WO2022018852A1 - System, reader, and control device - Google Patents

System, reader, and control device Download PDF

Info

Publication number
WO2022018852A1
WO2022018852A1 PCT/JP2020/028420 JP2020028420W WO2022018852A1 WO 2022018852 A1 WO2022018852 A1 WO 2022018852A1 JP 2020028420 W JP2020028420 W JP 2020028420W WO 2022018852 A1 WO2022018852 A1 WO 2022018852A1
Authority
WO
WIPO (PCT)
Prior art keywords
reader
pan
control device
card
authentication
Prior art date
Application number
PCT/JP2020/028420
Other languages
French (fr)
Japanese (ja)
Inventor
知洋 宮崎
学 三露
Original Assignee
Quadrac株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Quadrac株式会社 filed Critical Quadrac株式会社
Priority to JP2020562224A priority Critical patent/JP6846755B1/en
Priority to PCT/JP2020/028420 priority patent/WO2022018852A1/en
Publication of WO2022018852A1 publication Critical patent/WO2022018852A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly

Definitions

  • This disclosure relates to systems, readers, and control devices.
  • Patent Document 1 In addition to authenticating whether a card is genuine, a system is known that uses a list to check whether the card is prohibited or restricted in use due to reasons such as theft or loss. (See Patent Document 1).
  • a list is used to check whether a card is prohibited or restricted in use without waiting for the completion of authentication of authenticity (authentication by a reader).
  • the purpose is to reduce the processing time of the entire system.
  • the present invention includes the following embodiment.
  • a reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information.
  • a control device that executes a predetermined operation using the authentication result received from the reader and the confirmation result received from the server, and A system including a server that receives a PAN from the reader via the control device and transmits the confirmation result of whether or not the received PAN is stored in the list to the control device.
  • the reader is a system that transmits a PAN read from the non-contact IC card to the server via the control device before the end of the authentication.
  • a reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information, and an authentication result and a server received from the reader.
  • the control device that executes a predetermined operation, and the confirmation that the PAN is received from the reader via the control device and the received PAN is stored in the list.
  • the reader in a system comprising the server that sends the result to the control device.
  • a reader that transmits a PAN read from the non-contact IC card to the server via the control device before the end of the authentication.
  • a reader that reads a plurality of information including a PAN from the non-contact IC card and authenticates the non-contact IC card using at least one of the read information, and an authentication result and a server received from the reader.
  • the control device that executes a predetermined operation, and the confirmation that the PAN is received from the reader via the control device and the received PAN is stored in the list.
  • the control device in a system comprising the server that sends the result to the control device.
  • a control device that receives the PAN from the reader before receiving the authentication result from the reader.
  • a reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information.
  • a control device that receives a PAN and an authentication result from the reader and executes a predetermined operation using the confirmation result of whether or not the received PAN is stored in the list and the received authentication result. It is a system equipped with The reader is a system that transmits a PAN read from the non-contact IC card to the control device before the end of the authentication.
  • a reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information, and a PAN and an authentication result from the reader.
  • the reader in a system comprising a control device that receives and performs a predetermined operation using the confirmation result of whether or not the received PAN is stored in the list and the result of the received authentication.
  • a reader that transmits a PAN read from the non-contact IC card to the control device before the end of the authentication.
  • a reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information, and a PAN and an authentication result from the reader.
  • the control device in a system including a control device that receives and performs a predetermined operation using the confirmation result of whether or not the received PAN is stored in the list and the result of the received authentication. There, A control device that receives the PAN from the reader before receiving the authentication result from the reader.
  • FIG. It is a schematic diagram explaining the structure of the system which concerns on Embodiment 1.
  • FIG. It is a schematic diagram explaining the operation example of the system which concerns on Embodiment 1.
  • FIG. It is a schematic diagram explaining the operation example of the system which concerns on the comparative example 1.
  • FIG. It is a schematic diagram explaining the structure of the system which concerns on Embodiment 2.
  • FIG. It is a schematic diagram explaining the operation example of the system which concerns on Embodiment 2.
  • FIG. It is a schematic diagram explaining the operation example of the system which concerns on the comparative example 2.
  • FIG. It is a schematic diagram explaining the storage example of a list.
  • FIG. 1A is a schematic diagram illustrating the configuration of the system according to the first embodiment.
  • the system 1 according to the first embodiment reads a plurality of information including a PAN from the non-contact IC card 40, and authenticates the non-contact IC card 40 using at least one of the read plurality of information.
  • a control device 20 that executes a predetermined operation using the reader 10 and the authentication result received from the reader 10 and the confirmation result received from the server 30 and a PAN from the reader 10 via the control device 20.
  • the system 1 can be widely used for entering and exiting, for example, when passing through a ticket gate of a station using a non-contact IC card 40, getting on and off a bus, entering and exiting an office or facility, etc. It can be preferably used in the case of.
  • the reader 10 is a device that performs non-contact communication with the non-contact IC card 40 and reads the information stored in the non-contact IC card 40.
  • the non-contact IC card 40 includes a credit card, a prepaid card, and a debit card.
  • the reader 10 is, for example, a ticket gate of a station, a card reader installed at a bus entrance / exit, a gate of an office or a facility, or the like.
  • the control device 20 is a device that opens and closes a gate and controls a display.
  • the control device 20 is, for example, a ticket gate of a station, a card reader installed at a bus entrance / exit, a gate of an office or a facility, or the like.
  • the control device 20 may be integrated with the reader 10 or may be separated from the reader 10. When the control device 20 and the reader 10 are separated, both devices can be connected by a wired connection (eg, USB) or a wireless connection.
  • a gate, a display, or the like can be connected to the control device 20.
  • the server 30 is a device that manages a list described later.
  • a cloud server on the network 50 can be used.
  • the server 30 may include a storage unit 34 for storing a list.
  • the storage unit 34 can be realized by a hard disk, a flash memory, or the like.
  • FIG. 3 is a schematic diagram illustrating a storage example of the list.
  • the list is a storage area in which a PAN (Primary Account Number) is stored.
  • the PAN is, for example, a number consisting of 14 to 16 digits, and a different number is assigned to each non-contact IC card 40.
  • the PAN is used at the time of payment using the non-contact IC card 40 or the like.
  • the PAN is preferably hashed, and is preferably transmitted / received or stored in the hashed state.
  • the PAN in the present specification includes an unhashed PAN (PAN itself), as well as a number that substantially uniquely corresponds to the PAN, such as a hashed PAN or an encrypted PAN. And.
  • the control device 20 and the server 30 are connected to each other via a network 50 such as the Internet or a dedicated line.
  • the reader 10, the control device 20, and the server 30 include calculation units 12, 22, and 32, respectively, and these devices operate by executing calculations in the calculation units 12, 22, and 32, respectively.
  • the arithmetic units 12, 22 and 32 can be realized by, for example, a CPU or RAM.
  • FIG. 1B is a schematic diagram illustrating the operation of the system 1 according to the first embodiment.
  • the operation of the system 1 according to the first embodiment will be described with reference to FIG. 1B.
  • Step 11 First, the reader 10 reads a plurality of information including the PAN from the non-contact IC card 40.
  • Step 12 After reading a plurality of pieces of information with Step 11, the reader 10 transmits the PAN read from the non-contact IC card 40 to the control device 20 before the end of authentication (Step 14). The control device 20 receives the PAN from the reader 10 before receiving the result of the authentication (Step 14).
  • Step 13 the server 30 receives the PAN from the reader 10 via the control device 20.
  • Step 14 the reader 10 authenticates the non-contact IC card 40 using at least one of the plurality of information read by Step 11.
  • Authentication is a process of confirming the authenticity of a card (that is, a process of confirming whether or not the card is issued by the card operator or the like (genuine)).
  • Authentication can be performed based on a method such as SDA (Static Data Authentication), DDA (Dynamic Data Association), or CDA (Combined Data Authentication).
  • SDA Static Data Authentication
  • DDA Dynamic Data Association
  • CDA Combined Data Authentication
  • SDA Static Data Authentication
  • a non-contact IC card This can be done by reading the digital signature from 40 and verifying the signature using the public key corresponding to the card stored in the reader 10 for the read digital signature. In this case, for example, authenticity (genuine).
  • the non-contact IC card 40 of the above stores a digital signature calculated by a private key corresponding to the public key stored in
  • Step15 the server 30 confirms whether or not the PAN received from the reader 10 via the control device 20 is stored in the list.
  • Step 16 Next, the reader 10 transmits the authentication result in Step 14 to the control device 20.
  • Step17 the server 30 transmits the confirmation result in Step 15 to the control device 20.
  • Step 18 the control device 20 executes a predetermined operation using the authentication result received from the reader 10 and the confirmation result received from the server 30.
