Information processing device, information processing method, program, and IC chip

Abstract

The present technology relates to an information processing device, an information processing method, a program, and an IC chip that make it possible to prevent unintentional processing from being executed. An information processing device according to one aspect of the present technology comprises an IC chip that includes: an acquisition unit that acquires a processing request transmitted from an external terminal; a holding unit that holds information relating to security level for each type of processing request, the information indicating the contents of a confirmation action performed by a user when executing the requested processing; and an execution unit that executes processing in accordance with the processing request. When a processing request requiring a confirmation action is acquired in the IC chip, the information processing device presents information used for confirming the contents of the processing, and permits the execution of the processing in the IC chip in response to the confirmation action being performed by the user according to the security level. The present technology can be applied to a device equipped with an IC chip capable of performing contactless proximity communication.

Description

Information Processing Apparatus, Information Processing Method, Program, and IC Chip 【0001】 The present technology particularly relates to an information processing apparatus, an information processing method, a program, and an IC chip that can prevent unintended processing from being executed. 【0002】 Services that enable the use of IC card functions such as the Osaifu-Keitai (registered trademark) function and the My Number (registered trademark) card function on smartphones and wearable terminals are increasing. 【0003】 As forms of readers / writers for reading and writing data on IC cards, in addition to store-installed terminals, the number of handy-type terminals that can be easily carried around is increasing. Also, smartphones can be used as readers / writers. Technologies for reading and writing data on IC cards using not only proximity communication such as NFC (Near Field Communication) but also short-range communication such as UWB (Ultra Wide Band) have emerged. 【0004】 Japanese Patent Application Laid-Open No. 2003-16418 【0005】 The risk of data in an IC card being read and written at locations and in situations unintended by the user is increasing. 【0006】 The present technology has been made in view of such a situation and is intended to prevent unintended processing from being executed. 【0007】 An information processing apparatus according to one aspect of the present technology includes an acquisition unit that acquires a processing request transmitted from an external terminal, a holding unit that holds information regarding a security level for each type of the processing request, indicating the content of a confirmation action by the user when executing the requested processing, an execution unit that executes a process corresponding to the processing request, and an IC chip. When the processing request that requires the confirmation action is acquired in the IC chip, the control unit presents information used for confirming the content of the process, and permits the execution of the process in the IC chip in response to the confirmation action corresponding to the security level being performed by the user. 【0008】 In one aspect of this technology, when a processing request requiring verification is received by the IC chip, information used to verify the content of the processing is presented, and the execution of the processing on the IC chip is permitted depending on whether the user has performed verification according to the security level. 【0009】 This figure shows an example configuration of an information processing system according to one embodiment of this technology. This figure shows other examples of reader / writer terminals and user terminals. This figure shows an example of sending and receiving information in an information processing system. This figure shows an example of setting a security level. This figure shows an example of a confirmation process. This figure shows an example of displaying a confirmation screen. This figure shows other examples of displaying a confirmation screen. This figure shows an example of a UI used to change the security level. This figure shows a series of processing flows. This is a block diagram showing an example of the configuration of a user terminal. This is a block diagram showing an example of the configuration of a Secure Element. This figure shows an example of the data structure of an applet. This figure shows the flow of a public key used for authentication of a reader / writer terminal. This figure shows the processing flow including R / W authentication. This is a flowchart explaining the processing of an applet including R / W authentication. This figure shows the overall processing using an encryption key. This is a diagram that summarizes the functions. This figure shows the processing flow when the source of the processing request is a service provider server. This figure shows an example of sharing a public key. This is a block diagram showing an example of the configuration of a computer. 【0010】 The following describes the forms for implementing this technology. The explanation will proceed in the following order: 1. Overview of the technology 2. Verification procedures according to security level 3. Authentication of reader / writer terminals 4. Summary of functions 5. Variations 【0011】 <<Overview of this technology>> This technology mainly consists of the following components. 【0012】1. A security level is set for each type of processing request from the R / W (reader / writer) terminal. The security level defines the content of the verification action required to execute the process, such as requiring on-screen operations like pressing a confirmation button or requiring biometric authentication. The security level can be changed using an application. It is possible to raise or lower the default security level of the applet. 2. The user can choose to allow or deny the execution of the process for each processing request. 3. The Secure Element guarantees that the processing request from the R / W terminal has not been tampered with. 4. The Secure Element guarantees that the processing request is from a legitimate R / W terminal. 【0013】 By requiring verification actions according to the security level, users can control whether to permit or deny the execution of processing requests from R / W terminals after reviewing the content of those requests. 【0014】 By changing the security level settings, users can configure whether or not they need to perform verification actions. For example, they can choose not to require verification for processing requests that are unlikely to harm the user, such as balance inquiries, while requiring verification for processing requests that are likely to harm the user, such as balance withdrawals. 【0015】 By guaranteeing that processing requests from R / W terminals have not been tampered with, it becomes possible to prevent the presentation of incorrect information, such as when a processing request from an R / W terminal is for a balance withdrawal but is presented as a balance confirmation. 【0016】 By guaranteeing that processing requests originate from legitimate R / W terminals, it becomes possible to protect against threats such as unauthorized device withdrawals from the balance. 【0017】 <<Verification actions according to security level>> <Configuration of information processing system> Figure 1 is a diagram showing an example of the configuration of an information processing system according to one embodiment of this technology. 【0018】 The information processing system shown in Figure 1 is configured such that R / W terminals 2 and user terminals 3 are connected to a service provider server 1 via the Internet. 【0019】 Service provider server 1 is an internet server managed by a business operator that provides services using IC card functionality. It provides predetermined services such as electronic money payment services, point services, ticket services, and authentication services. Service provider server 1 consists of one or more computers. 【0020】 The R / W terminal 2 is a device that functions as a reader / writer for an IC card. When a user terminal 3, which is a terminal equipped with IC card functionality, is held close to the R / W terminal 2, the R / W terminal 2 performs contactless proximity communication with the Secure Element of the user terminal 3. For example, the R / W terminal 2 sends a processing request to the Secure Element and receives a response sent from the Secure Element in response to the processing being executed. 【0021】 User terminal 3 is a terminal equipped with IC card functionality. User terminal 3 has the ability to communicate with the outside world, including wireless communication such as mobile communication and wireless LAN communication with base stations, and proximity communication with R / W terminals such as R / W terminal 2. 