JPH06259452A - Prepaid card system using IC card - Google Patents

Abstract

(57) [Summary] [Purpose] While maintaining the security of IC cards,
To provide a prepaid card system using an IC card in which duplication of the IC card is prevented. [Structure] When shopping with the IC card 1, the IC card 1 sends the pre-shopping card balance and the authenticator stored in the card balance register 1b and the authenticator register 1c to the store terminal 2. In the store terminal 2, the encryption unit 2b uses the authenticator generation key 2a to generate an authenticator from the card balance, and the checking unit 2c checks the authenticity of the authenticator. Then, in the adding means 2d, the shopping amount is subtracted from the card balance to obtain the updated card balance, and the card balance and its authenticator are integrated into an IC.
Write on card 1. In addition, the IC card 1 is provided with a counter 1e that is incremented for each shopping, and the counter 1e
The counter value of e is sent from the store terminal to the bank center 3 and I
Discover unauthorized use of C card.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a prepaid card system using an IC card, and more particularly, the present invention relates to an IC card capable of maintaining security of the IC card and preventing duplication of the IC card. It relates to the prepaid card system used.

[0002]

2. Description of the Related Art At present, various cashless systems such as prepaid card systems and credit card systems are in widespread use. The demand for high cashless systems is increasing.

In order to meet the above requirements, a prepaid card system using an IC card, which is more secure than a medium such as a magnetic card, has been developed in recent years (for example, see Japanese Patent Application No. 3-57126). In a prepaid card system using an IC card, when using the IC card, the card user needs to use a bank (for example, A
Deposit a specified amount of money into your IC card from your personal bank account. When the card user deposits into the IC card, I
The amount of money deposited into the C card is deposited into an undecided funds file that stores the total amount of deposits from all the individual accounts to the IC cards under contract.

Each time the card user makes a purchase, the sales amount of the card user for Bank A is summed up at the store terminal, and the total sales amount is A every fixed period.
It is encrypted and sent to the bank's bank center system. In the bank center system, the total amount of sales that has been sent is transferred from the unsettled fund file to the store account where the sales were made.

FIG. 12 is a diagram showing a prepaid card system using the above-mentioned conventional IC card. In the figure, 111 is an IC card, and the IC card 111
, 111a is an amount display section for displaying the shopping amount,
111b is an addition unit that adds the shopping amount and the total sales amount in the plaintext 112a of the store terminal 112, 111c is a decryption unit that decrypts the encrypted text 112b of the store terminal 112 that has been encrypted with the key 111d, and 111e is Decoding section 1
The encrypted text 112b of the store terminal 112 decrypted by 11c
And the plaintext 112a of the store terminal 112 are compared with each other, and the comparison section 111f for stopping the transaction if they do not match, 111f is an addition section 11
An encryption unit that encrypts the output of 1b with the key of Bank A that issued the IC card and updates the encrypted text 112b of the store terminal 112, 111g is a balance storage register, 111h is the amount of shopping subtracted from the contents of the balance storage register 111g. It is a subtraction unit.

[0006] Further, 112 is a store terminal, and in the store terminal 112, 112a is a plaintext recording the name of the transaction bank, the total sales amount within a predetermined period, the ID number of the IC card, etc., and 112b is the total sales amount encrypted. The encrypted text, 11
2c is an adder for adding the shopping amount and the total amount of sales in the plaintext 112a. 112d is the output of the adder 112c and the IC.
The output of the adding unit 111b of the card 111 is compared, and the plaintext 1
12a is a comparison unit for updating the amount of money.

In the figure, when the total sales amount is updated by the purchase of the shopper, the IC card 111 is inserted into the store terminal 112 and the purchase amount is input from the keyboard or the like of the store terminal. As a result, the plaintext 112a and the ciphertext 11 of the bank that issued the IC card 111 (Bank A in this case) from the store terminal 112 to the IC card 111.
2b is sent. The ciphertext 112b is decrypted by the decryption unit 111c of the IC card 111 and compared with the plaintext 112a sent from the store terminal 112 by the comparison unit 111e.

Here, when the comparison result in the comparison unit 111e does not match, the plain text 11 in the store terminal 112 is displayed.
The transaction is stopped as if 2a has been tampered with or an error has occurred. When the comparison results of the comparison unit 111e match, the total sales amount and the purchase amount in the plaintext 112a of the store terminal 112 are added by the addition unit 111b of the IC card 111, and the addition result is sent to the store terminal 112. In the encryption unit 111f, the encryption is performed using the bank A key. The data encrypted by the encryption unit 111f is stored in the store terminal 11 as ciphertext update data.
The second ciphertext 112b is updated.

