Electronic money transfer method and system
The electronic money transfer method and system authenticate user terminals using digital certificates and access keys to securely transfer electronic money, addressing the insecurity of existing systems and ensuring recoverability of funds.
Patent Information
- Authority / Receiving Office
- JP · JP
- Patent Type
- Patents
- Current Assignee / Owner
- RX HOLDINGS CORP
- Filing Date
- 2024-09-05
- Publication Date
- 2026-06-23
AI Technical Summary
Existing electronic money transfer systems using IC cards and mobile devices with IC chips do not provide a secure and reliable method to handle electronic money similar to cash, and there is a risk of loss or theft leading to unrecoverable losses.
An electronic money transfer method and system that utilizes short-range wireless communication and an electronic money management server to authenticate user terminals using digital certificates, issue access keys, and securely transfer electronic money between user terminals, ensuring that transactions are authorized and within the user's balance.
Enables secure and reliable electronic money transfers similar to cash transactions, preventing loss or theft of electronic money even if the user's terminal is lost or stolen.
Smart Images

Figure 0007879197000001 
Figure 0007879197000002 
Figure 0007879197000003
Abstract
Description
Technical Field
[0001] The present invention relates to a method and system for transferring electronic money, in which the first user uses the terminal of the first user and the terminal of the second user to transfer the electronic money owned by the first user to the second user.
Background Art
[0002] In recent years, non-contact IC cards embedded with IC chips and mobile terminals embedded with IC chips have become widespread. As an example of a non-contact IC card embedded with an IC chip, there is one used at ticket gates and boarding gates when boarding and alighting from railway buses. Electronic money is stored in advance in the IC chip of this IC card. When this IC card is brought close to a dedicated reader / writer at a ticket gate or boarding gate, power is supplied to the IC chip of the IC card by electromagnetic waves from the reader / writer, and a signal, for example, requesting payment of the fare, is transmitted from the reader / writer to the IC chip of the IC card. On the other hand, the IC chip operates by the supplied power, receives the signal from the reader / writer, subtracts the amount of the fare from the balance of the electronic money stored in the IC chip, and transmits a signal for making the payment of the fare to the reader / writer. Then, the reader / writer that has received the signal from the IC card communicates with a center or the like that manages the electronic money of this IC card to complete the settlement of the fare. In the step of completing this settlement, actual cash is transferred from the electronic money issuing company to the railway company or bus company. Thus, the IC chip of the IC card stores electronic money in advance, and the IC chip itself holds electronic money (monetary value).
[0003] On the other hand, even in a mobile terminal embedded with an IC chip, since electronic money is stored in the IC chip in advance, it is possible to pay the fare when boarding and alighting from a railway or bus via the aforementioned reader / writer in the same manner as in the case of an IC card.
[0004] Furthermore, in the case of a mobile device with an embedded IC chip, it is possible to access the IC chip from the mobile device's application and perform internet shopping, etc., through that application. An example of the process when performing internet shopping using a mobile device application is as follows: First, with Edy (registered trademark) electronic money stored in the IC chip of the mobile device, the application accesses an internet shopping site that accepts this electronic money and applies for payment using the electronic money. The shopping site that accepts the payment application then sends an actual payment request regarding that application to the Edy Center (where the electronic money is managed). The Edy Center displays a payment confirmation email based on the actual payment request on the mobile phone application and requests input regarding whether the payment is approved or not. If the mobile device inputs that the payment is approved, the application deducts the amount of electronic money related to the payment from the IC chip of the mobile device and sends a message to the Edy Center indicating that the payment is approved. When the Edy Center receives the payment approval signal from the mobile phone, it processes the actual payment to the shopping site via a bank, etc., and also notifies the shopping site and the mobile device that the payment has been completed. Furthermore, the shopping site will also display a message on the mobile device's application indicating that payment has been completed. Thus, even when using a mobile device with an embedded IC chip for internet shopping, it is assumed that the IC chip itself holds electronic money (monetary value).
[0005] On the other hand, payment methods that do not use electronic money include credit card payments and debit card payments (bank cash cards with debit card functionality). For example, when making a payment using a debit card at a store that accepts debit cards, the customer first hands the debit card to the store employee, who then has the employee read the debit card using a dedicated reader connected to the POS terminal. The debit cardholder also enters their PIN into a dedicated device connected to the POS terminal. The POS terminal transmits the card information read by the reader, the payment amount, and the PIN to the server of the bank that issued the card. If the bank's server determines that the card information verification is OK and that the payment amount is stored in the account corresponding to that card information, the payment amount is immediately withdrawn from that account, and the bank processes the transfer of that amount to the store. The store is then notified that the withdrawal from the account has been completed, and the debit card payment is completed.
[0006] Regarding the payment method using the aforementioned IC card, mobile terminal with IC chip, and debit card For further information, please refer to the following patent documents: Japanese Patent Publication No. 2009-151737, Japanese Patent Publication No. 2006-048360, and Japanese Patent Publication No. 2008-264529.
[0007] By the way, while the aforementioned debit card handles actual cash, the aforementioned IC card and I Mobile devices equipped with a C chip are used to handle electronic money.
[0008] Here, since debit cards handle actual cash and are used by directly withdrawing cash from a bank account, if the aforementioned card information and PIN are stolen and misused, the cash that should be in the bank account will disappear, which may affect other withdrawals, and it may be impossible to recover the misused cash, potentially leading to significant losses.
[0009] On the other hand, since the aforementioned IC cards and mobile devices with IC chips handle electronic money, even if the IC card or mobile device is stolen and misused, there is a limit to the amount of electronic money that can be lost, making them safer than debit cards. Furthermore, since the electronic money (monetary value) is stored in the IC chip itself, the electronic money cannot be used unless the IC card or mobile device itself is stolen, making them safer than debit cards in this respect as well.
[0010] However, if an IC card or mobile device with an IC chip is lost or stolen, it means that the electronic money stored on the IC chip is also lost or stolen. Therefore, if an IC card or mobile device is lost or stolen, it is possible to restrict its use by contacting the IC card issuer, but unless the IC card or mobile device itself is recovered, the electronic money stored on it cannot be recovered.
[0011] On the other hand, whether or not a mobile device with an IC chip can be used to make electronic money payments at a store depends mainly on whether the store's POS terminal is equipped with a reader / writer and has implemented an electronic money payment system. When making an electronic money payment at a store's POS terminal using a mobile device with an IC chip, the amount of electronic money is deducted from the mobile device's IC chip, and the electronic money information, along with the unique information stored in the IC chip and the unique information held by the POS terminal, is transmitted to the center that manages the electronic money. Once the center confirms that the payment is valid, it processes the payment of actual cash to the store, and this is considered as a payment made by the mobile device owner to the store.
[0012] Thus, while payments made using the aforementioned IC cards or mobile terminals equipped with IC chips may appear to be made using electronic money, in reality, cash is being exchanged behind the scenes, and electronic money is not being used as a complete substitute for cash. [Overview of the project] [Problems that the invention aims to solve]
[0013] This invention was made to solve these problems, and aims to provide an electronic money transfer method and system that enables electronic money to be handled with a feeling very similar to cash, and moreover, prevents the loss of electronic money even in the event of loss or theft of the terminal used to operate the electronic money. [Means for solving the problem]
[0014] To achieve the above objective, according to the main aspects of this invention, an electronic money transfer method for transferring electronic money from a first user to a second user, using a first user terminal owned by a first user, a second user terminal owned by a second user, and an electronic money management server that can communicate with the first user terminal and the second user terminal via a communication line and stores the electronic money of the first user and the electronic money of the second user, wherein the electronic money management server and the first user terminal store a first electronic certificate associated with the information of the first user and / or the information of the first user terminal, and the electronic money management server and the second user terminal store a second electronic certificate associated with the information of the second user and / or the information of the second user terminal, wherein the method includes a first receiving step in which the first user terminal receives at least a portion of the information of the second electronic certificate from the second user terminal via short-range wireless communication or the communication line and stores it in the memory of the first user terminal, and the second user terminal receives via short-range wireless communication or A second receiving step is performed in which the electronic money management server receives at least a portion of the information of the first electronic certificate from the first user terminal via the communication line and stores it in the memory of the second user terminal, and after the first and second receiving steps, the electronic money management server receives at least a portion of the information of the second electronic certificate from the first user terminal and receives at least a portion of the information of the first electronic certificate from the second user terminal, and after the first and second receiving steps is performed, an authentication step is performed in which the electronic money management server authenticates the first user terminal and the second user terminal by determining at least whether the information of at least a portion of the information of the second electronic certificate received from the first user terminal corresponds to the information of the second electronic certificate stored in the electronic money management server, and whether the information of at least a portion of the information of the first electronic certificate received from the second user terminal corresponds to the information of the first electronic certificate stored in the electronic money management server, and after the first user terminal and the second user terminal have been authenticated in the authentication step, an access key transmission step is performed in which an access key is transmitted to the first user terminal and the second user terminal, respectively.An electronic money transfer method is provided, characterized by: a fourth receiving step of receiving the access key and an instruction to transfer electronic money to a second user from the first user terminal, and receiving the access key, an instruction to receive electronic money from the first user, and the amount to be received from the second user terminal; a settlement determination step of at least determining whether the access key received from the first user terminal and the access key received from the second user terminal correspond, and whether the amount to be received is within the balance of the first user's electronic money stored in the electronic money management server after the fourth receiving step; and a settlement step of, if the settlement determination step determines that the access key corresponds and is within the balance, decreasing the balance of the first user's electronic money in the electronic money management server by the amount to be received, and increasing the balance of the second user's electronic money in the electronic money management server by the amount to be received.
[0015] According to another key aspect of this invention, an electronic money transfer method for transferring electronic money from a first user to a second user, using a first user terminal owned by a first user, a second user terminal owned by a second user, and an electronic money management server that can communicate with the first user terminal and the second user terminal via a communication line and stores the electronic money of the first user and the electronic money of the second user, wherein the electronic money management server and the first user terminal store a first electronic certificate associated with the information of the first user and / or the information of the first user terminal, and the electronic money management server and the second user terminal store a second electronic certificate associated with the information of the second user and / or the information of the second user terminal, wherein the method includes a first receiving step in which the first user terminal receives at least a portion of the information of the second electronic certificate from the second user terminal via short-range wireless communication or the communication line and stores it in the memory of the first user terminal, and the second user terminal receives the information of the second user terminal via short-range wireless communication or the communication line A second receiving step in which the electronic money management server receives at least a portion of the information of the first electronic certificate from the first user terminal via a line and stores it in the memory of the second user terminal; a third receiving step in which the electronic money management server receives at least a portion of the information of the second electronic certificate from the first user terminal and receives at least a portion of the information of the first electronic certificate from the second user terminal after the first and second receiving steps; an authentication step in which the electronic money management server authenticates the first user terminal and the second user terminal by determining at least whether the information of at least a portion of the information of the second electronic certificate received from the first user terminal corresponds to the information of the second electronic certificate stored in the electronic money management server, and whether the information of at least a portion of the information of the first electronic certificate received from the second user terminal corresponds to the information of the first electronic certificate stored in the electronic money management server; and an access key transmission step in which, after the first user terminal and the second user terminal have been authenticated in the authentication step, access keys are transmitted to the first user terminal and the second user terminal, respectively.An electronic money payment method is provided, characterized by: a fourth receiving step of receiving the access key, a remittance instruction to the second user, and the remittance amount from the first user terminal, and receiving the access key and an instruction to receive electronic money from the first user from the second user terminal; a settlement determination step of at least determining whether the access key received from the first user terminal and the access key received from the second user terminal correspond, and whether the remittance amount is within the balance of the first user's electronic money stored in the electronic money management server after the fourth receiving step; and a settlement step of, if the settlement determination step determines that the access keys correspond and the balance is within the balance, reducing the balance of the first user's electronic money in the electronic money management server by the amount of the remittance and increasing the balance of the second user's electronic money in the electronic money management server by the amount of the remittance.
