WO2018229927A1 - Identification system, identification device, identification method, and program - Google Patents

Identification system, identification device, identification method, and program Download PDF

Info

Publication number
WO2018229927A1
WO2018229927A1 PCT/JP2017/022107 JP2017022107W WO2018229927A1 WO 2018229927 A1 WO2018229927 A1 WO 2018229927A1 JP 2017022107 W JP2017022107 W JP 2017022107W WO 2018229927 A1 WO2018229927 A1 WO 2018229927A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
evaluation value
unit
identity verification
identity
Prior art date
Application number
PCT/JP2017/022107
Other languages
French (fr)
Japanese (ja)
Inventor
秀巳 黒口
Original Assignee
株式会社C-Grip
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社C-Grip filed Critical 株式会社C-Grip
Priority to PCT/JP2017/022107 priority Critical patent/WO2018229927A1/en
Publication of WO2018229927A1 publication Critical patent/WO2018229927A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists

Definitions

  • the present invention relates to an identity verification system, an identity verification device, an identity verification method, and a program.
  • Patent Document 1 discloses a method in which a trader who wants to open a securities transaction account opens a securities transaction account through a bank transaction system having a bank transaction account, and the bank transaction system is connected through a network.
  • a step of accepting a request for opening a securities trading account from a terminal device operated by the trader, and an account information storage unit in which the banking transaction system stores registration information relating to a banking transaction account possessed by a user of the banking transaction system Obtaining registration information relating to a bank transaction account possessed by the trader, determining whether or not to open a securities transaction account by comparing the registration information with a predetermined rule, and the bank transaction system includes the securities transaction If it is determined that opening is possible in the step of determining whether or not an account can be opened, the terminal device opens a securities trading account.
  • a step of accepting confirmation of information necessary for payment and an account transfer contract, and when the bank transaction system accepts confirmation of the account transfer contract, registration information of the bank transfer account of the transaction A method for opening a securities trading account, comprising: recording a conclusion and transmitting information necessary for opening the securities trading account to a securities trading system of a securities company that opens the securities trading account. It is disclosed.
  • the purpose is to provide an identity verification system that efficiently performs identity verification.
  • An identity verification system includes an acquisition unit that acquires identity verification information indicating that user identification has been completed by a plurality of verification organizations that perform identity verification from a plurality of online services, and the acquisition unit.
  • the evaluation value generation unit that generates the evaluation value for the personal identification based on the user-confirmed information acquired by the above and the output unit that outputs the evaluation value generated by the evaluation value generation unit.
  • the acquisition unit acquires transaction completion information in an online payment service or online administrative procedure on which identity confirmation is a prerequisite as the identity confirmation information
  • the evaluation value generation unit is configured to allow the online payment by a user to be performed.
  • the evaluation value of the user is generated based on the use frequency of the service or the online administrative procedure and the completion information thereof.
  • the evaluation value generation unit generates an evaluation value of the user based on the identity confirmation information of a plurality of online services used by the user, and the evaluation value of the user generated by the evaluation value generation unit And a reference value set for another online service that the user desires to newly register, and further includes a new registration unit that determines whether or not the user can newly register.
  • it further includes an evaluation element value storage unit that stores a plurality of online services and evaluation element values that are evaluation value calculation elements in association with each other.
  • the identification value of the online service used by the user is acquired, and the evaluation value generation unit corresponds to the acquired identification information of the online service among the evaluation element values stored in the evaluation element value storage unit.
  • An evaluation value is calculated based on the evaluation element value.
  • the acquisition unit acquires transaction completion information in the electronic commerce service on which identity verification is a premise as the identity verification completed information, and from a user's trading partner in the electronic commerce service, with respect to a transaction with the user.
  • the apparatus further includes a satisfaction receiving unit that receives an input of an evaluation element value indicating satisfaction, and the evaluation value generating unit generates an evaluation value for the user based on the evaluation element value received by the satisfaction receiving unit. .
  • the acquisition unit acquires transaction completion information in the salary transfer service as the identity confirmation information, and an evaluation element indicating satisfaction with the user's labor situation from the salary payment source in the salary transfer service.
  • a satisfaction level receiving unit that receives an input of a value is further included, and the evaluation value generating unit generates an evaluation value of the user based on the evaluation element value received by the satisfaction level receiving unit.
  • the satisfaction level receiving unit receives an input of an evaluation element value indicating the level of satisfaction via the social network king service.
  • an associating unit for associating user identification information issued from each online service with each other based on user bank identification information used for settlement in each online service.
  • the same online service further includes a duplicate identification information detection unit for detecting a plurality of identification information held by the same user based on the identification information of the bank of the user used for payment.
  • An identity verification apparatus includes an acquisition unit that acquires identity verification information indicating that user identification has been completed by a plurality of verification agencies that perform identity verification from a plurality of online services, and the acquisition unit.
  • the evaluation value generation unit that generates the evaluation value for the personal identification based on the user-confirmed information acquired by the above and the output unit that outputs the evaluation value generated by the evaluation value generation unit.
  • the identity verification method includes a step of acquiring identity verification information indicating that the identity verification of the user has been completed by a plurality of verification organizations performing identity verification from a plurality of online services, and the acquisition unit. Based on the acquired user identity confirmation information, the method includes a step of generating an evaluation value for identity verification and a step of outputting the evaluation value generated by the evaluation value generation unit.
  • the program according to the present invention is acquired by a plurality of online services, which is obtained from a plurality of online services, to obtain identity confirmation information indicating that a user's identity has been completed by a plurality of confirmation organizations that perform identity confirmation.
  • the computer causes the computer to execute a step of generating an evaluation value for verifying the identity and a step of outputting the evaluation value generated by the evaluation value generation unit based on the user's identity confirmation information.
  • FIG. 1 It is a figure which illustrates the hardware constitutions of the personal identification system. It is a figure which illustrates the hardware constitutions of the user terminal. 3 is a diagram illustrating a functional configuration of a user terminal 2.
  • FIG. It is a figure which illustrates the function structure of the electronic commerce management server. It is a figure which illustrates the service usage information stored in service usage information DB600. It is a flowchart of the personal identification process (S10) of the personal identification system 1. It is a figure which illustrates the function structure of the user terminal 2 in a modification.
  • the identity verification system 1 presents a certificate issued by a public institution and proves that the person who intends to receive the online service is the person himself / herself, and then, based on the transaction results of the user using the online service. The evaluation value of the user is calculated.
  • the identity verification in the present invention means that an official document is presented to confirm that the service applicant is the identity. Examples of services for verifying identity include opening a bank account and applying for a credit card. As a specific identity verification method, the service applicant presents a driver's license or passport with information identifying the individual such as the name, address, date of birth, gender, and facial photo of the service applicant.
  • the identity verification system 1 measures the user's trustworthiness based on the type and number of online services that have been verified (identification) and authorized and the number of transactions using each service.
  • FIG. 1 is a diagram illustrating a hardware configuration of the identification system 1.
  • the identity verification system 1 includes a user terminal 2, a bank account system 3, and an electronic commerce management server 4.
  • the user terminal 2 is a computer terminal.
  • the user terminal 2 is a personal computer terminal or a portable computer terminal.
  • the user terminal 2 may be a smartphone, a tablet information terminal, or the like.
  • the user terminal 2 is connected to the bank account system 3 and the electronic commerce management server 4 via a network.
  • One specific user is associated with the user terminal 2, and the user terminal 2 is based on transactions with banks and credit card companies, transactions using electronic money, and salary transfers from the workplace. Measure the user's trustworthiness.
  • the user of the user terminal 2 is a user 20.
  • the user 20 may be a business operator.
  • the bank account system 3 is a computer system managed by a bank having an account opened by the user 20, and performs bank account processing. In the account of the user 20, a salary is transferred from the work place of the user 20, a shopping fee is debited with a credit card owned by the user 20, and the like. When the transfer of funds is completed in the account of the user 20, the bank account system 3 notifies the user 20 that the transfer of funds has been completed.
  • the bank account system 3 is connected to the electronic commerce management server 4 via a network, and executes account transfer in response to a settlement request from the electronic commerce management server 4.
  • the electronic commerce management server 4 is a computer that manages an electronic commerce service 40 via an electronic commerce site (EC site).
  • the EC site in this example is a store on the network for buying and selling goods and services, and includes, for example, a website that provides a video-on-demand service and a BML site that is distributed by data broadcasting. It is.
  • the electronic commerce management server 4 makes a settlement request directly to the bank account system 3 based on the order confirmation operation by the user terminal 2 in the electronic commerce service 40.
  • the relay services 5a and 5b, the information exchange service 5c, and the information providing service 5d are online services that require registration authentication, and the user terminal 2 sends the usage results of the online services that have been verified as identity verification information.
  • the online service 5 receives registration authentication.
  • FIG. 2 is a diagram illustrating a hardware configuration of the user terminal 2.
  • the hardware configuration 200 of the user terminal 2 includes a CPU 202, a memory 204, an HDD 206, a network interface 208 (network IF 208), a display device 210, and an input device 212. They are connected to each other via a bus 214.
  • the CPU 202 is, for example, a central processing unit.
  • the memory 204 is, for example, a volatile memory and functions as a main storage device.
  • the HDD 206 is, for example, a hard disk drive device, and stores a computer program and other data files as a nonvolatile recording device.
  • the network IF 208 is an interface for performing wired or wireless communication, and realizes communication with the bank account system 3 and the electronic commerce management server 4 via the Internet.
  • the display device 210 is a liquid crystal display, for example.
  • the input device 212 is, for example, a keyboard and a mouse.
  • FIG. 3 is a diagram illustrating a functional configuration of the user terminal 2.
  • the identity verification program 1 is installed in the identity verification system 1, and includes a service usage information database 600 (service usage information DB 600) and a personal information management database 602 (personal information management DB 602).
  • the identity verification program 50 includes a transaction result acquisition unit 500, a transaction count unit 502, an evaluation value generation unit 504, an electronic certification unit 506, a new registration unit 508, an evaluation element value storage unit 510, a satisfaction level reception unit 512, and an association unit. 514.
  • the identity verification program 50 includes a mutual authentication unit 516 and a read permission unit 518 as security functions.
  • the transaction result acquisition unit 500 acquires identity-confirmed information indicating that the identity verification of the user 20 is completed by a plurality of confirmation organizations that perform identity verification from a plurality of online services. That is, the transaction result acquisition unit 500 acquires the result of the transaction established in the online payment service or online administrative procedure that has been verified by the user 20.
  • the result of the established transaction is the result of the transaction in the electronic commerce service 40 and the notification of the salary transfer from the employer, the result of the settlement by the credit card, the notification of the deduction of the utility bill, and the like.
  • the transaction result acquisition unit 500 acquires these as transaction completion information.
  • the transaction result acquisition unit 500 is an example of an acquisition unit according to the present invention.
  • Transaction result acquisition unit 500 accepts this transfer notification.
  • a credit card settlement when a credit card withdrawal transaction is successful, a credit card company sends a withdrawal notice to the user terminal 2, and the transaction result acquisition unit 500 obtains this withdrawal notice.
  • the electronic commerce management server 4 notifies the user terminal 2 whether or not the bank withdrawal has been successful, and the transaction result acquisition unit 500 accepts the settlement result.
  • the transaction result acquisition unit 500 acquires the identification information of the online service used by the user 20. As a result, it is possible to determine which online service the identified information is associated with.
  • the identification information indicates information that can uniquely specify an online service, such as a bank code.
  • the transaction count unit 502 counts the transaction completion information acquired by the transaction result acquisition unit 500 for each service. Specifically, the transaction count unit 502 updates the service usage information in the service usage information DB 600 based on the transaction completion information and identification information acquired by the transaction result acquisition unit 500.
  • the evaluation value generation unit 504 generates an evaluation value for the user 20 based on the number of times the user 20 uses the online payment service or online administrative procedure and the completion information thereof. In addition, the evaluation value generation unit 504 generates an evaluation value for the user 20 based on the identity confirmation information of a plurality of online services used by the user 20. Specifically, the evaluation value generation unit 504 generates an evaluation value for identity verification based on the user 20 identity confirmation information counted by the transaction count unit 502.
  • the evaluation value generation unit 504 calculates an evaluation value based on the evaluation element value corresponding to the acquired online service identification information among the evaluation element values stored in the evaluation element value storage unit 510. Specifically, an evaluation factor value is set for each online service. The higher the number of users or the degree of recognition of the service, the higher the evaluation factor value, and the administrative procedure also has a higher evaluation factor value. The higher the socially reliable service is used, the higher the evaluation value of the user 20 increases. Further, the evaluation value generation unit 504 generates an evaluation value for the user 20 based on the evaluation element value received by the satisfaction level reception unit 512 (described later).
  • the evaluation value calculated by the evaluation value generation unit 504 is stored in the service usage information DB 600 as the identity confirmation information of the user 20 of the user terminal 2.
  • the service usage information DB 600 may be held by the user terminal 2, or may be held by a set top box or USB memory directly connected to the user terminal 2.
  • the electronic certification unit 506 outputs the evaluation value generated by the evaluation value generation unit 504. Specifically, the electronic certification unit 506 notifies the evaluation value as the personal identification information when applying for the electronic service applied by the user terminal 2.
  • the electronic certification unit 506 is an example of an output unit according to the present invention. Thereby, when using an electronic service, a highly reliable identity verification is easily performed.
  • the electronic certification unit 506 encrypts the evaluation value and notifies the electronic service 5 of it.
  • the electronic certification unit 506 may notify the identity verification information when the mutual authentication unit 516 (described later) or the read permission unit 518 (described later) permits, or the mutual authentication unit 516 (described later) and read. When the permission is permitted by the permission unit 518 (described later), identification information may be notified.
  • the electronic certification unit 506 may send personal information and identification information when applying for the electronic service 5.
  • the personal information management DB 602 holds the ID of the electronic commerce service 40 of the user 20, a mobile phone number, personal information (name, postal code and address, my number), and mail address.
  • the personal information management DB 602 may be held by the user terminal 2, or may be held by a set top box or USB memory directly connected to the user terminal 2.
  • the new registration unit 508 compares the evaluation value of the user 20 generated by the evaluation value generation unit 504 with the reference value set for the other online service that the user 20 desires to newly register, so that the new registration of the user 20 Judge whether registration is possible.
