WO2018207781A1 - Information processing system - Google Patents

Information processing system Download PDF

Info

Publication number
WO2018207781A1
WO2018207781A1 PCT/JP2018/017801 JP2018017801W WO2018207781A1 WO 2018207781 A1 WO2018207781 A1 WO 2018207781A1 JP 2018017801 W JP2018017801 W JP 2018017801W WO 2018207781 A1 WO2018207781 A1 WO 2018207781A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
user
server
user terminal
settlement
Prior art date
Application number
PCT/JP2018/017801
Other languages
French (fr)
Japanese (ja)
Inventor
大河 克好
Original Assignee
合同会社Fom研究所
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 合同会社Fom研究所 filed Critical 合同会社Fom研究所
Publication of WO2018207781A1 publication Critical patent/WO2018207781A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists

Definitions

  • the present invention relates to an information processing system.
  • Patent Document 1 it is not possible to avoid the process of transmitting the user's personal information to the terminal of a store that performs settlement. That is, since the user's personal information is always transmitted to the store terminal once, the user's personal information is inevitably stored in the store terminal. Therefore, the personal information of the user stored in the terminal of the store may be abused by employees of the store, or the personal information may be leaked from the store terminal.
  • This invention is made in view of such a situation, and it aims at reducing the risk of personal information leakage etc. in the settlement process by an electronic method.
  • an information processing system includes: A request source device managed by a service request source that requests settlement as an authentication service; A user terminal managed by a user executing the authentication service; An authentication server for authenticating the user; A payment server for executing a payment process for the user;
  • the user terminal is Service code acquisition means for acquiring an authentication service code used as a general authentication code for the user to execute the authentication service from the request source device;
  • First authenticator generating means for generating a first one-time authenticator indicating that the user terminal is authentic;
  • First transmission information generation for generating an encrypted password by encrypting the input password, and generating first transmission information including the encrypted password, the authentication service code, and the first one-time authenticator Means,
  • First transmission control means for performing control to transmit the first transmission information to the authentication server;
  • the authentication server is First reception control means for performing control to receive the first transmission information from the user terminal; Based on the password obtained by decrypting the encrypted password included in the first transmission information and the first one
  • the information processing apparatus and program of one embodiment of the present invention are also provided as an apparatus and program corresponding to the information processing system of one embodiment of the present invention.
  • FIG. 5 is an arrow chart showing a flow of settlement support processing executed by the user terminal and the authentication server in FIG. 4.
  • 7 is a flowchart for explaining a detailed flow of a series of processes mainly executed in the user terminal of FIG. 2 among the settlement support processes of FIGS. 5 and 6.
  • 7 is a flowchart for explaining a detailed flow of a series of processing mainly executed by the authentication server of FIG. 3 in the settlement support processing of FIG. 5 and FIG. 6.
  • 7 is a flowchart for explaining a detailed flow of a series of processes mainly executed in the settlement server of FIG. 1 among the settlement support processes of FIGS. 5 and 6.
  • 5 and 6 is a series of processes mainly executed by the store terminal, the payment server, and the user terminal of FIG. 2 in the process P4-4, the process P4-2, and the process. It is a flowchart explaining the detailed flow of the process after P4-1.
  • FIG. 15 is a flowchart for explaining a detailed flow of a series of processing mainly executed in the user terminal of FIG. 11 among the settlement support processing of FIG. 13 and FIG. 14, and is a diagram showing an example different from FIG. .
  • FIG. 15 is a flowchart for explaining a detailed flow of a series of processes mainly executed in the authentication server of FIG. 11 among the settlement support processes of FIG. 13 and FIG. 14, and is a diagram showing an example different from FIG. .
  • FIG. 15 is a flowchart for explaining a detailed flow of a series of processing mainly executed in the user terminal of FIG. 11 among the settlement support processing of FIG. 13 and FIG. 14, and is a diagram showing an example different from FIG. .
  • FIG. 1 is a diagram showing an overview of an information processing system according to the first embodiment of the present invention.
  • the information processing system shown in FIG. 1 includes a store terminal 1, a user terminal 2, an authentication server 3, and a settlement server 4.
  • the store terminal 1, the user terminal 2, the authentication server 3, and the settlement server 4 are connected to each other via a predetermined network N such as the Internet.
  • a predetermined network N such as the Internet.
  • any number of 1 or more may be sufficient.
  • the store terminal 1 is managed in a store that provides products or services (hereinafter referred to as “product etc.”) to the user, and generates an authentication service code.
  • product etc. provides products or services
  • the store is a trader or the like that provides a product or the like to the user on condition that the user pays for the payment.
  • the authentication service code refers to a general-purpose authentication code for a user to execute a payment service for a product or the like (hereinafter referred to as “this service”).
  • the user terminal 2 is operated by the user and has the authentication server 3 authenticate that the apparatus is an application target of the service, and requests the payment service 3 to execute the service (execution of payment). . That is, the user operates the user terminal 2 to execute this service (execution of settlement) and receives provision of goods and the like from the store.
  • the authentication server 3 authenticates whether or not the user terminal 2 is legitimate as a device to which this service is applied, and notifies the settlement server 4 of the result of the authentication.
  • the settlement server 4 is managed by various settlement parties such as a credit company and executes this service (execution of settlement) based on the authentication result transmitted from the authentication server 3.
  • FIG. 2 is a block diagram showing an example of the hardware configuration of the user terminal 2 in the information processing system of FIG.
  • the user terminal 2 is configured with a smartphone or the like.
  • the user terminal 2 includes a CPU (Central Processing Unit) 11, a ROM (Read Only Memory) 12, a RAM (Random Access Memory) 13, a bus 14, an input / output interface 15, a touch operation input unit 16, a display A unit 17, an input unit 18, a storage unit 19, a communication unit 20, and a drive 21 are provided.
  • a CPU Central Processing Unit
  • ROM Read Only Memory
  • RAM Random Access Memory
  • bus 14 an input / output interface
  • touch operation input unit 16 a display
  • a unit 17, an input unit 18, a storage unit 19, a communication unit 20, and a drive 21 are provided.
  • the CPU 11 executes various processes according to a program recorded in the ROM 12 or a program loaded from the storage unit 19 to the RAM 13.
  • the RAM 13 appropriately stores data necessary for the CPU 11 to execute various processes.
  • the CPU 11, ROM 12 and RAM 13 are connected to each other via a bus 14.
  • An input / output interface 15 is also connected to the bus 14.
  • a touch operation input unit 16, a display unit 17, an input unit 18, a storage unit 19, a communication unit 20, and a drive 21 are connected to the input / output interface 15.
  • the touch operation input unit 16 includes, for example, a capacitance type or resistive film type (pressure sensitive) position input sensor stacked on the display surface of the display unit 17, and detects the coordinates of the position where the touch operation is performed.
  • the touch operation refers to an operation of contacting or approaching an object with respect to the touch operation input unit 16.
  • the object that contacts or approaches the touch operation input unit 16 is, for example, a user's finger or a touch pen.
  • the user inputs a password by a touch operation.
  • the display unit 17 is configured by a display such as a liquid crystal display, and displays various images such as an image showing a settlement result.
  • the touch operation input unit 16 and the display unit 17 constitute a touch panel.
  • the input unit 18 is configured by various hardware and the like, and inputs various information according to a user's instruction operation.
  • storage part 19 is comprised by DRAM (Dynamic Random Access Memory) etc., and memorize
  • the communication unit 20 controls communication with other devices (such as the authentication server 3 and the settlement server 4 in the example of FIG. 1) via the network N including the Internet.
  • the drive 21 is provided as necessary.
  • a removable medium 22 made of a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is appropriately attached to the drive 21.
  • the program read from the removable medium 22 by the drive 21 is installed in the storage unit 19 as necessary.
  • the removable medium 22 can also store various data stored in the storage unit 19 in the same manner as the storage unit 19.
  • FIG. 3 is a block diagram showing an example of the hardware configuration of the authentication server in the information processing system of FIG.
  • the authentication server 3 includes a CPU 31, a ROM 32, a RAM 33, a bus 34, an input / output interface 35, an output unit 36, an input unit 37, a storage unit 38, a communication unit 39, and a drive 40. Yes. Since the configuration of the authentication server 3 is the same as the configuration excluding the touch panel of the user terminal 2 in FIG. 2, the description thereof is omitted here. Further, since the store terminal 1 and the settlement server 4 in FIG. 1 are the same as the configuration of the authentication server 3, the description thereof is omitted here.
  • the payment support process refers to various processes such as user authentication for supporting the payment process when the store provides products to the user.
  • 4 is a functional block diagram illustrating an example of a functional configuration for executing the settlement support process among the functional configurations of the user terminal of FIG. 2 and the authentication server of FIG.
  • the terminal information generation unit 106, the user terminal information transmission control unit 107, the server authentication unit 108, the authentication seed update unit 109, the settlement result acquisition unit 110, and the presentation unit 111 function.
  • the upper request unit 101 executes an upper request to the settlement server 4.
  • the upper request means requesting the settlement server 4 to receive the settlement result.
  • the service code acquisition unit 102 acquires an authentication service code generated at the store terminal 1.
  • the method for acquiring the authentication service code is not particularly limited.
  • a QR code (registered trademark) indicating an authentication service code is displayed on a display unit (not shown) of the store terminal 1, and a display unit (not shown) of the user terminal 2 includes the QR code (registered trademark).
  • a method of acquiring the authentication service code from the store terminal 1 using near field communication such as NFC (Near Field Communication) (registered trademark) may be adopted.
  • the user terminal 2 transmits this authentication service code to the settlement server 4 via the authentication server 3 as information for specifying a store for settlement. Thereby, since transmission / reception of the user's personal information at the time of payment becomes unnecessary between the user terminal 2 and the store terminal 1, the possibility that personal information at the time of payment leaks from the store terminal 1 is reduced.
  • the PW input unit 103 accepts input of a password from the user via the touch panel.
  • the C-OTID generation unit 104 updates the one-time ID, for example, at the time of execution of the previous settlement as an authenticator indicating to the authentication server 3 that the user terminal 2 is legitimate as a device to which this service is applied. Generated based on the authentication seed and the common encryption key. As will be described later, since the authentication server 3 also generates a one-time ID, the one-time ID generated by the C-OTID generation unit 104 is hereinafter referred to as “C-OTID” to be distinguished from this. .
  • the PW encryption unit 105 generates an encrypted password by encrypting the password received by the PW input unit 103 by a predetermined method.
  • the user terminal information generation unit 106 receives the encrypted password generated by the PW encryption unit 105, the authentication service code acquired by the service code acquisition unit 102, and the C-OTID generated by the C-OTID generation unit 104.
  • the information to be included is generated as user terminal information.
  • the user terminal information transmission control unit 107 executes control for transmitting the user terminal information generated by the user terminal information generation unit 106 to the authentication server 3 via the communication unit 20.
  • user terminal information (particularly C-OTID and encrypted password) transmitted from the user terminal 2 to the authentication server 3 is used in the authentication server 3 for various processes such as user authentication.
  • an S-OTID described later is generated and transmitted to the user terminal 2. Therefore, the server authentication unit 108 acquires the S-OTID and the updated authentication seed information via the communication unit 20, and authenticates the authentication server 3 based on the acquired S-OTID.
  • the authentication seed update unit 109 updates the authentication seed based on the result authenticated by the server authentication unit 108.
  • the settlement result acquisition unit 110 receives the upper request from the upper request unit 101 described above, and acquires the result of the settlement process transmitted from the settlement server 4 via the communication unit 20.
  • the presentation unit 111 presents the result of the payment process acquired by the payment result acquisition unit 110 to the user by causing the display unit 17 to display the result.
  • a functional configuration provided in the authentication server 3 will be described.
  • a user terminal information acquisition unit 201 a decryption unit 202, a user authentication unit 203, a user parameter conversion unit 204, an authentication server information transmission control unit 205, and an S-OTID generation update unit 206 are provided.
  • a UPDB (user parameter database) 301 is provided in one area of the storage unit 38 of the authentication server 3.
  • the user terminal information acquisition unit 201 acquires user terminal information transmitted from the user terminal 2 via the communication unit 39.
  • the decryption unit 202 decrypts the password described above from the encrypted password included in the user terminal information acquired by the user terminal information acquisition unit 201.
  • the user authentication unit 203 can apply the service to the user terminal 2. Is authenticated (hereinafter, referred to as “user authentication” as appropriate).
  • the user parameter conversion unit 204 generates a parameter indicating the result of user authentication by the user authentication unit 203 as a user parameter and stores it in the UPDB 301.
  • the form of the user parameter is not particularly limited as long as it indicates the result of user authentication. Specific examples of user parameters employed in the present embodiment will be described later with reference to FIGS.
  • the authentication server information transmission control unit 205 uses information including the authentication service code and the user parameters generated by the user parameter conversion unit 204 among the user terminal information acquired by the user terminal information acquisition unit 201 as authentication server information. Then, control for transmitting to the settlement server 4 via the communication unit 39 is executed.
  • the settlement server 4 When the settlement server 4 receives the authentication server information, the settlement server 4 recognizes the user authentication result based on the user parameter in the authentication server information.
  • the settlement server 4 executes a predetermined settlement process when the user authentication is successful, executes a predetermined error process when the user authentication is unsuccessful, and a settlement result indicating the execution contents Is transmitted to each of the store terminal 1 and the user terminal 2.
  • the payment process refers to a series of processes related to the execution of this service, that is, a series of processes until a user who purchases a product or the like at a store makes a payment to pay for the product or the like.
  • the S-OTID generation / update unit 206 of the authentication server 3 generates a one-time ID as an authenticator indicating that the authentication server 3 is authentic based on the authentication seed and the common encryption key updated at the previous settlement. . Then, the S-OTID generation / updating unit 206 executes control for transmitting the generated S-OTID to the user terminal 2 via the communication unit 39. As described above, since the user terminal 2 also generates a one-time ID, the one-time ID generated by the S-OTID generation / updating unit 206 is hereinafter referred to as “S-OTID” to be distinguished from this. .
  • the S-OTID is an authenticator indicating that the authentication server 3 is authentic. That is, in this embodiment, mutual authentication in which the user terminal 2 authenticates the authentication server 3 as well as the authentication server 3 is adopted. Therefore, the S-OTID is generated by the S-OTID generation / update unit 206 and transmitted to the user terminal 2.
  • C-OTID and S-OTID are generated using authentication seeds created (updated) in advance. Therefore, an authentication mechanism using an authentication seed will be briefly described.
  • a common authentication seed and common encryption key are used for one or more services.
  • the C-OTID generation unit 104 of the user terminal 2 copies an authentication seed and a common encryption key common to one or more services to the operation stack on the RAM 13, and uses the copied authentication seed as the copied authentication seed. Based on this, a C-OTID is generated and transmitted to the authentication server 3. In addition, the C-OTID generation unit 104 updates the authentication seed at the same time.
  • the user authentication unit 203 of the authentication server 3 authenticates the validity of the user terminal 2 based on the C-OTID transmitted from the user terminal 2.
  • the S-OTID generation / update unit 206 of the authentication server 3 generates an S-OTID based on the previously updated authentication seed and the common encryption key, and transmits the S-OTID to the user terminal 2.
  • the S-OTID generation / update unit 206 simultaneously updates the authentication seed.
  • the server authentication unit 108 of the user terminal 2 determines the validity of the authentication server 3 based on the S-OTID transmitted from the authentication server 3.
  • FIG. 5 is a diagram showing an outline of the flow of the settlement support process executed by the user terminal and the authentication server in FIG.
  • FIG. 6 is an arrow chart showing the flow of a payment support process executed by the user terminal and the authentication server shown in FIG.
  • step Sa0-1 store terminal 1 generates an authentication service code.
  • step Sa0-2 the service code acquisition unit 102 of the user terminal 2 acquires the authentication service code generated in the store terminal 1.
  • step Sa1 the upper request unit 101 executes an upper request to the settlement server 4. That is, the upper request unit 101 requests the payment server 4 to receive a payment result.
  • step Sa2 the PW input unit 103 receives a password input from the user via the touch operation input unit 16. Then, the PW encryption unit 105 generates an encrypted password by encrypting the password.
  • step Sa3 the C-OTID generating unit 104 generates a C-OTID based on the previously updated authentication seed and common encryption key.
  • step Sa4 the user terminal information generation unit 106 receives user terminal information including the encrypted password generated in step Sa2, the authentication service code acquired in step Sa0, and the C-OTID generated in step Sa3. Generate.
  • step Sa5 the user terminal information transmission control unit 107 transmits the user terminal information generated in step Sa4 to the authentication server 3.
  • step Sa6 the user authentication unit 203 performs user authentication (client authentication) based on the password and C-OTID included in the user terminal information transmitted from the user terminal 2 in step Sa5.
  • step Sa7 the decryption unit 202 of the authentication server 3 decrypts the encrypted password included in the user terminal information transmitted from the user terminal 2 in step Sa5 into the above-described password.
  • step Sa8 the S-OTID generation / update unit 206 generates an S-OTID based on the authentication seed and the common encryption key updated in step Sa3 of the previous settlement support process, and updates the authentication seed.
  • step Sa9-1 the authentication server information transmission control unit 205 transmits the authentication server side information including the S-OTID generated in step Sa8 and the updated authentication seed information to the user terminal 2.
  • step Sa9-2 the server authentication unit 108 of the user terminal 2 acquires the authentication server side information transmitted in step Sa9-1, that is, S-OTID and the like.
  • the server authentication unit 108 authenticates the authentication server 3 based on the acquired S-OTID.
  • step Sa9-3 the authentication seed update unit 109 updates the authentication seed based on the result authenticated by the server authentication unit 108.
  • step Sa10 the user parameter conversion unit 204 generates a user parameter indicating the authentication result of the user performed in step Sa7.
  • step Sa11 the authentication server information transmission control unit 205 obtains authentication server information including the authentication service code included in the user terminal information transmitted from the user terminal 2 in step Sa5 and the user parameter generated in step Sa10. It transmits to the settlement server 4.
  • step Sa12 the settlement server 4 executes settlement processing or error processing based on the authentication server information transmitted from the authentication server 3 in step Sa11, that is, the authentication service code and the user parameter.
  • step Sa13-1 the settlement server 4 transmits the result of the settlement process or error process executed in step Sa12 (hereinafter referred to as “settlement result”) to the store terminal 1.
  • step Sa13-2 the store terminal 1 acquires the settlement result transmitted from the settlement server 4 in step Sa13-1, and the store terminal 1 displays the acquired settlement result.
  • step Sa14 the settlement server 4 transmits the settlement result executed in step Sa12 to the user terminal 2.
  • step Sa15 the payment result acquisition unit 110 of the user terminal 2 acquires the payment result transmitted from the payment server 4 in step Sa14. Then, the presentation unit 111 displays the settlement result on the display unit 17.
  • the user terminal 2 does not need to perform any communication other than acquisition of the authentication service code with the store terminal 1. There is no possibility that the personal information of the user is transmitted to the store terminal 1. Therefore, personal information of the user is not stored in the store terminal 1, so that it is never abused by store employees or leaked from the store terminal 1 as in the past. In this way, it is possible to reduce the risk of personal information leakage and the like in the settlement process using an electronic method. Further details of the settlement support process capable of producing such an effect will be described below with reference to FIGS.
  • FIG. 7 is a flowchart for explaining a detailed flow of a series of processes mainly executed in the user terminal 2 of FIG. 2 in the settlement support process of FIG.
  • step Sa0-1 the store terminal 1 generates or receives an authentication service code.
  • the subsequent processing of the store terminal 1 will be described later with reference to FIG. 10 as processing P4-1.
  • step Sa0-2 the service code acquisition unit 102 of the user terminal 2 acquires the authentication service code generated by the store terminal 1 in step Sa0-1.
  • the method for acquiring the authentication service code is not particularly limited.
  • step Sa1 the upper request unit 101 executes an upper request to the payment server 4, that is, a request for receiving a payment result.
  • the reception process of the settlement server 4 for this higher order request is executed as process P4-4-1, and the process of step Sa14 in FIG. 10 is executed as the response process.
  • the process of step Sa14 will be described later with reference to FIG.
  • step Sa ⁇ b> 2 the PW input unit 103 receives a password input from the user via the touch operation input unit 16. Then, the PW encryption unit 105 encrypts the password received in step Sa2 to generate an encrypted password.
  • step Sa3 the C-OTID generating unit 104 generates a C-OTID.
  • step Sa4 the user terminal information generation unit 106 generates an authentication server transmission packet. That is, the user terminal information generation unit 106 includes the encrypted password generated in step Sa2, the authentication service code acquired by the service code acquisition unit 102 in step Sa0-2, and the C-OTID generated in step Sa3. The user terminal information including is generated.
  • This user terminal information is composed of a plurality of packets in this embodiment. This packet corresponds to the above-described authentication server transmission packet.
  • step Sa5 the user terminal information transmission control unit 107 transmits the authentication server transmission packet generated in step Sa4 to the authentication server 3.
  • processing P4-2 is executed. The process P4-2 will be described later with reference to FIG.
  • FIG. 8 is a flowchart for explaining a detailed flow of a series of processing mainly executed by the authentication server 3 of FIG. 3 in the settlement support processing of FIG.
  • step Sa6 the user authentication unit 203 of the authentication server 3 performs the client authentication (user authentication) based on the C-OTID transmitted from the user terminal 2, that is, the normal operation to which the user terminal 2 is the application target of this service. Authenticate that it is a terminal.
  • step Sa7 the decryption unit 202 of the authentication server 3 decrypts the encrypted password included in the user terminal information transmitted from the user terminal 2 into the above-described password.
  • step SP3-1 the user authentication unit 203 determines whether or not the C-OTID used in the client authentication in step Sa6 is generated by a legitimate terminal. If the C-OTID is not generated by a legitimate terminal, NO is determined in step SP3-1, and the process proceeds to step Sa10-3. The processing after step Sa10-3 will be described later. On the other hand, if the C-OTID is generated by a legitimate terminal, it is determined as YES in Step SP3-1, and the process proceeds to Step Sa8.
  • step Sa8 the S-OTID generation / update unit 206 generates an S-OTID based on the previously updated authentication seed and the common encryption key, and updates the authentication seed.
  • step Sa ⁇ b> 9 the authentication server information transmission control unit 205 transmits an authentication packet to the user terminal 2. That is, the authentication server information transmission control unit 205 transmits the authentication server side information including the S-OTID generated in step Sa8 and the updated authentication seed information to the user terminal 2.
  • This authentication server side information is composed of a plurality of packets in this embodiment. This packet corresponds to the authentication packet described above. Note that when the authentication server information transmission control unit 205 transmits the authentication server information to the user terminal 2, the user terminal 2 executes the process P4-2. The process P4-2 will be described later with reference to FIG.
  • step SP3-2 the user parameter conversion unit 204 determines whether or not the password decrypted in step Sa7 is input from a legitimate terminal.
  • step Sa10-1 the user parameter conversion unit 204 generates the C-OTID used in the client authentication in step Sa6 at the legitimate terminal, and the password decrypted in step Sa7 is the legitimate terminal.
  • An arbitrary user parameter is generated from the C-OTID to indicate a case where it has been input.
  • step Sa10-2 the user parameter conversion unit 204 generates the C-OTID used in the client authentication in step Sa6 at the legitimate terminal, and the password decrypted in step Sa7 is the legitimate terminal. “-2” is generated as a user parameter to indicate a case where it has not been input.
  • step Sa10-3 the user parameter conversion unit 204 generates “ ⁇ 1” as the user parameter when the C-OTID used in the client authentication in step Sa6 is not generated by a legitimate terminal.
  • step S10 in FIGS. 5 and 6 the process proceeds to step Sa11. .
  • step Sa11 the authentication server information transmission control unit 205 selects one of the authentication service code included in the user terminal information transmitted from the user terminal 2 in step Sa5 (FIG. 7) and steps Sa10-1 to 10-3. Authentication server information including the user parameters generated in this step is transmitted to the settlement server 4 as a packet.
  • FIG. 9 is a flow chart for explaining a detailed flow of processes after process P3-4, which is a series of processes mainly executed in the settlement server 4 of FIG. 1 in the settlement support process of FIG.
  • the process shown in FIG. 9 corresponds to the process of step Sa12 in FIGS.
  • step SP4-0 the settlement server 4 receives the authentication server information packet transmitted from the authentication server 3 in step Sa11 as a settlement packet.
  • step SP4-1 the settlement server 4 determines the user parameter included in the authentication server information.
  • step SP4-1 When the settlement server 4 extracts the user parameter “ ⁇ 1” in step SP4-1, the processing proceeds to step SP4-2.
  • step SP4-2 the settlement server 4 generates a settlement result “settlement result NG” indicating that the settlement process has not been completed normally and a reason code “ ⁇ 1” indicating the reason.
  • step SP4-1 When the settlement server 4 extracts the user parameter “ ⁇ 2” in step SP4-1, the settlement server 4 advances the processing to step SP4-3.
  • step SP4-3 the settlement server 4 generates a settlement result “settlement result NG” indicating that the settlement process has not been completed normally and a reason code “ ⁇ 2” indicating the reason.
  • step SP4-1 If the settlement server 4 extracts other user parameters in step SP4-1, that is, if a user parameter indicating that the user authentication is successful is extracted, the process proceeds to step SP4-4.
  • step SP4-4 the settlement server 4 executes a settlement process based on the user parameters.
  • step SP4-5 the settlement server 4 determines whether or not the settlement process executed in step SP4-4 is OK.
  • step SP4-6 the settlement server 4 generates a settlement result “settlement result NG” indicating that the settlement process has not been completed normally and a reason code “ ⁇ 3” indicating the reason.
  • step SP4-7 the settlement server 4 generates a settlement result “settlement result OK” indicating that the settlement process has been normally completed.
  • FIG. 10 is a series of processes executed mainly by the store terminal 1, the payment server 4 of FIG. 1, and the user terminal 2 of FIG. 2 among the payment support processes of FIG. -2 is a flowchart for explaining the detailed flow of processes after process P4-1.
  • step SP4-8 the settlement server 4 generates a settlement result packet for the shop terminal. That is, the settlement server 4 uses the authentication service code transmitted from the authentication server 3 in step Sa11 and the settlement result generated in any of the above steps SP4-2, SP4-3, SP4-6, SP4-7. (And a reason code in the case of NG) generate settlement server information for store terminals in a packet. This packet is a settlement result packet for store terminals.
  • step Sa13 the payment server 4 transmits the payment server side information for the store terminal generated in step SP4-8 to the store terminal 1.
  • the shop terminal 1 acquires the payment server information for the shop terminal transmitted from the payment server 4 in step Sa13 and displays it.
  • step SP4-9 the payment server 4 generates a payment result packet for the user terminal. That is, as in step SP4-8, the settlement server 4 sends the authentication service code transmitted from the authentication server 3 in step Sa11 and the above-described steps SP4-2, SP4-3, SP4-6, and SP4-7.
  • the payment server information for the user terminal including the payment result (and reason code in the case of NG) generated by any of the packets is generated in a packet. This packet is a payment result packet for the user terminal.
  • step Sa14 on the condition that the upper request has been transmitted from the user terminal 2 (Process P4-4-1), the settlement server 4 uses the user server 2 for the payment server information for the user terminal generated in step SP4-8. Send to.
  • step Sa15 the payment result acquisition unit 110 of the user terminal 2 acquires the user terminal payment server information (payment result) transmitted from the payment server 4 in step Sa14.
  • the presentation unit 111 displays it.
  • Step Sa9-2 the server authentication unit 108 of the user terminal 2 receives the S-OTID authentication packet transmitted from the authentication server 3. That is, the server authentication unit 108 acquires the S-OTID transmitted from the authentication server 3 in step Sa9-1 and the updated authentication seed for each packet.
  • step SP3-3 the server authentication unit 108 determines whether or not the S-OTID acquired in step Sa9-1 is OK. When the acquired S-OTID is NG, it is determined as NO in Step SP3-3, and the process on the user terminal 2 side ends. On the other hand, if the acquired S-OTID is OK, YES is determined in step SP3-3, and the process proceeds to step Sa9-3. In step Sa9-3, the authentication seed update unit 109 updates the authentication seed.
  • a series of settlement support processing is realized by adopting an information processing system including the store terminal 1, the user terminal 2, the authentication server 3, and the settlement server 4.
  • an information processing system including the store terminal 1, the user terminal 2, the authentication server 3, and the settlement server 4. For example, the provision of products and the like is performed not only at an actual store but also at an EC site such as an online shop. Accordingly, as another embodiment of the information processing system to which the present invention is applied, that is, as a second embodiment, an information processing system including an EC site, a user terminal 2, an authentication server 3, and a settlement server 4 may be adopted. Good.
  • a server that manages such an EC site is hereinafter referred to as a “service server”.
  • the service server is managed by a merchant operating the EC site and issues an authentication service code.
  • the hardware configurations of the user terminal 2 and the authentication server 3 in the second embodiment are the same as those in the first embodiment shown in FIGS. 2 and 3 respectively.
  • the hardware configuration of the service server 5 newly employed in the second embodiment is the same as the hardware configuration of the authentication server 3 described above.
  • FIG. 11 is an example of a configuration of an information processing system according to the second embodiment of the present invention, and is a diagram illustrating the second embodiment of the present invention.
  • the information processing system shown in FIG. 11 includes a user terminal 2, an authentication server 3, a settlement server 4, and a service server 5.
  • the user terminal 2, the authentication server 3, the settlement server 4, and the service server 5 are connected to each other via a predetermined network N such as the Internet.
  • the number of user terminals 2, authentication server 3, settlement server 4, and service server 5 may be any number greater than or equal to one.
  • FIGS. 12 to 18 are a functional block diagram, a schematic diagram, an arrow chart, and a flowchart according to the second embodiment of the present invention. Since these are basically the same except that the service server 5 is employed instead of the store terminal 1, the description other than this point is omitted here.
  • the user terminal 2 is connected to the upper application software (hereinafter referred to as “upper host software”) for communicating with the service server 5 in order to provide products and the like. Called “app”). Further, the user terminal 2 has an authentication module for communicating with the authentication server 3 without communicating with the service server 5 as communication for executing user authentication or the like.
  • upper host software hereinafter referred to as “upper host software”
  • step Sb 0-1 the service code acquisition unit 102 of the upper application of the user terminal 2 makes an access (service access) for requesting a settlement service for providing products etc. to the service server 5.
  • step Sb0-2 the service server 5 generates an authentication service code.
  • step Sb0-3 the service server 5 transmits an authentication service code to the user terminal 2.
  • the service code acquisition unit 102 of the upper application of the user terminal 2 receives the authentication service code.
  • the upper request unit 101 of the upper application does not execute the upper request to the settlement server 4 as in the first embodiment, Then, the reception of the settlement result is requested (step Sb1).
  • step Sb ⁇ b> 2 the PW input unit 103 of the upper application receives a password input from the user via the touch operation input unit 16.
  • step Sb3-0 the upper application transmits the authentication service code and the password to the authentication module.
  • step Sb3-2 the PW encryption unit 105 of the authentication module generates an encrypted password by encrypting the password.
  • step Sb3-1 the C-OTID generating unit 104 of the authentication module generates a C-OTID based on the previously updated authentication seed and common encryption key.
  • step Sb4 the user terminal information generation unit 106 of the authentication module performs the encrypted password generated in step Sb3-2, the authentication service code acquired in step Sb0-3, and the C generated in step Sb3-1.
  • User terminal information including the OTID authentication server transmission packet generated in step Sb3-3 in FIG. 15 is transmitted to the authentication server 3.
  • step Sb9-1 the authentication server 3 transmits S-OTID (an authentication packet in FIG. 16) to the user terminal 2.
  • S-OTID an authentication packet in FIG. 16
  • step Sb13-1 the server authentication unit 108 of the authentication module of the user terminal 2 authenticates the authentication server 3 based on the S-OTID.
  • step Sb13-2 the authentication seed update unit 109 of the authentication module updates the authentication seed based on the result authenticated by the server authentication unit 108.
  • the settlement server 4 transmits the settlement result to the service server 5 in step Sb17.
  • the settlement server 4 does not transmit the settlement result to the user terminal 2. That is, in the second embodiment, the service server 5 receives the above-described result request from the user terminal 2 and transmits the settlement result acquired from the settlement server 4 to the user terminal 2 in step Sb18.
  • the payment result acquisition unit 110 of the upper application of the user terminal 2 acquires the payment result transmitted from the service server 5 in step Sb18. Then, the presentation unit 111 of the upper application displays the settlement result on the display unit 17.
  • the user terminal 2 acquires an authentication service code and a payment result with the service server 5. Since there is no need to perform any other communication, there is no possibility that the personal information of the user is transmitted to the service server 5. For this reason, since the personal information of the user is not stored in the service server 5, it is never abused by a person who manages the EC site or the personal information is not leaked from the EC site 5 as in the past. As described above, in the second embodiment, as in the first embodiment, it is possible to reduce the risk of personal information leakage or the like in the settlement process using an electronic method.
  • the present invention includes a so-called shoplifting prevention system that prevents the unpaid product from being taken out when the user purchases the product after performing the above-described settlement support process at a store that provides the product. It can be applied to an information processing system.
  • FIG. 19 is a diagram showing an example of the configuration of an information processing system according to the third embodiment of the present invention.
  • the information processing system shown in FIG. 19 includes a store terminal 1, a user terminal 2, an authentication server 3, a settlement server 4, and a gate device 6.
  • the store terminal 1, the user terminal 2, the authentication server 3, the payment server 4, and the gate device 6 are connected to each other via a predetermined network N.
  • any number of 1 or more may be sufficient.
  • the gate device 6 is, for example, an information processing device integrated with a gate for preventing unsettled products installed at a store entrance and the like, and is provided by a provider of this service or products, etc. It is managed by a person.
  • each of the products A to C can directly communicate with the user terminal 2 by an arbitrary communication method such as NFC (Near Field Communication) or Bluetooth (registered trademark). It is assumed that tags are attached respectively.
  • NFC Near Field Communication
  • Bluetooth registered trademark
  • the authenticator indicating to the authentication server 3 that the user terminal 2 is legitimate as a device to which this service is applied.
  • a one-time ID that is, C-OTID.
  • the user terminal 2 generates an encrypted password by encrypting the password received by the user input by a predetermined method.
  • the user terminal 2 transmits information including the encrypted password and C-OTID and the authentication service code obtained from the store terminal 1 to the authentication server 3 as user terminal information.
  • the authentication server 3 When the authentication server 3 acquires the user terminal information transmitted from the user terminal 2, the authentication server 3 decrypts the above password from the encrypted password included in the user terminal information. Based on the decrypted password and the C-OTID included in the user terminal information, the authentication server 3 performs authentication that the user terminal 2 is a regular terminal to which this service is applied, that is, user authentication.
  • the authentication server 3 transmits information including a user parameter indicating the result of user authentication and an authentication service code included in the user terminal information to the settlement server 4 as authentication server information.
  • the authentication server 3 generates an ID (hereinafter referred to as “G-ID”) for allowing the user who has performed user authentication to pass through the gate, and the gate device 6, the user terminal 2, To each of the.
  • G-ID an ID
  • the G-ID transmission timing may be any timing as long as it is before the user passes through the gate.
  • the authentication server 3 generates an S-OTID and transmits it to the user terminal 2.
  • the G-ID may also be transmitted to the user terminal 2 at the transmission timing of this S-OTID. Needless to say, it is not necessary to match the S-OTID and the G-ID.
  • the user terminal 2 uses the G-ID transmitted from the authentication server 3 and information (hereinafter referred to as “product identification information”) that can identify each product transmitted from the tags of the products A to C.
  • Generate linked information (hereinafter referred to as “linked information”).
  • three pieces of association information may be generated individually for each of the products A to C, or one piece of information may be generated for a group of products A to C (a unit of settlement).
  • one piece of linking information is generated for a group of products A to C (a unit of settlement).
  • the gate device 6 holds the G-ID transmitted from the authentication server 3.
  • the settlement server 4 receives the authentication server information transmitted from the authentication server 3, the settlement server 4 recognizes the user authentication result based on the user parameter in the authentication server information.
  • the settlement server 4 executes a predetermined settlement process when the user authentication is successful, and transmits a settlement result indicating the execution content to each of the store terminal 1 and the user terminal 2.
  • the user terminal 2 When the user terminal 2 acquires the result of the payment process transmitted from the payment server 4, the user terminal 2 displays the result of the payment process on the display unit 17 and presents it to the user.
  • the shop terminal 1 When the store terminal 1 acquires the result of the payment process transmitted from the payment server 4, the shop terminal 1 shows information indicating the result of the payment process and the products (products A to C in this example) that are the objects of the payment process. Are transmitted to the gate device 6.
  • the gate device 6 holds this information in association with the above-mentioned G-ID.
  • the gate terminal 6 directly communicates with the user terminal 2 by an arbitrary communication method such as NFC (Near Field Communication) or Bluetooth (registered trademark). Communication is performed to obtain linking information, and the user passes through the gate based on whether or not the G-ID included in the linking information matches the G-ID held by the own device. Decide whether or not to allow it. In other words, as shown in the lower right example in FIG. 19, when the products A to C do not have the link information (that is, “G-ID” is not linked), or the products A to C are linked.
  • NFC Near Field Communication
  • Bluetooth registered trademark
  • the gate device 6 prohibits the user from passing through the gate. Execute the process. Furthermore, the gate device 6 allows the user to pass through the gate not only when the G-ID but also the result of the payment processing transmitted from the payment server 4 via the store terminal 1 is a failure result. Execute the process that prohibits.
  • the process for prohibiting the user from passing through the gate can employ various processes such as sounding a buzzer, shutting off the gate, and notifying the store terminal 1.
  • the settlement support process of the first embodiment can be realized as it is, there is no possibility that the user's personal information is transmitted to the store side (the store terminal 1 or the gate device 6). Further, unlike the conventional shoplifting prevention system, there is no need for the store clerk to attach or remove the tag attached to the product or the like. As described above, by adopting the third embodiment, the provider of this service provides a wider range of settlement services that can easily prevent users from taking unsettled products out of the store, for example. It is possible to achieve the effect of being able to.
  • the G-ID is generated based on user authentication using the C-OTID in the third embodiment.
  • the G-ID is not particularly limited to this, and the information that can identify the user terminal 2 and the user can be identified. It may be generated based on user authentication using information (for example, biometric information). That is, the process of permitting the passage of the gate using the G-ID is premised on the settlement support process, but this settlement support process is not particularly limited to the process of the first embodiment or the second embodiment described above, It is sufficient if user authentication is performed. That is, it is sufficient that the G-ID is generated based on the user authentication performed in the payment support process.
  • first to third embodiments of the present invention have been described above.
  • the present invention is not limited to the above-described first to third embodiments, and modifications within a range that can achieve the object of the present invention. Improvements and the like are included in the present invention.
  • the authentication service code in the above-described embodiment can be used in the following applications. That is, the authentication service code can be used for various services such as service login, access authentication (monitoring / control, etc.), access right (voting / questionnaire, etc.), in addition to the settlement of the above-described embodiment. That is, the authentication service code is information issued by the service. In order to prevent unauthorized authentication from being executed by the authentication service code, authentication information is checked by the authentication server and the user terminal. Specifically, the following information is set in the authentication service code.
  • the target of the service (who, what), the content of the service (what, in principle, service login, payment, etc.), the recipient (to whom) the authentication result is received, the time limit (until, usually the service) Information such as a random number (request code) for each service is set. That is, the authentication service code is read by the user terminal (authentication client) and notified to the authentication server. Then, the authentication server notifies user information to a specified who (who) of the authentication service code, and a specified who (who) notifies a Result (result) to the specified who (who). This Result (result), for example, notifies the user ID, password, payment code, payment amount, time stamp, payment service, etc. For example, if the specified who (to whom) is not specified, from the authentication server The Result (result) is notified to the authentication service code issuer.
  • the authentication service code in the above-described embodiment has been described as being notified by a QR code (registered trademark), but is not particularly limited thereto.
  • communication means such as NFC (Near Field Radio Communication) (registered trademark), Bluetooth (registered trademark), and optical communication can be used.
  • various authenticators for example, C-OTID and S-OTID
  • This one-time ID is a genuine random number or a pseudo-random number, and the authentication server 3 and the user terminal 2 update their seeds based on this. For this reason, the communication performed between the user terminal 2 and the authentication server 3 employs a communication using a common encryption key in the above-described embodiment in order to prevent analogy of a one-time ID due to eavesdropping.
  • the present invention is not particularly limited to the above-described embodiment, and communication performed between the user terminal 2 and the authentication server 3 can be performed in so-called plain text.
  • the authentication with the one-time ID itself is not particularly limited, and other authentication techniques such as a fixed password can be used.
  • the password input by the user is encrypted, and the encrypted password obtained as a result is included in the user terminal information and transmitted from the user terminal 2 to the authentication server 3. Then, in the authentication server 3, the above password is decrypted from the encrypted password included in the user terminal information, and the user authentication is performed based on the decrypted password and the C-OTID included in the user terminal information.
  • the encryption of the password is not particularly essential, and the encryption may be omitted. However, it goes without saying that encryption increases security.
  • a password is not particularly required as information included in the user terminal information, and an identifier for identifying the user is sufficient.
  • the series of processes described above can be executed by hardware or can be executed by software.
  • the functional configurations of FIGS. 4 and 12 are merely examples, and are not particularly limited. That is, it is sufficient that the information processing system has a function capable of executing the above-described series of processing as a whole, and what functional blocks are used to realize this function are particularly shown in the examples of FIGS. It is not limited. Further, the location of the functional block is not particularly limited to that shown in FIGS. 4 and 12, and may be arbitrary. In addition, one functional block may be constituted by hardware alone, software alone, or a combination thereof.
  • a program constituting the software is installed in a computer or the like from a network or a recording medium.
  • the computer may be a computer incorporated in dedicated hardware. Further, the computer may be a computer that can execute various functions by installing various programs, for example, a server, a smartphone, a personal computer, or various devices.
  • the recording medium including such a program is not only constituted by a removable medium (not shown) distributed separately from the apparatus main body in order to provide the program to the user, but is also incorporated in the apparatus main body in advance. And a recording medium provided to the user.
  • the step of describing the program recorded on the recording medium is not limited to the processing performed in time series along the order, but is not necessarily performed in time series, either in parallel or individually.
  • the process to be executed is also included.
  • the term “system” means an overall apparatus configured by a plurality of devices, a plurality of means, and the like.
  • an information processing system to which the present invention is applied can take various embodiments having the following configurations. That is, an information processing system to which the present invention is applied is A request source device (for example, the store terminal 1 in FIG. 1 or the service server 5 in FIG. 11) managed by a service request source that requests settlement as an authentication service; A user terminal managed by a user who executes the authentication service (for example, the user terminal 2 in FIG. 1 or FIG. 11); An authentication server for authenticating the user (for example, the authentication server 3 in FIG. 1 or FIG. 11); A payment server (for example, the payment server 4 in FIG. 1 or FIG.
  • Service code acquisition means for example, the service code acquisition unit 102 in FIG. 4 or FIG. 12
  • First authenticator generation means for example, C-OTID generator 104 in FIG. 4 or FIG. 12
  • First transmission information generating means for generating first transmission information including an identifier for identifying the user, the authentication service code, and the first one-time authenticator (for example, user terminal information generation in FIG. 4 or FIG.
  • First transmission control means for example, user terminal information transmission control unit 107 in FIG. 4 or FIG. 12 for performing control to transmit the first transmission information to the authentication server;
  • the authentication server is First reception control means (user terminal information acquisition unit 201 in FIG. 4 or FIG. 12) for performing control to receive the first transmission information from the user terminal;
  • User authentication means for generating a user parameter indicating the user authentication result based on the identifier included in the first transmission information and the first one-time authenticator included in the first transmission information (for example, FIG. 4 or the user authentication unit 203) of FIG.
  • Second transmission control means for performing control to transmit the second transmission information including the authentication service code included in the first transmission information and the user parameter to the settlement server (the authentication server information in FIG. 4 or FIG. 12).
  • Transmission control unit 205 It is enough to have
  • the store to be settled can be specified by the authentication service code described above, and the individual at the time of settlement between the user terminal and the request source device (for example, the store terminal 1 in FIG. 1 or the service server 5 in FIG. 11). Transmission / reception of information becomes unnecessary. Therefore, it is possible to reduce risks such as leakage of personal information in the settlement process by an electronic method.
  • the first transmission information generating means includes As the identifier for identifying the user, an encrypted password is generated by encrypting the input password, and includes the encrypted password, the authentication service code, and the first one-time authenticator. Generating first transmission information; The user authentication means, based on the password obtained by decrypting the encrypted password included in the first transmission information, and the first one-time authenticator included in the first transmission information, the user authentication result The user parameter indicating can be generated. Thereby, since eavesdropping at the time of communication of the identifier for identifying the user can be suppressed, security is further improved.
  • the authentication server includes: Based on the previously updated authentication seed, a second one-time authenticator (S-OTID) indicating that the authentication server is authentic is generated, and second authenticator generation means (for example, FIG. 4 or the generation function of the S-OTID generation / update unit 206 in FIG. Third transmission control means (for example, the transmission control function of the S-OTID generation / updating unit 206 in FIG. 4 or FIG.
  • S-OTID second one-time authenticator
  • the first authenticator generating means of the user terminal generates the first one-time authenticator (C-OTID) based on the previously updated authentication seed
  • the user terminal authenticates the authentication server based on the second one-time authenticator and also updates server authentication means for updating the authentication seed (for example, the server authentication unit 108 in FIG. 4 or FIG. 12); It is enough to have more.
  • the payment server recognizes the authentication result of the user based on the user parameter, executes the payment process when the user authentication is successful, and the user authentication has failed. In this case, a predetermined error process is executed, and at least the settlement result indicating the execution content is notified to the request source device.
  • the user terminal is Acquisition means for acquiring the payment result from the payment server or the request source device (for example, the payment result acquisition unit 110 in FIG. 4 or FIG. 12); Presenting means for presenting the acquired settlement result to the user (for example, the presentation unit 111 in FIG. 4 or 12); It is enough to have more.
  • the result of the payment process (payment process result) executed by the payment server is transmitted to the user terminal and the request source apparatus.
  • the user terminal can present the settlement processing result to the user. Thereby, the user can grasp

