JP6511409B2 - Transaction locking system and transaction locking method in financial institution - Google Patents

Description

  The present invention relates to a transaction locking system and a transaction locking method which prevent fraudulent transactions in a financial institution to ensure transaction safety and which do not hinder the quickness of transactions.

  In recent business forms with financial institutions, machines such as ATMs (automatic teller machines) installed at financial institutions and other places are often selected instead of window transactions, and IT such as the Internet With the rapid spread of infrastructure and changes in social living environment, Internet banking, which does not need to go directly to the location of financial institutions and ATMs, is rapidly spreading and expanding. On the other hand, forgery of the deposit being taken unlawfully by forgery of a cash card used as a personal identification item for confirming the existence of the trader's principal ability in these transactions or the theft of ID and password of Internet banking. The method is getting more complicated and sophisticated every day.

  "Phishing scam" and "illegal remittance virus" are known as typical methods of illegal remittance in Internet banking. For example, the "phishing scam" trick is that a fraudster sends a fake email impersonating a financial institution to a contractor to deceive the contractor and pretends to be a financial institution listed in the fake email to the contractor Access the website and follow the instructions to enter information such as "ID, password, random number table data", steal the information, access the "real website" of the financial institution and carry out unauthorized remittance. is there.

  As a safety measure against unauthorized remittances in Internet banking as described above, the “Phishing Prevention Council” will “beware of suspicious emails.” “Be careful of unusual login screens.” “Always update the OS and software. We draw up guidelines such as "always update virus definition database" "check account regularly" "install fraudulent anti-counterfeit software" and draw attention to user side .

  According to the National Police Agency's announcement, the damage caused by fraudulent remittances in Internet banking was 64 cases in 2012, approximately 48 million yen, and 1,315 cases in 2013, approximately 1,4600 It reached 10,000 yen damage, and in 2014, the damage amounted to 1,876, approx. 2,910 million yen, more than twice the amount of the previous year, which is a big threat that threatens the existence of Internet banking. ing.

  On the other hand, the financial institution side also sends a one-time password to the user by e-mail or generates it using the application of the smartphone at the time of confirmation such as transfer to other than registration destination, and the transaction confirmation password It is taking measures to use as. Furthermore, recently, a confirmation key for identity verification in a predetermined transaction request via the Internet is generated from transaction history information when using ATM and transmitted to ATM, and the user receives the confirmation key via ATM There is also provided a means for use as an auxiliary personal identification means in Internet banking (Patent Document 1).

The damage caused by fraudulent transactions has been reported not only in Internet banking, but also in transactions that use cash cards that are more familiar. The typical method is as follows.
[Title 1: How to attach a skimming device to the card slot of ATM]
Attach a skimming device to the ATM card insertion slot, skimming data on a magnetic stripe such as a cash card, and illegally acquiring a code number entered by a depositor with a small camera installed near the ATM, and forged cache Unauthorized withdrawal of deposits from overseas ATMs using cards.

[Ticket 2: A technique for removing a cash card from a locker, etc. of the PIN code and forging it]
When a user of a PIN code locker or security box such as a golf course inputs a PIN code, the victim may use a PIN code such as a locker obtained by peeping from behind or stealing with a small camera. Open the locker etc. and skimming the data on the magnetic stripe of the cash card with the skimming device before noticing. Since the security code of a cash card is often used also for a security code such as a locker, it is used to withdraw deposits improperly.

[Title 3: Sneaks, vandalism, placement, slips, tricks by snatching]
At the time of the crime, the bank card is stolen, and the deposit is taken out from the ATM by guessing the password from the stolen item together with the bank card.

[Title 4: A method of doing fraudulent transactions "in the guise of kindness" to the elderly and care recipient]
Trust the other party through the care of the elderly living alone and the care recipient, and substitute the bank transaction of the person, deposit the passbook, seal or cash card, ask for the password, and perform a transaction other than the requested bank transaction. Run and withdraw cash.

  On the other hand, the financial institution side also adds a skimming prevention function to the cash card reading portion or prevents the cash card reading portion from taking a cash card by writing a special symbol on the magnetic stripe in order to prevent unauthorized payment by a forged cash card. When implementing special operations and incorporating a mechanism that makes it difficult to skimm in the ATM, or write different special symbols on the magnetic stripe of the cash card every time the transaction is completed, whether or not it was traded with a valid cash card Measures are taken to make it possible to

  Furthermore, in order to prevent unauthorized payment by the theft cash card, it is easy for a third party to guess at a password such as disabling the setting of the password in a number having a close relationship with the contractor such as the date of birth. It reminds you not to use numbers.

  In the case of window transactions, which are the basis of transactions with financial institutions, in principle, personal identification is performed using a passbook and a seal. The passbook and the seal are always exposed to the risk of theft or forgery, and as long as the passbook exists and the seal imprints match, there is no means to prevent the transaction even if it is a fraudulent transaction. At best, it limits the withdrawal amount per day. That is, if the seal and the passbook are stolen, the fraudulent transaction will be repeated within the limit unless the trader notifies the financial institution, and there is no means to prevent this.

JP 2008-123461A

  In order to engage in social life and conduct economic activities, transactions with financial institutions are essential, and it is widely used in economic activities such as deposit, borrowing, savings, settlement of various types of money regardless of individuals, corporations, and groups. It is done. Indeed, financial institutions can be said to be partners in social life and economic activities. In transactions with financial institutions, it is first and foremost required to eliminate fraudulent transactions in order to establish transaction security. For that purpose, it is necessary to guarantee the security of the personal identification system which prevents a fraudulent transaction by checking the existence of the transactor's principal ability by an account unit by various authentication items. At the same time, measures to prevent fraudulent transactions should not compromise the effectiveness of the transaction. Therefore, in the transaction, both security and promptness need to be established simultaneously.

  However, with regard to measures to prevent fraudulent transactions in Internet banking and ATM transactions as described above, there is also a new means by which a financial institution develops a new certified item and breaks it again every time it takes a new fraudulent transaction preventive measure. The fact is that it is provided to For example, providing a one-time password using email etc. currently adopted by many financial institutions as a measure to prevent fraudulent transactions in Internet banking, the personal computer used by the user is infected with malware (malicious malicious software) If it does, it contains the risk of spilling to a third party, and it can not be a complete safety measure. The fact is that there is no way to prevent fraudulent transactions if you do not know that the account has been stolen in passbook and seal window transactions.

  In addition, biometric authentication using fingerprints, palm prints, voice prints, faces, irises, and other living bodies as personal authentication items has begun to spread, but since living bodies are also managed as data and managed as living body information, that data If it is stolen, it is analyzed and replicated, and has the possibility of being breached. Furthermore, since biometric information can not be arbitrarily updated like a password, there is a fatal problem that once it is breached by duplication, security can not be recovered over its lifetime. In addition, there are people who can not use biometric authentication under certain circumstances. Therefore, although the security of the present personal identification system has been dramatically improved by the construction of various security measures, there is always the possibility that the security measures can be broken, and fraudulent transactions are completely eliminated. The fact is that we can not prevent it and we can not guarantee the safety.

  Therefore, the present invention is a financial institution from the viewpoint of strengthening the security of the conventional personal identification system in order to allow everyone to trade smoothly with the financial institution without compromising the promptness of the transaction. It aims at providing a new transaction locking system and a transaction locking method for preventing illegal transactions and securing transaction safety separately from the conventional person authentication system.

