JP2023011082A - Payment system, payment method and program - Google Patents

Abstract

To provide a settlement system configured to prevent unauthorized use of settlement means, while maintaining convenience, a settlement method, and a program.SOLUTION: In a settlement system, a server includes: a setting unit which configures, when predetermined settlement means is fraudulently used, settings for a limitation on the use of the settlement means in a target store or a target terminal selected from among multiple stores or multiple terminals through which the settlement means is available; a receiving unit which receives a use request on using the settlement means in the target store or the target terminal; and an execution unit which determines whether to apply the settings, on the basis of a predetermined condition, the execution unit being capable of executing use processing for using the settlement means when the use request is received.SELECTED DRAWING: Figure 4

Description

The present disclosure relates to payment systems, payment methods, and programs.

2. Description of the Related Art Conventionally, techniques for preventing fraud related to settlement means such as points and credit cards are known. Patent Literature 1 describes a technique for not giving points to a point card when an operation for giving points to a point card is suspected of being fraudulent. Patent Literature 2 describes a technique for detecting fraudulent payment using a credit card based on a predetermined rule and not executing payment for which fraudulent payment is detected. Japanese Patent Laid-Open No. 2002-200003 describes a technique for determining stores that prohibit the use of electronic money according to the number of times the electronic money has been illegally used. Patent Literature 4 describes a technique for limiting the total amount that a family can use when a user's wallet is shared by the family.

JP 2019-82892 A Republished publication 2019-230986 JP 2008-186419 A Japanese Patent Application Laid-Open No. 2001-155107

However, the technique disclosed in Patent Literature 1 only restricts the provision of points, and cannot prevent unauthorized use of points. With the technique disclosed in Patent Document 2, settlements that do not conform to the rules are executed, so unauthorized use that does not conform to the rules cannot be prevented. With the technique disclosed in Patent Document 3, electronic money cannot be used at all in stores where the use of electronic money is prohibited, which impairs convenience. The technique of Patent Document 4 only limits the total amount that a family can use, and cannot prevent unauthorized use of the wallet. For this reason, conventional techniques cannot prevent unauthorized use of payment means while maintaining convenience.

One of the purposes of the present disclosure is to prevent fraudulent use of payment means while maintaining convenience.

In the payment system according to the present disclosure, when a predetermined payment method is illegally used, the payment method at a target store or target terminal selected from among a plurality of stores or a plurality of terminals that can use the payment method a setting means for setting restrictions on the use of the above; a receiving means for receiving a request for use of the payment means at the target store or the target terminal; and a means for using the payment means when the request for use is received. and execution means for determining whether or not to apply the setting based on a predetermined condition.

According to the present disclosure, it is possible to prevent fraudulent use of payment means while maintaining convenience.

It is a figure showing an example of the whole settlement system composition concerning a 1st embodiment. It is a figure which shows an example of a mode that a third party uses another person's points illegally. It is a figure which shows the outline|summary of 1st Embodiment. 2 is a functional block diagram showing an example of functions realized by the settlement system of the first embodiment; FIG. It is a figure which shows an example of the user database of 1st Embodiment. It is a figure which shows an example of the shop database of 1st Embodiment. It is a flow diagram showing an example of processing executed in the settlement system of the first embodiment. It is a figure which shows an example of the user database of 2nd Embodiment. It is a figure which shows an example of the store database of 2nd Embodiment. It is a flow diagram showing an example of processing executed in the payment system of the second embodiment. It is a functional block diagram of a modification concerning a 1st embodiment. FIG. 11 is a functional block diagram of a modification according to the second embodiment;

[1. First Embodiment]
A first embodiment, which is an example of embodiments of a settlement system according to the present disclosure, will be described.

[1-1. Overall configuration of payment system]
FIG. 1 is a diagram showing an example of the overall configuration of a payment system according to the first embodiment. The settlement system S includes each configuration in FIG. Network N is any network such as the Internet. The payment system S only needs to include at least one computer, and is not limited to the example in FIG.

Server 10 is a server computer. Control unit 11 includes at least one processor. The storage unit 12 includes a volatile memory such as RAM and a nonvolatile memory such as a hard disk. The communication unit 13 includes at least one of a communication interface for wired communication and a communication interface for wireless communication.

The user terminal 20 is a user's computer. For example, the user terminal 20 is a smartphone, tablet terminal, wearable terminal, or personal computer. Physical configurations of the control unit 21, the storage unit 22, and the communication unit 23 are the same as those of the control unit 11, the storage unit 12, and the communication unit 13, respectively. The operation unit 24 is an input device such as a touch panel. The display unit 25 is a liquid crystal display or an organic EL display. The IC chip 26 is a chip of any standard such as FeliCa (registered trademark) or Type A or Type B in the non-contact standard.

The store terminal 30 is a store computer. For example, the store terminal 30 is a POS terminal, personal computer, tablet terminal, or smart phone. The physical configurations of the control unit 31, the storage unit 32, the communication unit 33, the operation unit 34, and the display unit 35 are the same as those of the control unit 11, the storage unit 12, the communication unit 13, the operation unit 24, and the display unit 25, respectively. be. The store terminal 30 is connected to a reading device 36 such as a code reader, reader/writer, or camera. The reading device 36 may be included inside the store terminal 30 . The store terminal 30 is arranged for each store. A plurality of store terminals 30 may be arranged in one store. The store may be of any type, such as an electronics retail store, a discount store, a department store, a convenience store, a supermarket, a jewelry store, or a restaurant.

The administrator terminal 40 is the computer of the administrator of the payment service. For example, the administrator terminal 40 is a personal computer, tablet terminal, or smart phone. The physical configurations of the control unit 41, the storage unit 42, the communication unit 43, the operation unit 44, and the display unit 45 are the same as those of the control unit 11, the storage unit 12, the communication unit 13, the operation unit 24, and the display unit 25, respectively. be.

At least one of the programs and data stored in each of the storage units 12, 22, 32, and 42 may be supplied via the network N. In addition, at least one of the program and data stored in the computer-readable information storage medium is read by a reading unit (for example, an optical disk drive or a memory card slot) for reading the information storage medium, or input/output of data with an external device. may be supplied via an input/output unit (eg, a USB port) for

[1-2. Overview of the first embodiment]
The payment system S provides users with payment services. A payment service is a service that provides electronic payment. Electronic payment is sometimes called cashless payment. Payment instruments available in the payment service may be of any type. For example, payment means may be credit cards, debit cards, electronic money, electronic cash, points, bank accounts, wallets, virtual currencies, or combinations thereof. Since electronic payment using a code such as a bar code or two-dimensional code is sometimes called code payment, the code may correspond to payment means. A payment instrument may also be referred to as a payment instrument or an appropriation instrument.

In the first embodiment, points will be described as an example of payment means. Therefore, the place described as points can be read as settlement means. As for the point itself, various known points can be used. For example, a user earns points when purchasing a product, using a specific service, or using a specific credit card. The user can use the points when paying using other payment means such as cash. The user may complete the payment with points only.

In the first embodiment, a case where a user uses points when purchasing a product at an actual store is taken as an example. Various well-known methods can be used for the method of using the points. In the first embodiment, a method of using an application installed in the user terminal 20 will be described as an example of a method of using points. For example, when a user completes a predetermined usage registration from an application, a user ID and password are issued. The user activates the application, inputs the user ID and password from the operation unit 24, and logs in to the payment service.

When the user logs in to the settlement service, a code for using points is displayed on the display unit 25 . The user presents the code to the store clerk when purchasing the product at the store. When the store clerk reads the code with the reading device 36, a process for using points is executed between the store terminal 30 and the server 10. FIG. When payment using points is completed, the user receives the product and leaves the store. As described above, in the first embodiment, points can be used with a code displayed when logging into the payment service from the application.

In recent years, it has become a problem that malicious third parties illegally obtain user IDs and passwords of other people through phishing or the like. A third party may illegally log in to the settlement service using another person's user ID and password illegally obtained. In this case, a code for using someone else's points is displayed on the display unit 25 of the third party's user terminal 20 . A third party may impersonate another person and present the code to the store clerk to illegally use the points of the other person.

FIG. 2 is a diagram showing an example of how a third party illegally uses another person's points. As shown in FIG. 2, the third party causes the display section 25 of his/her own user terminal 20 to display a code C for using someone else's points. Since the store clerk often does not verify the identity when using points, the spoofing by a third party cannot be noticed. A third party presents the code C to the store clerk and fraudulently uses the points to purchase the product. For example, if a third party illegally obtains the user ID and password of another person who has a large number of points, the third party can purchase an expensive product with the illegally used points.

If a third party illegally obtains the user IDs and passwords of a plurality of users, the third party may illegally use points while moving between nearby stores. As shown in FIG. 2, a third party impersonates user X and fraudulently uses user X's points at store 1, and then impersonates user Y and fraudulently uses user Y's points at nearby store 2. do. Furthermore, a third party pretends to be user Z and fraudulently uses user Z's points at nearby store 3 . Similarly, the third party may impersonate another person and fraudulently use the points while moving between nearby shops. It is necessary to prevent such unauthorized use of points.

In this regard, if points are used illegally at a certain store, it is assumed that this store and neighboring stores restrict the points from being used at all. In this case, unauthorized use of points can be prevented, but not only third parties but also legitimate users cannot use points at all, which reduces convenience. Although it is conceivable to suspend the use of the points associated with the user ID for which fraud has occurred, as described with reference to FIG. cannot adequately prevent unauthorized use of Therefore, the payment system S of the first embodiment sets the upper limit of points that can be used for each of the store where the points have been fraudulently used and nearby stores.

