WO2007074510A1 - Service suspension system with unauthorized card use - Google Patents

Service suspension system with unauthorized card use Download PDF

Info

Publication number
WO2007074510A1
WO2007074510A1 PCT/JP2005/023871 JP2005023871W WO2007074510A1 WO 2007074510 A1 WO2007074510 A1 WO 2007074510A1 JP 2005023871 W JP2005023871 W JP 2005023871W WO 2007074510 A1 WO2007074510 A1 WO 2007074510A1
Authority
WO
WIPO (PCT)
Prior art keywords
card
service
cardholder
communication device
cards
Prior art date
Application number
PCT/JP2005/023871
Other languages
French (fr)
Japanese (ja)
Inventor
Yasuka Akino
Kazuya Nagai
Original Assignee
Mars Technology Institute Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mars Technology Institute Co., Ltd. filed Critical Mars Technology Institute Co., Ltd.
Priority to PCT/JP2005/023871 priority Critical patent/WO2007074510A1/en
Publication of WO2007074510A1 publication Critical patent/WO2007074510A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/354Card activation or deactivation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/88Detecting or preventing theft or loss
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/229Hierarchy of users of accounts
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system

Definitions

  • the present invention relates to a method by which a service organization confirms the intention of a cardholder when using a card such as an RFID (Radio Frequency Identification System) card, an IC (Integrated Circuit) card, a cash card, or a credit card. is there.
  • a card such as an RFID (Radio Frequency Identification System) card, an IC (Integrated Circuit) card, a cash card, or a credit card.
  • a "card holder” is a person who has received a plurality of user cards and has owned a user card under a contract with a service organization. Cardholders include not only natural persons but also corporations. However, in the case of a corporation, it is assumed that the representative stores the user card.
  • a “card user” is a natural person who acts to seek service from a service organization.
  • a "card holder” is a natural person who presents a user card to a service organization and acts to seek service. In general, the cardholder and the cardholder are the same person, but there may be different persons, such as a parent lending a card to a child.
  • a "data storage person” is a natural person who acts to seek services by presenting the contents and related data described in a user card to a service organization.
  • the card memorizer is the same person as the card holder because the card memorizer is a natural person who acts for service without presenting a tangible card. If they are different, the card memorizer is a criminal such as skimming.
  • the cardholder is said to be a fraudulent card user, so the parent can lend the card to the child or the owner's He was unable to delegate the use of the card to his agent.
  • the present invention allows a service organization to use a cardholder's card even if a card such as an RFID card, an IC card, a cash card, or a credit card and related data are stolen and used. It is the provision of a system that decides whether to continue or stop the service by confirming the intention to use.
  • the cardholder issues one owner card to himself / herself, and the cardholder answers the inquiry from the service organization via the card communication device managed by the owner. It is.
  • the card user may act as a card holder or act as a data storage person. Each of these cases will be described in detail.
  • the cardholder inserts one owner card into the card communication device and lends one user card to the cardholder.
  • the card holder requests a service by presenting a single user card to the service organization.
  • the service organization starts the service for the cardholder. However, if the cardholder needs to confirm his / her intention such as pay service or handing the cash to the cardholder, the service organization will Notify the card communication device to be managed that the cardholder is requesting service.
  • the card communication device transmits data in which the service range approved by the owner is entered in advance.
  • the card owner must register the keystroke code for the card communication device to notify the authentication device.
  • the card holder inserts a card into the card communication device and sends a message indicating that the service range has been approved.
  • the service organization knows that only one owner card has been inserted into the card communication device, confirms a total of two cards with the presented user card, and the card owner Continue the service within the suggested service range.
  • the card owner has not inserted the owner card into the card communication device, so the service organization can confirm a total of two cards, the user card and the owner card. Stop the service.
  • the card holder accesses a service organization after inserting a single user card into a card communication device that he / she manages.
  • the service institution starts the service for the data storage person who has accessed it, but if the card holder's authentication is required, such as a paid service or remittance to a third party, the service institution will use the card communication device. To inform the data store that they are seeking service.
  • the card communication device displays a message specifying the notified service organization.
  • the cardholder confirms the message and inserts the owner card into the card communication device.
  • the card owner In the case of a card communication device that is a natural cardholder and is owned by an individual, the card owner must register a keystroke PIN number to notify the authentication device in advance in the card communication device, and By tapping the number, it is considered that two cards have been inserted into the card communication device.
  • the card communication device transmits data in which the service range approved by the owner is entered in advance.
  • the service institution has inserted one user card in advance and the owner card has been inserted within a certain time in response to the inquiry, that is, a total of two cards have been inserted. After confirming that it exists in the communication device, continue the service required by the data store within the service range presented by the cardholder.
  • the service request of the data storage person exceeds the service permission range of the cardholder. If so, the service organization determines that the data storage person and the cardholder are different persons, and considers it as unauthorized access and stops the service.
  • FIG. 1 is an overall system diagram of the present invention.
  • FIG. 1 is an overall system diagram of the present invention.
  • the configuration consists of equipment and communication means possessed by 11-22 service institutions, equipment possessed by 31-33 card holders, and connection between 41-44 service institutions and the owner's equipment. It consists of communication means and 50 to 71 cardholders 'card users' and card memorizer operations. 33 is a part attached to 32.
  • the service organization that owns these 11-22 may be a single company or multiple companies.
  • An example of a single company service organization is a bank.
  • 11 is an ATM (Automatic tic Teller Machine)
  • 12 is an authentication center
  • 13 is a deposit account input / output management server connected to a computer 31 for HB (Home Banking)
  • 21 and 22 by 11 Connect ⁇ 13 within the bank.
  • 11-22 are examples of different companies.
  • 11 is a card reader installed at a retail store
  • 12 is a credit card company's authentication device
  • 13 is an article search server of a newspaper company
  • 21 is a dedicated line of a telephone company
  • 22 is a communication established by an Internet provider.
  • a federation system of different companies such as lines.
  • the equipment possessed by the card owner is 31 and the card communication device 32.
  • 31 may be a PC (Personal Computer) or PDA (Personal Digital Assistants), or a computer that can be operated personally by installing a hotel or airport for shared use.
  • PC Personal Computer
  • PDA Personal Digital Assistants
  • 32 is equipment necessary for the system of the present invention, which can identify a plurality of cards, has at least a numeric input function and a display function, and has a function of receiving and transmitting data communication of a service organization.
  • 32 is a general-purpose electronic telephone with multiple card readers, a mobile phone with multiple card readers, a PDA with multiple card readers and an ISDN (Integrated Services Digital Network) connection terminal. And personal computers.
  • ISDN Integrated Services Digital Network
  • the communication means 41 to 42 connect the owner's PCs 31 to the equipment 13 and 12 of the service organization. Accordingly, the communication means 41 to 42 include general-purpose line communication means such as the Internet, public telephone lines, and dedicated lines.
  • the 43 communication means must connect 32 under the control of the owner to the authentication device 12 of the service organization and satisfy the condition that 12 can specify 32 at any time and start communication. Must be. Therefore, 43 communication means include public telephone lines, dedicated lines, and network transmission lines described in WO03 / 092221.
  • the cardholder 50 performs an operation 51 of the card communication device 32 under self-management.
  • FIG. 2 and FIG. 3 show a conventional operation method using a part of the overall system diagram.
  • a conventional authentication operation flow will be described.
  • FIG. 2 shows a conventional authentication operation when a card holder visits a service organization.
  • the card detector 11 recognizes the presence of the card by making the card brought by the card holder 60 access the card detector 11 of the service organization (Sl).
  • the card detector 11 of the service organization (Sl).
