JP2002074225A - Terminal of affiliated store of card settlement, card settlement service system, and card validity judging method in card settlement - Google Patents

Abstract

PROBLEM TO BE SOLVED: To prevent a card from being unauthorizedly used by a person other than the identical person in the case of card settlement of a credit card, a prepaid card or a debit card, etc. SOLUTION: Pieces of information are received from plural information terminals, the pieces of information are managed as status by every cashless card correlated to the information terminals and validity of the card to be used at an affiliated store terminal is judged based on the status to be managed by a status management server regarding each card to be used at the affiliated store terminal to be installed at an affiliated store to handle the card and to sell merchandise by using the card.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION The present invention relates to a cashless card such as a credit card, a prepaid card or a debit card (hereinafter simply referred to as a "card"). The present invention relates to a card settlement member store terminal that performs settlement related to merchandise sales (including provision of various services and sale of goods as goods), a card settlement service system, and a card validity determination method in card settlement.

[0002]

2. Description of the Related Art Recently, consumers have no cash.
A full-fledged cashless era, in which payment is made by postpaid or immediate payment cards or electronic money on the Web, is about to begin. In particular, services provided by debit cards (formally referred to as “J-DEBIT” cards in Japan (the acronym J is J for JAPAN), but hereinafter simply referred to as debit cards) are provided by financial institution cards. Rapid expansion is expected with the convenience of being able to use it as it is without any procedures, services were started in some areas in January 1999, and full-scale operation was finally started in March 2000, It is expected that the card payment service will be available 24 hours 365 days anytime and anywhere.

[0003] In reality, there are financial institutions such as S bank and DK bank that can be used for 24 hours, but in general,
It is available to all financial institutions from 8:00 to 21:00, and the time zone differs depending on the financial institution that issued the card (debit card).

[0004] Various retailers and various service providers prepare necessary facilities for handling cards such as credit cards, prepaid cards and debit cards, and through a network system for performing settlement corresponding to the cards. Collect the price of products sold and services provided. The retailer that enables card payment using such a network system is referred to as a “merchant”
Called. The required equipment prepared by the member store is positioned as a so-called network system terminal. In the following, description will be made assuming that “sale of goods” includes providing a service. Similarly, "purchase of goods" includes provision of services. As an example of payment using a card, the “post-payment method” using a credit card as described above has been widely used. In this method, after a product is sold, a predetermined amount is debited from a designated account of a credit card holder of an issuing financial institution designated through a credit company that has issued a credit card, so that the price associated with the sale of the product is usually one to one from the sale of the product. It will be paid after ~ 2 months. On the other hand, payment using a prepaid card is a method of paying for the sale of goods using the "prepayment method",
By paying a predetermined amount to the member store in advance, the member store issues a prepaid card in which the predetermined amount is stored in a storage unit such as a magnet or an IC of the prepaid card,
Each time the merchandise is sold, the amount is updated by being reduced from the predetermined amount stored in the prepaid card, and the payment is made. If the prepaid card balance is less than the price for receiving the service, a predetermined amount is newly paid to the member store, and the prepaid card balance is updated.

[0005] Such a prepaid card is particularly effective for refueling at a gas station or for paying a toll on an expressway (in this case, particularly called a highway card). The payment for the purchase can be paid, and the merchant can quickly collect the price for selling the product without preparing a change, and the funds can be effectively used by paying in advance. The payment / collection of this payment will not be made beyond the prepaid card balance. Therefore, even if the prepaid card is lost, the damage suffered by the owner will be controlled by the prepaid card balance itself, and the member store side as,
The balance of the card that is lost and not used can be managed as a non-refundable amount. A card called a debit card is positioned between the “prepayment method” and the “payment method”, and the settlement of goods and services is performed by a so-called “immediate payment method”. A debit card enables payment using a cash dispenser card issued by a financial institution, and is called a debit card for "immediate payment" which means "debit." Have been. Debit cards themselves are not issued (the debit cards themselves do not physically exist).
However, in the following description, for example, it may be expressed as "a financial institution that has issued a debit card", and may be treated as if the debit card actually exists. It should be interpreted as a financial institution.

