JP7486651B1 - Payment server, payment control method, and program - Google Patents

Abstract

[Problem] To provide a payment server, a payment control method, and a program for realizing safer electronic payment. [Solution] A payment server 100 that communicates with one or more user terminal devices, one or more first store terminal devices, and one or more second store terminal devices via a network includes a payment processing unit 130 that identifies the user using the offline key and proceeds with electronic payment when payment information includes an offline key that has been assigned to the user in advance and stored in a storage unit, and does not include information based on a one-time code obtained by referring to the storage unit 170. When payment information includes an offline key, and does not include information based on a one-time code obtained by referring to the storage unit 170, the payment processing unit 130 sets an upper limit on the number of payments that can be made within a specified period. [Selected Figure] Figure 4

Description

Patent Act Article 30, Paragraph 2 Application 1. Website posting date: July 20, 2023 Website URL (1): https://about.paypay.ne.jp/pr/20230720/01/ Website URL (2): https://paypay.ne.jp/help/c0398/?appwebview&_ga=2.261947278.2056208584.1692065200-161083322.1668519568

The present invention relates to a payment server, a payment control method, and a program.

A form of electronic payment in which a payment app running on a terminal device such as a smartphone displays a code image and a device at the store reads information from the code image is becoming widespread (Patent Document 1). In this form of electronic payment, a one-time code issued by the payment server in association with the user's account is used as the original information to be displayed in the code image. The use of a one-time code eliminates the need to include personal information in the code image, thereby improving security.

Patent No. 7237224

In the above-described electronic payment mode, when an electronic payment is about to be made, a request for a one-time code is sent from the payment app to the payment server, and a one-time code is issued in response. Therefore, in conventional technology, if communication between the terminal device and the payment server is difficult at the time of electronic payment, it may be impossible to obtain a valid one-time code, making the electronic payment impossible. In such cases, when making electronic payment using an alternative method, there may be concerns about reduced security.

The present invention was made in consideration of these circumstances, and one of its objectives is to provide a payment server, a payment control method, and a program that can realize safer electronic payments.

One aspect of the present invention is a payment server that cooperates with an application program running on a user's terminal device to provide the user with an electronic payment service, comprising: a communication unit that communicates with a store terminal device installed in a store, and receives from the store terminal device payment information including at least a portion of information read from a code image displayed by the terminal device and a payment amount; a provision unit that provides a one-time code to the application program via the communication unit and stores the one-time code in a storage unit together with information that can identify the user; and a payment processing unit that performs electronic payment based on the payment information, and refers to the storage unit to receive the payment information. and a payment processing unit that, if the payment information includes information based on the one-time code obtained by referencing the storage unit, identifies the user using the one-time code and proceeds with the electronic payment, and, if the payment information includes an offline key that has been assigned to the user in advance and stored in the storage unit and does not include information based on the one-time code obtained by referencing the storage unit, identifies the user using the offline key and proceeds with the electronic payment, and the payment processing unit is a payment server that, if the payment information includes the offline key and does not include information based on the one-time code obtained by referencing the storage unit, sets an upper limit on the number of payments within a predetermined period.

According to one aspect of the present invention, it is possible to provide a payment server, a payment control method, and a program that can realize more secure electronic payments.

FIG. 1 is a diagram showing an example of a configuration for realizing an electronic payment service. FIG. 1 is a sequence diagram (part 1) illustrating an example of a general flow of electronic payment (online payment). FIG. 2 is a sequence diagram (part 2) illustrating an example of a general flow of electronic payment (online payment). FIG. 2 is a configuration diagram of a payment server 100 according to the first embodiment. FIG. 11 is a diagram showing an example of the contents of user information 172. FIG. 13 is a diagram showing an example of the contents of affiliated store/store information 176. FIG. 2 is a diagram showing an example of a top screen IM1 of a payment application 20. FIG. 11 is a sequence diagram illustrating a process flow for offline payment. 11 is a flowchart showing an example of a process flow related to screen control by a payment application 20. FIG. 13 is a diagram showing an example of a standby screen IM2. FIG. 13 is a diagram showing an example of a half sheet IM3. FIG. 13 is a diagram showing an example of a detailed explanation screen IMe. FIG. 13 is a diagram showing an example of a first offline mode screen IM4 on which a first offline code image is displayed. FIG. 13 is a diagram showing an example of a second offline mode screen IM5 on which a second offline code image is displayed. FIG. 13 is a diagram showing an example of a payment method selection screen IM6.

Hereinafter, with reference to the drawings, an embodiment of the application program, the payment control method, the payment server, the program, and the payment system of the present invention will be described. The application program and the payment server work together to provide an electronic payment service. In the following description, the application program is referred to as a payment app. The electronic payment service is a service that supports payments related to the purchase of goods and services at a store. The store is, for example, a physical store (real store) that exists in the real world, but may also include a virtual store for electronic commerce. The virtual store may also include a store provided by an entity other than the operator of the electronic payment service. In that case, when making a payment for a purchase at the virtual store, the screen is controlled to transition to an interface screen of the electronic payment service. In the electronic payment service, the store is treated as belonging to, for example, an affiliated store (brand), and processing such as payment when a purchase is made at the store is mainly performed between the user and the affiliated store. Alternatively, processing such as payment may be performed between the user and the store.

