JPH09218896A - Electronic shopping method and device - Google Patents

Abstract

(57) [Abstract] [PROBLEMS] To prevent fraud in an electronic shopping system in which a fraudulent retailer pulls out information of a credit card 100 from a buyer and obtains a price without handing the product to the buyer, and Provide a way to safely know the transportation status of ordered products. SOLUTION: The buyer creates the authentication information at the time of ordering the product and at the time of receiving the product, and the credit card company confirms the validity of the authentication information of both parties, and then deducts the product price from the buyer's bank account. In addition, the retail store arbitrarily creates an encryption key and a decryption key unique to the product when the ordered product of the buyer is shipped, and hands each of them to the carrier and the buyer. Server 70 encrypted and trusted
0, the buyer accesses the server 700 and uses the decryption key to check the transportation status of the product.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an electronic shopping system in which a buyer places an order for goods via a communication network.

[0002]

2. Description of the Related Art Generally, when using a credit card for mail-order sales, the buyer informs the retailer of information such as the buyer's credit card company name, credit card number, and expiration date when placing an order for the product. Bills the credit card company, and the credit company later debits the product from the buyer's bank account.

[0003]

However, with this method, it is conceivable that a fraudulent retail store will extract credit card information from the buyer and will only obtain the price without sending the merchandise.

In addition, using the Internet today,
It is becoming easier to place mail orders for overseas mail order companies. However, unlike in Japan, it takes a considerable number of days for the product to reach the buyer, and the buyer can determine the status of the product that he or she ordered (where the product is currently, when it arrives at the buyer, etc.). It is convenient to understand.

Therefore, the main objects of the present invention are: (1) An unauthorized retail store retrieves credit card information from a buyer,
Prevent fraud where you don't get the goods to the buyer,
(2) The buyer provides an electronic shopping system having a feature that the buyer can know the transportation status of the ordered product until it reaches the buyer, while protecting the buyer's privacy and safely.

[0006]

In order to achieve the above-mentioned object (1), the present invention verifies the authenticity of both the authentication information created by the buyer when the product is ordered and the authentication information created when the product is received. Then, the credit card company is designed to withdraw the money from the buyer's bank account.

Specifically, the buyer's credit card is equipped with the buyer's private key d and public key (e, n), and the credit card company manages the public key (e, n). , The buyer creates a signature S1 on the product order sheet P using the private key d in the credit card at the time of ordering the product by S1 = exp (h (P), d) mod n, and P and S1. To the retail store.

The retailer inquires of the credit card company about the buyer's public key (e, n), and verifies h (P) exp (S1, e) (mod n), thereby authenticating the signature S1. After that, the item ordered by the buyer is delivered to the carrier and shipped, and P and S1
To the credit card company.

When the buyer receives the goods from the carrier,
Using the private key d in the credit card, a signature S2 is created on the product receipt R with S2 = exp (h (R), d) mod n, and S2 is given to the carrier.

The carrier verifies the signature S2 by verifying h (R) exp (S2, e) (mod n), using the public key (e, n) output from the buyer's credit card. After doing so, send R and S2 (via retail store) to the credit card company.

The credit card company uses the buyer's public key (e, n) stored in the credit card company as follows: h (P) exp (S1, e) (mod n), h (R) exp ( After verifying S1, e2 by verifying S2, e) (mod n),
Withdraw the product price from the buyer's bank account. However,
n = pq (p and q are prime numbers), ed 1 (modN) (N
Is the least common multiple of p-1 and q-1, and exp (a,
x) represents a value of a raised to the power of x, and h represents a published hash function.

Further, in order to achieve the above objects (1) and (2), the present invention provides a carrier with a product-specific encryption key and a product-decryption key created when a retail store ships an ordered product. The carrier then encrypts the transportation status information of the goods ordered by the buyer with the encryption key and stores it in a reliable server, and the buyer accesses the server and uses the decryption key to transfer the transportation status information. Decrypt and know the transportation status of the product you ordered.