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The purpose of the present invention is to provide a technology which enables, in a payment process performed by a digital method, reduction of such risks as breach of personal information. A service code acquisition unit 102 of a user terminal 2 acquires an authentication service code generated in a storefront terminal 1. A C-OTID generation unit 104 generates a C-OTID indicating that the user terminal 2 is a legitimate terminal whereto a given service is applicable. A user terminal information generation unit 106 generates user terminal information. A user authentication unit 203 of an authentication server 3 acquires the user terminal information transmitted from the user terminal 2 and carries out authentication of a user. On the basis of the result of the authentication of the user, a user parameter conversion unit 204 generates a user parameter indicating the result of the authentication of the user. An authentication server information transmission control unit 205 transmits to a payment server the authentication service code and user parameter as authentication server information to be executed by the storefront terminal, payment server, user terminal, and authentication server.

Description

情報処理システムInformation processing system
 本発明は、情報処理システムに関する。 The present invention relates to an information processing system.
 従来より、例えば、クレジットカード等を利用した電子的な決算方法が広く一般に利用されている。
 このような電子的な決算方法は、ユーザにとって非常に便利である反面、個人情報の漏えいや不正決算等のリスクが内在する。そのため、電子的な決算方法において、このようなリスクを排除し、セキュリティをどのように確保するのかということは、大きな課題である。
 この点、例えば、クレジットカードの不正利用を防止するための技術が提案されている(例えば、特許文献1参照)。 Conventionally, for example, an electronic settlement method using a credit card or the like has been widely used.
Such an electronic settlement method is very convenient for the user, but risks such as leakage of personal information and unauthorized settlement are inherent. Therefore, how to secure such security by eliminating such risks in the electronic settlement method is a big issue.
In this regard, for example, a technique for preventing unauthorized use of a credit card has been proposed (see, for example, Patent Document 1).
特開2015-152952号公報Japanese Patent Laying-Open No. 2015-152952
 しかしながら、上述の特許文献1の技術を含む従来技術によれば、例えば、決算を行う店舗の端末に、ユーザの個人情報が送信される処理を避けることができなかった。
 つまり、ユーザの個人情報は、必ず一度、当該店舗端末に送信されるため、当該店舗端末には、ユーザの個人情報が必然的に保存されることになる。
 そのため、当該店舗の端末に保存されているユーザの個人情報が、当該店舗の従業員等に悪用されたり、当該店舗端末から当該個人情報が流出する、といったおそれがあった。 However, according to the prior art including the technique of Patent Document 1 described above, for example, it is not possible to avoid the process of transmitting the user's personal information to the terminal of a store that performs settlement.
That is, since the user's personal information is always transmitted to the store terminal once, the user's personal information is inevitably stored in the store terminal.
Therefore, the personal information of the user stored in the terminal of the store may be abused by employees of the store, or the personal information may be leaked from the store terminal.
 本発明は、このような状況に鑑みてなされたものであり、電子的な方法による決算処理において、個人情報流出等のリスクを低減することを目的とする。 This invention is made in view of such a situation, and it aims at reducing the risk of personal information leakage etc. in the settlement process by an electronic method.
 上記目的を達成するため、本発明の一態様の情報処理システムは、
 認証サービスとして決済を要求するサービス要求元により管理される要求元装置と、
 前記認証サービスを実行するユーザにより管理されるユーザ端末と、
 前記ユーザを認証する認証サーバと、
 前記ユーザに対する決済処理を実行する決済サーバと、
 を含む情報処理システムにおいて、
 前記ユーザ端末は、
  前記ユーザが前記認証サービスを実行するための汎用的認証コードとして使用する認証サービスコードを、前記要求元装置から取得するサービスコード取得手段と、
  前記ユーザ端末が正規であることを示す第1ワンタイム認証子を生成する第1認証子生成手段と、
  入力されたパスワードを暗号化することで暗号化パスワードを生成し、当該暗号化パスワードと、前記認証サービスコードと、前記第1ワンタイム認証子を含む第1送信情報を生成する第1送信情報生成手段と、
  前記第1送信情報を前記認証サーバに送信する制御を行う第1送信制御手段と、
 を備え、
 前記認証サーバは、
  前記ユーザ端末からの前記第1送信情報を受信する制御を行う第1受信制御手段と、
  前記第1送信情報に含まれる前記暗号化パスワードを復号した前記パスワードと、前記第1送信情報に含まれる前記第1ワンタイム認証子とに基づいて、前記ユーザの認証結果を示すユーザパラメータを生成するユーザ認証手段と、
  前記第1送信情報に含まれる前記認証サービスコードと、前記ユーザパラメータとを含む第2送信情報を、前記決済サーバに送信する制御を行う第2送信制御手段と、
 を備える。 In order to achieve the above object, an information processing system according to one embodiment of the present invention includes:
A request source device managed by a service request source that requests settlement as an authentication service;
A user terminal managed by a user executing the authentication service;
An authentication server for authenticating the user;
A payment server for executing a payment process for the user;
In an information processing system including
The user terminal is
Service code acquisition means for acquiring an authentication service code used as a general authentication code for the user to execute the authentication service from the request source device;
First authenticator generating means for generating a first one-time authenticator indicating that the user terminal is authentic;
First transmission information generation for generating an encrypted password by encrypting the input password, and generating first transmission information including the encrypted password, the authentication service code, and the first one-time authenticator Means,
First transmission control means for performing control to transmit the first transmission information to the authentication server;
With
The authentication server is
First reception control means for performing control to receive the first transmission information from the user terminal;
Based on the password obtained by decrypting the encrypted password included in the first transmission information and the first one-time authenticator included in the first transmission information, a user parameter indicating the authentication result of the user is generated. User authentication means for
Second transmission control means for performing control to transmit the second transmission information including the authentication service code included in the first transmission information and the user parameter to the settlement server;
Is provided.
 本発明の一態様の情報処理装置及びプログラムも、本発明の一態様の情報処理システムに対応する装置及びプログラムとして提供される。 The information processing apparatus and program of one embodiment of the present invention are also provided as an apparatus and program corresponding to the information processing system of one embodiment of the present invention.
 本発明によれば、電子的な方法による決算処理において、個人情報流出等のリスクを低減することができる。 According to the present invention, it is possible to reduce risks such as leakage of personal information in settlement processing by an electronic method.
本発明の第1実施形態に係る情報処理システムの構成を示す図である。It is a figure which shows the structure of the information processing system which concerns on 1st Embodiment of this invention. 図1の情報処理システムのうちユーザ端末のハードウェア構成の一例を示すブロック図である。It is a block diagram which shows an example of the hardware constitutions of a user terminal among the information processing systems of FIG. 図1の情報処理システムのうち認証サーバのハードウェア構成の一例を示すブロック図である。It is a block diagram which shows an example of the hardware constitutions of an authentication server among the information processing systems of FIG. 図2のユーザ端末及び図3の認証サーバの機能的構成のうち、決済支援処理を実行するための機能的構成の一例を示す機能ブロック図である。It is a functional block diagram which shows an example of a functional structure for performing a payment assistance process among the functional structures of the user terminal of FIG. 2, and the authentication server of FIG. 図4のユーザ端末及び認証サーバ等により実行される決済支援処理の流れの概要を示す図である。It is a figure which shows the outline | summary of the flow of the payment assistance process performed by the user terminal, authentication server, etc. of FIG. 図4のユーザ端末及び認証サーバ等により実行される決済支援処理の流れを示すアローチャートである。FIG. 5 is an arrow chart showing a flow of settlement support processing executed by the user terminal and the authentication server in FIG. 4. FIG. 図5及び図6の決済支援処理のうち、主に図2のユーザ端末において実行される一連の処理の詳細な流れを説明するフローチャートである。7 is a flowchart for explaining a detailed flow of a series of processes mainly executed in the user terminal of FIG. 2 among the settlement support processes of FIGS. 5 and 6. 図5及び図6の決済支援処理のうち、主に図3の認証サーバにより実行される一連の処理の詳細な流れを説明するフローチャートである。7 is a flowchart for explaining a detailed flow of a series of processing mainly executed by the authentication server of FIG. 3 in the settlement support processing of FIG. 5 and FIG. 6. 図5及び図6の決済支援処理のうち、主に図1の決済サーバにおいて実行される一連の処理の詳細な流れを説明するフローチャートである。7 is a flowchart for explaining a detailed flow of a series of processes mainly executed in the settlement server of FIG. 1 among the settlement support processes of FIGS. 5 and 6. 図5及び図6の決済支援処理のうち、主に図1の店舗端末、決済サーバ及び図2のユーザ端末により実行される一連の処理であって、処理P4-4、処理P4-2、処理P4-1以降の処理の詳細な流れを説明するフローチャートである。5 and 6 is a series of processes mainly executed by the store terminal, the payment server, and the user terminal of FIG. 2 in the process P4-4, the process P4-2, and the process. It is a flowchart explaining the detailed flow of the process after P4-1. 本発明の第2実施形態に係る情報処理システムの構成の一例であり、本発明の第2実施形態を示す図である。It is an example of the composition of the information processing system concerning a 2nd embodiment of the present invention, and is a figure showing the 2nd embodiment of the present invention. 図11の店舗端末、決済サーバ、ユーザ端末及び認証サーバの機能的構成の一例を示す機能ブロック図であり、図1等の例とは異なる例を示す図である。It is a functional block diagram which shows an example of a functional structure of the shop terminal of FIG. 11, a payment server, a user terminal, and an authentication server, and is a figure which shows an example different from the example of FIG. 図12の店舗端末、決済サーバ、ユーザ端末及び認証サーバにより実行される決済支援処理の流れの概要を示す図である。It is a figure which shows the outline | summary of the flow of the payment assistance process performed by the shop terminal of FIG. 12, a payment server, a user terminal, and an authentication server. 図12の店舗端末、決済サーバ、ユーザ端末及び認証サーバにより実行される決済支援処理の流れを示すアローチャートであり、図6等の例とは異なる例を示す図である。It is an arrow chart which shows the flow of the payment assistance process performed by the shop terminal of FIG. 12, a payment server, a user terminal, and an authentication server, and is a figure which shows an example different from the example of FIG. 図13及び図14の決済支援処理のうち、主に図11のユーザ端末において実行される一連の処理の詳細な流れを説明するフローチャートであり、図7等とは、異なる例を示す図である。FIG. 15 is a flowchart for explaining a detailed flow of a series of processing mainly executed in the user terminal of FIG. 11 among the settlement support processing of FIG. 13 and FIG. 14, and is a diagram showing an example different from FIG. . 図13及び図14の決済支援処理のうち、主に図11の認証サーバにおいて実行される一連の処理の詳細な流れを説明するフローチャートであり、図8等とは、異なる例を示す図である。FIG. 15 is a flowchart for explaining a detailed flow of a series of processes mainly executed in the authentication server of FIG. 11 among the settlement support processes of FIG. 13 and FIG. 14, and is a diagram showing an example different from FIG. . 図13及び図14の決済支援処理のうち、主に図11のユーザ端末において実行される一連の処理の詳細な流れを説明するフローチャートであり、図9等とは、異なる例を示す図である。FIG. 15 is a flowchart for explaining a detailed flow of a series of processing mainly executed in the user terminal of FIG. 11 among the settlement support processing of FIG. 13 and FIG. 14, and is a diagram showing an example different from FIG. . 図12の店舗端末、決済サーバ、及びユーザ端末により実行される決済結果表示処理の流れを説明するフローチャートであり、図10等とは、異なる例を示す図である。It is a flowchart explaining the flow of the payment result display process performed by the shop terminal of FIG. 12, a payment server, and a user terminal, and is a figure which shows an example different from FIG. 本発明の第3実施形態に係る情報処理システムの構成を示す図である。It is a figure which shows the structure of the information processing system which concerns on 3rd Embodiment of this invention.
 [第1実施形態]
 以下、本発明の第1実施形態について、図面を用いて説明する。
 図1は、本発明の第1実施形態に係る情報処理システムの概要を示す図である。 [First embodiment]
Hereinafter, a first embodiment of the present invention will be described with reference to the drawings.
FIG. 1 is a diagram showing an overview of an information processing system according to the first embodiment of the present invention.
 図1に示す情報処理システムは、店舗端末1と、ユーザ端末2と、認証サーバ3と、決済サーバ4とにより構成される。
 店舗端末1と、ユーザ端末2と、認証サーバ3と、決済サーバ4とは、インターネット等の所定のネットワークNを介して相互に接続されている。
 なお、店舗端末1、ユーザ端末2、認証サーバ3、及び決済サーバ4の夫々の台数については、1以上のいかなる数がであってもよい。 The information processing system shown in FIG. 1 includes a store terminal 1, a user terminal 2, an authentication server 3, and a settlement server 4.
The store terminal 1, the user terminal 2, the authentication server 3, and the settlement server 4 are connected to each other via a predetermined network N such as the Internet.
In addition, about the number of each of the shop terminal 1, the user terminal 2, the authentication server 3, and the payment server 4, any number of 1 or more may be sufficient.
 店舗端末1は、ユーザに対して商品又は役務(以下、「商品等」と呼ぶ)を提供する店舗において管理され、認証サービスコードを発生させる。
 店舗は、ユーザからの代金の支払いの決済を条件に、ユーザに対して商品等を提供する業者等である。
 認証サービスコードとは、ユーザが商品等の決済のサービス(以下、「本サービス」と呼ぶ)を実行するための汎用的認証コードをいう。 The store terminal 1 is managed in a store that provides products or services (hereinafter referred to as “product etc.”) to the user, and generates an authentication service code.
The store is a trader or the like that provides a product or the like to the user on condition that the user pays for the payment.
The authentication service code refers to a general-purpose authentication code for a user to execute a payment service for a product or the like (hereinafter referred to as “this service”).
 ユーザ端末2は、ユーザにより操作され、本サービスの適用対象の装置として正規であることを認証サーバ3により認証してもらい、決済サービス3に対して本サービスの実行(決済の実行)を要求する。
 即ち、ユーザは、ユーザ端末2を操作して本サービスを実行(決済の実行)させ、店舗から商品等の提供を受ける。 The user terminal 2 is operated by the user and has the authentication server 3 authenticate that the apparatus is an application target of the service, and requests the payment service 3 to execute the service (execution of payment). .
That is, the user operates the user terminal 2 to execute this service (execution of settlement) and receives provision of goods and the like from the store.
 認証サーバ3は、上述したように、ユーザ端末2が本サービスの適用対象の装置として正規であるか否かの認証を行い、その認証の結果を決済サーバ4に通知する。
 決済サーバ4は、クレジット会社等の各種決済者により管理され、認証サーバ3から送信されてきた認証結果に基づいて、本サービスの実行(決済の実行)をする。 As described above, the authentication server 3 authenticates whether or not the user terminal 2 is legitimate as a device to which this service is applied, and notifies the settlement server 4 of the result of the authentication.
The settlement server 4 is managed by various settlement parties such as a credit company and executes this service (execution of settlement) based on the authentication result transmitted from the authentication server 3.
 図2は、図1の情報処理システムのうちユーザ端末2のハードウェア構成の一例を示すブロック図である。 FIG. 2 is a block diagram showing an example of the hardware configuration of the user terminal 2 in the information processing system of FIG.
 ユーザ端末2は、スマートフォン等で構成される。
 ユーザ端末2は、CPU(Central Processing Unit)11と、ROM(Read Only Memory)12と、RAM(Random Access Memory)13と、バス14と、入出力インターフェース15と、タッチ操作入力部16と、表示部17と、入力部18と、記憶部19と、通信部20と、ドライブ21と、を備えている。 The user terminal 2 is configured with a smartphone or the like.
The user terminal 2 includes a CPU (Central Processing Unit) 11, a ROM (Read Only Memory) 12, a RAM (Random Access Memory) 13, a bus 14, an input / output interface 15, a touch operation input unit 16, a display A unit 17, an input unit 18, a storage unit 19, a communication unit 20, and a drive 21 are provided.
 CPU11は、ROM12に記録されているプログラム、又は、記憶部19からRAM13にロードされたプログラムに従って各種の処理を実行する。
 RAM13には、CPU11が各種の処理を実行する上において必要なデータ等も適宜記憶される。 The CPU 11 executes various processes according to a program recorded in the ROM 12 or a program loaded from the storage unit 19 to the RAM 13.
The RAM 13 appropriately stores data necessary for the CPU 11 to execute various processes.
 CPU11、ROM12及びRAM13は、バス14を介して相互に接続されている。このバス14にはまた、入出力インターフェース15も接続されている。入出力インターフェース15には、タッチ操作入力部16、表示部17、入力部18、記憶部19、通信部20及びドライブ21が接続されている。 The CPU 11, ROM 12 and RAM 13 are connected to each other via a bus 14. An input / output interface 15 is also connected to the bus 14. A touch operation input unit 16, a display unit 17, an input unit 18, a storage unit 19, a communication unit 20, and a drive 21 are connected to the input / output interface 15.
 タッチ操作入力部16は、例えば表示部17の表示面に積層される静電容量式又は抵抗膜式(感圧式)の位置入力センサにより構成され、タッチ操作がなされた位置の座標を検出する。
 ここで、タッチ操作とは、タッチ操作入力部16に対する物体の接触又は近接の操作をいう。タッチ操作入力部16に対して接触又は近接する物体は、例えばユーザの指やタッチペン等である。なお、例えば、本実施形態において、ユーザは、タッチ操作によりパスワードの入力を行う。
 表示部17は、液晶等のディスプレイにより構成され、決済の結果を示す画像等、各種画像を表示する。
 このように、本実施形態では、タッチ操作入力部16と表示部17とにより、タッチパネルが構成されている。 The touch operation input unit 16 includes, for example, a capacitance type or resistive film type (pressure sensitive) position input sensor stacked on the display surface of the display unit 17, and detects the coordinates of the position where the touch operation is performed.
Here, the touch operation refers to an operation of contacting or approaching an object with respect to the touch operation input unit 16. The object that contacts or approaches the touch operation input unit 16 is, for example, a user's finger or a touch pen. For example, in the present embodiment, the user inputs a password by a touch operation.
The display unit 17 is configured by a display such as a liquid crystal display, and displays various images such as an image showing a settlement result.
Thus, in this embodiment, the touch operation input unit 16 and the display unit 17 constitute a touch panel.
 入力部18は、各種ハードウェア等で構成され、ユーザの指示操作に応じて各種情報を入力する。
 記憶部19は、DRAM(Dynamic Random Access Memory)等で構成され、各種データを記憶する。
 通信部20は、インターネットを含むネットワークNを介して他の装置(図1の例では認証サーバ3や決済サーバ4等)との間で行う通信を制御する。 The input unit 18 is configured by various hardware and the like, and inputs various information according to a user's instruction operation.
The memory | storage part 19 is comprised by DRAM (Dynamic Random Access Memory) etc., and memorize | stores various data.
The communication unit 20 controls communication with other devices (such as the authentication server 3 and the settlement server 4 in the example of FIG. 1) via the network N including the Internet.
 ドライブ21は、必要に応じて設けられる。ドライブ21には、磁気ディスク、光ディスク、光磁気ディスク、或いは半導体メモリ等よりなる、リムーバブルメディア22が適宜装着される。ドライブ21によってリムーバブルメディア22から読み出されたプログラムは、必要に応じて記憶部19にインストールされる。また、リムーバブルメディア22は、記憶部19に記憶されている各種データも、記憶部19と同様に記憶することができる。 The drive 21 is provided as necessary. A removable medium 22 made of a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is appropriately attached to the drive 21. The program read from the removable medium 22 by the drive 21 is installed in the storage unit 19 as necessary. The removable medium 22 can also store various data stored in the storage unit 19 in the same manner as the storage unit 19.
 図3は、図1の情報処理システムのうち認証サーバのハードウェア構成の一例を示すブロック図である。 FIG. 3 is a block diagram showing an example of the hardware configuration of the authentication server in the information processing system of FIG.
 認証サーバ3は、CPU31と、ROM32と、RAM33と、バス34と、入出力インターフェース35と、出力部36と、入力部37と、記憶部38と、通信部39と、ドライブ40とを備えている。
 認証サーバ3の構成は、図2のユーザ端末2のタッチパネルを除いた構成と同様であるので、ここではその説明は省略する。
 また、図1店舗端末1及び決済サーバ4についても、認証サーバ3の構成と同様であるので、ここではその説明を省略する。 The authentication server 3 includes a CPU 31, a ROM 32, a RAM 33, a bus 34, an input / output interface 35, an output unit 36, an input unit 37, a storage unit 38, a communication unit 39, and a drive 40. Yes.
Since the configuration of the authentication server 3 is the same as the configuration excluding the touch panel of the user terminal 2 in FIG. 2, the description thereof is omitted here.
Further, since the store terminal 1 and the settlement server 4 in FIG. 1 are the same as the configuration of the authentication server 3, the description thereof is omitted here.
 このような店舗端末1、ユーザ端末2、認証サーバ3及び決済サーバ4の各種ハードウェアと各種ソフトウェアとの協働により、決済支援処理等の各種処理の実行が可能なる。決済支援処理とは、店舗がユーザに商品等を提供する場合における決済処理を支援するためのユーザの認証等各種処理をいう。
 図4は、図2のユーザ端末及び図3の認証サーバの機能的構成のうち、決済支援処理を実行するための機能的構成の一例を示す機能ブロック図である。 Various kinds of processing such as payment support processing can be executed by cooperation of various hardware and software of the store terminal 1, user terminal 2, authentication server 3, and payment server 4. The payment support process refers to various processes such as user authentication for supporting the payment process when the store provides products to the user.
4 is a functional block diagram illustrating an example of a functional configuration for executing the settlement support process among the functional configurations of the user terminal of FIG. 2 and the authentication server of FIG.