  • Predetermined operations include opening and closing gates and displaying predetermined characters, images, and / or moving images on a display.
  • FIG. 1C is a schematic diagram illustrating the operation of the system according to Comparative Example 1. Hereinafter, the operation of the system according to Comparative Example 1 will be described with reference to FIG. 1C.
  • Step31 First, the reader 10 reads a plurality of information including the PAN from the non-contact IC card 40.
  • Step 32 the reader 10 authenticates the non-contact IC card 40 using at least one of the plurality of information read by Step 31.
  • Step33 Next, the reader 10 transmits the PAN read from the non-contact IC card 40 to the server 30 via the control device 20.
  • Step34 the server 30 receives the PAN from the reader 10 via the control device 20.
  • Step35 the server 30 confirms whether or not the PAN received from the reader 10 via the control device 20 is stored in the list.
  • Step 36 Next, the reader 10 transmits the authentication result in Step 32 to the control device 20.
  • Step37 the server 30 transmits the confirmation result in Step 35 to the control device 20.
  • Step 38 the control device 20 executes a predetermined operation using the authentication result received from the reader 10 and the confirmation result received from the server 30.
  • the predetermined operation by the control device 20 (Step 18 and Step 38) is executed when the result of the authentication by the reader 10 and the result of the confirmation of the list by the server 30 (the result of the confirmation that the PAN is not stored in the list) are not aligned. I can't.
  • the reader transmits the PAN read from the non-contact IC card to the server via the control device after the authentication (Step 32) is completed, so that Step 34 (Step 34)
  • Step 34 The start of the operations specified in Step 35 (confirmation of the list by the server 30) and Step 37 (transmission of the list confirmation result from the server 30 to the control device 20) from the control device 20 to the server 30 is from the first embodiment.
  • the PAN read from the non-contact IC card 40 is sent to the server 30 via the control device 20.
  • the PAN read from the non-contact IC card 40 is sent to the server 30 via the control device 20.
  • Step 13 transmission of PAN from the control device 20 to the server 30
  • Step 15 confirmation of the list by the server 30
  • Step 17 transmission of the list confirmation result from the server 30 to the control device 20.
  • the operation to be performed can be started earlier than in Comparative Example 1. Therefore, according to the first embodiment, it is possible to deliver the confirmation result (Step 18, Step 38) of the list from the server 30 to the control device 20 earlier than in the comparative example 1.
  • the time required from the start of reading (Step 11) by the reader 10 to the start of a predetermined operation (Step 18) can be shortened.
  • the time required from the start of reading by the reader 10 (Step 11) to the start of the predetermined operation (Step 18) in the first embodiment is T1
  • the time required from the start of the reading by the reader (Step 31) in Comparative Example 1 is predetermined.
  • the time required for the start of the operation (Step 38) is T3
  • the relationship of T1 ⁇ T3 can be realized.
  • the PAN read from the non-contact IC card 40 is transmitted to the server 30 via the control device 20 before the end of the authentication (Step 14).
  • the end of authentication after reading multiple pieces of information, before the start of authentication, after reading the PAN, and before reading other information (that is, reading of multiple pieces of information is completed). (Immediately after reading the PAN) is included. If the PAN is transmitted after reading the PAN, before starting other processing, or before reading other information in Step 11 (that is, immediately after reading the PAN), the operation specified in Step 13, Step 15, and Step 17. Can be started earlier, and the confirmation result (Step 18 and Step 38) can be delivered from the server 30 to the control device 20 earlier.
  • the PAN read from the non-contact IC card 40 is transmitted to the server 30 via the control device 20 before the end of the authentication (Step 14).
  • the order in which these steps are executed does not matter between Step 13 and Step 17 described above.
  • FIG. 2A is a schematic diagram illustrating the configuration of the system according to the second embodiment.
  • the system 2 according to the second embodiment reads a plurality of information including a PAN from the non-contact IC card 40, and authenticates the non-contact IC card 40 using at least one of the read plurality of information.
  • the reader 10 receives the PAN and the authentication result from the reader 10, confirms whether the received PAN is stored in the list, and uses the received authentication result to perform a predetermined operation.
  • the reader 10 transmits a PAN read from the non-contact IC card 40 to the control device 20 after reading a plurality of information and before the end of authentication. It is a system to do.
  • FIG. 2B is a schematic diagram illustrating the operation of the system according to the second embodiment.
  • the operation of the system 2 according to the second embodiment will be described with reference to FIG. 2B.
  • Step21 First, the reader 10 reads a plurality of information including the PAN from the non-contact IC card 40.
  • Step22 After reading a plurality of information with Step 21, the reader 10 transmits the PAN read from the non-contact IC card 40 to the control device 20 before the end of authentication (Step 23).
  • the control device 20 receives the PAN from the reader 10 before receiving the result of the authentication (Step 23).
  • Step23 the reader 10 authenticates the non-contact IC card 40 using at least one of the plurality of information read by Step 21. Since the mode of authentication is the same as that of the first embodiment, the description thereof will be omitted.
  • Step24 the control device 20 confirms whether or not the PAN received from the reader 10 is stored in the list.
  • Step 25 Next, the reader 10 transmits the authentication result in Step 23 to the control device 20.
  • Step26 the control device 20 executes a predetermined operation using the authentication result received from the reader 10 and the confirmation result in Step 24. Since the mode of the predetermined operation is the same as that of the first embodiment, the description thereof will be omitted.
  • FIG. 2C is a schematic diagram illustrating the operation of the system according to Comparative Example 2.
  • the operation of the system according to Comparative Example 2 will be described with reference to FIG. 2C.
  • Step41 First, the reader 10 reads a plurality of information including the PAN from the non-contact IC card 40.
  • Step 42 the reader 10 authenticates the non-contact IC card 40 using at least one of the plurality of information read by Step 41.
  • Step43 Next, the reader 10 transmits the PAN read from the non-contact IC card 40 to the control device 20.
  • Step44 the control device 20 confirms whether or not the PAN received from the reader 10 is stored in the list.
  • Step 45 Next, the reader 10 transmits the authentication result in Step 42 to the control device 20.
  • Step46 the control device 20 executes a predetermined operation using the authentication result received from the reader 10 and the confirmation result in Step 44.
  • the reader 10 transmits the PAN read from the non-contact IC card 40 to the control device 20 after the authentication (Step 42) is completed, so that Step 44 (control) is used.
  • the start of the operation specified in (confirmation of the list by the device 20) is later than that in the second embodiment.
  • the reader 10 reads the plurality of information in the Step 21 and then sends the PAN read from the non-contact IC card 40 to the control device 20 before the end of the authentication (Step 23).
  • the operation specified in (Checking the list) can be started earlier than in Comparative Example 2.
  • the second embodiment it is possible to shorten the time required from the start of reading (Step 21) by the reader 10 to the start of the predetermined operation (Step 27) as compared with Comparative Example 2.
  • the time required from the start of reading by the reader 10 (Step 21) to the start of the predetermined operation (Step 27) in the second embodiment is T2
  • the time required to start the predetermined operation (Step 41) in Comparative Example 2 is T4
  • the relationship of T2 ⁇ T4 can be realized.
  • the reader 10 reads the plurality of information in the Step 21 and then transmits the PAN read from the non-contact IC card 40 to the control device 20 before the end of the authentication (Step 23).
  • the end of authentication after reading multiple pieces of information, before the start of authentication, after reading the PAN, before reading other information (that is, before completing the reading of multiple pieces of information).
  • the PAN is to be transmitted after reading the PAN (Step 21), before starting other processing, or before reading other information in Step 21 (that is, immediately after reading the PAN), Step 24 (checking the list).
  • the predetermined operation (Step 27) by the control device 20 can be started earlier.
  • the reader 10 may read the plurality of information in the Step 21 and then transmit the PAN read from the non-contact IC card 40 to the control device 20 before the end of the authentication (Step 23).
  • the order in which Step23, Step24, and Step25 are executed does not matter.
  • processing speed is important in order to avoid congestion due to a large number of passengers.
  • some non-contact IC cards have a slow processing speed, and the issue is how to perform boarding / alighting determination at high speed as a whole system.
  • it authenticates whether the card is genuine (authentication with a reader), but at the same time, the list that the system operator has (example: Deny List: rejection list). You also need to check if it is not remembered in. Since the above authentication takes a long time to process, if you check the list after it is finished, the processing time will be even slower.
  • the list can be checked without waiting for the completion of the authentication of whether the card is genuine (authentication by the reader 10), so that the processing time of the entire system can be reduced. Can be shortened.
  • the list is checked first and the above authentication (authentication by the reader 10) is performed. (Authentication with the reader 10) can also be performed. In other words, it is possible to check the list and authenticate whether the card is genuine in parallel.
  • the control device 20 determines that boarding / alighting / entry / exit is OK, and opens / closes the gate or passes through the display. Performs certain actions such as displaying characters.