When a merchant sells a product, the card held by the customer who wants to purchase the merchandise is inserted into the terminal of the merchant as a debit card, and the purchaser is delivered to the financial institution of the card. By entering the personal identification number into the terminal and entering the price for merchandise sales at the merchant, the purchaser's financial institution account corresponding to the card will be instantly limited to the balance or credit range of the account. The sales price is withdrawn. Then, payment processing is performed on the financial institution account designated for each member store within 2 to 3 days at the latest. From the point of view of the purchaser who is a user, merchandise can be purchased at any credit card or debit card member store without carrying cash, and there is no need to issue a new card for debit cards. However, there is an advantage that it is possible to pay for the purchase of a product within the range of the deposit balance or credit of the financial institution account by easily using the card corresponding to the opened financial institution account. In the franchise stores, such as retailers and service providers, the settlement price is transferred to the account specified immediately or postpaid, so that it is possible to quickly, reliably, and efficiently collect the sales of the merchandise, and to increase sales opportunities. It has the advantage of increasing sales by making it harder to miss. Nikkei Internet BIZTECH NEWS dated August 28, 2000
Entitled `` Six major credit companies tie up with mobile payment methods '', said `` Six major credit companies will make secure payments using credit cards on mobile phones and game consoles on August 25 Consortium was established with the aim of disseminating the "PKICC" system. The consortium sets out rules for using this settlement center jointly by credit companies. PKICC increases the security of payment by issuing digital certificates to devices such as mobile phones in advance, and performing mutual authentication between the mobile phone, EC (e-commerce) site, and payment center. It is. The digital certificates to be distributed to mobile phones and the like are shared by each credit company, but the consortium also creates rules for operating a CA (certificate authority) system for distributing these certificates. PKICC is not available on existing mobile phones. ACCESS to use
It is necessary to install dedicated wallet software developed by the company on mobile phones. And an attempt to increase the security of settlement by distributing digital certificates to mobile phones and game machines in advance.

[0007]

However, in the card payment service system or the card business providing system for paying for the purchase of a product by a card as described above, various cards are held by the card owner himself, and the card is owned by the card owner. System or business based on the assumption that the payment is deducted from the financial institution account of the buyer who owns the card only when paying for the purchase of the merchandise itself. It is a provision method. In general, signature confirmation is used to assert that the owner of the card as seen in credit cards and the like, but in addition to this, the credibility of the confirmation is enhanced and the above prerequisites are satisfied. For this purpose, the following various devices have been devised.

[0008] For example, the member store, CAFIS described later
Payment information transmitted between centers and clearing centers is secured by high-level encryption, and a password is used to pay for purchases. When entering a password, the payment terminal is set in the palm of your hand or a separate terminal for entering the PIN is attached so that the PIN entered by the customer cannot be seen by the member store. ing. Further, Japanese Patent Application Laid-Open No. Hei 10-502195 discloses that a personal terminal unit for authenticating a user is provided for each user, and a call from the system is made in accordance with the input of the user and an algorithm stored therein. There is disclosed an invention in which a response code is output in response to the determination, and whether the response code is acceptable or not is permitted to provide a service. In Japanese Patent Application Laid-Open No. 2000-59516, a "mobile phone and computer telephony integrated system" is used, and a caller ID notification function of the mobile phone and attribute data such as a password input are used. An invention related to credit settlement is disclosed, in which these are collated and a desired service can be received after identity verification. With the caller ID notification by mobile phone, the user is automatically identified by the computer system, and by the computer telephony voice response, the user can register the attribute data by push dial and receive the desired service. It is a fusion of telephone and computer telephony. In addition, there is an attempt to lose the card and verify the identity of the purchaser. For example, Japanese Unexamined Patent Publication
JP-A-330304 and JP-A-10-69463 use a retinal pattern peculiar to each purchaser, identify the retinal pattern read from a retinal pattern reader and the ID number of the purchaser, An invention is disclosed in which a desired service can be received. All of the above-described devices for confirming the identity are intended to provide a means for confirming whether or not the user is the identity at the time of payment for paying for the purchase of the product by card.

[0009] However, it is possible to snoop on the personal identification number,
Eavesdropping on the input to the terminal, identification number held in the storage part on the card (the number that determines the identity of the card, the account number of the corresponding financial institution if it is a debit card, or the credit card if it is a credit card By deciphering the credit number) and the security code using a special system, the security code can be accurately identified for the reason that the so-called security code is very easily known to others. It is too early to determine whether or not you are the only person who can input.

[0010] Further, even if it is attempted to secure the security by highly encrypting, it is easy for a technician having an encryption technique higher than the highly encrypted technique to decrypt the encryption. In addition, there is a possibility that a crime may occur in which a card number or a PIN number left on a terminal in a retail business is misused to charge for a fictitious product price or a service provided. Some of the customers who use the card may be used by a plurality of customers, such as the use of one card by the family or the like, so that the matching based on the retinal pattern may not be available. In particular, in the case of a card payment service that pays for the price of goods and services provided by a debit card, a customer who loses the card can use a card in a financial institution account as a debit card without performing a new registration procedure. Serious problems can occur. In many cases, the personal identification number of the card is assigned to an anniversary, such as the birthday of the person, in terms of ease of storage. By investigating the anniversary, it becomes clear or sometimes simply guessed. In addition, since it is a four-digit number, a password can be obtained by repeating trial and error at most 9999 times, and a date can be obtained on any of 365 days. Alternatively, by reading information stored on the card, the personal identification number can be easily found. It is not impossible to illegally reissue the card itself based on various numbers printed in the transaction statement issued when cash is withdrawn from the financial institution using the card.
In this way, the advantage that the debit card is settled immediately is that if you flip it over, you will not notice that the card has been lost.
After a lapse of days, the deposit balance of the corresponding financial institution account may be completely lost, and the above advantage may be regarded as a disadvantage including great danger.