On the other hand, in the store terminal 112, the shopping amount and the total sales amount in the plain text 112a are added by the adding unit 112c and given to the comparing unit 112d. Comparison section 1
12d is the addition result of the addition unit 112c and the IC card 11
The addition result of the addition unit 111b of 1 is compared. If the comparison result of the comparison unit 112d does not match, the processing is stopped assuming that an error has occurred on the IC card 111 side or the store terminal 112 side. Also, the comparison unit 112d
If the comparison results of No. 1 match, the total sales amount of the plaintext 112a of the store terminal 112 is updated as a correct calculation.

Further, the subtraction section 111h of the IC card 111
Subtracts the shopping amount from the balance in the balance storage register 111g and rewrites the balance in the balance storage register 111g.

[0011]

As described above, in the conventional prepaid card system, it has been considered from the standpoint that copying on the IC card side is impossible. The key is held, and the summing process at the store terminal is also calculated by the IC card, and the store terminal side has a simple memo-like configuration.

[0012] However, making a copy of an IC card is a magnetic card or a PET card (telephone card,
It is more difficult than copying an orange card, etc., but not impossible. That is, it is possible to make a duplicate if there is an IC card manufacturing technology and inspection technology, and the inspection technology is integrated with the manufacturing technology, making it difficult to manufacture something that cannot be inspected. Accompany.

Therefore, in order to prevent the duplication of the IC card, the cost required for duplicating the IC card is
You need to reduce the profits you get from duplicating cards. Further, in the conventional prepaid card system, since the security key is provided on the IC card side, the security key is distributed to an unspecified number of people, which is a problem from the viewpoint of maintaining security. It was

The present invention has been made in view of the above-mentioned problems of the prior art. The store terminal side, not the IC card side, is used as a trust point, and the store terminal is wholly or partially protected. , Keep the security by putting the key of the system on the store terminal
It is an object of the present invention to provide a prepaid card system using an IC card in which the profit due to the duplication of the card is reduced and the duplication of the IC card is prevented.

[0015]

FIG. 1 is a basic configuration diagram of the present invention. In the figure, 1 is an IC card,
In the card 1, 1a is a card ID, 1b is a balance register for storing a guard balance, 1c is an authenticator register for storing an authenticator, 1d is a check means for checking the card balance, and 1e is a counter which is incremented for each shopping. Reference numeral 1f is a display means for displaying the shopping amount and 1g is a last use date / time storage means for storing the last use date / time.

Reference numeral 2 is a store terminal. In the store terminal 2, 2a is an important key of the system, 2b is an encryption means for encrypting a card balance, 2c is a checking means for checking the authenticity of an authenticator, Reference numeral 2d is an adding means for calculating the card balance, and 2e is a use interval checking means for checking the use interval of the IC card. Further, 3 is a bank center.

In order to solve the above problems, the invention of claim 1 of the present invention is, as shown in FIG. 1, an IC card 1 and an IC.
An IC card is used which includes a store terminal 2 that sums up the purchase amount by the card 1 for each bank and sends it to the bank center, and a bank center 3 that determines the purchase amount based on the transmission data from the store terminal 2. In the prepaid card system, the IC card 1 that is the prepaid medium is
A card ID 1a different for each card 1, a balance register 1b indicating a card balance, and an authenticator register 1c for storing an authenticator of the balance register 1b are provided, and the store terminal 2
An important key 2a of the system, an encryption means 2b for encrypting the card balance of the IC card 1 based on this key, and a check means 2c for checking the authenticity of the authenticator.
And a physically protected store terminal 2 including an adding means 2d.

When shopping with the IC card 1, the store terminal 2 checks the authenticity of the authenticator of the IC card 1 by the checking means 2c and calculates the card balance by the adding means 2d. The authenticator is generated by the encryption means 2b, and the balance and the authenticator of the IC card 1 are rewritten.
The invention of claim 2 of the present invention is the same as the invention of claim 1,
The IC card 1 is provided with means 1f for displaying the amount of shopping and check means 1d for checking the card balance,
This is to prevent the illegal purchase amount from being reduced on the IC card 1 side.

According to a third aspect of the present invention, in the first or second aspect of the invention, the IC card 1 is provided with a counter 1e that is incremented for each purchase, and the counter 1e is provided.
The counter value of e is associated with the key 2a for authenticator generation. According to a fourth aspect of the present invention, in the third aspect of the invention, the bank center 3 is transmitted by transmitting the counter value of the counter 1e provided in the IC card 1 together with the card ID 1a from the store terminal 2 to the bank center 3. It is possible to check the duplication of the IC card 1 in.

