WO2020195687A1 - 情報処理システム、情報処理方法、およびプログラム - Google Patents

情報処理システム、情報処理方法、およびプログラム Download PDF

Info

Publication number
WO2020195687A1
WO2020195687A1 PCT/JP2020/009492 JP2020009492W WO2020195687A1 WO 2020195687 A1 WO2020195687 A1 WO 2020195687A1 JP 2020009492 W JP2020009492 W JP 2020009492W WO 2020195687 A1 WO2020195687 A1 WO 2020195687A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
user
storage area
server
stored
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2020/009492
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
隆行 木原
正太 小野
義崇 吉村
智久 清水
鳥山 慎一
雅洋 清沢
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NEC Corp
Original Assignee
NEC Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NEC Corp filed Critical NEC Corp
Priority to JP2021508929A priority Critical patent/JPWO2020195687A1/ja
Priority to EP20776742.7A priority patent/EP3944109B1/en
Priority to US17/437,928 priority patent/US12120103B2/en
Publication of WO2020195687A1 publication Critical patent/WO2020195687A1/ja
Anticipated expiration legal-status Critical
Priority to US18/887,122 priority patent/US20250080522A1/en
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/18Legal services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/41User authentication where a single sign-on provides access to a plurality of computers
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/018Certifying business or products
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles

Definitions

  • the present invention relates to an information processing system, an information processing method, and a program.
  • Patent Document 1 describes a system that allows an account to be opened without submitting identity verification documents to the securities company when opening a securities trading account at a securities company via a bank.
  • Patent Document 2 a company (another financial institution) in which a user newly applies for the use of a service (opening an account, etc.) using a cash card of a company (financial institution, etc.) whose identity has been confirmed by the user.
  • the company whose identity has been confirmed provides the attribute information of the user whose identity has been confirmed, thereby saving the trouble of other companies confirming their identity.
  • the systems that can be described are described.
  • the present invention has been made in view of the above circumstances, and an object of the present invention is to provide an information processing system, an information processing method, and a program that reduce the risk of leakage of personal information.
  • the first aspect relates to information processing systems.
  • the information processing system related to the first aspect is An information processing system having a first server and a second server.
  • the first server is When the user information of the user is stored in the first storage means, the transmission means for transmitting the first authentication information for logging in to the first server for the user to the second server and the transmission means.
  • the first authentication information Upon receiving the first authentication information, it has a processing means for executing a process for reading the user information of the user.
  • the second server is An authentication information storage means for associating a second authentication information for the user to log in to the second server with the first authentication information and storing the second authentication information in the second storage means.
  • the user Upon receiving the second authentication information, the user has a login means for reading the first authentication information corresponding to the second authentication information from the second storage means and logging in to the first server.
  • the second aspect concerns the server.
  • the first server related to the second aspect is A server that is connected to another server that accepts user information and manages the user information. When storing the user information of the user, a transmission means for transmitting the first authentication information for logging in to the server for the user to the other server, and Upon receiving the first authentication information, it has a processing means for executing a process for reading the user information of the user.
  • the second server related to the second aspect is A server that is connected to another server that manages user information of the user. Regarding the user who has received the user information, the user acquires the first authentication information for the server to log in to the other server from the other server, and the user uses the acquired first authentication information as the server.
  • An authentication information storage means that associates a second authentication information for logging in to the server and stores it in the storage unit, Upon receiving the second authentication information, a login means for reading the first authentication information corresponding to the second authentication information from the storage unit and logging in to the other server. It has a processing means for executing a process of logging in to the other server and storing the user information of the user in the other server.
  • the third aspect relates to an information processing method performed by at least one computer.
  • the information processing method related to the third aspect is The first server is When the user information of the user is stored in the first storage means, the first authentication information for logging in to the first server for the user is transmitted to the second server. Upon receiving the first authentication information, a process for reading the user information of the user is executed.
  • the second server is The second authentication information for the user to log in to the second server is associated with the first authentication information and stored in the second storage means. When the second authentication information is received, the first authentication information corresponding to the second authentication information is read from the second storage means and logged in to the first server.
  • the present invention may be a program that causes at least one computer to execute the method of the third aspect, or a recording medium that can be read by a computer that records such a program. You may.
  • This recording medium includes non-temporary tangible media.
  • the computer program includes computer program code that causes the computer to perform its information processing method on the first server and the second server when executed by the computer.
  • the various components of the present invention do not necessarily have to be individually independent, and a plurality of components are formed as one member, and one component is formed of a plurality of members. It may be that a certain component is a part of another component, a part of a certain component overlaps with a part of another component, and the like.
  • the order of description does not limit the order in which the plurality of procedures are executed. Therefore, when implementing the method and computer program of the present invention, the order of the plurality of procedures can be changed within a range that does not hinder the contents.
  • the method of the present invention and the plurality of procedures of the computer program are not limited to being executed at individually different timings. Therefore, another procedure may occur during the execution of a certain procedure, or a part or all of the execution timing of the certain procedure and the execution timing of the other procedure may overlap.
  • FIG. 1 It is a figure which conceptually shows the system structure of the information processing system which concerns on embodiment of this invention. It is a figure which shows an example of the configuration of the computer which realizes each server and the user terminal of the information processing system of this embodiment. It is a functional block diagram which logically shows the structure of each server of the information processing system which concerns on embodiment of this invention. It is a figure which shows an example of the data structure of the ID storage part of an agent server. It is a figure which shows an example of the data structure of the personal information database of the account opening business server. It is a flowchart which shows an example of the operation of the information processing system of this embodiment. It is a functional block diagram which shows the logical structure of the account opening business server of this embodiment.
  • FIG. 1 is a diagram conceptually showing a system configuration of an information processing system 1 according to an embodiment of the present invention.
  • the information processing system 1 includes an account opening business server (first server) 100 and an agent server (second server) 200, and is used together with user terminals (indicated as U1 and U2 in the figure).
  • user terminals indicated as U1 and U2 in the figure.
  • two user terminals are shown, but the number of user terminals is not limited to two, and the information processing system 1 may be used by at least one user terminal.
  • the terminal used by the user will be described as the user terminal U1.
  • the information processing system 1 performs an account opening business by receiving business entrustment from a plurality of different securities companies in accordance with an application from a customer (hereinafter, also referred to as a user).
  • a customer hereinafter, also referred to as a user.
  • the user's personal identification information necessary for opening an account for example, My Number (registered trademark) (hereinafter referred to as "personal number") and personal number confirmation documents (for example, personal number card) )
  • identity verification documents for example, a driver's license, health insurance card, etc., preferably including the user's name, address, and date of birth
  • the personal identification information can include information on the appearance (thickness of the document and other features) of the face photograph and the personal identification document.
  • the user needs to submit these documents for each securities company when opening an account.
  • the work related to identity identification and identity verification based on these documents is also performed by each securities company each time an account is opened, which is troublesome for the user and burdensome for the securities company.
  • the personal identification information for which the personal identification procedure for the personal identification information has been completed in order to open an account at one securities company.
  • identity verification documents hereinafter, these information will also be referred to as "personal information"
  • personal information when the information is used, it is possible to suppress the leakage of information about the user between one securities company and another securities company.
  • acquisition means that the own device retrieves data or information stored in another device or storage medium (active acquisition), and is output to the own device from the other device. Includes at least one of entering data or information (passive acquisition). Examples of active acquisition include making a request or inquiry to another device and receiving the reply, and accessing and reading another device or storage medium. In addition, an example of passive acquisition may be receiving information to be distributed (or transmitted, push notification, etc.). Further, “acquisition” may mean to select and acquire from received data or information, or to select and receive delivered data or information.
  • the account opening business server 100 is a server that performs processing for opening an account on behalf of a securities company.
  • the account opening business server 100 does not communicate with the user terminal U1.
  • the agent server 200 directly communicates with the user terminal of the user, receives an application from the user, and instructs the account opening business server 100 to perform the account opening business on behalf of the user.
  • the configuration of parts not related to the essence of the present invention is omitted and is not shown.
  • the system of a securities company in which the account opening business server 100 opens an account is not shown.
  • the processing itself of opening an account of a securities company performed by the account opening business server 100 will not be described in the present embodiment.
  • FIG. 2 is a diagram showing an example of the configuration of a computer 60 that realizes each server and user terminal of the information processing system 1 of the present embodiment.
  • the account opening business server 100 and the agent server 200 may each be configured by a plurality of computers 60, or may be realized by a virtual server.
  • the computer 60 includes a CPU (Central Processing Unit) 62, a memory 64, a program 80 that realizes components of each server and user terminal loaded in the memory 64, a storage 66 that stores the program 80, and I / O (Input /). It includes an Output) 68 and an interface (communication I / F70) for connecting to a communication network.
  • CPU Central Processing Unit
  • memory 64 a memory 64
  • program 80 that realizes components of each server and user terminal loaded in the memory 64
  • a storage 66 that stores the program 80
  • I / O Input /
  • It includes an Output) 68 and an interface (communication I / F70) for connecting to a communication network.
  • the CPU 62, the memory 64, the storage 66, the I / O 68, and the communication I / F 70 are connected to each other via the bus 69, and each server and the user terminal are controlled by the CPU 62.
  • the method of connecting the CPU 62 and the like to each other is not limited to the bus connection.
  • the memory 64 is a memory such as a RAM (RandomAccessMemory) or a ROM (ReadOnlyMemory).
  • the storage 66 is a storage device such as a hard disk, an SSD (Solid State Drive), or a memory card.
  • the storage 66 may be a memory such as RAM or ROM.
  • the storage 66 may be provided inside the computer 60, or may be provided outside the computer 60 and may be connected to the computer 60 by wire or wirelessly if the computer 60 is accessible. Alternatively, it may be detachably provided on the computer 60.