[0011] In the above-mentioned method of issuing a digital certificate to a mobile phone, the card itself is not authenticated. Therefore, the corresponding mobile phone must be always held together with the card. If it is held, it will be digitally authenticated, so it is undeniable that the card may be illegally used for card payment for product purchase against the will of the cardholder. The present invention has been made in view of such circumstances, and has been made to provide a card payment member store terminal, a card payment service system, and a card validity determination method in card payment described below. It is. First, an ID number for identifying various cards such as a credit card, a prepaid card or a debit card and a password related to the card are decrypted and illegally duplicated, or the decrypted password is input and a person other than the owner of the card is input. To prevent unauthorized use by a third party.

[0012] Next, even when the loss or theft of the card is not noticed, it is possible to avoid a situation in which the deposit in the designated account of the financial institution related to the card has been lost. Furthermore, in addition to preventing such unauthorized use, the card holder also sets a limit on the use of card payment using a cashless card, and when the card payment amount reaches a certain amount or more, the information terminal will It is also possible to control card status and control card payments.

The status for judging the validity of the card is such that the validity of the card in the card payment is determined by the lapse of a predetermined time or the predetermined number of payments by the card after receiving the final information from the information terminal. Changed to status denying gender.

[0014]

SUMMARY OF THE INVENTION The present invention relates to a card settlement service having a status management server for receiving information from a plurality of information terminals and managing the information as a status of each cashless card associated with the information terminals. A system, wherein each card used in a member store terminal that is installed in a member store that handles the card and sells goods using the card is used, and based on the status managed by the status management server, a member store terminal Card validity judging means for judging the validity of the card used in the above, and in a card validity judging method in card settlement for merchandise sales using a cashless card, information from a plurality of information terminals The status management server receives the information and associates the information with the information terminal as a status for each card. Managed by the server relates to the card to be used in the member store terminal that performs product sales using the installed card merchants dealing the cards, on the basis of the status in which the status management server manages,
Provided is a card validity judging method in card settlement for judging the validity of a card to be used.

Further, receiving information from a plurality of information terminals,
A card settlement member store terminal that is connected to a status management server that manages the information as a status of each cashless card associated with an information terminal and that is installed in a member store that handles cashless cards and that performs card settlement for merchandise sales Wherein card validity determining means for determining the validity of a card used based on the status is provided in either the status management server or the card settlement member store terminal, and the card validity determining means Card payment is performed using the determination result. The status managed by the status management server is information indicating whether the card is valid or invalid, or the status is the current status of the card holder transmitted from the information terminal. , And a master mail that is also sent from the information terminal and is used for checking validity determination. The status management server compares the current mail with the master mail. Create and use a status that indicates whether the card is valid or invalid. Further, the status for judging the validity of the card is such that the validity of the card in the card settlement is determined by the elapse of a predetermined time or the predetermined number of card payments performed by the card after receiving the final information from the information terminal. The status is changed to negative. In particular, an information terminal for transmitting information to the status management server is a personal computer connected to a network and uses free mail on the Internet. The "status" used above is used by combining the words "code" and "name" like a status code and a status name. In the present invention, generally, a certain state is used. It is used as a broad word to describe.

[0016]

DESCRIPTION OF THE PREFERRED EMBODIMENTS "CA" used in the following examples
FIS Center "is Credit AndFinan
This is an abbreviation for ce Information System, which refers to a shared-use network provided by NTT DATA Corporation. It is a nationwide ON-LI network for card companies, distribution companies, financial institutions, and member stores.
Connected with NE, it is mainly used for credit inquiry (also called credit) and sales management. The “clearing center” receives transaction information on credits and debits from the “CAFIS Center” as settlement information, and centralizes the settlement information for the purpose of facilitating the flow of funds based on the information. A center that receives the results of transfers deducted from the user's account at the card-issuing financial institution, aggregates and offsets such data, and sends the data after deducting the fees of the financial institution to the settlement financial institution . Under such circumstances, it is called a clearing center (due to having a function of canceling out or totalizing payment information). FIG. 1 is an example of the present invention, and is a block diagram showing a wide area network configuration in the embodiment.

The member store terminal 1 has a card reader for reading card contents stored on the card, such as an identification number and a password, and a key input unit for inputting a password and a sales amount. It is configured to be able to access an authentication / credit server 2 such as a CAFIS center in order to obtain credit card or debit card authentication or credit information via wireless communication. Merchant terminal 1
Is a status management server 3 to be described later via a communication line.
It is also configured to be accessible. Authentication credit server 2
Is a clearing center 4 and a database server 501, 502, 50 of a credit company via a communication line.
3,... (Hereinafter, representatively referred to as a credit company DB server 5). General subscriber phone,
A communication terminal such as a mobile terminal (including a mobile phone, a PHS, or a PDA such as a mobile phone or a palm (not shown)) and a personal computer (NWPC) connected to a network is referred to as an information terminal 6. The status management server 3 is a server that manages information specific to a card holder for each information terminal, a card number and a password as an identification ID of the card, and in particular, a caller number and a mail address of the information terminal 6. Is stored, and the mail information transmitted from the information terminal 6 is stored for each information terminal 6 (a plurality of mail information may be stored for each type). The card number of each information terminal 6 is registered and changed when the card is created or as part of a card management system thereafter. A method of changing the registration by operating the information terminal 6 is also possible, but from the viewpoint of improving security, such an easy registration changing method is preferable unless security measures such as changing with a password are taken. Absent. In other words, it is desirable to use it under the appropriate security measures.

