[go: up one dir, main page]

HK1111253A - Portable terminal, settlement method, and program - Google Patents

Portable terminal, settlement method, and program Download PDF

Info

Publication number
HK1111253A
HK1111253A HK08105964.3A HK08105964A HK1111253A HK 1111253 A HK1111253 A HK 1111253A HK 08105964 A HK08105964 A HK 08105964A HK 1111253 A HK1111253 A HK 1111253A
Authority
HK
Hong Kong
Prior art keywords
user
authentication
card
identification information
settlement
Prior art date
Application number
HK08105964.3A
Other languages
Chinese (zh)
Inventor
森田直
Original Assignee
索尼株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 索尼株式会社 filed Critical 索尼株式会社
Publication of HK1111253A publication Critical patent/HK1111253A/en

Links

Description

Portable terminal, settlement method, and program
CROSS-REFERENCE TO RELATED APPLICATIONS
The present invention comprises subject matter relating to japanese patent application JP 2006-.
Technical Field
The present invention relates to a portable terminal, a settlement method, and a program, and more particularly, to a portable terminal, a settlement method, and a program for performing settlement processing using electronic money information in a secure manner that prevents the portable terminal from being fraudulently used, and in a convenient manner that allows a single portable terminal to be used by multiple persons.
Background
In recent years, a settlement service using electronic money stored in a contactless IC card is becoming popular. Edy (trademark) is an example of such settlement service. In the settlement service, a user is allowed to simply make payment by bringing a contactless IC card close to a settlement terminal.
In the case where the settlement terminal is of a portable type, there is a possibility that the terminal is lost. Techniques are known to prevent a terminal from being used by an unauthorized person after being lost.
For example, in one of such techniques, when a user opens a terminal to perform settlement using the terminal, the user is prompted to enter a PIN (personal identification number) code or biometric information such as a fingerprint. The input information is verified by comparing it with information previously recorded in the terminal, and settlement is permitted only when the input information is determined to be valid.
In the technique disclosed in japanese unexamined patent application publication No.2003-203215, authentication of a user is performed based on authentication information read from a memory card.
Disclosure of Invention
In the known technology, when a user starts to use a terminal, the user is authenticated by comparing a PIN code or biometric information input by the user with information recorded in the terminal, and if the information recorded in the terminal is stolen or tampered with, it is difficult to prevent an unauthorized user from using the terminal. In many cases, to avoid the above problem, once information is recorded in a terminal, the recorded information cannot be easily changed. However, it is difficult to apply this technique to a case where an end user frequently changes or a single terminal is used by a plurality of users.
In view of the above problems, the present invention provides a portable terminal, a settlement method, and a program for performing settlement processing using electronic money information in a secure manner that prevents fraudulent use of the portable terminal and in a convenient manner that allows multiple persons to use a single portable terminal.
According to an embodiment of the present invention, there is provided a portable terminal including: acquiring means for acquiring authentication information containing identification information from a first non-contact IC card in proximity to the portable terminal; authentication means for authenticating the user based on identification information input by the user by operating one or more keys and identification information contained in the authentication information acquired by the acquisition means; and settlement means for performing settlement processing based on the electronic money information stored in the second contactless IC card close to the portable terminal in a case where the user is determined to be authentic by the authentication means.
The portable terminal may further include: display means for displaying information. In this case, the authentication apparatus may display, on the display apparatus, information prompting the user identified by the information contained in the authentication information to input the identification information by operating one or more keys, and may verify the authenticity of the user based on the identification information input by the user and the identification information contained in the authentication information.
The authentication information may be stored in the first contactless IC card in an encrypted form. In this case, by using the key information stored in advance in the authentication apparatus, the authentication apparatus can decrypt the encrypted authentication information acquired by the acquisition apparatus, thereby acquiring the identification information for verifying the authenticity of the user.
When the settlement means completes the settlement processing, the settlement means may store information included in the authentication information acquired by the acquisition means into the second contactless IC card together with identification information identifying the portable terminal.
According to an embodiment of the present invention, there is provided a settlement method/program including the steps of: obtaining authentication information including identification information from a first non-contact IC card in proximity to the portable terminal; authenticating the user based on identification information input by the user by operating one or more keys and identification information included in the authentication information acquired in the acquiring step; and performing settlement processing according to the electronic money information stored in the second non-contact IC card close to the portable terminal if it is determined in the authentication step that the user is authentic.
