JP2001143004A - Transaction processing system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To solve the problem that much investment is required for the cost and time of system improvement, shift management, etc., in the case of changing a transaction processing system to a system for identifying a highly secured transactor himself and the problem that it is extremely difficult to advance a shift plan within a short period, by finding out a consensus among respective financial institutions and the problem that a new system cannot be demanded to an account owner being afraid of the invasion of privacy. SOLUTION: A system is provided with a certification server 6 for identifying a transactor on the basis of his ID2. The server 6 identifies the tansactor himself on the basis of his ID2, and when the transactor is identified as being himself, finds out the ID1 of the transactor and transmits the found ID1 to a host computer 2 through terminal equipment 4, so that the host computer 2 can confirm the transactor himself on the basis of the ID1 as in the conventional methods.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

The present invention relates to a transaction processing system of a financial institution used online.

[0002]

2. Description of the Related Art A transaction processing system of a financial institution is connected to a plurality of financial institutions and covers the whole country. In recent years, with the development of communication media such as the Internet and PHS and the evolution of PCs, ATMs and K
Various delivery channels such as IOSK terminals, PC banking, mobile banking, and telephone banking are being constructed. Therefore, the configuration has become extremely complicated.

[0003] Further, the area of the transaction processing system of a financial institution was conventionally limited to the inside of the financial institution.
In recent years, it is spreading outside financial institutions. For example, a transaction processing system of a financial institution has been expanded to a distribution system represented by a debit card system, and in the near future, media such as digital TV, BS / CS digital, and CATV digital will be used. It is being considered for new interactive services.

[0004] As a result, the transaction processing system of recent financial institutions is not only for depositing and withdrawing deposits, but also for individuals,
It is developing into a comprehensive payment service system that performs all payments from homes and businesses.

[0005] Incidentally, the transaction processing system of a financial institution confirms the identity of a trader by a conventional method. That is, the transaction is performed by prompting the trader to input a password and comparing the password with a password stored in the host computer.

However, the transaction processing system of financial institutions in recent years has been expanded to a debit card system, and the area has been expanding from inside financial institutions to outside financial institutions. As a result, the transaction processing system of a financial institution has come to be connected to a terminal device that is not managed by the financial institution, the host computer of the financial institution. In such a situation, there are the following problems in performing the identity verification of the trader by the conventional method.

[0007] 1. The third party is a third party (hereinafter referred to as an account holder) from an ATM transaction receipt or an account transfer request.
The account number of the account holder can be known, so that the magnetic card of the account holder can be easily forged.

[0008] 2. When a third party withdraws a deposit from an account holder's account using a terminal device not managed by a financial institution, such as a debit card system, it is difficult to identify the culprit.

3. In many cases, the personal identification number is a number familiar to the account holder, such as the birthday or telephone number of the account holder, and a third party can guess the personal identification number of the account holder. In addition, when the account holder inputs the personal identification number from the POS or the like, the third party can snoop on the personal identification number of the account holder. If a third party withdraws a deposit from the account holder's account using the account holder's password obtained by some means, the financial institution will not compensate the account holder for damages.

[0010] 4. The management of the PIN is liable to the account holder, although in some cases the account holder is not responsible. For example, many financial institutions write an account number and a password together with an application form when opening an account. In many cases, the form of the application form is visible to a third party. Therefore, there may be a case where the password of the account holder is leaked from the application form. In such cases, the financial institution does not compensate the account holder for damages.

5. If the personal data of the system leaks to a malicious third party, the mechanism and insurance system to protect the account holder from the third party are insufficient at this stage. In addition, since the payment is made in real time, it is expected that the account holder will be late if noticed.

As described above, there are various problems in performing the identity verification of a trader by a conventional method, and the security of the transaction processing system at this stage is weak.

Accordingly, recently, a plurality of financial institutions and manufacturers of transaction processing systems have proposed that technology for performing high-security identity verification using biological characteristics such as iris and fingerprints be incorporated into the transaction processing system. It has become.

[0014]

However, a transaction processing system (hereinafter, referred to as a new system) incorporating a technology for performing high-security identity verification has been stagnant for the following reasons.

1. This is because, in order to change the system to the new system, a great deal of investment is required for system renewal cost, time, migration management, and the like of the host computer, terminal group, ATM, and the like.

That is, each financial institution wants to change its system to a new system without making a large investment. In order to meet this demand, it is necessary to keep the existing system as unchanged as possible, without changing the settings of the host computer and gradually changing the terminal equipment from a part of it to a new system. It is necessary to change to However, none of the currently proposed new systems can satisfy such a demand, and the host computer, the terminal group, the ATM,
Significant investment is required for system renewal costs, time, migration management, etc. As a result, financial institutions are hesitant to change their systems to the new system.

2. This is because it is extremely difficult for all financial institutions to reach a consensus on each other and to proceed with the transition plan in a short period of time.

That is, a transaction processing system (hereinafter, referred to as an old system) incorporating a technique of performing identity verification by a conventional method has already spread to all financial institutions and distribution organizations. In such an environment, if only one financial institution changes its system to the new system, that financial institution's system will have a different protocol from those of other financial institutions and distribution institutions, and the other financial institution will have another financial institution. You will not be able to connect to institution or distribution system. Therefore, each financial institution needs to take a consensus with other financial institutions and proceed with the transition plan in a short period of time in order to avoid such a situation. However, each financial institution has different security perceptions and funding volumes,
No such transition plan has been developed.

3. This is because it is difficult to implement the new method uniformly because some people fear privacy infringement.

That is, a technology for performing a high-security identity verification, particularly a technology for performing identity verification using biological characteristics, is unknown to account holders.
Some account holders fear privacy violations. Therefore, each financial institution cannot force such people to use the new method, and cannot implement the new method uniformly.

For the above reasons, the new system is
Spread has stalled.

In view of the above situation, the present invention requires a large investment in system renewal cost, time, migration management, etc., when a transaction processing system is changed to a system for verifying the identity of a high-security trader. That financial institutions need to reach a consensus with each other and make it very difficult to implement a transition plan in the short term, and that account holders who are afraid of infringement of privacy cannot use the new method. An object of the present invention is to provide a transaction processing system capable of performing identity verification by a conventional method and selecting high-security identity verification with the free will of an account holder, with the object of solving the problem.