FIG. 3 is a diagram showing an overview of the first embodiment. The example of FIG. 3 shows a case where points are used illegally at store 1 . The administrator learns that the points have been used illegally by a report from the user or the like. The manager operates the manager terminal 40 and sets 1000 points as the upper limit for each of the store 1 and the stores 2-3, which are neighboring stores of the store 1, and the like. In the first embodiment, a case where a common upper limit is set for stores 1 to 3, etc., is explained, but the value of the upper limit may differ for each store. No upper limit is set for the store 100 or the like that is not a neighboring store. The upper limit may be any value as long as it is greater than 0. If the unit of use of points is one point, the upper limit is an arbitrary value of 1 or more.

The upper limit set for the store 1-3, etc. is applied to all users who visit the store 1-3, etc. Since a third party often completes payment for a high-priced product only with the points used illegally, illegal use by a third party can be prevented by setting an upper limit. Since legitimate users often use fractions of the payment amount as points, even if the upper limit is set, the decrease in convenience can be minimized. The settlement system S of the first embodiment prevents unauthorized use of points while maintaining convenience by setting the upper limit as shown in FIG. Hereinafter, details of the first embodiment will be described.

[1-3. Functions Realized by the Payment System of the First Embodiment]
FIG. 4 is a functional block diagram showing an example of functions realized by the settlement system S of the first embodiment. In the first embodiment, each function of FIG. 4 is realized.

[1-3-1. Functions realized by the server]
The data storage unit 100 is realized mainly by the storage unit 12 . Each of the setting unit 101 , the reception unit 102 , and the execution unit 103 is realized mainly by the control unit 11 .

[Data storage part]
The data storage unit 100 stores data necessary for providing payment services. For example, the data storage unit 100 stores a user database DB1 and a store database DB2.

FIG. 5 is a diagram showing an example of the user database DB1 of the first embodiment. As shown in FIG. 5, the user database DB1 is a database that stores information about users. For example, the user database DB1 stores user IDs, passwords, names of users, points owned by users, code IDs, and expiration dates. When a certain user completes usage registration, a new record is created in the user database DB1, and information such as the user ID of this user is stored.

A user ID is user identification information that can identify a user. Therefore, the user ID can be read as user identification information. User identification information may be any information, for example, other information such as an email address or phone number may be used. A user ID is sometimes called an account. The password can be changed after user registration. As a user earns points, the points associated with that user's user ID increase. When a user redeems points, the points associated with this user's user ID are reduced. An expiration date may be set for the points.

The code ID is information included in the code C. For example, the code ID is represented by numbers, characters, or a combination thereof. A code ID is issued at an arbitrary timing. For example, the code ID is issued when the application is started, when the expiration date has passed, or when the user instructs reissuance. The code ID issuing method itself may be any issuing method. Code IDs are issued so as not to overlap with other code IDs within the validity period. For example, code IDs are issued randomly.

In the first embodiment, a code ID is issued for each user ID. Therefore, there is a one-to-one correspondence between user IDs and code IDs. Since the code ID is information that can identify the user, the code ID is also one of user identification information. A user ID may be included in the code C instead of the code ID. The expiration date is a point in time after a predetermined period of time (for example, about 5 minutes to several hours) from the point at which the code ID is issued. The validity period may be of any length. A code ID whose expiration date has passed becomes invalid. Points cannot be used for Code C, which includes Code ID whose expiration date has passed. The code ID does not have to have an expiration date.

FIG. 6 is a diagram showing an example of the store database DB2 of the first embodiment. As shown in FIG. 6, the store database DB2 is a database that stores information about stores. For example, the store database DB2 stores store IDs, store names, terminal IDs of the store terminals 30 placed in the stores, upper limits set in the stores, and upper limit setting dates and times. The store database DB2 can be edited by an administrator.

The store ID is store identification information that can identify the store. Therefore, the store ID can be read as store identification information. The store identification information may be arbitrary information, and other information such as store name, email address, or telephone number may be used. The terminal ID is terminal identification information that can identify the store terminal 30 . Therefore, the part described as terminal ID can be read as terminal identification information. The terminal identification information may be arbitrary information, for example, terminal name, IP address, individual identification information, or other information such as e-mail address may be used.

The upper limit is set by the setting unit 101, which will be described later. In the first embodiment, the case where the maximum amount of points that can be used in one payment corresponds to the upper limit is taken as an example, but other upper limits may be used. For example, the upper limit may correspond to a maximum amount available for a given number of payments, a maximum amount available for payments over a period of time, a maximum amount available for payments over a period of time, or a combination thereof. . The set date and time is the date and time when the upper limit is set. An expiration date may be set for the upper limit. The expiration date is a point in time after a predetermined time (for example, several hours to several weeks) from the set date and time.

[Setting part]
The setting unit 101 sets an upper limit of points that can be used at a target store selected from among a plurality of stores that can use points when the points are used illegally. In the first embodiment, a case will be described in which an administrator determines whether or not points have been used illegally, based on a user's report or the like. The payment system S identifies that the points have been used illegally by the administrator's operation from the administrator terminal 40 . As in a modified example described later, fraudulent use of points may be automatically detected based on a predetermined fraud detection method.

The target store is a store for which the upper limit is set. The target store may be at least one store, and an upper limit may be set for a plurality of target stores. The target store may be a store where points have been used illegally, or may not be a store where points have been used illegally. In the first embodiment, the case where the administrator manually designates the target store will be described, but the target store may be automatically selected as in a modified example described later.

In the first embodiment, the points that can be used for payment using other payment means correspond to the payment means, so the upper limit is the upper limit for the allocation of points. The other means of payment may be any means of payment, and may be cash or the previously mentioned electronic means of payment. For example, the other payment instrument is the primary payment instrument for payment. Appropriation is the use of points. Appropriation can also be said to be combined with payment of other means of payment.

For example, when the points are used illegally, the manager operates the manager terminal 40 to specify the shop ID of the target shop and the upper limit. The setting unit 101 acquires the store ID of the target store specified by the administrator and the upper limit specified by the administrator from the administrator terminal 40 . The setting unit 101 associates the acquired shop ID and the upper limit and stores them in the shop database DB2, thereby setting the upper limit of points that can be used at the target shop. When the administrator designates each store ID of a plurality of target stores, the setting unit 101 sets the upper limit for each store ID of each target store. The setting unit 101 stores the current date and time when the upper limit is set in the store database DB2 as the set date and time. Note that the upper limit of points may be set by a predetermined method, and may be a fixed value instead of being designated by the administrator. For example, an upper limit of points may be specified in advance for each store. For example, an upper limit may be set according to the amount of fraudulent use of points. For example, the upper limit may be set to an amount corresponding to the average spend per customer of the store or the average amount of points used.

[Reception Department]
The accepting unit 102 accepts a usage request regarding the use of points at the target store. A use request is a request for using points. A usage request is a request regarding allocation of points. The use request may be a request for the use of the points itself, or may be a request for preprocessing necessary for the use of the points. For example, the usage request is not limited to a request to decrease the points owned by the user, and may be a request only to refer to available points.

A usage request is made by transmitting data in a predetermined format. For example, the usage request includes point identification information that can identify the point to be used. 1st Embodiment demonstrates the case where point identification information is code ID. Therefore, the code ID can be read as point identification information. The point identification information is not limited to code IDs, and may be user IDs, for example. If there is an ID or number that can identify each point, this ID or number may correspond to point identification information.

The usage request may include information other than the point identification information. may contain. Accepting a usage request means receiving data corresponding to the usage request. In the first embodiment, the accepting unit 102 accepts a usage request from the store terminal 30 . The accepting unit 102 may accept a usage request from the user terminal 20, or may accept a usage request from another terminal.

[Execution part]
The executing unit 103 can execute a utilization process for utilizing points when a utilization request is accepted. The use process is a process for using points. The usage process can also be called settlement process, payment process, or appropriation process. In the first embodiment, the usage process is a process related to appropriation of points. The use process may be a process of using the points itself, or may be a pre-process necessary for using the points. The usage process may be any process that is executed in response to a usage request. For example, the usage process may be a process of reducing points owned by the user or a process of referring to usable points.

For example, the execution unit 103 executes a usage process based on the upper limit when a usage request is accepted. The upper limit is applied when a point usage request is accepted at a store where the upper limit is set, and when a point usage request is accepted at a store where the upper limit is not set, the upper limit is applied. not. The execution unit 103 executes the usage process so that the points are used within the upper limit. That is, the execution unit 103 executes the usage process so as not to exceed the upper limit. Usage processing exceeding the upper limit is not executed.

In the first embodiment, a case where the process of referring to usable points corresponds to the use process will be taken as an example. When the usage request is accepted, the execution unit 103 refers to the user database DB1 and acquires the points owned by the user associated with the code ID included in the usage request. If an upper limit is associated with the shop ID included in the usage request, the execution unit 103 determines the points that can be used within the range of this upper limit.

For example, if the number of points owned by the user is equal to or higher than the upper limit, the execution unit 103 determines the upper limit as usable points. If the points owned by the user are less than the upper limit, the execution unit 103 determines the points owned by the user as usable points. The execution unit 103 executes the use process by transmitting the points that can be used to the store terminal 30 . At the store, points are used within the range of points that can be used. If the store does not have an upper limit, the execution unit 103 determines the points owned by the user as points that can be used as they are.

Note that if the process of reducing the points owned by the user corresponds to the use process, the executing unit 103 may reduce the points owned by the user within the upper limit. In this case, the request for use shall include the amount of points used. For example, when a usage request is accepted, the execution unit 103 acquires the point usage amount included in the usage request. If an upper limit is associated with the store ID included in the usage request, the execution unit 103 reduces the points so that the points are used within the range of this upper limit.