[0016] According to yet another key aspect of this invention, an electronic money transfer system for transferring electronic money from the first user to the second user, comprising: a first user terminal owned by the first user; a second user terminal owned by the second user; and an electronic money management server that can communicate with the first user terminal and the second user terminal via a communication line and stores the electronic money of the first user and the electronic money of the second user, respectively, wherein the electronic money management server and the first user terminal store a first electronic certificate associated with the information of the first user and / or the information of the first user terminal, and the electronic money management server and the second user terminal store a second electronic certificate associated with the information of the second user and / or the information of the second user terminal, wherein the first user terminal has a first receiving means that receives at least a portion of the information of the second electronic certificate from the second user terminal via short-range wireless communication or the communication line and stores it in the memory of the first user terminal, and the second user terminal has a first receiving means that The electronic money management server has a second receiving means that receives at least one part of the information of the first electronic certificate from the first user terminal via line communication or the communication line and stores it in the memory of the second user terminal, and the electronic money management server has a third receiving means that receives at least one part of the information of the second electronic certificate from the first user terminal and receives at least one part of the information of the first electronic certificate from the second user terminal, and the electronic money management server has a third receiving means that receives at least one part of the information of the first electronic certificate from the second user terminal and receives at least one part of the information of the first electronic certificate from the second user terminal, and authenticates the first user terminal and the second user terminal by at least determining whether the information of at least one part of the information of the second electronic certificate received from the first user terminal corresponds to the information of the second electronic certificate stored in the electronic money management server, and whether the information of at least one part of the information of the first electronic certificate received from the second user terminal corresponds to the information of the first electronic certificate stored in the electronic money management server, and an authentication means that authenticates the first user terminal and the second user terminal after the first user terminal and the second user terminal have been authenticated in the authentication step,An electronic money transfer system is provided, comprising: a fourth receiving means that receives the access key and an instruction to transfer electronic money to the second user from the first user terminal, and receives the access key, an instruction to receive electronic money from the first user, and the amount to be received from the second user terminal; a settlement determination means that, upon receiving information from the first user terminal and the second user terminal, at least determines whether the access key received from the first user terminal and the access key received from the second user terminal correspond, and whether the amount to be received is within the balance of the first user's electronic money stored in the electronic money management server; and a settlement means that, upon determining that the access key corresponds and is within the balance, reduces the balance of the first user's electronic money in the electronic money management server by the amount to be received, and increases the balance of the second user's electronic money in the electronic money management server by the amount to be received.
[0017] According to yet another key aspect of this invention, an electronic money transfer system for transferring electronic money from the first user to the second user, comprising: a first user terminal owned by the first user; a second user terminal owned by the second user; and an electronic money management server that can communicate with the first user terminal and the second user terminal via a communication line and stores the electronic money of the first user and the electronic money of the second user, respectively, wherein the electronic money management server and the first user terminal store a first electronic certificate associated with the information of the first user and / or the information of the first user terminal, and the electronic money management server and the second user terminal store a second electronic certificate associated with the information of the second user and / or the information of the second user terminal, wherein the first user terminal has a first receiving means that receives at least a portion of the information of the second electronic certificate from the second user terminal via short-range wireless communication or the communication line and stores it in the memory of the first user terminal, and the second user terminal has a first receiving means that The electronic money management server has a second receiving means that receives at least one part of the information of the first electronic certificate from the first user terminal via wireless communication or the communication line and stores it in the memory of the second user terminal, and the electronic money management server has a third receiving means that receives at least one part of the information of the second electronic certificate from the first user terminal and receives at least one part of the information of the first electronic certificate from the second user terminal, and the electronic money management server has a third receiving means that receives at least one part of the information of the second electronic certificate from the second user terminal and receives at least one part of the information of the first electronic certificate from the second user terminal, and performs authentication of the first user terminal and the second user terminal by at least determining whether the information of at least one part of the information of the second electronic certificate received from the first user terminal corresponds to the information of the second electronic certificate stored in the electronic money management server, and whether the information of at least one part of the information of the first electronic certificate received from the second user terminal corresponds to the information of the first electronic certificate stored in the electronic money management server, and an authentication means that authenticates the first user terminal and the second user terminal after the first user terminal and the second user terminal have been authenticated in the authentication step,An electronic money transfer system is provided, comprising: a fourth receiving means that receives the access key, an instruction to transfer electronic money to the second user, and the transfer amount from the first user terminal, and receives the access key and an instruction to receive electronic money from the first user from the second user terminal; a settlement determination means that, upon receiving from the first user terminal and the second user terminal, at least determines whether the access key received from the first user terminal and the access key received from the second user terminal correspond, and whether the transfer amount is within the balance of the first user's electronic money stored in the electronic money management server; and a settlement means that, upon determining that the access key corresponds and is within the balance, reduces the balance of the first user's electronic money in the electronic money management server by the amount of the transfer, and increases the balance of the second user's electronic money in the electronic money management server by the amount of the transfer.
[0018] Thus, in this invention, in the first receiving step, the first user terminal receives at least a portion of the information of the second digital certificate from the second user terminal, and in the second receiving step, the second user terminal receives at least a portion of the information of the first digital certificate from the first user terminal. After the first and second user terminals have exchanged at least a portion of their digital certificates in this way, the electronic money management server receives at least a portion of the information of the respective trading partners' digital certificates from each user terminal in the third receiving step, and determines whether the portion of the digital certificate information corresponds to the digital certificate information stored in the electronic money management server. In other words, the digital certificate information of one's own terminal is sent from the other terminal to the electronic money management server, and the digital certificate information of the other terminal is sent from one's own terminal to the electronic money management server, so at this point, the two terminals attempting to conduct a transaction are identified, and further, the electronic money management server verifies the digital certificates that have been sent. As a result, the electronic money management server can reliably authenticate the terminals that are attempting to send or receive electronic money.
[0019] Here, the first digital certificate held by the first user terminal is unique information possessed only by the first user terminal and the electronic money management server, and the second digital certificate held by the second user terminal is unique information possessed only by the second user terminal and the electronic money management server. At least a portion of the information of the first digital certificate is transmitted from the second user terminal to the electronic money management server, and at least a portion of the information of the second digital certificate is transmitted from the first user terminal to the electronic money management server. The electronic money management server then authenticates the terminals attempting to send or receive electronic money by receiving at least a portion of the information of the digital certificates from both the first and second user terminals. For this reason, even if, for example, the second user terminal were to illegally obtain the digital certificate information of the first user terminal and attempt to obtain the electronic money held by the first user by some means, the transfer of electronic money from the first user to the second user would not occur unless the first user terminal transmits its own digital certificate information to the electronic money management server.
[0020] Furthermore, in this invention, after authenticating the two terminals that intend to send and receive electronic money as described above, the electronic money management server sends an access key to each terminal and receives the transfer instructions, electronic money receipt instructions, etc., sent from each terminal along with the access key. The electronic money management server also determines whether the access key received from each terminal is compatible and then performs the electronic money transfer from the first user to the second user within the electronic money management server. Since the system also issues access keys and determines whether the access keys are compatible, the electronic money transfer from the first user to the second user can be performed more securely.
[0021] Furthermore, in this invention, since each user's electronic money is stored in the electronic money management server, even if, for example, the first user's terminal is lost and cannot be recovered, the first user's electronic money will not decrease as a result.
[0022] Furthermore, in this invention, by exchanging the contents of the electronic certificates held by the first user terminal and the second user terminal, and by sending and receiving instructions for electronic money along with access keys issued from the electronic money management server, it is possible to send electronic money directly from the first user to the second user while ensuring the security of electronic money transfers. As a result, it becomes possible to exchange electronic money with a feeling very close to that of cash.
[0023] Furthermore, according to an embodiment of the present invention, the electronic money transfer method is provided, wherein the method further includes an authentication transmission step in which the electronic money management server transmits to the first user terminal and the second user terminal that it has been authenticated in the authentication step after the authentication step, and an access key request reception step in which the electronic money management server receives a request from the first user terminal and the second user terminal to transmit the access key after the authentication transmission step, and in the access key transmission step, transmits the access key to the first user terminal and the second user terminal, respectively, in response to the access key request reception step.
[0024] Furthermore, according to another embodiment of the present invention, in the electronic money transfer method, only the electronic money management server is located in or linked to the first electronic certificate. An electronic money transfer method is provided, characterized in that the electronic money management server possesses the private key of the first electronic certificate, and only the electronic money management server possesses the private key of the second electronic certificate either within the second electronic certificate or linked to the second electronic certificate, and in the authentication step, decrypts at least a portion of the information of the first and second electronic certificates using the private keys of the first and second electronic certificates, and determines whether the decrypted information corresponds to the information of the first and second electronic certificates stored on the electronic money management server.
[0025] Further, according to still another embodiment of the present invention, in the electronic money transfer method, the electronic money management server can store the electronic money of the first user corresponding to a plurality of electronic money account numbers. In the fourth receiving step, the electronic money management server further receives, from the first user terminal, an electronic money account number for which a transfer is to be made. In the settlement determination step, it is determined whether or not the received amount is within the balance of the electronic money of the first user stored corresponding to the electronic money account number for which the transfer is to be made. In the settlement step, when it is determined in the settlement determination step that the access key corresponds and the amount is within the balance, the balance of the electronic money of the first user stored corresponding to the electronic money account number for which the transfer is to be made is reduced by the amount of the received amount. An electronic money transfer method is provided, characterized in that.
[0026] Further, according to still another embodiment of the present invention, in the electronic money transfer method, after the first receiving step, the first user terminal performs a first replacement processing step of replacing a part of the first electronic certificate with at least part of the information of the second electronic certificate, or a first addition processing step of adding at least part of the information of the second electronic certificate to the first electronic certificate. After the second receiving step, the second user terminal performs a second replacement processing step of replacing a part of the second electronic certificate with at least part of the information of the first electronic certificate, or a second addition processing step of adding at least part of the information of the first electronic certificate to the second electronic certificate. In the third receiving step, by receiving the first electronic certificate changed by the first replacement processing step or the first addition processing step from the first user terminal, at least part of the information of the second electronic certificate is received, and by receiving the second electronic certificate changed by the second replacement processing step or the second addition processing step from the second user terminal, at least part of the information of the first electronic certificate is received. An electronic money transfer method is provided, characterized in that.
[0027] Further, according to still another embodiment of the present invention, in the electronic money transfer method, this method further includes an invalidation step in which the electronic money management server invalidates the access key received from the first user terminal and the second user terminal and determined in the settlement determination step after the settlement step. An electronic money transfer method is provided.