FIG. 2A is a status management table for each information terminal 6 managed as a database in the status management server 3. In FIG. 2A, in addition to the information terminal number and the card number, a master mail and a current mail,
A card number password used to change the card number and a master mail password used to change the contents of the master mail are managed. Also, a status indicating whether the corresponding card can be used or not is managed. This status may be created each time either the master mail or the current mail is changed and stored for each information terminal, or may be created when the master mail is compared with the current mail and the status is transmitted. Is also good. It is conceivable to change the registration of this status from the information terminal 6 independently, but security measures are required as in the case of the card number.

The status management server 3 may be included in the authentication credit server 2, the clearing center 4, or each credit company DB server 5. Alternatively, using the fact that the status management server 3 can be accessed from the member store terminal 1, the “authentication credit server 2
Access to the authentication and credit server 2 from the status management server 3 in place of the access to the terminal. By using the status management server 3 as an "intermediate server to the authentication credit server 2 in charge of", the effect of decentralizing the centralized access to the authentication credit server 2 from the member store terminal is produced. Information terminal 6
The e-mail information sent from is the information of the owner of the information terminal 6, for example, "I will go shopping now." Or "I will go to sleep because I'm already sleepy!"
Or, it is an email that you can write freely, such as "I'm visiting you now." There are no particular restrictions on the content. The mail information is stored in the status management server 3 as a current mail each time a mail is received. The storage of the mail information is confirmed using the caller number notification function of the information terminal 6 to check whether it matches the unique number of the information terminal 6. If the numbers do not match, the mail information is not stored. In addition, a password is attached to the mail information (not necessarily the same as the password provided to the issuing financial institution of the card), and the mail is transmitted, and whether or not the password matches a pre-registered password is determined. The e-mail information is stored as a current e-mail when there is a mismatch or when a password is not added.

The contents of the stored mail information are distinguishably stored as a status for each card owner.
If the password is added and matches the password registered in advance, the mail is stored as a master mail. The master mail is compared with the current mail and is regarded as the master mail because the validity of the card is determined by being respected as the will of the card holder relating to the corresponding card. Note that the mail information stored in the status management server 3 may be short information (not necessarily in the form of mail) such as two or more types of distinguishable code information transmitted from the information terminal 6. . In this case, by determining such information (for example, it may be determined whether the information is the same or the same as the information specified in advance,
Further, the information specified in advance may be common to all cards and may be changed at any time), and the status of the card owner is distinguished. The information transmitted from the information terminal 6 is the same information, and every time the status management server receives the same information, the status to be stored is switched between ON and OFF, for example, to manage the status for each card holder. You may make it. When the information terminal 6 is an Internet mail using computer communication, the caller ID notification function of the information terminal 6 treats a mail address related to the Internet mail as the caller number of the information terminal 6 and Check who is calling. The e-mail address is not necessarily limited to a paid e-mail address provided by an Internet provider. Various D
It is also possible to use a free mail address assigned to an individual in a free mail service provided to a user by a communication carrier managing a B server and a search engine and operated on the WEB.

The free mail address is stored in the information terminal 6
The caller number may be regarded as the caller number and the caller may be confirmed. In particular, the free mail address should not be used as a mail address for sending and receiving mails, and information to be collected and confirmed via the Internet will be distributed from the provider (from the information terminal 6 side of NWPC, mail will be received only from the provider) It is possible to set up the status of its own information terminal in the status management server 3 very safely without knowing the free mail address to anyone other than the provider, since it can be opened for the main purpose. By the way, the status of the card holder is a card holder (a person who holds (holds) the card in order to settle the card at the time of product purchase. Strictly speaking, the card owner issues the card by issuing the card Financial institutions or credit companies, but those who have exclusive use rights for the card are the cardholders). This status is a status set by the owner of the card and the information terminal 6 at the same time so far by his / her own will, and by transmitting information from the information terminal 6 of the card owner to the status management server 3. It can be changed at any time. If the status is set to “a state in which the card is not used” and the status is confirmed by the status management server 3, even if an attempt is made to use the related card fraudulently, the authentication credit information is sent to the authentication credit server 2. The use of the card is forbidden at the stage before the inquiry is made.

When a mail is transmitted from an information terminal by Internet mail, another information terminal such as a member store terminal or NWPC at work may be used.
Therefore, when the address is an e-mail address, it is particularly easy to change the status setting. In such a case, hereinafter, the information terminal 6 of the cardholder is treated as meaning an information terminal operated by the cardholder.

