JP2003162680A - Settlement system and method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a settlement system and a method for making settlement by a card using a portable terminal of portable telephone or the like. <P>SOLUTION: In the settlement system, data can be transmitted/received between the portable terminal and a real member store terminal through a network, and the system includes a member database, a first encryption means that encrypts card information using a predetermined first cipher key to create first encryption data, a download means that transmits software and the first encryption data for making settlement by a card to the portable terminal, and a credit decision means that receives, from the real member store, a telegraphic message edited from a plaintext that has been converted from the encrypted card information directly received from the portable terminal by decrypting the information using a first decoding key corresponding to the first cipher key, and, based on the received telegraphic message, makes a credit decision of whether or not making settlement by the card of a user is to be approved based on the member database. <P>COPYRIGHT: (C)2003,JPO

Description

Detailed Description of the Invention

[0001]

TECHNICAL FIELD The present invention relates to a mobile phone, PHS.
The present invention relates to a payment system and method for performing card payment via a mobile terminal or network such as.

[0002]

2. Description of the Related Art Conventionally, when a product or the like is purchased, a payment method using a credit card, a debit card or the like (hereinafter, a card, etc.) as a payment method (hereinafter, a card payment) ) Exists. This is because when you purchase a product etc., after showing the card etc. and judging whether you are the owner of a valid card etc. by signature, PIN etc.,
This is a method of payment.

Further, with the recent technological development of communication technology and the like,
There has been proposed a method of making a payment by using a card or the like by using a mobile terminal even in a device such as an automatic vending machine that cannot be settled by a card in the past.

An example of the above method is Japanese Patent Laid-Open No. 2001-134.
No. 684. The invention disclosed in this publication is such that a device for performing card payment is attached to a device such as a vending machine, data is transmitted and received between the device and a mobile phone via wireless communication, and payment by a card or the like is performed. Is realized.

[0005]

DISCLOSURE OF THE INVENTION Problems to be Solved by the Invention
When the invention disclosed in Japanese Patent No. 684 is used, there is a problem in terms of security of wireless communication between a mobile phone and a device for card payment. That is, for example, known wireless communication technologies such as Bluetooth and wireless L
When a radio wave such as AN is used, information is transmitted from the mobile phone to the entire circumference (concentric circles centering on the mobile phone), so that information is also transmitted in unnecessary directions. . Therefore, a person with malicious intent can intercept and misuse this information.

Further, there is a method using other than radio waves, for example, directional infrared communication (IrDA). In this case, the problem that information is transmitted in an unnecessary direction can be solved. If there is a malicious person on the extension of the direction, it is possible to intercept and misuse this information as well.

Further, forgetting or dropping a mobile phone can occur in daily life. However, when the invention disclosed in the above publication is simply used, a third party who acquires the mobile phone can It is also possible to make a payment by misusing.

[0008]

[Means for Solving the Problems] An important issue in card payment is security. In other words, when information is sent from a mobile terminal to a device that performs card payment, the information may be intercepted and misused by a third party, and it may be misused by a third party using the dropped mobile phone. There is a possibility that

In view of the above-mentioned problems, the present inventor has invented a settlement system and method for paying more effective card settlement by emphasizing this security aspect.

Further, when a mobile terminal / user terminal is used,
Conventionally, a card payment device (hereinafter referred to as a card reader)
It was necessary to change the information processing system for card payment between the card company and the card company, but by using the present invention,
The conventional card reader is simply connected to the wireless communication and data decoding unit, and there is no need to make any changes to the information processing system for card payment between the card reader and the card company. Therefore, it is possible to avoid the burden and cost burden of changing the information processing system for card payment.

[0011] According to a first aspect of the present invention, there is provided a settlement system for performing card settlement via a portable terminal of a user who makes a card payment, wherein the portable terminal and the user purchase a product etc. in a real shop. And a member database that stores information of the user and / or information about the user and card information, and data of the user, and the real member store terminal of A card that directly transmits / receives data between the mobile terminal and the real member store terminal by a first encryption unit that encrypts card information using a predetermined first encryption key to create primary encrypted data. In the real member store terminal, download means for transmitting the software for making payment and the primary encrypted data to the mobile terminal, and The encrypted card information received directly from the mobile terminal is decrypted using the first decryption key corresponding to the first encryption key and converted into plain text, and the electronic text edited from the plain text is transmitted from the real member store terminal. It is a payment system having a credit determination means for receiving, based on the member database, credit determination of whether or not to approve the card payment of the user based on the received electronic message.

According to a fifteenth aspect of the present invention, there is provided a settlement method for performing a card settlement via a mobile terminal of a user who makes a card payment, wherein the mobile terminal and the real shop where the user purchases a product or the like. It is possible to transmit and receive data to and from a real member store terminal owned by, and store information of the user and / or information about the user and card information in a member database,
The card information of the user is encrypted using a predetermined first encryption key to create primary encrypted data, and data is directly transmitted and received between the mobile terminal and the real member store terminal for card payment. The software for performing the operation and the primary encrypted data are transmitted to the mobile terminal, and the encrypted card information directly received from the mobile terminal at the real member store terminal corresponds to the first encryption key. One decryption key is used for decryption and conversion into plaintext, a message edited from the plaintext is received from the real member store terminal, and whether or not to approve the card payment of the user based on the received message It is a settlement method in which credit determination is performed based on the member database.

According to a second aspect of the present invention, the portable terminal further encrypts the primary encrypted data received from the payment system using a second encryption key to create secondary encrypted data, and the secondary encrypted data is generated. It is a payment system that directly transmits encrypted data to the real member store terminal.

According to a sixteenth aspect of the present invention, the portable terminal receives the primary encrypted data received from the payment system,
Further, it is a settlement method in which the encrypted data is further encrypted using a second encryption key to create secondary encrypted data, and the secondary encrypted data is directly transmitted to the real member store terminal.

According to a third aspect of the present invention, the real member store terminal directly receives the secondary encrypted data from the mobile terminal and uses the second decryption key corresponding to the second encryption key to perform the primary encryption. It is a payment system that decrypts the encrypted data and then decrypts it using the first decryption key.

According to a seventeenth aspect of the present invention, the real member store terminal directly receives the secondary encrypted data from the portable terminal and uses the second decryption key corresponding to the second encryption key to perform the primary encryption. This is a payment method in which the encrypted data is decrypted and then decrypted using the first decryption key.

According to the inventions of claims 1 to 3 and claims 15 to 17, a payment system for card payment using a portable terminal with improved security becomes possible. Further, since the conventional card payment system can be used as it is, the cost incurred when the system is introduced can be kept low. In this specification, editing means simply converting a plaintext into a telegram as it is, adding a predetermined item to the plaintext into a telegram, processing the plaintext into a telegram having the same content, and It means adding predetermined items to the message.

According to a fourth aspect of the present invention, in a payment system for performing card payment through a mobile terminal of a user who makes a card payment, a real member store owned by a real shop where the user purchases a product etc. has. Directly transmitting and receiving data between the terminal and the mobile terminal owned by the user by encrypting the card information of the user using a predetermined first encryption key to create primary encrypted data. Data can be transmitted / received via a network to / from a payment system that transmits software for performing, the mobile terminal receives the primary encrypted data from the payment system, and the mobile terminal receives the primary encrypted data. Is further encrypted using a second encryption key to create secondary encrypted data, and the secondary encrypted data is directly transferred to the real member store terminal. A mobile terminal having a radio communication unit A to be transmitted.

