and checks the password from the customer database 33 with the network communication unit 32. The user is authenticated by comparing it with the received password (step S5 in FIG. 3).
- the account authentication unit 34 authenticates that the account to be traded is in a transactable state and that the two passwords described above match and the user is authenticated, that effect (transaction permission) is sent to the host server control.
- the part 31 is notified, and the transaction is started and executed (step S6 in FIG. 3).
- the transaction permission notification is also sent to the IC card authentication terminal 20, and a notification to that effect is displayed on the display unit 26.
- the user selects transaction contents and the like from the input unit 25 while referring to the guidance on the display unit 26.
- the desired transaction contents and the like are transmitted to the host server 30 as shown in FIG. 1 and notified to the transaction control unit 35, and the transaction is executed. If the account is in a state where transactions cannot be performed or the passwords do not match, that effect (transaction refusal) is notified to the IC terminal authentication terminal 20 and transactions are started. The process ends without any processing.
- the existing transaction authentication information (that is, the four-digit authentication number) is used as the IC password.
- the authentication terminal 20 is sent to the host server 30, and the host server 30 performs authentication using a conventional personal identification number. In other words, both the IC card authentication terminal 20 and the host server 30 authenticate the IC card 10 (user).
- the information transmitted from the IC authentication terminal 20 to the host server 30 is the same as the information transmitted from the conventional card authentication terminal 20A to the host server 30. Accordingly, it is possible to connect the conventional card authentication terminal 2 OA and the IC card authentication terminal 20 according to the present embodiment to the existing host server 30 in a mixed manner. In other words, the above-described processing on the host server 30 side is performed in the conventional card authentication terminal 20 A even if it corresponds to the IC card authentication terminal 20. It is the same even if it corresponds to
- the password transmitted from the conventional card authentication terminal 2 OA is manually entered by the user
- the password transmitted from the IC card authentication terminal 20 of the present embodiment is It is stored in the IC memory 12 of the IC card 10 in advance. Therefore, it is unlikely that the two passwords compared by the account authentication unit 34 will be inconsistent, and it is not necessary to compare the passwords.
- the conventional card authentication terminal 2 OA and the IC card authentication terminal 20 of this embodiment are mixed and connected to the host server 30, the account authentication unit 34
- the host server 30 will perform the authentication process. Such software will need to be changed.
- the authentication of the personal identification number from the IC card authentication terminal 20 is performed in the same manner as the authentication of the personal identification number from the conventional card authentication terminal 2 OA. This has the effect of eliminating the need to change existing software on the side.
- the password (passphrase) different from the existing password is set and the password is authenticated without changing the software related to the password authentication processing on the host server 30 side.
- PIN four-digit number
- a character string consisting of alphanumeric characters, hiragana, katakana, kanji, symbols, etc.
- a password By using such a password with arbitrary characters, it is naturally possible to secure much stronger security than the conventional four-digit password.
- FIG. 4 is a diagram showing an example of a password and transaction conditions in the first embodiment
- FIG. 5 is a diagram for explaining the second operation example
- FIG. 6 is a diagram for explaining the second operation example. This is a flowchart (steps S11 to S20).
- one account corresponds to one payment card, and transactions using the payment card are made to the account.
- one card can be used to make transactions for one account, such as depositing, withdrawing, transferring, and checking the balance of an account.
- one account is used by multiple users (for example, family members), it is not possible to restrict the transaction details for each user.
- the IC memory 12 of the IC card 10 stores a plurality of (four in FIG. 4) passwords and transaction conditions (users) corresponding to each password.
- the restriction information By storing the restriction information in advance, one account can be shared by multiple users, and the details of transactions can be restricted for each user.
- a family of four, a father, mother, eldest son, and eldest daughter share a payment card (IC card 10), as shown in Fig. 4, passwords 1 to 4 and passwords 1 to 4 must be used.
- IC card 10 a payment card
- passwords 1 to 4 and passwords 1 to 4 must be used.
- IC memory 1 and 2 By setting the transaction conditions and IC memory 1 and 2 and telling mom, eldest son and eldest daughter only password 2, password 3 and password 4, one account (one IC card 1 0) can be shared by the whole family, and the contents of the transaction can be restricted for each family member.
- the transaction conditions for example, permission of various transactions (balance inquiry, deposit, withdrawal, transfer / transfer, time deposit, change of setting) is set as Z not permitted, and the withdrawable amount at the time of withdrawal permission is set. Is done. Also, in the example shown in Fig. 4, For fathers, the limit is unlimited (account balance) for the father, 100,000 yen for the mother, 10,000 yen for the eldest son, and 5,000 yen for the eldest daughter. At this time, the withdrawable amount may be set as the amount per transaction, or may be set within a certain period (for example, one month). A specific example of the latter case (when the withdrawable amount within a certain period is set) will be described later with reference to FIG.
- the user When a user starts a transaction using the IC card 10 in the IC card authentication terminal 20, the user first inserts the IC card 10 into the IC card authentication terminal 20. Information is displayed on the display unit 26 to prompt the user to enter a passcode. According to this guidance, the user inputs a password for authentication from the input unit 25 as shown in FIGS.
- step S11 in FIG. 6 all passwords and transaction conditions for each password are read by the memory reader 22 from the IC memory 12 of the IC card 10 together with the password.
- the password authentication unit 27 compares the password input from the input unit 25 with the plurality of passwords from the IC memory 12 to obtain a password. Then, it is determined whether or not the input password matches any one of the plurality of passwords (step S12 in FIG. 6), and the determination result is notified to the IC card authentication terminal control unit 21.
- step S12 If the input passcode does not match any of the multiple passcodes (the "mismatch" route in step S12), a message to that effect (error) is sent from the password authentication unit 27 to the IC card authentication terminal control unit 21. Is displayed on the display unit 26 by the IC input authentication terminal control unit 21 to urge the user to re-execute the transaction, and the processing is terminated (step S20).
- step S 12 If a password that matches the input password is found (the “match” route in step S 12), it is considered that the password input user has been authenticated as one of the users, and as shown in FIGS. 1 and 5, Explained with reference to FIGS. 2 and 3.
- the user information is read from the magnetic stripe 11 on the IC card 10 by the magnetic stripe reader 24 (step S13 in FIG. 6), and the personal identification number and the account information are stored in the network communication unit 2. 9 is transmitted to the host server 30 via the network 51 (step S14 in FIG. 6).
- the host server 30 performs password authentication in the same manner as in step S5 in FIG. 3 (step S15 in FIG. 6), and the account authentication unit 34 enables the account to be traded. If the two passwords match and the user is authenticated, the host server controller 31 notifies the host server controller 31 of the fact (transaction permission). Is notified to the IC card authentication terminal 20 through the network communication section 32 and the network 51, and the transaction is started.
- the user selects the transaction content while referring to the guidance on the display unit 26 and inputs it from the input unit 25 (see FIG. 6). Step S16).