[0028] Further, according to still another embodiment of the present invention, in the electronic money transfer method, in the first and second reception steps, when the distance between the first user terminal and the second user terminal becomes a short distance of several cm to more than ten cm, the first user terminal enables communication with the second user terminal via short-range wireless communication. The first user terminal receives at least part of the information of the second electronic certificate from the second user terminal, and the second user terminal receives at least part of the information of the first electronic certificate from the first user terminal. An electronic money transfer method is provided.
[0029] Further, according to still another embodiment of the present invention, in the electronic money transfer method, the electronic money management server stores the first electronic certificate in association with the first personal authentication information possessed by the first user terminal, and stores the second electronic certificate in association with the personal authentication information possessed by the second user terminal. In the third reception step, the first user terminal receives the first personal authentication information, and the second user terminal receives the second personal authentication information. In the authentication step, it is also determined whether the information in the first electronic certificate that has not been changed among the information changed by the first substitution processing step or the first addition processing step corresponds to the first personal authentication information, and whether the information in the second electronic certificate that has not been changed among the information changed by the second substitution processing step or the second addition processing step corresponds to the second personal authentication information, and the first user terminal and the second user terminal are authenticated. An electronic money transfer method is provided.
[0030] According to yet another key aspect of this invention, an electronic money transfer method for transferring electronic money from a first user to a second user, using a first user terminal owned by a first user, a second user terminal owned by a second user, and an electronic money management server that can communicate with the first user terminal and the second user terminal via a communication line and stores the electronic money of the first user and the electronic money of the second user, wherein the electronic money management server and the first user terminal store information of the first user and / or first authentication information associated with that information, and the electronic money management server and the second user terminal store information of the second user and / or second authentication information associated with that information, and the method comprises a first receiving step in which the first user terminal receives second terminal information, which is at least a part of the second authentication information, from the second user terminal via short-range wireless communication or the communication line and stores it in the memory of the first user terminal, and the second user terminal communicates via short-range wireless communication or the communication line A second receiving step is performed in which the first user terminal receives first terminal information, which is at least a part of the first authentication information, from the first user terminal and stores it in the memory of the second user terminal. A third receiving step is performed in which the electronic money management server receives the second terminal information from the first user terminal and receives the first terminal information from the second user terminal after the first and second receiving steps. An authentication step is performed in which the electronic money management server authenticates the first user terminal and the second user terminal by determining at least whether the second terminal information received from the first user terminal corresponds to the second authentication information stored in the electronic money management server, and whether the first terminal information received from the second user terminal corresponds to the first authentication information stored in the electronic money management server. After the first user terminal and the second user terminal are authenticated in the authentication step, the first user terminal receives the access key and an instruction to send electronic money to the second user, and the second user terminal receives the access key, an instruction to receive electronic money from the first user, and the amount to be received.Furthermore, an electronic money transfer method is provided, characterized by comprising: a fourth receiving step of receiving the amount to be transferred from the first user terminal to the second user or receiving the amount to be received from the first user from the second user terminal; a settlement determination step, after the fourth receiving step, at least of determining whether the access key received from the first user terminal corresponds to the access key received from the second user terminal, and whether the amount to be transferred or received is within the balance of the first user's electronic money stored in the electronic money management server; and, if the settlement determination step determines that the access keys correspond and the balance is within the balance, a settlement step of decreasing the balance of the first user's electronic money in the electronic money management server by the amount to be received, and increasing the balance of the second user's electronic money in the electronic money management server by the amount to be received.
[0031] Thus, in this invention, in the first receiving step, the first user terminal receives second terminal information, which is at least a part of the second authentication information, from the second user terminal, and in the second receiving step, the second user terminal receives first terminal information, which is at least a part of the first authentication information, from the first user terminal. After the first and second user terminals have exchanged their authentication information in this way, the electronic money management server receives the authentication information of each transaction partner from each user terminal in the third receiving step and determines whether that authentication information corresponds to the authentication information stored in the electronic money management server. In other words, the authentication information of one's own terminal is sent from another terminal to the electronic money management server, and the authentication information of that other terminal is sent from one's own terminal to the electronic money management server, so at this point, the two terminals that intend to conduct a transaction are identified, and further, the electronic money management server verifies the authentication information that has been sent to each terminal. As a result, the electronic money management server can reliably authenticate the terminals that intend to send or receive electronic money.
[0032] Here, the first authentication information held by the first user terminal is unique information held only by the first user terminal and the electronic money management server, and the second authentication information held by the second user terminal is unique information held only by the second user terminal and the electronic money management server. At least a portion of the first authentication information is sent to the electronic money management server by the second user terminal, and at least a portion of the second authentication information is sent to the electronic money management server by the first user terminal. The electronic money management server then authenticates the terminal attempting to send or receive electronic money by receiving authentication information from both the first and second user terminals. For this reason, even if the second user terminal were to illegally obtain the first user terminal's authentication information and attempt to obtain the electronic money held by the first user by some means, the electronic money transfer from the first user to the second user would not occur unless the first user terminal sends its own authentication information to the electronic money management server.
[0033] Furthermore, in this invention, since each user's electronic money is stored in the electronic money management server, even if, for example, the first user's terminal is lost and cannot be recovered, the first user's electronic money will not decrease as a result.
[0034] Furthermore, in this invention, by exchanging the contents of authentication information held by the first user terminal and the second user terminal, and by sending and receiving instructions for electronic money, it is possible to directly send electronic money from the first user to the second user while ensuring the security of electronic money transfers. As a result, it becomes possible to exchange electronic money with a feeling very close to that of cash.
[0035] Furthermore, according to yet another key aspect of this invention, an electronic money transfer method for transferring electronic money from a first user to a second user, using a first user terminal owned by a first user, a second user terminal owned by a second user, and an electronic money management server that can communicate with the first user terminal and the second user terminal via a communication line and stores the electronic money of the first user and the electronic money of the second user, wherein the electronic money management server and the first user terminal store first authentication information associated with the information of the first user and / or the information of the first user terminal, and the electronic money management server and the second user terminal store second authentication information associated with the information of the second user and / or the information of the second user terminal, wherein the first user terminal receives second terminal information, which is at least a part of the second authentication information, and the amount of electronic money received by the second user from the first user via short-range wireless communication or the communication line, and the first An authentication step is performed to authenticate the first user terminal and the second user terminal by performing a first receiving step of storing the data in the memory of the user terminal, a second receiving step in which the electronic money management server receives from the first user terminal first terminal information which is at least a part of the authentication information of the first user terminal, second terminal information, an instruction to send electronic money from the first user terminal to the second user, and the amount to be received, at least by determining whether the first terminal information received from the first user terminal corresponds to the first authentication information stored in the electronic money management server, and whether the second terminal information corresponds to the second authentication information stored in the electronic money management server, at least after the authentication step, a settlement determination step is performed to determine whether the amount to be received is within the balance of the first user's electronic money stored in the electronic money management server, and if it is determined in the settlement determination step that it is within the balance, the balance of the first user's electronic money in the electronic money management server is reduced by the amount to be received,An electronic money transfer method is provided, characterized by performing a settlement step of increasing the balance of the second user's electronic money in the electronic money management server by the amount of the received amount.
[0036] Thus, in the present invention, in the first receiving step, the first user terminal receives second terminal information, which is at least a part of the second authentication information, from the second user terminal. After the first user terminal receives the authentication information from the second user terminal in this way, the electronic money management server receives the authentication information of the second user terminal from the first user terminal in the second receiving step and determines whether the authentication information of the first user terminal and the authentication information of the second user terminal received from the first user terminal correspond to the authentication information of the first and second user terminals stored in the electronic money management server. In other words, since the authentication information of the second user terminal is sent from the first user terminal to the electronic money management server, the two terminals that are about to conduct a transaction are identified at this point, and further, the electronic money management server verifies the authentication information of both parties in the transaction that is sent from the first user terminal. As a result, the electronic money management server can reliably authenticate the terminals that are about to send or receive electronic money.
[0037] Here, the first authentication information held by the first user terminal is unique information held only by the first user terminal and the electronic money management server, and the second authentication information held by the second user terminal is unique information held only by the second user terminal and the electronic money management server. At least a portion of the second authentication information is transmitted from the first user terminal to the electronic money management server. The electronic money management server then authenticates the terminal attempting to send or receive electronic money by receiving the authentication information of both parties from the first user terminal. For this reason, even if the second user terminal were to illegally obtain the authentication information of the first user terminal and attempt to obtain the electronic money held by the first user by some means, the electronic money transfer from the first user to the second user would not occur unless the authentication information of both parties is transmitted from the first user terminal to the electronic money management server.
[0038] Furthermore, in this invention, since each user's electronic money is stored in the electronic money management server, even if, for example, the first user's terminal is lost and cannot be recovered, the first user's electronic money will not decrease as a result.
[0039] Furthermore, in this invention, the authentication information of the second user terminal is transmitted to the first user terminal, and instructions for sending and receiving electronic money are also transmitted, thereby ensuring the security of electronic money transfers and enabling direct electronic money transfers from the first user to the second user. As a result, it becomes possible to exchange electronic money with a feeling very similar to that of cash. [Effects of the Invention]
[0040] According to the present invention, it is possible to handle electronic money with a feeling very similar to that of cash, and moreover, even if the terminal for operating electronic money is lost or stolen, the electronic money will not be lost.
[0041] Further features and notable effects of this invention will be understood by those skilled in the art by referring to the embodiments and drawings described in the following section on the best mode for carrying out the invention. [Brief explanation of the drawing]
[0042] [Figure 1] Diagram showing the schematic configuration of an electronic money transfer system according to one embodiment of the present invention. [Figure 2] Diagram showing the general configuration of terminal A. [Figure 3] Diagram showing the general configuration of terminal B. [Figure 4] Diagram showing the general configuration of the electronic money management server. [Figure 5] Example of a customer contract master [Figure 6] Example of account data [Figure 7] Flowchart showing the processing at terminal A, terminal B, and the electronic money management server. [Figure 8] Flowchart showing the processing at terminal A, terminal B, and the electronic money management server. [Figure 9] Diagram illustrating the overview of electronic certificates [Figure 10] Flowchart showing the processing in terminal A and the electronic money management server. [Figure 11] Example of a display screen for a display device. [Figure 12] Example of a display screen for a display device. [Figure 13] A flowchart showing the processing at terminal A, terminal B, and the electronic money management server. [Figure 14] Example of a display screen for a display device. Reference number: Y11A017. Patent application 2011-233596 (Proof). Filing date: October 25, 2011. 9 [Figure 15] A flowchart showing the processing at terminal A, terminal B, and the electronic money management server. [Figure 16] Example of a display screen for a display device. [Figure 17] A flowchart showing the processing at terminal A, terminal B, and the electronic money management server. [Figure 18] Example of a display screen for a display device. [Figure 19] Example of a display screen for a display device. [Figure 20] Example of a display screen for a display device. [Figure 21] Example of a display screen for a display device. [Figure 22] Example of a display screen for a display device. [Figure 23] Example of a display screen for a display device. [Figure 24] Diagram showing the general configuration of terminal A. [Figure 25] Diagram showing the general configuration of the electronic money management server. [Figure 26] Example of a display screen for a display device. [Figure 27] Example of a display screen for a display device. [Figure 28] Example of a rewards table [Figure 29] Flowchart showing the processing at terminal A, terminal B, and the electronic money management server. [Figure 30]Flowchart showing the processing at terminal A, terminal B, and the electronic money management server. [Modes for carrying out the invention]
[0043] The electronic money transfer system according to an embodiment of the present invention will be described below with reference to the drawings.
