WO2006013882A1 - User authentication system, authentication method for the system, user authentication program, and recording medium on which the program is recorded - Google Patents

User authentication system, authentication method for the system, user authentication program, and recording medium on which the program is recorded Download PDF

Info

Publication number
WO2006013882A1
WO2006013882A1 PCT/JP2005/014188 JP2005014188W WO2006013882A1 WO 2006013882 A1 WO2006013882 A1 WO 2006013882A1 JP 2005014188 W JP2005014188 W JP 2005014188W WO 2006013882 A1 WO2006013882 A1 WO 2006013882A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
information
identification information
acquired
list
Prior art date
Application number
PCT/JP2005/014188
Other languages
French (fr)
Japanese (ja)
Inventor
Junji Suetsugu
Kazuya Oyama
Original Assignee
Sharp Kabushiki Kaisha
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sharp Kabushiki Kaisha filed Critical Sharp Kabushiki Kaisha
Publication of WO2006013882A1 publication Critical patent/WO2006013882A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • G07C9/23Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder by means of a password

Definitions

  • the present invention relates to a user authentication for authenticating a user using the object specifying information that the portable object that the user carries and specifying the portable object and the personal specifying information that specifies the user.
  • the present invention relates to a system, an authentication method for the system, a user authentication program, and a recording medium on which the program is recorded.
  • the present invention relates to a user authentication system in which the portable object is a wireless communication terminal.
  • Patent Document 1 Japanese Published Patent Publication “Japanese Patent Laid-Open Publication No. 2002-125268” (published date: April 26, 2002)
  • Patent Document 2 Japanese Patent Publication “JP 2002-63652 A” (publication date: February 28, 2002)) reads a wireless communication terminal in order to identify the wireless communication terminal.
  • Patent Document 3 Japanese Published Patent Publication “JP 2002-16968 A” (published date: Jan. 18, 2002)
  • Patent Document 4 Japanese Published Patent Publication “JP 2002-95047 A” (published date: March 29, 2002)
  • the terminal identification information obtained from the wireless communication terminal and the user input It is described that the wireless communication terminal is specified by collating it with the specified terminal specifying information.
  • terminal identification information is acquired and collated, and further, individual identification information is acquired and collated is obtained when terminal identification information is acquired and collated. In comparison, it takes time, and the provision of various services after authentication is delayed. This becomes significant as the number of wireless communication terminals increases.
  • the present invention has been made in view of the above problems, and an object of the present invention is to provide a user authentication system capable of quickly specifying a user's portable object and a user. is there.
  • a user authentication system includes object specifying information that is included in a portable item carried by a user and that specifies the portable item, and personal identification information that specifies the user.
  • a user authentication system that authenticates a user by using a storage means for storing a plurality of the object specifying information and personal specifying information corresponding to each object specifying information, and a portable object within a predetermined area.
  • Acquisition means for acquiring the object identification information of the portable object, and personal identification information corresponding to the acquired object identification information is obtained from the storage means, and a list of the acquired object identification information and individual identification information is listed.
  • the rope to Rukoto have a feature in that it comprises a specifying means for specifying the user and the portable object.
  • any portable object that can be carried by the user and has the object specifying information can be selected.
  • portable objects include a mobile phone having a storage device such as an IC chip in which object identification information is recorded, a card having a magnetic tape or a barcode, and a semiconductor memory in which object identification information is stored, such as a node disk.
  • portable wireless communication terminals such as PDA (Personal Digital Assistant).
  • personal identification information for identifying a user include fingerprints, voiceprints, veins of predetermined parts, facial images Biometric information such as, PIN, and handwriting.
  • examples of the predetermined area include an area in a store, an airport gate, and a station premises.
  • the portable object in order to obtain object identification information of a portable object from a portable object that has entered the predetermined area, if the portable object is a wireless communication terminal, a base station and an access point having the predetermined area as a communication area are portable. If the object identification information can be acquired by performing wireless communication with an object, or if only the gate (gateway) entrance force can be entered in a predetermined area, such as at an airport or a station, the portable object force can be obtained at the gate entrance. Also, the object specifying information may be acquired.
  • the object specifying information of the portable object is acquired from the portable object that has entered the predetermined area
  • the personal specifying information corresponding to the acquired object specifying information is acquired from the storage unit
  • a set of acquired object identification information and individual identification information is added to the list.
  • the list includes a set of object specifying information and individual specifying information for each portable object existing in the predetermined area.
  • the user authentication system acquires the object specifying information of the portable object when the portable object enters the predetermined area. Therefore, when the user is authenticated, the personal identification information is used. If acquired, it is possible to quickly authenticate a good user.
  • the set of object identification information and individual identification information in the above list is limited to the number of portable objects existing in the predetermined area, the object identification information corresponding to the individual identification information acquired from the user can be quickly retrieved from the above list. The user can be quickly identified.
  • the portable object may have a wireless communication function
  • the user authentication system may further include wireless communication means for performing wireless communication with the portable object in the predetermined area.
  • wireless communication for example, UWB (UltraWideBand), wireless LAN (Local Area Network), near field communication technology such as Bluetooth (registered trademark), infrared communication, PHS (Personal Handy-phone System), mobile phone System can be used.
  • UWB UltraWideBand
  • wireless LAN Local Area Network
  • near field communication technology such as Bluetooth (registered trademark), infrared communication
  • PHS Personal Handy-phone System
  • the acquisition unit acquires the object identification information of the portable object via the wireless communication unit that performs radio communication using weak directivity! I prefer to do that.
  • the communication area is narrowed. For this reason, in order to acquire object specifying information from a portable object, it is necessary to move the portable object within a narrow communication area.
  • the directivity is weak in the present invention, the communication area is widened, so the necessity for moving the portable object is reduced. Further, by using radio waves as a wireless communication medium, for example, wireless communication can be performed with a portable object in a bag, so that it is not necessary to take out or move the portable object.
  • the specifying unit acquires the user power individual specifying information and also performs the wireless communication from the portable object.
  • the user and the portable object are specified by acquiring the object specifying information through the means and searching the list of the acquired personal specifying information and object specifying information from the list.
  • the user strength personal identification information is acquired, and the portable physical strength also acquires the object identification information, so that the accuracy of the authentication is improved.
  • the set of acquired personal identification information and object identification information is searched from the list, it is possible to suppress an increase in the time required to identify the user and the portable object.
  • the specifying means includes the mobile communication device via the wireless communication means for performing wireless communication using radio waves with high directivity or low output. It is preferable to acquire object specifying information from an object. In this case, since the communication area of the wireless communication is narrowed, it is possible to prevent other portable objects from being mixed, and it is possible to prevent acquisition of object specific information of other portable objects.
  • the user inputs personal identification information. It is preferable that the input means is further connected to the specifying means by wire. In this case, since the personal identification information is acquired by wire, security can be ensured even if the object identification information of the portable object is intercepted.
  • the user authentication system is a list that deletes a set of object specifying information and individual specifying information from the list based on object specifying information of a portable object that comes out of a predetermined area. It is preferable to further include a deleting unit.
  • the portable object when the portable object is out of the predetermined area, if the portable object is a wireless communication terminal, the base station and the access point having the predetermined area as the communication area are wirelessly connected to the portable object. This can be done when communication is disabled, or when it is possible to exit only from a predetermined area via a gate exit, such as at an airport or a station, the object identification information can be obtained from a portable item at the gate exit. It can be done by acquiring.
  • the list includes only a set of object specifying information and personal specifying information related to a portable object that currently exists in the predetermined area, it is possible to prevent the number of sets in the list from continuing to increase. Thus, it is possible to reliably identify the user and the portable object quickly. It is also preferable from the viewpoint of security to delete unnecessary object identification information and individual identification information.
  • the user authentication system further includes display means for displaying various information
  • the storage means stores personal information that is information about the user in addition to the personal identification information.
  • the list adding means acquires personal identification information corresponding to the acquired object identification information and a part or all of the personal information from the storage means, and acquires the acquired object identification information, personal identification information, and A set of personal information is added to the list
  • the specifying means acquires personal information corresponding to the personal specifying information acquired from the user from the list, and displays the acquired personal information via the display means.
  • examples of personal information regarding the user include the user's name, address, telephone number of the fixed telephone, age, gender, occupation, usage limit, and facial photo information.
  • the personal information acquired by the list adding unit from the storage unit includes an age and sex that can identify the user from the appearance.
  • the present invention is suitable for a credit sales system.
  • the personal information acquired from the storage means by the list adding means preferably includes a usage limit amount.
  • the identification assisting means displays the acquired personal information via the display means. For example, if there is a monitor when performing user authentication, the monitor can assist the user identification by referring to the personal information displayed on the display means. The accuracy of authentication can be improved.
  • An authentication method of the user authentication system includes a portable object carried by a user, and uses object specifying information for specifying the portable object and personal specifying information for specifying the user.
  • An authentication method of a user authentication system for performing authentication of the above wherein the user authentication system includes storage means for storing a plurality of the object specifying information and personal specifying information corresponding to each object specifying information, An acquisition step of acquiring object identification information of the portable object from a portable object that has entered the predetermined area, and personal identification information corresponding to the acquired object identification information is acquired from the storage means, and the acquired object identification information and A list addition step for adding a set of personal identification information to the list, and when the user is authenticated within the predetermined area, the personal identification information is acquired from the user, and the acquired personal identification information is acquired.
  • the corresponding object identification information from the list it is characterized by comprising the steps of identifying the user and the portable object.
  • the object specifying information of the portable object is acquired from the portable object that has entered the predetermined area, the individual specifying information corresponding to the acquired object specifying information is acquired from the storage means, A set of acquired object identification information and individual identification information is added to the list.
  • the list includes a set of object specifying information and individual specifying information for each portable object existing in the predetermined area.
  • the authentication method of the user authentication system acquires the object specifying information of the portable object when the portable object enters the predetermined area. Therefore, when authenticating the user, If specific information is acquired, it is possible to quickly authenticate a good user.
  • the set of object identification information and individual identification information in the above list Therefore, the object identification information corresponding to the personal identification information acquired from the user can be quickly retrieved from the list, and the user and the portable object can be identified quickly.
  • the acquisition unit, the list addition unit, and the identification unit in the user authentication system can be executed on a computer by a user authentication program. Furthermore, by storing the user authentication program in a computer-readable recording medium, the user authentication program can be executed on an arbitrary computer.
  • the user authentication system acquires the object specifying information of the portable object when the portable object enters the predetermined area, so when performing user authentication, Acquiring personal identification information has the effect of quickly authenticating a good user, and the set of object identification information and personal identification information in the above list is limited to the number of portable items in the predetermined area. If the object identification information corresponding to the personal identification information obtained from the above can be quickly retrieved from the above list, and the user and the portable object can be identified quickly, there is an effect.
  • FIG. 1 is a block diagram showing a schematic configuration of a credit sales system according to an embodiment of the present invention.
  • FIG. 2 is a block diagram showing a schematic configuration of a center server in the credit sales system.
  • FIG. 3 is a diagram showing an example of the contents of credit sales information stored in the center server in a table format.
  • FIG. 4 is a block diagram showing a schematic configuration of a POS system in the credit sales system.
  • FIG. 5 is a block diagram showing a schematic configuration of a POS server in the POS system.
  • FIG. 6 is a block diagram showing an example of the contents of a store visitor list stored in the storage unit of the POS server in a table format.
  • FIG. 7 is a flowchart showing processing operations performed by the store visit processing unit of the POS server.
  • FIG. 8 is a flowchart showing processing operations performed by the payment processing unit of the POS server.
  • FIG. 9 is a flowchart showing a processing operation performed by a store exit processing unit of the POS server.
  • FIG. 10 is a diagram schematically showing a processing flow in the credit sales system.
  • FIG. 11 is a flowchart showing processing operations performed by the control unit of the POS server and the control unit of the center server when the user visits the store in the sales system according to another embodiment of the present invention.
  • FIG. 12 is a flowchart showing processing operations performed by the control unit of the POS server and the control unit of the center server when purchasing a product in the sales system.
  • FIG. 13 is a flowchart showing processing operations performed by the control unit of the POS server and the control unit of the center server when the user leaves the store in the sales system.
  • FIG. 14 is a diagram schematically showing the flow of processing in the credit sales system.
  • FIG. 1 shows a schematic configuration of a credit sales system according to this embodiment.
  • the credit sales system (user authentication system) 1 of this embodiment includes a center server 10 provided in a credit sales company and a plurality of POS (points) provided in a plurality of stores. -of-sale)
  • the system 11 is connected to the system 11 via the dedicated line 12.
  • the center server 10 contracts with multiple POS systems 11.
  • the purchase price of the user (user) is settled, and information on the purchase price is stored in order to charge the user later.
  • FIG. 2 shows a schematic configuration of the center server 10.
  • the center server 10 includes a control unit 20, a database 21, a communication IZF unit 22, a settlement processing unit 23, and an encryption unit 24.
  • the control unit 20 controls each component in the center server 10 in an integrated manner.
  • the function of the control unit 20 is realized by a CPU (Central Processing Unit) executing a program stored in a storage device such as a RAM (Random Access Memory) or a flash memory.
  • a CPU Central Processing Unit
  • a storage device such as a RAM (Random Access Memory) or a flash memory.
  • the database 21 includes a storage device such as a node disk drive (HDD), and stores various information.
  • the database 21 stores various information related to credit sales (hereinafter referred to as “credit sales information”). Details of credit sales information will be described later.
  • the IZF unit 22 is for data communication with a plurality of POS systems 11.
  • data communication between the communication IZF unit 22 and the POS system 11 is performed through a dedicated line from the viewpoint of preventing information leakage.
  • the payment processing unit 23 performs payment processing with a plurality of POS systems 11.
  • the encryption key unit 24 encrypts data to be transmitted to the POS system 11 based on the encryption key from the viewpoint of preventing information leakage.
  • the encrypted data is transmitted to the POS system 11 together with the encryption key.
  • FIG. 3 shows an example of the contents of the credit sales information stored in the database 21 for a certain user.
  • the credit sales information includes ID (identification information), personal identification information, personal information, face photo information, and usage information.
  • the ID is information for specifying an object that has been credited, such as a credit card (hereinafter referred to as "credited object").
  • Credit products portable items
  • Magnetic cards are mainly used as credits, but recently, IC cards and IC chips built into mobile phones have been used.
  • the trusted object is a mobile phone
  • the ID is a mobile phone. This is the phone number of the mobile phone. In this case, it is not necessary for the user to carry a credit object such as a credit card separately.
  • the mobile phone used in the present embodiment is a mobile phone having a function of connecting to a wireless LAN.
  • the personal identification information is information for identifying an individual, and in this embodiment is a personal identification number.
  • the personal identification information includes fingerprints, voiceprints, veins of predetermined parts, biometric information such as face images, and handwriting. If the PIN is used as personal information, simple input and processing becomes possible. On the other hand, if biometric information is used as personal identification information, individuals can be identified with high accuracy.
  • the personal information is information related to an individual, and includes, for example, a name, an address, a telephone number of a fixed telephone, an age, a sex, an occupation, a limit of use, and the like.
  • the face photo information is information on an individual's face photo, and is used by a store clerk to confirm the individual. If the store clerk does not confirm the individual, it is not necessary to store facial photo information in the database 21.
  • the usage information is information generated when the user uses the credit sales system 1, and includes, for example, a remaining usage limit and usage details information.
  • the usage details information includes the product purchased by the user, the price, the date, the usage store, and the like. Based on the usage details information, an invoice for charging the user is created and sent to the user.
  • FIG. 4 shows a schematic configuration of the POS system 11! /.
  • the POS system 11 includes one or more POS terminals (input means, display means) 31, a POS server 30, and one or more access points (wireless communication means) 32 for wireless LAN.
  • the configuration is connected via LAN33.
  • the POS terminal 31 is used as a cash register of a store (in the illustrated case, a convenience store), and the name of the product sold and the amount of money are input and transmitted to the POS server 30.
  • the POS terminal 31 may be capable of reserving various tickets and transferring various public charges.
  • the POS terminal 31 when the user 34 purchases a product, the POS terminal 31 is directly input with a personal identification number from the user 34.
  • the security code is sent to the POS terminal 31 via radio waves or infrared rays. It is possible to prevent the security code from being leaked by entering it directly at the POS terminal 31.
  • the POS terminal 31 transmits the entered password to the POS server 30.
