[go: up one dir, main page]

TW201113069A - Management system, gaming device, management device and program - Google Patents

Management system, gaming device, management device and program Download PDF

Info

Publication number
TW201113069A
TW201113069A TW099125600A TW99125600A TW201113069A TW 201113069 A TW201113069 A TW 201113069A TW 099125600 A TW099125600 A TW 099125600A TW 99125600 A TW99125600 A TW 99125600A TW 201113069 A TW201113069 A TW 201113069A
Authority
TW
Taiwan
Prior art keywords
identification information
unit
management
information
authentication
Prior art date
Application number
TW099125600A
Other languages
Chinese (zh)
Inventor
Nobuhiro Goto
Hirokatsu Yamaguchi
Yusuke Kobayashi
Original Assignee
Konami Digital Entertainment
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Konami Digital Entertainment filed Critical Konami Digital Entertainment
Publication of TW201113069A publication Critical patent/TW201113069A/en

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Pinball Game Machines (AREA)

Abstract

The object of the invention is to simultaneously establish a simple procedure and the needed structure for guaranteeing security of token management and certification. The solution of the invention is that a management device (30) includes: a first certification section (321) for acquiring a first certification result using identification information (U ID_IN) and organism information (B ID_IN); a second certification section (322 ) for acquiring a second certification result using identification information (P ID_IN); and a management section (324) for establishing association between the identification information (U ID_IN) and the identification information (P ID_IN) and storing in the management memory section (342) when certification on both sides is affirmed. A gaming device (26) includes: a storage section (542) for memorizing available tokens (C B); a receiving section (562) or receiving input of the identification information (P ID_IN); a notification section (62) for notifying the management section (324) to confirm whether the identification information (P ID_IN) is used as certified Information (A) and memorized in the management memory section (342); and a permission section (64) for allowing of token transfer between reserved tokens (C A) of a memory device (14) and the available tokens (C B) of the storage section (542) when the notification result is affirmed.