[0023]

In order to solve the above-mentioned problems, a transaction processing system according to a first aspect of the present invention provides a host computer of a financial institution that manages account files and online transactions with the accounts of the host computer. And a host device, wherein the host computer uses the account identification information for identifying the account transmitted from the terminal device and the first personal identification information for identifying the trader. In a transaction processing system for performing identity verification and permitting access to the corresponding account from the terminal device when the transaction is confirmed to be a principal,
The terminal device is connected to an authentication server capable of performing identity verification of a trader using second personal identification information different from the first personal identification information, and the authentication server includes:
Using the account identification information and the second personal identification information transmitted from the terminal device, the identity of the transaction is confirmed, and when the transaction is confirmed to be the principal, the account identified by the account identification information is transferred to the account identified by the account identification information. Correspondingly, first personal identification information registered in advance is determined and transmitted to the terminal device, and the terminal device transmits the first personal identification information received from the authentication server to the host computer. Thus, the host computer is allowed to confirm the identity of the trader using the first personal identification information, thereby permitting access to the corresponding account.

[0024] In the transaction processing system according to a second aspect of the present invention, in addition to the first aspect, the terminal device includes a control unit for performing various controls and a display unit for guiding a trader's operation. A reader / writer unit for reading or writing information for specifying an account file from a medium possessed by the trader; a first input unit for the trader to input various information; And a second input unit for inputting the personal identification information.

[0025] In the transaction processing system according to the third invention, in addition to the first invention, the terminal device further includes a registration button for registering second personal identification information provided in the first input unit. The account specifying information read from the medium by the reader / writer unit, the first personal specifying information input from the first input unit, and The second personal identification information input from the second input unit is transmitted to the authentication server together with a signal requesting a registration process, so that the authentication server registers the three pieces of information in association with each other. And

[0026] In a transaction processing system according to a fourth aspect of the present invention, in addition to the first aspect, the terminal device transmits account identification information and first personal identification information to the host computer. The authentication server starts the registration process based on the result of the personal identification of the transaction person.

According to a fifth aspect of the present invention, in the transaction processing system according to the first aspect, the terminal device is configured such that when the registration processing of the second personal identification information in the authentication server ends normally, By recording the second personal identification priority information on the medium indicating that the identification of the trader by the second personal identification information is performed in preference to the identification of the trader by the first personal identification information, If the second personal identification priority information is recorded on the medium at the time of the trader's identity confirmation processing or the second personal identification information re-registration processing, the first personal identification information is not input and the first personal identification information is not input. 2 is characterized in that input processing of personal identification information is performed.

[0028] In the transaction processing system according to a sixth aspect of the present invention, in addition to the first aspect, the terminal device is arranged such that when the second personal identification priority information is recorded on a medium owned by the trader, Transmitting the second personal identification information input from the second input unit to the authentication server together with the account identification information;
The authentication server determines second personal identification information registered in advance corresponding to the account specified by the received account identification information, and calculates the second personal identification information and the received second personal identification. The information is used to confirm the identity of the trader, and if the trader can be regarded as the principal, the first personal identification information registered in advance corresponding to the account specified by the account identification information is determined. The information is transmitted to the terminal device.

[0029] In a transaction processing system according to a seventh aspect of the present invention, in addition to the first aspect, the terminal device is arranged so that when the second personal identification priority information is not recorded on a medium owned by the trader, It is characterized in that it is possible to select whether to input the first personal identification information or the second personal identification information.

The transaction processing system according to an eighth aspect of the present invention is the transaction processing system according to the first aspect, wherein the terminal device has a configuration in which the second personal identification priority information is recorded on a medium owned by the trader. When the authentication server is to register the first or second personal identification information, the authentication server is made to perform the identity verification of the trader by the second personal identification information, and it is confirmed that the trader is the principal. And causing the authentication server to start re-registration processing of the first or second personal identification information.

The transaction processing system according to a ninth aspect of the present invention is the transaction processing system according to the first aspect, wherein the terminal device transmits the second personal identification information to the account in which the second personal identification information is already recorded in the authentication server. In the case where the personal identification information is registered, the authentication server is made to confirm the identity of the trader based on the second personal identification information. It is characterized in that the re-registration process of the personal identification information is started.

The transaction processing system according to a tenth aspect of the present invention is the transaction processing system according to the first aspect, wherein the terminal device having no second input unit connected to the transaction processing system is provided with second personal identification priority information. When reading the medium on which the transaction information is recorded, this signal is ignored, and the identity of the trader is identified based on the first personal identification information.

[0033] The transaction processing system according to the eleventh invention is characterized in that, in addition to the first invention, the first personal identification information is an arbitrary password.

A transaction processing system according to a twelfth invention is characterized in that, in addition to the first invention, the second personal identification information is password information, signature information, or information indicating biological characteristics. I do.

A transaction processing system according to a thirteenth invention is the transaction processing system according to the first invention, wherein the network comprises: a first network connecting the host computer and the terminal device; And a second network connecting the server.

In a transaction processing system according to a fourteenth aspect of the present invention, in addition to the first aspect, the authentication server determines the second personal identification information as image information or information obtained by compressing the image information or image information. And stored as information coded by the above algorithm.

A transaction processing system according to a fifteenth invention is characterized in that, in addition to the first invention, the authentication server can handle a plurality of types of second personal identification information.

[0038] In a transaction processing system according to a sixteenth aspect of the present invention, in addition to the fifteenth aspect, the terminal device writes information for specifying the type of the second personal identification information in a medium possessed by the trader. It is characterized by the following.

A transaction processing system according to a seventeenth invention is the transaction processing system according to the sixteenth invention, wherein the terminal device reads the information for identifying the type of the second personal identification information read from a medium possessed by the trader. In a case where the corresponding input function is not provided, the identification of the trader using the first personal identification information is performed.

Further, a transaction processing system according to an eighteenth aspect is characterized in that, in addition to the first aspect, the terminal device is a POS terminal.

[0041]

Embodiments of the present invention will be described below with reference to the drawings. In addition, each figure is only schematically shown to the extent that the present invention can be understood. Also, in each of the drawings, common elements are given the same numbers,
Description is omitted.

<System Configuration> The configuration of the transaction processing system according to the present invention will be described below with reference to the drawings.

FIG. 1 is a diagram showing an embodiment of the present invention.

In the figure, reference numeral 1 denotes an account file for managing various data of a customer who has opened an account with the financial institution A (hereinafter referred to as an account holder). The account file 1 contains, for each account, an account number of the account holder, first personal identification information (hereinafter referred to as ID1) for identifying an individual, a branch code, a name,
Various data such as an address and other (telephone number, work place, deposit balance, transaction history, etc.) are associated with each other. ID1
In some cases, password information composed of alphanumeric characters is used overseas, but in Japan, a password composed of four-digit numbers is generally used. Therefore,
In the following description, ID1 is described as meaning a personal identification number composed of four digits.

Reference numeral 2 denotes a host computer of the financial institution A that stores and manages the account file 1. Reference numeral 3 denotes a first network for connecting the host computer 2 and the outside (a terminal device 4 described later) online. Reference numeral 4 denotes a terminal device for accessing a specific account file 1 managed by the host computer 2 and executing various transaction processes. The terminal device 4 is an automatic transaction device (ATM), a cash dispenser, a David system terminal, a P
Although there are forms of C-banking, mobile banking, telephone banking terminals, POS, etc., in the following description,
The terminal device 4 will be described as an ATM.