On the other hand, by transmitting information from the information terminal 6 of the card owner to the status management server 3,
The status can be set to a state where the use of the related card can be used at any time. Therefore, when purchasing a product by using a card, the status is set to a state where the card can be used immediately before the product is purchased, and the status is set again after the product is purchased. If you set the to a card unusable state again,
Even if the card is left in the merchant's store after purchasing the product, fraudulent use of the card can be prevented. The status management server 3 stores a master mail in the information terminal 6 of the card owner, separately from the above mail information. The contents of the master mail are, for example, mails that are initially registered together with the master mail password. The contents of the master mail can be set and registered again by resending the mail using the master mail password. In the present embodiment, the status of the card is created by comparing the current mail information set for communication from the information terminal 6 corresponding to each card with the master mail information. In the comparison,
You can create a status by exact match comparison and compare it.Also, there is a method of extracting words that become keywords and comparing them by matching, or various methods such as comparing by the ratio of matching characters A comparison method is conceivable. Which comparison method is used depends on the reliability level of the status to be created. Comparing the final current mail information and the master mail as mails is considerably more difficult for a third party to create the same mail than the comparison as simple code information because of the variety of mails. It can be considered that the same mail does not coincide with each other by chance, and the reliability of the status is considerably high. Next, a procedure for registering or setting the master mail and the current mail in the status management server 3 will be described with reference to the flowcharts of FIGS. Each step showing the procedure is to proceed to the step described immediately below unless a step to be performed is indicated. As shown in FIG. 2B, the mail information from the information terminal 6 has at least a caller number unique to the information terminal 6 (the information terminal 6 has N
In the case of WPC, it is a mail address, but in the following description, it is simply described as a sender number), a mail ID indicating the type of mail, and a mail text. The value of the mail ID is, for example, “M” for transmitting a master mail password, and indicates that the current mail to be transmitted thereafter is a master mail, and “C” indicates current mail transmission. That is, the current mail transmitted under certain conditions becomes the master mail. These pieces of mail information are buffered independently to correspond to reception from a plurality of information terminals 6, and the corresponding application programs also have a reentrant structure. First, the flowchart of FIG. 4 is a schematic diagram showing that a time when a mail transmitted from the corresponding information terminal 6 is regarded as a master mail is monitored by a timer. This flowchart is started in the flowchart of FIG. 3 described later. In this flowchart, the elapse of a predetermined time is monitored by a timer operation, and the reception permission of the master mail is maintained until the elapse of the predetermined time. . After the elapse of the time, by resetting the flag indicating that the transmission of the master mail is requested to OFF, the permission to receive the master mail is not maintained. That is, while the flag is OFF, control is performed so that the registration change of the master mail is not performed in the flowchart of FIG. The flowchart in FIG. 3 is a schematic diagram illustrating a procedure for controlling the reception of a mail transmitted from the information terminal 6 in the status management server 3, and is started by receiving a mail from the information terminal 6. After the activation, a caller number is obtained from the contents of the received mail (STEP 301). Then, based on the contents of the mail ID in the received mail, it is determined whether the received mail is a mail for changing the master mail (STEP 30).
2) If not (in this embodiment, if the mail ID is not “M”, the received mail is not a mail that changes the master mail, that is, it is determined that the mail is not changed), the process proceeds to STEP 306. In STEP 303, the status management table shown in FIG. 2A is searched, the number of the information terminal 6 in FIG. 2A corresponding to the caller number obtained in STEP 301 is obtained, and the master mail password of the corresponding information terminal 6 is obtained. . In STEP 304, it is determined whether the password of the master mail matches the mail text of the received mail. If not, a NACK (negative acknowledgment) is transmitted to the information terminal 6 and the process of this flowchart ends. STEP
In the case where the corresponding caller number is not found in 303 or the password of the master mail cannot be obtained, a NACK (negative response) is transmitted to the information terminal 6 in the same manner as in the case of “No”, and this flowchart is executed. Is completed. In STEP 305, an ACK (acknowledge) is transmitted to the information terminal 6 to request transmission of the master mail.
Is turned on, the OFF timer of the transmission request flag is set, and the process of this flowchart ends.

By setting the OFF timer of the transmission requesting flag, if the master mail is not transmitted within a predetermined time, the master mail cannot be received after the predetermined time has elapsed. That is, when the OFF timer of the transmission requesting flag is set, the task corresponding to the flowchart of FIG.
The F-timer resets the transmission request flag of the number of the corresponding information terminal 6 to OFF after a predetermined time has elapsed.

Thereafter, it is expected that a master marl is transmitted from the information terminal 6 within the transmission request time, and the processing shown in the flowchart of FIG. 3 is started again by the incoming call. In STEP 306, the information terminal 6
It is determined whether the transmission request flag of the number is ON or not, and if not, the process proceeds to STEP 307. Even if the master mail is transmitted from the information terminal 6 after transmitting the master mail password, the transmission request flag is set to O.
If the master mail is not transmitted within a predetermined time until the FF is reset, the transmitted mail is regarded as the current mail, and the process may proceed to STEP 307 as no.