【0022】 As shown in the callout in Figure 1, the user terminal 3 is equipped with a host CPU 11 and a Secure Element 12. The host CPU 11 is a processing circuit that executes a predetermined application and controls the overall operation of the user terminal 3. The Secure Element 12 is a high-security IC chip compliant with the NFC standard, such as Felica (registered trademark). The Secure Element 12 receives processing requests transmitted from the R / W terminal 2 and executes the requested processing. The Secure Element 12 performs processing such as reading data stored in the memory within the Secure Element 12 and writing data to the memory, and sends a response including the result of the processing to the R / W terminal 2. 【0023】 In the example shown in Figure 1, only one R / W terminal 2 and one user terminal 3 are shown. However, in reality, numerous R / W terminals 2 and user terminals 3 are connected to the service provider server 1 via the internet. 【0024】 Furthermore, although a stationary R / W terminal is shown as R / W terminal 2 in the example in Figure 1, a smartphone 2A with R / W functionality may be used as R / W terminal 2, as shown in Figure 2A, or a handheld R / W terminal 2B may be used as R / W terminal 2. 【0025】 In the example in Figure 1, a smartphone is shown as the user terminal 3, but as shown in Figure 2B, a wearable device 3A equipped with a Secure Element, such as a smartwatch, may be used as the user terminal 3. Instead of proximity communication by NFC, a device with proximity communication capabilities such as UWB may be used as the R / W terminal 2 and user terminal 3. 【0026】 <Execution of processing based on security level> Figure 3 shows an example of sending and receiving information in an information processing system. 【0027】 As shown in the callout in Figure 3, application 11A is installed on the user terminal 3. Application 11A is a program executed by the host CPU 11. In addition, an applet 12A, such as a Java Card® applet, is installed on the Secure Element 12 of the user terminal 3. Applet 12A is a program executed on the Secure Element 12. 【0028】 Applet 12A has various functions, including the ability to acquire processing requests from external devices, the ability to execute the requested processing, the ability to store and retain various data in the memory of Secure Element 12, and the ability to perform cryptographic processing such as signature verification. Applet 12A sends and receives various information with application 11A as needed. 【0029】 When using a service provided by service provider server 1, for example, a user operates user terminal 3 to download and install application 11A prepared by the business operator managing service provider server 1. For example, when installing application 11A, applet 12A is downloaded along with application 11A and installed on Secure Element 12. A server different from service provider server 1 may be used as the server from which application 11A and applet 12A are downloaded, as appropriate. 【0030】 During the installation of application 11A, as shown by arrow #1, the initial security level information is written to applet 12A by the service provider server 1. For example, the initial security level information is downloaded from the service provider server 1 and received by application 11A. The initial value information received by application 11A is output from application 11A to applet 12A and stored in the memory of Secure Element 12 as information held by applet 12A. The initial security level may also be set based on information provided by a server other than the service provider server 1. For example, it is possible to have the initial security level information provided by the same server from which applet 12A is downloaded. 【0031】 As shown by arrow #2, when user terminal 3 is held over R / W terminal 2 and a processing request sent from R / W terminal 2 is received, Secure Element 12 determines whether a confirmation action is necessary based on the security level. The confirmation action is an action taken by the user to authorize the execution of the requested processing. 【0032】 For example, if a processing request sent from R / W terminal 2 is a request that requires confirmation, the content of the confirmation action is presented to the user by application 11A along with the content of the processing request. The content of the confirmation action is switched according to the security level of the processing request. 【0033】 The user, after reviewing the processing request, will choose whether or not to authorize the execution of the process, and will perform a confirmation action. If confirmation is performed, information indicating this will be output from application 11A to applet 12A, and the requested process will be executed in Secure Element 12. In this way, the security level indicates the content of the user's confirmation action when executing the process. 【0034】 Figure 4 shows an example of security level settings. 【0035】 As shown in Figure 4, the security level setting value and the configurable range of the security level are set for each type of processing request (command). As will be described later, it is possible to change the security level setting within the configurable range. The security level setting value shown in Figure 4 is the initial value. 【0036】 For example, for a "Read Service" request, which is a request to display the balance of electronic money, the initial security level is set to level 0, and the configurable range for the security level is set to levels 0-2. The fact that the configurable range is levels 0-2 indicates that the security level can be set to any of levels 0, 1, or 2. 【0037】 For "Write Service," which is a request to process payments using electronic money, the initial security level is set to level 2, and the configurable range for the security level is also set to level 2. The fact that the configurable range is level 2 indicates that the security level is fixed at level 2, meaning it cannot be changed. 【0038】Similarly, initial security levels and configurable ranges are set for other processing requests. For example, for the "Sign with EC Key" processing request, which is a certificate signing processing request, the initial security level is set to level 2, and the configurable range for security levels is set to levels 1-2. Similarly, for the "Get Public Key" processing request, which is an R / W terminal authentication processing request, the initial security level is set to level 1, and the configurable range for security levels is set to levels 1-2. 【0039】 The higher the security level of a processing request, the more precise the verification process required. In this example, three security levels are provided, but it would be possible to provide even more levels. 【0040】 Figure 5 shows examples of verification actions according to security level. 【0041】 A processing request with a security level of 0 is a processing request that does not require user confirmation. When a processing request such as "Read Service" with a security level of 0 is sent from R / W terminal 2, Secure Element 12 executes the processing without user confirmation. 【0042】 A processing request with a security level of 1 is one in which the user is required to press a confirmation button as a confirmation action. When a processing request such as "Get Public Key" with a security level of 1 is sent from the R / W terminal 2, a screen including a confirmation button is displayed on the user terminal 3's display. If the user confirms the screen and presses the confirmation button, the requested process is executed in Secure Element 12. 【0043】A processing request with a security level of level 2 is a processing request that requires biometric authentication. When a processing request such as "Write Service" with a security level of level 2 is sent from the R / W terminal 2, a screen requesting biometric authentication is displayed on the display of the user terminal 3. The user who has confirmed the screen display performs authentication using biometric information such as fingerprints. If the biometric authentication is successful, the requested processing is executed in the Secure Element 12. The user terminal 3 is provided with a biometric sensor such as a fingerprint sensor. The biometric authentication is also performed by, for example, the application 11A. 【0044】 Thus, when a processing request with a security level of level 1 (the first level) is acquired, the requested processing is executed in response to the pressing of a predetermined button such as a confirmation button. Also, when a processing request with a level 2 (the second level) higher than level 1 is acquired, the requested processing is executed in response to the performance of biometric authentication. 