  As a result of keen research on the security of transactions in financial institutions, the inventor of the present invention has been able to steal authentication items as defenses, regardless of how defensive measures are taken, in the personal identification system, which is the conventional measure for preventing fraudulent transactions. Based on the assumption that there is a possibility of being breached, that is, on the premise that security measures are breached, we have come to a new finding that it is necessary to prevent fraudulent transactions. Based on this finding, even if the personal identification system is breached by unauthorized means, transaction locking at a financial institution separated and independent from the conventional personal identification system to ensure both the security and promptness of the transaction Provides a system and a transaction locking method.

That is, the present invention is separated and independent from a person authentication system that confirms the presence or absence of the principal of a transactor on an account basis in a transaction with a financial institution, and is added to the person authentication system and constructed. Is connected to the financial institution via the telephone network of the telecommunication carrier from the mobile phone, the information is transmitted to the financial institution as the transmittable and unforgeable information using the caller ID of the mobile phone as a key, and the financial institution is connected. The line is disconnected, and the transmitted caller ID is associated with the contractor number assigned to each contractor through all the stores of the financial institution and having a 1: 1 relationship with the contractor. Te, by matching and judgment by locking engine engaged with registration caller number of subscribers registered in the subscriber database of pre-financial institutions, pre-selected by the subscriber unit as a tablet The account in a lump whether or not all of the transactions, caller ID, based on the transaction locking system in the registration caller ID and financial institutions and trading non-locked state or tradable unlocked state using the subscriber number To provide.

As an example of the transaction locking system in the above-mentioned basic financial institution, always all the accounts selected in advance by the contractor unit are collectively put in the non-trading lock state, the sender number transmitted to the financial institution, and the financial By matching with the registered sender number of the contractor registered in the contractor database of the organization, by collectively unlocking the transaction availability of all the accounts selected in advance by the contractor unit in the locked state for a certain period of time Providing a transaction locking system at a financial institution in which transactions can be made in units of contractors, as another example, always setting all the accounts previously selected in units of contractors in an unlocked state that can be traded collectively The contractor in the unlocked state is obtained by matching the caller ID transmitted to the institution with the registered caller ID of the contractor registered in advance in the contractor database of the financial institution. By collectively lock the pre-selected account propriety of all transactions in place, to provide a transaction locking system in a financial institution to a non-traded state the contractor as a unit.

On the other hand, when the sender's number transmitted to the financial institution and the registered sender's number of the contractor registered in advance in the contractor database of the financial institution are different, all the accounts selected in advance in units of contractors as locks. Whether or not to make a transaction is collectively held in the normal state of the transaction locking system in the locked state or the unlocked state.

Then, there is provided a configuration in which the caller number of the mobile phone in the contractor's name is used as the caller number, and the configuration in which the smart phone is used as the mobile phone .

  Furthermore, a configuration for performing a call to a financial institution via a locking application on the web, a call for a financial institution via a locking application on the web, and connecting the telephone number of the financial institution on the locking application Possible configuration to display and perform, configuration to select at random the telephone number of the financial institution from multiple phone numbers and display it on the lock app on the web, transaction with the financial institution ATM transaction, internet banking transaction or window transaction Providing a configuration in which the transaction with the financial institution is withdrawal, receipt, inquiry, change in personal attribute or change in authentication means.

Then, when the transaction locking system in any one of the financial institutions described above is used, the transaction locking system is in the unlocked state, and identity verification is established in which the presence or absence of the principal ability of the transactor is confirmed on an account basis. financial institutions to provide a transaction locking method in the financial institutions which enables carrying out transactions with financial institutions. Furthermore, only when the transaction locking system is in the unlocked state, in the transaction with the financial institution , a method that enables the financial institution to carry out an identity verification in which the existence of the principal ability of the trader can be confirmed on an account basis; A method is provided which enables a financial institution to confirm the unlocking state of the transaction locking system after identity authentication for confirming the presence or absence of an independent ability on an account basis is established.

  The first feature of the present invention described above is that it is separated and independent from the person authentication system which is the conventional means for preventing fraudulent transactions, and is added to the person authentication system. That is, in transaction with a financial institution, a transaction locking system is separated and independent from the conventional person authentication system that confirms the presence or absence of the transactor's principal ability on an account basis, and a key that can be transmitted and that can not be forged Since the transaction locking method can be provided, even if the authentication item of the conventional personal authentication system is stolen or forged, illegal transactions can be reliably prevented, and the vulnerability of the conventional personal authentication system is assured. It is possible to secure the security of the transaction by covering it. Therefore, according to the present invention, it is possible for anyone to trade smoothly with a financial institution without compromising the quickness of the trade.

  The second feature of the present invention is as in the case of a conventional authentication item by using transmittable and non-forgeable information, specifically a mobile phone caller ID, as a key for determining whether or not a transaction can be made. The risk of being forged can be eliminated, and security can be doubled from both the object (mobile phone) and the information (sender number).

  The third feature of the present invention is that the lock or unlocking lock using the above-mentioned key is made a contractor transaction, and it is not a single account unit as in the conventional personal identification system but a batch. The convenience is high because it can be operated on a contractor basis.

  A fourth feature of the present invention is to transmit a key consisting of a caller ID to a financial institution using remote control, particularly using a telephone network, and can be used anytime and anywhere, and quickness Does not compromise the effectiveness of the required transaction. Moreover, there is no need to install the application on a mobile phone such as a smart phone in order to use the application on the Web, and even if the mobile phone is replaced, the same phone number can be used as it is, and There is no communication charge because it is sufficient for both the trader and the financial institution to receive the call. Furthermore, even if the mobile phone is lost, the transaction locking system can not be unlocked by locking the mobile phone itself.

  Furthermore, since it is possible to arbitrarily select whether to be in a locked state that can not be traded at all times or in a lockable state that can be traded, priority is given to security or convenience of the transaction depending on the purpose and situation of the transaction at the financial institution. It is possible to optionally set priority on gender. In particular, in the future aging society, even when the elderly person and the care recipient require a third party to make a financial transaction, the security of the transaction can be controlled by oneself or the family.

The basic composition figure of the transaction locking system concerning the present invention. BRIEF DESCRIPTION OF THE DRAWINGS The basic composition figure of 1st Embodiment of this invention. The basic composition figure of a 2nd embodiment of the present invention. Explanatory drawing of the transmission method of the key used by this invention. The detailed block diagram of 1st Embodiment of this invention. The detailed block diagram of 2nd Embodiment of this invention. Basic configuration of Internet banking transaction. The main part block diagram of the internet banking transaction. The main part block diagram of the internet banking transaction. Basic configuration of ATM transaction. The principal part block diagram of ATM transaction. The principal part block diagram of ATM transaction. The basic composition figure of the window transaction. The main part block diagram of window transaction. The main part block diagram of window transaction. The basic conceptual diagram of this invention. The basic conceptual diagram of this invention.