[Electronic payment service]
1 is a diagram showing an example of a configuration for realizing an electronic payment service. The electronic payment service is realized mainly by a payment server 100. The payment server 100 communicates with, for example, one or more user terminal devices 10, one or more first store terminal devices 50, and one or more second store terminal devices 70 via a network NW. The network NW includes, for example, the Internet, a LAN (Local Area Network), a wireless base station, a provider device, and the like.

The user terminal device 10 is, for example, a portable terminal device such as a smartphone or a tablet terminal. The user terminal device 10 is a computer device having at least an optical reading function, a communication function, a display function, an input acceptance function, and a program execution function. In the following description, the components for realizing these functions are referred to as a camera, a communication device, a touch panel, a CPU (Central Processing Unit), etc. In the user terminal device 10, a processor such as a CPU executes a payment app 20, which operates in cooperation with the payment server 100 to provide electronic payment services to users. The payment app 20 is installed in the user terminal device 10 from, for example, an application store, and controls the camera, communication device, touch panel, etc.

The first store terminal device 50 is installed, for example, in a store. The first store terminal device 50 is a computer device having at least a product price acquisition function, an optical reading function, a program execution function, and a communication function. The first store terminal device 50 includes a so-called POS (Point of Sale) device, and the product price acquisition function and the optical reading function may be realized by the POS device. The store code image 60 is placed in the store, and is a code image such as a QR code (registered trademark) printed on a paper or plastic medium. The store code image 60 may be displayed on a display placed in the store (which may be the display of a terminal device such as a smartphone).

The second store terminal device 70 is used by the operator of the affiliated store. The second store terminal device 70 is a smartphone, a tablet terminal, a personal computer, etc. An interface 72 for affiliated stores runs on the second store terminal device 70. The interface 72 for affiliated stores may be an app for affiliated stores or a browser. The interface 72 for affiliated stores accepts coupon settings and the like made by the operator of the affiliated store and transmits them to the payment server 100. The second store terminal device 70, which is a smartphone, has the function of displaying a code image equivalent to a store code image and reading a code image displayed by the user terminal device 10 by executing the app for affiliated stores.

The payment server 100 realizes electronic payment based on payment information received from the user terminal device 10 or the first store terminal device 50. The first store terminal device 50 may include a POS device, a POS gateway, an affiliated store server, etc., in which case the payment information is sent from the POS device to the payment server 100 via various devices. In the following explanation, no distinction is made between these two, and it is assumed that the payment information is sent from the first store terminal device 50.

Figures 2 and 3 are sequence diagrams illustrating the general flow of electronic payment (online payment). There may be two types of electronic payment: pattern 1 and pattern 2.

In the case of pattern 1 (hereinafter referred to as user scan) shown in FIG. 2, the user terminal device 10 with the payment application 20 activated decodes the store code image 60 by the optical reading function (S1). The store code image 60 includes store URL (Uniform Resource Locator) information. This store URL is the domain of the electronic payment service to which information capable of identifying the store is added, and is associated with the affiliated store ID, store ID, etc. in the payment server 100 (described later). The payment application 20 transmits the first payment information including the store URL and the account ID to the payment server 100 (S2). The payment server 100 searches for store information (described later) from the affiliated store ID and store ID corresponding to the store URL, acquires the affiliated store name and store name information (S3), and transmits it to the payment application 20 (S4). The user inputs the payment amount into the user terminal device 10 on the screen on which the affiliated store name and store name are displayed (S5). Then, the user terminal device 10 generates second payment information including at least the payment amount and transmits it to the payment server 100 (S6). The payment server 100 performs electronic payment based on the received second payment information (S7). The payment server 100 then transmits a payment completion notice (information for displaying a payment completion screen) to the payment application 20 (S8), and the payment application 20 displays the payment completion screen (S9). Note that when the store code image 60 is displayed on a display installed in the store, the store code image 60 may include not only the store URL but also information on the payment amount. In this case, the procedure in which the user inputs the payment amount is omitted, and the first payment information is transmitted to the payment server 100 with the information on the payment amount included. Information on the affiliated store name and store name may be included and displayed on the payment completion screen.

In the case of pattern 2 (hereinafter referred to as store scan) shown in FIG. 3, when the payment app 20 is started, when a payment operation is performed in the payment app 20, when the automatic update timing (for example, every minute) occurs, and at other timings, the payment app 20 sends a request to issue a one-time code to the payment server 100 (S11). The payment server 100 (the payment content providing unit 120 described later) generates a one-time code (S12) and sends it to the payment app 20 (S13). The payment app 20 displays a code image (online code image) such as a QR code or a barcode generated based on the one-time code (S14). The user holds (presents) the display surface of the user terminal device 10 over the first store terminal device 50, and the first store terminal device 50 decodes the code image by the optical reading function and obtains the one-time code, etc. (S15). Then, the first store terminal device 50 generates payment information including the one-time code, payment amount, affiliated store ID, store ID, etc., and sends it to the payment server 100 (S16). The payment amount information is acquired in advance by reading a barcode or manually entering it. Based on the received information, the payment server 100 identifies the user corresponding to the one-time code and performs electronic payment (S17). The payment server 100 then sends a payment completion notification to the payment application 20 (S18), and the payment application 20 displays a payment completion screen (S19). At the same time, information notifying the first store terminal device 50 of the completion of payment is also sent.