  • the access point 32 is connected to one or a plurality of mobile phones (wireless communication terminals) 35 using near field communication technology such as UWB, wireless LAN (IEEE802.11), BluetootM registered trademark). , Form a wireless LAN.
  • the access point 3 2 can enter the phone 36 and perform data communication with the mobile phone 35.
  • the communication area of the access point 32 may be approximately the same as the area in the store. Also, from the viewpoint of preventing information leakage, it is desirable for the access point 32 to change the communication channel used for newly entered data communication to a communication channel different from the communication channel used for normal data communication. It is also desirable to communicate encrypted data.
  • the POS server 30 controls the components in the POS system 11 in an integrated manner.
  • the POS server 30 collects sales information such as the name, price, and sales date of the sold products from the POS terminal 31. Further, it is desirable that the POS server 30 can connect to an external server, if necessary, to reserve various tickets from the POS terminal 31 and transfer various public charges.
  • the POS server 30 acquires information related to the wireless LAN from the access point 32. Specifically, the POS server 30 obtains from the access point 32 the phone number of the mobile phone 35 newly entering the wireless LAN and the phone number of the mobile phone 35 that was disconnected from the wireless LAN cable due to communication failure. To do. Note that the POS server 30 preferably obtains information about the mobile phone 35 currently connected to the wireless LAN from the access point 32 in order to keep track of the mobile phone 35 present in the store.
  • the POS server 30 acquires from the access point 32 the telephone number of the mobile phone 35 that newly enters the wireless LAN. Thereby, the mobile phone 35 is authenticated.
  • the POS server 30 transmits the acquired telephone number to the center server 10, and the PIN number, face photo information, and personal information corresponding to the telephone number are transmitted to the center server. Receive from server 10.
  • the POS server 30 adds the received personal identification number and the like to the visitor list and stores it.
  • the personal information transmitted from the center Sano 10 to the POS server 30 is preferably limited to only information that allows the store clerk to confirm the user 34, such as gender and age, from the viewpoint of privacy protection.
  • the POS server 30 when the POS server 30 acquires a personal identification number from the POS terminal 31, the POS server 30 identifies a telephone number corresponding to the personal identification number from the customer list. As a result, the user 34 is authenticated.
  • the POS server 30 transmits the identified telephone number to the center server 10 together with sales information for the user 34.
  • the center server 10 performs a payment process with the POS system 11 and stores sales information in the database 21 in order to charge the user for a later date.
  • the credit sales system 1 of the present embodiment acquires the telephone number of the mobile phone 35 from the mobile phone 35 that entered the store, and stores the personal identification number corresponding to the acquired telephone number in the database 21 of the center server. And a set of the phone number and password obtained is added to the visitor list.
  • the store visitor list includes a set of a telephone number and a personal identification number for each mobile phone 35 present in the store. Then, when authenticating the user 34 in the store, the user 34 and the mobile phone are obtained by acquiring a password from the user 34 and searching the store visitor list for a telephone number corresponding to the acquired password. Specify 35.
  • the credit sales system 1 acquires the phone number of the mobile phone 35 when the mobile phone 35 enters the store, when authenticating the user 34, the credit sales system 1 acquires the password. Good user authentication can be performed quickly.
  • the number of pairs of phone numbers and passwords in the above-mentioned store visitor list is limited to the number of mobile phones 35 existing in the store, the phone number corresponding to the password obtained from the user 34 is stored in the above-mentioned visitor list. The user 34 and the mobile phone 35 can be quickly identified.
  • the POS terminal 31 has a configuration in which a keypad for entering a password is added to a normal POS terminal.
  • a conventional POS terminal that can use a credit card reads a credit card. In some cases, it may have a function of inputting a personal identification number together with the taking function.
  • the POS terminal 31 is similar to a normal POS terminal, a control unit that comprehensively controls each component in the terminal, a storage unit that stores various types of information, and clerk input information or barcodes.
  • An input unit that accepts reading information, a display unit that displays various information, a printing unit that prints out receipt information, and a network IZF unit that is communicably connected to a LAN.
  • This is a well-known configuration including a keypad for inputting a personal identification number for accepting input. Therefore, detailed description of the POS terminal 31 is omitted.
  • FIG. 5 shows a schematic configuration of the POS server 30! /.
  • the POS server 30 includes a control unit 40, a storage unit (storage means) 41, a network IZF unit 42, and a communication IZF unit 43.
  • the control unit 40 controls each component in the POS server 30 in an integrated manner.
  • the function of the control unit 40 is realized by the CPU executing a program stored in a storage device such as a RAM or a flash memory.
  • a storage device such as a RAM or a flash memory.
  • the storage unit 41 includes a storage device such as a RAM node drive (HDD) and stores various types of information. In the present embodiment, information stored in the storage unit 41 will be described later.
  • HDD RAM node drive
  • the network IZF unit 42 is for data communication with the POS terminal 31 and the access point 32 via the LAN 33.
  • the LAN 33 is preferably a wired LAN from the viewpoint of preventing information leakage.
  • the communication I / F unit 43 is for data communication with the center server 10 via the dedicated line 12.
  • the storage unit 41 stores a store visitor list 47.
  • FIG. 6 shows an example of the contents of the store visitor list 47.
  • the visitor list 47 includes, for each mobile phone 35 connected to the wireless LAN, a mobile phone 35 phone number (mobile phone ID), a personal identification number, an encryption key, the age and gender of the user 34, It includes the remaining usage limit and face photo information.
  • the information in the store visitor list 47 may be encrypted with the encryption key.
  • control unit 40 has a store visit processing unit (acquisition means, list addition means). 44, a payment processing unit (specifying means) 45, and a store closing processing unit (list deletion means) 46.
  • the store visit processing unit 44 performs a processing operation when the user 34 carries the mobile phone 35 and visits the store.
  • FIG. 7 shows processing operations performed by the store visit processing unit 44.
  • a new mobile phone 35 is searched by wireless LAN (step S10. Hereinafter, it may be simply referred to as “S10”. The same applies to other steps). Repeat until you find it (NO at SI 1).
  • the ID (phone number) of the watched mobile phone 35 is acquired via the access point 32 (S 12).
  • the acquired ID is transmitted to the center server 10 (S13).
  • the center server 10 searches the database 21 for the personal identification information (password) corresponding to the received ID, the age and sex of the personal information, the face photo, and the remaining limit of the usage information.
  • the encryption unit 24 encrypts predetermined information and transmits it to the POS server 30 together with the encryption key.
  • the POS server 30 acquires the personal identification information, age, gender, face photo, remaining limit, and encryption key (S13).
  • the acquired personal identification information, age, sex, face photograph, remaining limit, and encryption key are added to the store visitor list 47 of the storage unit 41 together with the ID of the mobile phone 35 (S14). . Then, the process returns to step S10 and the above processing operation is repeated.
  • the payment processing unit 45 performs a processing operation when the user 34 purchases a product.
  • FIG. 8 shows processing operations performed by the payment processing unit 45.
  • the password of the user 34 is obtained from the POS terminal 31 by directly inputting the password at the user 34 power SPOS terminal 31 (S20), and the obtained password is retrieved from the visitor list 47.
  • Search S21
  • the remaining usage limit corresponding to the ID is updated in the store visitor list 47 (S26), and receipt information is transmitted to the mobile phone 35 corresponding to the ID (S27). This saves the trouble of printing the recipe.
  • various types of information such as privilege information for purchasing a product may be transmitted to the mobile phone 35. Thereafter, the processing operation performed by the payment processing unit 45 is terminated.
  • the store exit processing unit 46 performs a processing operation when the user 34 exits the store.
  • FIG. 9 shows processing operations performed by the store closing processing unit 46. As shown in the figure, first, the mobile phone 35 that cannot communicate with the wireless LAN is detected (S30), and this is repeated until it is detected (NO in S31).
  • FIG. Figure 10 shows the overall processing flow in the credit sales system1.
  • the user 34 makes a credit contract with a credit sales company in advance.
  • the user 34 provides a face photo and a personal identification number to the credit sales company (Al).
  • the credit sales company will use the photo and password provided to the mobile phone.
  • the ID (telephone number) of the speaker, personal information, and usage information it is stored in the database 21 of the center server 10 (A2).
  • the credit sales company provides the mobile phone 35 having the above telephone number (ID) to the user 34 (A3).
  • the user 34 holds the bag 36 containing the mobile phone 35 and visits a convenience store.
  • the POS system 11 automatically connects to the mobile phone 35 via the access point 32 and acquires the ID from the mobile phone 35 (A4, S10 to S12 in FIG. 7) .
  • the POS system 11 The acquired ID is transmitted to the center server 10 (A5), and the personal identification number, personal information, and face photo information corresponding to the ID are acquired from the center server 10 (A6, S13 in FIG. 7). Then, the obtained personal identification number, personal information, and face photograph information are added to the visitor list 47 together with ID (A7, S14 in FIG. 7).
  • the POS system 11 When the user 34 approaches the POS terminal 31 to purchase a product and enters a personal identification number at the POS terminal 31 (A8, S20 in FIG. 8), the POS system 11 The ID corresponding to the number, personal information, and face photo are also identified in the visitor list 47, and the identified personal information and face photo are displayed on the POS terminal 31. As a result, the store clerk can also confirm the user with personal information and facial photographic power (A9, S21 to S23 in FIG. 8).
  • the POS system 11 After the clerk confirms the user, the POS system 11 transmits the ID corresponding to the entered password and the settlement information to the center server 10 (A10, S25 in FIG. 8). At this time, the center server 10 performs a payment process based on the payment information (All).
  • the POS system 11 updates the remaining usage limit corresponding to the ID in the store visitor list 47 (S26 in FIG. 8). Then, the POS system 11 transmits the receipt information and the usage details information to the mobile phone 35 (A12, S27 in FIG. 8), and completes the processing operation.
  • the credit sales system according to this embodiment is different from the credit sales system shown in FIG. 1 in that user authentication is performed by the center server 10, and the other configurations are the same.
  • symbol is attached
  • the center server 10 of this embodiment is different from the center server 10 shown in FIG. The only difference is that the store visitor list as shown in FIG. 6 is stored in the database 21 and the processing operation in the control unit 20 is the same. Further, the POS server 30 of the present embodiment differs from the POS server 30 shown in FIG. 5 only in the configuration of the store visitor list 47 stored in the storage unit 41 and the processing operation in the control unit 40. Other configurations are the same.
  • the store visitor list 47 in this embodiment is obtained by omitting the password, encryption key, and remaining usage limit from the store visitor list 47 shown in FIG.
  • FIG. 11 shows processing operations performed by the control unit 40 of the POS server 30 and the control unit 20 of the center server 10 when the user 34 visits the store.
  • the POS server 30 searches for a newly-entered mobile phone 35 via the wireless LAN (S40) and repeats until it is found (NO in S41).
  • the POS server 30 acquires the ID (phone number) of the mobile phone 35 that has been found through the access point 32 ( S42), the acquired ID is transmitted to the center server 10 (S43). At this time, the center server 10 stores the personal identification information (password) corresponding to the received ID, the age and gender of the personal information, the face photo, and the remaining limit of the usage information in the database 21. The force is also acquired and added to the store visitor list stored in the database 21 (S44).
  • the center server 10 transmits the acquired face photograph, age and sex to the POS Sano 30 together with the ID (S45).
  • the POS server 30 receives the ID, face photograph, and age and sex from the center server 10 (S46), and adds the received ID, face photograph, age and gender to the store visitor list 47 (S47). ) Then, return to step S40 and repeat the above processing operation.
  • FIG. 12 shows processing operations performed by the control unit 40 of the POS server 30 and the control unit 20 of the center server 10 when purchasing a product.
  • the POS server 30 obtains the password of the user 34 from the POS terminal 31 by directly inputting the password at the POS terminal 31 by the user 34 (S50). And the settlement information relating to the purchase of the product is transmitted to the center server 10 (S51).
  • the center server 10 uses the password obtained from the POS server 30 to (S52). If the password that matches the acquired password is not found in the store list (NO in S53), the center server 10 transmits error information to the POS server 30 (S54). When receiving the error information (YES in S55), the POS server 30 performs predetermined error processing.
  • the center server 10 finds a password that matches the acquired password from the store listing (YES in S53), the center server 10 assigns the ID corresponding to the searched password to the terminal (mobile phone ) Is transmitted to the POS server 30 as a terminal identification notification indicating that it has been identified (S56).
  • the store clerk can confirm the personal information and the facial photograph information power of the user 34 having the mobile phone 35. Thereafter, when the clerk inputs approval / disapproval of the user 34 at the input unit, approval approval / disapproval information indicating approval / disapproval of the clerk is created at the POS terminal 31 and transmitted to the POS server 30. Thereby, the POS server 30 can acquire the approval / disapproval information of the store clerk (S58).
  • the center server 10 receives the settlement instruction from the POS Sano 30 (S62), the settlement processing unit 23 executes the settlement process based on the settlement information transmitted from the POS server 30 at step S51. Then, the usage details and the remaining usage limit of the user 34 in the database 21 are updated (S63). Then, the center server 10 updates the remaining usage limit corresponding to the ID in the visitor list of the database 21 (S64), and then ends the processing operation performed by the control unit 20 of the center server 10. .
  • FIG. 13 shows the control unit 40 of the POS server 30 and the center server when the user 34 leaves the store.
  • the processing operation performed by the control unit 20 of the server 10 is shown.
  • the POS sensor 30 first detects the cellular phone 35 that cannot communicate with the wireless LAN (S70) and repeats until it detects it (NO in S71).
  • the center server 10 receives the ID of the mobile phone 35 that cannot communicate from the POS server 30, the center server 10 receives the received ID and information corresponding to the ID, that is, personal identification information, age, gender, facial photograph. And the remaining limit amount are deleted from the store visitor list of the database 21 (S74). Thereafter, the processing operation performed by the control unit 20 of the center server 10 is terminated.
  • the user 34 holds the bag 36 containing the mobile phone 35 and visits a convenience store.
  • the POS system 11 automatically connects to the mobile phone 35 via the access point 32 and acquires the ID from the mobile phone 35 (B4, S40 to S42 in FIG. 11).
  • the POS system 11 transmits the acquired ID to the center server 10 (B5, S43 in FIG. 11).
  • the center server 10 acquires the personal identification number, personal information, and face photo information corresponding to the received ID from the database 21, and the acquired personal identification number, personal information, and facial photo information together with the ID in the database 21. Add to the visitor list (B6, S44 in Fig. 11).
  • the center server 10 transmits the acquired personal information and face photo information together with the ID to the POS system 11 (B7, S45′S46 in FIG. 11).
  • the POS system 11 adds the received ID, personal information, and face photo information to the visitor list 47 (B8, Fig. 11). S47).
  • the POS system 11 acquires the personal identification number. Is sent to the center server 10 together with the settlement information (B10, S51 in FIG. 12). At this time, the center server 10 identifies the ID corresponding to the acquired personal identification number from the store visitor list 47 (Bll, S52 in FIG. 12), and transmits the identified ID to the POS system 11 as a terminal identification notification. (B12, S56 and S57 in Fig. 12).
  • the POS system 11 displays personal information and a face photograph corresponding to the received ID on the POS terminal 31.
  • the store clerk can confirm the user with personal information and facial photographic ability (B13, S58 in FIG. 12).
  • the POS system 11 transmits the ID as a settlement instruction to the center server 10 (B14, S60 ′ S62 in FIG. 12).
  • the center server 10 performs a payment process based on the payment information (S63 in FIG. 12), and updates the remaining usage limit corresponding to the ID in the store visitor list (S64 in FIG. 12).
  • the POS system 11 transmits the receipt information and the usage details information to the mobile phone 35 (B15, S61 in FIG. 12), and completes the processing operation.
  • user authentication can be performed by the center server 10 instead of by the POS server 30.
  • the POS server 30 may store the store visitor list, and may be performed by the power POS terminal 31 that performs the store visit process, the payment process, and the store exit process.
  • the user 34 inputs the personal identification number at the POS terminal 31 at the time of purchase of the product, but moreover, the wireless communication with the mobile phone 35 is performed. You may get both IDs. Even in this case, since the user 34 and the mobile phone 35 are identified from the above-mentioned store visitor list in which the set of the user 34 and the mobile phone 35 is narrowed down, a quick process is possible. Furthermore, in the above case, in order to avoid obtaining the ID of another mobile phone 35, it is desirable that a narrow area near the POS terminal 31 is a communication area. For this reason, it is desirable to provide the POS terminal 31 with a wireless LAN antenna having a communication area in the vicinity of the POS terminal 31 separately from the access point 32.
  • the detection that the mobile phone 35 has entered the store is checked by limiting the entrance to the predetermined gate depending on whether or not to newly enter the wireless LAN. May be performed. Similarly, it may be detected by checking that the mobile phone 35 has increased store power by limiting the exit to a predetermined gate. In this case, the check at the gate may be read by a reader that does not need to be wireless communication. Therefore, it may be a card having a magnetic tape or a bar code that is not used in a wireless communication terminal such as the cellular phone 35.
  • Each block in the control units 20 and 40 of the center server 10 and the POS server 30 may be configured by hardware logic, or may be realized by software using a CPU as follows. .
  • control units 20 and 40 of the center server 10 and the POS server 30 include a CPU that executes instructions of a control program that realizes each function, a ROM that stores the program, A RAM for expanding the program, a storage device (recording medium) such as a memory for storing the program and various data, and the like are provided.
  • the object of the present invention is to provide program codes (execution format program, intermediate code program, source program) for the control program for the center server 10 and the control program for the POS server 30 that are software that realizes the functions described above. Recording media recorded so as to be readable by a computer are supplied to the center server 10 and the POS server 30, respectively, and the computer (or CPU or MPU) is recorded on the recording media to read and execute the program code. Can also be achieved.
  • Examples of the recording medium include a tape system such as a magnetic tape and a cassette tape, a magnetic disk such as a flexible disk Z hard disk, and a CD-ROMZMOZMDZD.
  • an optical disk such as VDZCD-R
  • a card system such as an ic card (including a memory card) Z optical card
  • a semiconductor memory system such as a mask ROM / EPROM / EEPROM / flash ROM
  • the control units 20 and 40 of the center server 10 and the POS server 30 may be configured to be connectable to a communication network, and the program code may be supplied via the communication network.
  • the communication network is not particularly limited.
  • the Internet, intranet, extranet, LAN, ISDN, VAN, CATV communication network, virtual private network, telephone line network, mobile communication network, A satellite communication network or the like can be used.
  • the transmission medium constituting the communication network is not particularly limited, and for example, IEEE 1394, USB, power line carrier, cable TV line, telephone line, ADSL line, etc. can be used for infrared communication such as IrD A or remote control.
  • the present invention can also be realized in the form of a carrier wave or a data signal sequence in which the program code is embodied by electronic transmission.
  • the user authentication system acquires the object specifying information of the portable object when the portable object enters the predetermined area, and performs the personal identification information when performing user authentication. And the corresponding object identification information is identified from the list. Both can be applied to systems that authenticate users using personally identifiable information.