  Hereinafter, embodiments of a transaction locking system and a transaction locking method in a financial institution according to the present invention will be described based on the drawings. The transaction with a financial institution to which the present invention is applied refers to a deposit business, a loan business, a foreign exchange business, a securities business, and insurance that require the financial institution to confirm the existence of the transactional agent's principal ability on an account basis. It refers to financial transactions such as business in general, and representative transactions include withdrawal, deposit, inquiry, change of personal items, change of authentication means, etc. Therefore, the direct debit to carry out the automatic deduction of the utility charges, the tax, the use price of the credit card, etc. is excluded. Also, as financial institutions, not only credit banks, banks, agricultural cooperatives, securities companies, etc., but also non-banks such as credit sales companies, credit companies, leasing companies etc. And Although payment does not currently require confirmation of the trader's independent ability, payment can also be included in the transaction targeted by the present invention. Furthermore, the means of transaction is not limited, and may be ATM transaction, internet banking transaction, window transaction, and other transaction means.

  FIG. 16 is a basic conceptual view of the present invention, and as shown in the figure, the first feature of the present invention is separated and independent from the person authentication system A which is the conventional fraudulent transaction preventing means, and It is added to system A. As shown in FIG. 16, the measures for preventing fraudulent transactions in the conventional personal identification system A are strengthened by setting various authentication items such as "ID, password, cash card, personal identification number, passbook, seal stamp" etc. It strengthens defense measures against theft, that is, measures for how to prevent the authentication item from being stolen. For example, "Countermeasure 1: how to prevent the Internet banking ID / password from being stolen", "measure 2: how to not forgery a cash card", and so on. Specific examples of the measures 1 and 2 are as described above as the prior art. However, even if measures 1 and 2 are newly constructed, new techniques for breaking them are further developed, and the method becomes more sophisticated and complicated, and in the end, person authentication that measures 1 and 2 are constructed System A is also broken. In this case, it becomes a "lethal play" between the defense measures of certified items and the attack means for fraudulent transactions, and not only "it is unmistakable in measures" but also a drastic solution, the rapid spread of the current IT infrastructure And the safety of financial transactions in line with changes in social and living environments can not be established. That is, it is not guaranteed that anyone can deposit money at a financial institution with peace of mind and trade. Therefore, as the statistics of the above-mentioned fraudulent transaction show, it has caused the rapid increase of damage by fraudulent transaction.

  Therefore, regardless of how the inventor radically changes ideas and takes defensive measures, the defensive measures are eventually broken, and various authentication items are likely to be stolen. It is necessary to try to prevent, that is, "Prerequisite 1: Internet banking ID / password may be stolen" "Prerequisite 2: Cash card may be forged" "Assumption 3: We have come to a new finding that it is necessary to assume that security measures are broken, such as that the code number may be stolen. Based on this finding, even if various authentication items of the conventional personal authentication system A are stolen and the personal authentication system A can not prevent fraudulent transactions, the personal authentication system is separated and independent from the personal authentication system A. A transaction lock according to the present invention which secures the security of the transaction and does not impair the swiftness of the transaction by arbitrarily creating a non-tradable lock state or a non-tradable lock state independently of the system A. System S was built.

  Therefore, as shown in case 1 of FIG. 17, the transaction locking system S according to the present invention is unlocked and becomes a transactable state, and the transaction is executed for the first time after being authenticated as the person by the conventional person authentication system A. can do. Unless the transaction locking system S is unlocked, as shown in case 2 of FIG. 17, the transaction can not be performed even if the user authentication is possible by the user authentication system A. Therefore, even if the authentication item of the personal identification system A, for example, the cash card and the personal identification number are stolen, the transaction locking system S is in a locked state, so it is in a non-trading state, and the damage of the illegal transaction. I have never met

  On the other hand, even if the transaction locking system S is unlocked, as shown in case 3 of FIG. It is a safety net. In addition, although unlocking the transaction locking system S is basically based on unlocking before performing authentication by the person authentication system A, the transaction locking system S is unlocked after passing through the person authentication system A. You may do it.

  It is possible to freely select whether the normal state of the transaction locking system S is in a non-tradeable state as a locked state or in a tradeable state as an unlocked state. That is, in consideration of safety, it is necessary to always unlock the transaction locking system S at the time of transaction, or always make the transaction locking system S in the unlocked state so that transactions can be made only by the person authentication system A, the person It is optional to lock the transaction locking system S only in an emergency such as theft or loss of the certified item or when it is necessary to enhance the security.

  First, the basic configuration of unlocking or locking by this transaction locking system S according to the present invention will be described based on FIG. The transaction locking system S is installed separately from the existing person authentication system A separately from the person authentication system A, and always holds the transaction in the locked state or the unlocked state on a contractor basis. Therefore, in order to make a transaction or to stop the transaction, the transaction locking system S solves the lock R consisting of the propriety of the transaction per contractor by the key K consisting of transmittable and non-forgeable information. It is necessary to lock and make it tradable or lock and make it untradable.

  In FIG. 1, reference numeral 10 denotes a trader who carries out a transaction, at the time of transaction, a mobile phone 11 having a caller number 13 (telephone number) registered in advance at a financial institution. Call to a financial institution 30 to make a transaction through the telephone network 21 of At the time of the call, as shown in FIG. 4, the lock application 12 on the Web is activated from the smartphone 11a, and the telephone application 31 which is randomly extracted from the telephone number group of the financial institution 30 is erected on the lock application 12. It is displayed on the display so that the financial institution 30 can be called by the trader 10 selecting it. In this way, the trader 10 does not have to store or record the telephone number 31 of the financial institution 30, and it is not necessary to download the lock application 12 to the smartphone 11a. In addition, if the toll free number is selected as the telephone number 31 of the financial institution 30, it is possible to clearly indicate that the trader 10 does not need to bear the communication fee.

  In addition, the telephone number 31 of the financial institution 30 displayed in the locking application 12 on the web is more secure by displaying shuffled applications every time the locking application 12 on the web is activated from a plurality of telephone number groups. Sex is increased. As the mobile phone 11 to be used, it is basically to use the mobile phone 11 in the name of oneself, but even if it is the mobile phone 11 in the name of others such as family name, the caller number 13 (phone number) to the financial institution 30 If it is the mobile telephone 11 which registered, it is usable. Preferably, the mobile phone 11 occupied by the trader 10, regardless of his or her name or another's name. By occupying, the caller number 13 which is the key K can be physically protected from the third party. In addition, since the mobile phone 11 is often carried at all times and the mobile phone 11 itself can be locked even if it is lost or stolen, the object (mobile phone 11) and information (sending) The security can be doubled from both sides of the person number 13). The fixed telephone can notify the caller ID as well as the mobile telephone 11, but it is not used in the present invention because it can not be carried, occupied, or locked. In addition, it is convenient to use a smartphone 11 a as the mobile phone 11.

  As described above, the second feature of the present invention is to use communicable and non-forgeable information as a key K for judging whether or not to make a transaction. The key K corresponds to an authentication item such as a cash card, a personal identification number, an ID, a password, a living body, and a seal in the existing personal identification system A. The limitation of the conventional personal authentication system A is that the authentication item can be stolen, forged or copied, no matter how the security measures are strengthened. In order to prevent fraudulent transactions and ensure the security of transactions, it is required that forgery or duplication is impossible above all. In the present invention, forgery, duplication, and concepts similar thereto are also referred to as forgery. Also, in order to secure the effectiveness of preventing fraudulent transactions without compromising the swiftness of transactions, it is required to be able to transmit information smoothly. Therefore, the present invention can not be forged, can be transmitted as information, and as a result of conducting researches focusing on things owned by most of the traders, as a thing that satisfies the conditions, a caller at the time of a call We focused on the caller number 13 that is notified to the destination as a number notification.