Note that electronic payment may be made using only one of the above patterns. In addition, the "account ID" described in FIG. 2 may be other information (e.g., a telephone number) that can be used as user identification information.

[Payment server]
FIG. 4 is a configuration diagram of the payment server 100 according to the first embodiment. The payment server 100 includes, for example, a communication unit 110, a payment content providing unit 120, a payment processing unit 130, an information management unit 140, and a storage unit 170. The components other than the communication unit 110 and the storage unit 170 are realized by, for example, a hardware processor such as a CPU executing a program (software). Some or all of these components may be realized by hardware (including circuitry) such as an LSI (Large Scale Integration), an ASIC (Application Specific Integrated Circuit), an FPGA (Field-Programmable Gate Array), or a GPU (Graphics Processing Unit), or may be realized by cooperation between software and hardware. The program may be stored in advance in a storage device (storage device having a non-transient storage medium) such as an HDD (Hard Disk Drive) or a flash memory, or may be stored in a removable storage medium (non-transient storage medium) such as a DVD or a CD-ROM, and may be installed in the storage device by mounting the storage medium in a drive device.

The storage unit 170 is a HDD, flash memory, RAM (Random Access Memory), etc. The storage unit 170 may be a NAS (Network Attached Storage) device that the payment server 100 can access via a network. The storage unit 170 stores information such as user information 172, payment content information 174, and affiliated store/shop information 176.

The communication unit 110 is a communication interface for connecting to the network NW. The communication unit 110 is, for example, a network interface card.

The payment content providing unit 120 has, for example, a web server function, and provides information (content) for displaying various screens of the electronic payment service to the user terminal device 10. The payment content providing unit 120 reads out necessary content from the payment content information 174 as appropriate and provides it to the user terminal device 10. The user terminal device 10 accepts various inputs by the user while the content is being played by the payment application 20, and transmits the above-mentioned payment information and the like to the payment server 100.

The payment processing unit 130 performs payment processing based on the payment information transmitted by the user terminal device 10 or the first store terminal device 50. The payment processing unit 130 performs payment processing while referring to the user information 172.

Figure 5 is a diagram showing an example of the contents of user information 172. User information 172 is an example of user registration information. User information 172 is associated with information such as user URL, account ID, phone number, password, email address, user ID, name, address, date of birth, registration date, charge balance, deferred payment settings, deferred payment limit, deferred payment usage amount, available deferred payment amount, payment method settings, bank account, credit card number, issued one-time code, user identification token for offline payment described below, secret key (for charge balance), secret key (for deferred payment), offline payment upper limit information, charge history information, and payment history information.

The user URL is used for money transfer processing between users. When registering for the electronic payment service, registration of a phone number and password is mandatory. The account ID is issued to the user by the payment server 100, and the user ID is an ID that the user can set at their discretion (does not have to set). Similarly, the email address, name, address, and date of birth are also information that the user can set at their discretion (does not have to set). The registration date is the date that the user registered for the electronic payment service (the date that the account was created). Hereinafter, the user instance (electronic payment account) to which this information is associated will be referred to as an account.

The charge balance is information indicating the balance of electronic money that is set by the user by transferring money to the account in advance. Methods of transfer include transfer from an ATM (Automatic Teller Machine) of a designated business (bank) and transfer from a registered bank account. The deferred payment setting is information indicating whether the setting for enabling deferred electronic payment has been completed, and is set to either "completed" or "not completed." The payment method setting is setting information indicating whether the user will make electronic payment from the charge balance or deferred payment at that time. The bank account and credit card number are information on the bank account or credit card number (account number, card number) that can be used to deposit money into the electronic payment service. The charge history information is a history of the user transferring money to the electronic payment service in advance to increase the charge balance. The payment history information is information indicating the details of the payment made by the user (date and time, store ID of the store where the purchase was made, payment amount, payment method, etc.) for each payment.

Figure 6 is a diagram showing an example of the contents of affiliated store/store information 176. Affiliated store/store information 176 includes, for example, a first table 176A in which an affiliated store ID and a store ID are associated with a store URL, a second table 176B in which an affiliated store name and sales amount (described above) are associated with an affiliated store ID, and a third table 176C in which a store ID is associated with a store ID. In addition to this information, affiliated store/store information 176 may also include information such as the affiliated store or store category, the store's location, and payment patterns.

The information management unit 140 manages the user information 172 and the affiliated store/store information 176 based on information acquired from the user terminal device 10 and the second store terminal device 70. The information management unit 140 adds new records, edits, deletes, etc. for the user information 172 and the affiliated store/store information 176.

[Electronic Payment]
When payment information is acquired from the user terminal device 10 or the first store terminal device 50, the payment processing unit 130 refers to the user information 172 to acquire the "payment method setting" of the user. For a user whose "payment method setting" is set to "charge balance", the payment processing unit 130 performs electronic payment as follows. For example, the payment processing unit 130 performs electronic payment by decreasing the charge balance managed in association with the user ID and increasing the item value of the affiliated store's sales. The item value of the affiliated store's sales is not itself used as electronic money, for example, and an amount corresponding to the item value of the sales is transferred to a bank account in a cycle according to an agreement between the affiliated store and the electronic payment service.