  • the evaluation element value storage unit 510 stores a plurality of online services and evaluation element values serving as evaluation value calculation elements in association with each other.
  • the satisfaction level reception unit 512 receives an input of an evaluation element value indicating a level of satisfaction with a transaction with the user 20 from a transaction partner of the user 20 in the electronic commerce service. Specifically, in the electronic commerce service, the evaluation of the user 20 such that the withdrawal has not been completed due to a shortage of balance has been accepted as an evaluation element value. In addition, the satisfaction level reception unit 512 receives an input of an evaluation element value indicating the satisfaction level with respect to the labor situation of the user 20 from a salary payment source in the salary transfer service. Specifically, the satisfaction level reception unit 512 receives the satisfaction level via a social networking service (SNS).
  • SNS social networking service
  • the satisfaction level reception unit 512 receives an access from another account as an evaluation factor value in the SNS used by the user 20 and updates the service usage information.
  • accepting the evaluation element value via the SNS leads to the relationship between the user 20 and the transmission partner (transaction partner) of the evaluation element value.
  • the user terminal 2 receives a comment via SNS, it is presumed that there is some connection between the user 20 and the partner who transmitted the comment to the user 20, and the SNS ID has been exchanged. That is, it can be considered that the user 20 and the transmission partner (transaction partner) of the comment were acquainted. Therefore, accepting the evaluation element value via the SNS can be a criterion for determining whether or not the user 20 is in contact with the communication partner in the SNS.
  • the associating unit 514 associates the identification information of the user 20 issued from each online service based on the identification information of the bank of the user 20 used for payment in each online service.
  • the user terminal 2 holds an in-system ID associated with a bank account, and the in-system ID is used for settlement in the A online service and is shared with the bank account system 3. Further, the same bank account is used for the payment in the B online service, and the payment is performed using the same in-system ID. That is, the ID of the A online service and the ID of the B online service are associated with each other via the in-system ID of the user 20.
  • the online service using My Number when payment is made at the bank using the same in-system ID, based on the in-system ID, the bank ID of the user 20, the My Number, and the A Online Service An ID can be associated. In other words, the certainty that the owner of the online service ID is the principal increases, and the evaluation value increases.
  • the mutual authentication unit 516 determines whether the combination of the user terminal 2 and the USB connected to the user terminal 2 is correct as a condition for reading the personal identification information. Specifically, it is determined whether or not the correspondence between the source code in the application program of the user terminal 2 and the source code in the program in the USB connected to the user terminal 2 is correct. More specifically, an authentication key is incorporated as a parent program in an HTML file acquired when an application program in the user terminal 2 or a site providing the electronic service 5 is accessed via the user terminal 2. Then, an authentication key is incorporated in the USB as a child program. When the USB in which the authentication key is embedded is connected to the user terminal 2, the mutual authentication unit 516 determines whether or not the correspondence between the two is correct. Allow access to information. As a result, even if the USB storing the service usage information is lost, it becomes impossible to read the personal identification information or the personal information only with the USB.
  • the read permission unit 518 confirms the identity from the USB memory based on the MAC address of the user terminal 2, the device ID of the USB memory, and the IP address of the device that relays the user terminal 2 or the user terminal 2 to the Internet. Allows reading of information. Specifically, the read permission unit 518 collects the MAC address of the user terminal 2, the device ID of the USB memory, and the IP address of the user terminal 2 or a device that relays the user terminal 2 to the Internet. The read permission unit 518 determines whether the combination of these pieces of device information permitted to be read, which is held as a default value, matches the collected device information. It is assumed that the IP address is IPv6. Part or all of the identity verification program 50 may be realized by hardware such as ASIC. The identity verification program 50 is stored in a recording medium such as a CD-ROM, for example, and is installed via this recording medium.
  • FIG. 4 is a diagram illustrating a functional configuration of the electronic commerce management server 4.
  • an electronic commerce management program 70 is installed in the electronic commerce management server 4 and includes a management information database 604 (management information DB 604).
  • the electronic commerce management program 70 includes an order confirmation detection unit 700, a balance request unit 702, a success / failure determination unit 704, a settlement request unit 706, an execution unit 708, and a notification unit 710.
  • Part or all of this program may be realized by hardware such as ASIC (Application Specific Integrated Circuit), or may be realized by borrowing a part of OS (Operating System) functions.
  • ASIC Application Specific Integrated Circuit
  • an in-system ID associated with the bank account of the member who uses the electronic commerce service 40 is held.
  • the in-system ID is information for identifying a bank account in the electronic commerce management server 4 and is associated with the member ID of the electronic commerce service 40.
  • the in-system ID is also held in the bank account system 3a, and an account can be specified based on the in-system ID.
  • the balance request unit 702 checks the balance of the bank account based on the in-system ID corresponding to the orderer's member ID. Request to 3a.
  • the success / failure determination unit 704 determines the success / failure of the transaction based on the balance notified from the bank account system 3a and the planned transaction amount.
  • the settlement request unit 706 notifies the bank account (bank account system 3a) associated with the orderer's member ID of the orderer's in-system ID, the orderer's in-system ID, and the transaction price. Request the transfer of funds required for settlement.
  • the execution unit 708 executes the transfer of funds to the bank account associated with the member ID of the orderer in response to a request from the settlement request unit 706.
  • the notification unit 710 receives from the bank account system 3a a notification (successful completion) of the transfer of funds by the execution unit 708, and notifies the user terminal 2 accordingly.
  • the electronic commerce management server 4 is directly connected to the bank account system 3a, thereby realizing bank settlement by immediate account transfer of the established transaction. Therefore, the service usage information can be updated immediately.
  • FIG. 5 is a diagram illustrating service usage information.
  • an online service provided by the user 20, the number of successful transactions in each service, and an evaluation factor value are associated.
  • the online service here refers to an online service that is allowed to be used after the user 20 has been verified.
  • the number of successful transactions is the number of transactions for which settlement, withdrawal, transfer, etc. using each online service has been completed.
  • the evaluation factor value is a value indicating the degree of importance according to the degree of recognition of each online service, the number of users, and the like, and also includes the degree of satisfaction from an electronic commerce partner or a workplace.
  • the evaluation value generation unit 504 calculates an evaluation value based on the number of established transactions and the evaluation element value.
  • the evaluation value generation unit 504 may consider the success factor of the transaction and the evaluation element value indicating the transaction frequency in consideration of the fact that the balance could not be withdrawn. Furthermore, in the salary transfer service in the service usage information, the labor situation may be recorded, and the evaluation value generation unit 504 may calculate the evaluation value in consideration of the labor situation.
  • FIG. 6 is a flowchart of the identity verification process (S10) of the identity verification system 1.
  • S10 identity verification process
  • the transaction result acquisition unit 500 receives a notification of success or failure of transaction settlement from the electronic commerce management server 4.
  • step 105 the transaction count unit 502 updates the success / failure of the settlement accepted by the transaction result acquisition unit 500 in the service usage information DB 600 based on the online service identification information.
  • step 110 the evaluation value generation unit 504 calculates the evaluation value of the user 20 based on the number of transactions and the evaluation element value based on the information in the service usage information DB 600 updated by the transaction number counting unit 502. And stored in the service usage information DB 600.
  • step 115 when the user 20 applies for the electronic service 5 and the identity confirmation is requested, the identity confirmation processing (S10) proceeds to S120. Otherwise, the identity confirmation processing (S10 ) Ends.
  • step 120 (S120) the new registration unit 508 compares the reference value of the evaluation value permitted to be registered with the evaluation value of the user 20 in the electronic service 5 to be newly registered.
  • the new registration unit 508 proceeds to S125, and if the evaluation value of the user 20 is below the reference value, The confirmation process (S10) ends.
  • the electronic certification unit 506 encrypts the calculated evaluation value to the electronic service 5 and transmits it as an electronic certification. In this way, identity verification is performed based on the usage status of a service for which identity verification has been performed, so that identity verification can be performed without presenting an official document, and the time until the application procedure for the relay service 5 is completed is shortened.
  • the identity verification system 1 proves the authenticity of the identity based on the service that has been identified. Thereby, the user can use the evaluation value which shows the creditworthiness by the principal confirmation system 1 as an electronic certificate, without performing a principal confirmation procedure, when performing a new registration procedure at the time of application for an electronic pay service. Further, as the number of used services and the number of transactions with which the identity has been confirmed increases, the reliability of the identity verification system 1 increases. Therefore, the user can increase the reliability by actively increasing these. That is, the identity verification system 1 has the pleasure of increasing the reliability by further accumulating results for the user, and can be expected to increase the user's motivation.
  • the credit rating of the evaluation value is high because it is based on a transaction record with a bank or a credit card company that provides services by presenting an official document.
  • identity verification for one service is performed by presenting an official document by the user himself.
  • electronic verification of the verification system 1 proves that a plurality of service providing organizations have been verified. This reduces the possibility of impersonation.
  • the identity verification system 1 does not send an official document as an electronic certificate but is an evaluation value indicating the trustworthiness, it is possible for the user to prove the trustworthiness while keeping the personal information confidential. There is no risk of information leakage.
  • FIG. 7 is a diagram illustrating a functional configuration of the user terminal 2 in the modified example. It should be noted that among the components shown in the figure, the same reference numerals are given to the components that are substantially the same as those shown in FIG.
  • the identity verification program 55 of the first modified example is similar to the identity verification program 50 shown in FIG. 3 in that the authenticity generation unit 520, the credit generation unit 522, the duplicate ID detection unit 524, the electronic certification unit 526, the credit transfer unit 528, The structure which added the sex determination part 530 and service utilization information DB606 is taken.
  • the evaluation value is used as the creditworthiness of the person and the creditworthiness of the user 20, but the present invention is not limited to this, and these may be managed as individual indexes.
  • the service usage information DB 606 manages the authenticity for ensuring the authenticity of the person and the trustworthiness for determining whether or not the user 20 is a reliable person as a trading partner.
  • the authenticity generation unit 520 calculates an evaluation value as the authenticity indicating the certainty of the person himself / herself based on the transaction record and the social credibility of the counterparty.
  • the credit generation unit 522 is at least the labor status of the user 20 (year of service, number of late absenteeism, working attitude, etc.), transaction status (number of transactions, payment ability, period required to complete the transaction, etc.), or , Received a record of communication via SNS (for example, communication with a company with high social credibility that participates in a group that requires an invitation) as a point by the satisfaction reception unit 512 Credit rating is calculated based on points.
  • SNS for example, communication with a company with high social credibility that participates in a group that requires an invitation
  • the credit generation unit 522 may be responsible for protecting the home, and thus credit points may be added. Further, when the electronic commerce management server 4 transfers the property tax or withdraws the account based on the ID of the electronic commerce service 40, the credit generation unit 522 adds credit points according to the tax payment amount. May be. The credit generation unit 522 may add credit points even when paying public charges (electricity charges, gas charges, or water charges) based on the ID of the electronic commerce service 40.
  • the electronic certifying unit 526 notifies the authenticity generated by the authenticity generating unit 520 and the credit generated by the credit generating unit 522 to the online service applied by the user terminal 2. That is, when the user 20 newly registers with the online service, the authenticity and the trustworthiness can be attached together with his / her personal information as a certificate, and it can be proved that the user 20 is suitable as a trading partner. Also, the online service provider can easily determine whether or not the user 20 can register based on authenticity and trustworthiness.
  • the duplicate ID detection unit 524 detects a plurality of identification information owned by the same user based on the identification information of the bank of the user used for payment within the same online service. Specifically, the duplicate ID detection unit 524 detects a member ID associated with the in-system ID used for settlement in the electronic commerce service 40. That is, the duplicate ID detection unit 524 detects that a plurality of member IDs of the electronic commerce service 40 are associated with a specific in-system ID. Thereby, it becomes clear that the user 20 possesses a plurality of member IDs for the electronic commerce service 40.
  • the duplicate ID detection unit 524 is an example of a duplicate identification information detection unit according to the present invention.
  • the credit quality giving / receiving unit 528 sends / receives points indicating the credit quality of the user 20 to / from other users. Specifically, the credit exchange unit 528 exchanges points with other users based on the member ID managed by the electronic commerce management server 4. The greater the number of people who have received points, the higher the reliability of the user who has received the points. Further, the credit quality giving / receiving unit 528 associates the member IDs of the users to whom credit ratings have been exchanged, and lowers the credit quality of the granting source when the credit quality of the user to whom the credit quality is given decreases. That is, since it affects not only the user but also the trustworthiness of other users, the consciousness of maintaining their own trustworthiness works.
  • the relationship determination unit 530 determines the relationship between member IDs. Specifically, the relationship determination unit 530 determines the parent-child relationship or the kinship relationship of the member ID of the electronic commerce service based on information managed in the personal information management DB 602. For example, in the information managed by the personal information management DB 602, when a member ID such as a plurality of member IDs having the same address but a different name or my number is detected, the relationship determination unit 530 determines the membership ID. ID is considered to be a parent or child or a relative. If it is determined that there is a parent-child relationship, the relationship determination unit 530 determines which member ID is the parent from the date of birth or the like. Instead of the determination by the relationship determination unit 530, the personal information management DB 602 may hold the relationship between the member IDs in advance.
  • the credit rating unit 528 may lend the parent's credit rating to the child.
  • the credit rating associated with the parent member ID may be shared with the child member ID based on the member ID of the electronic commerce service 40.
  • the electronic certification unit 526 sends the parent's credit rating to the online service
  • the electronic certification unit 526 applies the child to the online service for new registration to the parent who has lent the credit rating. Notify that.
  • the electronic certification unit 526 notifies the child online service new registration based on the parent mail address held in the personal information management DB 602 or the member ID of the electronic commerce service 40. This allows the parent to monitor the use of the child's online service.
  • the reliability may be shared. Specifically, the credit rating unit 528 shares the husband's credit with the wife based on the member ID of the electronic commerce service 40. Similar to the borrowing of credit between parents and children, when a wife newly applies for an online service based on the trust of the husband, the electronic certification unit 526 may notify the husband to that effect. Further, whether or not this notification can be made can be changed by setting.
  • the identity verification program 50 and the identity program 55 are installed in the user terminal 2, but the present invention is not limited to this, and may be installed in the electronic commerce management server 4.
  • Relationship determination unit 600 ... Service usage information database 602 ... Personal information management database 604 ... Management information database 606 . Service usage information database 70 ... final order detection unit 702 ... balance request unit 704 ... success determining unit 706 ... settlement request unit 708 ... execution unit 710 ... notification unit 600 .
  • Service usage information database 602 ...
  • Personal information management database 604 ...
  • Management information database 606 ...
  • Service usage information database 70 ... final order detection unit 702 ... balance request unit 704 ... success determining unit 706 ... settlement request unit 708 ... execution unit 710 ... notification unit