Abstract

A credit sale system (1) authenticates a user (34) by using the telephone number specifying the portable telephone (35) of the user and the password specifying the user (34). The system (1) has a center server (10) including a database (21) where telephone numbers and passwords corresponding to the respective telephone numbers are stored. A POS server (30) acquiring a telephone number from a portable telephone (35) having entered a shop through an access point (32), acquires the password corresponding the acquired telephone number from the database (21), and adds the set of the acquired telephone number and password to a list. When the POS server (30) authenticates the user (34) in the shop, the POS server acquires the password from the user (34) by means of a POS terminal (31) and searches the list for the telephone number corresponding to the acquired password, thus identifying the user (34) and the portable telephone (35).

Description

明 細 書  Specification
ユーザ認証システム、該システムの認証方法、ユーザ認証プログラム、お よび該プログラムを記録した記録媒体  USER AUTHENTICATION SYSTEM, AUTHENTICATION METHOD FOR THE SYSTEM, USER AUTHENTICATION PROGRAM, AND RECORDING MEDIUM CONTAINING THE PROGRAM
技術分野  Technical field
[0001] 本発明は、ユーザが携帯する携帯物が有し、かつ該携帯物を特定する物体特定情 報と、上記ユーザを特定する個人特定情報とを用いてユーザの認証を行うユーザ認 証システム、該システムの認証方法、ユーザ認証プログラム、および該プログラムを記 録した記録媒体に関するものである。特に、本発明は、上記携帯物が無線通信端末 であるユーザ認証システムなどに関するものである。 背景技術  [0001] The present invention relates to a user authentication for authenticating a user using the object specifying information that the portable object that the user carries and specifying the portable object and the personal specifying information that specifies the user. The present invention relates to a system, an authentication method for the system, a user authentication program, and a recording medium on which the program is recorded. In particular, the present invention relates to a user authentication system in which the portable object is a wireless communication terminal. Background art
[0002] 従来、携帯電話機などの無線通信端末から端末特定情報 (物体特定情報)を取得 し照合して、無線通信端末を特定することにより無線通信端末を有するユーザの認 証を行う技術が知られている。例えば、特許文献 1 (日本国公開特許公報「特開 200 2— 125268号公報」(公開日:2002年 4月 26日))には、無線通信として、指向性を 有する赤外線通信(IrDA (Infrared Data Association) )を利用することが記載されて いる。また、特許文献 2 (日本国公開特許公報「特開 2002— 63652号公報」(公開 日: 2002年 2月 28日))には、無線通信端末を特定するために、無線通信端末を読 取り機にかざす必要のある無線タグやバーコードを利用することが記載されている。 また、特許文献 3 (日本国公開特許公報「特開 2002— 16968号公報」(公開日:20 02年 1月 18日))には、複数の無線通信端末を検出しないように、複数の指向性アン テナで狭領域の通信圏を設定することが記載されている。また、特許文献 4 (日本国 公開特許公報「特開 2002— 95047号公報」(公開日:2002年 3月 29日))には、無 線通信端末から取得した端末特定情報と、ユーザが入力した端末特定情報とを照合 することにより、無線通信端末を特定することが記載されている。  Conventionally, a technique for authenticating a user having a wireless communication terminal by acquiring and collating terminal identification information (object identification information) from a wireless communication terminal such as a cellular phone and identifying the wireless communication terminal is known. It has been. For example, Patent Document 1 (Japanese Published Patent Publication “Japanese Patent Laid-Open Publication No. 2002-125268” (published date: April 26, 2002)) has a directivity infrared communication (IrDA (Infrared) Data Association)) is described. Patent Document 2 (Japanese Published Patent Publication “JP 2002-63652 A” (publication date: February 28, 2002)) reads a wireless communication terminal in order to identify the wireless communication terminal. It describes the use of wireless tags and barcodes that need to be held over the machine. Patent Document 3 (Japanese Published Patent Publication “JP 2002-16968 A” (published date: Jan. 18, 2002)) has multiple orientations so as not to detect multiple wireless communication terminals. It is described that a narrow-area communication area is set with a sex antenna. In addition, in Patent Document 4 (Japanese Published Patent Publication “JP 2002-95047 A” (published date: March 29, 2002)), the terminal identification information obtained from the wireless communication terminal and the user input It is described that the wireless communication terminal is specified by collating it with the specified terminal specifying information.
[0003] また、無線通信端末が盗まれたり落としたりした場合、無線通信端末を第三者が悪 用する虞がある。特に、無線通信端末にて電子決済や課金処理を行う場合には問題 となる。このため、端末特定情報を取得し照合するとともに、無線通信端末を利用す るユーザ力 個人特定情報を取得し照合することにより、ユーザの認証を行うことが 望ましい。ここで、個人特定情報としては、暗証番号、バイオメトリック情報、筆跡など が挙げられる。 発明の開示 [0003] Further, when a wireless communication terminal is stolen or dropped, there is a possibility that a third party may misuse the wireless communication terminal. This is particularly a problem when electronic payments and billing processes are performed on wireless communication terminals. For this reason, terminal identification information is acquired and verified, and wireless communication terminals are used. User power It is desirable to authenticate users by acquiring and collating personally identifiable information. Here, personal identification information includes a password, biometric information, handwriting, and the like. Disclosure of the invention
[0004] し力しながら、ユーザを認証するときに、端末特定情報を取得して照合し、さらに個 人特定情報を取得して照合することは、端末特定情報を取得して照合する場合に比 ベて時間がかかり、認証後の各種サービスの提供が遅延することになる。このことは、 無線通信端末の数が増大するにつれて顕著になる。  [0004] However, when authenticating a user, terminal identification information is acquired and collated, and further, individual identification information is acquired and collated is obtained when terminal identification information is acquired and collated. In comparison, it takes time, and the provision of various services after authentication is delayed. This becomes significant as the number of wireless communication terminals increases.
[0005] 本発明は、上記の問題点に鑑みてなされたものであり、その目的は、ユーザの携帯 物の特定とユーザの特定とを迅速に行うことができるユーザ認証システムを提供する ことにある。  [0005] The present invention has been made in view of the above problems, and an object of the present invention is to provide a user authentication system capable of quickly specifying a user's portable object and a user. is there.
[0006] 上記目的を達成するため、本発明に係るユーザ認証システムは、ユーザが携帯す る携帯物が有し、かつ該携帯物を特定する物体特定情報と、上記ユーザを特定する 個人特定情報とを用いてユーザの認証を行うユーザ認証システムであって、複数の 上記物体特定情報と、各物体特定情報に対応する個人特定情報とを記憶する記憶 手段と、所定領域内に入った携帯物から、該携帯物の物体特定情報を取得する取 得手段と、取得した物体特定情報に対応する個人特定情報を上記記憶手段から取 得し、取得した物体特定情報および個人特定情報の組をリストに追加するリスト追カロ 手段と、上記所定領域内でユーザの認証を行うときに、該ユーザから個人特定情報 を取得し、取得した個人特定情報に対応する物体特定情報を上記リストから検索す ることにより、上記ユーザおよび上記携帯物を特定する特定手段とを備えることを特 徴としている。  [0006] In order to achieve the above object, a user authentication system according to the present invention includes object specifying information that is included in a portable item carried by a user and that specifies the portable item, and personal identification information that specifies the user. A user authentication system that authenticates a user by using a storage means for storing a plurality of the object specifying information and personal specifying information corresponding to each object specifying information, and a portable object within a predetermined area. Acquisition means for acquiring the object identification information of the portable object, and personal identification information corresponding to the acquired object identification information is obtained from the storage means, and a list of the acquired object identification information and individual identification information is listed. When the user is authenticated within the predetermined area and the list addition means to be added to the user, personal identification information is acquired from the user, and object identification information corresponding to the acquired personal identification information is obtained from the list. The rope to Rukoto, have a feature in that it comprises a specifying means for specifying the user and the portable object.
[0007] ここで、携帯物としては、ユーザが携帯でき、かつ上記物体特定情報を有する任意 の携帯物を選択することができる。携帯物の例としては、物体特定情報が記録された ICチップ、磁気テープまたはバーコードを有するカード、および、物体特定情報が記 憶された半導体メモリゃノヽードディスクなどの記憶デバイスを備える携帯電話機や P DA (Personal Digital Assistant)などの携帯型無線通信端末が挙げられる。また、ュ 一ザを特定する個人特定情報の例としては、指紋、声紋、所定部位の静脈、顔画像 などのバイオメトリック情報、暗証番号、および筆跡が挙げられる。 [0007] Here, as the portable object, any portable object that can be carried by the user and has the object specifying information can be selected. Examples of portable objects include a mobile phone having a storage device such as an IC chip in which object identification information is recorded, a card having a magnetic tape or a barcode, and a semiconductor memory in which object identification information is stored, such as a node disk. Examples include portable wireless communication terminals such as PDA (Personal Digital Assistant). Examples of personal identification information for identifying a user include fingerprints, voiceprints, veins of predetermined parts, facial images Biometric information such as, PIN, and handwriting.
[0008] また、所定領域の例としては、店舗内の領域、空港のゲート内、および駅構内が挙 げられる。また、所定領域内に入った携帯物から、該携帯物の物体特定情報を取得 するには、携帯物が無線通信端末であれば、上記所定領域を通信領域とする基地 局およびアクセスポイントが携帯物と無線通信を行うことにより物体特定情報を取得 でき、或いは、空港や駅のように、所定領域にゲート(改札口)入口力ものみ入ること ができる場合には、該ゲート入口にて携帯物力も物体特定情報を取得すればよい。  [0008] Further, examples of the predetermined area include an area in a store, an airport gate, and a station premises. In addition, in order to obtain object identification information of a portable object from a portable object that has entered the predetermined area, if the portable object is a wireless communication terminal, a base station and an access point having the predetermined area as a communication area are portable. If the object identification information can be acquired by performing wireless communication with an object, or if only the gate (gateway) entrance force can be entered in a predetermined area, such as at an airport or a station, the portable object force can be obtained at the gate entrance. Also, the object specifying information may be acquired.
[0009] 上記の構成によると、所定領域内に入った携帯物から、該携帯物の物体特定情報 を取得し、取得した物体特定情報に対応する個人特定情報を上記記憶手段から取 得し、取得した物体特定情報および個人特定情報の組をリストに追加している。これ により、上記リストは、所定領域内に存在する携帯物ごとに、物体特定情報および個 人特定情報の組を含むことになる。そして、上記所定領域内でユーザの認証を行うと きに、該ユーザから個人特定情報を取得し、取得した個人特定情報に対応する物体 特定情報を上記リストから検索することにより、ユーザおよび携帯物を特定する。  [0009] According to the above configuration, the object specifying information of the portable object is acquired from the portable object that has entered the predetermined area, the personal specifying information corresponding to the acquired object specifying information is acquired from the storage unit, A set of acquired object identification information and individual identification information is added to the list. Thereby, the list includes a set of object specifying information and individual specifying information for each portable object existing in the predetermined area. When the user is authenticated within the predetermined area, the personal identification information is acquired from the user, and the object identification information corresponding to the acquired personal identification information is searched from the list, so that the user and the portable object are retrieved. Is identified.
[0010] したがって、本発明に係るユーザ認証システムは、携帯物が所定領域内に入った 時点で携帯物の物体特定情報を取得して 、るので、ユーザの認証を行うときには、 個人特定情報を取得すれば良ぐユーザの認証を迅速に行うことができる。また、上 記リストにおける物体特定情報および個人特定情報の組が、所定領域内に存在する 携帯物の数に限られるので、ユーザから取得した個人特定情報に対応する物体特 定情報を、上記リストから迅速に検索することができ、ユーザおよび携帯物を迅速に 特定することができる。  [0010] Therefore, the user authentication system according to the present invention acquires the object specifying information of the portable object when the portable object enters the predetermined area. Therefore, when the user is authenticated, the personal identification information is used. If acquired, it is possible to quickly authenticate a good user. In addition, since the set of object identification information and individual identification information in the above list is limited to the number of portable objects existing in the predetermined area, the object identification information corresponding to the individual identification information acquired from the user can be quickly retrieved from the above list. The user can be quickly identified.
[0011] なお、上記携帯物は、無線通信機能を有しており、上記ユーザ認証システムは、上 記所定領域内の携帯物と無線通信を行う無線通信手段をさらに備えてもよい。ここで [0011] Note that the portable object may have a wireless communication function, and the user authentication system may further include wireless communication means for performing wireless communication with the portable object in the predetermined area. here
、無線通信としては、例えば、 UWB(UltraWideBand) ,無線 LAN (Local Area Networ k)、 Bluetooth (登録商標)などの近距離無線通信技術、赤外線通信、 PHS (Perso nal Handy-phone System)、携帯電話システムなどを利用することができる。 As wireless communication, for example, UWB (UltraWideBand), wireless LAN (Local Area Network), near field communication technology such as Bluetooth (registered trademark), infrared communication, PHS (Personal Handy-phone System), mobile phone System can be used.
[0012] 本発明では、物体特定情報および個人特定情報の両方を用いてユーザの認証を 行うので、携帯物の物体特定情報が傍受されても、個人特定情報が傍受されなけれ ば、セキュリティへの影響は少ない。 In the present invention, since user authentication is performed using both object specifying information and individual specifying information, even if the object specifying information of a portable object is intercepted, the individual specifying information must be intercepted. For example, there is little impact on security.
[0013] さらに、本発明に係るユーザ認証システムでは、上記取得手段は、指向性の弱!、 電波を用いて無線通信を行う上記無線通信手段を介して、上記携帯物の物体特定 情報を取得することが好まし 、。  [0013] Further, in the user authentication system according to the present invention, the acquisition unit acquires the object identification information of the portable object via the wireless communication unit that performs radio communication using weak directivity! I prefer to do that.
[0014] 指向性が強いと、通信領域が狭くなる。このため、携帯物から物体特定情報を取得 するには、携帯物を狭い通信領域内に移動させる必要がある。これに対し、本発明 では、指向性が弱いので、通信領域が広ぐこのため、携帯物を移動させる必要性が 低くなる。さらに、無線通信媒体として電波を利用することにより、例えば鞫の中の携 帯物とも無線通信を行うことができるので、携帯物を取り出したり移動させたりする必 要が無くなる。  [0014] When the directivity is strong, the communication area is narrowed. For this reason, in order to acquire object specifying information from a portable object, it is necessary to move the portable object within a narrow communication area. On the other hand, since the directivity is weak in the present invention, the communication area is widened, so the necessity for moving the portable object is reduced. Further, by using radio waves as a wireless communication medium, for example, wireless communication can be performed with a portable object in a bag, so that it is not necessary to take out or move the portable object.
[0015] また、本発明に係るユーザ認証システムでは、上記特定手段は、上記所定領域内 でユーザの認証を行うときに、該ユーザ力 個人特定情報を取得するとともに、上記 携帯物から上記無線通信手段を介して物体特定情報を取得し、取得した個人特定 情報および物体特定情報の組を上記リストから検索することにより、上記ユーザおよ び上記携帯物を特定することが好ま 、。  [0015] Further, in the user authentication system according to the present invention, when the user authentication is performed within the predetermined area, the specifying unit acquires the user power individual specifying information and also performs the wireless communication from the portable object. Preferably, the user and the portable object are specified by acquiring the object specifying information through the means and searching the list of the acquired personal specifying information and object specifying information from the list.
[0016] この場合、ユーザの認証を行うときに、ユーザ力 個人特定情報を取得するとともに 、携帯物力も物体特定情報を取得するので、認証の精度が向上する。また、取得し た個人特定情報および物体特定情報の組をリストから検索するので、ユーザおよび 携帯物の特定にかかる時間の増大を抑えることができる。  [0016] In this case, when the user is authenticated, the user strength personal identification information is acquired, and the portable physical strength also acquires the object identification information, so that the accuracy of the authentication is improved. In addition, since the set of acquired personal identification information and object identification information is searched from the list, it is possible to suppress an increase in the time required to identify the user and the portable object.
[0017] なお、ユーザの認証後に各種の情報を、無線通信手段を介して携帯物に提供して もよい。例えば、商品購入のためにユーザの認証を行った場合には、認証後にレシ ートの情報や利用明細を提供することが考えられる。  [0017] It should be noted that various types of information may be provided to the portable object via wireless communication means after user authentication. For example, when a user is authenticated for product purchase, it may be possible to provide information on the receipt and usage details after authentication.
[0018] さらに、本発明に係るユーザ認証システムでは、上記特定手段は、指向性の強!、ま たは出力の低い電波を用いて無線通信を行う上記無線通信手段を介して、上記携 帯物から物体特定情報を取得することが好ましい。この場合、無線通信の通信領域 が狭くなるので、他の携帯物が混在することを防止でき、他の携帯物の物体特定情 報を取得することを防止できる。  [0018] Further, in the user authentication system according to the present invention, the specifying means includes the mobile communication device via the wireless communication means for performing wireless communication using radio waves with high directivity or low output. It is preferable to acquire object specifying information from an object. In this case, since the communication area of the wireless communication is narrowed, it is possible to prevent other portable objects from being mixed, and it is possible to prevent acquisition of object specific information of other portable objects.