Specifically, the buyer's credit card is equipped with the buyer's unique secret key d and public key (e, n), and the credit card company manages the public key (e, n). , The buyer creates a signature S1 on the product order sheet P using the private key d in the credit card at the time of ordering the product by S1 = exp (h (P), d) mod n, and P and S1. To the retail store.

The retailer inquires of the credit card company about the buyer's public key (e, n), and verifies h (P) exp (S1, e) (mod n), to authenticate the signature S1. After that, the identification information I and the unique key information K for the ordered product from the buyer
(Common key encryption key) is set, the retail store passes the product, the identification information I, and the key information K to the carrier, and further, using the buyer's public key (e, n), W = exp (K, e ) Modulate the key K with mod n, and send W and I to the buyer.

The carrier uses the key K for the information S on the transportation status of the goods.
Then, it is encrypted with E = E (S: K), and stored in a reliable server.

From the W sent from the retailer, the buyer uses the secret key d and the public key (e, n) in the credit card, K = exp (W, d) mod n, and the key K To access the server for the purpose of knowing the transportation status of the product, retrieve the encrypted data E from the identification information I of the product, and use the key K to obtain S = D (E: K), and decrypt S. However, n = pq (p and q are prime numbers) and ed 1 (modN) (N is the least common multiple of p-1 and q-1), and exp (a, x) represents a value of a raised to the x power. , H represents a publicly available hash function, and E
(P: K) and D (P: K) represent the results of encrypting and decrypting the document P with the key K, respectively.

In the encryption method using the common key, the encryption key and the decryption key are the same, and it is necessary to manage each secretly. On the other hand, in the public key cryptosystem, the encryption key and the decryption key are different from each other, the encryption key is made public, and the decryption key is kept secret. As a result, anyone can create a ciphertext, and only the person who has the decryption key can decrypt it.
Therefore, in the public key cryptosystem, the encryption key is called the public key and the decryption key is called the secret key. However, in a digital signature, a signature is created using a private key and signature verification is performed using a public key. In other words, only a person who knows the signature key can create a signature, and anyone can confirm whether or not the signature is valid.

The hash function is a function for compressing data, and a hash function conventionally proposed (for example, MD
2, MD5, etc.) may be used as appropriate. The compressed data may not be restored to the original. For details of the hash function, see, for example, Eiji Okamoto,
"Introduction to Cryptography", Kyoritsu Shuppan (1993), No. 138-
Pp. 141.

The public key cryptography is described on pages 88 to 91 of the above-mentioned "Introduction to Cryptographic Theory".

According to the electronic shopping method of the present invention, the credit card company debits the buyer's bank account after confirming the validity of both the signature at the time of ordering the product and the signature at the time of receiving the product. For this reason, it is possible to prevent fraudulent retailers who get only the price without shipping the merchandise. Further, since the information on the transportation status of the goods ordered by the buyer is encrypted and stored in the reliable server, the buyer can detect this when an unauthorized retailer does not ship the goods. The privacy of the buyer is protected from the third party, and the buyer can obtain information on the transportation status of the product until it reaches the user.

[0021]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described in detail below with reference to the drawings.

FIG. 1 is a diagram showing the system configuration of the first and second embodiments of the present invention. This system includes a credit card 100, a buyer side device 200, and a retail store side device 30.
0, credit card company side device 400, carrier side device 500, carrier portable device 600, and server 700. All of these are realized by a computer. Buyer side device 200, retail store side device 300, credit card company side device 400, and carrier side device 500
And the server 700 are connected via a communication network 800. Carrier's portable device 600 and buyer's device 2
00 has an interface with the credit card 100 as described later.

FIG. 2 shows the internal structure of the credit card 100. The credit card 100 includes a memory 101, a signature creation device 102, an encryption / decryption device (public key encryption) 10
3 is provided.

FIG. 3 shows the internal structure of the buyer-side device 200. The buyer side device 200 includes a credit card reading device 201, a document creation device 202, and a hash calculation device 20.
3, encryption / decryption device (common key encryption) 204, memory 20
5, the communication device 206.

