1. Field of the Invention
The present invention relates to a portable settlement terminal device used to perform a procedure of a settlement process in transaction.
2. Description of the Related Art
In credit transaction of goods or services using a credit card, security of the transaction is ensured by confirming (identity verification) whether or not a person who conducts the transaction and a possessor of the credit card used for the transaction are the same person. The identity verification is performed by writing a signature by a customer on a transaction slip which is output at the time of a transaction process of the transaction and on which the transaction content is printed, and comparing this signature with a signature described on the credit card by a clerk through a visual check.
In recent years, a terminal device capable of inputting and displaying such a signature is implemented using a smart phone or a tablet terminal. Many smart phones or tablet terminals can be used as settlement terminal devices by being distributed as devices for consumers and being supplied at low prices. That is, the settlement terminal devices can be supplied at low prices as long as many information terminals distributed for consumers such as smart phones or tablet terminals can be used as the settlement terminal devices. Since development platforms of applications (software) used for other tasks other than a settlement process can be generalized, it is easy to reuse or apply development resources thereof.
However, the information terminals designed so as to be used as devices for consumers do not have “tamper resistance” required to safely perform the transaction by protecting information regarding a customer. The “tamper resistance” refers to resistance to attack that tries to steal information from the information terminal. In order to secure the tamper resistance as a countermeasure of the attack that tries to steal information from the information terminal, a mobile device in which a portion (that is, a “secure portion” which is a portion having the tamper resistance required as the settlement terminal device) related to authentication information of a card used for the settlement process is separated from a general portion has been suggested (for example, see U.S. Patent Unexamined Publication No. 2010/0145854).
A mobile information registration device that is detachably attached to a hand-held input/output unit has been suggested (for example, see International Publication No. 2004/017613).
However, in the aforementioned information processing device of the related art, security of the secure portion is ensured, but security of a non-secure portion is generally insufficient. For this reason, when an illegal application is installed in the non-secure portion, there is a possibility that a regular input region for inputting authentication information (for example, personal identification number (PIN) or signature) for identity verification will be illegally hidden. Further, there is a possibility that another illegal input region will be displayed due to the illegal application. For the circumstance described above, there is a possibility that a user mistakes the illegal input region as the regular region and inputs authentication information in the illegal input region, and thus, the authentication information will be stolen (phished).
Even when the information processing device includes the secure portion and the non-secure portion (general processing portion), the information processing device needs to have robustness (for example, falling impact resistance). In the technology described in International Publication No. 2004/017613, a hollow outer plate to which the mobile information registration device is detachably attached is provided in the input/output unit, but the input/output unit does not need to secure the “tamper resistance”.