 図4に示すように、ユーザ端末2のCPU11においては、上位リクエスト部101と、サービスコード取得部102と、PW入力部103と、C-OTID生成部104と、PW暗号化部105と、ユーザ端末情報生成部106と、ユーザ端末情報送信制御部107と、サーバ認証部108と、認証シード更新部109と、決済結果取得部110と、提示部111とが機能する。 As shown in FIG. 4, in the CPU 11 of the user terminal 2, the upper request unit 101, service code acquisition unit 102, PW input unit 103, C-OTID generation unit 104, PW encryption unit 105, user The terminal information generation unit 106, the user terminal information transmission control unit 107, the server authentication unit 108, the authentication seed update unit 109, the settlement result acquisition unit 110, and the presentation unit 111 function.
 上位リクエスト部101は、決済サーバ4へ、上位リクエストを実行する。ここで、上位リクエストとは、決済サーバ4に対して、決済結果の受信をリクエストすることを意味する。 The upper request unit 101 executes an upper request to the settlement server 4. Here, the upper request means requesting the settlement server 4 to receive the settlement result.
 サービスコード取得部102は、店舗端末1において発生された認証サービスコードを取得する。
 ここで、認証サービスコードの取得手法は、特に限定されない。
 例えば、店舗端末1の図示せぬ表示部に、認証サービスコードを示すQRコード(登録商標)を表示させ、ユーザ端末2の図示せぬ撮像部が当該QRコード(登録商標)を含む表示部を撮像することで認証サービスコードを取得する手法を採用してもよい。
 また例えば、NFC(Near Field Communication)(登録商標)等の近距離無線通信を用いて、認証サービスコードを店舗端末1から取得する手法を採用してもよい。
 ユーザ端末2は、この認証サービスコードを、決済する店舗を特定する情報として、認証サーバ3を介して決済サーバ4に送信する。これにより、ユーザ端末2と店舗端末1との間で、決済時のユーザの個人情報の送受信が不要となるため、決済時の個人情報が、店舗端末1から流出するおそれが低減する。 The service code acquisition unit 102 acquires an authentication service code generated at the store terminal 1.
Here, the method for acquiring the authentication service code is not particularly limited.
For example, a QR code (registered trademark) indicating an authentication service code is displayed on a display unit (not shown) of the store terminal 1, and a display unit (not shown) of the user terminal 2 includes the QR code (registered trademark). You may employ | adopt the method of acquiring an authentication service code by imaging.
Further, for example, a method of acquiring the authentication service code from the store terminal 1 using near field communication such as NFC (Near Field Communication) (registered trademark) may be adopted.
The user terminal 2 transmits this authentication service code to the settlement server 4 via the authentication server 3 as information for specifying a store for settlement. Thereby, since transmission / reception of the user's personal information at the time of payment becomes unnecessary between the user terminal 2 and the store terminal 1, the possibility that personal information at the time of payment leaks from the store terminal 1 is reduced.
 PW入力部103は、タッチパネルによるユーザからのパスワードの入力を受け付ける。 The PW input unit 103 accepts input of a password from the user via the touch panel.
 C-OTID生成部104は、ユーザ端末2が本サービスの適用対象の装置として正規であることを認証サーバ3に対して示す認証子として、ワンタイムIDを、例えば、前回の決済の実行時に更新された認証シード及び共通暗号鍵に基づいて生成する。
 なお、後述するように、認証サーバ3側もワンタイムIDを生成するので、これと区別をすべく、C-OTID生成部104により生成されるワンタイムIDを、以下「C-OTID」と呼ぶ。 The C-OTID generation unit 104 updates the one-time ID, for example, at the time of execution of the previous settlement as an authenticator indicating to the authentication server 3 that the user terminal 2 is legitimate as a device to which this service is applied. Generated based on the authentication seed and the common encryption key.
As will be described later, since the authentication server 3 also generates a one-time ID, the one-time ID generated by the C-OTID generation unit 104 is hereinafter referred to as “C-OTID” to be distinguished from this. .
 PW暗号化部105は、PW入力部103で受け付けられたパスワードを所定の方式により暗号化することで暗号化パスワードを生成する。 The PW encryption unit 105 generates an encrypted password by encrypting the password received by the PW input unit 103 by a predetermined method.
 ユーザ端末情報生成部106は、PW暗号化部105で生成された暗号化パスワードと、サービスコード取得部102で取得された認証サービスコードと、C-OTID生成部104で生成されたC-OTIDを含む情報を、ユーザ端末情報として生成する。 The user terminal information generation unit 106 receives the encrypted password generated by the PW encryption unit 105, the authentication service code acquired by the service code acquisition unit 102, and the C-OTID generated by the C-OTID generation unit 104. The information to be included is generated as user terminal information.
 ユーザ端末情報送信制御部107は、ユーザ端末情報生成部106で生成されたユーザ端末情報を、通信部20を介して認証サーバ3に送信するための制御を実行する。 The user terminal information transmission control unit 107 executes control for transmitting the user terminal information generated by the user terminal information generation unit 106 to the authentication server 3 via the communication unit 20.
 このようにして、ユーザ端末2から認証サーバ3に送信されたユーザ端末情報(特にC-OTIDと暗号化パスワード)は、認証サーバ3において、ユーザの認証等の各種処理に利用される。
 また、認証サーバ3では、後述するS-OTIDが生成され、ユーザ端末2へと送信される。
 そこで、サーバ認証部108は、S-OTIDと更新された認証シードの情報とを、通信部20を介して取得し、取得したS-OTIDに基づいて、認証サーバ3を認証する。
 認証シード更新部109は、サーバ認証部108で認証された結果に基づいて、認証シードを更新する。 In this way, user terminal information (particularly C-OTID and encrypted password) transmitted from the user terminal 2 to the authentication server 3 is used in the authentication server 3 for various processes such as user authentication.
In the authentication server 3, an S-OTID described later is generated and transmitted to the user terminal 2.
Therefore, the server authentication unit 108 acquires the S-OTID and the updated authentication seed information via the communication unit 20, and authenticates the authentication server 3 based on the acquired S-OTID.
The authentication seed update unit 109 updates the authentication seed based on the result authenticated by the server authentication unit 108.
 決済結果取得部110は、上述の上位リクエスト部101により上位リクエストを受けて、決済サーバ4から送信されてきた決済処理の結果を、通信部20を介して取得する。提示部111は、決済結果取得部110により取得された決済処理の結果を表示部17に表示させる等することで、ユーザに提示する。 The settlement result acquisition unit 110 receives the upper request from the upper request unit 101 described above, and acquires the result of the settlement process transmitted from the settlement server 4 via the communication unit 20. The presentation unit 111 presents the result of the payment process acquired by the payment result acquisition unit 110 to the user by causing the display unit 17 to display the result.
 続いて、認証サーバ3の備える機能的構成について説明する。
 認証サーバ3においては、ユーザ端末情報取得部201と、復号化部202と、ユーザ認証部203と、ユーザパラメータ変換部204と、認証サーバ情報送信制御部205と、S-OTID生成更新部206が機能する。
 認証サーバ3の記憶部38の一領域には、UPDB(ユーザパラメータ データベース)301が設けられる。 Next, a functional configuration provided in the authentication server 3 will be described.
In the authentication server 3, a user terminal information acquisition unit 201, a decryption unit 202, a user authentication unit 203, a user parameter conversion unit 204, an authentication server information transmission control unit 205, and an S-OTID generation update unit 206 are provided. Function.
A UPDB (user parameter database) 301 is provided in one area of the storage unit 38 of the authentication server 3.
 ユーザ端末情報取得部201は、ユーザ端末2から送信されてきたユーザ端末情報を通信部39を介して取得する。
 復号化部202は、ユーザ端末情報取得部201に取得されたユーザ端末情報に含まれる暗号化パスワードから、上述のパスワードを復号する。 The user terminal information acquisition unit 201 acquires user terminal information transmitted from the user terminal 2 via the communication unit 39.
The decryption unit 202 decrypts the password described above from the encrypted password included in the user terminal information acquired by the user terminal information acquisition unit 201.
 ユーザ認証部203は、復号化部202で復号されたパスワードと、ユーザ端末情報取得部201により取得されたユーザ端末情報に含まれるC-OTIDとに基づいて、ユーザ端末2が本サービスの適用対象である正規の端末であることの認証(以下適宜「ユーザ認証」と呼ぶ)を行う。 Based on the password decrypted by the decryption unit 202 and the C-OTID included in the user terminal information acquired by the user terminal information acquisition unit 201, the user authentication unit 203 can apply the service to the user terminal 2. Is authenticated (hereinafter, referred to as “user authentication” as appropriate).
 ユーザパラメータ変換部204は、ユーザ認証部203によるユーザ認証の結果を示すパラメータを、ユーザパラメータとして生成し、UPDB301に格納する。
 ユーザパラメータは、このようにユーザ認証の結果を示すものであれば、その形態は特に限定されない。本実施形態で採用されているユーザパラメータの具体例については、図8や図9を参照して後述する。 The user parameter conversion unit 204 generates a parameter indicating the result of user authentication by the user authentication unit 203 as a user parameter and stores it in the UPDB 301.
The form of the user parameter is not particularly limited as long as it indicates the result of user authentication. Specific examples of user parameters employed in the present embodiment will be described later with reference to FIGS.
 認証サーバ情報送信制御部205は、ユーザ端末情報取得部201により取得されたユーザ端末情報のうち認証サービスコードと、ユーザパラメータ変換部204により生成されたユーザパラメータとを含む情報を、認証サーバ情報として、通信部39を介して決済サーバ4に送信するための制御を実行する。 The authentication server information transmission control unit 205 uses information including the authentication service code and the user parameters generated by the user parameter conversion unit 204 among the user terminal information acquired by the user terminal information acquisition unit 201 as authentication server information. Then, control for transmitting to the settlement server 4 via the communication unit 39 is executed.
 決済サーバ4は、認証サーバ情報を受信すると、当該認証サーバ情報のうちユーザパラメータに基づいて、ユーザの認証結果を認識する。
 決済サーバ4は、ユーザの認証が成功されている場合には所定の決済処理を実行し、ユーザの認証が失敗されている場合には所定のエラー処理を実行し、その実行内容を示す決済結果を、店舗端末1及びユーザ端末2の夫々に送信する。
 ここで、決済処理とは、本サービスの実行に関する一連の処理、即ち、店舗で商品等を購入したユーザについて、その商品等の代金を支払うための決済をするまでの一連の処理をいう。 When the settlement server 4 receives the authentication server information, the settlement server 4 recognizes the user authentication result based on the user parameter in the authentication server information.
The settlement server 4 executes a predetermined settlement process when the user authentication is successful, executes a predetermined error process when the user authentication is unsuccessful, and a settlement result indicating the execution contents Is transmitted to each of the store terminal 1 and the user terminal 2.
Here, the payment process refers to a series of processes related to the execution of this service, that is, a series of processes until a user who purchases a product or the like at a store makes a payment to pay for the product or the like.
 認証サーバ3のS-OTID生成更新部206は、前回の決済時に更新された認証シード及び共通暗号鍵に基づいて、認証サーバ3が正規であることを示す認証子として、ワンタイムIDを生成する。そして、S-OTID生成更新部206は、生成したS-OTIDを、通信部39を介してユーザ端末2に送信するための制御を実行する。
 なお、上述ように、ユーザ端末2側もワンタイムIDを生成するので、これと区別をすべく、S-OTID生成更新部206により生成されるワンタイムIDを、以下「S-OTID」と呼ぶ。S-OTIDは、認証サーバ3が正規であることを示す認証子である。
 つまり、本実施形態では、認証サーバ3がユーザを認証するだけでなく、ユーザ端末2が認証サーバ3を認証する相互認証を採用している。そこで、S-OTIDがS-OTID生成更新部206により生成され、ユーザ端末2に送信されるのである。 The S-OTID generation / update unit 206 of the authentication server 3 generates a one-time ID as an authenticator indicating that the authentication server 3 is authentic based on the authentication seed and the common encryption key updated at the previous settlement. . Then, the S-OTID generation / updating unit 206 executes control for transmitting the generated S-OTID to the user terminal 2 via the communication unit 39.
As described above, since the user terminal 2 also generates a one-time ID, the one-time ID generated by the S-OTID generation / updating unit 206 is hereinafter referred to as “S-OTID” to be distinguished from this. . The S-OTID is an authenticator indicating that the authentication server 3 is authentic.
That is, in this embodiment, mutual authentication in which the user terminal 2 authenticates the authentication server 3 as well as the authentication server 3 is adopted. Therefore, the S-OTID is generated by the S-OTID generation / update unit 206 and transmitted to the user terminal 2.
 また、C-OTIDとS-OTIDの2つのワンタイムIDは、事前に作成(更新)された認証シードを用いて生成される。そこで、認証シードを用いた認証の仕組みについて、簡単に説明する。
 第1実施形態では、1以上のサービスに共通の認証シード及び共通暗号鍵が用いられる。
 具体的には例えば、ユーザ端末2のC-OTID生成部104は、1以上のサービスに共通の認証シード及び共通暗号鍵を、RAM13上の演算スタックにコピーして、そのコピーされた認証シードに基づいて、C-OTIDを生成し、これを認証サーバ3へと送信する。また、C-OTID生成部104は、同時に認証シードを更新する。
 認証サーバ3のユーザ認証部203は、ユーザ端末2から送信されてきたC-OTIDに基づいてユーザ端末2の正当性を認証する。
 他方、認証サーバ3のS-OTID生成更新部206は、前回更新された認証シード及び共通暗号鍵に基づいてS-OTIDを生成し、ユーザ端末2へ送信する。また、S-OTID生成更新部206は、同時に認証シードを更新する。
 ユーザ端末2のサーバ認証部108は、認証サーバ3から送信されてきたS-OTIDに基づいて認証サーバ3の正当性を判定する。 Further, two one-time IDs, C-OTID and S-OTID, are generated using authentication seeds created (updated) in advance. Therefore, an authentication mechanism using an authentication seed will be briefly described.
In the first embodiment, a common authentication seed and common encryption key are used for one or more services.
Specifically, for example, the C-OTID generation unit 104 of the user terminal 2 copies an authentication seed and a common encryption key common to one or more services to the operation stack on the RAM 13, and uses the copied authentication seed as the copied authentication seed. Based on this, a C-OTID is generated and transmitted to the authentication server 3. In addition, the C-OTID generation unit 104 updates the authentication seed at the same time.
The user authentication unit 203 of the authentication server 3 authenticates the validity of the user terminal 2 based on the C-OTID transmitted from the user terminal 2.
On the other hand, the S-OTID generation / update unit 206 of the authentication server 3 generates an S-OTID based on the previously updated authentication seed and the common encryption key, and transmits the S-OTID to the user terminal 2. In addition, the S-OTID generation / update unit 206 simultaneously updates the authentication seed.
The server authentication unit 108 of the user terminal 2 determines the validity of the authentication server 3 based on the S-OTID transmitted from the authentication server 3.
 以上、図4を用いて、ユーザ端末2及び認証サーバ3等による決済支援処理を実行するための機能的構成について説明した。続いて、図5及び図6を用いて、ユーザ端末2及び認証サーバ3等により実行される決済支援処理の流れを説明する。 The functional configuration for executing the settlement support process by the user terminal 2 and the authentication server 3 has been described above with reference to FIG. Next, the flow of the settlement support process executed by the user terminal 2 and the authentication server 3 will be described with reference to FIGS.
 図5は、図4のユーザ端末及び認証サーバ等により実行される決済支援処理の流れの概要を示す図である。
 図6は、図4のユーザ端末及び認証サーバ等により実行される決済支援処理の流れを示すアローチャートである。 FIG. 5 is a diagram showing an outline of the flow of the settlement support process executed by the user terminal and the authentication server in FIG.
FIG. 6 is an arrow chart showing the flow of a payment support process executed by the user terminal and the authentication server shown in FIG.
 ステップSa0-1において、店舗端末1は、認証サービスコードを発生させる。
 ステップSa0-2において、ユーザ端末2のサービスコード取得部102は、店舗端末1において発生された認証サービスコードを取得する。 In step Sa0-1, store terminal 1 generates an authentication service code.
In step Sa0-2, the service code acquisition unit 102 of the user terminal 2 acquires the authentication service code generated in the store terminal 1.
 ステップSa1において、上位リクエスト部101は、決済サーバ4に上位リクエストを実行する。即ち、上位リクエスト部101は、決済サーバ4に対して、決済結果の受信をリクエストする。 In step Sa1, the upper request unit 101 executes an upper request to the settlement server 4. That is, the upper request unit 101 requests the payment server 4 to receive a payment result.
 ステップSa2において、PW入力部103は、タッチ操作入力部16を介してされたユーザからのパスワードの入力を受け付ける。そして、PW暗号化部105は、当該パスワードを暗号化することで、暗号化パスワードを生成する。 In step Sa2, the PW input unit 103 receives a password input from the user via the touch operation input unit 16. Then, the PW encryption unit 105 generates an encrypted password by encrypting the password.
 ステップSa3において、C-OTID生成部104は、前回更新された認証シード及び共通暗号鍵に基づいて、C-OTIDを生成する。 In step Sa3, the C-OTID generating unit 104 generates a C-OTID based on the previously updated authentication seed and common encryption key.
 ステップSa4において、ユーザ端末情報生成部106は、ステップSa2において生成された暗号化パスワードと、ステップSa0において取得された認証サービスコードと、ステップSa3において生成されたC-OTIDとを含むユーザ端末情報を生成する。 In step Sa4, the user terminal information generation unit 106 receives user terminal information including the encrypted password generated in step Sa2, the authentication service code acquired in step Sa0, and the C-OTID generated in step Sa3. Generate.
 ステップSa5において、ユーザ端末情報送信制御部107は、ステップSa4で生成されたユーザ端末情報を認証サーバ3に送信する。 In step Sa5, the user terminal information transmission control unit 107 transmits the user terminal information generated in step Sa4 to the authentication server 3.
 ステップSa6において、ユーザ認証部203は、ステップSa5でユーザ端末2から送信されてきたユーザ端末情報に含まれるパスワードとC-OTIDとに基づいて、ユーザ認証(クライアント認証)を行う。 In step Sa6, the user authentication unit 203 performs user authentication (client authentication) based on the password and C-OTID included in the user terminal information transmitted from the user terminal 2 in step Sa5.
 ステップSa7において、認証サーバ3の復号化部202は、ステップSa5でユーザ端末2から送信されてきたユーザ端末情報に含まれる暗号化パスワードを、上述のパスワードに復号する。 In step Sa7, the decryption unit 202 of the authentication server 3 decrypts the encrypted password included in the user terminal information transmitted from the user terminal 2 in step Sa5 into the above-described password.
 ステップSa8において、S-OTID生成更新部206は、前回の決済支援処理のステップSa3で更新された認証シード及び共通暗号鍵に基づいて、S-OTIDを生成し、当該認証シードを更新する。 In step Sa8, the S-OTID generation / update unit 206 generates an S-OTID based on the authentication seed and the common encryption key updated in step Sa3 of the previous settlement support process, and updates the authentication seed.
 ステップSa9-1において、認証サーバ情報送信制御部205は、ステップSa8において生成されたS-OTIDと更新した認証シードの情報とを含む認証サーバ側情報をユーザ端末2に送信する。 In step Sa9-1, the authentication server information transmission control unit 205 transmits the authentication server side information including the S-OTID generated in step Sa8 and the updated authentication seed information to the user terminal 2.
 ステップSa9-2において、ユーザ端末2のサーバ認証部108は、ステップSa9-1で送信されてきた認証サーバ側情報、即ちS-OTID等を取得する。サーバ認証部108は、取得したS-OTIDに基づいて、認証サーバ3を認証する。 In step Sa9-2, the server authentication unit 108 of the user terminal 2 acquires the authentication server side information transmitted in step Sa9-1, that is, S-OTID and the like. The server authentication unit 108 authenticates the authentication server 3 based on the acquired S-OTID.
 ステップSa9-3において、認証シード更新部109は、サーバ認証部108に認証された結果に基づいて、認証シードを更新する。 In step Sa9-3, the authentication seed update unit 109 updates the authentication seed based on the result authenticated by the server authentication unit 108.
 ステップSa10において、ユーザパラメータ変換部204は、ステップSa7で行われたユーザの認証結果を示すユーザパラメータを生成する。 In step Sa10, the user parameter conversion unit 204 generates a user parameter indicating the authentication result of the user performed in step Sa7.
 ステップSa11において、認証サーバ情報送信制御部205は、ステップSa5でユーザ端末2から送信されてきたユーザ端末情報に含まれる認証サービスコードとステップSa10で生成されたユーザパラメータとを含む認証サーバ情報を、決済サーバ4に送信する。 In step Sa11, the authentication server information transmission control unit 205 obtains authentication server information including the authentication service code included in the user terminal information transmitted from the user terminal 2 in step Sa5 and the user parameter generated in step Sa10. It transmits to the settlement server 4.
 ステップSa12において、決済サーバ4は、ステップSa11で認証サーバ3から送信されてきた認証サーバ情報、即ち認証サービスコードとユーザパラメータとに基づいて、決済処理またはエラー処理を実行する。 In step Sa12, the settlement server 4 executes settlement processing or error processing based on the authentication server information transmitted from the authentication server 3 in step Sa11, that is, the authentication service code and the user parameter.
 ステップSa13-1において、決済サーバ4は、ステップSa12で実行した決済処理またはエラー処理の結果(以下、「決済結果」と呼ぶ)を店舗端末1に送信する。
 ステップSa13-2において、店舗端末1は、ステップSa13-1で決済サーバ4から送信されてきた決済結果を取得し、そして店舗端末1は、取得した決済結果を表示する。 In step Sa13-1, the settlement server 4 transmits the result of the settlement process or error process executed in step Sa12 (hereinafter referred to as “settlement result”) to the store terminal 1.
In step Sa13-2, the store terminal 1 acquires the settlement result transmitted from the settlement server 4 in step Sa13-1, and the store terminal 1 displays the acquired settlement result.
 ステップSa14において、決済サーバ4は、ステップSa12で実行された決済結果をユーザ端末2に送信する。
 ステップSa15において、ユーザ端末2の決済結果取得部110は、ステップSa14で決済サーバ4から送信されてきた決済結果を取得する。そして、提示部111は、当該決済結果を表示部17に表示する。 In step Sa14, the settlement server 4 transmits the settlement result executed in step Sa12 to the user terminal 2.
In step Sa15, the payment result acquisition unit 110 of the user terminal 2 acquires the payment result transmitted from the payment server 4 in step Sa14. Then, the presentation unit 111 displays the settlement result on the display unit 17.
 このような決済支援処理の実現により、決済サーバ4において決済処理が行われる場合に、ユーザ端末2は、店舗端末1との間で認証サービスコードの取得以外の通信を一切行う必要がないので、ユーザの個人情報が店舗端末1に伝送されるおそれが全くない。
 そのため、当該店舗端末1にユーザの個人情報が保存されることはないので、従来のように、店舗の従業員等に悪用されたり、店舗端末1から個人情報が流出することが一切なくなる。
 このように、電子的な方法による決算処理において、個人情報流出等のリスクを低減することができるという効果を奏することが可能になる。
