JP7072111B1 - Service providers, service delivery methods, and programs - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a service providing device, a service providing method, and a program capable of enhancing convenience while protecting user information. SOLUTION: A first authentication unit that performs SMS authentication using a telephone number for a terminal device used by a user, and a second authentication unit that authenticates the user differently from the first authentication unit. It is equipped with an information management unit that manages registration information including the user's telephone number, and when the user requests to change the telephone number while the terminal device is not logged in through the terminal device, the first item is provided. 1 The authentication unit and the second authentication unit perform authentication respectively, and when both the authentication by the first authentication unit and the authentication by the second authentication unit are successful, the information management unit determines the registered information of the user. A service providing device that deletes at least some information different from the registered telephone number and updates the registered information with the new telephone number related to the application. [Selection diagram] Fig. 3

Description

The present invention relates to a service providing device, a service providing method, and a program.

Conventionally, in services provided at least partially via a network, it is usual that a user can receive the service by logging in to an account. When logging in, you are required to enter a phone number, login ID, password, etc. (including the case where the browser or application memorizes the information and automatically inputs it). In particular, in services dealing with money such as electronic payment services, the importance of authentication processing is high, and a relatively high security authentication method such as SMS authentication (see Patent Document 1) is adopted.

Japanese Unexamined Patent Publication No. 2020-177392

By the way, when a user replaces a terminal device such as a smartphone or a tablet terminal, it becomes necessary to change the telephone number registered in the service. In the conventional technique, when changing a telephone number online, it may be necessary to apply for the change of the telephone number while logged in to the account using the terminal device before changing the telephone number. In addition, when it is possible to apply for a change of telephone number online using a new terminal device, it is not possible to sufficiently guarantee the certainty regarding the correspondence between the account and the user, and the protection of user information is sufficient. There was concern that it could not be planned.

The present invention has been made in consideration of such circumstances, and an object of the present invention is to provide a service providing device, a service providing method, and a program capable of enhancing convenience while protecting user information. Make it one.

One aspect of the present invention is a service providing device for providing a service, which is a first authentication unit that performs SMS (Short Message Service) authentication using a telephone number for a terminal device used by a user, and the above-mentioned use. It is equipped with a second authentication unit that authenticates a person differently from the first authentication unit, and an information management unit that manages registration information including the user's telephone number. When an application is made to change the telephone number when the device is not logged in, the first authentication unit and the second authentication unit perform authentication, respectively, and the authentication by the first authentication unit and the authentication by the second authentication unit are performed. If both are successful, the information management department deletes at least some of the user's registered information that is different from the registered phone number, and at the same time, deletes the registered information with the new phone number related to the application. It is a service providing device to be updated.

According to one aspect of the present invention, it is possible to provide a service providing device, a service providing method, and a program that can enhance convenience while protecting user information.

It is a figure which shows an example of the configuration for realizing an electronic payment service. It is a figure exemplifying the general flow of electronic payment. It is a block diagram of the payment server 100. It is a figure which shows an example of the content of the user information 172. It is a figure (the 1) which shows the flow of changing a telephone number when a user does not hold an old terminal at hand, but holds only a new terminal at hand. It is a figure which shows an example of the question presentation screen IM1 which a payment application 20 displays on a user terminal apparatus 10. It is a figure which shows an example of the question presentation screen IM2 which is displayed by operating the question expansion switch SW1 corresponding to the credit card number in the question presentation screen IM1 shown in FIG. It is a figure (No. 2) which shows the flow of changing a telephone number when a user does not hold an old terminal at hand, but holds only a new terminal at hand.

Hereinafter, embodiments of the service providing device, the service providing method, and the program of the present invention will be described with reference to the drawings. The service provider is realized by one or more processors. The service providing device is a device that provides services such as an electronic payment service. In the following description, the service providing device shall provide an electronic payment service and will be referred to as a "payment server", but the service providing device involves shopping, auction, chat, miniblog, and other logins. It may provide any service. The electronic payment service is a service that supports payment related to the purchase of goods and services at stores. A store is, for example, a physical store (actual store) that exists in a real space.