Reference numeral 5 denotes a second network for connecting the terminal device 4 to the outside. Reference numeral 6 denotes an authentication server that performs identity verification of a trader based on second personal identification information (hereinafter, referred to as ID2) that has been provided with higher security than ID1. In the following description, ID2 will be described as meaning information indicating biological characteristics such as an iris and a fingerprint, or password information, signature information, and the like. Arrows in the figure indicate flows of ID1 and ID2 transmitted and received in the system. Reference numeral 7 denotes an authentication information file used when performing identity verification of a trader by ID2. The authentication information file 7 contains at least the account number and ID of the account holder.
1 and data such as ID2 are associated with each other, and are stored and managed in the authentication server 6.

The transaction processing system according to the present invention has ID2
The authentication server 6 performs identity verification of the trader based on the transaction ID. When the authentication server 6 performs the identity verification of the trader based on the ID2 of the trader, and considers the trader as the identity, the ID1 of the trader is used. And transmitting the determined ID1 to the host computer 2 via the terminal device 4 so that the host computer 2 can identify the trader based on the ID1 as before. .

In the transaction processing system according to the present invention, when the account holder wishes to perform the identity verification based on ID2, the account holder himself / herself determines whether or not the account holder himself / herself needs the ID information file 7 in the authentication information file 7 of the authentication server 6. It is configured to register ID2. For this reason, account holders who fear infringement of privacy will not be forced to use the new method. Therefore, each financial institution does not need to obtain approval for the new system from account holders who fear privacy infringement, and can easily change their systems to the new system.

FIG. 2 is a diagram showing the overall configuration of the system. FIG. 2 shows that a plurality of terminal devices 4-1 to 4-n are connected to the host computer 2 via the first network 3. Of the plurality of terminal devices in FIG.
Thick frames (that is, the terminal devices 4-1 and 4-n) have I
This indicates that the devices can handle D2, and these devices are connected to the authentication server 6 via the second network 5. Also, among the plurality of terminal devices, those having thin border lines (that is, the terminal devices 4-2 and 4-m) indicate that they are devices that cannot handle ID2, and these are the second devices.
Is not connected to the network 5. Note that FIG.
The middle broken line indicates the boundary between the old system and the new system. The components above the broken line are the old systems, and the components below the broken line are the new systems.

FIG. 2 shows that a terminal device that implements the present invention and a terminal device that does not implement the present invention (that is, a terminal device that can handle ID2 and a terminal device that cannot handle ID2) can coexist on a network. In other words, FIG. 2 shows that each financial institution can gradually change its own system from some terminal devices to a new system.
Therefore, the present invention does not require a significant investment in system renewal costs, time, migration management, etc., and each financial institution can make its own migration plan without consensus with other financial institutions, The effect is that the system can be shifted to the new method in a short time.

FIG. 3 shows the system shown in FIG.
FIG. 3 is a diagram illustrating details of a configuration of a terminal device capable of inputting characters. In FIG. 3, reference numeral 8 denotes a control unit for performing various controls, and 9 denotes a card reader / reader for reading information (account number) specifying an account file from a card possessed by a trader.
A writer 10, a display unit for guiding the operation of the trader,
Reference numeral 11 denotes a first input unit for the trader to input various information, 12 denotes a second input unit for the trader to input ID2, and 13 denotes a card possessed by the trader. Note that FIG.
Shows the configuration of the terminal device 4-1, but the terminal device 4-n
Also, a terminal device capable of inputting ID2 (not shown) has the same configuration as the terminal device 4-1.

<System Operation> The following describes the operation of the trader's identity confirmation processing in the transaction processing system, taking as an example a balance inquiry transaction and a payment transaction. In the following description, the host computer 2
And the terminal device 4-1 and the authentication server 6 have a function of counting time, and when no operation is performed within a predetermined time or when an erroneous operation is performed, these stop processing. It will be described as.

FIG. 4 is a flow chart showing the operation of the identity verification process at the time of the balance inquiry transaction.

In step (hereinafter referred to as S) 401, a trader first stands in front of terminal device 4-1. Then
The terminal device 4-1 detects this by a sensor (not shown) and displays a transaction selection screen shown in FIG.
FIG. 5 is a diagram showing a transaction selection screen.
A deposit button to instruct deposit, a book button to instruct passbook entry, a transfer button to instruct transfer, an account transfer button to instruct account transfer,
A payment button for instructing payment, a balance inquiry button for instructing balance inquiry, a reserve period button for instructing deposit to the reserve period, and a personal identification registration button for instructing ID2 registration are shown. Here, it is assumed that the trader presses the balance inquiry button.

In S402, the terminal device 4-1 displays an instruction to insert a card on the display unit 10. The trader looks at this screen and inserts the card 13 owned by the trader into the terminal device 4-1.
To the card reader / writer 9 of the above.

In step S403, the terminal device 4-1 reads out the account number from the card 13, and
It is confirmed whether ID2 priority information for instructing that the identity of the trader be confirmed based on ID2 is written. The terminal device 4-1 advances the process to S404 when ID2 priority information is written in the card 13, and advances the process to step A in FIG. 6 when ID2 priority information is not written.
FIG. 6 is a flowchart showing the selection process of ID1 and ID2. When the terminal device 4-1 advances the process to step A in FIG.
A screen is displayed on the display unit 10 for selecting which of the two methods is used to perform the identity verification of the trader. When a trader who sees this screen presses a button (ID2 selection button) for selecting to perform identity verification based on ID2, the terminal device 4-1
Advances the process to step B (ie, S404 in FIG. 4). When the trader presses a button (ID1 selection button) for selecting to perform identity verification based on ID1, the terminal device 4-1 advances the process to S602, and displays a screen for instructing input of ID1 on the display unit. Display at 10. When the trader who sees this screen inputs ID1, the terminal device 4-1 advances the process to step C (that is, S411 in FIG. 4).

In S404, the terminal device 4-1 transmits the ID
A screen for instructing the input of 2 is displayed on the display unit 10. The trader sees this screen and enters ID2.

In step S405, the terminal device 4-1 transmits the account number read from the card 13 and the ID2 input by the trader to the authentication server 6. At this time, the terminal device 4-1 temporarily stores the account number in order to determine whether or not the information received from the authentication server 6 in S410 is for the corresponding account.

In S406, the authentication server 6 receives the account number and ID2.