  • Sl service organization
  • the detector 11 reads out the contents written on the card and verifies the validity of the card.
  • S2 Examples include card expiration dates, authentication data that identifies cardholders, and an array of read data.
  • the subsequent service is stopped, and if the card verification succeeds, the service contents desired by the card holder are notified by the operation operation 61 and an authentication request is sent to the authentication device 12 (S3). If the service details desired by the cardholder are clear, data entry in operation 61 may be omitted. For example, train card holders pass through the ITS toll gate.
  • the dedicated line means 21 checks the card and the service request data of the cardholder with the data stored in the authentication device 12 (S8).
  • FIG. 3 shows a conventional authentication operation when the data writer enjoys the service.
  • the server 13 recognizes that the data passed through the communication means 41 accesses the service organization by operating 31 of the data storage person 70 (Sl). Examples of this include operation of a dedicated terminal at HB (Home Banking), operation of a PC that downloads information content, and orders using merchandise distributors over the Internet.
  • ID (identification) verification including password verification registered in the server 13 held by the service organization and the data that has passed 41 is performed (S2).
  • the subsequent service is stopped, and if the ID collation succeeds, the service contents desired by the data storage person are notified by the operation operation 71 and an authentication request is sent to the authentication device 12 (S3).
  • a service organization requests a credit company for authentication in order to start a paid service.
  • the authentication device 12 makes an inquiry to the data storage person 70 through the data communication 42 regarding the contents and related data described on the card. Examples of inquiries include the card expiry date and the number on the user card.
  • the data transmitted by the data storage person 71 is collated with the data of the cardholder stored in the authentication device 12 (S8).
  • the inquiry of the communication means 42 may be omitted.
  • the S8 cardholder data will always be correct and service will continue.
  • ETC Electronic Toll Collection System
  • the function of the authentication device 12 is to authenticate the card holder and the data storage person to be the same person as the card owner.
  • FIGS. 4 and 5 show the verification operation of the cardholder by using the card communication device 32 under the control of the cardholder in the authentication operation of the conventional FIG. 2 and FIG. The work is added.
  • the added part is that the authentication device 12 communicates with the card communication device 32 (S4), the card communication device 32 displays the access of the authentication device power (S5), and is inserted into the card communication device 32.
  • the number of cards to be received and the service range data to be described (S6) are transmitted, and the authentication device 12 determines the service range setting (S7) of the cardholder 50.
  • the present invention is a system for confirming the intention of the cardholder 50, and will be described in detail.
  • S1 to S3 in FIG. 4 are the same as the conventional authentication operation. Of particular emphasis is that cardholder 60 is using one card.
  • S1 to S3 in Fig. 5 are the same as the conventional authentication operation. It is particularly important to note that data logger 70 does not use a single card. In other words, 0 force cards are used.
  • S4 is that the authentication device 12 directly accesses the card communication device 32 under the control of the force owner 50 by using the public line communication means 43 in order to acquire information.
  • S5 is an access display from the authentication device 12.
  • the displayed contents are data that can identify the access time and the notified service organization. For example, the service organization's device number.
  • S6 is data transmission in which the card status detected by the card communication device 32 and the service range approved by the cardholder 50 are entered.
  • the card status transmitted by the card communication device 32 immediately transmits that one card is present if one owner card is inserted in 33. If one user card is inserted, a message is sent indicating that a total of two cards are present when one owner card is inserted into 33 within a certain period of time.
  • Examples of service areas permitted by bullish cardholder 50 are ATM cash payment limit for the card, face value range for accepting paid services, date of service acceptance, day of the week, The range of the number of people who can enjoy the service at the same time.
  • S7 sets a service coverage area based on the service area data received by the service organization as well as the card communication device 32.
  • the card communication device 32 is installed under the control of the cardholder.
  • the communication means 43 is a condition that 12 can start communication by specifying 32 at an arbitrary time. Therefore, the act of confirming the cardholder's intention through communication is guaranteed.
  • the card owner inserts one owner card into the 33 card communication device, and then the card holder uses the one user card. Confirms the intention of the cardholder with the presence of two cards.
  • the cardholder inserts one user card into the card communication device 32, accesses the service organization, confirms the message that identifies the notified service organization at 32, and owns it.
  • the service organization will continue the service only if the presence of the two cards in the force communication device 32 is confirmed.
  • the authentication device 12 of Fig. 5 owns one card inserted into the card communication device 32. Card Only the existence is recognized, and it is regarded as an illegal card use act and the service is stopped. However, the authentication device 12 in FIG. 4 can confirm the presence of the two cards and continue the service.
  • the authentication device 12 of Fig. 4 uses one card user's fraudulent user card and the card.
  • the presence of three cards in total, including the two cards inserted into the communication device 32, is recognized, and the service is deemed to be an unauthorized card use act.
  • the authentication device 12 in FIG. 5 can confirm the presence of the two cards and continue the service.
  • the service institution can be regarded as having the willingness to enjoy the service only when the presence of the two cards in total including the user card and the owner card can be confirmed.
  • the card communication device 32 under the control of the cardholder 32 Through the use of one owner card, the intention to enjoy the service is displayed. Therefore, each service organization dramatically increases the detection of unauthorized card users, increasing the security and security of cardholders.
  • the user card is a card issued by a service organization
  • the owner card is a card issued by the card owner to himself / herself. The following explains how to create an owner card.
  • the owner card in the present invention is used by being inserted into the card communication device 32 33 by the card owner. Therefore, 32 is to detect the owner card.
  • the card communication device 32 has at least a numeric input function and a display function, needs to have a function of receiving and transmitting data communication of the service organization, and needs to recognize the presence of the inserted card. However, 32 does not require a mechanism for reading card contents. [0094] Therefore, since the owner card issued to itself needs to be detected in the state of being inserted into 32 33, it is preferable to have a shape that cannot be easily imitated like a key. ,.
  • the low-priced card communication device 32 is a general-purpose electronic telephone to which a limit switch is added as a user card insertion detector and a keyed switch is added as an owner card insertion detector.
  • the personal computer 31 and the card communication device 32 may be integrated because they are under the control of the cardholder!
  • the card owner is a natural person and the card communication device is owned by an individual, so that the card owner can make a keystroke to notify the card communication device in advance to the authentication device.
  • the authenticator 12 confirms the intention of the cardholder himself.
  • the guardian can monitor the behavior of the child by installing a number of card detectors 11 of the service organization in the city. It becomes a system to do.
  • S5 is an access display from the authentication device 12. Since the displayed contents are data that can identify the access time and the notified service organization, the guardian who is the cardholder must be in the order in which the children carrying the RFID card accessed 11 in the city. You will know the turn, that is, the action.
  • Japanese Patent 3193363 "Life Monitor System” can be cited as a system in which the RFID function is incorporated in an electrical product and the card detector 11 of a service organization is installed in the home.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A system in which even if a card such as an RFID card, an IC card, a cash card or a credit card and the related data is stolen and used, the service institution determines whether to continue or to suspend the service by confirming the card holder's intention to use the card. The card holder uses a total of two cards to ask the service institution for service: one as a holder card issued to himself/herself and the other as a user card of conventional type issued by the service institution. The service institution accesses a card communication device placed under the control of the card holder and suspends the service if it fails to confirm the locations of the two cards.