[Electronic payment service]
FIG. 1 is a diagram showing an example of a configuration for realizing an electronic payment service. The electronic payment service is realized centering on the payment server 100. The payment server 100 communicates with, for example, one or more user terminal devices 10 and one or more store terminal devices 50 via a network NW. The network NW includes, for example, the Internet, a LAN (Local Area Network), a radio base station, a provider device, and the like.

The user terminal device 10 is, for example, a portable terminal device such as a smartphone or a tablet terminal. The user terminal device 10 is a computer device having at least an optical reading function, a communication function, a display function, an input reception function, and a program execution function. In the following description, the configurations for realizing these functions are referred to as a camera, a communication device, a touch panel, a CPU (Central Processing Unit), and the like, respectively. The user terminal device 10 operates so as to provide an electronic payment service to the user in cooperation with the payment server 100 by executing the payment application 20 by a processor such as a CPU. The payment application 20 controls a camera, a communication device, a touch panel, and the like.

The store terminal device 50 is installed in a store, for example. The store terminal device 50 is a computer device having at least a product price acquisition function, an optical reading function, a program execution function, and a communication function. The store terminal device 50 includes a so-called POS (Point of Sale) device, and the POS device may realize a product price acquisition function and an optical reading function. The store code image 60 is placed in a store and a code image such as a QR code (registered trademark) is printed on a paper or plastic medium. The store code image 60 may be displayed on a display placed in the store.

The payment server 100 realizes electronic payment based on payment information received from the user terminal device 10 or the store terminal device 50. The payment server 100 performs electronic payment by, for example, increasing or decreasing the charge balance managed in association with the user ID (in other words, depositing and withdrawing electronic money). The electronic payment may include a method that enables a purchase of a larger amount than the charge balance at the time of purchase by a method such as revolving payment or credit payment.

FIG. 2 is a diagram illustrating a rough flow of electronic payment. There may be two types of electronic payment, pattern 1 and pattern 2. In the case of pattern 1, the payment application 20 is first activated on the user terminal device 10 to display a code image such as a QR code or a barcode. The user holds (presents) the display surface of the user terminal device 10 on the store terminal device 50. The store terminal device 50 decodes the code image by the optical reading function and acquires information such as a user ID. Then, the store terminal device 50 generates payment information including a user ID, a payment amount, a store ID, and the like, and transmits the payment information to the payment server 100. Information on the payment amount is acquired in advance by reading a barcode or manually inputting it. The payment server 100 performs payment processing based on the received information.

In the case of the pattern 2, the user terminal device 10 in the state where the payment application 20 is activated decodes the store code image 60 by the optical reading function. The store code image 60 includes information such as a store name. The user inputs the payment amount into the user terminal device 10 on the screen on which the store name and the like are displayed. Then, the user terminal device 10 generates payment information including a user ID, a payment amount, a store ID, and the like, and transmits the payment information to the payment server 100. The payment server 10 performs payment processing based on the received information. In addition, electronic payment may be performed only in any of the above patterns.

<First Embodiment>
[Payment server]
FIG. 3 is a configuration diagram of the payment server 100. The payment server 100 is, for example, a communication unit 110, a login state management unit 120, a payment content providing unit 122, a payment processing unit 124, a first authentication unit 126, a second authentication unit 128, and an information management unit 130. And a storage unit 170. The components other than the communication unit 110 and the storage unit 170 are realized by, for example, a hardware processor such as a CPU executing a program (software). Some or all of these components are hardware (circuit parts) such as LSI (Large Scale Integration), ASIC (Application Specific Integrated Circuit), FPGA (Field-Programmable Gate Array), GPU (Graphics Processing Unit). It may be realized by (including circuits), or it may be realized by the cooperation of software and hardware. The program may be stored in advance in a storage device (a storage device including a non-transient storage medium) such as an HDD (Hard Disk Drive) or a flash memory, or a removable storage such as a DVD or a CD-ROM. It is stored in a medium (non-transient storage medium), and may be installed in the storage device by mounting the storage medium in the drive device.

The storage unit 170 is an HDD, a flash memory, a RAM (Random Access Memory), or the like. The storage unit 170 may be a NAS (Network Attached Storage) device that the payment server 100 can access via a network. Information such as user information 172, payment content information 174, and store information 176 is stored in the storage unit 170.

The communication unit 110 is a communication interface for connecting to the network NW. The communication unit 110 is, for example, a network card.

The login status management unit 120 manages the login status of each user. The login state management unit 120 assumes that the user has logged in when the user newly installs the payment application 20 and registers various information (at the time of new registration). After that, the login state management unit 120 maintains the login state of the user unless the user is accessed from the same user terminal device 10 and a logout operation is performed. In new registration, the user enters at least a phone number and password. When the user performs a logout operation using the user terminal device 10 and then performs a login operation again, the login state management unit 120 requests the user to input a telephone number and a password. At this time, the login state management unit 120 determines whether or not the user terminal device 10 is the same as the previous one based on the hash value of the identification information of the OS, and is not the same user terminal device 10. If it is determined, the first authentication unit 126 is made to perform SMS authentication. SMS authentication will be described later.

The payment content providing unit 122 has, for example, a Web server function, and provides the user terminal device 10 with information (contents) for displaying various screens of the electronic payment service, including the above-mentioned payment completion screen. The payment content providing unit 122 appropriately reads out necessary content from the payment content information 174 and provides it to the user terminal device 10. The user terminal device 10 accepts various inputs by the user while the content is being played by the payment application 20, and transmits the above-mentioned payment information and the like to the payment server 100. The content based on the payment content information 174 includes content provided in a logged-in state and content provided in a non-logged-in state. In the content in the non-logged-in state, the payment server 100 provides various guidance information, and accepts a new registration or a telephone number change application.

The payment processing unit 124 performs payment processing based on the payment information transmitted by the user terminal device 10 or the store terminal device 50. The payment processing unit 124 performs payment processing while referring to the user information 172.

FIG. 4 is a diagram showing an example of the contents of user information 172. User information 172 is an example of user registration information. The user information 172 includes, for example, an e-mail address, a user ID, a name / address / date of birth, as well as a minimum telephone number and password required for new registration for an account ID (which may be omitted). Information such as registration date, charge balance, bank account, credit card number, other service linkage information, radio wave authentication setting, carrier payment setting, chat friend list, charge history information, payment history information, chat history information, etc. are associated. It is a thing. Information other than the telephone number, password, registration date, charge balance, charge history information, and payment history information is optional setting information. Hereinafter, a user instance (electronic payment account) to which such information is associated is referred to as an account. The registration date is the date when the user registers for the electronic payment service (the date when the account is created).

The charge balance is information indicating the balance of electronic money set by the user in advance by remittance to the account. As a means of remittance, there are remittance from an ATM (Automatic Teller Machine) of a designated trader (bank), remittance from a registered bank account, and the like. Each of the bank account and the credit card number is the information (account number, card number) of the bank account or the credit card number that can be credited to the electronic payment service. The other service linkage information is a login ID or the like of another service linked with the electronic payment service (for example, operated by an operator belonging to the same business group). The radio wave authentication setting is setting information when authentication is performed by communication with a specific communication carrier. The carrier payment setting is setting information for transferring at least a part of the payment using the electronic payment service to the payment to the communication carrier. The chat friend list is a list of other users who are chat partners in the chat function provided by the electronic payment service. The charge history information is a history in which the user remits money to the electronic payment service in advance to increase the charge balance. The payment history information is information showing the breakdown of payments made by the user (date and time, store ID of the store where the purchasing behavior was performed, payment amount, etc.) for each payment. The chat history information is a history of the contents of the chat performed by the user.

The first authentication unit 126 performs SMS authentication. SMS authentication includes a one-time password in a short message using a telephone number and sends it to the user terminal device 10, causes the user to enter the one-time password into the user terminal device 10, and via the payment application 20. This is an authentication method for confirming that the telephone number belongs to the user by confirming whether the one-time password sent to the payment server 100 is correct.

The second authentication unit 128 performs authentication different from SMS authentication. In the first embodiment, the second authentication unit 128 performs e-mail authentication. E-mail authentication includes a one-time password in an e-mail and sends it to the user terminal device 10, causes the user to enter the one-time password into the user terminal device 10, and sends the one-time password to the payment server 100 via the payment application 20. This is an authentication method that confirms that the e-mail address belongs to the user by confirming whether the sent one-time password is correct.

The information management unit 130 creates a new record of the user information 172 based on the information acquired from the user terminal device 10, and updates each data item in the created record.

[Change phone number]
Hereinafter, the operation of the payment server 100 when the user tries to change the telephone number in the user information 172 will be described. Hereinafter, the user terminal device 10 to which the telephone number before the change is associated is referred to as an "old terminal", and the user terminal device 10 to which the telephone number after the change is associated is abbreviated as "new terminal".

(Method 1)
If the user has both an old terminal and a new terminal at hand, that is, if the user is logged in to the account on the old terminal or is able to log in quickly, the user will operate on the old terminal. You can apply to change your phone number through the payment application 20 you are using. In this case, after SMS authentication is performed on the new terminal, it is possible to log in on the new terminal using the new telephone number and the old password. It should be noted that such an operation has been performed in the past, and detailed description thereof will be omitted.

On the other hand, it is assumed that the user does not have the old terminal at hand and only the new terminal is at hand. This applies when the old terminal is disposed of due to a model change, or when the old terminal is lost.

(Method 2)
In the above case, since the reliability of the correspondence between the account and the user is lowered, the operator of the payment server 100 requests the user to input the form and approves the change of the telephone number through the offline processing of the operator and the like. do. Such a method is time consuming and may seem complicated to the user. Such an operation has also been performed in the past, and detailed description thereof will be omitted.

(Method 3)
Therefore, in order to improve convenience while protecting user information, the payment server 100 of the present invention performs a process that enables online telephone number change in a non-logged-in state, as described below. The login state management unit 120, the payment content providing unit 122, the information management unit 130, or another functional unit may collectively control this process. In the following, it is assumed that the information management unit 130 comprehensively controls.

FIG. 5 is a diagram (No. 1) showing a flow of changing a telephone number when the user does not hold the old terminal at hand but holds only the new terminal at hand. The process of changing the telephone number according to this flow can be executed when the user's e-mail address, which is an optional registration item, is registered in the user information 172.

First, the user inputs the old telephone number and password (PW in the figure) to the new terminal in the non-logged-in state to apply for the change of the telephone number (S1). The payment application 20 of the new terminal transmits the input information to the payment server 100 (S2). The login state management unit 120 confirms that the combination of the old telephone number and the password is correct (S3). The application for changing the telephone number includes the new telephone number. If the old phone number and password combination is incorrect, further processing will be stopped. In that case, measures such as displaying an error message on the payment application 20 and requesting the application to be redone from the beginning are taken. In addition, even if the user who made the application does not register the e-mail address in the account, measures such as displaying an error message on the payment application 20 are taken.

If it is confirmed that the old phone number and password combination is correct, the second authentication unit 128 performs e-mail authentication. First, the second authentication unit 128 generates the one-time password # 1 and sends it as an e-mail to the e-mail address registered in the user information 172 (S4). The user inputs the one-time password # 1 described or attached to the e-mail address into the payment application 20 (S5). The payment application 20 transmits the entered one-time password # 1 to the payment server 100 (S6). The second authentication unit 128 confirms that the returned one-time password # 1 is correct (S7). If the returned one-time password # 1 is incorrect, the subsequent processing will be stopped. In that case, measures such as returning to the processing of S3 or displaying an error message on the payment application 20 and requesting the application to be redone from the beginning are taken.

When it is confirmed that the one-time password # 1 is correct, the first authentication unit 126 performs SMS authentication. The order of e-mail authentication and SMS authentication may be reversed. First, the first authentication unit 126 generates a one-time password # 2, includes it in a short message using a new telephone number related to the application, and sends it (S8). The user inputs the one-time password # 2 described in the short message into the payment application 20 (S9). The payment application 20 transmits the entered one-time password # 2 to the payment server 100 (S10). The first authentication unit 126 confirms that the returned one-time password # 2 is correct (S11). If the returned one-time password # 2 is incorrect, the subsequent processing will be stopped. In that case, measures such as returning to the processing of S3 or displaying an error message on the payment application 20 and requesting the application to be redone from the beginning are taken.

When it is confirmed that the one-time password # 2 is correct, the information management unit 130 deletes a part of the user information 172 about the user (S12). Some of the information that is deleted is different from the old phone number, for example, name / address / date of birth, bank account, credit card number, other service ID login settings, radio authentication settings, carrier payment settings. , Chat friends list, chat history information, part or all. In addition to these, there may be information included in the user information 172 and deleted when the telephone number is changed by the method 3. "Deleting" may mean physically erasing, or may mean that it is no longer referenced (logically deleted) when the deletion flag is set. In either case, the deleted information will not be referenced by the user. It should be noted that old phone numbers may be processed so that they are not referenced (logically deleted) by being physically erased or set with a deletion flag, and are not used for login "Past registration". It may be left in the user information 172 as a "telephone number".

Part of the user information 172 is deleted in this way by e-mail authentication when there are cases where the e-mail password (assuming network mail) is the same as the password of the electronic payment service. This is because there is a concern that the certification strength of the e-mail is not sufficient. Suppose that an unauthorized user (spoofing user) illegally obtains the old phone number and password of a legitimate user and applies for a change in the phone number, and also illegally obtains information about the legitimate user's email address. If so, the change of the telephone number by the method 3 is completed by the application of an unauthorized user. Here, in general, there are few users who always hold a large amount of charge balance, but there are cases where a large amount of money can be deposited from a bank account. If an unauthorized user takes over the information in the bank account, it may be possible to charge a large amount of money to increase the charge balance and then monetize it in some way. Therefore, the payment server 100 of the present invention approves the change of the telephone number after deleting some information that is not preferable to be inherited by an unauthorized user. In addition, bank accounts, credit card numbers, carrier payment settings, etc. are directly concerned about monetary loss, but other information to be deleted is deleted from the viewpoint of personal information protection. May be included. By inputting the deleted information into the payment application 20 again, the user can register the same information as before or the newly changed information in his / her account.

After confirming that the deletion process in S12 is completed, the information management unit 130 changes the telephone number of the account in the user information 172 to a new telephone number related to the application (S13). "Confirming that the deletion process is completed" means, for example, that when the storage unit 170 is an external database, a deletion completion notification is received from the database management system that manages the external database. When the information management unit 130 directly rewrites the user information 172, it may be determined that "confirmation that the deletion process has been completed" has been completed when the verify process, the parity check, or the like is completed.

When the above processing is completed, the information management unit 130 (or the payment content providing unit 122) transmits a change completion notification indicating that the telephone number change is completed to the payment application 20 (S14). This will allow you to log in to your account with your new phone number.

According to the first embodiment described above, when a change of a telephone number is applied in a non-logged-in state, the change procedure is completed online to improve convenience for the user and some important matters. User information can be protected by deleting the information. Therefore, it is possible to improve convenience while protecting user information.

<Second Embodiment>
Hereinafter, the second embodiment will be described. In the payment server 100 of the second embodiment, as compared with the first embodiment, the second authentication unit 128 presents a plurality of questions to the user instead of the e-mail authentication, and the user responds to the user. Authentication is performed based on the result of answering through the terminal device 10 (payment application 20). The content of the question is based on the information registered in the user information 172 or the information regarding the usage history of the electronic payment service.

FIG. 6 is a diagram showing an example of a question presentation screen IM1 displayed on the user terminal device 10 by the payment application 20. The question presentation screen IM1 includes areas A1 to A8 for answering a predetermined number (for example, 8) of questions. A question expansion switch SW1 is provided in each area, and the details of the question are displayed by operating the expansion switch SW.

The first question concerns, for example, credit card numbers. FIG. 7 shows an example of the question presentation screen IM2 displayed by operating the question expansion switch SW1 corresponding to the credit card number on the question presentation screen IM1 shown in FIG. As shown, the first question asks you to answer the brand of the credit card registered in your account and the last four digits of your credit card number. The user selects a brand from the list of brands presented by operating the list expansion button SW2 for the brand, and manually inputs the last four digits of the card number. Although the illustration of the question presentation screen is omitted for other questions, the answer to the question can be input in an appropriate manner.

The second question concerns, for example, bank account information. The user is asked, for example, the last two digits of the bank account number registered in the account, and if the user selects this question, answer it. The third question is, for example, about the user ID. The user is asked about the user ID registered in the account, and if the user selects this question, he / she answers it. The fourth question is, for example, about the date of birth of the user. The user will be asked for the date of birth registered in their account, and if the user selects this question, answer it. The fifth question is, for example, about the date when the user newly registers for the electronic payment service. The user will be asked the registration date registered in the account, and if the user selects this question, answer it. The sixth question concerns, for example, the charge balance. The user will be asked about the charge balance, and if the user chooses this question, answer it. The charge balance may be available for reference by logging in to another service (described above) linked with the electronic payment service. The seventh question is, for example, about payment history. The user is required to answer the date and amount of any one of the payment history information, and if the user selects this question, answer it. The seventh question may be answered by referring to the receipt. The eighth question concerns, for example, the charge history. The user is required to answer the date and amount of any one of the charge history information, and if the user selects this question, answer it. The eighth question may be answered by referring to the description in the passbook of the charge source or the remittance statement.

The second authentication unit 128 determines, for example, that the authentication is successful when the user answers three or more of the eight questions correctly. As a result, it is confirmed that the user who applies for the telephone number change holds information that would be difficult to know unless he / she is a legitimate user.

FIG. 8 is a diagram (No. 2) showing the flow of changing the telephone number when the user does not hold the old terminal at hand but holds only the new terminal at hand.

First, the user inputs the old telephone number and password (PW in the figure) to the new terminal in the non-logged-in state to apply for the change of the telephone number (S21). The payment application 20 of the new terminal transmits the input information to the payment server 100 (S22). The login state management unit 120 confirms that the combination of the old telephone number and the password is correct (S23). The application for changing the telephone number includes the new telephone number. If the old phone number and password combination is incorrect, further processing will be stopped. In that case, measures such as displaying an error message on the payment application 20 and requesting the application to be redone from the beginning are taken. In addition, even if the user who made the application does not register the e-mail address in the account, measures such as displaying an error message on the payment application 20 are taken.

When it is confirmed that the combination of the old telephone number and the password is correct, the first authentication unit 126 performs SMS authentication. The order of SMS authentication and authentication by the second authentication unit 128 may be reversed. First, the first authentication unit 126 generates a one-time password, includes it in a short message using a new telephone number related to the application, and sends it (S24). The user inputs the one-time password described in the short message into the payment application 20 (S25). The payment application 20 transmits the entered one-time password to the payment server 100 (S26). The first authentication unit 126 confirms that the returned one-time password is correct (S27). If the returned one-time password is incorrect, further processing will be stopped. In that case, measures such as returning to the processing of S23 or displaying an error message on the payment application 20 and requesting the application to be redone from the beginning are taken.

The second authentication unit 128 authenticates by the above-mentioned question. First, the second authentication unit 128 provides the content including the question to the user terminal device 10 via the payment content providing unit 122, and displays it on the payment application 20 (S28). The content including this question may be embedded in the payment application 20, and in that case, the processing of S28 may be performed autonomously by the payment application 20. The user answers the question as described above (S29). The payment application 20 transmits the information of the answer input by the user to the payment server 100 (S30). The second authentication unit 128 confirms that the received answers are a predetermined number or more and are correct answers (S31).

When it is confirmed that the number of answers is more than a predetermined number and the answer is correct, the information management unit 130 deletes a part of the information about the user in the user information 172 (S32). The deletion is the same as that of the first embodiment, and the description thereof will be omitted again.

After confirming that the deletion process in S32 is completed, the information management unit 130 changes the telephone number of the account in the user information 172 to a new telephone number related to the application (S33).

When the above processing is completed, the information management unit 130 (or the payment content providing unit 122) transmits a change completion notification indicating that the telephone number change is completed to the payment application 20 (S34). This will allow you to log in to your account with your new phone number.

According to the second embodiment described above, as in the first embodiment, when a change of the telephone number is applied in a non-logged-in state, the convenience for the user is improved by completing the change procedure online. At the same time, user information can be protected by deleting some important information. Therefore, it is possible to improve convenience while protecting user information.

Although the embodiments for carrying out the present invention have been described above using the embodiments, the present invention is not limited to these embodiments, and various modifications and substitutions are made without departing from the gist of the present invention. Can be added.

10 User terminal device 20 Payment application 50 Store terminal device 60 Store code image 100 Payment server 120 Login status management unit 122 Payment content provision unit 124 Payment processing unit 126 First authentication unit 128 Second authentication unit 130 Information management unit 170 Storage unit 172 User information 174 Payment content information

Claims (12)

A service provider that provides electronic payment services.
The first authentication unit that performs SMS (Short Message Service) authentication using a telephone number for the terminal device used by the user,
A second authentication unit that authenticates the user differently from the first authentication unit,
It is equipped with an information management unit that sets the user's account with the telephone number and password as essential registration items and manages the registration information including the user's telephone number.
When the user requests to change the telephone number in the non- logged-in state through a terminal device associated with a telephone number different from the telephone number registered in the registration information .
The first authentication unit and the second authentication unit each perform authentication, and
If both the authentication by the first authentication unit and the authentication by the second authentication unit are successful, the information management unit obtains at least a part of the registered information of the user that is different from the registered telephone number. Delete and update the registration information with the new phone number related to the application.
Service provider. The first authentication unit performs the SMS authentication when a login request using the same telephone number is made from a terminal device different from the already recognized terminal device.
The service providing device according to claim 1. The second authentication unit performs e-mail authentication.
The service providing device according to claim 1 or 2. The second authentication unit authenticates a plurality of questions presented to the user based on the result of the user answering through the terminal device.
The service providing device according to claim 1 or 2. At least a part of the plurality of questions asks the contents of the registration information.
The service providing device according to claim 4. At least a part of the plurality of questions relates to the usage history of the electronic payment service.
The service providing device according to claim 4 or 5. When deleting a part of the user's registration information, the information management unit deletes at least the information of the bank account that can be deposited in the electronic payment service.
The service providing device according to any one of claims 1 to 6. When deleting a part of the user's registration information, the information management unit deletes at least the information of the credit card number that can be used for the electronic payment service.
The service providing device according to any one of claims 1 to 7. When deleting a part of the registered information of the user, the information management department deletes at least a part or all of the information of the name, address, and date of birth.
The service providing device according to any one of claims 1 to 8. The electronic payment service includes providing a chat function.
When deleting a part of the registered information of the user, the information management unit deletes at least the information related to the chat function.
The service providing device according to any one of claims 1 to 9. A service provider that provides electronic payment services
Set the user's account with the phone number and password as required registration items,
Manage registration information including the user's phone number and
When a user requests to change the phone number in a non-logged-in state through a terminal device associated with a phone number different from the phone number registered in the registration information .
SMS authentication using a telephone number and authentication different from the SMS authentication are performed for the terminal device used by the user, respectively.
If both the SMS authentication and the different authentication are successful, at least some of the registered information of the user, which is different from the registered telephone number, is deleted, and the new telephone number related to the application is used for the registration. Update information,
Service provision method. For service providing devices that provide electronic payment services
Have the user set up an account with the phone number and password as required registration items,
Let us manage the registration information including the user's phone number,
When a user requests to change the phone number in a non-logged-in state through a terminal device associated with a phone number different from the phone number registered in the registration information .
Have the terminal device used by the user perform SMS authentication using a telephone number and authentication different from the SMS authentication, respectively.
If both the SMS authentication and the different authentication are successful, at least a part of the registered information of the user different from the registered telephone number is deleted, and the new telephone number related to the application is used for the registration. Update information,
program.

Images