The payment processing unit 130 performs electronic payment for users whose "setting information" is set to "deferred payment" as follows. Deferred payment is set separately from "credit payment" in cooperation with a credit card company, which is a separate entity from the operator of the electronic payment service, and the operator of the electronic payment service acts as the creditor and allows electronic payment that is not dependent on the charge balance within the deferred payment limit. In order to receive the deferred payment service, it may be required to obtain a credit card provided by the operator of the electronic payment service. The amount used for deferred payment is settled on the payment date of the following month in a lump sum for one month, for example, by debiting from a bank account. In this case, the payment processing unit 130 performs provisional payment by adding the payment amount to the deferred payment amount and subtracting the same amount from the available deferred payment amount, and when the closing date comes, it performs processing to debit the payment for the current month on the payment date of the following month as described above, or requests the operator of the credit card company to perform such processing. In addition, if the payment amount exceeds the available deferred payment amount at the time of provisional payment, an error notification is returned to the payment application 20.

[Switching between charge balance and deferred payment (when paying online)]
FIG. 7 is a diagram showing an example of the top screen IM1 of the payment application 20. Note that the illustrated state is premised on the first state (online payment possible state) in which communication between the payment application 20 and the payment server 100 is not difficult. In the first state, a valid one-time code is provided from the payment server 100 to the payment application 20. "Valid" means that it is in response to the most recently transmitted one-time code issuance request. The top screen IM1 displays a code image CD. The code image CD includes, for example, a barcode and a QR code. In addition, together with the code image CD, text indicating whether electronic payment is to be made with the charge balance or electronic payment by deferred payment (in the figure, "Pay with the balance") is displayed. This text is drawn by the payment application 20 based on information updated by the payment application 20 each time the changeover switch (toggle switch) SW is operated. In addition, the top screen IM1 includes an operation area CA including the changeover switch SW and a transition button TB1. Note that the "switch" and "button" are GUIs (Graphical User Interfaces) realized in cooperation with a touch panel. The changeover switch SW is for switching between electronic payment based on the charge balance and post-payment. The changeover switch SW is set to electronic payment based on the charge balance by default, and each time the user operates the switch SW, the setting is switched between electronic payment based on the charge balance and post-payment. In the figure, the explanation "Balance payment" is displayed, which means that the setting is set to electronic payment based on the charge balance. The operation area CA is provided with buttons for instructing main operations in electronic payment, such as a button for instructing scanning (starting user scanning) and a button for instructing charging. When the transition button TB1 is operated, the screen transitions to a payment screen that displays a code image used for electronic payment and the available amount.

[Offline payment]
Hereinafter, a description will be given of electronic payment (offline payment) in the second state in which a valid one-time code is not acquired due to difficulty in communication between the payment application 20 and the payment server 100. The offline payment in this embodiment can be performed at the store where the store scan is performed as described above.

The payment app 20 determines whether to perform online or offline payment depending on whether communication with the payment server 100 is in a first state where communication is normal or in a second state where communication is difficult. For example, the payment app 20 determines that the payment is in the second state when an event occurs n times or more where a response to a one-time code issuance request does not arrive within a predetermined time (n is an integer equal to or greater than 1). When the payment app 20 determines that communication with the payment server 100 is in the second state, it generates an offline code using the time measured by the user terminal device 10 and a secret key, generates an offline code image based on the offline code, and displays the offline code image on the display unit of the user terminal device 10. In other words, the payment app 20 generates an offline code image based on an offline code that it has generated itself without using a one-time code.

The secret key is obtained from the payment server 100 to the payment app 20 less frequently than the one-time code. For example, the activated payment app 20 obtains the secret key approximately once a week. In this obtaining process, a secret key issuance request may be sent from the payment app 20 to the payment server 100, or the payment server 100 may voluntarily provide the secret key to the payment app 20.

The payment application 20 may generate an offline code using a user identification token in addition to the time and the secret key. The user identification token may be one that is fixedly assigned to the user, or may be one that is sent from the payment server 100 together with the secret key issuance request. An example of an offline key is one that includes one or both of the secret key and the user identification token.

For example, the payment application 20 generates an offline code based on data obtained by inputting the secret key and the time into a specific function and combining the data with the user identification token. This method is merely one example, and the payment application 20 may generate an offline code using any method that can be decrypted based on some or all of the secret key, the time, and the user identification token.

The payment application 20 may also cause the user terminal device 10 to synchronize the time measured by the user terminal device 10 with the time measured by the payment server 100 at a predetermined timing (e.g., each time a secret key issuance request is made). At this time, the payment application 20 may perform a process of synchronizing the time measured by the user terminal device 10 with the time measured by a radio clock or the like at approximately the same time as the payment server 100.