【0045】 As a confirmation act for permitting the execution of the processing, other acts such as inputting a password or inputting a PIN may be used. It is possible to use various operations such as a slide operation of sliding a finger on the screen and an act of shaking the housing of the user terminal 3 as the confirmation act. 【0046】 FIG. 6 is a diagram showing an example of a confirmation screen when a processing request is received. 【0047】 For example, when a processing request for "Write Service" is sent from the R / W terminal 2, as shown on the left side of FIG. 6, a confirmation screen including information indicating that the "payment" processing is requested and that the confirmation act is fingerprint authentication is displayed on the display of the user terminal 3. The processing request for "Write Service" is a processing request with a security level of level 2 that requires biometric authentication as a confirmation act. A rejection button to be pressed when rejecting the execution of the processing is also displayed below the confirmation screen. 【0048】When the user touches the fingerprint sensor and performs a confirmation action while the screen shown on the left side of FIG. 6 is displayed, and the biometric authentication is successful, as shown at the tip of arrow #11, the display of the confirmation screen switches to a display indicating that the execution of the "Payment" process is permitted. At this time, the processing request of "Write Service" is executed in the Secure Element 12, and a response indicating the execution result is transmitted to the R / W terminal 2. 【0049】 On the other hand, when the user presses the rejection button while the screen shown on the left side of FIG. 6 is displayed, as shown at the tip of arrow #12, the display of the confirmation screen switches to a display indicating that the "Payment" process has been rejected. At this time, the "Payment" process is not executed. 【0050】 When the fingerprint authentication fails, as shown in FIG. 7, the display of the confirmation screen switches to a display indicating that the biometric authentication has failed. Also at this time, the "Payment" process is not executed. 【0051】 Thus, each time a processing request is received, a confirmation action corresponding to the security level is required. As a result, the user can check the content of the processing request from the R / W terminal 2 and then select whether to permit the execution of the process. Since the user can select whether to permit the execution of the process, it is possible to prevent the execution of a process not intended by the user. 【0052】 <Customization of Security Level> FIG. 8 is a diagram showing an example of a UI used for changing the security level. 【0053】 When a predetermined operation is performed on the screen of the application 11A, a setting screen as shown in FIG. 8 is displayed. The setting screen is a screen used for setting and changing the security level for each processing request. Information regarding the security level obtained from the applet 12A of the Secure Element 12 is used for the display of the setting screen. For example, information on processing requests for which a configurable range is set (processing requests whose security level is not fixed) is displayed on the setting screen. 【0054】The display on the left side of Figure 8 shows the display based on the default security level. In the example in Figure 8, the security levels for balance display ("Read Service"), payment ("Write Service"), certificate signing ("Sign with EC Key"), and R / W terminal authentication ("Get Public Key") are displayed as "No confirmation," "Biometric authentication," "Biometric authentication," and "Confirm button pressed." "No confirmation" indicates that the security level is set to level 0, "Biometric authentication" indicates that the security level is set to level 2, and "Confirm button pressed" indicates that the security level is set to level 1. 【0055】 For example, to change the security level of the balance display, as shown at the end of arrow #21, a dropdown menu will appear when you press "No Confirmation," which indicates the current security level setting. By selecting, for example, "Press Confirmation Button" from the security levels displayed in the dropdown menu, the security level of the balance display will be changed to level 1, as shown at the end of arrow #22. 【0056】 Information about the security level settings changed using this UI is supplied from application 11A to applet 12A and reflected in the security level settings held by applet 12A. 【0057】 In this way, it is possible to change the security level settings. Users can customize whether or not they need to perform verification actions according to their preferences. For example, they can choose not to require verification for processing requests where no damage is anticipated, such as balance checks, and require verification for processing requests where damage is anticipated, such as balance withdrawals. 【0058】 <Control Processing Flow> Here, referring to the sequence in Figure 9, a series of processes that control the execution of the processing requested from the R / W terminal 2 will be described. The processing in Figure 9 starts, for example, when the user terminal 3 is held over the R / W terminal 2. 【0059】 In step S1, the R / W terminal 2 sends a SELECT command. 【0060】 In step S11, the applet 12A of the Secure Element 12 receives the SELECT command transmitted by the R / W terminal 2 and sends a response to the R / W terminal 2. In Figure 9, the dashed arrows indicate the transmission and reception of the response. 【0061】 In step S2, the R / W terminal 2 sends a READ command or the like. 【0062】 In step S12, applet 12A receives a command sent by R / W terminal 2 and sends a response to R / W terminal 2. Based on the response sent here, R / W terminal 2 determines, for example, whether processing is necessary. 【0063】 In step S3, the R / W terminal 2 sends a processing request. The processing request sent here is a processing request with a set security level, such as a balance display, payment, certificate signing, or R / W terminal authentication. 【0064】 In step S13, applet 12A receives a processing request transmitted by R / W terminal 2. 【0065】 In step S14, the applet 12A determines whether or not to perform a confirmation action regarding the processing request sent from the R / W terminal 2, based on information regarding the security level. 【0066】 If the applet 12A determines that the processing request sent from the R / W terminal 2 is a processing request that requires verification, in step S15, the applet 12A extracts the necessary data from the processing request packet and generates a signature based on the extracted data. The R / W terminal 2 sends the processing request using a packet in a predetermined format. For example, data from a predetermined part, such as the part indicating the content of the processing request, is extracted from the processing request packet and used to generate the signature. The applet 12A has a private key in advance that is used to generate ECDSA signatures and the like. 【0067】In step S16, applet 12A signs the information indicating the content of the processing request and outputs it to application 11A as an HCI (Host Controller Interface) event. The information output to application 11A also includes information indicating the content of the confirmation action. 【0068】 After the HCI event is output, the applet 12A sends a status word (SW) to the R / W terminal 2 indicating that the response is pending. This ensures that even if the session between the R / W terminal 2 and the Secure Element 12 is terminated, the applet 12A remains in a state of waiting for permission to process the request. 【0069】 In step S4, the R / W terminal 2 sends a GET RESPONSE requesting the transmission of a response. 【0070】 In step S17, applet 12A receives GET RESPONSE sent from R / W terminal 2. Subsequently, applet 12A sends a status word to R / W terminal 2 indicating that the response is pending. 【0071】 Meanwhile, in step S31, the application 11A on the host CPU 11 receives an HCI event supplied from the applet 12A. 【0072】 In step S32, application 11A verifies the signature included in the HCI event. Application 11A already possesses a public key for signature verification that corresponds to the private key used to generate the signature. The private key used to generate the signature and its corresponding public key for signature verification are dynamically generated, for example, by applet 12A. The management of cryptographic keys will be described later. 【0073】 If the validity of the processing request (that it has not been tampered with) is confirmed by verifying the signature, in step S33, application 11A displays a confirmation screen as described with reference to Figure 6. The confirmation screen includes information indicating the content of the processing request and information indicating the content of the confirmation action. 