Description

明 細 書  Specification
不正カード使用によるサービス停止システム  Service stop system due to unauthorized card use
技術分野  Technical field
[0001] 本発明は、 RFID (Radio Frequency Identification System)カード、 IC (Integrated Circuit)カード、キャッシュカード、クレジットカードなどのカード利用に際して、サービ ス機関がカード所有者の意思確認をする方法に関するものである。  [0001] The present invention relates to a method by which a service organization confirms the intention of a cardholder when using a card such as an RFID (Radio Frequency Identification System) card, an IC (Integrated Circuit) card, a cash card, or a credit card. is there.
背景技術  Background art
[0002] 従来、カードを利用したサービスを開始するための事前認証の一般的な方法は、 サービス機関に通報されたデータと、サービス機関の認証センターが保管している力 ード暗証番号を所有者に関するデータとの一致であった。  [0002] Conventionally, a general method of pre-authentication for starting a service using a card has data notified to the service organization and a force code number stored in the authentication center of the service organization. It was consistent with the data on the person.
[0003] 例えば、従来のカード持参者がサービス機関を訪問した場合、カード持参者が認 証に必要な記憶して 、るカード暗証番号をサービス機関に通報し、事前認証を行な つて力もサービスが開始されていた。  [0003] For example, when a conventional cardholder visits a service institution, the cardholder remembers the card PIN required for authentication, reports the card PIN to the service institution, and performs pre-authentication to provide strength. Was started.
[0004] したがって、カードと共に情報を盗まれた場合、サービス機関は認証センターにて 保管して!/ヽるデータが変更されるまで、カード持参者をカード所有者とみなしてサー ビス提供していたため、被害を未然に防ぐことが困難であった。  [0004] Therefore, if the information is stolen together with the card, the service organization keeps it at the authentication center and provides the service by regarding the card holder as the card owner until the data to be received is changed. Therefore, it was difficult to prevent damage.
[0005] また、カードを不正にコピーされカードに関する情報を盗まれた場合、カード所有 者は有形のカードを紛失したり盗まれたりしたとの認識がな 、ため、カード所有者の 被害が長時間に渡って続!、て 、た。  [0005] Also, if the card is illegally copied and the information about the card is stolen, the cardholder will not recognize that the tangible card has been lost or stolen, so the damage to the cardholder will be long. Continuing over time!
[0006] インターネットが汎用回線通信手段になった今日では、カード持参者でなくても力 ード情報提供者にサービス機関がサービスを開始する場合もある。すなわち、サービ ス機関は、カード情報提供者が送信したデータと認証センターにて保管しているカー ド所有者に関するデータとの一致で、カード所有者本人が送信したとみなしてサービ スを開始していた。  [0006] Now that the Internet has become a general-purpose line communication means, there are cases where a service organization starts a service to a force information provider even if it is not a card holder. In other words, the service organization matches the data sent by the card information provider with the data related to the cardholder stored at the authentication center, and starts the service assuming that the cardholder himself / herself has sent it. It was.
[0007] したがって、無形の認証用データがスキミングなどによって盗まれた場合、カード所 有者はサービス機関力ゝらの未利用サービスの請求書が来たり、サービス未受託にも 拘らず預金残高が減っていることに気が付いたりするまで、無形の認証用データが 盗まれたことを知ることができな力 た。このため、有形のカードを盗用された場合より 被害規模が拡大した。 [0007] Therefore, if the intangible authentication data is stolen by skimming or the like, the cardholder will receive an invoice for unused service from the service organization, or the deposit balance will be in spite of the untrusted service. Intangible data for authentication until you notice The power to know that it was stolen. For this reason, the scale of damage was larger than when tangible cards were stolen.
[0008] ここで、本明細書における「カード所有者」「カード使用者」「カード持参者」「データ 記憶者」を明確にしておく。  Here, “card owner”, “card user”, “card holder”, and “data storage person” in this specification are clarified.
[0009] 「カード所有者」はサービス機関との契約によって、複数枚の使用者カードの発給 を受けて、使用者カードを所有した者である。カード所有者は自然人だけでなく法人 も含まれる。但し、法人の場合、代表者が使用者カードを保管しているものとする。  [0009] A "card holder" is a person who has received a plurality of user cards and has owned a user card under a contract with a service organization. Cardholders include not only natural persons but also corporations. However, in the case of a corporation, it is assumed that the representative stores the user card.
[0010] 「カード使用者」はサービス機関に対してサービスを求める行動をする自然人であり [0010] A “card user” is a natural person who acts to seek service from a service organization.
、「カード持参者」と「データ記憶者」に分けられる。 , “Card holder” and “data storage person”.
[0011] 「カード持参者」は、使用者カード 1枚をサービス機関に提示して、サービスを求め る行動をする自然人である。一般には、カード所有者とカード持参者は同一人物で あるが、保護者が子供にカードを貸与するなど、異なる人物の場合もある。  [0011] A "card holder" is a natural person who presents a user card to a service organization and acts to seek service. In general, the cardholder and the cardholder are the same person, but there may be different persons, such as a parent lending a card to a child.
[0012] 「データ記憶者」は、使用者カードに記載されている内容および関連データをサー ビス機関に提示して、サービスを求める行動をする自然人である。すなわち、カード 記憶者は有形のカードを提示せずにサービスを求めて行動をする自然人であるが故 に、カード記憶者はカード所有者と同一人物である。もし、異なっていれば、カード記 憶者はスキミングなどの犯罪者である。  [0012] A "data storage person" is a natural person who acts to seek services by presenting the contents and related data described in a user card to a service organization. In other words, the card memorizer is the same person as the card holder because the card memorizer is a natural person who acts for service without presenting a tangible card. If they are different, the card memorizer is a criminal such as skimming.
[0013] 従来のカード認証の強化策は、不正カードコピーを防ぐことと、カード所有者しか知 りえな 、データの強化であった。  [0013] Conventional card authentication enhancement measures have been to prevent unauthorized card copying and to enhance data that only the cardholder can know.
[0014] したがって、正規の使用でもカードを使用しないデータ記憶者へのサービスにおい て、データを盗用された犯罪者の行為に対して、カード所有者はサービス機関にサ 一ビス停止を求める手段を持つことができなかった。 [0014] Therefore, in a service to a data storage person who does not use a card even in regular use, the cardholder has a means to ask the service organization to stop the service against the act of a criminal whose data has been stolen. I could not have it.
[0015] また、カード持参者とカード所有者が異なる人物であれば、すべて、カード持参者 は不正カードの使用者であるとしていたため、保護者が子供にカードを貸与すること や所有者の代理人にカード使用の委任をすることができな力つた。 [0015] In addition, if the cardholder and the cardholder are different, the cardholder is said to be a fraudulent card user, so the parent can lend the card to the child or the owner's He was unable to delegate the use of the card to his agent.
発明の開示  Disclosure of the invention
[0016] 本発明は、 RFIDカード、 ICカード、キャッシュカード、クレジットカードなどのカード および関連データが盗まれて使用されていても、サービス機関がカード所有者の使 用意思を確認することでサービスを続行するかあるいは中断するかを決めるシステム の提供である。 [0016] The present invention allows a service organization to use a cardholder's card even if a card such as an RFID card, an IC card, a cash card, or a credit card and related data are stolen and used. It is the provision of a system that decides whether to continue or stop the service by confirming the intention to use.
[0017] 本発明は、カード所有者が自分自身に 1枚の所有者カードを発行し、所有者が管 理するカード通信装置を介して、カード所有者がサービス機関からの問い合わせに 返答することである。  [0017] According to the present invention, the cardholder issues one owner card to himself / herself, and the cardholder answers the inquiry from the service organization via the card communication device managed by the owner. It is.
[0018] カード使用者は、カード持参者として行動する場合と、データ記憶者として行動す る場合がある。これらの場合について、各々詳細に述べる。  [0018] The card user may act as a card holder or act as a data storage person. Each of these cases will be described in detail.
[0019] カード使用者がカード持参者として行動する場合における関係者の動作について[0019] Regarding the behavior of the parties concerned when the card user acts as a card holder
、以下に説明する。 This will be described below.
[0020] カード所有者は、 1枚の所有者カードをカード通信装置に挿入し、 1枚の使用者力 ードをカード持参者に貸与する。  [0020] The cardholder inserts one owner card into the card communication device and lends one user card to the cardholder.
[0021] カード持参者は、サービス機関に対して 1枚の使用者カードを提示しサービスを求 める。 [0021] The card holder requests a service by presenting a single user card to the service organization.
[0022] サービス機関は、カード持参者に対してサービスを開始するが、有料サービスや現 金をカード持参者に渡すなどのカード所有者の意思確認が必要な場合、サービス機 関は所有者が管理するカード通信装置にカード持参者がサービスを求めていること を通知する。  [0022] The service organization starts the service for the cardholder. However, if the cardholder needs to confirm his / her intention such as pay service or handing the cash to the cardholder, the service organization will Notify the card communication device to be managed that the cardholder is requesting service.