[0044] Figure 1 is a diagram illustrating the schematic configuration of an electronic money transfer system according to the first embodiment of the present invention. This system includes, for example, a terminal A owned by user A (first user), who is a buyer; a terminal B owned by user B (second user), who is a store or the owner of that store, who is a seller; and an electronic money management server (hereinafter simply referred to as the management server) 300 that can communicate with each terminal A and B via a communication line such as the Internet or a mobile communication network. Terminals A and B may be mobile phones with functions equivalent to those of a personal digital assistant (PDA) or personal computer (PC), or they may be desktop or laptop PCs, or computer devices such as POS terminals, or other known computer devices. In this embodiment, terminal A is a mobile phone with functions equivalent to those of a PC, and terminal B is a POS terminal. Note that well-known configurations such as firewalls and web servers are not shown or described.
[0045] Figure 2 shows a schematic configuration of terminal A (a mobile phone with functions equivalent to a PC) of this embodiment. As shown in Figure 2, terminal A includes a CPU 110, RAM 120, a display device 130 such as a liquid crystal display, a communication unit 140 having a communication interface that includes a communication antenna and a communication protocol stack for communication using a mobile communication network or the Internet, a near-field communication (NFC) wireless communication unit 150 having a communication interface that includes a communication antenna and a communication protocol stack for near-field communication, a well-known touch panel input device 160 that accepts input when the user touches the display device 130 with their finger, a certificate storage unit 171 for storing electronic certificates, an access key storage unit 172 for storing access keys, a card information storage unit 173, an application storage unit 174, and a program storage unit 180 for storing various programs.
[0046] Terminal A has a program storage unit 180 containing an electronic certificate exchange processing unit 181, an electronic certificate information embedding processing unit 182, an electronic certificate information transmission processing unit 183, an access key request processing unit 184, a money transfer request processing unit 185, and a card pattern transmission / reception processing unit 186, each of which causes Terminal A to perform a predetermined operation. These functions will be described later in accordance with examples of processing performed by Terminal A, Terminal B, the management server 300, etc. (see Figures 7, 8, 10, 13, etc.).
[0047] Figure 3 shows a schematic configuration of terminal B (POS terminal) in this embodiment. As shown in Figure 3, terminal B includes a CPU 210, RAM 220, a display device 230 such as a liquid crystal display, a communication unit 240 having a communication interface that includes a connector and a communication protocol stack for communication using the Internet network, a reader / writer (near-field communication unit) 250 having a communication interface that includes an antenna for near-field communication (NFC) and a communication protocol stack for near-field communication, an input device 260 consisting of multiple buttons, a certificate storage unit 271 for storing electronic certificates, an access key storage unit 272 for storing access keys, a card information storage unit 273, an application storage unit 274, and a program storage unit 280 for storing various programs.
[0048] Terminal B has a program storage unit 280 containing an electronic certificate exchange processing unit 281, an electronic certificate information embedding processing unit 282, an electronic certificate information transmission processing unit 283, an access key request processing unit 284, a money transfer request processing unit 285, and a card pattern transmission / reception processing unit 286, each of which causes Terminal B to perform a predetermined operation. These functions will be described later in accordance with examples of processing performed by Terminal A, Terminal B, the management server 300, etc. (see Figures 7, 8, 10, 13, etc.). Furthermore, a configuration in Terminal B with the same name as that in Terminal A has the same functionality as the same configuration in Terminal A.
[0049] Figure 4 shows a schematic configuration of the management server 300 in this embodiment. The management server 300 includes a CPU 310, RAM 320, a display device 330 such as a liquid crystal display, a communication unit 340 having a communication interface that includes a communication protocol stack for communication using connectors and the internet, a customer master storage unit 350, an account data storage unit 360 for storing electronic money account data, an application storage unit 370 for storing member applications, and a program storage unit 380 for storing various programs.
[0050] The customer master storage unit 350 of the management server 300 has a customer contract master 351, as illustrated in Figure 5, which associates customer information (name, company name, nickname, email address, answer to security question, etc.) on the management server 300 with login ID, password, digital certificate, electronic money account number, etc. The account data storage unit 360 stores electronic money account data, such as account balance and transaction history for each account number, as illustrated in Figure 6.
[0051] The management server 300 has a program storage unit 380 containing a member registration processing unit 381, a member screen display processing unit 382, an electronic certificate issuance processing unit 383, an electronic money card issuance processing unit 384, an electronic certificate information reception processing unit 385, an access key issuance processing unit 386, a money transfer request reception processing unit 387, and a money transfer processing unit 388, each of which causes the management server 300 to perform predetermined operations. These functions will be described later in accordance with examples of processing performed by terminal A, terminal B, management server 300, etc. (see Figures 7, 8, 10, 13, etc.).
[0052] First, we will explain the process when user A, who has terminal A, registers as a member on the management server 300, as required for purchasing and sending / receiving electronic money, following an example of the processes performed by terminal A and management server 300 (see Figure 7). Note that user A may be an individual or an organization.
[0053] First, terminal A requests the management server 300 to download an application for electronic money transactions (step S1), and in response, the management server 300 downloads the application to terminal A (step S2). When terminal A launches the application, a screen confirming the user's intention to register as a member is displayed on the display device 130. When user A performs an operation on terminal A to indicate their intention to register as a member, terminal A sends a request for member registration to the management server 300 (step S3), and in response, the member registration processing unit 381 of the management server 300 displays a member registration screen on the display device 130 of terminal A (step S4). This initial member registration screen requests the user to enter their email address. Subsequently, when user A enters their email address on the member registration screen and submits it (step S5), the member registration processing unit 381 of the management server 300 sends the URL of the final registration screen to user A's email address (step S6). It is also possible to configure the system to send the phone number of terminal A (mobile phone) instead of the email address in steps S4 and S5.
[0054] Next, when user A operates terminal A and sends a request from terminal A to display the screen of the URL (step S7), the member registration processing unit 381 of the management server 300 displays the registration screen on the display device 130 of terminal A (step S8). Subsequently, when user A enters a nickname, full name, name, password, answer to a security question, etc. on the registration screen and submits it (step S9), the member registration processing unit 381 of the management server 300 responds by sending a login ID to user A's email address (step S10). By using the login ID, password, etc., user A can log in to the member screen displayed by the member screen display processing unit 382.
[0055] As mentioned above, during the process of registering user A, the management server 300 stores user A's information in the customer master 351 of its customer master storage unit 350 (step S11) (see Figure 5).
[0056] Furthermore, when user B, who has terminal B, registers as a member on the management server 300 to purchase or send / receive electronic money, the same processing (steps S21 to S31) as described above for user A is performed on terminal B and the management server 300, as shown in Figure 7.
[0057] Next, we will explain the process by which terminal A obtains the electronic certificate necessary for sending and receiving electronic money on the management server 300, following an example of the processes performed by terminal A and the management server 300 (see Figure 8).
[0058] First, the member screen display processing unit 382 of the management server 300 displays a screen to terminal A requesting a login ID and password. When terminal A sends the login ID and password to the management server 300 (step S41), the member screen display processing unit 382 responds by displaying the member screen after login on the display unit 130 of terminal A (step S42). A button for requesting the issuance of an electronic certificate is located on this member screen. When user A performs the operation to request the issuance of an electronic certificate on terminal A, a request for the issuance of an electronic certificate is sent from terminal A to the management server 300 (step S43). In addition, along with or after this request for the issuance of an electronic certificate, terminal A sends its own device information to the management server 300 (step S44). Here, since user A has logged into the member screen on terminal A using its own login ID and password and is requesting the issuance of an electronic certificate in that state, the device information is linked to user A's login ID, password, etc. and stored in the customer contract master 351 (see Figure 5). Furthermore, while the manufacturing ID of terminal A can be used as the individual device information, other information specific to terminal A can also be used.
[0059] Next, the management server 300, using the electronic certificate issuance processing unit 383, creates a first electronic certificate for user A and stores this first electronic certificate in the customer master storage unit 350, linking it to terminal A (step S45). Here, the first electronic certificate created by the electronic certificate issuance processing unit 383 has a digital signature, a public key, etc., as schematically shown in Figure 9. The electronic certificate issuance processing unit 383 of the management server 300 also simultaneously creates a private key corresponding to the created first electronic certificate and stores this private key in the customer master storage unit 350, linking it to the first electronic certificate. In this embodiment, the electronic certificate is created by the management server 300, but it is also possible to request its creation from an external electronic certificate issuing company.
[0060] Next, the electronic certificate issuance processing unit 383 of the management server 300 sends the first electronic certificate to terminal A (step S46), and terminal A stores the received first electronic certificate in terminal A's certificate storage unit 171 (step S47).
[0061] Furthermore, when terminal B obtains the digital certificate necessary for sending and receiving electronic money on the management server 300, the same processing (steps S51 to S57) as described above for terminal A is performed on terminal B and the management server 300, as shown in Figure 8. In this embodiment, a second digital certificate and its private key are created for terminal B. The private key of the first digital certificate is the only one that can decrypt the digital signature of the first digital certificate, and the private key of the second digital certificate is the only one that can decrypt the digital signature of the second digital certificate.
[0062] Next, we will explain the process when user A purchases an electronic money card using terminal A, following an example of the processing performed by terminal A and management server 300 (see Figure 10). Note that this process can also be performed using terminal B.
[0063] First, the member screen display processing unit 382 of the management server 300 displays a screen on terminal A requesting a login ID and password. When terminal A sends the login ID and password to the management server 300 (step S61), the member screen display processing unit 382 of the management server 300 responds by displaying the member screen after login on the display unit 130 of terminal A (step S62). A button for purchasing an electronic money card is located on this member screen. When user A requests the purchase of an electronic money card on terminal A, a purchase request for an electronic money card is sent from terminal A to the management server 300 (step S63). Subsequently, the management server 300, using the electronic money card issuance processing unit 384, displays the electronic money card purchase screen (see Figure 11) on the display device 130 of terminal A (step S64). As shown in Figure 11, when user A enters information in each field and presses the purchase button, the card purchase information is sent from terminal A to the management server 300 (step S65). In this embodiment, the card design selected in Figure 11 can be set by the user to their favorite image. In this case, user A selects the image they want to use as the card design from within terminal A, etc., and that design is sent to the management server 300 in step S65. After this, the electronic money card issuance processing unit 384 of the management server 300 displays the necessary screen on the display device 130 of terminal A as needed, and once payment for the purchased electronic money card and input of all information are completed, the electronic money card is considered purchased.
[0064] Next, the electronic money card issuance processing unit 384 of the management server 300 sets the account number (card number), security number, etc., of the electronic money account corresponding to the electronic money card purchased by user A (step S66), stores the account data of that electronic money account in the account data storage unit 360 (step S67), and stores the account number in the customer master as shown in Figure 5 (step S68). In this embodiment, the same number is used for the account number and the card number. The account data is, for example, as shown in Figure 6, and stores the history of transfers and receipts, the balance, etc. Each user can create multiple electronic money accounts within the management server 300, and in this case, each electronic money account is assigned an account number (card number). In other words, each user can possess multiple electronic money cards, and the management server 300 manages each electronic money card by linking it to an account number (card number).