【0074】If a user performs a verification action after viewing the confirmation screen, in step S34, application 11A obtains the result of the verification action. If the required verification action is pressing a confirmation button, it is obtained that the operation of pressing the confirmation button has been performed. If the required verification action is biometric authentication, the result of biometric authentication is obtained. 【0075】 If the confirmation button is pressed, or if biometric authentication is successful, in step S35, application 11A outputs a processing request permission to applet 12A. The processing request permission is information indicating permission to execute the requested process. 【0076】 In step S18, applet 12A receives a processing request permission supplied from application 11A. 【0077】 In step S5, the R / W terminal 2 sends a GET RESPONSE request to send a response. 【0078】 In step S19, applet 12A receives GET RESPONSE transmitted from R / W terminal 2. 【0079】 In step S20, applet 12A executes the processing permitted by application 11A. Applet 12A sends a response containing the processing result to R / W terminal 2, and the series of processes is completed. 【0080】 In this way, requiring verification actions according to the security level makes it possible to prevent unintended processes from being executed. 【0081】When the content of a processing request is output from applet 12A to application 11A, a signature is added to the content of the processing request, which prevents tampering with the information indicating the content of the processing request. If the information indicating the content of the processing request were to be tampered with on the path from Secure Element 12 to host CPU 11, the user would be presented with a processing request that is different from the processing request from R / W terminal 2, but this makes it possible to prevent such a problem. 【0082】 <Configuration of User Terminal 3> Figure 10 is a block diagram showing an example configuration of user terminal 3. Components identical to those described above are denoted by the same reference numerals. Repetitive explanations are omitted as appropriate. 【0083】 As shown in Figure 10, the user terminal 3 is an information processing device that includes, in addition to the host CPU 11 and Secure Element 12, an operation unit 101, a communication unit 102, a memory 103, a display 104, and a biosensor 105. The Secure Element 12, operation unit 101, communication unit 102, memory 103, display 104, and biosensor 105 are all connected to the host CPU 11. On the host CPU 11, the display control unit 111, the execution permission determination unit 112, and the encryption processing unit 113 are realized when application 11A is executed. 【0084】 The display control unit 111 of the host CPU 11 controls the display 104 to display various screens such as confirmation screens and setting screens. The process in step S33 of Figure 9 is the process performed by the display control unit 111. 【0085】 The execution permission determination unit 112 determines whether or not to permit the execution of the requested process. If the execution permission determination unit 112 has performed a verification action according to the security level, it permits the execution of the process and outputs a processing request permission to the applet 12A to indicate this. The processes in steps S34 and S35 of Figure 9 are the processes performed by the execution permission determination unit 112. 【0086】The cryptographic processing unit 113 manages the public key for signature verification. The cryptographic processing unit 113 verifies the signature attached to the information supplied from the applet 12A. The process in step S32 of Figure 9 is the process performed by the cryptographic processing unit 113. 【0087】 Thus, when a processing request requiring verification is received by the Secure Element 12, the host CPU 11 presents a screen used to verify the content of the processing, and functions as a control unit that permits the execution of processing in the Secure Element 12 in accordance with the verification performed according to the security level. 【0088】 The operation unit 101 consists of a touch panel superimposed on the display 104, buttons located at various positions on the casing of the user terminal 3, and the like. The operation unit 101 detects user operations and outputs information indicating the content of the user operations to the host CPU 11. 【0089】 The communication unit 102 is a communication module for mobile communication, wireless LAN communication, etc. The communication unit 102 communicates with external devices, including the service provider server 1, according to the control of the host CPU 11. The communication unit 102 receives information transmitted from the service provider server 1 and outputs it to the host CPU 11. The communication unit 102 also transmits information supplied by the host CPU 11 to external devices. 【0090】 Memory 103 stores programs executed by the host CPU 11, such as application 11A. In addition to programs, various data necessary for the host CPU 11 to perform processing are also stored in memory 103. 【0091】 The display 104 is composed of an LCD or an organic EL display, etc. The display 104 displays various information according to the control of the display control unit 111. 【0092】The biosensor 105 is a biosensor such as a fingerprint sensor. For example, biometric authentication is performed by the execution permission determination unit 112 based on the information detected by the biosensor 105. Face recognition may be performed based on an image captured by a camera and used to verify the legitimacy of the user when a processing request is received. In this case, the act of taking a picture of one's face with the camera and performing face recognition becomes the verification act. The user terminal 3 includes various other components such as a camera, microphone, and speaker. 【0093】 Figure 11 is a block diagram showing an example configuration of Secure Element 12. 【0094】 As shown in Figure 11, the Secure Element 12 includes an information processing unit 201, a memory 202, an I / F unit 203, and a proximity communication unit 204. The memory 202, I / F unit 203, and proximity communication unit 204 are connected to the information processing unit 201. In the information processing unit 201, the execution of applet 12A realizes the processing request acquisition unit 211, the processing execution unit 212, the information holding unit 213, and the encryption processing unit 214. 【0095】 The processing request acquisition unit 211 of the information processing unit 201 acquires the processing request transmitted from the R / W terminal 2 and received by the proximity communication unit 204. The processing request received in step S13 of Figure 9 is acquired by the processing request acquisition unit 211, and subsequent processing is carried out. 【0096】 The processing execution unit 212 determines, based on the security level, whether or not a confirmation action is necessary for the processing request acquired by the processing request acquisition unit 211. The processing execution unit 212 also controls the execution of the processing. For example, if a processing request requiring confirmation is transmitted from the R / W terminal 2, the processing execution unit 212 executes the processing in accordance with the fact that permission for the processing request has been supplied from the application 11A. The processes in steps S14, S16, S18-S20, etc. in Figure 9 are the processes performed by the processing execution unit 212. 【0097】The information storage unit 213 receives security level information downloaded from the service provider server 1 and received by application 11A, and stores and retains it in memory 202. The information held by the information storage unit 213 is provided to application 11A as needed. If the security level setting is changed and information indicating this is supplied by application 11A, the information storage unit 213 reflects this in its stored information. 【0098】 The cryptographic processing unit 214 manages the secret key for signature generation. When a signature is required for the information to be output to application 11A, the cryptographic processing unit 214 extracts the necessary data from the processing request packet and generates a signature based on the extracted data. The process in step S15 of Figure 9 is the process performed by the cryptographic processing unit 214. 【0099】 Memory 202 stores programs executed by the information processing unit 201, such as applet 12A. In addition to programs, various types of data, such as information related to security levels, are also stored in memory 202. 【0100】 The I / F unit 203 is the interface between the host CPU 11 and the Secure Element 12. The I / F unit 203 outputs information supplied from the information processing unit 201 to the host CPU 11. The I / F unit 203 also outputs information supplied from the host CPU 11 to the information processing unit 201. 