[0023] カード通信装置は、所有者カードだけが挿入されているならば、あらかじめ所有者 が許諾するサービス範囲を記入したデータを送信する。なお、カード所有者が自然 人で個人が所有して!/、るカード通信装置の場合は、カード所有者がカード通信装置 にあら力じめ認証装置に通報するための打鍵暗証番号を登録し、カード所有者が暗 証番号を打鍵することで、 1枚のカードをカード通信装置に挿入し更にサービス範囲 を認めた旨を送信する。  [0023] If only the owner card is inserted, the card communication device transmits data in which the service range approved by the owner is entered in advance. In the case of a card communication device that is a natural card holder and owned by an individual! /, The card owner must register the keystroke code for the card communication device to notify the authentication device. When the cardholder enters the password, the card holder inserts a card into the card communication device and sends a message indicating that the service range has been approved.
[0024] 正規の場合、サービス機関は 1枚の所有者カードだけがカード通信装置に挿入さ れている状態を知り、提示された使用者カードとの合計 2枚を確認し、カード所有者 が提示したサービス範囲内のサービスを続行する。  [0024] In the normal case, the service organization knows that only one owner card has been inserted into the card communication device, confirms a total of two cards with the presented user card, and the card owner Continue the service within the suggested service range.
[0025] 不正なカード使用の場合、カード所有者はカード通信装置に所有者カードを挿入 していないため、サービス機関は使用者カードと所有者カードの合計 2枚が確認でき ず、サービスを停止する。 [0025] In the case of illegal card use, the card owner has not inserted the owner card into the card communication device, so the service organization can confirm a total of two cards, the user card and the owner card. Stop the service.
[0026] カード持参者の要求サービス範囲がカード所有者の許諾範囲を超えて要求された ならば、サービスを停止する。この機構により、保護者は児童に対するサービスをサ 一ビス機関に委ねることが可能になる。  [0026] If the requested service range of the cardholder exceeds the permission range of the cardholder, the service is stopped. This mechanism allows parents to entrust services to children to a service organization.
[0027] 次に、カード使用者がデータ記憶者として行動する場合における関係者の動作に ついて、以下に説明する。この例としては、インターネットなどによってサービス機関 にアクセスしてコンテンツサービスを受ける場合や金融機関に送金依頼をする場合 が挙げられる。  [0027] Next, the operations of the parties concerned when the card user acts as a data storage person will be described below. Examples of this include accessing the service organization via the Internet and receiving content services, and requesting remittances from financial institutions.
[0028] カード所有者は、 1枚の使用者カードを自ら管理するカード通信装置に挿入した後 、サービス機関にアクセスする。  [0028] The card holder accesses a service organization after inserting a single user card into a card communication device that he / she manages.
[0029] サービス機関は、アクセスしてきたデータ記憶者に対してサービスを開始するが、 有料サービスや第三者に送金するなどのカード所有者の認証が必要な場合、サービ ス機関はカード通信装置にデータ記憶者がサービスを求めていることを通知する。  [0029] The service institution starts the service for the data storage person who has accessed it, but if the card holder's authentication is required, such as a paid service or remittance to a third party, the service institution will use the card communication device. To inform the data store that they are seeking service.
[0030] カード通信装置は、通知してきたサービス機関を特定するメッセージを表示する。  [0030] The card communication device displays a message specifying the notified service organization.
[0031] カード所有者は、メッセージを確認し、所有者カードをカード通信装置に挿入する。  [0031] The cardholder confirms the message and inserts the owner card into the card communication device.
なお、カード所有者が自然人で個人が所有しているカード通信装置の場合は、カー ド所有者がカード通信装置にあらかじめ認証装置に通報するための打鍵暗証番号を 登録し、カード所有者が暗証番号を打鍵することで、 2枚のカードをカード通信装置 に挿入したとみなす。  In the case of a card communication device that is a natural cardholder and is owned by an individual, the card owner must register a keystroke PIN number to notify the authentication device in advance in the card communication device, and By tapping the number, it is considered that two cards have been inserted into the card communication device.
[0032] カード通信装置は、所有者カードが挿入されたならば、あらかじめ所有者が許諾す るサービス範囲を記入したデータを送信する。  [0032] When the owner card is inserted, the card communication device transmits data in which the service range approved by the owner is entered in advance.
[0033] 正規の場合、サービス機関は、あらかじめ 1枚の使用者カードが挿入されていて問 い合わせに対して一定時間以内に所有者カードが挿入されたこと、すなわち合計 2 枚のカードがカード通信装置内に存在することを確認した後、カード所有者が提示し たサービス範囲内でのデータ記憶者が求めるサービスを続行する。  [0033] In the normal case, the service institution has inserted one user card in advance and the owner card has been inserted within a certain time in response to the inquiry, that is, a total of two cards have been inserted. After confirming that it exists in the communication device, continue the service required by the data store within the service range presented by the cardholder.
[0034] 不正アクセスの場合、サービス機関は、問い合わせから一定時間以内に合計 2枚 のカードを確認することができな 、ため、サービスを停止する。  [0034] In the case of unauthorized access, the service organization cannot confirm the total of two cards within a certain time from the inquiry, and therefore stops the service.
[0035] また、データ記憶者のサービス要求がカード所有者のサービス許諾範囲を超えて いるならば、サービス機関は、データ記憶者とカード所有者は異なる人物と判断して 、不正アクセスとみなしてサービスを停止する。 [0035] Further, the service request of the data storage person exceeds the service permission range of the cardholder. If so, the service organization determines that the data storage person and the cardholder are different persons, and considers it as unauthorized access and stops the service.
図面の簡単な説明  Brief Description of Drawings
[0036] [図 1]本発明のシステム全体図。  [0036] FIG. 1 is an overall system diagram of the present invention.
[図 2]従来認証;カード持参者がサービス機関を訪問した場合の動作の流れ。  [Figure 2] Conventional authentication; Flow of operations when a cardholder visits a service organization.
[図 3]従来認証;データ記憶者がサービスを享受する場合の動作の流れ。  [Figure 3] Conventional authentication; the flow of operations when the data store enjoys the service.
圆 4]カード使用者がサービス機関を訪問した場合の認証動作の流れ。  圆 4] Flow of authentication operation when a card user visits a service organization.
[図 5]データ記憶者がサービスを享受する場合の認証動作の流れ。  [Figure 5] Flow of authentication operation when a data store enjoys the service.
[0037] 11 :サービス機関の使用者カード検出器、 12 :サービス機関の認証装置、 [0037] 11: User card detector of service organization, 12: Authentication device of service organization,
13 :サービス機関のサーバー、 21, 22 :専用回線通信手段、  13: Server of service organization, 21, 22: Private line communication means,
31 : PC類、 32 :カード通信装置、  31: PC, 32: Card communication device,
33:所有者カード挿入口、 41, 42:汎用回線通信手段、  33: Owner card insertion slot, 41, 42: General line communication means,
43 :公衆回線通信手段、 50, 51 :カード所有者と運用操作、 43: Public line communication means, 50, 51: Operation with the cardholder,
60, 61:カード持参者と運用操作、 70, 71:データ記憶者と運用操作。 発明を実施するための最良の形態 60, 61: Card holder and operation, 70, 71: Data store and operation. BEST MODE FOR CARRYING OUT THE INVENTION
[0038] 図 1は本発明のシステム全体図である。構成は、 11〜22のサービス機関が保有して いる機材および通信手段、 31〜33のカード所有者が保有している機材、 41〜44のサ 一ビス機関と所有者の機材間を接続する通信手段、および 50〜71のカード所有者' カード使用者'カード記憶者の運用操作で構成する。なお、 33は 32に付けられている 部品である。 FIG. 1 is an overall system diagram of the present invention. The configuration consists of equipment and communication means possessed by 11-22 service institutions, equipment possessed by 31-33 card holders, and connection between 41-44 service institutions and the owner's equipment. It consists of communication means and 50 to 71 cardholders 'card users' and card memorizer operations. 33 is a part attached to 32.
[0039] 11〜22のサービス機関に関するものは、カード検出器 11、認証装置 12、サーバー 1 3の機材、および 11と 12を接続する専用回線通信手段 21、 12と 13を接続する専用回 線通信手段 22である。これら 11〜22を所有するサービス機関は、単企業であっても 複数企業であっても構わな 、。  [0039] 11 to 22 related to the service institution, the card detector 11, the authentication device 12, the equipment of the server 13 and the dedicated line communication means 21, 12 and 13 for connecting 11 and 12 Communication means 22. The service organization that owns these 11-22 may be a single company or multiple companies.