For example, the execution unit 103 prohibits the use of points if the amount of points used is greater than or equal to the upper limit. The execution unit 103 transmits to the store terminal 30 that the use of points is prohibited. An error message or the like is displayed on the shop terminal 30 . When the amount of points used is equal to or greater than the upper limit, the execution unit 103 may permit the use of points within the range of the upper limit instead of prohibiting the use of points. In this case, the execution unit 103 reduces the points after changing the usage amount of the points to be equal to or less than the upper limit. The execution unit 103 may notify the store terminal 30 that the point usage amount is changed, and change the point usage amount when a predetermined operation is performed on the store terminal 30 . If the used amount of the points is less than the upper limit, the execution unit 103 reduces the points with the used amount as it is.

[1-3-2. Functions realized by the user terminal]
The data storage unit 200 is implemented mainly by the storage unit 22 . The display control unit 201 is realized mainly by the control unit 21 . The data storage unit 200 stores data necessary for providing payment services. For example, the data storage unit 200 stores an application, code ID, and expiration date. The display control unit 201 displays the code C including the code ID based on the application.

[1-3-3. Functions realized by store terminals]
Data storage unit 300 is realized mainly by storage unit 32 . The use request transmission unit 301 is implemented mainly by the control unit 31 . The data storage unit 300 stores data necessary for providing payment services. For example, the data storage unit 300 stores the store ID of the store where the store terminal 30 is arranged and the terminal ID of the store terminal 30 . The data storage unit 300 also stores a program for acquiring the code ID included in the code C. FIG.

A usage request transmission unit 301 transmits a usage request to the server 10 . For example, when the reading device 36 reads the code C, the usage request transmission unit 301 acquires the code ID included in the code C. FIG. The usage request transmission unit 301 transmits to the server 10 a usage request including the store ID, the terminal ID, and the code ID. If the usage request is a request to decrease points, the usage request includes the amount of points used.

Note that the code ID may not be acquired optically, and may be acquired through communication. For example, the store terminal 30 may acquire the code ID using Wi-Fi (registered trademark), Bluetooth (registered trademark), or infrared communication, or may acquire the code ID using short-range wireless communication that is used in known IC cards. The code ID may be acquired using communication. The code ID may be input from the operation unit 34 of the store terminal 30.

[1-3-4. Functions realized by the administrator terminal]
Data storage unit 400 is realized mainly by storage unit 42 . The setting transmission unit 401 is realized mainly by the control unit 41 . The data storage unit 400 stores data necessary for providing payment services. For example, the data storage unit 400 stores management tools for administrators to set upper limits. The setting transmission unit 401 transmits to the server 10 the setting contents specified by the administrator from the management tool. For example, the setting transmission unit 401 transmits to the server 10 the store ID of the target store specified by the administrator and the upper limit specified by the administrator.

[1-4. Processing executed in the payment system of the first embodiment]
FIG. 7 is a flow chart showing an example of processing executed in the settlement system S of the first embodiment. The processing shown in FIG. 7 is executed by each of control units 11 , 21 , 31 and 41 operating according to a program stored in each of storage units 12 , 22 , 32 and 42 .

As shown in FIG. 7, the administrator terminal 40 accepts the store ID of the target store and the upper limit specified by the administrator when the points are used illegally (S100). The administrator terminal 40 transmits a predetermined setting request to the server 10 based on the store ID of the target store designated by the administrator and the upper limit (S101). When the server 10 receives the setting request (S102), it sets the upper limit for the target store based on the setting request (S103). In S103, the server 10 updates the store database DB2 so that the store ID included in the setting request is associated with the upper limit included in the setting request. Setting of the upper limit is completed through S100 to S103.

Based on the user's operation, the user terminal 20 activates the application and causes the display unit 25 to display the code C (S104). A login process may be executed with the server 10 when the application is started. In the login process, input of a user ID and password may be requested, and if the user terminal 20 has already logged in, information indicating that the user has logged in is recorded in the user terminal 20, and this information is used. to omit the input of the user ID and password.

The user presents the code C displayed in S104 to the store clerk. The store clerk reads the code C with the reading device 36 . The shop terminal 30 acquires the code ID based on the reading result of the reading device 36, and transmits a point use request to the server 10 (S105). When the server 10 receives the usage request (S106), it determines whether or not an upper limit is set for the store where the store terminal 30 that sent the usage request is located, based on the store database DB2 (S107).

When it is determined that the upper limit is set (S107; Y), the server 10 executes the usage process based on the upper limit (S108), and ends this process. The usage processing based on the upper limit is as described above. If it is determined that the upper limit is not set (S107; N), the server 10 executes the usage process with the shop terminal 30 regardless of the upper limit (S109), and ends this process. The usage processing not based on the upper limit is also as described above.

According to the payment system S of the first embodiment, when points are used illegally, an upper limit is set for the points that can be used at the target store, and when a use request is received, the points can be used based on the upper limit. Execute the process. As a result, even if it is a target store, points can be used within the upper limit range, so a certain degree of convenience can be maintained. In addition, since the use of points exceeding the upper limit is restricted, unauthorized use of points can be prevented. For example, legitimate users rarely use a large amount of points at one time, and frequently use a small amount of points. On the other hand, a malicious third party often uses a large amount of points at once, and rarely uses a small amount of points frequently. Therefore, by setting the upper limit, it is possible to prevent unauthorized use by a third party without hindering use by legitimate users, thereby preventing unauthorized use of points while maintaining convenience.

In addition, in the payment system S, points that can be used for payment using other payment means correspond to the payment means, and it is possible to prevent fraudulent use of points while maintaining convenience when using points.

[2. Second Embodiment]
Next, a second embodiment of the payment system S will be described. 1st Embodiment demonstrated the case where the upper limit set to the target shop was applied to all the users. Among the users who visit the target store, there are users who have a very high probability of being legitimate, and there are also users who cannot be distinguished whether they are malicious third parties or not. In the second embodiment, the upper limit set for the target store is not applied to users with a very high probability of being legitimate. That is, the upper limit set for the target store is applied to a user who cannot be distinguished from a malicious third party.

For example, malicious third parties often illegally use points without being aware of other people's usual behavior indicated by illegally obtained user IDs. Therefore, the probability that a store where a third party illegally uses points is the same as a store where another person (a legitimate user) impersonating a third party usually uses is extremely low. Even if a third party somehow identifies the store that other people usually use, it is unlikely that they will go to this store and use it illegally.

Therefore, in the second embodiment, if the store is used regularly by the user, there is a high probability that the store is used by a valid user, so even if this store is a target store, the upper limit is not applied. This prevents a decrease in convenience such that the upper limit is applied even though the probability of validity is extremely high. Conversely, if the user does not usually use the store, it is difficult to distinguish whether or not a malicious third party is impersonating, so if this store is the target store, the upper limit is applied. This prevents unauthorized use of points. Hereinafter, details of the second embodiment will be described. Note that description of the same points as in the first embodiment will be omitted.

[2-1. Functions realized by the payment system of the second embodiment]
In the second embodiment, functions similar to those of FIG. 4 described in the first embodiment are realized. However, some contents are different from the first embodiment. For example, the contents of the user database DB1 and the store database DB2 are different from those in the first embodiment.

FIG. 8 is a diagram showing an example of the user database DB1 of the second embodiment. As shown in FIG. 8, the user database DB1 is generally the same as in the first embodiment, but differs in that store IDs of stores that users usually use are stored. The server 10 identifies stores that the user usually uses based on the user's usage history. This usage history may be a usage history in the payment service, or may be a usage history in other services linked with the payment service (for example, other payment services such as electronic money).

The usage history includes the store ID of the store visited by the user and the date and time when the store was used. The usage history may include other information such as the amount of points spent. In the second embodiment, the case where the usage history is associated with the user ID and stored in the user database DB1 will be described, but the usage history may be stored in another database. The usage history is appropriately updated according to usage by the user.

For each user ID, the server 10 identifies the store that the user indicated by this user ID usually uses based on the usage history associated with this user ID. For example, the server 10 aggregates the store IDs included in the usage history for the entire past period or a part of the period (for example, the period of the last several days to several months), The store is specified as a store that the user usually uses. Alternatively, for example, the server 10 may identify a predetermined number of stores in descending order of the number of times of use as stores that the user usually uses. The server 10 associates the store ID of the store that the user usually uses with the user ID of the user and stores the store ID in the user database DB1.

It should be noted that the method of specifying the store that the user usually uses is not limited to the above example. For example, the user himself/herself may designate a store that he usually uses. In this case, the store ID of the store specified by the user is stored in the user database DB1. For example, only stores where the usage amount is equal to or greater than a threshold value may be the stores that the user usually uses. For example, based on location information using the GPS sensor of the user terminal 20, the store that the user usually visits may be specified. Alternatively, for example, based on the communication base station or access point connected to the user terminal 20, the store that the user usually uses may be identified. The store that the user usually visits may be identified by the address or the like associated with the user ID. The store that the user usually uses may be identified by a predetermined method.

FIG. 9 is a diagram showing an example of the store database DB2 of the second embodiment. As shown in FIG. 9, the store database DB2 is substantially the same as that of the first embodiment, but the setting of the setting unit 101 may not be the upper limit of points. For example, the setting unit 101 may set so as to prohibit the use of points. In the second embodiment, the upper limit is not necessarily set, so in FIG. 9, the setting content of the setting unit 101 is described as usage restriction. The example of FIG. 9 shows a case where different use restrictions are set for each target store. For example, store 1 has an upper limit of 1000 points. The store 2 is prohibited from using points itself. The store 3 has an upper limit of 500 points.