In step S407, the authentication server 6 accesses the authentication information file 7 and reads out the ID 2 corresponding to the received account number. Then, the read ID2 is compared with the received ID2, and it is determined whether or not both belong to the same person. If it can be determined that they belong to the same person, the process proceeds to S408, and if it cannot be determined that they belong to the same person, a signal indicating that the identity of the trader cannot be confirmed is transmitted to the terminal device 4-1.

In S 408, the authentication server 6 checks the ID 1 corresponding to the account number received from the authentication information file 7.
Is read.

In S409, the authentication server 6 sends the account number and ID1 to the terminal device 4-1.

In S410, the terminal device 4-1 receives the account number and ID1. At this time, the terminal device 4-1
By comparing the account number received from the authentication server 6 with the account number temporarily stored in S405, it is determined whether the received information is for the corresponding account.

In S411, if the received information is that of the corresponding account, the terminal device 4-1 attaches to the received account number and ID1 a transaction start request signal for requesting the start of balance inquiry transaction, These are transmitted to the host computer 2.

In S412, the host computer 2
Is the transaction (balance inquiry) start request signal, account number and ID1
To receive.

In S413, the host computer 2
Accesses the account file 1 and reads ID1 corresponding to the received account number. And the read ID
1 is compared with the received ID1, and it is determined whether or not both match. If they match, the process proceeds to S414. If they do not match, a signal indicating that the identity of the trader cannot be confirmed is transmitted to the terminal device 4-1.

In S414, the host computer 2
Confirms the validity of the account. That is, it is checked whether or not the account cannot be transacted because the report of the loss of the card has been recorded or the password has been input incorrectly more than a predetermined number of times.

In S415, the host computer 2
Transmits the balance of the account corresponding to the received account number to the terminal device 4-1.

In S416, terminal device 4-1 displays the received balance on display unit 10.

In step S417, the terminal device 4-1 releases the card 13 outside the machine and returns it to the trader. Then, when the trader receives the card 13, a series of operations is completed.

FIG. 7 is a flowchart showing the operation of the identity verification process at the time of payment transaction.

In S701, first, the trader stands in front of the terminal device 4-1. Then, the terminal device 4-1 detects this by a sensor (not shown) and displays a transaction selection screen shown in FIG. Here, it is assumed that the trader presses the payment button.

In step S702, the terminal device 4-1 displays an instruction to insert a card on the display unit 10. The trader looks at this screen and inserts the card 13 owned by the trader into the terminal device 4-1.
To the card reader / writer 9 of the above.

In step S703, the terminal device 4-1 reads the account number from the card 13, and
It is confirmed whether ID2 priority information for instructing that the identity of the trader be confirmed based on ID2 is written. The terminal device 4-1 advances the process to S704 if ID2 priority information has been written to the card 13, and advances the process to step A in FIG. 6 if not.
Note that the processing in FIG. 6 is the same as that described above, and a description thereof will not be repeated.

In step S704, the terminal device 4-1 transmits the ID
A screen for instructing the input of 2 is displayed on the display unit 10. The trader sees this screen and enters ID2.

In S705, the terminal device 4-1 transmits the account number read from the card 13 and the ID2 input by the trader to the authentication server 6. At this time, the terminal device 4-1 temporarily stores the account number in order to determine whether or not the information received from the authentication server 6 in S410 is for the corresponding account.

In S706, authentication server 6 receives the account number and ID2.

In step S707, the authentication server 6 accesses the authentication information file 7 and reads out the ID 2 corresponding to the received account number. Then, the read ID2 is compared with the received ID2, and it is determined whether or not both belong to the same person. If it can be determined that they belong to the same person, the process proceeds to S708, and if it cannot be determined that they belong to the same person, a signal indicating that the identity of the trader cannot be confirmed is transmitted to the terminal device 4-1.

In S 708, the authentication server 6 checks the ID 1 corresponding to the account number received from the authentication information file 7.
Is read.

At S709, authentication server 6 transmits the account number and ID1 to terminal device 4-1.

At S710, terminal device 4-1 receives the account number and ID1. At this time, the terminal device 4-1
By comparing the account number received from the authentication server 6 with the account number temporarily stored in S705, it is determined whether or not the received information is for the corresponding account.

In step S711, the terminal device 4-1 displays a screen for inputting the transaction amount on the display unit 10 when the received information is for the corresponding account. The trader sees this screen and enters the transaction amount.

In step S712, the terminal device 4-1 attaches a transaction start request signal for requesting the start of payment transaction and a transaction amount to the received account number and ID1, and transmits them to the host computer 2.

In S713, the host computer 2
Receives the transaction (payment) start request signal, account number, ID1, and transaction amount.

At S714, the host computer 2
Accesses the account file 1 and reads ID1 corresponding to the received account number. And the read ID
1 is compared with the received ID1, and it is determined whether or not both match. If they match, the process proceeds to S715. If they do not match, a signal is transmitted to the terminal device 4-1 indicating that the identity of the trader cannot be confirmed.

In S715, the host computer 2
Confirms the validity of the account. In other words, confirm that the account is not in a state where transactions cannot be made because the report of the loss of the card has been recorded or the password has been incorrectly entered more than a predetermined number of times consecutively, Check if the account has more balance than the transaction amount.

At S716, the host computer 2
If the account is ready for trading and the account has more balance than the transaction amount, it records in the account file 1 that access from the terminal device is permitted and temporarily stores the balance after the transaction. After recording, a signal to permit the payment transaction is transmitted to the terminal device 4-1. If the account cannot be traded or the balance is insufficient, a signal indicating that the transaction cannot be performed or a signal indicating that the balance is insufficient is transmitted to the terminal device 4-1.

In step S717, the terminal device 4-1 counts the number of bills corresponding to the transaction amount, and prints a record of the transaction on a receipt.

In S718, the terminal device 4-1 discharges the card 13 out of the machine and returns it to the trader.

In step S719, when the trader receives the card 13, the terminal device 4-1 discharges the bill and the receipt outside the machine. Then, when the trader receives the bill and receipt,
The terminal device 4-1 transmits a signal indicating that the transaction has been completed to the host computer 2.

In S720, the host computer 2
Receives the signal indicating that the transaction has been completed from the terminal device 4-1, updates the provisionally recorded balance and records the transaction history for the corresponding account in the account file. Thus, a series of operations ends.

Next, two examples of processing for registering ID2 in the authentication server 6 will be described below.

FIG. 8 is a flowchart showing the operation of the ID2 registration process according to the first example.

In S801, first, the trader stands in front of the terminal device 4-1. Then, the terminal device 4-1 detects this by a sensor (not shown) and displays a transaction selection screen shown in FIG. Here, it is assumed that the trader presses the personal identification registration button.

In step S802, the terminal device 4-1 displays an instruction to insert a card on the display unit 10. The trader looks at this screen and inserts the card 13 owned by the trader into the terminal device 4-1.
To the card reader / writer 9 of the above.