[0019] また、本発明に係るユーザ認証システムは、上記ユーザが個人特定情報を入力す る入力手段をさらに備えており、該入力手段は、上記特定手段と有線で接続している ことが好ましい。この場合、個人特定情報を有線で取得するので、例え、携帯物の物 体特定情報が傍受されても、セキュリティを確保することができる。 [0019] Further, in the user authentication system according to the present invention, the user inputs personal identification information. It is preferable that the input means is further connected to the specifying means by wire. In this case, since the personal identification information is acquired by wire, security can be ensured even if the object identification information of the portable object is intercepted.
[0020] また、本発明に係るユーザ認証システムは、所定領域内から出た携帯物の物体特 定情報に基づ 、て、物体特定情報および個人特定情報の組を上記リストから削除す るリスト削除手段をさらに備えることが好ましい。  [0020] Further, the user authentication system according to the present invention is a list that deletes a set of object specifying information and individual specifying information from the list based on object specifying information of a portable object that comes out of a predetermined area. It is preferable to further include a deleting unit.
[0021] ここで、携帯物が所定領域内から出たことの検知は、携帯物が無線通信端末であ れば、上記所定領域を通信領域とする基地局およびアクセスポイントが携帯物と無 線通信不能となることにより行うことができ、或いは、空港や駅のように、所定領域から ゲート出口を介してのみ出ることができる場合には、該ゲート出口にて携帯物から物 体特定情報を取得することにより行うことができる。  [0021] Here, when the portable object is out of the predetermined area, if the portable object is a wireless communication terminal, the base station and the access point having the predetermined area as the communication area are wirelessly connected to the portable object. This can be done when communication is disabled, or when it is possible to exit only from a predetermined area via a gate exit, such as at an airport or a station, the object identification information can be obtained from a portable item at the gate exit. It can be done by acquiring.
[0022] この場合、リストには、現在、所定領域内に存在する携帯物に関する物体特定情報 および個人特定情報の組のみが含まれるので、リスト内の組の数が増大し続けること を防止でき、ユーザおよび携帯物を迅速に特定することを確実に行うことができる。ま た、不要となった物体特定情報および個人特定情報を削除することは、セキュリティ の観点からも好ましい。  [0022] In this case, since the list includes only a set of object specifying information and personal specifying information related to a portable object that currently exists in the predetermined area, it is possible to prevent the number of sets in the list from continuing to increase. Thus, it is possible to reliably identify the user and the portable object quickly. It is also preferable from the viewpoint of security to delete unnecessary object identification information and individual identification information.
[0023] また、本発明に係るユーザ認証システムは、各種情報を表示する表示手段をさらに 備えており、上記記憶手段は、上記個人特定情報に加えて、上記ユーザに関する情 報である個人情報を記憶しており、上記リスト追加手段は、取得した物体特定情報に 対応する個人特定情報と一部または全部の個人情報とを上記記憶手段から取得し、 取得した物体特定情報、個人特定情報、および個人情報の組をリストに追加しており 、上記特定手段は、ユーザから取得した個人特定情報に対応する個人情報を上記リ ストから取得し、取得した個人情報を上記表示手段を介して表示することにより、上記 ユーザの特定を補助する特定補助手段を備えることが好ましい。  [0023] The user authentication system according to the present invention further includes display means for displaying various information, and the storage means stores personal information that is information about the user in addition to the personal identification information. The list adding means acquires personal identification information corresponding to the acquired object identification information and a part or all of the personal information from the storage means, and acquires the acquired object identification information, personal identification information, and A set of personal information is added to the list, and the specifying means acquires personal information corresponding to the personal specifying information acquired from the user from the list, and displays the acquired personal information via the display means. Thus, it is preferable to include a specific assisting means for assisting the identification of the user.
[0024] ここで、ユーザに関する個人情報の例としては、ユーザの氏名、住所、固定電話機 の電話番号、年齢、性別、職業、利用限度額、および顔写真情報が挙げられる。また 、リスト追加手段が上記記憶手段から取得する個人情報は、ユーザを外観から識別 できる年齢および性別を含むことが好ましい。なお、本発明を信用販売システムに適 用する場合には、リスト追加手段が上記記憶手段から取得する個人情報は、利用限 度額を含むことが好ましい。 Here, examples of personal information regarding the user include the user's name, address, telephone number of the fixed telephone, age, gender, occupation, usage limit, and facial photo information. Moreover, it is preferable that the personal information acquired by the list adding unit from the storage unit includes an age and sex that can identify the user from the appearance. Note that the present invention is suitable for a credit sales system. When used, the personal information acquired from the storage means by the list adding means preferably includes a usage limit amount.
[0025] 上記の構成によると、特定補助手段は、取得した個人情報を、表示手段を介して表 示している。例えば、ユーザの認証を行うときに監視者が存在する場合には、該監視 者が、表示手段にて表示される個人情報を参照することにより、ユーザの特定を補助 することができ、ユーザの認証の精度を向上させることができる。  [0025] According to the above configuration, the identification assisting means displays the acquired personal information via the display means. For example, if there is a monitor when performing user authentication, the monitor can assist the user identification by referring to the personal information displayed on the display means. The accuracy of authentication can be improved.
[0026] 本発明に係るユーザ認証システムの認証方法は、ユーザが携帯する携帯物が有し 、かつ該携帯物を特定する物体特定情報と、上記ユーザを特定する個人特定情報と を用いてユーザの認証を行うユーザ認証システムの認証方法であって、上記ユーザ 認証システムは、複数の上記物体特定情報と、各物体特定情報に対応する個人特 定情報とを記憶する記憶手段を備えており、所定領域内に入った携帯物から、該携 帯物の物体特定情報を取得する取得ステップと、取得した物体特定情報に対応する 個人特定情報を上記記憶手段から取得し、取得した物体特定情報および個人特定 情報の組をリストに追加するリスト追加ステップと、上記所定領域内でユーザの認証 を行うときに、該ユーザから個人特定情報を取得し、取得した個人特定情報に対応 する物体特定情報を上記リストから取得することにより、上記ユーザおよび上記携帯 物を特定する特定ステップとを含むことを特徴としている。  [0026] An authentication method of the user authentication system according to the present invention includes a portable object carried by a user, and uses object specifying information for specifying the portable object and personal specifying information for specifying the user. An authentication method of a user authentication system for performing authentication of the above, wherein the user authentication system includes storage means for storing a plurality of the object specifying information and personal specifying information corresponding to each object specifying information, An acquisition step of acquiring object identification information of the portable object from a portable object that has entered the predetermined area, and personal identification information corresponding to the acquired object identification information is acquired from the storage means, and the acquired object identification information and A list addition step for adding a set of personal identification information to the list, and when the user is authenticated within the predetermined area, the personal identification information is acquired from the user, and the acquired personal identification information is acquired. By obtaining the corresponding object identification information from the list, it is characterized by comprising the steps of identifying the user and the portable object.
[0027] 上記の方法によると、所定領域内に入った携帯物から、該携帯物の物体特定情報 を取得し、取得した物体特定情報に対応する個人特定情報を上記記憶手段から取 得し、取得した物体特定情報および個人特定情報の組をリストに追加している。これ により、上記リストは、所定領域内に存在する携帯物ごとに、物体特定情報および個 人特定情報の組を含むことになる。そして、上記所定領域内でユーザの認証を行うと きに、該ユーザから個人特定情報を取得し、取得した個人特定情報に対応する物体 特定情報を上記リストから検索することにより、ユーザおよび携帯物を特定する。  [0027] According to the above method, the object specifying information of the portable object is acquired from the portable object that has entered the predetermined area, the individual specifying information corresponding to the acquired object specifying information is acquired from the storage means, A set of acquired object identification information and individual identification information is added to the list. Thereby, the list includes a set of object specifying information and individual specifying information for each portable object existing in the predetermined area. When the user is authenticated within the predetermined area, the personal identification information is acquired from the user, and the object identification information corresponding to the acquired personal identification information is searched from the list, so that the user and the portable object are retrieved. Is identified.
[0028] したがって、本発明に係るユーザ認証システムの認証方法は、携帯物が所定領域 内に入った時点で携帯物の物体特定情報を取得して 、るので、ユーザの認証を行う ときには、個人特定情報を取得すれば良ぐユーザの認証を迅速に行うことができる 。また、上記リストにおける物体特定情報および個人特定情報の組が、所定領域内 に存在する携帯物の数に限られるので、ユーザから取得した個人特定情報に対応 する物体特定情報を、上記リストから迅速に検索することができ、ユーザおよび携帯 物を迅速に特定することができる。 [0028] Therefore, the authentication method of the user authentication system according to the present invention acquires the object specifying information of the portable object when the portable object enters the predetermined area. Therefore, when authenticating the user, If specific information is acquired, it is possible to quickly authenticate a good user. In addition, the set of object identification information and individual identification information in the above list Therefore, the object identification information corresponding to the personal identification information acquired from the user can be quickly retrieved from the list, and the user and the portable object can be identified quickly.
[0029] なお、上記ユーザ認証システムにおける上記取得手段、上記リスト追加手段、およ び上記特定手段を、ユーザ認証プログラムによりコンピュータ上で実行させることがで きる。さらに、上記ユーザ認証プログラムをコンピュータ読取り可能な記録媒体に記憶 させることにより、任意のコンピュータ上で上記ユーザ認証プログラムを実行させるこ とがでさる。  [0029] Note that the acquisition unit, the list addition unit, and the identification unit in the user authentication system can be executed on a computer by a user authentication program. Furthermore, by storing the user authentication program in a computer-readable recording medium, the user authentication program can be executed on an arbitrary computer.
[0030] 以上のように、本発明に係るユーザ認証システムは、携帯物が所定領域内に入つ た時点で携帯物の物体特定情報を取得して 、るので、ユーザの認証を行うときには 、個人特定情報を取得すれば良ぐユーザを迅速に認証できるという効果を奏すると ともに、上記リストにおける物体特定情報および個人特定情報の組が、所定領域内 に存在する携帯物の数に限られるので、ユーザから取得した個人特定情報に対応 する物体特定情報を、上記リストから迅速に検索でき、ユーザおよび携帯物を迅速に 特定できると!ヽぅ効果を奏する。  [0030] As described above, the user authentication system according to the present invention acquires the object specifying information of the portable object when the portable object enters the predetermined area, so when performing user authentication, Acquiring personal identification information has the effect of quickly authenticating a good user, and the set of object identification information and personal identification information in the above list is limited to the number of portable items in the predetermined area. If the object identification information corresponding to the personal identification information obtained from the above can be quickly retrieved from the above list, and the user and the portable object can be identified quickly, there is an effect.
[0031] 本発明のさらに他の目的、特徴、および優れた点は、以下に示す記載によって十 分わ力るであろう。また、本発明の利益は、添付図面を参照した次の説明で明白にな るであろう。  [0031] Still other objects, features, and advantages of the present invention will be sufficiently enhanced by the following description. The benefits of the present invention will become apparent from the following description with reference to the accompanying drawings.
図面の簡単な説明  Brief Description of Drawings
[0032] [図 1]本発明の一実施形態である信用販売システムの概略構成を示すブロック図で ある。  FIG. 1 is a block diagram showing a schematic configuration of a credit sales system according to an embodiment of the present invention.
[図 2]上記信用販売システムにおけるセンターサーバの概略構成を示すブロック図で ある。  FIG. 2 is a block diagram showing a schematic configuration of a center server in the credit sales system.
[図 3]センターサーバに記憶される信用販売情報の内容例を表形式で示す図である  FIG. 3 is a diagram showing an example of the contents of credit sales information stored in the center server in a table format.
[図 4]上記信用販売システムにおける POSシステムの概略構成を示すブロック図であ る。 FIG. 4 is a block diagram showing a schematic configuration of a POS system in the credit sales system.
[図 5]上記 POSシステムにおける POSサーバの概略構成を示すブロック図である。 [図 6]上記 POSサーバの記憶部に記憶される来店者リストの内容例を表形式示すブ ロック図である。 FIG. 5 is a block diagram showing a schematic configuration of a POS server in the POS system. FIG. 6 is a block diagram showing an example of the contents of a store visitor list stored in the storage unit of the POS server in a table format.
[図 7]上記 POSサーバの来店処理部が行う処理動作を示すフローチャートである。  FIG. 7 is a flowchart showing processing operations performed by the store visit processing unit of the POS server.
[図 8]上記 POSサーバの支払処理部が行う処理動作を示すフローチャートである。  FIG. 8 is a flowchart showing processing operations performed by the payment processing unit of the POS server.
[図 9]上記 POSサーバの退店処理部が行う処理動作を示すフローチャートである。  FIG. 9 is a flowchart showing a processing operation performed by a store exit processing unit of the POS server.
[図 10]上記信用販売システムにおける処理の流れを概括的に示す図である。  FIG. 10 is a diagram schematically showing a processing flow in the credit sales system.
[図 11]本発明の別の実施形態である販売システムにおいて、ユーザが来店したとき に、 POSサーバの制御部とセンターサーバの制御部とが行う処理動作を示すフロー チャートである。  FIG. 11 is a flowchart showing processing operations performed by the control unit of the POS server and the control unit of the center server when the user visits the store in the sales system according to another embodiment of the present invention.
[図 12]上記販売システムにおいて、商品を購入するときに、 POSサーバの制御部と センターサーバの制御部とが行う処理動作を示すフローチャートである。  FIG. 12 is a flowchart showing processing operations performed by the control unit of the POS server and the control unit of the center server when purchasing a product in the sales system.
[図 13]上記販売システムにおいて、ユーザが退店するときに、 POSサーバの制御部 とセンターサーバの制御部とが行う処理動作を示すフローチャートである。  FIG. 13 is a flowchart showing processing operations performed by the control unit of the POS server and the control unit of the center server when the user leaves the store in the sales system.
[図 14]上記信用販売システムにおける処理の流れを概括的に示す図である。  FIG. 14 is a diagram schematically showing the flow of processing in the credit sales system.
発明を実施するための最良の形態  BEST MODE FOR CARRYING OUT THE INVENTION
[0033] 〔実施の形態 1〕  [Embodiment 1]
本発明の一実施形態について図 1〜図 10に基づいて説明すると以下の通りである 。図 1は、本実施形態である信用販売システムの概略構成を示している。  An embodiment of the present invention will be described below with reference to FIGS. FIG. 1 shows a schematic configuration of a credit sales system according to this embodiment.
[0034] 信用販売は、或る信販会社と契約した契約者が、該信販会社が指定する店舗にて 商品を購入するときに、上記信販会社が、上記契約者の代金後払いを信用して上記 店舗との間で購入代金を決済することにより、契約者に商品を先渡しし、後日に、信 販会社が契約者に代金を請求するものである。なお、信販会社は、信販業務を専門 に行っている会社だけでなぐ銀行業務または百貨店業務などの他の業務とともに信 販業務を行って!/、る会社も含まれる。  [0034] In the credit sales, when a contractor contracted with a certain credit sales company purchases a product at a store designated by the credit sales company, the credit sales company trusts the contractor to pay the price in advance and By paying the purchase price with the store, the product is forwarded to the contractor, and the credit company charges the contractor for the price later. Credit sales companies also include companies that conduct credit sales together with other businesses such as banking or department store operations that are not limited to companies specializing in credit sales!
[0035] 図 1に示されるように、本実施形態の信用販売システム (ユーザ認証システム) 1は、 信販会社に設けられたセンターサーバ 10と、複数の店舗にそれぞれ設けられた複数 の POS (point-of-sale)システム 11とを専用回線 12を介して接続した構成である。信 用販売システム 1では、センターサーバ 10は、複数の POSシステム 11との間で契約 者 (ユーザ)の購入代金の決済を行い、後日にユーザに代金を請求するために、購 入代金の情報を記憶するものである。 As shown in FIG. 1, the credit sales system (user authentication system) 1 of this embodiment includes a center server 10 provided in a credit sales company and a plurality of POS (points) provided in a plurality of stores. -of-sale) The system 11 is connected to the system 11 via the dedicated line 12. In the credit sales system 1, the center server 10 contracts with multiple POS systems 11. The purchase price of the user (user) is settled, and information on the purchase price is stored in order to charge the user later.
[0036] 図 2は、センターサーバ 10の概略構成を示している。図示のように、センターサー バ 10は、制御部 20、データベース 21、通信 IZF部 22、決済処理部 23、および暗号 化部 24を備える構成である。  FIG. 2 shows a schematic configuration of the center server 10. As illustrated, the center server 10 includes a control unit 20, a database 21, a communication IZF unit 22, a settlement processing unit 23, and an encryption unit 24.
[0037] 制御部 20は、センターサーバ 10内の各構成を統括的に制御するものである。制御 部 20の機能は、例えば RAM (Random Access Memory)やフラッシュメモリなどの記 憶装置に記憶されたプログラムを CPU (Central Processing Unit)が実行することによ つて実現される。  The control unit 20 controls each component in the center server 10 in an integrated manner. The function of the control unit 20 is realized by a CPU (Central Processing Unit) executing a program stored in a storage device such as a RAM (Random Access Memory) or a flash memory.
[0038] データベース 21は、例えばノヽードディスクドライブ (HDD)などの記憶装置を備え て、各種情報を記憶するものである。本実施形態では、データベース 21は、信用販 売に関する各種情報 (以下、「信用販売情報」と称する。)を記憶している。なお、信 用販売情報の詳細については後述する。  The database 21 includes a storage device such as a node disk drive (HDD), and stores various information. In the present embodiment, the database 21 stores various information related to credit sales (hereinafter referred to as “credit sales information”). Details of credit sales information will be described later.
[0039] 通信 IZF部 22は、複数の POSシステム 11とデータ通信を行うためのものである。  [0039] Communication The IZF unit 22 is for data communication with a plurality of POS systems 11.