Abstract

In the present invention, a list is checked without waiting for the completion of authentication (authentication at a reader) and the processing time of a system overall is shortened. Provided is a system comprising a reader which reads a plurality of information items including a PAN from a contactless IC card and authenticates the contactless IC card by using at least one of the plurality of read information items, a control device which executes a prescribed operation by using the authentication results received from the reader and checked results received from a server, and the server which receives the PAN from the reader via the control device and transmits to the control device the checked results as to whether the received PAN is stored in a list, wherein the reader, after reading the plurality of information items and before the completion of the authentication, transmits the PAN read from the contactless IC card to the server via the control device.

Description

システム、読み取り機、及び制御装置Systems, readers, and controls
 本開示は、システム、読み取り機、及び制御装置に関する。 This disclosure relates to systems, readers, and control devices.
 カードが本物であるかどうかの認証に加えて、そのカードが盗難または紛失された等の理由によって使用が禁止または制限されたものであるのかどうかをリストを用いて確認するシステムが知られている(特許文献1参照)。 In addition to authenticating whether a card is genuine, a system is known that uses a list to check whether the card is prohibited or restricted in use due to reasons such as theft or loss. (See Patent Document 1).
特開2000-20467号公報Japanese Unexamined Patent Publication No. 2000-20467
 本発明の一実施形態では、カードが本物であるかどうかの認証(読み取り機での認証)の完了を待つことなく、使用が禁止または制限されたものであるかどうかのチェックをリストを用いて行い、システム全体の処理時間を短縮することを目的とする。 In one embodiment of the invention, a list is used to check whether a card is prohibited or restricted in use without waiting for the completion of authentication of authenticity (authentication by a reader). The purpose is to reduce the processing time of the entire system.
 本発明は、次の一実施形態を含む。 The present invention includes the following embodiment.
 非接触ICカードからPANを含む複数の情報を読み取り、前記読み取った複数の情報の少なくとも1つを用いて前記非接触ICカードを認証する読み取り機と、
 前記読み取り機から受信した認証の結果とサーバから受信した確認結果とを用いて、所定の動作を実行する制御装置と、
 前記読み取り機から前記制御装置を介してPANを受信し、前記受信したPANがリストに記憶されているかどうかの前記確認結果を前記制御装置に送信する前記サーバと、を備えたシステムであって、
 前記読み取り機は、前記認証の終了前に、前記非接触ICカードから読み取ったPANを前記制御装置を介して前記サーバに送信するシステム。 A reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information.
A control device that executes a predetermined operation using the authentication result received from the reader and the confirmation result received from the server, and
A system including a server that receives a PAN from the reader via the control device and transmits the confirmation result of whether or not the received PAN is stored in the list to the control device.
The reader is a system that transmits a PAN read from the non-contact IC card to the server via the control device before the end of the authentication.
 非接触ICカードからPANを含む複数の情報を読み取り、前記読み取った複数の情報の少なくとも1つを用いて前記非接触ICカードを認証する読み取り機と、前記読み取り機から受信した認証の結果とサーバから受信した確認結果とを用いて、所定の動作を実行する制御装置と、前記読み取り機から前記制御装置を介してPANを受信し、前記受信したPANがリストに記憶されているかどうかの前記確認結果を前記制御装置に送信する前記サーバと、を備えたシステムにおける前記読み取り機であって、
 前記認証の終了前に、前記非接触ICカードから読み取ったPANを前記制御装置を介して前記サーバに送信する読み取り機。 A reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information, and an authentication result and a server received from the reader. Using the confirmation result received from, the control device that executes a predetermined operation, and the confirmation that the PAN is received from the reader via the control device and the received PAN is stored in the list. The reader in a system comprising the server that sends the result to the control device.
A reader that transmits a PAN read from the non-contact IC card to the server via the control device before the end of the authentication.
 非接触ICカードからPANを含む複数の情報を読み取り、前記読み取った複数の情報の少なくとも1つを用いて前記非接触ICカードを認証する読み取り機と、前記読み取り機から受信した認証の結果とサーバから受信した確認結果とを用いて、所定の動作を実行する制御装置と、前記読み取り機から前記制御装置を介してPANを受信し、前記受信したPANがリストに記憶されているかどうかの前記確認結果を前記制御装置に送信する前記サーバと、を備えたシステムにおける前記制御装置であって、
 前記読み取り機から前記認証の結果を受信する前に、前記読み取り機から前記PANを受信する制御装置。 A reader that reads a plurality of information including a PAN from the non-contact IC card and authenticates the non-contact IC card using at least one of the read information, and an authentication result and a server received from the reader. Using the confirmation result received from, the control device that executes a predetermined operation, and the confirmation that the PAN is received from the reader via the control device and the received PAN is stored in the list. The control device in a system comprising the server that sends the result to the control device.
A control device that receives the PAN from the reader before receiving the authentication result from the reader.
 非接触ICカードからPANを含む複数の情報を読み取り、前記読み取った複数の情報の少なくとも1つを用いて前記非接触ICカードを認証する読み取り機と、
 前記読み取り機からPANと認証の結果とを受信し、前記受信したPANがリストに記憶されているかどうかの確認結果と、前記受信した認証の結果とを用いて、所定の動作を実行する制御装置と、を備えたシステムであって、
 前記読み取り機は、前記認証の終了前に、前記非接触ICカードから読み取ったPANを前記制御装置に送信するシステム。 A reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information.
A control device that receives a PAN and an authentication result from the reader and executes a predetermined operation using the confirmation result of whether or not the received PAN is stored in the list and the received authentication result. It is a system equipped with
The reader is a system that transmits a PAN read from the non-contact IC card to the control device before the end of the authentication.
 非接触ICカードからPANを含む複数の情報を読み取り、前記読み取った複数の情報の少なくとも1つを用いて前記非接触ICカードを認証する読み取り機と、前記読み取り機からPANと認証の結果とを受信し、前記受信したPANがリストに記憶されているかどうかの確認結果と、前記受信した認証の結果とを用いて、所定の動作を実行する制御装置と、を備えたシステムにおける前記読み取り機であって、
 前記認証の終了前に、前記非接触ICカードから読み取ったPANを前記制御装置に送信する読み取り機。 A reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information, and a PAN and an authentication result from the reader. With the reader in a system comprising a control device that receives and performs a predetermined operation using the confirmation result of whether or not the received PAN is stored in the list and the result of the received authentication. There,
A reader that transmits a PAN read from the non-contact IC card to the control device before the end of the authentication.
 非接触ICカードからPANを含む複数の情報を読み取り、前記読み取った複数の情報の少なくとも1つを用いて前記非接触ICカードを認証する読み取り機と、前記読み取り機からPANと認証の結果とを受信し、前記受信したPANがリストに記憶されているかどうかの確認結果と、前記受信した認証の結果とを用いて、所定の動作を実行する制御装置と、を備えたシステムにおける前記制御装置であって、
 前記読み取り機から前記認証の結果を受信する前に、前記読み取り機から前記PANを受信する制御装置。 A reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information, and a PAN and an authentication result from the reader. In the control device in a system including a control device that receives and performs a predetermined operation using the confirmation result of whether or not the received PAN is stored in the list and the result of the received authentication. There,
A control device that receives the PAN from the reader before receiving the authentication result from the reader.
 本発明の一実施形態によれば、カードが本物であるかどうかの認証(読み取り機での認証)の完了を待つことなく、使用が禁止または制限されたものであるかどうかのチェックをリストを用いて行い、システム全体の処理時間を短縮することができる。 According to one embodiment of the invention, a list of checks for prohibited or restricted use of a card without waiting for the completion of authentication of authenticity (authentication with a reader). It can be used to shorten the processing time of the entire system.
実施形態1に係るシステムの構成を説明する模式図である。It is a schematic diagram explaining the structure of the system which concerns on Embodiment 1. FIG. 実施形態1に係るシステムの動作例を説明する模式図である。It is a schematic diagram explaining the operation example of the system which concerns on Embodiment 1. FIG. 比較例1に係るシステムの動作例を説明する模式図である。It is a schematic diagram explaining the operation example of the system which concerns on the comparative example 1. FIG. 実施形態2に係るシステムの構成を説明する模式図である。It is a schematic diagram explaining the structure of the system which concerns on Embodiment 2. FIG. 実施形態2に係るシステムの動作例を説明する模式図である。It is a schematic diagram explaining the operation example of the system which concerns on Embodiment 2. FIG. 比較例2に係るシステムの動作例を説明する模式図である。It is a schematic diagram explaining the operation example of the system which concerns on the comparative example 2. FIG. リストの記憶例を説明する模式図である。It is a schematic diagram explaining the storage example of a list.
[実施形態1に係るシステム1の構成]
 図1Aは、実施形態1に係るシステムの構成を説明する模式図である。図1Aに示すように、実施形態1に係るシステム1は、非接触ICカード40からPANを含む複数の情報を読み取り、読み取った複数の情報の少なくとも1つを用いて非接触ICカード40を認証する読み取り機10と、読み取り機10から受信した認証の結果とサーバ30から受信した確認結果とを用いて、所定の動作を実行する制御装置20と、読み取り機10から制御装置20を介してPANを受信し、受信したPANがリストに記憶されているかどうかの確認結果を制御装置20に送信するサーバ30と、を備えたシステムであって、読み取り機10は、複数の情報を読み取った後、認証の終了前に、非接触ICカード40から読み取ったPANを制御装置20を介してサーバ30に送信するシステムである。以下、詳細に説明する。 [Configuration of system 1 according to embodiment 1]