According to a fifth aspect of the present invention, in the fourth aspect of the invention, the counter value is transmitted to the bank center 3 only when the counter value of the counter 1e of the IC card 1 is an integral multiple of a predetermined value. It was done like this. According to a sixth aspect of the present invention, in the third aspect of the invention, the card ID 1 is set at the store terminal 2 at each predetermined time.
a, the number of times the card ID 1a has been used within the period, and the final value of the counter 1e are transmitted to the bank center 3.

According to a seventh aspect of the present invention, in the fourth aspect of the invention, the counter information is transmitted online to the bank center 3. According to the invention of claim 8 of the present invention, in the invention of claim 4, the counter information is transmitted to the bank center 3 offline. A ninth aspect of the present invention provides an IC card 1 and an IC
An IC card is used that includes a store terminal 2 that sums up the purchase amount of money by the card 1 for each bank and sends it to the bank center 3, and a bank center 3 that determines the purchase amount based on the transmission data from the store terminal 2. In the prepaid card system, the IC card 1 stores the last use date and time, and the bank center 3 checks the IC card 1 in which the card use interval is wide.

According to a tenth aspect of the present invention, the last use date and time of the IC card 1 is encrypted and stored in the IC card 1.

[0023]

When the card user goes to the store and carries out shopping, first, the IC card 1 is inserted into the store terminal 2, and I
From the C card 1, the pre-shopping card balance stored in the card balance register 1b and the pre-shopping authenticator stored in the authenticator storage register 1c are sent to the store terminal 2. In the store terminal 2, the encryption means 2b uses the authenticator generation key 2a to generate an authenticator from the card balance, and the checking means 2c checks the authenticity of the authenticator sent from the IC card 1. To do. If the authenticity of the authenticator is recognized, the process proceeds to the next process, and if the authenticity of the authenticator is not recognized, the transaction is stopped.

Next, when the shopping amount is sent, the shopping amount is subtracted from the card balance in the adding means 2d,
Ask for updated card balance. The updated card balance is written in the IC card 1. Further, the encryption unit 2b generates an authenticator from the updated card balance,
Write on the C card. In the invention of claim 1 of the present invention, as shown in FIG. 1, the store terminal side is set as a trust point, an important key of the system is placed in the store terminal, and when the IC card 1 is used for shopping, a check is performed at the store terminal 2. Means 2c
The authenticity of the authenticator of the IC card 1 is checked by the adder 2d, the card balance is calculated by the adder 2d, and the authenticator is generated from the calculated balance by the encryption means 2b. Since it has been rewritten, the security key will not be distributed to an unspecified number of people. Security can be maintained as compared with the conventional one.

In the invention of claim 2 of the present invention, in the invention of claim 1, the IC card 1 is provided with a means 1f for displaying the amount of shopping and a checking means 1d for checking the card balance. In addition to the effect of the invention of claim 1, it is possible to prevent the illegal purchase amount from being reduced on the IC card 1 side. In the invention of claim 3 of the present invention, in the invention of claim 1 or 2, the IC
Counter 1e that is incremented for each shopping on the card 1
Since the counter value of the counter 1e is associated with the authenticator generating key 2a, even if the balance of the IC card is rewritten, the authenticator is checked by the key generated based on the counter value, Unauthorized use can be found.

In the invention of claim 4 of the present invention, in the invention of claim 3, the counter value of the counter 1e provided in the IC card 1 is transmitted from the store terminal 2 to the bank center 3 together with the card ID 1a. Therefore, the duplicated IC card 1 can be found by checking the counter value for duplication at the bank center 3. In the invention of claim 5 of the present invention, in the invention of claim 4, the counter value is transmitted to the bank center 3 only when the counter value of the counter 1e of the IC card 1 is an integral multiple of a predetermined value. Therefore, the transaction amount sent from the store terminal 2 to the bank center 3 can be reduced.

Further, the counter information is sent to the bank center 3 online as in the invention of claim 7 or 8.
Or you can send it offline. In the invention of claim 6 of the present invention, in the invention of claim 3, in the store terminal 2, at each predetermined time, the card ID 1a, the number of times the card ID 1a has been used within the period, and the final count of the counter 1e. Since the value is transmitted to the bank center 3, the IC is determined by the difference between the largest value of the last counter value transmitted last time and the greatest value of the last counter value transmitted this time, and the number of shopping during that time.
Unauthorized use of the card 1 can be found.