 さらに以下、このような効果を奏することが可能な決済支援処理の詳細について、図7乃至図10を用いて説明していく。 By realizing such payment support processing, when payment processing is performed in the payment server 4, the user terminal 2 does not need to perform any communication other than acquisition of the authentication service code with the store terminal 1. There is no possibility that the personal information of the user is transmitted to the store terminal 1.
Therefore, personal information of the user is not stored in the store terminal 1, so that it is never abused by store employees or leaked from the store terminal 1 as in the past.
In this way, it is possible to reduce the risk of personal information leakage and the like in the settlement process using an electronic method.
Further details of the settlement support process capable of producing such an effect will be described below with reference to FIGS.
 図7は、図6の決済支援処理のうち、主に図2のユーザ端末2において実行される一連の処理の詳細な流れを説明するフローチャートである。 FIG. 7 is a flowchart for explaining a detailed flow of a series of processes mainly executed in the user terminal 2 of FIG. 2 in the settlement support process of FIG.
 ステップSa0-1において、店舗端末1は、認証サービスコードを生成又は受信する。なお、その後の店舗端末1の処理については、処理P4-1として図10を参照して後述する。
 ステップSa0-2において、ユーザ端末2のサービスコード取得部102は、ステップSa0-1において店舗端末1で生成された認証サービスコードを取得する。なお、上述の通り、認証サービスコードの取得手法は、特に限定されない。 In step Sa0-1, the store terminal 1 generates or receives an authentication service code. The subsequent processing of the store terminal 1 will be described later with reference to FIG. 10 as processing P4-1.
In step Sa0-2, the service code acquisition unit 102 of the user terminal 2 acquires the authentication service code generated by the store terminal 1 in step Sa0-1. As described above, the method for acquiring the authentication service code is not particularly limited.
 ステップSa0-2におい認証サービスコードが取得されると、ステップSa1において、上位リクエスト部101は、決済サーバ4に上位リクエスト、即ち、決済結果の受信のリクエストを実行する。なお、この上位リクエストに対する決済サーバ4の受信処理は、処理P4-4-1として実行され、その応答処理として図10のステップSa14の処理が実行される。このステップSa14の処理については、図10を参照して後述する。 When the authentication service code is acquired in step Sa0-2, in step Sa1, the upper request unit 101 executes an upper request to the payment server 4, that is, a request for receiving a payment result. Note that the reception process of the settlement server 4 for this higher order request is executed as process P4-4-1, and the process of step Sa14 in FIG. 10 is executed as the response process. The process of step Sa14 will be described later with reference to FIG.
 ステップSa2において、PW入力部103は、タッチ操作入力部16を介してされたユーザからのパスワードの入力を受け付ける。そして、PW暗号化部105は、ステップSa2で受け付けられたパスワードを暗号化して、暗号化パスワードを生成する。
 ステップSa3において、C-OTID生成部104は、C-OTIDを生成する。
 ステップSa4において、ユーザ端末情報生成部106は、認証サーバ送信パケットを生成する。
 即ち、ユーザ端末情報生成部106は、ステップSa2で生成された暗号化パスワードと、ステップSa0-2においてサービスコード取得部102で取得された認証サービスコードと、ステップSa3で生成されたC-OTIDとを含むユーザ端末情報を生成する。
 なお、このユーザ端末情報は、本実施形態では複数のパケットにより構成される。このパケットが、上述の認証サーバ送信パケットに該当する。 In step Sa <b> 2, the PW input unit 103 receives a password input from the user via the touch operation input unit 16. Then, the PW encryption unit 105 encrypts the password received in step Sa2 to generate an encrypted password.
In step Sa3, the C-OTID generating unit 104 generates a C-OTID.
In step Sa4, the user terminal information generation unit 106 generates an authentication server transmission packet.
That is, the user terminal information generation unit 106 includes the encrypted password generated in step Sa2, the authentication service code acquired by the service code acquisition unit 102 in step Sa0-2, and the C-OTID generated in step Sa3. The user terminal information including is generated.
This user terminal information is composed of a plurality of packets in this embodiment. This packet corresponds to the above-described authentication server transmission packet.
 ステップSa5において、ユーザ端末情報送信制御部107は、ステップSa4において生成された認証サーバ送信パケットを、認証サーバ3に送信する。
 その後のユーザ端末2の処理としては、処理P4-2が実行される。処理P4-2については、図10を参照して後述する。 In step Sa5, the user terminal information transmission control unit 107 transmits the authentication server transmission packet generated in step Sa4 to the authentication server 3.
As processing of the user terminal 2 thereafter, processing P4-2 is executed. The process P4-2 will be described later with reference to FIG.
 ステップSa4において認証サーバ送信パケットが認証サーバ3に送信されると、認証サーバ3は、処理P2-3を実行する。
 そこで、以下、図8を用いて、上述の認証サーバ3における処理P2-3について説明していく。
 図8は、図6の決済支援処理のうち、主に図3の認証サーバ3により実行される一連の処理の詳細な流れを説明するフローチャートである。 When the authentication server transmission packet is transmitted to the authentication server 3 in step Sa4, the authentication server 3 executes process P2-3.
Therefore, the process P2-3 in the authentication server 3 will be described below with reference to FIG.
FIG. 8 is a flowchart for explaining a detailed flow of a series of processing mainly executed by the authentication server 3 of FIG. 3 in the settlement support processing of FIG.
 ステップSa6において、認証サーバ3のユーザ認証部203は、ユーザ端末2から送信されてきたC-OTIDに基づいて、クライアント認証(ユーザ認証)、即ち、ユーザ端末2が本サービスの適用対象である正規の端末であることの認証を行う。 In step Sa6, the user authentication unit 203 of the authentication server 3 performs the client authentication (user authentication) based on the C-OTID transmitted from the user terminal 2, that is, the normal operation to which the user terminal 2 is the application target of this service. Authenticate that it is a terminal.
 ステップSa7において、認証サーバ3の復号化部202は、ユーザ端末2から送信されてきたユーザ端末情報に含まれる暗号化パスワードを、上述のパスワードに復号する。 In step Sa7, the decryption unit 202 of the authentication server 3 decrypts the encrypted password included in the user terminal information transmitted from the user terminal 2 into the above-described password.
 ステップSP3-1において、ユーザ認証部203は、ステップSa6のクライアント認証で用いられたC-OTIDが正規の端末で生成されたものであるか否かを判定する。
 C-OTIDが正規の端末で生成されたものでない場合は、ステップSP3-1においてNOと判定されて、処理はステップSa10-3に進む。なお、ステップSa10-3以降の処理については、後述する。
 これに対して、C-OTIDが正規の端末で生成されたものである場合は、ステップSP3-1においてYESであると判定されて、処理はステップSa8へと進む。 In step SP3-1, the user authentication unit 203 determines whether or not the C-OTID used in the client authentication in step Sa6 is generated by a legitimate terminal.
If the C-OTID is not generated by a legitimate terminal, NO is determined in step SP3-1, and the process proceeds to step Sa10-3. The processing after step Sa10-3 will be described later.
On the other hand, if the C-OTID is generated by a legitimate terminal, it is determined as YES in Step SP3-1, and the process proceeds to Step Sa8.
 ステップSa8において、S-OTID生成更新部206は、前回更新された認証シード及び共通暗号鍵に基づいて、S-OTIDを生成し、当該認証シードを更新する。 In step Sa8, the S-OTID generation / update unit 206 generates an S-OTID based on the previously updated authentication seed and the common encryption key, and updates the authentication seed.
 ステップSa9において、認証サーバ情報送信制御部205は、ユーザ端末2へ認証パケットを送信する。
 即ち、認証サーバ情報送信制御部205は、ステップSa8で生成したS-OTIDと更新した認証シードの情報を含む認証サーバ側情報をユーザ端末2に送信する。この認証サーバ側情報は、本実施形態では複数のパケットにより構成される。このパケットが、上述の認証パケットに該当する。
 なお、認証サーバ情報送信制御部205が、認証サーバ情報をユーザ端末2に送信すると、ユーザ端末2においては、処理P4-2が実行される。処理P4-2については、図10を参照して後述する。 In step Sa <b> 9, the authentication server information transmission control unit 205 transmits an authentication packet to the user terminal 2.
That is, the authentication server information transmission control unit 205 transmits the authentication server side information including the S-OTID generated in step Sa8 and the updated authentication seed information to the user terminal 2. This authentication server side information is composed of a plurality of packets in this embodiment. This packet corresponds to the authentication packet described above.
Note that when the authentication server information transmission control unit 205 transmits the authentication server information to the user terminal 2, the user terminal 2 executes the process P4-2. The process P4-2 will be described later with reference to FIG.
 ステップSP3-2において、ユーザパラメータ変換部204は、ステップSa7で復号されたパスワードが正規の端末で入力されたものか否かを判定する。 In step SP3-2, the user parameter conversion unit 204 determines whether or not the password decrypted in step Sa7 is input from a legitimate terminal.
 パスワードが正規の端末で入力されたものである場合は、ステップSP3-2においてYESであると判定されて、処理はステップSa10-1へと進む。
 ステップSa10-1において、ユーザパラメータ変換部204は、ステップSa6のクライアント認証で用いられたC-OTIDが正規の端末で生成されたものであり、かつステップSa7で復号されたパスワードが正規の端末で入力されたものである場合を示すべく、C-OTIDから任意のユーザパラメータを生成する。 If the password is entered at a legitimate terminal, it is determined as YES in step SP3-2, and the process proceeds to step Sa10-1.
In step Sa10-1, the user parameter conversion unit 204 generates the C-OTID used in the client authentication in step Sa6 at the legitimate terminal, and the password decrypted in step Sa7 is the legitimate terminal. An arbitrary user parameter is generated from the C-OTID to indicate a case where it has been input.
 これに対して、取得されたパスワードが正規の端末で入力されたものでない場合は、ステップSP3-2においてNOと判定されて、処理はステップSa10-2に進む。
 ステップSa10-2において、ユーザパラメータ変換部204は、ステップSa6のクライアント認証で用いられたC-OTIDが正規の端末で生成されたものであり、かつステップSa7で復号されたパスワードが正規の端末で入力されたものでない場合を示すべく、ユーザパラメータとして「-2」を生成する。 On the other hand, if the acquired password is not entered at the legitimate terminal, it is determined as NO in step SP3-2, and the process proceeds to step Sa10-2.
In step Sa10-2, the user parameter conversion unit 204 generates the C-OTID used in the client authentication in step Sa6 at the legitimate terminal, and the password decrypted in step Sa7 is the legitimate terminal. “-2” is generated as a user parameter to indicate a case where it has not been input.
 また、上述したように、ステップSa6のクライアント認証で用いられたC-OTIDが正規の端末で生成されたものでない場合は、ステップSP3-1においてNOと判定されて、処理はステップSa10-3に進む。
 ステップSa10-3において、ユーザパラメータ変換部204は、ステップSa6のクライアント認証で用いられたC-OTIDが正規の端末で生成されたものでない場合に、ユーザパラメータとして「-1」を生成する。 As described above, if the C-OTID used in the client authentication in step Sa6 is not generated by a legitimate terminal, it is determined NO in step SP3-1, and the process proceeds to step Sa10-3. move on.
In step Sa10-3, the user parameter conversion unit 204 generates “−1” as the user parameter when the C-OTID used in the client authentication in step Sa6 is not generated by a legitimate terminal.
 つまり、ユーザパラメータが「-2」の場合や「-1」の場合とは、認証サーバ3におけるユーザ認証(クライアント認証)がNGの場合であり、ユーザパラメータは、NGコードを通知するものとなる。
 このように、ステップSa10-1乃至10-3のうち何れかの処理(図5及び図6でいるステップS10の処理)が実行されて、ユーザパラメータが生成されると、処理はステップSa11に進む。 That is, when the user parameter is “−2” or “−1”, the user authentication (client authentication) in the authentication server 3 is NG, and the user parameter notifies the NG code. .
As described above, when any one of steps Sa10-1 to 10-3 (step S10 in FIGS. 5 and 6) is executed and a user parameter is generated, the process proceeds to step Sa11. .
 ステップSa11において、認証サーバ情報送信制御部205は、ステップSa5(図7)でユーザ端末2から送信されてきたユーザ端末情報に含まれる認証サービスコードと、ステップSa10-1乃至10-3のうち何れかのステップで生成されたユーザパラメータとを含む認証サーバ情報をパケットとして決済サーバ4に送信する。 In step Sa11, the authentication server information transmission control unit 205 selects one of the authentication service code included in the user terminal information transmitted from the user terminal 2 in step Sa5 (FIG. 7) and steps Sa10-1 to 10-3. Authentication server information including the user parameters generated in this step is transmitted to the settlement server 4 as a packet.
 認証サーバ情報が決済サーバ4に送信されると、決済サーバ4では図9の処理P3-4が実行される。
 図9は、図6の決済支援処理のうち、主に図1の決済サーバ4において実行される一連の処理であって、処理P3-4以降の処理の詳細な流れを説明するフローチャートである。この図9に示される処理が、図5及び図6のステップSa12の処理に該当する。 When the authentication server information is transmitted to the settlement server 4, the settlement server 4 executes the process P3-4 in FIG.
FIG. 9 is a flow chart for explaining a detailed flow of processes after process P3-4, which is a series of processes mainly executed in the settlement server 4 of FIG. 1 in the settlement support process of FIG. The process shown in FIG. 9 corresponds to the process of step Sa12 in FIGS.
 ステップSP4-0において、決済サーバ4は、ステップSa11で認証サーバ3から送信されてきた認証サーバ情報のパケットを、決済パケットとして受信する。 In step SP4-0, the settlement server 4 receives the authentication server information packet transmitted from the authentication server 3 in step Sa11 as a settlement packet.
 ステップSP4-1において、決済サーバ4は、認証サーバ情報に含まれるユーザパラメータの判定をする。 In step SP4-1, the settlement server 4 determines the user parameter included in the authentication server information.
 決済サーバ4は、ステップSP4-1でユーザパラメータ「-1」を抽出した場合、処理をステップSP4-2に進める。
 ステップSP4-2において、決済サーバ4は、正常に決済処理が終了しなかったことを示す「決済結果NG」という決済結果及びその理由を示す「-1」という理由コードを生成する。 When the settlement server 4 extracts the user parameter “−1” in step SP4-1, the processing proceeds to step SP4-2.
In step SP4-2, the settlement server 4 generates a settlement result “settlement result NG” indicating that the settlement process has not been completed normally and a reason code “−1” indicating the reason.
 決済サーバ4は、ステップSP4-1でユーザパラメータ「-2」を抽出した場合、処理をステップSP4-3に進める。
 ステップSP4-3において、決済サーバ4は、正常に決済処理が終了しなかったことを示す「決済結果NG」という決済結果及びその理由を示す「-2」という理由コードを生成する。 When the settlement server 4 extracts the user parameter “−2” in step SP4-1, the settlement server 4 advances the processing to step SP4-3.
In step SP4-3, the settlement server 4 generates a settlement result “settlement result NG” indicating that the settlement process has not been completed normally and a reason code “−2” indicating the reason.
 決済サーバ4は、ステップSP4-1でそれ以外のユーザパラメータを抽出した場合、つまりユーザ認証に成功したことを示すユーザパラメータを抽出した場合、処理をステップSP4-4に進める。
 ステップSP4-4において、決済サーバ4は、ユーザパラメータより決済処理を実行する。 If the settlement server 4 extracts other user parameters in step SP4-1, that is, if a user parameter indicating that the user authentication is successful is extracted, the process proceeds to step SP4-4.
In step SP4-4, the settlement server 4 executes a settlement process based on the user parameters.
 ステップSP4-5において、決済サーバ4は、ステップSP4-4で実行された決済処理がOKか否かを判定する。 In step SP4-5, the settlement server 4 determines whether or not the settlement process executed in step SP4-4 is OK.
 決済サーバ4は、決済処理がNGと判定した場合、処理をステップSP4-6に進める。
 ステップSP4-6において、決済サーバ4は、正常に決済処理が終了しなかったことを示す「決済結果NG」という決済結果及びその理由を示す「-3」という理由コードを生成する。 If the settlement server 4 determines that the settlement process is NG, the settlement server 4 advances the process to step SP4-6.
In step SP4-6, the settlement server 4 generates a settlement result “settlement result NG” indicating that the settlement process has not been completed normally and a reason code “−3” indicating the reason.
 これに対して、決済サーバ4は、決済処理がOKと判定した場合、処理をステップSP4-7に進める。
 ステップSP4-7において、決済サーバ4は、正常に決済処理が終了したことを示す「決済結果OK」という決済結果を生成する。 On the other hand, when the settlement server 4 determines that the settlement process is OK, the process proceeds to step SP4-7.
In step SP4-7, the settlement server 4 generates a settlement result “settlement result OK” indicating that the settlement process has been normally completed.
 このようにして、ステップSP4-2,SP4-3,SP4-6,SP4-7の何れかで決済結果等が生成されると、処理は、処理P4-4に進む。
 そこで以下、図10を用いて、決済サーバ4における処理P4-4、上述のユーザ端末2における処理P4-2、店舗端末1における処理P4-1について説明していく。 In this way, when a settlement result or the like is generated in any of steps SP4-2, SP4-3, SP4-6, and SP4-7, the process proceeds to process P4-4.
Therefore, the process P4-4 in the settlement server 4, the process P4-2 in the user terminal 2 and the process P4-1 in the store terminal 1 will be described below with reference to FIG.
 図10は、図6の決済支援処理のうち、主に図1の店舗端末1、決済サーバ4及び図2のユーザ端末2により実行される一連の処理であって、処理P4-4、処理P4-2、処理P4-1以降の処理の詳細な流れを説明するフローチャートである。 FIG. 10 is a series of processes executed mainly by the store terminal 1, the payment server 4 of FIG. 1, and the user terminal 2 of FIG. 2 among the payment support processes of FIG. -2 is a flowchart for explaining the detailed flow of processes after process P4-1.
 まずは、処理の中心となる決済サーバ4を中心として、決済サーバ4で行われるP4-4以降の処理について説明する。
 ステップSP4-8において、決済サーバ4は、店舗端末向け決済結果パケットを生成する。
 即ち、決済サーバ4は、ステップSa11で認証サーバ3から送信されてきた認証サービスコードと、上述のステップSP4-2,SP4-3,SP4-6,SP4-7の何れかで生成された決済結果(及びNGの場合には理由コード)を含む店舗端末向け決済サーバ情報をパケットで生成する。このパケットが、店舗端末向け決済結果パケットである。 First, the processing after P4-4 performed by the settlement server 4 will be described with the settlement server 4 serving as the center of processing as a center.
In step SP4-8, the settlement server 4 generates a settlement result packet for the shop terminal.
That is, the settlement server 4 uses the authentication service code transmitted from the authentication server 3 in step Sa11 and the settlement result generated in any of the above steps SP4-2, SP4-3, SP4-6, SP4-7. (And a reason code in the case of NG) generate settlement server information for store terminals in a packet. This packet is a settlement result packet for store terminals.
 ステップSa13において、決済サーバ4は、ステップSP4-8で生成された店舗端末向け決済サーバ側情報を店舗端末1に送信する。
 そして、ステップSa13-2において、店舗端末1は、ステップSa13で決済サーバ4から送信されてきた店舗端末向け決済サーバ情報を取得し、それを表示する。 In step Sa13, the payment server 4 transmits the payment server side information for the store terminal generated in step SP4-8 to the store terminal 1.
In step Sa13-2, the shop terminal 1 acquires the payment server information for the shop terminal transmitted from the payment server 4 in step Sa13 and displays it.
 ステップSP4-9において、決済サーバ4は、ユーザ端末向け決済結果パケットを生成する。
 即ち、決済サーバ4は、ステップSP4-8と同様に、ステップSa11で認証サーバ3から送信されてきた認証サービスコードと、上述のステップSP4-2,SP4-3,SP4-6,SP4-7の何れかで生成された決済結果(及びNGの場合には理由コード)を含むユーザ端末向け決済サーバ情報をパケットで生成する。このパケットが、ユーザ端末向け決済結果パケットである。 In step SP4-9, the payment server 4 generates a payment result packet for the user terminal.
That is, as in step SP4-8, the settlement server 4 sends the authentication service code transmitted from the authentication server 3 in step Sa11 and the above-described steps SP4-2, SP4-3, SP4-6, and SP4-7. The payment server information for the user terminal including the payment result (and reason code in the case of NG) generated by any of the packets is generated in a packet. This packet is a payment result packet for the user terminal.
 ステップSa14において、ユーザ端末2から上位リクエストが送信されてきた(処理P4-4-1)を条件として、決済サーバ4は、ステップSP4-8で生成されたユーザ端末向け決済サーバ情報をユーザ端末2に送信する。
 ステップSa15において、ユーザ端末2の決済結果取得部110は、ステップSa14で決済サーバ4から送信されてきたユーザ端末向け決済サーバ情報(決済結果)を取得する。提示部111は、それを表示する。 In step Sa14, on the condition that the upper request has been transmitted from the user terminal 2 (Process P4-4-1), the settlement server 4 uses the user server 2 for the payment server information for the user terminal generated in step SP4-8. Send to.
In step Sa15, the payment result acquisition unit 110 of the user terminal 2 acquires the user terminal payment server information (payment result) transmitted from the payment server 4 in step Sa14. The presentation unit 111 displays it.
 なお、ユーザ端末2では、ステップSa15の前に次のような処理も実行される。
 即ち、ステップSa9-2において、ユーザ端末2のサーバ認証部108は、認証サーバ3から送信されてきたS-OTID認証パケットを受信する。
 即ち、サーバ認証部108は、ステップSa9-1で認証サーバ3から送信されてきたS-OTIDと更新された認証シードとをパケット単位で取得する。 In the user terminal 2, the following processing is also executed before Step Sa15.
That is, in step Sa9-2, the server authentication unit 108 of the user terminal 2 receives the S-OTID authentication packet transmitted from the authentication server 3.
That is, the server authentication unit 108 acquires the S-OTID transmitted from the authentication server 3 in step Sa9-1 and the updated authentication seed for each packet.
 ステップSP3-3において、サーバ認証部108は、ステップSa9-1で取得されたS-OTIDはOKか否かを判定する。
 取得されたS-OTIDがNGの場合、ステップSP3-3においてNOと判定されて、ユーザ端末2側の処理は終了する。
 これに対して、取得されたS-OTIDがOKの場合、ステップSP3-3においてYESと判定されて、処理はステップSa9-3へと進む。
 ステップSa9-3において、認証シード更新部109は、認証シードを更新する。 In step SP3-3, the server authentication unit 108 determines whether or not the S-OTID acquired in step Sa9-1 is OK.
When the acquired S-OTID is NG, it is determined as NO in Step SP3-3, and the process on the user terminal 2 side ends.
On the other hand, if the acquired S-OTID is OK, YES is determined in step SP3-3, and the process proceeds to step Sa9-3.
In step Sa9-3, the authentication seed update unit 109 updates the authentication seed.
 ここで上述の第1実施形態では、店舗端末1、ユーザ端末2、認証サーバ3及び決済サーバ4により構成される情報処理システムを採用することによって、一連の決済支援処理を実現した。
 しかし、このような決済支援処理を実現するにあたり、必ずしも店舗端末1、ユーザ端末2、認証サーバ3及び決済サーバ4により構成される情報処理システムを採用する必要はない。例えば、商品等の提供は、実店舗でなく、オンラインショップ等のECサイトでも行われている。
 そこで、本発明が適用される情報処理システムの別の実施形態、即ち第2実施形態として、ECサイト、ユーザ端末2、認証サーバ3、決済サーバ4により構成される情報処理システムを採用してもよい。
 この第2実施形態を採用することで、本サービスの提供者は、より幅広い決済サービスを提供できる。
 なお、このようなECサイトを管理するサーバを、以下「サービスサーバ」と呼ぶ。サービスサーバは、ECサイトを運営する業者により管理され、認証サービスコードを発行する。 Here, in the above-described first embodiment, a series of settlement support processing is realized by adopting an information processing system including the store terminal 1, the user terminal 2, the authentication server 3, and the settlement server 4.
However, in order to realize such a settlement support process, it is not always necessary to adopt an information processing system including the store terminal 1, the user terminal 2, the authentication server 3, and the settlement server 4. For example, the provision of products and the like is performed not only at an actual store but also at an EC site such as an online shop.