  • the I / O 68 controls the input / output of data and control signals between the computer 60 and other input / output devices.
  • the other input / output devices include, for example, an input device 72 such as a keyboard, touch panel, mouse, and microphone connected to the computer 60, and an output of a display (referred to as a display device 74 in the figure), a printer, a speaker, and the like. Includes a device (not shown) and an interface between these input / output devices and the computer 60.
  • the I / O 68 may perform data input / output control with a reading or writing device (not shown) of another recording medium.
  • the communication I / F 70 is a network connection interface for communicating between the computer 60 and an external device.
  • the communication I / F 70 may be a network interface for connecting to a wired line or a network interface for connecting to a wireless line.
  • the computers 60 that realize each server and the user terminal are connected to each other via the communication network 3 by the communication I / F 70.
  • Each component of the information processing system 1 of the present embodiment shown in FIG. 3 to be described later is realized by an arbitrary combination of hardware and software of the computer 60 shown in FIG. And, it is understood by those skilled in the art that there are various modifications of the realization method and the device.
  • the functional block diagram showing the account opening business server 100 and the agent server 200 of each embodiment described below shows a logical functional unit block, not a hardware unit configuration.
  • the first computer program 80 of the present embodiment is for logging in to the account opening business server 100 for the user when storing the personal information of the user in the computer 60 for realizing the account opening business server 100. It is described so as to execute a procedure of transmitting the first authentication information to the agent server 200 and a procedure of executing a process for reading the personal information of the user when the first authentication information is received.
  • the computer 60 for realizing the agent server 200 is subjected to the first authentication for the agent server 200 to log in to the account opening business server 100 with respect to the user who has received the personal information.
  • the procedure of reading the first authentication information corresponding to the second authentication information from the ID storage unit 220 and logging in to the account opening business server 100 is described. ..
  • the computer program 80 of the present embodiment may be recorded on a recording medium that can be read by the computer 60.
  • the recording medium is not particularly limited, and various forms can be considered. Further, the program 80 may be loaded from the recording medium into the memory 64 of the computer 60, or may be downloaded to the computer 60 through the network and loaded into the memory 64.
  • the recording medium for recording the computer program 80 includes a medium that can be used by the non-temporary tangible computer 60, and a program code that can be read by the computer 60 is embedded in the medium.
  • the computer program 80 is executed on the computer 60, the computer 60 is made to execute an information processing method for realizing the account opening business server 100 or the agent server 200.
  • the user terminal U1 is a terminal device used by the user, and is, for example, a personal computer, a tablet terminal, a smartphone, a mobile phone, or the like.
  • the user terminal U1 may be the property of the user or may be lent to the user.
  • the mode in which the user uses the service of the information processing system 1 by using the user terminal U1 is exemplified below, but is not limited thereto.
  • the application is installed and started on the user terminal U1, the agent server 200 is accessed from the application, and the user terminal U1 uses the service provided by the information processing system 1.
  • the browser is started on the user terminal U1 to access a predetermined website, and the user terminal U1 uses the service provided by the information processing system 1.
  • SaaS Software as a Service
  • an application that realizes the information processing system 1 is executed on the agent server 200, and the user terminal U1 is provided online by the information processing system 1 via a communication network. Use the services that are provided.
  • connection form between the agent server 200 and the user terminal U1 is not particularly limited, but it is assumed that the connection is made in a form in which security is guaranteed.
  • the connection form between the account opening business server 100 and the agent server 200 is also not particularly limited, but it is preferable that the connection form is secured, for example, a dedicated line.
  • Each device is connected to at least one of wired and wireless.
  • the communication method is not particularly limited, and each device may be connected to each other by a available communication method.
  • the application for use includes the application for the account of the first securities company at the same time.
  • user registration information for example, information such as name, address, and telephone number is registered, and authentication information (user ID and password) is issued.
  • This usage application is made to the agent server 200.
  • the user terminal U1 may access a website that accepts usage applications to apply, or the terminal device (not shown) of the agent server 200 may be used to access the information processing system 1 to apply.
  • Application may be started by using the terminal device of the user terminal U1 or the agent server 200 and the application may be made on the application screen.
  • FIG. 3 is a functional block diagram that logically shows the configuration of each server of the information processing system 1 according to the embodiment of the present invention.
  • the account opening business server 100 includes a transmission unit 102 and a processing unit 104.
  • the agent server 200 includes an ID registration unit (authentication information storage means) 202 and a login unit 204.
  • the transmission unit 102 When the transmission unit 102 stores the personal information of the user in the personal information database 120 (first storage means), the transmission unit 102 sets the first authentication information (user ID 1 and the user ID 1) for logging in to the account opening business server 100 for the user.
  • the password P1 is transmitted to the agent server 200.
  • the first authentication information is information for the agent server 200 to log in to the account opening business server 100 on behalf of the user.
  • the processing unit 104 Upon receiving the first authentication information, the processing unit 104 executes a process for reading the personal information of the user.
  • the process for reading personal information includes the following processes. (1) Process for confirming the authorization of proxy rights of the agent server 200 regarding the user (2) Process for confirming whether the user's personal information has been confirmed (that is, whether it is valid or not) (3) Personal information of securities company A Processing for requesting securities company B to provide personal information of users whose identity has been confirmed stored in database 120a (4) Personal information of users read from personal information database 120a of securities company A Securities company B Processes for storing in the personal information database 120b of the above. Details of these processes will be described in the embodiment described later.
  • the ID registration unit 202 associates the second authentication information (user ID 2 and password P2) for the user to log in to the agent server 200 with the first authentication information (user ID 1 and password P1), and the ID storage unit 220. Store in (second storage means).
  • the login unit 204 When the login unit 204 receives the second authentication information (user ID 2 and password P2) from the user terminal U1, the login unit 204 receives the first authentication information (user ID 1 and password P2) corresponding to the second authentication information (user ID 2 and password P2).
  • the password P1) is read from the ID storage unit 220, and the user logs in to the account opening business server 100.
  • FIG. 4 is a diagram showing an example of the data structure of the ID storage unit 220 of the agent server 200.
  • the ID storage unit 220 may be connected to the agent server 200 so as to be accessible and may be included in the agent server 200, or may be a storage device provided outside the agent server 200.
  • the ID storage unit 220 stores each of the information shown in FIGS. 4 (a) to 4 (c).
  • the ID registration unit 202 provides the ID information 222 of the ID storage unit 220 with the second authentication information (user ID 2 and password P2) as the first authentication information (user ID 1 and password). It is stored in association with P1).
  • the user registration information 224 registered when the user applies for the use of this system for example, information such as a name, an address, and a telephone number, is used as the second authentication information (user ID 2).
  • the password P2 may be linked and stored in the ID storage unit 220.
  • the first authentication information 226 (user ID 1 and password P1) issued from the account opening business server 100 may be stored in the ID storage unit 220.
  • FIG. 5 is a diagram showing an example of the data structure of the personal information database 120 of the account opening business server 100.
  • the personal information database 120 may be connected to the account opening business server 100 so as to be accessible and may be included in the account opening business server 100, or may be a storage device provided outside the account opening business server 100.
  • the personal information database 120 does not have to be in the database format.
  • the personal information database 120 stores each information shown in FIGS. 5 (a) to 5 (c).
  • the personal information database 120 stores the first authentication information 122 (user ID 1 and password P1) issued by the transmission unit 102.
  • the personal information database 120 may store information indicating that the personal identification information of the user has been confirmed (confirmed information 124) in association with the user ID. .. As shown in FIG. 5C, the personal information database 120 may store the user's personal information 126 (personal number, personal number confirmation document, and personal identification document) in association with the user ID. The confirmation document of personal information is saved as digitized data.
  • the personal information database 120 has a first storage area (personal information database 120a for securities company A) and a second storage area (personal information for securities company B), which are different for each securities company. It has a database 120b).
  • the first storage area (personal information database 120a for securities company A) can be accessed by the system of securities company A (not shown), and cannot be accessed by systems other than securities company A (not shown).
  • the second storage area (personal information database 120b for securities company B) can be accessed by the system of securities company B (not shown), and cannot be accessed by systems other than securities company B.
  • the first storage area (personal information database 120a for securities company A) and the second storage area (personal information database 120b for securities company B) are physically contained in the same storage device and are logically divided. It may be in the area where it is located, or it may be provided in two different storage devices that are physically separate.
  • FIG. 6 is a flowchart showing an example of the operation of the information processing system 1 of the present embodiment.
  • the user logs in to the agent server 200 from the user terminal U1 using the user ID 2 and password P2 acquired in advance (step S101).
  • the user specifies the business content (account opening, etc.) to be performed by proxy and the target business operator (for example, securities company name, branch name, etc.) on the operation screen displayed on the user terminal U1. You can do it.
  • the agent server 200 receives the user ID 2 and the password P2 from the user terminal U1 and performs an authentication process as to whether or not the user is a user of this system (step S103). After authentication, the agent server 200 makes an account opening application for the securities company A to the account opening business server 100 on behalf of the user (step S105).