Abstract

This identification system comprises: an acquisition unit which acquires, from a plurality of online services, identification completion information indicating that a user has been identified by a plurality of verification organizations for identifying users; an evaluation value generation unit which generates an evaluation value for said identification of the user on the basis of the identification completion information about the user as acquired by the acquisition unit; and an output unit which outputs the evaluation value generated by the evaluation value generation unit. Further, the acquisition unit acquires, as the identification completion information, transaction completion information relating to an online payment service or an online administrative procedure that requires user identification, and the evaluation value generation unit generates an evaluation value for the user on the basis of the number of times the user used an online payment service or an online administrative procedure, and on the basis of completion information relating to each used online payment service or online administrative procedure.

Description

本人確認システム、本人確認装置、本人確認方法、及びプログラムIdentification system, identification apparatus, identification method, and program
 本発明は、本人確認システム、本人確認装置、本人確認方法、及びプログラムに関する。 The present invention relates to an identity verification system, an identity verification device, an identity verification method, and a program.
 例えば、特許文献1には、証券取引口座を開設したい取引者が銀行取引口座を有する銀行取引システムを介して証券取引口座を開設する方法であって、前記銀行取引システムが、ネットワークを通じて接続された前記取引者の操作する端末装置より、証券取引口座開設の要求を受け付けるステップと、前記銀行取引システムが、前記銀行取引システムの利用者の有する銀行取引口座に関する登録情報を格納する口座情報格納部から、前記取引者の有する銀行取引口座に関する登録情報を取得して、前記登録情報を所定のルールと対比して証券取引口座の開設の可否を判定するステップと、前記銀行取引システムが、前記証券取引口座の開設の可否を判定するステップにおいて開設が可能と判定されると、前記端末装置より証券取引口座の開設に必要な情報と口座振替契約についての確認を受け付けるステップと、前記銀行取引システムが、前記口座振替契約についての確認を受け付けると、前記取引者の有する銀行取引口座に関する登録情報に前記口座振替契約の締結を記録し、前記証券取引口座の開設に必要な情報を、前記証券取引口座を開設する証券会社の証券取引システムに送信するステップと、を有することを特徴とする証券取引口座の開設方法が開示されている。 For example, Patent Document 1 discloses a method in which a trader who wants to open a securities transaction account opens a securities transaction account through a bank transaction system having a bank transaction account, and the bank transaction system is connected through a network. A step of accepting a request for opening a securities trading account from a terminal device operated by the trader, and an account information storage unit in which the banking transaction system stores registration information relating to a banking transaction account possessed by a user of the banking transaction system Obtaining registration information relating to a bank transaction account possessed by the trader, determining whether or not to open a securities transaction account by comparing the registration information with a predetermined rule, and the bank transaction system includes the securities transaction If it is determined that opening is possible in the step of determining whether or not an account can be opened, the terminal device opens a securities trading account. A step of accepting confirmation of information necessary for payment and an account transfer contract, and when the bank transaction system accepts confirmation of the account transfer contract, registration information of the bank transfer account of the transaction A method for opening a securities trading account, comprising: recording a conclusion and transmitting information necessary for opening the securities trading account to a securities trading system of a securities company that opens the securities trading account. It is disclosed.
特開2006-53693JP 2006-53693 A
 効率的に本人確認を行う本人確認システムを提供することを目的とする。 The purpose is to provide an identity verification system that efficiently performs identity verification.
 本発明に係る本人確認システムは、本人確認を行う複数の確認機関によりユーザの本人確認が完了していることを示す本人確認済み情報を、複数のオンラインサービスから取得する取得部と、前記取得部により取得されたユーザの本人確認済み情報に基づいて、本人確認の評価値を生成する評価値生成部と、前記評価値生成部により生成された評価値を出力する出力部とを有する。 An identity verification system according to the present invention includes an acquisition unit that acquires identity verification information indicating that user identification has been completed by a plurality of verification organizations that perform identity verification from a plurality of online services, and the acquisition unit. The evaluation value generation unit that generates the evaluation value for the personal identification based on the user-confirmed information acquired by the above and the output unit that outputs the evaluation value generated by the evaluation value generation unit.
 好適には、前記取得部は、本人確認が前提となるオンライン決済サービス又はオンライン行政手続きにおけるトランザクションの完了情報を、前記本人確認済み情報として取得し、前記評価値生成部は、ユーザによる前記オンライン決済サービス又はオンライン行政手続きの利用回数、及び、これらの完了情報に基づいて、当該ユーザの評価値を生成する。 Preferably, the acquisition unit acquires transaction completion information in an online payment service or online administrative procedure on which identity confirmation is a prerequisite as the identity confirmation information, and the evaluation value generation unit is configured to allow the online payment by a user to be performed. The evaluation value of the user is generated based on the use frequency of the service or the online administrative procedure and the completion information thereof.
 好適には、前記評価値生成部は、ユーザが利用した複数のオンラインサービスの本人確認済み情報に基づいて、当該ユーザの評価値を生成し、前記評価値生成部により生成されたユーザの評価値と、ユーザが新規登録を希望する他のオンラインサービスに設定された基準値とを比較して、ユーザの新規登録の可否を判定する新規登録部をさらに有する。 Preferably, the evaluation value generation unit generates an evaluation value of the user based on the identity confirmation information of a plurality of online services used by the user, and the evaluation value of the user generated by the evaluation value generation unit And a reference value set for another online service that the user desires to newly register, and further includes a new registration unit that determines whether or not the user can newly register.
 好適には、複数のオンラインサービスと、評価値の算出要素となる評価要素値とを互いに関連付けて格納する評価要素値格納部をさらに有し、前記取得部は、ユーザの本人確認済み情報と、このユーザが利用したオンラインサービスの識別情報とを取得し、前記評価値生成部は、前記評価要素値格納部に格納されている評価要素値のうち、取得されたオンラインサービスの識別情報に対応する評価要素値に基づいて、評価値を算出する。 Preferably, it further includes an evaluation element value storage unit that stores a plurality of online services and evaluation element values that are evaluation value calculation elements in association with each other. The identification value of the online service used by the user is acquired, and the evaluation value generation unit corresponds to the acquired identification information of the online service among the evaluation element values stored in the evaluation element value storage unit. An evaluation value is calculated based on the evaluation element value.
 好適には、前記取得部は、本人確認が前提となる電子商取引サービスにおけるトランザクションの完了情報を、前記本人確認済み情報として取得し、前記電子商取引サービスにおけるユーザの取引相手から、ユーザとの取引に対する満足度を示す評価要素値の入力を受け付ける満足度受付部をさらに有し、前記評価値生成部は、前記満足度受付部により受け付けた評価要素値に基づいて、当該ユーザの評価値を生成する。 Preferably, the acquisition unit acquires transaction completion information in the electronic commerce service on which identity verification is a premise as the identity verification completed information, and from a user's trading partner in the electronic commerce service, with respect to a transaction with the user. The apparatus further includes a satisfaction receiving unit that receives an input of an evaluation element value indicating satisfaction, and the evaluation value generating unit generates an evaluation value for the user based on the evaluation element value received by the satisfaction receiving unit. .
 好適には、前記取得部は、給与振込サービスにおけるトランザクションの完了情報を、前記本人確認済み情報として取得し、前記給与振込サービスにおける給与の支払元から、ユーザの労務状況に対する満足度を示す評価要素値の入力を受け付ける満足度受付部をさらに有し、前記評価値生成部は、前記満足度受付部により受け付けた評価要素値に基づいて、当該ユーザの評価値を生成する。 Preferably, the acquisition unit acquires transaction completion information in the salary transfer service as the identity confirmation information, and an evaluation element indicating satisfaction with the user's labor situation from the salary payment source in the salary transfer service. A satisfaction level receiving unit that receives an input of a value is further included, and the evaluation value generating unit generates an evaluation value of the user based on the evaluation element value received by the satisfaction level receiving unit.
 好適には、前記満足度受付部は、ソーシャル・ネットワークキング・サービスを介して、満足度を示す評価要素値の入力を受け付ける。 Preferably, the satisfaction level receiving unit receives an input of an evaluation element value indicating the level of satisfaction via the social network king service.
 好適には、各オンラインサービスにおいて決済に使用するユーザの銀行の識別情報に基づいて、前記各オンラインサービスから発行されたユーザの識別情報同士を関連付ける関連付け部をさらに有する。 Preferably, there is further provided an associating unit for associating user identification information issued from each online service with each other based on user bank identification information used for settlement in each online service.
 好適には、同一オンラインサービス内において、決済に使用するユーザの銀行の識別情報に基づいて、同一ユーザが保有する複数の識別情報を検出する重複識別情報検出部
 をさらに有する。 Preferably, the same online service further includes a duplicate identification information detection unit for detecting a plurality of identification information held by the same user based on the identification information of the bank of the user used for payment.
 本発明に係る本人確認装置は、本人確認を行う複数の確認機関によりユーザの本人確認が完了していることを示す本人確認済み情報を、複数のオンラインサービスから取得する取得部と、前記取得部により取得されたユーザの本人確認済み情報に基づいて、本人確認の評価値を生成する評価値生成部と、前記評価値生成部により生成された評価値を出力する出力部とを有する。 An identity verification apparatus according to the present invention includes an acquisition unit that acquires identity verification information indicating that user identification has been completed by a plurality of verification agencies that perform identity verification from a plurality of online services, and the acquisition unit. The evaluation value generation unit that generates the evaluation value for the personal identification based on the user-confirmed information acquired by the above and the output unit that outputs the evaluation value generated by the evaluation value generation unit.
 本発明に係る本人確認方法は、本人確認を行う複数の確認機関によりユーザの本人確認が完了していることを示す本人確認済み情報を、複数のオンラインサービスから取得するステップと、前記取得部により取得されたユーザの本人確認済み情報に基づいて、本人確認の評価値を生成するステップと、前記評価値生成部により生成された評価値を出力するステップとを有する。 The identity verification method according to the present invention includes a step of acquiring identity verification information indicating that the identity verification of the user has been completed by a plurality of verification organizations performing identity verification from a plurality of online services, and the acquisition unit. Based on the acquired user identity confirmation information, the method includes a step of generating an evaluation value for identity verification and a step of outputting the evaluation value generated by the evaluation value generation unit.
 本発明に係るプログラムは、本人確認を行う複数の確認機関によりユーザの本人確認が完了していることを示す本人確認済み情報を、複数のオンラインサービスから取得するステップと、前記取得部により取得されたユーザの本人確認済み情報に基づいて、本人確認の評価値を生成するステップと、前記評価値生成部により生成された評価値を出力するステップとをコンピュータに実行させる。 The program according to the present invention is acquired by a plurality of online services, which is obtained from a plurality of online services, to obtain identity confirmation information indicating that a user's identity has been completed by a plurality of confirmation organizations that perform identity confirmation. The computer causes the computer to execute a step of generating an evaluation value for verifying the identity and a step of outputting the evaluation value generated by the evaluation value generation unit based on the user's identity confirmation information.
 効率的に本人確認を行う本人確認システムを提供することができる。 It is possible to provide an identity verification system that efficiently performs identity verification.
本人確認システム1のハードウェア構成を例示する図である。It is a figure which illustrates the hardware constitutions of the personal identification system. ユーザ端末2のハードウェア構成を例示する図である。It is a figure which illustrates the hardware constitutions of the user terminal. ユーザ端末2の機能構成を例示する図である。3 is a diagram illustrating a functional configuration of a user terminal 2. FIG. 電子商取引管理サーバ4の機能構成を例示する図である。It is a figure which illustrates the function structure of the electronic commerce management server. サービス利用情報DB600に格納されるサービス利用情報を例示する図である。It is a figure which illustrates the service usage information stored in service usage information DB600. 本人確認システム1の本人確認処理(S10)のフローチャートである。It is a flowchart of the personal identification process (S10) of the personal identification system 1. 変形例におけるユーザ端末2の機能構成を例示する図である。It is a figure which illustrates the function structure of the user terminal 2 in a modification.
 以下、本発明の実施形態を、図面を参照して説明する。
 まず、本人確認システム1の概要について説明する。
 本人確認システム1は、公的機関が発行する証明書を提示して、オンラインサービスを受けようとする者が本人であることが証明された後、ユーザがオンラインサービスを利用した取引実績に基づいて、ユーザの評価値を算出する。本発明における本人確認とは、公文書を提示し、サービス申請者が本人であることを確認することをいう。本人確認を取るサービスとして、例えば、銀行口座の開設、クレジットカードの申し込み等が挙げられる。具体的な本人確認方法としては、サービス申請者の氏名、住所、生年月日、性別、顔写真等の個人を特定する情報が記載された運転免許証やパスポートをサービス申請者が提示し、サービス提供者は、これに基づき、本人確認を行う。サービス申請者が本人であると確認が取れた場合に、サービス申請者は、口座の開設や、クレジットカードの所有が可能になる。
 本人確認システム1は、本人確認(身分証明)がなされ、使用許可されたオンラインサービスの種類、数、そして各サービスを利用した取引数に基づいて、ユーザの信用度を測るものである。 Embodiments of the present invention will be described below with reference to the drawings.
First, an outline of the identity verification system 1 will be described.
The identity verification system 1 presents a certificate issued by a public institution and proves that the person who intends to receive the online service is the person himself / herself, and then, based on the transaction results of the user using the online service. The evaluation value of the user is calculated. The identity verification in the present invention means that an official document is presented to confirm that the service applicant is the identity. Examples of services for verifying identity include opening a bank account and applying for a credit card. As a specific identity verification method, the service applicant presents a driver's license or passport with information identifying the individual such as the name, address, date of birth, gender, and facial photo of the service applicant. Based on this, the provider verifies the identity. If it is confirmed that the service applicant is the principal, the service applicant can open an account or own a credit card.
The identity verification system 1 measures the user's trustworthiness based on the type and number of online services that have been verified (identification) and authorized and the number of transactions using each service.
 図1は、本人確認システム1のハードウェア構成を例示する図である。
 図1に例示するように、本人確認システム1は、ユーザ端末2と、銀行勘定系システム3と、電子商取引管理サーバ4とを含む。
 ユーザ端末2は、コンピュータ端末であり、例えば、ユーザ端末2は、パーソナルコンピュータ端末、又は、携帯型コンピュータ端末である。また、ユーザ端末2は、スマートフォン、又は、タブレット型情報端末等であってもよい。さらに、ユーザ端末2は、銀行勘定系システム3及び電子商取引管理サーバ4に、ネットワークを介して接続されている。ユーザ端末2は、特定のユーザ一人が関連付けられており、ユーザ端末2は、銀行及びクレジットカード会社との取引、電子マネーを用いた取引、そして就労先からの給与振込に基づいて、ユーザ端末2のユーザの信用度を測る。ここで、ユーザ端末2のユーザをユーザ20とする。ユーザ20は、事業者であってもよい。 FIG. 1 is a diagram illustrating a hardware configuration of the identification system 1.
As illustrated in FIG. 1, the identity verification system 1 includes a user terminal 2, a bank account system 3, and an electronic commerce management server 4.