- the transaction control unit 28 determines whether or not the transaction content input by the user satisfies the transaction conditions corresponding to the user without displaying the permission service as described above. The transaction may be permitted only when the transaction is made. Furthermore, the above-mentioned permission service is displayed, and when the transaction content is a withdrawal, the transaction control unit 28 determines whether or not the withdrawal amount specified by the user is equal to or less than the withdrawable amount. You can. In any case, in the present embodiment, the contents of the user's transaction are determined by displaying the above-described permitted service and determining the transaction conditions by the transaction control unit 28 in the IC card authentication terminal 20. Within the range set by.
- the transaction conditions include “balance inquiry”, “deposit”,
- the information that "withdrawal” (limit: 100,000 yen) and "transfer / transfer” is permitted is sent to the IC card authentication terminal control unit 21 and the host server 30 sends it.
- the IC card authentication terminal control unit 21 causes the display unit 26 to display a list of services that can be traded (that is, “check balance”, “deposit”, “withdraw”, “transfer / transfer”). Let the user make a selection (step S16 in FIG. 6). Further, as described above, all transactions may be displayed, and the transaction control unit 28 may determine whether or not the transaction content selected by the user is a permitted transaction.
- the transaction control unit 28 determines whether or not the withdrawal amount input by the user matches the transaction conditions (withdrawable amount) (step S17 in FIG. 6). If the input amount is greater than the withdrawable amount (the “non-permission” route in step S17), the transaction control unit 28 does not accept the current transaction. At this time, the IC card authentication terminal control unit 21 displays this fact on the display unit 26 and notifies the user to re-enter the transaction details. If the transaction is to be continued in response to this notification (NO route in step S19 in FIG. 6), the user reselects the transaction contents (step S16 in FIG. 6), and if the transaction is not to be continued (FIG. 6). Step S19: YES route), and the process ends.
- the user's transaction request (transaction content) is transmitted to the host server 30 as it is. Thereafter, the host server 30 operates in exactly the same manner as when handling a transaction request from the conventional card authentication terminal 2 OA (see FIG. 2), and follows the transaction request from the IC card authentication terminal 20. Execute the transaction (step S 18 in FIG. 6). If another transaction is performed after the transaction is completed (NO route in step S19 in FIG. 6), the user reselects the transaction contents (step S16 in FIG. 6), and the user selects another transaction. If not (YES route in step S19 in FIG. 6), the process ends.
- the password and transaction conditions in the IC memory 12 can be changed.
- the memory card 23 is provided in the IC card authentication terminal 20
- passwords and transaction conditions can be changed using the memory card 23.
- a procedure for making a request to change the password or transaction conditions from the user terminal 40 to the host server 30 and making the change through the memory card 23 of the IC card authentication terminal 20 according to the request for change. Will be described later with reference to FIGS. 9 and 10.
- FIG. 7 is a flowchart (steps S11 to S21) for explaining the third operation example.
- steps S11 to S20 are the same as those described with reference to FIG. 6, and a description thereof will be omitted.
- the flowchart shown in FIG. 7 differs from the flowchart shown in FIG. 6 only in that a new step S21 is added between steps S18 and S19.
- a plurality of passwords and transaction conditions corresponding to each password are stored in the IC memory 12 of the IC card 10. Then, in the third operation example, when a transaction amount or a transaction number is set as the transaction condition, the transaction condition is rewritten after the transaction is completed, so that the restriction according to the past transaction can be added. I can do it. That is, as shown in FIG. 7, when the transaction is completed in step S18, in step S21, based on the result (transaction content) of the transaction performed in the host server 30, the memory license 23 is replaced by the IC. The transaction conditions in IC memory 12 of force 10 are rewritten.
- FIG. 7 is a flowchart (steps S11 to S20 and S22 to S25) for explaining the fourth operation example.
- steps S11 to S20 are the same as those described in FIG. 6, and a description thereof will be omitted.
- steps S11 to S20 are the same as those described in FIG. 6, and a description thereof will be omitted.
- the point that new steps S22 to S24 are added between steps S16 and S17 and the difference between steps S18 and S19 are shown.
- the difference from the flowchart shown in FIG. 6 is that a new step S25 is added in between.
- a plurality of passwords and transaction conditions corresponding to each password are stored in the IC memory 12 of the IC force 10.
- the transaction conditions include the transaction amount and the number of transactions and a period (reset timing; for example, every month) in which the use of the amount and the number of transactions are permitted
- the third operation is performed.
- the transaction conditions are rewritten to add restrictions according to past transactions, and the transaction conditions are reset according to the initial conditions at specified intervals.
- the transaction writer 1 (: 1 of the card 10 ⁇ transaction condition in the memory 12) is executed by the memory writer 23. Is reset according to the initial condition.
- the date and time when the transaction was executed is written to the IC memory 12 of the IC card 10 by the memory writer 23 at the end of the transaction.
- an initial value (initial condition) of the transaction condition is stored in the IC memory 12 in advance.
- the IC card authentication terminal controller 21 or the transaction controller 28 determines whether the current transaction date is a new period, that is, the last transaction date is before the previous period. Is determined (step S23).
- step S23 If the transaction date and time is a new period (YES route in step S23), the bow I condition is reset (initialized) according to the initial condition (step S24), and step S1 is executed. Move to 7. On the other hand, if the current transaction date and time is not a new period (NO route in step S23), the process proceeds to step S17 without resetting the transaction conditions.
- step S18 when the transaction is completed in step S18, based on the result (transaction content) of the transaction performed in the host server 30, the memory writer 23 operates the IC memory of the IC card 10 similarly to the third operation example.
- the fourth operation example In addition to rewriting the transaction conditions in 12, the fourth operation example further writes the date and time when the transaction was executed in the IC memory 12 (step S25).
- the transaction conditions of one of a plurality of users are set to “withdrawable amount: 100,000 yen” and “period: every month”, user 1 will receive 50,000 yen.
- the “withdrawable amount: 100,000 yen” is replaced with the “withdrawable amount: 50,000 yen” by the memory writer 23 of the IC force authentication terminal 20 at the end of the transaction.
- the last transaction date and time is written in the IC memory 12. At the start of the transaction, the last transaction date and time and the current transaction date and time are compared.
- the transaction conditions here, the withdrawable amount
- the initial conditions initial values
- Reset initialize
- the amount accumulated in the balance to the initial value (100,000 yen) is used.
- a method of setting as a withdrawable amount is also conceivable. If the latter method is adopted, withdrawal of 70,000 yen in the previous month, and if the withdrawable amount remains 30,000 yen, instead of resetting the withdrawable amount to 100,000 yen, the initial value is 100,000
- the total amount of JPY 130,000 added (cumulative) to JPY 30,000 remaining from the previous month will be set as the withdrawable amount for the new month. In this case, if it is determined that the new “period” (month) is at the beginning of the transaction, the memory writer 23 will use the IC memory 1 as the transaction conditions: 2 will be written.
- FIGS. 9 and 1 are shown in FIGS. 9 and 1, respectively.
- FIG. 9 is a flowchart (steps S31 to S41) for explaining the fifth operation example.
- steps S4 to S7 are the same as those described with reference to FIG. 3, and a description thereof will be omitted.
- FIG. 10 is a flowchart (steps S51 to S61) for explaining the sixth operation example.