In step S803, the terminal device 4-1 reads information such as an account number from the card 13.

In step S804, the terminal device 4-1 transmits the ID
A screen for instructing input of 1 is displayed on the display unit 10. The trader sees this screen and enters ID1.

In step S805, when the trader inputs ID1, the terminal device 4-1 displays a screen for instructing input of ID2 on the display unit 10. Traders look at this screen,
ID2 will be input.

In step S806, the terminal device 4-1 attaches a registration instruction signal for instructing registration of ID2 to the account number read from the card 13 and ID1 and ID2 input by the trader, and sends them to the authentication server 6. Send to At this time, the terminal device 4-1 temporarily stores the account number in order to determine whether the information received from the authentication server 6 in S809 is that of the corresponding account.

At S807, authentication server 6 receives the registration instruction signal, account number, ID1 and ID2.

In S808, the authentication server 6 registers the account number, ID1 and ID2 in the account file 7 in association with each other, and transmits a signal indicating that ID2 has been registered to the terminal device 4-1. Here, a description will be given assuming that the trader who has the card 13 is the account holder. Even if the trader holding the card 13 is a person other than the account holder, if the correct ID 1 cannot be entered, the host computer 2 will fail the identity verification and the transaction will not be permitted. This is because the ID2 of the person is recorded in the authentication server, leaving a trace of who has made the transaction, and it is useless to register anyone other than the account holder.

In S 809, the terminal device 4-1 sets the account number contained in the information received from the authentication server 6 and S
In step 806, the received information is compared with the account number temporarily stored to determine whether the received information is for the account. Then, when the received information is for the corresponding account, the terminal device 4-1 displays on the display unit 10 a screen indicating that registration has been completed and a screen instructing pressing of the confirmation button. The trader sees this screen and presses the confirmation button.

In S810, the terminal device 4-1 transmits the ID
2 Write the priority information to the card 13. The ID2 priority information is given priority over ID2 of the trader based on ID1.
Is a signal for instructing the identification of the trader based on the transaction. When this information is written in the card 13 at the time of the transaction, the terminal device 4-1 first performs the identity verification of the transaction based on ID2. Further, depending on the arbitrary setting of each financial institution, when this information is written in the card 13, the terminal device 4-1 can be configured to be able to perform only the identity verification of the trader based on ID2.

In S811, the terminal device 4-1 discharges the card 13 out of the machine and returns it to the trader. Then, when the trader receives the card 13, a series of operations is completed.

FIG. 9 is a flowchart showing the operation of ID2 registration processing according to the second example.

At S901, first, the trader stands in front of the terminal device 4-1. Then, the terminal device 4-1 detects this by a sensor (not shown) and displays a transaction selection screen shown in FIG. Here, it is assumed that the trader presses the personal identification registration button.

In step S902, the terminal device 4-1 displays an instruction to insert a card on the display unit 10. The trader looks at this screen and inserts the card 13 owned by the trader into the terminal device 4-1.
To the card reader / writer 9 of the above.

In S903, the terminal device 4-1 reads information such as an account number from the card 13.

In S904, the terminal device 4-1 transmits the ID
A screen for instructing input of 1 is displayed on the display unit 10. The trader sees this screen and enters ID1.

In step S905, when the trader inputs ID1, the terminal device 4-1 attaches a transaction (inquiry) request signal to the account number read from the card 13 and the ID1 input by the trader, and To the host computer 2. At this time, the terminal device 4-1 operates in S9
At 09, the account number is temporarily stored in order to determine whether the information received from the host computer 2 is that of the corresponding account.

In S906, the host computer 2
Receives the transaction (inquiry) request signal, account number and ID1.

In S907, the host computer 2
Accesses the account file 1 and reads ID1 corresponding to the received account number. And the read ID
1 is compared with the received ID1, and it is determined whether or not both match. If they match, the process proceeds to S908. If they do not match, a signal indicating that the identity of the trader cannot be confirmed is transmitted to the terminal device 4-1.

In S908, the host computer 2
Confirms the validity of the account. That is, it is checked whether or not the account is in a state where it cannot be transacted because a report of loss of the card has been recorded or a password has been input incorrectly more than a predetermined number of times. Then, if the account is ready for trading, a signal for permitting the transaction is transmitted to the terminal device 4-1.

In step S909, the terminal device 4-1 compares the account number received from the host computer 2 with the account number temporarily stored in step S905, and determines whether the received information is for the account. Determine whether or not. If the received information is for the corresponding account, the terminal device 4-1 displays a screen for instructing the input of ID2 on the display unit 10. The trader sees this screen and enters ID2.

In S910, the terminal device 4-1 attaches a registration instruction signal for instructing registration of ID2 and ID2 inputted by the trader to the account number and ID1, and transmits them to the authentication server 6. Note that, at this time, the terminal device 4-1
At 913, the account number is temporarily stored in order to determine whether the information received from the authentication server 6 is that of the account.

At S911, authentication server 6 receives the registration instruction signal, account number, ID1 and ID2.

In S912, the authentication server 6 registers the account number, ID1 and ID2 in the account file 7 in association with each other, and transmits a signal indicating that ID2 has been registered to the terminal device 4-1.

In S913, the terminal device 4-1 compares the account number received from the authentication server 6 with the account number temporarily stored in S910, and determines whether the received information is for the corresponding account. Determine whether or not. Terminal device 4-1
Displays on the display unit 10 a screen indicating that registration has been completed and a screen instructing pressing of the confirmation button when the received information is for the corresponding account. The trader sees this screen and presses the confirmation button.

In S914, the terminal device 4-1 transmits the ID
2 Write the priority information to the card 13.

In S915, the terminal device 4-1 releases the card 13 outside the machine and returns it to the trader. Then, when the trader receives the card 13, a series of operations is completed.

Next, an example of a process for re-registering ID2 in the authentication server 6 will be described below.

FIG. 10 is a flowchart showing the operation of the ID2 re-registration process.

At S1001, first, the trader stands in front of the terminal device 4-1. Then, the terminal device 4-1 detects this by a sensor (not shown) and displays a transaction selection screen shown in FIG. Here, it is assumed that the trader presses the personal identification registration button.

In S1002, the terminal device 4-1 displays a card insertion instruction on the display unit 10. The trader sees this screen and inserts his card 13 into the terminal device 4.
-1 card reader / writer 9.

In step S1003, the terminal device 4-1 reads information such as an account number and ID2 priority information from the card 13. At this time, since the ID2 priority information has been written to the card 13, the terminal device 4-1 determines that the re-registration processing is to be performed.

In step S1004, the terminal device 4-1 transmits the I
A screen for instructing the input of D2 is displayed on the display unit 10. The trader sees this screen and enters ID2.