Accordingly, as another embodiment of the information processing system to which the present invention is applied, that is, as a second embodiment, an information processing system including an EC site, a user terminal 2, an authentication server 3, and a settlement server 4 may be adopted. Good.
By adopting the second embodiment, the provider of this service can provide a wider range of settlement services.
A server that manages such an EC site is hereinafter referred to as a “service server”. The service server is managed by a merchant operating the EC site and issues an authentication service code.
 ここで、第2実施形態におけるユーザ端末2及び認証サーバ3のハードウェア構成は、図2及び図3の夫々に示す第1実施形態のものと同様である。また、第2実施形態において新たに採用されるサービスサーバ5のハードウェア構成については、上述の認証サーバ3のハードウェア構成と同様である。 Here, the hardware configurations of the user terminal 2 and the authentication server 3 in the second embodiment are the same as those in the first embodiment shown in FIGS. 2 and 3 respectively. In addition, the hardware configuration of the service server 5 newly employed in the second embodiment is the same as the hardware configuration of the authentication server 3 described above.
 図11は、本発明の第2実施形態に係る情報処理システムの構成の一例であり、本発明の第2実施形態を示す図である。
 図11に示す情報処理システムは、ユーザ端末2と、認証サーバ3と、決済サーバ4、サービスサーバ5とにより構成される。
 ユーザ端末2と、認証サーバ3と、決済サーバ4と、サービスサーバ5とは、インターネット等の所定のネットワークNを介して相互に接続されている。
 なお、ユーザ端末2、認証サーバ3、決済サーバ4、サービスサーバ5の夫々の台数については、1以上のいかなる数がであってもよい。 FIG. 11 is an example of a configuration of an information processing system according to the second embodiment of the present invention, and is a diagram illustrating the second embodiment of the present invention.
The information processing system shown in FIG. 11 includes a user terminal 2, an authentication server 3, a settlement server 4, and a service server 5.
The user terminal 2, the authentication server 3, the settlement server 4, and the service server 5 are connected to each other via a predetermined network N such as the Internet.
The number of user terminals 2, authentication server 3, settlement server 4, and service server 5 may be any number greater than or equal to one.
 本発明の第2実施形態では、図11に示す情報処理システムにより決済支援処理が実行される。
 ここで、図12乃至図18は、本発明の第2実施形態における機能ブロック図、概要図、アローチャート、フローチャートである。これらは、店舗端末1に代わり、サービスサーバ5を採用する点を除き、基本的に同様であるので、ここでは、この点以外の説明を省略する。 In the second embodiment of the present invention, the payment support process is executed by the information processing system shown in FIG.
Here, FIGS. 12 to 18 are a functional block diagram, a schematic diagram, an arrow chart, and a flowchart according to the second embodiment of the present invention. Since these are basically the same except that the service server 5 is employed instead of the store terminal 1, the description other than this point is omitted here.
 即ち、第1実施形態と異なり第2実施形態では、図13に示すように、ユーザ端末2は、商品等の提供のためにサービスサーバ5と通信をするための上位アプリケーションソフトウェア(以下、「上位アプリ」と呼ぶ)を有している。また、ユーザ端末2は、ユーザ認証等を実行するための通信として、サービスサーバ5とは通信をせずに、認証サーバ3と通信をするための認証モジュールを有している。 That is, unlike the first embodiment, in the second embodiment, as shown in FIG. 13, the user terminal 2 is connected to the upper application software (hereinafter referred to as “upper host software”) for communicating with the service server 5 in order to provide products and the like. Called "app"). Further, the user terminal 2 has an authentication module for communicating with the authentication server 3 without communicating with the service server 5 as communication for executing user authentication or the like.
 ステップSb0-1において、ユーザ端末2の上位アプリのサービスコード取得部102は、商品等の提供の決済のサービスを要求するためのアクセス(サービスアクセス)をサービスサーバ5に対してする。
 ステップSb0-2において、サービスサーバ5は、認証サービスコードを生成する。ステップSb0-3において、サービスサーバ5は、認証サービスコードをユーザ端末2に送信する。ユーザ端末2の上位アプリのサービスコード取得部102は、認証サービスコードを受信する。 In step Sb 0-1, the service code acquisition unit 102 of the upper application of the user terminal 2 makes an access (service access) for requesting a settlement service for providing products etc. to the service server 5.
In step Sb0-2, the service server 5 generates an authentication service code. In step Sb0-3, the service server 5 transmits an authentication service code to the user terminal 2. The service code acquisition unit 102 of the upper application of the user terminal 2 receives the authentication service code.
 第2実施形態では、図13に点線で示すように、上位アプリの上位リクエスト部101は、第1実施形態のように決済サーバ4に上位リクエストを実行するのではなく、サービスサーバ5に対して、決済結果の受信をリクエストする(ステップSb1)。 In the second embodiment, as indicated by a dotted line in FIG. 13, the upper request unit 101 of the upper application does not execute the upper request to the settlement server 4 as in the first embodiment, Then, the reception of the settlement result is requested (step Sb1).
 ステップSb2において、上位アプリのPW入力部103は、タッチ操作入力部16を介してされたユーザからのパスワードの入力を受け付ける。
 ステップSb3-0において、上位アプリは、認証サービスコードとパスワードを、認証モジュールに送信する。
 そこで、ステップSb3-2において、認証モジュールのPW暗号化部105は、当該パスワードを暗号化することで、暗号化パスワードを生成する。 In step Sb <b> 2, the PW input unit 103 of the upper application receives a password input from the user via the touch operation input unit 16.
In step Sb3-0, the upper application transmits the authentication service code and the password to the authentication module.
Accordingly, in step Sb3-2, the PW encryption unit 105 of the authentication module generates an encrypted password by encrypting the password.
 ステップSb3-1において、認証モジュールのC-OTID生成部104は、前回更新された認証シード及び共通暗号鍵に基づいて、C-OTIDを生成する。 In step Sb3-1, the C-OTID generating unit 104 of the authentication module generates a C-OTID based on the previously updated authentication seed and common encryption key.
 ステップSb4において、認証モジュールのユーザ端末情報生成部106は、ステップSb3-2において生成された暗号化パスワードと、ステップSb0-3において取得された認証サービスコードと、ステップSb3-1において生成されたC-OTIDとを含むユーザ端末情報(図15のステップSb3-3で生成される認証サーバ送信パケット)を認証サーバ3に送信する。 In step Sb4, the user terminal information generation unit 106 of the authentication module performs the encrypted password generated in step Sb3-2, the authentication service code acquired in step Sb0-3, and the C generated in step Sb3-1. User terminal information including the OTID (authentication server transmission packet generated in step Sb3-3 in FIG. 15) is transmitted to the authentication server 3.
 それ以降の認証サーバ3の処理と決済サーバ4の決済処理は、第1実施形態と同様に実行されるので、ここではこれらの説明は省略する。 Since the subsequent processing of the authentication server 3 and the settlement processing of the settlement server 4 are executed in the same manner as in the first embodiment, their description is omitted here.
 第1実施形態と同様に、ステップSb9-1において、認証サーバ3は、S-OTID(図16でいう認証パケット)をユーザ端末2に送信する。
 ステップSb13-1において、ユーザ端末2の認証モジュールのサーバ認証部108は、当該S-OTIDに基づいて、認証サーバ3を認証する。
 ステップSb13-2において、認証モジュールの認証シード更新部109は、サーバ認証部108に認証された結果に基づいて、認証シードを更新する。 Similar to the first embodiment, in step Sb9-1, the authentication server 3 transmits S-OTID (an authentication packet in FIG. 16) to the user terminal 2.
In step Sb13-1, the server authentication unit 108 of the authentication module of the user terminal 2 authenticates the authentication server 3 based on the S-OTID.
In step Sb13-2, the authentication seed update unit 109 of the authentication module updates the authentication seed based on the result authenticated by the server authentication unit 108.
 一方、決済サーバ4は、ステップSb17において、決済結果をサービスサーバ5に送信する。
 ここで、第1実施形態とは異なり第2実施形態では、決済サーバ4は、ユーザ端末2に対して決済結果を送信しない。
 即ち第2実施形態では、サービスサーバ5は、ユーザ端末2からの上述した結果リクエストを受けて、ステップSb18において、決済サーバ4から取得した決済結果をユーザ端末2に送信する。
 ステップSb19において、ユーザ端末2の上位アプリの決済結果取得部110は、ステップSb18でサービスサーバ5から送信されてきた決済結果を取得する。そして、上位アプリの提示部111は、当該決済結果を表示部17に表示する。 On the other hand, the settlement server 4 transmits the settlement result to the service server 5 in step Sb17.
Here, unlike the first embodiment, in the second embodiment, the settlement server 4 does not transmit the settlement result to the user terminal 2.
That is, in the second embodiment, the service server 5 receives the above-described result request from the user terminal 2 and transmits the settlement result acquired from the settlement server 4 to the user terminal 2 in step Sb18.
In step Sb19, the payment result acquisition unit 110 of the upper application of the user terminal 2 acquires the payment result transmitted from the service server 5 in step Sb18. Then, the presentation unit 111 of the upper application displays the settlement result on the display unit 17.
 第2実施形態でも、このような決済支援処理の実現により、決済サーバ4において決済処理が行われる場合に、ユーザ端末2は、サービスサーバ5との間で認証サービスコードの取得及び決済結果の取得以外の通信を一切行う必要がないので、ユーザの個人情報がサービスサーバ5に伝送されるおそれが全くない。
 そのため、サービスサーバ5にユーザの個人情報が保存されることはないので、従来のように、ECサイトを管理する人等に悪用されたり、ECサイト5から個人情報が流出することが一切なくなる。
 このように第2実施形態でも第1実施形態と全く同様に、電子的な方法による決算処理において、個人情報流出等のリスクを低減することができるという効果を奏することが可能になる。 Also in the second embodiment, when the payment server 4 performs a payment process by realizing such a payment support process, the user terminal 2 acquires an authentication service code and a payment result with the service server 5. Since there is no need to perform any other communication, there is no possibility that the personal information of the user is transmitted to the service server 5.
For this reason, since the personal information of the user is not stored in the service server 5, it is never abused by a person who manages the EC site or the personal information is not leaked from the EC site 5 as in the past.
As described above, in the second embodiment, as in the first embodiment, it is possible to reduce the risk of personal information leakage or the like in the settlement process using an electronic method.
 さらに、上述の第1実施形態及び第2実施形態では、各種ハードウェアにより構成される情報処理システムを採用することによって、一連の決済支援処理を実現した。
 しかし、このような決済支援処理を実現するにあたり、必ずしも上述の第1実施形態及び第2実施形態で記載の情報処理システムを採用する必要はない。
 例えば、本発明は、商品等を提供する店舗で上述の決済支援処理をしたうえでさらに、ユーザが商品等を購入する際に、未決済の商品の持ち出しを防止する、いわゆる万引き防止システムを備える情報処理システムに適用することができる。 Furthermore, in the first embodiment and the second embodiment described above, a series of settlement support processing is realized by adopting an information processing system constituted by various hardware.
However, in order to realize such a settlement support process, it is not always necessary to adopt the information processing system described in the first embodiment and the second embodiment.
For example, the present invention includes a so-called shoplifting prevention system that prevents the unpaid product from being taken out when the user purchases the product after performing the above-described settlement support process at a store that provides the product. It can be applied to an information processing system.
 図19は、本発明の第3実施形態に係る情報処理システムの構成の一例を示す図である。
 図19に示す情報処理システムは、店舗端末1と、ユーザ端末2と、認証サーバ3と、決済サーバ4、ゲート装置6とにより構成される。
 店舗端末1と、ユーザ端末2と、認証サーバ3と、決済サーバ4と、ゲート装置6とは、所定のネットワークNを介して相互に接続されている。
 なお、店舗端末1、ユーザ端末2、認証サーバ3、決済サーバ4、ゲート装置6の夫々の台数については、1以上のいかなる数がであってもよい。
 ゲート装置6は、例えば、店舗の出入口等に設置される未決済の商品等の持ち出し防止用のゲートと一体化して組み込まれた情報処理装置等であり、本サービスの提供者又は商品等の提供者により管理される。 FIG. 19 is a diagram showing an example of the configuration of an information processing system according to the third embodiment of the present invention.
The information processing system shown in FIG. 19 includes a store terminal 1, a user terminal 2, an authentication server 3, a settlement server 4, and a gate device 6.
The store terminal 1, the user terminal 2, the authentication server 3, the payment server 4, and the gate device 6 are connected to each other via a predetermined network N.
In addition, about the number of each of the shop terminal 1, the user terminal 2, the authentication server 3, the payment server 4, and the gate apparatus 6, any number of 1 or more may be sufficient.
The gate device 6 is, for example, an information processing device integrated with a gate for preventing unsettled products installed at a store entrance and the like, and is provided by a provider of this service or products, etc. It is managed by a person.
 図19の例では、ユーザが、商品A、商品B、及び商品C(以下、「商品A乃至C」と呼ぶ)を購入するに際し、上述の決済支援処理が行われるものとする。また、図19の例では、商品A乃至Cの夫々には、例えば、NFC(Near Field Communication)やBluetooth(登録商標)等の任意の通信方式でユーザ端末2と直接通信を行うことが可能なタグ等が夫々付されているものとする。 In the example of FIG. 19, it is assumed that the above-described settlement support process is performed when a user purchases a product A, a product B, and a product C (hereinafter referred to as “product A to C”). In the example of FIG. 19, each of the products A to C can directly communicate with the user terminal 2 by an arbitrary communication method such as NFC (Near Field Communication) or Bluetooth (registered trademark). It is assumed that tags are attached respectively.
 ユーザ端末2は、ユーザからの商品A乃至Cの購入希望があると、上述したように、ユーザ端末2が本サービスの適用対象の装置として正規であることを認証サーバ3に対して示す認証子としてのワンタイムID、即ちC-OTIDを生成する。
 ユーザ端末2は、ユーザの入力により受け付けられたパスワードを所定の方式により暗号化することで暗号化パスワードを生成する。
 ユーザ端末2は、暗号化パスワード及びC-OTIDと、店舗端末1から得られた認証サービスコードを含む情報を、ユーザ端末情報として認証サーバ3に送信する。 When the user terminal 2 wishes to purchase the products A to C from the user, as described above, the authenticator indicating to the authentication server 3 that the user terminal 2 is legitimate as a device to which this service is applied. As a one-time ID, that is, C-OTID.
The user terminal 2 generates an encrypted password by encrypting the password received by the user input by a predetermined method.
The user terminal 2 transmits information including the encrypted password and C-OTID and the authentication service code obtained from the store terminal 1 to the authentication server 3 as user terminal information.
 認証サーバ3は、ユーザ端末2から送信されてきたユーザ端末情報を取得すると、当該ユーザ端末情報に含まれる暗号化パスワードから、上述のパスワードを復号する。
 認証サーバ3は、復号されたパスワード及びユーザ端末情報に含まれるC-OTIDに基づいて、ユーザ端末2が本サービスの適用対象である正規の端末であることの認証、即ちユーザ認証を行う。
 認証サーバ3は、ユーザ認証の結果を示すユーザパラメータと、ユーザ端末情報に含まれる認証サービスコードとを含む情報を、認証サーバ情報として決済サーバ4に送信する。 When the authentication server 3 acquires the user terminal information transmitted from the user terminal 2, the authentication server 3 decrypts the above password from the encrypted password included in the user terminal information.
Based on the decrypted password and the C-OTID included in the user terminal information, the authentication server 3 performs authentication that the user terminal 2 is a regular terminal to which this service is applied, that is, user authentication.
The authentication server 3 transmits information including a user parameter indicating the result of user authentication and an authentication service code included in the user terminal information to the settlement server 4 as authentication server information.
 さらに第3実施形態では、認証サーバ3は、ユーザ認証を行ったユーザのゲート通過を許可するためのID(以下、「G-ID」と呼ぶ)を生成し、ゲート装置6とユーザ端末2との夫々に送信する。
 ここで、G-IDは、ユーザ認証を行った認証サーバ3により生成されれば足り、上述のC-OTIDやサービスコード等と一致させる必要は無く、任意のものを採用することができる。また、G-IDの送信タイミングは、ユーザがゲートを通過する前であれば足り、任意のタイミングでよい。例えば、認証サーバ3は、上述した様に、S-OTIDを生成してユーザ端末2に送信するが、このS-OTIDの送信タイミング時点でG-IDもユーザ端末2に送信してもよい。なお、S-OTIDとG-IDとを一致させる必要は無い点は言うまでもない。 Furthermore, in the third embodiment, the authentication server 3 generates an ID (hereinafter referred to as “G-ID”) for allowing the user who has performed user authentication to pass through the gate, and the gate device 6, the user terminal 2, To each of the.
Here, it is sufficient that the G-ID is generated by the authentication server 3 that has performed user authentication, and it is not necessary to match the above-described C-OTID, service code, etc., and any G-ID can be adopted. The G-ID transmission timing may be any timing as long as it is before the user passes through the gate. For example, as described above, the authentication server 3 generates an S-OTID and transmits it to the user terminal 2. However, the G-ID may also be transmitted to the user terminal 2 at the transmission timing of this S-OTID. Needless to say, it is not necessary to match the S-OTID and the G-ID.
 ユーザ端末2は、認証サーバ3から送信されてきたG-IDと、商品A乃至Cのタグ等から送信されてきた各商品を特定可能な情報(以下、「商品特定情報」と呼ぶ)とを紐付けた情報(以下、「紐付け情報」と呼ぶ)を生成する。
 ここで、紐付け情報は、各商品A乃至C毎に個別に3個生成されても良いし、商品A乃至Cの群(精算の単位)に対して1個生成されても良い。以下、説明の便宜上、紐付け情報は、商品A乃至Cの群(精算の単位)に対して1個生成されるものとする。
 また、ゲート装置6は、認証サーバ3から送信されてきたG-IDを保持する。 The user terminal 2 uses the G-ID transmitted from the authentication server 3 and information (hereinafter referred to as “product identification information”) that can identify each product transmitted from the tags of the products A to C. Generate linked information (hereinafter referred to as “linked information”).
Here, three pieces of association information may be generated individually for each of the products A to C, or one piece of information may be generated for a group of products A to C (a unit of settlement). Hereinafter, for convenience of explanation, it is assumed that one piece of linking information is generated for a group of products A to C (a unit of settlement).
The gate device 6 holds the G-ID transmitted from the authentication server 3.
 一方、決済サーバ4は、認証サーバ3から送信されてきた認証サーバ情報を受信すると、当該認証サーバ情報のうちユーザパラメータに基づいて、ユーザの認証結果を認識する。
 決済サーバ4は、ユーザの認証が成功されている場合には所定の決済処理を実行し、その実行内容を示す決済結果を、店舗端末1及びユーザ端末2の夫々に送信する。 On the other hand, when the settlement server 4 receives the authentication server information transmitted from the authentication server 3, the settlement server 4 recognizes the user authentication result based on the user parameter in the authentication server information.
The settlement server 4 executes a predetermined settlement process when the user authentication is successful, and transmits a settlement result indicating the execution content to each of the store terminal 1 and the user terminal 2.
 ユーザ端末2は、決済サーバ4から送信されてきた決済処理の結果を取得すると、当該決済処理の結果を表示部17に表示させる等することで、ユーザに提示する。 When the user terminal 2 acquires the result of the payment process transmitted from the payment server 4, the user terminal 2 displays the result of the payment process on the display unit 17 and presents it to the user.
 店舗端末1は、決済サーバ4から送信されてきた決済処理の結果を取得すると、当該決済処理の結果と、当該決済処理の対象となった商品(本例では商品A乃至C)とを示す情報とをゲート装置6に送信する。ゲート装置6は、この情報と上述のG-IDとを対応付けて保持する。 When the store terminal 1 acquires the result of the payment process transmitted from the payment server 4, the shop terminal 1 shows information indicating the result of the payment process and the products (products A to C in this example) that are the objects of the payment process. Are transmitted to the gate device 6. The gate device 6 holds this information in association with the above-mentioned G-ID.
 その後、ユーザ端末2を保持するユーザが店舗のゲートを通過する際に、ゲート端末6は、例えば、NFC(Near Field Communication)やBluetooth(登録商標)等の任意の通信方式でユーザ端末2と直接通信を行い、紐付け情報を取得し、当該紐付け情報に含まれるG-IDと、自機が保持しているG―IDとが一致するか否かに基づいて、ユーザがゲートを通過することを許可するか否かを決定する。
 換言すると、図19の右下の例にように、商品A乃至Cについて紐付け情報を有していない(つまり「G-ID」が紐付いていない)場合、或いは、商品A乃至Cについて紐付け情報を有している(つまり「G-ID」が紐付いている)場合であっても、異なるG-IDである場合には、ゲート装置6は、ユーザがゲートを通過することを禁止する処理を実行する。さらに、ゲート装置6は、G―IDのみならず、店舗端末1を介して決済サーバ4から送信されてきた決済処理の結果が失敗の結果であった場合にも、ユーザがゲートを通過することを禁止する処理を実行する。
 なお、ユーザがゲートを通過することを禁止する処理は、ブザー等を鳴らしたり、ゲートを遮断したり、店舗端末1に通報したり等各種各様な処理を採用することができる。 Thereafter, when the user holding the user terminal 2 passes through the store gate, the gate terminal 6 directly communicates with the user terminal 2 by an arbitrary communication method such as NFC (Near Field Communication) or Bluetooth (registered trademark). Communication is performed to obtain linking information, and the user passes through the gate based on whether or not the G-ID included in the linking information matches the G-ID held by the own device. Decide whether or not to allow it.
In other words, as shown in the lower right example in FIG. 19, when the products A to C do not have the link information (that is, “G-ID” is not linked), or the products A to C are linked. Even if it has attachment information (that is, “G-ID” is associated), if it is a different G-ID, the gate device 6 prohibits the user from passing through the gate. Execute the process. Furthermore, the gate device 6 allows the user to pass through the gate not only when the G-ID but also the result of the payment processing transmitted from the payment server 4 via the store terminal 1 is a failure result. Execute the process that prohibits.
The process for prohibiting the user from passing through the gate can employ various processes such as sounding a buzzer, shutting off the gate, and notifying the store terminal 1.
 第3実施形態でも、第1実施形態の決済支援処理をそのまま実現できるので、ユーザの個人情報が店舗側(店舗端末1やゲート装置6)に伝送されるおそれが全くない。
 また、従来の万引き防止システムのように、店員が商品等に付されたタグの付け外しを行う手間がない。
 このように、この第3実施形態を採用することで、本サービスの提供者は、例えば、ユーザが未決済の商品を店舗外に持ち出すことを容易に防止するような、より幅広い決済サービスを提供できるという効果を奏することが可能となる。 Also in the third embodiment, since the settlement support process of the first embodiment can be realized as it is, there is no possibility that the user's personal information is transmitted to the store side (the store terminal 1 or the gate device 6).