なお、上述のように、通信 IZF部 22と POSシステム 11との間のデータ通信は、情報 漏洩の防止の観点から専用回線で行われる。  As described above, data communication between the communication IZF unit 22 and the POS system 11 is performed through a dedicated line from the viewpoint of preventing information leakage.
[0040] 決済処理部 23は、複数の POSシステム 11との間で決済処理を行うものである。暗 号ィ匕部 24は、情報漏洩の防止の観点から、 POSシステム 11に送信するデータを暗 号ィ匕鍵に基づいて暗号ィ匕を行うものである。なお、暗号ィ匕されたデータは、暗号化鍵 とともに POSシステム 11に送信される。  [0040] The payment processing unit 23 performs payment processing with a plurality of POS systems 11. The encryption key unit 24 encrypts data to be transmitted to the POS system 11 based on the encryption key from the viewpoint of preventing information leakage. The encrypted data is transmitted to the POS system 11 together with the encryption key.
[0041] 図 3は、或るユーザに関して、データベース 21に記憶される信用販売情報の内容 例を示している。図示のように、信用販売情報は、 ID (識別情報)、個人特定情報、 個人情報、顔写真情報、および利用情報を含んでいる。  FIG. 3 shows an example of the contents of the credit sales information stored in the database 21 for a certain user. As shown in the figure, the credit sales information includes ID (identification information), personal identification information, personal information, face photo information, and usage information.
[0042] IDは、クレジットカードなど、信用の化体された物体 (以下、「信用化体物」と称する 。)を特定するための情報である。信用化体物 (携帯物)は、信販会社との契約時に 信販会社からユーザに提供される。信用化体物としては、磁気カードが主に利用さ れているが、最近では ICカードや、携帯電話機に組み込まれた ICチップなどが利用 されている。本実施形態では、上記信用化体物は携帯電話機であり、上記 IDは、携 帯電話機の電話番号である。この場合、ユーザがクレジットカードなどの信用化体物 を別途携帯する必要がなくなる。なお、詳細は後述するが、本実施形態にて利用さ れる携帯電話機は、ワイヤレス LANに接続する機能を有する携帯電話機である。 [0042] The ID is information for specifying an object that has been credited, such as a credit card (hereinafter referred to as "credited object"). Credit products (portable items) are provided to the user from the credit sales company when contracted with the credit sales company. Magnetic cards are mainly used as credits, but recently, IC cards and IC chips built into mobile phones have been used. In this embodiment, the trusted object is a mobile phone, and the ID is a mobile phone. This is the phone number of the mobile phone. In this case, it is not necessary for the user to carry a credit object such as a credit card separately. Although details will be described later, the mobile phone used in the present embodiment is a mobile phone having a function of connecting to a wireless LAN.
[0043] 個人特定情報は、個人を特定するための情報であり、本実施形態では、暗証番号 である。なお、個人特定情報としては、暗証番号の他に、指紋、声紋、所定部位の静 脈、顔画像などのバイオメトリック情報、および筆跡が挙げられる。暗証番号を個人特 定情報として利用すれば、簡便な入力および処理が可能になる。一方、バイオメトリツ ク情報を個人特定情報として利用すれば、個人を精度良く特定することが可能にな る。 [0043] The personal identification information is information for identifying an individual, and in this embodiment is a personal identification number. In addition to the personal identification number, the personal identification information includes fingerprints, voiceprints, veins of predetermined parts, biometric information such as face images, and handwriting. If the PIN is used as personal information, simple input and processing becomes possible. On the other hand, if biometric information is used as personal identification information, individuals can be identified with high accuracy.
[0044] 個人情報は、個人に関する情報であり、例えば、氏名、住所、固定電話機の電話 番号、年齢、性別、職業、利用限度額などを含んでいる。顔写真情報は、個人の顔 写真の情報であり、店舗の店員が個人を確認するために用いられる。なお、店員が 個人を確認しな 、場合には、顔写真情報をデータベース 21に記憶する必要はな ヽ  [0044] The personal information is information related to an individual, and includes, for example, a name, an address, a telephone number of a fixed telephone, an age, a sex, an occupation, a limit of use, and the like. The face photo information is information on an individual's face photo, and is used by a store clerk to confirm the individual. If the store clerk does not confirm the individual, it is not necessary to store facial photo information in the database 21.
[0045] 利用情報は、ユーザが信用販売システム 1を利用したことによって生じる情報であり 、例えば、残り利用限度額や、利用明細情報などを含んでいる。利用明細情報は、 ユーザが購入した商品、金額、 日付、利用店舗などを含んでいる。利用明細情報に 基づいて、ユーザに代金を請求する請求書が作成され、ユーザに送付される。 [0045] The usage information is information generated when the user uses the credit sales system 1, and includes, for example, a remaining usage limit and usage details information. The usage details information includes the product purchased by the user, the price, the date, the usage store, and the like. Based on the usage details information, an invoice for charging the user is created and sent to the user.
[0046] 図 4は、 POSシステム 11の概略構成を示して!/、る。図示のように、 POSシステム 11 は、 1または複数の POS端末 (入力手段、表示手段) 31と、 POSサーバ 30と、 1また は複数のワイヤレス LAN用のアクセスポイント(無線通信手段) 32とを、 LAN33を介 して接続した構成である。  [0046] FIG. 4 shows a schematic configuration of the POS system 11! /. As shown in the figure, the POS system 11 includes one or more POS terminals (input means, display means) 31, a POS server 30, and one or more access points (wireless communication means) 32 for wireless LAN. The configuration is connected via LAN33.
[0047] POS端末 31は、店舗(図示の場合ではコンビ-エンスストア)のレジとして利用され るものであり、販売された商品名および金額などが入力されて POSサーバ 30に送信 される。なお、 POS端末 31は、各種チケットの予約や、各種公共料金の振込みが可 能であってもよい。  [0047] The POS terminal 31 is used as a cash register of a store (in the illustrated case, a convenience store), and the name of the product sold and the amount of money are input and transmitted to the POS server 30. The POS terminal 31 may be capable of reserving various tickets and transferring various public charges.
[0048] 本実施形態では、 POS端末 31は、ユーザ 34が商品を購入するときに、ユーザ 34 カゝら暗証番号が直接入力される。暗証番号が、電波や赤外線を介して POS端末 31 に入力されるのではなぐ POS端末 31にて直接入力されることにより、暗証番号の漏 洩を防止することができる。また、 POS端末 31は、入力された暗証番号を POSサー バ 30に送信する。 [0048] In the present embodiment, when the user 34 purchases a product, the POS terminal 31 is directly input with a personal identification number from the user 34. The security code is sent to the POS terminal 31 via radio waves or infrared rays. It is possible to prevent the security code from being leaked by entering it directly at the POS terminal 31. In addition, the POS terminal 31 transmits the entered password to the POS server 30.
[0049] アクセスポイント 32は、 1または複数の携帯電話機 (無線通信端末) 35との間で、 U WB、無線 LAN (IEEE802. 11)、 BluetootM登録商標)などの近距離無線通信 技術を用いて、ワイヤレス LANを形成するものである。これにより、アクセスポイント 3 2は、鞫 36の中に入って 、る携帯電話機 35との間でもデータ通信を行うことができる  [0049] The access point 32 is connected to one or a plurality of mobile phones (wireless communication terminals) 35 using near field communication technology such as UWB, wireless LAN (IEEE802.11), BluetootM registered trademark). , Form a wireless LAN. As a result, the access point 3 2 can enter the phone 36 and perform data communication with the mobile phone 35.
[0050] なお、本実施形態では、店舗内の携帯電話機とのみ無線通信できればよ!、ので、 アクセスポイント 32の通信領域は、店舗内の領域と同程度であればよい。また、情報 漏洩防止の観点から、アクセスポイント 32は、新規参入のデータ通信に利用する通 信チャネルを、通常のデータ通信に利用する通信チャネルとは別の通信チャネルに することが望ましい。また、暗号化されたデータを通信することが望ましい。 [0050] In the present embodiment, it is only necessary to perform wireless communication only with the mobile phone in the store! Therefore, the communication area of the access point 32 may be approximately the same as the area in the store. Also, from the viewpoint of preventing information leakage, it is desirable for the access point 32 to change the communication channel used for newly entered data communication to a communication channel different from the communication channel used for normal data communication. It is also desirable to communicate encrypted data.
[0051] POSサーバ 30は、 POSシステム 11内の各構成を統括的に制御するものである。  [0051] The POS server 30 controls the components in the POS system 11 in an integrated manner.
具体的には、 POSサーバ 30は、販売された商品の名称、金額、販売日時などの販 売情報を POS端末 31から収集するものである。また、 POSサーバ 30は、必要があ れば、外部のサーバと接続して、 POS端末 31からの各種チケットの予約や、各種公 共料金の振込みを行うことが可能であることが望ましい。  Specifically, the POS server 30 collects sales information such as the name, price, and sales date of the sold products from the POS terminal 31. Further, it is desirable that the POS server 30 can connect to an external server, if necessary, to reserve various tickets from the POS terminal 31 and transfer various public charges.
[0052] 本実施形態では、 POSサーバ 30は、アクセスポイント 32からワイヤレス LANに関 する情報を取得する。具体的には、 POSサーバ 30は、ワイヤレス LANに新規参入 する携帯電話機 35の電話番号と、通信不能となってワイヤレス LANカゝら切断された 携帯電話機 35の電話番号とをアクセスポイント 32から取得する。なお、 POSサーバ 30は、店舗内に存在する携帯電話機 35を常時把握するため、現在ワイヤレス LAN に接続中の携帯電話機 35の情報をアクセスポイント 32から取得することが望ましい。  In the present embodiment, the POS server 30 acquires information related to the wireless LAN from the access point 32. Specifically, the POS server 30 obtains from the access point 32 the phone number of the mobile phone 35 newly entering the wireless LAN and the phone number of the mobile phone 35 that was disconnected from the wireless LAN cable due to communication failure. To do. Note that the POS server 30 preferably obtains information about the mobile phone 35 currently connected to the wireless LAN from the access point 32 in order to keep track of the mobile phone 35 present in the store.
[0053] また、本実施形態では、 POSサーバ 30は、ワイヤレス LANに新規参入する携帯電 話機 35の電話番号をアクセスポイント 32から取得する。これにより、携帯電話機 35の 認証が行われる。 POSサーバ 30は、取得した電話番号をセンターサーバ 10に送信 して、該電話番号に対応する暗証番号、顔写真情報、および個人情報をセンターサ ーバ 10から受信する。 POSサーバ 30は、受信した暗証番号などを来客者リストに追 加して記憶する。なお、センターサーノ 10から POSサーバ 30に送信される個人情 報は、プライバシー保護の観点から、例えば性別や年齢など、店員がユーザ 34を確 認できる情報のみに限定することが望ましい。 In the present embodiment, the POS server 30 acquires from the access point 32 the telephone number of the mobile phone 35 that newly enters the wireless LAN. Thereby, the mobile phone 35 is authenticated. The POS server 30 transmits the acquired telephone number to the center server 10, and the PIN number, face photo information, and personal information corresponding to the telephone number are transmitted to the center server. Receive from server 10. The POS server 30 adds the received personal identification number and the like to the visitor list and stores it. It should be noted that the personal information transmitted from the center Sano 10 to the POS server 30 is preferably limited to only information that allows the store clerk to confirm the user 34, such as gender and age, from the viewpoint of privacy protection.
[0054] また、本実施形態では、 POSサーバ 30は、 POS端末 31から暗証番号を取得する と、暗証番号に対応する電話番号を来客リストの中から特定する。これにより、ユーザ 34の認証が行われる。 POSサーバ 30は、特定した電話番号を、ユーザ 34に対する 販売情報とともに、センターサーバ 10に送信する。このとき、センターサーバ 10は、 P OSシステム 11との間で決済処理を行うとともに、ユーザに後日代金を請求するため に、販売情報をデータベース 21に記憶する。  In the present embodiment, when the POS server 30 acquires a personal identification number from the POS terminal 31, the POS server 30 identifies a telephone number corresponding to the personal identification number from the customer list. As a result, the user 34 is authenticated. The POS server 30 transmits the identified telephone number to the center server 10 together with sales information for the user 34. At this time, the center server 10 performs a payment process with the POS system 11 and stores sales information in the database 21 in order to charge the user for a later date.
[0055] したがって、本実施形態の信用販売システム 1は、店舗内に入った携帯電話機 35 から、携帯電話機 35の電話番号を取得し、取得した電話番号に対応する暗証番号 をセンターサーバのデータベース 21から取得し、取得した電話番号および暗証番号 の組を来店者リストに追加している。これにより、上記来店者リストは、店舗内に存在 する携帯電話機 35ごとに、電話番号および暗証番号の組を含むことになる。そして、 上記店舗内でユーザ 34の認証を行うときに、ユーザ 34から暗証番号を取得し、取得 した暗証番号に対応する電話番号を上記来店者リストから検索することにより、ユー ザ 34および携帯電話機 35を特定する。  Therefore, the credit sales system 1 of the present embodiment acquires the telephone number of the mobile phone 35 from the mobile phone 35 that entered the store, and stores the personal identification number corresponding to the acquired telephone number in the database 21 of the center server. And a set of the phone number and password obtained is added to the visitor list. Thus, the store visitor list includes a set of a telephone number and a personal identification number for each mobile phone 35 present in the store. Then, when authenticating the user 34 in the store, the user 34 and the mobile phone are obtained by acquiring a password from the user 34 and searching the store visitor list for a telephone number corresponding to the acquired password. Specify 35.
[0056] したがって、信用販売システム 1は、携帯電話機 35が店舗内に入った時点で携帯 電話機 35の電話番号を取得しているので、ユーザ 34の認証を行うときには、暗証番 号を取得すれば良ぐユーザの認証を迅速に行うことができる。また、上記来店者リス トにおける電話番号および暗証番号の組が、店舗内に存在する携帯電話機 35の数 に限られるので、ユーザ 34から取得した暗証番号に対応する電話番号を、上記来店 者リストから迅速に検索することができ、ユーザ 34および携帯電話機 35を迅速に特 定することができる。  [0056] Therefore, since the credit sales system 1 acquires the phone number of the mobile phone 35 when the mobile phone 35 enters the store, when authenticating the user 34, the credit sales system 1 acquires the password. Good user authentication can be performed quickly. In addition, since the number of pairs of phone numbers and passwords in the above-mentioned store visitor list is limited to the number of mobile phones 35 existing in the store, the phone number corresponding to the password obtained from the user 34 is stored in the above-mentioned visitor list. The user 34 and the mobile phone 35 can be quickly identified.
[0057] 以下、 POSシステム 11の詳細について図 5および図 6に基づいて説明する。なお、 POS端末 31は、通常の POS端末に暗証番号入力用キーパッドを追加した構成とな つているが、クレジットカードを利用できる従来の POS端末は、クレジットカードの読 取り機能とともに、暗証番号の入力機能を有する場合がある。 Hereinafter, details of the POS system 11 will be described with reference to FIG. 5 and FIG. The POS terminal 31 has a configuration in which a keypad for entering a password is added to a normal POS terminal. However, a conventional POS terminal that can use a credit card reads a credit card. In some cases, it may have a function of inputting a personal identification number together with the taking function.
[0058] すなわち、 POS端末 31は、通常の POS端末と同様に、端末内の各構成を統括的 に制御する制御部と、各種情報を記憶する記憶部と、店員の入力情報またはバーコ ードの読取り情報を受け付ける入力部と、各種情報を表示する表示部と、レシート情 報を印刷出力する印刷部と、 LANと通信可能に接続されるネットワーク IZF部とを備 え、さらに、暗証番号の入力を受け付ける暗証番号入力用キーパッドを備える公知の 構成である。したがって、 POS端末 31の詳細の説明を省略する。  [0058] That is, the POS terminal 31 is similar to a normal POS terminal, a control unit that comprehensively controls each component in the terminal, a storage unit that stores various types of information, and clerk input information or barcodes. An input unit that accepts reading information, a display unit that displays various information, a printing unit that prints out receipt information, and a network IZF unit that is communicably connected to a LAN. This is a well-known configuration including a keypad for inputting a personal identification number for accepting input. Therefore, detailed description of the POS terminal 31 is omitted.
[0059] 図 5は、 POSサーバ 30の概略構成を示して!/、る。図示のように、 POSサーバ 30は 、制御部 40、記憶部(記憶手段) 41、ネットワーク IZF部 42、および通信 IZF部 43 を備える構成である。  [0059] FIG. 5 shows a schematic configuration of the POS server 30! /. As shown in the figure, the POS server 30 includes a control unit 40, a storage unit (storage means) 41, a network IZF unit 42, and a communication IZF unit 43.
[0060] 制御部 40は、 POSサーバ 30内の各構成を統括的に制御するものである。制御部 40の機能は、例えば RAMやフラッシュメモリなどの記憶装置に記憶されたプロダラ ムを CPUが実行することによって実現される。なお、本実施形態における制御部 40 の構成に関しては後述する。  [0060] The control unit 40 controls each component in the POS server 30 in an integrated manner. The function of the control unit 40 is realized by the CPU executing a program stored in a storage device such as a RAM or a flash memory. The configuration of the control unit 40 in the present embodiment will be described later.
[0061] 記憶部 41は、例えば RAMゃノヽードディスクドライブ (HDD)などの記憶装置を備 えて、各種情報を記憶するものである。なお、本実施形態において、記憶部 41が記 憶する情報に関しては後述する。  [0061] The storage unit 41 includes a storage device such as a RAM node drive (HDD) and stores various types of information. In the present embodiment, information stored in the storage unit 41 will be described later.
[0062] ネットワーク IZF部 42は、 LAN33を介して POS端末 31およびアクセスポイント 32 とデータ通信を行うためのものである。なお、 LAN33は、情報漏洩の防止の観点か ら有線 LANであることが望ましい。通信 I/F部 43は、専用回線 12を介してセンター サーバ 10とデータ通信を行うためのものである。  [0062] The network IZF unit 42 is for data communication with the POS terminal 31 and the access point 32 via the LAN 33. The LAN 33 is preferably a wired LAN from the viewpoint of preventing information leakage. The communication I / F unit 43 is for data communication with the center server 10 via the dedicated line 12.
[0063] 本実施形態の POSサーバ 30では、記憶部 41は、来店者リスト 47を記憶している。  In the POS server 30 of the present embodiment, the storage unit 41 stores a store visitor list 47.
図 6は、来店者リスト 47の内容の一例を示している。図示のように、来店者リスト 47は 、ワイヤレス LANに接続している携帯電話機 35ごとに、携帯電話機 35の電話番号( 携帯電話 ID)、暗証番号、暗号化鍵、ユーザ 34の年齢および性別、残り利用限度額 、ならびに顔写真情報を含んでいる。なお、来店者リスト 47内の情報は、暗号化鍵に より暗号化されて 、てもよ 、。  FIG. 6 shows an example of the contents of the store visitor list 47. As shown in the figure, the visitor list 47 includes, for each mobile phone 35 connected to the wireless LAN, a mobile phone 35 phone number (mobile phone ID), a personal identification number, an encryption key, the age and gender of the user 34, It includes the remaining usage limit and face photo information. The information in the store visitor list 47 may be encrypted with the encryption key.
[0064] また、制御部 40は、図 5に示されるように、来店処理部(取得手段、リスト追加手段) 44、支払処理部 (特定手段) 45、および退店処理部(リスト削除手段) 46を備える構 成である。 [0064] Further, as shown in FIG. 5, the control unit 40 has a store visit processing unit (acquisition means, list addition means). 44, a payment processing unit (specifying means) 45, and a store closing processing unit (list deletion means) 46.