【0101】 The proximity communication unit 204 is a communication module for contactless proximity communication. The proximity communication unit 204 is equipped with components such as an amplification unit, an A / D conversion unit, a D / A conversion unit, and another amplification unit. 【0102】 Figure 12 shows an example of the data structure of applet 12A. 【0103】 The Applet Package is associated with multiple R / W certificates. The R / W certificates include the public key used to authenticate R / W terminal 2. 【0104】In the example shown in Figure 12, Applet Instance A and Applet Instance B are included in the Applet Package. An Applet Instance is prepared for each service that uses Secure Element 12. 【0105】 Applet Instance A is an instance of Service A that uses Size N storage (memory capacity) and an EC Key. The security level of the "Read Service" processing request in Applet Instance A is Level 0 (No Security), and the security level of the "Write Service" processing request is Level 2 (Security Level 2). In addition, the security levels of the "Update EC Key", "Sign with EC Key", and "Get Public Key" processing requests are Level 2, Level 2, and Level 1, respectively. 【0106】 Applet Instance B is an instance of Service B that uses storage of Size M and an AES key. The security level of "Read Service" requests in Applet Instance B is Level 0, and the security level of "Write Service" requests is Level 2. In addition, the security level of "Set AES Key", "Encrypt with AES Key", and "G Decrypt with AES Key" requests is Level 2. 【0107】 In this way, even for processing requests of the same type, it is possible to set a different security level for each processing request used in each service. 【0108】<<Authentication of R / W Terminal>> <Processing in the Information Processing System> Figure 13 is a diagram showing the flow of the public key used for authentication of R / W terminal 2. In this example, the legitimacy of R / W terminal 2, which sent the processing request, is confirmed by R / W authentication, and if a verification action corresponding to the security level is performed, the requested processing is executed in Secure Element 12. The process of confirming the legitimacy of R / W terminal 2 is called R / W authentication. 【0109】 R / W terminal 2 generates a public key corresponding to the private key used for signature generation and uploads it to service provider server 1 as shown by arrow #51. R / W terminal 2 possesses the private key used for signature generation. 【0110】 The public key uploaded to the service provider server 1 is provided to the user terminal 3 at a predetermined time, such as during the installation of application 11A, as shown by arrow #52. The public key provided to the user terminal 3 is managed by Secure Element 12 as a key for signature verification. The sharing of the public key for signature verification takes place before receiving a processing request from the R / W terminal 2. 【0111】 The processing flow, including R / W authentication, will be explained with reference to the sequence in Figure 14. The processing in Figure 14 starts, for example, when user terminal 3 is held over R / W terminal 2. Explanations of the processing shown in Figure 14 that are the same as those explained with reference to Figure 9 will be omitted as appropriate. 【0112】 In step S101, the R / W terminal 2 sends a SELECT command. 【0113】 In step S111, applet 12A receives a SELECT command sent by R / W terminal 2 and sends a response to R / W terminal 2. 【0114】 In step S102, the R / W terminal 2 sends an authentication request. The authentication request sent by the R / W terminal 2 includes a signature along with the RWID, which is the identification information of the R / W terminal 2. The signature is generated, for example, by applying a private key for signature generation to the RWID. 【0115】In step S112, applet 12A receives an authentication request sent by R / W terminal 2. 【0116】 In step S113, applet 12A verifies the signature included in the authentication request using a public key for signature verification. For example, the validity of the signature, i.e., the validity of R / W terminal 2, is confirmed if the ID calculated using the public key for signature verification matches the RWID transmitted from R / W terminal 2. The signature verification in step S113 is performed by the cryptographic processing unit 214 (Figure 11). Thus, the cryptographic processing unit 214 has the function of obtaining and verifying the signature that is generated in R / W terminal 2 based on the RWID, which is the identification information of R / W terminal 2, and transmitted from R / W terminal 2 along with the RWID. A response corresponding to the signature verification result is sent from applet 12A to R / W terminal 2. 【0117】 The need to verify the legitimacy of R / W terminal 2 may be determined based on the security level. In this case, it is possible to set whether verification of the legitimacy of R / W terminal 2 is required based on the security level. 【0118】 In step S103, the R / W terminal 2 sends a READ command or the like. 【0119】 In step S114, applet 12A receives a command sent by R / W terminal 2 and sends a response to R / W terminal 2. 【0120】 In step S104, the R / W terminal 2 sends a processing request. 【0121】 In step S115, applet 12A receives a processing request transmitted by R / W terminal 2. If the legitimacy of R / W terminal 2 is confirmed, processing continues. On the other hand, if the legitimacy of R / W terminal 2 is not confirmed, an error occurs, and processing with R / W terminal 2 ends. 【0122】 In step S116, the applet 12A determines whether or not to perform a confirmation action regarding the processing request sent from the R / W terminal 2, based on information regarding the security level. 【0123】 If the applet 12A determines that the processing request sent from the R / W terminal 2 is a processing request that requires verification, in step S117, the applet 12A extracts the necessary data from the processing request packet and generates a signature based on the extracted data. For example, the signature is generated by applying a secret key to the RWID and the data indicating the content of the processing request extracted from the processing request packet. 【0124】 In step S118, applet 12A signs the RWID and information indicating the content of the processing request and outputs it to application 11A as an HCI event. 【0125】 In step S121, application 11A receives an HCI event sent from applet 12A. 【0126】 In step S122, application 11A verifies the signature included in the HCI event. Subsequent processing is basically the same as the processing described with reference to Figure 9. That is, if it is confirmed that the content of the processing request has not been tampered with based on the signature verification result, a confirmation screen is displayed and the user is asked to confirm. If application 11A has information indicating the correspondence between the RWID and the model of the R / W terminal 2, information indicating which R / W terminal 2 the processing request is from may be displayed on the confirmation screen based on the RWID included in the HCI event. 【0127】 Thus, Secure Element 12 has the function of verifying the legitimacy of the R / W terminal 2 that sends the processing request using a public key for signature verification. This makes it possible to prevent the execution of processing requests from R / W terminal 2 whose legitimacy has not been verified. 【0128】 As described above, if the legitimacy of R / W terminal 2 cannot be verified, processing of the processing request sent from R / W terminal 2 will be terminated, regardless of the security level setting. In this case, the content of the processing request will not be presented to the user, and an error response will be sent to R / W terminal 2. 【0129】 If the legitimacy of R / W terminal 2 is confirmed, the processing requested by R / W terminal 2 may be executed regardless of the security level setting. In this case, the content of the processing request will not be presented to the user, and the processing requested by R / W terminal 2 will be executed. The user may also be able to configure the system to not require verification if the legitimacy of R / W terminal 2 is confirmed. Such a setting may also be done, for example, using the security level. 【0130】 <Processing of Applet 12A> Now, referring to the flowchart in Figure 15, the processing of applet 12A, including R / W authentication, will be explained. Instead of the processing of applet 12A explained with reference to Figure 9, the processing in Figure 15 may be performed. 【0131】 In step S201, applet 12A receives a processing request sent from R / W terminal 2. 【0132】 In step S202, applet 12A determines whether or not confirmation is necessary for the processing request sent from R / W terminal 2. 【0133】 If step S202 determines that the processing request sent from R / W terminal 2 is a request without security (security level 0), then in step S203, applet 12A executes the requested processing. 