JP2005209083A - Service system, and communication system and communication method using the same - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To enable a user to easily make an application for pay services on the Internet and pay charges while ensuring security, by linking a user's mobile phone and a user terminal. <P>SOLUTION: A service system 2 is characterized in that it has a service server which can freely communicate with the user terminal 1, mobile phone 4 and mobile phone company mail system 3 through a network 5, prepares a prescribed one-time password on reception of the information of a mobile phone number from the user terminal 1 after establishment of a session to the user terminal, and maintains the session to the user terminal 1 while transmitting the one-time password and information of the mobile phone number to the mobile phone company mail server 3 to prompt collation, and performs prescribed authentication to determine whether a service may be provided on reception of the one-time password from the mobile phone 4. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a service system that realizes authentication and fee payment using an electronic mail function of a mobile phone, for example, and a communication system and communication method using the service system.

  Conventionally, various paid services such as content distribution have been provided on the Internet. However, when a user uses such a service, a technology for easily paying a fee while ensuring security is desired. For example, when using such a paid service on the Internet, payment of a fee by credit card is already implemented, but it is necessary to transfer a fee or credit card number on the Internet for a small amount Many users have anxiety, which is an obstacle to use.

Here, Patent Document 1 discloses a technique related to a fee payment method and a fee payment system using a mobile phone. The technology uses the telephone number of the customer's mobile phone as customer information for authentication, and notifies the telephone company server based on the result of the authentication, and the telephone company server performs billing processing for the customer. .
JP 2003-281449 A

  However, the technology disclosed in Patent Document 1 focuses on easily receiving service from a plurality of service providers and facilitating customer payment management. The user terminal owned by the user It is not envisaged to apply for paid services on the Internet and pay for fees while ensuring security by linking mobile phones with mobile phones.

  The present invention has been made in view of the above problems, and its purpose is to ensure the security of application for paid services and payment of fees on the Internet by cooperation between the user's mobile phone and the user terminal. It is to do simply.

  In the first aspect of the present invention, it is possible to communicate with a user terminal, a mobile phone, and a mobile phone company mail system via a network, and after the session with the user terminal is established, the mobile phone number information is obtained from the user terminal. Upon receipt, an authentication password such as a predetermined one-time password is generated, the authentication password and the mobile phone number information are transmitted to the mobile phone company mail server, and a session with the user terminal is maintained while prompting verification. A service system is provided that includes a service server that performs predetermined authentication upon receiving an authentication password from a mobile phone and determines whether or not the service can be provided.

  In the second aspect of the present invention, in a communication system in which a user terminal, a mobile phone, a mobile phone company mail system, and a service system can communicate via a network, after the session with the user terminal is established, the user terminal When the mobile phone number information is received, a predetermined authentication password is generated, and the session with the user terminal is maintained while the authentication password and the mobile phone number information are transmitted to the mobile phone company mail server. If the authentication password is received from the mobile phone within the maintained period, a predetermined authentication is performed to determine whether the service can be provided, and a check is performed based on the mobile phone number. A mobile phone company mail server that transmits the authentication password to the mobile phone Communication system is provided, wherein the door.

  Further, according to a third aspect of the present invention, there is provided a communication method using a service system capable of communicating with a user terminal, a mobile phone, and a mobile phone company mail system via a network, wherein the service system has a session with the user terminal. When the mobile phone number information is received from the user terminal after the establishment of the above, a predetermined authentication password is generated, and the authentication password and the mobile phone number information are transmitted to the mobile phone company mail server to promote the verification. There is provided a communication method characterized in that a session with a terminal is maintained, and when an authentication password is received from the mobile phone within a period during which the session is maintained, predetermined authentication is performed to determine whether or not to provide a service. The

  According to the present invention, by cooperation between a user's mobile phone and a user terminal, a service system for simply applying for a paid service on the Internet and paying a fee while ensuring security, and a communication system using the service system, A communication method can be provided.

  Embodiments of the present invention will be described below with reference to the drawings.

  First, FIG. 1 shows and describes the configuration of a communication system according to an embodiment of the present invention.

  As shown in FIG. 1, in the communication system according to the present embodiment, a user terminal 1, a service system 2, a mobile phone company mail system 3, and a user's mobile phone 4 can communicate freely via a network 5 such as the Internet. Connected and configured.

  The detailed configuration of the service system 2 is as shown in FIG. That is, the service system 2 includes a service server 2a, a service information database (hereinafter abbreviated as DB) 2b, and user information and fee billing information DB 2c.

  More specifically, the service server 2a is responsible for various applications such as acceptance of applications for paid services on the Internet, issuance of one-time passwords, various communications with the mobile phone company mail server 3, and user authentication. is there. The service information DB 2b is for managing service information and the like. Further, the user information and fee billing information DB 2 is for managing user information, service usage information, fee billing information, and the like.

  In the above configuration, the communication system enables the user terminal 1 to apply for a paid service on the Internet, authenticate, and further to pay a fee with security using the electronic mail function of the mobile phone 4. is there. When collecting charges by the mobile phone company mail server 3, the one-time password issued by the service system 2 is notified from the mobile phone company mail server 3 to the user's mobile phone 4 by e-mail.