The user terminal 2 is a computer terminal. For example, the user terminal 2 is a personal computer terminal or a portable computer terminal. The user terminal 2 may be a smartphone, a tablet information terminal, or the like. Furthermore, the user terminal 2 is connected to the bank account system 3 and the electronic commerce management server 4 via a network. One specific user is associated with the user terminal 2, and the user terminal 2 is based on transactions with banks and credit card companies, transactions using electronic money, and salary transfers from the workplace. Measure the user's trustworthiness. Here, the user of the user terminal 2 is a user 20. The user 20 may be a business operator.
 銀行勘定系システム3は、ユーザ20が開設している口座を有する銀行が管理するコンピュータシステムであり、銀行の勘定処理を行う。ユーザ20の口座は、ユーザ20の就労先からの給与の振り込み、ユーザ20の所有するクレジットカードでの買い物代金の引き落とし等がなされる。銀行勘定系システム3は、ユーザ20の口座において、資金の移動が完了した場合、資金の移動が完了したことをユーザ20へ通知する。
 また、銀行勘定系システム3は、電子商取引管理サーバ4とネットワークを介して接続されており、電子商取引管理サーバ4からの決済要求に応じて、口座振替を実行する。 The bank account system 3 is a computer system managed by a bank having an account opened by the user 20, and performs bank account processing. In the account of the user 20, a salary is transferred from the work place of the user 20, a shopping fee is debited with a credit card owned by the user 20, and the like. When the transfer of funds is completed in the account of the user 20, the bank account system 3 notifies the user 20 that the transfer of funds has been completed.
The bank account system 3 is connected to the electronic commerce management server 4 via a network, and executes account transfer in response to a settlement request from the electronic commerce management server 4.
 電子商取引管理サーバ4は、電子商取引サイト(ECサイト)を介した電子商取引サービス40を管理するコンピュータである。本例のECサイトとは、商品やサービスの売買を行うためのネットワーク上の店舗であり、例えば、ビデオ・オン・デマンドサービスを提供するウェブサイトや、データ放送で配信されるBMLサイトなども含まれる。
 電子商取引管理サーバ4は、電子商取引サービス40における、ユーザ端末2による注文確定操作に基づいて、銀行勘定系システム3に直接決済要求を行う。
 中継サービス5a、5b、情報交換サービス5c、及び情報提供サービス5dは、登録認証を必要とするオンラインサービスであり、ユーザ端末2は、本人確認済みのオンラインサービスにおける利用実績を本人確認情報として送付し、オンラインサービス5により、登録認証を受ける。 The electronic commerce management server 4 is a computer that manages an electronic commerce service 40 via an electronic commerce site (EC site). The EC site in this example is a store on the network for buying and selling goods and services, and includes, for example, a website that provides a video-on-demand service and a BML site that is distributed by data broadcasting. It is.
The electronic commerce management server 4 makes a settlement request directly to the bank account system 3 based on the order confirmation operation by the user terminal 2 in the electronic commerce service 40.
The relay services 5a and 5b, the information exchange service 5c, and the information providing service 5d are online services that require registration authentication, and the user terminal 2 sends the usage results of the online services that have been verified as identity verification information. The online service 5 receives registration authentication.
 図2は、ユーザ端末2のハードウェア構成を例示する図である。
 図2に例示するように、ユーザ端末2のハードウェア構成200は、CPU202、メモリ204、HDD206、ネットワークインタフェース208(ネットワークIF208)、表示装置210、及び、入力装置212を有し、これらの構成はバス214を介して互いに接続している。
 CPU202は、例えば、中央演算装置である。
 メモリ204は、例えば、揮発性メモリであり、主記憶装置として機能する。
 HDD206は、例えば、ハードディスクドライブ装置であり、不揮発性の記録装置としてコンピュータプログラムやその他のデータファイルを格納する。
 ネットワークIF208は、有線又は無線で通信するためのインタフェースであり、インターネットを介した銀行勘定系システム3及び電子商取引管理サーバ4との通信を実現する。
 表示装置210は、例えば、液晶ディスプレイである。
 入力装置212は、例えば、キーボード及びマウスである。 FIG. 2 is a diagram illustrating a hardware configuration of the user terminal 2.
As illustrated in FIG. 2, the hardware configuration 200 of the user terminal 2 includes a CPU 202, a memory 204, an HDD 206, a network interface 208 (network IF 208), a display device 210, and an input device 212. They are connected to each other via a bus 214.
The CPU 202 is, for example, a central processing unit.
The memory 204 is, for example, a volatile memory and functions as a main storage device.
The HDD 206 is, for example, a hard disk drive device, and stores a computer program and other data files as a nonvolatile recording device.
The network IF 208 is an interface for performing wired or wireless communication, and realizes communication with the bank account system 3 and the electronic commerce management server 4 via the Internet.
The display device 210 is a liquid crystal display, for example.
The input device 212 is, for example, a keyboard and a mouse.
 図3は、ユーザ端末2の機能構成を例示する図である。
 図3に例示するように、本人確認システム1には、本人確認プログラム50がインストールされ、サービス利用情報データベース600(サービス利用情報DB600)及び個人情報管理データベース602(個人情報管理DB602)により構成される。
 本人確認プログラム50は、取引結果取得部500、取引数カウント部502、評価値生成部504、電子証明部506、新規登録部508、評価要素値格納部510、満足度受付部512、及び関連付け部514を有する。そして、本人確認プログラム50は、セキュリティ機能として相互認証部516及び読み出し許可部518を有する。 FIG. 3 is a diagram illustrating a functional configuration of the user terminal 2.
As illustrated in FIG. 3, the identity verification program 1 is installed in the identity verification system 1, and includes a service usage information database 600 (service usage information DB 600) and a personal information management database 602 (personal information management DB 602). .
The identity verification program 50 includes a transaction result acquisition unit 500, a transaction count unit 502, an evaluation value generation unit 504, an electronic certification unit 506, a new registration unit 508, an evaluation element value storage unit 510, a satisfaction level reception unit 512, and an association unit. 514. The identity verification program 50 includes a mutual authentication unit 516 and a read permission unit 518 as security functions.
 取引結果取得部500は、本人確認を行う複数の確認機関によりユーザ20の本人確認が完了していることを示す本人確認済み情報を、複数のオンラインサービスから取得する。つまり、取引結果取得部500は、ユーザ20の利用している本人確認済みのオンライン決済サービス又はオンライン行政手続きにおいて成立した取引の結果を取得する。成立した取引の結果とは、就労先からの給与振り込みの通知、クレジットカードによる決済の結果、公共料金の引き落としの通知、及び電子商取引サービス40における取引の結果である。取引結果取得部500は、これらをトランザクションの完了情報として取得する。取引結果取得部500は、本発明に係る取得部の一例である。 The transaction result acquisition unit 500 acquires identity-confirmed information indicating that the identity verification of the user 20 is completed by a plurality of confirmation organizations that perform identity verification from a plurality of online services. That is, the transaction result acquisition unit 500 acquires the result of the transaction established in the online payment service or online administrative procedure that has been verified by the user 20. The result of the established transaction is the result of the transaction in the electronic commerce service 40 and the notification of the salary transfer from the employer, the result of the settlement by the credit card, the notification of the deduction of the utility bill, and the like. The transaction result acquisition unit 500 acquires these as transaction completion information. The transaction result acquisition unit 500 is an example of an acquisition unit according to the present invention.
 より具体的には、就労先からユーザ20の銀行口座に給与が振り込まれた場合、銀行からユーザ端末2に、給与振込のトランザクションが完了したこと、すなわち、振込通知がなされる。取引結果取得部500は、この振込通知を受け付ける。また、同様に、クレジットカードの決済についても、クレジットカードの引き落としのトランザクションが成功した場合、クレジットカード会社からユーザ端末2へ引き落とし通知がなされ、取引結果取得部500は、この引き落とし通知を取得する。さらに、電子商取引サービスにおいて商品を購入した場合は、電子商取引管理サーバ4からユーザ端末2へ銀行の引き落としが成功したか否かの通知がなされ、取引結果取得部500は、この決済結果を受け付ける。
 また、取引結果取得部500は、ユーザ20が利用したオンラインサービスの識別情報を取得する。これにより、本人確認済み情報がどのオンラインサービスに関連づいているか判別可能である。識別情報とは、例えば銀行コードのように、オンラインサービスを一意に特定できる情報を示す。 More specifically, when the salary is transferred from the work place to the bank account of the user 20, the fact that the salary transfer transaction is completed from the bank to the user terminal 2, that is, a transfer notification is made. Transaction result acquisition unit 500 accepts this transfer notification. Similarly, in the case of credit card settlement, when a credit card withdrawal transaction is successful, a credit card company sends a withdrawal notice to the user terminal 2, and the transaction result acquisition unit 500 obtains this withdrawal notice. Further, when a product is purchased in the electronic commerce service, the electronic commerce management server 4 notifies the user terminal 2 whether or not the bank withdrawal has been successful, and the transaction result acquisition unit 500 accepts the settlement result.
Moreover, the transaction result acquisition unit 500 acquires the identification information of the online service used by the user 20. As a result, it is possible to determine which online service the identified information is associated with. The identification information indicates information that can uniquely specify an online service, such as a bank code.
 取引数カウント部502は、取引結果取得部500により取得したトランザクションの完了情報をサービス毎にカウントする。具体的には、取引数カウント部502は、取引結果取得部500により取得された、トランザクションの完了情報と識別情報とに基づいて、サービス利用情報DB600のサービス利用情報を更新する。
 評価値生成部504は、ユーザ20によるオンライン決済サービス又はオンライン行政手続きの利用回数、及び、これらの完了情報に基づいて、ユーザ20の評価値を生成する。また、評価値生成部504は、ユーザ20が利用した複数のオンラインサービスの本人確認済み情報に基づいて、ユーザ20の評価値を生成する。具体的には、評価値生成部504は、取引数カウント部502によりカウントされたユーザ20の本人確認済み情報に基づいて、本人確認の評価値を生成する。
 また、評価値生成部504は、評価要素値格納部510に格納されている評価要素値のうち、取得されたオンラインサービスの識別情報に対応する評価要素値に基づいて、評価値を算出する。具体的には、オンラインサービス毎に評価要素値が設定され、サービスのユーザ数、または認知度が高いほど評価要素値は高く、また、行政手続きも評価要素値は高く設定されている。社会的に信用度の高いサービスを利用するほどユーザ20の評価値も高くなり、評価値が上がる。
 また、評価値生成部504は、満足度受付部512(後述)により受け付けた評価要素値に基づいて、ユーザ20の評価値を生成する。
 評価値生成部504により計算された評価値は、ユーザ端末2のユーザ20の本人確認情報としてサービス利用情報DB600に格納される。サービス利用情報DB600は、ユーザ端末2が保持してもよいし、ユーザ端末2に直接接続されるセットトップボックス、またはUSBメモリが保持してもよい。 The transaction count unit 502 counts the transaction completion information acquired by the transaction result acquisition unit 500 for each service. Specifically, the transaction count unit 502 updates the service usage information in the service usage information DB 600 based on the transaction completion information and identification information acquired by the transaction result acquisition unit 500.
The evaluation value generation unit 504 generates an evaluation value for the user 20 based on the number of times the user 20 uses the online payment service or online administrative procedure and the completion information thereof. In addition, the evaluation value generation unit 504 generates an evaluation value for the user 20 based on the identity confirmation information of a plurality of online services used by the user 20. Specifically, the evaluation value generation unit 504 generates an evaluation value for identity verification based on the user 20 identity confirmation information counted by the transaction count unit 502.
Also, the evaluation value generation unit 504 calculates an evaluation value based on the evaluation element value corresponding to the acquired online service identification information among the evaluation element values stored in the evaluation element value storage unit 510. Specifically, an evaluation factor value is set for each online service. The higher the number of users or the degree of recognition of the service, the higher the evaluation factor value, and the administrative procedure also has a higher evaluation factor value. The higher the socially reliable service is used, the higher the evaluation value of the user 20 increases.
Further, the evaluation value generation unit 504 generates an evaluation value for the user 20 based on the evaluation element value received by the satisfaction level reception unit 512 (described later).
The evaluation value calculated by the evaluation value generation unit 504 is stored in the service usage information DB 600 as the identity confirmation information of the user 20 of the user terminal 2. The service usage information DB 600 may be held by the user terminal 2, or may be held by a set top box or USB memory directly connected to the user terminal 2.
 電子証明部506は、評価値生成部504により生成された評価値を出力する。具体的には、電子証明部506は、ユーザ端末2により申請された電子サービスの申し込みの際、本人確認情報として評価値を通知する。電子証明部506は、本発明に係る出力部の一例である。これにより、電子サービスを利用する際、信用度の高い本人確認が簡便になされる。
 電子証明部506は、評価値を暗号化して電子サービス5へ通知する。また、電子証明部506は、相互認証部516(後述)または読み出し許可部518(後述)により許可された場合に、本人確認情報を通知してもよいし、相互認証部516(後述)及び読み出し許可部518(後述)による許可された場合に、本人確認情報を通知してもよい。
 また、電子証明部506は、電子サービス5の申請時に個人情報と本人確認情報とを送付してもよい。これにより、ユーザ20が電子サービス5へ新規登録する際、個人情報をフォームに記入する手間が省け、さらに、合わせて電子証明を送付するため、本人確認も可能となる。個人情報管理DB602には、ユーザ20の電子商取引サービス40のID、携帯電話番号、個人情報(名前、郵便番号及び住所、マイナンバー)、メールアドレスを保持する。個人情報管理DB602は、ユーザ端末2が保持してもよいし、ユーザ端末2に直接接続されるセットトップボックス、またはUSBメモリが保持してもよい。 The electronic certification unit 506 outputs the evaluation value generated by the evaluation value generation unit 504. Specifically, the electronic certification unit 506 notifies the evaluation value as the personal identification information when applying for the electronic service applied by the user terminal 2. The electronic certification unit 506 is an example of an output unit according to the present invention. Thereby, when using an electronic service, a highly reliable identity verification is easily performed.
The electronic certification unit 506 encrypts the evaluation value and notifies the electronic service 5 of it. In addition, the electronic certification unit 506 may notify the identity verification information when the mutual authentication unit 516 (described later) or the read permission unit 518 (described later) permits, or the mutual authentication unit 516 (described later) and read. When the permission is permitted by the permission unit 518 (described later), identification information may be notified.
In addition, the electronic certification unit 506 may send personal information and identification information when applying for the electronic service 5. As a result, when the user 20 newly registers with the electronic service 5, it is possible to save the trouble of filling in the personal information on the form and to send the electronic certificate together, so that the identity can be confirmed. The personal information management DB 602 holds the ID of the electronic commerce service 40 of the user 20, a mobile phone number, personal information (name, postal code and address, my number), and mail address. The personal information management DB 602 may be held by the user terminal 2, or may be held by a set top box or USB memory directly connected to the user terminal 2.
 新規登録部508は、評価値生成部504により生成されたユーザ20の評価値と、ユーザ20が新規登録を希望する他のオンラインサービスに設定された基準値とを比較して、ユーザ20の新規登録の可否を判定する。
 評価要素値格納部510は、複数のオンラインサービスと、評価値の算出要素となる評価要素値とを互いに関連付けて格納する。 The new registration unit 508 compares the evaluation value of the user 20 generated by the evaluation value generation unit 504 with the reference value set for the other online service that the user 20 desires to newly register, so that the new registration of the user 20 Judge whether registration is possible.
The evaluation element value storage unit 510 stores a plurality of online services and evaluation element values serving as evaluation value calculation elements in association with each other.
 満足度受付部512は、電子商取引サービスにおけるユーザ20の取引相手から、ユーザ20との取引に対する満足度を示す評価要素値の入力を受け付ける。具体的には、電子商取引サービスにおいて、残高不足で引き落としが完了できなかったことが一度もない等のユーザ20の評価を評価要素値として受け付ける。
 また、満足度受付部512は、給与振込サービスにおける給与の支払元から、ユーザ20の労務状況に対する満足度を示す評価要素値の入力を受け付ける。具体的には、満足度受付部512はソーシャル・ネットワーキング・サービス(SNS)を介して、満足度を受け付ける。例えば、就労先とユーザ20とがFacebook(登録商標)のアカウントを保持しており、ユーザ20のページに就労先からコメントがあった場合、これは、就労先でユーザ20が就労していることが推測されるものであり、結果、ユーザ20の社会的信用に繋がる。つまり、満足度受付部512は、ユーザ20が利用するSNSにおいて他のアカウントからのアクセスを評価要素値として受け付け、サービス利用情報に更新する。 The satisfaction level reception unit 512 receives an input of an evaluation element value indicating a level of satisfaction with a transaction with the user 20 from a transaction partner of the user 20 in the electronic commerce service. Specifically, in the electronic commerce service, the evaluation of the user 20 such that the withdrawal has not been completed due to a shortage of balance has been accepted as an evaluation element value.