According to the embodiments of the present invention, as described above, authentication information containing identification information is acquired from the first non-contact IC card in proximity to the portable terminal, and the user is authenticated based on the identification information input by the user by operating one or more keys and the identification information contained in the acquired authentication information. If it is determined that the user is authentic, settlement processing is performed based on the electronic money information stored in the second non-contact IC card in proximity to the portable terminal.
Accordingly, the present invention provides an advantage in that settlement processing using electronic money information can be performed in a secure manner that prevents fraudulent use of a portable terminal and in a convenient manner that allows a single portable terminal to be used by a plurality of persons.
Drawings
Fig. 1 is a diagram showing an appearance of a portable settlement terminal according to an embodiment of the present invention;
FIG. 2 illustrates an example of data stored in a personal verification card;
fig. 3 shows an example of data stored in the electronic money card;
fig. 4 is a block diagram showing an example of a hardware configuration of the portable settlement terminal;
FIG. 5 is a block diagram showing an example of a functional configuration of a portable settlement terminal;
fig. 6 is a flowchart illustrating a process performed by the portable settlement terminal according to an embodiment of the present invention; and
fig. 7 is a flowchart showing details of the settlement processing executed in step S14 in the processing shown in fig. 6.
Detailed Description
Before describing the embodiments of the present invention, the correspondence between specific examples of components/steps in the embodiments and specific examples of essential points of the present invention is described first. It should be noted that the following description is intended to illustrate specific examples of the present invention described in the present embodiment, and therefore, the following description is not intended to limit the present invention to the specific examples described below. That is, there may be components/steps that are not described in the following description of the correspondence relationship but correspond to the components/steps according to the present invention. Rather, examples of components/steps described in the following description that correspond to particular claims may correspond to components/steps of another embodiment.
In an embodiment of the present invention, there is provided a portable terminal (for example, a portable settlement terminal 1 shown in fig. 1) including: acquisition means (e.g., a read/write controller 31 shown in fig. 5) for acquiring authentication information containing identification information from a first contactless IC card in proximity to the portable terminal; authentication means (e.g., a personal authentication unit 32 shown in fig. 5) for authenticating the user based on identification information input by the user by operating one or more keys and identification information contained in the authentication information acquired by the acquisition means; and a settlement means (for example, a settlement unit 33 shown in fig. 5) for performing a settlement process based on the electronic money information stored in the second contactless IC card close to the portable terminal in a case where the user is determined to be authentic by the authentication means.
In an embodiment of the present invention, there is provided a settlement method/program including the steps of: acquiring authentication information including identification information from a first non-contact IC card in proximity to a portable terminal; authenticating the user based on identification information input by the user by operating one or more keys and identification information included in the authentication information acquired in the acquiring step; and if it is determined in the identifying step that the user is authentic, performing settlement processing based on the electronic money information stored in the second contactless IC card near the portable terminal (for example, step S14 shown in fig. 6).
Specific embodiments of the present invention will be described below with reference to the accompanying drawings.
Fig. 1 shows an appearance of a portable settlement terminal 1 according to an embodiment of the present invention.
In the example shown in fig. 1, the portable settlement terminal 1 is in a case where the personal authentication card 2 and the electronic money card 3 approach the portable settlement terminal 1. The personal authentication card 2 is implemented in the form of a non-contact IC card and is used to authenticate a user who will use the portable settlement terminal 1. The electronic money card 3 is also realized in the form of a non-contact IC card, but the electronic money card 3 is used by the user of the electronic money card 3 to make a payment using electronic money data.
It should be noted that in actual use, the individual authentication card 2 and the electronic money card 3 are not brought close to the portable settlement terminal at the same time, but are brought close to the portable settlement terminal 1 separately. For example, the personal authentication card 2 may be first brought close to the portable settlement terminal 1. After the user of the portable settlement terminal 1 is authenticated based on the information stored in the personal authentication card 2, the electronic money card 3 can be brought close to the portable settlement terminal 1. Then, the portable settlement terminal 1 performs settlement based on the electronic money data stored in the electronic money card 3.