Further, unlike the conventional shoplifting prevention system, there is no need for the store clerk to attach or remove the tag attached to the product or the like.
As described above, by adopting the third embodiment, the provider of this service provides a wider range of settlement services that can easily prevent users from taking unsettled products out of the store, for example. It is possible to achieve the effect of being able to.
 なお、G-IDは、第3実施形態ではC-OTIDを用いたユーザ認証に基づいて生成されたが、特にこれに限定されず、ユーザ端末2を特定可能な情報と、ユーザを特定可能な情報(例えば生体情報)とを用いたユーザ認証に基づいて生成されてもよい。つまり、G-IDを用いたゲートの通過の許可の処理は決済支援処理が前提となるが、この決済支援処理は、上述の第1実施形態又は第2実施形態の処理に特に限定されず、ユーザ認証が行われるものであれば足りる。つまり、G-IDは、決済支援処理で行われたユーザ認証に基づいて生成されれば足りる。 The G-ID is generated based on user authentication using the C-OTID in the third embodiment. However, the G-ID is not particularly limited to this, and the information that can identify the user terminal 2 and the user can be identified. It may be generated based on user authentication using information (for example, biometric information). That is, the process of permitting the passage of the gate using the G-ID is premised on the settlement support process, but this settlement support process is not particularly limited to the process of the first embodiment or the second embodiment described above, It is sufficient if user authentication is performed. That is, it is sufficient that the G-ID is generated based on the user authentication performed in the payment support process.
 以上、本発明の第1乃至第3実施形態について説明したが、本発明は、上述の第1乃至第3実施形態に限定されるものではなく、本発明の目的を達成できる範囲での変形、改良等は本発明に含まれるものである。 The first to third embodiments of the present invention have been described above. However, the present invention is not limited to the above-described first to third embodiments, and modifications within a range that can achieve the object of the present invention. Improvements and the like are included in the present invention.
 例えば、上述の実施形態における、認証サービスコードは、以下のような用途においても利用可能である。
 即ち、認証サービスコードは、上述の実施形態の決済の他、サービスログイン、アクセス認証(監視・制御他)、アクセス権(投票・アンケート他)等の各種サービスに利用できる。
 つまり、認証サービスコードは、サービスより発行される情報である。そして、認証サービスコードにより不正認証を実行させないため、認証情報のチェックを認証サーバ及びユーザ端末により行う。 
 この認証サービスコードには、具体的には、以下の情報が設定される。
 即ち、例えば、サービスの対象(誰が、何が)、サービスの内容(何を、謡的にはサービスログインや決済等)、認証結果を受け取る相手(誰に)、期間制限(いつまで、通常はサービスコード発行60秒以内)、サービス毎の乱数(要求コード)等の情報が設定される。
 つまり、認証サービスコードは、ユーザ端末(認証クライアント)により読み取り、認証サーバへ通知される。
 そして、認証サーバは、認証サービスコードの指定whom(誰に)にユーザ情報を通知し、指定whom(誰に)は、指定who(誰が)にResult(結果)を通知する。
 このResult(結果)は、例えば、ユーザID、パスワード、決済コード、決済金額、タイムスタンプ、決済サービス等を通知する
 なお、例えば、指定whom(誰に)が規定されていない場合は、認証サーバより認証サービスコード発行体にResult(結果)を通知する。 For example, the authentication service code in the above-described embodiment can be used in the following applications.
That is, the authentication service code can be used for various services such as service login, access authentication (monitoring / control, etc.), access right (voting / questionnaire, etc.), in addition to the settlement of the above-described embodiment.
That is, the authentication service code is information issued by the service. In order to prevent unauthorized authentication from being executed by the authentication service code, authentication information is checked by the authentication server and the user terminal.
Specifically, the following information is set in the authentication service code.
That is, for example, the target of the service (who, what), the content of the service (what, in principle, service login, payment, etc.), the recipient (to whom) the authentication result is received, the time limit (until, usually the service) Information such as a random number (request code) for each service is set.
That is, the authentication service code is read by the user terminal (authentication client) and notified to the authentication server.
Then, the authentication server notifies user information to a specified who (who) of the authentication service code, and a specified who (who) notifies a Result (result) to the specified who (who).
This Result (result), for example, notifies the user ID, password, payment code, payment amount, time stamp, payment service, etc. For example, if the specified who (to whom) is not specified, from the authentication server The Result (result) is notified to the authentication service code issuer.
 また例えば、上述の実施形態における、認証サービスコードは、QRコード(登録商標)で通知するものとして説明を行ったが、特にこれに限定されない。
 例えば、NFC(Near Field Radio Communication)(登録商標)、Bluetooth(登録商標)、光通信等の通信手段を用いることも可能である。 Further, for example, the authentication service code in the above-described embodiment has been described as being notified by a QR code (registered trademark), but is not particularly limited thereto.
For example, communication means such as NFC (Near Field Radio Communication) (registered trademark), Bluetooth (registered trademark), and optical communication can be used.
 また例えば、上述の実施形態では、各種認証子(例えば、C-OTIDやS-OTID)は、ワンタイムIDで説明した。
 このワンタイムIDは、真性乱数や擬似乱数であり、認証サーバ3とユーザ端末2はこれに基づいてそれぞれのシードを更新していた。このため、ユーザ端末2と認証サーバ3との間で行われる通信は、盗聴によるワンタイムIDの類推を防止すべく、上述の実施形態では、共通暗号鍵を用いた通信が採用されていた。しかしながら、このような上述の実施形態に特に限定されず、ユーザ端末2と認証サーバ3との間で行われる通信は、いわゆる平文でも可能である。
 さらに例えば、ワンタイムID自体で認証することも特に限定されず、固定パスワード等、他の認証技術を用いることも可能である。 Further, for example, in the above-described embodiment, various authenticators (for example, C-OTID and S-OTID) are described as one-time IDs.
This one-time ID is a genuine random number or a pseudo-random number, and the authentication server 3 and the user terminal 2 update their seeds based on this. For this reason, the communication performed between the user terminal 2 and the authentication server 3 employs a communication using a common encryption key in the above-described embodiment in order to prevent analogy of a one-time ID due to eavesdropping. However, the present invention is not particularly limited to the above-described embodiment, and communication performed between the user terminal 2 and the authentication server 3 can be performed in so-called plain text.
Further, for example, the authentication with the one-time ID itself is not particularly limited, and other authentication techniques such as a fixed password can be used.
 また、例えば、上述の実施形態では、ユーザにより入力されたパスワードが暗号化され、その結果得られる暗号化パスワードがユーザ端末情報に含められて、ユーザ端末2から認証サーバ3に送信された。そして、認証サーバ3において、ユーザ端末情報に含まれる暗号化パスワードから上述のパスワードが復号され、復号されたパスワードと、ユーザ端末情報に含まれるC-OTIDとに基づいて、ユーザ認証が行われた。
 しかしながら、パスワードの暗号化は、特に必須ではなく、暗号化は省略されてもよい。もっとも、暗号化をした方がセキュリティが高まることは言うまでもない。
 さらに言えば、ユーザ端末情報に含められる情報として、パスワードは特に必須ではなく、ユーザを識別するための識別子であれば足りる。 For example, in the above-described embodiment, the password input by the user is encrypted, and the encrypted password obtained as a result is included in the user terminal information and transmitted from the user terminal 2 to the authentication server 3. Then, in the authentication server 3, the above password is decrypted from the encrypted password included in the user terminal information, and the user authentication is performed based on the decrypted password and the C-OTID included in the user terminal information. .
However, the encryption of the password is not particularly essential, and the encryption may be omitted. However, it goes without saying that encryption increases security.
Furthermore, a password is not particularly required as information included in the user terminal information, and an identifier for identifying the user is sufficient.
 また例えば、上述した一連の処理は、ハードウェアにより実行させることもできるし、ソフトウェアにより実行させることもできる。
 換言すると、図4及び図12の機能的構成は例示に過ぎず、特に限定されない。
 即ち、上述した一連の処理を全体として実行できる機能が情報処理システムに備えられていれば足り、この機能を実現するためにどのような機能ブロックを用いるのかは特に図4及び図12の例に限定されない。また、機能ブロックの存在場所も、図4及び図12に特に限定されず、任意でよい。
 また、1つの機能ブロックは、ハードウェア単体で構成してもよいし、ソフトウェア単体で構成してもよいし、それらの組み合わせで構成してもよい。 For example, the series of processes described above can be executed by hardware or can be executed by software.
In other words, the functional configurations of FIGS. 4 and 12 are merely examples, and are not particularly limited.
That is, it is sufficient that the information processing system has a function capable of executing the above-described series of processing as a whole, and what functional blocks are used to realize this function are particularly shown in the examples of FIGS. It is not limited. Further, the location of the functional block is not particularly limited to that shown in FIGS. 4 and 12, and may be arbitrary.
In addition, one functional block may be constituted by hardware alone, software alone, or a combination thereof.
 また例えば、一連の処理をソフトウェアにより実行させる場合には、そのソフトウェアを構成するプログラムが、コンピュータ等にネットワークや記録媒体からインストールされる。
 コンピュータは、専用のハードウェアに組み込まれているコンピュータであっても良い。
 また、コンピュータは、各種のプログラムをインストールすることで、各種の機能を実行することが可能なコンピュータ、例えばサーバの他、スマートフォンやパーソナルコンピュータ、又は各種デバイス等であってもよい。 For example, when a series of processing is executed by software, a program constituting the software is installed in a computer or the like from a network or a recording medium.
The computer may be a computer incorporated in dedicated hardware.
Further, the computer may be a computer that can execute various functions by installing various programs, for example, a server, a smartphone, a personal computer, or various devices.
 また例えば、このようなプログラムを含む記録媒体は、ユーザにプログラムを提供するために装置本体とは別に配布される図示せぬリムーバブルメディアにより構成されるだけでなく、装置本体に予め組み込まれた状態でユーザに提供される記録媒体等で構成される。 In addition, for example, the recording medium including such a program is not only constituted by a removable medium (not shown) distributed separately from the apparatus main body in order to provide the program to the user, but is also incorporated in the apparatus main body in advance. And a recording medium provided to the user.
 なお、本明細書において、記録媒体に記録されるプログラムを記述するステップは、その順序に沿って時系列的に行われる処理はもちろん、必ずしも時系列的に処理されなくとも、並列的或いは個別に実行される処理をも含むものである。
 また、本明細書において、システムの用語は、複数の装置や複数の手段等より構成される全体的な装置を意味するものとする。 In the present specification, the step of describing the program recorded on the recording medium is not limited to the processing performed in time series along the order, but is not necessarily performed in time series, either in parallel or individually. The process to be executed is also included.
Further, in the present specification, the term “system” means an overall apparatus configured by a plurality of devices, a plurality of means, and the like.
 以上を換言すると、本発明が適用される情報処理システムは、次のような構成を有する各種各様の実施形態を取ることができる。
 即ち、本発明が適用される情報処理システムは、
 認証サービスとして決済を要求するサービス要求元により管理される要求元装置(例えば図1の店舗端末1又は図11のサービスサーバ5)と、
 前記認証サービスを実行するユーザにより管理されるユーザ端末(例えば図1又は図11のユーザ端末2)と、
 前記ユーザを認証する認証サーバ(例えば図1又は図11の認証サーバ3)と、
 前記ユーザに対する決済処理を実行する決済サーバ(例えば図1又は図11の決済サーバ4)と、
 を含む情報処理システムにおいて、
 前記ユーザ端末は、
  前記ユーザが前記認証サービスを実行するための汎用的認証コードとして使用する認証サービスコードを、前記要求元装置から取得するサービスコード取得手段(例えば図4又は図12のサービスコード取得部102)と、
  前記ユーザ端末が正規であることを示す第1ワンタイム認証子(C-OTID)を生成する第1認証子生成手段(例えば図4又は図12のC-OTID生成部104)と、
  前記ユーザを識別するための識別子と、前記認証サービスコードと、前記第1ワンタイム認証子を含む第1送信情報を生成する第1送信情報生成手段(例えば図4又は図12のユーザ端末情報生成部106)と、
  前記第1送信情報を前記認証サーバに送信する制御を行う第1送信制御手段(例えば図4又は図12のユーザ端末情報送信制御部107)と、
 を備え、
 前記認証サーバは、
  前記ユーザ端末からの前記第1送信情報を受信する制御を行う第1受信制御手段(図4又は図12のユーザ端末情報取得部201)と、
  前記第1送信情報に含まれる前記識別子と、前記第1送信情報に含まれる前記第1ワンタイム認証子とに基づいて、前記ユーザの認証結果を示すユーザパラメータを生成するユーザ認証手段(例えば図4又は図12のユーザ認証部203)と、
  前記第1送信情報に含まれる前記認証サービスコードと、前記ユーザパラメータとを含む第2送信情報を、前記決済サーバに送信する制御を行う第2送信制御手段(図4又は図12の認証サーバ情報送信制御部205)と、
 を備えれば足りる。 In other words, the information processing system to which the present invention is applied can take various embodiments having the following configurations.
That is, an information processing system to which the present invention is applied is
A request source device (for example, the store terminal 1 in FIG. 1 or the service server 5 in FIG. 11) managed by a service request source that requests settlement as an authentication service;
A user terminal managed by a user who executes the authentication service (for example, the user terminal 2 in FIG. 1 or FIG. 11);
An authentication server for authenticating the user (for example, the authentication server 3 in FIG. 1 or FIG. 11);
A payment server (for example, the payment server 4 in FIG. 1 or FIG. 11) that executes a payment process for the user;
In an information processing system including
The user terminal is
Service code acquisition means (for example, the service code acquisition unit 102 in FIG. 4 or FIG. 12) that acquires an authentication service code used as a general authentication code for the user to execute the authentication service from the request source device;
First authenticator generation means (for example, C-OTID generator 104 in FIG. 4 or FIG. 12) for generating a first one-time authenticator (C-OTID) indicating that the user terminal is authentic;
First transmission information generating means for generating first transmission information including an identifier for identifying the user, the authentication service code, and the first one-time authenticator (for example, user terminal information generation in FIG. 4 or FIG. 12) Part 106),
First transmission control means (for example, user terminal information transmission control unit 107 in FIG. 4 or FIG. 12) for performing control to transmit the first transmission information to the authentication server;
With
The authentication server is
First reception control means (user terminal information acquisition unit 201 in FIG. 4 or FIG. 12) for performing control to receive the first transmission information from the user terminal;
User authentication means for generating a user parameter indicating the user authentication result based on the identifier included in the first transmission information and the first one-time authenticator included in the first transmission information (for example, FIG. 4 or the user authentication unit 203) of FIG.
Second transmission control means for performing control to transmit the second transmission information including the authentication service code included in the first transmission information and the user parameter to the settlement server (the authentication server information in FIG. 4 or FIG. 12). Transmission control unit 205),
It is enough to have
 これにより、上述の認証サービスコードにより決済する店舗を特定することができ、ユーザ端末と要求元装置(例えば図1の店舗端末1又は図11のサービスサーバ5)との間で、決済時の個人情報の送受信が不要となる。そのため、電子的な方法による決算処理において、個人情報の流出等のリスクを低減することができる。 As a result, the store to be settled can be specified by the authentication service code described above, and the individual at the time of settlement between the user terminal and the request source device (for example, the store terminal 1 in FIG. 1 or the service server 5 in FIG. 11). Transmission / reception of information becomes unnecessary. Therefore, it is possible to reduce risks such as leakage of personal information in the settlement process by an electronic method.
 さらに、前記第1送信情報生成手段は、
  前記ユーザを識別するための前記識別子として、入力されたパスワードを暗号化することで暗号化パスワードを生成し、当該暗号化パスワードと、前記認証サービスコードと、前記第1ワンタイム認証子を含む前記第1送信情報を生成し、
 前記ユーザ認証手段は、前記第1送信情報に含まれる前記暗号化パスワードを復号した前記パスワードと、前記第1送信情報に含まれる前記第1ワンタイム認証子とに基づいて、前記ユーザの認証結果を示す前記ユーザパラメータを生成することができる。
 これにより、ユーザを識別するための識別子の通信時における盗聴を抑制できるので、よりセキュリティが高まる。 Furthermore, the first transmission information generating means includes
As the identifier for identifying the user, an encrypted password is generated by encrypting the input password, and includes the encrypted password, the authentication service code, and the first one-time authenticator. Generating first transmission information;
The user authentication means, based on the password obtained by decrypting the encrypted password included in the first transmission information, and the first one-time authenticator included in the first transmission information, the user authentication result The user parameter indicating can be generated.
Thereby, since eavesdropping at the time of communication of the identifier for identifying the user can be suppressed, security is further improved.
 さらに、前記認証サーバは、
  前回更新された認証シードに基づいて、当該認証サーバが正規であることを示す第2ワンタイム認証子(S-OTID)を生成し、当該認証シードを更新する第2認証子生成手段(例えば図4又は図12のS-OTID生成更新部206の生成機能)と、
  前記第2ワンタイム認証子(S-OTID)を前記ユーザ端末に送信する制御を行う第3送信制御手段(例えば図4又は図12のS-OTID生成更新部206の送信制御機能)と、
 をさらに備え、
 前記ユーザ端末の前記第1認証子生成手段は、前回更新された認証シードに基づいて、前記第1ワンタイム認証子(C-OTID)を生成し、
 前記ユーザ端末は、前記第2ワンタイム認証子に基づいて、前記認証サーバを認証するとともに、前記認証シードを更新するサーバ認証手段(例えば図4又は図12のサーバ認証部108)と、
 をさらに備えれば足りる。 Further, the authentication server includes:
Based on the previously updated authentication seed, a second one-time authenticator (S-OTID) indicating that the authentication server is authentic is generated, and second authenticator generation means (for example, FIG. 4 or the generation function of the S-OTID generation / update unit 206 in FIG.
Third transmission control means (for example, the transmission control function of the S-OTID generation / updating unit 206 in FIG. 4 or FIG. 12) for controlling the transmission of the second one-time authenticator (S-OTID) to the user terminal;
Further comprising
The first authenticator generating means of the user terminal generates the first one-time authenticator (C-OTID) based on the previously updated authentication seed,
The user terminal authenticates the authentication server based on the second one-time authenticator and also updates server authentication means for updating the authentication seed (for example, the server authentication unit 108 in FIG. 4 or FIG. 12);
It is enough to have more.
 これにより、ユーザ端末と要求元装置との相互認証を、より正確に行うことができるため、電子的な方法による決算処理において、個人情報の流出等のリスクを、さらに低減することができる。 Thereby, since mutual authentication between the user terminal and the request source device can be performed more accurately, it is possible to further reduce risks such as leakage of personal information in settlement processing by an electronic method.
  さらに、前記決済サーバは、前記ユーザパラメータに基づいて前記ユーザの認証結果を認識し、前記ユーザの認証が成功されている場合には前記決済処理を実行し、前記ユーザの認証が失敗されている場合には所定のエラー処理を実行し、その実行内容を示す決済結果を少なくとも前記要求元装置に通知し、
  前記ユーザ端末は、
  前記決済結果を前記決済サーバ又は前記要求元装置から取得する取得手段(例えば図4又は図12の決済結果取得部110)と、
  取得された前記決済結果を前記ユーザに提示する提示手段(例えば図4又は図12の提示部111)と、
 をさらに備えていれば足りる。 Further, the payment server recognizes the authentication result of the user based on the user parameter, executes the payment process when the user authentication is successful, and the user authentication has failed. In this case, a predetermined error process is executed, and at least the settlement result indicating the execution content is notified to the request source device.
The user terminal is
Acquisition means for acquiring the payment result from the payment server or the request source device (for example, the payment result acquisition unit 110 in FIG. 4 or FIG. 12);
Presenting means for presenting the acquired settlement result to the user (for example, the presentation unit 111 in FIG. 4 or 12);
It is enough to have more.
 上述の構成によれば、決済サーバの実行した決済処理の結果(決済処理結果)は、ユーザ端末及び要求元装置に送信される。そして、ユーザ端末では、当該決済処理結果をユーザに提示することができる。
 これにより、ユーザは、決済が上述の決済支援処理が、正常に完了したのか、否かを正確に把握することができる。 According to the above-described configuration, the result of the payment process (payment process result) executed by the payment server is transmitted to the user terminal and the request source apparatus. The user terminal can present the settlement processing result to the user.
Thereby, the user can grasp | ascertain correctly whether the payment above-mentioned payment assistance process was completed normally.
 1   店舗端末
 2   ユーザ端末
 3   認証サーバ
 4   決済サーバ
 5   サービスサーバ
 11  CPU
 31  CPU
 101  上位リクエスト部
 102  サービスコード取得部
 103  PW入力部
 104  C-OTID生成部
 105  PW暗号化部
 106  ユーザ端末情報生成部
 107  ユーザ端末情報送信制御部
 108  サーバ認証部
 109  認証シード更新部
 110  決済結果取得部
 111  提示部
 201  ユーザ端末情報取得部
 202  復号化部
 203  ユーザ認証部
 204  ユーザパラメータ変換部
 205  認証サーバ情報送信制御部
 206  S-OTID生成更新部
 301  UPDB 1 store terminal 2 user terminal 3 authentication server 4 settlement server 5 service server 11 CPU
31 CPU
DESCRIPTION OF SYMBOLS 101 Upper request | requirement part 102 Service code acquisition part 103 PW input part 104 C-OTID generation part 105 PW encryption part 106 User terminal information generation part 107 User terminal information transmission control part 108 Server authentication part 109 Authentication seed update part 110 Settlement result acquisition Unit 111 presentation unit 201 user terminal information acquisition unit 202 decryption unit 203 user authentication unit 204 user parameter conversion unit 205 authentication server information transmission control unit 206 S-OTID generation update unit 301 UPDB