【0134】 In step S204, applet 12A sends the processing result to R / W terminal 2. After that, processing of the processing request sent from R / W terminal 2 is completed. 【0135】 On the other hand, if step S202 determines that the processing request sent from R / W terminal 2 is a request with security level 1 or higher, in step S205, applet 12A extracts the necessary data from the processing request packet. 【0136】 In step S206, applet 12A determines whether or not the legitimacy of R / W terminal 2 has been confirmed. 【0137】If step S206 determines that the legitimacy of R / W terminal 2 has been confirmed because R / W authentication was successful, then in step S207, applet 12A generates a signature and outputs it to application 11A, attaching it to the necessary data portion of the processing request packet and the RWID. The signature generation here is performed, for example, by applying the secret key to the data indicating the content of the processing request extracted from the processing request packet and the RWID as the necessary data portion. 【0138】 On the other hand, if it is determined in step S206 that the legitimacy of R / W terminal 2 has not been verified, in step S208, applet 12A generates a signature and adds it to the necessary data portion of the processing request packet before outputting it to application 11A. The signature generation here is performed, for example, by applying a secret key to the data indicating the content of the processing request extracted from the processing request packet as the necessary data portion. In this way, the information output to application 11A may be switched depending on whether or not the legitimacy of R / W terminal 2 has been verified. 【0139】 In step S209, applet 12A sends a return value to R / W terminal 2 indicating that its state is waiting for permission to process. Subsequently, applet 12A performs the same processing as described with reference to Figure 9. Once the user's confirmation is complete and permission to process is supplied from application 11A, the requested processing is executed by Secure Element 12. 【0140】 <Overall processing using encryption keys> Figure 16 shows the overall processing using encryption keys. In an information processing system, the processing using encryption keys includes pre-processing 1, pre-processing 2, R / W authentication, and processing request authentication, as shown in Figure 16. 【0141】- Preprocessing 1 Preprocessing 1 is a process for sharing the public key for R / W authentication. R / W terminal 2 has the R / W signing key [RW_SK], which is the private key for signature generation. Based on the R / W signing key [RW_SK], R / W terminal 2 generates the R / W signature verification key [RW_PK], which is the public key for signature verification corresponding to the R / W signing key [RW_SK]. 【0142】 The R / W signature verification key [RW_PK] generated by the R / W terminal 2 is uploaded to the service provider server 1 and provided to the user terminal 3 via the service provider server 1. The R / W signature verification key [RW_PK] provided to the user terminal 3 is stored in the Secure Element 12 by the applet 12A. 【0143】 - Preprocessing 2 Preprocessing 2 is a process for sharing the public key for authentication of the processing request. Applet 12A has a signature key [AP_SK] which is a private key for generating signatures. Based on the signature key [AP_SK], applet 12A generates a signature verification key [AP_PK] which is a public key for verifying signatures that corresponds to the signature key [AP_SK]. 【0144】 The signature verification key [AP_PK] generated by applet 12A is provided to application 11A and stored there. 【0145】 ・R / W Authentication R / W authentication is a process that verifies the legitimacy of the R / W terminal 2 using the signature verification key [RW_PK] shared by preprocessing 1. When the user terminal 3 is held over the R / W terminal 2, the applet 12A generates a random number [AP_R] and sends it to the R / W terminal 2. In the example above, the RWID was used for R / W authentication, but it is also possible to use a random number generated by the applet 12A as the RWID. The random number is generated, for example, by the cryptographic processing unit 214. 【0146】 R / W terminal 2 applies the R / W signing key [RW_SK] to the random number [AP_R] to generate a signature [RW_SIG]. The signature [RW_SIG] generated by R / W terminal 2 is sent to applet 12A. 【0147】Applet 12A verifies the signature [RW_SIG] using the signature verification key [RW_PK] to confirm the legitimacy of R / W terminal 2. For example, if the value calculated by applying the signature verification key [RW_PK] to the signature [RW_SIG] matches the random number [AP_R], the legitimacy of R / W terminal 2 is confirmed. 【0148】 - Processing Request Authentication Processing request authentication is a process that verifies the legitimacy of the processing request (that it has not been tampered with) using the signature verification key [AP_PK] shared by preprocessing 2. This process starts when a processing request is sent from R / W terminal 2 to applet 12A. For example, APDU (Application Protocol Data Unit) is used to send the processing request. APDU is an international standard for commands used in communication between R / W and IC cards. 【0149】 Applet 12A extracts the data APDU_REQ, which is the data indicating the processing content, from the processing request packet. Applet 12A also checks the R / W authentication status. For example, if R / W authentication is complete, the RWID of R / W terminal 2 is used for processing request authentication. Applet 12A applies the signing key [AP_SK] to the data APDU_REQ and RWID to generate the signature [AP_SIG]. The signature [AP_SIG] generated by applet 12A is added to the data APDU_REQ and RWID and output to application 11A. 【0150】 Application 11A verifies the signature [AP_SIG] using the signature verification key [AP_PK] and confirms the validity of the data APDU_REQ and RWID. 【0151】 As described above, R / W authentication and processing request authentication are performed. By performing R / W authentication before executing the requested process, it is possible to prevent the execution of a processing request from R / W terminal 2 whose legitimacy has not been verified. Furthermore, by performing processing request authentication before executing the requested process, it is possible to prevent the user from being presented with a process whose content has been tampered with. 【0152】<<Summary of Functions>> Figure 17 is a diagram that summarizes the functions implemented by application 11A and applet 12A. 【0153】 As shown in callout #101, the applet 12A executed in Secure Element 12 manages the security level set for each type of processing request from R / W terminal 2. The initial value of the security level is determined, for example, by the service provider managing the service provider server 1. 【0154】 As shown in callout #102, the security level settings managed by applet 12A can be changed by the user using application 11A, which runs on the host CPU 11. Information indicating the security level settings changed by the user using the settings screen displayed by application 11A is output from application 11A to applet 12A and reflected in the information managed by applet 12A. 【0155】 The public key generated by the R / W terminal 2 for use in R / W authentication is uploaded to the service provider server 1 and provided to the user terminal 3 via the service provider server 1. The public key downloaded by application 11A through communication with the service provider server 1 is provided to applet 12A and managed there. 【0156】 <<Modification>> <Modification of external device> Although it was assumed that the processing request to Secure Element 12 is sent from R / W terminal 2, the above processing may also be performed in response to processing requests sent from a server on the Internet, such as service provider server 1. It is possible to use a device other than R / W terminal 2 as the external device that sends the processing request to Secure Element 12. 【0157】 Figure 18 shows the processing flow when the external device that sends the processing request is the service provider server 1. 【0158】Processing requests sent by the service provider server 1 are received by, for example, application 11A and output to applet 12A. Applet 12A performs a verification action according to the security level of the processing request and then executes the requested processing. Thus, this technology can also be applied when processing requests are sent from an external device different from the R / W terminal 2. Processing requests sent by the service provider server 1 and received by application 11A are output from application 11A to applet 12A and acquired by the processing request acquisition unit 211 (Figure 11). 【0159】 Figure 19 shows an example of sharing a public key for authentication of an external device that is the source of a processing request. 