FIG. 1A is a schematic diagram illustrating the configuration of the system according to the first embodiment. As shown in FIG. 1A, the system 1 according to the first embodiment reads a plurality of information including a PAN from the non-contact IC card 40, and authenticates the non-contact IC card 40 using at least one of the read plurality of information. A control device 20 that executes a predetermined operation using the reader 10 and the authentication result received from the reader 10 and the confirmation result received from the server 30 and a PAN from the reader 10 via the control device 20. Is a system including a server 30 that receives a message and transmits a confirmation result of whether or not the received PAN is stored in the list to the control device 20, and the reader 10 reads a plurality of information and then transmits the server 30. This is a system that transmits the PAN read from the non-contact IC card 40 to the server 30 via the control device 20 before the end of authentication. Hereinafter, it will be described in detail.
(システム1)
 システム1は、広く入退場を行う場合に利用することができ、例えば、非接触ICカード40を用いて駅の改札機を通過する場合やバスを乗り降りする場合や、オフィスや施設の入退場などの場合に好ましく利用することができる。 (System 1)
The system 1 can be widely used for entering and exiting, for example, when passing through a ticket gate of a station using a non-contact IC card 40, getting on and off a bus, entering and exiting an office or facility, etc. It can be preferably used in the case of.
(読み取り機10)
 読み取り機10は、非接触ICカード40との間で非接触通信を行い、非接触ICカード40に記憶されている情報を読み取る機器である。非接触ICカード40にはクレジットカード、プリペイドカード、デビットカードが含まれる。読み取り機10は、例えば、駅の改札機、バスの乗降口に設置されているカードリーダ、オフィスや施設のゲートなどである。 (Reader 10)
The reader 10 is a device that performs non-contact communication with the non-contact IC card 40 and reads the information stored in the non-contact IC card 40. The non-contact IC card 40 includes a credit card, a prepaid card, and a debit card. The reader 10 is, for example, a ticket gate of a station, a card reader installed at a bus entrance / exit, a gate of an office or a facility, or the like.
(制御装置20)
 制御装置20は、ゲートの開閉やディスプレイの制御を行う装置である。制御装置20は、例えば、駅の改札機、バスの乗降口に設置されているカードリーダ、オフィスや施設のゲートなどである。制御装置20は読み取り機10と一体のものであってもよいし、読み取り機10とは分離したものであってもよい。制御装置20と読み取り機10が分離している場合には、両装置を有線接続(例:USB)や無線接続によって接続することができる。制御装置20にはゲートやディスププレイなどを接続することができる。 (Control device 20)
The control device 20 is a device that opens and closes a gate and controls a display. The control device 20 is, for example, a ticket gate of a station, a card reader installed at a bus entrance / exit, a gate of an office or a facility, or the like. The control device 20 may be integrated with the reader 10 or may be separated from the reader 10. When the control device 20 and the reader 10 are separated, both devices can be connected by a wired connection (eg, USB) or a wireless connection. A gate, a display, or the like can be connected to the control device 20.
(サーバ30)
 サーバ30は、後述のリストを管理する装置である。サーバ30には例えばネットワーク50上にあるクラウドサーバなどを用いることができる。サーバ30はリストを記憶する記憶部34を備えていてもよい。記憶部34はハードディスクやフラッシュメモリなどにより実現することができる。 (Server 30)
The server 30 is a device that manages a list described later. For the server 30, for example, a cloud server on the network 50 can be used. The server 30 may include a storage unit 34 for storing a list. The storage unit 34 can be realized by a hard disk, a flash memory, or the like.
(リスト)
 図3はリストの記憶例を説明する模式図である。図3に示すように、リストは、PAN(Primary Account Number:プライマリーアカウントナンバー)が記憶された記憶領域である。リストに記憶されているPANに対しては、制御装置20による所定の動作が拒否される。PANは、例えば、14桁から16桁の数字からなる番号であり、非接触ICカード40ごとに異なる番号が割り振られている。PANは、非接触ICカード40を用いた決済時などに用いられる。なお、PANは、セキュリティを向上させるため、ハッシュ化されていることが好ましく、ハッシュ化された状態で送受信や記憶などされることが好ましい。本明細書におけるPANには、ハッシュ化されていないPAN(PANそのもの)のほか、ハッシュ化されたPANや暗号化されたPANなどの、PANと実質的に一義的に対応する番号が含まれるものとする。 (list)
FIG. 3 is a schematic diagram illustrating a storage example of the list. As shown in FIG. 3, the list is a storage area in which a PAN (Primary Account Number) is stored. For the PAN stored in the list, the predetermined operation by the control device 20 is rejected. The PAN is, for example, a number consisting of 14 to 16 digits, and a different number is assigned to each non-contact IC card 40. The PAN is used at the time of payment using the non-contact IC card 40 or the like. In order to improve security, the PAN is preferably hashed, and is preferably transmitted / received or stored in the hashed state. The PAN in the present specification includes an unhashed PAN (PAN itself), as well as a number that substantially uniquely corresponds to the PAN, such as a hashed PAN or an encrypted PAN. And.
(その他)
 制御装置20とサーバ30は、例えばインターネットや専用線などのネットワーク50を介して接続されている。読み取り機10、制御装置20、及びサーバ30は、それぞれ演算部12、22、32を備えており、これらの機器は、演算部12、22、32で演算を実行することにより動作する。演算部12、22、32は例えばCPUやRAMなどにより実現することができる。 (others)
The control device 20 and the server 30 are connected to each other via a network 50 such as the Internet or a dedicated line. The reader 10, the control device 20, and the server 30 include calculation units 12, 22, and 32, respectively, and these devices operate by executing calculations in the calculation units 12, 22, and 32, respectively. The arithmetic units 12, 22 and 32 can be realized by, for example, a CPU or RAM.
[実施形態1に係るシステム1の動作例]
 図1Bは、実施形態1に係るシステム1の動作を説明する模式図である。以下、図1Bを参照しつつ、実施形態1に係るシステム1の動作を説明する。 [Operation example of system 1 according to embodiment 1]
FIG. 1B is a schematic diagram illustrating the operation of the system 1 according to the first embodiment. Hereinafter, the operation of the system 1 according to the first embodiment will be described with reference to FIG. 1B.
(Step11)
 まず、読み取り機10が、非接触ICカード40からPANを含む複数の情報を読み取る。 (Step 11)
First, the reader 10 reads a plurality of information including the PAN from the non-contact IC card 40.
(Step12)
 読み取り機10は、Step11で複数の情報を読み取った後、認証(Step14)の終了前に、非接触ICカード40から読み取ったPANを制御装置20に送信する。制御装置20は、読み取り機10から、認証(Step14)の結果を受信する前に、PANを受信する。 (Step 12)
After reading a plurality of pieces of information with Step 11, the reader 10 transmits the PAN read from the non-contact IC card 40 to the control device 20 before the end of authentication (Step 14). The control device 20 receives the PAN from the reader 10 before receiving the result of the authentication (Step 14).
(Step13)
 次に、サーバ30が、読み取り機10から制御装置20を介してPANを受信する。 (Step 13)
Next, the server 30 receives the PAN from the reader 10 via the control device 20.
(Step14)
 次に、読み取り機10が、Step11で読み取った複数の情報の少なくとも1つを用いて非接触ICカード40を認証する。認証は、カードの真正を確認する処理(つまり、カードがカードの運営者等が発行したもの(本物)であるかどうかを確認する処理)である。認証は、例えば、SDA(Static Data Authentication)、DDA(Dynamic Data Authentication、またはCDA(Combined Data Authentication)などの方式に基づいて行うことができる。SDAにより認証を行う場合は、例えば、非接触ICカード40からデジタル署名を読み取り、この読み取ったデジタル署名が読み取り機10に記憶されるカードに対応する公開鍵を用いて署名を検証することにより行うことができる。この場合は、例えば、真正(本物)の非接触ICカード40に、読み取り機10が記憶する公開鍵に対応する秘密鍵で算出されたデジタル署名が記憶されているものとする。 (Step 14)
Next, the reader 10 authenticates the non-contact IC card 40 using at least one of the plurality of information read by Step 11. Authentication is a process of confirming the authenticity of a card (that is, a process of confirming whether or not the card is issued by the card operator or the like (genuine)). Authentication can be performed based on a method such as SDA (Static Data Authentication), DDA (Dynamic Data Association), or CDA (Combined Data Authentication). When authentication is performed by SDA, for example, a non-contact IC card. This can be done by reading the digital signature from 40 and verifying the signature using the public key corresponding to the card stored in the reader 10 for the read digital signature. In this case, for example, authenticity (genuine). It is assumed that the non-contact IC card 40 of the above stores a digital signature calculated by a private key corresponding to the public key stored in the reader 10.
(Step15)
 次に、サーバ30が、読み取り機10から制御装置20を介して受信したPANがリストに記憶されているかどうかの確認を行う。 (Step15)
Next, the server 30 confirms whether or not the PAN received from the reader 10 via the control device 20 is stored in the list.
(Step16)
 次に、読み取り機10が、Step14での認証の結果を制御装置20に送信する。 (Step 16)
Next, the reader 10 transmits the authentication result in Step 14 to the control device 20.
(Step17)
 次に、サーバ30が、Step15での確認結果を制御装置20に送信する。 (Step17)
Next, the server 30 transmits the confirmation result in Step 15 to the control device 20.
(Step18)
 次に、制御装置20が、読み取り機10から受信した認証の結果とサーバ30から受信した確認結果とを用いて、所定の動作を実行する。所定の動作には、ゲートの開閉やディスプレイに所定の文字、画像、及び/又は動画などを表示することなどが含まれる。 (Step 18)
Next, the control device 20 executes a predetermined operation using the authentication result received from the reader 10 and the confirmation result received from the server 30. Predetermined operations include opening and closing gates and displaying predetermined characters, images, and / or moving images on a display.
[比較例1に係るシステムの動作]
 図1Cは、比較例1に係るシステムの動作を説明する模式図である。以下、図1Cを参照しつつ、比較例1に係るシステムの動作を説明する。 [System operation according to Comparative Example 1]
FIG. 1C is a schematic diagram illustrating the operation of the system according to Comparative Example 1. Hereinafter, the operation of the system according to Comparative Example 1 will be described with reference to FIG. 1C.
(Step31)
 まず、読み取り機10が、非接触ICカード40からPANを含む複数の情報を読み取る。 (Step31)
First, the reader 10 reads a plurality of information including the PAN from the non-contact IC card 40.
(Step32)
 次に、読み取り機10が、Step31で読み取った複数の情報の少なくとも1つを用いて非接触ICカード40を認証する。 (Step 32)
Next, the reader 10 authenticates the non-contact IC card 40 using at least one of the plurality of information read by Step 31.
(Step33)