That is, the portable settlement terminal 1 and the personal authentication card 2 are used by a person who is to receive payment, and the electronic money card 3 is used by a person who makes payment.
As shown in fig. 1, the portable settlement terminal 1 is formed to have a size that allows a user to hold it with one hand. The portable settlement terminal 1 has a reader/writer 11, a display unit 12, and an input unit 13, which are provided on a housing of the portable settlement terminal 1. In the example shown in fig. 1, the reader/writer 11, the display unit 12, and the input unit 13 are all provided on the same surface of the housing.
The reader/writer 11 is adapted to perform wireless communication with the IC chip 2A provided in the personal authentication card 2 and the IC chip 3A provided in the electronic money card 3 by electromagnetic waves, and read/write information from/to the IC chip.
The display unit 12 is, for example, an LCD (liquid crystal display) for displaying various information.
The input unit 13 includes an alphanumeric keypad and is used by a user of the portable settlement terminal 1, i.e., by a person who is to receive payment.
The settlement processing using the portable settlement terminal 1 will be described below.
As described above, before settlement, the portable settlement terminal 1 is required to authenticate the user of the portable settlement terminal 1 by using the personal authentication card 2. Specifically, if the user turns on the power of the portable settlement terminal 1 and brings the personal authentication card 2 close to the reader/writer 11, the personal authentication data is read from the personal authentication card 2 (specifically, the IC chip 2A) into the portable settlement terminal 1.
Fig. 2 shows an example of personal authentication data stored in the personal authentication card 2.
As shown in fig. 2, the personal authentication data includes personal identification information such as a user name and a user ID identifying a person, and also includes a PIN code of a specific number of alphanumeric characters. The personal authentication data is written in the personal authentication card 2 in advance by using a specific terminal, and the user of the portable settlement terminal 1 knows the PIN code written in the personal authentication card 2. The key for writing the personal authentication data into the personal authentication card 2 may be different from the key for reading out the personal authentication data from the portable settlement terminal 1.
As shown in fig. 2, the personal authentication data is stored in the personal authentication card 2 in an encrypted form using the private key K1. A decryption key corresponding to the private key K1 is secretly recorded in the portable settlement terminal 1 in an appropriate manner. In the portable settlement terminal 1, a decryption key corresponding to the private key K1 is managed by the tamper-resistant chip.
As described above, since the personal authentication data is stored in an encrypted form using the private key K1, the PIN code and other information contained in the personal authentication data can be prevented from being stolen.
Referring again to fig. 1, when the personal authentication data is read out from the personal authentication card 2, the portable settlement terminal 1 decrypts the encrypted personal authentication data by using the key recorded in the portable settlement terminal 1, and the portable settlement terminal 1 displays a message on the display unit 12 to prompt the user identified by the personal identification information included in the personal authentication data to input a PIN code. An example of a message displayed on the display unit 12 is "Mr. XXX, please enter your PIN code".
If the user inputs his/her PIN code by operating the input unit 13 in response to the message, authentication of the user is performed by comparing the input PIN code with the PIN code contained in the personal authentication data read out from the personal authentication card 2 and decrypted. When these PIN codes coincide with each other, it is determined that the user who is going to use the portable settlement terminal 1 is an authorized user of the portable settlement terminal 1. However, if the input PIN code is different from the PIN code contained in the personal authentication data read out from the personal authentication card 2 and decrypted, it is determined that the user who is going to use the portable settlement terminal 1 is not an authorized user of the portable settlement terminal 1.
As described above, since the authentication of the user who will use the portable settlement terminal 1 is performed by comparing the PIN code input via the input unit 13 with the PIN code stored in the personal authentication card 2 close to the portable settlement terminal 1, it is not necessary to record the PIN code for user authentication in the portable settlement terminal 1.
This allows a plurality of users to use the same portable settlement terminal 1. In this case, each user has a personal authentication card 2 belonging to him/her, in which a PIN code uniquely assigned to him/her is stored, and knows the PIN code belonging to him/her. The system allows only an authorized user having his/her personal authentication card 2 to use the portable settlement terminal 1, and others cannot use the portable settlement terminal 1. Thus, the portable settlement terminal 1 is prevented from being used in an unauthorized manner. Further, it is not necessary to perform any troublesome work to record PIN codes of different users in the portable settlement terminal 1. This is very convenient for the user.
As described above, if the user inputs his/her PIN code through the input unit 13 while holding the personal authentication card 2 at a position close to the portable settlement terminal 1, the portable settlement terminal 1 authenticates the user. If the verification is successfully passed, the portable settlement terminal 1 activates the settlement function so that settlement can be performed using the electronic money card 3.