[0065] Furthermore, the management server 300 transmits card information such as the card design, the amount of the purchased card, and the account number (card number) to terminal A via the electronic money card issuance processing unit 384 (step S69). Meanwhile, terminal A stores the received card information in the card information storage unit 173 (step S70).
[0066] On terminal A, the application can display the card design, the balance corresponding to the account number (card number), the account number (card number), and the security code on the display device 130, as shown in Figure 12. In addition, masking 400 is displayed over a portion of the card number and a portion of the security code, so that the masking 400 hides those parts. When the user touches the location on the display screen 130 corresponding to the masking 400 with their finger, the masking 400 disappears, allowing the hidden portion of the card number and security code to be seen. If terminal A is a PC or a POS terminal, it is also possible to configure it so that the masking 400 disappears when the pointer is positioned over the masking 400.
[0067] User B can also use terminal B to purchase electronic money cards in the same way that User A purchases them using terminal A.
[0068] Next, we will explain the process when user A (buyer) purchases goods from user B (seller, such as a store) and pays for them using electronic money, following an example of the processes performed by terminal A, terminal B, and management server 300 (see Figure 13).
[0069] First, user A decides to purchase product X and takes it to user B's terminal B (POS terminal). Terminal B is equipped with a barcode reader, and the barcode attached to product X is read by the barcode reader. As a result, the price of product X, 300 yen, is displayed on the POS terminal's display device 230. User A checks the price on terminal B's display and decides to pay, and uses terminal A to access and log in to the member screen provided by the member screen display processing unit 382 of the management server 300. Then, the display device 130 displays a payment screen, for example, as shown in Figure 14, and terminal A is brought close to the reader / writer 250 of terminal B and the Pay button in Figure 14 is touched with a finger. As a result, the following steps S101 to S123 are performed, and electronic money is transferred from user A to user B.
[0070] Specifically, first, when terminal A is brought close to terminal B's reader / writer 250 and the Pay button 410 in Figure 14 is touched with a finger, terminal B, via its electronic certificate exchange processing unit 281, transmits the digital signature in the second electronic certificate to terminal A via short-range wireless communication, and terminal A, via its electronic certificate exchange processing unit 181, receives the digital signature of the second electronic certificate transmitted from terminal B (step S101). Then, terminal A stores the received digital signature in the certificate storage unit or other parts of terminal A's memory (step S102). Meanwhile, terminal A, via its electronic certificate exchange processing unit 181, transmits the digital signature in the first electronic certificate to terminal B via short-range wireless communication, and terminal B, via its electronic certificate exchange processing unit 281, receives the digital signature of the first electronic certificate transmitted from terminal A (step S103). Then, terminal B stores the received digital signature in the certificate storage unit or other parts of terminal B's memory (step S104). Steps S101 and S103 may occur in any order, or they may occur simultaneously. Furthermore, the short-range wireless communication is performed via the short-range wireless communication unit 150 of terminal A and the reader / writer 250 of terminal B. Short-range wireless communication is possible when the distance between the short-range wireless communication unit 150 and the reader / writer 250 is several centimeters to more than ten centimeters; communication is not possible at distances greater than this. Examples of such short-range wireless communication technologies include ISO / IEC 14443 Type A and B, or ISO / IEC 18092 Felica (registered trademark). In this embodiment, such short-range wireless communication is used, but it is of course possible to use short-range wireless communication that communicates at distances greater than the aforementioned distance.
[0071] Next, terminal A, using the electronic certificate embedding processing unit 182, creates a first electronic certificate with a replaced digital signature by replacing the digital signature of its own first electronic certificate with the digital signature of the received second electronic certificate, and stores it in the certificate storage unit 171 (step S105). Meanwhile, terminal B creates a second electronic certificate with a replaced digital signature by replacing the digital signature of its own second electronic certificate with the digital signature of the received first electronic certificate, and stores it in the certificate storage unit 271 (step S106).
[0072] Next, terminal A transmits the first digital certificate with the digital signature replaced by the digital certificate information transmission processing unit 183 to the management server 300 (step S107), and terminal B transmits the second digital certificate with the digital signature replaced by the digital certificate information transmission processing unit 283 to the management server 300 (step S108). At this time, the data transmitted from terminal A contains terminal A's individual information, and the data transmitted from terminal B contains terminal B's individual information.
[0073] Next, the management server 300 receives the first and second digital certificates with replaced digital signatures from terminals A and B via the digital certificate information receiving processing unit 385 (step S109). Then, the management server 300, via the digital certificate information receiving processing unit 385, decrypts the digital signatures of the first digital certificate with replaced digital signatures and the second digital certificate contained therein using the corresponding private key stored in the customer master storage unit 350, and also decrypts the digital signatures of the second digital certificate with replaced digital signatures and the first digital certificate contained therein using the corresponding private key stored in the customer master storage unit 350 (step S110).
[0074] Next, the management server 300, using the electronic certificate information receiving processing unit 385, determines whether (1) the digital signature of the decrypted first electronic certificate corresponds to the digital signature of the first electronic certificate stored in the customer master storage unit 350, and whether (2) the digital signature of the decrypted second electronic certificate corresponds to the digital signature of the second electronic certificate stored in the customer master storage unit 350 (step S111). The management server 300, using the electronic certificate information receiving processing unit 385, also determines whether (3) the source of the digital signature of the second electronic certificate is terminal A (the terminal corresponding to the first electronic certificate), and whether (4) the source of the digital signature of the first electronic certificate is terminal B (the terminal corresponding to the second electronic certificate) (step S112). Here, the determination in step S112 can be made by comparing the non-digital signature portions of the first and second digital certificates, which have had their digital signatures replaced, with the non-digital signature portions of the first and second digital certificates stored in the customer master storage unit 350. Alternatively, the determination in step S112 can be made by comparing the individual information contained in the data transmitted from each terminal A and B with the individual information stored in the customer master 351 of the customer master storage unit 350. It is also possible to perform step S112 using any other method that can determine (3) and (4) above. In other words, in step S112, it is sufficient to determine whether the digital certificate information of one's own terminal (terminal A) has been sent to the management server 300 from another terminal (terminal B), and whether the digital certificate information of that other terminal (terminal B) has been sent to the management server 300 from one's own terminal (terminal A).
[0075] Next, if it is determined that all of the above (1) to (4) are met, the electronic certificate information receiving processing unit 385 transmits the determination result to terminals A and B (steps S113, S114). Subsequently, when terminal A sends an access key request to the management server 300 via the access key request processing unit 184 (step S115), the management server 300 transmits the first access key to terminal A via the access key issuance processing unit 386 (step S116), and terminal A stores the first access key in the access key storage unit 172. The access key issuance processing unit 386 issues a different, unique access key each time an access key issuance request is made. On the other hand, when an access key request is sent from terminal B to the management server 300 by the access key request processing unit 284 (step S117), the management server 300 sends a second access key to terminal B by the access key issuance processing unit 386 (step S118), and terminal B stores the second access key in the access key storage unit 272. In this embodiment, the issuance of access keys in steps S116 and S118 is not performed unless it is determined in steps S111 and S112 that (1) to (4) above are in correspondence. Furthermore, the access key issuance processing unit 386 issues the first access key and the second access key so that the money transfer request acceptance processing unit 387 recognizes that the first access key corresponds to the second access key.
[0076] Next, terminal A, via the money transfer request processing unit 185, sends a first access key, a money transfer instruction to user B, the owner of terminal B, and the account number of the electronic money account to which the transfer should be made (the card number of the electronic money card displayed on the display device 130) to the management server 300 (step S119), and the management server 300 receives them via the money transfer request acceptance processing unit 387. Meanwhile, terminal B, via the money transfer request processing unit 285, sends a second access key, the amount to be received from user A, the owner of terminal A, which is 300 yen, and a receipt instruction to the management server 300 (step S120), and the management server 300 receives them via the money transfer request acceptance processing unit 387.
[0077] Next, the management server 300 uses the money transfer request acceptance processing unit 387 to determine whether the access key received from terminal A corresponds to the access key received from terminal B (step S121). The management server 300 also uses the money transfer request acceptance processing unit 387 to determine whether the received amount is within the account balance of user A stored in the account data storage unit 360 of the management server 300, or more specifically, whether it is within the balance of the account (hereinafter referred to as account a) of the card number (account number) displayed on the display screen 130 of terminal A (step S122).
[0078] Next, if it is determined in step S121 that the access key is compatible and in step S122 that the balance is within the limit, the management server 300, using the money transfer processing unit 388, reduces the balance of account data for user A's account a stored in the account data storage unit 360 by the amount of the received amount, and increases the balance of account data for user B's account (hereinafter referred to as account b) stored in the account data storage unit 360 by the amount of the received amount (step S123). Subsequently, the management server 300 invalidates the first and second access keys to prevent transactions using these access keys.
[0079] Here, when steps S101 to S123 are performed, there may be cases where no electronic money accounts for user B are set up in the management server 300. In this case, user B should be prompted to create an electronic money account at the appropriate time. For example, when steps S121 and S122 determine that the access key is compatible and the balance is within the limit, user B can be prompted to create an electronic money account on terminal B. Specifically, as shown in Figure 11, terminal B will be shown a screen that only allows the user to select the card type and card name, and a message will be displayed on terminal B to confirm whether or not to set up an electronic money card with a balance of 0 yen. When user B creates an electronic money card in accordance with this process, the electronic money account to which the received amount will be transferred will be set up in the management server 300 in step S123.
[0080] Thus, in this embodiment, in step S101, terminal A, acting as the first user terminal, receives at least a portion of the information of the second digital certificate from terminal B, acting as the second user terminal, and in step S103, terminal B receives at least a portion of the information of the first digital certificate from terminal A. After terminals A and B have exchanged at least a portion of their digital certificates in this way, the management server 300 receives at least a portion of the information of the respective trading partners' digital certificates from terminals A and B in steps S107 and S108, and determines whether the portion of the received digital certificate information corresponds to the digital certificate information stored in the management server 300. In other words, the digital certificate information of one's own terminal is sent to the management server 300 from another terminal, and the digital certificate information of that other terminal is sent to the management server 300 from one's own terminal, so at this point, the two terminals that intend to conduct a transaction are identified, and furthermore, the management server 300 performs verification of the digital certificates that have been sent. As a result, the management server 300 can reliably authenticate terminals A and B that intend to send or receive electronic money.
[0081] Here, the first digital certificate held by terminal A is unique information held only by terminal A and the management server 300, and the second digital certificate held by terminal B is unique information held only by terminal B and the management server 300. Then, at least a portion of the information of the first digital certificate is transmitted to the management server 300 by terminal B, and at least a portion of the information of the second digital certificate is transmitted to the management server 300 by terminal A. The management server 300 then authenticates the terminals attempting to send or receive electronic money by receiving at least a portion of the information of the digital certificates from both terminals A and B. For this reason, even if terminal B were to illegally obtain terminal A's digital certificate information and attempt to obtain user A's electronic money by some means, the transfer of electronic money from user A to user B would not occur unless terminal A transmits its own digital certificate information to the management server 300.
