Authentication system
First Claim
1. An authentication system, comprising:
- a mobile terminal, carried by a member, which comprises;
imaging means for imaging a barcode image showing member identification information presented on a member card and obtaining the member identification information from the imaged barcode image;
recording means for recording the obtained member identification information;
a terminal-side OTP generation unit that generates a barcode image of a one-time password (OTP) based on the recorded member identification information;
displaying means for displaying, on a screen of the display, both the barcode image of the member identification information imaged by the imaging means and the barcode image of the OTP generated by the terminal-side OTP generation unit,a head office server placed in an head office, and a point of sale (POS) system provided with a shop computer placed in a shop, both the POS system and the shop computer being networked such the shop computer is able to communicate with the head office server, wherein the shop computer comprises a reader which reads both the barcode image of the member identification information and the barcode image of the OTP that are displayed by the displaying means of the mobile terminal and a transmitter which transmits information of both the read barcode images to the POS system, wherein the head office server is in communication with both the mobile terminal via the network and the shop computer via the POS system; and
the head office server comprises;
a member database in which data showing correspondence between each member and member identification information corresponding to each member are stored in advance;
a receiver receiving the information of both the read barcode images via the POS system;
a server-side OTP generation unit generating an OTP based on the member identification information stored in the member database when the receiver receives the information of the barcode images by the receiver;
an authentication unit reading information of the barcode images transmitted from the shop computer through the POS system, first comparing the member identification information read at the shop computer with the member identification information stored in the member database, second comparing, within a period of validity which is previously set, the OTP generated by the server-side OTP generation unit with the OTP from the mobile terminal received from the shop computer via the POS system, and;
authenticating the member as a valid member when the compared results by the first and second comparisons show that the member identification information read at the shop computer matches the member identification information stored in the member database and the OTP generated at the server matches the OTP received from the shop computer; and
returning the compared results to the shop computer via the POS system, wherein the terminal-side OTP generation unit applies OTP generation software to the recorded member identification information to generate the OTP, the OTP generation software being used by the server-side OTP generation unit and being downloaded from the server via the network.
0 Assignments
0 Petitions
Accused Products
Abstract
An authentication system is provided that authenticates a member using the member'"'"'s mobile terminal. The authentication system includes a mobile terminal, a shop computer, and a head office server. The head office server includes an authentication unit. The authentication unit compares member identification information read by the shop computer with member identification information stored in a member database. Additionally, the authentication unit compares a one-time password (OTP) password with the OTP of the mobile terminal generated by the server-side OTP generation unit and received from the shop computer. The authentication unit authenticates a member based on the results of the comparison. That is, the authentication unit authenticates a member as a valid member if the former member identification information and OTP match the latter member identification information and OTP.
-
Citations
5 Claims
-
1. An authentication system, comprising:
-
a mobile terminal, carried by a member, which comprises; imaging means for imaging a barcode image showing member identification information presented on a member card and obtaining the member identification information from the imaged barcode image; recording means for recording the obtained member identification information; a terminal-side OTP generation unit that generates a barcode image of a one-time password (OTP) based on the recorded member identification information; displaying means for displaying, on a screen of the display, both the barcode image of the member identification information imaged by the imaging means and the barcode image of the OTP generated by the terminal-side OTP generation unit, a head office server placed in an head office, and a point of sale (POS) system provided with a shop computer placed in a shop, both the POS system and the shop computer being networked such the shop computer is able to communicate with the head office server, wherein the shop computer comprises a reader which reads both the barcode image of the member identification information and the barcode image of the OTP that are displayed by the displaying means of the mobile terminal and a transmitter which transmits information of both the read barcode images to the POS system, wherein the head office server is in communication with both the mobile terminal via the network and the shop computer via the POS system; and the head office server comprises; a member database in which data showing correspondence between each member and member identification information corresponding to each member are stored in advance; a receiver receiving the information of both the read barcode images via the POS system; a server-side OTP generation unit generating an OTP based on the member identification information stored in the member database when the receiver receives the information of the barcode images by the receiver; an authentication unit reading information of the barcode images transmitted from the shop computer through the POS system, first comparing the member identification information read at the shop computer with the member identification information stored in the member database, second comparing, within a period of validity which is previously set, the OTP generated by the server-side OTP generation unit with the OTP from the mobile terminal received from the shop computer via the POS system, and; authenticating the member as a valid member when the compared results by the first and second comparisons show that the member identification information read at the shop computer matches the member identification information stored in the member database and the OTP generated at the server matches the OTP received from the shop computer; and returning the compared results to the shop computer via the POS system, wherein the terminal-side OTP generation unit applies OTP generation software to the recorded member identification information to generate the OTP, the OTP generation software being used by the server-side OTP generation unit and being downloaded from the server via the network. - View Dependent Claims (2, 3, 4)
-
-
5. An authentication method of authenticating a member in a network system comprising:
-
a mobile terminal carried by the member and comprising; imaging means for imaging a barcode image showing member identification information presented on a member card and obtaining the member identification information from the imaged barcode image, recording means for recording the obtained member identification information, a terminal-side OTP generation unit that generates a barcode image of an one-time password (OTP) based on the recorded member identification information, a display, and displaying means for displaying, on a screen of the display, both the barcode image of the member identification information imaged by the imaging means and the barcode image of the OTP generated by the terminal-side OTP generation unit; a head office server placed in an head office; and a Point of Sale (POS) system provided with a shop computer placed in a shop, both the POS system and the shop computer being networked such the shop computer is able to communicate with the head office server, wherein the ship computer comprises a reader which reads both the barcode image of the member identification information and the barcode image of the OTP that are displayed by the displaying means of the mobile terminal and a transmitter which transmits information of both the read barcode images to the POS system, wherein the head office server is in communication with both the mobile terminal via the network and the shop computer via the POS system, and the head office server comprises; a member database in which data showing correspondence between each member and member identification information corresponding to each member are stored in advance; a receiver receiving the information of both the read barcode images via the POS system; a server-side OTP generation unit generating an OTP based on the member identification information stored in the member database when the receiver receives the information of the barcode images by the receiver; and an authentication unit reading information of the barcode images transmitted from the shop computer through the POS system, the method comprising steps of; enabling the mobile terminal to download OTP generation software from the server via the network, the downloaded OTP generation software being stored in the terminal-side OTP generation unit, enabling the terminal-side OTP generation unit to apply the OTP generation software to the recorded member identification information to generate the OTP, first comparing the member identification information read at the shop computer with the member identification information stored in the member database, second comparing, within a period of validity which is previously set, the OTP generated by the server-side OTP generation unit with the OTP from the mobile terminal received from the shop computer via the POS system; and authenticating the member as a valid member when the compared results by the first and second comparisons show that the member identification information read at the shop computer matches the member identification information stored in the member database and the OTP generated at the server matches the OTP received from the shop computer; and returning the compared results to the shop computer via the POS system.
-
Specification