- the host server 30 can communicate with a user terminal 40 installed in a home or office via a network (for example, the Internet) 52. Connected, the user can access the host server 30 from the user terminal 40 to refer to the transaction history and the like using the IC card 10 and conduct transactions such as Internet banking. Have an environment that can do it.
- a network for example, the Internet
- the password registered in the IC card 10 can be changed whenever the user desires. Only however, changing the information in the IC memory 12 usually requires an IC memory writing device (memory writer), and owning this memory writer increases the cost burden on the user. Not realistic. It is conceivable that a payment card company such as a bank or a credit company may lend a memory writer to a user, but in this case, the cost burden on the company increases, which is not preferable.
- the password can be changed by using the memory writer 23 in the IC card authentication terminal 20, but in this case, the user must go to the installation corner of the IC card authentication terminal 20. And cannot be changed “when the user wants it”.
- the fifth operation example and the sixth operation example show that the transaction system shown in FIG. 1 uses the recent Internet environment described above and the memory link 23 in the IC card authentication terminal 20 to provide a password.
- the host server 30 of the present embodiment When executing a transaction using the IC card 10, the host server 30 of the present embodiment issues an instruction to rewrite the contents of the IC memory 12 of the IC card 10, and writes new contents to the IC memory 12.
- the IC card authentication terminal 20 is configured to be able to instruct the IC card authentication terminal 20 to perform the authentication.
- the request is sent to the network of the host server 30.
- the request is accepted by the server 36, and the request and the written contents Z
- the rewritten contents are stored in the user request storage unit 38.
- the host server 30 side issues a write request / rewrite request for the IC card 10. Is recognized in the user request storage unit 38, and writing or rewriting according to the request is performed by the memory writer 23 of the IC card authentication terminal 20 by the IC memory of the IC card 10. Performed on 1 2
- the write content Z rewrite content is a password.
- a plurality of passwords and transaction terms corresponding to each password are stored in the IC memory 12 of the IC card 10. And the contents to be written are stored.
- Z When the rewritten contents are pass-word, transaction conditions, etc. [E-mail address of user or information (user information, etc.) about user's business partner] may be used. Will be described.
- the user when the user wants to change the password of the IC card 10 owned by the user, the user connects the network 52 from the input section 43 of the user terminal 40. Then, the host server 30 is accessed via the server (step S31), and a password change is requested to the host server 30 (step S32).
- the password change request (rewrite request) and the rewrite content (new password) are information that can identify the user's IC card 10. (Eg, account number) and stored in the user request storage section 38 (step S33).
- the password data in the IC memory 12 of the IC card 10 owned by the user has not been changed.
- the IC card Prior to performing authentication of 10 first, the IC card authentication terminal 20 notifies the host server 30 that the IC card 10 will be used. At this time, the user's account information is read from the magnetic stripe 11 on the IC card 10 by the magnetic stripe reader 24 (step S35), and the account information is read from the network communication unit 29 to the network 51. Is transmitted to the host server 30 through (step S36).
- the host server 30 Upon receiving the account information, the host server 30 uses the account number included in the account information as a key, and determines whether or not a request corresponding to the account number is stored in the user request storage unit 38, that is, Then, it is determined whether or not a password change request for the IC card 10 to be transacted is stored (step S37). If a password change request for the IC force 10 is stored (YES route in step S37), a new password is transmitted from the host server 30 to the IC card authentication terminal 20 along with the request ( Step S3 8), the password in the IC memory 12 of the IC card 10 is rewritten with the new password by the memory writer 23. (Step S39). Thereafter, the IC card authentication terminal 20 prompts the user to enter a password through the display unit 26 (step S40).
- step S40 If the password change request for the IC card 10 is not stored (NO route in step S37), the fact is notified from the host server 30 to the IC card authentication terminal 20 and the display unit The user is prompted for a password through 26 (step S40).
- step S41 When the user inputs a password from the input unit 25, authentication and transaction are executed in the same procedure as in the flowchart shown in FIG. 3 (step S41).
- step S41 since the account information has already been read in step S35, the processing in step S3 in FIG. 3 can be omitted.
- the password in the IC memory 12 is changed when executing a transaction using the IC password 10, but from the user side, it is as if the user issues a change request from the user terminal 40. Changes appear to have taken place. Thus, even if the user does not have a memory writer or the like, the password can be substantially changed “when the user wants”.
- Steps S51 to S61 in FIG. 10 correspond to steps S31 to S41 in FIG. 9, respectively. That is, when the user wants to change the password or transaction conditions in the IC memory 12 or to write new information in the IC memory 12, the user sends the information from the input unit 43 of the user terminal 40 via the network 52.
- the host server 30 is accessed (step S51), and rewriting / writing is requested to the host server 30 (step S52).
- the host server 30 when the user request is accepted by the network server 36, the rewrite request Z write request and the rewrite content / write content are transmitted to the user.
- the IC card 10 is stored in the user request storage unit 38 in association with information (for example, account number) that can specify the IC card 10 (step S53).
- the host server 30 Upon receiving the account information, the host server 30 uses the account number included in the account information as a key, and determines whether or not a request corresponding to the account number is stored in the user request storage unit 38, that is, Then, it is determined whether or not a rewrite request / write request for the IC card 10 to be transacted is stored (step S57). If the rewrite request Z write request for the IC card 10 has been stored (YES route in step S57), the rewrite content and the Z write content are sent from the host server 30 along with the request.
- the information is transmitted to the terminal 20 (step S58), and the information to be rewritten in the IC memory 12 of the IC card 10 is rewritten by the memory writer 23 in accordance with the rewritten contents, or the IC memory 12 New information is written to the device (step S59). Thereafter, the IC card authentication terminal 20 prompts the user to enter a password through the display unit 26 (step S60).
- step S57 If the rewrite request Z write request for the IC card 10 is not stored (NO route in step S57), the fact is notified from the host server 30 to the IC card authentication terminal 20. The user is prompted to enter a password through the display unit 26 (step S60).
- Step S6Do the sixth operation
- the processing in step S13 in FIGS. 6 to 8 should be omitted. Can be.
- the rewrite / write corresponding to the request is performed prior to password authentication.
- card authentication is performed by the IC card authentication terminal 20 and the transaction is started.
- the rewriting of the information in the IC memory 12 is performed at the time of executing the transaction using the IC card 10, but from the user side, it is as if the user rewrites the Z from the user terminal 40. It looks like a rewrite Z write was made when the request was made. As a result, even if the user does not have a memory writer, I. The contents of the memory 12 can be rewritten / written substantially “when desired by the user”.
- the IC card authentication terminal 20 of the present embodiment and the conventional card authentication terminal (2) OA can be mixed, and when migrating from a system that uses a conventional payment card to a system that uses an IC card 10, there is no need to change the entire system at once, and the system can be migrated at low cost Can be performed. Therefore, the transaction system according to the present embodiment functions effectively at the time of the system transition as described above, and contributes to greatly promoting the spread of the IC card 10.
- the IC card authentication terminal 20 writes the IC card 10 to the IC memory 12 or writes the data to the IC memory 12 by the memory writer 23.
- the recorded contents are rewritten.
- the IC memory of the IC card 10 Content writing and content rewriting for 1 and 2 can be performed.