In the invention of claim 9 or claim 10 of the present invention, the date and time of last use is stored in the IC card 1,
Since the IC card 1 whose card use interval is greatly opened is checked at the bank center 3, if there is no transaction for a period longer than the period required for duplication of the IC card, the transaction with the IC card can be stopped. Duplicate cards can be difficult. Further, as in the invention of claim 10, by encrypting the last use date and time of the IC card 1 and storing it in the IC card 1, it becomes difficult to rewrite the last use date and time, and it becomes more difficult to make a copy. it can.

[0029]

FIG. 2 is a diagram showing a system configuration of a first embodiment of the present invention. In FIG. 2, 11 is an IC card, and in the IC card 11, 11a is a card ID of the IC card, 11b, Reference numeral 11b 'is a balance storage register for storing the card balance, 11b shows the card balance before the shopping amount is subtracted, and 11b' shows the card balance after the shopping amount is subtracted.

11c and 11c 'are authenticator storage registers for storing authenticators, 11c indicates an authenticator generated from the card balance 11b, and 11c' is an authenticator generated from the card balance 11b 'after subtraction of the shopping amount. Is shown. Note that the authenticator encrypts some bits of the encrypted text, and although the authenticator is generated from the encrypted text, the encrypted text cannot be restored from the authenticator. To generate the authenticator, for example, the 256-bit encrypted text is divided into 4 64-bit blocks, and the exclusive OR of the encrypted first block and the next block is taken, The operation of encrypting the result is repeated four times, and the finally obtained 64 bits are used as the authenticator.

Further, 12 is a store terminal, and the store terminal 1
2 is physically protected in whole or in part to maintain security. In the store terminal 12, 12a is a key for generating a key for authenticator generation, 12b is an encryption unit for generating an encryption key for authenticator generation based on the card ID 11a and the key 12a, and 12c is an encryption key. Conversion unit 12
An encryption unit that encrypts the card balance of the IC card 11 with the key generated by b to generate an authenticator, 12d is an IC
A comparing unit for comparing the authenticator of the card 11 and the authenticator generated by the encryption unit 12c, 12e subtracts the shopping amount from the card balance sent from the IC card 11, and sends the subtraction result to the IC card 11, An adding unit to be given to the encrypting unit 12f, and 12f is an output of the adding unit 12e.
2b is an encryption unit that encrypts with the key generated by 2b and generates an authenticator.

In the figure, when the card user goes to the store to shop, the IC card 11 is first inserted into the store terminal 12. From IC card 11, card ID
11a is sent to the store terminal 12, and the store terminal 12 generates an encryption key for generating an authenticator from the card ID and the key 12a held by the store terminal 12. Next, from the IC card 11, the card balance before shopping is sent from the card balance register 11b, and the authenticator before shopping is sent to the store terminal 12 from the authenticator storage register 11c. Store terminal 1
In 2, the encryption unit 12c generates an authenticator from the card balance using the key for authenticator generation that has been created, and the comparing unit 12d compares the authenticator with the authenticator sent from the IC card 11.

Here, if the comparison results match, the process proceeds to the next process, and if the comparison results do not match, the transaction is stopped. Then, when the shopping amount is sent from the POS terminal of the store, the adding unit 12e subtracts the shopping amount from the card balance to obtain the updated card balance. The updated card balance is written in the IC card 11, the card balance is updated, and the encryption unit 12
In f, the authenticator generation key is used to generate the authenticator from the updated card balance, and the authenticator is written in the IC card to update the authenticator.

In this embodiment, the store terminal side is used as a trust point, the store terminal is physically protected in whole or in part, and an important key of the system is placed in the store terminal. Security key is not spread to other people. Security can be maintained as compared with the conventional one. FIG. 3 is a diagram showing a system configuration of a second embodiment of the present invention. This embodiment is an embodiment in which the IC card side also checks the balance update of the IC card, and is shown in FIG. The same components as those in the embodiment are designated by the same reference numerals, and in the present embodiment, the card balance stored in the card balance register 11b and the addition unit 11d for adding the shopping amount and the store terminal 12 are updated. A comparison unit 11e that compares the card balance with the subtraction result of the addition unit 11d and a display unit 11f that displays the shopping amount are provided.