[0040] 単企業のサービス機関の例として銀行が挙げられる。例えば、 11が ATM (Automat ic Teller Machine :現金自動預け入れ払い機)、 12が認証センター、 13が HB (Home Banking)用コンピュータ 31と接続されている預金口座入出力管理サーバー、 21と 22 によって 11〜13を該当銀行内で接続する。 [0041] 11〜22がすべて異なる企業の例を示す。 11は小売業の店頭に備え付けてあるカー ド読取装置、 12はクレジットカード会社の認証装置、 13は新聞社の記事検索サーバ 一、 21は電話会社の専用回線、 22はインターネットプロバイダが敷設した通信回線な ど、異なる企業の連合システムが挙げられる。 [0040] An example of a single company service organization is a bank. For example, 11 is an ATM (Automatic tic Teller Machine), 12 is an authentication center, 13 is a deposit account input / output management server connected to a computer 31 for HB (Home Banking), 21 and 22 by 11 Connect ~ 13 within the bank. [0041] 11-22 are examples of different companies. 11 is a card reader installed at a retail store, 12 is a credit card company's authentication device, 13 is an article search server of a newspaper company, 21 is a dedicated line of a telephone company, and 22 is a communication established by an Internet provider. A federation system of different companies such as lines.
[0042] カード所有者が保有している機材は、 31とカード通信装置 32である。 なお、 31は P C (Personal Computer)や PDA (Personal Digital Assistants:個人用情報携帯端末) でも、共同使用のためにホテルや空港などの設置して 、る個人操作が可能なコンビ ユータでも構わない。  The equipment possessed by the card owner is 31 and the card communication device 32. Note that 31 may be a PC (Personal Computer) or PDA (Personal Digital Assistants), or a computer that can be operated personally by installing a hotel or airport for shared use.
[0043] 32は本発明のシステムに必要な機材であり、複数のカードの識別が可能で、少なく とも数字の入力機能および表示機能を有し、サービス機関のデータ通信を受送信す る機能を有する。したがって 32は、複数のカード読み取り装置付き汎用電子式電話 機、複数のカード読み取り装置付き携帯電話機、複数のカード読み取り装置付きで 更に ISDN (Integrated Services Digital Network:総合デジタル通信網)接続端子を 有する PDAやパーソナルコンピュータなどが挙げられる。  [0043] 32 is equipment necessary for the system of the present invention, which can identify a plurality of cards, has at least a numeric input function and a display function, and has a function of receiving and transmitting data communication of a service organization. Have. Therefore, 32 is a general-purpose electronic telephone with multiple card readers, a mobile phone with multiple card readers, a PDA with multiple card readers and an ISDN (Integrated Services Digital Network) connection terminal. And personal computers.
[0044] 41〜42の通信手段は、所有者の PC類 31をサービス機関の機材 13および 12に接続 する。したがって、 41〜42の通信手段は、インターネット、公衆電話回線、専用回線 などの汎用回線通信手段が挙げられる。  [0044] The communication means 41 to 42 connect the owner's PCs 31 to the equipment 13 and 12 of the service organization. Accordingly, the communication means 41 to 42 include general-purpose line communication means such as the Internet, public telephone lines, and dedicated lines.
[0045] 43の通信手段は、所有者の管理下にある 32をサービス機関の認証装置 12と接続す ると共に、 12が任意の時刻に 32を特定して通信開始可能な条件を満足しなければな らない。したがって、 43の通信手段は、公衆電話回線、専用回線、 WO03/09222 1に記載されて 、るネットワークの伝送路などが挙げられる。  [0045] The 43 communication means must connect 32 under the control of the owner to the authentication device 12 of the service organization and satisfy the condition that 12 can specify 32 at any time and start communication. Must be. Therefore, 43 communication means include public telephone lines, dedicated lines, and network transmission lines described in WO03 / 092221.
[0046] カード所有者 50は、自己管理下にあるカード通信装置 32の運用操作 51を行なう。  [0046] The cardholder 50 performs an operation 51 of the card communication device 32 under self-management.
なお、自分自身に発行した 1枚の所有者カードの利用は、所有者カード挿入口 33に 挿人されることである。  The use of one owner card issued to yourself means that you are inserted into the owner card insertion slot 33.
[0047] カード持参者 60は、カード所有者 50からカードを貸与され、サービス機関のカード 検出器 11にカードを持参して運用操作 61を行なうのが正規である。すなわち、 60と 50 が同一人物である場合や異なる人物である場合も正規である。しかし、盗んだり拾つ たりしたカードの使用は、カード所有者 50から貸与されたのではないため、運用操作 61の不正なカード使用である。 [0047] It is normal for the card holder 60 to be given a card from the card owner 50 and bring the card to the card detector 11 of the service organization to perform the operation operation 61. That is, it is normal if 60 and 50 are the same person or different persons. However, the use of a stolen or picked up card was not loaned by the cardholder 50. 61 illegal card use.
[0048] データ記憶者 70は、カード所有者 50と同一人物であれば正規である。したがって、 カード所有者は運用操作 51および運用操作 71を同時に行なうことは不可能であるが 、 51と 71を連携して行なうことは正規の動作である。よって、データを盗んだデータ記 憶者 70の不正な運用操作 71は、カード所有者 50の行動と関連性がないことを強調し ておく。 [0048] If the data storage person 70 is the same person as the card holder 50, it is legitimate. Therefore, the cardholder cannot perform operation operation 51 and operation operation 71 at the same time, but performing operations 51 and 71 together is a normal operation. Therefore, it is emphasized that the illegal operation 71 of the data store 70 who stole the data is not related to the behavior of the cardholder 50.
[0049] 図 2および図 3は、システム全体図の一部を利用した従来の運用法である。本発明 を明確に理解するため、従来の認証動作の流れを説明する。  FIG. 2 and FIG. 3 show a conventional operation method using a part of the overall system diagram. In order to clearly understand the present invention, a conventional authentication operation flow will be described.
[0050] 図 2は、カード持参者がサービス機関を訪問した場合の従来の認証動作である。  FIG. 2 shows a conventional authentication operation when a card holder visits a service organization.
[0051] カード持参者 60が持参したカードをサービス機関のカード検出器 11にアクセスさせ ることによって、カード検出器 11はカードの存在を認知する(Sl)。その例としては、 R FIDタグ付き ICカードを検出器 11に近づける、クレジットカードを小売店に設置して いるカード検出器 11に挿入する、 ITS (Intelligent Transport Systems:高度道路交通 システム)における ICカードを車載器 11に挿入する、などが挙げられる。  [0051] The card detector 11 recognizes the presence of the card by making the card brought by the card holder 60 access the card detector 11 of the service organization (Sl). For example, an IC card in an ITS (Intelligent Transport Systems), where an IC card with an R FID tag is brought close to the detector 11 and a credit card is inserted into the card detector 11 installed in a retail store. Is inserted into the vehicle-mounted device 11.
[0052] カードに記載されている内容を検出器 11が読み出して、カードの正当性を照合する  [0052] The detector 11 reads out the contents written on the card and verifies the validity of the card.
(S2)。その例としては、カードの有効期限、カード所有者を識別する認証データや 読み出しデータの配列などが挙げられる。  (S2). Examples include card expiration dates, authentication data that identifies cardholders, and an array of read data.
[0053] この際、カード照合に失敗すると以降のサービスを中止し、カード照合に成功すると カード持参者が望むサービス内容を運用操作 61にて通知し認証装置 12に認証依頼 をする(S3)。カード持参者が望むサービス内容が明らかな場合は、運用操作 61のデ ータ入力を省略する場合がある。例えば、電車用カード持参者が ITSにおける料金 ゲートを通過する場合である。  At this time, if the card verification fails, the subsequent service is stopped, and if the card verification succeeds, the service contents desired by the card holder are notified by the operation operation 61 and an authentication request is sent to the authentication device 12 (S3). If the service details desired by the cardholder are clear, data entry in operation 61 may be omitted. For example, train card holders pass through the ITS toll gate.
[0054] 専用回線手段 21によって、カードおよびカード持参者のサービス希望データは、認 証装置 12が保管して 、るデータと照合する(S8)。  [0054] The dedicated line means 21 checks the card and the service request data of the cardholder with the data stored in the authentication device 12 (S8).
[0055] この際、データ照合に失敗すると以降のサービスを中止し、データ照合に成功する とカード持参者が望むサービスを続行する。  At this time, if the data verification fails, the subsequent service is stopped, and if the data verification is successful, the service desired by the card holder is continued.
[0056] 11と 12を接続する専用回線 21の距離が最も近い例は、 ITSにおける電車用の改札 ゲート機器内通信である。逆に、最も遠い例は、クレジットカードによるホテル宿泊料 金支払システムであり異なる国に設置された 11と 12が接続された場合である。 [0056] An example of the closest distance of the dedicated line 21 connecting 11 and 12 is in-gateway communication for ITS trains. On the contrary, the farthest example is a hotel accommodation fee by credit card This is the case when 11 and 12 installed in different countries are connected.
[0057] 図 3は、データ記憶者がサービスを享受する場合の従来の認証動作である。 FIG. 3 shows a conventional authentication operation when the data writer enjoys the service.
[0058] データ記憶者 70の 31を操作よつて、通信手段 41を通過したデータがサービス機関 にアクセスすることでサーバー 13が認知する(S l)。この例としては、 HB (Home Bank ing)における専用端末の操作、情報コンテンツをダウンロードする PCの操作、商品 販売業者へのインターネット利用をした注文、などが挙げられる。 [0058] The server 13 recognizes that the data passed through the communication means 41 accesses the service organization by operating 31 of the data storage person 70 (Sl). Examples of this include operation of a dedicated terminal at HB (Home Banking), operation of a PC that downloads information content, and orders using merchandise distributors over the Internet.
