The present invention relates to a charge system having a function to charge a user when the purchase of the commodity is offered or down-loading is performed through a network and, more particularly, to a network charge method and system having an object to prevent the charge content from being tapped, altered and forged when the charge information is to be sent/received over the network.
As the charge system having the function to charge a user when the purchase of the commodity is offered or down-loading is performed through the network, there is the following system in the prior art.
1) The card number of a credit card, which the user has already registered as a member, is sent from the user to the commodity supplier through the network so that the supplier executes the charge by using the card number. PA0 2) The public key cryptosystem is utilized for encrypting the credit card number and making an electronic sign for the charge. PA0 1) to prevent a user from being illegally charged by a third party by tapping the content of the communications between the user and the commodity supplier; PA0 2) to prevent the supplier from accessing the sum of the past charges on the user; PA0 3) to prevent the supplier from illegally forging (or increasing) the sum of the prices to be charged on the user; PA0 4) to prevent the user from illegally forging (or decreasing) the charged sum; and PA0 5) to make it easy to store the data corresponding to the secret key of the user.
In the system 1), however, when the card number of the credit card is to be sent, a third party might copy it for an illegal use, and the commodity supplier could forge (or illegal increase) the price.
These problems can be solved by encrypting the credit card number or making the electronic sign for the charge to prevent the card number or the price from being tapped or altered.
In the electronic sign system, however, the public key cryptosystem has to be used by all the users and the commodity suppliers, and elaborate designs have to be made for a method of distributing the public key data at the time of updating the keys of the users or a method for preventing the public key data of the users from being altered.
These designs are exemplified by the electronic signing of the public key data of the users, by using the key of a reliable organization. However, the information to be processed or exchanged as a whole is so complex that the actual running is frequently troubled.
Moreover, the secret keys of the users always have to be retained so that severe care has to be taken of the storage of the secret keys.