- the security level is greatly improved by performing authentication with the IC authentication terminal 20 using a password of arbitrary characters, and a password that can be easily remembered can be set. The effect is obtained.
- IC memory 12 of the IC card 10 pass paths for a plurality of users are recorded, and transaction conditions (for example, a withdrawable amount) preset for each user are recorded. If the password from the input unit 25 matches any one of the passwords, a transaction is executed according to the transaction conditions corresponding to the user, and one IC card 10, that is, one transaction account is executed. Can be shared by multiple users, and for each user, the contents of the transaction (for example, withdrawal of cash) that the user can carry out can be set in the range set by the transaction conditions (for example, the amount that can be withdrawn). Can be restricted within.
- the memory writer 23 uses the memory writer 23 based on the result of the transaction performed in the host server 30.
- the transaction conditions can be updated according to the transaction content.
- the reset timing at which the transaction conditions should be reset and the initial conditions of the transaction conditions are set, and when the transaction using the IC card 10 is executed for the first time after the reset timing, the memo is set.
- the transaction conditions are automatically rewritten to the initial conditions at predetermined intervals, for example, the withdrawable amount can be changed.
- Transaction conditions can be automatically rewritten so that they are added (cumulative) to the amount set in the initial conditions. Such transactions Since the rewriting of conditions is performed automatically at the time of execution of the transaction, there is no need for the user to give rewriting instructions or pay special attention to the rewriting.
- the host server 30 receives a write request Z from the user terminal 40 for a write request to the IC memory 12 of the IC card 10, new contents (for example, password, transaction condition, IC (E.g., e-mail address of the IC card user, customer information of the IC card user), and then, when the transaction is executed for the first time by the target IC card 10, the IC card
- the IC card By writing new contents to the IC memory 12 of the IC card 10 or rewriting the contents of the memory to the new contents by the memory writer 23 of the authentication terminal 20, the user can write a special card. Even if the user does not own an embedded device (IC card writer), or if the user does not line up at an ATM terminal or window to rewrite the memory contents, the card Can write and rewrite .
- the information (for example, the transfer destination account number) of the user B's business partner is stored in the IC memory of the user B's IC card 10 by the memory writer 23.
- the input of the business partner information is not required, and the user B can use the IC card authentication terminal 2 Operations to be performed at 0 can be simplified.
- FIG. 11 is a block diagram showing the configuration of a transaction system according to a second embodiment of the present invention.
- the transaction system of the second embodiment basically includes the first embodiment.
- the system comprises an IC card 10, an authentication terminal 20 for IC card, a host server 30, a user terminal 40, a network 51 and a network 52.
- the same reference numerals as those described above indicate the same or almost the same portions, and therefore, detailed description thereof will be omitted.
- the e-mail address of the user of the IC card 10 is recorded in advance. This e-mail address can be written and rewritten by accessing the host server 30 from the user terminal 40 as described in the first embodiment. Note that the IC memory 12 Instead of recording the user's e-mail address, the user's e-mail address may be stored in the customer database 33 of the host server 30 in association with the user's account number.
- the IC card authentication terminal 20 in the second embodiment is configured in substantially the same manner as in the first embodiment, but in the second embodiment, the memory reader 22 uses the IC memory 12 together with a password, a password and a password.
- the user's e-mail address is read, and if the person who entered the passcode is authenticated by the password authentication unit 27 as a user of the IC card 10, the e-mail address is read by the memory reader 22.
- the received e-mail address is transmitted from the IC card authentication terminal 20 to the host server 30.
- the host server 30 in the second embodiment is configured in substantially the same manner as in the first embodiment.
- a transaction statement is generated instead of the user request storage unit 38 in the first embodiment.
- Part 39 is provided.
- the transaction statement generation unit 39 is managed and controlled by the host server control unit 31. After the transaction is completed (each time a transaction is performed), a notification document (transaction statement, transaction content) is generated from the content of the transaction performed this time. This is actually realized by an existing CPU or the like constituting the host server 30 executing a predetermined program.
- the notification document generated by the transaction statement generation unit 39 is sent to the e-mail address of the user who made the transaction via the network communication unit 37 and the network 52 via the network server 36. It is sent by. ⁇
- host server 30 of the second embodiment may also have the function of the user request storage unit 38 of the first embodiment.
- the user terminal 40 according to the second embodiment is configured substantially in the same manner as the first embodiment.
- the second embodiment has a function for receiving an e-mail
- a display unit 44 is provided in place of the form input unit 43.
- the display section 44 is controlled by the user terminal control section 41 to display the display state, and displays a notification document (transaction details, transaction details) received from the host server 30 by e-mail.
- the display that is commonly provided in the terminal (CRT, LCD, etc.).
- the user terminal 40 of the second embodiment may also have the function of the input unit 43 of the first embodiment.
- FIG. 12 is a flowchart (steps S 1 ′, S 2 to S 7 and S 71 to S 73) for explaining the first operation example. Since S2 to S7 are the same as those described in FIG. 3, the description will be omitted.
- the user operates the IC card authentication terminal 20
- step S7 the processing (steps S2 to S7) is performed in the same manner as described with reference to FIG. 3, and when the transaction in step S6 is completed, the user's e-mail address is transmitted from the IC card authentication terminal 20.
- the host server 30 is notified (step S71). Instead of notifying the host server 30 of the e-mail address after the transaction, the e-mail address may be transmitted together with the password and the account information in step S4.
- the transaction document generation unit 39 of the host server 30 generates a notification document from the content of the transaction performed this time (step S72), and then transmits the notification document (transaction content) to the network server.
- the notification document transmission content
- an e-mail is sent to the e-mail address of the user who made the transaction (step S73).
- the user can receive the details of the transaction as electronic data by e-mail, so that the transaction history can be stored as electronic data on the user terminal 40, such as an electronic passbook or an electronic household account book. Can be easily constructed on the user terminal 40.
- the details of the transaction are immediately sent to the user's address by e-mail every time. If 1-10 is illegally used by a third party, the unauthorized use Is immediately notified, so that the user can immediately know the unauthorized use. At this time, if information on the IC card authentication terminal 20 of which branch used the IC card 10 is added to the notification document notified by e-mail, the police or IC card management company (credit company) , Banks, etc.) can be notified immediately of the trends of unauthorized users.
- sending the transaction contents to the user's e-mail address as described above is not limited to the transaction using the IC card 10 but can also be performed during the transaction using a conventional card having a magnetic stripe. .
- the transaction is performed in the same manner as described above. Each time, the details of the transaction will be notified by e-mail to the user's e-mail address.
- the host server 30 is notified of the e-mail address from the IC card authentication terminal 20 and transmits a notification document to the e-mail address.
- the user's e-mail address is stored in the customer database 33 of the host server 30 in association with the user's account number, and transmitted from the IC card authentication terminal 20.
- the notification document may be sent to the e-mail address obtained by searching the customer data base 33 using the account number (account information) as a key.
- the transaction content (notification document) is transmitted from the host server 30 to the user's e-mail address.
- a notification document may be generated from the contents of the transaction, and the notification document may be transmitted from the IC card authentication terminal 20 to the e-mail address of the user.
- FIG. 13 is a flowchart (steps S1 to S7 and S74 to S76) for explaining the second operation example.