FIG. 4 shows the internal structure of the retail store-side device 300. The retail store-side device 300 is a hash calculation device 301,
Signature verification device 302, encryption / decryption device (public key encryption) 30
3, a key generation device 304, and a communication device 305.

FIG. 5 shows a credit card company side device 400.
2 shows the internal configuration of FIG. Credit card company side device 400
Includes a signature verification device 401 and a memory 402.

FIG. 6 shows the internal structure of the carrier-side device 500. The carrier device 500 includes a memory 501 and a communication device 5.
02 and an encryption / decryption device (common key encryption) 503.

FIG. 7 shows the internal structure of the portable carrier device 600. The carrier portable device 600 includes a credit card reading device 601, a hash calculation device 602, a signature verification device 603, a memory 604, a communication device 605, and a display device 606.

The buyer places an order for merchandise in the retail store-side device 300 on the premise of payment settlement by the credit card 100, and the merchandise is delivered to the buyer through the carrier.

(Embodiment 1) The buyer creates the authentication information at the time of ordering the product and at the time of receiving the product, and the credit card company authenticates the legitimacy thereof and then debits the purchaser's bank account. In the present embodiment, such a case will be described in detail below. In the present embodiment,
For public key cryptography, RSA (the above-mentioned "Introduction to Cryptographic Theory", 88th
(See page 91).

The buyer has the credit card 100 issued by the credit card company. Credit card 1
A memory 101 in 00 stores a private key d unique to the buyer and a public key (e, n). The credit card company stores the buyer's public key (e, n) in the memory 402 in the credit card device 400. However, n = pq
(P and q are prime numbers), ed ≡ 1 (mod N) (N is p-
Least common multiple of 1 and q-1). ed≡1 (mod N)
Means that ed-1 is divisible by N.

The flow of shopping in this embodiment will be described with reference to FIG.

(1) The buyer selects the product he / she wants to purchase,
An order form P (including the buyer's ID information) is created using the document creation device 202 in the buyer side device 200 (81). The purchase order is specified by each retail store, and usually describes the date of the shopping order, the ordered products and the number of them, the total amount, the credit word company name, the credit card number, the expiration date of the credit card, etc. . Further, the buyer connects the credit card 100 to the credit card reading device 201 of the buyer-side device 200. Buyer side device 20
For 0, the hash value h (P) of the order form P is calculated using the hash calculation device 203 and output to the memory 101 of the credit card 100. In the credit card 100, using the private key d in the memory 101 and the signature creation device 102, the signature statement S1 for the order P is written in the credit card 100 as S1 = exp (h (P), d) mod n , (82). This formula is S1 = exp (h
(P), d) mod n is exp (h (P), d)
It means that the remainder obtained by dividing by n is S1. However, h is a publicly available hash function, and exp (a,
x) represents a value of a raised to the power x. Since RSA is used for the digital signature in this example, the hash value h (P) is 0 ≦
It may be h (P) ≦ n. Credit card 100
Outputs the signature text S1 to the buyer-side device 200. Purchase order device P and signature sentence S1 using the buyer communication device 206
Is sent to the retail store-side device 300 via the communication network 800 (83). From the viewpoint of safety, n is 512
Values greater than or equal to bits are recommended.

(2) The retailer purchases the order form P and the signature sentence S.
When 1 is received, the memory 40 of the credit card company side device 400 is used by using the buyer ID information described in the order form P.
The buyer's public key (e, n) stored in 2 is inquired (84). In response to this, the credit company side device 400 returns the public key (85). Retail store side device 30
0 receives the public key (e, n), and confirms the establishment of h (P) ≡exp (S1, e) (mod n), using the hash calculation device 301 and the signature verification device 302 (86). This formula is h (P) -ex
It means that p (S1, e) is divisible by n. As a result, the signature text S1 is authenticated.