 次に、読み取り機10が、非接触ICカード40から読み取ったPANを制御装置20を介してサーバ30に送信する。 (Step33)
Next, the reader 10 transmits the PAN read from the non-contact IC card 40 to the server 30 via the control device 20.
(Step34)
 次に、サーバ30が、読み取り機10から制御装置20を介してPANを受信する。 (Step34)
Next, the server 30 receives the PAN from the reader 10 via the control device 20.
(Step35)
 次に、サーバ30が、読み取り機10から制御装置20を介して受信したPANがリストに記憶されているかどうかの確認を行う。 (Step35)
Next, the server 30 confirms whether or not the PAN received from the reader 10 via the control device 20 is stored in the list.
(Step36)
 次に、読み取り機10が、Step32での認証の結果を制御装置20に送信する。 (Step 36)
Next, the reader 10 transmits the authentication result in Step 32 to the control device 20.
(Step37)
 次に、サーバ30が、Step35での確認結果を制御装置20に送信する。 (Step37)
Next, the server 30 transmits the confirmation result in Step 35 to the control device 20.
(Step38)
 次に、制御装置20が、読み取り機10から受信した認証の結果とサーバ30から受信した確認結果とを用いて、所定の動作を実行する。 (Step 38)
Next, the control device 20 executes a predetermined operation using the authentication result received from the reader 10 and the confirmation result received from the server 30.
 制御装置20による所定の動作(Step18、Step38)は、読み取り機10による認証の結果とサーバ30によるリストの確認の結果(PANがリストに記憶されていないという確認の結果)が揃わないと実行することができない。実施形態1と比較例1とを比較すると、比較例1では、読み取り機が、認証(Step32)の終了後に非接触ICカードから読み取ったPANを制御装置を介してサーバに送信するため、Step34(制御装置20からサーバ30へのPANの送信)、Step35(サーバ30によるリストの確認)、Step37(サーバ30から制御装置20へのリスト確認結果の送信)に規定する動作の開始が実施形態1よりも遅くなる。他方、実施形態1では、読み取り機10が、Step11で複数の情報を読み取った後、認証(Step14)の終了前に、非接触ICカード40から読み取ったPANを制御装置20を介してサーバ30に送信するため、Step13(制御装置20からサーバ30へのPANへのPANの送信)、Step15(サーバ30によるリストの確認)、Step17(サーバ30から制御装置20へのリスト確認結果の送信)に規定する動作を比較例1よりも早く開始することができる。したがって、実施形態1によれば、比較例1よりも、サーバ30から制御装置20に対してリストの確認結果(Step18、Step38)を早く届けることが可能となる。このため、実施形態1によれば、読み取り機10による読み取り(Step11)の開始から所定の動作(Step18)の開始までに要する時間を短縮することができる。例えば、実施形態1における、読み取り機10による読み取り(Step11)の開始から所定の動作(Step18)の開始までに要する時間をT1とし、比較例1における、読み取り機による読み取り(Step31)の開始から所定の動作(Step38)の開始までに要する時間をT3とすると、T1<T3の関係を実現することができる。 The predetermined operation by the control device 20 (Step 18 and Step 38) is executed when the result of the authentication by the reader 10 and the result of the confirmation of the list by the server 30 (the result of the confirmation that the PAN is not stored in the list) are not aligned. I can't. Comparing the first embodiment with the first comparative example, in the first comparative example, the reader transmits the PAN read from the non-contact IC card to the server via the control device after the authentication (Step 32) is completed, so that Step 34 (Step 34) The start of the operations specified in Step 35 (confirmation of the list by the server 30) and Step 37 (transmission of the list confirmation result from the server 30 to the control device 20) from the control device 20 to the server 30 is from the first embodiment. Will also be late. On the other hand, in the first embodiment, after the reader 10 reads a plurality of information in Step 11, and before the end of authentication (Step 14), the PAN read from the non-contact IC card 40 is sent to the server 30 via the control device 20. For transmission, it is specified in Step 13 (transmission of PAN from the control device 20 to the server 30), Step 15 (confirmation of the list by the server 30), and Step 17 (transmission of the list confirmation result from the server 30 to the control device 20). The operation to be performed can be started earlier than in Comparative Example 1. Therefore, according to the first embodiment, it is possible to deliver the confirmation result (Step 18, Step 38) of the list from the server 30 to the control device 20 earlier than in the comparative example 1. Therefore, according to the first embodiment, the time required from the start of reading (Step 11) by the reader 10 to the start of a predetermined operation (Step 18) can be shortened. For example, the time required from the start of reading by the reader 10 (Step 11) to the start of the predetermined operation (Step 18) in the first embodiment is T1, and the time required from the start of the reading by the reader (Step 31) in Comparative Example 1 is predetermined. Assuming that the time required for the start of the operation (Step 38) is T3, the relationship of T1 <T3 can be realized.
 実施形態1では、読み取り機10が、Step11で複数の情報を読み取った後、認証(Step14)の終了前に、非接触ICカード40から読み取ったPANを制御装置20を介してサーバ30に送信するものとしたが、認証の終了前には、複数の情報の読み取り後であって認証の開始前のほか、PANの読み取りの後、他の情報を読み取る前(つまり、複数の情報の読み取りを完了する前であって、PANの読み取り後直ちに)が含まれる。PANの読み取りの後、他の処理を開始する前あるいはStep11で他の情報を読み取る前(つまり、PANの読み取り後直ちに)にPANを送信するものとすれば、Step13、Step15、Step17に規定する動作をより早く開始して、サーバ30から制御装置20に対して確認結果(Step18、Step38)をより早く届けることが可能となる。 In the first embodiment, after the reader 10 reads a plurality of information in the Step 11, the PAN read from the non-contact IC card 40 is transmitted to the server 30 via the control device 20 before the end of the authentication (Step 14). However, before the end of authentication, after reading multiple pieces of information, before the start of authentication, after reading the PAN, and before reading other information (that is, reading of multiple pieces of information is completed). (Immediately after reading the PAN) is included. If the PAN is transmitted after reading the PAN, before starting other processing, or before reading other information in Step 11 (that is, immediately after reading the PAN), the operation specified in Step 13, Step 15, and Step 17. Can be started earlier, and the confirmation result (Step 18 and Step 38) can be delivered from the server 30 to the control device 20 earlier.
 実施形態1においては、読み取り機10が、Step11で複数の情報を読み取った後、認証(Step14)の終了前に、非接触ICカード40から読み取ったPANを制御装置20を介してサーバ30に送信すればよく、上記したStep13からStep17の間においてこれらステップが実行される順序は問わない。 In the first embodiment, after the reader 10 reads a plurality of information in the Step 11, the PAN read from the non-contact IC card 40 is transmitted to the server 30 via the control device 20 before the end of the authentication (Step 14). The order in which these steps are executed does not matter between Step 13 and Step 17 described above.
[実施形態2に係るシステム2の構成]
 図2Aは、実施形態2に係るシステムの構成を説明する模式図である。図2Aに示すように、実施形態2に係るシステム2は、非接触ICカード40からPANを含む複数の情報を読み取り、読み取った複数の情報の少なくとも1つを用いて非接触ICカード40を認証する読み取り機10と、読み取り機10からPANと認証の結果とを受信し、受信したPANがリストに記憶されているかどうかの確認結果と、受信した認証の結果とを用いて、所定の動作を実行する制御装置20と、を備えたシステムであって、読み取り機10は、複数の情報を読み取った後、認証の終了前に、非接触ICカード40から読み取ったPANを前記制御装置20に送信するシステムである。以下、詳細に説明する。 [Configuration of system 2 according to embodiment 2]
FIG. 2A is a schematic diagram illustrating the configuration of the system according to the second embodiment. As shown in FIG. 2A, the system 2 according to the second embodiment reads a plurality of information including a PAN from the non-contact IC card 40, and authenticates the non-contact IC card 40 using at least one of the read plurality of information. The reader 10 receives the PAN and the authentication result from the reader 10, confirms whether the received PAN is stored in the list, and uses the received authentication result to perform a predetermined operation. In a system including a control device 20 to execute, the reader 10 transmits a PAN read from the non-contact IC card 40 to the control device 20 after reading a plurality of information and before the end of authentication. It is a system to do. Hereinafter, it will be described in detail.
(システム2、制御装置20、読み取り機10)
 システム2、制御装置20、読み取り機10は、実施形態1のシステム1、制御装置20、読み取り機10と同様の構成であるので説明を省略する。ただし、実施形態2では、実施形態1と異なり、制御装置20がリストを管理しており、制御装置20がリストを記憶する記憶部24を備えている。 (System 2, control device 20, reader 10)
Since the system 2, the control device 20, and the reader 10 have the same configuration as the system 1, the control device 20, and the reader 10 of the first embodiment, the description thereof will be omitted. However, in the second embodiment, unlike the first embodiment, the control device 20 manages the list, and the control device 20 includes a storage unit 24 for storing the list.
(リスト)
 リストの構成は、実施形態1と同様であるので、説明を省略する。 (list)
Since the structure of the list is the same as that of the first embodiment, the description thereof will be omitted.
[実施形態2に係るシステム2の動作例]
 図2Bは、実施形態2に係るシステムの動作を説明する模式図である。以下、図2Bを参照しつつ、実施形態2に係るシステム2の動作を説明する。 [Operation example of system 2 according to embodiment 2]
FIG. 2B is a schematic diagram illustrating the operation of the system according to the second embodiment. Hereinafter, the operation of the system 2 according to the second embodiment will be described with reference to FIG. 2B.
(Step21)
 まず、読み取り機10が、非接触ICカード40からPANを含む複数の情報を読み取る。 (Step21)
First, the reader 10 reads a plurality of information including the PAN from the non-contact IC card 40.
(Step22)
 読み取り機10は、Step21で複数の情報を読み取った後、認証(Step23)の終了前に、非接触ICカード40から読み取ったPANを制御装置20に送信する。制御装置20は、読み取り機10から、認証(Step23)の結果を受信する前に、PANを受信する。 (Step22)
After reading a plurality of information with Step 21, the reader 10 transmits the PAN read from the non-contact IC card 40 to the control device 20 before the end of authentication (Step 23). The control device 20 receives the PAN from the reader 10 before receiving the result of the authentication (Step 23).
(Step23)