  • the transmission unit 102 of the account opening business server 100 provides the agent server with the first authentication information (user ID 1 and password P1) for logging in to the account opening business server 100, which is required when storing and reading the personal information of the user. It is transmitted to 200 (step S107). At this time, the transmission unit 102 stores the user's first authentication information (user ID 1 and password P1) in the personal information database 120 (FIG. 5A).
  • the ID registration unit 202 of the agent server 200 receives the first authentication information (user ID 1 and password P1) from the account opening business server 100, the ID registration unit 202 of the agent server 200 receives the second authentication information (user ID 2 and password P2) and the first authentication information of the user.
  • the authentication information (user ID 1 and password P1) of the above is linked and stored in the ID storage unit 220 (step S109).
  • the login unit 204 of the agent server 200 requests the user terminal U1 for personal information (personal number, personal number confirmation document, and personal identification document) necessary for opening an account (step S111). Then, when the login unit 204 of the agent server 200 receives the personal information transmitted from the user terminal U1 (step S113), the account opening business server uses the user's first authentication information (user ID 1 and password P1). Log in to 100 (step S115).
  • the user's first authentication information is stored in the user ID 1 corresponding to the logged-in user ID 2 because the user terminal U1 is logged in with the user ID 2. It can be obtained by reading from unit 220.
  • the processing unit 104 of the account opening business server 100 receives the user ID 1 and password P1 of the user from the agent server 200, the processing unit 104 performs an authentication process (step S117).
  • the processing unit 104 performs the authentication process by collating with the first authentication information (FIG. 5A) stored in the personal information database 120.
  • the processing unit 104 receives the personal information transmitted from the agent server 200 to the account opening business server 100 (step S121).
  • the processing unit 104 stores the received personal information in the personal information database 120 in association with the user's identification information (for example, user ID 1) (step S123).
  • the agent server 200 when the agent server 200 receives the account opening request from the user, the account opening business server 100 is requested to open an account, and the transmission unit 102 of the account opening business server 100. Is issued with the first authentication information (user ID 1 and password P1) for logging in to the account opening business server 100, and the ID registration unit 202 of the agent server 200 uses the first authentication information to allow the user to log in to the agent server 200. It is associated with the second authentication information (user ID 2 and password P2) for the purpose and registered in the personal information database 120.
  • the first authentication information user ID 1 and password P1
  • the ID registration unit 202 of the agent server 200 uses the first authentication information to allow the user to log in to the agent server 200. It is associated with the second authentication information (user ID 2 and password P2) for the purpose and registered in the personal information database 120.
  • the agent server 200 acquires the first authentication information corresponding to the user's second authentication information and logs in to the account opening business server 100. And the process of storing the user's personal information in the personal information database 120 can be executed.
  • the agent server 200 since the agent server 200 causes the account opening business server 100 to execute the process for reading the user information on behalf of the user, the risk of leakage of personal information is reduced. ..
  • FIG. 7 is a functional block diagram showing a logical configuration of the account opening business server 100 of the present embodiment.
  • the account opening business server 100 is the same as that of the above embodiment except that each securities company has a management function means.
  • the account opening business server 100 includes a control unit 130 that controls the business of a plurality of securities companies and a first management function unit 140a (hereinafter, also referred to as a management function unit 140a of the securities company A) that performs the business of the securities company A.
  • a second management function unit 140b hereinafter, also referred to as a management function unit 140b of the securities company B) that performs the business of the securities company B.
  • the first management function unit 140a manages the personal information database 120a of the securities company A.
  • the second management function unit 140b manages the personal information database 120b of the securities company B.
  • the first management function unit 140a and the second management function unit 140b are linked to different businesses.
  • the business operator is a securities company, but the present invention is not limited to this.
  • the control unit 130, the first management function unit 140a, and the second management function unit 140b of the present embodiment are the processing unit 134 and the processing unit 134 that realize the functions of the processing unit 104 described with reference to FIG.
  • a unit 144a and a processing unit 144b are included.
  • the control unit 130 includes a transmission unit 102 described with reference to FIG.
  • FIG. 8 is a flowchart showing an example of the operation of the information processing system 1 of the present embodiment.
  • FIG. 8 shows a procedure for a user to perform a procedure when using the information processing system 1 for the first time.
  • the flowchart of FIG. 8 includes the same steps S101 to S123 as in FIG. 6, and further includes steps S201 to S203. Further, among the procedures of the account opening business server 100 of FIG. 6, except that step S107 is performed by the control unit 130, and steps S117, S119, and S123 are performed by the management function unit 140a of the securities company A.
  • the flowchart of FIG. 6 and the flowchart of FIG. 8 are the same.
  • the agent server 200 receives user registration information (for example, information such as name, address, and telephone number) from the user terminal U1.
  • user registration information for example, information such as name, address, and telephone number
  • the agent server 200 issues the second authentication information (user ID 2 and password P2) and transmits it to the user terminal U1 (step S203).
  • the user logs in to the agent server 200 from the user terminal U1 using the user ID 2 and password P2 acquired in step S203 (step S101).
  • the agent server 200 receives the user ID 2 and the password P2 from the user terminal U1 and performs an authentication process as to whether or not the user is a user of this system (step S103). After the authentication, the agent server 200 makes an application for opening an account of the securities company A to the management unit 130 of the account opening business server 100 on behalf of the user (step S105).
  • the transmission unit 102 of the control unit 130 of the account opening business server 100 is for logging in to the management function unit 140a of the securities company A of the account opening business server 100, which is necessary when storing and reading the personal information of the user.
  • the first authentication information (user ID 1 and password P1) is transmitted to the agent server 200 (step S107).
  • the transmission unit 102 of the control unit 130 stores the user's first authentication information (user ID 1 and password P1) in the personal information database 120a of the securities company A (FIG. 5A).
  • the ID registration unit 202 of the agent server 200 receives the first authentication information (user ID 1 and password P1) from the account opening business server 100, the ID registration unit 202 of the agent server 200 receives the second authentication information (user ID 2 and password P2) and the first authentication information of the user.
  • the authentication information (user ID 1 and password P1) of the above is linked and stored in the ID storage unit 220 (step S109).
  • the login unit 204 of the agent server 200 requests the user terminal U1 for personal information (personal number, personal number confirmation document, and personal identification document) necessary for opening an account (step S111). Then, when the login unit 204 of the agent server 200 receives the personal information transmitted from the user terminal U1 (step S113), the account opening business server uses the user's first authentication information (user ID 1 and password P1). Log in to the management function unit 140a of 100 securities companies A (step S115). When personal information is transmitted from the user terminal U1 in step S111, the user's first authentication information is stored in the user ID 1 corresponding to the logged-in user ID 2 because the user terminal U1 is logged in with the user ID 2. It can be obtained by reading from unit 220.
  • the processing unit 144a of the management function unit 140a of the securities company A of the account opening business server 100 receives the user ID 1 and password P1 of the user from the agent server 200, the processing unit 144a performs an authentication process (step S117).
  • the processing unit 144a performs the authentication process by collating with the first authentication information (FIG. 5A) stored in the personal information database 120a of the securities company A.
  • the processing unit 144a receives the personal information transmitted from the agent server 200 to the management function unit 140a of the securities company A of the account opening business server 100. (Step S121).
  • the processing unit 144a stores the received personal information in the personal information database 120a of the securities company A in association with the user's identification information (for example, user ID 1) (step S123).
  • control unit 130 transfers the personal information stored in the personal information database 120a of the securities company A to the personal information database 120b of the securities company B in response to the account opening request from the user.
  • the processing for causing the management function unit 140b of the securities company B and the management function unit 140a of the securities company A to perform the processing for storing is performed.
  • the management function unit 140b of the securities company B and the management function unit 140a of the securities company A communicate with each other via the agent server 200.
  • the management function unit 140a and the second management function unit 140b of the above prevent information leakage regarding the user's account opening without knowing from which securities company's personal information database 120 the information about the user is read. be able to.
  • FIG. 9 is a functional block diagram showing a logical configuration of the agent server 200 of the present embodiment.
  • the agent server 200 of the present embodiment has a configuration in which the personal information of a user whose identity has been confirmed when opening an account of one securities company can be securely used by another securities company when opening an account of another securities company. Other than that, it is the same as the above embodiment.
  • the agent server 200 includes a transfer unit 230 in addition to the configuration of the agent server 200 according to the embodiment shown in FIG. Further, it is assumed that the account opening business server 100 has the configuration shown in FIG.
  • the processing unit 144a of the first management function unit 140a of the account opening business server 100 receives the first authentication information, the access permission information to the user information of the user stored in the personal information database 120a of the securities company A (Hereinafter, also referred to as a token) is transmitted to the agent server 200.
  • the transfer unit 230 of the agent server 200 When the transfer unit 230 of the agent server 200 receives the token, the transfer unit 230 transfers the received token to the control unit 130.
  • the processing unit 134 of the control unit 130 acquires the personal information of the user stored in the personal information database 120a of the securities company A based on the token received from the agent server 200, and enters the personal information database 120b of the securities company B. Store.
  • the control unit 130 acquires the access right to the personal information of the user stored in the personal information database 120a of the securities company A by the token.