In step S1005, when the trader inputs ID2, the terminal device 4-1 attaches a transaction (inquiry) request signal to the account number read from the card 13 and the ID2 input by the trader, and Is transmitted to the authentication server 6. Note that, at this time, the terminal device 4-1 operates in S101.
At 0, the account number is temporarily stored in order to determine whether or not the information received from the authentication server 6 is for the corresponding account.

In S1006, authentication server 6 receives the transaction (inquiry) request signal, account number, and ID2.

In S1007, the authentication server 6 accesses the authentication file 7 and reads ID2 corresponding to the received account number. Then, the read ID2 is compared with the received ID2, and it is determined whether or not the trader can be regarded as the principal. If it can be considered, the process proceeds to S1008.
If it cannot be determined, a signal indicating that the identity of the trader cannot be confirmed is transmitted to the terminal device 4-1.

In S1008, the authentication server 6 accesses the authentication file 7 and reads out ID1 corresponding to the received account number.

At S1009, the authentication server 6 transmits the account number and ID1 to the terminal device 4-1.

In S1010, the terminal device 4-1 receives the account number and ID1. Then, the terminal device 4-1
By comparing the account number received from the authentication server 6 with the account number temporarily stored in S1005, it is determined whether or not the received information is for the corresponding account.

In step S1011, if the received information is for the corresponding account, the terminal device 4-1 sets the account number and ID1 to a registration instruction signal for instructing registration of ID2 and ID2 input by the trader. Attach and attach these to the authentication server 6
Send to Note that, at this time, the terminal device 4-1 operates in S10
At 14, the account number is temporarily stored in order to determine whether the information received from the authentication server 6 is that of the account.

In S1012, authentication server 6 receives the registration instruction signal, account number, ID1 and ID2.

In step S1013, the authentication server 6 registers the account number, ID1 and ID2 in the account file 7 in association with each other, and sends a signal indicating that ID2 has been registered to the terminal device 4-1.
Send to

In step S1014, the terminal device 4-1 compares the account number received from the authentication server 6 with the account number temporarily stored in step S1011 and determines whether the received information is for the account. Determine whether or not. Terminal device 4
-1 indicates that the received information is for the relevant account,
The display unit 10 displays a screen indicating that registration has been completed and a screen instructing pressing of the confirmation button. The trader sees this screen and presses the confirmation button.

In step S1015, the terminal device 4-1 sets the I
Write the D2 priority information to the card 13.

[0138] In S1016, the terminal device 4-1 releases the card 13 outside the machine and returns it to the trader. And
When the trader receives the card 13, a series of operations is completed.

In the above flowchart, the terminal device 4-1 has transmitted and received information twice with the outside. this is,
The same applies to the flowcharts of the other FIGS. 4, 7, 8, and 9. The reason why the terminal device 4-1 transmits and receives information to and from the outside twice is to standardize that the host computer 2 or the authentication server 6 performs processing once after confirming the identity of the trader once. Is intended to maintain the security of the system.

In this embodiment, the balance inquiry and the payment have been described. However, a transaction such as a transfer or a transfer that requires identity verification can be realized by the same processing.

<Other Embodiment 1> In this embodiment,
The terminal device 4-1 stores ID2 on the card 13 held by the trader.
When the priority information is not written, the display unit 10
The display for selecting either the personal identification based on ID1 or the personal identification based on ID2 is performed.

The terminal device 4-1 configured as described above transmits the account number and ID1 to the host computer 2 when the trader selects the personal identification based on ID1, and sends the host computer 2 the transaction based on ID1. The identity of the person.

The terminal device 4-1 is connected to the terminal device 4-1 by the trader.
When the personal identification based on D2 is selected, the account number and the trader ID2 are transmitted to the authentication server 6 to make the authentication server 6 perform the trader identification by the ID2. Then, the terminal device 4-1 receives the trader's ID1 transmitted when the authentication server 6 considers that the trader is the principal, transmits the account number and ID1 to the host computer 2, The host computer 2 confirms the identity of the trader by ID1.

Note that the system is connected to terminal devices 4-2 to 4-m that do not include the second input unit 12. When the terminal device 4-2 to 4-m reads ID2 priority from the medium owned by the trader, it ignores this information,
The identity verification process of the trader by ID1 is performed.

<Other Embodiment 2> In this embodiment,
The terminal device 4-1 stores ID2 on the card 13 held by the trader.
If the priority information is written, the authentication server 6
When the registration of D1 or ID2 is performed, the authentication server 6 is made to perform the identity verification of the trader by ID2.
The re-registration process of D1 or ID2 is started.

Furthermore, in this embodiment, the terminal device 4
-1 means that, when the ID2 is registered in the account in which the ID2 is already recorded in the authentication file 7 of the authentication server 6, the authentication server 6 performs the identity verification of the trader by the ID2. When it is confirmed that the user is the principal, the authentication server 6 starts re-registration processing of ID2.

[0147] The terminal device 4-1 configured as described above is an account holder who has registered ID2 in the authentication server 6 once.
ID1 or ID2 can be rewritten according to the judgment of the account holder.

<Other Embodiment 3> In the present embodiment,
The terminal device 4-1 is constituted by a point-of-sales terminal (hereinafter referred to as a POS terminal) such as a cash register, and password information constituted by an arbitrary number of alphanumeric characters or kana characters is ID2. It is used as

FIG. 11 is a diagram showing another configuration example of the terminal device 4-1. In the present embodiment, the second input unit 12 is configured by a numeric keypad. The configuration shown by the dotted line in the figure is an enlarged view of the key of the second input unit 12 on which the numeral 1 is arranged. At the top of the second input unit 12, keys 1, 2, and 3 are arranged from left to right, and at the second, keys 4, 5, and 6 are arranged. Has 7,
Keys 8 and 9 are arranged, and keys *, 0 and # are arranged at the bottom. In addition, each key has, besides a number, AZ as shown in FIG.
Are arranged. The second input unit 12 can input the English characters arranged on the keys 0 to 9 by pressing the keys 0 to 9 after pressing the # key, for example.

This terminal device 4-1 is arranged at the counter of the store. For example, when an account holder who has opened an account with a financial institution purchases merchandise from a store, it is used to process the payment of the merchandise from the customer's account to the store.

Hereinafter, the steps of the payment transaction will be described. FIG. 12 is a diagram showing a payment transaction process.

In step S1201, the trader stands in front of the terminal device 4-1 with the product to be purchased and delivers the product to the clerk. After the clerk inputs the price of the product to the terminal device 4-1,
Ask the trader how to make the payment.
At this time, if the trader declares that part of the payment is to be paid from the account opened at the financial institution, the clerk keeps the card 13 from the trader and returns from the account provided in the first input unit 11. Press the key to instruct payment.

In step S1202, the terminal device 4-1 displays a card pass instruction on the display unit 10. The clerk looks at this screen and passes the card 13 received from the trader through the card reader / writer 9 of the terminal device 4-1. At this time, the terminal device 4-1 temporarily stores the data read from the card 13 in a storage unit (not shown).

In step S1203, the terminal device 4-1 reads out the account number from the data temporarily stored in the storage unit and determines whether there is ID2 priority information for instructing that the identity of the trader be verified based on ID2. Check whether or not. The terminal device 4-1 advances the process to S1204 when there is ID2 priority information, and advances the process to step A in FIG. 6 when there is no ID2 priority information. Note that the processing in FIG. 6 is the same as that described above, and a description thereof will not be repeated.

In S1204, the terminal device 4-1 sets the I
A screen for instructing the input of D2 is displayed on the display unit 10. The trader sees this screen and enters the password that is ID2. For example, if the trader uses SA as ID2
When KURA3 is registered, the trader first presses # to switch the input mode of the terminal device 4-1 to English characters,
Then, press 7,1,4,4,8,6,6,6,1 and
Next, the user presses # to switch the input mode of the terminal device 4-1 to a number, and then presses 3.

In step S1205, when the clerk presses the ENTER key provided in the first input section 11, the terminal device 4-1 compares the account number read from the card 13 and the ID2 input by the trader with the authentication server. Send to 6. At this time, the terminal device 4-1 temporarily stores the account number in order to determine whether or not the information received from the authentication server 6 in S410 is for the corresponding account.

At S1206, authentication server 6 receives the account number and ID2.

In S1207, authentication server 6 accesses authentication information file 7 and reads ID2 corresponding to the received account number. And the read ID2
Is compared with the received ID2 to determine whether or not the two match. If they match, the process advances to step S1208. If they do not match, a signal indicating that the identity of the trader cannot be confirmed is transmitted to the terminal device 4-1.

In S1208, authentication server 6 determines the ID corresponding to the account number received from authentication information file 7.
Read 1

At S1209, authentication server 6 transmits the account number and ID1 to terminal device 4-1.

In S1210, the terminal device 4-1 receives the account number and ID1. At this time, the terminal device 4-1
Compares the account number received from the authentication server 6 with the account number temporarily stored in S1205, and determines whether the received information is for the corresponding account.

In S1211, the clerk asks the trader how much to pay in cash and how much to pay from the account. The trader declares the amount to be paid in cash and passes the amount to be paid in cash to the clerk. The clerk inputs the remaining amount of the price from the first input unit 11 as a transaction amount.

In step S1212, the terminal device 4-1 attaches the transaction start request signal for requesting the start of payment transaction and the transaction amount to the received account number and ID1, and transmits them to the host computer 2.

In S1213, the host computer 2 transmits a transaction (payment) start request signal, account number, and ID1.
And receive the transaction amount.

In S1214, the host computer 2 accesses the account file 1 and reads out ID1 corresponding to the received account number. Then, the read I
D1 is compared with the received ID1, and it is determined whether or not both match. If they match, the process proceeds to S1215. If they do not match, a signal indicating that the identity of the trader cannot be confirmed is transmitted to the terminal device 4-1.

In S1215, the host computer 2 checks the validity of the account. In other words, because the report of loss of the card is recorded or the security code is incorrectly entered more than a predetermined number of times consecutively,
Check whether the account is in a state where it cannot be traded and also check whether the account has more balance than the transaction amount.

In step S1216, the host computer 2 notifies the account file 1 that the access from the terminal device is permitted when the account is ready for the transaction and the account has a balance larger than the transaction amount. The balance is recorded and the balance after the transaction is provisionally recorded, and a signal to permit the payment transaction is transmitted to the terminal device 4-1. If the account cannot be traded or the balance is insufficient, a signal indicating that the transaction cannot be performed or a signal indicating that the balance is insufficient is transmitted to the terminal device 4-1.

In step S1217, the terminal device 4-1 prints the transaction record on the receipt assuming that the transaction has been executed.

In S1218, the terminal device 4-1 discharges the receipt outside the machine. The clerk passes the receipt to the trader. Thereafter, the terminal device 4-1 transmits a signal indicating that the transaction is completed to the host computer 2.

In step S1219, when the host computer 2 receives a signal indicating that the transaction has been completed from the terminal device 4-1, the host computer 2 updates the provisionally recorded balance for the corresponding account in the account file and updates the transaction history. Record. Thus, a series of operations ends.

<Regarding Modifications> The present invention is not limited to the present embodiment, and various applications and modifications can be considered without departing from the gist of the present invention.

For example, it can be modified as follows.

The management of the authentication server 6 may be performed by an internal organization of each financial institution, or may be performed by an external organization independent of each financial institution.

The authentication server 6 can store ID2 as image information, information obtained by compressing the image information, or information obtained by encoding the image information by a predetermined algorithm.

The authentication server 6 is provided with a plurality of types of I / Os based on different technologies such as an iris, a fingerprint, and a face leopard.
D2 can be handled. And the terminal device 4
When the information that specifies the type of ID2 is written on the card 13 possessed by the trader, or when the information that specifies the type of ID2 is read from the card 13, the ID of the type is given to itself.
When a function for inputting the ID 2 is provided, the identity of the trader is confirmed by ID2. Note that the terminal device 4 reads information for specifying the type of ID2 from the card 13 possessed by the trader, and if the terminal device 4 does not have a function of inputting the ID2 of the type, the identity of the trader by ID1 is used. Make a confirmation.

Although the second network 5 is shown in FIG. 1 as a configuration separated from the first network 3, the second network 5 may be physically and electrically identical and integrated into one. it can.

[0177] The display section 10 may be formed of a touch panel, and may be integrated with the first input section 11.

[0178]

The present invention described above has the following effects.

The basic structure of the financial institution online transaction processing system according to the present invention is the same as that of the current one, so that it is possible to shift to a new system without affecting the huge financial institution online transaction processing system. In addition, each financial institution can gradually change its own system from some terminal devices to a new system. Therefore, there is no need for significant investment in system renewal costs, time, migration management, etc., and it is possible to make an independent migration plan without consensus with other financial institutions, so transition to the new method in a short time be able to.

Further, the account holder can determine whether or not to use the new method by his / her own will. Moreover, since registration of the new method is performed by the account holder himself, the account holder can determine whether or not the account holder is using the new method, except for the account holder including the bank member of the financial institution. Can be kept secret to the person. As a result, financial institutions do not have to force account holders who fear privacy violations to use the new method. Accordingly, each financial institution does not need to obtain approval for the new method from account holders who fear invasion of privacy, and can easily change their systems to the new method.

[Brief description of the drawings]

FIG. 1 is a diagram showing an embodiment of the present invention.

FIG. 2 is a diagram showing an overall configuration of a system.

FIG. 3 is a diagram showing details of a system.

FIG. 4 is a flowchart showing an identity verification process at the time of a balance inquiry transaction.

FIG. 5 is a diagram showing a transaction selection screen.

FIG. 6 is a flowchart showing a selection process of ID1 and ID2.

FIG. 7 is a flowchart showing an identification process at the time of payment transaction.

FIG. 8 is a flowchart illustrating an example of a registration process of ID2.

FIG. 9 is a flowchart illustrating another example of ID2 registration processing.

FIG. 10 is a flowchart illustrating an example of ID2 re-registration processing.

FIG. 11 is a diagram illustrating another configuration example of the terminal device.

FIG. 12 is a flowchart showing steps in a payment transaction.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 Account file 2 Host computer 3 1st network 4 Terminal device 5 2nd network 6 Authentication server 7 Authentication information file

──────────────────────────────────────────────────の Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) G06F 15/30 ML 350A (72) Inventor Shinichi Sudo 1-7-12 Toranomon, Minato-ku, Tokyo Oki Electric F term in Industrial Co., Ltd. (reference) 3E040 AA03 BA18 CA14 CB04 DA02 FH05 4C038 VA07 VB40 VC20 5B055 BB10 EE03 EE27 HA02 HA14 HB02 HB04 KK01 KK09 KK19 NF04 5B085 AA01 AE02 AE12 AE23 AE25 EJ25 EJ25 EJ25 AE25

Claims (18)

[Claims] Claims 1. A host computer of a financial institution that manages an account file, and a terminal device capable of online trading with the account of the host computer, wherein the host computer has an account transmitted from the terminal device. The identity of the trader is confirmed using the account identification information for identifying the trader and the first personal identification information for identifying the trader, and when it is confirmed that the trader is the principal, from the terminal device, In the transaction processing system for granting access to the corresponding account, the terminal device is connected to an authentication server capable of confirming the identity of the trader using second personal identification information different from the first personal identification information. Connected, the authentication server performs the identity verification of the transaction using the account identification information and the second personal identification information transmitted from the terminal device, When the drawer is confirmed as the principal, the first personal identification information registered in advance corresponding to the account identified by the account identification information is determined and transmitted to the terminal device; Transmits the first personal identification information received from the authentication server to the host computer, and causes the host computer to perform the identity verification of the trader by using the first personal identification information, so that the corresponding account is A transaction processing system characterized by allowing access to a transaction. 2. The terminal device according to claim 1, further comprising: a control unit for performing various controls; a display unit for guiding an operation of the trader; and information for specifying an account file from a medium possessed by the trader. A reader / writer unit for writing; a first input unit for a trader to input various information; and a second input unit for the trader to input second personal identification information. The transaction processing system according to claim 1, wherein: 3. When the registration button for registering the second personal identification information is pressed by a trader, the terminal device reads the account identification information read from the medium by the reader / writer unit and the first identification information. The first personal identification information input from the input unit of the second and the second personal identification information input from the second input unit
2. The transaction processing system according to claim 1, wherein the personal identification information is transmitted to the authentication server together with a signal requesting a registration process, so that the authentication server registers the three pieces of information in association with each other. . 4. The terminal device transmits account identification information and first personal identification information to the host computer, and performs a registration process with the authentication server based on a result of the identity verification of the trader on the host computer. 4. The transaction processing system according to claim 3, wherein 5. The terminal device, when the registration processing of the second personal identification information in the authentication server ends normally,
By recording the second personal identification priority information on the medium indicating that the identification of the trader by the second personal identification information is performed in preference to the identification of the trader by the first personal identification information, If the second personal identification priority information is recorded on the medium at the time of the business person identification processing or the second personal identification information re-registration processing, the input processing of the second personal identification information should be performed with priority. The transaction processing system according to claim 1, wherein: 6. The terminal device according to claim 1, wherein the second personal identification information input from the second input unit is stored in an account when the second personal identification priority information is recorded on a medium owned by the trader. The authentication server transmits to the authentication server together with the identification information, the authentication server determines second personal identification information registered in advance corresponding to the account identified by the received account identification information, and identifies the second individual. Using the specific information and the received second personal identification information, the identity of the trader is confirmed, and if the trader can be regarded as the principal, the trader is registered in advance in accordance with the account specified by the account identification information. The transaction processing system according to claim 1, wherein the first personal identification information is determined and transmitted to the terminal device. 7. The terminal device, when the second personal identification priority information is not recorded on a medium possessed by the trader,
2. The apparatus according to claim 1, wherein the user can select whether to input the first personal identification information or the second personal identification information.
Transaction processing system described in 1. 8. The terminal device causes the authentication server to register the first or second personal identification information when the second personal identification priority information is recorded on a medium owned by the trader. At this time, the authentication server is made to perform the identity verification of the trader based on the second personal identification information, and when it is confirmed that the trader is the identity, the authentication server transmits the first or second personal identification information to the authentication server. The transaction processing system according to claim 1, wherein re-registration processing is started. 9. The terminal device according to claim 2, wherein the authentication server has a second personal identification information already recorded on the account.
In the case where the personal identification information is registered, the authentication server is made to confirm the identity of the trader based on the second personal identification information. 2. The transaction processing system according to claim 1, wherein the re-registration process of the personal identification information is started. 10. When a terminal device not provided with a second input unit connected to the transaction processing system reads a medium on which second personal identification priority information is recorded, ignores this signal, 2. The transaction processing system according to claim 1, wherein the transaction identification system performs a transaction identification process based on the first personal identification information. 11. The transaction processing system according to claim 1, wherein the first personal identification information is an arbitrary password. 12. The transaction processing system according to claim 1, wherein the second personal identification information is password information, signature information, or information indicating a biological characteristic. 13. The network includes a first network connecting the host computer and the terminal device, and a second network connecting the terminal device and the authentication server.
2. The transaction processing system according to claim 1, comprising a network. 14. The authentication server according to claim 1, wherein the authentication server stores the second personal identification information as image information, information obtained by compressing the image information, or information obtained by coding the image information by a predetermined algorithm.
Transaction processing system described in 1. 15. The transaction processing system according to claim 1, wherein the authentication server can handle a plurality of types of second personal identification information. 16. The transaction processing system according to claim 15, wherein the terminal device writes information for specifying the type of the second personal identification information on a medium possessed by the trader. 17. When the terminal device does not have an input function corresponding to information for specifying the type of the second personal identification information read from a medium possessed by the trader,
17. The transaction processing system according to claim 16, wherein a transaction identification process is performed based on the first personal identification information. 18. The transaction processing system according to claim 1, wherein said terminal device is a POS terminal.