[0082] Furthermore, in this embodiment, after authenticating the two terminals A and B that intend to send and receive electronic money as described above, the management server 300 sends an access key to each terminal A and B and receives the transfer instructions, electronic money receipt instructions, etc., sent from each terminal A and B along with the access key. The management server 300 also determines whether the access keys received from each terminal A and B are compatible, and then performs the electronic money transfer from user A to user B within the management server 300. Since the management server 300 also issues access keys and determines whether the access keys are compatible, the electronic money transfer from user A to user B can be performed more securely.
[0083] Furthermore, in this embodiment, since the electronic money of each user A and B is stored in the management server 300, even if, for example, terminal A is lost and cannot be recovered, user A's electronic money will not decrease as a result.
[0084] Furthermore, in this embodiment, by exchanging the contents of the electronic certificates held by terminal A and terminal B, and by sending and receiving instructions for electronic money along with the access key issued by the management server 300, it is possible to send electronic money directly from user A to user B while ensuring the security of electronic money transfers. As a result, it becomes possible to exchange electronic money with a feeling very close to that of cash.
[0085] In this embodiment, terminal A and terminal B exchange a portion of their respective digital certificates. However, it is also possible to send the entire first digital certificate from terminal A to terminal B in step S103, and the entire second digital certificate from terminal B to terminal A in step S101.
[0086] Here, for example, one could embed IC chips in two mobile terminals conducting a transaction, and equip each mobile terminal's IC chip with a security module certified by a designated certification authority, thereby authenticating the two terminals conducting the transaction based on the contents of each terminal's security module. However, in this case, if the specifications of the security modules of the two terminals differ, each terminal may not be able to decipher the other's security module, which can easily lead to problems such as being unable to conduct a transaction. In contrast, in this embodiment, the management server 300 issues electronic certificates to each terminal A and B, and the management server 300 owns the issued electronic certificates and their private keys. Despite this simple configuration, as described above, secure transactions can be achieved, making it more useful in real-world situations compared to using security modules.
[0087] Furthermore, in this embodiment, after both terminal A and terminal B request access keys in steps S115 and S117, access keys are issued to each terminal A and B respectively. In this way, transactions cannot be completed using only one of terminals A or B, which is extremely advantageous in ensuring the security of electronic money transfers.
[0088] Furthermore, in this embodiment, only the management server 300 possesses the private keys for the first and second digital certificates. Therefore, even if terminal A receives a portion of the second digital certificate from terminal B, terminal A cannot decrypt that portion of the digital certificate. Similarly, even if terminal B receives a portion of the first digital certificate from terminal A, terminal B cannot decrypt that portion of the digital certificate. Thus, the security of electronic money transfers is ensured. In this embodiment, the management server 300 possesses the private keys linked to the first and second digital certificates, but it is also possible to include the private keys within the first and second digital certificates possessed by the management server 300.
[0089] Furthermore, in this embodiment, the management server 300 can store user A's electronic money in association with multiple electronic money account numbers. Also, in step S119, terminal A transmits the account number of the electronic money account from which to send money to the management server 300. In this way, user A can have multiple electronic money accounts and can select which electronic money account to send money from when making a transfer. Therefore, user A can determine the purpose of each electronic money account and make transfers according to that purpose.
[0090] Furthermore, in this embodiment, in step S112, it is determined whether (3) the source of the digital signature of the second electronic certificate is terminal A (the terminal corresponding to the first electronic certificate), and whether (4) the source of the digital signature of the first electronic certificate is terminal B (the terminal corresponding to the second electronic certificate). Here, in step S105, terminal A replaces the digital signature of its own first electronic certificate with the digital signature of the received second electronic certificate, and in step S106, terminal B replaces the digital signature of its own second electronic certificate with the digital signature of the received first electronic certificate. Therefore, the determination in step S112 can be made by comparing the parts of the first and second electronic certificates other than the digital signatures after the digital signatures have been replaced with the parts of the first and second electronic certificates other than the digital signatures stored in the customer master storage unit 350, which is efficient and is an extremely advantageous configuration for ensuring the security of electronic money transfers.
[0091] Furthermore, after step S123, the management server 300 invalidates the first and second access keys, thereby preventing further transactions using the first and second access keys. Thus, this embodiment has a configuration that is extremely advantageous in ensuring the security of electronic money transfers.
[0092] Furthermore, in this embodiment, short-range wireless communication is possible when the distance between the short-range wireless communication unit 150 and the reader / writer 250 is several centimeters to more than ten centimeters, and communication is not possible at longer distances. Therefore, when terminal A and terminal B attempt to conduct a transaction, errors such as the exchange of electronic certificates with other terminals are less likely to occur, which is extremely advantageous in ensuring the security of transactions.
[0093] In this embodiment, terminal B is shown as a POS terminal, but terminal B can also be a mobile phone similar to terminal A. In this case, the reader / writer 250 of terminal B becomes a short-range wireless communication unit, and the input device 260 becomes a touch panel input device. Even when terminal B is configured as a mobile phone in this way, it is still possible to buy and sell product X using the processing described in steps S101 to S123. Moreover, when terminals A and B are configured as mobile phones, users A and B can buy and sell product X anytime, anywhere. For example, if product X is fruit grown on user B's farm, or if users A and B happen to meet on the street and want to buy or sell item Y, user A can make an electronic money payment to user B.
[0094] For example, by configuring the management server 300 and the application to allow the user B's terminal B to input the sales price of product X or item Y (the amount to be received from user A), terminal B functions similarly to terminal B as a POS terminal. Then, by bringing the short-range wireless communication unit 150 of terminal A and the short-range wireless communication unit 250 of terminal B close together and user A pressing the Pay button in Figure 14, the processes in steps S101 to S123 are performed.
[0095] Furthermore, not only in the buying and selling of goods X and goods Y, but also in the case where user B wants to receive electronic money from user A, by configuring user B's terminal B's display device 230 to allow input of the amount of money user B wants to receive from user A, user B can receive electronic money through the processing in steps S101 to S123.
[0096] In this embodiment, the management server 300 stores the electronic money of users A and B as linked to electronic money cards. However, if an electronic money wallet or electronic money folder is set up as the electronic money accounts of users A and B within the management server 300, the management server 300 can store the electronic money of users A and B linked to the electronic money wallet or electronic money folder.
[0097] In this embodiment, step S101 is initiated by operating the Pay button displayed on the display device 130 of terminal A. Alternatively, it is possible to configure the system so that step S101 is initiated automatically when the short-range wireless communication unit 150 of terminal A and the reader / writer 250 of terminal B are brought closer than a few centimeters or tens of centimeters, or so, or so by other triggers.
[0098] In this embodiment, in steps S101 and S103, terminals A and B exchange a portion of their respective digital certificates via short-range wireless communication. Alternatively, in steps S101 and S103, terminals A and B can also exchange a portion of their respective digital certificates via a mobile communication network or the Internet.
[0099] In this embodiment, after it is determined in steps S111 and S112 that all of (1) to (4) are met, the transaction is made more secure using an access key in steps S113 to S121. However, even if steps S113 to S118 are omitted, the transmission of the access key in steps S119 and S120 is omitted, and the determination in step S121 is omitted, it is still possible to send electronic money from user A to user B. In other words, since the access key is used to make the transaction more secure, it can be omitted in the case of simple transactions. Furthermore, even without using an access key, the terminal performing the transaction can be reliably authenticated in steps S111 and S112, so electronic money can be securely sent from user A to user B.
[0100] Furthermore, even if step S111 is omitted, it is still possible to transfer electronic money from user A to user B. This is because the terminal performing the transaction can be determined by step S112 alone.
[0101] The following describes an electronic money transfer system according to a second embodiment of the present invention. This system basically has the same configuration as the first embodiment, but terminal B is a mobile phone similar to terminal A. As a result, the reader / writer 250 of terminal B is a short-range wireless communication unit, and the input device 260 is a touch panel type input device.
[0102] In this system, when User A (sender) sends electronic money to User B (recipient), an example of the processing performed by terminals A and B and the management server 300 (see Figure 15) will be explained. When User A (sender) sends electronic money to User B (recipient), it could be when User A gives User B pocket money or lends them electronic money. Below, we will explain the case where User A lends User B 300 yen. In this embodiment, the management server 300 and the application display a screen as shown in Figure 16 on the display device 130 of User A's terminal A, and this screen is configured to allow User A to input the amount they wish to send. The following explanation assumes that the amount has already been entered.
[0103] First, when the short-range wireless communication units 150 and 250 of terminal A and terminal B are brought close to each other, and the Send button 420 in Figure 16 is touched with a finger, for example, steps S201 to S223 in Figure 15 are performed. Here, steps S201 to S218 are the same as steps S101 to S118 of the first embodiment, so their explanation is omitted.
[0104] After step 218, terminal A, via the money transfer request processing unit 185, sends a first access key, a money transfer instruction to user B, the owner of terminal B, the account number of the electronic money account to which the money should be transferred (the card number of the electronic money card displayed on the display device 130), and the transfer amount of 300 yen to the management server 300 (step S219), and the management server 300 receives them via the money transfer request acceptance processing unit 387. Meanwhile, terminal B, via the money transfer request processing unit 285, sends a second access key and a receipt instruction to the management server 300 (step S220), and the management server 300 receives them via the money transfer request acceptance processing unit 387. Here, terminal B can also send the account number of the electronic money account to which the transferred money should be deposited to the management server 300.
[0105] Next, the management server 300, using the money transfer request acceptance processing unit 387, determines whether the access key received from terminal A corresponds to the access key received from terminal B (step S221). The management server 300 also determines, using the money transfer request acceptance processing unit 387, whether the amount to be transferred is within the account balance of user A stored in the account data storage unit 360 of the management server 300, or more specifically, whether it is within the balance of the account (hereinafter referred to as account a) of the card number (account number) displayed on the display screen 130 of terminal A (step S222).
[0106] Next, if it is determined in step S221 that the access key is compatible and in step S222 that the balance is within the limit, the management server 300, using the money transfer processing unit 388, reduces the balance of account data for user A's account a stored in the account data storage unit 360 by the amount of the transfer, and increases the balance of account data for user B's account (hereinafter referred to as account b) stored in the account data storage unit 360 by the amount of the transfer (step S223). Subsequently, the management server 300 invalidates the first and second access keys, preventing transactions using these access keys.
[0107] With this configuration, this embodiment also produces the same effects as those described in the first embodiment, and it is also possible to make the various modifications described in the first embodiment.
[0108] The following describes an electronic money transfer system according to a third embodiment of the present invention. This system basically has the same configuration as the second embodiment.
[0109] In this system, when User A (sender) sends an electronic money card owned by User A to User B (receiver) as a gift, an example of the processing performed by terminals A, B, and the management server 300 (see Figure 17) will be explained below. The following explanation will describe the case where User A sends an electronic money card worth 3,000 yen to User B. In this embodiment, the management server 300 and the application are configured to display a screen as shown in Figure 18 on the display device 130 of User A's terminal A, and to instruct User A to send the displayed electronic money card on this screen.
[0110] First, the short-range wireless communication units 150 and 250 of terminal A and terminal B are brought close to each other, and for example, when the Send button 430 in Figure 18 is touched with a finger, the management server 300 and the application cause the display device 230 of terminal B to display the amount information of the electronic money card displayed on terminal A, as well as a button to select whether to accept or not (see Figure 19). In this state, when the Yes button 431 on the display device 230 of terminal B is touched with a finger, steps S301 to S324 in Figure 17 are performed. Here, steps S301 to S318 perform the same processing as steps S201 to S218 in the second embodiment, so their explanation is omitted.