[0059] データ記憶者 70の正当性を確認するには、 41を通過したデータとサービス機関が 保有するサーバー 13に登録されているパスワード照合を含む ID (identification)照合 を行なう(S 2)。 [0059] In order to confirm the validity of the data storage person 70, ID (identification) verification including password verification registered in the server 13 held by the service organization and the data that has passed 41 is performed (S2).
[0060] この際、 ID照合に失敗すると以降のサービスを中止し、 ID照合に成功するとデータ 記憶者が望むサービス内容を運用操作 71にて通知し認証装置 12に認証依頼をする (S3)。一般的には、サービス機関が有料サービスの開始をするために、クレジット会 社に認証依頼をする。  At this time, if the ID collation fails, the subsequent service is stopped, and if the ID collation succeeds, the service contents desired by the data storage person are notified by the operation operation 71 and an authentication request is sent to the authentication device 12 (S3). Generally, a service organization requests a credit company for authentication in order to start a paid service.
[0061] 認証装置 12は、カードに記載されている内容や関連データをデータ通信 42によつ てデータ記憶者 70に問い合わせをする。問い合わせ内容の例としては、カードの有 効期限、使用者カードに記載されている番号などが挙げられる。  The authentication device 12 makes an inquiry to the data storage person 70 through the data communication 42 regarding the contents and related data described on the card. Examples of inquiries include the card expiry date and the number on the user card.
[0062] データ記憶者 71が送信したデータは、認証装置 12が保管しているカード所有者の データと照合する(S8)。  The data transmitted by the data storage person 71 is collated with the data of the cardholder stored in the authentication device 12 (S8).
[0063] この際、データ照合に失敗すると以降のサービスを中止し、データ照合に成功する とデータ記憶者が望むサービスを続行する。  At this time, if the data verification fails, the subsequent service is stopped, and if the data verification is successful, the service desired by the data storage person is continued.
[0064] なお、従来の通信手段 22が強固な場合は、通信手段 42の問 、合わせを省略するこ ともある。この場合、 S8のカード所有者のデータは必ず正しいものとされ、サービスが 続行される。例えば、日本国における ETC (Electronic Toll Collection System:電子 式料金自動収受システム)における決済方法が挙げられる。  [0064] When the conventional communication means 22 is strong, the inquiry of the communication means 42 may be omitted. In this case, the S8 cardholder data will always be correct and service will continue. For example, the settlement method in ETC (Electronic Toll Collection System) in Japan.
[0065] 以上のように、カード持参者やデータ記憶者はカード所有者と同一人物であると認 証するのが認証装置 12の機能である。  As described above, the function of the authentication device 12 is to authenticate the card holder and the data storage person to be the same person as the card owner.
[0066] 図 4および図 5の流れ図は、前述した従来の図 2および図 3の認証動作に、カード 所有者の管理下にあるカード通信装置 32を利用してカード所有者の意思確認の動 作を追記したものである。 [0066] The flowcharts of FIGS. 4 and 5 show the verification operation of the cardholder by using the card communication device 32 under the control of the cardholder in the authentication operation of the conventional FIG. 2 and FIG. The work is added.
[0067] 追記した部分は、認証装置 12がカード通信装置 32へ通信(S4)をすること、カード 通信装置 32が認証装置力 のアクセス表示(S5)をすること、カード通信装置 32に挿 入されて!ヽるカード枚数および記載されて ヽるサービス範囲のデータ送信 (S6)をす ること、認証装置 12がカード所有者 50のサービス範囲設定 (S7)を決定することであ る。  [0067] The added part is that the authentication device 12 communicates with the card communication device 32 (S4), the card communication device 32 displays the access of the authentication device power (S5), and is inserted into the card communication device 32. The number of cards to be received and the service range data to be described (S6) are transmitted, and the authentication device 12 determines the service range setting (S7) of the cardholder 50.
[0068] 本発明は、カード所有者 50の意思を確認するシステムであり、詳細に説明する。  [0068] The present invention is a system for confirming the intention of the cardholder 50, and will be described in detail.
[0069] 図 4の S1から S3については、従来の認証動作と同じである。特に強調しておくこと は、カード持参者 60が 1枚のカードを利用していることである。 [0069] S1 to S3 in FIG. 4 are the same as the conventional authentication operation. Of particular emphasis is that cardholder 60 is using one card.
[0070] 図 5の S1から S3については、従来の認証動作と同じである。特に強調しておくこと は、データ記憶者 70が 1枚のカードも利用していないことである。すなわち、 0枚の力 ードを利用していることである。 [0070] S1 to S3 in Fig. 5 are the same as the conventional authentication operation. It is particularly important to note that data logger 70 does not use a single card. In other words, 0 force cards are used.
[0071] 図 4および図 5の S4から S8については、同じ動作の流れであるため、一括して述べ る。 Since S4 to S8 in FIGS. 4 and 5 have the same operation flow, they will be described collectively.
[0072] S4は、認証装置 12が情報取得をするために、公衆回線通信手段 43を利用して、力 ード所有者 50の管理下にあるカード通信装置 32に直接アクセスをすることである。  S4 is that the authentication device 12 directly accesses the card communication device 32 under the control of the force owner 50 by using the public line communication means 43 in order to acquire information.
[0073] S5は、認証装置 12からのアクセス表示である。表示される内容は、アクセス時刻お よび通知したサービス機関を特定できるデータである。例えば、サービス機関の装置 番号である。  [0073] S5 is an access display from the authentication device 12. The displayed contents are data that can identify the access time and the notified service organization. For example, the service organization's device number.
[0074] カード所有者 50は正当なカード持参者 60に許諾している力、あるいは、自分自身が データ記憶者 70であれば、 S5の表示は期待通りである。しかし、運用操作 61や運用 操作 71が不正操作であれば、予期しな!、アクセス表示 S5を観察する。  [0074] If the cardholder 50 grants permission to the legitimate cardholder 60, or if the cardholder 50 is the data store 70, the display of S5 is as expected. However, if operation 61 or 71 is an unauthorized operation, it is unexpected! Observe access display S5.
[0075] S6は、カード通信装置 32が検出したカード状態およびあら力じめカード所有者 50 が許諾するサービス範囲を記入したデータ送信である。  S6 is data transmission in which the card status detected by the card communication device 32 and the service range approved by the cardholder 50 are entered.
[0076] カード通信装置 32が送信するカード状態は、 33に所有者カード 1枚が挿入されてい るならば直ちに 1枚のカードが存在していることを送信する。もし、使用者カード 1枚が 挿入されているならば一定時間以内に 1枚の所有者カードが 33に挿入されたときに 合計 2枚のカードが存在して 、ることを送信する。 [0077] あら力じめカード所有者 50が許諾するサービス範囲の例としては、該当カードにお ける ATMの支払い現金限度額、有料サービスを受諾する額面範囲、サービスを受 諾する日付ゃ曜日、同時にサービスを享受する人数範囲などが挙げられる。 [0076] The card status transmitted by the card communication device 32 immediately transmits that one card is present if one owner card is inserted in 33. If one user card is inserted, a message is sent indicating that a total of two cards are present when one owner card is inserted into 33 within a certain period of time. [0077] Examples of service areas permitted by bullish cardholder 50 are ATM cash payment limit for the card, face value range for accepting paid services, date of service acceptance, day of the week, The range of the number of people who can enjoy the service at the same time.
[0078] S7は、サービス機関がカード通信装置 32力も受信したサービス範囲のデータにより 、サービスを行なう範囲を設定する。  [0078] S7 sets a service coverage area based on the service area data received by the service organization as well as the card communication device 32.
[0079] S8は、従来の認証装置 12が保管しているデータと照合することにカ卩えて、 2枚の力 ードの存在が確認できなければ、サービスを続行しな 、。  [0079] S8 does not proceed with the service if the presence of the two cards cannot be confirmed in preparation for collating with the data stored in the conventional authentication device 12.
[0080] 以下に、カードの存在が 2枚ならばカード所有者がサービスを享受する意思がある とみなせることを詳述する。  [0080] In the following, it will be described in detail that if there are two cards, the cardholder can be considered willing to enjoy the service.
[0081] カード通信装置 32の設置の条件は、カード所有者の管理下にあること。通信手段 4 3は、 12が任意の時刻に 32を特定して通信開始可能な条件である。したがって、通信 を介してカード所有者の意思確認をする行為が保証されている。  [0081] The card communication device 32 is installed under the control of the cardholder. The communication means 43 is a condition that 12 can start communication by specifying 32 at an arbitrary time. Therefore, the act of confirming the cardholder's intention through communication is guaranteed.
[0082] 図 4の場合は、カード所有者が 1枚の所有者カードを 33のカード通信装置に挿入し てから、カード持参者が 1枚の使用者カードを利用するするために、サービス機関は 、カード所有者の意思を 2枚のカードの存在で確認する。  [0082] In the case of FIG. 4, the card owner inserts one owner card into the 33 card communication device, and then the card holder uses the one user card. Confirms the intention of the cardholder with the presence of two cards.