In FIG. 2, the updated card balance and the authenticator thereof are the same as those shown in FIG. 2 up to the point where they are sent from the store terminal 12 to the IC card 11 side. When the shopping amount is sent to the IC card 11 from the POS terminal of the store, the shopping amount is displayed on the display unit 11f of the IC card 11 and is subtracted from the card balance by the adding unit 11d. Terminal 1
2 is compared to the updated card balance sent from. If the result of the comparison shows that they match, writing to the card is refused and the transaction is stopped.

In this embodiment, the same effect as that of the first embodiment can be obtained, and the IC card side also checks the balance of the guard so that the I
It is possible to prevent the amount of money from being deducted from the C card. FIG. 4 is a diagram showing a system configuration of a third embodiment of the present invention. In this embodiment, an IC card is provided with a counter that is incremented each time a product is purchased, and a key for checking the authenticator against the card balance is It is generated from the card ID, the key of the store terminal, and the value of the counter. Also,
The value of the counter provided on the IC card is configured so that it cannot be rewritten from the outside.

In the figure, the same components as those in the embodiment of FIG. 2 are designated by the same reference numerals. In this embodiment, the IC card 12 side is provided with a counter 11g and the store terminal 12 side is provided. The function generator 1 that generates a key for authenticator check for the card balance from the encryption unit 12b and the counter value of the counter 11g provided in the IC card.
2g is provided, and other configurations are similar to those of the embodiment of FIG.

In FIG. 4, since the card user is shopping at the store, when the IC card 11 is inserted into the store terminal 12, the card ID is transferred from the IC card 11 to the store terminal 12 as in the embodiment of FIG. Sent. The store terminal 12 generates an encryption key from the card ID and the key 12a possessed by the store terminal 12. The function generation unit 12g generates an encryption key for authenticator generation from the counter value of the counter 11g sent from the IC card 11 and the key generated by the encryption unit 12b. Then, as in the embodiment of FIG. 2, in the encryption unit 12c, the authenticator is generated from the card balance 11b by using the key for generating the authenticator created above, and the comparing unit 1
In 2d, the authenticator 11 sent from the IC card 11
Compare with c.

In addition, the adder 12e subtracts the shopping amount from the card balance 11c and writes the updated card balance in the IC card 11. On the other hand, the value of the counter 11g of the IC card 11 is incremented, and at the store terminal 12, the function generation unit 1 uses the incremented counter value and the key generated by the encryption unit 12b.
A key for generating an authenticator is generated by 2g ′, and the encrypting unit 12f uses this key to generate an authenticator from the updated card balance and write it in the IC card.

FIG. 5 is a diagram showing a system configuration of a fourth embodiment of the present invention. In this embodiment, an exclusive OR is used as the function section shown in FIG. The other structure is the same as that of the third embodiment shown in FIG. Exclusive or 12h, 1 of this embodiment
2h 'is for obtaining the exclusive OR of the key generated by the encryption unit 12b and each bit of the counters 11g and 11g'. The result of the exclusive OR is the encryption unit 12g as a key for authenticator generation. , 12f.

In the third and fourth embodiments described above, I
The C card is provided with a counter that cannot be rewritten from the outside, and the counter is incremented inside the IC card. Therefore, even if you try to increase the card balance by copying the IC card card balance and the authenticator pair, Since the value of can not be rewritten, fraud can be found by checking the authenticator.

As shown in FIG. 6, as described above, the card balance of the IC card and the pair of the authenticator are read from the IC card,
FIG. 9 is a diagram illustrating fraudulent discovery when the card balance of an IC card is increased by wiretapping and recording communication between the C card and a store terminal and writing the IC card. As shown in the figure, the counter value is P, the balance is 100,000 yen, and the IC card A with the balance authenticator Ekp is used for shopping for 20,000 yen, and I
After the C card has a counter value P + 1, a balance of 80,000 yen, and a balance certifier Ekp + 1, as shown in FIG. 9B, the IC card C is used for shopping for 20,000 yen, and the IC card becomes Figure D
As shown in, it is assumed that the counter value is P + 2, the balance is 60,000 yen, and the balance authenticator Ekp + 2.

Here, the communication between the IC cards B and C and the store terminal is eavesdropped, the card balance of 80,000 yen and the balance authenticator Ekp + 1 are recorded on the recording medium, and the IC card D is recorded by this recording medium. In the case of rewriting, as described above, the counter value P + 2 cannot be rewritten, so the IC card shown in FIG. When shopping is performed using this IC card E, the counter value P +
Since the balance certifier is checked with the key generated based on 2, the certifier generated with the key generated based on the counter value P + 1 of the IC card C does not match, and fraud is detected.