- S7 is the same as that described in FIG. 3, the description thereof will be omitted.
- the processing is performed according to the procedure described with reference to FIG.
- step S6 When the transaction in step S6 is completed, the transaction statement generation unit 39 of the host server 30 generates a notification document (transaction statement) from the contents of the transaction performed this time (step S74).
- the notification document is transmitted from the network communication unit 32 to the IC card authentication terminal 20 via the network 51 (step S75).
- step S75 At the IC card authentication terminal 20, each time the transaction is completed, the notification document from the host server 30 is written into the IC memory 12 of the IC card 10 by the memory writer 23 as the details of the transaction (step S7). 6).
- the transaction contents (notification document) written in the IC memory 12 of the IC card 10 as described above are stored in the memory reader 22 according to the read request of the user.
- the data is read from the IC memory 12 and transmitted from the IC card authentication terminal 20 to the host server 30.
- the transaction contents read by the host server 30 are transmitted by e-mail to the read e-mail address.
- the transaction contents may be sent to the e-mail address by the IC force authentication terminal 20 instead of the host server 30.
- a transaction content read request can be made from the input section 25 of the IC card authentication terminal 20 while the user enters the IC card 10 into the IC card authentication terminal 20 and conducts a transaction.
- a read request may be made from the user terminal 40 as in the fifth operation example or the sixth operation example of the first embodiment.
- the host server 30 When a read request is made from the user terminal 40 as in the latter case, the host server 30 must have a function as the user request storage section 38 of the first embodiment. Then, the read request is temporarily stored in the user request storage unit 38, and at a later date, the user sends the IC card 10 to the IC card authentication terminal 20 in order to conduct a transaction using the IC card 10. When it is entered, the transaction contents and e-mail address are read from the IC memory 12 by the memory reader 22 and the transmission process is performed.
- a normal ATM terminal issues a transaction statement every time a transaction is performed, but in the second operation example of the second embodiment, the transaction content (transaction statement) is stored in the IC memory 12, It is possible to omit the issuance of a transaction statement, and it is possible to achieve a one-less system. Also, when the user wants the transaction contents stored in the IC memory 12 to be electronic data, the user sends the transaction contents to the e-mail address in the IC memory 12 so that the user can use the IC memory reader. Even if you do not own, you can get the transaction content in IC memory 12.
- the acquisition request (read request) may be made from the IC card authentication terminal 20 or may be made from the user terminal 40 in the home Z office.
- the actual transaction content is notified by e-mail only after the acquisition request is made and the user uses the IC card 10 with the IC card authentication terminal 20. It is time to make a deal.
- the user's e-mail address is recorded in the IC memory 12 of the IC card 10, and the host server 30 is operated after the transaction is completed.
- the user can save the details of the transaction as e-mail (electronic data), and if the card is misused, The user can immediately know the unauthorized use.
- the contents of the transaction are written and stored in the IC memory 12 of the IC card 10 by the memory writer 23, so that the company to which the host server 30 belongs (eg, a bank, a credit company, etc.)
- the company to which the host server 30 belongs eg, a bank, a credit company, etc.
- the memory can be used effectively.
- the user's e-mail address is recorded in the IC memory 12 of the IC card 10 and the transaction content is read out by the memory reader 22 when the transaction is executed in response to the transaction content read request.
- the user can acquire the transaction contents recorded in the IC memory 12 of the IC card 10 as e-mail (electronic data).
- FIG. 14 is a block diagram showing the configuration of a transaction system according to the third embodiment of the present invention.
- the transaction system according to the third embodiment includes the first and second embodiments.
- IC card 10 IC card authentication terminal 20, host server 30, user terminal 40 (4 OA, 40 B), network 51 and network 52
- a certification authority 60 In addition, it is configured with a certification authority 60.
- user terminals 4 OA and 40 B are owned by the user A and the user B, respectively, and the basic configuration is as shown in FIG. 1 and FIG. Is the same as In this embodiment, as described later with reference to FIGS. 18 (A) to 18 (C), user A is a seller (seller) of a product, and user B is a user of the product. Is the buyer (buyer).
- a certification authority (CA) 60 is connected to at least a user terminal 40 B (40) via a network 52 so as to be communicable with each other. As shown in FIG. It comprises at least a network communication unit 61, a user information receiving unit 62, an encryption key Z decryption key generation unit 63, and a user management database 64.
- FIG. 15 is a block diagram showing the configuration of the certificate authority 60 in the third embodiment.
- the network communication unit 61 functions as a communication interface for exchanging data with the user terminal 40 B via the network 52.
- the network communication unit 61 transmits a registration request and user information from the user terminal 40 B (user B). In addition to receiving (see arrow A1 in Fig. 14), it transmits the encryption key / decryption key generated in response to the registration request and user information to the user terminal 40B (Fig. 14). Arrow A2).
- the user information receiving unit 62 receives the user information of the user B who has received the registration request from the various information received by the network communication unit 61. Then, the encryption key / decryption key generation unit 63 generates a symbol key decryption key for the user B based on the user information received by the user information reception unit 62. As described above, the encryption key Z decryption key generated in step (1) is returned from the network communication unit 61 to the user terminal 40B (see arrow A2 in FIG. 14).
- the user management data base 64 stores the encryption key / decryption key generated by the encryption key / decryption key generation unit 63.
- the user terminal 40 B (40) owned by the user B has a key holding unit 45 and a plaintext signature holding unit 4 in addition to the configuration of the user terminal 40 shown in FIG. 1 and FIG. 6, a clock 47 and an electronic signature generation unit 48.
- FIG. 16 is a block diagram showing the configuration of the user terminal 40 B in the third embodiment.
- the network communication unit 42 in the user terminal 40 B functions as a communication interface for exchanging data with the certificate authority 60 and the user terminal 4 OA via the network 52, and It sends the request and user information to the certificate authority 60 (see arrow A1 in Fig. 14), receives the encryption key Z decryption key from the certificate authority 60 (see arrow A2 in Fig. 14), Prior to the purchase of a product from user A, user B sends the transfer information with a digital signature (account information such as the presence or absence of an account of user B) to user terminal 4 OA (FIG. 1). 4 see arrow A3).
- a digital signature account information such as the presence or absence of an account of user B
- the key holding unit 45 holds the key code Z decryption key received from the certificate authority 60, and the plaintext signature holding unit 46 should be sent to the host server 30 via the user A.
- the clock 47 holds the plaintext signature including the account information of the user B, and the clock 47 is for measuring the current date and time.
- the electronic signature generation unit 48 stores the plaintext signature held in the plaintext signature holding unit 46 and the date and time information from the clock 47.
- a digital signature is generated by encrypting with the encryption key in the key holding unit 45 (that is, the ⁇ key issued from the certificate authority 60).
- the electronic signature (transfer source information with an electronic signature) generated by the electronic signature generation unit 48 is returned from the network communication unit 42 to the user terminal 40B as described above (see FIG. (See arrow A3 at 14).
- the network communication unit 42 in the user terminal 4 OA functions as a communication interface for exchanging data with the user terminal 40 B and the host server 30 via the network 52.