Description

201113069 六、發明說明: 【發明所屬之技術領域】 本發明係關於管理在遊戲裝置中使用之代額的技術》 【先前技術】 從先前提案有使將利用者保有之代額的總數(保有代 額數)與利用者的識別資訊建立對應並加以記憶之資料庫 ,利用於遊戲裝置之代額的管理之技術。例如,於專利文 獻1係揭示有從利用者的ic卡將識別資訊傳送至遊戲裝置 ,對應此識別資訊而使記憶於資料庫之保有代額數,因應 來自利用者的指示而增減的技術。 [先前技術文獻] [專利文獻] [專利文獻1]日本特開2〇〇8-29513號公報 【發明內容】 [發明所欲解決之課題] 但是,以專利文獻1的技術爲基礎的話,因爲利用將 識別資訊傳送至遊戲裝置而允許保有代額數的增減,故有 難以充分確保代額管理的安全性之問題。例如,如果撿到 他人的1C卡之第三者使遊戲裝置讀取1C卡的識別資訊的話 ,可利用正規利用者的保有代額數來執行遊戲。 雖然也想定在遊戲的執行時實施利用生物體資訊之認 證的構造,但是,必須於多數遊戲裝置個別設置取得生物 -5- 201113069 體資訊之機器(例如,指紋感測器或靜脈感測器),故由費 用的觀點來說並不實際。又,每於代額的增減(存入或提 領),必須進行用以生物體認證之繁雜的作業(例如,將手 舉至靜脈感測器的動作),故也有會損及利用者的便利性 之問題。考慮以上狀況,目的係實現使代額管理之安全性 的確保與認證所需之構造及手續的簡潔化之兩立》 [用以解決課題之手段] 以下說明爲了解決以上課題,本發明採用之手段。再 者’爲了容易理解本發明,以下爲了方便將圖面之參照符 號以括弧附記,但是,並不爲將本發明限定於圖示之形態 的趣旨。 本發明的管理系統(100),係包含管理裝置(30)與複數 遊戲裝置(26),其特徵爲:管理裝置(30)係具備:受理部 (3 62) ’係受理第1識別資訊(U ID_IN);產生部(3 64),係 產生表示利用者之生物體特徵的生物體資訊(B ID_IN); 第1認證部(321) ’係取得利用第1識別資訊(u ID_IN)與生 物體資訊(B ID_IN)之第1認證的結果;取得部(3 66),係取 得第2識別資訊(p ID_IN,r ID);第2認證部(3 22),係取 得利用第2識別資訊(ρ ϊ D _〗n,R 1D)之第2認證的結果; 及管理部(3 24),係在第〗認證及第2認證雙方的結果是肯定 時’將第1識別資訊(U ID_IN)與第2識別資訊(P ID_IN, R ID)建立關聯,並作爲已認證資訊(A)而記億於管理記憶 部(342);複數遊戲裝置(26)係個別具備:貯留部(542), 201113069 係記憶因爲在該當遊戲裝置(26)之代額的消費或獲得而增 減之第1代額數(c B);終端側取得部(562),係取得確認用 識別資訊(P ID_IN ’ R ID);照會部(62) ’係照會管理部 (3 24),確認一致於確認用識別資訊(P ID_IN,R ID)之第2 識別資訊(P ID_IN ’ R ID)是否作爲已認證資訊(A)而記憶 於管理記憶部(3 42);及允許部(64) ’係在照會的結果是肯 定時,允許記憶於貯留部(542)之第1代額數(CB)和與第1 識別資訊(U ID)建立對應而記億於記憶裝置(I4)之第2代額 數(C A)之從一方對於另一方的代額之轉移。 於以上構造中,因應遊戲裝置(26)的終端側取得部 (5 62)取得之確認用識別資訊(?1〇_1>^,尺10)是否作爲已 認證資訊(A)而記憶於管理裝置(30)的管理記憶部(342), 決定代額轉移的可否。所以,不需在遊戲裝置(26)實施利 用生物體資訊(B ID_IN)之第1認證。另一方面,對於允許 在遊戲裝置(2 6)之代額轉移來說(對於爲了將第2識別資訊( P ID_IN,R ID)與第1識別資訊(U ID_IN)建立關聯並記憶 於管理記憶部(3 42)來說),因爲需要在管理裝置(30)之第1 認證(生物體認證),故可確保代額管理的安全性。亦即, 可使代額管理之安全性的確保與認證所需之構造及手續的 簡潔化兩立。 所謂「代額」係代表在遊戲中使用(消費或賦予)之價 値的數量(虛擬貨幣),典型上來說,具有相當於遊藝媒體 之交換價値的數値(遊藝價値)。例如,藉由遊藝媒體的投 入或在遊戲中之事件的獲得而代額增加,藉由在遊戲的開 201113069 始時之消費或遊藝媒體的支付又或在遊戲中之事件的使用 而代額減少。所謂「遊藝媒體」係包括關於遊戲而具有價 値之所有要素的槪念。具體來說,利用者爲了參加遊戲所 需之媒體及作爲因應遊戲結果的優惠而賦予利用者之媒體 則相當於遊藝媒體。例如,代幣(硬幣)或籌碼(代用硬幣 (token coin))或硬幣或票券等的有形物該當於遊藝媒體。 受理部(3 62)係包含取得第1識別資訊(1:1〇_1>〇的所有 手段。例如,從電性或磁性記錄第1識別資訊(U ID_IN)之 記錄媒體,讀取第1識別資訊(U ID_IN)的讀取器、光學讀 取被印刷於讀取面之第1識別資訊(U ID_IN)的讀取器、利 用者進行操作而輸入第1識別資訊(U ID_IN)的輸入機器都 包含於受理部(3 62)的槪念。 第2識別資訊(P ID_IN,R ID)的典型例係從利用者直 接受理之識別資訊(例如,適用於遊戲裝置(26)之存檔資料 的識別所利用之遊戲卡的識別資訊(P ID_IN))及對應從利 用者受理之識別資訊(P ID_IN)而被管理之識別資訊(P ID) 。亦即,本發明的「取得部」係除了從利用者受理第2識 別資訊(P ID_IN)的受理部(366)之外,也包含取得從利用 者受理之識別資訊(P ID_IN)所對應之第2識別資訊(P ID) 的要素(例如,從管理兩者的對應之伺服器裝置取得第2識 別資訊(P ID)的要素)之槪念。「受理第2識別資訊( PID_IN,RID)的受理部(3 66)」係包含受理第2識別資訊( P ID_IN,R ID)之所有手段的槪念,例如,除了直接輸入 第2識別資訊(P ID_IN,R ID)的要素(例如輸入機器或讀取 201113069 器)之外,也包含使利用者選擇事先登記之第2識別資訊( P ID_IN ’ R ID)的有效/無效之槪念。「終端側取得部」 也相同’除了從利用者受理確認用識別資訊(p ID_IN)的 受理部(562)之外’包含取得從利用者受理之識別資訊( P ID_IN)所對應之確認用識別資訊(p id)的要素(例如,從 管理兩者的對應之伺服器裝置取得確認用識別資訊(p ID) 的要素)之槪念。 取得第1認證之結果的第1認證部(32 1 ),係包含取得在 外部執行之第1認證的結果之手段,與自身執行第1認證而 取得結果之手段雙方之槪念。關於第2認證部(3 22)也相同 ’不問執行第2認證之主體是第2認證部(322)或其他要素。 於「第2代額數(CA)與第1代額數(CB)之從一方對於 另一方之代額的轉移」係包含從第1代額數(CB)對於第2 代額數(C A)之單方向的代額之轉移(存入)、從第2代額數( C A)對於第1代額數(C B)之單方向的代額之轉移(提領)、 第1代額數(C B)與第2代額數(C A)之間雙方向的代額之轉 移的3種類樣態。所以,允許部(64)僅允許單方向之代額的 轉移之構造也包含於本發明的範圍。又,被轉移之代額係 第1代額數(C B)或第2代額數(C A)的全部亦可,一部份亦 可。 於本發明適切樣態中,管理部(324)係將相異之複數第 2識別資訊(P ID_IN,R ID)與第1識別資訊(U ID_IN)建立 關聯’作爲已認證資訊(A)而記憶於管理記憶部(342)。於 以上樣態中,因爲複數第2識別資訊(PID_IN,RID)與第 -9 - 201113069 1識別資訊(UID_IN)建立關聯,故在管理裝置(30)接受第1 認證的利用者,係可在遊戲裝置(2 6)使用複數第2識別資訊 (卩10_以,尺10)。例如,於依遊戲裝置(26)提供之每一遊 戲的種類而相異之第2識別資訊(p ID_IN,R ID)賦予給利 用者之環境中,利用者係不需依相異種類的每一遊戲來個 別接受第1認證,可利用對應該當遊戲的第2識別資訊( P ID_IN,R ID)來執行遊戲。 於本發明適切的樣態中,複數遊戲裝置(2 6)係個別具 備:終端側認證部(524),係取得利用確認用識別資訊( P ID_IN,R ID)之終端側認證的結果;照會部(62),係在 終端側認證的結果是肯定時,照會管理部(3 24),確認一致 於確認用識別資訊(P ID_IN,R ID)之第2識別資訊( P ID_IN,R ID)是否作爲已認證資訊(A)而記憶於管理記 憶部(3 42)。於以上樣態中,因爲在利用終端側取得部 (5 62)取得之確認用識別資訊(?10_1^[,1110)的終端側認 證的結果是肯定時,則執行照會部(62)所致之照會,故相 較於無關於確認用識別資訊(P ID_IN,R ID)的適合與否( 終端側認證的結果),皆執行照會部(62)所致之照會的構造 ,有可減輕管理部(3 24)之處理的負荷之優點。進而於適切 樣態中,複數遊戲裝置(26),係個別具備:密碼受理部 (564),係受理密碼(P WD_IN)的輸入;終端側認證部 (5 24),係取得利用確認用識別資訊(P ID_IN,R ID)與密 碼(P WD_IN)之終端側認證的結果。依據以上樣態,因爲 終端側認證需要密碼(P WD_IN) ’故有可防止得知確認用 -10 - 201113069 識別資訊(P ID_IN,R ID)之第三者(例如,撿到記錄確認 用識別資訊(P ID — in ’ R ID)之記錄媒體者)所致之代額的 轉移之優點。密碼(p WD_IN)係例如文字或數字的排列。 再者’終端側認證部(52 4),係與前述之第1認證部(3 21)及 第2認證部(3 2 2)相同,包含取得在外部執行之終端側認證 的結果之手段’與自身執行終端側認證而取得結果之手段 雙方之槪念。 於本發明的適切樣態中,管理裝置置(3 0),係具備: 密碼受理部(3 6 8),係受理密碼(pwD_IN)的輸入;第2認 證部(3 22) ’係取得利用第2識別資訊(p id_IN,R ID)與密 碼(P WD_IN)之第2認證的結果。於以上樣態中,因爲在管 理裝置(30)的第2認證需要密碼(p WD_IN),故相較於僅將 第2識別資訊(P ID— IN,R ID)利用於第2認證的構造,可 提升認證的確實性。 於本發明的適切樣態中,管理部(3 24),係以所定條件 的成立作爲契機,將管理記憶部(342)的已認證資訊(A)設 爲無效。於以上樣態中,因爲以所定條件的成立作爲契機 而已認證資訊(A)成爲無效,故相較於已認證資訊(A)涵蓋 長期間被維持爲有效的構造,可提升代額管理的安全性。 例如,如果因所定條件成立而已認證資訊(A)被無效化, 可防止得知第2識別資訊(P ID_IN,R ID)的第三者執行代 額轉移(假裝成正規利用者)。 再者,所謂「將已認證資訊設爲無效」係代表設定爲 無法參照已認證資訊(A)之狀態。例如,已認證資訊(A)的 -11 - 201113069 消除係已認證資訊(A)的無效化之典型例,但是,用以使 已認證資訊(A)無效化的具體處理係爲任意。例如,使附 加於已認證資訊(A)之旗標從有效變化成無效的處理也包 含於已認證資訊(A)的無效化之槪念。當然,從減輕管理 部(3 24)所致之處理(例如旗標的設定)的負荷之觀點來看, 消除已認證資訊(A)的構造特別適合。 再者,成爲使已認證資訊(A)無效化之契機的條件係 爲任意,但是,例如也可採用以所定時刻的到來作爲契機 而管理部(3 24)將已認證資訊(A)設爲無效的構造,或以依 每一已認證資訊(A)設定之有效期間的期滿作爲契機而將 已認證資訊(A)設爲無效的構造。依據前者的構造,相較 於後者的構造,有可減輕管理部(3 24)的負荷之優點。另— 方面,依據後者的構造,因爲依每一已認證資訊(A)設定 有效期間,故例如無關於已認證資訊(A )的產生時刻,可 涵蓋所定時間將已認證資訊(A)設爲有效。 於本發明的適切樣態中,複數遊戲裝置(2 6)係個別具 備:操作部(5 8 ),係包含指示從第1代額數(C B )對於第2代 額數(CA)之代額的轉移(存入)之存入操作部(582),與指 示從第2代額數(C A)對於第1代額數(C B)之代額的轉移(提 領)之提領操作部(584)至少一方;操作部(58),係在允許 部(6 4)允許代額的轉移時成爲可操作。於以上樣態中,因 爲在代額的轉移被允許時,操作部(58)成爲可操作,故在 允許部(64)不允許代額的轉移時,則不需要受理來自利用 者之操作的處理。所以,有可減輕遊戲裝置(2 6)的處理負 -12- 201113069 荷之優點。再者,作爲控制操作部的操作之可否的方法, 係可例示控制對於操作部的操作之受理的有效/無效之方 法,及以在附觸控面板功能的顯示裝置中受理操作的構造 爲基礎,控制畫面上之操作部的顯示(有效)/非顯示(無效 )之方法。 於本發明的適切樣態中,管理部(324),係使已認證資 訊(A)包含生物體資訊(B ID_IN,B ID)而記憶於管理記憶 部(3 42),在從遊戲裝置(26)被指示代額的轉移時,則對於 管理將第1識別資訊(U ID)與生物體資訊(B ID)與第2代額 數(C A)建立對應並加以記憶之記億裝置(14)的伺服器裝置 (12),發送已認證資訊(A)的第1識別資訊(U ID_IN)與生物 體資訊(B ID_IN,B ID)。於以上樣態中,因爲在被指示 代額的轉移時,第1識別資訊(U ID_IN)與生物體資訊( BID_IN,BID)從管理裝置(30)發送至伺服器裝置(12), 故在代額的轉移時,可在伺服器裝置(12)執行利用第1識別 資訊(U ID_IN)與生物體資訊(B ID_IN,B ID)的認證。所 以,相較於僅將第1識別資訊(UID_IN)從管理裝置(30)發 送至伺服器裝置(12)而轉移代額的構造,可提升代額管理 的安全性。又,因爲從管理部(3 24)對於伺服器裝置(12)發 送第1識別資訊(U ID_IN)與生物體資訊(B ID_IN,B ID), 故例如可使以利用第1識別資訊(U ID_IN)與生物體資訊( B ID_IN)的認證作爲要件而執行遊藝媒體(例如代幣)之支 付及存入的裝置(例如代幣處理裝置(16))相關之伺服器裝 置(12)的處理,與對於管理裝置(30)的伺服器裝置(12)之 -13- 201113069 處理共通化。所以,有可易於將管理裝置(30)導入至伺服 器裝置(12)管理代額的系統之優點。 於其他樣態中,管理部(3 24),係使已認證資訊(A)包 含特定資訊(α )而記億於管理記億部(3 42),在從遊戲裝置 (2 6)被指示代額的轉移時,則對於管理將第1識別資訊( U ID)與特定資訊(α )與第2代額數(C Α)建立對應並加以記 憶之記憶裝置(14)的伺服器裝置(12),發送已認證資訊(Α) 的第1識別資訊(U ID_IN)與特定資訊(α )。於以上樣態中 ,因爲在被指示代額的轉移時,第1識別資訊(U ID_IN)與 特定資訊(α )從管理裝置(3 0)發送至伺服器裝置(12),故 在代額的轉移時,可在伺服器裝置(1 2)執行利用第1識別資 訊(U ID_IN)與特定資訊(α )的認證。所以,相較於僅將第 1識別資訊(U ID_IN)從管理裝置(30)發送至伺服器裝置 (12)而轉移代額的構造,可提升代額管理的安全性。特定 資訊(α )的典型例係在任意方法中採用之一次性密碼。再 者,產生特定資訊(α)的主體係爲任意。例如,可採用伺 服器裝置(12)產生之特定資訊(α )被通知管理部(324)而包 含於已認證資訊(Α)的構造,與管理部(3 24)產生之特定資 訊(α )被通知伺服器裝置(12)而與第1識別資訊(U ID)及第 2代額數(C A)—起記憶於記憶裝置(14)的構造。 本發明亦可作爲關於前述各樣態之管理系統(1 00)所利 用之遊戲裝置(2 6)而特定。關於本發明的遊戲裝置(26), 係與具備在利用輸入至管理裝置(30)之第1識別資訊( U ID_IN)及生物體資訊(B ID_IN)之第1認證的結果,與利 -14- 201113069 用管理裝置(30)取得之第2識別資訊(p ID_IN,R ID)之第2 認證的結果是肯定時,將第1識別資訊(UID_IN)與第2識 別資訊(P ID_IN,R ID)建立關聯並作爲已認證資訊(A)而 記憶於管理記憶部(3 42)之管理部(3 24)的管理裝置(30)進 行通訊的遊戲裝置(26),其特徵爲具備:貯留部(542),係 記憶因爲在該當遊戲裝置(26)之代額的消費或獲得而增減 之第1代額數(C B);終端側取得部(562),係取得確認用識 別資訊(P ID_IN,R ID);照會部(62),係照會管理部 (324) ’確認一致於確認用識別資訊(p ID_IN,R ID)之第2 識別資訊(P ID_IN,R ID)是否作爲已認證資訊(A)而記憶 於管理記憶部(342);及允許部(64),係在照會的結果是肯 定時’允許記憶於貯留部(5 4 2 )之第1代額數(C B )和與第1 識別資訊(U ID)建立對應而記億於記憶裝置(14)之第2代額 數(C A)之從一方對於另一方的代額之轉移。依據以上的 遊戲裝置(26) ’也可實現與本發明的管理系統(1〇〇)相同的 效果。 又’本發明亦可作爲關於前述各樣態之管理系統(1 〇〇) 所利用之管理裝置(30)而特定。本發明的管理裝置(30), 其特徵爲具備:受理部(362),係受理第1識別資訊( U ID_IN);產生部(364),係產生表示利用者之生物體特徵 的生物體資訊(B ID-IN);第1認證部(321),係取得利用第 1識別資訊(U ID_IN)與生物體資訊(B ID_IN)之第1認證的 結果;取得部(366) ’係取得第2識別資訊(P ID_IN,R ID) :第2認證部(3 22) ’係取得利用第2識別資訊(P ID_IN, -15- 201113069 R ID)之第2認證的結果;及管理部(3 24),係在第1認證及 第2認證雙方的結果是肯定時,將第1識別資訊(U ID_IN) 與第2識別資訊(P ID_IN,R ID)建立關聯,並作爲已認證 資訊(A)而記憶於管理記憶部(342);管理部(3 2 4)係將一致 於確認用識別資訊(P ID_IN,R ID)的第2識別資訊( P ID_IN,R ID)是否作爲已認證資訊(A)而記憶於管理記 憶部(3 42)的判定之結果,通知該當遊戲裝置(26),在判定 的結果是肯定時,具備記憶因爲在該當遊戲裝置(2 6)之代 額的消費或獲得而增減之第1代額數(C B)的貯留部(542)之 遊戲裝置(26),和與第1識別資訊(U ID)建立對應而記憶第 2代額數(CA)之記憶裝置(14)之間,因應從遊戲裝置(26) 發送之代額的轉移之要求,仲介第1代額數(C B)與第2代 額數(CA)之從一方對於另一方的代額之轉移。依據以上 的管理裝置(30),也可實現與本發明的管理系統(100)相同 的效果。 進而,本發明也可作爲使電腦作爲遊戲裝置(26)及管 理裝置(30)而作用之程式來特定。關於本發明第1樣態的程 式,係使與具備在利用輸入至管理裝置(30)之第1識別資訊 (U ID_IN)及生物體資訊(B ID_IN)之第1認證的結果,與利 用管理裝置(30)取得之第2識別資訊(P ID_IN,R ID)之第2 認證的結果是肯定時,將第1識別資訊(UID_IN)與第2識 別資訊(P ID_IN,R ID)建立關聯並作爲已認證資訊(A)而 記憶於管理記憶部(3 42)之管理部(3 24)的管理裝置(30)進 行通訊的電腦作爲遊戲裝置(2 6)而作用,其特徵爲使電腦 -16- 201113069 作爲以下構件而作用:貯留部(542),係記憶因爲在該當遊 戲裝置(2 6)之代額的消費或獲得而增減之第1代額數(CB) ;終端側取得部(5 62),係取得確認用識別資訊(P ID_IN, R ID);照會部(62),係照會管理部(3 24),確認一致於確 認用識別資訊(P ID —IN,R ID)之第2識別資訊(P ID_IN, R ID)是否作爲已認證資訊(A)而記憶於管理記憶部(342); 及允許部(64),係在照會的結果是肯定時,允許記億於貯 留部(542)之第1代額數(C B)和與第1識別資訊(U ID)建立 對應而記憶於記憶裝置(14)之第2代額數(C A)之從一方對 於另一方的代額之轉移。依據以上的程式,也可實現與本 發明的遊戲裝置(2 6)相同的效果。 又’關於本發明第2樣態的程式,係使電腦作爲以下 構件而作用:受理部(3 62),係受理第1識別資訊(U ID_IN) ;產生部(3 64),係產生表示利用者之生物體特徵的生物體 資訊(B ID_IN) •,第1認證部(321),係取得利用第1識別資 訊(U ID_IN)與生物體資訊(b ID_IN)之第1認證的結果;取 得部(3 66) ’係取得第2識別資訊(P ID_IN,R ID);第2認 證部(3 22) ’係取得利用第2識別資訊(P ID_IN,R ID)之第 2認證的結果;及管理部(3 24),係在第1認證及第2認證雙 方的結果是肯定時,將第1識別資訊(UID_IN)與第2識別 資訊(P ID_IN,R ID)建立關聯,並作爲已認證資訊(A)而 記憶於管理記憶部(342);其特徵爲:管理部(3 24)係將一 致於確認用識別資訊(P ID_IN,R ID)的第2識別資訊( P ID_IN ’ R ID)是否作爲已認證資訊(A)而記憶於管理記 -17- 201113069 憶部(3 42)的判定之結果,通知該當遊戲裝置(26),在判定 的結果是肯定時,具備記憶因爲在該當遊戲裝置(26)之代 額的消費或獲得而增減之第1代額數(CB)的貯留部(5 42)之 遊戲裝置(26),和與第1識別資訊(U ID)建立對應而記憶第 2代額數(CA)之記億裝置(14)之間,因應從遊戲裝置(26) 發送之代額的轉移之要求,仲介第1代額數(CB)與第2代 額數(C A)之從一方對於另一方的代額之轉移。依據以上 的程式,也可實現與本發明的管理裝置(3 0)相同的效果。 以上所例示之各樣態的程式係除了以被儲存於電腦可 讀取的記錄媒體之形態下提供給利用者而安裝於電腦之外 ,也可以介由通訊網的遞送之形態下從伺服器裝置提供而 安裝於電腦。 【實施方式】 < A :第1實施形態> < A-1 :第1實施形態的構造> 圖1係關於本發明的第1實施形態之管理系統100的區 塊圖。管理系統1 00係例如構築於遊戲中心等之遊藝設施 的電腦網路系統。如圖1所示,管理系統1 00係包含第1系 統10與第2系統20與管理裝置30而構成。 第1系統1 〇係使用於遊戲之代幣的管理(存入及提領)所 利用之系統。欲利用第1系統1 0所致之代幣的管理之利用 者係必須事先接受登記(以下稱爲「第1登記」)。對於接受 第1登記之利用者賦予識別資訊U ID (user ID)。識別資訊 -18- 201113069 U ID係例如記憶於發派給利用者之1C卡等之可搬送型的記 錄媒體(以下稱爲「管理卡」)。 如圖1所示,第1系統10係具備第1伺服器裝置12與記 憶裝置14與代幣處理裝置16。第1伺服器裝置12與代幣處 理裝置16係介由通訊網18相互通訊。通訊網18係例如構築 於遊藝設施內之LAN(local areanetwork)。但是,第1系統 10的一部份係可設置於遊藝設施的外部。在第1系統10的 一部份設置於遊藝設施的外部之構造,通訊網18的一部份 係以例如利用網際網路之WAN(wide area network)或 VPN(virtual private network)來實現。 記憶裝置14係依每一第1登記設定記錄R1的資料庫。 如圖2所示’各記錄R 1係包含接受第丨登記之利用者的識別 資訊U ID(記憶於正規的管理卡之識別資訊u ID)及生物體 資訊BID’與其利用者保有之代額的總量(以下稱爲「保 有代額數」)C A而構成。生物體資訊B ID係表示利用者之 生物體特徵的資訊。具體來說,表示手(手掌及手指)之靜 脈紋路的生物體資訊B ID被記憶於記憶裝置〗4。再者,也 採用與識別資訊U ID個別建立對應,將生物體資訊b ID與 保有代額數C A儲存於個別的記憶裝置之構造。第1伺服器 裝置12係執行儲存於記憶裝置14之資料的管理(讀出及寫 入)°再者,在圖1作爲個別物體的要素而圖示之第H司服 器裝置12與記憶裝置14也可作爲一體的裝置而構成。 圖1的代幣處理裝置16係利用者爲了代幣的存入及支 付而進行操作之終端裝置,包含控制部162與受理部164與 -19- 201113069 產生部166而構成。再者,也可採用個別裝置執行代幣的 存入與支付之構造。控制部162係執行代幣的存入及支付 所需之各種處理。 受理部164係受理利用者所致之識別資訊U ID_IN的輸 入。作爲受理部1 64,例如可採用將被儲存於管理卡之識 別資訊U ID作爲識別資訊U ID_IN來讀取之公知的讀取器 。正規接受第1登記之利用者所輸入之識別資訊U ID_IN係 —致於記憶於記憶裝置1 4之識別資訊U ID。 產生部1 66係產生表示利用者之生物體特徵的生物體 資訊B ID_IN。作爲產生部1 66,例如可採用檢測出利用者 的手(手掌及手指)的靜脈紋路而產生生物體資訊B ID_IN 之公知的靜脈感測器。正規接受第1登記之利用者之生物 體資訊B ID_IN係一致於記憶裝置14之生物體資訊B ID » 圖3係利用代幣處理裝置1 6之代幣的存入及支付相關 之動作的流程圖。以對於代幣處理裝置1 6之所定操作作爲 契機,開始圖3的處理。希望代幣處理裝置16所致之代幣 的存入或支付之利用者,係將識別資訊U ID_IN輸入至受 理部164( S A 10)之同時,使產生部166產生生物體資訊 B ID_IN( S Al 1)。控制部162係將包含利用者所輸入之識 別資訊U ID_IN與生物體資訊B ID_IN的認證要求,發送至 第1伺服器裝置12( S A12)。 接受認證要求時(S B 1 0),第1伺服器裝置1 2係執行利 用包含於其認證要求之識別資訊U ID_IN與生物體資訊 B ID_IN的認證(生物體認證)(S Bl 1)。具體來說,第1伺服 -20- 201113069 器裝置1 2係判定識別資訊U ID_IN與生物體資訊B ID_IN的 組合是否儲存於記憶裝置14(符合識別資訊U ID_IN之識別 資訊U ID與符合生物體資訊B ID_IN之生物體資訊B ID是 否在1個記錄R 1內建立對應而儲存於記憶裝置1 4)。第1伺 服器裝置1 2係將認證結果發送至代幣處理裝置1 6 ( S B 1 2) 。代幣處理裝置16的控制部162係接收認證結果(S A13)。 控制部1 62係在認證結果是否定時,將認證的失敗通 知利用者而結束處理,在認證結果是肯定時(SA14: YES) ,允許代幣的支付及存入。例如,在利用者指定所希望枚 數(以下稱爲「提領數」)N OUT而要求代幣的支付時( S A15),控制部162係將包含識別資訊U ID_IN與生物體資 訊B ID_IN與提領數N OUT的提領要求,發送至第1伺服器 裝置12(S A16)。在接收提領要求時(S B13),第1伺服器 裝置12係從對應識別資訊U ID_IN而記憶於記憶裝置14之 保有代額數CA,減去提領數NOUT(SB14),將代表保有 代額數C A的更新結束之提領通知發送至代幣處理裝置1 6( S B15)。接收提領通知之控制部162係從支付機(斗)支付相 當於提領數NOUT之枚數的代幣(SA17)。 另一方面,利用者將代幣投入至代幣處理裝置16的投 入口(省略圖示)而指示代幣的存入時,計數器(省略圖示) 會計算被投入至投入口之代幣的枚數(以下稱爲「存入數 」)N IN( S A18)。控制部162係將包含識別資訊U ID_IN與 生物體資訊B ID_IN與存入數N IN的存入要求,發送至第1 伺服器裝置12( S A19)。接收存入要求之第1伺服器裝置 -21 - 201113069 12( S B16)係將存入數N IN加算至對應識別資訊U ID_IN而 記憶於記憶裝置1 4之保有代額數C A( S B 1 7),將代表保有 代額數C A的更新結束之存入通知發送至代幣處理裝置16( S B18)。控制部162係接收存入通知(S A20)。利用第1系 統〗〇之代幣的支付及存入的順序係如上所述。 圖1的第2系統20係利用者用以執行遊戲的系統,具備 第2伺服器裝置22與記憶裝置24與複數遊戲裝置26。複數 遊戲裝置26係包含提供不同遊戲的兩種以上遊戲裝置26» 第2伺服器裝置22與各遊戲裝置26係介由通訊網28相互通 訊。通訊網2 8係與通訊網1 8相同,例如構築於遊藝設施內 之LAN。但是,第2系統20的一部份係可設置於遊藝設施 的外部。在第2系統20的一部份設置於遊藝設施的外部之 構造,通訊網2 8的一部份係以例如利用網際網路之WAN或 VPN來實現。於通訊網18及通訊網28之內部的通訊路徑, 係適切配置閘道器及路由器等的通訊機器。 欲利用第2系統20(各遊戲裝置26)之利用者可事先接受 登記(以下稱爲「第2登記」)。對於接受第2登記之利用者 賦予識別資訊P ID (player ID)。識別資訊P ID係例如記憶 於發派給利用者之1C卡等之可搬送型的記錄媒體(以下稱 爲「遊戲卡」)。 記億裝置24係依每一第2登記設定記錄R2的資料庫。 如圖4所示,各記錄R2係包含接受第2登記之利用者的識別 資訊P ID(記憶於正規的遊戲卡之識別資訊P ID)及密碼 P WD,與其利用者之遊戲資料(存檔資料)D G而構成。遊 -22- 201113069 戲資料D G係包含利用者過去所執行之遊戲進行狀況等的 遊戲相關之各種資訊而構成。再者,也採用將遊戲資料 D G記憶於與記憶識別資訊p ID及密碼P WD之記憶裝置24 不同之記憶裝置的構造。第2伺服器裝置22係執行儲存於 記憶裝置24之資料的管理(讀出及寫入)。再者,在圖1作爲 個別物體的要素而圖示之第2伺服器裝置22與記憶裝置24 也可作爲一體的裝置而構成。 圖5係管理裝置30及遊戲裝置26的區塊圖。在圖5,僅 代表性圖示1個遊戲裝置26,但是,其他遊戲裝置2 6也爲 相同構造。又,介在於管理裝置3 0與各遊戲裝置26之間的 通訊網28在圖5中省略》 遊戲裝置26係包含運算處理裝置(CPU)52與記憶裝置 54與輸入受理部56與操作部58而構成之電腦系統。運算處 理裝置52係利用記憶於記憶裝置54之程式的執行,實現複 數功能(遊戲處理部522,終端側認證部524,照會部62, 允許部64,控制部66)。 輸入受理部56係受理來自利用者之輸入的要素,包含 受理部562與受理部564而構成。受理部562係受理利用者 所致之識別資訊P ID_IN的輸入。作爲受理部562,例如可 採用將被儲存於遊戲卡之識別資訊P ID作爲識別資訊 P ID —IN來讀取之公知的讀取器。受理部5 64係受理利用者 所致之密碼P W D — IN的輸入。例如,受理部5 6 4係以利用 者操作之複數操作子(鍵盤)所構成。再者,作爲受理部564 ,也可採用附觸控面板功能的顯示裝置所顯示之操作子( -23- 201113069 鍵盤)。 適用遊戲資料D G而欲執行遊戲之利用者,係必須接 受利用識別資訊P ID_IN與密碼p WD_IN之終端側認證。 終端側認證係利用者是否接受第2登記的判定。亦即,終 端側認證係相當於判定識別資訊P ID_IN與密碼P WD_IN 的組合是否儲存於記憶裝置24(符合識別資訊P ID_IN之識 別資訊P ID與符合密碼P WD_IN之密碼P WD是否在1個記 錄R2內建立對應而儲存於記憶裝置24)的處理。 圖5的終端側認證部524係取得終端側認證的結果。在 終端側認證的結果是肯定時(終端側認證成功時),儲存於 記憶裝置24之複數遊戲資料D G中對應識別資訊P ID_IN與 密碼P WD_IN的遊戲資料D G係從第2伺服器裝置22發送至 遊戲裝置26。遊戲處理部5 22係適用從記憶裝置24取得之 遊戲資料D G,執行各種遊戲處理(用以使利用者執行遊戲 的處理)。所以,利用者係可從自身過去執行遊戲時的狀 況再次開始遊戲。 記憶裝置54係記憶運算處理裝置52執行之程式及各種 資料。具體來說,記憶使用代額數C B的記憶區域(以下稱 爲「貯留部」)542被記憶裝置54設定。使用代額數C B係 代表與遊戲裝置26之遊戲開始及進行(例如事件的發生)〜 起增減之代額的數量。例如,遊戲的開始所需之所定數代 額被消費時則使用代額數C B會減少,在遊戲的進行(例如 事件的達成)中獲得代額時則使用代額數C B會增加。作爲 記憶裝置54,可任意採用半導體記錄媒體或磁性記錄媒體 24- 201113069 等之公知的記錄媒體(或複數種記錄媒體的組合)。 利用者係可利用對於遊戲裝置2 6之代幣的投入,使使 用代額數CB增加。進而,接受第1登記及第2登記雙方的 利用者,係可在第1系統1 〇被管理之保有代額數C A與記憶 於遊戲裝置26的貯留部542之使用代額數C B之間,轉移代 額(以下稱爲「代額轉移」)。於代額轉移,係有代額從保 有代額數C A轉移至使用代額數CB而利用在遊戲裝置26之 遊戲的處理(提領),與將因代幣的投入或在遊戲中之獲得 而發生之代額’從使用代額數CB轉移至保有代額數C A的 處理(存入)。亦即,利用者可不處理實際的代幣而執行代 額轉移。 圖1的管理裝置3 0係認證(本人認證)希望代額轉移之利 用者是否是接受第1登記及第2登記之本人之後,管理在各 遊戲裝置2 6之代額轉移。亦即,管理裝置3 0係實現管理保 有代額數C A的第1系統1〇,與管理利用使用代額數c b之 各遊戲裝置26的第2系統2〇之統合。 如圖1所示,管理裝置3〇係設置於遊藝設施內,連接 第1系統10與第2系統2〇。具體來說,管理裝置3〇係介由專 用線路’連接第1系統1 〇的第1伺服器裝置丨2,與第1伺服 器裝置12進行通訊。再者’也採用管理裝置3〇介由通訊網 18,連接於第1伺服器裝置12的構造。又,管理裝置3〇係 連接於第2系統2〇的通訊網28,與第2伺服器裝置22及各遊 戲裝置26進行通訊。 如圖5所示’管理裝置3〇係包含運算處理裝置32與記 -25- 201113069 憶裝置34與輸入受理部36而構成之電腦系統。運算處理裝 置3 2係利用記憶於記憶裝置34之程式的執行,實現複數功 能(第1認證部321,第2認證部3 22,管理部3 24)。記憶裝置 3 4係記憶運算處理裝置32執行之程式及各種資料。作爲記 憶裝置34,可任意採用半導體記錄媒體或磁性記錄媒體等 之公知的記錄媒體(或複數種記錄媒體的組合)。 輸入受理部36係受理來自利用者之輸入的要素,包含 受理部362與產生部364與受理部366與受理部368而構成。 受理部362係受理利用者所致之識別資訊U ID_IN的輸入。 例如,受理部3 62係與受理部564相同,以利用者操作之複 數操作子(鍵盤)所構成。再者,作爲受理部362,也可採用 附觸控面板功能的顯示裝置所顯示之操作子(鍵盤)。產生 部3 64係產生表示利用者之生物體特徵的生物體資訊 B ID_IN。與代幣處理裝置16的產生部166相同,作爲產生 部3 6 4而採用檢測出手(手掌及手指)的靜脈紋路而產生生物 體資訊B ID_IN的靜脈感測器。 受理部3 66係受理利用者所致之識別資訊p ID_IN的輸 入。與遊戲裝置26的受理部562相同,作爲受理部3 66,例 如可採用將遊戲卡之識別資訊P ID作爲識別資訊p ID_in 來讀取的讀取器。受理部3 68係受理利用者所致之密碼 P WD —IN的輸入。例如,受理部368係與受理部5 64相同, 以利用者操作之複數操作子(鍵盤)所構成。再者,作爲受 理部368,也可採用附觸控面板功能的顯示裝置所顯示之 操作子(鍵盤)。 -26- 201113069 第1認證部321係取得利用被輸入至受理部3 62之識別 資訊U ID_IN與產生部364所產生之生物體資訊B ID_IN的 認證(以下稱爲「第1認證」)的結果。第1認證係判定第1登 記之有無的處理。亦即,第1認證係相當於判定識別資訊 U ID_IN與生物體資訊B iD_IN的組合是否儲存於記憶裝置 14(符合識別資訊U ID_IN之識別資訊U ID與符合生物體資 訊B ID_IN之生物體資訊BID是否在1個記錄R1內建立對應 而儲存於記憶裝置14)的處理。 另一方面,第2認證部322係取得利用被輸入至受理部 3 66之識別資訊P ID_IN與被輸入至受理部366之密碼 P WD_IN的認證(以下稱爲「第2認證」)的結果。第2認證 係判定第2登記之有無的處理。亦即,第2認證係相當於判 定識別資訊P ID_IN及密碼P WD_IN的組合是否儲存於記 憶裝置24(符合識別資訊P ID_IN之識別資訊P ID與符合密 碼P WD_IN之密碼P WD是否在1個記錄R2內建立對應而儲 存於記憶裝置24)的處理。 管理部3 24係在第1認證及第2認證雙方的結果是肯定 時(亦即,已確認利用者接受第1登記及第2登記時),產生 已認證資訊A,並記億於記憶裝置34的所定記憶區域(以下 稱爲「管理記憶部」)3 42。已認證資訊A係如圖5所示,將 被輸入至受理部362之識別資訊UID_IN(UID),與被輸入 至受理部3 66之識別資訊P ID_IN( P ID),與產生部3 64所 產生之生物體資訊B ID_IN(B ID)建立關聯的記錄(資料列) 。對應不同利用者之複數已認證資訊A依序被產生而儲存 -27- 201113069 於管理記憶部342。 記億於管理記憶部342之已認證資訊A係以所定時刻的 到來作爲契機而被消除。例如,在遊藝設施的開店前或關 店後的所定時刻到來時,管理部3 24係消除記憶於管理記 億部342之複數已認證資訊A(亦即,在最近開店時所產生 之已認證資訊A)。 各遊戲裝置26的照會部62係針對實際在遊戲裝置26欲 執行遊戲之利用者,確認第1認證及第2認證是否被肯定。 具體來說,照會部62係照會管理裝置30的管理部324,被 輸入至遊戲裝置26的受理部562之識別資訊P ID_IN是否作 爲已認證資訊A而記億於管理裝置30的管理記憶部342(亦 即,針對將識別資訊P ID_IN輸入至遊戲裝置26之利用者 ,第1認證與第2認證是否已被肯定)。照會部62所致之照 會係在終端側認證部5 24所致之認證的結果是肯定時被執 行。允許部64係在對於管理部324之照會的結果是肯定時 允許代額轉移,在照會的結果是否定時禁止代額轉移。 操作部58係因應來自利用者的操作而指示代額轉移的 方向(存入/提領)與數量。本實施形態的操作部58係附觸 控面板功能的顯示裝置,如圖6(B)所示,顯示包含存入操 作部5 82與提領操作部584的操作畫面。存入操作部5 82係 因應來自利用者的操作而指示代額的存入(從使用代額數 C B至保有代額數C A的代額轉移)與存入數N IN。提領操 作部5 84係因應來自利用者的操作而指示代額的提領(從保 有代額數C A至使用代額數C B的代額轉移)與提領數 -28- 201113069 N OUT。圖1的控制部66係因應來自操作部58的指示而執 行代額轉移。操作部58所致之操作的受理與控制部66所致 之代額轉移,係在允許部64允許代額轉移時被執行,在允 許部64不允許代額轉移時不被執行。 < A-2 :第1實施形態的動作> (1)認證時的動作 接著,說明以上說明之管理系統1 〇 〇的動作。來到遊 藝設施之利用者係移動至管理裝置3 0,接受第1認證及第2 認證。圖7係揭示關於第1認證及第2認證的管理系統1 〇〇之 動作的流程圖。以對於管理裝置3 0之所定操作作爲契機, 開始圖7的處理。 管理裝置30的受理部3 66受理識別資訊P ID_IN的輸入 (SC10),受理部368受理密碼PWD_IN的輸入時(SC11), 第2認證部322係將包含識別資訊P ID_IN與密碼P WD_IN 的第2認證要求,發送至第2伺服器裝置22( S Cl 2)。第2伺 服器裝置2 2係接收第2認證要求(S D 1 0 ),判定第2認證要 求內的識別資訊P ID_1N及密碼P WD_IN是否作爲識別資 訊P ID及密碼P WD而儲存於記憶裝置24(第2認證)(S Dl 1) 。然後’第2伺服器裝置2 2係將第2認證的結果(第2認證結 果)發送至管理裝置30( S D12)。 接收第2認證結果時(S C1 3),第2認證部322係判定第 2認證的結果是否是肯定(S C 1 4 ),在結果是否定時,則將 第2認證的失敗通知利用者而結束處理(省略圖示)。另一方 •29- 201113069 面,在第2認證的結果是肯定時,則執行以下處理。 受理部362受理識別資訊U ID_IN時(S C15),第1認證 部32 1係將包含識別資訊U ID_IN的預備認證要求,發送至 第1伺服器裝置12(SC16)。接收預備認證要求時(SB20), 第1伺服器裝置1 2係判定預備認證要求內的識別資訊U ID_IN是否作爲識別資訊U ID而儲存於記憶裝置14(S B21) ,並將預備認證的結果(預備認證結果)發送至管理裝置3 0( S B22)。從第1伺服器裝置12接收預備認證結果時(S C17) ,第1認證部3 2 1係判定預備認證的結果是否是肯定( S C 1 8 ),在結果是否定時,則將預備認證的失敗通知利用 者而結束處理。另一方面,在預備認證的結果是肯定時, 則以以下順序執行第1認證。 產生部364產生生物體資訊B ID_IN時(S C19),第1認 證部321係將包含在步驟S C15受理之識別資訊U ID_IN與 生物體資訊B ID_IN的第1認證要求,發送至第1伺服器裝 置12( S C20)。再者,也可採用選擇性適用靜脈紋路的檢 測方法及生物體資訊B ID_IN的產生方法不同之複數動作 模式任一的構造。亦即,指定在生物體資訊B ID的產生時 (例如第1登記時)實際被適用之動作模式的模式資訊與識別 資訊U ID及生物體資訊B ID—起被儲存於記憶裝置1 4,包 含模式資訊的預備認證結果(S B22)從第1伺服器裝置12被 發送至管理裝置30。管理裝置30的產生部364係在預備認 證結果內的模式資訊所指定之動作模式中產生生物體資訊 B ID IN 。 -30- 201113069 第1伺服器裝置12係接收第1認證要求(SB23),判定 第1認證要求內的識別資訊U ID_IN與生物體資訊B ID_IN 是否作爲識別資訊U ID及生物體資訊B ID而儲存於記憶裝 置14(第1認證)(S B24)。然後,第1伺服器裝置12係將第1 認證的結果(第1認證結果)發送至管理裝置30( S B25)。 接收第1認證結果時(S C2 1 ),第1認證部3 2 1係判定第 1認證的結果是否是肯定(S C22),在結果是否定時,則將 第1認證的失敗通知利用者而結束處理。另一方面,在第1 認證的結果是肯定時,管理部32 4係產生將在步驟S C10輸 入之識別資訊P ID_IN( P ID)與在步驟S C15輸入之識別資 訊U ID_IN(UID)與在步驟S C19產生之生物體資訊 B ID_IN( B ID)建立關聯的已認證資訊A,並儲存於管理記 憶部342( S C23)。如前述般,記憶於管理記憶部3 42之已 認證資訊A係在所定時刻的到來時被消除。再者,也採用 在第1認證的結果是肯定,且有保有代額數CA的殘量時, 於顯示裝置顯示保有代額數CA的殘量之構造。 (2)遊戲時的動作 在以上順序中接受第1認證及第2認證的利用者’係移 動至遊藝設施內之所希望的遊戲裝置26’爲了可進行保有 代額數CA與使用代額數CB之間的代額轉移’使遊戲裝置 26執行圖8及圖9的處理。以對於遊戲裝置26之所定操作作 爲契機,開始圖8的處理。 遊戲裝置26的受理部562受理識別資訊P ID_IN的輸入 -31 - 201113069 (S E20),受理部564受理密碼p WD_IN的輸入時(S E21), 終端側認證部5 24係將包含識別資訊p ID_in與密碼 P WD_IN的終端側認證要求,發送至第2伺服器裝置22( S E2 2)。第2伺服器裝置22係接收終端側認證要求(S D20) ,判定終端側認證要求內的識別資訊P ID_IN及密碼 P WD_IN是否作爲1個記錄R2的識別資訊P ID及密碼P WD 而儲存於記憶裝置24( S D21)。然後,第2伺服器裝置22係 將終端側認證的結果(終端側認證結果)發送至遊戲裝置26( S D22)。 接收終端側認證結果時(S E2 3 ),終端側認證部5 24係 判定終端側認證結果的結果是否是肯定(S E24),在結果 是否定時,則將終端側認證的失敗通知利用者而結束處理 。另一方面,在終端側認證的結果是肯定時,照會部62係 將用以照會利用者在管理裝置30之第1認證及第2認證是否 成功的照會要求,發送至管理裝置3 0(S E25)。於照會要 求係包含在步驟S E2 0輸入之識別資訊P ID_IN。又,在終 端側認證的結果是肯定時,遊戲裝置26從記億裝置24取得 遊戲資料DG並適用於遊戲(省略圖示)。 在接收照會要求時(S C30),管理部324係依序對照記 億於管理記憶部342之各已認證資訊A的識別資訊P ID_IN 與包含於照會要求的識別資訊P ID_IN( S C31),判定將包 含於照會要求的識別資訊P ID_IN與識別資訊U ID_IN和生 物體資訊B ID_IN建立關聯之已認證資訊A是否記憶於管理 記憶部342(亦即,針對輸入識別資訊P ID_IN至遊戲裝置 -32- 201113069 2 6之利用者’在管理裝置3 〇之第1認證及第2認證是否成功 )(S C32)。 在包含識別資訊P ID_IN的已認證資訊Α記憶於管理記 億部3 42時(S C32 : YES),管理部3 24係將包含其已認證資 訊A的識別資訊U ID_IN及生物體資訊B ID_IN的殘量要求( 保有代額數C A的確認要求)發送至第1伺服器裝置12( S C33)。在接收殘量要求時(S B30),第1伺服器裝置12係 從記憶裝置1 4檢索對應包含於殘量要求之識別資訊 U ID_IN(U ID)及生物體資訊B ID_IN(B ID)的保有代額數 CA(SB31),並將包含此保有代額數CA的殘量通知發送 至管理裝置30( S B32)。殘量通知係利用管理部3 24接收( S C3 4)。另一方面,包含識別資訊P ID_IN的已認證資訊A 並未記憶於管理記憶部342時(S C32 : NO),則不執行步驟 S C33及步驟S C34的處理。 管理部324係將照會結果(包含識別資訊p ID_IN的已 認證資訊A是否記憶於管理記憶部342)發送至遊戲裝置26( S C3 5)。在照會的結果是肯定時(包含識別資訊p id JN的 已認證資訊A在步驟S C31從管理記憶部342被檢索出時), 則使在步驟S C34接收之殘量通知的保有代額數C a包含於 照會結果。 在照會部62接收照會結果時(S E26),允許部64係判 定照會結果是否是肯定(S E27)。在照會結果是肯定時( S E27 : YES) ’用以開始代額轉移的存入.提領按鍵(指令 按鍵或圖示等的指示子)會顯示於遊戲裝置的顯示畫面而 -33- 201113069 成爲可操作(有效)狀態(S E30)。另一方面,在照會結果是 否定時(S E2 7 : NO) ’不會顯示存入•提領按鍵。所以, 利用者無法指示代額轉移的開始。 在利用者操作照會結果是肯定時所顯示之存入•提領 按鍵時’允許部64係使操作部5 8顯示包含照會結果所包含 之保有代額數C A的顯示之圖6(A)的操作畫面。在圖6(A) 的操作畫面’在可受理來自利用者的提領指示之狀態下顯 示(有效化)提領操作部5 84。另一方面,在開始遊戲裝置26 的操作之初始的階段’使用代額數C B爲0。所以,如圖6 的部份(A)所示,於操作畫面作爲使用代額數CB而顯示0 ,指示從使用代額數CB對於保有代額數CA的代額轉移之 存入操作部5 8 2係被控制爲無效之狀態(例如非顯示或灰視 而不受理來自利用者的操作之狀態)。 如上所述’提領操作部5 8 4有效化時,因應對於提領 操作部584之來自利用者的操作,執行從保有代額數c A對 於使用代額數CB的代額轉移(提領)。管理裝置30的管理 部3 2 4係在記憶使用代額數C B的貯留部5 4 2與記憶保有代 額數C A的記憶裝置14之間,因應從遊戲裝置26發送之代 額轉移的要求(提領要求),仲介從保有代額數C A對於使 用代額數CB的代額轉移。 首先,在提領操作部584受理代額之提領的指示與提 領數N OUT的指定時(S E31),控制部66係將包含在步驟 S E20輸入之識別資訊p ID_IN與在步驟S E31指定之提領 數N OUT的提領要求發送至管理裝置3 0(s E3 2)。再者,提 -34- 201113069 領數N OUT的指定方法係爲任意。例如,可採用利用者作 爲提領數N OUT而指定保有代額數C A之範圍內的任意數 量的方法,及利用提領操作部584的1次操作來指定所定數 量(例如100枚)之提領數N OUT的方法。又,也適合將所定 期間(例如1天)內的提領數N OUT之合計限制於所定値(上 限値)的構造。 在接收提領要求時(S C 4 0),管理裝置30係從管理記 憶部342檢索對於包含於此提領要求的識別資訊p id_IN以 已認證資訊A建立關聯之識別資訊U ID_IN及生物體資訊 B ID_IN( S C41)。然後,管理部324係將包含在步驟S C41 檢索之識別資訊U ID_IN及生物體資訊B ID_IN,與包含於 提領要求之提領數N OUT的提領要求,發送至第1伺服器 裝置12(S C42)。 在接收提領要求時(S B40),第1伺服器裝置12係從對 應此提領要求內的識別資訊U ID_IN及生物體資訊B ID_IN 而記憶於記憶裝置14之保有代額數C A,減去提領要求的 提領數NOUT(SB4l),將代表保有代額數CA的更新之提 領通知發送至管理裝置30( S B42)。管理裝置30的管理部 3 24係將從第1伺服器裝置12接收之提領通知,發送至遊戲 裝置26(SC43)。在接收提領通知時(SE3 3),遊戲裝置26 的控制部66係將在步驟S E3 1指定之提領數N OUT,加算 至貯留部542的使用代額數C B(S E34)。 藉由以上說明之代額的提領及在遊戲中的獲得而還有 使用代額數C B的殘數時,利用者操作存入.提領按鍵的 -35- 201113069 話’允許部64係如圖6(B)所示,將現階段的保有代額數 CA與使用代額數CB顯示於操作畫面,在可受理來自利用 者之代額轉移的指定之狀態下,使操作部5 8顯示(有效化) 存入操作部582及提領操作部584雙方。再者,在沒有保有 代額數CA的殘數時,如圖6(C)所示,作爲保有代額數CA 而顯示〇之同時,提領操作部5 84係被控制爲無效之狀態( 例如非顯示或灰視而不受理來自利用者的操作之狀態)。 如上所述,存入操作部582有效化時,因應對於存入 操作部5 82之來自利用者的指示,執行從使用代額數C b對 於保有代額數C A的代額轉移(存入)。管理裝置3 0的管理 部3 24係與代額的提領時相同,在記憶使用代額數C B的貯 留部542與記憶保有代額數C A的記憶裝置14之間,因應從 遊戲裝置2 6發送之代額轉移的要求(存入要求),仲介從使 用代額數CB對於保有代額數C A的代額轉移。 首先,在存入操作部582受理代額之存入的指示與存 入數N IN的指定時(S E3 5),控制部66係將包含在步驟 S E2 0輸入之識別資訊P ID_IN與在步驟S E35指定之存入 數NIN的存入要求發送至管理裝置30(SE36)。再者,存 入數N IN的指定方法係爲任意。例如,可採用利用者作爲 存入數N IN而指定使用代額數CB之範圍內的任意數量的 方法,及利用存入操作部5 82的1次操作來指定所定數量( 例如100枚)之存入數N IN的方法。 在接收存入要求時(SC44),管理裝置30的管理部324 係與步驟S C41及步驟S C42相同,檢索對於包含於存入要 -36- 201113069 求的識別資訊P ID_IN以已認證資訊A建立關聯之識別資訊 U ID_IN及生物體資訊B ID_IN( SC45),並與存入數NIN —起包含於存入要求而發送至第1伺服器裝置12(SC46)。 在接收提領要求時(S B43),第1伺服器裝置12係將存 入要求的存入數N IN加算至對應此存入要求內的識別資訊 U ID_IN及生物體資訊B ID_IN而記憶於記憶裝置14之保有 代額數C A( S B44),將代表保有代額數CA的更新之存入 通知發送至管理裝置30( S B45)。存入通知係介由管理裝 置30的管理部324而被傳送至遊戲裝置26(SC47)。在接收 存入通知時(S E3 7),遊戲裝置26的控制部66係從貯留部 542的使用代額數CB,減去在步驟SE35指定之存入數 NIN(SE38)。在使用代額數CB的全數量轉移至保有代額 數C A時,使用代額數C B則成爲0。利用將使用代額數 C B設定爲0 ’利用者係從受理部562(讀取器)使遊戲卡排 出而使遊戲結束。 如以上說明’於本實施形態中,因應被輸入至遊戲裝 置2 6的識別資訊p ID_IN是否作爲已認證資訊A而記憶於管 理裝置3 0的管理記憶部3 4 2,決定代額轉移的可否。亦即 ,不需要在遊戲裝置26的第1認證(生物體認證)。所以,不 需要將產生生物體資訊B ID的機器(例如靜脈)個別設置於 複數遊戲裝置26。另一方面,對於爲了利用對於遊戲裝置 26的操作而讓代額轉移被允許來說(對於爲了使識別資訊 P ID_IN作爲已認證資訊a而記憶於管理記憶部342),因爲 利用者必須在管理裝置3 0接受第1認證(生物體認證),儘管 -37- 201113069 是不需要在遊戲裝置26的第1認證之構造,也可充分確保 代額管理的安全性。亦即,依據本實施形態,可使代額管 理之安全性的確保與認證所需之構造及手續的簡潔化兩立 〇 又’以第2系統20爲基礎,利用於遊戲資料D G的管理 之識別資訊P ID,以已認證資訊A與識別資訊U ID_IN建立 關聯而流用於代額轉時的認證(第2認證)。所以,相較於將 與識別資訊P ID不同之識別資訊賦予各利用者而用於第2 認證之狀況’有可減輕管理裝置30的導入(代額轉移的運 用)所需之負荷的優點。當然,識別資訊P ID與遊戲資料 D G—起利用的構造並不是必須。亦即,識別資訊p ID係 可任意選定。 進而’本實施形態之已認證資訊A係除了識別資訊 U ID_IN及識別資訊P ID_IN之外,也包含生物體資訊 B ID_IN ’故可使從管理裝置30發送至第1伺服器裝置12之 要求(圖9的步驟S C42之提領要求及步驟S C46之存入要求 )包含識別資訊U ID_IN與生物體資訊B ID_IN。另一方面 ,因爲對於在代幣處理裝置16之代幣的支付及存入需要生 物體認證’故於從代幣處理裝置1 6發送至第1伺服器裝置 12之要求(圖3的步驟S A16之提領要求及步驟S A19之存入 要求)也包含識別資訊U ID_IN與生物體資訊B ID_IN。亦 即,因爲來自管理裝置30的要求及來自代幣處理裝置16的 要求任一皆包含識別資訊U ID_IN與生物體資訊B ID_IN, 故針對來自管理裝置30的要求與來自代幣處理裝置16的要 -38- 201113069 求,可使在第1伺服器裝置1 2的處理共通化。所以,例如 有可不改變第1伺服器裝置12的處理,而將管理裝置30導 入第1系統10存在的環境(可統合第2系統20)之優點。尤其 ,在管理裝置30介由通訊網18而連接於第1伺服器裝置12 的構造,第1伺服器裝置12係可等價處理管理裝置30與代 幣處理裝置16。 < B :第2實施形態> 接著,針對本發明的第2實施形態加以說明。再者, 於以下例示之各樣態中針對作用或功能與第1實施形態相 同之要素,附加與以上相同之符號而適切省略個別詳細說 明。 圖1 〇係第2實施形態之已認證資訊A的模式圖。如圖1 〇 所示,已認證資訊A係除了識別資訊P ID_IN與識別資訊 U ID_IN與生物體資訊B ID_IN之外,也包含認證時刻T A 而構成。認證時刻T A係指定第1認證及第2認證結束之時 刻(產生已認證資訊A的時刻)的資訊。 圖11係管理裝置30的動作之一部份(圖7的步驟S C20 之後的部份)的流程圖。如圖1 1所示,從第1伺服器裝置1 2 在步驟S C21接收之第1認證結果是肯定時(S C22 : YES) ’ 管理裝置30的管理部324係從計算時刻之計時電路(省略圖 示)取得現在時間點的時刻(認證時刻)T A( S C24)。管ϋ $ 3 24係產生將在步驟S C24取得之認證時刻Τ Α與識別資訊 P ID_IN和識別資訊U ID_IN和生物體資訊B ID_IN建立關 -39 - 201113069 聯的已認證資訊A,並儲存於管理記億部342 ( S C25)。 管理部324係從管理記憶部342消除記憶於管理記憶部 3 42之複數已認證資訊A中從認證時刻T A經過所定時間 T 0的已認證資訊A。亦即,相對於在第1實施形態中將管 理記億部342之所有已認證資訊A於所定時刻一起消除,於 第2實施形態中,係依每一已認證資訊A設定以認證時刻 T A作爲起始點而涵蓋時間T 0的有效期限,以有效期限的 期滿作爲契機來個別消除各已認證資訊A。再者,有效期 限的時間T 0係可依每一已認證資訊A設定爲可變。 在以所定時刻的到來作爲契機而消除各已認證資訊A 的第1實施形態,因爲管理裝置30所致之第1認證及第2認 證的時刻越早則到已認證資訊A的消除爲止之時間越長, 例如會提升遺失遊戲卡而被他人利用之可能性(亦即,難 以確保代額管理的安全性)。另一方面,在第2實施形態, 因爲從認證時刻T A開始,所定時間T 0作爲有效期限而依 每一已認證資訊A個別設定,故有無關於認證時刻T A的 先後,皆可充分確保代額管理的安全性之優點。當然,依 據在所定時刻消除已認證資訊A之第1實施形態,因爲不需 要每一已認證資訊A之有效期限的管理,故有管理部324所 致之處理的負荷相較於第2實施形態較爲減輕之優點。又 ,於第1實施形態中不需要使已認證資訊A包含認證時刻 TA,故也有可減少已認證資訊A的資料量(進而可減少管 理記憶部342所需之容量)之優點。 再者,依每一已認證資訊A以有效期限的期滿作爲契 -40- 201113069 機來消除已認證資訊A的方法並不限定於以上例示。例如 ,也可採用在第1認證及第2認證的結束後,使已認證資訊 A包含所定計數値T B而儲存於管理記憶部3 42之同時,依 序使計數値T B減少,從管理記憶部3 42消除計數値T B到 達所定下限値(例如〇)之已認證資訊A的構造。依據以上構 造,有可因應計數値T B,依每一已認證資訊a個別設定已 認證資訊A的有效期限之優點。 < C :第3實施形態> 圖12係管理裝置30及第1伺服器裝置12的動作之一部 份(圖7的步驟SC20之後的部份)的流程圖。如圖12所示, 因應來自管理裝置30的第1認證要求(S C20,S B23)而執 行第1認證時(S B24),第1伺服器裝置12係產生特定資訊 a ( S B2 6)。特定資訊α係依每一第1認證個別設定之符號 。作爲特定資訊α,例如適合採用每一第1認證而變化之 一次性密碼。第1伺服器裝置12係將對應第1認證要求內之 識別資訊U ID_IN的保有代額數CA與特定資訊〇:建立對應 並加以記億(S B27)。進而’第1伺服器裝置12係將使特定 資訊α包含第1認證結果並發送至管理裝置30(S B28)。 從第1伺服器裝置1 2在步驟S C2 1接收之第1認證結果 是肯定時(S C22 : YES),管理裝置30的管理部3 24係如圖 1 3所示,產生將包含於第1認證結果之特定資訊α與識別 資訊P ID_IN和識別資訊U ID_IN建立關聯的已認證資訊a 並儲存於管理記憶部342( S C26) »亦即,已認證資訊a並 -41 - 201113069 不包含生物體資訊B ID_IN。 從遊戲裝置26指示代額轉移時,管理裝置30的管理部 324係使提領要求及存入要求包含特定資訊α,來代替在 第1實施形態的生物體資訊B ID_IN,並發送至第1伺服器 裝置〗2。例如,被指示代額的提領時,管理部3 24係從管 理記憶部3 42檢索對應識別資訊P ID_IN之識別資訊 UID_IN與特定資訊α (圖9的步驟SC41),並將包含識別 資訊U ID_IN與特定資訊α與提領數N OUT的提領要求, 發送至第1伺服器裝置12(S C42)。