Claims (4)

  1.  認証サービスとして決済を要求するサービス要求元により管理される要求元装置と、
     前記認証サービスを実行するユーザにより管理されるユーザ端末と、
     前記ユーザを認証する認証サーバと、
     前記ユーザに対する決済処理を実行する決済サーバと、
     を含む情報処理システムにおいて、
     前記ユーザ端末は、
      前記ユーザが前記認証サービスを実行するための汎用的認証コードとして使用する認証サービスコードを、前記要求元装置から取得するサービスコード取得手段と、
      前記ユーザ端末が正規であることを示す第1ワンタイム認証子を生成する第1認証子生成手段と、
      前記ユーザを識別するための識別子と、前記認証サービスコードと、前記第1ワンタイム認証子を含む第1送信情報を生成する第1送信情報生成手段と、
      前記第1送信情報を前記認証サーバに送信する制御を行う第1送信制御手段と、
     を備え、
     前記認証サーバは、
      前記ユーザ端末からの前記第1送信情報を受信する制御を行う第1受信制御手段と、
      前記第1送信情報に含まれる前記識別子と、前記第1送信情報に含まれる前記第1ワンタイム認証子とに基づいて、前記ユーザの認証結果を示すユーザパラメータを生成するユーザ認証手段と、
      前記第1送信情報に含まれる前記認証サービスコードと、前記ユーザパラメータとを含む第2送信情報を、前記決済サーバに送信する制御を行う第2送信制御手段と、
     を備える、
     情報処理システム。     A request source device managed by a service request source that requests settlement as an authentication service;
    A user terminal managed by a user executing the authentication service;
    An authentication server for authenticating the user;
    A payment server for executing a payment process for the user;
    In an information processing system including
    The user terminal is
    Service code acquisition means for acquiring an authentication service code used as a general authentication code for the user to execute the authentication service from the request source device;
    First authenticator generating means for generating a first one-time authenticator indicating that the user terminal is authentic;
    First transmission information generating means for generating first transmission information including an identifier for identifying the user, the authentication service code, and the first one-time authenticator;
    First transmission control means for performing control to transmit the first transmission information to the authentication server;
    With
    The authentication server is
    First reception control means for performing control to receive the first transmission information from the user terminal;
    User authentication means for generating a user parameter indicating an authentication result of the user based on the identifier included in the first transmission information and the first one-time authenticator included in the first transmission information;
    Second transmission control means for performing control to transmit the second transmission information including the authentication service code included in the first transmission information and the user parameter to the settlement server;
    Comprising
    Information processing system.
  2.  前記第1送信情報生成手段は、
      前記ユーザを識別するための前記識別子として、入力されたパスワードを暗号化することで暗号化パスワードを生成し、当該暗号化パスワードと、前記認証サービスコードと、前記第1ワンタイム認証子を含む前記第1送信情報を生成し、
     前記ユーザ認証手段は、前記第1送信情報に含まれる前記暗号化パスワードを復号した前記パスワードと、前記第1送信情報に含まれる前記第1ワンタイム認証子とに基づいて、前記ユーザの認証結果を示す前記ユーザパラメータを生成する、
     請求項1に記載の情報処理システム。     The first transmission information generating means includes
    As the identifier for identifying the user, an encrypted password is generated by encrypting the input password, and includes the encrypted password, the authentication service code, and the first one-time authenticator. Generating first transmission information;
    The user authentication means, based on the password obtained by decrypting the encrypted password included in the first transmission information, and the first one-time authenticator included in the first transmission information, the user authentication result Generating the user parameter indicating:
    The information processing system according to claim 1.
  3.  前記認証サーバは、
      前回更新された認証シードに基づいて、当該認証サーバが正規であることを示す第2ワンタイム認証子を生成し、当該認証シードを更新する第2認証子生成手段と、
      前記第2ワンタイム認証子を前記ユーザ端末に送信する制御を行う第3送信制御手段と、
     をさらに備え、
     前記ユーザ端末の前記第1認証子生成手段は、前回更新された認証シードに基づいて、前記第1ワンタイム認証子を生成し、
     前記ユーザ端末は、前記第2ワンタイム認証子に基づいて、前記認証サーバを認証するとともに、前記認証シードを更新するサーバ認証手段をさらに備える、
     請求項1又は2に記載の情報処理システム。     The authentication server is
    A second authenticator generating means for generating a second one-time authenticator indicating that the authentication server is authentic based on the authentication seed updated last time, and updating the authentication seed;
    Third transmission control means for performing control to transmit the second one-time authenticator to the user terminal;
    Further comprising
    The first authenticator generating means of the user terminal generates the first one-time authenticator based on the authentication seed updated last time,
    The user terminal further includes server authentication means for authenticating the authentication server based on the second one-time authenticator and updating the authentication seed.
    The information processing system according to claim 1 or 2.
  4.  前記決済サーバは、前記ユーザパラメータに基づいて前記ユーザの認証結果を認識し、前記ユーザの認証が成功されている場合には前記決済処理を実行し、前記ユーザの認証が失敗されている場合には所定のエラー処理を実行し、その実行内容を示す決済結果を少なくとも前記要求元装置に通知し、
      前記ユーザ端末は、
      前記決済結果を前記決済サーバ又は前記要求元装置から取得する取得手段と、
      取得された前記決済結果を前記ユーザに提示する提示手段と、
     をさらに備える、
     請求項1乃至3のうち何れか1項に記載の情報処理システム。     The payment server recognizes the authentication result of the user based on the user parameter, executes the payment process when the user authentication is successful, and when the user authentication fails. Executes predetermined error processing, notifies at least the requesting device of a settlement result indicating the execution content,
    The user terminal is
    Obtaining means for obtaining the settlement result from the settlement server or the request source device;
    Presenting means for presenting the acquired settlement result to the user;
    Further comprising
    The information processing system according to any one of claims 1 to 3.
PCT/JP2018/017801 2017-05-08 2018-05-08 Information processing system WO2018207781A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2017-092451 2017-05-08
JP2017092451A JP2020112839A (en) 2017-05-08 2017-05-08 Information processing system