The setting unit 101 sets a restriction on use of points at a target store selected from a plurality of stores where points can be used when points are used illegally. Only the setting contents are different from those of the first embodiment, and the setting method itself is the same as that of the first embodiment. That is, the administrator specifies the store ID of the target store and the content of usage restrictions from the administrator terminal 40 . When an upper limit is set as the usage restriction, the administrator specifies the upper limit value. When the use restriction is set to prohibit the use of points, the administrator specifies that the use of points is prohibited. The setting unit 101 acquires the contents specified by the administrator from the administrator terminal 40 and stores them in the store database DB2.

The execution unit 103 can execute a usage process when a usage request is accepted. However, whether or not to execute the usage process depends on the setting of usage restrictions. The execution unit 103 determines whether to apply the setting of the setting unit 101 based on a predetermined condition. This condition is a criterion for determining whether or not to apply the usage restriction setting. If this condition is met, usage restriction settings may be applied. Conversely, usage restriction settings may be applied when this condition is not met. Henceforth, this condition is described as an applicable condition.

The application condition may be any condition that allows a legitimate user to be distinguished from a malicious third party with a certain degree of probability. In the second embodiment, a case will be exemplified where the applicable condition is whether or not the user corresponding to the usage request regularly uses the target store. Examples of other applicable conditions will be described later in modified examples. The user corresponding to the usage request is the user indicated by the user ID who intends to use the points. Here, since the user is specified by the code ID included in the usage request, the user indicated by the user ID associated with the code ID corresponds to the user corresponding to the usage request.

When the usage request is accepted, the execution unit 103 refers to the user database DB1 and acquires the store ID of the store that is usually used, associated with the code ID included in the usage request. The executing unit 103 determines not to apply the setting of the setting unit 101 when the shop ID included in the usage request matches the acquired shop ID of the shop that is usually used. The execution unit 103 determines to apply the setting of the setting unit 101 when the shop ID included in the usage request does not match the acquired shop ID of the shop that is usually used.

It should be noted that not applying the setting of the setting unit 101 means executing the use processing without being based on the setting of the use restriction. Applying the settings of the setting unit 101 means executing the usage process based on the usage restriction settings. If the prohibition of use of points is set as the use restriction, the use processing is not executed.

[2-2. Processing executed in the payment system of the second embodiment]
FIG. 10 is a flow chart showing an example of processing executed in the payment system S of the second embodiment. The processing shown in FIG. 10 is executed by each of control units 11, 21, 31 and 41 operating according to a program stored in storage units 12, 22, 32 and 42, respectively.

As shown in FIG. 10, the processes of S200 to S206 are similar to the processes of S100 to S106, respectively, but what is specified in S200 is not limited to the upper limit, which is different from S100. Similarly, what is set in S203 is different from S103 in that it is not limited to the upper limit. When the usage request is accepted in S206, the server 10 determines whether or not the usage restriction is set for the store of the store terminal 30 that transmitted the usage request, based on the store database DB2 (S207). In S207, the server 10 determines whether or not the store ID included in the usage request is associated with usage restriction settings.

If it is determined that usage restrictions have been set (S207; Y), the server 10 determines whether the store of the store terminal 30 that transmitted the usage request is the store that the user usually uses, based on the user database DB1. It is determined whether or not (S208). If the store is not determined to be one that the user usually uses (S208; N), the server 10 executes usage processing with the store terminal 30 based on the usage restriction setting (S209). finish. The usage processing based on the setting of usage restrictions is as described above.

If the store is determined to be one that the user usually uses (S208; Y), the server 10 executes usage processing with the store terminal 30 regardless of usage restriction settings (S210). Processing ends. The usage processing that is not based on usage restriction settings is also as described above. The process of S210 is also executed when it is determined that the usage restriction is not set (S207; N).

According to the payment system S of the second embodiment, when points are used fraudulently, settings are made regarding restrictions on the use of points at the target store, and whether or not to apply the settings is determined based on predetermined conditions. do. As a result, if it is determined not to apply the setting even if the store is the target store, no restriction on the use of points is imposed, thereby maintaining convenience for the user. If it is determined to apply the setting, the use of points is restricted, so that unauthorized use of points can be prevented. Therefore, unauthorized use of points can be prevented while maintaining convenience. In the first embodiment, convenience is maintained by setting an upper limit rather than prohibiting the use of points, but in the second embodiment, users who have an extremely high probability of being legitimate are excluded from being subject to usage restrictions. Since the convenience can be maintained by doing so, the use restriction may be set to prohibit the use of points.

In the payment system S, the applicable condition is whether or not the user corresponding to the usage request regularly uses the target store. For example, legitimate users often use points at specific stores. On the other hand, malicious third parties often illegally use points at stores that other people who have illegally logged in do not usually use. Therefore, by making it a condition whether or not the user regularly uses the target store, it is possible to reliably maintain convenience and prevent unauthorized use of points.

In addition, in the payment system S, points that can be used for payment using other payment means correspond to the payment means, and it is possible to prevent fraudulent use of points while maintaining convenience when using points.

[3. Modification]
Note that the present disclosure is not limited to the embodiments described above. Modifications can be made as appropriate without departing from the gist of the present disclosure.

[3-1. Modification of First Embodiment]
First, a modified example according to the first embodiment will be described. FIG. 11 is a functional block diagram of a modification according to the first embodiment. In the modification according to the second embodiment, each function of FIG. 11 is implemented.

[Modification 1-1]
For example, in the first embodiment, the manager designates the target store, but the target store may be selected based on a predetermined condition. In the modified example 1-1, a case is taken as an example in which shops near the shop where points are used illegally are selected as target shops. It is assumed that the store database DB2 of Modification 1-1 stores location information about the location of each store. Location information may be in any form, such as latitude and longitude, address, or coordinates.

The settlement system S of modification 1-1 includes a first selection unit 104 . The first selection unit 104 selects a target store based on the location of the store where points have been used illegally and the location of each of the plurality of stores. In the modified example 1-1, the administrator designates an unauthorized store from the administrator terminal 40. FIG. For example, the administrator identifies stores that use unauthorized points by receiving contact from users or by checking the usage status of points. The manager operates the manager terminal 40 to specify the shop ID of the shop that uses the fraudulent card.

Note that the payment system S may automatically identify the store that uses the fraudulent transaction. For example, when the server 10 receives a request to use points at a certain store, the server 10 determines the distance from the center of usual use of the user who has this point, the time difference from the usual use time, and the difference from the usual use amount. , differences from products that are usually purchased, or a combination of these, it may be determined whether or not the points are used illegally. Unauthorized use may be determined at any time, for example, after points are used.

A variety of well-known methods can be used as the fraud detection method itself. For example, the method used for credit card fraud detection may be used to determine fraudulent use of points. For example, the server 10 may determine whether or not unauthorized use of points has occurred, using a learning model obtained by learning features of unauthorized use that occurred in the past using machine learning. For example, the server 10 may use a rule defined based on the characteristics of past unauthorized use of points to determine whether or not unauthorized use of points has occurred.

For example, the first selection unit 104 selects stores within a predetermined distance from the unauthorized use store as target stores based on the location information of each store stored in the store database DB2. The first selection unit 104 may select, as target stores, a predetermined number of stores in descending order from the illegally used store. The number of target stores may be a fixed value, or may be a variable value according to the amount of fraudulent use. The first selection unit 104 may select a store in the same area as the illegally used store as the target store. The processing after the target store is selected is as described in the first embodiment. The target store selected by the first selection unit 104 is notified to the manager, and the manager may specify the upper limit after confirming the target store. This point is the same when the target store is selected by the second selection unit 105 or the third selection unit 106, which will be described later.

According to the modified example 1-1, by selecting a target store based on the location of the store using unauthorized points and the location of each of the plurality of stores, the target store where points may be used fraudulently is identified. can be selected automatically. Compared to the case where the administrator manually designates the target store, the upper limit of points can be set more quickly, and unauthorized use of points can be effectively prevented. Since there is no need for the administrator to manually specify the target store, the administrator's labor can be reduced.

[Modification 1-2]
For example, the target store may be a store in the same industry or a similar industry (type of business) as the illegally used store. It is assumed that the store database DB2 of Modified Example 1-2 stores industry information about the industry of each store. The type of business may be any type of business as long as it corresponds to the genre or category of products handled by the store. The type of business may be specified by the store itself, or may be specified by the manager. The payment system S of Modification 1-2 includes a second selection unit 105 .

The second selection unit 105 selects a target store based on the type of business of the illegally used store where points have been illegally used and the type of business of each of the plurality of stores. For example, the second selection unit 105 selects, as target stores, stores of the same or similar business type as the unauthorized use store, based on the business type information of each store stored in the store database DB2. It is assumed that similar industry information defining similar industries is defined in the data storage unit 100 in advance. The similar industry information may be created by an administrator, or may be created based on similar industries defined by a public institution such as the National Taxation Bureau. The second selection unit 105 may select, as target stores, all stores in the same or similar industry as the unauthorized use store, or may select only a predetermined number of stores as target stores. The processing after the target store is selected is as described in the first embodiment.

According to the modified example 1-2, by selecting a target store based on the business type of the store that uses fraudulent use and the business type of each of the plurality of stores, target stores that are likely to be used fraudulently are identified. can be selected automatically. Compared to the case where the administrator manually designates the target store, the upper limit of points can be set more quickly, and unauthorized use of points can be effectively prevented. Since there is no need for the administrator to manually specify the target store, the administrator's labor can be reduced.