In addition, the satisfaction level reception unit 512 receives an input of an evaluation element value indicating the satisfaction level with respect to the labor situation of the user 20 from a salary payment source in the salary transfer service. Specifically, the satisfaction level reception unit 512 receives the satisfaction level via a social networking service (SNS). For example, if the work place and the user 20 have a Facebook account, and there is a comment from the work place on the user 20 page, this means that the user 20 is working at the work place. As a result, it leads to the social trust of the user 20. That is, the satisfaction level reception unit 512 receives an access from another account as an evaluation factor value in the SNS used by the user 20 and updates the service usage information.
 さらに、SNSを介して評価要素値を受け付けることは、ユーザ20と、評価要素値の送信相手(取引相手)との関係性を図ることに繋がる。例えば、ユーザ端末2がSNSを介したコメントを受け付けた場合、ユーザ20とユーザ20に対してコメントを送信した相手とは何らかの繋がりがあり、SNSのIDを交換したことが推測される。つまり、ユーザ20とコメントの送信相手(取引相手)には面識があったとみなすことができる。したがって、SNSを介して評価要素値を受け付けることは、ユーザ20とSNSにおける通信相手との面識の有無の判断基準となり得る。これにより、ユーザ20が電子商取引管理サーバ4を介して送金指示を行った場合、送金相手との面識の有無に基づいて、送金が正当なものである否か、例えば、詐欺の可能性があるか否かを判断することが可能になる。 Furthermore, accepting the evaluation element value via the SNS leads to the relationship between the user 20 and the transmission partner (transaction partner) of the evaluation element value. For example, when the user terminal 2 receives a comment via SNS, it is presumed that there is some connection between the user 20 and the partner who transmitted the comment to the user 20, and the SNS ID has been exchanged. That is, it can be considered that the user 20 and the transmission partner (transaction partner) of the comment were acquainted. Therefore, accepting the evaluation element value via the SNS can be a criterion for determining whether or not the user 20 is in contact with the communication partner in the SNS. Thereby, when the user 20 gives a remittance instruction via the electronic commerce management server 4, whether or not the remittance is valid based on whether or not the remittance is known with the remittance partner, for example, there is a possibility of fraud. It becomes possible to determine whether or not.
 関連付け部514は、各オンラインサービスにおいて決済に使用するユーザ20の銀行の識別情報に基づいて、前記各オンラインサービスから発行されたユーザ20の識別情報同士を関連付ける。具体的には、ユーザ端末2は、銀行口座と関連付けられたシステム内IDを保持し、システム内IDは、Aオンラインサービスにおける決済に使用されており、銀行勘定系システム3と共有されている。また、Bオンラインサービスにおける決済にも同じ銀行口座が使用されており、同じシステム内IDを使用して決済が行われている。つまり、ユーザ20のシステム内IDを介して、AオンラインサービスのIDとBオンラインサービスのIDとが関連付けられる。また、マイナンバーを使用するオンラインサービスにおいて、同じシステム内IDを使用して銀行で決済を行った場合、システム内IDに基づいて、ユーザ20の銀行のIDと、マイナンバーと、AオンラインサービスのIDとを関連付けることができる。つまり、オンラインサービスのIDの所有者が本人であることの確実性が増し、評価値が上がる。 The associating unit 514 associates the identification information of the user 20 issued from each online service based on the identification information of the bank of the user 20 used for payment in each online service. Specifically, the user terminal 2 holds an in-system ID associated with a bank account, and the in-system ID is used for settlement in the A online service and is shared with the bank account system 3. Further, the same bank account is used for the payment in the B online service, and the payment is performed using the same in-system ID. That is, the ID of the A online service and the ID of the B online service are associated with each other via the in-system ID of the user 20. In addition, in the online service using My Number, when payment is made at the bank using the same in-system ID, based on the in-system ID, the bank ID of the user 20, the My Number, and the A Online Service An ID can be associated. In other words, the certainty that the owner of the online service ID is the principal increases, and the evaluation value increases.
 相互認証部516は、本人確認情報の読み出しの条件として、ユーザ端末2とユーザ端末2に接続されたUSBとの組み合わせが正しいか否かを判断する。具体的には、ユーザ端末2のアプリケーションプログラム内のソースコードと、ユーザ端末2に接続されたUSB内のプログラム内のソースコードとの対応関係が正しいか否かを判断する。さらに具体的には、ユーザ端末2内のアプリケーションプログラムまたは、ユーザ端末2を介して電子サービス5を提供するサイトへアクセスした際に取得するHTMLファイル内に親プログラムとして認証鍵を組み込んでおく。そして、USB内にも子プログラムとして認証鍵を組み込む。認証鍵が組み込まれたUSBがユーザ端末2へ接続された際、相互認証部516は、両者の対応関係が正しいか判定し、正しい場合に、認証に成功したと判断し、サービス利用情報または個人情報へのアクセスを許可する。これにより、サービス利用情報を格納したUSBが紛失した場合でも、そのUSBだけでは本人確認情報または個人情報を読み出すことが不可能となる。 The mutual authentication unit 516 determines whether the combination of the user terminal 2 and the USB connected to the user terminal 2 is correct as a condition for reading the personal identification information. Specifically, it is determined whether or not the correspondence between the source code in the application program of the user terminal 2 and the source code in the program in the USB connected to the user terminal 2 is correct. More specifically, an authentication key is incorporated as a parent program in an HTML file acquired when an application program in the user terminal 2 or a site providing the electronic service 5 is accessed via the user terminal 2. Then, an authentication key is incorporated in the USB as a child program. When the USB in which the authentication key is embedded is connected to the user terminal 2, the mutual authentication unit 516 determines whether or not the correspondence between the two is correct. Allow access to information. As a result, even if the USB storing the service usage information is lost, it becomes impossible to read the personal identification information or the personal information only with the USB.
 読み出し許可部518は、ユーザ端末2のMACアドレスと、USBメモリのデバイスIDと、ユーザ端末2または、ユーザ端末2をインターネットへと中継する機器のIPアドレスとに基づいて、USBメモリからの本人確認情報の読み出しを許可する。具体的には、読み出し許可部518は、ユーザ端末2のMACアドレスと、USBメモリのデバイスIDと、ユーザ端末2または、ユーザ端末2をインターネットへと中継する機器のIPアドレスとを収集する。読み出し許可部518は、既定値として保持している、読み出し許可するこれらの機器情報の組み合せと、収集した機器情報とが一致するか否かを判断する。IPアドレスは、IPv6であることを前提とする。
 なお、本人確認プログラム50の一部又は全部は、ASICなどのハードウェアにより実現されてもよい。また、本人確認プログラム50は、例えば、CD-ROMなどの記録媒体に格納されており、この記録媒体を介してインストールされる。 The read permission unit 518 confirms the identity from the USB memory based on the MAC address of the user terminal 2, the device ID of the USB memory, and the IP address of the device that relays the user terminal 2 or the user terminal 2 to the Internet. Allows reading of information. Specifically, the read permission unit 518 collects the MAC address of the user terminal 2, the device ID of the USB memory, and the IP address of the user terminal 2 or a device that relays the user terminal 2 to the Internet. The read permission unit 518 determines whether the combination of these pieces of device information permitted to be read, which is held as a default value, matches the collected device information. It is assumed that the IP address is IPv6.
Part or all of the identity verification program 50 may be realized by hardware such as ASIC. The identity verification program 50 is stored in a recording medium such as a CD-ROM, for example, and is installed via this recording medium.
 図4は、電子商取引管理サーバ4の機能構成を例示する図である。
 図4に例示するように、電子商取引管理サーバ4には電子商取引管理プログラム70がインストールされ、管理情報データベース604(管理情報DB604)により構成される。
 電子商取引管理プログラム70は、注文確定検知部700、残高要求部702、成否判定部704、決済要求部706、実行部708、及び通知部710を有する。なお、本プログラムの一部又は全部は、ASIC(Application Specific Integrated Circuit)などのハードウェアによって実現されてもよく、また、OS(Operating System)の機能を一部借用して実現されてもよい。
 管理情報DB604では電子商取引サービス40の会員ID、会員の携帯電話番号、及び確定した取引情報に加え、電子商取引サービス40を利用する会員の銀行口座に関連付けられるシステム内IDを保持する。システム内IDとは、電子商取引管理サーバ4内で銀行口座を識別するための情報であり、電子商取引サービス40の会員IDに関連付けられている。システム内IDは、銀行勘定系システム3aにも保持され、システム内IDに基づいて、口座を特定できる。 FIG. 4 is a diagram illustrating a functional configuration of the electronic commerce management server 4.
As illustrated in FIG. 4, an electronic commerce management program 70 is installed in the electronic commerce management server 4 and includes a management information database 604 (management information DB 604).
The electronic commerce management program 70 includes an order confirmation detection unit 700, a balance request unit 702, a success / failure determination unit 704, a settlement request unit 706, an execution unit 708, and a notification unit 710. Part or all of this program may be realized by hardware such as ASIC (Application Specific Integrated Circuit), or may be realized by borrowing a part of OS (Operating System) functions.
In the management information DB 604, in addition to the member ID of the electronic commerce service 40, the mobile phone number of the member, and the confirmed transaction information, an in-system ID associated with the bank account of the member who uses the electronic commerce service 40 is held. The in-system ID is information for identifying a bank account in the electronic commerce management server 4 and is associated with the member ID of the electronic commerce service 40. The in-system ID is also held in the bank account system 3a, and an account can be specified based on the in-system ID.
 残高要求部702は、注文確定検知部700により、注文が確定したことを検知された場合に、発注者の会員IDに対応するシステム内IDに基づいて、銀行口座の残高確認を銀行勘定系システム3aへ要求する。
 成否判定部704は、銀行勘定系システム3aから通知された残高と取引予定額とに基づいて取引の成否を判定する。
 決済要求部706は、発注者の会員IDに関連付けられた銀行口座(銀行勘定系システム3a)に対して、発注者のシステム内IDと、受注者のシステム内IDと、取引代金とを通知し、決済に要する資金の移動を要求する。
 実行部708は、決済要求部706の要求に応じて、発注者の会員IDに関連付けられた銀行口座に資金移動を実行する。
 通知部710は、実行部708による資金の移動の実行の成否の通知(トランザクションの完了)を銀行勘定系システム3aより受け付け、その旨をユーザ端末2へ通知する。
 このように銀行勘定系システム3aを含む本人確認システム1では、電子商取引管理サーバ4が銀行勘定系システム3aに直接接続されていることにより、成立した取引の即時口座振替による銀行決済が実現されるため、サービス利用情報の即時更新が可能である。 When the order confirmation detection unit 700 detects that the order has been confirmed, the balance request unit 702 checks the balance of the bank account based on the in-system ID corresponding to the orderer's member ID. Request to 3a.
The success / failure determination unit 704 determines the success / failure of the transaction based on the balance notified from the bank account system 3a and the planned transaction amount.
The settlement request unit 706 notifies the bank account (bank account system 3a) associated with the orderer's member ID of the orderer's in-system ID, the orderer's in-system ID, and the transaction price. Request the transfer of funds required for settlement.
The execution unit 708 executes the transfer of funds to the bank account associated with the member ID of the orderer in response to a request from the settlement request unit 706.
The notification unit 710 receives from the bank account system 3a a notification (successful completion) of the transfer of funds by the execution unit 708, and notifies the user terminal 2 accordingly.
As described above, in the identity verification system 1 including the bank account system 3a, the electronic commerce management server 4 is directly connected to the bank account system 3a, thereby realizing bank settlement by immediate account transfer of the established transaction. Therefore, the service usage information can be updated immediately.
 図5は、サービス利用情報を例示する図である。
 図5に例示するように、サービス利用情報には、ユーザ20が提供を受けているオンラインサービスと、各サービスにおける成立取引数と、評価要素値とが関連付けられている。ここでいうオンラインサービスとは、ユーザ20の本人確認を行った後に利用が許可されたオンラインサービスをいう。成立取引数は、各オンラインサービスを利用した決済、引き落とし、振込等が完了した取引の数である。評価要素値とは、各オンラインサービスの認知度、ユーザ数等に応じた重要度を示す値であり、電子商取引相手または就労先からの満足度も含まれる。評価値生成部504は、成立取引数及び評価要素値に基づいて評価値を算出する。また、評価値生成部504は、評価値を算出するにあたり、残高不足で引き落としが出来なかった等を考慮して取引の成功率や、取引頻度を示す評価要素値を加味してもよい。さらに、サービス利用情報における、給与振込サービスでは、労務状況を記録してもよく、評価値生成部504は、労務状況を加味して評価値を算出してもよい。 FIG. 5 is a diagram illustrating service usage information.
As illustrated in FIG. 5, in the service usage information, an online service provided by the user 20, the number of successful transactions in each service, and an evaluation factor value are associated. The online service here refers to an online service that is allowed to be used after the user 20 has been verified. The number of successful transactions is the number of transactions for which settlement, withdrawal, transfer, etc. using each online service has been completed. The evaluation factor value is a value indicating the degree of importance according to the degree of recognition of each online service, the number of users, and the like, and also includes the degree of satisfaction from an electronic commerce partner or a workplace. The evaluation value generation unit 504 calculates an evaluation value based on the number of established transactions and the evaluation element value. Further, when calculating the evaluation value, the evaluation value generation unit 504 may consider the success factor of the transaction and the evaluation element value indicating the transaction frequency in consideration of the fact that the balance could not be withdrawn. Furthermore, in the salary transfer service in the service usage information, the labor situation may be recorded, and the evaluation value generation unit 504 may calculate the evaluation value in consideration of the labor situation.
 図6は、本人確認システム1の本人確認処理(S10)のフローチャートである。
本人確認処理(S10)では、電子商取引サービスにおいて商品を購入した場合について説明する。
 図6に例示するように、ステップ100(S100)において、取引結果取得部500は、電子商取引管理サーバ4から取引の決済の成否の通知を受け付ける。
 ステップ105(S105)において、取引数カウント部502は、取引結果取得部500により受け付けた決済の成否をオンラインサービスの識別情報に基づいて、サービス利用情報DB600へ更新する。
 ステップ110(S110)において、評価値生成部504は、取引数カウント部502により更新されたサービス利用情報DB600の情報に基づいて、ユーザ20の評価値を取引数及び評価要素値に基づいて算出し、サービス利用情報DB600へ格納する。
 ステップ115(S115)において、ユーザ20が電子サービス5を申請し、本人確認が求められた場合に、本人確認処理(S10)は、S120へ移行し、それ以外の場合は、本人確認処理(S10)は、終了する。
 ステップ120(S120)において、新規登録部508は、新規登録する電子サービス5において、登録許可される評価値の基準値と、ユーザ20の評価値とを比較する。ユーザ20の評価値が新規登録を希望するオンラインサービスの評価値の基準値以上であれば、新規登録部508は、S125へ移行し、ユーザ20の評価値が基準値を下回っていれば、本人確認処理(S10)は、終了する。
 ステップ125(S125)において、電子証明部506は、電子サービス5へ算出した評価値を暗号化して電子証明として送信する。
 このように、本人確認済みのサービスの利用状況に基づいて本人確認がなされることにより、公文書を提示することなく、本人確認が可能となり、中継サービス5の申し込み手続き完了までの時間が短縮される。 FIG. 6 is a flowchart of the identity verification process (S10) of the identity verification system 1.
In the identity verification process (S10), a case where a product is purchased in the electronic commerce service will be described.
As illustrated in FIG. 6, in step 100 (S <b> 100), the transaction result acquisition unit 500 receives a notification of success or failure of transaction settlement from the electronic commerce management server 4.
In step 105 (S105), the transaction count unit 502 updates the success / failure of the settlement accepted by the transaction result acquisition unit 500 in the service usage information DB 600 based on the online service identification information.
In step 110 (S110), the evaluation value generation unit 504 calculates the evaluation value of the user 20 based on the number of transactions and the evaluation element value based on the information in the service usage information DB 600 updated by the transaction number counting unit 502. And stored in the service usage information DB 600.
In step 115 (S115), when the user 20 applies for the electronic service 5 and the identity confirmation is requested, the identity confirmation processing (S10) proceeds to S120. Otherwise, the identity confirmation processing (S10 ) Ends.
In step 120 (S120), the new registration unit 508 compares the reference value of the evaluation value permitted to be registered with the evaluation value of the user 20 in the electronic service 5 to be newly registered. If the evaluation value of the user 20 is equal to or higher than the reference value of the evaluation value of the online service desired to be newly registered, the new registration unit 508 proceeds to S125, and if the evaluation value of the user 20 is below the reference value, The confirmation process (S10) ends.