[0065] 来店処理部 44は、ユーザ 34が携帯電話機 35を携帯して来店したときに処理動作 を行うものである。図 7は、来店処理部 44が行う処理動作を示している。図示のように 、まず、ワイヤレス LANで、新規参入の携帯電話機 35を探索し (ステップ S 10。以下 、単に「S10」と記載することがある。その他のステップでも同様である。)、これを見つ 力るまで繰り返す(SI 1で NO)。  [0065] The store visit processing unit 44 performs a processing operation when the user 34 carries the mobile phone 35 and visits the store. FIG. 7 shows processing operations performed by the store visit processing unit 44. As shown in the figure, first, a new mobile phone 35 is searched by wireless LAN (step S10. Hereinafter, it may be simply referred to as “S10”. The same applies to other steps). Repeat until you find it (NO at SI 1).
[0066] 新規参入の携帯電話機 35が見つ力つた場合には(S11で YES)、見つ力つた携帯 電話機 35の ID (電話番号)を、アクセスポイント 32を介して取得し(S 12)、取得した I Dをセンターサーバ 10に送信する(S13)。このとき、センターサーバ 10は、受信した IDに対応する個人特定情報 (暗証番号)、個人情報のうちの年齢および性別、顔写 真、ならびに利用情報のうちの残り限度額をデータベース 21から検索し、暗号化部 2 4にて所定の情報に暗号化処理を行い、暗号ィ匕鍵とともに POSサーバ 30に送信す る。これにより、 POSサーバ 30は、個人特定情報、年齢、性別、顔写真、残り限度額 、および暗号ィ匕鍵を取得する(S 13)。  [0066] If the newly-entered mobile phone 35 finds power (YES in S11), the ID (phone number) of the watched mobile phone 35 is acquired via the access point 32 (S 12). The acquired ID is transmitted to the center server 10 (S13). At this time, the center server 10 searches the database 21 for the personal identification information (password) corresponding to the received ID, the age and sex of the personal information, the face photo, and the remaining limit of the usage information. Then, the encryption unit 24 encrypts predetermined information and transmits it to the POS server 30 together with the encryption key. As a result, the POS server 30 acquires the personal identification information, age, gender, face photo, remaining limit, and encryption key (S13).
[0067] そして、取得した個人特定情報、年齢、性別、顔写真、残り限度額、および暗号ィ匕 鍵を、携帯電話機 35の IDと共に、記憶部 41の来店者リスト 47に追加する(S14)。そ の後、ステップ S 10に戻って、上記処理動作を繰り返す。  [0067] Then, the acquired personal identification information, age, sex, face photograph, remaining limit, and encryption key are added to the store visitor list 47 of the storage unit 41 together with the ID of the mobile phone 35 (S14). . Then, the process returns to step S10 and the above processing operation is repeated.
[0068] 支払処理部 45は、ユーザ 34が商品を購入するときに処理動作を行うものである。  The payment processing unit 45 performs a processing operation when the user 34 purchases a product.
図 8は、支払処理部 45が行う処理動作を示している。図示のように、まず、ユーザ 34 力 SPOS端末 31にて暗証番号を直接入力することにより、 POS端末 31からユーザ 34 の暗証番号を取得し (S20)、取得した暗証番号を来店者リスト 47から検索する(S21 FIG. 8 shows processing operations performed by the payment processing unit 45. As shown in the figure, first, the password of the user 34 is obtained from the POS terminal 31 by directly inputting the password at the user 34 power SPOS terminal 31 (S20), and the obtained password is retrieved from the visitor list 47. Search (S21
) o ) o
[0069] 取得した暗証番号に一致する暗証番号が来店者リスト 47から見つ力もな力つた場 合には(S22で NO)、所定のエラー処理を行う。一方、取得した暗証番号に一致す る暗証番号が来店者リスト 47から見つかった場合には(S22で YES)、見つかった暗 証番号に対応する個人情報と顔写真情報とを POS端末 31に送信する(S23)。これ により、店員は、携帯電話機 35を有するユーザ 34を、個人情報および顔写真情報か ら確認することができる。その後、店員が、ユーザ 34の承認の可否を入力部にて入 力することにより、店員の承認の可否を示す承認可否情報が POS端末 31にて作成 され、 POSサーバ 30に送信される。これにより、 POSサーバ 30は、店員の承認可否 情報を取得できる(S23)。 [0069] If the password that matches the acquired password is strong enough to be seen from the store list 47 (NO in S22), predetermined error processing is performed. On the other hand, if a password that matches the acquired password is found in the visitor list 47 (YES in S22), personal information and face photo information corresponding to the found password are sent to the POS terminal 31. (S23). As a result, the store clerk can identify the user 34 with the mobile phone 35 as personal information or facial photo information. Can be confirmed. Thereafter, when the store clerk inputs approval / disapproval of the user 34 at the input unit, approval approval / disapproval information indicating approval / disapproval of the store clerk is created at the POS terminal 31 and transmitted to the POS server 30. Thereby, the POS server 30 can acquire the approval / disapproval information of the store clerk (S23).
[0070] 次に、取得した承認可否情報から、店員が承認しなかった場合には(S24で NO)、 エラー処理を行う。一方、店員が承認した場合には(S24で YES)、検索した暗証番 号に対応する IDと、信販会社との間で商品の代金の決済を行うための決済情報とを センターサーバ 10に送信する(S25)。これにより、センターサーバ 10は、決済処理 部 23にて決済が行われ、データベース 21におけるユーザ 34の利用明細および残り 利用限度額が更新される。  Next, if the store clerk does not approve from the obtained approval approval / disapproval information (NO in S24), error processing is performed. On the other hand, if the store clerk approves (YES in S24), the ID corresponding to the searched PIN and the payment information for payment of the product price with the credit sales company are sent to the center server 10. (S25). As a result, the center server 10 performs the settlement in the settlement processing unit 23, and the usage details and the remaining usage limit amount of the user 34 in the database 21 are updated.
[0071] 次に、来店者リスト 47にて、上記 IDに対応する残り利用限度額を更新し (S26)、上 記 IDに対応する携帯電話機 35にレシート情報を送信する(S27)。これにより、レシ ートを印字する手間を省くことができる。なお、レシート情報の他に、商品の購入に対 する特典情報などの各種情報を携帯電話機 35に送信してもよい。その後、支払処理 部 45が行う処理動作を終了する。  Next, the remaining usage limit corresponding to the ID is updated in the store visitor list 47 (S26), and receipt information is transmitted to the mobile phone 35 corresponding to the ID (S27). This saves the trouble of printing the recipe. In addition to the receipt information, various types of information such as privilege information for purchasing a product may be transmitted to the mobile phone 35. Thereafter, the processing operation performed by the payment processing unit 45 is terminated.
[0072] 退店処理部 46は、ユーザ 34が退店するときに処理動作を行うものである。図 9は、 退店処理部 46が行う処理動作を示している。図示のように、まず、ワイヤレス LANで 、通信不能の携帯電話機 35を検出し (S30)、これを検出するまで繰り返す (S31で NO)。  The store exit processing unit 46 performs a processing operation when the user 34 exits the store. FIG. 9 shows processing operations performed by the store closing processing unit 46. As shown in the figure, first, the mobile phone 35 that cannot communicate with the wireless LAN is detected (S30), and this is repeated until it is detected (NO in S31).
[0073] 通信不能の携帯電話機 35を検出した場合には(S31で YES)、検出した携帯電話 機 35の IDと、該 IDに対応する情報、すなわち、個人特定情報、年齢、性別、顔写真 、残り限度額、および暗号ィ匕鍵とを記憶部 41の来店者リスト 47から削除する(S32)。 その後、ステップ S32に戻って、上記処理動作を繰り返す。  [0073] When a mobile phone 35 that cannot be communicated is detected (YES in S31), the ID of the detected mobile phone 35 and information corresponding to the ID, that is, personal identification information, age, gender, face photo The remaining limit amount and the encryption key are deleted from the store visitor list 47 of the storage unit 41 (S32). Thereafter, the process returns to step S32 and the above processing operation is repeated.
[0074] 上記構成の信用販売システム 1において、ユーザ 34がクレジット契約を行ってから 商品を購入するまでの処理動作を図 10に基づいて説明する。図 10は、信用販売シ ステム 1における処理の流れを概括的に示している。まず、ユーザ 34は、事前に信販 会社とクレジット契約を行う。このとき、ユーザ 34は、信販会社に顔写真および暗証 番号を提供する (Al)。信販会社は、提供された顔写真および暗証番号を、携帯電 話機の ID (電話番号)と、個人情報および利用情報とともに、センターサーバ 10のデ ータベース 21に記憶する (A2)。また、信販会社は、上記電話番号 (ID)を有する携 帯電話機 35をユーザ 34に提供する (A3)。 In the credit sales system 1 having the above-described configuration, processing operations from when the user 34 makes a credit contract to when purchasing a product will be described with reference to FIG. Figure 10 shows the overall processing flow in the credit sales system1. First, the user 34 makes a credit contract with a credit sales company in advance. At this time, the user 34 provides a face photo and a personal identification number to the credit sales company (Al). The credit sales company will use the photo and password provided to the mobile phone. Along with the ID (telephone number) of the speaker, personal information, and usage information, it is stored in the database 21 of the center server 10 (A2). The credit sales company provides the mobile phone 35 having the above telephone number (ID) to the user 34 (A3).
[0075] 次に、ユーザ 34は、携帯電話機 35の入った鞫 36を保持して、コンビニエンスストア に来店する。すると、 POSシステム 11は、アクセスポイント 32を介して携帯電話機 35 に自動的に接続して、携帯電話機 35から IDを取得する (A4、図 7の S10〜S12)次 に、 POSシステム 11は、取得した IDをセンターサーバ 10に送信して (A5)、該 IDに 対応する暗証番号、個人情報、および顔写真情報をセンターサーバ 10から取得す る (A6、図 7の S13)。そして、取得した暗証番号、個人情報、および顔写真情報を I Dとともに来店者リスト 47に追加する(A7、図 7の S14)。  [0075] Next, the user 34 holds the bag 36 containing the mobile phone 35 and visits a convenience store. Then, the POS system 11 automatically connects to the mobile phone 35 via the access point 32 and acquires the ID from the mobile phone 35 (A4, S10 to S12 in FIG. 7) .Next, the POS system 11 The acquired ID is transmitted to the center server 10 (A5), and the personal identification number, personal information, and face photo information corresponding to the ID are acquired from the center server 10 (A6, S13 in FIG. 7). Then, the obtained personal identification number, personal information, and face photograph information are added to the visitor list 47 together with ID (A7, S14 in FIG. 7).
[0076] 次に、ユーザ 34が商品を購入するために POS端末 31に接近し、 POS端末 31にて 暗証番号を入力すると (A8、図 8の S20)、 POSシステム 11は、入力された暗証番号 に対応する ID、個人情報、および顔写真を来店者リスト 47の中力も特定し、特定した 個人情報および顔写真を POS端末 31に表示する。これにより、店員が個人情報お よび顔写真力もユーザを確認できる(A9、図 8の S21〜S23)。  [0076] Next, when the user 34 approaches the POS terminal 31 to purchase a product and enters a personal identification number at the POS terminal 31 (A8, S20 in FIG. 8), the POS system 11 The ID corresponding to the number, personal information, and face photo are also identified in the visitor list 47, and the identified personal information and face photo are displayed on the POS terminal 31. As a result, the store clerk can also confirm the user with personal information and facial photographic power (A9, S21 to S23 in FIG. 8).
[0077] 店員がユーザを確認した後、 POSシステム 11は、入力された暗証番号に対応する IDと決済情報とをセンターサーバ 10に送信する(A10、図 8の S25)。このとき、セン ターサーバ 10は、決済情報に基づいて決済処理を行う(Al l)。  [0077] After the clerk confirms the user, the POS system 11 transmits the ID corresponding to the entered password and the settlement information to the center server 10 (A10, S25 in FIG. 8). At this time, the center server 10 performs a payment process based on the payment information (All).
[0078] 次に、 POSシステム 11は、来店者リスト 47にて、上記 IDに対応する残り利用限度 額を更新する(図 8の S26)。そして、 POSシステム 11は、携帯電話機 35にレシート 情報および利用明細情報を送信して (A12、図 8の S27)、処理動作を完了する。  Next, the POS system 11 updates the remaining usage limit corresponding to the ID in the store visitor list 47 (S26 in FIG. 8). Then, the POS system 11 transmits the receipt information and the usage details information to the mobile phone 35 (A12, S27 in FIG. 8), and completes the processing operation.
[0079] 〔実施の形態 2〕  [Embodiment 2]
次に、本発明の別の実施形態について、図 11〜図 14に基づいて説明する。本実 施形態の信用販売システムは、図 1に示される信用販売システムに比べて、ユーザ の認証がセンターサーバ 10で行われる点が異なり、その他の構成は同様である。な お、上記実施形態で説明した構成と同様の機能を有する構成には同一の符号を付 して、その説明を省略する。  Next, another embodiment of the present invention will be described with reference to FIGS. The credit sales system according to this embodiment is different from the credit sales system shown in FIG. 1 in that user authentication is performed by the center server 10, and the other configurations are the same. In addition, the same code | symbol is attached | subjected to the structure which has the function similar to the structure demonstrated in the said embodiment, and the description is abbreviate | omitted.
[0080] 本実施形態のセンターサーバ 10は、図 2に示されるセンターサーバ 10に比べて、 図 6に示されるような来店者リストがデータベース 21に記憶される点と、制御部 20に おける処理動作とが異なるのみであり、その他の構成は同様である。また、本実施形 態の POSサーバ 30は、図 5に示される POSサーバ 30に比べて、記憶部 41に記憶 する来店者リスト 47の構成と、制御部 40における処理動作とが異なるのみであり、そ の他の構成は同様である。本実施形態における来店者リスト 47は、図 6に示される来 店者リスト 47から、暗証番号、暗号化鍵、および残り利用限度額を省略したものとな る。 [0080] The center server 10 of this embodiment is different from the center server 10 shown in FIG. The only difference is that the store visitor list as shown in FIG. 6 is stored in the database 21 and the processing operation in the control unit 20 is the same. Further, the POS server 30 of the present embodiment differs from the POS server 30 shown in FIG. 5 only in the configuration of the store visitor list 47 stored in the storage unit 41 and the processing operation in the control unit 40. Other configurations are the same. The store visitor list 47 in this embodiment is obtained by omitting the password, encryption key, and remaining usage limit from the store visitor list 47 shown in FIG.
[0081] 図 11は、ユーザ 34が来店したときに、 POSサーバ 30の制御部 40と、センターサー ノ 10の制御部 20とが行う処理動作を示している。図示のように、まず、 POSサーバ 3 0は、ワイヤレス LANで、新規参入の携帯電話機 35を探索し (S40)、これを見つか るまで繰り返す(S41で NO)。  FIG. 11 shows processing operations performed by the control unit 40 of the POS server 30 and the control unit 20 of the center server 10 when the user 34 visits the store. As shown in the figure, first, the POS server 30 searches for a newly-entered mobile phone 35 via the wireless LAN (S40) and repeats until it is found (NO in S41).
[0082] 新規参入の携帯電話機 35が見つかった場合には(S41で YES)、 POSサーバ 30 は、見つ力つた携帯電話機 35の ID (電話番号)を、アクセスポイント 32を介して取得 し(S42)、取得した IDをセンターサーバ 10に送信する(S43)。このとき、センターサ ーバ 10は、受信した IDに対応する個人特定情報 (暗証番号)、個人情報のうちの年 齢および性別、顔写真、ならびに利用情報のうちの残り限度額を、データベース 21 力も取得して、データベース 21に記憶された来店者リストに追加する(S44)。  [0082] If a newly entered mobile phone 35 is found (YES in S41), the POS server 30 acquires the ID (phone number) of the mobile phone 35 that has been found through the access point 32 ( S42), the acquired ID is transmitted to the center server 10 (S43). At this time, the center server 10 stores the personal identification information (password) corresponding to the received ID, the age and gender of the personal information, the face photo, and the remaining limit of the usage information in the database 21. The force is also acquired and added to the store visitor list stored in the database 21 (S44).
[0083] 次に、センターサーバ 10は、取得した顔写真、ならびに年齢および性別を、 IDと共 に POSサーノ 30に送信する(S45)。このとき、 POSサーバ 30は、センターサーバ 1 0から ID、顔写真、ならびに年齢および性別を受信し (S46)、受信した ID、顔写真、 ならびに年齢および性別を来店者リスト 47に追加する(S47)その後、ステップ S40 に戻って、上記処理動作を繰り返す。  [0083] Next, the center server 10 transmits the acquired face photograph, age and sex to the POS Sano 30 together with the ID (S45). At this time, the POS server 30 receives the ID, face photograph, and age and sex from the center server 10 (S46), and adds the received ID, face photograph, age and gender to the store visitor list 47 (S47). ) Then, return to step S40 and repeat the above processing operation.
[0084] 図 12は、商品を購入するときに、 POSサーバ 30の制御部 40と、センターサーバ 1 0の制御部 20とが行う処理動作を示している。図示のように、まず、 POSサーバ 30は 、ユーザ 34が POS端末 31にて暗証番号を直接入力することにより、 POS端末 31力 らユーザ 34の暗証番号を取得し (S50)、取得した暗証番号と、商品の購入に関する 決済情報とをセンターサーバ 10に送信する(S51)。  FIG. 12 shows processing operations performed by the control unit 40 of the POS server 30 and the control unit 20 of the center server 10 when purchasing a product. As shown in the figure, first, the POS server 30 obtains the password of the user 34 from the POS terminal 31 by directly inputting the password at the POS terminal 31 by the user 34 (S50). And the settlement information relating to the purchase of the product is transmitted to the center server 10 (S51).
[0085] このとき、センターサーバ 10は、 POSサーバ 30から取得した暗証番号を来店者リス トから検索する(S52)。取得した暗証番号に一致する暗証番号が来店者リストから見 つからなかった場合には(S53で NO)、センターサーバ 10は、エラー情報を POSサ ーバ 30に送信する(S54)。 POSサーバ 30は、エラー情報を受信すると(S55で YE S)、所定のエラー処理を行う。 [0085] At this time, the center server 10 uses the password obtained from the POS server 30 to (S52). If the password that matches the acquired password is not found in the store list (NO in S53), the center server 10 transmits error information to the POS server 30 (S54). When receiving the error information (YES in S55), the POS server 30 performs predetermined error processing.
[0086] 一方、センターサーバ 10は、取得した暗証番号に一致する暗証番号が来店者リス トから見つかった場合には(S53で YES)、検索した暗証番号に対応する IDを、端末 (携帯電話機)を特定したことを示す端末特定通知として、 POSサーバ 30に送信す る(S56)。 [0086] On the other hand, if the center server 10 finds a password that matches the acquired password from the store listing (YES in S53), the center server 10 assigns the ID corresponding to the searched password to the terminal (mobile phone ) Is transmitted to the POS server 30 as a terminal identification notification indicating that it has been identified (S56).
[0087] POSサーバ 30は、センターサーバ 10から IDを端末特定通知として受信すると(S5 [0087] When the POS server 30 receives the ID from the center server 10 as a terminal identification notification (S5
7)、受信した IDに対応する個人情報と顔写真情報とを POS端末 31に送信する(S57) The personal information and face photo information corresponding to the received ID are sent to the POS terminal 31 (S5
8)。これにより、店員は、携帯電話機 35を有するユーザ 34を、個人情報および顔写 真情報力 確認することができる。その後、店員が、ユーザ 34の承認の可否を入力 部にて入力することにより、店員の承認の可否を示す承認可否情報が POS端末 31 にて作成され、 POSサーバ 30に送信される。これにより、 POSサーバ 30は、店員の 承認可否情報を取得できる(S58)。 8). As a result, the store clerk can confirm the personal information and the facial photograph information power of the user 34 having the mobile phone 35. Thereafter, when the clerk inputs approval / disapproval of the user 34 at the input unit, approval approval / disapproval information indicating approval / disapproval of the clerk is created at the POS terminal 31 and transmitted to the POS server 30. Thereby, the POS server 30 can acquire the approval / disapproval information of the store clerk (S58).