  Caller ID notification is a service that notifies the called party (ie, financial institution 30) of the telephone line number (telephone number) of the caller (ie, trader 10) as the caller number 13 at the time of a call. The side can obtain the notified caller number 13 as information. This sender number 13 has also been spoofed in the past, specifically, before 2005, and incidents such as fraud etc occur when it is considered as a genuine sender and comes out on the phone. It had become. Therefore, in 2005, the "General Association Japan Telecommunications Carriers Association" formulated the "Guidelines for displaying fake caller ID" and in accordance with these guidelines, the telecommunications carriers who own transmission line equipment (ie, communication carriers 20) Because the necessary measures are taken by), there is no possibility of forgery now. In addition, since information is automatically transmitted by a call, it can be used by everyone without the need for troublesome procedures for information transmission. The penetration rate of the mobile phone 11 has already exceeded 120% for the population, and the smartphone 11a is also rapidly spreading from 50%, so it is established as an IT infrastructure. In particular, the smartphone 11a is the most familiar information tool for users such as Internet banking.

  Therefore, in the present invention, the transmitter number 13 of the mobile phone 11, in particular, the transmitter number 13 of the smartphone 11a, is used as the key K as communicable and non-forgeable information. In the present invention, the information used as the key K is not specified to the sender number 13, and any information that can be transmitted and can not be forged can be used.

  The financial institution 30 receiving the call from the trader 10 via the locking application 12 on the web disconnects the line after confirming the incoming call (after one call). Thus, the caller number 13 of the smartphone 11a as the key K used by the trader 10 is transmitted to the financial institution 30 as information via the telephone network 21 of the communication carrier 20.

  The financial institution 30 uses the lock engine 32 to collate and judge the agreement between the key K consisting of the received sender number 13 and the registered sender number 41 a registered in advance as the lock information 41 in the contractor database 40. In the contractor database 40, locking information 41 and contractor management information 42 are stored. As the locking information 41, the registered sender number 41a, the second registered sender number 41b, the validity of the key 41c, Content of locking agreement 41d, locking status 41e, and other locking management information 41f are stored, and as contractor management information 42, contractor number 42a, contractor 42b, account number associated with registered sender number 41a 42c and other contractor management information 42d are stored. The contractor database 40 may store only the locking information 41 or only the registered sender number 41a and the second registered sender number 41b, and other information may be stored in another database. That is, the contractor database 40 may be divided and installed in a plurality of databases.

  The contractor number 42a is a number given by numbering for each contractor through all stores regardless of the head office or branch of the actual store of the financial institution 30, and the branch on the Internet. [Contractor 42b: Contractor number 42a = 1: 1]. Therefore, by associating the registration originator number 41a with the contractor number 42a, all information of the contractor 42b can be extracted and used using the registration originator number 41a, that is, the transaction can be performed with the contractor 42b as a unit. It becomes possible to judge whether the sender / receiver number 13 transmitted to the financial institution 30 and the registered sender number 41a registered in advance in the financial institution 30 match or not. The present invention is not limited to the contractor number 42a, and other information may be used if it has a 1: 1 relationship with the contractor 42b.

  When the key K consisting of the received sender number 13 matches 33a with the registered sender number 41a registered in advance in the contractor database 40, the financial institution 30 makes a call to the correspondent 10 of the financial institution 30. Since it can be confirmed that the contractor 42b is used, if the lock R is always in a non-trading lockable state in units of the contractor 42b, the lock 34 is unlocked, while the lock R always trades in the unit of contractor 42b If it is possible to unlock, lock 35 is performed. That is, in the former case, the lock R consisting of the propriety of the contractor transaction is unlocked 34 and registered in the contractor management information 42 of the contractor 42b having the contractor number 42a corresponding to the registered sender number 41a. All of the transactions in the account that have been made can be traded for a certain period of time. Thereafter, when a predetermined time has elapsed, the lock R is returned to the non-trading lock state again. On the other hand, in the latter case, the lock R is locked 35 to make it a non-tradeable 37 state. Therefore, the trader 10 (contractor 42b) can perform the unlocking 34 or the locking 35 of the lock R by remote control using the key K via the telephone network 21, and is registered in advance in the contractor management information 42. All of the trades of the account being made can be in the state of 36 or 37 non-tradeable.

  When the key K consisting of the received sender number 13 differs 33b from the registered sender number 41a registered in advance in the contractor database 40, the financial institution 30 makes a call to the correspondent 10 who is the financial institution. The procedure of the unlocking 34 or the locking 35 of the lock R is ended 38 because it can not be confirmed that it is the 30 contractor 42b. In this case, the lock R remains in the set normal state.

  The second registered caller number 41b registered as the locking information 41 is used as a reserve for the registered caller number 41a, and another mobile phone 11 can be used if registered in advance. The validity 41c of the key is information on whether or not the registered sender number 41a and the second registered sender number 41b can be used, the content 41d of the locking contract is information for specifying a target transaction or account, the locking status 41e is a lock Information on the presence or absence of locking of R. The other lock management information 41 f is other information required to operate the lock system.

  The contractor 42b registered as the contractor management information 42 is the name of a contractor having a 1: 1 relationship with the contractor number 42a, and the account number 42c is an account number owned by the contractor 42b. The other contractor management information 42d is other information owned by the financial institution 30 with respect to the contractor 42b.

[First embodiment / lock R: always locked state]
Therefore, as the first embodiment of the present invention, the basic configuration in the case where the lock R is always in the non-trading locked state is extracted from FIG. 1 and shown in FIG. 2 and locked and always set to non-trading The configuration of a system in which the lock R is unlocked 34 to make it tradable 36 will be described based on FIG. The same components as those in the basic configuration shown in FIG. 1 will be assigned the same reference numerals and descriptions thereof will be omitted. In the first embodiment, the lock R is always locked in units of the contractor 42b, that is, all the transactions registered in advance by the contractor 42b with the financial institution 30 are locked in the non-trading state. The contractor 42b arbitrarily selects a transaction to be a target of the transaction locking system S according to the present invention from among the transactions performed by the contractor 42b, and registers the transaction in advance in the financial institution 30.

  The locking application 12 on the Web is activated from the smartphone 11a of the trader 10 by the transaction locking system S, and the telephone number 31 randomly extracted from the telephone number group of the financial institution 30 and displayed on the locking application 12 is displayed. By making a selection, a call is made to the financial institution 30. When this call is received 51, the locking engine 32 performs caller number and call reception number acquisition 52 and performs call disconnection 53 of the call with one call. As a result, the financial institution 30 can obtain the caller number 13 (key K) of the trader 10 and the telephone number 31 (receiving number) of the financial institution 30 used by the trader 10 as information.

  Next, using the obtained caller number 13 as a key K, a caller number (key) inquiry 54 is made to the contractor database 40, and the obtained caller number 13 (key K) is registered as the lock information 41 A comparison / determination 33 is made as to whether or not it matches the registered sender number 41a. If the caller number 13 (key K) matches 33a with the registered caller number 41a, it can be confirmed with the true trader of the financial institution 30, the contractor number 55 is obtained from the registered sender number 41a and the contractor The number 42a is acquired, and then the contractor management information acquisition 56 is performed to specify the trading account registered in the contractor management information 42.

