Credit cards, debit cards, and smart cards, which are forms of the so-called “electronic money”, are attracting attention because they eliminate the necessity of carrying or making change, and make payment of a small amount of money easy and fast. Furthermore, it is expected that usage of electronic money will be realized in the future in convenience stores, shops at railway stations, public transport, vending machines, and so on.
Among the forms of electronic money, there is also the so-called prepaid electronic money card, which includes a disposable type and a re-loadable type. Each disposable type prepaid electronic money card, the same as the usual prepaid cards, is equivalent to a specified amount of money, and can be purchased from banks or other financial institutions. On the other hand, the re-loadable type prepaid electronic money cards do not have any money deposited when they are purchased; when it is desired to use the card, an amount of money may be loaded into such a card with an exclusive reload terminal or an ATM (Automated Teller Machine). Furthermore, the card may be reloaded many times.
It is technically possible to include in a single card the above functions of a credit card, a cash card, a debit card, and a re-loadable prepaid card.
Recently and continuing, the settlement methods related to the credit card, debit card, smart card, and others are frequently used. Especially, the settlement method involving the credit card has been well established, in which a payment is made on the basis of a specific card number and a specific signature for a credit card. However, problems have occurred recently in that money is withdrawn even without signatures, implying that problems exist in the security of the user authentication system.
As for debit cards, if a user inputs a specified number of the debit card and a password dedicated to the card, it is possible for the user to make payment from his bank account immediately. However, in the user authentication system related to debit cards, only a card number recorded in the debit card (a magnetic card) and the password remembered by the user are used for user authentication, and therefore the security level of the debit card user authentication system is not sufficiently high. For this reason, in order for the user to monitor illegal settlements, he has to keep all receipts of previous transactions, and each time he withdraws money from his bank account, he has to compare the new receipts with the old ones to make sure there have not been illegal settlements.
In case of the smart card, there are two kinds of methods of using it. In one method, user authentication is not performed at all, and in the other method, it is required to input a PIN code to perform user authentication. Because the smart card is furnished with functions of user authentication, encoded communication, and digital signature, it has a relatively high security level. The basic technique employed in the smart card is similar to that employed in the USIM (Universal Subscriber Identity Module), which is connected to the recently established public mobile communication network. The USIM is a card having an electronic interface, whose shape is designated to be the same as the UICC (UMTS Integrated Circuit Card), and in compliance with ISO 7816-1 and ISO 7816-2. The integrated circuit of a smart card includes a ROM (Read-Only Memory), RAM (Random Access Memory), EEPROM (Electrically Erasable and Programmable ROM), a CPU (Central Processing Unit), and a security logic circuit, and stores an ID number, an authentication key, an encryption key, and other information. When user authentication is performed by inputting the PIN code, however, because the authentication system uses the PIN code only, just as with the debit card mentioned above, the user has to monitor illegal settlements by himself. Therefore, in order to make payment with smart cards, it is required to further improve their security level, and ease of use as well.
Summarizing the problems of the electronic money settlement methods of the related art described above, a user of an electronic money card of the related art cannot determine, in near-real time and from his mobile terminal at any desired time and any desired place, whether his payment is made safely for the goods he ordered or the service he requested. In addition, even if the user's personal data are misused, it is difficult to determine the misuse. On the other hand, in the related art, it is difficult to safely perform user authentication in a short time interval at shops, and thus it is difficult to safely charge at shops in a short time interval.