If it is ON, the mail text in the received mail is stored as a master mail in the master mail of the number of the corresponding information terminal 6, and the transmission request flag is reset to OFF. The process ends.

In STEP 307, the mail text in the received mail is stored as the current mail in the current mail of the number of the corresponding information terminal 6, and the processing of this flowchart ends. Next, the processing of the information terminal 6 corresponding to the processing of the status management server 3 in the registration change of the current mail and the master mail will be described with reference to the flowchart of FIG.

This flowchart is started when the information terminal 6 attempts to start updating the registration of the master mail. In STEP 501, a master mail password for registering and updating the master mail is transmitted as an e-mail to the status management server 3 together with a mail ID indicating that the master mail password is transmitted. In STEP 502, the process waits for a reception response from the status management server 3, and if a timeout occurs, the process of this flowchart ends. Received response and the content is NA
If it is CK (negative response), the process returns to STEP 501. If the content is ACK (acknowledge), the process proceeds to STEP 503, but if neither ACK nor NACK, it continues to wait for a reception response again.

At STEP 503, a request for transmission of a master mail is made, so that the master mail is input within a predetermined time and the mail is transmitted to the status management server 3. The mail transmitted within the predetermined time in this way is registered and updated in the status management server 3 as the master mail of the information terminal 6. According to the flowcharts shown in FIGS. 3, 4, and 5, the master mail and the current mail for each information terminal 6 to the status management server can be registered and changed from the information terminal 6 at any time.

Next, a procedure in which the card holder makes a purchase without cash using the master mail and the current mail and makes a card payment will be described with reference to the flowchart of FIG. In STEP 601, the card number and the personal identification number of the card are read through the card reader of the member store terminal 1. In STEP 602, a personal identification number is manually input by the card holder separately from the personal identification number of the card read from the card reader. If the manually input password matches the password read from the card reader, STEP 60
Proceed to 3. Unless they match, the process does not escape from the member store terminal 1.

In this flowchart, it is assumed that the personal identification number is read or manually input. Instead of the personal identification number, the personal identification is confirmed by the signature of the person who holds the card, and the home telephone number is entered. Verification methods such as verbal verification of the identity of the user may be adopted. In STEP 603, the member store terminal 1 makes an inquiry to the status management server 3 to confirm the intention of the card holder. That is, the current mail of the card stored in the status management server 3 is compared with the master mail to judge whether or not they match (as described above, it is not necessary to match completely, but a partial match or a keyword may be used). It is also possible to judge based on coincidence), and judge whether or not the card holder is permitted to use the card.

In this STEP, the determination for confirming the intention of the cardholder is normally made in the status management server 3 in response to an inquiry from the member store terminal 1 to the status management server 3, but in response to the inquiry. Alternatively, the current mail and the master mail of the card, which are the judgment criteria, may be transmitted to the member store terminal 1, and the judgment may be made by the member store terminal 1. If the merchant terminal 1 makes the decision, the merchant can increase the degree of freedom, and if the merchant can be convinced that the card holder is trustworthy because he or she is a customer, the master If the difference between the e-mail and the current e-mail is trivial to the extent that it can be justified, it is possible to permit card payment at the member store terminal regardless of the result of the judgment. However, compared to the case where the status management server 3 makes a judgment,
The communication amount and the load on the member store terminal 1 increase, for example, the transmission amount increases and the member store has a judgment program. ST
In EP 604, if the status of the card holder (contents that the card owner finally sent as the current mail) matches the contents of the master mail, the card holder makes the payment by the card. As it is, the process proceeds to STEP 606. In this embodiment,
Although it is compared with the content of the email sent as the current email in the end, it can be compared with any or predetermined email even if it is not the final email (however, it is complicated for the owner to change the intention of the owner ), And the status can be created as the owner's intention even if it is not the final current mail.

In STEP 605, it is determined that the cardholder, who is the cardholder, will not make a payment by card, so the merchant terminal 1 displays "This card cannot be used" and "This card is not permitted." A message to the effect that card settlement is rejected is displayed, and the process of this flowchart ends. In STEP 606,
The member store terminal 1 inquires the authentication credit server 2 about credit information such as the passbook balance and the credit limit of the card, and the authentication credit server 2 further checks the corresponding credit company according to the card. In STEP 607,
The result of the inquiry in STEP 606 is determined, and if credit is possible, the process proceeds to STEP 608;
Proceed to P605.