第1伺服器裝置12係從201113069 VI. Description of the Invention: [Technical Field of the Invention] The present invention relates to a technique for managing a quota used in a game device. [Prior Art] From the previous proposal, there is a total amount of the amount of the share held by the user (preserving generation) A number of data bases that correspond to the user's identification information and are memorized, and are used in the management of the game device's proxy. For example, Patent Document 1 discloses a technique for transmitting identification information from a user's ic card to a game device, and storing the number of credits stored in the database in response to the identification information, and increasing or decreasing in response to an instruction from the user. [PRIOR ART DOCUMENT] [Patent Document 1] [Patent Document 1] Japanese Laid-Open Patent Publication No. Hei. No. Hei. By transmitting the identification information to the game device and allowing the increase or decrease of the number of shares to be retained, it is difficult to sufficiently ensure the security of the charge management. For example, if the third party of the 1C card of another person causes the game device to read the identification information of the 1C card, the game can be executed using the retained number of the regular user. Although it is also intended to implement a configuration that uses biometric information authentication at the time of execution of the game, it is necessary to separately set up a machine (for example, a fingerprint sensor or a vein sensor) that acquires biological information in a plurality of game devices. Therefore, it is not practical from the point of view of cost. In addition, every increase or decrease in the amount of money (storing or withdrawal) requires complicated work for biometric authentication (for example, the action of lifting the hand to the venous sensor), so it may damage the user. The issue of convenience. In view of the above, the objective is to achieve the simplification of the structure and procedures required for ensuring the safety of the micro-management management and the certification. [Means for Solving the Problem] The following description is made to solve the above problems. means. In the following, in order to facilitate the understanding of the present invention, the reference numerals in the drawings are attached to the parentheses in the following, but the present invention is not limited to the form shown in the drawings. The management system (100) of the present invention includes a management device (30) and a plurality of game devices (26), wherein the management device (30) includes a receiving unit (3 62) that receives the first identification information ( U ID_IN); the generating unit (3 64) generates biometric information (B ID_IN) indicating the biometric characteristics of the user; the first authenticating unit (321) 'obtains the first identifying information (u ID_IN) and the creature The result of the first authentication of the body information (B ID_IN); the acquisition unit (3 66) acquires the second identification information (p ID_IN, r ID); and the second authentication unit (3 22) acquires the second identification information (ρ ϊ D _ 〗 〖, R 1D) The result of the second authentication; and the management unit (3 24), when the result of both the first authentication and the second authentication is affirmative, the first identification information (U ID_IN) ) is associated with the second identification information (P ID_IN, R ID), and is recorded as the authenticated information (A) in the management memory unit (342); the plurality of game devices (26) are provided separately: the storage unit (542) , 201113069 is the number of first generations (c B) that are increased or decreased because of the consumption or acquisition of the denomination of the game device (26); In the department (562), the identification information for identification (P ID_IN 'R ID) is obtained, and the photographing unit (62) is responsible for the identification information (P ID_IN, R ID). Whether the second identification information (P ID_IN 'R ID) is stored in the management memory unit (3 42) as the authenticated information (A); and the permission unit (64) 'allows the memory to be stored when the result of the note is affirmative The first generation amount (CB) of the part (542) and the second generation amount (CA) of the memory device (I4) corresponding to the first identification information (UID) and the other party's quota for the other party Transfer. In the above configuration, whether or not the identification information (?1〇_1>^, rule 10) obtained by the terminal side acquisition unit (56) of the game device (26) is stored as management information (A) is managed. The management memory unit (342) of the device (30) determines whether or not the transfer of the code is possible. Therefore, it is not necessary to implement the first authentication using the biological information (B ID_IN) in the game device (26). On the other hand, for allowing the transfer of the game device (26), it is necessary to associate the second identification information (P ID_IN, R ID) with the first identification information (U ID_IN) and memorize it in the management memory. For the department (3 42), since the first authentication (biometric authentication) of the management device (30) is required, the security of the generation management can be ensured. That is, the security of the generative management can be clarified with the simplification of the structure and procedures required for the certification. The so-called "substitute" is the number (virginity) of the price (virtual currency) used (consumed or endowed) in the game. Typically, it has a number equivalent to the exchange price of the entertainment media (game price). For example, by the input of the entertainment media or the acquisition of events in the game, the amount of the increase is increased by the amount of the consumption of the game or the entertainment media at the beginning of the game opening 201113069 or the use of events in the game. . The so-called "game media" includes the commemoration of all the elements of the game. Specifically, the media that the user needs to participate in the game and the media that is given to the user as a result of the game is equivalent to the entertainment media. For example, tangibles such as tokens (coins) or chips (token coins) or coins or tickets should be used in the entertainment media. The receiving unit (3 62) includes all means for acquiring the first identification information (1:1〇_1>〇. For example, the recording medium that records the first identification information (U ID_IN) electrically or magnetically reads the first A reader for identifying information (U ID_IN), a reader for optically reading the first identification information (U ID_IN) printed on the reading surface, and an input for inputting the first identification information (U ID_IN) by the user. The machine is included in the reception unit (3 62). A typical example of the second identification information (P ID_IN, R ID) is identification information directly received from the user (for example, an archive material suitable for the game device (26)). The identification information (P ID_IN) of the game card used for the identification and the identification information (P ID) managed corresponding to the identification information (P ID_IN) accepted by the user. That is, the "acquisition part" of the present invention is In addition to the accepting unit (366) that receives the second identification information (P ID_IN) from the user, the second identification information (P ID) corresponding to the identification information (P ID_IN) received from the user is included ( For example, obtaining the second identification from the corresponding server device that manages both The acknowledgment of the element of the (PID). "The receiving unit (3 66) that accepts the second identification information ( PID_IN, RID)" includes all means for accepting the second identification information (P ID_IN, R ID). For example, in addition to directly inputting the second identification information (P ID_IN, R ID) elements (for example, input machine or reading 201113069), the second identification information (P ID_IN ' that allows the user to select the registration in advance is also included. In addition to the acceptance unit (562) that accepts the identification information (p ID_IN) for confirmation from the user, the identification of the user is accepted. The element of the confirmation identification information (p id) corresponding to the information (P ID_IN) (for example, the element for obtaining the confirmation identification information (p ID) from the server device that manages both) is obtained. The first authentication unit (32 1 ) that is the result of the authentication includes the means for obtaining the result of the first authentication performed externally, and the means for obtaining the result by executing the first authentication by itself. The second authentication unit ( 3 22) Same as 'Do not ask for execution 2 The main body of the certification is the second certification department (322) or other elements. The transfer of the second generation amount (CA) and the first generation amount (CB) from one party to the other party is included in the first generation. The number of shares (CB) for the transfer of the unilateral denomination of the second generation (CA) (storage), the transfer from the second generation (CA) to the unilateral derivative of the first generation (CB) ( Three kinds of patterns of the transfer of the two-way quota between the first generation amount (CB) and the second generation amount (CA). Therefore, the configuration in which the permitting portion (64) allows only the transfer of the unidirectional denomination is also included in the scope of the present invention. Also, the transferred amount of the first generation amount (C B) or the second generation amount (C A) may be all or part of it. In the appropriate aspect of the present invention, the management unit (324) associates the different plural second identification information (P ID_IN, R ID) with the first identification information (U ID_IN) as the authenticated information (A). It is stored in the management memory (342). In the above aspect, since the plural second identification information (PID_IN, RID) is associated with the -9 - 201113069 1 identification information (UID_IN), the user who receives the first authentication in the management device (30) can The game device (26) uses a plurality of second identification information (卩10_by, ruler 10). For example, in the environment in which the second identification information (p ID_IN, R ID) differing depending on the type of each game provided by the game device (26) is given to the user, the user does not need to follow the different types. When the game individually accepts the first authentication, the game can be executed using the second identification information (P ID_IN, R ID) corresponding to the game. In the aspect of the present invention, the plurality of game devices (26) are individually provided with a terminal side authentication unit (524), which is a result of obtaining terminal side authentication using identification information (PID_IN, RID) for confirmation; In the part (62), when the result of the terminal side authentication is affirmative, the note management unit (32) confirms the second identification information (P ID_IN, R ID) that matches the identification information (P ID_IN, R ID) for confirmation. Whether it is stored in the management memory (3 42) as the authenticated information (A). In the above aspect, when the result of the terminal side authentication of the identification information for confirmation (?10_1^[, 1110) acquired by the terminal side acquisition unit (5 62) is affirmative, the execution of the illumination unit (62) is performed. According to the note, the structure of the photo session (62) is used to reduce the suitability of the identification information (P ID_IN, R ID) (the result of the terminal side authentication). The advantage of the load handled by the department (3 24). Further, in the appropriate aspect, the plurality of game devices (26) are provided with a password accepting unit (564), which is an input of a password (P WD_IN), and a terminal authentication unit (5 24) for identifying the use confirmation. The result of terminal side authentication of information (P ID_IN, R ID) and password (P WD_IN). According to the above aspect, since the terminal side authentication requires a password (P WD_IN) ', it is possible to prevent the third party who knows the identification information - (P ID_IN, R ID) - (for example, identification of the record confirmation) The advantage of the transfer of the amount of information caused by the information (P ID — in 'R ID). The password (p WD_IN) is, for example, an arrangement of characters or numbers. Further, the 'terminal-side authentication unit (52 4) is the same as the first authentication unit (3 21) and the second authentication unit (32 2), and includes means for obtaining the result of terminal-side authentication performed externally' Both the means of performing the terminal side authentication by itself and the means of obtaining the result are mourning. In the case of the present invention, the management device is provided with a password accepting unit (36) for inputting a password (pwD_IN), and a second authentication unit (32) for obtaining and utilizing The result of the second authentication of the second identification information (p id_IN, R ID) and the password (P WD_IN). In the above aspect, since the password (p WD_IN) is required for the second authentication of the management device (30), the second authentication information (P ID_IN, R ID) is used for the second authentication. Can improve the authenticity of certification. In the appropriate aspect of the present invention, the management unit (32) sets the authenticated information (A) of the management memory unit (342) to be invalid by the establishment of the predetermined condition. In the above situation, the certification information (A) is invalid because of the establishment of the specified conditions, so the security of the generation management can be improved compared to the structure in which the certified information (A) is maintained to be effective for a long period of time. Sex. For example, if the authentication information (A) is invalidated because the predetermined condition is satisfied, it is possible to prevent the third party who knows the second identification information (P ID_IN, R ID) from performing the transfer of the amount (pretending to be a regular user). Furthermore, the so-called "invalidated authentication information" is set to a state in which the authenticated information (A) cannot be referred to. For example, -11 - 201113069 of the certified information (A) eliminates the typical example of invalidation of the authenticated information (A), but the specific processing for invalidating the authenticated information (A) is arbitrary. For example, the process of changing the flag attached to the authenticated information (A) from valid to invalid is also included in the invalidation of the authenticated information (A). Of course, the structure for eliminating the authenticated information (A) is particularly suitable from the viewpoint of reducing the load of the processing (e.g., setting of the flag) by the management unit (32). In addition, the condition for causing the authentication information (A) to be invalidated is arbitrary. However, for example, the management unit (3 24) may set the authenticated information (A) as a trigger for the arrival of the predetermined time. An invalid structure or a structure in which the authenticated information (A) is invalidated by the expiration of the valid period set for each authenticated information (A). According to the structure of the former, compared with the structure of the latter, there is an advantage that the load of the management unit (32) can be reduced. On the other hand, according to the latter structure, since the valid period is set according to each authenticated information (A), for example, regardless of the generation time of the authenticated information (A), the authenticated information (A) can be set to cover the specified time. effective. In a suitable aspect of the present invention, the plurality of game devices (26) are individually provided with an operation unit (58) including a quota indicating a second generation amount (CB) for the second generation amount (CA). The deposit operation unit (582) for transferring (storing) and the withdrawal operation unit (584) indicating at least the transfer (retraction) of the second generation amount (CA) for the first generation amount (CB) The operation unit (58) is operable when the permission unit (6 4) allows the transfer of the denomination. In the above aspect, since the operation unit (58) becomes operable when the transfer of the code is permitted, when the permission unit (64) does not allow the transfer of the code, it is not necessary to accept the operation from the user. deal with. Therefore, there is an advantage that the processing device (26) can reduce the negative load of -12-201113069. In addition, as a method of controlling the operation of the operation unit, a method of controlling the validity/invalidation of the operation of the operation unit and a structure for accepting the operation in the display device with the touch panel function can be exemplified. A method of controlling the display (valid)/non-display (invalid) of the operation unit on the screen. In a suitable aspect of the present invention, the management unit (324) causes the authenticated information (A) to include the biometric information (B ID_IN, B ID) and is stored in the management storage unit (3 42), and in the slave game device ( 26) When the transfer of the indicated quota is performed, the management unit (18) that manages and stores the first identification information (U ID) and the biological information (B ID) and the second generation amount (CA) is remembered. The server device (12) transmits the first identification information (U ID_IN) and the biometric information (B ID_IN, B ID) of the authenticated information (A). In the above aspect, since the first identification information (U ID_IN) and the biometric information (BID_IN, BID) are transmitted from the management device (30) to the server device (12) when the transfer of the indicated quota is performed, At the time of transfer of the proxy, the authentication by the first identification information (U ID_IN) and the biometric information (B ID_IN, B ID) can be performed in the server device (12). Therefore, the security of the generation management can be improved as compared with the structure in which the first identification information (UID_IN) is transmitted from the management device (30) to the server device (12) and the transfer amount is transferred. Further, since the management unit (32) transmits the first identification information (U ID_IN) and the biometric information (B ID_IN, B ID) to the server device (12), for example, the first identification information (U can be utilized). ID_IN) Processing of the server device (12) associated with the authentication of the game information (e.g., token) and the device (e.g., the token processing device (16)), which is the authentication of the biometric information (BID_IN). It is common to the processing of -13-201113069 for the server device (12) of the management device (30). Therefore, there is an advantage that the management device (30) can be easily imported into the server device (12) to manage the system. In other aspects, the management department (3 24) causes the authenticated information (A) to contain the specific information (α) and the billions in the management unit (3 42), and is instructed from the game device (26). When the transfer of the code is performed, the server device (14) that manages and memorizes the first identification information (U ID) and the specific information (α) and the second generation amount (C Α) is stored (12). ), transmitting the first identification information (U ID_IN) of the authenticated information (Α) and the specific information (α). In the above aspect, since the first identification information (U ID_IN) and the specific information (α) are transmitted from the management device (30) to the server device (12) when the transfer of the indicated quota is performed, the quota is At the time of the transfer, the authentication using the first identification information (U ID_IN) and the specific information (α) can be performed in the server device (12). Therefore, the security of the generation management can be improved as compared with the configuration in which the first identification information (U ID_IN) is transmitted from the management device (30) to the server device (12) and the transfer amount is transferred. A typical example of a particular message (α) is a one-time password used in any method. Furthermore, the main system for generating specific information (α) is arbitrary. For example, the specific information (α) generated by the server device (12) may be notified to the management unit (324) and included in the structure of the authenticated information (Α), and the specific information (α) generated by the management unit (32). The server device (12) is notified of the structure stored in the memory device (14) together with the first identification information (U ID) and the second generation amount (CA). The present invention can also be specified as a game device (26) for use in the above-described management system (100). The game device (26) of the present invention is provided with a result of the first authentication using the first identification information (U ID_IN) and the biological information (B ID_IN) input to the management device (30), and the benefit-14 - 201113069 When the result of the second authentication of the second identification information (p ID_IN, R ID) obtained by the management device (30) is affirmative, the first identification information (UID_IN) and the second identification information (P ID_IN, R ID) a game device (26) that communicates with the management device (30) of the management unit (32) of the management memory unit (3), which is associated with the authenticated information (A), and is characterized in that: a storage unit is provided (542), the first generation amount (CB) which is increased or decreased by the consumption or acquisition of the game device (26); the terminal side acquisition unit (562) acquires the identification information for confirmation (P ID_IN) , R ID); note department (62), the management department (324) 'confirm whether the second identification information (P ID_IN, R ID) consistent with the identification information for identification (p ID_IN, R ID) is used as the authenticated information (A) is stored in the management memory (342); and the permission (64), the result of the note is affirmative 'The first generation number (CB) allowed to be stored in the storage unit (5 4 2 ) and the second generation amount (CA) corresponding to the first identification information (U ID) and the second generation amount (CA) of the memory device (14) The transfer of one party's share of the other party. The same effect as the management system (1) of the present invention can also be achieved in accordance with the above game device (26)'. Further, the present invention can also be specified as a management device (30) used in the above-described management system (1). The management device (30) of the present invention is characterized in that the receiving unit (362) receives the first identification information (U ID_IN), and the generating unit (364) generates biological information indicating the biometric characteristics of the user. (B ID-IN); the first authentication unit (321) obtains the result of the first authentication using the first identification information (U ID_IN) and the biometric information (B ID_IN); the acquisition unit (366) 'obtains the first 2 Identification information (P ID_IN, R ID): The second authentication unit (3 22) 'is the result of obtaining the second authentication using the second identification information (P ID_IN, -15-201113069 R ID); and the management unit (3) 24) When the result of both the first authentication and the second authentication is affirmative, the first identification information (U ID_IN) is associated with the second identification information (P ID_IN, R ID), and is used as the authenticated information (A) And stored in the management memory unit (342); the management unit (3 2 4) is consistent with the second identification information (P ID_IN, R ID) of the identification information (P ID_IN, R ID) for confirmation as the authenticated information (A), as a result of the determination of the management memory unit (3 42), notifying the game device (26), when the result of the determination is affirmative And a game device (26) for storing a storage unit (542) of the first generation amount (CB) which is increased or decreased by consumption or acquisition of the game device (26), and the first identification information ( U ID) establishes a correspondence between the memory devices (14) that memorize the second generation number (CA), and the first generation amount (CB) and the second number of the mediators in response to the transfer of the tokens sent from the game device (26) The transfer of the number of shares (CA) from one party to the other. According to the above management device (30), the same effects as the management system (100) of the present invention can be achieved. Furthermore, the present invention can also be specified as a program that causes a computer to function as a game device (26) and a management device (30). The program according to the first aspect of the present invention is provided with the result of the first authentication using the first identification information (U ID_IN) and the biological information (B ID_IN) input to the management device (30), and the use management. When the result of the second authentication of the second identification information (P ID_IN, R ID) obtained by the device (30) is affirmative, the first identification information (UID_IN) is associated with the second identification information (P ID_IN, R ID). A computer that communicates with the management device (30) of the management unit (32) of the management memory unit (3) as the authenticated information (A) functions as a game device (26), and is characterized in that the computer is - 16-201113069 Acts as a component: the storage unit (542) stores the first generation amount (CB) which is increased or decreased because of the consumption or acquisition of the game device (26); the terminal side acquisition unit ( 5 62), the identification information (P ID_IN, R ID) for confirmation is obtained, and the photographing department (62) and the photograph management unit (3 24) confirm the matching identification information (P ID — IN, R ID). Whether the second identification information (P ID_IN, R ID) is stored in the management memory as the authenticated information (A) (3) 42); and the permission unit (64), when the result of the note is affirmative, allows the first generation number (CB) of the storage unit (542) to be associated with the first identification information (U ID) and memorize The transfer of the second generation amount (CA) of the memory device (14) from one party to the other. According to the above program, the same effects as those of the game device (26) of the present invention can be achieved. Further, in the program according to the second aspect of the present invention, the computer functions as the following means: the receiving unit (3 62) receives the first identification information (U ID_IN), and the generating unit (3 64) generates and indicates the use. Biometric information of biometric features (B ID_IN) • The first authentication unit (321) obtains the result of the first authentication using the first identification information (U ID_IN) and the biometric information (b ID_IN); The part (3 66) 'obtains the second identification information (P ID_IN, R ID); the second authentication unit (32 2)' obtains the result of the second authentication using the second identification information (P ID_IN, R ID); And the management unit (3 24) associates the first identification information (UID_IN) with the second identification information (P ID_IN, R ID) when the results of both the first authentication and the second authentication are positive, and The authentication information (A) is stored in the management memory unit (342); and the management unit (32) is the second identification information (P ID_IN 'R) that matches the identification information (P ID_IN, R ID) for confirmation. ID) is the result of the judgment of the management information (A) and the memory of the management record -17- 201113069 When the game device (26) is affirmative, the