  Thereafter, it is performed to the incoming call number management database 43 as the incoming call number inquiry 57 whether the acquired incoming call number (phone number 31 of the financial institution 30 that made the call from the trader 10) is true or false Make a decision 58. Security can be further enhanced by confirming the correctness of the incoming call number randomly extracted from a plurality of telephone number groups together with the caller number 13 (key K). If the incoming call number matches 58a, the lock R in the locked state is unlocked 34, and as the transaction locking system S, all transactions of the account registered in the contractor management information 42 are traded by contractor 42b It is possible 36. Then, the monitoring timer is activated 59, and after a certain time that can be traded, the lock R is returned to the locked state as shown by the arrow 39. While the lock R is unlocked 34, the trader 10 can conduct a transaction by being authenticated as the principal by the conventional personal identification system A.

  On the other hand, when the caller number 13 (key K) is different 33b from the registered caller number 41a registered in advance in the contractor database 40, the process termination 38 of the operation of the transaction locking system S is immediately carried out. Hold the locked state. In this state, since the transaction locking system S remains locked, it is not possible to conduct a transaction regardless of the presence or absence of authentication by the person authentication system A.

  Further, when the incoming call number is different 58b due to the comparison / decision 58, even if the sender number 13 (key K) and the registered sender number 41a coincide 33a, the processing end 60 of the transaction locking system S is performed. Then, the contractor management information update 61 is performed, the information is registered in the contractor management information 42, and appropriate security measures such as notifying the contractor 42b are taken.

  The contractor database 40 and the incoming call number management database 43 are provided in the financial institution 30 so as to be accessible from the locking engine 32 as an external storage device 50 (see FIGS. 5 and 6) together with other databases. There is no particular limitation on which database the required information is registered in, and it may be available as information from the locking engine 32.

[Second Embodiment / Lock R: Always Unlocked]
Next, as a second embodiment of the present invention, the basic configuration in the case where the lock R is always in the unlocked state which can be traded is extracted from FIG. 1 and shown in FIG. The configuration of a system in which the set lock R is locked 35 and the transaction is not permitted 37 will be described based on FIG. The same reference numerals as in the basic configuration shown in FIG. 1 and the configurations that are normally locked shown in FIGS. 2 and 5 will be assigned the same reference numerals and descriptions thereof will be omitted. In the second embodiment, a transaction is performed when the authentication of the person authentication system A is established without always using the transaction locking system S. In this second embodiment, the lock R is always unlocked in units of the contractor 42b, that is, the lock R is unlocked so that all transactions of the contractor 42b registered in the financial institution 30 in advance can be traded. There is.

  A key K consisting of a caller number 13 transmitted from the trader 10 to the financial institution 30 via the telephone network 21 of the communication carrier 20 by the transaction locking system S is a registered caller number 41a registered in advance in the contractor database 40 When the agreement 33a is obtained, the lock R is locked 35, and all transactions of the account registered in the contractor management information 42 of the contractor 42b having the contractor number 42a corresponding to the registered caller number 41a can not be traded 37 I assume. Therefore, since the lock R is locked, it is not possible to make a transaction regardless of the presence or absence of the authentication of the person authentication system A. Then, as long as the lock R is not unlocked by the transaction locking system S, the state of the lock 35 is maintained.

  In this second embodiment, high security is not always required, and it is possible to cope with the person authentication system A, but in the case of an emergency such as stealing or losing the authentication item of the person authentication system A, illegal transactions quickly. It is possible to prevent the damage caused by

  The third feature of the present invention is that the lock R for locking or unlocking using the above-described key K is a contractor-based transaction. In the conventional personal identification system A, only the account which carries out a transaction for every transaction is authenticated on an account basis. The contractor 42 b can establish a plurality of accounts for each transaction type and branch, and therefore, the contractor: account number = 1: n. In the present invention, prevention of fraudulent transactions is selected in advance by the contractor 42b for each contractor 42b on a contractor basis, that is, regardless of the head office or branch of the financial institution 30, regardless of the type and number of accounts. All transactions of the account are collectively made into a non-trading lockable state or a tradeable unlocked state. In order to lock the propriety of the transaction of the contractor unit, in the present invention, the contract is numbered and given for each contractor through all stores regardless of the head office or branch of the actual store of the financial institution 30 or the branch on the Internet. The person number 42a is used. This point is largely different from the person authentication system A.

  The fourth feature of the present invention is to transmit the key K consisting of the caller number 13 to the financial institution 30 using remote control, in particular, the telephone network 21. As a result, the trader 10 only needs to make a call, so the burden is small and the speed of trading is not impaired. At the same time, by using the telephone network 21 which is an independent communication network, without using the closed area network between the ATM and the financial institution and the Internet line of the Internet banking as the communication network 21, the person authentication system A And can be separated and independent.

[Internet banking transaction]
The Internet banking transaction (hereinafter referred to as "IB transaction") using the transaction locking system S according to the present invention having the above-described configuration will be described based on the basic configuration shown in FIG. 7 and the main part configuration shown in FIGS. explain. The trader 10 performs Web search 71 from the Web browser, establishes security communication 72 with the Internet banking server 70 (hereinafter referred to as IB server 70) of the financial institution 30, and logs in displayed on the Web browser. In accordance with the screen, the user inputs an ID and a login password, and logs in 73 to the IB server 70. The IB server 70 compares the entered ID and login password with the conventional personal identification system A and performs predetermined login processing 74. Although omitted in FIG. 7, when the ID and the login password are different, the information is displayed on the Web browser to prompt re-input, or the transaction is ended. The login process up to here is the same as in the conventional IB transaction.

  The IB server 70 that has completed the login process 74 performs a transaction screen acquisition 75 and performs a transaction screen display 76 on the Web browser. The trader 10 selects a desired transaction from the transaction screen display 76, inputs a transaction confirmation password 77 necessary for the transaction execution, and transmits an instruction of the transaction execution 78 to the IB server 70. The IB server 70 having received the transaction execution 78 collates / determines 79 a lock status acquisition / judgement 79 by the locking engine 32 (see FIG. 1 etc.), and performs the collation / judgement 80a of the transaction confirmation password check 80 as the conventional person. Performed by the authentication system A. Therefore, it is a feature of the present invention that the lock status acquisition / determination 79 and the transaction confirmation password check 80 are performed by the lock engine 32 and the person authentication system A, which are mutually independent systems.

  Then, when the lock R is unlocked 34 (see FIG. 1 etc.) and the transaction confirmation password 77 matches 81, the transaction execution processing 83 is performed, and the transaction result screen display 84 is performed on the Web browser.

  If the lock R is locked 35 or the transaction confirmation password 77 is different 82, the transaction is aborted and an error message 85 is displayed on the Web browser. Even if the transaction confirmation password 77 matches 81, the transaction is stopped even when the lock R is locked 35, and even if the lock R is unlocked 34, the transaction confirmation password 77 is different 82 Also in the case the deal is discontinued.

  As the error message 85, display 85a of "The transaction is locked." Display 85b of "The transaction confirmation password is different." Display the reason for stopping the transaction such as 85b on the Web browser, and as necessary. The user is prompted to re-enter the lock 34 of the lock R and the transaction confirmation password 77 a fixed number of times. Finally, when the lock R is unlocked 34 and the transaction confirmation password 77 does not match 81, the transaction is ended.