FIG. 7 is a diagram showing a system configuration of a fifth embodiment of the present invention. In this embodiment, an IC card counter value is sent from a store terminal to a bank center to detect illegal use. FIG. 3A is a conceptual diagram of the system, and FIG. 1B is a diagram for explaining a fraud detection mechanism. In the figure, 11 is an IC card, 12 is a store terminal, 13 is a bank center, 13a is counter value log information,
Reference numeral 13b is a comparison unit for comparing the counter value log information and checking for counter value duplication.

In FIG. 9A, the card user is I
When shopping is performed using the C card, the store terminal 12 transmits the user ID of the IC card 11 and the counter value at the time of shopping to the bank center 13 as transaction information of the shopping. In the bank center 13, the counter value log information 13a transmitted from the store terminal is compared by the comparison unit 13b, and it is checked whether there is any duplication.

FIG. 11B shows an example of counter value log information of the legal card and the duplicate card transmitted to the bank center 13, and a duplicate card is created when the counter value of the legal card is 3. As shown in FIG.
The following information is transmitted from each store to the bank center as information for shopping. Store 1 IDa 1,3 Store 2 IDa 2,4,5 Store 3 IDa 3,4,5 As is apparent from the figure, the same counter value for the cards with the user ID IDa, 3, 4, and 5 Appears multiple times. Therefore, the bank center 13 can detect the illegal use of the IC card by checking the duplication of the counter values.

That is, as described above, the value of the IC card counter cannot be given an arbitrary value.
The counter value of the card before duplication, the card balance, and the set of the authenticator must be set in the duplication card. Therefore, if a duplication card is used, the IC card with the same ID and the same counter value as the legal card is used for shopping. Will be done. Therefore, at the bank center 13, along with the card ID, the IC
By sending the card counter value, it is possible to detect unauthorized use of the card.

FIG. 8 is a diagram showing a system configuration of a sixth embodiment of the present invention. This embodiment is the same as the fifth embodiment shown in FIG. 7, but the counter value of the IC card is a predetermined value. An example in which the counter information is sent from the store terminal to the bank center only in the case of an integer multiple of is shown in the figure, (a) is a conceptual diagram of the system, and (b) is a diagram illustrating a fraud detection mechanism.

In FIG. 7A, the same components as those in FIG. 7 are designated by the same reference numerals, and in the present embodiment, the counter value of the IC card in the store terminal 12 is an integer of a predetermined value. A means 12j for determining whether or not it is a multiple, and a transmission buffer 1 for holding a counter value which is an integral multiple of a predetermined value.
2k is provided. In the present embodiment, the store terminal checks whether or not the sent counter value is an integer multiple of a predetermined value (for example, 5 or 10), and when the counter value is a predetermined integer multiple, Is the card ID
At the same time, the counter value is transmitted to the bank center 13.

In the same figure (b), the counter value of the IC card is 5
When the number is a multiple of 1, the counter value is transmitted to the bank center 13, and the counter value marked with “*” in the figure is transmitted to the bank center 13. As shown in the figure, if the duplicated card is created when the counter value of the valid card is 12, the following information is transmitted from each store to the bank center as the information of the shopping of the user A.

Store 1 IDa 15, 20 Store 3 IDa 10 Store 4 IDa 20 Store 5 IDa 15 As is clear from the figure, for the card with the user ID IDa, the same counter value appears for the counter values 15 and 20. To do. Therefore, the bank center 13 can detect the illegal use of the IC card by checking the duplication of the counter values.

The present embodiment has a drawback that the copy of the card is not found until the counter value reaches a predetermined value, but the transaction amount sent from the store terminal to the bank center can be reduced. FIG. 9 is a diagram showing a system configuration of a seventh embodiment of the present invention. In this embodiment, the bank center indicates the number of times the card ID has been used in a predetermined period and the final counter value in the period. 2 shows an example in which the unauthorized use is detected by sending the information to the customer. The figure (a) shows the conceptual diagram of the system, and the figure (b) shows the shop log information in the shop terminal.

In FIG. 7A, the same parts as those in FIG. 7 are designated by the same reference numerals, and in this embodiment, the log file 1 in which the use of the card is recorded in the store terminal 12
2 m is provided, and the card ID, the number of purchases, and the final counter value are recorded in the log file 12 m as shown in FIG. In this embodiment, in the store terminal 12,
Log file 12m from card ID of person who came to shop
It is checked whether or not there is log information corresponding to the card ID above. When the log information exists, the number of times of purchase of the card ID is incremented by 1 and the counter value of the IC card 11 is replaced with the current counter value.