 次に、読み取り機10が、Step21で読み取った複数の情報の少なくとも1つを用いて非接触ICカード40を認証する。認証の態様は、実施形態1と同様であるので説明を省略する。 (Step23)
Next, the reader 10 authenticates the non-contact IC card 40 using at least one of the plurality of information read by Step 21. Since the mode of authentication is the same as that of the first embodiment, the description thereof will be omitted.
(Step24)
 次に、制御装置20が、読み取り機10から受信したPANがリストに記憶されているかどうかの確認を行う。 (Step24)
Next, the control device 20 confirms whether or not the PAN received from the reader 10 is stored in the list.
(Step25)
 次に、読み取り機10が、Step23での認証の結果を制御装置20に送信する。 (Step 25)
Next, the reader 10 transmits the authentication result in Step 23 to the control device 20.
(Step26)
 次に、制御装置20が、読み取り機10から受信した認証の結果とStep24での確認結果とを用いて、所定の動作を実行する。所定の動作の態様は、実施形態1と同様であるので、説明を省略する。 (Step26)
Next, the control device 20 executes a predetermined operation using the authentication result received from the reader 10 and the confirmation result in Step 24. Since the mode of the predetermined operation is the same as that of the first embodiment, the description thereof will be omitted.
[比較例2に係るシステムの動作]
 図2Cは、比較例2に係るシステムの動作を説明する模式図である。以下、図2Cを参照しつつ、比較例2に係るシステムの動作を説明する。 [System operation according to Comparative Example 2]
FIG. 2C is a schematic diagram illustrating the operation of the system according to Comparative Example 2. Hereinafter, the operation of the system according to Comparative Example 2 will be described with reference to FIG. 2C.
(Step41)
 まず、読み取り機10が、非接触ICカード40からPANを含む複数の情報を読み取る。 (Step41)
First, the reader 10 reads a plurality of information including the PAN from the non-contact IC card 40.
(Step42)
 次に、読み取り機10が、Step41で読み取った複数の情報の少なくとも1つを用いて非接触ICカード40を認証する。 (Step 42)
Next, the reader 10 authenticates the non-contact IC card 40 using at least one of the plurality of information read by Step 41.
(Step43)
 次に、読み取り機10が、非接触ICカード40から読み取ったPANを制御装置20に送信する。 (Step43)
Next, the reader 10 transmits the PAN read from the non-contact IC card 40 to the control device 20.
(Step44)
 次に、制御装置20が、読み取り機10から受信したPANがリストに記憶されているかどうかの確認を行う。 (Step44)
Next, the control device 20 confirms whether or not the PAN received from the reader 10 is stored in the list.
(Step45)
 次に、読み取り機10が、Step42での認証の結果を制御装置20に送信する。 (Step 45)
Next, the reader 10 transmits the authentication result in Step 42 to the control device 20.
(Step46)
 次に、制御装置20が、読み取り機10から受信した認証の結果とStep44での確認結果とを用いて、所定の動作を実行する。 (Step46)
Next, the control device 20 executes a predetermined operation using the authentication result received from the reader 10 and the confirmation result in Step 44.
 実施形態2と比較例2とを比較すると、比較例2では、読み取り機10が、認証(Step42)の終了後に非接触ICカード40から読み取ったPANを制御装置20に送信するため、Step44(制御装置20によるリストの確認)に規定する動作の開始が実施形態2よりも遅くなる。他方、実施形態2では、読み取り機10が、Step21で複数の情報を読み取った後、認証(Step23)の終了前に、非接触ICカード40から読み取ったPANを制御装置20に送信するため、Step24(リストの確認)に規定する動作を比較例2よりも早く開始することができる。したがって、実施形態2によれば、比較例2よりも、読み取り機10による読み取り(Step21)の開始から所定の動作(Step27)の開始までに要する時間を短縮することができる。例えば、実施形態2における、読み取り機10による読み取り(Step21)の開始から所定の動作(Step27)の開始までに要する時間をT2とし、比較例2における、読み取り機10による読み取り(Step41)の開始から所定の動作(Step47)の開始までに要する時間をT4とすると、T2<T4の関係を実現することができる。 Comparing the second embodiment with the second comparative example, in the second comparative example, the reader 10 transmits the PAN read from the non-contact IC card 40 to the control device 20 after the authentication (Step 42) is completed, so that Step 44 (control) is used. The start of the operation specified in (confirmation of the list by the device 20) is later than that in the second embodiment. On the other hand, in the second embodiment, the reader 10 reads the plurality of information in the Step 21 and then sends the PAN read from the non-contact IC card 40 to the control device 20 before the end of the authentication (Step 23). The operation specified in (Checking the list) can be started earlier than in Comparative Example 2. Therefore, according to the second embodiment, it is possible to shorten the time required from the start of reading (Step 21) by the reader 10 to the start of the predetermined operation (Step 27) as compared with Comparative Example 2. For example, the time required from the start of reading by the reader 10 (Step 21) to the start of the predetermined operation (Step 27) in the second embodiment is T2, and from the start of the reading by the reader 10 (Step 41) in Comparative Example 2. Assuming that the time required to start the predetermined operation (Step 47) is T4, the relationship of T2 <T4 can be realized.
 実施形態2では、読み取り機10が、Step21で複数の情報を読み取った後、認証(Step23)の終了前に、非接触ICカード40から読み取ったPANを制御装置20に送信するものとしたが、認証の終了前には、複数の情報の読み取り後であって認証の開始前のほか、PANの読み取りの後、他の情報を読み取る前(つまり、複数の情報の読み取りを完了する前であって、PANの読み取り後直ちに)が含まれる。PANの読み取り(Step21)の後、他の処理を開始する前、あるいはStep21で他の情報を読み取る前(つまり、PANの読み取り後直ちに)にPANを送信するものとすれば、Step24(リストの確認)に規定する動作をより早く開始して、制御装置20による所定の動作(Step27)をより早く開始することができる。 In the second embodiment, the reader 10 reads the plurality of information in the Step 21 and then transmits the PAN read from the non-contact IC card 40 to the control device 20 before the end of the authentication (Step 23). Before the end of authentication, after reading multiple pieces of information, before the start of authentication, after reading the PAN, before reading other information (that is, before completing the reading of multiple pieces of information). , Immediately after reading the PAN). If the PAN is to be transmitted after reading the PAN (Step 21), before starting other processing, or before reading other information in Step 21 (that is, immediately after reading the PAN), Step 24 (checking the list). ), The predetermined operation (Step 27) by the control device 20 can be started earlier.
 実施形態2においては、読み取り機10が、Step21で複数の情報を読み取った後、認証(Step23)の終了前に、非接触ICカード40から読み取ったPANを制御装置20に送信すればよく、上記したStep23、Step24、Step25が実行される順序は問わない。 In the second embodiment, the reader 10 may read the plurality of information in the Step 21 and then transmit the PAN read from the non-contact IC card 40 to the control device 20 before the end of the authentication (Step 23). The order in which Step23, Step24, and Step25 are executed does not matter.
 交通用途(バスや鉄道など)での非接触ICカードの利用では大量の乗降客による渋滞を避けるため、処理速度が重要になる。一方で、非接触ICカードはカードによっては処理速度が遅いものがあり、システム全体としていかに高速に乗降判定を実施するかが課題となる。交通用途で非接触ICカードを使用する場合、カードが本物であるかどうかの認証(読み取り機での認証)を行うがそれと同時にそのカードがシステム運営側が持つリスト(例:Deny List:拒否リスト)に記憶されていないかどうかも確認する必要がある。上記の認証は処理時間が長いため、それが終わった後にリストの確認を行うとさらに処理時間が遅くなる。しかし、以上説明した実施形態1、2によれば、カードが本物であるかどうかの認証(読み取り機10での認証)の完了を待つことなくリストのチェックが行えるため、システム全体の処理時間を短縮することができる。つまり、カードが本物であるかどうかの認証(読み取り機10での認証)が始まる前にカードからカード番号(PAN)が読みとれた時点で、先にリストのチェックを行うと同時に、上記の認証(読み取り機10での認証)も行うことが可能となる。つまりリストのチェックとカードが本物かどうかの認証を並行して行うことが可能となる。制御装置20は、上記の認証(読み取り機10での認証)が成功し、且つリストにも該当しなかった場合に乗降/入退場をOKと判定し、ゲートを開閉したりディスプレイに通過OKの文字を表示したりなどの所定の動作を実行する。 When using a non-contact IC card for transportation purposes (buses, railroads, etc.), processing speed is important in order to avoid congestion due to a large number of passengers. On the other hand, some non-contact IC cards have a slow processing speed, and the issue is how to perform boarding / alighting determination at high speed as a whole system. When using a non-contact IC card for transportation purposes, it authenticates whether the card is genuine (authentication with a reader), but at the same time, the list that the system operator has (example: Deny List: rejection list). You also need to check if it is not remembered in. Since the above authentication takes a long time to process, if you check the list after it is finished, the processing time will be even slower. However, according to the first and second embodiments described above, the list can be checked without waiting for the completion of the authentication of whether the card is genuine (authentication by the reader 10), so that the processing time of the entire system can be reduced. Can be shortened. In other words, when the card number (PAN) is read from the card before the authentication of whether the card is genuine (authentication by the reader 10) starts, the list is checked first and the above authentication (authentication by the reader 10) is performed. (Authentication with the reader 10) can also be performed. In other words, it is possible to check the list and authenticate whether the card is genuine in parallel. When the above authentication (authentication by the reader 10) is successful and the control device 20 does not correspond to the list, the control device 20 determines that boarding / alighting / entry / exit is OK, and opens / closes the gate or passes through the display. Performs certain actions such as displaying characters.
 以上、実施形態について説明したが、これらの説明は、本発明の一例に関するものであり、本発明は、これらの説明によって何ら限定されるものではない。 Although the embodiments have been described above, these explanations relate to an example of the present invention, and the present invention is not limited to these explanations.
1、2  システム
10  読み取り機
12  演算部
20  制御装置
22  演算部
24  記憶部
30  サーバ
32  演算部
34  記憶部
40  非接触ICカード
50  ネットワーク
  1, 2 System 10 Reader 12 Calculation unit 20 Control device 22 Calculation unit 24 Storage unit 30 Server 32 Calculation unit 34 Storage unit 40 Non-contact IC card 50 Network