[Modification 1-3]
For example, the target store may be a store that has a similar unit price per customer as the illegally used store. It is assumed that the store database DB2 of Modified Example 1-3 stores customer unit price information relating to the customer unit price of individual stores. The unit price per customer may be calculated from the usage amount in the entire period or a part of the period in the past. The unit price per customer may be specified by the store itself, or may be specified by the manager. The payment system S of Modification 1-3 includes a third selection unit 106 .

The third selection unit 106 selects a target store based on the amount used when points are used illegally and the amount used associated with each of the plurality of stores. In modification 1-3, the unit price per customer is explained as an example of the usage amount, but the usage amount is not limited to the unit price per customer. It may be an average usage amount of points. For example, the third selection unit 106 selects, as target stores, stores with the same level of customer unit price as the unauthorized use store, based on the customer unit price information of each store stored in the store database DB2.

A store with a similar unit price per customer is a store where the difference from the unit price per customer at the unauthorized store is less than the threshold. The third selection unit 106 may select, as target stores, all stores with the same average customer unit price as that of the illegally used stores, or may select only a predetermined number of stores as target stores. The third selection unit 106 may select, as target stores, a predetermined number of stores in descending order of difference from the average customer unit price of the illegally used stores. The 3rd selection part 106 may select the store of the same average customer unit price as the number of points used fraudulently as a target store. The processing after the target store is selected is as described in the first embodiment.

According to the modified example 1-3, by selecting the target store based on the usage amount when the points are used fraudulently and the usage amount associated with each of the plurality of stores, the points can be used fraudulently. You can automatically select target stores that are likely to be used for Compared to the case where the administrator manually designates the target store, the upper limit of points can be set more quickly, and unauthorized use of points can be effectively prevented. Since there is no need for the administrator to manually specify the target store, the administrator's labor can be reduced.

[Modification 1-4]
For example, as in the first embodiment, if points and other payment methods can be used together for payment at the target store, the upper limit is the ratio of points to the total amount of payment at the target store. good too. Assuming that the total amount is X yen (X is a natural number) and the amount of points used is Y yen (Y is a natural number equal to or less than X) yen, this ratio is the value of X/Y. The upper limit may be specified by the administrator as in the first embodiment, or may be calculated from the rate of past unauthorized use. The ratio can be expressed in any format, such as percentage.

The only difference from the first embodiment is that the upper limit indicates a ratio, and other points are as described in the first embodiment. However, in modification 1-4, the usage request includes the total payment amount and the amount of points used. is entered. The execution unit 103 calculates the ratio of the point usage amount to the total amount included in the usage request, and determines whether or not it is equal to or greater than the ratio set as the upper limit. If the percentage is less than the upper limit, the executing unit 103 executes the utilization process regardless of the upper limit. The execution unit 103 executes the utilization process based on the upper limit if the ratio is equal to or higher than the upper limit.

According to Modification 1-4, by setting the ratio of points to the total amount of payment at the target store as the upper limit, convenience can be effectively maintained and unauthorized use of points can be effectively prevented. For example, legitimate users often use points at a low percentage of the total payment amount, such as applying points to a fraction of the payment. On the other hand, third parties do not want to bear any burden themselves, so they use points at a rate of 100% or close to it. Therefore, even if the ratio as the upper limit is set at a high ratio of about 70% to 100%, it is possible to effectively prevent fraudulent use of points without impairing the convenience of legitimate users.

[Modification 1-5]
For example, in the first embodiment, all target stores have the same upper limit, but the setting unit 101 may set an upper limit corresponding to each target store for each of a plurality of target stores. . For example, when the manager specifies the upper limit, the manager specifies the upper limit for each target store. The setting unit 101 sets the upper limit specified by the administrator for each target store.

When the upper limit is automatically set by the payment system S, the setting unit 101 sets the upper limit for each target store based on store information related to the target store. Arbitrary information can be used as this store information. For example, the setting unit 101 may set the upper limit for each target store based on the average past usage amount at the target store. In addition, for example, the setting unit 101 sets the upper limit of the target store for each target store based on the industry, sales, profit, number of customers, average spend per customer, average amount of points used, or a combination thereof. May be set.

The reception unit 102 can receive usage requests from each of a plurality of target stores. The execution unit 103 executes the usage process based on the upper limit according to the target store that has made the usage request. The only difference from the first embodiment is that the upper limit is set according to the target store, and other points are as described in the first embodiment. The store database DB2 of FIG. 9 described in the second embodiment also shows an example in which the upper limit is set according to the target store.

According to the modification 1-5, by setting an upper limit corresponding to each target store for each of a plurality of target stores, an optimum upper limit corresponding to the target store is set, and convenience is effectively maintained. At the same time, illegal use of points can be effectively prevented.

[Modification 1-6]
For example, the execution unit 103 may determine whether to execute the usage process based on the upper limit based on whether the user corresponding to the usage request regularly uses the target store. The method of determining whether or not the user corresponding to the usage request regularly uses the target store is as described in the second embodiment. The execution unit 103 determines to execute the usage process regardless of the upper limit when it is determined that the user corresponding to the usage request regularly uses the target store. The execution unit 103 determines to execute the usage process based on the upper limit when it is determined that the user corresponding to the usage request does not normally use the target store.

According to Modified Example 1-6, it is determined whether or not to execute the usage process based on the upper limit based on whether or not the user corresponding to the usage request regularly uses the target store. As a result, it is possible to prevent the convenience of legitimate users from being impaired, and effectively maintain the convenience.

[Modification 1-7]
For example, the accepting unit 102 may be capable of accepting usage requests using each of a plurality of applications that can be installed on the user terminal 20 . In modification 1-7, it is assumed that there are a plurality of applications that can display Code C. A user installs at least one of the plurality of applications on the user terminal 20 . Code C displayed in individual apps may be different. For example, Code C may contain a code ID in one app, and Code C may contain a user ID in another app. Furthermore, separate code IDs may be included in individual apps.

Individual apps need not be developed solely for the purpose of using points. For example, apps for using credit cards, apps for using bank accounts, apps for using online shopping malls, apps for making travel reservations, and apps for using auctions. A common point may be available. The flow of using points for each application may be the same as in the first embodiment, or may differ for each application. Various well-known methods can be used as the method itself for using points from the application.

The execution unit 103 may determine whether to execute the usage process based on the upper limit based on whether the user corresponding to the usage request regularly uses the application corresponding to the usage request. The application corresponding to the usage request is the application used to make the usage request. Here, the application displaying the code C read by the reading device 36 corresponds to the application corresponding to the usage request.

In the modification 1-7, it is assumed that the user database DB1 stores application information related to applications that the user normally uses. The application indicated by the application information is determined based on the application used by the user when using points in the past. For example, the server 10 determines the application that has been used most frequently in the past as the application that the user usually uses. The server 10 determines the most recently used application as the application that the user usually uses. A user may designate an application that is usually used by himself/herself.

In modification 1-7, code C is assumed to include application identification information that can identify an application. Furthermore, the usage request includes the application identification information read from the code C. The execution unit 103 may determine whether or not the user corresponding to the usage request normally uses the application corresponding to the usage request based on the application identification information included in the usage request. When it is determined that the user corresponding to the usage request regularly uses the application corresponding to the usage request, the executing unit 103 determines to execute the usage process regardless of the upper limit. When it is determined that the user corresponding to the usage request does not normally use the application corresponding to the usage request, the executing unit 103 determines to execute the usage process based on the upper limit. For example, if it is the first time that an application corresponding to a usage request has been used, there is a high possibility that the application has been used illegally, so the usage process is not executed for such a user. Furthermore, if it is the first time that the application corresponding to the usage request has been used and a certain amount of time has not passed, it is assumed that there is a high possibility of unauthorized use, and such users are not allowed to use the application. may

According to modification 1-7, it is determined whether or not to execute the usage process based on the upper limit based on whether the user corresponding to the usage request regularly uses the application corresponding to the usage request. As a result, it is possible to prevent the convenience of legitimate users from being impaired, and effectively maintain the convenience.

[Modification 1-8]
For example, the reception unit 102 may use each of the plurality of user terminals 20 to receive usage requests. In Modified Example 1-8, multiple user terminals 20 can log in and Code C can be displayed on multiple user terminals 20 even with the same user ID. Therefore, a request to use points associated with a certain user ID can be made using the code C displayed on each of the plurality of user terminals 20 . For example, even if the user is legitimate, they may use the user terminal 20, which is a smartphone, and the user terminal 20, which is a tablet terminal, and use their own points from both user terminals 20. A use request can be made using each of the user terminals 20 .

The execution unit 103 determines whether or not to execute the usage process based on the upper limit based on whether the user corresponding to the usage request normally uses the user terminal 20 corresponding to the usage request. The user terminal 20 corresponding to the usage request is the user terminal 20 used to make the usage request. Here, the user terminal 20 displaying the code C read by the reading device 36 corresponds to the user terminal 20 corresponding to the usage request.

In modification 1-8, it is assumed that the user database DB1 stores user terminal information that enables identification of the user terminal 20 that the user normally uses. The user terminal 20 can be identified by any information, such as an IP address, individual identification information of the user terminal 20, a terminal ID generated on the server 10 side, an ID stored in a SIM card, or a combination thereof. may

The user terminal 20 indicated by the user terminal information is determined based on the user terminal 20 used by the user when using points in the past. For example, the server 10 determines the user terminal 20 that has been used the most in the past as the user terminal 20 that the user usually uses. The server 10 determines the most recently used user terminal 20 as the user terminal 20 usually used by the user. The user may specify the user terminal 20 that he/she normally uses.