If there is no log information corresponding to the card ID, an area for log information corresponding to the card ID is secured, and the card ID, the shopping count "1" and the counter value are written. At a predetermined time, the shop terminal 12 siphons the log information and transmits it to the bank center 13 and clears the log information.

The bank center 13 collects and checks the log information from the store terminals 12. Here, of the log information collected last time, C has the largest final counter value.
-MAX (n-1), and the one with the largest final counter value among the collected log information is C-MAX (n), if the IC card is not copied, The relationship is established.

C-MAX (n-1) -C-MAX (n) = sum of shopping times of the log information gathered this time On the other hand, when a copy of the IC card is made, it becomes as follows. C-MAX (n-1) -C-MAX (n) <sum of shopping times of the log information collected this time Therefore, the largest final counter value among the log information collected last time, the log information collected this time It is possible to detect the unauthorized use of the IC card by the one with the largest final counter value among the above and the number of purchases during that time.

FIG. 10 is a diagram showing a system configuration of an eighth embodiment of the present invention. This embodiment makes it difficult to copy an IC card by stopping the transaction when the transaction is not over a certain interval. FIG. That is, it generally takes several months to make a copy of an IC card. Therefore, for a predetermined period (for example,
If there is no transaction for a few months), it is possible to make it difficult to copy the IC card by allowing the transaction with the IC card to be stopped.

In the figure, 11 is an IC card, 12 is a store terminal, 12n is a clock, and 12p is a comparison unit for comparing the time of the clock 12n with the last use date (or issue date) sent from the IC card. In the store terminal 12 of the same figure, the last use date and time (or issue date and time) sent from the IC card 11 and the time of the clock 12n are compared by the comparison unit 12p, and the last use date and time (or issue date and time) of the IC card.
After a predetermined period of time has passed, the IC card transaction is stopped.

When it is desired to restart the transaction, for example, the center check is performed via the store terminal 12 and the input terminal of the bank, the last use date (or issue date) of the IC card 11 is updated, and the IC card is updated. Can be used.
FIG. 11 is a diagram showing the system configuration of the ninth embodiment of the present invention. In this embodiment, the IC card is used to encrypt the last use date (or issue date) of the IC card with the date and time encryption key, and then the store terminal 12 receives the encrypted data. It is designed to be sent.

In the figure, 11 is an IC card, 12 is a store terminal, 12n is a clock, 12p is a comparing section for comparing the time of the clock 12n with the last use date (or issue date) sent from the IC card, 12q, 12r. Is an encryption unit and a decryption unit. In FIG. 11, the last use date (or issue date) of the IC card is encrypted and the store terminal 1
Sent to 2. In the store terminal 12, the decryption unit 12r
Decrypt the last use date (or issue date) by
The comparison unit 12n compares the time with the time on the clock 12p.
Then, after a lapse of a predetermined period from the last use date (or issue date) of the IC card, the transaction of the IC card is stopped.

When it is desired to restart the transaction, for example, the center check is performed via the store terminal 12 and the input terminal of the bank, the last use date (or issue date) of the IC card 11 is updated, and the IC card is updated. Can be used.
To update the last use date (or issue date) of the IC card 11, the encryption unit 12q of the store terminal 12 encrypts the last use date (or issue date) and updates the IC card.

By associating the encryption key with other information such as a card ID, copying can be made more difficult.

[0063]

As described above, in the present invention, the store terminal side is used as a trust point, an important key of the system is placed in the store terminal, and the store terminal 2 checks the authenticity of the authenticator. Since the card balance is calculated and the IC card balance and the authenticator are rewritten, the security key is not distributed to an unspecified number of people. Security can be maintained as compared with the conventional one.

Further, by providing the IC card with a counter that is incremented for each purchase, it is possible to detect illegal use of the IC card. Therefore, even if a copy of the IC card is created, the usable period is limited to the time lag until the fraud is detected, and it becomes difficult to recover a huge capital investment for the copy, thus preventing the copy. You can

Furthermore, by storing the date and time of last use in the IC card and checking the date and time of last use of the IC card at the store terminal, if there is no transaction for the period required for duplication of the IC card, the transaction with that IC card is performed. Stopping can make it difficult to copy the IC card.

[Brief description of drawings]

FIG. 1 is a basic configuration diagram of the present invention.

FIG. 2 is a diagram showing a system configuration of a first exemplary embodiment of the present invention.

FIG. 3 is a diagram showing a system configuration of a second exemplary embodiment of the present invention.