[0111] After step S318, terminal A, via the money transfer request processing unit 185, sends the first access key, a money transfer instruction to user B, the owner of terminal B, the account number of the electronic money account to be transferred (the card number of the electronic money card displayed on the display device 130), and the transfer amount, which is the total balance on that electronic money card, to the management server 300 (step S319). The management server 300 receives these via the money transfer request acceptance processing unit 387. Note that in step S319, terminal A instructs the management server 300 to send the electronic money card to terminal B, which is equivalent to sending the account number of the electronic money account to be transferred and the total balance on that electronic money card to the management server 300, as described above.
[0112] Meanwhile, terminal B, via the payment request processing unit 285, sends a second access key and a receipt instruction to the management server 300 (step S320), and the management server 300 receives them via the payment request acceptance processing unit 387.
[0113] Next, the management server 300 uses the money transfer request acceptance processing unit 387 to determine whether the access key received from terminal A corresponds to the access key received from terminal B (step S321). The management server 300 also uses the money transfer request acceptance processing unit 387 to determine whether the amount to be transferred is within the account balance of user A stored in the account data storage unit 360 of the management server 300, or more specifically, whether it is the total balance of the account (hereinafter referred to as account a) for the card number (account number) displayed on the display screen 130 of terminal A (step S322).
[0114] Next, if it is determined in step S321 that the access key is compatible and in step S322 that the total balance is correct, the management server 300, using the money transfer processing unit 388, reduces the balance of account data for user A's account a stored in the account data storage unit 360 by the amount of the transfer, and sets up a new electronic money account for user B (hereinafter referred to as account b) in the account data storage unit 360, and increases the balance of its account data by the amount of the transfer (step S323). In this embodiment, after step S322, account a is deleted from the account data storage unit 360, and the account number for user B newly set up in step S323 is the account number of the deleted account a. Next, the management server 300 disables the first and second access keys, preventing transactions using these access keys.
[0115] Next, terminal A transmits the design of the electronic money card for account a to terminal B via short-range wireless communication or a mobile communication network (step S324). After this, the management server 300 and the application display a screen as shown in Figure 20 on the display device 230 of terminal B.
[0116] With this configuration, this embodiment also produces the same effects as those described in the first embodiment, and it is also possible to make the various modifications described in the first embodiment.
[0117] Furthermore, by exchanging the contents of the digital certificates held by terminals A and B, and by sending and receiving instructions for electronic money along with the access key issued from the management server 300, the security of electronic money transfers can be ensured while directly sending an electronic money card from user A to user B. As a result, electronic money cards can be exchanged with a feeling very close to that of exchanging physical cards.
[0118] Furthermore, the electronic money cards described in each of the above embodiments can also be used for regular internet shopping. For example, when user A visits an internet shopping site that accepts the electronic money using a PC and wants to pay for a desired product, they can purchase the product by entering the card number and security code of their electronic money card in the same way as when paying with a credit card. When this payment is made, the internet shopping site operator sends an inquiry to the management server 300, and the management server 300 processes the information to determine the remaining balance of the card number, etc.
[0119] Furthermore, when user A is logged in on terminal A, and the member-only screen after login is displayed on terminal A's display device 130 by the aforementioned application, it is also possible to display internet shopping via the application and purchase items using an electronic money card. In this case, when making a payment for the internet shopping, the application or management server 300 displays a screen on terminal A's display device 130 as shown in Figure 21. As mentioned above, Figure 21 also shows a screen for entering the electronic money card number and security code.
[0120] However, since User A has already logged in to Terminal A using their login ID and password, the possibility of fraudulent use of the electronic money card in this state is low. Also, since the electronic money card is prepaid, there is a limit to the amount of loss. Therefore, in Figure 21, a button 440 representing the information of the electronic money card is displayed in the lower right corner, and by touching the location of the button with a finger without entering the card number or security code of the electronic money card, the screens of Figure 22 and Figure 23 are displayed on the display device 130. In the screen of Figure 22, the card number, security code, etc. that User A should have entered are already entered. In other words, payment can be made without entering the card number or security code of the electronic money card.
[0121] In the first embodiment described above, terminal B directly communicates with the management server 300. However, it is also possible for terminal B to communicate with the management server 300 via the system of a card company such as JCB® or VISA®, and to perform steps S101 to S123. In this case, the card company's system may only act as an intermediary for data exchange between terminal B and the management server 300, or it may function in place of the management server 300 or terminal B in any of steps S101 to S123. Furthermore, it is also possible to have the card company's system and the management server 300 function as a substantially integrated system. In this way, by having the communication go through the card company's system, or by having the system function substantially integrated with the card company's system, the electronic money card can be used at the card company's affiliated merchants.
[0122] The following describes an electronic money transfer system according to a fourth embodiment of the present invention. The basic configuration of this system is the same as that of the first embodiment, with terminal A and management server 300 configured as shown in Figures 24 and 25.
[0123] Terminal A in this embodiment has a first user information storage unit 175 and a GPS 176, and the program storage unit 180 has a benefit information display unit 187, a benefit acceptance acceptance unit 188, a location information detection unit 189, a location information transmission unit 190, and an account information display unit 191, which respectively cause terminal A to perform predetermined operations.
[0124] The first user information storage unit 175 stores the first user information, and this first user terminal-specific information includes at least the account number of the electronic money account of user A (first user), or unique information such as the name and date of birth of user A linked to said account number, or first user terminal-specific information unique to terminal A (the first user's terminal), such as the individual information of terminal A of user A.
[0125] The reward information display unit 187 displays the reward information transmitted by the selected reward content transmission unit 390, which will be described later, on the display device 130 of terminal A. For example, as shown in Figure 26, the reward information is displayed on the display device 130. The reward information to be displayed may be one or more, and may only be information about the rewards that user B provides to the customer, or it may be possible to display information about the rewards that user B provides to the customer and information about the rewards that other users provide to the customer simultaneously. In Figure 26, information about the rewards that user B provides to the customer and information about the rewards that other users provide to the customer are displayed simultaneously.
[0126] The Enjoyment Intent Reception Unit 188 receives, for example, the operation of the "Enjoy this benefit" button 450 displayed in Figure 26 via the touch panel input device 160, and transmits the received user's intention to the management server 300. In addition, depending on the circumstances, the Enjoyment Intent Reception Unit 188 may also transmit some or all of the first user information stored in the first user information storage unit 175 to the management server 300.
[0127] The location information detection unit 189 is linked to map information and identifies the location of terminal A on the map information based on the location information of terminal A detected by GPS 176. The location information transmission unit 190 transmits the location information of terminal A on the map information identified by the location information detection unit 189 to the management server 300.
[0128] The account information display unit 191 displays the account information transmitted by the account information transmission unit 394 (described later) on the display device 130 of terminal A. For example, as shown in Figure 27, the display device 130 displays the electronic money account information of user A.
[0129] The management server 300 in this embodiment includes a first user information storage unit 371 that stores the same first user information as the first user information storage unit 175, and a benefit storage unit 372 that stores the content of benefits and conditions for granting benefits that user B (second user) or other users provide to the customer. The program storage unit 380 includes a benefit content selection unit 389 that causes the management server 300 to perform predetermined operations, a selected benefit content transmission unit 390, an enjoyment intention reception unit 391 that receives the user's intention transmitted by the enjoyment intention reception unit 188, a granting determination unit 392, a benefit granting unit 393, and an account information transmission unit 394.
[0130] The reward storage unit 372 stores, for example, the content of the rewards that User B and other users offer to customers, as well as the conditions for granting them, as shown in Figure 28. In Figure 28, User B's reward is a cashback reward based on the amount User B spends at the store, User C's reward is a reward that either provides cashback based on the amount User C spends at the store, or a discount on parking at a parking lot operated by an organization other than User C, and User D's reward is a discount on the next meal based on the amount User D spends at the store. Also, as shown in Figure 28, each reward has distribution conditions set, for example, User B's reward has conditions set for age, the number of times User B has used User B's store in the past, and region.
[0131] The reward content selection unit 389 selects a reward suitable for the user based on a portion of the first user information transmitted by the enjoyment intention reception unit 188 and location information transmitted by the location information transmission unit 190. For example, if the location information transmission unit 190 transmits that user A is near department store a or station b, the enjoyment intention reception unit 188 transmits the account number, which is part of user A's first user information, and the age and gender of user A, which is stored in the first user information storage unit in the server 300 corresponding to the account number, is 28 years old and male, then the conditions for the distribution of the five rewards shown in Figure 28 are met, and the five rewards are selected. It is also possible to set the number of times the target store has been used as a condition when selecting a reward, and it is possible to configure the system to provide a reward to a user who has used user B's store three or more times, as shown in the reward for user B in Figure 28. Furthermore, a priority rate can be assigned to each benefit stored in Figure 28, and the priority rate can be varied according to the benefit granting service fee paid by the user providing the benefit to the company managing the management server 300. The priority of selection can also be changed according to the priority rate, the priority transmission order when the selected benefit content is transmitted by the selected benefit content transmission unit 390 can be changed, and the priority display order and display position when the benefit information display unit 187 displays the information can also be changed.
[0132] The selected reward content transmission unit 390 transmits reward information relating to the reward selected by the reward content selection unit 389 to terminal A.
[0133] The operations of the granting determination unit 392, the benefit granting unit 393, and the account information transmission unit 394 will be described later in accordance with examples of processing performed by terminal A, terminal B, and the management server 300 (see Figure 29). Figure 29 illustrates the process when user A (buyer) purchases goods from user B (seller such as a store) and pays for them using electronic money, similar to the first embodiment.
[0134] First, before user A visits user B's store, terminal A is detected by the location information detection unit 189 (step S401), and terminal A transmits the identified location information to the management server 300 (step S402). Upon receiving the location information of terminal A, the management server 300 uses the reward content selection unit 389 to select a reward suitable for user A from the reward table stored in the reward storage unit 372 (step S403), and the selected reward content transmission unit 390 transmits the reward information regarding the selected reward to terminal A (step S404). This transmission may be the transmission of display data to be shown in terminal A's browser, or it may be the transmission of an email.
[0135] Upon receiving the information transmitted in step S404, terminal A displays the information, for example, sent via email, on the display device 130 using the benefit information display unit 187, as shown in Figure 26 (step S405). Furthermore, if user A operates the "Enjoy this benefit" button 450 displayed in Figure 26, for example, the benefit acceptance unit 188 receives the operation via the touch panel input device 160 (step S406), transmits user A's accepted intention to the management server 300 (step S407), and the management server 300 receives the user's intention transmitted by the benefit acceptance unit 391 and stores it in memory. Here, it is assumed that user A selects user B's benefit in Figure 26.
[0136] Subsequently, similar to the first embodiment, user A decides to purchase product X at user B's store, and steps S408 to S431 are performed in the same way as steps S101 to S123 of the first embodiment. In this embodiment, however, in step S426, terminal A transmits user A's account number as the first user information for user A, and the management server 300 stores this first user information in memory.