When the offline code image is read by the first store terminal device 50 and payment information including at least a part of the read information and the payment amount is obtained (if the information based on the offline code image generated by the payment app 20 using the time is included), the payment processing unit 130 of the payment server 100 proceeds with the electronic payment based on the payment information if the offline authentication condition is satisfied. In other words, the offline payment is proceeded. "At least a part of the read information" means "at least a part of the offline code" and will be simply referred to as the offline code below. The offline authentication condition is related to the offline code image generated by the payment app 20 based on the offline code. For example, the offline authentication condition includes that the time read from the offline code image (hereinafter, the app time) is within a predetermined range compared with the time clocked by the payment server 100 (hereinafter, the server time). The offline authentication condition may include that the offline key (one or both of the secret key and the user identification token) is stored in the storage unit 170 as provided to the payment app 20. The time handled in the offline payment is, for example, clocked in minutes, but is not limited to this. When the payment processing unit 130 acquires the payment information, it uses the offline key to identify the user. For example, when the payment processing unit 130 acquires the payment information, it identifies a secret key from the user identification token included in the offline code included in the payment information, and generates an offline code in the same manner as the payment app 20 using the identified secret key and the current time clocked by the payment server 100. If the offline code acquired from the first store terminal device 50 matches the code generated by itself, it determines that the offline code is valid. For example, in preparation for a time discrepancy between the user terminal device 10 and the payment server 100, the payment processing unit 130 generates multiple codes within a predetermined range of the current time clocked by the payment server 100 plus or minus a predetermined time (for example, one minute), and if any of the codes matches the offline code acquired from the store terminal device, it determines that the offline authentication condition is satisfied, that is, that the payment information is valid.

When performing offline payment (when the payment information includes information obtained from the offline code image), the payment processing unit 130 sets upper limits on one or both of the number of payments and the payment amount. When performing online payment (when the payment information includes information based on the one-time code), these upper limits are not set or are lower than those for online payment. For example, as shown in FIG. 5, the payment processing unit 130 sets the following upper limits when performing offline payment:
(Maximum number of payments)
Up to n1 offline payments in the past first period T1 Up to n2 offline payments in the past second period T2 (T1<T2, n1<n2)
(Upper limit of payment amount)
・The amount of a single offline payment is limited to P1 yen. ・The total amount of offline payments in the past 24 hours is limited to P2 (P1 < P2, but each payment amount must be less than P1).
The total amount of offline payments in the past 30 days must be up to P3 (P2<P2, but each payment amount must be less than P1, and the total amount of payments in the past 24 hours must be less than P2)

For example, T1 is set to 24 hours, T2 to 30 days, P1 to 5,000 yen, P2 to 10,000 yen, and P3 to 50,000 yen. The payment processing unit 130 may determine some or all of these based on the above values as default values and the user's setting operations and payment history of the user within a range not exceeding these values. For example, the upper limit of the payment amount per transaction may be arbitrarily determined within a range from 0 yen to 5,000 yen depending on the user's setting operations. In the example of FIG. 5, for a user with an account ID of "002", the upper limit of the payment amount per transaction is set to 3,000 yen by the user's operation on the payment app 20. In addition, when determining the upper limit based on the user's payment history, the payment processing unit 130 determines the upper limit based on the frequency of electronic payments by the user in the past, the payment amount per transaction, the tendency of the category of the payment object, and the like. When performing an offline payment, if payment information exceeding the upper limit is acquired from the payment app 20, the payment processing unit 130 sends an error message to the first store terminal device 50, and after communication with the user terminal device 10 is restored, also sends an error message to the user terminal device 10.

In addition to the upper limit for offline payments, the upper limit for the charge balance and the available deferred payment amount are also taken into consideration. For example, if a user with a charge balance of 3,000 yen and an upper limit for a single payment of 5,000 yen attempts to make an offline payment of 3,500 yen, an error message indicating that the charge balance is insufficient is notified to the first store terminal device 50, and a store employee is notified by a screen display or the like.

Figure 8 is a sequence diagram illustrating the process flow performed for offline payment. First, at a timing unrelated to electronic payment, the payment application 20 sends a request to issue an offline key to the payment server 100 (S21). The payment server 100 generates an offline key (S22) and sends it to the payment application 20 (S23). The payment application 20 stores the received offline key in the memory of the user terminal device 10.

At another time, when a user launches the payment app 20 in a store where a store scan is performed, or when a payment operation is performed using the payment app 20, the payment app 20 sends a request to issue a one-time code to the payment server 100 (S31). If an event occurs n times or more where a response to the one-time code issuance request does not arrive within a predetermined time, the payment app 20 generates an offline code and displays an offline code image generated based on the offline code (S32). The user holds (presents) the display surface of the user terminal device 10 over the first store terminal device 50, and the first store terminal device 50 decodes the code image using its optical reading function and obtains an offline key, etc. (S33).

Then, the first store terminal device 50 generates payment information including the offline key, payment amount, affiliated store ID, store ID, etc., and transmits it to the payment server 100 (S33). Based on the received information, the payment server 100 identifies the user corresponding to the user identification token, and determines whether the offline authentication conditions are met as described above (S34), and proceeds with the electronic payment if the offline authentication conditions are met (S35). In this case, information notifying the first store terminal device 50 of the completion of the payment is also transmitted.

This process enables electronic payment even when communication between the payment app 20 and the payment server 100 is difficult, such as when the store where the store scan is performed is located in an area with weak radio waves, making it possible to realize electronic payment more flexibly. In addition, by proceeding with electronic payment without including user identification information such as an account ID in the offline code even in offline payments, the degree of protection of the user's personal information can be prevented from being reduced.