game device (26) has a storage unit (5 42) that stores the first generation amount (CB) which is increased or decreased by the consumption or acquisition of the game device (26). The game device (26) and the counter device (14) that stores the second generation amount (CA) in association with the first identification information (U ID), in response to the token sent from the game device (26) The transfer request, the transfer of the first generation amount (CB) and the second generation amount (CA) of the intermediary from one party to the other party's quota. According to the above program, the same effects as the management device (30) of the present invention can be achieved. The programs of the above-described various aspects are installed in the form of a computer-readable recording medium and are provided to the user, and can be installed in the form of a communication network. Provided and installed on a computer. [Embodiment] < A: First embodiment><A-1: Structure of First Embodiment> Fig. 1 is a block diagram of a management system 100 according to the first embodiment of the present invention. The management system 100 is, for example, a computer network system built in a game facility such as a game center. As shown in Fig. 1, the management system 100 includes the first system 10, the second system 20, and the management device 30. The first system 1 is a system used for the management (storing and withdrawal) of the tokens of the game. The user who wants to use the management of the token due to the first system 10 must register in advance (hereinafter referred to as "first registration"). The identification information U ID (user ID) is given to the user who accepts the first registration. Identification information -18- 201113069 U ID is, for example, a portable recording medium (hereinafter referred to as a "management card") that is stored in a 1C card or the like that is distributed to the user. As shown in Fig. 1, the first system 10 includes a first server device 12, a memory device 14, and a token processing device 16. The first server device 12 and the token processing device 16 communicate with each other via the communication network 18. The communication network 18 is, for example, a LAN (local area network) built in the amusement facility. However, a portion of the first system 10 can be placed outside of the amusement facility. A portion of the first system 10 is disposed outside of the amusement facility, and a portion of the communication network 18 is implemented, for example, by a wide area network (WAN) or a virtual private network (VPN). The memory device 14 records the database of R1 for each first registration setting. As shown in FIG. 2, each record R 1 includes the identification information U ID of the user who receives the third registration (the identification information u ID stored in the regular management card) and the biological information BID' and the retained amount of the user. The total amount (hereinafter referred to as "holding the number of shares") CA is formed. The biological information B ID is information indicating the biometric characteristics of the user. Specifically, the biometric information B ID indicating the vein pattern of the hand (palm and finger) is memorized in the memory device 4. Further, a configuration in which the biometric information b ID and the retained credit number C A are stored in the individual memory devices is also used in association with the identification information U ID. The first server device 12 performs management (reading and writing) of the data stored in the memory device 14. Further, the first server device 12 and the memory device shown as elements of the individual object in FIG. 14 can also be constructed as an integrated device. The token processing device 16 of Fig. 1 is a terminal device that is operated by a user for depositing and paying a token, and includes a control unit 162 and a receiving unit 164 and a -19-201113069 generating unit 166. Further, the construction of the deposit and payment of the token may be performed by an individual device. The control unit 162 executes various processes required for depositing and paying tokens. The accepting unit 164 accepts the input of the identification information U ID_IN by the user. As the accepting unit 1 64, for example, a known reader that reads the identification information U ID stored in the management card as the identification information U ID_IN can be used. The identification information U ID_IN input by the user who normally accepts the first registration is the identification information U ID that is stored in the memory device 14. The generating unit 1 66 generates biometric information B ID_IN indicating the biometric characteristics of the user. As the generating unit 1 66, for example, a well-known vein sensor that detects the vein pattern of the user's hand (palm and finger) and generates the biological information B ID_IN can be used. The biometric information B ID_IN of the user who has received the first registration is consistent with the biometric information B ID of the memory device 14. FIG. 3 is a flow of the action of depositing and paying the token of the token processing device 16 Figure. The processing of Fig. 3 is started with the operation of the token processing device 16 as an opportunity. It is desirable that the user who deposits or pays the token due to the token processing device 16 inputs the identification information U ID_IN to the receiving unit 164 (SA 10), and causes the generating unit 166 to generate the biometric information B ID_IN (S Al 1). The control unit 162 transmits the authentication request including the identification information U ID_IN and the biometric information B ID_IN input by the user to the first server device 12 (S A12). When the authentication request is accepted (S B 1 0), the first server device 1 2 performs authentication (biometric authentication) (S Bl 1) using the identification information U ID_IN and the biometric information B ID_IN included in the authentication request. Specifically, the first servo -20-201113069 device 1 2 determines whether the combination of the identification information U ID_IN and the biological information B ID_IN is stored in the memory device 14 (the identification information U ID and the conforming organism conforming to the identification information U ID_IN) Whether the biometric information B ID of the information B ID_IN is associated with one record R 1 and stored in the memory device 1 4). The first servo device 1 2 transmits the authentication result to the token processing device 16 (S B 1 2). The control unit 162 of the token processing device 16 receives the authentication result (S A13). The control unit 1 62 terminates the processing when the authentication result is negative, notifies the user of the failure of the authentication, and allows the payment and deposit of the token when the authentication result is affirmative (SA14: YES). For example, when the user specifies the desired number of pieces (hereinafter referred to as "the number of withdrawals") N OUT and requests the payment of the token (S A15), the control unit 162 will include the identification information U ID_IN and the biological information B ID_IN. The request for withdrawal with the number N OUT is sent to the first server device 12 (S A16). When receiving the request for withdrawal (S B13), the first server device 12 stores the number of retained credits CA stored in the memory device 14 from the corresponding identification information U ID_IN, minus the number of withdrawals NOUT (SB14), and represents the representative generation. The notification of the completion of the update of the number CA is sent to the token processing device 16 (S B15). The control unit 162 that receives the offer notification pays the token corresponding to the number of withdrawals NOUT from the payer (the bucket) (SA17). On the other hand, when the user inputs the token to the input port (not shown) of the token processing device 16 and instructs the deposit of the token, the counter (not shown) calculates the token that is put into the input port. The number of pieces (hereinafter referred to as "storage number") N IN (S A18). The control unit 162 transmits the storage request including the identification information U ID_IN and the biometric information B ID_IN and the deposit number N IN to the first server device 12 (S A19). The first server device 21 - 201113069 12 (S B16) that receives the deposit request is added to the corresponding identification information U ID_IN and stored in the memory device 14 with the reserved credit number CA (SB 17) The deposit notification indicating the end of the update of the retained credit number CA is sent to the token processing device 16 (S B18). The control unit 162 receives the deposit notification (S A20). The order of payment and deposit of the tokens using the first system is as described above. The second system 20 of Fig. 1 is a system for a user to execute a game, and includes a second server device 22, a memory device 24, and a plurality of game devices 26. The plurality of game devices 26 include two or more types of game devices 26 that provide different games. The second server device 22 and the game devices 26 communicate with each other via the communication network 28. The communication network 2 8 is the same as the communication network 18, such as a LAN built in a game facility. However, a portion of the second system 20 can be placed external to the amusement facility. In a configuration in which a portion of the second system 20 is disposed outside of the amusement facility, a portion of the communication network 28 is implemented, for example, using a WAN or VPN of the Internet. In the communication path between the communication network 18 and the communication network 28, communication devices such as gateways and routers are appropriately arranged. The user who wants to use the second system 20 (each game device 26) can receive registration in advance (hereinafter referred to as "second registration"). The identification information P ID (player ID) is given to the user who accepts the second registration. The identification information P ID is, for example, a portable recording medium (hereinafter referred to as "game card") that is stored in a 1C card or the like that is distributed to the user. The Billion Device 24 records the R2 database for each second registration setting. As shown in FIG. 4, each record R2 includes identification information P ID (recognition information P ID memorized in a regular game card) and password P WD of the user who receives the second registration, and game data of the user (archive data) ) DG is formed.游 -22- 201113069 The drama data D is composed of various information related to the game, such as the state of the game performed by the user in the past. Further, a configuration in which the game material D G is stored in a memory device different from the memory device 24 of the memory identification information p ID and the password P WD is also employed. The second server device 22 performs management (reading and writing) of the data stored in the memory device 24. Further, the second server device 22 and the memory device 24 shown as elements of the individual objects in Fig. 1 may be configured as an integrated device. FIG. 5 is a block diagram of the management device 30 and the game device 26. In Fig. 5, only one game device 26 is representatively illustrated, but other game devices 26 have the same configuration. Further, the communication network 28 between the management device 30 and each of the game devices 26 is omitted in FIG. 5. The game device 26 includes the arithmetic processing device (CPU) 52, the memory device 54, and the input receiving unit 56 and the operation unit 58. The computer system that constitutes it. The arithmetic processing unit 52 realizes a plurality of functions (the game processing unit 522, the terminal side authentication unit 524, the illuminating unit 62, the permission unit 64, and the control unit 66) by executing the program stored in the memory device 54. The input accepting unit 56 accepts an element input from the user, and includes an accepting unit 562 and an accepting unit 564. The receiving unit 562 accepts the input of the identification information P ID_IN by the user. As the accepting unit 562, for example, a known reader that reads the identification information P ID stored in the game card as the identification information P ID-IN can be used. The accepting unit 5 64 accepts the input of the password P W D — IN by the user. For example, the receiving unit 564 is constituted by a plurality of operators (keyboards) operated by the user. Further, as the accepting unit 564, an operation unit (-23-201113069 keyboard) displayed by a display device with a touch panel function can also be used. The user who wants to execute the game data D G must accept the terminal side authentication using the identification information P ID_IN and the password p WD_IN. The terminal side authentication is a determination as to whether or not the user accepts the second registration. That is, the terminal side authentication is equivalent to determining whether the combination of the identification information P ID_IN and the password P WD_IN is stored in the memory device 24 (whether the identification information P ID matching the identification information P ID_IN and the password P WD matching the password P WD_IN are in one The process of establishing a correspondence in R2 and storing it in the memory device 24) is recorded. The terminal side authentication unit 524 of FIG. 5 acquires the result of the terminal side authentication. When the result of the terminal side authentication is affirmative (when the terminal side authentication is successful), the game data DG corresponding to the identification information P ID_IN and the password P WD_IN stored in the plurality of game materials DG of the memory device 24 is transmitted from the second server device 22. To the game device 26. The game processing unit 5 22 applies the game data D G acquired from the memory device 24, and executes various game processes (processing for causing the user to execute the game). Therefore, the user can start the game again from the situation when he or she executed the game in the past. The memory device 54 is a program executed by the memory arithmetic processing unit 52 and various materials. Specifically, a memory area (hereinafter referred to as "storage unit") 542 that stores the used credit number C B is set by the memory device 54. The use of the number of credits C B represents the number of generations of the game starting and performing with the game device 26 (e.g., the occurrence of an event). For example, if the fixed amount required for the start of the game is consumed, the amount of used C B will be reduced, and when the game is performed (for example, the event is reached), the number of used C B will increase. As the memory device 54, a known recording medium (or a combination of plural kinds of recording media) such as a semiconductor recording medium or a magnetic recording medium 24-201113069 can be arbitrarily used. The user can increase the usage credit CB by using the input to the token of the game device 26. Further, the user who has received both the first registration and the second registration is transferred between the number of retained credits CA managed by the first system 1 and the used credit CB of the storage unit 542 stored in the game device 26 Amount (hereinafter referred to as "sub-transfer"). In the transfer of the amount of money, the transfer of the game from the holding amount CA to the use of the number of CBs to utilize the game (the withdrawal) of the game in the game device 26 occurs with the acquisition of the token or the acquisition in the game. The denomination 'transfers from the use of the number of shares CB to the process of retaining the number of shares CA (storing). That is, the user can perform the transfer of the amount without processing the actual token. The management device 30 of Fig. 1 authenticates (I personally authenticate) whether or not the user who wishes to transfer the transfer is the one who accepts the first registration and the second registration, and then manages the transfer of the tokens in each game device 26. In other words, the management device 30 realizes the integration of the first system 1 that manages the number of retained credits C A with the second system 2 that manages the game devices 26 that use the used credits c b . As shown in Fig. 1, the management device 3 is installed in the amusement facility and connects the first system 10 and the second system. Specifically, the management device 3 communicates with the first server device 12 by connecting the first server device 丨2 of the first system 1 via the dedicated line ‘. Further, the management device 3 is connected to the first server device 12 via the communication network 18. Further, the management device 3 is connected to the communication network 28 of the second system 2, and communicates with the second server device 22 and each of the game devices 26. As shown in Fig. 5, the management device 3 includes a computer system including the arithmetic processing unit 32 and the input/receiving unit 36. The arithmetic processing unit 3 2 realizes the plural function by the execution of the program stored in the memory device 34 (the first authentication unit 321, the second authentication unit 32, and the management unit 34). The memory device 3-4 is a program executed by the memory operation processing device 32 and various materials. As the memory device 34, a known recording medium (or a combination of a plurality of types of recording media) such as a semiconductor recording medium or a magnetic recording medium can be used arbitrarily. The input accepting unit 36 accepts elements input from the user, and includes an accepting unit 362, a generating unit 364, and a receiving unit 366 and a receiving unit 368. The accepting unit 362 accepts the input of the identification information U ID_IN by the user. For example, the receiving unit 3 62 is the same as the receiving unit 564, and is configured by a plurality of operators (keyboards) operated by the user. Further, as the accepting unit 362, an operator (keyboard) displayed by a display device with a touch panel function can also be used. The generating unit 3 64 generates biometric information B ID_IN indicating the biometric characteristics of the user. Similarly to the generating unit 166 of the token processing device 16, a vein sensor that generates the biological information B ID_IN by detecting the vein pattern of the hand (palm and finger) is used as the generating unit 364. The accepting unit 3 66 accepts the input of the identification information p ID_IN by the user. Similarly to the receiving unit 562 of the game device 26, the accepting unit 3 66 can be, for example, a reader that reads the identification information P ID of the game card as the identification information p ID_in. The accepting unit 3 68 accepts the input of the password P WD —IN by the user. For example, the receiving unit 368 is configured by a plurality of operators (keyboards) operated by the user, similarly to the receiving unit 5 64. Further, as the processing unit 368, an operator (keyboard) displayed by a display device with a touch panel function can also be used. -26- 201113069 The first authentication unit 321 obtains the result of the authentication (hereinafter referred to as "first authentication") of the biometric information B ID_IN generated by the identification information U ID_IN input to the reception unit 3 62 and the generation unit 364. . The first authentication is a process of determining the presence or absence of the first registration. That is, the first authentication is equivalent to determining whether the combination of the identification information U ID_IN and the biological information B iD_IN is stored in the memory device 14 (the identification information U ID that conforms to the identification information U ID_IN and the biological information that conforms to the biological information B ID_IN) Whether or not the BID is associated with one record R1 and stored in the memory device 14). On the other hand, the second authentication unit 322 obtains the result of the authentication (hereinafter referred to as "second authentication") using the identification information P ID_IN input to the reception unit 3 66 and the password P WD_IN input to the reception unit 366. The second authentication is a process of determining the presence or absence of the second registration. That is, the second authentication is equivalent to determining whether the combination of the identification information P ID_IN and the password P WD_IN is stored in the memory device 24 (whether the identification information P ID matching the identification information P ID_IN and the password P WD matching the password P WD_IN are in one The process of establishing a correspondence in R2 and storing it in the memory device 24) is recorded. The management unit 3 24 generates the authenticated information A when the result of both the first authentication and the second authentication is affirmative (that is, when the user is confirmed to accept the first registration and the second registration), and records the information in the memory device. The predetermined memory area of 34 (hereinafter referred to as "management memory unit") 3 42. As shown in FIG. 5, the authenticated information A is input to the identification information UID_IN (UID) of the receiving unit 362, and the identification information P ID_IN (P ID) input to the receiving unit 3 66, and the generating unit 3 64 The generated biometric information B ID_IN (B ID) is associated with the record (data column). The plurality of authenticated information A corresponding to different users are sequentially generated and stored -27-201113069 in the management memory unit 342. The certified information A of the management memory unit 342 is eliminated as a result of the arrival of the scheduled time. For example, the management unit 3 24 eliminates the plurality of authenticated information A stored in the management unit 342 before the store opening of the amusement facility or after the closing of the store (that is, the authenticated product generated at the time of the recent store opening) Information A). The photographing unit 62 of each game device 26 checks whether or not the first authentication and the second authentication are confirmed for the user who is actually executing the game in the game device 26. Specifically, the photographing unit 62 is the management unit 324 of the photograph management device 30, and whether or not the identification information P ID_IN input to the accepting unit 562 of the game device 26 is the certified information A and is managed by the management memory unit 342 of the management device 30. (That is, whether the first authentication and the second authentication have been confirmed for the user who inputs the identification information P ID_IN to the game device 26). The photograph caused by the photographing unit 62 is executed when the result of the authentication by the terminal side authentication unit 524 is affirmative. The permission unit 64 allows the transfer of the code when the result of the note to the management unit 324 is affirmative, and prohibits the transfer of the code at the timing of the result of the note. The operation unit 58 instructs the direction (storing/removing) and the number of the transfer of the amount in response to the operation from the user. The operation unit 58 of the present embodiment is a display device having a touch panel function, and as shown in Fig. 6(B), an operation screen including the storage operation unit 582 and the extraction operation unit 584 is displayed. The depositing operation unit 5 82 instructs the deposit of the denomination (from the use of the number of credits C B to the transfer of the retained credit number C A ) and the deposit number N IN in response to the operation from the user. The deduction department 5 84 is a deduction for indicating the amount of the denomination from the user's operation (from the retention of the number of C A to the transfer of the number of used C B) and the number of deductions -28-201113069 N OUT. The control unit 66 of Fig. 1 performs the transfer of the code in response to an instruction from the operation unit 58. The acceptance of the operation by the operation unit 58 and the transfer of the amount by the control unit 66 are executed when the permission unit 64 allows the transfer of the code, and is not executed when the permission unit 64 does not allow the transfer of the code. <A-2: Operation of the first embodiment> (1) Operation at the time of authentication Next, the operation of the management system 1 以上 以上 described above will be described. The user who came to the amusement facility moved to the management device 30 to receive the first authentication and the second authentication. Fig. 7 is a flow chart showing the operation of the management system 1 for the first authentication and the second authentication. The processing of Fig. 7 is started with an operation determined by the management device 30. The receiving unit 3 66 of the management device 30 receives the input of the identification information P ID_IN (SC10), and the receiving unit 368 accepts the input of the password PWD_IN (SC11), and the second authentication unit 322 includes the identification information P ID_IN and the password P WD_IN. 2 The authentication request is sent to the second server device 22 (S Cl 2). The second server device 2 2 receives the second authentication request (SD 1 0 ), and determines whether the identification information P ID_1N and the password P WD_IN in the second authentication request are stored in the memory device 24 as the identification information P ID and the password P WD . (2nd certification) (S Dl 1). Then, the second server device 2 2 transmits the result of the second authentication (the second authentication result) to the management device 30 (S D12). When receiving the second authentication result (S C1 3), the second authentication unit 322 determines whether or not the result of the second authentication is affirmative (SC 1 4 ), and when the result is negative, notifies the user of the failure of the second authentication and ends. Processing (omitted from illustration). The other party • 29-201113069, when the result of the second certification is affirmative, the following processing is performed. When the reception unit 362 receives the identification information U ID_IN (S C15), the first authentication unit 32 1 transmits the preliminary authentication request including the identification information U ID_IN to the first server device 12 (SC16). When receiving the preliminary authentication request (SB20), the first server device 1 2 determines whether or not the identification information U ID_IN in the preliminary authentication request is stored in the memory device 14 as the identification information U ID (S B21), and the result of the preliminary authentication is