(3) The retailer ships the goods ordered by the buyer through the carrier (87). In addition, the charge is billed to the credit card company (88). On this occasion,
The order document P and the signature sentence S1 are transmitted to the credit card company.

(4) The buyer uses the credit card reading device 601 of the carrier carrying device 600 in which the carrier carries the credit card 100 when the product is delivered from the carrier.
Connect to The carrier portable device 600 uses the hash calculator 602 to calculate the hash value h (R) of the merchandise receipt R and outputs it to the credit card 100 (90). The merchandise receipt R is usually defined by the carrier, and describes the name of the orderer, the name of the recipient, the date, and the like. The merchandise receipt R is usually created after the carrier undertakes the merchandise shipment from the retail store. However, it is also possible to create it by a retail store and deliver it to the carrier when the product is shipped to the carrier. The credit card 100 uses the private key d stored in the memory 101 and the signature creation device 102 to add the signature statement S2 to the product receipt R.
00, S2 = exp (h (R), d) mod n, is created, and the signature text S2 and the public key (e, n) are output to the memory 604 of the carrier portable device 600 (90). At this time, a copy of the receipt R and the signature S2 is output to the credit card 100 or another storage medium, and the buyer stores it. (5) The carrier portable device 600 uses the signature verification device 603, h After verifying the signature text S2 by verifying (R) ≡exp (S2, e) (mod n),
The S2 is output to the memory 501 of the carrier-side device 500 (91). The carrier device 500 transmits R and S2 to the credit card company device 400 via the communication network 800 using the communication device 502 (92).

(6) Credit card company side device 400
Is the buyer's public key (e, n) stored in the memory 402
And h (P) ≡exp (S1, e) (mod n), h (R) ≡exp (S2, e) (mod n), using the signature verification apparatus 401 and S1 and S2. Authenticate (9
3). Then, after the expiration date of the merchandise return from the date information of the merchandise receipt R, the credit card company deducts the price of the merchandise from the buyer's bank account (94).

Although the explanation has been made by using the general variables as above, an example of the RSA which is extremely simplified will be given below.

Public key: n = 55, e = 7 Private key: p = 5, q = 11, d = 23, 7 × 23 = 1
(Mod lcm (p-1, q-1) = 20), where lcm represents the least common multiple.

Plain text: M = 3 Encryption: C = exp (M, e) mod n, exp (M, e) = 3 to the 7th power, n = 55, so C = 4
It becomes 2.

Decoding: M = exp (C, d) mod n, exp (C, d) = 42 to the 23rd power, n = 55, so M
= 3.

(Embodiment 2) In the present embodiment, the carrier registers information about the transportation status of the buyer's ordered product in a reliable server. This case will be described in detail below. Also in this embodiment, RSA is used for public key encryption.

The buyer has a credit card 100 issued by a credit card company, and the credit card 10
A private key d and a public key (e, n) unique to the buyer are stored in the memory 101 in 0, and the credit card company stores the public key (e, n) of the buyer in the memory 402 in the credit card side device 400. Are stored. However, n = pq
(P and q are prime numbers), ed ≡ 1 (mod N) (N is p-
Least common multiple of 1 and q-1).

(1) The buyer selects the product he / she wants to purchase,
The order form P (including the buyer's ID information) is created using the document creation device 202 in the buyer side device 200. Further, the buyer connects the credit card 100 to the credit card reading device 201 of the buyer side device. Buyer side device 20
For 0, the hash value h (P) of the order form P is calculated using the hash calculation device 203, and is output to the credit card 100. In the credit card 100, using the private key d in the memory 101 and the signature creation device 102, the signature statement S1 for the order P is written in the credit card 100 as S1 = exp (h (P), d) mod n, Create at. The credit card 100 has a signature sentence S1.
Is sent to the buyer side device 200, and the order form P and the signature sentence S1 are sent to the retail store side device 300 via the communication network 800 using the communication device 206. However, h is a publicly available hash function, and exp (a, x) represents a value of a raised to the power of x.