【0160】 If the external device that sends the processing request is the service provider server 1, it is possible to ensure that authentication of the service provider server 1 is performed before the requested processing is executed. As shown in Figure 19, the service provider server 1 has a private key for signature generation. A public key corresponding to the private key for signature generation is generated by the service provider server 1 and provided to the Secure Element 12. 【0161】 The public key generated by the service provider server 1 for authentication is provided to the user terminal 3 via the internet. The public key downloaded by application 11A through communication with the service provider server 1 is provided to applet 12A and managed there. 【0162】 When a processing request sent from service provider server 1 is received, the signature is verified using the public key provided by service provider server 1, and service provider server 1 is authenticated. If the legitimacy of service provider server 1 is confirmed, the processing requested by service provider server 1 is executed by Secure Element 12. This prevents the execution of processing requests from servers whose legitimacy has not been confirmed. 【0163】<Other> The functionality of application 11A may be implemented by a single program or by multiple programs. Similarly, the functionality of applet 12A may be implemented by a single program or by multiple programs. 【0164】 At least some of the functions of application 11A may be implemented by applet 12A, or conversely, at least some of the functions of applet 12A may be implemented by application 11A. 【0165】 The series of processes described above regarding the program can be executed by hardware or by software. When the series of processes are executed by software, the program that makes up the software is installed from a program storage medium onto a computer that is built into dedicated hardware, or a general-purpose personal computer. 【0166】 Figure 20 is a block diagram showing an example of the hardware configuration of a computer that executes the series of processes described above by a program. The service provider server 1 has a configuration similar to that shown in Figure 20. The user terminal 3 may be implemented using a computer having a configuration like that shown in Figure 20. 【0167】 The CPU (Central Processing Unit) 1001, ROM (Read Only Memory) 1002, and RAM (Random Access Memory) 1003 are interconnected by a bus 1004. 【0168】An input / output interface 1005 is further connected to the bus 1004. An input unit 1006 consisting of a keyboard, mouse, etc., and an output unit 1007 consisting of a display, speakers, etc. are connected to the input / output interface 1005. In addition, a storage unit 1008 consisting of a hard disk, non-volatile memory, etc., a communication unit 1009 consisting of a network interface, etc., and a drive 1010 that drives removable media 1011 are connected to the input / output interface 1005. 【0169】 In a computer configured as described above, the CPU 1001 loads, for example, a program stored in the memory unit 1008 into the RAM 1003 via the input / output interface 1005 and the bus 1004, and executes it, thereby performing the series of processes described above. 【0170】 The program executed by the CPU 1001 is, for example, recorded on removable media 1011, or provided via a wired or wireless transmission medium such as a local area network, the internet, or digital broadcasting, and installed in the storage unit 1008. 【0171】 The programs executed by the computer may be programs that are processed chronologically in the order described herein, or they may be programs that are processed in parallel or at necessary times, such as when they are called. 【0172】 In this specification, a system means a collection of multiple components (devices, modules (parts), etc.), regardless of whether all components are located in the same enclosure. Therefore, multiple devices housed in separate enclosures and connected via a network, and a single device containing multiple modules in one enclosure, are both considered systems. 【0173】 The effects described herein are illustrative and not limited to those described herein, and other effects may also occur. 【0174】The embodiments of this technology are not limited to those described above, and various modifications are possible without departing from the spirit of this technology. 【0175】 For example, this technology can be configured as cloud computing, where a single function is shared and processed collaboratively by multiple devices via a network. 【0176】 Furthermore, each step described in the flowchart above can be performed by a single device, or it can be divided and performed by multiple devices. 【0177】 Furthermore, if a single step includes multiple processes, those processes can be executed by a single device or shared among multiple devices. 【0178】 <Examples of configuration combinations> This technology can also be configured as follows: 【0179】(1) An information processing device comprising an IC chip including an acquisition unit that acquires a processing request transmitted from an external terminal, a storage unit that holds information regarding the security level for each type of processing request, indicating the content of the user's confirmation action when executing the requested processing, and an execution unit that executes processing according to the processing request, and a control unit that, when the IC chip acquires a processing request requiring the confirmation action, presents information used to confirm the content of the processing, and permits the execution of processing on the IC chip in accordance with the confirmation action performed by the user according to the security level. (2) The information processing device according to (1), wherein the control unit presents a confirmation screen including information indicating the content of the processing and information indicating the content of the confirmation action as information used to confirm the content of the processing. (3) The information processing device according to (2), wherein the control unit presents pressing a button displayed on the confirmation screen or authentication using biometric information as the content of the confirmation action. (4) The information processing apparatus according to (3), wherein the control unit, when a processing request is obtained in which a first level is set as the security level, permits the execution of a process corresponding to the processing request in response to the button being pressed, and when a processing request is obtained in which a second level higher than the first level is set, permits the execution of a process corresponding to the processing request in response to the successful authentication using the biometric information. (5) The information processing apparatus according to any one of (1) to (4), wherein the holding unit acquires information relating to the security level transmitted from a server on the Internet. (6) The information processing apparatus according to any one of (1) to (5), wherein the information relating to the security level includes information indicating the settable range of the security level, and the control unit changes the setting of the security level for each type of processing request in response to user operation. (7) The information processing apparatus according to (6), wherein the control unit displays a setting screen used to change the setting of the security level for each processing request, and changes the setting of the security level in response to operation on the setting screen.(8) The IC chip further includes an encryption processing unit that generates a signature based on the processing request data acquired by the acquisition unit, and the control unit verifies the signature supplied from the IC chip together with the processing request data using a public key corresponding to the private key used to generate the signature, as described in any of (1) to (7). (9) The control unit presents information used to verify the content of the processing when the validity of the processing request data is confirmed, as described in (8). (10) The IC chip further includes an encryption processing unit that acquires a signature generated at the external terminal based on the identification information of the external terminal and transmitted from the external terminal together with the identification information, and verifies the signature using a public key corresponding to the private key used to generate the signature, as described in any of (1) to (9). (11) The control unit presents information used to verify the content of the processing when the validity of the external device is confirmed, as described in (10). (12) The acquisition unit is the information processing device according to (1) to (11) above, which acquires the processing request transmitted from an external terminal such as a reader / writer terminal or a server on the Internet. (13) An information processing device comprising an IC chip including an acquisition unit that acquires a processing request transmitted from an external terminal, a holding unit that holds information on the security level for each type of processing request, which indicates the content of the user's confirmation action when executing the requested processing, and an execution unit that executes processing according to the processing request, wherein when the IC chip acquires the processing request for which the confirmation action is required, the device presents information used to confirm the content of the processing, and permits the execution of processing on the IC chip in accordance with the confirmation action performed by the user according to the security level.