  In this process, the session between the user terminal 1 and the service system 2 is maintained, and when the user inputs and transmits the one-time password to the user terminal 1, the service is provided and the service usage fee is charged accordingly. . That is, this communication system provides service application to service provision while ensuring security by cooperation between the user terminal 1 and the mobile phone 4 and further by the above-mentioned session maintenance state and the confidentiality of the one-time password. ~ A series of processing related to fee payment is realized.

  Hereinafter, with reference to FIG. 3, a processing procedure by the communication system according to the present embodiment will be described.

  This corresponds to the communication method according to the present embodiment.

  When a user accesses a service page related to a paid service provided by the service system 2 on the Internet using a web browser or the like of the user terminal 1 (step S1), the service system 2 uses the service application page information as a user. It transmits to the terminal 1 (step S2). The user terminal 1 displays the service application page on the screen. When the user inputs predetermined information for using the service on the application page at the user terminal 1, the user terminal 1 transmits the service application information to the service system 2 (step S3).

  When the service system 2 receives the service application information, the service system 2 then transmits information on the mobile phone number request page to the user terminal 1 (step S4).

  The user terminal 1 displays the mobile phone number request page on the screen. When the user inputs his / her mobile phone number on the mobile phone number request page displayed on the user terminal 1 and confirms that the input is correct, the user terminal 1 presses the “Send” button in the page. The mobile phone information is transmitted to the service system 2 (step S5).

  In addition to the mobile phone number, mobile phone information including mobile phone company information, mobile phone company identification information (including a user name, mobile phone identification ID, and the like) may be input. In that case, as a matter of course, at least a part of these inputs may display selection items on the mobile phone information request page in advance, and the corresponding items may be selected.

  When the service system 2 receives the mobile phone number, the service system 2 generates a one-time password (for example, composed of alphanumeric characters) for authentication, and sends the mobile phone number and the one-time password to the mobile phone company mail system 3. Transmit (step S6). The mobile phone company mail system 3 collates the mobile phone number included in the user information previously held in the user information DB 3a with the mobile phone number. At the same time, referring to the charge collection agency information DB 3b, it is also confirmed whether the charge has been delinquent or whether the mobile phone has already subscribed to the charge collection service (the service is available) (verification) To do.

  If the mobile phone company mail system 3 has succeeded in such verification and is in the service available state, the mobile phone company mail system 3 sends the requested one-time password to the mobile phone 4 designated by the email (step S8). At this time, the one-time password may be transmitted using the private mail function of the mobile phone 4 so that the one-time password returned to the mobile phone 4 cannot be seen by anyone other than the user of the mobile phone 4. .

  On the other hand, if the verification fails or if the service is not available, the mobile phone company mail system 3 returns information to the service system 2 that it is not applicable, and then the mobile phone number and one-time password. Are discarded (step S9).

  During the verification, the service system 2 sends a one-time password authentication input screen to the user terminal 1 and maintains the session for a fixed time (step S7). The certain time is a time sufficient for the user to input the one-time password transmitted to his / her mobile phone 4 on the screen of the user terminal 1, but is not limited thereto.

  As described above, when the user closes the screen on the user terminal 1 while the service system 2 maintains the session, the subsequent processing becomes impossible. In addition to the confidentiality of the one-time password described above, this mechanism also ensures security. The service system 2 associates the transmitted user's mobile phone number with the transmitted one-time password and stores it in the service information DB 2b as service information for use in subsequent authentication processing.

  Assume that the user inputs the one-time password sent from the service system 2 to his / her mobile phone 4 to the authentication ID request screen displayed on the user terminal 1 and approves the charge settlement agency by the mobile phone company. A “send” button is pressed to send the one-time password to the service system 2 (step S11). The service system 2 compares the received one-time password with the one-time password stored in the service information DB 2b, and if it matches, the authentication is successful and the use of the service is permitted (or the provision of service provision is allowed). (Step S12). Along with this, a service usage fee is charged to the cellular phone company mail system 3 (step S13). Along with this billing, the cellular phone company mail system 3 charges the user's cellular phone 4 for the service usage fee (step S14). In this case, for example, adding to the call usage fee of the mobile phone is considered as one means, but it is needless to say that the present invention is not limited to this.

  If the user inputs a one-time password at the user terminal 1 and does not reply within a certain time during which the session is maintained, the service system 2 disconnects the session and deletes the service information. In this case, if the user wants to use the service, it is necessary to restart the process from the service use application. The above is a series of processes.

  Next, the processing procedure by the service system 2 will be described with reference to the flowchart of FIG. This corresponds to the communication method according to the present embodiment.

  In this process, the service system 2 receives the service application information (step S21), and then requests the mobile terminal number from the user terminal 1 (step S22).

  After this request, when the service system 2 receives the mobile phone number from the user terminal 1 (step S23), the service system 2 generates a one-time password for authentication (step S24), and uses the mobile phone number and the one-time password. It is transmitted to the mobile phone company mail system 3 (step S25). Here, in addition to the mobile phone number, mobile phone information including the user's mobile phone number, mobile phone company information, mobile phone company identification information (including user name, mobile phone identification ID, etc.) is requested. You may make it do.