More specifically, when the electronic money card 3 is brought close to the reader/writer 11, the remaining amount of the electronic money stored in the electronic money card 3(IC chip 3A) is read, the amount to be paid is subtracted from the remaining amount, and the resultant amount is written in the electronic money card 3. It should be noted that the user of the portable settlement terminal 1 inputs information indicating the amount of money to be paid by operating the input unit 13.
Fig. 3 shows an example of electronic money data stored in the electronic money card 3.
As shown in fig. 3, a key K2 is set in the electronic money data. Only when the authentication using this key K2 is successful, the electronic money data is allowed to be read and written. A key corresponding to the key K2 is recorded in advance in the portable settlement terminal 1, and mutual authentication is performed between the portable settlement terminal 1 and the IC chip 3A.
If the settlement is successfully completed, partial information identifying the individual who performs the settlement is written in the electronic money card 3 together with a terminal code identifying the portable settlement terminal 1 so that the individual who performs the settlement (the user of the portable settlement terminal 1) can be identified by the information.
The processing related to the portable settlement terminal 1 will be described in further detail later by referring to a flowchart.
Fig. 4 is a block diagram showing an example of the hardware configuration of the portable settlement terminal 1. In fig. 4, the same parts as those shown in fig. 1 are denoted by the same reference numerals, and a repetitive description thereof will be omitted here.
A CPU (central processing unit) 21 executes various processes in accordance with a program stored in a ROM (read only memory) 22 or a storage unit 27. A RAM (random access memory) 23 stores programs executed by the CPU 21, and also stores data used in the execution of the programs.
In addition to the program for executing the settlement processing, a key for decrypting the encrypted personal authentication data stored in the personal authentication card 2 and a key for authentication using the key K2 stored in the electronic money card 3 are stored in the flash memory 24. The CPU 21, ROM 22, RAM 23 and flash memory 24 are constituted in the form of tamper-resistant chips.
The CPU 21, the ROM 22, the RAM 23, and the flash memory 24 are connected to each other by a bus 25, and are also connected to an input/output interface 26 by the bus 25.
In the example shown in fig. 4, the input/output interface 26 is connected to the reader/writer 11, the display unit 12, the input unit 13, and the storage unit 27. The storage unit 27 is implemented with a hardware driver, for example, and is used to store a program executed by the CPU 21 and various data.
As shown in fig. 4, the input/output interface 26 is connected to a drive 28 as needed, thereby providing keys and/or programs to the portable settlement terminal 1 via a removable medium 29 such as a semiconductor memory mounted on the drive 28.
Fig. 5 is a block diagram showing an example of the functional configuration of the portable settlement terminal 1. At least part or all of the functional blocks shown in fig. 5 are realized by executing a specific program on the CPU 21 shown in fig. 4.
As shown in fig. 5, the portable settlement terminal 1 is configured to include a read/write controller 31, a personal authentication unit 32, a settlement unit 33, a timer controller 34, and a power controller 35.
The read/write controller 31 controls the reader/writer 11 to supply electric power to an IC chip of a non-contact IC card (e.g., the personal authentication card 2 or the electronic money card 3) near the reader/writer 11, and to read or write information from or to the IC chip.
More specifically, when the personal authentication card 2 is brought close to the reader/writer 11, the read/write controller 31 controls the reader/writer 11 so that personal authentication data is read from the personal authentication card 2 and transmitted to the personal authentication unit 32. After the user authentication is successfully completed, in the settlement process performed by the settlement unit 33 in conjunction with the electronic money card 3, the read/write controller 31 controls the reader/writer 11 so that the remaining amount of the electronic money data is read from the electronic money card 3 and the obtained amount as the subtraction result is written in the electronic money card 3.
When detecting a non-contact IC card such as the personal authentication card 2 or the electronic money card 3 approaching the portable settlement terminal 1, the read/write controller 31 performs mutual authentication with the non-contact IC card in an inquiry and response method or the like. If the authentication is successfully completed, the read/write controller 31 encrypts information using a key obtained by the mutual authentication to perform further communication with the contactless IC card.
If the personal authentication unit 32 receives the personal authentication data from the read/write controller 31, the personal authentication unit 32 decrypts the encrypted personal authentication data by using a key stored in advance in the personal authentication unit 32, and extracts personal identification information from the decrypted personal authentication data. A message prompting the user to input his/her PIN code is displayed on the display unit 12 based on the extracted personal identification information. If the user inputs his/her PIN code through the input unit 13 in response to a message prompting the user to input the PIN code, the personal authentication unit 32 authenticates the user by comparing the input PIN code with the PIN code included in the personal authentication data. If the personal authentication unit 32 determines that the user is authentic, the personal authentication unit 32 outputs information indicating that the user is authentic to the settlement unit 33 and the timer controller 34.