[0083] もし、図 4の場合で、使用者カードを紛失したならば、サービス機関が該当するカー ドを無効にするまでの間、カード所有者は 33に所有者カードを挿入しない限り、サー ビス機関は 2枚のカードの存在を確認できな 、ため、不正なカード使用行為とみなし てサービスを停止する。  [0083] In the case of Fig. 4, if the user card is lost, the cardholder must insert the owner card in 33 until the service organization invalidates the card. Since the service organization cannot confirm the presence of the two cards, the service is deemed to be illegal and the service is suspended.
[0084] 図 5の場合は、カード所有者が 1枚の使用者カードをカード通信装置 32に挿入し、 サービス機関にアクセスし、通知してきたサービス機関を特定するメッセージを 32で 確認し、所有者カードを 33に挿入する一連の動作が必要であり、サービス機関は力 ード通信装置 32に 2枚のカードの存在を確認できた場合にのみサービスを続行する  [0084] In the case of FIG. 5, the cardholder inserts one user card into the card communication device 32, accesses the service organization, confirms the message that identifies the notified service organization at 32, and owns it. The service organization will continue the service only if the presence of the two cards in the force communication device 32 is confirmed.
[0085] カード持参者とデータ記憶者がほとんど同時にサービス機関にサービスを求めた 場合の動作について説明する。 [0085] The operation when the card holder and the data storage person request service from the service organization almost simultaneously will be described.
[0086] 正当な図 4のカード持参者の行動中に、不正な図 5のデータ記憶者の行為がある 場合、図 5の認証装置 12は、カード通信装置 32に挿入された 1枚の所有者カードの 存在しか認められず、不正なカード使用行為とみなしてサービスを停止する。しかし、 図 4の認証装置 12は、 2枚のカードの存在を確認できてサービスを続行する。 [0086] If there is an illegal act of the data storage person of Fig. 5 during the action of the legitimate card holder of Fig. 4, the authentication device 12 of Fig. 5 owns one card inserted into the card communication device 32. Card Only the existence is recognized, and it is regarded as an illegal card use act and the service is stopped. However, the authentication device 12 in FIG. 4 can confirm the presence of the two cards and continue the service.
[0087] 正当な図 5のデータ記憶者の行動中に、不正な図 4のカード持参者の行為がある 場合、図 4の認証装置 12は、カード持参者の不正使用者カード 1枚およびカード通 信装置 32に挿入された 2枚のカードとの合計で 3枚のカードの存在が認められ、不正 なカード使用行為とみなしてサービスを停止する。しかし、図 5の認証装置 12は、 2枚 のカードの存在を確認できてサービスを続行する。 [0087] If there is an illegal act of the card bearer of Fig. 4 during the action of the data store of Fig. 5, the authentication device 12 of Fig. 4 uses one card user's fraudulent user card and the card. The presence of three cards in total, including the two cards inserted into the communication device 32, is recognized, and the service is deemed to be an unauthorized card use act. However, the authentication device 12 in FIG. 5 can confirm the presence of the two cards and continue the service.
[0088] 以上のように、サービス機関は使用者カードと所有者カードとの合計で 2枚のカード の存在が確認できた場合にのみ、カード所有者がサービスを享受する意思があると みなせる。 [0088] As described above, the service institution can be regarded as having the willingness to enjoy the service only when the presence of the two cards in total including the user card and the owner card can be confirmed.
[0089] なお、正当な図 4の行為中に不正な図 5の行為があったり、正当な図 5の行為中に 不正な図 4の行為があったりしても、カード通信装置 32にアクセスしたすべてのサー ビス機関の認証装置 12を特定するメッセージが表示されて ヽるので、カード所有者は 犯罪搜查機関に犯罪証拠を提供することが可能になる。  [0089] Even if there is an illegal act of Fig. 5 during the legitimate act of Fig. 4 or an illegal act of Fig. 4 during the legitimate act of Fig. 5, the card communication device 32 is accessed. A message identifying the authentication devices 12 of all the service institutions will be displayed, allowing the cardholder to provide criminal evidence to the criminal institutions.
産業上の利用可能性  Industrial applicability
[0090] 本発明によれば、カード所有者 50が多くのサービス機関との契約によって、複数枚 の使用者カードの発給を受けていても、カード所有者の管理下にあるカード通信装 置 32を介して 1枚の所有者カードの利用でサービス享受の意思表示をする。したがつ て、個々のサービス機関は、不正なカード使用者の発見が飛躍的に高まり、カード所 有者の安心'安全性が増す。 [0090] According to the present invention, even if the cardholder 50 is issued with a plurality of user cards under contracts with many service organizations, the card communication device 32 under the control of the cardholder 32 Through the use of one owner card, the intention to enjoy the service is displayed. Therefore, each service organization dramatically increases the detection of unauthorized card users, increasing the security and security of cardholders.
[0091] 使用者カードはサービス機関が発行するカードであるが、所有者カードはカード所 有者が自分自身に発行したカードである。所有者カードの作成する方法について、 以下に説明をする。 [0091] The user card is a card issued by a service organization, while the owner card is a card issued by the card owner to himself / herself. The following explains how to create an owner card.
[0092] 本発明における所有者カードは、カード所有者がカード通信装置 32の 33に挿入し て利用される。よって、 32は所有者カードを検出することである。  The owner card in the present invention is used by being inserted into the card communication device 32 33 by the card owner. Therefore, 32 is to detect the owner card.
[0093] カード通信装置 32は、少なくとも数字の入力機能および表示機能を有し、サービス 機関のデータ通信を受送信する機能を有する必要があり、挿入されたカードの存在 を認識する必要がある。しかし、 32はカード内容を読み出す機構は不要である。 [0094] よって、自分自身に発行する所有者カードは、 32の 33に挿入されている状態を検 出されることが必要なため、鍵のように安易に模倣できな 、ような形状が好ま U、。 [0093] The card communication device 32 has at least a numeric input function and a display function, needs to have a function of receiving and transmitting data communication of the service organization, and needs to recognize the presence of the inserted card. However, 32 does not require a mechanism for reading card contents. [0094] Therefore, since the owner card issued to itself needs to be detected in the state of being inserted into 32 33, it is preferable to have a shape that cannot be easily imitated like a key. ,.
[0095] したがって、低価格のカード通信装置 32は、使用者カード挿入検出器としてリミット スィッチを、所有者カードの挿入検出器として鍵付きスィッチを付加した汎用電子式 電話機になる。  Therefore, the low-priced card communication device 32 is a general-purpose electronic telephone to which a limit switch is added as a user card insertion detector and a keyed switch is added as an owner card insertion detector.
[0096] 当然のことながら、パーソナルコンピュータ 31とカード通信装置 32は、カード所有者 の管理下であるが故に、一体化されて!ヽても構わな!/、。  [0096] As a matter of course, the personal computer 31 and the card communication device 32 may be integrated because they are under the control of the cardholder!
[0097] また、 32が携帯電話であれば、カード所有者が自然人で個人が所有して 、るカード 通信装置になるので、カード所有者がカード通信装置にあらかじめ認証装置に通報 するための打鍵暗証番号を登録し、カード所有者が暗証番号を打鍵することで、 1枚 あるいは 2枚を認証装置に通報することで、認証装置 12がカード所有者本人の意思 確認をしたことになる。  [0097] If 32 is a mobile phone, the card owner is a natural person and the card communication device is owned by an individual, so that the card owner can make a keystroke to notify the card communication device in advance to the authentication device. By registering a PIN and the cardholder keying in the PIN, one or two cards are reported to the authenticator, and the authenticator 12 confirms the intention of the cardholder himself.
[0098] 最後に、本発明のシステムの一部を利用して、カード持参者の行動を監視する応 用例を述べる。  [0098] Finally, an application example for monitoring the behavior of a card holder using a part of the system of the present invention will be described.
[0099] 図 4において、カード持参者の所持する使用者カードが RFID機能を有するカード であれば、サービス機関のカード検出器 11を街中に多数設置することで、保護者が 児童の行動をモニターするシステムになる。  [0099] In FIG. 4, if the card possessed by the cardholder is a card having an RFID function, the guardian can monitor the behavior of the child by installing a number of card detectors 11 of the service organization in the city. It becomes a system to do.
[0100] なぜならば、 S5は、認証装置 12からのアクセス表示である。表示される内容は、ァク セス時刻および通知したサービス機関を特定できるデータであるから、カード所有者 である保護者は、 RFIDカードを持参して ヽる児童が街中にある 11にアクセスした順 番、すなわち行動を知ることになる。 [0100] This is because S5 is an access display from the authentication device 12. Since the displayed contents are data that can identify the access time and the notified service organization, the guardian who is the cardholder must be in the order in which the children carrying the RFID card accessed 11 in the city. You will know the turn, that is, the action.
[0101] また、 RFID機能を電気製品に組み込み、サービス機関のカード検出器 11を家庭 内に設置したシステムとしては、日本国特許 3193363「生活モニターシステム」が挙 げられる。 [0101] Furthermore, Japanese Patent 3193363 "Life Monitor System" can be cited as a system in which the RFID function is incorporated in an electrical product and the card detector 11 of a service organization is installed in the home.
[0102] カード持参者の行動監視が可能なことは、不正な手段を用いたカード使用者の行 動も監視可能なことになり、不正な手段を行使する犯罪者を特定することが容易にな る。  [0102] Being able to monitor the behavior of cardholders also makes it possible to monitor the behavior of card users using illegal means, making it easy to identify criminals who use illegal means. Become.