- receives an electronic signature transfer source information with an electronic signature
- the details of the transaction with User B and the electronic signature from User B are sent to the host server.
- 30 is sent (see arrow A4 in Fig. 14).
- FIG. 17 is a block diagram showing the configuration of the host server 30 in the third embodiment.
- the network communication section 37 in the host server 30 functions as a communication interface for exchanging data with the user terminal 4 OA via the network 52. It receives an electronic signature from User B (see arrow A4 in Figure 14).
- the electronic signature decryption unit 31a decrypts the electronic signature from the user terminal 4OA with the decryption key to confirm that the user B is a trading partner of the user A, and that the account of the user B is stored in the host server 30. After confirming that it exists in the bank to which it belongs, the transaction details are registered in User B's account along with User A's account information. That is, the transaction contents and the account information of the user A are stored in the customer data base 33 in association with the account number of the user B.
- the transaction information confirmation unit 31b receives a notification from the IC card authentication terminal 20 that the user B has executed a transaction using the IC card 10 with the IC card authentication terminal 20 (see FIG. 1). Check the transaction information (transaction details) for User B registered in the customer database 33, and send the transaction information to the IC card authentication terminal via the network communication unit 32 and the network 51. 20 (see arrow A6 in Fig. 14).
- the IC card authentication terminal 20 of the third embodiment receives the transaction information for the user B from the host server 30, the IC card 10 (the IC memory 12) of the user B performing the transaction,
- the memory writer 23 writes the transaction information (information related to the user B's business partner; that is, the counterparty information necessary for the user B to conduct a transaction) (see arrow A7 in Fig. 14). ).
- Fig. 18 (A) is for explaining the operation of a normal transaction system using cash settlement.
- user B buyer
- Fig. 18 (B) is for explaining the operation of a normal transaction system using bank settlement.
- user A transfers goods and transfer money to user B.
- destination information user A's account information
- user B transfers the product price to user A based on user A's account information (see arrow A 22).
- the transaction is completed when the bank deposits into User A's account (see arrow A23).
- FIG. 18 (C) explains the basic operation of the transaction system of the third embodiment.
- the transfer source information (electronic signature) is transmitted to user A (arrow A31; corresponding to arrow A3 in FIG. 14), and user A receives the transfer source information (electronic signature) or the electronic signature.
- the details of the transaction are sent to the bank and registered (arrow A32; corresponding to arrow A4 in Fig. 14).
- the bank confirms the presence or absence of the account of user B based on the transfer source information
- user A delivers the product to user B (arrow A33).
- the transaction information with the user A registered in the bank (transaction content ⁇ including the account information of the user A)
- the user B is notified of the existence of the transaction, and the transaction information is written into the IC memory 12 of the IC card 10.
- User B transfers the product price to User A based on the transaction information written in IC memory 12 (see arrow A 34), and the bank deposits the money into User A's account (see arrow A). A35), the transaction is completed.
- the user B When starting a transaction with the user A, the user B generates an encryption signature (electronic signature) using the encryption key from the certification authority 60 at the user terminal 40B (step S81), and transmits the encryption signature. Notify user A (step S82).
- an encryption signature electronic signature
- the user A When the user A receives the encryption signature from the user B, the user A accesses the host server 30 from the user terminal 4 OA (step S83), and receives the encryption signature from the user B and the password.
- the transaction contents (amount, time limit, etc.) with the user B are transmitted to the host server 30 (step S84).
- the host server 30 decrypts the encrypted signature of the user B received from the user terminal 4OA, and confirms whether or not the user B has an account (step S85). If there is no user B account (NO route in step S85), the host server 30 notifies the user terminal 4OA of the fact and terminates the process.
- the host server 30 notifies the user terminal 4 OA of the fact, and the transaction contents and the account information of user A Are registered and stored in the customer database 33 in correspondence with the account information of the user B (step S86).
- User A who is notified that User B's account exists, ships the product to User B.
- step S87 When User B makes any transaction using the IC card 10 in the IC card authentication terminal 20 (YES route in step S87), the host supervisor 30 (customer database 33) The user B is notified that the transaction information (including the transaction details of the user A's account information) registered with the user A registered in the 2 is written (step S89). Then, the user B transfers the commodity price to the user A based on the transaction information written in the IC memory 12.
- a transaction is performed while authenticating User B using an electronic signature (encrypted signature) using an encryption key issued by the certificate authority 60. Even without using a digital signature (encryption signature), user A and user B can conduct transactions.
- Such an example will be described as a second operation example (transaction procedure) of the transaction system of the third embodiment with reference to a flowchart (steps S91 to S97) shown in FIG.
- the user terminal 40B When the user B starts a transaction with the user A, the user terminal 40B notifies his / her information (user information) to the user terminal 40A (step S91).
- the user A receives the notification from the user B, the user A accesses the host server 30 from the user terminal 40A (step S92) and, based on the information from the user B, the business partner (user B). It is inquired whether or not an account exists (step S93). Receive this inquiry
- the host server 30 checks whether the user has an account (step S94). If there is no user B account (NO route in step S94), the host server 30 notifies the user terminal 4 OA of the fact and terminates the process.
- the host server 30 notifies the user terminal 4 OA of the fact, and the user A receiving the notification transmits the transaction contents. (Amount, time limit) is transmitted from the user terminal 4 OA to the host server 30 (step S95). Then, the host server 3 0, and transaction details from the user terminal 4 0 A, and the account information of the user A, in correspondence with the account information customer data of user B - are registered 'stored in the evening base 3 3. User A, who is notified that User B's account exists, sends the product to User B.
- the host server 30 (customer database 33) User B is notified that transaction information with User A (including transaction details—user A's account information) is registered in User B, and IC card 10 IC memory 1 2 (Step S97). Then, the user B transfers the commodity price to the user A based on the transaction information written in the IC memory 12.
- the customer (user B) taught by the customer (user B) sends its own (user A) account information to the host server 30 for this trading account. Thereafter, when the customer (user B) makes a transaction using the IC card 10, the information on the transaction account is notified by the display unit 26 and the customer (user B) receives the IC card 10 from the customer (user B). Written to IC memory 12.
- the bank name and account number of the counterparty information are not displayed, and only the transaction name and amount are displayed. Information) is not notified, so that a transaction between user A and user B can be realized while preventing leakage of private information of user A.
- the information of the trading partner (user B) does not need to be the account number, but may be an ID number that can identify the trading partner (user B) account, an encrypted electronic signature that can be decrypted by a bank, etc. Any information that can identify the counterparty and identify that the counterparty has an account at the bank may be used.
- the bank's host server 30 knows the account information of both users A and B, but users A and B can make payments without knowing the respective account information.
- the account information is read from the magnetic stripe 11 by the magnetic stripe reader 24.
- the account information is also stored in the IC memory 12 in advance, and the IC card 10 performs IC card authentication.
- the IC card 10 When it is inserted into the terminal 20, it may be read out from the IC memory 12 together with the password and the password by the memory reader 22.
- FIG. 21 is a block diagram showing a modified example of the passcode authentication function according to the present invention.
- the password authentication unit (see reference numeral 27 in FIGS. 1 and 11) in the IC card authentication terminal 20 can be omitted.