The settlement unit 33 is activated in response to receiving information from the personal authentication unit 32 indicating that the user is authentic. The settlement unit 33 communicates with the electronic money card 3 in proximity to the portable settlement terminal 1 through the read/write controller 31, and performs settlement processing using electronic money data stored in the electronic money card 3. In the settlement processing, the settlement unit 33 displays information prompting the user to bring the electronic money card 3 close to the reader/writer 11 on the display unit 12 if necessary.
The timer controller 34 controls the timer such that when the timer detects that a specific time elapses from the reference time, the timer controller 34 notifies the power controller 35 that the specific time elapses to turn off the power of the portable settlement terminal 1.
The power controller 35 controls power supply to a plurality of parts of the portable settlement terminal 1. More specifically, the power controller 35 turns off power supplied to portions of the portable settlement terminal 1 under the control of the timer controller 34.
With reference to the flowchart shown in fig. 6, the process performed by the portable settlement terminal 1 configured in the above manner will be described below.
If the user presses the power button, thereby starting the power of the portable settlement terminal 1, then, in step S1, the timer controller 34 starts a timer for 5 minutes.
In step S2, the read/write controller 31 searches for the personal authentication card 2 by radiating electromagnetic waves from the reader/writer 11. In step S3, the read/write controller 31 determines whether or not the personal authentication card 2 is detected.
If the personal authentication card 2 is not detected in response to step S3, the read/write controller 31 advances the process to step S4. In step S4, the read/write controller 31 checks the elapsed time measured by the timer controller 34 to determine whether 5 minutes have elapsed since the timer started in step S1.
If it is determined in step S4 that 5 minutes have not elapsed, then the read/write controller 31 returns the process to step S2 to continue the search for the personal authentication card 2.
In the event that determination is made in step S3 that the personal authentication card 2 in proximity to the reader/writer 11 is detected, the read/write controller 31 advances the process to step S5. In step S5, the read/write controller 31 requests the personal authentication card 2 to transmit identification information. The read/write controller 31 performs mutual authentication with the personal authentication card 2 in a method of inquiry and response or the like using the identification information transmitted from the personal authentication card 2.
In step S6, the read/write controller 31 determines whether the mutual authentication processing is completed. If the answer to step S6 is that the mutual authentication processing has not been completed, the processing proceeds to step S4. However, if it is determined in step S6 that the mutual authentication processing has been completed, the processing proceeds to step S7.
In step S7, the read/write controller 31 reads personal authentication data from the personal authentication card 2, and transmits the read personal authentication data to the personal authentication unit 32.
In step S8, the personal authentication unit 32 decrypts the encrypted personal authentication data received from the read/write controller 31, and extracts personal identification information from the decrypted personal authentication data. A message prompting the user to input his/her PIN code is displayed on the display unit 12 based on the extracted personal identification information.
In step S9, the personal authentication unit 32 determines whether the PIN code input by the user is completed. If the input is not complete, the process waits in step S9 until the input is complete.
If it is determined in step S9 that the user' S PIN code input is completed, the personal authentication unit 32 advances the process to step S10. In step S10, the personal authentication unit 32 verifies the PIN code input by the user by comparing the PIN code input by the user with the PIN code contained in the personal authentication data.
In step S11, the personal authentication unit 32 determines whether the PIN code input by the user coincides with the PIN code contained in the personal authentication data. If the PIN code input by the user does not coincide with the PIN code contained in the personal authentication data, the processing proceeds to step S12. In step S12, it is determined whether 5 minutes have elapsed since the timer started in step S1.
If it is determined in step S12 that 5 minutes have not elapsed, the personal authentication unit 32 returns the process to step S9 to prompt the user to re-input his/her PIN code. After that, the above process is repeated. If the validity of the PIN code input by the user is negatively determined a predetermined number of times or more with respect to the PIN code contained in the personal authentication data, the portable settlement terminal 1 can be locked so that the user is not allowed to use the terminal.
In the case where the answer to step S11 is that the PIN code input by the user coincides with the PIN code included in the personal authentication data, the personal authentication unit 32 outputs information indicating that the input PIN code is valid to the settlement unit 33 and the timer controller 34.
In step S13, the timer controller 34 starts a 60-minute timer.
In step S14, the settlement unit 33 performs settlement processing. In the settlement process, the settlement unit 33 communicates with the electronic money card 3 through the read/write controller 31, and performs settlement using the electronic money data stored in the electronic money card 3 (which will be described in further detail later with reference to the flowchart shown in fig. 7).