Claims (6)

  1.  非接触ICカードからPANを含む複数の情報を読み取り、前記読み取った複数の情報の少なくとも1つを用いて前記非接触ICカードを認証する読み取り機と、
     前記読み取り機から受信した認証の結果とサーバから受信した確認結果とを用いて、所定の動作を実行する制御装置と、
     前記読み取り機から前記制御装置を介してPANを受信し、前記受信したPANがリストに記憶されているかどうかの前記確認結果を前記制御装置に送信する前記サーバと、を備えたシステムであって、
     前記読み取り機は、前記認証の終了前に、前記非接触ICカードから読み取ったPANを前記制御装置を介して前記サーバに送信するシステム。     A reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information.
    A control device that executes a predetermined operation using the authentication result received from the reader and the confirmation result received from the server, and
    A system including a server that receives a PAN from the reader via the control device and transmits the confirmation result of whether or not the received PAN is stored in the list to the control device.
    The reader is a system that transmits a PAN read from the non-contact IC card to the server via the control device before the end of the authentication.
  2.  非接触ICカードからPANを含む複数の情報を読み取り、前記読み取った複数の情報の少なくとも1つを用いて前記非接触ICカードを認証する読み取り機と、前記読み取り機から受信した認証の結果とサーバから受信した確認結果とを用いて、所定の動作を実行する制御装置と、前記読み取り機から前記制御装置を介してPANを受信し、前記受信したPANがリストに記憶されているかどうかの前記確認結果を前記制御装置に送信する前記サーバと、を備えたシステムにおける前記読み取り機であって、
     前記認証の終了前に、前記非接触ICカードから読み取ったPANを前記制御装置を介して前記サーバに送信する読み取り機。     A reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information, and an authentication result and a server received from the reader. Using the confirmation result received from, the control device that executes a predetermined operation, and the confirmation that the PAN is received from the reader via the control device and the received PAN is stored in the list. The reader in a system comprising the server that sends the result to the control device.
    A reader that transmits a PAN read from the non-contact IC card to the server via the control device before the end of the authentication.
  3.  非接触ICカードからPANを含む複数の情報を読み取り、前記読み取った複数の情報の少なくとも1つを用いて前記非接触ICカードを認証する読み取り機と、前記読み取り機から受信した認証の結果とサーバから受信した確認結果とを用いて、所定の動作を実行する制御装置と、前記読み取り機から前記制御装置を介してPANを受信し、前記受信したPANがリストに記憶されているかどうかの前記確認結果を前記制御装置に送信する前記サーバと、を備えたシステムにおける前記制御装置であって、
     前記読み取り機から前記認証の結果を受信する前に、前記読み取り機から前記PANを受信する制御装置。     A reader that reads a plurality of information including a PAN from the non-contact IC card and authenticates the non-contact IC card using at least one of the read information, and an authentication result and a server received from the reader. Using the confirmation result received from, the control device that executes a predetermined operation, and the confirmation that the PAN is received from the reader via the control device and the received PAN is stored in the list. The control device in a system comprising the server that sends the result to the control device.
    A control device that receives the PAN from the reader before receiving the authentication result from the reader.
  4.  非接触ICカードからPANを含む複数の情報を読み取り、前記読み取った複数の情報の少なくとも1つを用いて前記非接触ICカードを認証する読み取り機と、
     前記読み取り機からPANと認証の結果とを受信し、前記受信したPANがリストに記憶されているかどうかの確認結果と、前記受信した認証の結果とを用いて、所定の動作を実行する制御装置と、を備えたシステムであって、
     前記読み取り機は、前記認証の終了前に、前記非接触ICカードから読み取ったPANを前記制御装置に送信するシステム。     A reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information.
    A control device that receives a PAN and an authentication result from the reader and executes a predetermined operation using the confirmation result of whether or not the received PAN is stored in the list and the received authentication result. It is a system equipped with
    The reader is a system that transmits a PAN read from the non-contact IC card to the control device before the end of the authentication.
  5.  非接触ICカードからPANを含む複数の情報を読み取り、前記読み取った複数の情報の少なくとも1つを用いて前記非接触ICカードを認証する読み取り機と、前記読み取り機からPANと認証の結果とを受信し、前記受信したPANがリストに記憶されているかどうかの確認結果と、前記受信した認証の結果とを用いて、所定の動作を実行する制御装置と、を備えたシステムにおける前記読み取り機であって、
     前記認証の終了前に、前記非接触ICカードから読み取ったPANを前記制御装置に送信する読み取り機。     A reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information, and a PAN and an authentication result from the reader. With the reader in a system comprising a control device that receives and performs a predetermined operation using the confirmation result of whether or not the received PAN is stored in the list and the result of the received authentication. There,
    A reader that transmits a PAN read from the non-contact IC card to the control device before the end of the authentication.
  6.  非接触ICカードからPANを含む複数の情報を読み取り、前記読み取った複数の情報の少なくとも1つを用いて前記非接触ICカードを認証する読み取り機と、前記読み取り機からPANと認証の結果とを受信し、前記受信したPANがリストに記憶されているかどうかの確認結果と、前記受信した認証の結果とを用いて、所定の動作を実行する制御装置と、を備えたシステムにおける前記制御装置であって、
     前記読み取り機から前記認証の結果を受信する前に、前記読み取り機から前記PANを受信する制御装置。
          A reader that reads a plurality of information including a PAN from a non-contact IC card and authenticates the non-contact IC card using at least one of the read information, and a PAN and an authentication result from the reader. In the control device in a system including a control device that receives and performs a predetermined operation using the confirmation result of whether or not the received PAN is stored in the list and the result of the received authentication. There,
    A control device that receives the PAN from the reader before receiving the authentication result from the reader.
PCT/JP2020/028420 2020-07-22 2020-07-22 System, reader, and control device WO2022018852A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2020562224A JP6846755B1 (en) 2020-07-22 2020-07-22 Systems, readers, and controls
PCT/JP2020/028420 WO2022018852A1 (en) 2020-07-22 2020-07-22 System, reader, and control device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2020/028420 WO2022018852A1 (en) 2020-07-22 2020-07-22 System, reader, and control device