FIG. 4 is a diagram showing a system configuration of a third exemplary embodiment of the present invention.

FIG. 5 is a diagram showing a system configuration of a fourth exemplary embodiment of the present invention.

FIG. 6 is a diagram for explaining fraud detection in the third and fourth embodiments of the present invention.

FIG. 7 is a diagram showing a system configuration of a fifth exemplary embodiment of the present invention.

FIG. 8 is a diagram showing a system configuration of a sixth exemplary embodiment of the present invention.

FIG. 9 is a diagram showing a system configuration of a seventh exemplary embodiment of the present invention.

FIG. 10 is a diagram showing a system configuration of an eighth exemplary embodiment of the present invention.

FIG. 11 is a diagram showing a system configuration of a ninth exemplary embodiment of the present invention.

FIG. 12 is a diagram showing a conventional prepaid card system.

[Explanation of symbols]

1, 11 IC card 1a, 11a Card ID 1b, 11b, 11b 'Balance storage register 1c, 11c, 11c' Authenticator storage register 1d Checking means 1e, 11g Counter 11d, 12d, 12p Comparison section 11d, 12e Addition section 2, 12 store terminal 2a, 12a key 2b encryption means 2c check means 2d addition means 12b, 12c, 12f, 12q encryption section 12g, 12g 'function generation section 12h, 12h' exclusive
OR 12n Clock 12r Decryption part 12m Store log information 3,13 Bank center

Claims (10)

[Claims] 1. The IC card (1), a store terminal (2) that adds up the shopping amount of the IC card (1) for each bank and sends it to the bank center, and data sent from the store terminal (2). Based on this, in a prepaid card system using an IC card consisting of a bank center (3) for deciding the purchase amount, a different card ID (1a) for each IC card (1) and a balance register (1b) showing the card balance. ) And an authenticator register (1c) that stores the authenticator of the balance register (1b), an IC card that is a prepaid medium, an important key (2a) of the system, and an IC card based on this key.
An encryption means (2b) for encrypting the card balance of (1), and a check means (2c) for checking the authenticity of the authenticator,
A physical protected store terminal (2) equipped with an adding means (2d) is provided, and when shopping with the IC card (1), the store terminal (2)
The checking means (2c) checks the validity of the authenticator of the IC card (1), the adding means (2d) calculates the card balance, and the encrypting means (2b) generates the authenticator from the calculated balance. Then, the prepaid card system using the IC card is characterized in that the balance and the authenticator of the IC card (1) are rewritten. 2. The IC card (1) is provided with a means (1f) for displaying the shopping amount and a checking means (1d) for checking the card balance so that the illegal shopping amount can be reduced. The prepaid card system using the IC card according to claim 1, which is prevented on the side (1). 3. The IC card (1) is provided with a counter (1e) that is incremented for each purchase, and the counter value of the counter (1e) is associated with the key (2a) for authenticator generation. A prepaid card system using the IC card according to claim 1 or 2. 4. A counter (1) provided on the IC card (1)
The counter value of e) together with the card ID (1a) are stored in the store terminal.
The prepaid card using the IC card according to claim 3, wherein it is possible to check the copy of the IC card (1) at the bank center (3) by transmitting from the (2) to the bank center (3). Card system. 5. The counter value is transmitted to the bank center (3) only when the counter value of the counter (1e) of the IC card (1) is an integral multiple of a predetermined value.
Prepaid card system using the IC card of. 6. The store terminal (2), at a predetermined time, a card ID (1a), the card ID within the period
4. I according to claim 3, characterized in that the number of times used in (1a) and the final value of the counter (1e) are sent to the bank center (3).
Prepaid card system using C card. 7. A prepaid card system using an IC card according to claim 4 or 5, wherein counter information is transmitted online to the bank center (3). 8. The prepaid card system using the IC card according to claim 4 or 5, wherein the counter information is transmitted to the bank center (3) offline. 9. A store terminal (2) for transmitting the sum of the IC card (1) and the purchase amount of the IC card (1) for each bank to the bank center (3), and the store terminal (2) In a prepaid card system that uses an IC card that consists of a bank center (3) that determines the purchase amount based on the transmitted data, the IC card (1) stores the date and time of the last use, and the card use interval is greatly expanded. A prepaid card system using an IC card, characterized in that the IC card (1) is checked at the bank center (3). 10. The prepaid card system using the IC card according to claim 9, wherein the last use date and time of the IC card (1) is encrypted and stored in the IC card (1).