Publications (1)

Publication Number Publication Date
WO2018207781A1 true WO2018207781A1 (en) 2018-11-15

Family

ID=64104746

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2018/017801 WO2018207781A1 (en) 2017-05-08 2018-05-08 Information processing system

Country Status (2)

Country Link
JP (1) JP2020112839A (en)
WO (1) WO2018207781A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11252069A (en) * 1998-03-06 1999-09-17 Fuji Electric Co Ltd Mutual authentication device between information devices
JP2011210171A (en) * 2010-03-30 2011-10-20 Japan Research Institute Ltd Settlement server, settlement system, settlement method, and settlement program

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11252069A (en) * 1998-03-06 1999-09-17 Fuji Electric Co Ltd Mutual authentication device between information devices
JP2011210171A (en) * 2010-03-30 2011-10-20 Japan Research Institute Ltd Settlement server, settlement system, settlement method, and settlement program

Also Published As

Publication number Publication date
JP2020112839A (en) 2020-07-27

Similar Documents

Publication Publication Date Title
CN112602300B (en) System and method for password authentication of contactless cards
US11956243B2 (en) Unified identity verification
JP6497834B2 (en) Payment methods and associated payment gateway servers, mobile terminals, and time certificate issuing servers
US20150302409A1 (en) System and method for location-based financial transaction authentication
CN105027153A (en) Methods, devices, and systems for secure provisioning, transmission, and authentication of payment data
CN112639856A (en) System and method for password authentication of contactless cards
KR101702748B1 (en) Method, system and recording medium for user authentication using double encryption
CN112889046A (en) System and method for password authentication of contactless cards
US20220036349A1 (en) Systems and methods for user authorization and access to services using contactless cards
CN113168631A (en) System and method for password authentication of contactless cards
JP2010218440A (en) Account settlement system, account settlement method, and information processor
CN112655010A (en) System and method for password authentication of contactless cards
CN112639854A (en) System and method for password authentication of contactless card
KR20150106198A (en) Method, server and device for certification
JP2022511281A (en) Systems and methods for cryptographic authentication of non-contact cards
KR20150097059A (en) Payment method via fingerprint authentication, user terminal and payment relay server
WO2018207781A1 (en) Information processing system
CN116868217A (en) Non-contact delivery system and method
KR101581663B1 (en) Authentication and non-repudiation method and system using trusted third party
US20230065163A1 (en) Techniques and systems to perform authentication and payment operations with a contactless card to provide items and services
JP2018164134A (en) Information processing system, information processing method, and program
EP2600560A2 (en) Systems and methods for secure authentication of electronic transactions
AU2016203264A1 (en) System and methods for secure authentication of electronic transactions
ZA200502178B (en) Systems and methods for secure authentication of electronic transactions

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18799129

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: JP

122 Ep: pct application non-entry in european phase

Ref document number: 18799129

Country of ref document: EP

Kind code of ref document: A1