At STEP 608, information necessary for the transaction is transmitted to the authentication and credit server 2 and the sales process proceeds. Also, necessary information is transmitted to the corresponding credit company 5 and clearing center 4. In STEP 609, the settlement financial institution of the card issuing financial institution is instructed to transfer the corresponding amount to the designated financial institution of the member store. The transfer will be same-day settlement or post-payment settlement depending on the type of the card. The process of this flowchart ends. According to the flowchart of FIG. 6, when the card holder makes a purchase without cash and attempts to make a card payment, the card holder's intention to use the card always uses the current mail and the master mail. Will be confirmed. Therefore, as long as the card owner does not finally send a mail that matches the master mail as the current mail to the status management server 3, the card is not used for card settlement against the will of the card owner. Even if the card holder does not have the card, the above operation can be performed by sending an e-mail from the information terminal 6, and depending on the owner of the card, whether or not to use the card for payment is determined. Can decide. Here, it is assumed that the user intends to purchase the product with a card (assuming that the card number is “123456”), and the progress until the purchase of the product will be described.

At the time of subscribing to a card or purchasing a mobile phone (here, the information terminal 6 is assumed to be a mobile phone, and the telephone number is "09056781234"), the number of the card owned by the user is purchased. "123456"
It is assumed that the password for changing the registration of the master mail (for example, “ABCDEF”) is registered in the status management server. And then, FIGS.
According to the flowchart of the above, the user inputs the master mail password "ABCDEF" from the mobile phone and registers the mail "Master Dad Is Closed Today". Thereafter, a plurality of mails other than the master mail are transmitted as the current mail. At this time, the caller number “090567” is stored in the status management server 3.
81234 ", the card number" 123456 ",
Master mail "Dad is absent today", password for changing master mail "ABCDEF", current mail of the last mail "I'll be late because I play tonight and go home"
Is stored. In this state, the purchase of the product using the card does not match the master mail and the current mail according to the flow chart of FIG. 6, so that the status management server 3 is accessed by the member store terminal before the authentication credit server 2 is accessed. You are paid in front of you.

Therefore, immediately before the card payment is made at the member store terminal, an e-mail "Dad is absent today" is transmitted from the cellular phone "09056781234" to the status management server 3. It is assumed that the user has completed the purchase with the card and returned home, and noticed that the card was lost. But don't panic, take out your mobile phone, send the current mail "rest" to the status management server, and sleep tonight with peace of mind.
All you have to do is remember the location of the card the next day. If you do not remember, do not panic, if you do not come out, just reissue a card with a different number, there is no damage because others will not be used illegally. The only damage is the reissue fee. This fee can be eliminated by changing the card company. As a function not described in the above embodiment, the status management server 3
It is easily realized that the status managed by is changed to a status that negates the validity of the card in the card settlement by the elapse of a predetermined time after receiving the final information from the information terminal. Status management server
A status change timer for each information terminal is provided in 3
The status may be changed after a predetermined period of time to deny the validity of the card. In addition, the status managed by the status management server 3 is changed to a status that negates the validity of the card in the card payment by performing a predetermined number of card payments by the card after receiving the final information from the information terminal. Such setting can be easily realized. Status management server
A counter for each information terminal is provided in 3 and counts up each time the card is settled a predetermined number of times by the card, resets when the last e-mail is received, and when the counter reaches the predetermined number, the corresponding status is set. It may be changed to negate the validity of the card.

[0037]

As described above, according to the present invention, the owner of the card, not the holder of the card, can change his / her intention in the status management server at any time. It is not necessary to submit a notification, and it is possible to easily control the card payment intention from the information terminal, and the card is used for product purchase payment only when the card payment is indicated by the user's own will. Therefore, it is possible to always maintain a sense of security that the card will not be used without permission. Therefore, it is expected that the amount of insurance related to unauthorized use of the card is kept low, which contributes to rapid expansion of the card. Furthermore, the card owner himself / herself limits the use of card payment using a cashless card, and when the card payment amount reaches a certain amount or more, the information terminal controls the above status by itself and performs card payment. There is an effect that it is also possible to restrain yourself. In addition, the status to judge the validity of the card is, after receiving the final information from the information terminal,
The status changes to a status that negates the validity of the card in the card payment by the elapse of the predetermined time or the predetermined number of card payments performed by the card,
Even if the validity of the card is not deliberately denied, unauthorized use of the card is prevented after a predetermined time or after a predetermined number of card payments.

The information terminal for transmitting information to the status management server is a personal computer connected to a network, and by using free mail on the Internet,
Even if it is not the information terminal of the card owner, there is an effect that the status of the status management server can be changed easily and at any time by the card settlement member store terminal or the network PC at work.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a wide area network configuration of the present invention.

FIG. 2 is a schematic diagram showing an example of a status management table for each information terminal managed as a database of the present invention and mail information including a sender number of the information terminal, a mail ID, and a mail text.

FIG. 3 is a flowchart showing that a time when a mail transmitted from the information terminal of the present invention is regarded as a master mail is monitored by a timer.

FIG. 4 is a flowchart showing that a time when a mail transmitted from the information terminal of the present invention is regarded as a master mail is monitored by a timer.

FIG. 5 is a flowchart showing processing on the information terminal side corresponding to processing on the status management server side in changing registration of a current mail and a master mail according to the present invention.