(2) The retail store uses the buyer's ID information described in the order form P, and the credit card company side device 400
Buyer's public key (e,
Inquire n). The retail store-side device 300 authenticates the signature text S1 by verifying h (P) ≡exp (S1, e) (mod n), using the hash calculation device 301 and the signature verification device 302.

(3) The retail store I
A D-number I is added, and unique key information K (key for common key encryption) is created using the key generation device 304. The retail store-side device 300 uses the encryption / decryption device 303 to encrypt the key K from the buyer's public key (e, n) with W = exp (K, e) mod n, and uses the communication device 305. And sends I and W to the buyer-side device 200 via the communication network 800.
Furthermore, the retailer purchases the product ordered by the buyer, the ID number I, and the key K.
To the carrier and bill the credit card company.

(4) The carrier sequentially encrypts the information S about the transportation status indicating the transportation status of the goods (where the goods are, when they arrive at the buyer, etc.) in the carrier-side device 500. Encrypt S with key K using device 503. That is, the ciphertext E (S) = E (S: K) is calculated, and S is registered in the reliable server 700 via the communication network 800 using the communication device 502. The common key cryptosystems are DES and FEAL.
Well-known ones such as can be used.

(4) The buyer loads the credit card 100 into the credit card reading device 201 of the buyer side device 200.
, W is output to the credit card 100, and the key K is decrypted with K = exp (W, d) mod n, using the secret key d in the memory 101 and the encryption / decryption device 103, Memory 20 of buyer side device 200
5 is output. The buyer uses the communication device 20 in the buyer-side device 200 for the purpose of knowing the transportation status of the goods ordered by the buyer.
6 to access the server 700, retrieve the encrypted data E (S) from the product identification information I, and store the E (S) in the memory 205. The buyer-side device 200 uses the key K and the encryption / decryption device 204 to decrypt S with S = D (E: K).

(Third Embodiment) In the first embodiment,
The carrier portable device 600 is a display device 606 for displaying documents.
The buyer visually confirms the receipt of goods displayed on the display device 606, and the buyer confirms the credit card 100 with the credit card reading device 6 of the carrier portable device 600.
01 and the signature is made by the method of the first embodiment.
Further, the portable carrier device 600 displays the correctness of the signature on the display device 606. The contents displayed on the screen of the display device 606 may include transportation contents, recipient name, sender name, carrier name, receipt date, signature (completed or unfinished), and the like.
For the signature item, “done” is displayed when the validity of the signature is confirmed.

[0050]

According to the present invention, a buyer places an order for a product to a retail store via a communication network on the premise of payment by a credit card, and the retail store consigns the buyer's ordered product to a carrier. Credit card company deducts the price of goods from the buyer's bank account In the electronic shopping system, the credit card company confirmed the validity of both the digital signature of the buyer when ordering the goods and the digital signature of the buyer when receiving the goods. Since the price is later deducted, it is possible to prevent fraudulent retailers pulling out the credit card information from the buyer and obtaining the price without handing the product to the buyer. Also, by encrypting the information on the transportation status of goods with a key that only the buyer, retail store, and carrier can know, and storing it in the server, the buyer can protect the privacy of the buyer and place the order It is possible to safely know the information on the transportation status until the purchased product reaches the buyer.

[Brief description of drawings]

FIG. 1 is a diagram showing a system configuration of the present invention.

FIG. 2 is a diagram showing an internal configuration of a credit card in the system configuration of FIG.

FIG. 3 is a diagram showing an internal configuration of a buyer-side device in the system configuration of FIG.

FIG. 4 is a diagram showing an internal configuration of a retail store-side device in the system configuration of FIG.

5 is a diagram showing an internal configuration of a credit card company in the system configuration of FIG.

6 is a diagram showing an internal configuration of a carrier-side device in the system configuration of FIG.

FIG. 7 is a diagram showing an internal configuration of a carrier portable device in the system configuration of FIG.

8 is a diagram showing the flow of shopping in the system configuration of FIG.