obtained. (Pre-certification result) is transmitted to the management device 30 (S B22). When the preliminary authentication result is received from the first server device 12 (S C17), the first authentication unit 3 2 1 determines whether or not the result of the preliminary authentication is affirmative (SC 1 8 ), and if the result is negative, the preliminary authentication fails. The user is notified to end the process. On the other hand, when the result of the preliminary authentication is affirmative, the first authentication is executed in the following order. When the generating unit 364 generates the biometric information B ID_IN (S C19), the first authenticating unit 321 transmits the first authentication request including the identification information U ID_IN and the biometric information B ID_IN received in step S C15 to the first servo. Device 12 (S C20). Further, it is also possible to adopt a configuration in which the detection method of the vein pattern is selectively applied and the method of generating the biological information B ID_IN is different in any of the plural operation modes. That is, the mode information specifying the action mode actually applied when the biometric information B ID is generated (for example, at the time of the first registration) is stored in the memory device 14 together with the identification information U ID and the biometric information B ID. The preliminary authentication result (S B22) including the mode information is transmitted from the first server device 12 to the management device 30. The generating unit 364 of the management device 30 generates the biological information B ID IN in the operation mode designated by the mode information in the preliminary authentication result. -30- 201113069 The first server device 12 receives the first authentication request (SB23), and determines whether the identification information U ID_IN and the biological information B ID_IN in the first authentication request are the identification information U ID and the biological information B ID. Stored in the memory device 14 (first authentication) (S B24). Then, the first server device 12 transmits the result of the first authentication (the first authentication result) to the management device 30 (S B25). When receiving the first authentication result (S C2 1 ), the first authentication unit 3 2 1 determines whether or not the result of the first authentication is affirmative (S C22), and notifies the user of the failure of the first authentication when the result is negative. End processing. On the other hand, when the result of the first authentication is affirmative, the management unit 32 4 generates the identification information P ID_IN (P ID) input in step S C10 and the identification information U ID_IN (UID) input in step S C15. The biometric information B ID_IN (B ID) generated in step S C19 is associated with the authenticated information A and stored in the management memory unit 342 (S C23). As described above, the authenticated information A stored in the management memory unit 3 42 is eliminated when the predetermined time comes. In addition, when the result of the first authentication is affirmative and there is a residual amount of the retained number CA, the display device displays a structure in which the residual amount of the credit CA is retained. (2) Operation at the time of the game The user who has received the first authentication and the second authentication in the above-described order is moved to the desired game device 26' in the amusement facility in order to maintain the number of credits CA and the number of used credits CB. The inter-subscription transfer ' causes the game device 26 to execute the processes of FIGS. 8 and 9. The processing of Fig. 8 is started in response to the predetermined operation of the game device 26. The receiving unit 562 of the game device 26 receives the input of the identification information P ID_IN - 31 - 201113069 (S E20), and the receiving unit 564 accepts the input of the password p WD_IN (S E21), and the terminal side authentication unit 5 24 includes the identification information p. The terminal side authentication request of ID_in and password P WD_IN is transmitted to the second server device 22 (S E2 2). The second server device 22 receives the terminal side authentication request (S D20), and determines whether or not the identification information P ID_IN and the password P WD_IN in the terminal side authentication request are stored as the identification information P ID and the password P WD of the one record R2. Memory device 24 (S D21). Then, the second server device 22 transmits the result of the terminal side authentication (the terminal side authentication result) to the game device 26 (S D22). When receiving the terminal side authentication result (S E2 3 ), the terminal side authentication unit 524 determines whether the result of the terminal side authentication result is affirmative (S E24), and notifies the user of the failure of the terminal side authentication when the result is negative. End processing. On the other hand, when the result of the authentication on the terminal side is affirmative, the notification unit 62 transmits a notification request for the success of the first authentication and the second authentication by the user in the management device 30 to the management device 30 (S). E25). The identification request includes the identification information P ID_IN input in step S E2 0 . Further, when the result of the terminal side authentication is affirmative, the game device 26 acquires the game material DG from the cell phone device 24 and applies it to the game (not shown). When receiving the photo request (S C30), the management unit 324 sequentially compares the identification information P ID_IN of each authenticated information A of the management memory unit 342 with the identification information P ID_IN (S C31) included in the photo request. It is determined whether the authenticated information A associated with the identification information P ID_IN included in the photo request and the identification information U ID_IN and the biometric information B ID_IN is memorized in the management memory unit 342 (that is, for inputting the identification information P ID_IN to the game device - 32- 201113069 2 The user's first management and the second authentication in the management device 3 are successful (S C32). When the authenticated information including the identification information P ID_IN is stored in the management unit 3 42 (S C32 : YES), the management unit 3 24 will include the identification information U ID_IN and the biological information B ID_IN of the authenticated information A. The remaining amount request (the confirmation request for retaining the number of generations CA) is sent to the first server device 12 (S C33). When receiving the residual amount request (S B30), the first server device 12 searches for the identification information U ID_IN (U ID) and the biological information B ID_IN (B ID) corresponding to the remaining amount request from the memory device 14. The credit number CA (SB31) is held, and the residual amount notification including the retained credit CA is transmitted to the management device 30 (S B32). The residual notification is received by the management unit 3 24 (S C3 4). On the other hand, when the authenticated information A including the identification information P ID_IN is not stored in the management memory unit 342 (S C32 : NO), the processing of steps S C33 and S C34 is not executed. The management unit 324 transmits the result of the photo (whether or not the authenticated information A including the identification information p ID_IN is stored in the management memory unit 342) to the game device 26 (S C3 5). When the result of the note is affirmative (when the authenticated information A including the identification information p id JN is retrieved from the management memory unit 342 in step S C31), the retained credit C of the residual amount notification received at step S C34 is given. a is included in the result of the note. When the photographing unit 62 receives the photographing result (S E26), the permitting unit 64 judges whether or not the photographing result is affirmative (S E27). When the result of the photo is positive (S E27 : YES) 'The deposit for starting the transfer of the amount of money. The button (instruction button or icon) will be displayed on the display screen of the game device -33- 201113069 Becomes an operational (valid) state (S E30). On the other hand, when the result of the photo is negative (S E2 7 : NO) ', the deposit/retract button is not displayed. Therefore, the user cannot indicate the beginning of the transfer of the amount. When the user operates the note that the result of the operation is affirmative and the button is displayed, the permission unit 64 causes the operation unit 58 to display the operation of FIG. 6(A) including the display of the retained credit CA included in the result of the photo. Picture. In the operation screen ’ of Fig. 6(A), the take-out operation unit 584 is displayed (validated) in a state in which the instruction for withdrawal from the user is accepted. On the other hand, the use amount C B is 0 at the initial stage of starting the operation of the game device 26. Therefore, as shown in part (A) of Fig. 6, the operation screen displays 0 as the usage quota CB, and indicates the deposit operation unit from the use of the number of shares CB to the retained share CA. A state that is controlled to be invalid (for example, a state that is not displayed or grayed out and does not accept an operation from a user). When the operation of the withdrawal operation unit 584 is activated as described above, the transfer from the retained credit number c A to the usage credit CB is performed in response to the operation from the user of the withdrawal operation unit 584. The management unit 314 of the management device 30 is required to transfer the transfer amount from the game device 26 between the storage unit 524 that stores the used credit number CB and the memory device 14 that stores the reserved credit CA. Requirement), the intermediary transfers from the holding amount CA to the use of the proxy CB. First, when the withdrawal operation unit 584 accepts the instruction of the withdrawal of the denomination and the designation of the number of withdrawals N OUT (S E31), the control unit 66 includes the identification information p ID_IN input in step S E20 and the step S The withdrawal request of the number of withdrawals designated by E31 is sent to the management device 30 (s E3 2). Furthermore, the method of specifying the number of N OUT is -34- 201113069. For example, an arbitrary number of methods in which the user specifies the number of reserved credits CA as the number of withdrawals N OUT can be employed, and a predetermined number (for example, 100 pieces) of the withdrawal is specified by one operation of the withdrawal operation unit 584. The method of counting N OUT. Further, it is also suitable to limit the total number of withdrawals N OUT in a predetermined period (for example, one day) to a predetermined 値 (upper limit 的). Upon receiving the request for withdrawal (SC 4 0), the management device 30 retrieves, from the management memory unit 342, the identification information U ID_IN and the biological information associated with the authentication information A including the identification information p id_IN included in the request for the withdrawal. B ID_IN( S C41). Then, the management unit 324 transmits the identification information U ID_IN and the biological information B ID_IN searched in the step S C41 and the withdrawal request included in the withdrawal request number N OUT to the first server device 12 (S C42). When receiving the request for withdrawal (S B40), the first server device 12 subtracts the number of retained credits CA stored in the memory device 14 from the identification information U ID_IN and the biological information B ID_IN corresponding to the request for the withdrawal. The requested number of withdrawals NOUT (SB4l) is taken, and the notification of the update on behalf of the retained number CA is transmitted to the management device 30 (S B42). The management unit 3 of the management device 30 transmits the notification of the withdrawal received from the first server device 12 to the game device 26 (SC43). When receiving the notification of the withdrawal (SE3 3), the control unit 66 of the game device 26 adds the number of withdrawals N OUT designated in step S E31 to the usage credit C B of the storage unit 542 (S E34). With the above-mentioned description of the denomination and the acquisition in the game, and the use of the residual number of the CB, the user operates to deposit the button. -35- 201113069 6 (B), the current holding amount CA and the used credit number CB are displayed on the operation screen, and the operation unit 58 is displayed (validated) in a state in which the designation of the transfer from the user is accepted. Both the operation unit 582 and the extraction operation unit 584 are stored. In addition, when the residual number of the credit number CA is not retained, as shown in FIG. 6(C), the display operation unit 584 is controlled to be inactive while the 代 is displayed as the retained credit number CA (for example, non- Display or gray-out does not accept the status of the operation from the user). As described above, when the depositing operation unit 582 is activated, the proxy transfer (storing) from the used credit C B to the retained credit number C A is executed in response to an instruction from the user to the depositing operation unit 582. The management unit 3 of the management device 30 is transmitted from the game device 26 in the same manner as in the case of the withdrawal of the denomination, between the storage unit 542 that stores the used credit number CB and the memory device 14 that stores the retained credit CA. The requirement for the transfer of the amount (the deposit requirement), the transfer from the use of the number of CBs for the transfer of the share of the CA. First, when the deposit operation unit 582 accepts the instruction to store the token and the designation of the deposit number N IN (S E3 5), the control unit 66 associates the identification information P ID_IN included in the step S E20 with The deposit request of the deposit number NIN designated in step S E35 is sent to the management device 30 (SE 36). Furthermore, the method of specifying the number N IN is arbitrary. For example, an arbitrary number of methods in which the user specifies the use credit amount CB as the deposit number N IN can be employed, and a predetermined number (for example, 100 pieces) can be specified by one operation of the deposit operation unit 528. The method of entering the number N IN. When receiving the deposit request (SC44), the management unit 324 of the management device 30 searches for the identification information P ID_IN included in the deposit request to be -36-201113069 to the authenticated information A in the same manner as step S C41 and step S C42. The associated identification information U ID_IN and the biometric information B ID_IN (SC45) are associated with the deposit number NIN and transmitted to the first server device 12 (SC46). When receiving the request for withdrawal (S B43), the first server device 12 adds the deposit number N IN of the deposit request to the identification information U ID_IN and the biological information B ID_IN corresponding to the deposit request and memorizes The memory device 14 holds the credit number CA (S B44), and transmits a notification of the deposit on behalf of the update of the retained credit number CA to the management device 30 (S B45). The deposit notification is transmitted to the game device 26 via the management unit 324 of the management device 30 (SC47). When receiving the deposit notification (S E3 7), the control unit 66 of the game device 26 subtracts the deposit number NIN designated in step SE35 from the use credit CB of the storage unit 542 (SE38). When the full amount of the used number of shares CB is transferred to the retained amount C A , the used number C B becomes 0. By using the number of used credits C B to 0 ', the user arranges the game card from the receiving unit 562 (reader) to end the game. As described above, in the present embodiment, whether or not the identification information p ID_IN input to the game device 26 is stored in the management memory unit 3 of the management device 30 as the authenticated information A determines whether or not the transfer of the amount of the transfer is possible. . That is, the first authentication (biometric authentication) of the game device 26 is not required. Therefore, it is not necessary to separately set the machine (e.g., vein) that generates the biological information B ID to the plurality of game devices 26. On the other hand, in order to allow the transfer of the code to be permitted by the operation of the game device 26 (for the purpose of making the identification information P ID_IN as the authenticated information a in the management memory 342), since the user must be managing The device 30 receives the first authentication (biometric authentication), and although -37-201113069 is a structure that does not require the first authentication of the game device 26, the security of the generation management can be sufficiently ensured. In other words, according to the present embodiment, it is possible to ensure the security of the generation management and the simplification of the structure and procedures required for the authentication, and to use the management of the game material DG based on the second system 20. The identification information P ID is associated with the authentication information A and the identification information U ID_IN and is used for authentication at the time of the transfer of the code (second authentication). Therefore, there is an advantage that the load required for the second authentication can be given to each user as compared with the identification information different from the identification information P ID. The load required for the introduction of the management device 30 (the use of the transfer of the amount of money) can be reduced. Of course, it is not necessary to identify the information P ID and the game material D G. That is, the identification information p ID can be arbitrarily selected. Further, the authenticated information A of the present embodiment includes the biometric information B ID_IN in addition to the identification information U ID_IN and the identification information P ID_IN, so that the request from the management device 30 to the first server device 12 can be transmitted ( The request for the step S C42 of FIG. 9 and the deposit request for step S C46 include the identification information U ID_IN and the biometric information B ID_IN. On the other hand, since the biometric authentication is required for the payment and deposit of the token in the token processing device 16, the request to be transmitted from the token processing device 16 to the first server device 12 (step S of FIG. 3) The request for withdrawal of A16 and the deposit requirement of step S A19) also include identification information U ID_IN and biological information B ID_IN. That is, since the request from the management device 30 and the request from the token processing device 16 all include the identification information U ID_IN and the biometric information B ID_IN, the request from the management device 30 and the request from the token processing device 16 are In the case of -38-201113069, the processing of the first server device 12 can be made common. Therefore, for example, the management device 30 can be introduced into the environment in which the first system 10 exists (the second system 20 can be integrated) without changing the processing of the first server device 12. In particular, in the structure in which the management device 30 is connected to the first server device 12 via the communication network 18, the first server device 12 can process the management device 30 and the token processing device 16 in an equivalent manner. <B: Second Embodiment> Next, a second embodiment of the present invention will be described. In the respective aspects exemplified below, the same reference numerals are given to the same elements as those of the first embodiment, and the individual detailed descriptions are omitted. Fig. 1 is a schematic diagram showing the authentication information A of the second embodiment. As shown in FIG. 1A, the authenticated information A is composed of the authentication time T A in addition to the identification information P ID_IN and the identification information U ID_IN and the biological information B ID_IN. The authentication time T A is information specifying the time when the first authentication and the second authentication are completed (the time at which the authentication information A is generated). Fig. 11 is a flow chart showing a part of the operation of the management device 30 (portion after step S C20 of Fig. 7). As shown in FIG. 11, when the first authentication result received by the first server device 1 in step S C21 is affirmative (S C22 : YES), the management unit 324 of the management device 30 is a timing circuit from the calculation time ( The time (authentication time) TA at the current time point is obtained (S C24). ϋ $ 3 24 generates the authenticated information A associated with the authentication time Τ Α obtained by the step S C24 and the identification information P ID_IN and the identification information U ID_IN and the biological information B ID_IN - 39 - 201113069, and is stored in Management of the Ministry of Information 342 (S C25). The management unit 324 removes the authenticated information A that has passed the predetermined time T 0 from the authentication time T A among the plurality of authenticated information A stored in the management memory unit 342 from the management memory unit 342. In other words, in the second embodiment, all the authenticated information A of the management unit 342 is eliminated at the predetermined time. In the second embodiment, the authentication time TA is set for each authenticated information A. The starting point covers the expiration date of the time T 0 , and each of the authenticated information A is individually eliminated by the expiration of the expiration date. Furthermore, the time T 0 of the validity period can be set to be variable according to each authenticated information A. When the first embodiment of each of the authenticated information A is eliminated as a result of the arrival of the predetermined time, the time until the first authentication and the second authentication by the management device 30 is earlier is the time until the authentication information A is eliminated. The longer, for example, the possibility of being lost by the use of other game cards (ie, it is difficult to ensure the security of the distribution management). On the other hand, in the second embodiment, since the predetermined time T 0 is set as the expiration date from the authentication time TA and is individually set for each of the authenticated information A, the presence or absence of the authentication time TA can sufficiently ensure the quota. The advantages of management security. Of course, according to the first embodiment in which the authenticated information A is eliminated at a predetermined time, since the management of the validity period of each authenticated information A is not required, the load of the processing by the management unit 324 is smaller than that of the second embodiment. The advantage of lessening. Further, in the first embodiment, it is not necessary to include the authentication time A in the authentication information A. Therefore, there is an advantage that the amount of data of the authenticated information A can be reduced (and the capacity required to manage the memory unit 342 can be reduced). Furthermore, the method for eliminating the authenticated information A according to the expiration of the expiration date of each certified information A is not limited to the above illustration. For example, after the end of the first authentication and the second authentication, the authenticated information A may be stored in the management storage unit 32 and include the predetermined count 値TB, and the count 値TB may be sequentially decreased from the management storage unit. 3 42 Eliminate the count 値 TB reaches the construction of the certified information A of the specified lower limit 値 (for example, 〇). According to the above configuration, there is an advantage that the validity period of the authenticated information A can be individually set for each of the authenticated information a in response to the count 値T B . <C: Third Embodiment> Fig. 12 is a flowchart showing one of the operations of the management device 30 and the first server device 12 (portion after step SC20 in Fig. 7). As shown in FIG. 12, when the first authentication (S B24) is executed in response to the first authentication request (S C20, S B23) from the management device 30, the first server device 12 generates the specific information a (S B2 6). . The specific information α is a symbol set individually for each first authentication. As the specific information α, for example, a one-time password suitable for each first authentication is used. The first server device 12 associates the number of retained credits CA corresponding to the identification information U ID_IN in the first authentication request with the specific information 并: and counts them (S B27). Further, the first server device 12 causes the specific information α to include the first authentication result and transmits it to the management device 30 (S B28). When the first authentication result received by the first server device 1 in step S C2 1 is affirmative (S C22 : YES), the management unit 32 of the management device 30 is as shown in FIG. 1 The specific information α of the authentication result and the authenticated information a associated with the identification information P ID_IN and the identification information U ID_IN are stored in the management memory unit 342 (S C26) » that is, the authenticated information a and -41 - 201113069 does not include Biological information B ID_IN. When the game device 26 instructs the transfer of the code, the management unit 324 of the management device 30 causes the request for the withdrawal and the request for deposit to include the specific information α, instead of the biometric information B ID_IN of the first embodiment, and transmits it to the first Server device〗 2. For example, when the instructed denomination is requested, the management unit 3 24 retrieves the identification information UID_IN corresponding to the identification information P ID_IN and the specific information α from the management storage unit 32 (step SC41 of FIG. 9), and will include the identification information U. The request for the ID_IN and the specific information α and the number of withdrawals N OUT is sent to the first server device 12 (S C42). The first server device 12 is from