If the settlement processing for the electronic money card 3 is completed, in the following step S15, the settlement unit 33 determines whether or not 60 minutes have elapsed since the timer started in step S13. If it is determined in step S13 that 60 minutes have not elapsed, the process returns to step S14 to perform settlement processing for electronic money cards and the like other than the electronic money card 3. That is, in the present embodiment, after the user is authenticated, the user is allowed to perform settlement using the portable settlement terminal 1 for a period of up to 60 minutes. The maximum allowable period is not limited to 60 minutes but may be differently set so that the store owner in which the portable settlement terminal 1 operates can arbitrarily define the maximum allowable period during which settlement is allowed to be performed.
If it is determined in step S15 that 60 minutes have elapsed since the timer started in S13, the settlement unit 33 advances the process to step S16.
In step S16, the timer controller 34 controls the power controller 35 to turn off the power of the portable settlement terminal 1. Thus, the process ends. Further, in the case where it is determined in step S4 or S12 that 5 minutes have elapsed since the timer started in step S1, the power of the portable settlement terminal 1 is turned off and the process is ended.
Details of the settlement processing in step S14 shown in fig. 6 will be described below with reference to the flowchart shown in fig. 7.
In step S21, the read/write controller 31 searches for the electronic money card 3 by radiating electromagnetic waves from the reader/writer 11. If the electronic money card 3 is detected, the process proceeds to step S22.
In step S22, the read/write controller 31 requests the electronic money card 3 to transfer the identification information. The read/write controller 31 performs mutual authentication with the electronic money card 3 by an inquiry and response method or the like using the identification information transmitted from the electronic money card 3. In the mutual authentication processing, for example, the key K2 stored in the electronic money card 3 and a key corresponding thereto managed by the settlement unit 33 are used as necessary.
If the mutual authentication is completed, the process proceeds to step S23. In step S23, the settlement unit 33 reads the remaining amount of electronic money stored in the electronic money card 3. Then, the process proceeds to step S24. In step S24, the amount to be paid by the user of the electronic money card 3 is subtracted from the remaining amount, and the resultant amount is written in the electronic money card 3.
In step S25, the settlement unit 33 stores part of the personal identification information included in the personal authentication data obtained by the personal authentication unit 32 from the personal authentication card 2 into the electronic money card 3 together with the terminal code. If step S25 is complete, the process returns to step S14 shown in FIG. 6. It should be noted that, in addition to storing part of the personal authentication information, the entire personal identification information may be stored in the electronic money card 3 together with the terminal code.
In the embodiment of the present invention, as described above, the authentication of the user who is going to use the portable settlement terminal 1 is performed by comparing the PIN code input by the user via the input unit 13 with the PIN code stored in the personal authentication card 2 near the portable settlement terminal 1.
When the personal authentication card 2 is not detected for a predetermined period of time or when confirmation of the input PIN code with respect to the PIN code stored in the personal authentication card 2 is not achieved for a predetermined period of time, the power of the portable settlement terminal 1 is automatically turned off to prevent the battery of the portable settlement terminal 1 from being consumed.
In the above embodiment, the settlement processing is limited by the timer. Alternatively, the settlement processing may be limited by an operation performed by the user, or by the accumulated amount of settlement.
In the above-described embodiment, the hardware keys provided on the housing surface of the portable settlement terminal 1 are used for inputting the PIN code. Alternatively, a software key displayed on the display unit 12 of the portable settlement terminal 1 may be used for inputting the PIN code.
In the above-described embodiment, the verification using the PIN code stored in the personal verification card 2 and the PIN code input by the user is performed by the portable settlement terminal 1. The authentication may be performed in a similar manner by a fixed type terminal installed in a shop or the like. The card used for authentication is not limited to a contactless card, and a contact card may be used.
The series of processing steps described above may be performed by hardware or software means. When the series of processes is executed by software, a program forming the software may be installed from a program storage medium onto a computer provided as dedicated hardware or onto a general-purpose computer capable of executing various processes according to various programs installed thereon.
As a program storage medium for storing a program to be installed into and executed by a computer, for example, a removable medium 29, a ROM 22, and a hard disk drive serving as the storage unit 27 may be employed. The program may be temporarily or permanently stored in these media.
In the description herein, the steps described in the programs may be executed in a time-series manner, or in a parallel or separate manner according to the order described in the programs.
It should be understood by those skilled in the art that various modifications, combinations, sub-combinations, and adaptations may be made within the scope of the appended claims and their equivalents, depending on design requirements and other factors.