FIG. 6 is a flowchart showing a procedure in which a card holder makes a purchase without cash using a master mail and a current mail according to the present invention to make a card payment.

 ────────────────────────────────────────────────── ─── Continuing from the front page (72) Inventor Masao Nakata 2-5-2-5 Keihanhondori, Moriguchi-shi, Osaka Sanyo Electric Co., Ltd. F-term (reference) 3E044 BA05 DE01 5B049 AA05 BB11 CC05 CC39 EE00 GG00 GG07 5B055 CB09 EE01 EE06 EE27 FA00 FB00 KK00

Claims (21)

[Claims] 1. A card payment service system having a status management server for receiving information from a plurality of information terminals and managing the information as a status of each cashless card associated with the information terminal, wherein For each card used in a member store terminal that is installed in a member store that handles and sells goods using the card, based on the status managed by the status management server, the validity of the card used in the member store terminal A card settlement service system having a card validity judging means for judging whether or not the card is valid. 2. In a card validity determination method in card payment for merchandise sales using a cashless card, information is received from a plurality of information terminals, and the information is associated with the information terminal. The status is managed by the status management server, and each card used in the affiliated store terminal that is installed in the affiliated store handling the card and sells goods using the card is based on the status managed by the status management server. Card validity determination method for card payment, which determines the validity of the card used. A member store that receives information from a plurality of information terminals and is connected to a status management server that manages the information as a status of each cashless card associated with the information terminal and that handles cashless cards. A card payment member store terminal installed in the company for performing card payment for merchandise sales, wherein the card validity determination means for determining the validity of the card used based on the status includes the status management server or the card payment member store. A card payment member store terminal provided at any one of the terminals and performing card payment using the determination result by the card validity determination means. 4. The card settlement service system according to claim 1, wherein the status for determining the validity of the card is alternative information indicating whether the card is valid or invalid. 5. The card validity judging method according to claim 2, wherein the status for judging the validity of the card is alternative information indicating whether the card is valid or invalid. 6. The card settlement member terminal according to claim 3, wherein the status for determining the validity of the card is alternative information indicating whether the card is valid or invalid. 7. The status according to claim 1, wherein the status for judging the validity of the card is a current mail transmitted from the information terminal and a mail transmitted from the information terminal, and is used for collation of validity determination. A card payment service system composed of a master mail and 8. The status according to claim 2, wherein the status for judging the validity of the card is a current mail transmitted from the information terminal and a mail transmitted from the information terminal, and is used for collation of validity determination. A method for determining the validity of a card in card payments, which is composed of a master mail that is used. 9. The status according to claim 3, wherein the status for determining the validity of the card is a current mail transmitted from the information terminal and a mail transmitted from the information terminal, and is used for collation of validity determination. A card payment member store terminal that is composed of a master mail. 10. The card settlement service system according to claim 7, wherein the current mail and the master mail are compared to create and use a status indicating whether the card is valid or invalid. 11. The card validity in card settlement according to claim 8, wherein the current mail and the master mail are compared to create and use a status indicating whether the card is valid or invalid. Judgment method. 12. The card settlement member terminal according to claim 9, wherein the current mail and the master mail are compared to create and use a status indicating whether the card is valid or invalid. 13. The card according to claim 1, wherein the status for judging the validity of the card is determined based on a lapse of a predetermined time after receiving the last information from the information terminal. A card payment service system that changes to a status that denies validity. 14. The card according to claim 2, wherein the status for judging the validity of the card is determined based on a lapse of a predetermined time after receiving the last information from the information terminal. A card validity determination method in card payment that is changed to a status that denies validity. 15. The card according to claim 3, wherein the status for judging the validity of the card is determined based on a lapse of a predetermined time after receiving the last information from the information terminal. A card payment merchant terminal that changes to a status that denies validity. The status for judging the validity of a card according to any one of claims 1, 4, 7, and 10, wherein the card is settled a predetermined number of times by the card after receiving the final information from the information terminal. Changes to a status that denies the card ’s validity in card payments,
Card payment service system. 17. The status according to claim 2, wherein the status for judging the validity of the card is such that after receiving the last information from the information terminal, the card is settled a predetermined number of times by the card. Changes to a status that denies the card ’s validity in card payments,
Card validity determination method in card payment. 18. The status according to claim 3, wherein the status for judging the validity of the card is such that after receiving the final information from the information terminal, the card is settled a predetermined number of times by the card. Changes to a status that denies the card ’s validity in card payments,
Card payment merchant terminal. 19. The card settlement service according to any one of claims 1, 4, 7, and 10, wherein the information terminal for transmitting information to the status management server is a personal computer connected to a network and uses free mail on the Internet. system. 20. The card payment method according to claim 2, wherein the information terminal transmitting the information to the status management server is a personal computer connected to a network and uses free mail on the Internet. Card validity determination method. 21. The card settlement member according to any one of claims 3, 6, 9 and 12, wherein the information terminal for transmitting information to the status management server is a personal computer connected to a network and uses free mail on the Internet. Store terminal.