1. Field of the Present Invention
The present invention relates to techniques for creating, issuing, and using tickets and cards electronically.
2. Description of the Related Art
Tickets come in diverse kinds: boarding pass, transit pass, admission tickets, reserved seat tickets, reservation tickets, coupon tickets, commuter passes, gift voucher, prepaid cards, point-accumulating cards, membership cards, transit passes, permits, and others. They are generically called tickets and proves that those who possess them (called users hereunder) are entitled to specific rights represented by each ticket. Tickets are generally issued either by those wishing to grant definite rights to users for a consideration or by their agents (called the issuing party hereunder). The users acquire and manage the tickets thus issued. Conventionally, tickets are implemented in physical form by printing and/or embossing markings on paper or plastic.
Physically implemented tickets are called paper tickets hereunder. In recent years, efforts have been made to implement electronic tickets that allow the issuing party to check the rights granted to ticket users and to verify tickets. Electronic information is easy to create and transmit over communication lines. But it is also easy to make perfect copies of such information. Thus to implement electronic tickets requires taking measures against forgery and unauthorized duplication. Forgery may be prevented by resorting to digital signatures, but they are not sufficient to forestall copying. How to prevent unauthorized duplication is, therefore, the biggest challenge facing the implementation of electronic tickets.
Conventionally, three kinds of techniques have been used to implement electronic tickets. The first technique is one which verifies whether a user bearing a ticket is the legitimate holder of the ticket when the ticket is about to be used. The second technique involves depriving anyone other than the issuing party of any chance of copying tickets. The third technique, a variation of the second technique, is to let communications be made public at the time of verification.
Each of these conventional techniques will be described below.
The first conventional technique involves checking to see whether a ticket holder is the legitimate user of the ticket when the ticket is on the point of being used. According to this technique, each issued ticket is given information for matching its specific rights with information necessary for verifying the identity of its user (i.e., user identification information). The matching information is recorded and managed by the user. The issuing party puts a digital signature on each ticket so that no other party can forge the ticket. Any ticket not bearing the electronic signature is considered a forged ticket.
In order to prevent the use of illegally duplicated tickets, the user needs to prove that he or she is a legitimate ticket holder complying with the user identification information borne by the ticket in question at the time of ticket use. When the user identification information is complied with, the rights specified by the ticket are allowed to be exercised; without the compliance, the use of the ticket is rejected. The user identification information may comprise illustratively the user""s identity, his/her physical features such as a face photo, and possession of a specific knowledge such as a password. The user""s identity may be proved by the user submitting his/her identification card or the like. Similarly, a face photo showing physical features of the user may be presented for user identification. Where passwords are utilized for identification, each user is asked to input the assigned password.
The second conventional technique involves depriving any other entity than the issuing party of any chance for making unauthorized copies of tickets. Because this technique has no need for user identification information, tickets may be issued and used while their users may remain anonymous. However, if a ticket is copied illegitimately, there is no means to prevent unauthorized use of the copied ticket. This requires forestalling duplication of tickets. It requires two schemes described below: a first scheme involves suitably preventing user-held tickets from getting copied, and a second scheme entails halting any leak of ticket data at the time of ticket issuance or during communication for ticket verification. The first scheme is implemented by having each user furnished with a device to which a ticket is recorded, the device being so designed that its contents may be modified only by the issuing party. The second scheme is realized by taking necessary communication measures against wiretapping.
An example of the second conventional technique is disclosed illustratively in Japanese Published Unexamined Patent Application No. Hei 8-147500. The disclosed method implements an electronic ticket system using a ticket storage device carried by each user. A ticket bearing an electronic signature is confined by the issuing party to each device. The electronic signature makes forgery difficult. Attempts to make an unauthorized copy of the ticket are countered by resorting to special instructions for retrieving the ticket from each ticket storage device. With the disclosed method in use, different issuing parties utilize different signature keys. This makes it possible for a single storage device to accommodate a plurality of tickets issued by a plurality of issuing parties. Because no information is needed about user identity, the legitimacy of tickets is proved by simply verifying the signature on each ticket.
The third conventional technique, a modified version of the second technique, is intended to let communications be made public at the time of ticket verification.
The third technique is functionally the same as the second technique in that each ticket is recorded as secret information to a device (proving device) carried by a user. The difference lies in how verification is carried out. A ticket verification device sends an unreproducible value such as a random number (called a challenge) to the proving device. The proving device performs on the challenge an arithmetic operation utilizing the secret information constituting the ticket, and sends the obtained value (called a response) back to the verification device. The verification device ascertains the legitimacy of the user by checking the response acquired by use of the secret information and challenge. It is difficult to complete within a reasonable time frame as the huge amount of calculations for acquiring the secret information from the challenge and the response. That difficulty makes it unnecessary to conceal communications between the verification device and the proving device.
A method functionally similar to the third conventional technique is disclosed in Japanese Published Examined Patent Application No. Hei 6-52518, although the purpose of the method is limited to the verification of controls for access to secured facilities. The disclosed method supplements the third technique with a feature relieving the verifier of the need to manage the secret information destined for each user and contained in his/her proving device. Specifically, the user carries a portable device equivalent to the proving device of the third conventional technique. During communication for verification, verification facility (i.e., verification device) receives an identification number from the user or from his/her portable device and calculates, based on the received number, secret information called a secret code unique to the portable device in question. The secret code thus acquired is used to carry out challenge-response protocols for user verification. This eliminates the need for the verification device to hold and manage secret information.
If electronic tickets are to take over the role currently assumed by paper tickets, it is necessary but not sufficient for the issuing party to verify the rights granted by each ticket to users and to ascertain that the ticket in question is authentic. In case of a dispute between the issuing party and a user, mediation by a third party is necessary. This requires that the traditional function of paper tickets for proving their rights be incorporated in electronic tickets as well.
It follows that electronic tickets must have three mandatory functions. A first function involves preventing unscrupulous persons from making unauthorized use of tickets. A second function entails allowing users to check the legitimacy of the tickets they possess. A third function is one which proves to a third party the rights conferred to a given ticket when necessary. The third function in fact includes the second function, so that the indispensable functions of electronic tickets are implemented if the first and third functions above are realized. An additional fourth function may also be required to ensure anonymity of ticket users.
The conventional techniques have a number of disadvantages. First of all, the first conventional technique can lose some of its functions depending on the user identification information utilized.
Where identification cards or similar means attesting to users"" identity are used as user identification information, the identity of each user is revealed at the time of ticket issuance and verification. Where physical features of users represented illustratively by face photos are used as user identification information, anonymity is lost although a given user""s identity is not immediately known. In any case, the loss of anonymity is inevitable and there is no way of implementing anonymously available tickets (i.e., fourth function is not realized).
In a remote environment where communication lines are used for identity verification, there is no secure means for proving the user""s identity. Such an environment hampers the first function above from getting implemented.
Where passwords are used within the framework of the first conventional technique, the problem of keeping anonymity is alleviated but users are burdened with the need to memorize their passwords. Obviously, no user is prevented from voluntarily divulging his or her password. This adds to the possibility of tickets being used illegitimately. Thus the first function required for tickets is not achieved.
According to the second conventional technique, each ticket held by the user is protected against duplication, and communications effected by the issuing party at the time of verifying the legitimacy of tickets are kept confidential. Such features pose two problems. One problem is that no other entity than the issuing party can copy tickets, which makes it difficult to prove the legitimacy of any ticket to a third party. That means the third function above is not implemented. Another problem is that the confidentiality of communications at the time of ticket issuance or verification makes it impossible to prove that privacy and other rights of the user are not violated upon ticket issuance or verification.
The method disclosed in Japanese Published Unexamined Patent Application No. Hei 8-147500 is an example of the second conventional technique and is thus subject to the above disadvantages.
The third conventional technique is utilized for verification and is not intended to transmit information other than which proves the legitimacy of the ticket held by a given user. With the period of such legitimacy and other information not included, this technique can only be used to represent unsophisticated tickets. Furthermore, it is necessary to transmit tickets to the proving device in the same confidential manner as with the second conventional technique. This makes it impossible to prove that a given user""s rights are not violated by unauthorized disclosure of his or her information.
The method disclosed in Japanese Published Examined Patent Application No. Hei 6-52518 is an example of the third conventional technique and is thus subject to the above disadvantages.
As described, the conventional techniques are flawed in that they attempt to implement the first function required of tickets (i.e., prevention of unauthorized ticket use) at the expense of the second and third functions (proving of ticket contents to a third party) or the fourth function (guaranty of users"" anonymity).
It is therefore an object of the present invention to provide an electronic ticket system for creating, issuing and using tickets, the system being arranged so that it will make forging or copying of tickets virtually impossible (first function); that it can prove the contents of tickets to a third party (second and third functions); and that it will ensure users"" anonymity at the time of ticket use (fourth function).
In carrying out the present invention and according to one aspect thereof, there is provided an electronic ticket system comprising a ticket issuing device, a ticket proving device and a ticket verification device. The ticket issuing device includes: means for holding ticket characteristic information, means for holding information unique to the ticket proving device, and means for performing ticket calculations based on the ticket characteristic information and on the information unique to the ticket proving device. The ticket proving device comprises: ticket hold means, ticket retrieval means, unique identifying information hold means, internal state hold means, proving procedure execution means, and means for communicating with the ticket verification device. The ticket verification device has verifying procedure execution means and means for communicating with the ticket proving device.
The ticket issuing device issues a ticket based on the ticket characteristic information and on the information unique to the ticket proving device. The ticket proving device holds the ticket issued by the ticket issuing device. The communication means connects the ticket verification device with the ticket proving devices. Executing the proving procedure corresponding to the ticket held by the ticket proving device initiates interaction between the verification and proving devices. When the proving procedure is successfully completed, the ticket in question is allowed to be used. At the time of execution, the proving procedure execution means causes the ticket retrieval means to retrieve a ticket corresponding to a ticket identifier transmitted from the ticket verification device. If the corresponding ticket is found, that ticket is used to execute the proving procedure. In executing the proving procedure, two kinds of information may be utilized: unique identifying information held by the unique identifying information hold means, and internal state information held by the internal state hold means. Where a ticket is to be used, the proving device proves the validity of the ticket on the basis of the matching characteristic information, and updates and/or transmits the information corresponding to the ticket in question. The verification device is connected to the proving device through the communication means for communication therebetween. With the verifying procedure executed, the two devices communicate with each other to verify that the proving device holds a valid ticket. In verifying tickets, the verification device checks the validity of each ticket in accordance with the characteristic information. The verification device also gives instructions to update and/or acquire information corresponding to the ticket held by the proving device.