  • the management function unit 140b of the securities company B cannot directly access the personal information stored in the personal information database 120a of the securities company A, which is different from the securities company B.
  • the management function unit 140b of the securities company B can acquire the personal information stored in the personal information database 120a of the securities company A via the control unit 130 and store it in the personal information database 120b of the securities company B. ..
  • the personal information database 120a of the securities company A stores personal information submitted by the user when opening an account of the securities company A.
  • the personal information database 120b of the securities company B stores personal information used when opening an account of the securities company B.
  • the processing unit 144a of the management function unit 140a of the securities company A accepts the account opening application of the securities company A from the user terminal U1, stores the personal information in the personal information database 120a, and then accepts the account opening application of the securities company B.
  • the personal information of the user is read from the personal information database 120a and stored in the personal information database 120b. As described above, this process is performed via the control unit 130.
  • 10 and 11 are flowcharts showing an example of the operation of the information processing system 1 of the present embodiment.
  • the user logs in to the agent server 200 from the user terminal U1 using the user ID 2 and password P2 acquired in advance (step S301).
  • the agent server 200 receives the user ID 2 and the password P2 from the user terminal U1 and performs an authentication process as to whether or not the user is a user of this system (step S303). After the authentication, the login unit 204 of the agent server 200 needs the first authentication information to apply for the account opening of the securities company B to the management unit 130 of the account opening business server 100 on behalf of the user. (User ID 1 and password P1) are read from the ID storage unit 220 (step S305). The user ID 1 corresponding to the user ID 2 is acquired from the ID information 222 of FIG. 4 (a), and the password P1 corresponding to the user ID 1 is read and acquired from the first authentication information 226 of FIG. 4 (c).
  • the login unit 204 of the agent server 200 uses the read first authentication information 226 (user ID 1 and password P1) to make an account opening application for the securities company B, so that the control unit 130 of the account opening business server 100 Log in to (step S307).
  • the user specifies the business content (account opening, etc.) to be performed by proxy and the target business operator (for example, securities company name, branch name, etc.) on the operation screen displayed on the user terminal U1. You can do it.
  • the processing unit 134 of the control unit 130 of the account opening business server 100 Upon receiving the first authentication information, the processing unit 134 of the control unit 130 of the account opening business server 100 performs the authentication process (step S309).
  • the processing unit 134 performs the authentication process by collating with the first authentication information 122 (FIG. 5A) stored in the personal information database 120a.
  • the processing unit 134 performs processing for using the personal information for which the identity has already been confirmed for the user stored in the personal information database 120a of the securities company A for the account opening business of the securities company B. Instruct the management function unit 140b of the securities company B to do so (step S311). At this time, the processing unit 134 can confirm that the personal information of the user ID 1 has been submitted by referring to the confirmed information 124 in FIG. 5 (b).
  • the processing unit 144b of the management function unit 140b of the securities company B requests the agent server 200 for the personal information whose identity has been confirmed regarding the user in response to the instruction from the control unit 130 (step). S313).
  • the processing unit 144b of the management function unit 140b of the securities company B confirms with the agent server 200 whether or not the proxy right regarding the user has been authorized, and has been authorized by the agent server 200. After receiving the proof, the agent server 200 is requested for personal information.
  • the transfer unit 230 of the agent server 200 requests the management function unit 140a of the securities company A to return the personal information whose identity has been confirmed by the user stored in the personal information database 120a of the securities company A (step S315). ).
  • the processing unit 144a of the management function unit 140a of the securities company A issues a token including access permission information to the personal information whose identity has been confirmed by the user stored in the personal information database 120a of the securities company A (step S317). ..
  • This token contains user-identifiable information (eg, user ID 1).
  • the information that can identify the user may be encrypted.
  • the token is designated as a transfer destination so as to be circulated from the management function unit 140a of the securities company A to the management function unit 140b of the securities company B via the agent server 200.
  • the transfer unit 230 of the agent server 200 transfers it to the control unit 130 (step S319).
  • the processing unit 134 of the control unit 130 confirms the validity of the received token (step S321).
  • a method for confirming the validity of the token for example, an expiration date, an electronic signature, or the like can be considered.
  • the processing unit 134 uses the user ID 1 acquired together with the token to the management function unit 140a of the securities company A, and the individual of the user specified from the user ID 1 stored in the personal information database 120a of the securities company A. Request access to information (step S323).
  • the processing unit 144a of the management function unit 140a of the securities company A reads the personal information of the user specified from the user ID 1 from the personal information database 120a and transmits it to the control unit 130 (step S325). Then, the processing unit 134 of the control unit 130 transfers the personal information received from the management function unit 140a of the securities company A to the management function unit 140b of the securities company B (step S327).
  • the processing unit 144b of the management function unit 140b of the securities company B receives the personal information from the control unit 130 and stores it in the personal information database 120b of the securities company B (step S329). Then, the processing unit 144b of the management function unit 140b of the securities company B reports to the control unit 130 that the personal information of the user has been stored (step S331).
  • the token issued by the processing unit 144a of the first management function unit 140a is transferred to the second management function unit 140b via the agent server 200, and is based on the token. Therefore, the processing unit 144b of the second management function unit 140b requests the return of the user's personal information for the first management function unit 140a, and the processing unit 144a requests the user's personal information stored in the personal information database 120a. Personal information is stored in the personal information database 120b.
  • the management function unit 140b of the securities company B and the management function unit 140a of the securities company A communicate with each other via the agent server 200, and also have a control unit. Since personal information is stored from the personal information database 120a of the securities company A to the personal information database 120b of the securities company B via 130, the first management function unit 140a and the second management function unit 140b provide information about the user. It is possible to prevent leakage of information regarding the opening of a user's account without knowing which securities company's personal information database 120 was read from.
  • the agent server 200 further includes a storage processing unit (not shown) that associates the access permission information (token) with at least one of the first authentication information and the second authentication information and stores it in the recording unit (not shown). You may prepare.
  • This recording unit may be a storage device that is physically the same as the ID storage unit 220 of the above embodiment. In this way, the token issuance history can be recorded in the recording unit. Further, the history may be similarly recorded in the same recording unit (not shown) in the account opening business server 100.
  • An information processing system having a first server and a second server.
  • the first server is When the user information of the user is stored in the first storage means, the transmission means for transmitting the first authentication information for logging in to the first server for the user to the second server and the transmission means.
  • the processing means for executing a process for reading the user information of the user is provided.
  • the second server is An authentication information storage means for associating a second authentication information for the user to log in to the second server with the first authentication information and storing the second authentication information in the second storage means.
  • the login means for reading the first authentication information corresponding to the second authentication information from the second storage means and logging in to the first server, and An information processing system equipped with.
  • the first management function means of the first server is When the first authentication information is received, the access permission information of the user to the user information stored in the first storage area is transmitted to the second server.
  • the second server is When the access permission information is received, the transfer means for transferring to the second management function means is further provided.
  • the second management function means of the first server is An information processing system that acquires the user information of the user stored in the first storage area based on the access permission information received from the second server and stores the user information in the second storage area. .. 5. 3. 3. Or 4.
  • the business operator is a securities company The user information submitted by the user at the time of opening an account of the first securities company is stored in the first storage area.
  • the user information used when opening an account of a second securities company is stored in the second storage area.
  • the processing means receives the account opening application of the first securities company from the user terminal, stores the user information in the first storage area, and then accepts the account opening application of the second securities company.
  • an information processing system that reads the user information of the user from the first storage area and stores the user information in the second storage area. 6. 4. Or 4. To quote 5.
  • the second server is An information processing system including a storage processing means for associating the access permission information with at least one of the first authentication information and the second authentication information and storing the access permission information in a third storage means. 7. 1. 1. From 6.
  • the first storage means is an information processing system that stores the user information whose identity has been confirmed.
  • a server that is connected to a management server that manages user information of users. Regarding the user who has received the user information, the server acquires the first authentication information for logging in to the management server from the management server, and the user logs in to the server with the acquired first authentication information.
  • An authentication information storage means for associating a second authentication information for this purpose and storing it in a storage unit, Upon receiving the second authentication information, a login means for reading the first authentication information corresponding to the second authentication information from the storage unit and logging in to the management server.
  • a processing means When logging in to the management server, a processing means for executing a process of storing the user information of the user in the management server, and A server. 9. 8.
  • the storage means for storing the user information of the user has a first storage area and a second storage area.