Furthermore, by generating an offline code image using both the time and the offline key and performing an offline payment, the probability that the payment is legitimate can be increased. If an offline code image is generated using only the offline key and an offline payment is performed, it becomes impossible to know when the offline code image was generated, which reduces the legitimacy of the payment. Furthermore, if an offline code image is generated using only the time and an offline payment is performed, anyone can generate an offline code image if the logic for generating the offline code image is exposed. By generating an offline code image using both of these, the timing of the generation of the offline code image can be known, and by including the offline key in the offline code image, it is guaranteed that it is based on information issued by the payment server 100. As a result, the probability that the payment is legitimate can be increased.

In addition, by setting the upper limit for offline payments lower than for online payments, more secure electronic payments can be achieved.

Screen control by the payment app 20 will be described below. Figure 9 is a flowchart showing an example of the processing flow related to screen control by the payment app 20. The processing of this flowchart is started in various situations where communication with the payment server 100 occurs.

First, the payment application 20 determines whether or not a notification has been received from the payment server 100 (S100). A notification is, for example, a one-time password returned in response to the one-time password issuance request described above. If a notification has been received from the payment server 100, the payment application 20 displays an online mode screen (for example, the one shown in FIG. 7) and continues normal operation (S102).

If no notification is received from the payment server 100, the payment application 20 causes the user terminal device 10 to display a standby screen IM2 indicating that it is difficult to read information from the payment server 100 (S104). FIG. 10 is a diagram showing an example of the standby screen IM2. The standby screen IM2 does not display a valid code image, and instead displays text TX1 indicating the connection status with the payment server 100 to the user.

Next, the payment application 20 determines whether the second state has been determined (S106). As described above, the condition for determining the second state is when "an event occurs n times or more in which a notification such as a response to a one-time code issuance request does not arrive within a predetermined time." If the second state has not been determined, the process returns to S100.

When the second state is determined, the payment application 20 determines whether a valid offline key (secret key and user identification token) has been acquired and stored in the memory of the user terminal device 10 (S108). A valid offline key is, for example, an offline key for which the elapsed time from the acquisition time has not exceeded the upper limit time (a time approximately equal to the offline key issuance cycle).

If a valid offline key has not been obtained, the payment application 20 causes the user terminal device 10 to display an error screen (S110). The error screen includes text explaining that an Internet connection is difficult, etc.

If a valid offline key has been obtained, the payment application 20 determines whether the counter value k is equal to or greater than the threshold value Th (S112). The counter value k is set to zero, for example, when the payment application 20 is installed in the user terminal device 10, and is incremented by one each time the approval operation determined in S116 is performed. In other words, the determination process in S112 determines whether the approval operation has been performed a predetermined number of times (= threshold value Th) or more. The threshold value Th is, for example, a value of about 1 to 3.

If the counter value k is less than the threshold value Th, the payment application 20 causes the user terminal device 10 to display the half sheet exemplified in FIG. 11 (S114). FIG. 11 is a diagram showing an example of the half sheet IM3. The half sheet IM3 is displayed in a size smaller than the screen on which the online code image such as the top screen IM1 is displayed. The half sheet IM3 is an example of an "interface screen". The half sheet IM3 displays text text TX2 explaining offline payment. The half sheet IM3 also has a first operation unit B1 for instructing a transition to a detailed explanation screen regarding payment in offline mode, and a second operation unit B2 for instructing to accept payment in offline mode. FIG. 12 is a diagram showing an example of the detailed explanation screen IMe. The detailed explanation screen IMe displays text TXe explaining offline payment. The detailed explanation screen IMe also has a first operation unit Be1 for instructing a transition to a help page regarding payment in offline mode, and a second operation unit Be2 for instructing to return to the half sheet IM3. The help page is updated by the payment server 100 from time to time, and the payment application 20 downloads the help page at any time when communication between the user terminal device 10 and the payment server 100 is normal, and stores (caches) it in the memory of the user terminal device 10. This makes it possible to provide the user with a help page that describes detailed information about payments in offline mode, even in situations where communication with the payment server 100 is difficult. Note that the help page may also be displayed in a smaller size than the screen on which the online code image is displayed, such as the top screen IM1, in the same way as the half sheet IM3.

The payment application 20 determines whether an operation has been performed on the second operation section B2 on the half sheet IM3, i.e., an operation to accept payment in offline mode (S116).

When an operation to accept payment in offline mode is performed, the payment application 20 causes the user terminal device 10 to display the offline mode screen (S118). Also, when it is determined in S112 that the counter value k is equal to or greater than the threshold value Th, the payment application 20 causes the user terminal device 10 to display the offline mode screen (S118). The offline mode screen is a screen on which an offline code image is displayed. In this way, the conditions for transitioning to the offline mode screen include, for example, a valid offline key being obtained from the payment server 100, and basically includes an operation to accept being performed, but if the operation to accept is performed a predetermined number of times or more, the operation to accept being performed is excluded.

By carrying out this process, users can be smoothly guided to offline payment using the offline code image.