In step 125 (S125), the electronic certification unit 506 encrypts the calculated evaluation value to the electronic service 5 and transmits it as an electronic certification.
In this way, identity verification is performed based on the usage status of a service for which identity verification has been performed, so that identity verification can be performed without presenting an official document, and the time until the application procedure for the relay service 5 is completed is shortened. The
 以上説明したように、本人確認システム1は、本人確認済みの利用サービスに基づいて本人の信用度を証明する。これにより、ユーザは、電子有料サービス等の申請時に、新規登録手続をする際、本人確認手続きを行うことなく、本人確認システム1による信用度を示す評価値を電子証明として使用することができる。また、本人確認済みの利用サービス数及び取引数が増加するにつれ、本人確認システム1による信用度は増すため、ユーザが能動的にこれらを増やすことで信用度を上げることができる。つまり、本人確認システム1には、ユーザにとって更なる実績を重ねて信用度を上げる楽しみがあり、ユーザのモチベーションを上げる効果が期待できる。
 また、公的文書を提示してサービス提供を受ける銀行やクレジットカード会社との取引実績に基づいているため、評価値の信用度が高い。そして、従来では、一つのサービスに対して本人確認は、ユーザ自身による公文書の提示においてなされるが、本確認システム1の電子証明は、複数のサービス提供機関が本人確認済みであることを証明するものであるため、なりすましの可能性が低くなる。
 そして、本人確認システム1は、電子証明として公文書を送付するのではなく、信用度を示す評価値であるため、ユーザからすれば、個人情報を秘匿したままで信用度を証明することができ、個人情報漏洩のリスクに晒されることがない。 As described above, the identity verification system 1 proves the authenticity of the identity based on the service that has been identified. Thereby, the user can use the evaluation value which shows the creditworthiness by the principal confirmation system 1 as an electronic certificate, without performing a principal confirmation procedure, when performing a new registration procedure at the time of application for an electronic pay service. Further, as the number of used services and the number of transactions with which the identity has been confirmed increases, the reliability of the identity verification system 1 increases. Therefore, the user can increase the reliability by actively increasing these. That is, the identity verification system 1 has the pleasure of increasing the reliability by further accumulating results for the user, and can be expected to increase the user's motivation.
In addition, the credit rating of the evaluation value is high because it is based on a transaction record with a bank or a credit card company that provides services by presenting an official document. Conventionally, identity verification for one service is performed by presenting an official document by the user himself. However, electronic verification of the verification system 1 proves that a plurality of service providing organizations have been verified. This reduces the possibility of impersonation.
And since the identity verification system 1 does not send an official document as an electronic certificate but is an evaluation value indicating the trustworthiness, it is possible for the user to prove the trustworthiness while keeping the personal information confidential. There is no risk of information leakage.
変形例Modified example
 次に、上記実施形態の変形例を説明する。
 図7は、変形例におけるユーザ端末2の機能構成を例示する図である。
 なお、本図に示された各構成のうち、図3に示された構成と実質的に同一のものには同一の符号が付されている。
 変形例1の本人確認プログラム55は、図3に示された本人確認プログラム50に、真正度生成部520、信用度生成部522、重複ID検出部524、電子証明部526、信用度授受部528、関係性判定部530、及びサービス利用情報DB606を追加した構成をとる。
 上記実施形態では、評価値を、本人であることの信用度、及びユーザ20の信用度として利用しているが、これに限定されず、これらを個別の指標として管理してもよい。
 具体的には、サービス利用情報DB606には、本人であることの確実性を図る真正度、及びユーザ20が取引相手として信用に足る人物であるか否かを図る信用度とを管理する。図7に例示するように、真正度生成部520は、取引実績と取引相手の社会的信用度とに基づいて、本人であることの確実性を示す真正度として評価値を算出する。
 信用度生成部522は、少なくとも、ユーザ20の労務状況(勤続年数、遅刻欠勤回数、及び就労態度等)、取引状況(取引回数、支払能力、及び取引が完了するまでに要した期間等)、又は、SNSを介した通信記録(例えば、招待を受けることが要件となるグループに参加している、社会的に信用度の高い企業との通信等)を満足度受付部512によりポイントとして受け付け、受け付けたポイントに基づいて信用度を算出する。 Next, a modification of the above embodiment will be described.
FIG. 7 is a diagram illustrating a functional configuration of the user terminal 2 in the modified example.
It should be noted that among the components shown in the figure, the same reference numerals are given to the components that are substantially the same as those shown in FIG.
The identity verification program 55 of the first modified example is similar to the identity verification program 50 shown in FIG. 3 in that the authenticity generation unit 520, the credit generation unit 522, the duplicate ID detection unit 524, the electronic certification unit 526, the credit transfer unit 528, The structure which added the sex determination part 530 and service utilization information DB606 is taken.
In the above embodiment, the evaluation value is used as the creditworthiness of the person and the creditworthiness of the user 20, but the present invention is not limited to this, and these may be managed as individual indexes.
Specifically, the service usage information DB 606 manages the authenticity for ensuring the authenticity of the person and the trustworthiness for determining whether or not the user 20 is a reliable person as a trading partner. As illustrated in FIG. 7, the authenticity generation unit 520 calculates an evaluation value as the authenticity indicating the certainty of the person himself / herself based on the transaction record and the social credibility of the counterparty.
The credit generation unit 522 is at least the labor status of the user 20 (year of service, number of late absenteeism, working attitude, etc.), transaction status (number of transactions, payment ability, period required to complete the transaction, etc.), or , Received a record of communication via SNS (for example, communication with a company with high social credibility that participates in a group that requires an invitation) as a point by the satisfaction reception unit 512 Credit rating is calculated based on points.
 その他、信用度生成部522は、例えば、ユーザ20が既婚の場合には、家庭を守る責任を負うため、信用度のポイントが加算されるようにしてもよい。また、電子商取引サービス40のIDに基づいて、電子商取引管理サーバ4により、固定資産税の振り込みまたは口座の引き落としを行った場合、信用度生成部522は、納税額に応じて信用度のポイントを加算してもよい。信用度生成部522は、公共料金の支払い(電気料金、ガス料金、または水道料金)を電子商取引サービス40のIDに基づいて行っている場合も、信用度のポイントを加算してもよい。 Other than that, for example, when the user 20 is married, the credit generation unit 522 may be responsible for protecting the home, and thus credit points may be added. Further, when the electronic commerce management server 4 transfers the property tax or withdraws the account based on the ID of the electronic commerce service 40, the credit generation unit 522 adds credit points according to the tax payment amount. May be. The credit generation unit 522 may add credit points even when paying public charges (electricity charges, gas charges, or water charges) based on the ID of the electronic commerce service 40.
 電子証明部526は、真正度生成部520により生成された真正度及び、信用度生成部522により生成された信用度を、ユーザ端末2により申請されたオンラインサービスへ通知する。つまり、ユーザ20が新規にオンラインサービスに登録する場合、自身の個人情報と共に真正度と信用度とを証明書として添付することができ、取引相手として相応しいことを証明できる。また、オンラインサービスの提供側は、真正度と信用度に基づいて、ユーザ20の登録の可否を容易に判断することができる。 The electronic certifying unit 526 notifies the authenticity generated by the authenticity generating unit 520 and the credit generated by the credit generating unit 522 to the online service applied by the user terminal 2. That is, when the user 20 newly registers with the online service, the authenticity and the trustworthiness can be attached together with his / her personal information as a certificate, and it can be proved that the user 20 is suitable as a trading partner. Also, the online service provider can easily determine whether or not the user 20 can register based on authenticity and trustworthiness.
 重複ID検出部524は、同一オンラインサービス内において、決済に使用するユーザの銀行の識別情報に基づいて、同一ユーザの所有する複数の識別情報を検出する。具体的には、重複ID検出部524は、電子商取引サービス40において決済に使用する、システム内IDに関連付けられる会員IDを検出する。つまり、重複ID検出部524は、特定のシステム内IDに対して電子商取引サービス40の複数の会員IDが関連付けられていることを検出する。これにより、ユーザ20が電子商取引サービス40に対して複数の会員IDを所有していることが判明する。重複ID検出部524は、本発明に係る重複識別情報検出部の一例である。 The duplicate ID detection unit 524 detects a plurality of identification information owned by the same user based on the identification information of the bank of the user used for payment within the same online service. Specifically, the duplicate ID detection unit 524 detects a member ID associated with the in-system ID used for settlement in the electronic commerce service 40. That is, the duplicate ID detection unit 524 detects that a plurality of member IDs of the electronic commerce service 40 are associated with a specific in-system ID. Thereby, it becomes clear that the user 20 possesses a plurality of member IDs for the electronic commerce service 40. The duplicate ID detection unit 524 is an example of a duplicate identification information detection unit according to the present invention.
 信用度授受部528は、ユーザ20の信用度を示すポイントを他のユーザと授受する。具体的には、信用度授受部528は、電子商取引管理サーバ4において管理される会員IDに基づいて、他のユーザとポイントの授受を行う。ポイントを受け取った人数が多いほどポイントを受け取ったユーザの信頼度が高いことを示す。さらに、信用度授受部528は、信用度の授受が行われたユーザの会員ID同士を関連付けており、信用度の授け先のユーザの信用度が下がると、授け元の信用度を下げる。つまり、自身だけでなく他のユーザの信用度にまで影響を与えるため、自身の信用度を保とうとする意識が働く。 The credit quality giving / receiving unit 528 sends / receives points indicating the credit quality of the user 20 to / from other users. Specifically, the credit exchange unit 528 exchanges points with other users based on the member ID managed by the electronic commerce management server 4. The greater the number of people who have received points, the higher the reliability of the user who has received the points. Further, the credit quality giving / receiving unit 528 associates the member IDs of the users to whom credit ratings have been exchanged, and lowers the credit quality of the granting source when the credit quality of the user to whom the credit quality is given decreases. That is, since it affects not only the user but also the trustworthiness of other users, the consciousness of maintaining their own trustworthiness works.
 関係性判定部530は、会員ID同士の関係性を判定する。具体的には、関係性判定部530は、個人情報管理DB602に管理される情報に基づいて、電子商取引サービスの会員IDの親子関係または親族関係を判定する。例えば、個人情報管理DB602に管理される情報の中に、複数の会員IDの住所が同じだが、名前又はマイナンバーが異なる等の会員IDを検出した場合、関係性判定部530は、それらの会員IDは親子である、または、親族であるとみなす。親子関係にあると判定した場合、関係性判定部530は、どの会員IDが親であるかは、生年月日等から判断する。関係性判定部530による判定ではなく、予め、個人情報管理DB602に会員ID同士の関係性を保持していてもよい。 The relationship determination unit 530 determines the relationship between member IDs. Specifically, the relationship determination unit 530 determines the parent-child relationship or the kinship relationship of the member ID of the electronic commerce service based on information managed in the personal information management DB 602. For example, in the information managed by the personal information management DB 602, when a member ID such as a plurality of member IDs having the same address but a different name or my number is detected, the relationship determination unit 530 determines the membership ID. ID is considered to be a parent or child or a relative. If it is determined that there is a parent-child relationship, the relationship determination unit 530 determines which member ID is the parent from the date of birth or the like. Instead of the determination by the relationship determination unit 530, the personal information management DB 602 may hold the relationship between the member IDs in advance.
 信用度授受部528は、関係性判定部530により親子であると判定された場合に、親の信用度を子に貸してもよい。具体的には、電子商取引サービス40の会員IDに基づいて、親の会員IDに関連付けられる信用度を、子の会員IDと共有してもよい。子がオンラインサービスに新規登録する際、電子証明部526により親の信用度をオンラインサービスに送信した場合に、電子証明部526は、信用度を貸し付けた親にオンラインサービスに子が新規登録の申請をした旨を通知する。具体的には、電子証明部526は、個人情報管理DB602に保持される親のメールアドレス、または電子商取引サービス40の会員IDに基づいて、子のオンラインサービスの新規登録を通知する。これにより、親は、子のオンランサービスの利用を監視することが出来る。 When the relationship determination unit 530 determines that the credit rating unit 528 is a parent and child, the credit rating unit 528 may lend the parent's credit rating to the child. Specifically, the credit rating associated with the parent member ID may be shared with the child member ID based on the member ID of the electronic commerce service 40. When a child newly registers with the online service, when the electronic certification unit 526 sends the parent's credit rating to the online service, the electronic certification unit 526 applies the child to the online service for new registration to the parent who has lent the credit rating. Notify that. Specifically, the electronic certification unit 526 notifies the child online service new registration based on the parent mail address held in the personal information management DB 602 or the member ID of the electronic commerce service 40. This allows the parent to monitor the use of the child's online service.
 また、関係性判定部530により夫婦関係にあると判定された場合において、信用度を共有してもよい。具体的には、信用度授受部528は、電子商取引サービス40の会員IDに基づいて、夫の信用度を妻と共有する。親子間での信用度の借り受けと同様に、妻が夫の信用度に基づいて、新規にオンラインサービスに申請をした場合、電子証明部526は、その旨を夫に通知してもよい。また、この通知の可否は設定により変更できる。 In addition, when the relationship determination unit 530 determines that there is a marital relationship, the reliability may be shared. Specifically, the credit rating unit 528 shares the husband's credit with the wife based on the member ID of the electronic commerce service 40. Similar to the borrowing of credit between parents and children, when a wife newly applies for an online service based on the trust of the husband, the electronic certification unit 526 may notify the husband to that effect. Further, whether or not this notification can be made can be changed by setting.
 上記実施形態及び変形例において本人確認プログラム50及び本人プログラム55は、ユーザ端末2にインストールされているが、これに限定されるものではなく、電子商取引管理サーバ4にインストールされていてもよい。 In the above embodiment and modification, the identity verification program 50 and the identity program 55 are installed in the user terminal 2, but the present invention is not limited to this, and may be installed in the electronic commerce management server 4.
 1…本人確認システム
 2…ユーザ端末
 3…銀行勘定系システム
 4…電子商取引管理サーバ
 5…電子サービス
 20…ユーザ
 40…電子商取引サービス
 50…本人確認プログラム
 70…電子商取引管理プログラム
 500…取引結果取得部
 502…取引数カウント部
 504…評価値生成部
 506…電子証明部
 508…新規登録部
 510…評価要素値格納部
 512…満足度受付部
 514…関連付け部
 516…相互認証部
 518…読み出し許可部
 520…真正度生成部
 522…信用度生成部
 524…重複ID検出部
 526…電子証明部
 528…信用度授受部
 530…関係性判定部
 600…サービス利用情報データベース
 602…個人情報管理データベース
 604…管理情報データベース
 606…サービス利用情報データベース
 700…注文確定検知部
 702…残高要求部
 704…成否判定部
 706…決済要求部
 708…実行部
 710…通知部 DESCRIPTION OF SYMBOLS 1 ... Identity confirmation system 2 ... User terminal 3 ... Bank account system 4 ... Electronic commerce management server 5 ... Electronic service 20 ... User 40 ... Electronic commerce service 50 ... Identity confirmation program 70 ... Electronic commerce management program 500 ... Transaction result acquisition part 502 ... Number of transactions counting unit 504 ... Evaluation value generating unit 506 ... Electronic certification unit 508 ... New registration unit 510 ... Evaluation element value storage unit 512 ... Satisfaction receiving unit 514 ... Association unit 516 ... Mutual authentication unit 518 ... Read permission unit 520 ... Authenticity generation unit 522 ... Reliability level generation unit 524 ... Duplicate ID detection unit 526 ... Electronic certification unit 528 ... Credit rating unit 530 ... Relationship determination unit 600 ... Service usage information database 602 ... Personal information management database 604 ... Management information database 606 ... Service usage information database 70 ... final order detection unit 702 ... balance request unit 704 ... success determining unit 706 ... settlement request unit 708 ... execution unit 710 ... notification unit