Publications (1)

Publication Number Publication Date
WO2022018852A1 true WO2022018852A1 (en) 2022-01-27

Family

ID=74879208

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2020/028420 WO2022018852A1 (en) 2020-07-22 2020-07-22 System, reader, and control device

Country Status (2)

Country Link
JP (1) JP6846755B1 (en)
WO (1) WO2022018852A1 (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2010520534A (en) * 2007-02-28 2010-06-10 ビザ ユー.エス.エー.インコーポレイテッド Data card authentication with transit verification value

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2010520534A (en) * 2007-02-28 2010-06-10 ビザ ユー.エス.エー.インコーポレイテッド Data card authentication with transit verification value

Also Published As

Publication number Publication date
JP6846755B1 (en) 2021-03-24
JPWO2022018852A1 (en) 2022-01-27

Similar Documents

Publication Publication Date Title
US10552647B2 (en) System for controlling user access to a service
KR102130651B1 (en) Method and apparatus for authenticating user based on blockchain
US7693797B2 (en) Transaction and payment system security remote authentication/validation of transactions from a transaction provider
AU2017290263B2 (en) Method and system for transit processing
WO2014104436A1 (en) Method for mutual authentication for payment device
US20140108256A1 (en) Electronic System for Quickly and Securely Processing Transactions Using Mobile Devices
US20200143356A1 (en) Credit payment method and apparatus based on mobile terminal embedded secure element
US20120143763A1 (en) Using a financial institution based account for ultra-low latency transactions
KR101038327B1 (en) Biometric identification system for hipass-on board unit
US11720889B2 (en) System for performing a validity check of a user device
WO2022018852A1 (en) System, reader, and control device
JP6368261B2 (en) Authentication system and authentication method
US10445307B2 (en) Validator device for a ticketing system
CN115862238A (en) Public transport payment method, payment card and gate device combined with digital RMB
CN105989711A (en) Operating station exit gate inspection method, system and gate inspection-used portable terminal
CN111199585B (en) Ticket checking method, device, system, storage medium and computer equipment
US20200193445A1 (en) Method to control a transaction
US20140236821A1 (en) Method and system for the transmission of authenticated authorization requests
JP2004341943A (en) Ic card processing system
JP4996635B2 (en) Portable terminal used in IC card processing system
JP2001266178A (en) Electronic passenger ticket system using portable terminal
CN109426964A (en) For authorizing the method and system of transaction
JP2021002095A (en) Authentication system
JPH1125301A (en) Automatic charge collecting/receiving system
JP2005182839A (en) Electronic currency transmitting/receiving terminal device

Legal Events

Date Code Title Description
ENP Entry into the national phase

Ref document number: 2020562224

Country of ref document: JP

Kind code of ref document: A

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20946365

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20946365

Country of ref document: EP

Kind code of ref document: A1