The offline mode screen will be described below. The offline mode screen includes a first offline mode screen on which a first offline code image that allows offline payment using a first payment method is displayed, and a second offline mode screen on which a second offline code image that allows offline payment using a second payment method is displayed, and these screens may be switchable between each other by a user's operation. In other words, in payments in the offline mode provided by the electronic payment system, the first payment method and the second payment method may be selectively implemented. For example, similar to online payments, the first payment method is a method of making electronic payments using a charge balance, and the second payment method is a method of making electronic payments by deferred payment. Each of the first and second payment methods may be a different method, such as a payment method using a debit card function, points payment, or credit card payment.

In this case, the payment application 20 acquires a first offline key for generating a first offline code image and a second offline key for generating a second offline code image less frequently than the one-time code. Each of the first offline key and the second offline key includes the same information as the offline key described above, and further includes identification information indicating whether it is the first offline key or the second offline key. The payment application 20 generates a first offline code using the first offline key, generates a first offline code image based on the first offline code, and displays it on the user terminal device 10. The payment application 20 also generates a second offline code using the second offline key, generates a second offline code image based on the first offline code, and displays it on the user terminal device 10. The user identification tokens included in the first offline key and the second offline key may be the same or different (they are the same in FIG. 5).

13 is a diagram showing an example of the first offline mode screen IM4 on which the first offline code image is displayed, and FIG. 14 is a diagram showing an example of the second offline mode screen IM5 on which the second offline code image is displayed. The first offline mode screen IM4 displays the first code image CD#1. The first offline mode screen IM4 displays the current payment method and has a third operation section B3 for instructing a transition to the payment method selection screen IM6. The first offline mode screen IM4 also has a reload button B5. When the reload button B5 is operated, a communication request is sent to the payment server 100, and the process of the flowchart in FIG. 9 is started. On the other hand, the second offline mode screen IM5 displays the second code image CD#2. The second offline mode screen IM5 displays the current payment method and has a fourth operation section B4 for instructing a transition to the payment method selection screen IM6. The second offline mode screen IM5 also has a reload button B5.

Figure 15 is a diagram showing an example of the payment method selection screen IM6. The payment method selection screen IM6 has a sixth operation section B6 to an eighth operation section B8 that list the payment methods (payment methods) that can be selected. When the sixth operation section B6 is operated, the screen transitions to the first offline mode screen IM4, and when the seventh operation section B7 is operated, the screen transitions to the second offline mode screen IM5. The processing when the eighth operation section is selected may be determined arbitrarily.

The payment app 20 may carry over the payment method settings for online payment as the initial settings for offline payment. For example, the payment app 20 may determine whether the screen to be displayed first when it is decided to make an offline payment is the first offline mode screen IM4 or the second offline mode screen IM5, in accordance with the settings for online payment. In this case, the payment app 20 stores the payment method settings for online payment in the memory of the user terminal device 10.

If the payment information acquired in the offline payment includes information obtained from the first offline code screen, i.e., the first offline key, the payment server 100 proceeds with the electronic payment using the first payment method, and if the payment information acquired from the second offline code screen, i.e., the second offline key, the payment server 100 proceeds with the electronic payment using the second payment method.

By performing this process, it is possible to expand the range of choices available to users when making offline payments using offline code images, thereby improving convenience.

Note that the offline processing described above may also be executed in the first state. In other words, the processing described as offline processing may be executed at all times regardless of the communication state between the user terminal device 10 and the payment server 100.

The above describes the form for carrying out the present invention using an embodiment, but the present invention is not limited to such an embodiment, and various modifications and substitutions can be made without departing from the spirit of the present invention.

10 User terminal device 20 Payment application 100 Payment server 120 Payment content providing unit 130 Payment processing unit 140 Information management unit

Claims (10)