In modification 1-8, code C is assumed to include user terminal information. Furthermore, the user terminal information read from the code C is included in the usage request. Based on the user terminal information included in the usage request, the executing unit 103 may determine whether the user corresponding to the usage request normally uses the user terminal 20 corresponding to the usage request. When it is determined that the user corresponding to the usage request normally uses the user terminal 20 corresponding to the usage request, the executing unit 103 determines to execute the usage processing regardless of the upper limit. When it is determined that the user corresponding to the usage request does not normally use the user terminal 20 corresponding to the usage request, the executing unit 103 determines to execute the usage process based on the upper limit.

According to modification 1-8, it is determined whether or not to execute the usage process based on the upper limit based on whether the user corresponding to the usage request normally uses the user terminal 20 corresponding to the usage request. do. As a result, it is possible to prevent the convenience of legitimate users from being impaired, and effectively maintain the convenience.

[Modification 1-9]
For example, the accepting unit 102 may be capable of accepting usage requests by using each of a plurality of user terminals 20 capable of executing predetermined authentication. This authentication may be any authentication as long as it can guarantee that the user is valid to some extent. For example, possession authentication executed by reading an IC chip such as a credit card or identification card with the user terminal 20, possession authentication executed by photographing a credit card or identification card with the camera of the user terminal 20, Knowledge authentication executed by inputting authentication information other than the user ID and password into the user terminal 20, or biometric authentication such as fingerprint authentication or face authentication executed using the user terminal 20 may be used. As for the execution method of authentication itself, various known methods can be used.

In Modified Example 1-9, it is assumed that the user database DB1 stores authentication identification information that can identify whether or not predetermined authentication has been performed on the user terminal 20 of the user. This authentication identification information is stored in association with the user terminal information described in modification 1-8. The server 10 updates the authentication identification information associated with the user terminal information of the user terminal 20 when predetermined authentication is performed on the user terminal 20 .

The execution unit 103 determines whether or not to execute the usage process based on the upper limit, based on whether or not the user terminal 20 corresponding to the usage request has already performed predetermined authentication. In modification 1-9, as in modification 1-8, code C includes user terminal information, and the usage request includes user terminal information. The execution unit 103 may determine whether predetermined authentication has been performed based on the authentication identification information associated with the user terminal information included in the usage request.

When it is determined that the user terminal 20 corresponding to the usage request has already performed the predetermined authentication, the executing unit 103 determines to execute the usage process regardless of the upper limit. When it is determined that the user terminal 20 corresponding to the usage request has not already performed the predetermined authentication, the executing unit 103 determines to execute the usage process based on the upper limit.

According to the modified example 1-9, it is determined whether or not to execute the usage process based on the upper limit based on whether or not the user terminal 20 corresponding to the usage request has already performed the predetermined authentication. As a result, it is possible to prevent the convenience of legitimate users from being impaired, and effectively maintain the convenience.

[Modification 1-10]
For example, the execution unit 103 may determine whether to execute the usage process based on the upper limit based on the usage content corresponding to the usage request and the user's usual usage content corresponding to the usage request. . The content of use includes the amount of points used, the ratio of the amount used to the total amount, the time of use, the store used, the product to be purchased, and the like. In the modified example 1-10, it is assumed that the user database DB1 stores usage content information that can identify the user's usual usage content. For example, the usage content information is determined based on the usage content used by the user when using points in the past. The usage content information may indicate the usage content corresponding to the product purchased without using the points.

In Modified Example 1-10, it is assumed that the usage request includes usage content. For example, the store terminal 30 includes the amount of use input to the store terminal 30, the ratio of the amount of use to the total amount of goods, the time of use, the store used, the goods to be purchased, etc., in the use request and transmits the use contents to the server 10. . The execution unit 103 determines to execute the usage process regardless of the upper limit when the usage content corresponding to the usage request matches the user's usual usage content corresponding to the usage request. The execution unit 103 determines to execute the usage process based on the upper limit when the usage content corresponding to the usage request does not correspond to the user's usual usage content corresponding to the usage request.

It should be noted that the correspondence of the usage contents means that the usage contents match or are similar to each other. For example, the difference in the amount of points used is less than a threshold, the difference in the ratio of the amount used to the total amount is less than the threshold, the difference in usage time is less than a predetermined time, the stores used are the same or close, The fact that the products to be purchased are of the same or similar genre corresponds to that the content of use corresponds. These multiple factors may be comprehensively considered to determine whether or not the usage content corresponds.

According to Modification 1-10, it is determined whether or not to execute the usage process based on the upper limit based on the usage content corresponding to the usage request and the user's usual usage content corresponding to the usage request. As a result, it is possible to prevent the convenience of legitimate users from being impaired, and effectively maintain the convenience.

[Modification 1-11]
For example, each of a plurality of users who can use points may be assigned a rank according to the user's usage. In this case, the execution unit 103 may determine whether to execute the usage process based on the upper limit based on the rank of the user corresponding to the usage request. Note that an upper limit of points that the user can use may be set for each rank. If the upper limit set by the setting unit 101 is greater than the upper limit corresponding to the rank, the upper limit corresponding to the rank is applied.

In the modified example 1-11, it is assumed that user ranks are stored in the user database DB1. For example, the higher the user's usage amount in the past, the higher the user's rank. This usage amount is not limited to the usage amount of points, and may be the usage amount of other services. For example, it may be the purchase amount in an electronic commerce service. The rank may have conditions other than the usage amount. For example, the number of times of use may be used, or issuing a specific credit card or opening a specific bank account may be a condition for rank.

For example, low-rank users are expected to have few points, so they are less likely to be targeted by malicious third parties. Therefore, when the rank of the user corresponding to the usage request is lower than the predetermined rank, the executing unit 103 determines to execute the usage process regardless of the upper limit. On the other hand, high-rank users are likely to be targeted by malicious third parties because they are expected to have many points. Therefore, if the rank of the user corresponding to the usage request is equal to or higher than a predetermined rank, the executing unit 103 determines to execute the usage process based on the upper limit.

According to modification 1-11, it is determined whether or not to execute the usage process based on the upper limit based on the rank of the user corresponding to the usage request. As a result, it is possible to prevent the convenience of legitimate users from being impaired, and effectively maintain the convenience.

[Modification 1-12]
For example, the accepting unit 102 may be capable of accepting a usage request using each of the code C displayed on the user terminal 20 and the card or IC chip 26 . The method of accepting a usage request using code C is as described in the first embodiment. The use request may be accepted using a card or IC chip 26 storing point identification information that can identify points. The card is not limited to an IC card, and may be a magnetic card. It is assumed that the point identification information is stored in the user database DB1. The reader 36 reads point identification information stored in the card or IC chip 26 . The store terminal 30 transmits a usage request including the read point identification information.

When the code ID is included in the usage request, the executing unit 103 determines that the usage request has been accepted using the code C. FIG. When the point identification information is included in the usage request, the execution unit 103 determines that the usage request has been accepted using the card or the IC chip 26 . The execution unit 103 may determine whether the request for use has been accepted with the code C or whether the request for use has been accepted with the card or the IC chip 26, based on the information included in the request for use.

For example, the card or IC chip 26 is, in principle, unlikely to be stolen by a third party. A utilization process may be executed. Since Code C can be displayed by obtaining the user ID and password, the executing unit 103 executes the utilization process based on the upper limit when a utilization request is received using Code C. good.

According to the modified example 1-12, when the usage request is accepted using the card or the IC chip 26, the usage processing is executed regardless of the upper limit, and the usage request is accepted using the code. If so, the usage process is executed based on the upper limit. As a result, it is possible to prevent the convenience of legitimate users from being impaired, and effectively maintain the convenience.

[Modification 1-13]
For example, the reception unit 102 may be able to receive a usage request using the user terminal 20 logged in with a predetermined user ID. In the example of the first embodiment, the code C required for the usage request is displayed when the user is logged in with the user ID. Use code C to accept usage requests.

In the modified example 1-13, it is assumed that the user terminal information of the user terminals 20 logged in with individual user IDs is stored in the user database DB1. For example, when a certain user terminal 20 logs in with a certain user ID, the server 10 associates this user ID with the user terminal information of this user terminal 20 . When multiple user terminals 20 log in with a certain user ID, multiple pieces of user terminal information are associated with one user ID. When multiple user IDs log in to a certain user terminal 20, multiple user IDs are associated with one piece of user terminal information.

The execution unit 103 may determine whether to execute the usage process based on the upper limit, based on the number of user IDs that have logged in from the user terminal 20 corresponding to the usage request. For example, since it is unlikely that an authorized user logs in with a large number of user IDs, the execution unit 103 determines if the number of user IDs that have logged in from the user terminal 20 corresponding to the usage request is less than the threshold. , decides to perform the utilization process independently of the upper bound. On the other hand, a malicious third party may illegally obtain a large number of user IDs and log in. If the number is greater than or equal to the threshold, it is determined to execute the utilization process based on the upper limit.

According to modification 1-13, it is determined whether or not to execute the usage process based on the upper limit based on the number of user IDs that have logged in from the user terminal 20 corresponding to the usage request. As a result, it is possible to prevent the convenience of legitimate users from being impaired, and effectively maintain the convenience.

[Modification 1-14]
For example, the execution unit 103 determines whether or not to execute the usage process based on the upper limit, based on the usage details when the points are used illegally and the usage details corresponding to the usage request. The meaning of the usage content is as explained in Modification 1-10. The content of use when points are used illegally includes the amount used when a purchase is made with points used illegally, the ratio of the amount used to the total amount, the hours of use, the stores used, the products purchased, and the like.