  • the processing means is a server that executes a process of reading the user information of the user stored in the first storage area and storing the user information in the second storage area in the management server. 10. 9.
  • the processing means When the access permission information of the user to the user information stored in the first storage area is received from the management server, it is transferred to the second management function unit of the management server.
  • the second management function unit of the management server is made to acquire the user information of the user stored in the first storage area based on the received access permission information, and the second storage area is obtained.
  • the business operator is a securities company
  • the user information submitted by the user at the time of opening an account of the first securities company is stored in the first storage area.
  • the user information used when opening an account of a second securities company is stored in the second storage area.
  • the processing means receives the account opening application of the first securities company from the user terminal, stores the user information in the first storage area, and then accepts the account opening application of the second securities company.
  • a server comprising a storage processing means for associating the access permission information with at least one of the first authentication information and the second authentication information and storing the access permission information in a recording means. 13. 9. From 12.
  • the user information includes personal identification information, confirmation documents of the personal identification information, and information regarding personal identification documents.
  • the storage means is a server that stores the user information whose identity has been confirmed.
  • a management server that is connected to another server that accepts user information and manages the user information.
  • a transmission means for transmitting the first authentication information for logging in to the management server for the user to the other server, and
  • a management server including a processing means for executing a process for reading the user information of the user upon receiving the first authentication information.
  • 15. 14 In the management server described in The storage means for storing the user information of the user has a first storage area and a second storage area. When the processing means receives the first authentication information, the processing means executes a process for reading the user information of the user stored in the first storage area and storing the user information in the second storage area. , Management server. 16. 15.
  • the first management function means for managing the first storage area and A second management function means for managing the second storage area is provided.
  • the first management function means and the second management function means are management servers associated with different businesses. 17. 16.
  • the first management function means is When the first authentication information is received, the access permission information of the user to the user information stored in the first storage area is transmitted to the other server.
  • the second management function means is A management server that acquires the user information of the user stored in the first storage area and stores it in the second storage area based on the access permission information transferred from the other server. 18. 16. Or 17.
  • In the management server described in The business operator is a securities company The user information submitted by the user at the time of opening an account of the first securities company is stored in the first storage area.
  • the user information used when opening an account of a second securities company is stored in the second storage area.
  • the processing means receives the account opening application of the first securities company from the user terminal, stores the user information in the first storage area, and then accepts the account opening application of the second securities company.
  • a management server that reads the user information of the user from the first storage area and stores it in the second storage area. 19. 15. To 18.
  • the management server described in any one of The user information includes personal identification information, confirmation documents of the personal identification information, and information regarding personal identification documents.
  • the storage means is a management server that stores the user information whose identity has been confirmed.
  • the first server is When the user information of the user is stored in the first storage means, the first authentication information for logging in to the first server for the user is transmitted to the second server. Upon receiving the first authentication information, a process for reading the user information of the user is executed.
  • the second server is The second authentication information for the user to log in to the second server is associated with the first authentication information and stored in the second storage means. When the second authentication information is received, the first authentication information corresponding to the second authentication information is read from the second storage means and logged in to the first server.
  • Information processing method 21. 20. In the information processing method described in The first storage means has a first storage area and a second storage area.
  • the first server When the first server receives the first authentication information, a process for reading the user information of the user stored in the first storage area and storing the user information in the second storage area is performed. Information processing method to execute. 22. 21. In the information processing method described in The first storage area and the second storage area are associated with different businesses. The first server An information processing method in which the first storage area and the second storage area are managed independently of each other. 23. 22. In the information processing method described in The first server When the first authentication information is received, the access permission information of the user to the user information stored in the first storage area is transmitted to the second server. The second server When the access permission information is received, it is transferred to the first server and transferred to the first server.
  • the first server An information processing method that acquires the user information of the user stored in the first storage area based on the access permission information received from the second server and stores the user information in the second storage area. .. 24. 22. Or 23.
  • the business operator is a securities company
  • the user information submitted by the user at the time of opening an account of the first securities company is stored in the first storage area.
  • the user information used when opening an account of a second securities company is stored in the second storage area.
  • the first server When the application for opening an account of the first securities company is received from the user terminal, the user information is stored in the first storage area, and then the application for opening an account of the second securities company is accepted, the user An information processing method in which the user information is read from the first storage area and stored in the second storage area. 25. 23. Or 23. To quote 24.
  • the second server An information processing method in which the access permission information is associated with at least one of the first authentication information and the second authentication information and stored in a third storage means. 26. 20. To 25.
  • the information processing method described in any one of The user information includes personal identification information, confirmation documents of the personal identification information, and information regarding personal identification documents.
  • the first storage means is an information processing method for storing the user information whose identity has been confirmed.
  • the storage means for storing the user information of the user has a first storage area and a second storage area.
  • the other computer is logged in using the first authentication information according to the login procedure, the user information of the user stored in the first storage area is read out to the other computer and the user information is read out to the other computer.
  • the first management function means for managing the first storage area and the second management function means for managing the second storage area possessed by the other computer are different from each other. It is tied and A procedure for transferring access permission information of the user to the user information stored in the first storage area from the other computer to the second management function means of the other computer.
  • the second management function means of the other computer is made to acquire the user information of the user stored in the first storage area based on the received access permission information, and the second storage.
  • the business operator is a securities company
  • the user information submitted by the user at the time of opening an account of the first securities company is stored in the first storage area.
  • the user information used when opening an account of a second securities company is stored in the second storage area.
  • the user information is stored in the first storage area, and then the application for opening an account of the second securities company is accepted, the user A program for causing a computer to execute a procedure of reading the user information from the first storage area and storing the user information in the second storage area. 31. 29. Or 30.
  • the user information includes personal identification information, confirmation documents of the personal identification information, and information regarding personal identification documents.
  • the storage means is a program that stores the user information whose identity has been confirmed.
  • a computer that is connected to another computer that accepts user information and manages the user information.
  • the storage means for storing the user information of the user has a first storage area and a second storage area.
  • the computer executes a procedure for reading the user information of the user stored in the first storage area and storing the user information in the second storage area. Program to make you. 35. 34.
  • the computer Based on the access permission information transferred from the other computer, the computer obtains the user information of the user stored in the first storage area and stores the user information in the second storage area.
  • the business operator is a securities company
  • the user information submitted by the user at the time of opening an account of the first securities company is stored in the first storage area.
  • the user information used when opening an account of a second securities company is stored in the second storage area.
  • the application for opening an account of the first securities company is received from the user terminal, the user information is stored in the first storage area, and then the application for opening an account of the second securities company is accepted, the user A program for causing a computer to execute a procedure of reading the user information from the first storage area and storing the user information in the second storage area. 38. 34. From 37.
  • the user information includes personal identification information, confirmation documents of the personal identification information, and information regarding personal identification documents.
  • the storage means is a program that stores the user information whose identity has been confirmed.
  • Information processing system 3 Communication network 60 Computer 62 CPU 64 Memory 66 Storage 68 I / O 69 Bus 70 Communication I / F 72 Input device 74 Display device 80 Program 100 Account opening business server 102 Transmission unit 104 Processing unit 120 Personal information database 120a First storage area (personal information database for securities company A) 120b Second storage area (personal information database for securities company B) 122 First authentication information 124 Confirmed information 126 Personal information 130 Control department 134 Processing department 140a First management function department (management function department of securities company A) 140b Second management function department (management function department of securities company B) 144a Processing unit 144b Processing unit 200 Agent server 202 ID registration unit 204 Login unit 220 ID storage unit 222 ID information 224 User registration information 226 First authentication information 230 Transfer units U1, U2 User terminals