記憶裝置14檢索對應包含於提領要求之識別資訊U ID_IN \ 及特定資訊α之組合的保有代額數CA,並減去提領數 N OUT( S Β41)。 被指示代額的存入時也相同,管理部3 24係使從管理 記億部3 42檢索出之識別資訊U ID_IN及特定資訊α與存入 數N IN—起包含於存入要求,並發送至第1伺服器裝置12( S C45,S C46)。第1伺服器裝置12係將對應包含於存入要 求之識別資訊U ID_IN及特定資訊α之組合的保有代額數 C A,加算至存入數N IN( S Β44)。 於以上構造中,因爲代額轉移時在管理裝置30與第1 伺服器裝置12之間不收授生物體資訊B ID_IN,故有可減 低身爲利用者之個人資訊的生物體資訊B ID_IN之流出的 危險性之優點。又,生物體資訊B ID_IN係例如相較於特 定資訊α,有資料量易於增大的傾向。於第3實施形態中 ,因爲已認證資訊Α包含特定資訊來代替生物體資訊 -42- 201113069 B ID_IN,故相較於第1實施形態,有可減少已認證資訊A 的資料量(進而可減少管理記億部342所需之容量)之優點。 當然,也採用使已認證資訊A包含生物體資訊B ID_IN及特 定資訊α雙方的構造。再者,也可將以有效期限的期滿作 爲契機而消除已認證資訊Α之第2實施形態的構造,適用於 第3實施形態。 < D :變形例> 以上各形態也可多樣變形。以下例示具體的變形樣態 。從以下例示任意選擇之2以上的樣態也可適切合倂。 (1)變形例1 於以上各形態中,對於1個識別資訊U ID_IN,將1個 識別資訊P ID_IN建立關聯。但是,也可採用在例如依遊 戲裝置26提供之每一遊戲種類而不同之識別資訊P ID賦予 利用者之環境下,如圖Μ所示,於已認證資訊A中,將1個 識別資訊U ID_IN與複數識別資訊P ID_IN( P ID_IN1, P ID_IN2,P ID_IN3,……)建立關聯的構造。具體來說 ,從圖7的步驟S C10至步驟S C1 4爲止的處理依每一識別 資訊P ID_IN依序執行,在步驟S C23,將利用者輸入之複 數識別資訊P ID_IN與識別資訊U ID_IN和生物體資訊 B ID_IN建立對應的已認證資訊A被儲存於管理記憶部342 〇 在圖8的步驟S C30接收指定識別資訊p ID_IN的照會 -43- 201113069 要求時,管理部324係判定包含以照會要求指定之識別資 訊P ID_IN的已認證資訊A是否記憶於管理記憶部342( SC31,SC32)。依據以上構造,因爲不同種類之複數遊 戲裝置26個別之代額轉移可利用在管理裝置30之1次操作 ,故相較於依每一識別資訊P ID_IN(亦即,每於以不同種 類之遊戲裝置26執行遊戲時)需要第1認證與第2認證的構 造(例如,如第1實施形態,對於1個識別資訊U ID_IN,僅 1個識別資訊P ID_IN建立關聯的構造),可減輕利用者的 負擔。 (2)變形例2 於以上各形態中,雖然使已認證資訊A包含產生部364 所產生之生物體資訊B ID_IN,但是,也可採用管理部324 從第1伺服器裝置12取得記憶於記憶裝置14之生物體資訊 B ID而使其包含於已認證資訊A的構造。再者,對於爲了 針對將識別資訊P ID_IN輸入至遊戲裝置26之利用者,在 管理裝置30判定第1認證及第2認證是否結束來說,只要於 已認證資訊A中將識別資訊U ID_IN與識別資訊P ID_IN建 立關聯即可。所以,已認證資訊A包含生物體資訊B ID_IN 的構造(第1實施形態)及已認證資訊A包含特定資訊α的構 造(第3實施形態)可適切省略。亦即,已認證資訊Α係作爲 將識別資訊U ID_IN與識別資訊p ID_IN建立關聯的資料而 總結,不問生物體資訊B ID_IN及特定資訊α等其他資訊 的有無。 -44 - 201113069 (3 )變形例3 於以上各形態中作爲受理部3 62已例示利用者操作之 複數操作子(鍵盤),但是,受理識別資訊U ID_IN的輸入 之方法可爲任意。作爲受理部362,例如可採用作爲識別 資訊U ID_IN而讀取記憶於可搬型記錄媒體(例如管理卡或 行動通訊終端)之識別資訊U ID的讀取器(例如以非接觸來 讀取識別資訊U ID的非接觸型讀取器)、光學讀取被印刷 於讀取面之識別資訊U ID_IN的讀取器、根據利用者發出 之聲音來辨識識別資訊U ID_IN的聲音辨識裝置等,受理 識別資訊U ID_IN的輸入之各種要素。關於受理識別資訊 卩10_1>^的輸入之受理部(3 66,562)及受理密碼?贾0_以 的輸入之受理部(3 68,5 64)也相同,可採用針對受理部362 而例示之各種要素(操作子、非接觸型讀取器、光學讀取 器、聲音辨識裝置)。 (4 )變形例4 於以上各形態中,第1認證部3 2 1執行第1認證要求的 發送(圖7的步驟S C20)與第1認證結果的接收(步騾s C21) ,第1伺服器裝置12執行第1認證(步驟S B24).,但是,也 可採用第1認證部3 2 1執行第1認證的構造。例如,第1認證 部321從第1伺服器裝置12取得對應被輸入至受理部3 62之 識別資訊U ID_IN的生物體資訊B ID。第1認證部321係對 照從第1伺服器裝置12取得之生物體資訊B ID與產生部364 -45- 201113069 所產生之生物體資訊B ID_IN(第1認證),在對照的結果是 肯定時則產生已認證資訊A。由以上說明可知,第1認證部 321係作爲取得利用識別資訊U ID_IN與生物體資訊 B ID_IN之第1認證的結果之要素而總結,不問執行第1認 證的場所(例如是否利用管理裝置30及第1伺服器裝置12任 一執行第1認證)。針對利用識別資訊P ID_IN之第2認證也 相同,也可採用第2認證部322將從第2伺服器裝置22取得 之識別資訊P ID及密碼P WD對照識別資訊P ID_IN及密碼 P WD_IN(第2認證)的構造。相同地,遊戲裝置26的終端側 認證部524可執行終端側認證。 又,在以上各形態,於管理裝置30的第2認證部3 22所 致之第2認證,利用識別資訊P ID_IN及密碼P WD_IN雙方 ,但是,針對第2認證可省略密碼P WD_IN的利用。亦即 ,在圖7的步驟S C12中第2認證部3 22將包含識別資訊 P ID_IN的第2認證要求(不包含密碼P WD_IN)發送至第2 伺服器裝置22,在步驟S Dl 1中第2伺服器裝置22判定以第 2認證要求指定之識別資訊P ID_IN是否儲存於記憶裝置 24(第2認證)。由以上說明可知,第2認證部3 22係作爲取得 利用識別資訊P ID_IN之第2認證的結果之要素(不問第2認 證的主體及密碼P WD_IN的利用之有無)而總結。相同地 ,針對遊戲裝置2 6之終端側認證,可省略密碼P WD_IN的 利用。所以,終端側認證部524係作爲取得利用識別資訊 P ID之終端側認證的結果之要素(不問終端側認證的結果 及密碼P WD_IN的利用之有無)而總結。 -46- 201113069 (5)變形例5 於第1實施形態中以所定時刻的到來作爲條件而消除 已認證資訊A,於第2實施形態中以有效期限的期滿作爲條 件而消除已認證資訊A,但是,消除已認證資訊A的條件( 契機)可適切變更。例如,也可採用以管理裝置30的啓動 或停止作爲契機(例如在啓動之後或停止之前)而消除管理 記憶部342之已認證資訊A的構造,或以對於管理裝置30的 所定操作(例如遊藝設施的店員所致之消除按鍵的操作)作 爲契機而消除已認證資訊A的構造。 又,於以上各形態中消除已認證資訊A,但是,使已 認證資訊A無效化的方法(遷移至管理部324無法參照之狀 態的方法)可適切變更。例如,將表示有效/無效的資訊( 以下稱爲「狀態旗標」)附加至已認證資訊A的構造也合適 。管理部3 2 4係在第1認證及第2認證結束時將狀態旗標設 定爲有效,以所定條件的成立(例如所定時刻的到來或有 效期限的期滿)作爲契機而將狀態旗標設定爲無效。但是 ,如以上各形態般,依據消除已認證資訊A的構造,因爲 不需要每一已認證資訊A之狀態旗標的管理,故有可減輕 管理部324的負荷之優點。 由以上說明可知,管理部3 24係作爲以所定條件的成 立(例如所定時刻的到來或有效期限的期滿)作爲契機而使 已認證資訊A無效(例如消除已認證資訊a或將狀態旗標設 定爲無效)的要素而總結。當然,對於代額管理之安全性 -47- 201113069 的確保與認證所需之構造及手續的簡潔化兩立之所期望的 課題之解決來說,已認證資訊A的無效化並不是必須要件 (6) 變形例6 在以上各形態,已例示在管理裝置40的認證時受理部 3 66受理識別資訊P ID_IN的輸入(讀取器所致之讀取)之構 造,但是,也可採用利用者指示在第2登記中事先賦予利 用者之識別資訊P ID的有效/無效之構造。例如,識別資 訊P ID(單數或複數)在第2登記時與識別資訊U ID建立對 應,爲了在管理裝置40的第1認證而輸入識別資訊 UID_IN(UID)時,針對對應其識別資訊UID_IN的各識別 資訊P ID,從利用者指示有效/無效。識別資訊p ID的有 效化相當於以上各形態之識別資訊P ID_IN的輸入。亦即 ,本案之「識別資訊的受理」係除了識別資訊的輸入(例 如讀取或手輸入)之外,也包含利用者有效化(選擇)事先登 記之識別資訊的操作之槪念。 (7) 變形例7 在以上各形態,將記憶於遊戲卡之識別資訊P ID ( P ID_IN)使用於管理系統100內的各處理,但是,也可採 用將與識別資訊P ID_IN(P ID)建立對應之其他識別資訊( 以下稱爲「參照用識別資訊」)R ID(reference ID),代替 識別資訊P ID_IN( P ID) ’使用於管理系統100內的各處理 -48- 201113069 之構造。具體來說’伺服器裝置(以下稱爲「ID管理伺服 器裝置」)將賦予利用者之參照用識別資訊R ID與遊戲卡 的識別資訊P ID建立對應並加以管理,於在管理裝置4〇及 遊戲裝置26的處理,適用因應從利用者受理之識別資訊 P ID_IN ’而ID管理伺服器裝置所特定之參照用識別資訊 R ID ’來代替在前述各形態之識別資訊p ID_IN(p ID) 再者’也可採用作爲ID管理伺服器裝置兼用第2伺服器裝 置22的構造,或使ID管理伺服器裝置獨立於第2伺服器裝 置22而設置的構造。 管理裝置4〇的第2認證部3 22係從ID管理伺服器裝置取 得對應受理部366所受理之識別資訊P ID_IN的參照用識別 資訊R ID,取得利用參照用識別資訊R ID與密碼P WD_IN 之第2認證的結果。又,管理部324係於管理記憶部3 42儲 存將對應識別資訊P ID_IN的參照用識別資訊R ID與識別 資訊U ID_IN( U ID)及生物體資訊B ID_IN( B ID)建立關聯 的已認證資訊A。另一方面,在遊戲裝置26,從ID管理伺 服器裝置取得對應受理部562所受理之識別資訊P ID_IN的 參照用識別資訊R ID之後,終端側認證部524係取得利用 參照用識別資訊R ID之終端側認證的結果,照會部62係將 包含參照用識別資訊R ID的照會要求發送至管理裝置40。 依據以上構造,例如即使利用者遺失遊戲卡之狀況,利用 將新發派之遊戲卡與參照用識別資訊R ID建立對應,可利 用新遊戲卡的識別資訊P ID來特定對應利用者所遺失之遊 戲卡的遊戲資料。 -49- 201113069 由以上例示可知,本發明的「第2識別資訊」係除了 從利用者直接受理之識別資訊(P ID_IN)之外,也包含對 應從利用者受理之識別資訊(P ID_IN)而被管理之其他識 別資訊(R ID)的槪念。所以,從利用者受理識別資訊 P ID_IN的受理部3 66及從ID管理伺服器裝置取得對應識別 資訊P ID_IN的參照用識別資訊R ID之管理裝置40的要素( 第2認證部322及管理部324),係作爲取得本發明的第2識 別資訊(P ID_IN,R ID)之要素(取得部)而總結。又,於遊 戲裝置26中也相同,從利用者受理識別資訊P ID_IN的受 理部562及從ID管理伺服器裝置取得對應識別資訊P ID_IN 的參照用識別資訊R ID之要素(終端側認證部524及照會部 62) ’係作爲取得第2識別資訊(P ID_IN,R ID)之要素(終 端側取得部)而總結。 (8)變形例8 生物體資訊B ID(B ID_IN)係不限定於靜脈紋路。作 爲生物體資訊B ID( B ID_IN),例如可任意採用指紋或虹 膜或聲音(聲紋)等利用者固有之特徵量。 【圖式簡單說明】 [圖1 ]關於本發明的第1實施形態之管理系統的區塊圖 〇 [圖2]第1系統的記憶裝置所記憶之資料的模式圖。 [圖3 ]用以進行代幣的支付及存入之動作的流程圖。 -50- 201113069 [圖4]第2系統的記億裝置所記憶之資料的模式圖 [圖5]管理裝置及遊戲裝置的區塊圖。 [圖6]代額轉移所使用之操作畫面的模式圖。 [圖7]第1認證及第2認證之動作的流程圖。 [圖8 ]遊戲時之動作的流程圖。 [圖9]遊戲時之動作的流程圖。 [圖10]第2實施形態之已認證資訊的模式圖。 [圖1 1 ]第2實施形態之動作的流程圖。 [圖12]第3實施形態之動作的流程圖。 [圖1 3 ]第3實施形態之已認證資訊的模式圖。 [圖1 4]關於變形例之已認證資訊的模式圖。 【主要元件符號說明】 100 :管理系統 1 〇 ’·第1系統 1 2 :第1伺服器裝置 1 4 :記憶裝置 1 6 :代幣處理裝置 2〇 :第2系統 22:第2伺服器裝置 24 :記憶裝置 26 :遊戲裝置 3 〇 :管理裝置 32,52:運算處理裝置 -51 - 201113069 3 2 1 :第1認證部 3 2 2 :第2認證部 3 2 4 :管理部 34,54 :記憶裝置 3 42 :管理記憶部 3 6 :輸入受理部 5 4 2 :貯留部 56 :輸入受理部 5 8 :操作部 5 8 2 :存入操作部 5 84 :提領操作部 5 22 :遊戲處理部 524 :終端側認證部 62 :照會部 64 :允許部 66 :控制部 -52-The memory device 14 retrieves the retained credit CA corresponding to the combination of the identification information U ID_IN \ and the specific information α included in the withdrawal request, and subtracts the number of withdrawals N OUT (S Β 41). The same is true for the deposit of the instructed code, and the management unit 3 24 includes the identification information U ID_IN and the specific information α retrieved from the management unit 100 4 and the deposit number N IN in the deposit request, and It is sent to the first server device 12 (S C45, S C46). The first server device 12 adds the remaining credit number C A corresponding to the combination of the identification information U ID_IN and the specific information α stored in the request to the deposit number N IN (S Β 44). In the above configuration, since the biometric information B ID_IN is not received between the management device 30 and the first server device 12 during the transfer of the dividend, there is a biometric information B ID_IN which can reduce the personal information of the user. The advantage of the danger of outflow. Further, the biometric information B ID_IN tends to increase the amount of data, for example, compared to the specific information α. In the third embodiment, since the authenticated information includes the specific information instead of the biometric information-42-201113069 B ID_IN, the amount of data of the authenticated information A can be reduced (and thus can be reduced) compared to the first embodiment. The advantages of managing the capacity required by the 342. Of course, a configuration is also adopted in which the authenticated information A includes both the biometric information B ID_IN and the specific information α. Further, the structure of the second embodiment of the authenticated information can be eliminated by the expiration of the expiration date, and the third embodiment can be applied. <D: Modifications> Each of the above aspects may be variously modified. The specific deformation modes are exemplified below. It is also possible to appropriately combine the two or more types arbitrarily selected from the following examples. (1) Modification 1 In the above embodiments, one piece of identification information P ID_IN is associated with one piece of identification information U ID_IN. However, it is also possible to adopt an environment in which the identification information P ID is different for each game type provided by the game device 26, and as shown in the figure, in the authenticated information A, one identification information U is used. The ID_IN is associated with the complex identification information P ID_IN ( P ID_IN1, P ID_IN2, P ID_IN3, ...). Specifically, the processing from step S C10 to step S C1 4 of FIG. 7 is sequentially executed for each identification information P ID_IN, and in step S C23, the plural identification information P ID_IN and the identification information U ID_IN input by the user are input. The authenticated information A associated with the biometric information B ID_IN is stored in the management memory unit 342. When the request for the designation of the identification information p ID_IN is received in step S C30 of FIG. 8 - 2011-13069, the management unit 324 determines to include The authenticated information A of the identification information P ID_IN specified by the photo request is memorized in the management memory unit 342 (SC31, SC32). According to the above configuration, since the individual transfer of the different types of the plurality of game devices 26 can be utilized for one operation of the management device 30, the game is compared with each of the identification information P ID_IN (that is, each game is played in a different kind). When the device 26 executes the game, the first authentication and the second authentication are required (for example, in the first embodiment, the identification information U ID_IN is associated with only one identification information P ID_IN), and the user can be reduced. The burden. (2) Modification 2 In the above embodiments, the authenticated information A is included in the biometric information B ID_IN generated by the generating unit 364, but the management unit 324 may be used to obtain the memory from the first server device 12. The biological information B ID of the device 14 is included in the configuration of the authenticated information A. In addition, in order to determine whether the first authentication and the second authentication are completed for the user who inputs the identification information P ID_IN to the game device 26, the identification information U ID_IN is included in the authenticated information A. The identification information P ID_IN can be associated. Therefore, the configuration in which the authenticated information A includes the biometric information B ID_IN (the first embodiment) and the configuration in which the authenticated information A includes the specific information α (the third embodiment) can be omitted as appropriate. That is, the authenticated information is summarized as the data for associating the identification information U ID_IN with the identification information p ID_IN, regardless of the presence or absence of other information such as the biological information B ID_IN and the specific information α. -44 - 201113069 (3) Modification 3 In the above embodiments, the plurality of operators (keyboards) operated by the user are exemplified as the accepting unit 3 62. However, the method of accepting the input of the identification information U ID_IN may be arbitrary. As the accepting unit 362, for example, a reader that reads the identification information U ID stored in the portable recording medium (for example, the management card or the mobile communication terminal) as the identification information U ID_IN can be used (for example, the identification information is read by non-contact). UID non-contact type reader), optical reader that reads the identification information U ID_IN of the reading surface, and a voice recognition device that recognizes the identification information U ID_IN based on the sound of the user, and recognizes Various elements of the input of the information U ID_IN. About the acceptance of the identification information 卩10_1>^ input acceptance unit (3 66, 562) and the acceptance password? The input receiving unit (3, 68, 5 64) of the _0_ is also the same, and various elements (operator, non-contact type reader, optical reader, and voice recognition device) exemplified for the receiving unit 362 can be used. . (4) Modification 4 In the above aspects, the first authentication unit 3 2 1 performs transmission of the first authentication request (step S C20 of FIG. 7 ) and reception of the first authentication result (step s C21 ) , first The server device 12 executes the first authentication (step S B24). However, the first authentication unit 3 2 1 may be configured to execute the first authentication. For example, the first authentication unit 321 acquires the biometric information B ID corresponding to the identification information U ID_IN input to the receiving unit 3 62 from the first server device 12. The first authentication unit 321 compares the biometric information B ID acquired from the first server device 12 with the biometric information B ID_IN (first authentication) generated by the generating unit 364 - 45 - 201113069, and when the result of the comparison is affirmative Then the authenticated information A is generated. As can be seen from the above description, the first authentication unit 321 is summarized as an element that acquires the result of the first authentication using the identification information U ID_IN and the biometric information B ID_IN, and does not ask the place where the first authentication is performed (for example, whether or not the management device 30 is used) Any of the first server devices 12 executes the first authentication). The second authentication by the identification information P ID_IN is also the same, and the second authentication unit 322 may use the identification information P ID and the password P WD obtained from the second server device 22 against the identification information P ID_IN and the password P WD_IN (the first authentication unit 322). 2 certification) construction. Similarly, the terminal side authentication unit 524 of the game device 26 can perform terminal side authentication. Further, in the above embodiments, both the identification information P ID_IN and the password P WD_IN are used for the second authentication by the second authentication unit 32 of the management device 30. However, the use of the password P WD_IN can be omitted for the second authentication. That is, in step S C12 of Fig. 7, the second authentication unit 3 22 transmits the second authentication request (excluding the password P WD_IN) including the identification information P ID_IN to the second server device 22, in step S D11. The second server device 22 determines whether or not the identification information P ID_IN specified by the second authentication request is stored in the storage device 24 (second authentication). As can be seen from the above description, the second authentication unit 322 is summarized as an element for obtaining the second authentication result of the identification information P ID_IN (the presence or absence of the second authentication subject and the password P WD_IN). Similarly, for the terminal side authentication of the game device 26, the use of the password P WD_IN can be omitted. Therefore, the terminal side authentication unit 524 is summarized as an element for obtaining the result of the terminal side authentication using the identification information P ID (the result of the terminal side authentication and the use of the password P WD_IN). -46-201113069 (5) Modification 5 In the first embodiment, the authenticated information A is eliminated on the condition that the predetermined time comes, and in the second embodiment, the authenticated information A is eliminated on the expiration of the expiration date. However, the conditions for eliminating the certified information A (the opportunity) can be changed as appropriate. For example, it is also possible to adopt a configuration in which the authentication information A of the management memory unit 342 is eliminated by starting or stopping the management device 30 (for example, after startup or before stopping), or in a predetermined operation (for example, game art) for the management device 30. The operation of eliminating the button by the clerk of the facility) eliminates the structure of the authenticated information A as an opportunity. Further, in the above embodiments, the authenticated information A is eliminated. However, the method of invalidating the authenticated information A (the method of shifting to the state that the management unit 324 cannot refer to) can be appropriately changed. For example, a configuration in which information indicating valid/invalid (hereinafter referred to as "status flag") is attached to the authenticated information A is also suitable. The management unit 3 2 4 sets the status flag to be valid at the end of the first authentication and the second authentication, and sets the status flag as a trigger for the establishment of the predetermined condition (for example, the arrival of the predetermined time or the expiration of the expiration date). Invalid. However, as in the above various forms, according to the structure for eliminating the authenticated information A, since the management of the status flag of each authenticated information A is not required, there is an advantage that the load of the management unit 324 can be reduced. As apparent from the above description, the management unit 324 invalidates the authenticated information A as a trigger for the establishment of a predetermined condition (for example, the arrival of a predetermined time or the expiration of the expiration date) (for example, eliminating the authenticated information a or the status flag) Summarized by the elements that are set to invalid. Of course, the invalidation of the certified information A is not necessary for the resolution of the security of the security management of the security management of 47-201113069 and the simplification of the structure and procedures required for certification. 6) Modification 6 In the above-described embodiments, the authentication receiving unit 3 66 accepts the input of the identification information P ID_IN (read by the reader), but the user can also be employed. A structure indicating the validity/invalidity of the identification information P ID of the user in advance in the second registration is instructed. For example, the identification information P ID (singular or plural) is associated with the identification information U ID at the time of the second registration, and is used for the identification information UID_IN corresponding to the identification information UID_IN (UID) when the first authentication of the management device 40 is input. Each identification information P ID is valid/invalid from the user indication. The validity of the identification information p ID is equivalent to the input of the identification information P ID_IN of each of the above forms. That is to say, the "acceptance of identification information" in the present case includes, in addition to the input of identification information (for example, reading or hand input), the complication of the operation of the user to validate (select) the identification information registered in advance. (7) Modification 7 In the above embodiments, the identification information P ID (P ID_IN) stored in the game card is used for each process in the management system 100. However, the identification information P ID_IN (P ID) may be employed. The other identification information (hereinafter referred to as "reference identification information") R ID (reference ID) is established instead of the identification information P ID_IN (P ID) 'structure used in the management system 100 - 48-201113069. Specifically, the server device (hereinafter referred to as "ID management server device") associates and manages the reference identification information R ID given to the user with the identification information P ID of the game card, and manages it in the management device 4 In the processing of the game device 26, the identification information p ID_IN (p ID) in the above-described respective forms is replaced by the reference identification information R ID ' specified by the ID management server device in response to the identification information P ID_IN ' accepted by the user. In addition, a configuration in which the second server device 22 is used as the ID management server device or a configuration in which the ID management server device is provided independently of the second server device 22 can be employed. The second authentication unit 3 22 of the management device 4 obtains the reference identification information R ID of the identification information P ID_IN received by the correspondence receiving unit 366 from the ID management server device, and acquires the reference identification information R ID and the password P WD_IN. The result of the second certification. Further, the management unit 324 stores the authenticated association that associates the reference identification information R ID corresponding to the identification information P ID_IN with the identification information U ID_IN (U ID) and the biometric information B ID_IN (B ID) in the management storage unit 342. Information A. On the other hand, after the game device 26 acquires the reference identification information R ID of the identification information P ID_IN received by the reception receiving unit 562 from the ID management server device, the terminal side authentication unit 524 acquires the reference identification information R ID. As a result of the terminal side authentication, the photographing unit 62 transmits a photo request including the reference identification information R ID to the management device 40. According to the above configuration, for example, even if the user loses the game card, the newly-assigned game card is associated with the reference identification information R ID, and the identification information P ID of the new game card can be used to specify the corresponding user's lost. Game card game information. In the above-mentioned example, the "second identification information" of the present invention includes identification information (P ID_IN) directly received from the user, and includes identification information (P ID_IN) corresponding to the user. The mourning of other identified information (R ID) being managed. Therefore, the receiving unit 3 66 that receives the identification information P ID_IN from the user and the element (the second authentication unit 322 and the management unit) that acquire the reference identification information R ID corresponding to the identification information P ID_IN from the ID management server device (the second authentication unit 322 and the management unit) 324) is summarized as an element (acquisition unit) that acquires the second identification information (P ID_IN, R ID) of the present invention. In the game device 26, the receiving unit 562 that receives the identification information P ID_IN from the user and the element that identifies the reference identification information R ID corresponding to the identification information P ID_IN from the ID management server device (the terminal side authentication unit 524) The photographing unit 62) is summarized as an element (terminal side acquisition unit) that acquires the second identification information (P ID_IN, R ID). (8) Modification 8 The biological information B ID (B ID_IN) is not limited to the vein pattern. As the biological information B ID (B ID_IN), for example, a feature amount inherent to the user such as a fingerprint or an iris or a sound (soundprint) can be arbitrarily used. BRIEF DESCRIPTION OF THE DRAWINGS [Fig. 1] A block diagram of a management system according to a first embodiment of the present invention [Fig. 2] A schematic diagram of data stored in a memory device of a first system. [Fig. 3] A flow chart for performing the action of depositing and depositing tokens. -50- 201113069 [Fig. 4] Schematic diagram of data memorized by the device of the second system [Fig. 5] A block diagram of the management device and the game device. [Fig. 6] A pattern diagram of an operation screen used for the transfer of the code. FIG. 7 is a flowchart of the operations of the first authentication and the second authentication. [Fig. 8] A flow chart of the action at the time of the game. [Fig. 9] A flowchart of the action at the time of the game. Fig. 10 is a schematic diagram showing the authenticated information of the second embodiment. [Fig. 1 1] A flowchart of the operation of the second embodiment. Fig. 12 is a flow chart showing the operation of the third embodiment. [Fig. 13] A schematic diagram of the authenticated information of the third embodiment. [Fig. 14] A mode diagram of the authenticated information regarding the modification. [Description of main component symbols] 100 : Management system 1 〇 '· 1st system 1 2 : 1st server device 1 4 : Memory device 1 6 : Token processing device 2 〇: 2nd system 22: 2nd server device 24: memory device 26: game device 3: management device 32, 52: arithmetic processing device - 51 - 201113069 3 2 1 : first authentication unit 3 2 2 : second authentication unit 3 2 4 : management unit 34, 54: Memory device 3 42 : Management memory unit 3 6 : Input reception unit 5 4 2 : Storage unit 56 : Input reception unit 5 8 : Operation unit 5 8 2 : Storage operation unit 5 84 : Extraction operation unit 5 22 : Game processing Part 524: Terminal side authentication unit 62: Photographing unit 64: Permissive unit 66: Control unit - 52-