Since the content of use by a legitimate user is often different from that of a malicious third party, the execution unit 103 determines the correspondence between the content of use when points are used illegally and the content of use corresponding to the use request. If not, it decides to perform the utilization process regardless of the upper limit. Since a malicious third party often illegally uses points continuously with the same content of use, the execution unit 103 responds to the content of use and the request for use when points are illegally used. If the content of use corresponds to , it is determined to execute the use process based on the upper limit. It should be noted that the meaning of the term "use content corresponds" is as described in modification 1-10.

According to the modified example 1-14, it is determined whether or not to execute the usage process based on the upper limit based on the details of use when the settlement means is illegally used and the details of use corresponding to the request for use. . As a result, it is possible to prevent the convenience of legitimate users from being impaired, and effectively maintain the convenience.

[Modification 1-15]
For example, the settlement system S may include a cancellation unit 107 that, when an upper limit is set, gradually removes the upper limit over time. The canceling unit 107 cancels the upper limit in stages each time a certain period of time elapses. Cancellation means increasing the upper limit or removing the upper limit itself. The time interval for removing the upper limit may be fixed, or may differ for each individual time interval. For example, the cancellation unit 107 increases the upper limit to 2000 points when three days have passed since the set time at which the upper limit of 1000 points was set. The canceling unit 107 gradually cancels the upper limit, such as increasing the upper limit to 3000 points when three days have passed. The amount of increase in the upper limit may be the same or different.

According to the modified example 1-15, when the upper limit is set, the upper limit is gradually lifted over time, thereby effectively maintaining convenience and effectively preventing unauthorized use of points. can.

[Modification 1-16]
For example, the payment system S may include a notification unit 108 that notifies the user of target information about the target store for which the upper limit is set. The target information is information that can identify the target store. For example, the target information is the store name, address, telephone number, or combination thereof of the target store. The notification unit 108 can notify the target information by any method. For example, the notification unit 108 may notify the target information using notification within an e-mail, SNS, SMS, message application, or point application. The target information may be notified at any timing after the upper limit is set. For example, the notification unit 108 may notify the target information immediately after the upper limit is set, or may notify the target information after a certain period of time has passed since the upper limit was set.

According to Modified Example 1-16, by notifying the user of the target information, the user can grasp in advance which store has set the upper limit of the points, which increases convenience.

[Modification 1-17]
For example, in the first embodiment, the upper limit is set for each target store, but the upper limit may be set for each target terminal. The target terminal is the store terminal 30 for which the upper limit is set. Even in the same store, the store terminal 30 where the upper limit is set and the store terminal 30 where the upper limit is not set may coexist. In addition, for example, even in the same store, the store terminal 30 where the upper limit of 1000 points is set and the store terminal 30 where the upper limit of 500 points is set may coexist. The target terminal may be specified by the administrator from the administrator terminal 40, or may be automatically selected as described below.

For example, in Modified Example 1-1, the first selection unit 104 selects the target terminal based on the location of the terminal whose points have been used fraudulently and the location of each of the plurality of shop terminals 30. may In Modified Example 1-2, the second selection unit 105 may select the target terminal based on the type of business of the illegally used terminal whose points have been used illegally and the type of business of each of the plurality of store terminals 30. good. In Modified Example 1-3, the third selection unit 106 selects the target terminal based on the usage amount when points are used illegally and the usage amount associated with each of the plurality of store terminals 30. You may For these processes, the parts described as target stores in modified examples 1-1 to 1-3 can be read as target terminals.

In Modified Example 1-4, points and other points can be used together for payment at the target terminal, and the upper limit may be the ratio of points to the total payment at the target terminal. In modification 1-5, setting section 101 may set an upper limit for each of a plurality of target terminals according to the target terminal. The accepting unit 102 may be capable of accepting usage requests from each of a plurality of target terminals. The execution unit 103 may execute the usage process based on the upper limit according to the target terminal that has made the usage request. In modification 1-6, the execution unit 103 determines whether or not to execute the usage process based on the upper limit based on whether the user corresponding to the usage request regularly uses the target terminal. good. In modification 1-16, the notification unit 108 may notify the user of target information regarding the target terminal for which the upper limit is set. For these processes, the parts described as target stores in modified examples 1-1 to 1-3 can be read as target terminals.

[3-2. Modification of Second Embodiment]
Next, a modified example according to the second embodiment will be described. FIG. 12 is a functional block diagram of a modification according to the second embodiment. In the modification according to the second embodiment, each function of FIG. 12 is realized.

[Modification 2-1]
For example, similarly to modification 1-7, the receiving unit 102 of the second embodiment may use each of a plurality of applications that can be installed on the user terminal 20 to receive usage requests. Furthermore, the application condition described in the second embodiment may be whether or not the user corresponding to the usage request normally uses the application corresponding to the usage request. This determination method may be the same as in modification 1-7.

The execution unit 103 does not apply the setting when it is determined that the user corresponding to the usage request regularly uses the application corresponding to the usage request. In this case, the execution unit 103 executes the usage process regardless of the setting. The execution unit 103 applies the settings when it is determined that the user corresponding to the usage request does not normally use the application corresponding to the usage request. In this case, if the setting is to restrict the use of points, the execution unit 103 does not execute the use process. If the upper limit is set as in the first embodiment, the execution unit 103 executes the usage process based on the upper limit.

According to the modification 2-1, by making it an application condition whether or not the user corresponding to the usage request regularly uses the application corresponding to the usage request, it is possible to prevent the convenience of the legitimate user from being impaired. It can be prevented and the convenience can be effectively maintained.

[Modification 2-2]
For example, similarly to modification 1-8, the receiving unit 102 of the second embodiment may use each of a plurality of user terminals 20 to receive usage requests. Furthermore, the application condition described in the second embodiment may be whether or not the user corresponding to the usage request normally uses the user terminal 20 corresponding to the usage request. This determination method may be the same as that of modification 1-8.

The execution unit 103 does not apply the setting when it is determined that the user corresponding to the usage request normally uses the user terminal 20 corresponding to the usage request. In this case, the execution unit 103 executes the usage process regardless of the setting. The execution unit 103 applies the settings when it is determined that the user corresponding to the usage request does not usually use the user terminal 20 corresponding to the usage request. In this case, the execution unit 103 does not execute the use process if the setting is to restrict the use of points. If the upper limit is set as in the first embodiment, the execution unit 103 executes the usage process based on the upper limit.

According to the modified example 2-2, the usability of the legitimate user is impaired by setting whether or not the user corresponding to the usage request regularly uses the user terminal 20 corresponding to the usage request as the application condition. It is possible to prevent this and effectively maintain convenience.

[Modification 2-3]
For example, similarly to Modified Example 1-9, the receiving unit 102 of the second embodiment may be capable of receiving usage requests by using each of a plurality of user terminals 20 capable of performing predetermined authentication. . Furthermore, the application condition described in the second embodiment may be whether or not the user terminal 20 corresponding to the usage request has been authenticated. This determination method may be the same as in modification 1-9.

The execution unit 103 does not apply the setting when it is determined that the user terminal 20 corresponding to the usage request has already performed the predetermined authentication. In this case, the execution unit 103 executes the usage process regardless of the setting. The execution unit 103 applies the setting when it is not determined that the user terminal 20 corresponding to the usage request has already performed the predetermined authentication. In this case, the execution unit 103 does not execute the use process if the setting is to restrict the use of points. If the upper limit is set as in the first embodiment, the execution unit 103 executes the usage process based on the upper limit.

According to the modification 2-3, by setting whether or not the user terminal 20 corresponding to the usage request has been authenticated as an application condition, it is possible to prevent the convenience of the legitimate user from being impaired, can effectively maintain sexuality.

[Modification 2-4]
For example, similar to modification 1-10, the application condition described in the second embodiment is whether or not the usage content corresponding to the usage request corresponds to the user's usual usage content corresponding to the usage request. may be This determination method may be the same as in modification 1-10.

The execution unit 103 does not apply the setting when the usage content corresponding to the usage request corresponds to the user's usual usage content corresponding to the usage request. In this case, the execution unit 103 executes the usage process regardless of the setting. The execution unit 103 applies the settings when the usage content corresponding to the usage request does not correspond to the user's usual usage content corresponding to the usage request. In this case, the execution unit 103 does not execute the use process if the setting is to restrict the use of points. If the upper limit is set as in the first embodiment, the execution unit 103 executes the usage process based on the upper limit.

According to the modified example 2-4, by setting whether or not the usage content corresponding to the usage request corresponds to the user's usual usage content corresponding to the usage request as the application condition, the convenience of the legitimate user can be improved. It is possible to effectively maintain convenience by preventing loss of quality.

[Modification 2-5]
For example, as in modification 1-11, in the second embodiment as well, each of a plurality of users who can use points may be assigned a rank according to the user's usage. Furthermore, the application condition described in the second embodiment may be a condition regarding the rank of the user corresponding to the usage request. Descriptions of ranks and the like may be the same as those of modification 1-11.

The execution unit 103 does not apply the setting when the rank of the user corresponding to the usage request is lower than the predetermined rank. In this case, the execution unit 103 executes the usage process regardless of the setting. The execution unit 103 applies the settings when the rank of the user corresponding to the usage request is equal to or higher than a predetermined rank. In this case, the execution unit 103 does not execute the use process if the setting is to restrict the use of points. If the upper limit is set as in the first embodiment, the execution unit 103 executes the usage process based on the upper limit.

According to the modified example 2-5, by using the application condition regarding the rank of the user corresponding to the usage request, it is possible to prevent the convenience of the legitimate user from being impaired and effectively maintain the convenience.

[Modification 2-6]
For example, similarly to Modified Example 1-12, the accepting unit 102 of the second embodiment can accept a usage request using each of the code displayed on the user terminal 20 and the card or IC chip 26. may be Furthermore, the applicable condition described in the second embodiment may be whether a request for use is accepted using a code or whether a request for use is accepted using a card or IC chip 26 . This determination method may be the same as that of modification 1-12.