[Explanation of symbols]

Reference numeral 100 ... Credit card, 101 ... Memory in credit card 100, 102 ... Signature creation device in credit card 100, 103 ... Encryption / decryption device (public key encryption) in credit card 100, 200 ... Buyer-side device, 2
01 ... Credit card reading device in the buyer-side device 200, 202 ... Document creating device in the buyer-side device 200, 2
03 ... Hash calculation device in buyer side device 200, 204
... the encryption / decryption device (common key encryption) in the buyer-side device 200,
205 ... Memory in buyer side device 200, 206 ... Communication device in buyer side device 200, 300 ... Retailer side device, 30
1 ... Hash calculation device in retail store side device 300, 302
The signature verification device in the retail store device 300, the encryption / decryption device (public key encryption) in the retail store device 300, 30
4 ... Key generating device in retail store-side device 300, 305 ... Communication device in retail-store-side device 300, 400 ... Credit card company-side device, 401 ... Credit card company-side device 4
Signature verification device in 00, 402 ... Memory in device 400 on credit card company side, 500 ... Device on carrier side, 50
1 ... Memory in carrier side device 500, 502 ... Communication device in carrier side device 500, 503 ... Carrier side device 500
Encryption / decryption device (common key encryption) in 600, carrier portable device, 601 ... credit card reader in carrier portable device 600, 602 ... hash calculation device in carrier portable device 600, 603 ... carrier Signature verification device in portable device 600, 604 ... Memory in carrier portable device 600, 605 ... Communication device in carrier portable device 600, 60
6 ... Display device in carrier portable device 600, 700 ... Server, 800 ... Communication network.

─────────────────────────────────────────────────── ─── Continuation of the front page (51) Int.Cl. ⁶ Identification code Internal reference number FI Technical indication location H04L 9/00 675B (72) Inventor Hisashi Umeki 1099, Ozenzenji, Aso-ku, Kawasaki City, Kanagawa Prefecture Hitachi In-house Systems Development Laboratory (72) Inventor Kahoru Hanaoka 12 Hitachi, Ltd. Information Systems Division, 890 Kashimada, Kawasaki-shi, Kanagawa

Claims (7)