Claims (12)

  1.  本人確認を行う複数の確認機関によりユーザの本人確認が完了していることを示す本人確認済み情報を、複数のオンラインサービスから取得する取得部と、
     前記取得部により取得されたユーザの本人確認済み情報に基づいて、本人確認の評価値を生成する評価値生成部と、
     前記評価値生成部により生成された評価値を出力する出力部と
     を有する本人確認システム。     An acquisition unit that acquires identity verification information indicating that the identity verification of the user has been completed by a plurality of verification agencies that perform identity verification from a plurality of online services;
    Based on the user identity confirmation information obtained by the obtaining unit, an evaluation value generation unit that generates an evaluation value for identity confirmation;
    An identity verification system comprising: an output unit that outputs the evaluation value generated by the evaluation value generation unit.
  2.  前記取得部は、本人確認が前提となるオンライン決済サービス又はオンライン行政手続きにおけるトランザクションの完了情報を、前記本人確認済み情報として取得し、
     前記評価値生成部は、ユーザによる前記オンライン決済サービス又はオンライン行政手続きの利用回数、及び、これらの完了情報に基づいて、当該ユーザの評価値を生成する
     請求項1に記載の本人確認システム。     The acquisition unit acquires transaction completion information in an online payment service or online administrative procedure on which identity verification is a prerequisite, as the identity verified information,
    The identity verification system according to claim 1, wherein the evaluation value generation unit generates the evaluation value of the user based on the number of times the user uses the online payment service or the online administrative procedure and completion information thereof.
  3.  前記評価値生成部は、ユーザが利用した複数のオンラインサービスの本人確認済み情報に基づいて、当該ユーザの評価値を生成し、
     前記評価値生成部により生成されたユーザの評価値と、ユーザが新規登録を希望する他のオンラインサービスに設定された基準値とを比較して、ユーザの新規登録の可否を判定する新規登録部
     をさらに有する請求項2に記載の本人確認システム。     The evaluation value generation unit generates an evaluation value of the user based on the identity confirmation information of a plurality of online services used by the user,
    A new registration unit that compares the user's evaluation value generated by the evaluation value generation unit with a reference value set in another online service that the user desires to newly register to determine whether or not the user can register a new one The identity verification system according to claim 2, further comprising:
  4.  複数のオンラインサービスと、評価値の算出要素となる評価要素値とを互いに関連付けて格納する評価要素値格納部
     をさらに有し、
     前記取得部は、ユーザの本人確認済み情報と、このユーザが利用したオンラインサービスの識別情報とを取得し、
     前記評価値生成部は、前記評価要素値格納部に格納されている評価要素値のうち、取得されたオンラインサービスの識別情報に対応する評価要素値に基づいて、評価値を算出する
     請求項1に記載の本人確認システム。     An evaluation element value storage unit that stores a plurality of online services and evaluation element values that are evaluation value calculation elements in association with each other;
    The acquisition unit acquires the user's identity confirmed information and identification information of the online service used by the user,
    The evaluation value generation unit calculates an evaluation value based on an evaluation element value corresponding to the acquired identification information of the online service among evaluation element values stored in the evaluation element value storage unit. The identity verification system described in.
  5.  前記取得部は、本人確認が前提となる電子商取引サービスにおけるトランザクションの完了情報を、前記本人確認済み情報として取得し、
     前記電子商取引サービスにおけるユーザの取引相手から、ユーザとの取引に対する満足度を示す評価要素値の入力を受け付ける満足度受付部
     をさらに有し、
     前記評価値生成部は、前記満足度受付部により受け付けた評価要素値に基づいて、当該ユーザの評価値を生成する
     請求項1に記載の本人確認システム。     The acquisition unit acquires transaction completion information in the electronic commerce service on which the identity verification is a premise as the identity verified information,
    A satisfaction receiving unit that receives an input of an evaluation element value indicating satisfaction with a transaction with the user from a user counterpart in the electronic commerce service;
    The identity verification system according to claim 1, wherein the evaluation value generation unit generates an evaluation value of the user based on the evaluation element value received by the satisfaction level reception unit.
  6.  前記取得部は、給与振込サービスにおけるトランザクションの完了情報を、前記本人確認済み情報として取得し、
     前記給与振込サービスにおける給与の支払元から、ユーザの労務状況に対する満足度を示す評価要素値の入力を受け付ける満足度受付部
     をさらに有し、
     前記評価値生成部は、前記満足度受付部により受け付けた評価要素値に基づいて、当該ユーザの評価値を生成する
     請求項1に記載の本人確認システム。     The acquisition unit acquires transaction completion information in the salary transfer service as the identity confirmation information,
    A satisfaction receiving unit that receives an input of an evaluation element value indicating satisfaction with respect to the user's labor situation from a payer of the salary in the salary transfer service;
    The identity verification system according to claim 1, wherein the evaluation value generation unit generates an evaluation value of the user based on the evaluation element value received by the satisfaction level reception unit.
  7.  前記満足度受付部は、ソーシャル・ネットワークキング・サービスを介して、満足度を示す評価要素値の入力を受け付ける
     請求項5又は6に記載の本人確認システム。     The identity verification system according to claim 5, wherein the satisfaction level reception unit receives an input of an evaluation element value indicating satisfaction level via a social network king service.
  8.  各オンラインサービスにおいて、決済に使用するユーザの銀行の識別情報に基づいて、前記各オンラインサービスから発行されたユーザの識別情報同士を関連付ける関連付け部
     をさらに有する請求項3に記載の本人確認システム。     The identity verification system according to claim 3, further comprising: an associating unit that associates user identification information issued from each online service with each other based on identification information of a user's bank used for payment in each online service.
  9.  同一オンラインサービス内において、決済に使用するユーザの銀行の識別情報に基づいて、同一ユーザが保有する複数の識別情報を検出する重複識別情報検出部
     をさらに有する請求項1に記載の本人確認システム。     The identity verification system according to claim 1, further comprising: a duplicate identification information detection unit that detects a plurality of identification information held by the same user based on the identification information of the user's bank used for payment in the same online service.
  10.  本人確認を行う複数の確認機関によりユーザの本人確認が完了していることを示す本人確認済み情報を、複数のオンラインサービスから取得する取得部と、
     前記取得部により取得されたユーザの本人確認済み情報に基づいて、本人確認の評価値を生成する評価値生成部と、
     前記評価値生成部により生成された評価値を出力する出力部と
     を有する本人確認装置。     An acquisition unit that acquires identity verification information indicating that the identity verification of the user has been completed by a plurality of verification agencies that perform identity verification from a plurality of online services;
    Based on the user identity confirmation information obtained by the obtaining unit, an evaluation value generation unit that generates an evaluation value for identity confirmation;
    An identity verification apparatus comprising: an output unit that outputs the evaluation value generated by the evaluation value generation unit.
  11.  本人確認を行う複数の確認機関によりユーザの本人確認が完了していることを示す本人確認済み情報を、複数のオンラインサービスから取得するステップと、
     前記取得部により取得されたユーザの本人確認済み情報に基づいて、本人確認の評価値を生成するステップと、
     前記評価値生成部により生成された評価値を出力するステップと
     を有する本人確認方法。     Obtaining identity-verified information from a plurality of online services indicating that the identity of the user has been completed by a plurality of verification agencies performing identity verification;
    Generating an evaluation value of identity verification based on the identity verification information of the user acquired by the acquisition unit;
    Outputting the evaluation value generated by the evaluation value generation unit.
  12.  本人確認を行う複数の確認機関によりユーザの本人確認が完了していることを示す本人確認済み情報を、複数のオンラインサービスから取得するステップと、
     前記取得部により取得されたユーザの本人確認済み情報に基づいて、本人確認の評価値を生成するステップと、
     前記評価値生成部により生成された評価値を出力するステップと
     をコンピュータに実行させるプログラム。     Obtaining identity-verified information from a plurality of online services indicating that the identity of the user has been completed by a plurality of verification agencies performing identity verification;
    Generating an evaluation value of identity verification based on the identity verification information of the user acquired by the acquisition unit;
    A program for causing a computer to execute the step of outputting the evaluation value generated by the evaluation value generation unit.
PCT/JP2017/022107 2017-06-15 2017-06-15 Identification system, identification device, identification method, and program WO2018229927A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2017/022107 WO2018229927A1 (en) 2017-06-15 2017-06-15 Identification system, identification device, identification method, and program