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Finance (AREA)
  • Accounting & Taxation (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Technology Law (AREA)
  • Development Economics (AREA)
  • Tourism & Hospitality (AREA)
  • Primary Health Care (AREA)
  • Human Resources & Organizations (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Health & Medical Sciences (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
PCT/JP2020/009492 2019-03-22 2020-03-05 情報処理システム、情報処理方法、およびプログラム Ceased WO2020195687A1 (ja)

Priority Applications (4)

Application Number Priority Date Filing Date Title
JP2021508929A JPWO2020195687A1 (https=) 2019-03-22 2020-03-05
EP20776742.7A EP3944109B1 (en) 2019-03-22 2020-03-05 Information processing system, information processing method, and program
US17/437,928 US12120103B2 (en) 2019-03-22 2020-03-05 Information processing system, information processing method, and program
US18/887,122 US20250080522A1 (en) 2019-03-22 2024-09-17 Information processing system, information processing method, and program

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2019-054964 2019-03-22
JP2019054964 2019-03-22

Related Child Applications (2)

Application Number Title Priority Date Filing Date
US17/437,928 A-371-Of-International US12120103B2 (en) 2019-03-22 2020-03-05 Information processing system, information processing method, and program
US18/887,122 Continuation US20250080522A1 (en) 2019-03-22 2024-09-17 Information processing system, information processing method, and program

Publications (1)

Publication Number Publication Date
WO2020195687A1 true WO2020195687A1 (ja) 2020-10-01

Family

ID=72610051

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2020/009492 Ceased WO2020195687A1 (ja) 2019-03-22 2020-03-05 情報処理システム、情報処理方法、およびプログラム

Country Status (4)

Country Link
US (2) US12120103B2 (https=)
EP (1) EP3944109B1 (https=)
JP (1) JPWO2020195687A1 (https=)
WO (1) WO2020195687A1 (https=)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113328862A (zh) * 2021-06-15 2021-08-31 支付宝(杭州)信息技术有限公司 企业人员的认证方法、装置及系统
JP2023010223A (ja) * 2021-07-09 2023-01-20 トッパン・フォームズ株式会社 情報管理システム、情報管理方法、サーバ装置、及びプログラム