- the IC card authentication terminal 20 transmits the passcode PW1 input by the user from the input unit 25 to the IC card 10.
- IC card 10 compares password PW 1 from IC card authentication terminal 20 with password PW 2 in IC memory 12. If the passwords PW1 and PW2 match, the memory information output of the IC card 10 ⁇ 14 uses the information (such as a password) in the IC memory 12 as the memory information of the IC card authentication terminal 20. Output to 2nd 2nd.
- the memory reader 22 transmits the information to the host server 30 together with the account information from the magnetic stripe 11.
- the memory information output unit 14 of the IC card 10 does not output the information in the IC memory 12. Since the subsequent transaction operation is the same as in the first and second embodiments, the description thereof is omitted.
- password authentication of the IC card 10 can be realized on the IC card 10 side. That is, the password authentication of the IC card 10 can be performed by either the IC card authentication terminal 20 or the IC card 10.
- the IC password authentication terminal control unit 21 After transmitting the password PW 1 from the IC password authentication terminal 20 to the IC password 10, the IC password authentication terminal control unit 21 transmits the information from the IC password 10 within a predetermined time. It monitors whether there is any input, and if there is no information input within a predetermined time, a timeout error is generated and the user is notified that the password input by the user has failed.
- the transaction information read from the magnetic stripe of the card and The transaction authentication information read from the card memory is transmitted to the host server, and the host server executes a transaction based on the information.
- the host server executes a transaction based on the information.
- the transaction terminal device writes to the memory of the card or rewrites the content recorded in the memory by the memory writer.
- the user can use the power supply.
- the contents can be written to or rewritten from the memory of the card at the same time when the desired transaction is performed by the transaction terminal device.
- the present invention provides credit card / cash capabilities such as transactions with ATM terminals using bank cash cards, transactions with debit cards at stores, and shopping Z cashing with credit cards of credit companies. It is suitable for use in transactions that use payments, etc., and functions effectively when the system is migrated as described above, contributing to the significant promotion of the spread of IC card type payment cards. Is considered to be extremely useful.
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2004519180A JPWO2004006194A1 (ja) | 2002-07-04 | 2002-07-04 | 取引システムおよび取引端末装置 |
PCT/JP2002/006794 WO2004006194A1 (ja) | 2002-07-04 | 2002-07-04 | 取引システムおよび取引端末装置 |
EP02743833A EP1521220A4 (en) | 2002-07-04 | 2002-07-04 | TRANSACTION SYSTEM AND TRANSACTION TERMINAL |
US10/999,080 US7475045B2 (en) | 2002-07-04 | 2004-11-30 | Transaction system and transaction terminal equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2002/006794 WO2004006194A1 (ja) | 2002-07-04 | 2002-07-04 | 取引システムおよび取引端末装置 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/999,080 Continuation US7475045B2 (en) | 2002-07-04 | 2004-11-30 | Transaction system and transaction terminal equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2004006194A1 true WO2004006194A1 (ja) | 2004-01-15 |
Family
ID=30022618
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2002/006794 WO2004006194A1 (ja) | 2002-07-04 | 2002-07-04 | 取引システムおよび取引端末装置 |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP1521220A4 (ja) |
JP (1) | JPWO2004006194A1 (ja) |
WO (1) | WO2004006194A1 (ja) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2005338909A (ja) * | 2004-05-24 | 2005-12-08 | Dainippon Printing Co Ltd | 情報登録端末、サービス端末、プログラム及び情報登録システム |
JP2006330992A (ja) * | 2005-05-25 | 2006-12-07 | Nippon Telegr & Teleph Corp <Ntt> | 預金管理システム、預金管理方法、セキュアデバイス装置、および情報処理装置 |
JP2007519108A (ja) * | 2004-01-20 | 2007-07-12 | 金 富 黄 | 電話を介した安全な支払のためのロック付き銀行コンピュータ口座システム及び対応する方法 |
JP2007264777A (ja) * | 2006-03-27 | 2007-10-11 | Mizuho Bank Ltd | 決済管理方法及び決済管理システム |
JP2014514669A (ja) * | 2011-05-04 | 2014-06-19 | 中国▲銀▼▲聯▼股▲ふん▼有限公司 | ユーザ端末及び支払いシステム |
JP2015135569A (ja) * | 2014-01-16 | 2015-07-27 | Kddi株式会社 | 管理装置、管理システム、管理方法及び管理プログラム |
US9298700B1 (en) | 2009-07-28 | 2016-03-29 | Amazon Technologies, Inc. | Determining similar phrases |
US9390416B2 (en) | 2006-08-25 | 2016-07-12 | Amazon Technologies, Inc. | Utilizing phrase tokens in transactions |
US9485286B1 (en) | 2010-03-02 | 2016-11-01 | Amazon Technologies, Inc. | Sharing media items with pass phrases |
US9569770B1 (en) | 2009-01-13 | 2017-02-14 | Amazon Technologies, Inc. | Generating constructed phrases |
US10007712B1 (en) | 2009-08-20 | 2018-06-26 | Amazon Technologies, Inc. | Enforcing user-specified rules |
JP7351982B1 (ja) | 2022-07-26 | 2023-09-27 | 株式会社ジャックス | 情報処理装置及びコンピュータプログラム |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH01145798A (ja) * | 1987-09-08 | 1989-06-07 | Juergen Dethloff | 多使用者及び可変値カードシステム |
JPH0619948A (ja) * | 1991-12-13 | 1994-01-28 | Matsushita Electric Ind Co Ltd | 暗証番号照合方法及びその装置 |
JPH09326001A (ja) * | 1996-06-07 | 1997-12-16 | Oki Electric Ind Co Ltd | 多機能カードシステム |
JPH1165959A (ja) * | 1997-08-22 | 1999-03-09 | Oki Electric Ind Co Ltd | 取引情報通知システム |
JPH11203374A (ja) * | 1998-01-13 | 1999-07-30 | Hitachi Ltd | 電子マネー取扱装置およびそれに用いられる電子マネー記録媒体 |
JP2000200386A (ja) * | 1999-01-07 | 2000-07-18 | Sanyo Electric Co Ltd | 自動販売機精算システム |
WO2001055955A1 (en) | 2000-01-28 | 2001-08-02 | International Apparel Group, Llc | A multi-application smart card with currency exchange, location tracking, and personal identification capabilities |