[0137] Next, the management server 300, using the grant determination unit 392, determines whether the grant conditions have been met by comparing the amount received in step 428 with at least one of the increases or decreases in electronic money in steps S414, S415, S418, S419, S426, S428, S429, S430, or S431 and the grant conditions for the benefit selected by user A (step S432).
[0138] Next, in step S407, the management server 300 receives a message from user A indicating user B's intention to use the benefit. If the management server 300 determines in step S432 that the granting conditions are met, the benefit granting unit 393 grants the benefit to user A's electronic money account based on the benefit details (step S433). For example, as shown in user A's account information in Figure 27, a 200 yen cashback is granted for user B's 2500 yen payment at a store on September 10, 2012. Here, it is also possible to configure the terminal A to send user A's account number to the management server 300 as the first user information for user A in step S407, and in step S432, determine whether that account number corresponds to the account number sent in step S426. If it is determined that they correspond, then step S433 is performed. In this case, the granting of benefits becomes more accurate.
[0139] Next, the management server 300 transmits the account information of user A's electronic money account to terminal A via the account information transmission unit 394, along with the reward information granted in step S433 (step S434). Terminal A then displays the reward information along with the account information of user A's account via the account information display unit 191, for example, as shown in Figure 27 (step S435).
[0140] Thus, according to this embodiment, reward information is displayed on User A's terminal based on User A's attributes (age and gender) and the location information of User A's terminal A. This saves User A the trouble and time of searching for reward information relevant to them, and allows User B to effectively inform customers about reward information. Furthermore, in step S406, User A's intention to enjoy the reward is received, and after User A indicates their intention to use the reward, the reward is credited to User A's account when, for example, a payment that meets the reward granting conditions is made at User B's store. This configuration makes it easier for User A to remember that a reward has been credited to their account and what it is, compared to a case where a reward is automatically credited without User A being aware of what kind of reward it is. This can contribute to increasing User A's willingness to purchase and making a strong impression on User B's store. Additionally, since the reward information is displayed on User A's display device 130 along with User A's account data, it is even easier for User A to remember that a reward has been credited to their account and what it is.
[0141] Furthermore, this embodiment also produces the same effects and advantages as those described in the first embodiment, and it is possible to make the various modifications described in the first embodiment.
[0142] Furthermore, in the first and fourth embodiments, the digital signature of the first electronic certificate is transmitted from terminal A to terminal B, which is then embedded in the second electronic certificate at terminal B, and this is transmitted from terminal B to the management server 300 (steps S103, S104, S106, S108, S410, S411, S413, S415, etc.). In contrast, it is also possible to configure the system so that the digital signature of the first electronic certificate is not transmitted from terminal A to terminal B.
[0143] Specifically, the process is carried out as shown in Figure 30. Similar to the first embodiment, we will explain assuming that user A decides to purchase product X and takes it to user B's terminal B (POS terminal).
[0144] First, when terminal A is brought close to terminal B's reader / writer 250 and the Pay button 410 in Figure 14 is touched with a finger, terminal B, via its electronic certificate exchange processing unit 281, transmits the digital signature in the second electronic certificate to terminal A via short-range wireless communication, and also transmits 300 yen, the amount received from user A, which terminal A receives (step S501). Then, terminal A stores the received digital signature in the certificate storage unit or in other parts of terminal A's memory (step S502).
[0145] Next, terminal A, using the digital certificate embedding processing unit 182, replaces the digital signature of its own first digital certificate with the digital signature of the received second digital certificate, thereby creating a first digital certificate with a replaced digital signature, and stores it in the certificate storage unit 171 (step S503). Next, terminal A, using the digital certificate information transmission processing unit 183, transmits the first digital certificate with the replaced digital signature and the received amount to the management server 300 (step S504).
[0146] Next, the management server 300 receives the first digital certificate with the replaced digital signature from terminal A using the digital certificate information receiving processing unit 385 (step S505). Then, the management server 300 decrypts the digital signatures of the first digital certificate with the replaced digital signature and the second digital certificate contained therein using the corresponding private key stored in the customer master storage unit 350 using the digital certificate information receiving processing unit 385 (step S506).
[0147] Next, the management server 300, using the electronic certificate information receiving processing unit 385, determines whether (1) the decrypted first electronic certificate corresponds to the first electronic certificate stored in the customer master storage unit 350, and whether (2) the digital signature of the decrypted second electronic certificate corresponds to the digital signature of the second electronic certificate stored in the customer master storage unit 350 (step S507). The management server 300 also determines, using the electronic certificate information receiving processing unit 385, whether (3) the source of the digital signature of the second electronic certificate is terminal A (the terminal corresponding to the first electronic certificate) (step S508).
[0148] Next, the management server 300, using the money transfer request acceptance processing unit 387, determines whether the amount to be received is within the account balance of user A stored in the account data storage unit 360 of the management server 300, or more specifically, whether it is within the balance of the account (hereinafter referred to as account a) of the card number (account number) displayed on the display screen 130 of terminal A (step S509).
[0149] Next, if it is determined in step S509 that the balance is within the limit, the management server 300, using the money transfer processing unit 388, reduces the balance of account data for user A's account a stored in the account data storage unit 360 by the amount of the received amount, and increases the balance of account data for user B's account (hereinafter referred to as account b) stored in the account data storage unit 360 by the amount of the received amount (step S510).
[0150] Even in the configuration as in this embodiment, terminal A receives a digital signature from terminal B, which is at least a part of the information of the second digital certificate. After terminal A receives the digital signature from terminal B in this way, the management server 300 receives terminal B's digital signature from terminal A and determines whether the digital certificate of terminal A and the digital signature of terminal B received from terminal A correspond to the digital certificate information of terminals A and B stored in the management server 300. In other words, since terminal B's digital signature is sent from terminal A to the management server 300, the two terminals attempting to conduct a transaction are identified at this point, and the management server 300 further verifies the authentication information of both parties in the transaction sent from terminal A. As a result, the management server 300 can reliably authenticate the terminals attempting to send or receive electronic money.
[0151] Here, the first digital certificate held by terminal A is unique information held only by terminal A and the management server 300, and the second digital certificate held by terminal B is unique information held only by terminal B and the management server 300. Then, at least a portion of the information of the second digital certificate is transmitted by terminal A to the management server 300. The management server 300 then authenticates the terminal attempting to send or receive electronic money by receiving the authentication information of both parties from terminal A. For this reason, even if terminal B were to illegally obtain terminal A's digital certificate and attempt to obtain the electronic money held by user A by some means, the electronic money transfer from user A to user B would not occur unless terminal A transmits the authentication information of both parties to the management server 300.
[0152] Furthermore, in this embodiment, since each user's electronic money is stored in the management server 300, even if, for example, terminal A is lost and cannot be recovered, user A's electronic money will not decrease as a result.
[0153] Furthermore, in this embodiment, since authentication information is transmitted from terminal B to terminal A, and instructions for sending and receiving electronic money are also transmitted, electronic money can be sent directly from user A to user B while ensuring the security of electronic money transfers. As a result, it becomes possible to exchange electronic money with a feeling very similar to that of cash.
[0154] Furthermore, this invention is not limited to the above-described embodiment, and can be modified in various ways without altering the essence of the invention.
[0155] Furthermore, it goes without saying that the present invention is easily modifiable in various ways, and is not limited to the embodiment described above. It can be modified in various ways without altering the essence of the invention. [Explanation of symbols]
[0156] 110...CPU, 120...RAM, 130...Display device, 140...Communication unit, 150...Short-range wireless communication unit, 160...Touch panel input device, 171...Certificate storage unit, 172...Access key storage unit, 173...Card information storage unit, 174...Application storage unit, 180...Program storage unit, 210...CPU, 220...RAM, 230...Display device, 240...Communication unit, 250...Reader / writer, 260...Input device, 271...Certificate storage unit, 272...Access key storage unit, 273...Card information storage unit, 274...Application storage unit, 280...Program storage unit, 300...Management server, 310...CPU, 320...RAM, 330...Display device, 340...Communication unit, 350...Customer master, 360...Account data storage unit, 370...Application storage unit, 380...Program storage unit.
Claims
1. This is an authentication method for processing electronic money payments between a first user and a second user on an electronic money management server. The first user terminal (A) used by the first user, The second user terminal (B) used by the second user, The first authentication information, which is associated with the first user and is pre-stored in the electronic money management server, The second authentication information, which is associated with the second user and pre-stored in the electronic money management server, Equipped with, The first user terminal (A) reads at least a portion of the second authentication information output by the second user terminal (B) and transmits it to the electronic money management server (300) via the first user terminal (A), and / or the second user terminal (B) reads at least a portion of the first authentication information output by the first user terminal (A) and transmits it to the electronic money management server (300) via the second user terminal (B). The aforementioned electronic money management server (300) Whether at least a portion of the second authentication information received from the first user terminal (A) corresponds to the second authentication information stored in the electronic money management server (300), and whether the first user terminal, which is the source of the second authentication information, corresponds to the first authentication information stored in the electronic money management server (300), and / or, Whether at least a portion of the first authentication information received from the second user terminal (B) corresponds to the first authentication information stored in the electronic money management server (300), and whether the second user terminal, which is the source of the first authentication information, corresponds to the second authentication information stored in the electronic money management server (300). The authentication of the first user and the second user is performed by making this determination. The first and second pieces of identification information are information independent of the payment information for electronic money. The electronic money management server authenticates the first and second users without receiving or referencing electronic money transfer / payment information. Characterized by Authentication method.
2. In the method according to claim 1, The aforementioned electronic money transfer / settlement is the payment of the purchase price of goods purchased by the first user from the second user using electronic money. The second user's terminal (B) is provided with input means for product information, including the price of the product. A method characterized by the following:
3. This is an authentication system for processing electronic money payments between a first user and a second user on an electronic money management server. The first user terminal (A) used by the first user, The second user terminal (B) used by the second user, The first authentication information, which is associated with the first user and is pre-stored in the electronic money management server, The second authentication information, which is associated with the second user and pre-stored in the electronic money management server, Equipped with, The first user terminal (A) reads at least a portion of the second authentication information output by the second user terminal (B) and transmits it to the electronic money management server (300) via the first user terminal (A), and / or the second user terminal (B) reads at least a portion of the first authentication information output by the first user terminal (A) and transmits it to the electronic money management server (300) via the second user terminal (B). The aforementioned electronic money management server (300) Whether at least a portion of the second authentication information received from the first user terminal (A) corresponds to the second authentication information stored in the electronic money management server (300), and whether the first user terminal, which is the source of the second authentication information, corresponds to the first authentication information stored in the electronic money management server (300), and / or, Whether at least a portion of the first authentication information received from the second user terminal (B) corresponds to the first authentication information stored in the electronic money management server (300), and whether the second user terminal, which is the source of the first authentication information, corresponds to the second authentication information stored in the electronic money management server (300). The system has an authentication means that authenticates the first user and the second user by determining the following: The first and second pieces of identification information are information independent of the payment information for electronic money. The authentication means authenticates the first and second users without receiving or referring to electronic money transfer / payment information when authenticating the first and second users. A system characterized by the following features.
4. In the system described in claim 3, The aforementioned electronic money transfer / settlement is the payment of the purchase price of goods purchased by the first user from the second user using electronic money. The second user's terminal (B) is provided with input means for product information, including the price of the product. A system characterized by the following features.