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11928240B2 (en) * 2022-01-28 2024-03-12 Greg Richmond Secure personal information database
US20230252031A1 (en) * 2022-02-09 2023-08-10 bundleIQ Inc. Content Analysis System and Method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006053693A (ja) 2004-08-10 2006-02-23 Kabu.Com Securities Co Ltd 証券取引口座の開設方法及び証券取引口座開設システム
US20080133413A1 (en) * 2000-06-28 2008-06-05 Yahoo! Inc. Financial information portal
JP2017068777A (ja) 2015-10-02 2017-04-06 株式会社野村総合研究所 情報処理装置
JP2018074388A (ja) * 2016-10-28 2018-05-10 株式会社三井住友銀行 認証システム、方法、およびプログラム
JP2019054964A (ja) 2017-09-20 2019-04-11 株式会社大一商会 遊技機

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6826692B1 (en) * 1998-12-23 2004-11-30 Computer Associates Think, Inc. Method and apparatus to permit automated server determination for foreign system login
US20040158746A1 (en) * 2003-02-07 2004-08-12 Limin Hu Automatic log-in processing and password management system for multiple target web sites
US8321437B2 (en) * 2005-12-29 2012-11-27 Nextlabs, Inc. Detecting behavioral patterns and anomalies using activity profiles
US7886346B2 (en) * 2006-02-13 2011-02-08 Vmware, Inc. Flexible and adjustable authentication in cyberspace
US8996857B1 (en) * 2006-06-05 2015-03-31 Thomson Financial Llc Single sign-on method in multi-application framework
US8056118B2 (en) * 2007-06-01 2011-11-08 Piliouras Teresa C Systems and methods for universal enhanced log-in, identity document verification, and dedicated survey participation
WO2009039160A2 (en) 2007-09-17 2009-03-26 Vidoop, Llc. Method and system for storing and using a plurality of passwords
US8079066B1 (en) 2007-11-20 2011-12-13 West Corporation Multi-domain login and messaging
US8549589B2 (en) * 2008-11-10 2013-10-01 Jeff STOLLMAN Methods and apparatus for transacting with multiple domains based on a credential
US8544072B1 (en) * 2009-10-13 2013-09-24 Google Inc. Single sign-on service
US8914851B2 (en) * 2010-12-06 2014-12-16 Golba Llc Method and system for improved security
US9495533B2 (en) * 2011-09-29 2016-11-15 Oracle International Corporation Mobile application, identity relationship management
US20140081864A1 (en) * 2012-09-15 2014-03-20 Randall Reese Data Shares in Data Storage Clouds
KR101816650B1 (ko) * 2017-02-21 2018-01-09 주식회사 코인플러그 계정 등록의 간소화 서비스 및 사용자 인증 서비스를 제공하는 방법 및 이를 이용한 인증 서버

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080133413A1 (en) * 2000-06-28 2008-06-05 Yahoo! Inc. Financial information portal
JP2006053693A (ja) 2004-08-10 2006-02-23 Kabu.Com Securities Co Ltd 証券取引口座の開設方法及び証券取引口座開設システム
JP2017068777A (ja) 2015-10-02 2017-04-06 株式会社野村総合研究所 情報処理装置
JP2018074388A (ja) * 2016-10-28 2018-05-10 株式会社三井住友銀行 認証システム、方法、およびプログラム
JP2019054964A (ja) 2017-09-20 2019-04-11 株式会社大一商会 遊技機

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP3944109A4

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113328862A (zh) * 2021-06-15 2021-08-31 支付宝(杭州)信息技术有限公司 企业人员的认证方法、装置及系统
JP2023010223A (ja) * 2021-07-09 2023-01-20 トッパン・フォームズ株式会社 情報管理システム、情報管理方法、サーバ装置、及びプログラム
JP7677005B2 (ja) 2021-07-09 2025-05-15 Toppanホールディングス株式会社 情報管理システム、情報管理方法、サーバ装置、及びプログラム

Also Published As

Publication number Publication date
US12120103B2 (en) 2024-10-15
US20250080522A1 (en) 2025-03-06
EP3944109B1 (en) 2024-10-02
EP3944109C0 (en) 2024-10-02
EP3944109A4 (en) 2022-05-25
US20220174056A1 (en) 2022-06-02
EP3944109A1 (en) 2022-01-26
JPWO2020195687A1 (https=) 2020-10-01

Similar Documents

Publication Publication Date Title
US11411959B2 (en) Execution of application in a container within a scope of user-granted permission
US20250080522A1 (en) Information processing system, information processing method, and program
US11222137B2 (en) Storing and executing an application in a user's personal storage with user granted permission
EP3460690A1 (en) Use of identity and access management for service provisioning
US20210019763A1 (en) A method for managing a verified digital identity
JP2018537022A (ja) デジタルアイデンティティを管理するためのシステム及び方法
US20060174104A1 (en) Consumer internet authentication device
WO2020222923A1 (en) Execution of an application within a scope of user-granted permission
US20090012817A1 (en) System and method for facilitating cross enterprise data sharing in a healthcare setting
WO2006091956A2 (en) System and method for facilitating cross enterprise data sharing in a healthcare setting
KR101543607B1 (ko) 의료 증명서 발급 시스템 및 방법
JP6871296B2 (ja) 仲介サーバ、プログラム、及び情報処理方法
US12306994B2 (en) User-centric data management system
US20240020355A1 (en) Non-fungible token authentication
CN110766548A (zh) 基于区块链的信息处理方法、装置、存储介质及电子设备
JP2018018536A (ja) 電子契約の締結に用いられる契約締結サーバ及び電子契約の締結方法
US12206794B2 (en) User information management system, user information management method, user agent and program
US20200210611A1 (en) Hardware safe for protecting sensitive data with controlled external access
US20250139611A1 (en) System and Methods for Implementing Blockchain Based Zero Knowledge Protocol
JP2006260123A (ja) 債権管理システム、債権管理方法及びプログラム
JP7776051B1 (ja) 情報処理装置、システム、情報処理装置の制御方法及びプログラム
JP7767863B2 (ja) 情報管理サーバ、情報連携システム、情報管理方法、及びプログラム
US20240070662A1 (en) Non-fungible token document platform
JP7113883B2 (ja) 本人認証システム、方法、およびコンピュータプログラム
US20250036798A1 (en) Systems and methods for tokenization of personally identifiable information (pii) and personal health information (phi)

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20776742

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2021508929

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2020776742

Country of ref document: EP