Claims (7)

1. A portable terminal, comprising:
acquiring means for acquiring authentication information containing identification information from a first non-contact IC card in proximity to the portable terminal;
authentication means for authenticating a user based on identification information input by the user by operating one or more keys and identification information included in the authentication information acquired by the acquisition means; and
settlement means for performing settlement processing based on the electronic money information stored in the second contactless IC card close to the portable terminal in a case where the user is determined to be authentic by the authentication means.
2. The portable terminal of claim 1, further comprising a display device for displaying information, wherein,
the authentication device displays, on the display device, information prompting a user identified by information contained in the authentication information to input identification information by operating one or more keys, and verifies the authenticity of the user based on the identification information input by the user and the identification information contained in the authentication information.
3. The portable terminal of claim 1, wherein:
the authentication information is stored in the first contactless IC card in an encrypted form; and
the authentication apparatus decrypts the encrypted authentication information acquired by the acquisition apparatus by using key information stored in advance in the authentication apparatus, thereby acquiring identification information for verifying the authenticity of the user.
4. The portable terminal according to claim 1, wherein when the settlement means completes the settlement processing, the settlement means stores information included in the authentication information acquired by the acquisition means into the second contactless IC card together with the identification information identifying the portable terminal.
5. A settlement method comprising the steps of:
acquiring authentication information including identification information from a first non-contact IC card in proximity to a portable terminal;
authenticating a user based on identification information input by the user by operating one or more keys and the identification information included in the authentication information acquired in the acquiring step; and
if it is determined in the authentication step that the user is authentic, settlement processing is performed based on the electronic money information stored in the second non-contact IC card in proximity to the portable terminal.
6. A program executable by a computer for executing a process comprising the steps of:
acquiring authentication information including identification information from a first non-contact IC card in proximity to a portable terminal;
authenticating a user based on identification information input by the user by operating one or more keys and the identification information included in the authentication information acquired in the acquiring step; and
if it is determined in the authentication step that the user is authentic, settlement processing is performed based on the electronic money information stored in the second non-contact IC card in proximity to the portable terminal.
7. A portable terminal, comprising:
an acquisition unit configured to acquire authentication information containing identification information from a first non-contact IC card in proximity to the portable terminal;
an authentication unit configured to authenticate a user based on identification information input by the user by operating one or more keys and identification information included in the authentication information acquired by the acquisition unit; and
a settlement unit configured to perform a settlement process according to the electronic money information stored in the second contactless IC card close to the portable terminal in a case where the user is determined to be authentic by the authentication unit.
HK08105964.3A 2006-06-29 2008-05-28 Portable terminal, settlement method, and program HK1111253A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2006-179076 2006-06-29