The invention of claim 18 is a settlement method for performing card settlement via a portable terminal of a user who makes a card payment, wherein a real member store owned by a real store where the user purchases a product etc. has. Directly transmitting and receiving data between the terminal and the mobile terminal owned by the user by encrypting the card information of the user using a predetermined first encryption key to create primary encrypted data. Data can be transmitted / received via a network to / from a payment system that transmits software for performing, the mobile terminal receives the primary encrypted data from the payment system, and the mobile terminal receives the primary encrypted data. Is further encrypted using the second encryption key to create secondary encrypted data,
It is a mobile terminal that directly transmits the secondary encrypted data to the real member store terminal.

According to the inventions of claims 4 and 18,
It becomes possible to further encrypt the primary encrypted data sent from the payment system and send it to the real member store terminal, which enables double decryption even if wireless communication is intercepted. Becomes difficult, which leads to improvement of security.

According to a fifth aspect of the present invention, in a payment system for making a card payment through a portable terminal of a user who makes a card payment, the card information of the user is determined by using a predetermined first encryption key. Between the mobile terminal and the payment system that transmits the software for directly transmitting and receiving data between the real member store terminal and the mobile terminal owned by the user by creating primary encrypted data Data can be transmitted and received via a network, and the real member store terminal has a wireless communication unit B that directly receives encrypted card information from the mobile terminal, and a first communication key corresponding to the first encryption key. First decryption means for decrypting the received card information by using a decryption key and converting it into plaintext, and plaintext transformed by the first decryption means into electronic text, It is a real merchant terminal and a card reader to be sent to the system.

According to a sixth aspect of the present invention, the primary encrypted data received by the portable terminal from the settlement system is further encrypted using a second encryption key to create secondary encrypted data, and the secondary encrypted data is generated. When the encrypted data is directly transmitted to the real member store terminal, the real member store terminal directly receives the secondary encrypted data from the mobile terminal, and the second decryption key corresponding to the second encryption key. Further includes a second decryption unit for decrypting the primary encrypted data by using, and after decrypting the primary encrypted data by the second decrypting unit, plaintext is performed using the first decryption key. It is a real member store terminal.

According to a nineteenth aspect of the present invention, there is provided a settlement method for performing a card settlement via a portable terminal of a user who makes a card payment, wherein the card information of the user is determined using a predetermined first encryption key. Between the mobile terminal and the payment system that transmits the software for directly transmitting and receiving data between the real member store terminal and the mobile terminal owned by the user by creating primary encrypted data You can send and receive data over the network,
The real member store terminal decrypts the received card information using a wireless communication unit B that directly receives encrypted card information from the mobile terminal and a first decryption key corresponding to the first encryption key. It is a real member store terminal for converting the plaintext into plaintext, converting the plaintext converted by the first decryption means into electronic text, and transmitting the electronic text.

According to a twentieth aspect of the present invention, the portable terminal receives the primary encrypted data from the settlement system, further encrypts the encrypted data using a second encryption key to create secondary encrypted data, and the secondary encrypted data is generated. When the encrypted data is directly transmitted to the real member store terminal, the real member store terminal directly receives the secondary encrypted data from the mobile terminal, and the second decryption key corresponding to the second encryption key. Is a real member store terminal that decrypts the primary encrypted data by using, and decrypts the primary encrypted data by using the first decryption key.

According to the inventions of claims 5 and 6 and claims 19 and 20, the encrypted card information received from the portable terminal is decrypted and transmitted to the settlement system by the conventional card reader. Therefore, the payment system of the present invention can be introduced at low cost without the need to make large changes to the card payment.

According to an eighth aspect of the present invention, in a payment system for performing card payment via a network, a user terminal that the user who pays the card has and a virtual member store where the user purchases a product or the like. It is possible to send and receive data to and from a terminal via a network, and a member database storing information of the user and / or information about the user and card information, and the card information of the user are predetermined. First encryption means for creating primary encrypted data by encrypting using the created first encryption key, and download means for transmitting the primary encrypted data created by the first encryption means to the user terminal A first correspondence of the encrypted card information received from the user terminal at the virtual member store terminal to the first encryption key No. key is used for decryption and conversion into plaintext, a message edited from the plaintext is received from the virtual member store terminal, and credit of whether or not to approve the card payment of the user based on the received message It is a payment system having a credit determination means for making a determination based on the member database.

According to a ninth aspect of the present invention, the user terminal receives the primary encrypted data received from the payment system,
Further, it is a settlement system that further encrypts using a second encryption key to create secondary encrypted data, and transmits the secondary encrypted data via the network.

According to a tenth aspect of the present invention, the virtual member store terminal receives the secondary encrypted data from the user terminal via the network and uses a second decryption key corresponding to the second encryption key. In the settlement system, the primary encrypted data is decrypted and further decrypted using the first decryption key.

[0029] The invention of claim 22 is a settlement method for performing card settlement via a network, wherein a user terminal that a user who pays the card has and a virtual member store terminal where the user purchases a product or the like. Data can be transmitted and received to and from the user via a network, and information of the user and / or information about the user and card information is stored in a member database, and the card information of the user is predetermined. Encrypted using the first encryption key to create primary encrypted data, the primary encrypted data created by the first encrypting means is transmitted to the user terminal, and the virtual member store terminal executes the The encrypted card information received from the user terminal is decrypted using the first decryption key corresponding to the first encryption key and converted into plaintext, A settlement method in which a message edited from a sentence is received from the virtual member store terminal, and credit determination as to whether or not to approve the card payment of the user based on the received message is performed based on the member database. .

In the invention of claim 23, the user terminal is
A payment method, wherein the primary encrypted data received from the payment system is further encrypted using a second encryption key to create secondary encrypted data, and the secondary encrypted data is transmitted via the network. .

According to a twenty-fourth aspect of the invention, the virtual member store terminal receives the secondary encrypted data from the user terminal via the network and uses a second decryption key corresponding to the second encryption key. Then, after the first encrypted data is decrypted, it is further decrypted using the first decryption key.

According to the inventions of claim 8 to claim 10 and claim 22 to claim 24, it becomes possible to provide a payment system for card payment through a network with improved security. Further, since the conventional card payment system can be used as it is, the cost incurred when the system is introduced can be kept low.

According to the invention of claim 11, in a payment system for performing card payment via a network, a virtual member store terminal where a user who pays the card purchases a product etc. and the card information of the user. Data can be sent and received via a network with a payment system that creates primary encrypted data by encrypting using a predetermined first encryption key and sends the created primary encrypted data to the user terminal. Wherein the user terminal receives the primary encrypted data from the payment system, and further encrypts the primary encrypted data with a second encryption key to create secondary encrypted data. It is a user terminal having a computerization means.

[0034] A twenty-fifth aspect of the present invention is a settlement method for performing a card settlement via a network, wherein a user who pays the card pays out a virtual member store terminal that purchases products and the like, and the card information of the user. Data can be sent and received via a network with a payment system that creates primary encrypted data by encrypting using a predetermined first encryption key and sends the created primary encrypted data to the user terminal. Wherein the user terminal is a user terminal that receives the primary encrypted data from the payment system and further encrypts the primary encrypted data using a second encryption key to create secondary encrypted data. is there.

According to the eleventh and twenty-fifth aspects of the present invention, the primary encrypted data transmitted from the settlement system can be further encrypted and transmitted to the virtual member store terminal, whereby the user on the network can use it. Even if the communication between the terminal and the virtual member store terminal is intercepted, the double encryption makes it difficult to decipher, which leads to improvement in security.

According to a twelfth aspect of the present invention, in a settlement system for making a card settlement via a network, the card information of a user making a card payment is encrypted by using a predetermined first encryption key, and a primary encryption is performed. Encrypted data is created, and the created primary encrypted data is transmitted to the user terminal, and the user terminal can transmit and receive the data via a network, and the virtual member store terminal is First, receiving encrypted card information from the user terminal via the network, decrypting the received card information using a first decryption key corresponding to the first encryption key, and converting the card information into plaintext. A birch having a decryption means and a card information processing means for converting the plain text converted by the first decryption means into a telegram and transmitting it to the settlement system. Le is a merchant terminal.

According to a thirteenth aspect of the present invention, the primary encrypted data received by the user terminal from the settlement system,
Further, when the secondary encrypted data is encrypted by using the second encryption key to generate the secondary encrypted data and the secondary encrypted data is transmitted to the virtual member store terminal, the virtual member store terminal uses the user terminal from the user terminal. Further comprising second decryption means for receiving the secondary encrypted data via the network and decrypting the primary encrypted data using a second decryption key corresponding to the second encryption key, It is a virtual member store terminal that decrypts the primary encrypted data by a decryption means and then uses the first decryption key to perform plain culture.

According to a twenty-sixth aspect of the present invention, in a settlement system for performing a card settlement via a network, the card information of a user making a card payment is encrypted by using a predetermined first encryption key, and a primary encryption is performed. Encrypted data is created, and the created primary encrypted data is transmitted to the user terminal, and the user terminal can transmit and receive the data via a network, and the virtual member store terminal is , Receiving encrypted card information from the user terminal via the network, decrypting the received card information using a first decryption key corresponding to the first encryption key, and converting it into plaintext, It is a virtual member store terminal that converts the converted plain text into a telegram and sends it.

According to a twenty-seventh aspect of the present invention, the user terminal further encrypts the received primary encrypted data using a second encryption key to create secondary encrypted data, and the secondary encrypted data is stored in the secondary encrypted data. When transmitting to the virtual member store terminal, the virtual member store terminal receives the secondary encrypted data from the user terminal via the network, and the second decryption key corresponding to the second encryption key. Is a virtual member store terminal that decrypts the primary encrypted data by using, and decrypts the primary encrypted data by using the first decryption key.

According to the inventions of claim 12 and claim 13 and claim 26 and claim 27, the encrypted card information received from the user terminal is decrypted, and the encrypted card information is converted into the settlement system by the conventional card information processing means. Since the data is transmitted, there is no need to make a significant change to the card payment, and the payment system of the present invention can be introduced at low cost.

According to a fourteenth aspect of the present invention, the first decryption key is a payment system in which the first decryption key is distributed or transmitted in advance from the payment system and / or a card company having the payment system.

The invention of claim 28 is a settlement method wherein the first decryption key is distributed or transmitted in advance from a card company.

[0043]

BEST MODE FOR CARRYING OUT THE INVENTION An example of an embodiment of the present invention will be described in detail with reference to the drawings. 1 and 2 show an example of the system configuration of the payment system 1 of the present invention. FIG. 1 shows a case where a user (a person who makes a payment using a card, etc.) goes to the actual store (hereinafter referred to as a real member store) to make a card payment, and FIG. 2 shows online shopping. At a store (hereinafter referred to as a virtual member store) existing on the network 15 such as
FIG. 6 is a diagram showing a system configuration in the case of making a card payment via 5;

First, a case where the user in FIG. 1 uses the settlement system 1 at a real member store will be described. In the payment system 1, the mobile terminal 7 of the user, the real member store terminal 10 of the real member store, and the payment system 1 can send and receive data via the network 15. The wireless communication means A9 of the mobile terminal 7 and the wireless communication means B11 of the real member store terminal 10 are means for performing wireless communication such as Bluetooth and IrDA, and can directly send and receive data.

The payment system 1 is a system owned by a card company or the like for card payment, and has an authentication means 2, a first encryption means 3, a download means 4, a credit judgment means 5 and a member database 6. There is.

The authentication means 2 is means for authenticating whether or not the user is a legitimate user when receiving an access request from the portable terminal 7. At the time of this authentication, authentication information (ID, password, etc.) for authenticating the user, telephone number,
Use your address.

The first encryption means 3 uses the first encryption key to encrypt the card information (user's card number and card expiration date) with respect to the portable terminal 7 of the user, using a predetermined encryption method. It is a means. This encryption method corresponds to a common key encryption method using DES or the like, or a public key encryption method using RSA or the like. That is, the card information used by the user for the card payment (for example, “35401234”).
56789 "" 01/05 "The first bracket is the card number,
The last parenthesis indicates the expiration date) is encrypted with a predetermined first encryption key, and the primary encrypted data (for example,
Create "*% $ # = &% $ &# @ +} {-+-/ ○ X").

The download means 4 is means for transmitting to the mobile terminal 7 software for directly transmitting and receiving data between the mobile terminal 7 and the real member store terminal 10 to perform card settlement. In addition, in order to improve security, a program for encrypting the primary encrypted data encrypted by the first encryption means 3 with the mobile terminal 7 by further using a one-time password (second encryption) The means 8) may be incorporated in the software.

The credit determination means 5 is the real member store terminal 10
Receives the card information transmitted from the network 15 through the network 15, refers to the member database 6 for the maximum amount of the user who is the target of the card payment, and makes a credit decision as to whether or not to approve the card payment of the user. It is a means. In other words, it is a means for performing processing equivalent to credit determination in conventional card settlement.

The member database 6 is a database that stores information on users who use the settlement system 1. An example of user information is a database that stores information for authenticating the user (ID or password), information about the user (name, address, telephone number, etc.), card information (card number, card expiration date), etc. is there.

The mobile terminal 7 is a mobile phone having a network 15 function, a PHS, a PDA, a notebook personal computer, etc., but is not limited to this, and may be an ordinary personal computer.

The mobile terminal 7 has a second encryption means 8 and a wireless communication means A9.

The second encrypting means 8 incorporates the primary encrypted data encrypted by the first encrypting means 3 incorporated in the software received from the download means 4 of the settlement system 1 into a one-time password or the like. It is a program for further encrypting by using the second encryption key and creating secondary encrypted data. Here, as the one-time password, the primary encrypted data is converted into the second encryption means 8
In the above, the method of encryption by using the time of encryption and the like as the second encryption key is taken as an example, but other methods may be used.

For example, the time when the primary encrypted data is encrypted is used as the second encryption key, and when the time is 14:33, the second encryption key becomes "1433", and the primary encrypted data is Is "*% $ # = &% $ &# @ +}
If it is {− + − / ◎ × ″, it is “xyzy $” 0q1! # @ * <N? &#!
p "and secondary encrypted data.

The wireless communication means A9 is the real member store terminal 1
Data transmission / reception means capable of directly transmitting / receiving data to / from the wireless communication means B11 included in
A known wireless communication means such as rDA is shown. In the case of the above example, the secondary encrypted data “xyzy $” 0q1! # @ * <
N? &#! p "is transmitted.

The real member store terminal 10 is a system for performing data processing with a card company for card payment held by the real store, and includes a wireless communication means B11, a second decryption means 12, and a first decryption means. Decoding means 13 and card reader 1
4 and.

The wireless communication means B11 is a data transmission / reception means capable of directly transmitting / receiving data to / from the wireless communication means A9 of the portable terminal 7, and is a known wireless communication means such as Bluetooth or IrDA. In the case of the above example, the secondary encrypted data “xyzy $” 0q1! # @ * <N? &#!
p "is received.

The second decryption means 12 is encrypted by the second encryption means 8 of the mobile terminal 7, and the wireless communication means B11.
Is a means for decrypting the secondary encrypted data received from the mobile terminal 7 using the second decryption key. The second decryption key means a decryption key for decrypting the second encryption key,
For example, when the second encryption key is time, the second decryption key is also time. When the time to be encrypted by the second encryption means 8 is the second encryption key, that time becomes the second decryption key. That is, the time at which the primary encryption data is encrypted by the second encryption means 8 and the secondary encryption data is created, and the time at the real member store terminal 10 is passed through the wireless communication means A9 and the wireless communication means B11. Next encrypted data is sent to mobile terminal 7
It is possible to perform normal encryption / decryption even when using the time, since it is almost the same as the time when it is received by the second decryption means 12 and decrypted by the second decryption means 12.

For example, in the case of the above example, the wireless communication means B
The secondary encrypted data “xyzy $” 0q1 received by 11
!! # @ * <N? &#! p ”as the second decryption key“ 1433 ”
Then, the primary encrypted data "*% $ # = &% $ &# @ +} {-
+-/ ○ × ".

The first decoding means 13 is the second decoding means 1.
2 is a means for decrypting the secondary encrypted data and the primary encrypted data, using the first decryption key. The first decryption key means a decryption key for decrypting the first encryption key, and decrypts the primary encryption data encrypted by the first encryption means 3 of the payment system 1. In other words, by decrypting the primary encrypted data, it becomes possible to flatten the card information used by the user for card payment. Further, the first encryption key is distributed or transmitted as data in advance from the payment system 1 (or card company) using an electronic recording medium such as a CD-ROM, and in some cases, may be written in a chip or the like in advance. .

In the case of the above example, the primary encrypted data "*% $ # = &% $" decrypted by the second decryption means 12 is used.
&# @ +} {-+-/ ○ × ”is decrypted with the predetermined first decryption key, whereby the card information is plainly written as“ 3540123456789 ”.

The card reader 14 is a processing system having a function equivalent to that of the card reader 14 for reading a magnetic credit card or the like when performing conventional card payment, and a payment system owned by the card company via the network 15. It is a means for performing card settlement by transmitting and receiving the card information plaintext by the first decryption means 13 to and from 1.

Next, a case where the user in FIG. 2 uses the settlement system 1 at a virtual member store will be described. The description of the same parts as those of the system configuration of FIG. 1 is omitted for simplification. In the payment system 1, the user terminal 18 of the user, the virtual member store terminal 17 of the virtual member store, and the payment system 1 can send and receive data via the network 15.

The authentication means 2 of the settlement system 1 is a means for authenticating whether or not the user is a valid user when receiving an access request from the user terminal 18.

The first encryption means 3 uses the first encryption key to encrypt the card information (user's card number and card expiration date) with respect to the user terminal 18 of the user by the predetermined encryption method. It is a means. The encryption method and the like are the same as in FIG.

The download means 4 is means for transmitting to the user terminal 18 software for directly transmitting and receiving data between the user terminal 18 and the virtual member store terminal 17 to perform card settlement.

The credit determination means 5 receives the card information transmitted from the virtual member store terminal 17 via the network 15 and refers to the member database 6 for the maximum amount of the user who is the target of the card payment, and the like. It is a means for making a credit decision as to whether or not to approve the card payment.

The member database 6 is a database that stores information on users who use the settlement system 1.

The user terminal 18 is a mobile phone, PHS, PDA or personal computer having the function of the network 15.

The user terminal 18 has a second encryption means 8.

The second encryption means 8 incorporates the primary encrypted data encrypted by the first encryption means 3 incorporated in the software received from the download means 4 of the settlement system 1 into a one-time password, SSL. This is a program for further encrypting by using a second encryption key such as the encryption key used in step 2 and creating secondary encrypted data. The second encryption key and the like are the same as in FIG.

The virtual member store terminal 17 is a system for performing data processing of card settlement in a virtual store with a card company, and includes a second decryption means 12, a first decryption means 13 and card information. And processing means 16. The virtual member store terminal 17 may be owned by the virtual store, or may be owned by another person other than the virtual store.

The second decryption means 12 is encrypted by the second encryption means 8 of the user terminal 18, and the network 1
It is a means for decrypting the secondary encrypted data received from the user terminal 18 via 5 using the second decryption key. The second decryption key and the like are the same as in FIG.

The first decoding means 13 is the second decoding means 1.
2 is a means for decrypting the secondary encrypted data and the primary encrypted data, using the first decryption key. The first decryption key and the like are the same as in FIG.

The card information processing means 16 is a processing system having a function equivalent to that of the conventional card settlement, and the first decryption means 13 is connected to the settlement system 1 of the card company via the network 15. It is a means to send and receive card information that has been written in plain text, and to make card payments.

[0076]

DESCRIPTION OF THE PREFERRED EMBODIMENTS Next, an example of the process flow of the present invention will be described in detail with reference to the flow charts of FIGS. 3 and 4 and the system configuration diagrams of FIGS. 3 and 4, data is directly transmitted and received between the mobile terminal 7 or the user terminal 18 and the real member store terminal 10 or the virtual member store terminal 17 to perform the card settlement (the second encryption unit 8 is used). Software for the mobile terminal 7 or the user terminal 1
FIG. 8 is a flowchart of a case of transmitting (downloading) to 8;

First, an example of the process flow for transmitting the software to the mobile terminal 7 or the user terminal 18 shown in FIG. 3 will be shown. This process is a case where the card information of the user is used as the primary encrypted data in the first encryption means 3 in advance, and the software implementing the primary encrypted data is transmitted to the mobile terminal 7 or the user terminal 18.

The user accesses the settlement system 1 from the mobile terminal 7 or the user terminal 18 of the user via the network 15 (S100). After the connection is established between the mobile terminal 7 or the user terminal 18 and the payment system 1 in S100, the user authenticates the ID, password or the like from the mobile terminal 7 or the user terminal 18 to the authentication means 2 of the payment system 1. Information is transmitted (S110).

Upon receiving the authentication information transmitted in S110, the authentication means 2 authenticates the authentication information based on the authentication information stored in the member database 6, and determines whether the user is a legitimate user. Authentication is performed (S120).

As a result of the authentication in S120, if the authentication is not successful, the authenticating means 2 operates the mobile terminal 7 or the user terminal 18.
An error message is transmitted to (S130). S
If the authentication is successful at 120, the first encryption means 3 encrypts the card information stored in the member database 6 of the authenticated user with the predetermined first encryption key. , Create primary encrypted data (S14
0).

For example, the card information is "354012345.
6789 "and" 01/05 ", the data is encrypted with a predetermined first encryption key, and the primary encrypted data (for example," *% $ # = &% $ &# @ +} {-+-/ ○ × ”)
To create.

The primary encrypted data created in S140 is implemented in the software, and the download means 4 sends the software to the portable terminal 7 or the user terminal 18 for downloading (S15).
0).

The software transmitted to the mobile terminal 7 or the user terminal 18 via the network 15 in S150 is stored in the mobile terminal 7 or the user terminal 18, and the process of FIG. 3 is terminated.

Next, an example of a process flow when transmitting the software shown in FIG. 4 to the mobile terminal 7 or the user terminal 18 is shown. In this process, data is directly transmitted and received between the mobile terminal 7 or the user terminal 18 and the real member store terminal 10 or the virtual member store terminal 17 to perform card payment (excluding the card information of the user (second First, only the software) (including the encryption means 8) is transmitted, and then the card information of the user is encrypted by the first encryption means 3 in response to a request from the user to obtain the primary encrypted data. This is a method of creating and downloading the primary encrypted data separately to the mobile terminal 7 or the user terminal 18, and incorporating the primary encrypted data into the software in the mobile terminal 7 or the user terminal 18. Therefore, the software and the primary encrypted data do not have to be downloaded at the same time.

The user accesses the settlement system 1 through the network 15 from the mobile terminal 7 or the user terminal 18 of the user (S200). After the connection between the mobile terminal 7 or the user terminal 18 and the payment system 1 is established in S200, the user removes the card information of the user from the mobile terminal 7 or the user terminal 18 to the download means 4 (the mobile terminal). 7 or user terminal 18 and real member store terminal 10 or virtual member store terminal 17 to directly transmit / receive data and perform card payment (a portion (including second encryption means 8)) Software download only A request is transmitted (S210).

After receiving the download request in S210, the download means 4 sends the software of only the part excluding the user's card information to the mobile terminal 7 or the user terminal 18 to perform the download (S22).
0).

The software of only the part excluding the card information transmitted in S220 is received and stored in the mobile terminal 7 or the user terminal 18, and thereafter (may be at the same time or later) the mobile terminal. 7 or before the card payment using the user terminal 18 is performed, the mobile terminal 7 or the user terminal 18 accesses the payment system 1 again, and the mobile terminal 7 or the user terminal 18 transmits the authentication information to the authentication means 2 (S230). ), And causes the authentication means 2 to authenticate whether or not the user is an authorized user. The authentication method may be the same as in the case of FIG.

Upon receiving the authentication information transmitted in S230, the authenticating means 2 authenticates and authenticates whether the user is an authorized user or not (S240).

As a result of the authentication in S240, if the authentication is not successful, the authenticating means 2 operates the portable terminal 7 or the user terminal 18.
An error message is transmitted to (S250). S
If the authentication is successful at 240, the first encryption means 3
However, the card information of the authenticated user is encrypted using a predetermined first encryption key to create primary encrypted data (S260).

After creating the primary encrypted data, the download means 4 transmits the primary encrypted data to the portable terminal 7 or the user terminal 18 via the network 15 (S27).
0). The primary encrypted data transmitted via the network 15 in S270 is transferred to the mobile terminal 7 or the user terminal 1.
After the reception at 8, the primary encrypted data received by the mobile terminal 7 or the user terminal 18 is incorporated into the software stored at S220, and the mobile terminal 7 or the user terminal 1 is received.
The process of FIG. 4 ends by storing at 8.

Next, an example of the process flow when the software is downloaded through the process of FIG. 3 or FIG. 4 and the card settlement is performed using the software will be shown. First, the case of a real member store will be described with reference to FIGS. 5 and 6.

Real member store terminal 1 in a real member store
In 0, the first decryption key in the first decryption means 13 of the real member store terminal 10 is previously distributed and incorporated from the payment system 1 or the card company. Here, the first decryption key corresponds to the first encryption key for encrypting the card information into the primary encrypted data in the first encryption means 3 of the payment system 1, and the primary encrypted data is the plaintext card information. Shows the decryption key to be decrypted. Further, the distribution of the first decryption key to the real member store terminal 10 is stored in the chip of the real member store terminal 10 in advance, from the settlement system 1 to the first ward luxury means of the real member store terminal 10 via the network 15. For example, it is transmitted and distributed by a recording medium such as a CD-ROM.

When the user makes a payment at the real member store terminal 10, the card payment software (the software downloaded in FIG. 3 or FIG. 4 is selected from the software list of the portable terminal 7 storing the software. ) Is activated (S300).

After the software is activated, authentication information such as a password is entered in order to determine whether or not the user can legally use the software (S310). An example of an authentication screen for performing authentication is shown in FIG. At this time, selection of the type (selection of card companies) may be performed so that card payments of a plurality of card companies can be made.

It is determined whether the authentication information input in S310 is valid (S320), and if the input is invalid, the input is prompted again. On the other hand, if the input is valid, it is regarded as the valid user of the card, and the purchase intention confirmation screen is activated. FIG. 10 shows an example of the purchase intention confirmation screen.

After confirming the purchase intention of the user (such as pressing the "send" button on the purchase intention confirmation screen), the primary encrypted data embedded in the software downloaded in S150 or transmitted from the settlement system 1 in S270. The primary encrypted data received by the portable terminal 7 is further encrypted by the second encryption means 8 of the portable terminal 7 using the second encryption key to create secondary encrypted data (S33).
0).

For example, the primary encrypted data is "*% $ # = &
% $ &# @ +} {-+-/ ◎ × ", and the time at which the primary encrypted data is encrypted by the second encryption means 8 is 14:33 (one-time The second encryption key is "1433" in the case where the time to be encrypted is used as the password (second encryption key), and as a result, the primary encryption data is further converted to "x" in the second encryption means 8.
It will be encrypted as yzy $ "0q1! # @ * <N? &#!p".

After the secondary encrypted data is created in S330, the secondary encrypted data is directly transmitted to the real member store terminal 10 via the wireless communication means A9 of the mobile terminal 7 (S340).

After the secondary encrypted data transmitted from the wireless communication means A9 in S340 is received by the wireless communication means B11 of the real member store terminal 10, the second decryption means 1 is received.
2 decrypts the secondary encrypted data using the second decryption key (S350).

In the above example, the secondary encrypted data received by the wireless communication means B11 is "xyzy $" 0q1!
# @ * <N? &#! p ”, and the time at which the secondary encrypted data is decrypted by the second decryption means 12 is 14
Since the time is 33 minutes, the second decryption key is "1433", and as a result, the secondary encrypted data in the second decryption means 12 is "*% $ # = &% $ &# @ +} {-. +-/ ◎ × ”
And is decrypted into primary encrypted data.

After the second decryption means 12 decrypts the primary encrypted data, the first decryption means 13 decrypts the primary encrypted data into plain text using the first decryption key (S).
360).

In the above example, the primary encrypted data is "*%
$ # = &% $ &# @ +} {− + − / ◎ × ”,
Decryption is performed using the first decryption key distributed in advance by the payment system 1 or the card company, and “35401234567”
89 "and" 01/05 "will be written in plain text.

After being decrypted by the first decryption means 13, the card reader 14 of the real member store terminal 10 examines the plain-text card information as proper card data (S370). If any abnormality is found as a result of the close inspection, an error message is transmitted to the mobile terminal 7 via the wireless communication means B11 (S38).
0). The wireless communication means A9 of the mobile terminal 7 displays and notifies the error message received from the wireless communication means B11.

If there is no abnormality as a result of the close inspection in S370, the card reader 14 edits the electronic message based on the plain-text card data, and sends the electronic message to the settlement system 1 (S390). Here, a telegram is the same as a card transaction using a conventional magnetic credit card, when the card information is converted into a predetermined format and the card company pays with the incidental information for the card payment such as purchased products. Of the well-known format, which is similar to the data transmitted from the card reader 14 to the card company in the conventional card settlement.

From the real member store terminal 10 to the network 1
The credit determination means 5 of the payment system 1 that has received the electronic message transmitted via 5 refers to the member database 6 and makes a credit determination as to whether or not the user can perform card payment. (S400). If the payment is not accepted due to the limit amount being exceeded (S400), the credit determination means 5 sends a credit refusal report to the card reader of the real member store terminal 10. Send to 14.

Card reader 1 that received the credit refusal report
4 transmits a credit refusal report to the mobile terminal 7 via the wireless communication means B11 (S410). When the wireless communication means A9 of the mobile terminal 7 receives the credit refusal report transmitted in S410, the credit refusal screen indicating that the credit of the software is rejected is displayed on the mobile terminal 7 (S42).
0). An example of the credit refusal screen is shown in FIG.

If the result of the determination in S400 is that the user is allowed to make a payment, the credit determination means 5 sends a credit permission report to the card reader 14 of the real member store terminal 10. The card reader 14 receiving the credit approval report
The credit approval report is transmitted to the mobile terminal 7 via the wireless communication means B11 (S430). When the wireless communication means A9 of the mobile terminal 7 receives the credit permission report transmitted in S430, the software allows the credit to be permitted on the mobile terminal 7, and a completion screen indicating that the settlement has been completed is displayed ( S
440). FIG. 12 shows an example of the completion screen.

As described above, by executing the series of processes from S300 to S440, and in addition to the conventional card reader 14 in the real member store terminal 10, only the wireless communication means B11, the first decryption means 13, and the first decryption means 13, By only providing the second decryption means 12, the security is improved as compared with the conventional one, and the processing can be performed from the card reader 14 without any change in the card settlement mechanism in the card company.

Next, the network 1 in FIG. 7 and FIG.
An example of the flow of the process in the case of making a payment at the virtual store above 5 will be described in detail with reference to the system configuration diagram of FIG.

In the virtual member store terminal 17, the virtual member store terminal 1 from the settlement system 1 or the card company is previously stored.
The first decryption key in the first decryption means 13 of No. 7 is distributed and incorporated. Here, the first decryption key corresponds to the first encryption key for encrypting the card information into the primary encrypted data in the first encryption means 3 of the payment system 1, and the primary encrypted data is the plaintext card information. Shows the decryption key to be decrypted. Further, the distribution of the first decryption key to the virtual member store terminal 17 is stored in the chip of the virtual member store terminal 17 in advance, from the settlement system 1 to the first ward luxury means of the virtual member store terminal 17 via the network 15. For example, it is transmitted and distributed by a recording medium such as a CD-ROM.

When the user makes a payment at the virtual member store terminal 17, the software for the card payment (the software downloaded in FIG. 3 or FIG. 4 is selected from the software list of the user terminal 18 storing the software. ) Is activated (S500).

After the software is activated, authentication information such as a password is input to determine whether or not the user can use the software legally (S510). At this time, selection of the type (selection of card companies) may be performed so that card payments of a plurality of card companies can be made.

It is judged whether or not the authentication information input in S510 is valid (S520), and if it is invalid, the input is prompted again. On the other hand, if the input is valid, it is regarded as the valid user of the card, and the purchase intention confirmation screen is activated.

After confirming the purchase intention of the user (such as pressing the "send" button on the purchase intention confirmation screen), the primary encrypted data embedded in the software downloaded in S150 or transmitted from the settlement system 1 in S270. The primary encrypted data received by the user terminal 18 is further encrypted by the second encryption means 8 of the user terminal 18 using the second encryption key to create secondary encrypted data (S530).

For example, if the primary encrypted data is "*% $ # = &
% $ &# @ +} {-+-/ ◎ × ", and the time at which the primary encrypted data is encrypted by the second encryption means 8 is 14:33 (one-time The second encryption key is "1433" in the case where the time to be encrypted is used as the password (second encryption key), and as a result, the primary encryption data is further converted to "x" in the second encryption means 8.
It will be encrypted as yzy $ "0q1! # @ * <N? &#!p".

After the secondary encrypted data is created in S530, the secondary encrypted data is transmitted to the virtual member store terminal 17 via the network 15 (S540).

After the secondary encrypted data transmitted in S540 is received by the virtual member store terminal 17, the second decryption means 12 decrypts the secondary encrypted data using the second decryption key. Yes (S550).

In the above example, the received secondary encrypted data is "xyzy $" 0q1! # @ * <N? &#! p ”and the time for decrypting the secondary encrypted data in the second decryption means 12 is 14:33, the second decryption key becomes“ 1433 ”, and as a result, the second decryption key is obtained. In the encryption means 12, the secondary encrypted data is “*% $ # = &% $ &
# @ +} {-+-/ ⊚x "is decrypted into the primary encrypted data.

After being decrypted into the primary encrypted data by the second decryption means 12, the primary encrypted data is decrypted into plaintext by the first decryption means 13 using the first decryption key (S).
560).

In the above example, the primary encrypted data is "*%
$ # = &% $ &# @ +} {− + − / ◎ × ”,
Decryption is performed using the first decryption key distributed in advance by the payment system 1 or the card company, and “35401234567”
89 "and" 01/05 "will be written in plain text.

After being decrypted by the first decryption means 13, the plaintext card information is scrutinized by the card information processing means 16 of the virtual member store terminal 17 as to whether it has been decrypted as regular card data ( (S570), if some abnormality has occurred as a result of the close inspection, the card information processing means 16 transmits an error message to the user terminal 18 (S580). The user terminal 18 is the network 15
Display and notify the error message received via.

If there is no abnormality as a result of the close inspection in S570, the card reader 14 edits the electronic message based on the plain-text card data, and transmits the electronic message to the settlement system 1 (S590). Here, the telegram means the conventional network 15
Similarly to card payment via, the card information is converted into a predetermined format, and data corresponding to a known format when making payment at a card company together with incidental information for card payment such as purchased products, The same data as the data transmitted to the card company at the time of conventional card payment is shown.

The credit determination means 5 of the settlement system 1 that has received the electronic message transmitted from the virtual member store terminal 17 via the network 15 may refer to the member database 6 and make a card settlement for the user. Whether or not the credit is determined based on the information such as the limit amount stored in the member database 6 (S600), and if the settlement is not permitted due to the limit amount being exceeded, a credit refusal report is issued. 5 transmits to the card information processing means 16 of the virtual member store terminal 17.

The card information processing means 16 having received the credit refusal report transmits the credit refusal report to the user terminal 18 via the network 15 (S610). When the user terminal 18 receives the credit refusal report transmitted in S610, the credit refusal screen indicating that the credit of the software is rejected is displayed on the user terminal 18 (S62).
0).

[0125] As a result of the determination in S600, when the user is allowed to make a payment, the credit determination means 5 sends the credit permission report to the card information processing means 1 of the virtual member store terminal 17.
Send to 6. The card information processing means 16 that has received the credit permission report receives the user terminal 18 via the network 15.
A credit approval report is transmitted to the client (S630). When the credit approval report transmitted in S630 is received by the user terminal 18, the credit approval of the software is accepted on the user terminal 18 and a completion screen indicating that the settlement is completed is displayed (S640).

As described above, by executing the series of processes from S500 to S640, and in addition to the conventional card information processing means 16 in the virtual member store terminal 17, the first decryption means 13 and the second decryption means are simply used. By only providing the means 12, the security can be improved as compared with the conventional case, and the processing can be performed from the card information processing means 16 without any change in the card settlement mechanism in the card company.

Each means and database in the present invention are as follows:
The functions are only logically distinct and may physically or virtually form the same area. Needless to say, a data file may be used instead of the database, and the description of the database also includes a data file.

In carrying out the present invention, a storage medium recording a software program for realizing the functions of the present embodiment is supplied to the system, and the computer of the system reads and executes the program stored in the storage medium. It will be realized by

In this case, the program itself read from the storage medium realizes the functions of the above-described embodiments, and the storage medium storing the program naturally constitutes the present invention.

As the storage medium for supplying the program, for example, a floppy (registered trademark) disk, a hard disk, an optical disk, a magneto-optical disk, a magnetic tape, a non-volatile memory card or the like can be used.

Further, not only the functions of the above-described embodiment are realized by executing the program read by the computer, but also based on the instruction of the program,
It goes without saying that this also includes the case where an operating system or the like running on a computer performs a part or all of the actual processing and the processing realizes the functions of the above-described embodiments.

Furthermore, after the program read from the storage medium is written in the nonvolatile or volatile storage means provided in the function expansion board inserted into the computer or the function expansion unit connected to the computer, the program is stored. Based on the instruction of the above, it is obvious that the case where the arithmetic processing unit or the like provided in the function expansion board or the function expansion unit performs a part or all of the actual processing and the processing realizes the function of the above-described embodiment is included. Is.

[0133]

According to the present invention, a settlement system and method for more effective card settlement can be realized by improving the security aspect.

Furthermore, when a mobile terminal / user terminal is used,
Conventionally, it was necessary to change the information processing system for card payment between the card reader and the card company, but by using the present invention, it is only necessary to connect the unit for wireless communication and data decoding to the conventional card reader. Therefore, there is no need to make any changes to the information processing system for card payment between the card reader and the card company. Therefore, it is possible to avoid the burden and cost burden of changing the information processing system for card payment.

[Brief description of drawings]

FIG. 1 is a system configuration diagram showing an example of a system configuration of the present invention.

FIG. 2 is a system configuration diagram showing an example of another system configuration of the present invention.

FIG. 3 is a flowchart showing an example of a process flow of the present invention.

FIG. 4 is a flowchart showing an example of a process flow of the present invention.

FIG. 5 is a flowchart showing an example of a process flow of the present invention.

FIG. 6 is a flowchart showing an example of a process flow of the present invention.

FIG. 7 is a flowchart showing an example of a process flow of the present invention.

FIG. 8 is a flowchart showing an example of a process flow of the present invention.

FIG. 9 is a diagram showing an example of an authentication screen.

FIG. 10 is a diagram showing an example of a purchase intention confirmation screen.

FIG. 11 is a diagram showing an example of a credit refusal screen.

FIG. 12 is a diagram showing an example of a completion screen.

[Explanation of symbols] 1: Payment system 2: Authentication method 3: First encryption means 4: Download method 5: Credit judgment means 6: Member database 7: Mobile terminal 8: Second encryption means 9: Wireless communication means A 10: Real member store terminal 11: Wireless communication means B 12: Second decryption means 13: First decryption means 14: Card reader 15: Network 16: Card information processing means 17: Virtual member store terminal 18: User terminal

─────────────────────────────────────────────────── ─── Continued Front Page (51) Int.Cl. ⁷ Identification Code FI Theme Coat (Reference) G09C 1/00 660 G09C 1/00 660A 660C

Claims (28)

[Claims] 1. A payment system for performing card payment through a mobile terminal of a user who makes a card payment,
Data can be transmitted and received between the mobile terminal and a real member store terminal of a real store where the user purchases products and the like through a network, and information of the user and / or information about the user And a member database storing card information, a first encrypting means for encrypting the card information of the user using a predetermined first encryption key, and creating primary encrypted data, the mobile terminal, Software for directly transmitting and receiving data to and from the real member store terminal to perform card payment, and download means for transmitting the primary encrypted data to the mobile terminal; and the mobile terminal in the real member store terminal. The encrypted card information received directly from the terminal is decrypted using the first decryption key corresponding to the first encryption key and converted into plaintext. A credit determination means for receiving a telegram edited from the plain text from the real member store terminal, and based on the received telegram, credit determination of whether or not to approve the card payment of the user based on the member database. A payment system comprising: 2. The portable terminal further encrypts the primary encrypted data received from the payment system using a second encryption key to create secondary encrypted data, and the secondary encrypted data is stored in the portable terminal. The payment system according to claim 1, wherein the payment is directly transmitted to a real member store terminal. 3. The real member store terminal directly receives the secondary encrypted data from the mobile terminal and decrypts the primary encrypted data using a second decryption key corresponding to the second encryption key. The decryption system according to claim 1 or 2, further comprising a first decryption key for decryption. 4. A payment system for making a card payment via a mobile terminal of a user who makes a card payment,
A real member store terminal of a real store where the user purchases a product and the like, and a primary encryption data is created by encrypting the card information of the user using a predetermined first encryption key. Data can be transmitted and received via a network between a terminal and a settlement system that transmits software for directly transmitting and receiving data between the mobile terminal of the user, and the mobile terminal is the primary A second encryption means for receiving encrypted data from the payment system, further encrypting the primary encrypted data with a second encryption key to create secondary encrypted data, and the secondary encrypted data. A mobile terminal comprising: a wireless communication unit A for directly transmitting to the real member store terminal. 5. A payment system for performing card payment through a mobile terminal of a user who pays by card,
In order to directly transmit and receive data between the real member store terminal and the mobile terminal owned by the user by encrypting the user's card information using a predetermined first encryption key to create primary encrypted data. Data can be transmitted and received between the mobile terminal and the payment system that transmits the software of the above, and the real member store terminal directly receives the encrypted card information from the mobile terminal. A wireless communication means B, a first decryption means for decrypting the received card information by using a first decryption key corresponding to the first encryption key and converting it into plaintext, and the first decryption means. A real member store terminal, comprising: a card reader that converts the converted plain text into a telegram and sends the message to the settlement system. 6. The portable terminal further encrypts the primary encrypted data received from the payment system using a second encryption key to create secondary encrypted data, and the secondary encrypted data is converted into the real encrypted data. When transmitting directly to the member store terminal, the real member store terminal directly receives the secondary encrypted data from the mobile terminal and uses the second decryption key corresponding to the second encryption key to perform the primary decryption key. A second decryption unit for decrypting the encrypted data, wherein the second decryption unit decrypts the primary encrypted data and then decrypts the primary encrypted data using the first decryption key. The real member store terminal according to claim 5. 7. The data transmission / reception between the real member store terminal and the mobile terminal is carried out via wireless communication including either Bluetooth or infrared communication. The payment system described in any one of. 8. In a payment system for performing card payment via a network, between a user terminal of a user who pays the card and a virtual member store terminal where the user purchases a product or the like. A member database that is capable of transmitting and receiving data via a network and stores the user information and / or information related to the user and card information, and a first encryption code that defines the card information of the user in advance. First encryption means for encrypting using a key to create primary encrypted data, download means for transmitting the primary encrypted data created by the first encryption means to the user terminal, and the virtual member store The terminal decrypts the encrypted card information received from the user terminal using the first decryption key corresponding to the first encryption key. Convert it to plain text, receive a telegram edited from the plain text from the virtual member store terminal, and based on the received telegram, determine whether or not to approve the card payment of the user, the credit database, And a credit determining means for performing payment based on the payment system. 9. The user terminal further encrypts the primary encrypted data received from the payment system using a second encryption key to create secondary encrypted data, and the secondary encrypted data is stored in the user terminal. The payment system according to claim 8, wherein the payment is performed via a network. 10. The virtual member store terminal receives the secondary encrypted data from the user terminal via the network and encrypts the primary encrypted data using a second decryption key corresponding to the second encryption key. The payment system according to claim 8 or 9, wherein after the data is decrypted, the data is further decrypted using the first decryption key. 11. In a payment system for performing card payment via a network, a virtual member store terminal through which a user who pays a card purchases a product etc. and a card information of the user which is predetermined. Data can be transmitted and received via a network with a payment system that encrypts using a single encryption key to create primary encrypted data and transmits the created primary encrypted data to the user terminal, The user terminal receives the primary encrypted data from the payment system, the primary encrypted data,
A user terminal further comprising a second encryption means for creating secondary encrypted data by encrypting using a second encryption key. 12. A payment system for carrying out a card payment via a network, wherein card information of a user making a card payment is encrypted using a predetermined first encryption key to create primary encrypted data. A payment system for transmitting the created primary encrypted data to the user terminal,
Data can be transmitted and received to and from the user terminal via a network, and the virtual member store terminal is
A first decryption that receives encrypted card information from the user terminal via the network, decrypts the received card information using a first decryption key corresponding to the first encryption key, and converts the card information into plaintext. A virtual member store terminal, comprising: an encryption means; and a card information processing means for converting the plain text converted by the first decryption means into a telegram and transmitting it to the settlement system. 13. The user terminal further encrypts the primary encrypted data received from the payment system using a second encryption key to create secondary encrypted data, and the secondary encrypted data is converted into the virtual encrypted data. When transmitting to the member store terminal, the virtual member store terminal receives the secondary encrypted data from the user terminal via the network and uses the second decryption key corresponding to the second encryption key. Further comprising a second decryption means for decrypting the primary encrypted data, wherein after decrypting the primary encrypted data by the second decrypting means, plain culture is performed using the first decryption key. The virtual member store terminal according to claim 12, which is characterized in that. 14. The first decryption key is distributed or transmitted from the payment system and / or a card company having the payment system in advance, according to any one of claims 1 to 13. Payment system. 15. A payment method for performing card payment through a mobile terminal of a user who pays a card, wherein the mobile terminal and a real member store of a real shop where the user purchases products etc. have. Data can be transmitted / received to / from a terminal via a network, information of the user and / or information about the user and card information are stored in a member database, and the card information of the user is predetermined. Software for encrypting using the first encryption key created to create primary encrypted data, and directly transmitting and receiving data between the mobile terminal and the real member store terminal to perform card settlement and the primary encryption Encrypted data is transmitted to the mobile terminal, and the encrypted card information directly received from the mobile terminal at the real member store terminal is transferred to the first mobile terminal. Decrypted using the first decryption key corresponding to the No. key to convert into plaintext, receive a message edited from the plaintext from the real member store terminal, and perform the card payment of the user based on the received message. A payment method, wherein the credit decision as to whether or not to approve is performed based on the member database. 16. The portable terminal further encrypts the primary encrypted data received from the payment system using a second encryption key to create secondary encrypted data, and the secondary encrypted data is stored in the portable terminal. The payment method according to claim 15, wherein the payment is sent directly to the real member store terminal. 17. The real member store terminal directly receives the secondary encrypted data from the mobile terminal and decrypts the secondary encrypted data into the primary encrypted data using a second decryption key corresponding to the second encryption key. The payment method according to claim 15 or 16, further comprising decrypting using a first decryption key. 18. A settlement method for performing a card settlement via a mobile terminal of a user who makes a card payment, wherein a real member store terminal in a real store where the user purchases a product and the like, and the user Software for directly encrypting the card information of the real member store terminal and the mobile terminal of the user by creating primary encrypted data by encrypting the card information using a predetermined first encryption key It is possible to send and receive data via a network to and from a payment system that sends
Receiving the primary encrypted data from the payment system,
A mobile terminal, characterized in that the primary encrypted data is further encrypted using a second encryption key to create secondary encrypted data, and the secondary encrypted data is directly transmitted to the real member store terminal. 19. A payment method for performing card payment via a portable terminal of a user who pays the card, wherein the card information of the user is encrypted using a predetermined first encryption key and a primary encryption is performed. Data to create encrypted data and send software for directly transmitting and receiving data between the real member store terminal and the mobile terminal owned by the user, and data via the network between the mobile terminal and the payment system. The real member store terminal uses wireless communication means B for directly receiving encrypted card information from the mobile terminal and a first decryption key corresponding to the first encryption key. A real member store terminal, characterized in that the received card information is decrypted and converted into plaintext, and the plaintext converted by the first decryption means is converted into electronic text and transmitted. 20. The primary encrypted data received by the portable terminal from the payment system is further encrypted using a second encryption key to create secondary encrypted data, and the secondary encrypted data is converted into the real encrypted data. When transmitting directly to the member store terminal, the real member store terminal directly receives the secondary encrypted data from the mobile terminal and uses the second decryption key corresponding to the second encryption key to perform the primary decryption key. The real member store terminal according to claim 19, wherein the real member store terminal is decrypted into encrypted data, decrypted into the primary encrypted data, and then decrypted using the first decryption key. 21. The data transmission / reception between the real member store terminal and the mobile terminal is carried out via wireless communication including either Bluetooth or infrared communication. The payment method described in any of. 22. In a payment method for performing card payment via a network, a network is provided between a user terminal of a user who pays a card and a virtual member store terminal where the user purchases a product or the like. Data can be transmitted and received via a user, information of the user and / or information about the user and card information are stored in a member database, and the card information of the user is a predetermined first encryption key. Primary encrypted data created by the first encrypting means, transmitted to the user terminal, and received by the virtual member store terminal from the user terminal. The encrypted card information is decrypted using the first decryption key corresponding to the first encryption key, converted into plaintext, and edited from the plaintext. Settlement method for receiving a sentence from the virtual merchant terminal, the credit decision of whether to approve the card payment of the user based on the message thus received, and performs, based on the member database. 23. The user terminal further encrypts the primary encrypted data received from the payment system using a second encryption key to create secondary encrypted data, and the secondary encrypted data is stored in the user terminal. 23. The payment method according to claim 22, wherein the payment is performed via a network. 24. The virtual member store terminal receives the secondary encrypted data from the user terminal via the network, and uses the second decryption key corresponding to the second encryption key to perform the primary encryption. 23. After the data is decrypted, the decryption is further performed using the first decryption key.
Alternatively, the payment method according to claim 23. 25. In a settlement method for performing a card settlement via a network, a virtual member store terminal where a user who pays a card purchases a product etc. and a card information of the user which is predetermined. Data can be transmitted and received via a network with a payment system that encrypts using a single encryption key to create primary encrypted data and transmits the created primary encrypted data to the user terminal, The user terminal receives the primary encrypted data from the payment system, and further encrypts the primary encrypted data using a second encryption key to create secondary encrypted data. 26. In a payment system for making a card payment via a network, card information of a user making a card payment is encrypted using a predetermined first encryption key to create primary encrypted data. A payment system for transmitting the created primary encrypted data to the user terminal,
Data can be transmitted and received to and from the user terminal via a network, and the virtual member store terminal is
The encrypted card information is received from the user terminal via the network, the received card information is decrypted using the first decryption key corresponding to the first encryption key, and converted into plaintext, and the conversion is performed. A virtual member store terminal, which is characterized by converting a plain text into a digital text and transmitting it. 27. The user terminal further encrypts the received primary encrypted data using a second encryption key to create secondary encrypted data, and the secondary encrypted data is converted to the virtual member store terminal. When transmitting to the virtual member store terminal, the virtual member store terminal receives the secondary encrypted data from the user terminal via the network, and uses the second decryption key corresponding to the second encryption key to transmit the primary encrypted data. 27. The virtual member store terminal according to claim 26, which is decrypted into encrypted data, decrypted into the primary encrypted data, and then decrypted using the first decryption key. 28. The first decryption key is distributed or transmitted from a card company in advance.
28. The payment method according to claim 27.