  Therefore, when the transaction locking system S according to the present invention is always adopted as the locked state, the ID, the login password, and the transaction confirmation password 77, which are authentication items of the conventional person authentication system A in IB transaction, coincide with each other. A transaction can not be made, and it is necessary to unlock the lock R by placing a call from the mobile phone 11 to the set telephone number 31 of the financial institution 30. This lock R can be unlocked 34 without the need for any input operation, as long as it is connected.

  On the other hand, when the transaction locking system S according to the present invention is adopted as the unlocked state at all times, the ID, login password and transaction confirmation password 77 which are authentication items of the conventional person authentication system A in IB transaction always coincide. If you want to increase the security, etc., if it is possible to make a transaction, and there is a risk that the ID, login password, and transaction confirmation password 77 may be stolen, the mobile phone 11 is bridged to the set telephone number 31 of the financial institution 30. By charging, the lock R can be locked without requiring any input operation. Therefore, even if the ID, the login password, and the transaction confirmation password 77 are stolen, it is not possible to conduct a transaction by itself, and thus there is no risk of fraudulent transaction.

  The lock state acquisition / determination 79 and the transaction confirmation password check 80 may be performed first. FIG. 8 shows a configuration for performing lock state acquisition / determination 79 using the lock engine 32 according to the present invention prior to the transaction confirmation password check 80 by the user authentication system A. In this case, when the lock R is locked 35 as a result of the collation / judgment 79a by the locking engine 32, the error processing 86 is performed without performing the transaction confirmation password check 80, and the transaction "errors" Display “Locked.” 85a on the web browser.

  If the lock R is unlocked 34 as a result of the collation / judgment 79a by the locking engine 32, as a result of the collation / judgment 80a of the transaction confirmation password check 80 by the user authentication system A, the transaction confirmation password 77 matches 81 If it is, the lock R is unlocked 34, and the transaction confirmation password 77 matches 81, the transaction execution processing 83 is performed. On the other hand, if there is a difference 82 in the transaction confirmation password 77, error processing 87 is performed, and a display 85b of "The transaction confirmation password is different" is displayed on the Web browser as an error message 85.

  FIG. 9 shows a configuration in which a transaction confirmation password check 80 is performed using the conventional personal identification system A prior to the lock status acquisition / determination 79 by the locking engine 32. In this case, when the transaction confirmation password 77 is different 82 as a result of the collation / judgment 80a by the principal authentication system A, the error processing 87 is performed without performing the lock state acquisition / judgement 79, and an error message 85 is obtained. Display 85 b “The transaction confirmation password is different” is displayed on the web browser.

  If the transaction confirmation password 77 matches 81 as a result of collation / judgment 80a by the personal authentication system A, the lock R is unlocked 34 as a result of collation / judgment 79a of lock state acquisition / judgment 79 by the locking engine 32. If the transaction confirmation password 77 matches 81 and the lock R is unlocked 34, transaction execution processing 83 is performed. On the other hand, when the lock R is locked 35, error processing 86 is performed, and a display 85a of "transaction is locked" is displayed as an error message 85 on the Web browser.

[ATM transaction]
Next, an ATM transaction (a transaction using a cash card or a passbook and a personal identification number) using the transaction locking system S will be described based on the basic configuration shown in FIG. 10 and the main components shown in FIGS. 11 and 12. Do. The trader 10 inserts the cash card or passbook 91a from the ATM, inputs the password 91b, and inputs the desired transaction content to instruct the accounting system 90 of the financial institution 30 on the transaction execution 91. Do against. The accounting system 90 performs an input message check 92 input from the ATM, and checks and obtains the lock status acquisition / determination 79 by the locking engine 32 (see FIG. 1 etc.), and verifies the password number check 93 The judgment 93a is performed by the conventional person authentication system A. Therefore, it is a feature of the present invention that the lock status acquisition / determination 79 and the personal identification number check 93 are performed by the locking engine 32 and the person authentication system A, which are mutually independent systems.

  When the lock R is unlocked 34 (see FIG. 1 and the like) and the password check 93 matches 94, the transaction execution processing 96 is performed, and the transaction result processing 97 is performed from the ATM.

  If the lock R is locked 35 or the password check 93 is different 95, the transaction is canceled and an error message 98 is displayed on the ATM. Even if the code number check 93 matches 94, the transaction is stopped even when the lock R is locked 35, and even if the lock R is unlocked 34, the code number check 93 is different 95 Also in the case the deal is discontinued.

  As the error message 98, the display 98a of "The transaction is locked." And the display 98b of "The PIN code is wrong" is displayed on the ATM, and the reason for stopping the transaction is displayed on the ATM. The user is prompted to re-enter the unlock 34 of the lock R and the password 91 b. Finally, when the lock R is unlocked 34 and the password 91b does not match 94, the transaction is ended.

  Therefore, when the transaction locking system S according to the present invention is adopted as the locking state at all times, the passbook or cash card 91a, which is an authentication item of the conventional person authentication system A in the ATM transaction, and the password 91b coincide with each other, A transaction can not be made, and it is necessary to unlock the lock R by placing a call from the mobile phone 11 to the set telephone number 31 of the financial institution 30. This lock R can be unlocked 34 without the need for any input operation, as long as it is connected.

  On the other hand, when the transaction locking system S according to the present invention is adopted as the unlocked state at all times, the passbook or cash card 91a which is an authentication item of the conventional person authentication system A in ATM transaction always matches the password 91b. To increase the security if there is a risk that the passbook or cash card 91a and the password 91b may be stolen, etc., the mobile phone 11 is connected to the set telephone number 31 of the financial institution 30. By charging, the lock R can be locked 35 without requiring any input operation. Therefore, even if the passbook or cash card 91a and the personal identification number 91b are stolen, they can not make a transaction by themselves, and therefore they do not suffer from the illicit transaction.

  The lock state acquisition / determination 79 and the personal identification number check 93 may be performed first. FIG. 11 shows a configuration for performing lock state acquisition / determination 79 using the locking engine 32 according to the present invention prior to the personal identification number check 93 by the personal identification system A. In this case, when the lock R is locked 35 as a result of the collation and judgment 79a by the locking engine 32, the error processing 99 is performed without performing the password check 93, and the error message 98 indicates The display 98a of “being done” is displayed on the ATM.

  When the lock R is unlocked 34 as a result of the collation / judgment 79a by the locking engine 32, when the code number 91b matches 94 as a result of the collation / judgement 93a of the password check 93 by the personal identification system A Since the lock R is unlocked 34 and the code number 91b matches 94, a transaction execution process 96 is performed. On the other hand, when the code number 91b is different 95, error processing 100 is performed, and a display 98b of "The code number is different" is displayed on the ATM as an error message 98.

  FIG. 12 shows a configuration in which the personal identification number check 93 is performed using the conventional personal identification system A prior to the lock status acquisition / determination 79 by the locking engine 32. In this case, if the password 91b is different 95 as a result of the collation / judgment 93a by the personal authentication system A, the error processing 100 is performed without performing the lock state acquisition / judgement 79, and “error message 98” "The security code is incorrect." Is displayed on the ATM.

  As a result of collation / judgment 93a by the personal identification system A, when the code number 91b matches 94, the lock R is unlocked 34 as a result of collation / judgment 79a of lock state acquisition / judgement 79 by the locking engine 32 In the case, since the code number 91b matches 94 and the lock R is unlocked 34, the transaction execution process 96 is performed. On the other hand, when the lock R is locked 35, an error processing 99 is performed, and a display 98a of "transaction is locked" is displayed as an error message 98 on the ATM browser.