Claims (1)

201113069 七、申請專利範圍: 1. 一種管理系統,係包含管理裝置與複數遊戲裝置 ,其特徵爲: 前述管理裝置係具備: 受理部,係受理第1識別資訊; 產生部’係產生表示利用者之生物體特徵的生物體資 訊; 第1認證部,係取得利用前述第1識別資訊與前述生 物體資訊之第1認證的結果; 取得部,係取得第2識別資訊; 第2認證部,係取得利用前述第2識別資訊之第2認 證的結果;及 管理部,係在前述第1認證及前述第2認證雙方的結 果是肯定時,將前述第1識別資訊與前述第2識別資訊建 立關聯,並作爲已認證資訊而記憶於管理記憶部; 前述複數遊戲裝置係個別具備: 貯留部,係記億因爲在該當遊戲裝置之代額的消費或 獲得而增減之第1代額數; 終端側取得部,係取得確認用識別資訊; 照會部,係照會前述管理部,確認一致於前述確認用 識別資訊之第2識別資訊是否作爲前述已認證資訊而記憶 於前述管理記憶部;及 允許部,係在前述照會的結果是肯定時,允許記憶於 前述貯留部之前述第1代額數和與第1識別資訊建立對應 -53- 201113069 而記億於記憶裝置之第2代額數之從一方對於另一方的代 額之轉移。 2. 如申請專利範圍第1項所記載之管理系統,其+ 前述管理部,係將相異之複數前述第2識別資訊與前j 述第1識別資訊建立關聯,作爲前述已認證資訊而記憶於· 前述管理記憶部。 3. 如申請專利範圍第1項或第2項所記載之管理系 統,其中, 前述複數遊戲裝置係個別具備: 終端側認證部,係取得利用前述確認用識別資訊之終 端側認證的結果; 前述照會部,係在前述終端側認證的結果是肯定時, 照會前述管理部,確認一致於前述確認用識別資訊之第2 ii SU資訊是否作爲前述已認證資訊而記憶於前述管理記憶 部。 4·如申請專利範圍第1項所記載之管理系統,其中 BU述管理裝置,係具備:密碼受理部,係受理密碼的 輸入; 前述第2認證部,係取得利用前述第2識別資訊與前 述密碼之前述第2認證的結果。 5 ·如申請專利範圍第1項所記載之管理系統,其中 -54- 201113069 前述管理部,係以所定條件的成立作爲契機,將前述 管理記憶部的前述已認證資訊設爲無效。 6.如申請專利範圍第5項所記載之管理系統,其中 前述管理部,係以所定時刻的到來作爲契機,將前述 已認證資訊設爲無效。 7.如申請專利範圍第5項或第6項所記載之管理系 統,其中, 前述管理部,係以從前述管理記憶部消除前述已認證 資訊,將該當已認證資訊設爲無效。 8·如申請專利範圍第1項所記載之管理系統,其中 5 前述複數遊戲裝置係個別具備: 操作部,係包含指示從前述第1代額數對於前述第2 代額數之代額的轉移之存入操作部,與指示從前述第2代 額數對於前述第1代額數之代額的轉移之提領操作部至少 一方; 前述操作部,係在前述允許部允許代額的轉移時成爲 可操作。 9 ·如申請專利範園第1項所記載之管理系統,其中 前述管理部,係使前述已認證資訊包含生物體資訊而 記憶於前述管理記憶部, 在從前述遊戲裝置被指示代額的轉移時,則對於管理 -55- 201113069 將第1識別資訊與生物體資訊與第2代額數建立對應並加 以記憶之前述記憶裝置的伺服器裝置,發送前述已認證資 訊的前述第1識別資訊與前述生物體資訊。 10. 如申請專利範圍第1項所記載之管理系統,其中 前述管理部,係使前述已認證資訊包含特定資訊而記 憶於前述管理記憶部, 在從前述遊戲裝置被指示代額的轉移時,則對於管理 將第1識別資訊與特定資訊與第2代額數建立對應並加以 記憶之前述記憶裝置的前述伺服器裝置,發送前述已認證 資訊的前述第1識別資訊與前述特定資訊。 11. 一種遊戲裝置,係與具備在利用輸入至管理裝置 之第1識別資訊及生物體資訊之第1認證的結果,與利用 輸入至前述管理裝置之第2識別資訊之第2認證的結果是 肯定時,將前述第1識別資訊與前述第2識別資訊建立關 聯並作爲已認證資訊而記憶於管理記憶部之管理部的管理 裝置進行通訊的遊戲裝置,其特徵爲具備: 貯留部,係記憶因爲在該當遊戲裝置之代額的消費或 獲得而增減之第1代額數; 終端側取得部,係取得確認用識別資訊; 照會部,係照會前述管理部,確認一致於前述確認用 識別資訊之第2識別資訊是否作爲前述已認證資訊而記憶 於前述管理記憶部:及 允許部,係在前述照會的結果是肯定時,允許記憶於 -56- 201113069 前述貯留部之前述第1代額數和與第1識別資訊建立對應 而記億於記憶裝置之第2代額數之從一方對於另一方的代 額之轉移。 12. —種管理裝置,其特徵爲具備: 受理部,係受理第1識別資訊; 產生部,係產生表示利用者之生物體特徵的生物體資 訊; 第1認證部,係取得利用前述第1識別資訊與前述生 物體資訊之第1認證的結果; 取得部,係取得第2識別資訊; 第2認證部,係取得利用前述第2識別資訊之第2認 證的結果;及 管理部,係在前述第1認證及前述第2認證雙方的結 果是肯定時,將前述第1識別資訊與前述第2識別資訊建 立關聯,並作爲已認證資訊而記憶於管理記憶部; 前述管理部,係將一致於輸入至遊戲裝置之確認用識 別資訊的第2識別資訊是否作爲前述已認證資訊而記憶於 前述管理記億部的判定之結果,通知該當遊戲裝置, 在前述判定的結果是肯定時,在具備記憶因爲代額的 消費或獲得而增減之第1代額數的貯留部之前述遊戲裝置 ,和與第1識別資訊建立對應而記憶第2代額數之記憶裝 置之間,因應從前述遊戲裝置發送之代額的轉移之要求’ 仲介前述第1代額數與前述第2代額數之從一方對於另一 方的代額之轉移》 -57- 201113069 13. —種程式,係使電腦作爲以下檎件而作用: 受理部,係受理第1識別資訊; 產生部,係產生表示利用者之生物體特徵的生物體資 訊; .第1認證部,係取得利用前述第1識別資訊與前述生 物體資訊之第1認證的結果; 取得部,係取得第2識別資訊; 第2認證部,係取得利用前述第2識別資訊之第2認 證的結果,及 管理部,係在前述第1認證及前述第2認證雙方的結 果是肯定時,將前述第1識別資訊與前述第2識別資訊建 立關聯,並作爲已認證資訊而記憶於管理記憶部; 其特徵爲: 前述管理部,係將一致於輸入至遊戲裝置之確認用識 別資訊的第2識別資訊是否作爲前述已認證資訊而記憶於 前述管理記憶部的判定之結果,通知該當遊戲裝置, 在前述判定的結果是肯定時,在具備記憶因爲代額的 消費或獲得而增減之第1代額數的貯留部之前述遊戲裝置 ,和與第1識別資訊建立對應而記憶第2代額數之記憶裝 置之間,因應從前述遊戲裝置發送之代額的轉移之要求, 仲介前述第1代額數與前述第2代額數之從一方對於另一 方的代額之轉移。 -58-201113069 VII. Patent application scope: 1. A management system comprising a management device and a plurality of game devices, wherein: the management device includes: a receiving unit that receives the first identification information; and a generation unit that generates a user. The first authentication unit obtains the result of the first authentication using the first identification information and the biometric information; the acquisition unit acquires the second identification information; and the second authentication unit a result of obtaining the second authentication using the second identification information; and the management unit associating the first identification information with the second identification information when the result of both the first authentication and the second authentication is affirmative And the memory device is stored in the management memory unit as the authenticated information; the plurality of game devices are provided separately: the storage unit, which is the first generation amount of the increase or decrease due to the consumption or acquisition of the denomination of the game device; The acquisition unit obtains identification information for confirmation; and the photo-receiving unit confirms that the recognition is consistent with the management unit. Whether the second identification information is stored in the management memory unit as the authenticated information; and the permission unit allows the first generation amount and the first number to be stored in the storage unit when the result of the note is affirmative The identification information establishes the correspondence -53- 201113069 and the transfer of the second generation of the memory device from one party to the other party's proxy. 2. In the management system described in the first paragraph of the patent application, the + management unit associates the plurality of different second identification information with the first identification information, and memorizes as the authenticated information. In the aforementioned management memory. 3. The management system according to the first or second aspect of the invention, wherein the plurality of game devices are provided with: a terminal-side authentication unit that obtains a result of terminal-side authentication using the identification information for confirmation; In the case where the result of the terminal side authentication is affirmative, the photographing unit checks whether the second ii SU information matching the identification information for confirmation is stored in the management memory unit as the authenticated information. 4. The management system according to the first aspect of the invention, wherein the management device includes a password accepting unit that accepts an input of a password; and the second authentication unit acquires the second identification information and the aforementioned The result of the aforementioned second certification of the password. 5. The management system described in the first paragraph of the patent application, wherein -54-201113069, the management department invalidates the authentication information of the management memory unit by the establishment of the predetermined conditions. 6. The management system according to claim 5, wherein the management unit invalidates the authenticated information by the arrival of the predetermined time. 7. The management system according to claim 5, wherein the management unit eliminates the authenticated information from the management memory unit and invalidates the authenticated information. 8. The management system according to claim 1, wherein the plurality of game devices are provided separately: the operation unit includes a transfer indicating a transfer from the first generation amount to the second generation amount of the second generation amount. The operation unit is at least one of a withdrawal operation unit that instructs a transfer from the second generation amount to the first generation amount of the first generation amount; and the operation unit is operable when the permission unit allows the transfer of the quota. 9. The management system according to the first aspect of the application, wherein the management unit stores the certified information in the management information in the management memory, and transfers the instructed quota from the game device. In the case of the server device of the memory device in which the first identification information and the biometric information are associated with and stored in the second generation amount, the first identification information of the authenticated information is transmitted and the foregoing Biological information. 10. The management system according to claim 1, wherein the management unit stores the authentication information in the management memory unit by including the specific information, and when the game device is instructed to transfer the quota, The server device that manages the memory device that associates the first identification information and the specific information with the second generation amount and memorizes the memory device transmits the first identification information and the specific information of the authenticated information. 11. A game device having a result of using a first authentication using the first identification information and biometric information input to the management device, and a second authentication using the second identification information input to the management device In a case of affirmative, the game device that communicates with the management device of the management unit of the management memory unit as the authenticated information in association with the second identification information is provided with a storage unit and a memory. The first generation amount of the game device is increased or decreased by the consumption or acquisition of the game device; the terminal side acquisition unit obtains the identification information for confirmation; and the photo management unit checks the identification information for the confirmation according to the management unit. Whether the second identification information is stored in the management memory unit and the permission unit as the authentication information is allowed to be stored in the first generation amount of the storage unit of -56-201113069 when the result of the foregoing note is affirmative The transfer from one party to the other for the second generation of the memory device in association with the first identification information shift. 12. A management device, comprising: a receiving unit that receives first identification information; a generating unit that generates biometric information indicating a biometric feature of a user; and a first authentication unit that acquires the first The identification information is the result of the first authentication of the biometric information; the acquisition unit acquires the second identification information; the second authentication unit obtains the result of the second authentication using the second identification information; and the management unit is When the result of both the first authentication and the second authentication is affirmative, the first identification information is associated with the second identification information, and is stored in the management memory as the authenticated information; the management unit is consistent The game device is notified of whether the second identification information input to the confirmation information of the confirmation device of the game device is stored in the management information unit as the result of the determination of the management information, and when the result of the determination is affirmative, The game device of the storage unit that remembers the first generation of the number of shares that is increased or decreased by the consumption or acquisition of the token, and the pair of first identification information And the memory device that memorizes the second generation amount, the request for transfer from the above-mentioned game device, the transfer of the first generation amount of the intermediary and the transfer of the second generation amount to the other party's quota. -57- 201113069 13. The program is to make the computer function as: the receiving unit receives the first identification information; and the generating unit generates the biological information indicating the characteristics of the user's living body; The authentication unit obtains the result of the first authentication using the first identification information and the biometric information; the acquisition unit acquires the second identification information; and the second authentication unit acquires the second authentication using the second identification information. As a result, when the result of both the first authentication and the second authentication is affirmative, the first identification information is associated with the second identification information, and is stored as management information in the management memory. The management unit is configured to determine whether or not the second identification information corresponding to the identification information for confirmation input to the game device is the authenticated information. The game device is notified of the result of the determination in the management memory unit, and when the result of the determination is affirmative, the game device is provided with a storage unit that stores the first generation of the number of shares that are increased or decreased by the consumption or acquisition of the quota. And the memory device that stores the second generation amount in association with the first identification information, and the request for the transfer of the token transmitted from the game device, the first generation amount of the intermediary and the second generation amount For the transfer of the other party's proxy. -58-
TW099125600A 2009-10-07 2010-08-02 Management system, gaming device, management device and program TW201113069A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2009233084 2009-10-07