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2017/022107 WO2018229927A1 (en) 2017-06-15 2017-06-15 Identification system, identification device, identification method, and program

Publications (1)

Publication Number Publication Date
WO2018229927A1 true WO2018229927A1 (en) 2018-12-20

Family

ID=64659163

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2017/022107 WO2018229927A1 (en) 2017-06-15 2017-06-15 Identification system, identification device, identification method, and program

Country Status (1)

Country Link
WO (1) WO2018229927A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022085265A1 (en) * 2020-10-22 2022-04-28 株式会社Elements Fraud detection device for checking and authenticating person, application fraud detection method, and application fraud detection program

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007257029A (en) * 2006-03-20 2007-10-04 Fujitsu Ltd Reliability calculation program, reliability calculation apparatus, and service provision propriety determining program
JP2012063994A (en) * 2010-09-16 2012-03-29 Yahoo Japan Corp Service providing device
JP2012168622A (en) * 2011-02-10 2012-09-06 Japan Research Institute Ltd Transaction mediation device, transaction mediation system, and transaction mediation method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007257029A (en) * 2006-03-20 2007-10-04 Fujitsu Ltd Reliability calculation program, reliability calculation apparatus, and service provision propriety determining program
JP2012063994A (en) * 2010-09-16 2012-03-29 Yahoo Japan Corp Service providing device
JP2012168622A (en) * 2011-02-10 2012-09-06 Japan Research Institute Ltd Transaction mediation device, transaction mediation system, and transaction mediation method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022085265A1 (en) * 2020-10-22 2022-04-28 株式会社Elements Fraud detection device for checking and authenticating person, application fraud detection method, and application fraud detection program
GB2616145A (en) * 2020-10-22 2023-08-30 Elements Inc Fraud detection device for checking and authenticating person, application fraud detection method, and application fraud detection program

Similar Documents

Publication Publication Date Title
US11861610B2 (en) Public ledger authentication system
US10943275B2 (en) Authenticating an exchange item in an exchange item marketplace network
US20220051204A1 (en) Generating exchange item utilization solutions in an exchange item marketplace network
US11281800B2 (en) Systems and methods for providing identity verification services
US20200213288A1 (en) Systems and methods for distribution of selected authentication information for a network of devices
US8086525B2 (en) Methods and systems for providing risk ratings for use in person-to-person transactions
US10546296B2 (en) Public ledger authentication system
US11164228B2 (en) Method and medium for determining exchange item compliance in an exchange item marketplace network
RU2292589C2 (en) Authentified payment
US8224753B2 (en) System and method for identity verification and management
US20220222673A1 (en) Identity-based transaction processing
CN105874495A (en) Systems and methods for communicating risk using token assurance data
US20070203852A1 (en) Identity information including reputation information
US11824838B2 (en) Providing assertions regarding entities
US20160012427A1 (en) Systems and methods for authenticating users of networked computer systems based on non-credentialed information
CN111444209B (en) Data processing method, device, equipment and medium based on block chain
JP2018045540A (en) Deposit account information disclosure system including virtual currency address
US20080021761A1 (en) Transaction processing systems and methods
CN108352010A (en) Method and system for administrative authentication services client data
CN115456773A (en) Payment control method, device, equipment and medium based on block chain
JP2019109831A (en) Credibility evaluation system, computer terminal, and transaction method
US20230169553A1 (en) Determining an automatic acquisition approach for an exchange item request
US20230125366A1 (en) Securely utilizing an exchange item unaffiliated with a merchant server
WO2018229927A1 (en) Identification system, identification device, identification method, and program
KR20110129735A (en) The internet loan system where the quick loan is possible

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17913777

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17913777

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP

NENP Non-entry into the national phase

Ref country code: JP