[Window transaction]
Next, a window transaction (a transaction using a passbook and a seal) using the transaction locking system S will be described based on the basic configuration shown in FIG. 13 and the main part configuration shown in FIGS. The trader 10 presents the sealed transaction slip / passbook 110 a and performs the transaction execution 110 to the clerk of the financial institution 30. The clerk at the financial institution 30 receives these 111, and checks and acquires the lock status acquisition and judgment 79 by the locking engine 32 (see FIG. 1 etc.) 79a, and the collation and judgment 112a of the passbook and seal impression check 112. It carries out by the conventional person authentication system A. Therefore, it is a feature of the present invention that the lock state acquisition / determination 79 and the passbook / stamp imprint check 112 are performed by the lock engine 32 and the person authentication system A, which are mutually independent systems.

  Then, when the lock R is unlocked 34 (see FIG. 1 etc.) and the passbook / stamp imprint check 112 matches 113, the transaction execution processing 115 is performed, and the clerk staff makes a transaction to the trader 10 Perform result processing 116.

  Further, if the lock R is locked 35 or the passbook / stamp imprint check 112 is different 114, the transaction is suspended and an error message 117 is transmitted from the window clerk to the trader 10. Even if the passbook and seal impression check 112 match 113, the transaction is stopped even when the lock R is locked 35, and even if the lock R is unlocked 34, the passbook and seal impression check 112 is different. Also in the case of 114, the transaction is discontinued.

  As the error message 117, tell the trader 10 the reason for stopping the transaction such as the display 117a of "the transaction is locked." And the display 117b of "the passbook and seal are different." If necessary, the user is prompted to resubmit the lock R for the lock R 34 or the sealed transaction slip / passbook 110 a a fixed number of times. Finally, when the lock R is unlocked 34 and the passbook / stamp imprint check 112 does not match 113, the transaction is ended.

  Therefore, when the transaction locking system S according to the present invention is adopted as the locking state at all times, the trade slip / passbook 110a which is the authentication item of the conventional person authentication system A in the window transaction and the seal imprint registered in the financial institution. However, it is necessary to unlock the lock R by placing a call from the mobile phone 11 to the set telephone number 31 of the financial institution 30. This lock R can be unlocked 34 without the need for any input operation, as long as it is connected.

  On the other hand, when the transaction locking system S according to the present invention is adopted as the unlocking state at all times, the transaction slip / passbook 110a and the financial institution which are sealed are the authentication items of the conventional person authentication system A in the window transaction at all times. If you want to improve security if there is a risk that a passbook or seal may be stolen, etc., by matching the registered seal and seal, the mobile phone 11 sets up the telephone number 31 of the financial institution 30 to be bridged. By charging, the lock R can be locked without requiring any input operation. Therefore, even if a passbook or seal is stolen, it can not be traded by itself, so it does not suffer from the illicit trade.

  The lock state acquisition / determination 79 and the passbook / stamp imprint check 112 may be performed first. FIG. 14 shows a configuration for performing lock state acquisition / determination 79 using the locking engine 32 according to the present invention prior to the passbook / stamp impression check 112 by the user authentication system A. In this case, when the lock R is locked 35 as a result of the collation / judgment 79a by the locking engine 32, the error processing 118 is performed without the passbook / stamp impression check 112, and the transaction is “error” 117 The window staff member transmits the indication 117a “locked” to the trader 10 in writing, verbal, screen or other means.

  When the lock R is unlocked 34 as a result of the collation / judgment 79a by the locking engine 32, as a result of the collation / judgement 112a of the passbook / stamp impression check 112 by the person authentication system A, the sealed transaction slip / passbook 110a is financial If it matches with the seal impression registered in the organization, the lock R is unlocked 34 and the trade slip / passbook 110a that has been sealed matches 113, so the transaction execution processing 115 is performed. On the other hand, if the transaction slip / passbook 110a that has been sealed is different from the seal imprint registered in the financial institution 114, error processing 119 is performed, and as the error message 117, the display 117b of "Passbook / Imprint is different." From the teller staff to the trader 10 in writing, verbal, screen or other means.

  FIG. 15 shows a configuration in which a passbook and seal impression check 112 is performed using the conventional personal identification system A prior to lock state acquisition / determination 79 by the locking engine 32. In this case, if the transaction slip / passbook 110a that has been sealed is different from the seal imprint registered in the financial institution as a result of the collation / judgment 112a by the user authentication system A, an error is made without performing lock state acquisition / judging 79. The processing 119 is performed, and the display staff 117b of "the passbook and imprint is different" is transmitted as the error message 117 from the window clerk to the trader 10 in a written, verbal, screen or other means.

  As a result of the collation / judgment 112a by the personal identification system A, when the sealed transaction slip / passbook 110a matches 113 with the seal imprint registered in the financial institution, the lock status acquisition / judgment 79 by the locking engine 32 As a result, when the lock R is unlocked 34, since the sealed transaction slip / passbook 110a matches 113 with the seal imprint registered in the financial institution and the lock R is unlocked 34, the transaction execution processing 115 I do. On the other hand, when the lock R is locked 35, the error processing 118 is performed, and as the error message 117, the display 117a of "The transaction is locked." Transmit by means of

  As described above, in the transaction locking method according to the present invention, the transaction locking system S is used, the transaction locking system S is unlocked 34, and the presence or absence of the principal ability of the trader 10 is confirmed on an account basis. When identity verification is established in the conventional identity verification system A, it is possible to execute transactions with a financial institution. Then, only when the transaction locking system S is unlocked 34, in the transaction with the financial institution 30, it may be possible to carry out identity verification to confirm the presence or absence of the principal ability of the trader 10 on an account basis, or After the personal identification in the conventional personal identification system A for confirming the presence or absence of the transaction manager's 10 principal capabilities on an account basis is established, the confirmation of the unlocking 34 of the transaction locking system S may be implemented.

[Application example]
Similar to transactions with financial institutions, the use of credit cards is one of the economic activities necessary for conducting social life and conducting economic activities. Credit inquiries are carried out in online settlement using various credit cards and IC cards etc. However, by using the transaction locking system and transaction locking method according to the present invention, double security is set for credit inquiries. It will be possible to deal with fraudulent use of credit cards. Therefore, the present invention can be applied not only to financial institutions but also to transactions with non-banks.

  The first feature of the present invention described above is that it is separated and independent from the person authentication system which is the conventional means for preventing fraudulent transactions, and is added to the person authentication system. That is, in transaction with a financial institution, a transaction locking system is separated and independent from the conventional person authentication system that confirms the presence or absence of the transactor's principal ability on an account basis, and a key that can be transmitted and that can not be forged Since the transaction locking method can be provided, even if the authentication item of the conventional personal authentication system is stolen or forged, illegal transactions can be reliably prevented, and the vulnerability of the conventional personal authentication system is assured. It is possible to secure the security of the transaction by covering it. Therefore, according to the present invention, it is possible for anyone to trade smoothly with a financial institution without compromising the quickness of the trade.

  The second feature of the present invention is as in the case of a conventional authentication item by using transmittable and non-forgeable information, specifically a mobile phone caller ID, as a key for determining whether or not a transaction can be made. The risk of being forged can be eliminated, and security can be doubled from both the object (mobile phone) and the information (sender number).