The execution unit 103 does not apply the setting when the usage request is accepted using the card or the IC chip 26 . In this case, the execution unit 103 executes the usage process regardless of the setting. The execution unit 103 applies the setting when a usage request is accepted using the code C. FIG. In this case, the execution unit 103 does not execute the use process if the setting is to restrict the use of points. If the upper limit is set as in the first embodiment, the execution unit 103 executes the usage process based on the upper limit.

According to the modified example 2-6, by setting whether the usage request is accepted using the code C or whether the usage request is accepted using the card or the IC chip 26 as the application condition, the valid user's Convenience can be effectively maintained by preventing loss of convenience.

[Modification 2-7]
For example, similar to modification 1-13, the reception unit 102 of the second embodiment may be able to receive a usage request using the user terminal 20 logged in with a predetermined user ID. Furthermore, the application condition described in the second embodiment may be an application condition regarding the number of user IDs logged in by the user terminal 20 corresponding to the usage request. The method for identifying this number is as described in modification 1-13.

The execution unit 103 does not apply the setting when the number of user IDs that have logged in from the user terminal 20 corresponding to the usage request is less than the threshold. In this case, the execution unit 103 executes the usage process regardless of the setting. The execution unit 103 applies the setting when the number of user IDs that have logged in from the user terminal 20 corresponding to the usage request is equal to or greater than the threshold. In this case, the execution unit 103 does not execute the use process if the setting is to restrict the use of points. If the upper limit is set as in the first embodiment, the execution unit 103 executes the usage process based on the upper limit.

According to the modified example 2-7, by using the application condition regarding the number of user IDs that the user terminal 20 corresponding to the usage request has logged in, it is possible to prevent the legitimate user's convenience from being impaired, Convenience can be effectively maintained.

[Modification 2-8]
For example, similar to modification 1-14, the application condition described in the second embodiment is whether or not the content of use when points are used illegally corresponds to the content of use corresponding to the use request. may be This determination method may be the same as in modification 1-14.

The execution unit 103 does not apply the setting when the usage details when the points are used illegally do not correspond to the usage details corresponding to the usage request. In this case, the execution unit 103 executes the usage process regardless of the setting. The execution unit 103 applies the settings when the usage details when the points are used illegally correspond to the usage details corresponding to the usage request. In this case, the execution unit 103 does not execute the use process if the setting is to restrict the use of points. If the upper limit is set as in the first embodiment, the execution unit 103 executes the usage process based on the upper limit.

According to the modified example 2-8, by making it an application condition whether or not the content of use when the points are used illegally and the content of use corresponding to the use request correspond to each other, the convenience of the legitimate user can be improved. It is possible to effectively maintain convenience by preventing loss of quality.

[Modification 2-9]
For example, similar to Modification 1-15, the payment system S of the second embodiment may include a cancellation unit 107 that gradually cancels the settings over time when the settings have been made. This canceling method may be the same as that of modification 1-15. As for the setting that prohibits the use of the points itself, the upper limit amount may be gradually increased after the upper limit setting is changed.

According to the modified example 2-9, when the setting is made, by gradually canceling the setting according to the passage of time, convenience is effectively maintained and unauthorized use of points is effectively prevented. can.

[Modification 2-10]
For example, similar to modification 1-16, the payment system S of the second embodiment may include a notification unit 108 that notifies the user of target information regarding the target store for which the settings have been made. The content of the notification is as described in modification 1-16.

According to the modified example 2-10, by notifying the user of the target information, the user can grasp in advance which store has set the upper limit of the points, so that the user's convenience is enhanced.

[Modification 2-11]
For example, in the second embodiment, a case has been described in which use restrictions are set for each target store, but use restrictions may be set for each target terminal as in the modification 1-17. The upper limit in the description of modification 1-17 can be read as a usage limit.

[3-3. Other Modifications]
For example, the modified examples described above may be combined.

For example, the store is not limited to a physical store, and may be an online store. The payment system S may set restrictions on use of points for an online store as a target store when points are used fraudulently at a certain online store. The payment system S may determine whether or not to apply the usage restrictions set to the online target store based on the applicable conditions.

For example, the target terminal may be a vending machine instead of a terminal located in a store. When points are used illegally at a certain vending machine, the settlement system S may set restrictions on use of points with this vending machine or a nearby vending machine as the target terminal. The payment system S may determine whether or not to apply the usage restrictions set for the vending machine based on the applicable conditions. The target terminal may not be a vending machine, but may be another terminal such as an automatic ticket gate at a station or a check-in machine at a hotel. The target terminal may be any terminal that can use payment means such as points.

For example, the payment method is not limited to points, and may be any payment method described above. For example, the settlement system S may set an upper limit or use limit of the credit card for the target store or the target terminal when the credit card is used illegally. For example, the settlement system S can be applied not only to a mode in which settlement is executed by holding the user terminal 20 over the store terminal 30 or the reading device 36, but also to a case in which settlement is executed only by operating the user terminal 20. be. In this case, a usage request is transmitted from the user terminal 20 to the server 10 . For example, although a case has been described where the main functions are implemented by the server 10, each function may be shared by a plurality of computers. For example, the functions described as being implemented by the server 10 may be implemented by the user terminal 20, the store terminal 30, or the administrator terminal 40. FIG. Data described as being stored on server 10 may also be stored on other computers, such as database servers.

S payment system, N network, 10 server, 11, 21, 31, 41 control unit, 12, 22, 32, 42 storage unit, 13, 23, 33, 43 communication unit, 20 user terminal, 24, 34, 44 operation Unit, 25,35,45 Display Unit, 26 IC Chip, 30 Store Terminal, 36 Reader, 40 Administrator Terminal, 100 Data Storage Unit, 101 Setting Unit, 102 Reception Unit, 103 Execution Unit, 104 First Selection Unit, 105 second selection unit 106 third selection unit 107 cancellation unit 108 notification unit 200 data storage unit 201 display control unit 300 data storage unit 301 use request transmission unit 400 data storage unit 401 setting transmission unit , DB1 user database, DB2 store database.

Claims (15)

Settings for setting restrictions on the use of said payment method at a target store or target terminal selected from among multiple stores or multiple terminals that allow said payment method to be used in the event of unauthorized use of said payment method. means and
receiving means for receiving a request for use of the payment means at the target store or the target terminal;
means for executing a use process for using the payment means when the use request is accepted, the executing means for determining whether or not to apply the setting based on a predetermined condition; ,
payment system, including The condition is whether or not the user corresponding to the usage request regularly uses the target store or the target terminal,
The payment system according to claim 1. The receiving means can receive the usage request by using each of a plurality of applications that can be installed on the user terminal,
The condition is whether or not the user corresponding to the usage request regularly uses the application corresponding to the usage request.
The settlement system according to claim 1 or 2. The receiving means is capable of receiving the usage request by using each of a plurality of user terminals,
The condition is whether or not the user corresponding to the usage request normally uses the user terminal corresponding to the usage request.
The payment system according to any one of claims 1 to 3. The accepting means is capable of accepting the usage request by using each of a plurality of user terminals capable of performing predetermined authentication,
the condition is whether or not the user terminal corresponding to the usage request has executed the authentication;
The payment system according to any one of claims 1 to 4. The condition is whether or not the usage content corresponding to the usage request corresponds to the user's usual usage content corresponding to the usage request.
The settlement system according to any one of claims 1-5. Each of a plurality of users who can use the payment means is set with a rank according to the use of the user,
The condition is a condition regarding the rank of the user corresponding to the usage request,
The payment system according to any one of claims 1-6. The accepting means can accept the usage request by using a code displayed on the user terminal and a card or an IC chip,
The condition is whether the request for use has been accepted using the code, or whether the request for use has been accepted using the card or the IC chip;
The payment system according to any one of claims 1-7. The receiving means can receive the usage request by using a user terminal logged in with predetermined user identification information,
The condition is a condition regarding the number of user identification information that the user terminal corresponding to the usage request has logged in,
The payment system according to any one of claims 1-8. The condition is whether or not the content of use when the payment means is illegally used corresponds to the content of use corresponding to the request for use.
The payment system according to any one of claims 1-9. the payment system, when the setting is performed, releasing means for gradually releasing the setting over time;
The payment system according to claim 1. The payment system includes notification means for notifying the user of target information regarding the target store or the target terminal in which the settings have been made;
The settlement system according to any one of claims 1 to 11, further comprising: The payment method is a point that can be used for payment using another payment method,
The setting is a setting related to the limitation of appropriation of the points,
The use request is a request regarding appropriation of the points,
The utilization process is a process related to appropriation of the points,
The payment system according to any one of claims 1-12. Settings for setting restrictions on the use of said payment method at a target store or target terminal selected from among multiple stores or multiple terminals that allow said payment method to be used in the event of unauthorized use of said payment method. a step;
a receiving step of receiving a request for use of the payment means at the target store or the target terminal;
a means capable of executing a use process for using the payment means when the use request is accepted, and an execution step of determining whether or not to apply the setting based on a predetermined condition; ,
payment methods, including Settings for setting restrictions on the use of said payment method at a target store or target terminal selected from among multiple stores or multiple terminals that allow said payment method to be used in the event of unauthorized use of said payment method. means,
Receiving means for receiving a request for use of the payment means at the target store or the target terminal;
a means capable of executing a usage process for using the payment means when the usage request is accepted, the execution means determining whether or not to apply the setting based on a predetermined condition;
A program that allows a computer to function as a

Images