A payment server that provides an electronic payment service to a user in cooperation with an application program running on a user's terminal device,
a communication unit that communicates with a store terminal device installed in a store and receives payment information from the store terminal device, the payment information including at least a part of information read from the code image displayed by the terminal device and a payment amount;
a providing unit that provides a one-time code to the application program via the communication unit and stores the one-time code together with information capable of identifying the user in a storage unit;
A payment processing unit that performs electronic payment based on the payment information,
if the payment information includes information based on the one-time code obtained by referring to the storage unit, identifying the user using the one-time code and proceeding with the electronic payment;
a payment processing unit which, when the payment information includes an offline key that has been assigned to the user in advance and stored in the storage unit, but does not include information based on the one-time code obtained by referring to the storage unit, identifies the user by using the offline key and proceeds with the electronic payment;
Equipped with
the payment processing unit, when the payment information includes the offline key and does not include information based on the one-time code obtained by referring to the storage unit, sets an upper limit on the number of payments that can be made within a predetermined period.
Payment server. when the payment information includes the offline key and does not include information based on the one-time code obtained by referring to the storage unit, the payment processing unit sets an upper limit on the number of payments in a first period and an upper limit on the number of payments in a second period that is longer than the first period.
The payment server according to claim 1. and when the payment information includes the offline key and does not include information based on the one-time code obtained by referring to the storage unit, the payment processing unit further sets an upper limit on the payment amount in one electronic payment and an upper limit on the payment amount within a predetermined period.
The payment server according to claim 1. A payment server that provides an electronic payment service to a user in cooperation with an application program running on a user's terminal device,
a communication unit that communicates with a store terminal device installed in a store and receives payment information from the store terminal device, the payment information including at least a part of information read from the code image displayed by the terminal device and a payment amount;
a providing unit that provides a one-time code to the application program via the communication unit and stores the one-time code together with information capable of identifying the user in a storage unit;
A payment processing unit that performs electronic payment based on the payment information,
if the payment information includes information based on the one-time code obtained by referring to the storage unit, identifying the user using the one-time code and proceeding with the electronic payment;
a payment processing unit which, when the payment information includes an offline key that has been assigned to the user in advance and stored in the storage unit, but does not include information based on the one-time code obtained by referring to the storage unit, identifies the user by using the offline key and proceeds with the electronic payment;
Equipped with
the payment processing unit, when the payment information includes the offline key and does not include information based on the one-time code obtained by referring to the storage unit, sets an upper limit on the payment amount for one electronic payment and an upper limit on the payment amount within a predetermined period.
Payment server. when the payment information includes the offline key and does not include information based on the one-time code obtained by referring to the storage unit, the payment processing unit sets an upper limit on the payment amount in one electronic payment, an upper limit on the payment amount within a first period, and an upper limit on the payment amount within a second period longer than the first period.
The payment server according to claim 4. the payment processing unit determines, based on a setting operation of the user for the application program, an upper limit value to be set when the payment information includes the offline key and does not include information based on the one-time code obtained by referring to the storage unit.
The payment server according to any one of claims 1 to 5. A payment server that provides an electronic payment service to a user in cooperation with an application program running on a user's terminal device,
communicating with a store terminal device installed in a store, and receiving payment information from the store terminal device, the payment information including at least a part of the information read from the code image displayed by the terminal device and a payment amount;
providing a one-time code to the application program through communication, and storing the one-time code together with information capable of identifying the user in a storage unit;
When making an electronic payment based on the payment information,
if the payment information includes information based on the one-time code obtained by referring to the storage unit, identifying the user using the one-time code and proceeding with the electronic payment;
if the payment information includes an offline key that has been assigned to the user in advance and stored in the storage unit, and does not include information based on the one-time code obtained by referring to the storage unit, identifying the user using the offline key and proceeding with the electronic payment;
if the payment information includes the offline key and does not include information based on the one-time code obtained by referring to the storage unit, setting an upper limit on the number of payments that can be made within a predetermined period.
Payment control methods. A payment server that provides an electronic payment service to a user in cooperation with an application program running on a user's terminal device,
communicating with a store terminal device installed in a store, and receiving payment information from the store terminal device, the payment information including at least a part of the information read from the code image displayed by the terminal device and a payment amount;
providing a one-time code to the application program through communication, and storing the one-time code together with information capable of identifying the user in a storage unit;
When making an electronic payment based on the payment information,
if the payment information includes information based on the one-time code obtained by referring to the storage unit, identifying the user using the one-time code and proceeding with the electronic payment;
if the payment information includes an offline key that has been assigned to the user in advance and stored in the storage unit, and does not include information based on the one-time code obtained by referring to the storage unit, identifying the user using the offline key and proceeding with the electronic payment;
if the payment information includes the offline key and does not include information based on the one-time code obtained by referring to the storage unit, setting an upper limit on the payment amount for one electronic payment and an upper limit on the payment amount within a predetermined period.
Payment control methods. A payment server that provides an electronic payment service to a user in cooperation with an application program running on the user's terminal device,
communicating with a store terminal device installed in a store, and receiving payment information from the store terminal device, the payment information including at least a part of the information read from the code image displayed by the terminal device and a payment amount;
providing a one-time code to the application program through communication, and storing the one-time code together with information capable of identifying the user in a storage unit;
When making an electronic payment based on the payment information,
if the payment information includes information based on the one-time code obtained by referring to the storage unit, identifying the user using the one-time code and proceeding with the electronic payment;
if the payment information includes an offline key that has been assigned to the user in advance and stored in the storage unit, and does not include information based on the one-time code obtained by referring to the storage unit, identifying the user using the offline key and proceeding with the electronic payment;
if the payment information includes the offline key and does not include information based on the one-time code obtained by referring to the storage unit, setting an upper limit on the number of payments that can be made within a predetermined period.
A program to carry out processing. A payment server that provides an electronic payment service to a user in cooperation with an application program running on the user's terminal device,
communicating with a store terminal device installed in a store, and receiving payment information from the store terminal device, the payment information including at least a part of the information read from the code image displayed by the terminal device and a payment amount;
providing a one-time code to the application program through communication, and storing the one-time code together with information capable of identifying the user in a storage unit;
When making an electronic payment based on the payment information,
if the payment information includes information based on the one-time code obtained by referring to the storage unit, identifying the user using the one-time code and proceeding with the electronic payment;
if the payment information includes an offline key that has been assigned to the user in advance and stored in the storage unit, and does not include information based on the one-time code obtained by referring to the storage unit, identifying the user using the offline key and proceeding with the electronic payment;
if the payment information includes the offline key and does not include information based on the one-time code obtained by referring to the storage unit, setting an upper limit on the payment amount for one electronic payment and an upper limit on the payment amount within a predetermined period.
A program to carry out processing.

Images