  The third feature of the present invention is that the lock or unlocking lock using the above-mentioned key is made a contractor transaction, and it is not a single account unit as in the conventional personal identification system but a batch. The convenience is high because it can be operated on a contractor basis.

  A fourth feature of the present invention is to transmit a key consisting of a caller ID to a financial institution using remote control, particularly using a telephone network, and can be used anytime and anywhere, and quickness Does not compromise the effectiveness of the required transaction. Moreover, there is no need to install the application on a mobile phone such as a smart phone in order to use the application on the Web, and even if the mobile phone is replaced, the same phone number can be used as it is, and There is no communication charge because it is sufficient for both the trader and the financial institution to be able to receive calls. Furthermore, even if the mobile phone is lost, the transaction locking system can not be unlocked by locking the mobile phone itself.

  Furthermore, since it is possible to arbitrarily choose whether to always have a lock that can not be traded or a lock that can be traded, priority is given to security or convenience of the transaction depending on the purpose and situation of the transaction at the financial institution. It is possible to optionally set priority on gender. In particular, in the future aging society, even when the elderly person and the care recipient require a third party to make a financial transaction, the security of the transaction can be controlled by oneself or the family.

S: transaction locking system K: key R: lock A: (conventional) identity authentication system 10: trader 11: mobile phone 11a: smartphone 12: (locking on the web) locking application 13: caller number (key K)
20 ... communication carrier 21 ... telephone network 30 ... financial institution 31 ... telephone number 32 ... locking engine 33, 58, 79a, 80a, 93a, 112a ... verification and judgment
33a, 58a, 81, 94, 113 ... match
33b, 58b, 82, 95, 114: Difference 40: Contractor database 41: Locking information
41a ... Registered Caller ID
41b ... second registered caller number
41c ... key validity
41d ... Contents of locking agreement
41e ... locked state
41f ... other lock management information 42 ... contractor management information
42a ... contractor number
42b ... contractor
42c ... account number
42d: Other contractor management information 43: Called number management database 50: External storage unit 51: Called 52: Caller ID & Called number 53: Disconnected line 54: Caller ID (key) inquiry 55: Called contract 56 ... acquisition of contractor management information 57 ... incoming call number inquiry 59 ... start of monitoring timer 60 ... (end of transaction locking system S) processing 61 ... update of contractor management information 70 ... internet banking server (IB server)
72 ... security communication establishment 73 ... login 74 ... login process 75 ... transaction screen acquisition 76 ... transaction screen display 77 ... transaction confirmation password 78, 91, 110 ... transaction execution 79 ... lock state acquisition / determination 80 ... transaction confirmation password check 83 , 96, 115 ... transaction execution processing 84 ... transaction result screen display 85, 98, 117 ... error message
85a, 98a, 117a ... ("The transaction is locked.") Display
85b ... (“The transaction confirmation password is different.”) Display
98b ... (“The security code is incorrect.”) Displayed
117b (display of "the passbook and imprint are different") display 86, 87, 99, 100, 118, 119 ... Error handling 90 ... Core system
91a ... cash card or passbook
91b ... PIN code 92 ... input message check 93 ... PIN code check 97, 116 ... transaction result processing
110a ... transaction slip and passbook sealed by seal 111 ... receipt 112 ... passbook and seal impression check

Claims (14)

In transactions with financial institutions,
It is separated and independent from the identity verification system that verifies the presence or absence of the trader's initiative ability on an account basis, and is added to the identity verification system and constructed.
By calling from the mobile phone to the financial institution through the communication carrier's telephone network, the trader transmits the mobile phone caller number to the financial institution as a communicable, non-forgeable information,
The financial institution disconnects the connected line, and it is assigned a number for each contractor through all the stores of the financial institution, as well as the transmitted caller ID, and it has a 1: 1 relationship with the contractor. By matching / determining the agreement with the registered caller number of the contractor registered in advance in the contractor database of the financial institution in association with a certain contractor number by the locking engine,
Collectively the propriety of account all of the transactions that were pre-selected by the subscriber unit as a lock, caller ID, and transaction non-locked state or tradable unlocked state using the registered caller ID and subscriber number A transaction locking system in a financial institution characterized by At all times, all accounts selected in advance by contractor are collectively locked in an untradable lock state, and the caller number transmitted to the financial institution and the registered caller number of the contractor registered in the contractor database of the financial institution in advance The contractor can be made to be able to make a transaction as a unit by collectively unlocking for a predetermined period of time whether or not the transaction of all the accounts selected in advance is made in advance in the unit of the contractor in the locked state. Transaction locking system in the financial institution described. At all times, all accounts selected in advance in contractor units are collectively unlocked to enable transaction, and the caller number transmitted to the financial institution and the registered caller of the contractor registered in advance in the financial institution's contractor database A contract can be made in an untradable state in units of contractors by collectively locking whether or not transactions of all the accounts selected in advance are made in advance in contractor units in the unlocked state by matching the numbers. Locking system at financial institutions in Japan. When the caller number transmitted to the financial institution is different from the registered caller number of the contractor registered in advance in the contractor database of the financial institution, the transaction of all the accounts preselected on the contractor basis as a lock The transaction locking system in a financial institution according to claim 2 or 3, wherein the status of the transaction locking system in the locked state or the unlocked state is maintained collectively .   5. The transaction locking system in a financial institution according to claim 1, 2, 3 or 4, wherein a caller number of a mobile phone in the contractor's name is used as a caller number.   The transaction locking system in a financial institution according to claim 1, 2, 3, 4 or 5, wherein a smart phone is used as a mobile phone.   The transaction locking system in a financial institution according to claim 1, 2, 3, 4, 5 or 6, wherein a call to the financial institution is made via a locking application on the Web.   The call according to claim 1, 2, 3, 4, 5 or 6, wherein the call to the financial institution is performed via the lock application on the Web, and the telephone number of the financial institution is displayed on the lock application in a callable manner. Transaction locking system in financial institutions.   9. The transaction locking system in a financial institution according to claim 7, wherein the telephone number of the financial institution is randomly selected from a plurality of telephone numbers and displayed on a locking application on the Web.   The transaction locking system in a financial institution according to claim 1, 2, 3, 4, 5, 6, 7, 8 or 9, wherein the transaction with the financial institution is an ATM transaction, an internet banking transaction or a window transaction.   The financial institution according to any one of claims 1, 2, 3, 4, 5, 6, 7, 8, 9, or 10, wherein the transaction with the financial institution is withdrawal, receipt, inquiry, change in belonging person matters or change in authentication means. Transaction locking system. Use a transaction locking system at any financial institution according to any of claims 1 to 11,
It is characterized in that the financial institution can carry out the transaction with the financial institution when the transaction locking system is in the unlocked state and the personal authentication for confirming the presence or absence of the transactor's independent ability is established on an account basis. How to lock and lock transactions at financial institutions.   The financial institution according to claim 12, wherein the transaction locking system is capable of carrying out an identity verification in which the financial institution confirms the presence or absence of the principal ability of the trader in the account unit in the transaction with the financial institution only in the unlocked state. Transaction locking method.   The transaction locking method in a financial institution according to claim 12, which enables the financial institution to confirm the unlocking state of the transaction locking system after the identity verification for confirming the existence of the transactional agent's principal ability is established in the account unit. .

Images