Claims

請求の範囲 The scope of the claims
[1] サービス機関はカード使用者の不正カード使用を防止するために、  [1] In order to prevent card users from using fraudulent cards,
A.カード使用者がサービス機関に提示したカード枚数 0または 1を数え、 A. Count the number of cards 0 or 1 that the card user presented to the service organization,
B.サービス機関のカード所有者が通信手段を用いて B. The card holder of the service organization uses communication means
カード所有者の管理下に設置するカード通信装置にアクセスして、 Access the card communication device installed under the control of the cardholder,
C.カード通信装置が把握したカード枚数を認証装置に通報し、 C. Report the number of cards recognized by the card communication device to the authentication device,
C-1.前記 Aと前記 Cの合算カード枚数が 2枚であればサービスを続行すること、 C-2.前記 Aと前記 Cの合算カード枚数が 2枚以外であればサービスを中断すること によって、  C-1. If the number of cards A and C is two, continue the service. C-2. If the number of cards A and C is other than 2, stop the service. By
カード所有者の意思確認をするサービスシステム。  A service system that confirms the intention of the cardholder.
[2] サービス機関の認証装置がカード所有者の管理下に設置するカード通信装置にァ クセスをする際に、サービス機関を特定するメッセージを送出することを特徴とする請 求項 1に記載した認証装置。  [2] Described in Claim 1, characterized in that when the authentication device of the service organization accesses a card communication device installed under the control of the cardholder, a message identifying the service organization is transmitted. Authentication device.
[3] あらかじめ所有者が許諾するサービス範囲を記入したデータを認証装置に送信す る機能を有して 、る請求項 1に記載したカード通信装置。  [3] The card communication device according to claim 1, wherein the card communication device has a function of transmitting, to the authentication device, data in which a service range approved by the owner is entered in advance.
[4] カード所有者がサービス機関にサービス享受の意思表示のために、請求項 2記載 のメッセージを受信して表示した時から、一定時間以内にカードが挿入されたことを サービス機関に送信することを特徴とした請求項 1に記載したカード通信装置。  [4] The cardholder transmits to the service organization that the card has been inserted within a certain period of time after receiving and displaying the message as claimed in claim 2 in order to indicate the service intent to the service organization. The card communication device according to claim 1, wherein:
[5] カード通信装置がカード枚数を把握して認証装置に通報する方法として、カード所 有者がカード通信装置にあら力じめ認証装置に通報するための打鍵暗証番号を登 録し、カード所有者が暗証番号を打鍵することで、 1枚あるいは 2枚を認証装置に通 報する手段を具備して!/ヽる請求項 1に記載したカード通信装置。  [5] As a method for the card communication device to know the number of cards and report it to the authentication device, the card owner pre-registers with the card communication device and registers a keystroke PIN for reporting to the authentication device. 2. The card communication device according to claim 1, further comprising means for notifying one or two cards to the authentication device when the owner keys the personal identification number.
PCT/JP2005/023871 2005-12-27 2005-12-27 Service suspension system with unauthorized card use WO2007074510A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2005/023871 WO2007074510A1 (en) 2005-12-27 2005-12-27 Service suspension system with unauthorized card use

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2005/023871 WO2007074510A1 (en) 2005-12-27 2005-12-27 Service suspension system with unauthorized card use

Publications (1)

Publication Number Publication Date
WO2007074510A1 true WO2007074510A1 (en) 2007-07-05

Family

ID=38217747

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2005/023871 WO2007074510A1 (en) 2005-12-27 2005-12-27 Service suspension system with unauthorized card use

Country Status (1)

Country Link
WO (1) WO2007074510A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001325435A (en) * 2000-05-12 2001-11-22 Matsushita Electric Ind Co Ltd Method and system for authenticating card
JP2002189971A (en) * 2000-12-22 2002-07-05 Canon Inc System and method for cashless purchase, system and method for filling electronic value, and medium
JP2002297920A (en) * 2001-03-30 2002-10-11 Sogo Keibi Hosho Co Ltd Transaction confirming system
JP2005010847A (en) * 2003-06-16 2005-01-13 Sony Corp Personal digital assistant device, owner authentication method for the same, and owner authentication system for the same

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001325435A (en) * 2000-05-12 2001-11-22 Matsushita Electric Ind Co Ltd Method and system for authenticating card
JP2002189971A (en) * 2000-12-22 2002-07-05 Canon Inc System and method for cashless purchase, system and method for filling electronic value, and medium
JP2002297920A (en) * 2001-03-30 2002-10-11 Sogo Keibi Hosho Co Ltd Transaction confirming system
JP2005010847A (en) * 2003-06-16 2005-01-13 Sony Corp Personal digital assistant device, owner authentication method for the same, and owner authentication system for the same

Similar Documents

Publication Publication Date Title
US7761384B2 (en) Strategy-driven methodology for reducing identity theft
TWI591554B (en) Electronic ticket security system and method
US20070187482A1 (en) Point of Sale Transaction Method and System
US20130087612A1 (en) Method and devices for the production and use of an identification document that can be displayed on a mobile device.
US20070045403A1 (en) System and method for locking and unlocking a financial account card
EP2752798A1 (en) Privacy protected anti-identity theft and payment network
US20060004656A1 (en) Electronic money management method and system using mobile communication terminal
US20110089233A1 (en) Device and process for the authentication of authorizations or enablement of a person with the use of a mobile communication device
CN101523427A (en) A system and method for verifying a user's identity in electronic transactions
JP2004054897A (en) Card authentication server apparatus and card authentication program
JP2007241359A (en) Automatic transaction system
WO1996017316A1 (en) Electronic money recovering system
JP6989118B2 (en) Payment systems, user terminals and methods executed by them, payment devices and methods executed by them, and programs.
US20020095580A1 (en) Secure transactions using cryptographic processes
KR20000012607A (en) certification system using radio communication device
KR20000049788A (en) Personal ID automatic delivery and security by telecommunication system
JP2005208822A (en) Authentication device, portable terminal, electronic settlement system, and authentication program
JP2005512225A (en) Automated rights management and payment system for embedded content
JP2001337925A (en) User authentication device and business transaction system using it
JP2005115597A (en) Card management system and card information management method
JP4008487B2 (en) Identification system
JP2007140988A (en) Identification system
JPWO2002075676A1 (en) Automatic transaction apparatus and transaction method therefor
JP5231320B2 (en) Transaction system and management method thereof
WO2007074510A1 (en) Service suspension system with unauthorized card use

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 05822533

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP