JP2010009260A - Transaction processing apparatus - Google Patents

Abstract

The present invention provides a transaction processing apparatus that improves security without deteriorating user operability.
A card / detail processing unit 3 receives a card and reads information recorded on the card. Further, the biometric information reading unit 8 reads the biometric information of the user. The ATM 1 uses the biometric information read by the biometric information reading unit 8 to authenticate whether the owner of the card received this time is the user himself / herself. The cardholder's biometric information is recorded on the card. When the user can be authenticated, the short-range wireless communication unit 9 notifies the user's portable terminal 20 of the one-time password. Then, if there is an input of the notified one-time password, the ATM 1 transmits an authentication request regarding whether or not the transaction is possible to the host device, and processes the transaction according to the authentication result in the host device.
[Selection] Figure 1

Description

  The present invention relates to a transaction processing apparatus that performs personal authentication for a user and processes a transaction corresponding to the input operation of the user only for the authenticated user.

  Conventionally, automatic teller machines (hereinafter referred to as ATMs), which are installed in financial institution stores, convenience stores, etc., and can perform various transactions such as deposit transactions and withdrawal transactions for accounts opened in financial institutions. is there. When processing withdrawal transactions, transfer transactions, etc., the ATM authenticates whether the account holder from which the withdrawal is made is the user, and processes the requested transaction only if it is authenticated. Yes. User authentication methods include authentication using a personal identification number and authentication using biometric information such as the finger vein and palm vein of the user.

In addition, proposals have been made to perform identity authentication using a password that is valid only for a specific period (hereinafter referred to as a one-time password) (see Patent Documents 1 and 2, etc.). For example, in Patent Document 1, the center determines a user based on a caller number of a mobile phone that has been accessed, and issues a one-time password to the user. The issued one-time password is notified to the user's mobile phone. The user can make a transaction by inserting a cash card at an ATM and then entering a one-time password. Moreover, in patent document 2, a user inserts a cash card by ATM, and inputs a PIN code after that. When the user can be authenticated by this personal identification number, the center issues a one-time password to the user. The issued one-time password is notified to the user's mobile phone by e-mail. The user can make a transaction by inputting the one-time password notified this time.
JP 2007-25907 A JP 2004-272827 A

  However, in the configuration of Patent Document 1, the user must perform a prior work of accessing the center with a mobile phone and acquiring a one-time password before using the ATM. For this reason, there exists a problem of reducing a user's operativity.

  Moreover, in the structure of patent document 2, since a user is made to input a personal identification number by ATM, there exists a danger that the input operation of a personal identification number may be peeped at by others. A general user owns a plurality of cash cards, credit cards, and the like that perform personal authentication with a personal identification number, and set the same personal identification number with several cards. For this reason, there exists a problem that the security about the card | curd used except the system of patent document 2 is not ensured.

  An object of the present invention is to provide a transaction processing apparatus that improves security without deteriorating the operability of a user.

  The transaction processing apparatus of the present invention has the following configuration in order to solve the above-described problems and achieve the object.

  The medium receiving means receives a medium such as a cash card or a credit card, and reads medium information recorded on the medium. Further, the biological information reading means reads the user's biological information. The biometric information reading means reads patterns such as finger veins, palm veins, irises, and retinas as user biometric information. The user authentication unit uses the medium information recorded on the medium received by the medium receiving unit and the biometric information (read information) read by the biometric information reading unit, and is used by the owner of the medium received this time Authenticates whether the person is The biometric information (registration information) of the owner of the medium may be included in the medium information or managed by the center. Then, the notification means notifies the password used in the current transaction to the mobile terminal of the user who has authenticated that the user authentication means is the user. The user's mobile terminal may be a mobile phone, a PDA, or the like. Then, if there is an input of the password notified by the notification means, the transaction processing means transmits an authentication request regarding whether or not the transaction is possible to the upper apparatus, and processes the transaction according to the authentication result in the upper apparatus. .

  In this way, since the user does not input the personal identification number, the personal identification number input operation is peeped and does not leak. Therefore, even if there is a card having the same password set, the security of the card is not lowered. In addition, it is not necessary to access the center or the like in advance and perform a prior work for obtaining a password, so that the operability of the user is not deteriorated. In addition, since the security code can be made unnecessary in the present system, it is possible to reduce the labor of the user for managing the security code.

  Further, if a password generating means for generating the password is provided, it does not require a communication time for requesting the host device to generate a password or for receiving the generated password. It can be suppressed.

  Further, if the password generating means is configured to generate a password to be used in the current transaction after authenticating that the owner of the medium accepted by the user authenticating means is the user himself / herself, It is possible to prevent unnecessary generation and suppress the load on the apparatus main body.

  The password notification by the notification means is preferably a configuration that does not allow the user to perform a special operation, such as a configuration that uses e-mail or a configuration that uses short-range wireless communication. In addition, when notifying a password by short-range wireless communication, it is determined whether the user's mobile terminal located in the short-range wireless communication area is the authenticated user's mobile terminal, and the authenticated user's mobile terminal. If it is not a terminal, the password may not be notified.

  According to the present invention, security can be improved without deteriorating the operability of the user.

  Hereinafter, an automatic transaction processing apparatus (hereinafter referred to as ATM) according to an embodiment of the present invention will be described.

  FIG. 1 is a diagram showing the configuration of the main part of the ATM according to this embodiment, and FIG. 2 is a diagram showing the appearance of this ATM. This ATM 1 is installed in a financial institution's store, convenience store, or the like, and processes various transactions such as a withdrawal transaction and a transfer transaction according to a user's input operation. The ATM 1 includes a main control unit 2, a display / operation unit 3, a banknote processing unit 4, a coin processing unit 5, a card / detail processing unit 6, a passbook processing unit 7, a biological information reading unit 8, A short-range wireless communication unit 9 and a communication unit 10 are provided. The main control unit 2 controls the operation of each part of the ATM 1 main body and processes the transaction requested by the user.

  The display / operation unit 3 includes a display 3a provided on the front surface of the main body, and a touch panel 3b attached on the screen of the display 3a. The display / operation unit 3 displays an operation guidance screen for the user on the display 3a. In addition, the display / operation unit 3 detects a position where the touch panel 3b is pressed, and accepts a user input operation related to a personal identification number and transaction details (transaction type, deposit / withdrawal amount, etc.).

  The banknote processing part 4 conveys a banknote along the banknote conveyance path formed between the banknote depositing / withdrawing port 4a provided in the front of the main body, and the banknote cartridge accommodated inside the main body. Moreover, the banknote process part 4 has a banknote discrimination part which discriminates a money type and authenticity for every banknote currently conveyed along a banknote conveyance path. A banknote discrimination part discriminates authenticity and denomination based on the magnetic pattern read from the banknote, the transmitted light pattern, or the like. The coin processing unit 5 conveys coins along a coin conveyance path formed between a coin deposit / withdrawal port 5a provided on the front surface of the main body and a coin cartridge housed inside the main body. Moreover, the coin process part 5 has a coin discrimination part which discriminate | determines a money type and authenticity for every coin currently conveyed along a coin conveyance path.

  The card / detail processing unit 6 takes in a cash card (hereinafter simply referred to as a card) inserted into a card insertion slot 6a provided on the front of the main body, and stores card information (financial information) recorded in the magnetic stripe of the card. Read institution number, store number, account number, etc.) and rewrite card information. In addition, when the inserted card is an IC card, the data recorded on the IC chip of the card is read or rewritten as necessary. The IC chip stores biometric information (registered information) of the user who is the owner of the card. Further, the card / detail processing unit 6 has a printing unit (not shown) for printing the transaction contents on the specification. The card / specification processing unit 6 discharges the specification printed with the transaction contents to the specification discharge port 6b provided on the front of the main body.

  The bankbook processing unit 7 has a printing unit (not shown) that takes in a bankbook inserted into a bankbook insertion slot 7a provided on the front of the main body and prints a transaction history for the bankbook. In addition, the passbook processing unit 7 is recorded on a page turning mechanism for turning over the page of the imported passbook, a bar code reader for reading a bar code indicating a page number printed on the passbook, and a magnetic stripe attached to the passbook. It also has a magnetic head or the like that reads the bankbook information (financial institution number, store number, account number, etc.).

  The biometric information reading unit 8 includes a biometric information reading sensor 8a provided on the front surface of the main body. This biological information reading sensor 8a reads the finger vein pattern of the user. Here, as the biometric information reading sensor 8a, a sensor that reads a finger vein pattern is taken as an example, but other types of biometric information such as palm veins, irises, and retinas may be read. The biometric information reading unit 8 collates the biometric information (read information) of the user read by the biometric information reading sensor 8a with the biometric information (registered information) recorded on the IC chip of the card, and the degree of similarity. To authenticate whether the user and the cardholder are the same person.

  The short-range wireless communication unit 9 uses the vicinity of the terminal set position 9a provided on the front of the main body as a wireless communication area, and performs short-range wireless communication with a mobile terminal 20 (such as a mobile phone or a PDA) located in the wireless communication area. An antenna (not shown) for wireless communication is provided at the terminal set position 9a. The wireless communication area of the short-range wireless communication unit 9 is a space of several centimeters from this antenna. The communication unit 10 controls data communication with a host device (not shown) installed in the center. This host device manages an account opened in a financial institution. The host device stores various information necessary for account management.

  The ATM 1 authenticates the user with a personal identification number or a one-time password in accordance with the accepted card, and processes the requested transaction only for the authenticated user. Specifically, the received card is an IC card, and registration information used for biometric authentication (the biometric information of the owner of this card) and setting information in which the authentication method is authenticated with a one-time password are stored in the IC chip. If stored, the user is authenticated with a one-time password. In other words, even if the received card is not an IC card, or even if it is an IC card, registration information used for biometric authentication is not stored, or setting information in which the authentication method is authentication with a personal identification number is stored in the IC chip. If so, authenticate the user with a PIN.

  The card also records information such as the financial institution code, the store code, and the account number where the corresponding account is established.

  A user who authenticates with a one-time password has a portable terminal 20 having a wireless communication function capable of wireless communication with the short-range wireless communication unit 9 of the ATM 1. The mobile terminal 20 is a terminal having, for example, a Felica (registered trademark) chip. In this chip, a user account number, a one-time password notified from the ATM 1, and a time when the one-time password is notified. Are stored in association with each other.

  Next, the operation of this ATM 1 will be described. 3 and 4 are flowcharts showing the operation of the ATM. The display / operation unit 3 displays a transaction type selection screen (see FIG. 5) on the display 3a, and waits for a transaction type selection input by the user (s1). The display / operation unit 3 displays a card insertion guide screen (see FIG. 6) on the display 3a when receiving the selection input of the transaction type by the user. The ATM 1 waits for the card / detail processing unit 6 to accept the insertion of the card (s2). When the card / detail processing unit 6 accepts the card, the ATM 1 determines whether or not to perform biometric authentication (s3). ATM1 determines that biometric authentication is performed if the card received in s2 is an IC card and registration information used for biometric authentication is recorded on the card. In other words, if the card received in s2 is not an IC card but a magnetic card, or if registration information used for biometric authentication is not recorded on the card, it is determined that biometric authentication is not performed, and s11 and later described later. Process.

  When the ATM 1 determines that biometric authentication is performed in s3, the display / operation unit 3 displays a biometric presentation request screen (see FIG. 7) on the display 3a (s4), and presents biometric information (to the biometric information reading sensor 8a). The user is requested to place the finger). The biological information reading unit 8 reads the finger vein pattern of the user with the biological information reading sensor 8a (s5). The biometric information reading unit 8 compares the biometric information (read information) of the user read in s5 with the registration information recorded in the card received in s2, and authenticates the user (s6). In s6, the similarity between the read information and the registration information is calculated, and if the calculated similarity exceeds a predetermined value, the user is authenticated as the owner of the card accepted in s2. In other words, if the similarity between the read information and the registration information does not exceed a predetermined value, it is determined that the user is not the owner of the card accepted in s2.

  If the ATM 1 cannot authenticate the user as the owner of the card received in s2 (if biometric authentication is NG), a screen requesting resetting of the biometric information to the biometric information reading sensor 8a is displayed on the display 3a. Display (s7, s8) and return to s5. In s8, a message notifying the user that the previous biometric authentication is NG is also displayed on the display 3a.

  When the ATM 1 can authenticate the user as the owner of the card accepted at s2 (if biometric authentication is OK), the ATM 1 displays a message (see FIG. 8) to that effect on the display 3a (s7, s9). The ATM 1 determines whether to authenticate with the password or the one-time password based on the setting information of the authentication method stored in the card received in s2 (s10). Specifically, if the authentication method stored in the card received in s2 is a password, it is determined that authentication is performed using the password, and conversely, the authentication method stored in the card is a one-time password. If there is, it is determined to authenticate with a one-time password.

  When the ATM 1 determines that the authentication is performed with the personal identification number in s10, the display / operation unit 3 accepts the input of the personal identification number by the user and the transaction content such as the withdrawal amount (s11). ATM1 transmits the transaction authentication request including the password entered in s11 and the transaction content to the host device (s12). Communication with the host device is controlled by the communication unit 10. The ATM 1 waits to receive an authentication result for the transaction authentication request transmitted in s12 from the host device (s13). The host device matches or does not match the PIN set for the account that is currently requested for transaction with the PIN that is included in the transaction authentication request sent from ATM1 or the transaction requested this time. Authenticates whether or not the transaction is possible based on whether or not the transaction is an account balance shortage. If the authentication result from the host device 1 is not transactionable, the ATM 1 stops the transaction (s14, s15) and ends this process. In s15, the card received in s2 is returned to the user. On the other hand, if the authentication result from the host device 1 is transactable, the transaction with the transaction content requested this time is processed (s14, s16), and this process is terminated.

  In addition, when ATM1 is authenticated that the transaction is impossible due to the mismatch of the security code, the user is prompted to re-enter the security code without stopping the transaction until a predetermined number of times (for example, 3 times). A screen is displayed on the display 3a, and an authentication request including the re-entered password is retransmitted to the host device.

  If the ATM 1 determines that the authentication is performed with the one-time password in s10, the ATM 1 generates a one-time password to be used in the current transaction (s17).

  FIG. 9 is a flowchart showing a process for generating a one-time password. The ATM 1 initializes the one-time password storage area provided in the main control unit 2 (s51). In s51, an appropriate character string code is stored in this one-time password storage area. ATM1 creates an appropriate first number string based on the current time (s52). This first number string is, for example, a six-digit number string. ATM1 creates the second number string based on the financial institution number, branch number, and machine number where the device is installed (s53). Then, the ATM 1 generates a one-time password based on the first numeric string created in s52 and the second numeric string created in s53 (s54), and the one-time password initialized in s51 Store in the storage area (s55).

  In s54, a one-time password is generated using a predetermined function.

  When the ATM 1 generates a one-time password in s17, the display / operation unit 3 displays a terminal set request screen (see FIG. 10) that prompts the user to set the mobile terminal 20 at the terminal set position 9a. It is displayed on the device 3a (s18). When the short-range wireless communication unit 9 detects the portable terminal 20 located in the wireless communication area (s19), the ATM 1 performs short-range wireless communication with the portable terminal 20, and the account number stored in the portable terminal 20 is stored. Is acquired (s20). In s19, the short-range wireless communication unit 9 performs polling at regular time intervals, and when there is a response to this polling, it is determined that the mobile terminal 20 is located in the wireless communication area.

  ATM1 determines whether the account number currently recorded on the card | curd received by s2 and the account number acquired from the portable terminal 20 this time correspond (s21). If ATM1 determines that they do not match at s21, a message (see FIG. 11) notifying the user that the mobile terminal 20 is not appropriate is displayed on the display 3a (s22), and the current transaction is stopped at s15. .

  If the ATM 1 determines that the account numbers match in s21, the short-range wireless communication unit 9 transmits the one-time password generated in s17 to the portable terminal 20 (s23). Further, the display / operation unit 3 displays a one-time password input request screen (see FIG. 12) for requesting the user to input a one-time password on the display 3a (s24).

  The portable terminal 20 stores the one-time password transmitted from the ATM 1 in a predetermined storage area. At this time, the reception time of this one-time password is also associated and stored. The user can operate the mobile terminal 20 to display the one-time password transmitted from the ATM 1 this time on the display of the mobile terminal 20.

  FIG. 13 is a flowchart showing a one-time password display process in the portable terminal. When the input operation for instructing the display of the one-time password is performed on the operation unit, the portable terminal 20 reads the one-time password stored in the one-time password recording area and the recorded time (s61). The portable terminal 20 determines whether the read one-time password is a numeric string or a character string (s62). If it is a numeric string, the difference between the time when the one-time password was recorded and the current time Is calculated (s63). In s63, the elapsed time after storing the one-time password is calculated. If the elapsed time calculated here is within a predetermined time range, the portable terminal 20 displays the recorded one-time password on the display unit (s64, s65). On the other hand, if it is determined in s62 that it is not a numeric string, or if it is determined that the elapsed time since recording in s64 is not within a predetermined time range, a message such as “No one-time password is recorded” is displayed. Is displayed on the front (s66), and the user is notified of this.

  The user inputs the one-time password into the ATM 1 while confirming the one-time password displayed on the display unit of the mobile terminal 20. When the one-time password is input (s25), the ATM 1 determines whether the input one-time password is the same as the one-time password generated this time (s26). As described above, the ATM 1 stores the one-time password generated this time in the main control unit 2. If it is determined in s26 that the one-time passwords are not the same, it is determined whether or not the input error of the one-time password has reached a predetermined number of times (for example, three times) (s27), and this predetermined number of times must be reached. Then, the one-time password re-input screen (see FIG. 14) is displayed on the display 3a (s28), and the process returns to s25. On the other hand, if it is determined in s27 that the predetermined number of times has been reached, the transaction is stopped in s15, and this process is terminated.

  If the ATM 1 determines in s26 that the input one-time password matches the one-time password generated this time, it accepts input of transaction details such as the withdrawal amount (s29). And ATM1 transmits the transaction authentication request | requirement containing the transaction content input by s29 to a high-order apparatus from the communication part 10 (s30), and performs the process after s13 mentioned above. In s30, the host device is notified that the user has been authenticated with the one-time password. Therefore, the host device does not need to perform authentication of the user, and only has to authenticate whether or not the transaction is possible based on whether or not the transaction requested this time is a transaction corresponding to a shortage of the account balance.

  In this way, the user can perform a transaction without entering a personal identification number by setting authentication with a one-time password. Therefore, security against the leakage of the password can be ensured. In addition, it is not necessary to access the center or the like in advance to obtain a one-time password, and a reduction in user convenience can be suppressed. Moreover, since ATM1 authenticates the user, the time required for the authentication process on the host device side can be shortened.

  The one-time password may be generated by the host device, but here it is configured to be generated by ATM1, so the host device is requested to generate a one-time password, or the generated one-time password is generated. Since communication time such as reception is not required, an increase in time required for transactions can be suppressed.

  In addition, the notification of the one-time password to the mobile terminal 20 may be performed by e-mail or the like, but here, since the one-time password is notified by short-range wireless communication, there is a risk of being intercepted by others. Security is low.

  In the above embodiment, the authentication method is stored in the card. However, the user may select an authentication method when performing a transaction.

  The present invention is applicable not only to the ATM 1 of the above-described embodiment, but also to devices such as ticket machines that purchase tickets using a credit card or the like.

It is a block diagram which shows the structure of the principal part of ATM. It is a figure which shows the external appearance of ATM. It is a flowchart which shows operation | movement of ATM. It is a flowchart which shows operation | movement of ATM. It is a figure which shows the example of a display screen of ATM. It is a figure which shows the example of a display screen of ATM. It is a figure which shows the example of a display screen of ATM. It is a figure which shows the example of a display screen of ATM. It is a flowchart which shows the process which produces | generates a one-time password. It is a figure which shows the example of a display screen of ATM. It is a figure which shows the example of a display screen of ATM. It is a figure which shows the example of a display screen of ATM. It is a flowchart which shows the display process of the one-time password in a portable terminal. It is a figure which shows the example of a display screen of ATM.

Explanation of symbols

1-ATM
2-Main control unit 3-Display / operation unit 6-Card / detail processing unit 8-Biological information reading unit 9-Near field communication unit 10-Communication unit 20-Mobile terminal

Claims (5)

Medium receiving means for receiving a medium and reading medium information recorded on the medium;
Biometric information reading means for reading the biometric information of the user;
Use of authenticating whether the owner of the medium received this time is the user himself / herself using the medium information recorded on the medium received by the medium receiving means and the biological information read by the biological information reading means Person authentication means,
A notification means for notifying the password used in the current transaction to the mobile terminal of the user who has authenticated that the user authentication means is the user,
If there is an input of the password notified by the notification means, a transaction processing means for transmitting an authentication request regarding whether or not the transaction is possible to the higher-level device and processing the transaction according to the authentication result in the higher-level device is provided. Transaction processing equipment.   The transaction processing apparatus according to claim 1, further comprising a password generation unit configured to generate a password to be notified to the user's mobile terminal by the notification unit.   The said password generation means is a means which produces | generates the password used by this transaction, after authenticating that the owner of the medium which the user authentication means received this time is the user himself / herself. Transaction processing equipment.   The transaction processing apparatus according to claim 1, wherein the notifying unit is a unit that notifies a user's mobile terminal of a password used in the current transaction by short-range wireless communication.   The notification means acquires terminal information stored in a mobile terminal of a user located in a short-range wireless communication area by short-range wireless communication, and based on the acquired terminal information, the user authentication means The transaction processing apparatus according to claim 4, which is means for determining whether or not is a mobile terminal of a user who has been authenticated as the user himself / herself.

Images