[0088] 次に、取得した承認可否情報から、店員が承認しなかった場合には(S59で NO)、 所定のエラー処理を行う。一方、店員が承認した場合には(S59で YES)、上記 IDを 、決済の実行を指示する決済指示としてセンターサーバ 10に送信する(S60)。そし て、上記 IDに対応する携帯電話機 35にレシート情報を送信する(S61)。これにより 、レシートを印字する手間を省くことができる。その後、 POSサーバ 30の制御部 40が 行う処理動作を終了する。  Next, if the store clerk does not approve from the obtained approval approval / disapproval information (NO in S59), predetermined error processing is performed. On the other hand, if the store clerk approves (YES in S59), the ID is transmitted to the center server 10 as a settlement instruction for instructing execution of settlement (S60). Then, receipt information is transmitted to the mobile phone 35 corresponding to the ID (S61). Thereby, the trouble of printing the receipt can be saved. Thereafter, the processing operation performed by the control unit 40 of the POS server 30 is terminated.
[0089] 一方、センターサーバ 10は、 POSサーノ 30から決済指示を受信すると(S62)、ス テツプ S51にて POSサーバ 30から送信された決済情報に基づいて、決済処理部 23 が決済処理を実行し、データベース 21におけるユーザ 34の利用明細および残り利 用限度額が更新される(S63)。そして、センターサーバ 10は、データベース 21の来 店者リストにて、上記 IDに対応する残り利用限度額を更新し (S64)、その後、センタ 一サーバ 10の制御部 20が行う処理動作を終了する。  On the other hand, when the center server 10 receives the settlement instruction from the POS Sano 30 (S62), the settlement processing unit 23 executes the settlement process based on the settlement information transmitted from the POS server 30 at step S51. Then, the usage details and the remaining usage limit of the user 34 in the database 21 are updated (S63). Then, the center server 10 updates the remaining usage limit corresponding to the ID in the visitor list of the database 21 (S64), and then ends the processing operation performed by the control unit 20 of the center server 10. .
[0090] 図 13は、ユーザ 34が退店するときに、 POSサーバ 30の制御部 40と、センターサ ーバ 10の制御部 20とが行う処理動作を示している。図示のように、まず、 POSサー ノ 30は、ワイヤレス LANで、通信不能の携帯電話機 35を検出し (S70)、これを検出 するまで繰り返す(S71で NO)。 FIG. 13 shows the control unit 40 of the POS server 30 and the center server when the user 34 leaves the store. The processing operation performed by the control unit 20 of the server 10 is shown. As shown in the figure, the POS sensor 30 first detects the cellular phone 35 that cannot communicate with the wireless LAN (S70) and repeats until it detects it (NO in S71).
[0091] 通信不能の携帯電話機 35を検出した場合には (S71で YES)、検出した携帯電話 機 35の IDをセンターサーバ 10に送信する(S72)。そして、検出した携帯電話機 35 の IDと、該 IDに対応する情報、すなわち、年齢、性別、および顔写真情報とを記憶 部 41の来店者リスト 47から削除する(S73)その後、ステップ S70に戻って、上記処 理動作を繰り返す。 [0091] When a mobile phone 35 that cannot communicate is detected (YES in S71), the ID of the detected mobile phone 35 is transmitted to the center server 10 (S72). Then, the detected ID of the mobile phone 35 and the information corresponding to the ID, that is, the age, sex, and face photo information are deleted from the store visitor list 47 of the storage unit 41 (S73), and then the process returns to step S70. Repeat the above processing.
[0092] 一方、センターサーバ 10は、通信不能の携帯電話機 35の IDを POSサーバ 30から 受信すると、受信した IDと、該 IDに対応する情報、すなわち、個人特定情報、年齢、 性別、顔写真、および残り限度額とをデータベース 21の来店者リストから削除する(S 74)。その後、センターサーバ 10の制御部 20が行う処理動作を終了する。  On the other hand, when the center server 10 receives the ID of the mobile phone 35 that cannot communicate from the POS server 30, the center server 10 receives the received ID and information corresponding to the ID, that is, personal identification information, age, gender, facial photograph. And the remaining limit amount are deleted from the store visitor list of the database 21 (S74). Thereafter, the processing operation performed by the control unit 20 of the center server 10 is terminated.
[0093] 上記構成の信用販売システム 1において、ユーザ 34がクレジット契約を行ってから 商品を購入するまでの処理動作を図 14に基づいて説明する。図 14は、信用販売シ ステム 1における処理の流れを概括的に示している。まず、信販会社との契約処理( B1〜B3)を行うが、この処理は、図 10に示される信販会社との契約処理 (A1〜A3) と同様であるので、その説明を省略する。  In the credit sales system 1 configured as described above, the processing operation from when the user 34 makes a credit contract until the purchase of a product will be described with reference to FIG. Figure 14 outlines the processing flow in the credit sales system1. First, contract processing (B1 to B3) with a credit sales company is performed. Since this processing is similar to the contract processing (A1 to A3) with the credit sales company shown in FIG. 10, the description thereof is omitted.
[0094] 次に、ユーザ 34は、携帯電話機 35の入った鞫 36を保持して、コンビニエンスストア に来店する。すると、 POSシステム 11は、アクセスポイント 32を介して携帯電話機 35 に自動的に接続して、携帯電話機 35から IDを取得する(B4、図 11の S40〜S42)。 次に、 POSシステム 11は、取得した IDをセンターサーバ 10に送信する(B5、図 11 の S43)。このとき、センターサーバ 10は、受信した IDに対応する暗証番号、個人情 報、および顔写真情報をデータベース 21から取得し、取得した暗証番号、個人情報 、および顔写真情報を IDとともにデータベース 21の来店者リストに追加する(B6、図 11の S44)。  [0094] Next, the user 34 holds the bag 36 containing the mobile phone 35 and visits a convenience store. Then, the POS system 11 automatically connects to the mobile phone 35 via the access point 32 and acquires the ID from the mobile phone 35 (B4, S40 to S42 in FIG. 11). Next, the POS system 11 transmits the acquired ID to the center server 10 (B5, S43 in FIG. 11). At this time, the center server 10 acquires the personal identification number, personal information, and face photo information corresponding to the received ID from the database 21, and the acquired personal identification number, personal information, and facial photo information together with the ID in the database 21. Add to the visitor list (B6, S44 in Fig. 11).
[0095] 次に、センターサーバ 10は、取得した個人情報および顔写真情報を IDと共に PO Sシステム 11に送信する(B7、図 11の S45 ' S46)。このとき、 POSシステム 11は、受 信した ID、個人情報、および顔写真情報を来店者リスト 47に追加する(B8、図 11の S47)。 Next, the center server 10 transmits the acquired personal information and face photo information together with the ID to the POS system 11 (B7, S45′S46 in FIG. 11). At this time, the POS system 11 adds the received ID, personal information, and face photo information to the visitor list 47 (B8, Fig. 11). S47).
[0096] 次に、ユーザ 34が商品を購入するために POS端末 31に接近し、 POS端末 31にて 暗証番号を入力すると(B9、図 12の S50)、 POSシステム 11は、取得した暗証番号 を決済情報と共にセンターサーバ 10に送信する(B10、図 12の S51)。このとき、セ ンターサーバ 10は、取得した暗証番号に対応する IDを来店者リスト 47の中から特定 し(Bl l、図 12の S52)、特定した IDを端末特定通知として POSシステム 11に送信 する(B12、図 12の S56,S57)。  [0096] Next, when the user 34 approaches the POS terminal 31 in order to purchase a product and enters a personal identification number at the POS terminal 31 (B9, S50 in FIG. 12), the POS system 11 acquires the personal identification number. Is sent to the center server 10 together with the settlement information (B10, S51 in FIG. 12). At this time, the center server 10 identifies the ID corresponding to the acquired personal identification number from the store visitor list 47 (Bll, S52 in FIG. 12), and transmits the identified ID to the POS system 11 as a terminal identification notification. (B12, S56 and S57 in Fig. 12).
[0097] このとき、 POSシステム 11は、受信した IDに対応する個人情報および顔写真を PO S端末 31に表示する。これにより、店員が個人情報および顔写真力 ユーザを確認 できる(B13、図 12の S58)。  At this time, the POS system 11 displays personal information and a face photograph corresponding to the received ID on the POS terminal 31. As a result, the store clerk can confirm the user with personal information and facial photographic ability (B13, S58 in FIG. 12).
[0098] 店員がユーザを確認した後、 POSシステム 11は、上記 IDを決済指示としてセンタ 一サーバ 10に送信する(B14、図 12の S60' S62)。このとき、センターサーバ 10は 、決済情報に基づいて決済処理を行い(図 12の S63)、来店者リストにて、上記 IDに 対応する残り利用限度額を更新する(図 12の S64)。  After the clerk confirms the user, the POS system 11 transmits the ID as a settlement instruction to the center server 10 (B14, S60 ′ S62 in FIG. 12). At this time, the center server 10 performs a payment process based on the payment information (S63 in FIG. 12), and updates the remaining usage limit corresponding to the ID in the store visitor list (S64 in FIG. 12).
[0099] そして、 POSシステム 11は、携帯電話機 35にレシート情報および利用明細情報を 送信して (B15、図 12の S61)、処理動作を完了する。  Then, the POS system 11 transmits the receipt information and the usage details information to the mobile phone 35 (B15, S61 in FIG. 12), and completes the processing operation.
[0100] 以上のように、ユーザの認証を、 POSサーバ 30で行う代わりに、センターサーバ 10 で行うことちできる。  [0100] As described above, user authentication can be performed by the center server 10 instead of by the POS server 30.
[0101] 本発明は上述した各実施形態に限定されるものではなぐ請求項に示した範囲で 種々の変更が可能であり、異なる実施形態にそれぞれ開示された技術的手段を適 宜組み合わせて得られる実施形態についても本発明の技術的範囲に含まれる。  [0101] The present invention is not limited to the above-described embodiments, and various modifications can be made within the scope of the claims, and the technical means disclosed in the different embodiments can be appropriately combined. Such embodiments are also included in the technical scope of the present invention.
[0102] 例えば、上記実施形態では、 POSサーバ 30が、来店者リストを記憶して、来店処 理、支払い処理、および退店処理を行っている力 POS端末 31が行ってもよい。  [0102] For example, in the above embodiment, the POS server 30 may store the store visitor list, and may be performed by the power POS terminal 31 that performs the store visit process, the payment process, and the store exit process.
[0103] また、上記実施形態では、商品の購入時に、ユーザ 34が POS端末 31にて暗証番 号を入力しているが、さら〖こ、携帯電話機 35と無線通信を行って、暗証番号および I Dの両方を取得してもよい。この場合でも、ユーザ 34および携帯電話機 35の特定を ユーザ 34および携帯電話機 35の組が絞られた上記来店者リストから行うので、迅速 な処理が可能である。 [0104] さらに、上記の場合、他の携帯電話機 35の IDを取得することを回避するために、 P OS端末 31付近の狭い領域が通信領域となることが望ましい。このため、アクセスボイ ント 32とは別に、 POS端末 31付近を通信領域とするワイヤレス LAN用のアンテナを POS端末 31に設けることが望ましい。また、通信領域を狭くするには、指向性の強い アンテナを利用する力 電波の出力を低下すればよい。電波の出力を低下すれば、 他の無線通信端末による傍受を防ぐとともに、携帯電話機 35および POS端末 31の 消費電力を低下することができる。なお、電波の出力を低下する技術は、例えば、本 願出願人が出願した特願 2004— 206494号および特願 2004— 028696号に詳細 に記載されて ヽるので、本願ではその説明を省略する。 [0103] In the above embodiment, the user 34 inputs the personal identification number at the POS terminal 31 at the time of purchase of the product, but moreover, the wireless communication with the mobile phone 35 is performed. You may get both IDs. Even in this case, since the user 34 and the mobile phone 35 are identified from the above-mentioned store visitor list in which the set of the user 34 and the mobile phone 35 is narrowed down, a quick process is possible. Furthermore, in the above case, in order to avoid obtaining the ID of another mobile phone 35, it is desirable that a narrow area near the POS terminal 31 is a communication area. For this reason, it is desirable to provide the POS terminal 31 with a wireless LAN antenna having a communication area in the vicinity of the POS terminal 31 separately from the access point 32. In addition, to narrow the communication area, it is only necessary to reduce the output of power radio waves using highly directional antennas. If the radio wave output is reduced, interception by other wireless communication terminals can be prevented, and the power consumption of the mobile phone 35 and the POS terminal 31 can be reduced. The technology for reducing the output of radio waves is described in detail in, for example, Japanese Patent Application Nos. 2004-206494 and 2004-028696 filed by the applicant of the present application. .
[0105] さらに、上記の場合には、 POSシステム 11から携帯電話機 35にレシート情報など を送信するときは、プライバシー保護の観点から、 POS端末 31のアンテナ力も携帯 電話機 35に送信することが望ましい。  [0105] Furthermore, in the above case, when receiving receipt information or the like from the POS system 11 to the mobile phone 35, it is desirable to transmit the antenna power of the POS terminal 31 to the mobile phone 35 from the viewpoint of privacy protection.
[0106] また、上記実施形態では、商品販売の形態について説明しているが、ユーザの認 証が必要な形態であれば、例えば、入国管理など任意の形態で利用することができ る。また、上記実施形態では、料金が後払いの信用販売の場合について説明してい る力 料金が先払いのプリペイドの場合にも同様に適用することができる。  [0106] In the above-described embodiment, the form of merchandise sales has been described. However, any form such as immigration control can be used as long as user authentication is required. Further, in the above-described embodiment, the same can be applied to the case where the power charge described in the case of the post-paid credit sales is the prepaid prepaid.
[0107] また、上記実施形態では、携帯電話機 35が店舗に入ったことの検知を、ワイヤレス LANに新規参入するか否かで行つている力 入口を所定のゲートに限定してチエツ クすることにより行ってもよい。同様に、携帯電話機 35が店舗力も出たことの検知を、 出口を所定のゲートに限定してチェックすることにより行ってもよい。この場合、ゲート でのチヱックは、無線通信である必要はなぐ読取り機にて読み取る形態であっても よい。したがって、携帯電話機 35などの無線通信端末ではなぐ磁気テープまたは バーコードを有するカードであってもよい。  [0107] Further, in the above embodiment, the detection that the mobile phone 35 has entered the store is checked by limiting the entrance to the predetermined gate depending on whether or not to newly enter the wireless LAN. May be performed. Similarly, it may be detected by checking that the mobile phone 35 has increased store power by limiting the exit to a predetermined gate. In this case, the check at the gate may be read by a reader that does not need to be wireless communication. Therefore, it may be a card having a magnetic tape or a bar code that is not used in a wireless communication terminal such as the cellular phone 35.
[0108] また、センターサーバ 10および POSサーバ 30の制御部 20·40における各ブロック は、ハードウェアロジックによって構成してもよいし、次のように CPUを用いてソフトゥ エアによって実現してもよい。  [0108] Each block in the control units 20 and 40 of the center server 10 and the POS server 30 may be configured by hardware logic, or may be realized by software using a CPU as follows. .
[0109] すなわち、センターサーバ 10および POSサーバ 30の制御部 20· 40は、各機能を 実現する制御プログラムの命令を実行する CPU、上記プログラムを格納した ROM、 上記プログラムを展開する RAM、上記プログラムおよび各種データを格納するメモリ 等の記憶装置 (記録媒体)などを備えている。そして、本発明の目的は、上述した機 能を実現するソフトウェアであるセンターサーバ 10の制御プログラムおよび POSサー バ 30の制御プログラムのプログラムコード(実行形式プログラム、中間コードプロダラ ム、ソースプログラム)をコンピュータで読み取り可能に記録した記録媒体を、上記セ ンターサーバ 10および POSサーバ 30にそれぞれ供給し、そのコンピュータ (または CPUや MPU)が記録媒体に記録されて 、るプログラムコードを読み出し実行するこ とによっても、達成可能である。 That is, the control units 20 and 40 of the center server 10 and the POS server 30 include a CPU that executes instructions of a control program that realizes each function, a ROM that stores the program, A RAM for expanding the program, a storage device (recording medium) such as a memory for storing the program and various data, and the like are provided. The object of the present invention is to provide program codes (execution format program, intermediate code program, source program) for the control program for the center server 10 and the control program for the POS server 30 that are software that realizes the functions described above. Recording media recorded so as to be readable by a computer are supplied to the center server 10 and the POS server 30, respectively, and the computer (or CPU or MPU) is recorded on the recording media to read and execute the program code. Can also be achieved.
[0110] 上記記録媒体としては、例えば、磁気テープやカセットテープ等のテープ系、フレ キシブルディスク Zハードディスク等の磁気ディスクや CD— ROMZMOZMDZD[0110] Examples of the recording medium include a tape system such as a magnetic tape and a cassette tape, a magnetic disk such as a flexible disk Z hard disk, and a CD-ROMZMOZMDZD.
VDZCD—R等の光ディスクを含むディスク系、 icカード (メモリカードを含む) Z光 カード等のカード系、あるいはマスク ROM/EPROM/EEPROM/フラッシュ RO M等の半導体メモリ系などを用いることができる。 A disk system including an optical disk such as VDZCD-R, a card system such as an ic card (including a memory card) Z optical card, or a semiconductor memory system such as a mask ROM / EPROM / EEPROM / flash ROM can be used.
[0111] また、センターサーバ 10および POSサーバ 30の制御部 20· 40を通信ネットワーク と接続可能に構成し、上記プログラムコードを通信ネットワークを介して供給してもよ い。この通信ネットワークとしては、特に限定されず、例えば、インターネット、イントラ ネット、エキストラネット、 LAN, ISDN, VAN, CATV通信網、仮想専用網(virtual p rivate network)、電話回線網、移動体通信網、衛星通信網等が利用可能である。ま た、通信ネットワークを構成する伝送媒体としては、特に限定されず、例えば、 IEEE 1394、 USB、電力線搬送、ケーブル TV回線、電話線、 ADSL回線等の有線でも、 IrD Aやリモコンのような赤外線、 BluetootM登録商標)、 802. 11無線、 HDR、携 帯電話網、衛星回線、地上波デジタル網等の無線でも利用可能である。なお、本発 明は、上記プログラムコードが電子的な伝送で具現ィ匕された搬送波あるいはデータ 信号列の形態でも実現され得る。 [0111] The control units 20 and 40 of the center server 10 and the POS server 30 may be configured to be connectable to a communication network, and the program code may be supplied via the communication network. The communication network is not particularly limited. For example, the Internet, intranet, extranet, LAN, ISDN, VAN, CATV communication network, virtual private network, telephone line network, mobile communication network, A satellite communication network or the like can be used. In addition, the transmission medium constituting the communication network is not particularly limited, and for example, IEEE 1394, USB, power line carrier, cable TV line, telephone line, ADSL line, etc. can be used for infrared communication such as IrD A or remote control. , BluetootM registered trademark), 802.11 wireless, HDR, mobile phone network, satellite line, terrestrial digital network, etc. The present invention can also be realized in the form of a carrier wave or a data signal sequence in which the program code is embodied by electronic transmission.
産業上の利用の可能性  Industrial applicability
[0112] 以上のように、本発明に係るユーザ認証システムは、携帯物が所定領域内に入つ た時点で携帯物の物体特定情報を取得し、ユーザの認証を行うときには、個人特定 情報を取得して、対応する物体特定情報をリストから特定するので、物体特定情報と ともに個人特定情報を利用してユーザの認証を行うシステムに適用することができる [0112] As described above, the user authentication system according to the present invention acquires the object specifying information of the portable object when the portable object enters the predetermined area, and performs the personal identification information when performing user authentication. And the corresponding object identification information is identified from the list. Both can be applied to systems that authenticate users using personally identifiable information.