[Claims] [Claim 1] The buyer places an order for a product through a communication network to a retail store on the premise of payment by a credit card, and the retail store consigns the ordered product of the buyer to a carrier and ships the product to the credit card. In the electronic shopping method in which the company deducts the product price from the buyer's bank account, the buyer uses the authentication information I1 regarding the product order form P when ordering the product.
And send P and I1 to the retailer, and after confirming the authenticity of the authentication information I1, the retailer hands over the product ordered by the buyer to the carrier, and then sends P and I1 to the credit card company. When the buyer receives the product from the carrier, the buyer creates the authentication information I2 for the product receipt R, passes the I2 to the carrier, and the carrier confirms the validity of I2. An electronic shopping method comprising transmitting I2 (via a retail store) to a credit card company, the credit card company confirming the legitimacy of I1 and I2, and then debiting the item price from the buyer's bank account. 2. The buyer places an order for products to the retail store via the communication network on the premise of payment with a credit card, and the retail store entrusts the buyer's ordered product to the carrier and ships it to the credit card. In the electronic shopping method in which the company deducts the product price from the buyer's bank account, the buyer's credit card is equipped with the buyer's private key d and public key (e, n), and the credit card company uses the public key (e , N), and the buyer uses the private key d in the credit card to sign the product order sheet P when the product is ordered, and S1 = exp (h (P), d) mod n, And send P and S1 to the retail store, and the retail store sends the buyer's public key (e,
n), and after verifying h (P) exp (S1, e) (mod n), the signature S1 is verified, the goods ordered by the buyer are handed over to the carrier for shipment. And S
1 is sent to the credit card company, and when the buyer receives the product from the carrier, S2 = exp (h (R), d for the product receipt R using the private key d in the credit card. ) Mod n, creates a signature S2, passes S2 to the carrier, and the carrier uses the public key (e, n) output from the buyer's credit card to perform h (R) exp (S2 , E) (mod n), after authenticating the signature S2 by sending R and S2 (via the retail store) to the credit card company, which is stored at the credit card company. By using the public key (e, n) of the buyer who is present, h (P) exp (S1, e) (mod n), h (R) exp (S2, e) (mod n), And after performing S2 authentication,
An electronic shopping method, wherein the commodity price is deducted from a buyer's bank account. However, n = pq (p,
q is a prime number, ed 1 (mod N) (N is p-1 and q
Is the least common multiple of −1), and exp (a, x) is a with x
It represents the multiplied value, and h represents the published hash function. 3. In claim 1 and claim 2, the data of the product receipt and the copy of the buyer's signature on the receipt are recorded in the buyer's credit card or other storage medium, and the buyer stores the data. An electronic shopping method characterized by. 4. The buyer places an order for a product to a retail store via a communication network on the premise of payment by a credit card, and the retail store consigns the ordered product of the buyer to a carrier and sends the product to the credit card. In an electronic shopping method in which the company deducts the price of the product from the buyer's bank account, the retail store sets the identification information I and unique key information (encryption key and decryption key) for the product when the buyer orders the product. Then, the retail store sends the identification information I and the decryption key to the buyer,
The product ordered by the buyer, the identification information I, and the encryption key are given to the carrier, and the carrier stores the encrypted data in which the information on the transportation status of the product is encrypted with the encryption key in a reliable server. The buyer accesses the server for the purpose of knowing the transportation status of the product, retrieves the encrypted data from the identification information I of the product, and decrypts the encrypted data with the decryption key. A characteristic electronic shopping method. 5. The buyer places an order for products to a retail store via a communication network on the premise of payment by a credit card, and the retail store consigns the ordered product of the buyer to a carrier and ships it to the credit card. In the electronic shopping method in which the company deducts the product price from the buyer's bank account, the buyer's credit card is equipped with the buyer's private key d and public key (e, n), and the credit card company uses the public key (e , N), and the buyer uses the private key d in the credit card to sign the product order sheet P when the product is ordered, and S1 = exp (h (P), d) mod n, And send P and S1 to the retail store, and the retail store sends the buyer's public key (e,
n) and verifying h (P) exp (S1, e) (mod n), by verifying the signature S1, and then identifying information I and a unique key for the ordered product from the buyer. Information K
(Common key encryption key) is set, the retail store passes the product, the identification information I, and the key information K to the carrier, and further, using the buyer's public key (e, n), W = exp (K, e) The key K is encrypted with mod n, and W and I are transmitted to the buyer, and the carrier uses the key K as the information S on the transportation status of the product, and E = E (S: K), The encrypted data is stored in a reliable server, and the buyer uses K = exp (W, from the ciphertext W sent from the retail store by using the secret key d and the public key (e, n) in the credit card. d) The key K is decrypted with the mod n, and the server is accessed for the purpose of knowing the transportation status of the product, and the encrypted data E is searched from the identification information I of the product to obtain the key K. Using S, S = D (E: K), and S is decrypted, The electronic shopping method characterized by the above-mentioned. However, n = pq (p and q are prime numbers), ed 1.
(Mod N) (N is the least common multiple of p-1 and q-1), exp (a, x) represents a value of a raised to the power of x, h represents a published hash function, and E (P : K), D
(P: K) represents the result of encrypting and decrypting the document P with the key K, respectively. 6. The credit card company according to claim 2, wherein the credit card company withdraws the payment from the buyer's bank account after the expiration date of the merchandise return from the date when the goods are delivered to the buyer. An electronic shopping method characterized by. 7. The portable device according to claim 1 or 2, which is a portable device carried by a carrier and used when a buyer creates a signature on a receipt when receiving goods, and a display means for displaying the receipt. A portable device comprising: a storage unit for storing a signature sentence created by a buyer using a private key in a credit card; and a verification unit for confirming the validity of the signature.