Publications (1)

Publication Number Publication Date
HK1111253A true HK1111253A (en) 2008-08-01

Family

ID=

Similar Documents

Publication Publication Date Title
EP1873729A1 (en) Portable terminal, settlement method, and program
AU2006348990B2 (en) Proxy authentication methods and apparatus
US20080028230A1 (en) Biometric authentication proximity card
US8799670B2 (en) Biometric authentication method, computer program, authentication server, corresponding terminal and portable object
JP4221385B2 (en) Biometric authentication device, terminal device and automatic transaction device
WO2013183061A1 (en) Intelligent payment card and method for making secure transactions using the payment card
JPH083821B2 (en) IC card system
JP2010510609A (en) Point-of-sale transaction equipment with magnetic band emulator and biometric authentication
WO2009152677A1 (en) Payment system and payment method thereof
US8172138B2 (en) Device and method for smart card assisted digital content purchase and storage
KR20170040469A (en) Smart card of OTP-based and authentication method using the same
KR20090015557A (en) IC card, IC card payment system with token key for user authentication and payment method using the same
JP2003346098A (en) Personal identification system and method and terminal device for personal identification
WO2001082167A1 (en) Method and device for secure transactions
HK1111253A (en) Portable terminal, settlement method, and program
JP4729187B2 (en) How to use card management system, card holder, card, card management system
KR101872261B1 (en) Ic card information security transmission system and online payment method using the same
JP2001067477A (en) Personal identification system
JP4564943B2 (en) Biometric authentication device, terminal device and automatic transaction device
KR20060125033A (en) IC card activation / deactivation device using fingerprint recognition
JP2004265156A (en) Authentication system in electronic payment by ic card exclusively for password
JP4637132B2 (en) Finger vein registration method and finger vein registration device
JP2006293875A (en) Biometric authentication linked payment system and IC card payment terminal and IC card used therefor
KR200393978Y1 (en) System for activating/deactivating IC cards, using electronic fingerprint recognition
JP5809555B2 (en) Authentication system