Publications (1)

Publication Number Publication Date
TW201113069A true TW201113069A (en) 2011-04-16

Family

ID=43886903

Family Applications (1)

Application Number Title Priority Date Filing Date
TW099125600A TW201113069A (en) 2009-10-07 2010-08-02 Management system, gaming device, management device and program

Country Status (3)

Country Link
JP (1) JP5188553B2 (en)
CN (1) CN102034017B (en)
TW (1) TW201113069A (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013161719A1 (en) * 2012-04-25 2013-10-31 株式会社コナミデジタルエンタテインメント Game control device, game control method, program, recording medium, and game system
JP6640961B1 (en) * 2018-11-28 2020-02-05 株式会社バンダイ Article management system, game device and program
JP6757523B2 (en) * 2019-04-23 2020-09-23 株式会社セガ Game equipment and game programs

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1033369C (en) * 1988-10-04 1996-11-27 株式会社索非亚 Game system
JP2001212363A (en) * 2000-02-03 2001-08-07 Oki Electric Ind Co Ltd Setting method and settling system for game center
JP2002035380A (en) * 2000-07-27 2002-02-05 Sun Corp Game information management device
JP3831695B2 (en) * 2002-09-11 2006-10-11 株式会社コナミデジタルエンタテインメント GAME SYSTEM AND SERVER DEVICE
JP2004295197A (en) * 2003-03-25 2004-10-21 Nec Corp Electronic ticket vending system and method
JP3632963B2 (en) * 2003-05-29 2005-03-30 コナミ株式会社 Network battle type terminal device, method and program
JP2005007041A (en) * 2003-06-20 2005-01-13 Waizutekku Kk Visitor control system
US7329186B2 (en) * 2004-08-20 2008-02-12 Igt Gaming system with rewritable display card and LCD input display for reading same

Also Published As

Publication number Publication date
JP2011098192A (en) 2011-05-19
JP5188553B2 (en) 2013-04-24
CN102034017A (en) 2011-04-27
CN102034017B (en) 2013-11-27

Similar Documents

Publication Publication Date Title
TWI484427B (en) Electric payment system, electric payment server, value providing apparatus, mobile communications terminal, and electric payment method
TWI332637B (en) Biometrics system and method thereof
TW200821992A (en) Personal verifying system, method, procedure and host device thereof
JP5945298B2 (en) GAME MEDIUM CONVERSION SYSTEM, GAME MEDIUM CONVERSION METHOD, AND GAME MEDIUM CONVERSION PROGRAM
TW201113069A (en) Management system, gaming device, management device and program
JP5514438B2 (en) GAME MEDIUM MANAGEMENT SYSTEM AND GAME MEDIUM MANAGEMENT METHOD
TW201113070A (en) Management system, game device, management device and program
JP7621175B2 (en) Touchless transaction method, touchless transaction system, transaction management device, and automated transaction device
JP5318635B2 (en) Financial transaction system, financial transaction method and host device
JP7212101B2 (en) Account payment system and account payment method
EP1557801A2 (en) Award payment system
JP5346786B2 (en) Management device and program
JP7434655B1 (en) Authentication system, terminal device, identity verification method, and program
HK1152776A (en) Managing system, game device, managing device and managing method
JP7612082B1 (en) Information collection system, data generation system, information collection method, data generation method, terminal device, and program
JP7614299B1 (en) Payment system, payment method, and program
JP2014194645A (en) Information processing system, information processing device, server, information processing method, and program
HK1152786A (en) Managing system, game device, managing device and managing method
JP2008071199A (en) Transaction system, management information processor, operation information processor, and processing method
JP2025012203A (en) Automated Trading System
JP5918798B2 (en) Game media management system
JP5922175B2 (en) Value management system and value management method
JP2011034259A (en) Portable pin code management device and card information processing system
JP2011242836A (en) Prepaid card management system
JP2019042076A (en) Game system and owned ball management method