JP2001291034A (ja) * | 2000-04-07 | 2001-10-19 | Nec Mobile Commun Ltd | クレジットカード不正利用防止システム |
JP2002150366A (ja) * | 2000-11-13 | 2002-05-24 | Fuji Denki Reiki Co Ltd | 自動販売機のカード入金システム |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5530232A (en) * | 1993-12-22 | 1996-06-25 | Datamark Services, Inc. | Multi-application data card |
JP2000011081A (ja) * | 1998-03-26 | 2000-01-14 | Citicorp Dev Center Inc | マルチメモリ技術スマ―トカ―ドによるリモ―トバンキングの方法およびシステム |
US6315195B1 (en) * | 1998-04-17 | 2001-11-13 | Diebold, Incorporated | Transaction apparatus and method |
US20020052843A1 (en) * | 2000-08-04 | 2002-05-02 | Canon Eduardo Gomez | Smart card for and method of executing transactions |
-
2002
- 2002-07-04 EP EP02743833A patent/EP1521220A4/en not_active Withdrawn
- 2002-07-04 JP JP2004519180A patent/JPWO2004006194A1/ja active Pending
- 2002-07-04 WO PCT/JP2002/006794 patent/WO2004006194A1/ja active Application Filing
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH01145798A (ja) * | 1987-09-08 | 1989-06-07 | Juergen Dethloff | 多使用者及び可変値カードシステム |
JPH0619948A (ja) * | 1991-12-13 | 1994-01-28 | Matsushita Electric Ind Co Ltd | 暗証番号照合方法及びその装置 |
JPH09326001A (ja) * | 1996-06-07 | 1997-12-16 | Oki Electric Ind Co Ltd | 多機能カードシステム |
JPH1165959A (ja) * | 1997-08-22 | 1999-03-09 | Oki Electric Ind Co Ltd | 取引情報通知システム |
JPH11203374A (ja) * | 1998-01-13 | 1999-07-30 | Hitachi Ltd | 電子マネー取扱装置およびそれに用いられる電子マネー記録媒体 |
JP2000200386A (ja) * | 1999-01-07 | 2000-07-18 | Sanyo Electric Co Ltd | 自動販売機精算システム |
WO2001055955A1 (en) | 2000-01-28 | 2001-08-02 | International Apparel Group, Llc | A multi-application smart card with currency exchange, location tracking, and personal identification capabilities |
JP2001291034A (ja) * | 2000-04-07 | 2001-10-19 | Nec Mobile Commun Ltd | クレジットカード不正利用防止システム |
JP2002150366A (ja) * | 2000-11-13 | 2002-05-24 | Fuji Denki Reiki Co Ltd | 自動販売機のカード入金システム |
Non-Patent Citations (1)
Title |
---|
See also references of EP1521220A4 * |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007519108A (ja) * | 2004-01-20 | 2007-07-12 | 金 富 黄 | 電話を介した安全な支払のためのロック付き銀行コンピュータ口座システム及び対応する方法 |
JP2005338909A (ja) * | 2004-05-24 | 2005-12-08 | Dainippon Printing Co Ltd | 情報登録端末、サービス端末、プログラム及び情報登録システム |
JP2006330992A (ja) * | 2005-05-25 | 2006-12-07 | Nippon Telegr & Teleph Corp <Ntt> | 預金管理システム、預金管理方法、セキュアデバイス装置、および情報処理装置 |
JP2007264777A (ja) * | 2006-03-27 | 2007-10-11 | Mizuho Bank Ltd | 決済管理方法及び決済管理システム |
US10607223B2 (en) | 2006-08-25 | 2020-03-31 | Amazon Technologies, Inc. | Utilizing phrase tokens in transactions |
US10089623B2 (en) | 2006-08-25 | 2018-10-02 | Amazon Technologies, Inc. | Utilizing phrase tokens in transactions |
US9390416B2 (en) | 2006-08-25 | 2016-07-12 | Amazon Technologies, Inc. | Utilizing phrase tokens in transactions |
US10019708B2 (en) | 2006-08-25 | 2018-07-10 | Amazon Technologies, Inc. | Utilizing phrase tokens in transactions |
US9569770B1 (en) | 2009-01-13 | 2017-02-14 | Amazon Technologies, Inc. | Generating constructed phrases |
US9298700B1 (en) | 2009-07-28 | 2016-03-29 | Amazon Technologies, Inc. | Determining similar phrases |
US10007712B1 (en) | 2009-08-20 | 2018-06-26 | Amazon Technologies, Inc. | Enforcing user-specified rules |
US9485286B1 (en) | 2010-03-02 | 2016-11-01 | Amazon Technologies, Inc. | Sharing media items with pass phrases |
US9697513B2 (en) | 2011-05-04 | 2017-07-04 | China Unionpay Co., Ltd. | User terminal and payment system |
JP2014514669A (ja) * | 2011-05-04 | 2014-06-19 | 中国▲銀▼▲聯▼股▲ふん▼有限公司 | ユーザ端末及び支払いシステム |
JP2015135569A (ja) * | 2014-01-16 | 2015-07-27 | Kddi株式会社 | 管理装置、管理システム、管理方法及び管理プログラム |
JP7351982B1 (ja) | 2022-07-26 | 2023-09-27 | 株式会社ジャックス | 情報処理装置及びコンピュータプログラム |
Also Published As
Publication number | Publication date |
---|---|
EP1521220A4 (en) | 2006-05-31 |
JPWO2004006194A1 (ja) | 2005-11-04 |
EP1521220A1 (en) | 2005-04-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7475045B2 (en) | Transaction system and transaction terminal equipment | |
US10748147B2 (en) | Adaptive authentication options | |
EP2212842B1 (en) | System and method for secure management of transactions | |
US6931382B2 (en) | Payment instrument authorization technique | |
JP5608081B2 (ja) | 安全な金融取引を行うための装置および方法 | |
US20050085931A1 (en) | Online ATM transaction with digital certificate | |
US20020032663A1 (en) | Apparatus and method for performing secure network transactions | |
US20020184500A1 (en) | System and method for secure entry and authentication of consumer-centric information | |
KR20100032935A (ko) | 온라인 지불인 인증 서비스 | |
CA2454576A1 (en) | Third party card validation over network for ecommerce | |
US20080257956A1 (en) | System for fulfilling purchases | |
JPWO2006082913A1 (ja) | ネットワーク決済カード、ネットワーク決済プログラム、認証サーバ、及びショッピングシステムと決済方法 | |
WO2004006194A1 (ja) | 取引システムおよび取引端末装置 | |
WO2017110268A1 (ja) | 決済システム、ユーザ端末及びそれで実行される方法、決済装置及びそれで実行される方法、並びにプログラム | |
US20020095580A1 (en) | Secure transactions using cryptographic processes | |
KR100822985B1 (ko) | 닉네임을 이용한 지불결제 처리 시스템 | |
JP2005512225A (ja) | 埋込コンテンツの自動化された権利管理及び支払いシステム | |
JP2001337925A (ja) | ユーザ認証装置及びこれを用いた商取引システム | |
JP5981507B2 (ja) | 支払いを処理する方法 | |
JPH1131190A (ja) | 電子マネーカード、電子マネー入出金機及び電子マネーカード編集装置 | |
KR100441905B1 (ko) | 이동통신단말기를 이용한 일회용암호 방식의 사용자인증서비스 시스템 | |
KR20050020422A (ko) | 이동 통신 단말기를 이용한 결제 서비스 제공 방법 및결제 서비스 제공 시스템 | |
JP2000339366A (ja) | Cdを利用した認証システム及びその方法 | |
KR20000030170A (ko) | 통신망 및 하이브리드카드를 이용한 전자결제방법 | |
WO2020169187A1 (en) | Method for facilitating end user authentication on trusted devices |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): JP US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2004519180 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2002743833 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10999080 Country of ref document: US |
|
WWP | Wipo information: published in national office |
Ref document number: 2002743833 Country of ref document: EP |