  Then, it is determined whether or not a one-time password transmission request is made from the cellular phone company mail system 3 (step S26). Here, whether or not to make a transmission request is determined based on, for example, the validity of the mobile phone information transmitted from the user terminal 1.

  If no request is made in step S26, information on the unavailable (NG) screen is transmitted to the user terminal 1 to prompt display of the screen (step S30), and the process returns to step S21. On the other hand, when making a request, the service system 2 sends a one-time password input screen to the user terminal 1 and maintains the session for a fixed time (step S27).

  Thus, when the one-time password is received from the user terminal 1 while the service system 2 is maintaining the session (step S28), it is checked against the one-time password stored in the service information DB 2b (step S29). If they match, the use of the service is permitted as authentication success (or the provision of service provision is started), and the service usage fee is charged to the mobile phone company mail system 3 (steps S31 and S32).

  On the other hand, if they do not match, the information on the unavailable screen is transmitted to the user terminal 1 as an authentication failure to prompt the display of the screen (step S30), and the process returns to step S21.

  Thus, a series of processing ends.

  Although not shown, if the service system 2 does not receive the one-time password within a certain time during which the session is maintained, the service system 2 disconnects the session and retrieves service information from the service information DB 2b. delete. In this case, if the user wants to use the service, it is necessary to restart the process from the service use application.

  The present invention is not limited to a one-time password, and other authentication passwords and authentication IDs can be used as appropriate.

  As described above, in the service system according to one embodiment of the present invention, and the communication system and communication method using the service system, when the service system 2 has applied for a paid service from the user terminal 1, Only when a one-time password for authentication for use of the paid service is issued, and the verification as described above is established in the mobile phone company mail system 3, and it is determined that the user is in a service available state The one-time password for the authentication is transmitted from the mobile phone company mail system 3 to the user's mobile phone 4 by e-mail. First, at this stage, confidentiality is enhanced by using a one-time password. In addition, the one-time password is not transmitted to the user terminal, but is transmitted to the mobile phone 4 which is a separate device, and the unauthorized use by a third party is prevented by making the information transmission / reception route a separate route. doing. In addition, the service system 2 maintains a session during verification by the mobile phone company mail system 3, and if the one-time password transmitted to the mobile phone 4 is not input to the user terminal within a certain time, the session Since this one-time password is invalidated (unauthenticated), security is also secured in this respect. As described above, in the service system according to the embodiment of the present invention, and the communication system and communication method using the service system, security is ensured by using multiple safety measures together.

  The embodiment of the present invention has been described above, but the present invention is not limited to this, and it is needless to say that various improvements and changes can be made without departing from the spirit of the present invention. For example, in the above-described embodiment, an example in which a user terminal and a mobile phone are used together has been described. However, the present invention is not limited to this, and various combinations such as a combination of a plurality of user terminals, a combination of user terminals and mobile devices such as a PDA, and the like Of course, the following embodiments are conceivable.

The block diagram of the communication system which concerns on one embodiment of this invention. The figure which shows the detailed structure of the service system 2 in the communication system which concerns on one embodiment of this invention. The flowchart for demonstrating in detail the process sequence by the communication system which concerns on one embodiment of this invention. The flowchart for demonstrating in detail the process sequence by the service system 2 in the communication system which concerns on one embodiment of this invention.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1 ... User terminal, 2 ... Service system, 3 ... Mobile phone company mail system, 4 ... Information equipment, 5 ... Network.

Claims (3)

  It can communicate with user terminals, mobile phones, and mobile phone company mail systems via a network, and after establishing a session with the user terminal, it generates a predetermined authentication password when receiving mobile phone number information from the user terminal. The authentication password and the mobile phone number information are sent to the mobile phone company mail server to prompt verification, while maintaining a session with the user terminal and receiving the authentication password from the mobile phone, the predetermined authentication is performed. A service system having a service server for determining whether or not to provide a service. In a communication system in which user terminals, mobile phones, mobile phone company mail systems, and service systems can communicate via a network,
After establishment of a session with the user terminal, when a mobile phone number information is received from the user terminal, a predetermined authentication password is generated, and the authentication password and the mobile phone number information are transmitted to the mobile phone company mail server. A service system for maintaining a session with the user terminal and determining whether or not to provide a service by performing a predetermined authentication upon receiving an authentication password from the mobile phone within a period during which the session is maintained;
A mobile phone company mail server that performs verification based on the mobile phone number and transmits the authentication password to the mobile phone if the verification is established;
A communication system comprising: A communication method using a service system that can communicate with a user terminal, a mobile phone, and a mobile phone company mail system via a network,
The service system
After the establishment of the session with the user terminal, when a mobile phone number information is received from the user terminal, a predetermined authentication password is generated,
While maintaining the session with the user terminal while sending the authentication password and the mobile phone number information to the mobile phone company mail server and prompting verification,
If the authentication password is received from the mobile phone within the period during which the session is maintained, predetermined authentication is performed to determine whether the service can be provided.
A communication method characterized by the above.

Images