(14) A program for causing a computer to execute a process, which includes an acquisition unit for acquiring processing requests transmitted from an external terminal, a storage unit for storing information on the security level for each type of processing request that indicates the content of the user's confirmation action when executing the requested processing, and an execution unit for executing processing according to the processing request, the computer to acquire a processing request that requires the user's confirmation action when an IC chip is acquired by the IC chip, and the computer to allow the execution of processing on the IC chip when the user has performed the confirmation action according to the security level. (15) An IC chip comprising an acquisition unit for acquiring processing requests transmitted from an external terminal, a storage unit for storing information on the security level for each type of processing request that indicates the content of the user's confirmation action when executing the requested processing, and an execution unit for executing processing according to the processing request when the user has performed the confirmation action according to the security level and the execution of processing has been permitted by the processing circuit. 【0180】 1 Service provider server, 2 R / W terminal, 3 User terminal, 11 Host CPU, 12 Secure Element, 101 Operation unit, 102 Communication unit, 103 Memory, 104 Display, 105 Biometric sensor, 111 Display control unit, 112 Execution permission determination unit, 113 Cryptographic processing unit, 201 Information processing unit, 202 Memory, 203 I / F unit, 204 Proximity communication unit, 211 Processing request acquisition unit, 212 Processing execution unit, 213 Information storage unit, 214 Cryptographic processing unit

Claims

An acquisition unit that acquires processing requests sent from an external terminal, A storage unit that holds information regarding the security level for each type of processing request, which indicates the content of the user's confirmation actions when executing the requested processing, An execution unit that performs processing in response to the aforementioned processing request and IC chips including, When the IC chip receives the processing request requiring the aforementioned verification, the control unit presents information used to verify the content of the processing, and authorizes the execution of the processing on the IC chip in accordance with the verification performed by the user according to the security level. An information processing device equipped with the following features. 　 The control unit presents a confirmation screen that includes information indicating the content of the process and information indicating the content of the confirmation action, as information used to confirm the content of the process. The information processing apparatus according to claim 1. 　 The control unit presents the pressing of a button displayed on the confirmation screen, or authentication using biometric information, as the content of the confirmation action. The information processing apparatus according to claim 2. 　 The control unit, When a processing request is obtained in which the security level is set to the first level, the execution of the processing corresponding to the processing request is permitted in response to the button being pressed. When a processing request is received in which a second level higher than the first level is set, the execution of the processing corresponding to the processing request is permitted in accordance with the successful authentication using the biometric information. The information processing apparatus according to claim 3. 　 The holding unit acquires the security level information transmitted from a server on the internet. The information processing apparatus according to claim 1. 　 The information regarding the security level includes information indicating the configurable range of the security level. The control unit changes the security level setting for each type of processing request in accordance with user operations. The information processing apparatus according to claim 1. 　 The control unit displays a settings screen used to change the security level setting for each processing request, and changes the security level setting in response to operations on the settings screen. The information processing apparatus according to claim 6. 　 The IC chip further includes an encryption processing unit that generates a signature based on the processing request data acquired by the acquisition unit, The control unit verifies the signature supplied from the IC chip along with the processing request data using the public key corresponding to the private key used to generate the signature. The information processing apparatus according to claim 1. 　 The control unit, upon confirmation of the validity of the data in the processing request, presents information used to confirm the content of the processing. The information processing apparatus according to claim 8. 　 The IC chip further includes a cryptographic processing unit that obtains a signature generated at the external terminal based on the identification information of the external terminal and transmitted from the external terminal along with the identification information, and verifies the signature using a public key corresponding to the private key used to generate the signature. The information processing apparatus according to claim 1. 　 The control unit, once the legitimacy of the external device is confirmed, presents information used to verify the content of the process. The information processing apparatus according to claim 10. 　 The acquisition unit acquires the processing request transmitted from the reader / writer terminal, which is an external terminal, or from a server on the Internet. The information processing apparatus according to claim 1. 　 An acquisition unit that acquires processing requests sent from an external terminal, A storage unit that holds information regarding the security level for each type of processing request, which indicates the content of the user's confirmation actions when executing the requested processing, An execution unit that performs processing in response to the aforementioned processing request and An information processing device equipped with an IC chip including, When the aforementioned processing request requiring the aforementioned verification is acquired by the IC chip, information used to verify the content of the processing is presented. In accordance with the verification action performed by the user according to the security level, the execution of processing in the IC chip is permitted. Information processing methods. 　 An acquisition unit that acquires processing requests sent from an external terminal, A storage unit that holds information regarding the security level for each type of processing request, which indicates the content of the user's confirmation actions when executing the requested processing, An execution unit that performs processing in response to the aforementioned processing request and A computer equipped with an IC chip including When the aforementioned processing request requiring the aforementioned verification is acquired by the IC chip, information used to verify the content of the processing is presented, In response to the user performing the verification action corresponding to the security level, the execution of processing on the IC chip is permitted. A program that performs a process that includes the following. 　 An acquisition unit that acquires processing requests sent from an external terminal, A storage unit that holds information regarding the security level for each type of processing request, which indicates the content of the user's confirmation actions when executing the requested processing, In response to the acquisition of the processing request requiring the aforementioned verification, the processing circuit presents information used to verify the content of the processing, and in response to the user performing the verification according to the security level, the processing circuit authorizes the execution of the processing, and an execution unit executes the processing according to the processing request. An IC chip equipped with the following features.

Images