Claims

請求の範囲 The scope of the claims
[1] ユーザが携帯する携帯物が有し、かつ該携帯物を特定する物体特定情報と、上記 ユーザを特定する個人特定情報とを用いてユーザの認証を行うユーザ認証システム であって、  [1] A user authentication system for authenticating a user using the object specifying information that the portable item carried by the user has and specifying the portable item and the individual specifying information that specifies the user,
複数の上記物体特定情報と、各物体特定情報に対応する個人特定情報とを記憶 する記憶手段と、  Storage means for storing a plurality of the object specifying information and individual specifying information corresponding to each object specifying information;
所定領域内に入った携帯物から、該携帯物の物体特定情報を取得する取得手段 と、  An acquisition means for acquiring object specifying information of the portable object from a portable object that has entered the predetermined area;
取得した物体特定情報に対応する個人特定情報を上記記憶手段から取得し、取 得した物体特定情報および個人特定情報の組をリストに追加するリスト追加手段と、 上記所定領域内でユーザの認証を行うときに、該ユーザ力も個人特定情報を取得 し、取得した個人特定情報に対応する物体特定情報を上記リストから検索することに より、上記ユーザおよび上記携帯物を特定する特定手段とを備えることを特徴とする ユーザ認証システム。  Personal identification information corresponding to the acquired object identification information is acquired from the storage means, and list addition means for adding the set of the acquired object identification information and personal identification information to the list; and user authentication within the predetermined area. When performing, the user power also obtains personal identification information, and includes identifying means for identifying the user and the portable object by searching object identification information corresponding to the acquired personal identification information from the list. A user authentication system.
[2] 上記携帯物は、無線通信機能を有しており、  [2] The portable item has a wireless communication function,
上記所定領域内の携帯物と無線通信を行う無線通信手段をさらに備えることを特 徴とする請求項 1に記載のユーザ認証システム。  The user authentication system according to claim 1, further comprising wireless communication means for performing wireless communication with a portable object in the predetermined area.
[3] 上記取得手段は、指向性の弱!、電波を用いて無線通信を行う上記無線通信手段 を介して、上記携帯物の物体特定情報を取得することを特徴とする請求項 2に記載 のユーザ認証システム。 3. The acquisition unit according to claim 2, wherein the acquisition unit acquires the object specifying information of the portable object via the wireless communication unit that performs radio communication using weak directivity and radio waves. User authentication system.
[4] 上記特定手段は、上記所定領域内でユーザの認証を行うときに、該ユーザから個 人特定情報を取得するとともに、上記携帯物から上記無線通信手段を介して物体特 定情報を取得し、取得した個人特定情報および物体特定情報の組を上記リストから 検索することにより、上記ユーザおよび上記携帯物を特定することを特徴とする請求 項 2に記載のユーザ認証システム。  [4] When the identification unit authenticates the user in the predetermined area, the identification unit acquires the individual identification information from the user and also acquires the object identification information from the portable object via the wireless communication unit. 3. The user authentication system according to claim 2, wherein the user and the portable object are specified by searching the list for a set of the acquired individual specifying information and object specifying information.
[5] 上記特定手段は、指向性の強いまたは出力の低い電波を用いて無線通信を行う 上記無線通信手段を介して、上記携帯物から物体特定情報を取得することを特徴と する請求項 4に記載のユーザ認証システム。 [5] The identification unit acquires object identification information from the portable object through the wireless communication unit that performs radio communication using radio waves having strong directivity or low output. The user authentication system described in 1.
[6] 上記ユーザが個人特定情報を入力する入力手段をさらに備えており、 該入力手段は、上記特定手段と有線で接続して ヽることを特徴とする請求項 1に記 載のユーザ認証システム。 [6] The user authentication according to claim 1, further comprising input means for the user to input personal identification information, wherein the input means is connected to the identification means by wire. system.
[7] 所定領域内から出た携帯物の物体特定情報に基づいて、物体特定情報および個 人特定情報の組を上記リストから削除するリスト削除手段をさらに備えることを特徴と する請求項 1に記載のユーザ認証システム。  [7] The apparatus according to claim 1, further comprising: a list deleting unit that deletes a set of the object specifying information and the individual specifying information from the list based on the object specifying information of the portable object that has come out of the predetermined area. The user authentication system described.
[8] 各種情報を表示する表示手段をさらに備えており、 [8] It further includes a display means for displaying various information,
上記記憶手段は、上記個人特定情報に加えて、上記ユーザに関する情報である 個人情報を記憶しており、  In addition to the personal identification information, the storage means stores personal information that is information about the user,
上記リスト追加手段は、取得した物体特定情報に対応する個人特定情報と一部ま たは全部の個人情報とを上記記憶手段から取得し、取得した物体特定情報、個人特 定情報、および個人情報の組をリストに追加しており、  The list adding means acquires personal identification information corresponding to the acquired object identification information and part or all of the personal information from the storage means, and acquires the acquired object identification information, personal identification information, and personal information. Is added to the list,
上記特定手段は、ユーザから取得した個人特定情報に対応する個人情報を上記リ ストから取得し、取得した個人情報を上記表示手段を介して表示することにより、上記 ユーザの特定を補助する特定補助手段を備えることを特徴とする請求項 1に記載の ユーザ認証システム。  The identification means obtains personal information corresponding to the personal identification information acquired from the user from the list, and displays the acquired personal information via the display means, thereby supporting the identification of the user. The user authentication system according to claim 1, further comprising means.
[9] ユーザが携帯する携帯物が有し、かつ該携帯物を特定する物体特定情報と、上記 ユーザを特定する個人特定情報とを用いてユーザの認証を行うユーザ認証システム の認証方法であって、  [9] An authentication method of a user authentication system that authenticates a user using object specifying information that is included in a portable item carried by the user and that specifies the portable item and personal identification information that specifies the user. And
上記ユーザ認証システムは、複数の上記物体特定情報と、各物体特定情報に対応 する個人特定情報とを記憶する記憶手段を備えており、  The user authentication system includes storage means for storing a plurality of the object specifying information and personal specifying information corresponding to each object specifying information,
所定領域内に入った携帯物から、該携帯物の物体特定情報を取得する取得ステツ プと、  An acquisition step of acquiring object identification information of the portable object from a portable object that has entered the predetermined area;
取得した物体特定情報に対応する個人特定情報を上記記憶手段から取得し、取 得した物体特定情報および個人特定情報の組をリストに追加するリスト追加ステップ と、  A list addition step of acquiring personal identification information corresponding to the acquired object identification information from the storage means, and adding a set of the acquired object identification information and personal identification information to the list;
上記所定領域内でユーザの認証を行うときに、該ユーザ力も個人特定情報を取得 し、取得した個人特定情報に対応する物体特定情報を上記リストから取得することに より、上記ユーザおよび上記携帯物を特定する特定ステップとを含むことを特徴とす るユーザ認証システムの認証方法。 When performing user authentication within the predetermined area, the user power also acquires personal identification information, and acquires object identification information corresponding to the acquired personal identification information from the list. And an identifying method for identifying the user and the portable object.
[10] 請求項 1な!、し 8の何れか 1項に記載のユーザ認証システムにおける上記取得手 段、上記リスト追加手段、および上記特定手段をコンピュータに実行させることを特徴 とするユーザ認証プログラム。  [10] A user authentication program that causes a computer to execute the acquisition unit, the list addition unit, and the identification unit in the user authentication system according to any one of claims 1 and 8 .
[11] 請求項 10に記載のユーザ認証プログラムを記録したことを特徴とするコンピュータ 読取り可能な記録媒体。  [11] A computer-readable recording medium in which the user authentication program according to claim 10 is recorded.
PCT/JP2005/014188 2004-08-06 2005-08-03 User authentication system, authentication method for the system, user authentication program, and recording medium on which the program is recorded WO2006013882A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2004-231662 2004-08-06
JP2004231662A JP3789923B2 (en) 2004-08-06 2004-08-06 User authentication system, authentication method of the system, user authentication program, and recording medium recording the program

Publications (1)

Publication Number Publication Date
WO2006013882A1 true WO2006013882A1 (en) 2006-02-09

Family

ID=35787163

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2005/014188 WO2006013882A1 (en) 2004-08-06 2005-08-03 User authentication system, authentication method for the system, user authentication program, and recording medium on which the program is recorded

Country Status (2)

Country Link
JP (1) JP3789923B2 (en)
WO (1) WO2006013882A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015204008A (en) * 2014-04-15 2015-11-16 ニフティ株式会社 Information processor, information processing system, information processing method and program

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2010108249A (en) * 2008-10-30 2010-05-13 Nec Corp Business transaction system, client device, business transaction method, program and recording medium
ZA200909042B (en) * 2008-12-23 2011-05-25 Mtn Mobile Money Sa (Pty) Ltd Method of and system for securely processing a transaction
US10419907B2 (en) 2012-02-22 2019-09-17 Qualcomm Incorporated Proximity application discovery and provisioning
CN104365122A (en) * 2012-04-24 2015-02-18 高通股份有限公司 System for delivering relevant user information based on proximity and privacy controls
US10360593B2 (en) 2012-04-24 2019-07-23 Qualcomm Incorporated Retail proximity marketing
JP2014153896A (en) * 2013-02-07 2014-08-25 Kddi Corp User detection system, method, portable terminal and server
JP2015049589A (en) * 2013-08-30 2015-03-16 株式会社野村総合研究所 Information processing system, sale assisting server, seller terminal and purchaser terminal
JP2016157294A (en) * 2015-02-25 2016-09-01 株式会社日立ソリューションズ Sales management system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001266010A (en) * 2000-03-22 2001-09-28 Sharp Corp Customer management system
JP2002016968A (en) * 2000-06-29 2002-01-18 Toshiba Corp Service providing device and radio communication system
JP2002063652A (en) * 2000-08-21 2002-02-28 Toshiba Corp Information exchange device and cash register system
JP2002095047A (en) * 2000-09-13 2002-03-29 Fuji Photo Film Co Ltd Equipment, system, and method for communication
JP2002125268A (en) * 2000-10-17 2002-04-26 Nec Corp Method for specifying radio communication connection destination

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001266010A (en) * 2000-03-22 2001-09-28 Sharp Corp Customer management system
JP2002016968A (en) * 2000-06-29 2002-01-18 Toshiba Corp Service providing device and radio communication system
JP2002063652A (en) * 2000-08-21 2002-02-28 Toshiba Corp Information exchange device and cash register system
JP2002095047A (en) * 2000-09-13 2002-03-29 Fuji Photo Film Co Ltd Equipment, system, and method for communication
JP2002125268A (en) * 2000-10-17 2002-04-26 Nec Corp Method for specifying radio communication connection destination

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015204008A (en) * 2014-04-15 2015-11-16 ニフティ株式会社 Information processor, information processing system, information processing method and program

Also Published As

Publication number Publication date
JP2006050466A (en) 2006-02-16
JP3789923B2 (en) 2006-06-28

Similar Documents

Publication Publication Date Title
US11829972B2 (en) Method and system for remote transaction processing using a transaction server
US7849013B2 (en) Secure online purchasing
WO2006013882A1 (en) User authentication system, authentication method for the system, user authentication program, and recording medium on which the program is recorded
JP2002176671A (en) Mobile phone
JP2006285329A (en) Mobile security determination support system, method and program, mobile communication terminal device and information management operation server
WO2001088782A1 (en) Electronic settlement system, settlement device and terminal
US20020083011A1 (en) Transaction mediation system and transaction mediation method
JP2010015201A (en) Store system and transaction method
WO2002091265A1 (en) Electronic currency transfer settling system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS KE KG KM KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase