JP5505131B2 - IC card reading system and operation management system - Google Patents

Description

  The present invention relates to an IC card reading system and an operation management system.

  Currently, IC cards in which personal information is recorded on an IC chip are provided for public cards such as licenses and Basic Resident Register cards. Such public cards in IC cards are widely used because they are excellent for preventing counterfeiting and are useful as identification cards. However, operations that require the input of a personal identification number in consideration of security and privacy protection. Has been made.

  For example, in an IC license configured as an IC card, internal information is protected by a four-digit password called a PIN code. Specifically, two types of PIN numbers, the first PIN information and the second PIN information, are used as the personal identification number. The information in the IC chip can be decrypted when the first PIN information is input, and the first PIN information. When both the PIN information and the second PIN information are input, the information is distinguished from the information that can be decrypted and protected.

JP 2002-236805 A JP 2008-140023 A

  By the way, in the above IC license etc., since an input work is required every time an IC card (IC license etc.) is put in an IC card reader, the troublesome input work cannot be avoided. Also, there is a problem that the time until the reading is completed becomes longer due to the input work. In addition, there is a concern that when a password (such as PIN information) is entered, a password is stolen by a third party.

  On the other hand, when authenticating an IC card, for example, a technique as disclosed in Patent Document 1 is provided as a technique capable of easily inputting a personal identification number and suppressing information leakage. In the technology of this Patent Document 1, since an input process is performed using a bar code at the time of authentication of an IC card, adverse effects caused by manual input (problems such as annoyance of input work and snooping of a personal identification number) Can be solved to some extent.

  However, since the barcode used for inputting the personal identification number in the technique of Patent Document 1 is widely readable, the personal identification code can be read when the barcode is read by a third party by some method. Number may leak. In addition, since a widely used barcode is used as an information input medium, information is input by an incorrect barcode (for example, an unrelated barcode attached to the user's other belongings). There is a problem that adverse effects due to erroneous input (for example, delay of input processing, read restriction when failed multiple times, etc.) are likely to occur.

  The present invention has been made in order to solve the above-described problems, and can easily and quickly input a password while suppressing information leakage more reliably when authenticating an IC card. Furthermore, it aims at providing the system which can prevent an erroneous input effectively.

  The invention according to claim 1 is an information recording medium in which predetermined encrypted information is recorded, an IC card in which encrypted personal identification information is recorded, the information recording medium, and a reading means capable of reading the IC card An IC card reading system comprising: a decryption key storage means capable of storing a decryption key corresponding to encryption of the encrypted information; and the information recording medium and the IC card read An information acquisition means for acquiring the encrypted information by reading the information recording medium and acquiring the personal identification information by reading the IC card when arranged at a possible position; and the information acquisition means The encrypted information acquired by the decryption key storage means based on the decryption key stored in the decryption key storage means, and the encrypted information decryption means If the serial encrypted information is decrypted, based on the obtained decrypted data, and the personal identification information decoding means for decoding the personal identification information encrypted, comprising the.

  According to a second aspect of the present invention, in the IC card reading system according to the first aspect, the information acquisition unit is configured to acquire the encrypted information prior to the acquisition of the personal identification information. When the encrypted information is decrypted by the information decrypting means, the personal identification information acquisition process is started.

  According to a third aspect of the present invention, in the IC card reading system according to the second aspect, the information acquisition means stops reading the IC card when a predetermined cipher is not acquired by the encrypted information decryption means. It is characterized by having a canceling means.

  According to a fourth aspect of the present invention, in the IC card reading system according to any one of the first to third aspects, the information recording medium records public information that can be decrypted without using the decryption key. The information acquisition means comprises a wireless communication means for performing wireless communication with the IC card, and the partially private information. The information acquisition means comprises a private area having a public area and a private area in which the encrypted information is recorded. Imaging means for imaging a code, wherein the encrypted information decoding means decodes the public area based on a code image of the partially private code imaged by the imaging means, and the decryption key It is characterized by comprising decoding means for decoding the private area based on the decryption key recorded in the storage means.

  According to a fifth aspect of the present invention, in the IC card reading system according to any one of the first to third aspects, the information recording medium is an authentication IC card having a memory for recording the encrypted information. The information acquisition means comprises wireless communication means for performing wireless communication with the IC card and the authentication IC card, and the wireless communication means captures the authentication IC card prior to capturing the IC card. Thereafter, the IC card is captured on the condition that the encrypted information is decrypted by the encrypted information decrypting means.

  According to a sixth aspect of the present invention, in the IC card reading system according to any one of the first to fifth aspects, the encryption information is generated by encrypting a password based on a predetermined public key. Generation means is provided, and the reading means includes a secret key storage means for storing a secret key corresponding to the public key, and the personal identification information decryption means is configured to use the encrypted information decryption means by the encrypted information decryption means. Is decrypted based on the secret key to obtain the personal identification number and decrypt the encrypted personal identification information based on the personal identification number. It is characterized by.

The invention of claim 7 is an operation management system including the IC card reading system according to any one of claims 1 to 6, wherein the IC card has at least an address, a name as the personal identification information. Whether or not the driver's license satisfies a predetermined operating condition based on the personal identification information decoded by the personal identification information decoding means, and configured as a driver's license including a license number And determining means for determining whether or not the driver's license does not satisfy the driving conditions by the determining means.

  The invention according to claim 8 is the operation management system according to claim 7, wherein the driver's license includes at least one of license type information and update time information as the personal identification information, Based on whether or not the license type recorded in the driver's license satisfies a predetermined type condition or whether the update time recorded in the driver's license satisfies a predetermined time condition And determining whether or not the driver's license satisfies the operation conditions.

The invention of claim 1 is an information recording medium on which predetermined encrypted information is recorded, an IC card on which encrypted personal identification information is recorded, an information recording medium and a reading means capable of reading the IC card, In the IC card reading system provided with the above, when the reading means is disposed at a position where the information recording medium and the IC card can be read, the decoding key storage means capable of storing the decoding key corresponding to the encryption of the encrypted information In addition, the information acquisition means for acquiring the encrypted information by reading the information recording medium and the personal identification information by reading the IC card, and the decryption key storage means for the encrypted information acquired by the information acquisition means Encrypted information decrypting means for decrypting based on the decryption key stored in the memory, and when the encrypted information is decrypted by the encrypted information decrypting means, based on the obtained decrypted data. Te, is provided with the personal identification information decoding means for decoding the personal identification information is encrypted.
In this way, the encrypted personal identification information recorded on the IC card and the encrypted information necessary for decrypting the personal identification information can be acquired by the reading means at the same time, and the input of the personal identification number is possible. The burden of processing and the like can be reduced, and a legitimate person can easily and quickly input a personal identification number, and erroneous input can be effectively reduced.
The personal identification number required for decrypting the personal identification information recorded on the IC card is recorded on the information recording medium in an encrypted state, and can be decrypted unless it is a reading means storing a decryption key. Since this is not possible, the leakage of the password can be prevented more reliably.

  The invention of claim 2 is such that the information acquisition means acquires encrypted information recorded on the information recording medium prior to acquisition of the personal identification information recorded on the IC card, and the encrypted information decryption means. When the encrypted information is decrypted by this, acquisition processing of personal identification information is started. By doing so, the process of acquiring personal identification information is not performed when the encrypted information is not decrypted, and the wasteful process of acquiring the personal identification information in a state where the correct password cannot be input is effectively prevented. can do.

  According to a third aspect of the present invention, there is provided stop means for stopping reading of the IC card when a predetermined cipher is not acquired by the encrypted information decrypting means. According to this configuration, it is possible to prevent erroneous input from being repeated, and to suppress problems caused by repeated erroneous input.

According to a fourth aspect of the invention, the information recording medium includes a partially private code having a public area in which public information that can be decrypted without using a decryption key is recorded and a private area in which encrypted information is recorded. Therefore, the information acquisition means includes a wireless communication means for performing wireless communication with the IC card and an imaging means for imaging a part of the private code, and the encrypted information decryption means is a part of the image captured by the imaging means. Decoding means for decoding the public area based on the code image of the private code and decoding the private area based on the decryption key recorded in the decryption key storage means is provided.
In this way, it is easy to configure the information recording medium at a lower cost and more compactly while enabling the input process of a security code with little information leakage and high security.

According to a fifth aspect of the present invention, the information recording medium comprises an authentication IC card provided with a memory for recording encrypted information, and the information acquisition means includes a wireless communication means for performing wireless communication with the IC card and the authentication IC card. It is configured. The wireless communication means performs the authentication IC card capture process prior to the IC card capture, and then performs the IC card capture process on condition that the encrypted information is decrypted by the encrypted information decryption means. ing.
In this way, a personal identification number for decrypting the personal identification information recorded on the IC card can be input using another IC card, and the hardware configuration for obtaining the personal identification information, the personal identification number, The hardware configuration for obtaining the number can also be used. In addition, since the IC card on which the personal identification information is recorded is captured after the authentication IC card is captured and the encrypted information is decrypted, the personal identification information cannot be acquired in a state where the personal identification number cannot be acquired. Can be effectively prevented.

The invention according to claim 6 is provided with a generating means for generating encrypted information by encrypting a personal identification number based on a predetermined public key, and the reading means stores a secret key corresponding to the public key. A storage means is provided. The personal identification information decryption means obtains the personal identification number by decrypting the decrypted data obtained based on the secret key when the encrypted information is decrypted by the encrypted information decryption means, and the personal identification number Based on the above, the encrypted personal identification information is decrypted.
According to this configuration, the code number for decrypting the personal identification information can be double-encrypted, and the security of the code number can be further enhanced.

  In the invention of claim 7, the IC card is configured as a driver's license including at least an address, a name, and a license number as personal identification information. Further, based on the personal identification information decrypted by the personal identification information decrypting means, a judgment means for judging whether or not the driving license satisfies a predetermined operation condition, and a driving license is obtained by the judging means. An informing means for performing a predetermined informing process when it is determined that the operation condition is not satisfied is provided. According to this configuration, it can be easily confirmed whether or not the driver's license satisfies the prescribed operation conditions, which is extremely advantageous in appropriately performing the operation management. In addition, leakage of personal identification information recorded in the driver's license can be prevented, and the burden of PIN input when reading the personal identification information can be reduced and erroneous input can be reduced.

  In the invention of claim 8, the driver's license includes at least one of the license type information and the renewal time information as the personal identification information, and the judgment means records the license type recorded in the driver's license. It is judged whether the driver's license satisfies the operating condition based on whether the predetermined type condition is satisfied, or whether the renewal time recorded in the driver's license satisfies the predetermined time condition. . According to this configuration, it is possible to quickly and surely determine whether the driver's license satisfies a predetermined type condition or whether the renewal time of the driver's license satisfies a predetermined time condition. It is possible to appropriately notify that the certification condition is not satisfied, and to further enhance the effect of suppressing erroneous operation in a state where the prescribed license condition is not satisfied.

FIG. 1 is an explanatory diagram schematically illustrating an IC card reading system according to a first embodiment of the present invention. FIG. 2 is a block diagram illustrating an electrical configuration of a reading device used in the IC card reading system of the first embodiment. 3A is a block diagram schematically illustrating an electrical configuration of a wireless reader unit or the like that forms part of the reading device of FIG. 3, and FIG. 3B is an electrical diagram of the information code reading unit. It is a block diagram which illustrates composition. FIG. 4 is a block diagram illustrating an electrical configuration of an IC card used in the IC card reading system of the first embodiment. FIG. 5 is an external view illustrating the external appearance of an IC card and an IC card case used in the IC card reading system of the first embodiment. FIG. 6 is an explanatory diagram for conceptually explaining a partially private code used in the IC card reading system of the first embodiment. FIG. 7A is an explanatory diagram illustrating the data configuration of the partially private code of FIG. 6, and FIG. 7B illustrates the public data recorded in the public area of the partially private code. FIG. 7C is an explanatory diagram illustrating cipher data recorded in the private area of the partially private code. FIG. 8 is a flowchart illustrating the flow of a partially private code generation process performed in the IC card reading system according to the first embodiment. FIG. 9 is a flowchart illustrating a license reading process performed in the IC card reading system according to the first embodiment. FIG. 10A is an explanatory diagram for conceptually explaining history data when operation management is performed using the IC card reading system according to the first embodiment. FIG. 10B is an explanatory diagram conceptually illustrating attendance data when attendance management is performed using the IC card reading system according to the first embodiment, and FIG. 10C performs attendance management. It is explanatory drawing which illustrates conceptually the leaving data in a case. FIG. 11 is a block diagram conceptually illustrating the hardware configuration of the authentication IC card used in the IC card reading system of the second embodiment. FIG. 12 is a flowchart illustrating a license reading process performed in the IC card reading system according to the second embodiment.

[First embodiment]
Hereinafter, a first embodiment of an IC card reading system according to the present invention will be described with reference to the drawings.
(Overall configuration of IC card reading system)
First, the hardware configuration of the IC card reading system 1 according to the first embodiment will be described with reference to FIGS. FIG. 1 is an explanatory diagram schematically illustrating an IC card reading system according to a first embodiment of the present invention. FIG. 2 is a block diagram illustrating an electrical configuration of a reading device used in the IC card reading system of the first embodiment. 3A is a block diagram schematically illustrating an electrical configuration of a wireless reader unit or the like that forms part of the reading device of FIG. 2, and FIG. 3B is an electrical diagram of the information code reading unit. It is a block diagram which illustrates composition. FIG. 4 is a block diagram illustrating an electrical configuration of an IC card used in the IC card reading system of the first embodiment. FIG. 5 is an external view illustrating the external appearance of an IC card and an IC card case used in the IC card reading system of the first embodiment. 1, FIG. 5, and FIG. 6, the specific cell structure of the partially private code C is omitted, but the partially private code C is, for example, similar to a QR code and the like as a light cell. The dark cells are arranged in a matrix.

  As shown in FIG. 1, an IC card reading system (hereinafter also simply referred to as a reading system) 1 according to the first embodiment mainly includes a reading device 2, a management device 3, a partially private code C, and a partially non-public code. A holding body for holding the public code C (IC card case 4 in the example of FIG. 1) and an IC card 5 are provided, and a partially private code C or IC card attached to the IC card case 4 by the reader 2 is provided. 5 can be read.

  The reading device 2 is configured as, for example, a stationary or portable terminal device, and functions as an information code reader that reads an information code such as a barcode or a two-dimensional code, and an IC card reader that reads an IC card. It has a configuration that can be read in two ways.

  As shown in FIG. 2, the reading device 2 includes a control unit 10 that performs overall control. The control unit 10 includes a memory 11, a key operation unit 12, a display unit 13, an external interface 14, and a wireless reader unit. 20, an information code reading unit 30, a wireless communication unit 40, and the like are connected. In the present embodiment, the reading device 2 corresponds to an example of a “reading unit” and can read a partially private code C (information recording medium) and an IC card 5 described later.

  The control unit 10 is composed mainly of a microcomputer, has a CPU, a system bus, an input / output interface, and the like, and functions as an information processing device together with the memory 11. The key operation unit 12 includes a plurality of keys, and is configured to give an operation signal to the control unit 10 according to a user's key operation. The control unit 10 receives an operation signal from the key operation unit 12. When received, it is configured to perform an operation according to the operation signal. The display unit 13 is configured by, for example, a liquid crystal display, and the display content is controlled by the control unit 10. The external interface 14 is configured as an interface for performing data communication (for example, LAN communication) with an external device (for example, the management device 3), and performs communication processing in cooperation with the control unit 10. The structure to do is made. Although not shown, the reading device 2 is also provided with a power circuit, a power switch, and the like that receive power from a battery or a commercial power source.

  The wireless reader unit 20 performs communication by electromagnetic waves with the IC card 5 in cooperation with the antenna 25 and the control unit 10 to read data stored in the IC card 5 or write data to the IC card 5. Is functioning to do. The wireless reader unit 20 is configured as a circuit that performs transmission using a known radio wave system, and includes a transmission circuit 21, a reception circuit 22, a matching circuit 23, and the like as illustrated in FIG.

  The transmission circuit 21 includes a carrier oscillator, an encoding unit, an amplifier, a transmission unit filter, a modulation unit, and the like, and is configured to output a carrier (carrier wave) having a predetermined frequency from the carrier oscillator. The encoding unit is connected to the control unit 10, encodes transmission data output from the control unit 10, and outputs the encoded transmission data to the modulation unit. The modulation unit is a part to which the carrier (carrier wave) from the carrier oscillator and the transmission data from the encoding unit are input. The carrier (carrier wave) output from the carrier oscillator is encoded at the time of command transmission to the communication target. A modulated signal that is ASK (Amplitude Shift Keying) modulated by the encoded transmission code (modulated signal) output from the encoding unit is generated and output to the amplifier. The amplifier amplifies the input signal (the modulated signal modulated by the modulation unit) with a predetermined gain, and outputs the amplified signal to the transmission unit filter. The transmission unit filter filters the amplified signal from the amplifier. The transmission signal is output to the antenna 25 via the matching circuit 23. When a transmission signal is output to the antenna 25 in this way, the transmission signal is radiated to the outside from the antenna 25 as an electromagnetic wave.

  On the other hand, the radio wave signal received by the antenna 25 is input to the receiving circuit 22 through the matching circuit 23. The reception circuit 22 is configured by a reception unit filter, an amplifier, a demodulation unit, a binarization processing unit, a decoding unit, and the like, and after filtering a signal received via the antenna 25 with a reception unit filter, The signal is amplified by an amplifier, and the amplified signal is demodulated by a demodulator. Then, the demodulated signal waveform is binarized by the binarization processing unit, decoded by the decoding unit, and then the decoded signal is output to the control unit 10 as received data.

  As shown in FIG. 3B, the information code reading unit 30 includes a light receiving sensor 33 formed of a solid-state imaging device such as a CCD area sensor, an imaging lens 37, an illumination unit 31 including a plurality of LEDs and lenses. The information code attached to the reading object R in cooperation with the control unit 10 (for example, a general QR code (registered trademark) or a partially private code C described later) Etc.).

  When the information code reading unit 30 reads, for example, a part of the secret code C, first, the illumination light Lf is emitted from the illumination unit 31 that receives a command from the control unit 10, and the illumination light Lf is read from the reading port. The reading object R is irradiated through (not shown). Then, the reflected light Lr partially reflected by the secret code C from the illumination light Lf is taken into the apparatus through the reading port, and is received by the light receiving sensor 33 through the imaging lens 37.

  The imaging lens 37 disposed between the reading port (not shown) and the light receiving sensor 33 is configured to form a part of the image of the non-disclosure code C on the light receiving sensor 33. A light reception signal corresponding to the image of the partially hidden code C is output. The light receiving signal output from the light receiving sensor 33 is stored as image data in the memory 11 (FIG. 2) and used for decoding processing and the like. The information code reading unit 30 is provided with an amplifier circuit that amplifies the signal from the light receiving sensor 33, an AD converter circuit that converts the amplified signal into a digital signal, and the like. Is omitted.

(Configuration of IC card)
Next, the IC card 5 read by the wireless reader unit 20 will be described.
The IC card 5 is configured as an IC card type driver's license, and is configured as a known non-contact IC card in terms of hardware, and has an external configuration such as that illustrated in FIG. There is no.

  As shown in FIG. 4, an antenna 51, a power supply circuit 52, a demodulation circuit 53, a control circuit 54, a memory 55, a modulation circuit 56, and the like are included. The power supply circuit 52 rectifies and smoothes a transmission signal (carrier signal) received from the reading device 2 via the antenna 51 to generate an operation power supply. The operation power supply includes the control circuit 54 and the like. Is supplied to each component. The demodulating circuit 53 demodulates the data superimposed on the transmission signal (carrier signal) and outputs it to the control circuit 54. The memory 55 is constituted by various semiconductor memories such as ROM and EEPROM, and identification information (ID) for identifying the control program and the IC card 5 or data (for example, a driver's license) according to the use of the IC card 5. Data)) is stored. The control circuit 54 is configured to read the information and data from the memory 55 and output it as transmission data to the modulation circuit 56. The modulation circuit 56 performs load modulation on the carrier signal with the transmission data and performs the antenna 51. Is transmitted as a reflected wave.

  In addition, the IC card 5 has various license information displayed on the outer surface as shown in FIG. 5A (for example, the name, date of birth, address, and license written on the surface of the license). (Expiration date, license conditions, license number, date of issue, type of license, date of acquisition of each type, and remarks information recorded on the back of the license) The state is stored in the memory 55. These license information is encrypted using the encryption number (PIN code) specified in advance by the license owner (that is, the owner of the IC card 5) or data corresponding to the password as an encryption key. Unless the personal identification number (PIN code) is input, the license information stored in the IC card 5 is not decrypted and the license information cannot be read. In the present embodiment, various license information recorded in the memory 55 corresponds to an example of “personal identification information”.

(Partial configuration of private code)
Next, the partially private code C read by the information code reading unit 30 will be described with reference to FIGS.
FIG. 6 is an explanatory diagram for conceptually explaining a partially private code used in the IC card reading system of the first embodiment. FIG. 7A is an explanatory diagram illustrating the data configuration of the partially private code of FIG. 6, and FIG. 7B illustrates the public data recorded in the public area of the partially private code. FIG. 7C is an explanatory diagram illustrating cipher data recorded in the private area of the partially private code.

  The partially private code C corresponds to an example of an “information recording medium” in which predetermined encrypted information is recorded, and can be read without using an encryption key as shown in FIG. A public area Ca where non-encrypted data (public data) is recorded, a private area Cb where encrypted data (private data) encrypted with an encryption key is recorded, and an error correction code are recorded. And an error correction area. Further, in the present embodiment, a cooperation identifier (predetermined information) described later is recorded in the public area Ca, and the above-mentioned personal identification number (PIN code) is encrypted as “predetermined encryption information” in the non-public area Cb. The encrypted information is recorded.

  Some of the areas are private areas (areas that can be read on the condition that a decryption key corresponding to the encryption key is obtained) and other areas are public areas (areas that can be read without using the decryption key) As a method for generating the private code C and a specific configuration of the partial private code C to be generated, for example, techniques disclosed in Japanese Unexamined Patent Application Publication Nos. 2009-9547 and 2008-299422 are preferably used. Can do. FIG. 7A illustrates a data configuration of a partially private code C generated using the techniques of these publications. Among these, the “disclosure code” is as shown in FIG. Each disclosed data is encoded in accordance with JIS basic specifications (JISX0510: 2004). The secret code is obtained by encoding each piece of encrypted data as shown in FIG. 7C according to JIS basic specifications (JISX0510: 2004). In the methods disclosed in Japanese Patent Application Laid-Open Nos. 2009-9547 and 2008-299422, the secret code recorded in the non-public area includes the decryption key and the decryption key check data that can specify the decryption key. In this embodiment, the decryption key and the decryption key check data are not included in the private area.

  The partially private code C used in the present embodiment is such that a disclosure code recorded in a public area and a secret code recorded in a private area are represented by a plurality of data blocks. The data block is expressed by, for example, eight cells (light color cells or dark color cells), as in the case of QR code (registered trademark). Further, the error correction code is represented by a plurality of error correction blocks, and each error correction block has, for example, eight cells (light cell or dark cell) in the same manner as the QR code (registered trademark). It is expressed by.

  The method for reading the partially closed code C is basically the same as in the case of the above-mentioned Japanese Patent Application Laid-Open Nos. 2009-9547 and 2008-299422. When it is read in the same manner as the code (registered trademark), and then it is determined whether or not there is a predetermined secret identifier at a predetermined position (immediately after the end terminal in the example of FIG. 7A). In this case, the data (bit data) in the secret area that follows the secret identifier is read. Since the bit data recorded in the private area is encrypted with the encryption key as described above, it can be decrypted only when the encryption key is present in the reading device 2. The concealment identifier is constituted by a predetermined number (bit string) determined in advance, and the reading device 2 determines whether or not the information code that is to be read by the presence / absence of detection of such a bit string is an undisclosed area. It is determined whether or not there exists.

  Note that the method for generating the partial private code C and the specific configuration of the partial private code C to be generated are not limited to this example, and the encrypted data is recorded in a partial area and is stored in another area. As long as it is a method capable of generating a two-dimensional code in which non-encrypted data is recorded, it may be generated by a method other than the method described in these publications.

  Further, in the present embodiment, the above-described partially private code C is attached to a predetermined member. For example, in the example of FIG. 5, a part of the secret code C is formed by a method such as printing on the outer surface of the card storage case 4 that stores the IC card 5, and the IC card 5 is inserted into the card as shown in FIG. The partially secret code C attached to the outer surface of the case can be read by the reading device 2 while being stored in the storage case 4. In the example of FIGS. 1 and 5, the card storage case 4 is configured as a transparent clear case, and information recorded on the outer surface of the IC card 5 from the outside in a state where the IC card 5 is stored in the case. (License information such as name, address, license number, etc.) can be seen from outside the case).

(Partial private code generation process)
Next, with reference to FIG. 8, a process for generating a partially private code C will be described. This generation processing is performed, for example, by the reading device 2 or another information processing device (the management device 3 or the like). In the following, a representative example in which the generation processing of the partially closed code C is performed by the management device 3 is representative. This will be described as an example. The management device 3 is configured as a computer having a CPU, a ROM, a RAM, a communication interface, and the like, and is connected to the reading device 2 so as to be communicable.

  In this embodiment, the owner of the IC card 5 (that is, the license owner) can arbitrarily set a personal identification number (PIN), and the same information as this personal identification number or this personal identification number. The license information is encrypted by a known encryption method using the information corresponding to the above as an encryption key, and is recorded in the memory 55. The manufacture of the IC card 5 is performed in a process different from that in FIG. 8. In FIG. 8, a personal identification number (PIN) for decoding the license information of the IC card 5 is used. ) Is recorded in a non-public area.

  In the generation process shown in FIG. 8, a personal identification number (PIN) for decrypting the license information recorded in the memory 55 of the IC card 5 is acquired (S1). In the processing of S1, for example, when a person who can know the personal identification number (such as a license owner or a public organization person who issues a personal license) performs a process of inputting the personal identification number in the management device 3, The data of the number (PIN) is acquired.

  Then, the personal identification number (PIN) acquired in S1 is encrypted with a predetermined first encryption key (S2). In the process of S2, for example, the secret number (PIN) acquired in S1 is set to a public key known in the art using a predetermined public key corresponding to a predetermined secret key stored in the memory 11 of the reading device 2 as a first encryption key. Encrypted with an encryption method. Therefore, the encrypted data (first encrypted data) generated in S2 cannot be decrypted without using the secret key recorded in the memory 11 and the decryption algorithm corresponding to the encryption in S2. Yes.

  In the case where the management device 3 is configured as a generation device that generates a part of the private code C as in the representative example shown here, for example, the reading device 2 notifies the management device 3 of the disclosure corresponding to the secret key. A key is given by data transmission or the like, and the memory 11 of the reading device 2 keeps a secret key corresponding to the public key given to the management device 3. In this case, the CPU of the management device 3 corresponds to an example of a “generating unit” and functions to generate encrypted information by encrypting a personal identification number based on a predetermined public key. In this case, the memory 11 of the reading device 2 corresponds to an example of “secret key storage unit”, and functions to store a secret key corresponding to the public key.

  Then, the data (first encrypted data) obtained by encrypting the personal identification number (PIN) with the public key encryption method is encrypted with the predetermined second encryption key, and a secret code to be recorded in the private area is obtained. Generate (S3). In the process of S3, for example, the same information as the decryption key formed in the reading device 2 or information that can be inferred from the decryption key is used as the second encryption key (common key), and the data generated in S2 (the first key) (Encrypted data) is encrypted by a known common key encryption method, and the generated data (second encrypted data) is used as a secret code. Therefore, the secret code (second encrypted data) cannot be decrypted without using a decryption key that is the same as or corresponding to the second encryption key (common key) and a decryption algorithm corresponding to the encryption in S3. It is like that.

  When the management device 3 is configured as a generation device that generates a part of the private code C, for example, the reader 2 gives the management device 3 a common key corresponding to the decryption key (guessed from the decryption key itself or the decryption key). Or a decryption key corresponding to the common key used for generating the secret code is transmitted from the management device 3 to the reading device 2. Alternatively, the same or corresponding key is input to the reading device 2 and the management device 3 by an administrator or the like. The management apparatus 3 generates a secret code using such a common key, and the other reading apparatus 2 keeps the decryption key that is the same as or corresponds to the common key used in the management apparatus 3 in the memory 11. It is like that. In this example, the memory 11 of the reading device 2 corresponds to an example of a “decryption key storage unit”, and functions to store a decryption key corresponding to encryption of encrypted information.

  Then, the secret code (second encrypted data) generated in this way and the disclosure code to be recorded in the public area are combined as shown in FIG. 7A to generate a partially private code C (S4). . In addition, although the specific content and the input method are abbreviate | omitted about the disclosure code recorded on a public area, the data of various contents can be input and recorded by various input methods. The partially secret code C generated in this way is printed on various media by an image forming apparatus such as a printer (see FIG. 5B).

(IC card reading process)
Next, an IC card reading process performed by the IC card reading system 1 of the present embodiment will be described.
FIG. 9 is a flowchart illustrating a license reading process performed in the IC card reading system 1. The license reading process shown in FIG. 9 is started, for example, when a predetermined start condition is satisfied in the reading device 2 (for example, a predetermined operation by the user, power-on, automatic detection of a reading target, etc.). Yes, first, the information code reading unit 30 performs an image capturing process for capturing an information code (S11), and a process for decoding the public area in the code image of the captured information code (S12). As described above, in this embodiment, a partially private code C similar to the technique disclosed in Japanese Patent Application Laid-Open No. 2009-9547 or Japanese Patent Application Laid-Open No. 2008-299422 is used. The public code C is read. First, data from the head to the end terminal is read in the same manner as a known QR code (registered trademark) (S12), and then the predetermined position (the end in the example of FIG. 7A). It is determined whether or not there is a predetermined secret identifier immediately after the child (S13).

For example, when a partially private code C as shown in FIGS. 6 and 7 is captured in S11 and a code image of the partially private code C is acquired, it is determined in S13 that a secret identifier is included. Therefore, in this case, the process proceeds to Yes in S13, and the data (bit data) in the private area following the secret identifier can be read on condition that the secret key or the common key exists. On the other hand, if the secret identifier is not included, the process proceeds to No in S13, the decryption result of the public area from the head to the end terminal is output (S21), and the process ends. For example, when a normal QR code (registered trademark) that does not include a secret identifier is to be read, it is determined No in S13, and the output process in S21 is performed.
In the present embodiment, the information code reading unit 30 (more specifically, the light receiving sensor 3) of the reading device 1 corresponds to an example of “imaging means”, and functions to image a part of the secret code C.

  When the process proceeds to Yes in S13, it is determined whether or not the secret code recorded in the private area Cb of the partially private code C can be decrypted (S14). In the present embodiment, there is a decryption key that is the same as or corresponds to the second encryption key (common key) used for generating the secret code in S3 in FIG. 8, and decryption corresponding to the encryption algorithm in S3. Since the secret code can be decrypted when the decryption algorithm exists, it is determined whether or not such decryption key and decryption algorithm are stored in the memory 11 in S14. If such a decryption key and decryption algorithm are stored in the memory 11, the process proceeds to Yes in S14, and the data when the secret code (second encrypted data) is decrypted by the decryption key and decryption algorithm. It is determined whether or not the encryption information obtained by encrypting the password (that is, the first encrypted data) can be decrypted (S15). In this embodiment, the secret key corresponding to the first encryption key (public key) used for generating the encryption information (first encryption data obtained by encrypting the password with the public key) in S2 of FIG. Since the first encrypted data can be decrypted when there is a decryption algorithm corresponding to the encryption algorithm in S2, such a secret key and decryption algorithm are stored in the memory 11 in S15. It is determined whether or not it is stored. If NO is determined in S14 described above, or if NO is determined in S15, the license reading process shown in FIG. 9 is terminated while the personal identification number (PIN) is indecipherable.

  On the other hand, when it is determined Yes in S14 and also Yes in S15, the secret code is decrypted using the above-described secret key to obtain the first encrypted data, and the first encrypted data is converted into the above-described common key. To obtain a personal identification number (PIN) (S16).

  After decrypting the password in S16, the wireless reader unit 20 is operated to perform an IC card capture process (S17). In this capturing process, a predetermined capturing command is transmitted to the IC card 5 within the communication range of the wireless reader unit 20, and a response from the IC card to the capturing command is detected.

  After the capturing process of S17, it is determined whether or not the capturing process is successful (S18). Specifically, when a response signal from the IC card 5 to the capture command transmitted in S17 is detected and communication with the IC card 5 is possible, it is determined that capture is successful, and Yes in S18. Proceed to On the other hand, when a response to the transmission of the capture command in S17 is not detected, it is determined that the capture has failed, the process proceeds to No in S18, and the license reading process shown in FIG.

  When the capture of the IC card 5 is successful, the license information (encrypted personal identification information) recorded on the IC card is read, and the password obtained in S16 is used as a decryption key. An attempt is made to decrypt the license information (encrypted data), and it is determined whether the license information has been successfully decrypted (S19). If the decryption of the license information is successful, the process proceeds to Yes in S19, and the use of the license information obtained by the decryption is performed (S20). On the other hand, if the decoding of the license information fails, the process proceeds to No in S19, and the license reading process shown in FIG. 9 is terminated.

  In this embodiment, the control unit 10, the wireless reader unit 20, and the information code reading unit 30 correspond to an example of “information acquisition unit”, and are partially read by the secret code C (information recording medium) and the IC card 5. Encrypted information is obtained by reading a partially private code C (information recording medium) and license information (personal identification information) is obtained by reading an IC card 5 when placed at a possible position. To function. More specifically, when the encrypted information is acquired prior to the acquisition of the license information (personal identification information) and the encrypted information is decrypted by “encrypted information decryption means” described later, the license information ( It functions to start acquisition processing of (personal identification information). The control unit 10 corresponds to an example of a “decoding unit”, decodes the public area Ca based on the code image of the partially private code C imaged by the imaging unit, and the memory 11 (decryption key storage unit). The private area Cb is decoded based on the decryption key recorded in (1).

  Further, in the present embodiment, the control unit 10 that executes the processing of FIG. 9 corresponds to an example of “encrypted information decrypting means”, and encrypts information (encryption of a code number) acquired by the “information acquiring means”. The encrypted data) is decrypted based on the decryption key stored in the memory 11 (decryption key storage means).

  The control unit 10 corresponds to an example of “personal identification information decrypting means”, and is obtained when the encrypted information (encrypted data obtained by encrypting the personal identification number) is decrypted by the encrypted information decrypting means. Based on the decryption data, it functions to decrypt the encrypted license information (personal identification information). More specifically, when the secret code (second encrypted data) is decrypted by the encrypted information decrypting means, the obtained decrypted data (first encrypted data) is decrypted based on the secret key. It functions to obtain a number and decrypt the encrypted license information (personal identification information) based on the password.

  Further, the control unit 10 that performs the determination processing of S14 and S15 corresponds to an example of “cancel means”, and when the password (predetermined cipher) is not acquired by the “encrypted information decryption means”, the IC card Functions to stop reading.

  In the present embodiment, in S20, the process of using the license information acquired in S19 is performed. This use process is a process of displaying the license information decrypted in S19 on a display unit (not shown). There may be a determination process for determining whether or not the license information decrypted in S19 satisfies a predetermined condition.

As an example of the determination process, for example, based on the license information read out after the successful decoding in S19, the IC card 5 (driver's license) read in FIG. For example, it is determined whether or not the above is satisfied. For example, when the IC card reading system 1 according to the present embodiment is used as an operation management system for performing operation management at a bus company or a transportation company, the driver's license information before the operation is read as shown in FIG. In this case, in the license information utilization process of S20, a method is used in which it is determined whether or not the driver's license information read in S19 meets the prescribed license conditions. be able to. In this case, in S20, for example, based on the license information read in S19, whether or not the license type of the driver's license of the prospective driver corresponds to a predetermined type (for example, including a second class license for large vehicles) Or whether the renewal time of the driver's license of the prospective driver has not elapsed may be determined based on the license information read in S19. Then, the result of the determination process performed for each driving person in this way is associated with the license information (for example, name, license number, etc.) obtained in S19, as shown in FIG. 10 (A). If it is memorized, it is possible to memorize the confirmation result as to whether or not the driver's license of the prospective driver satisfies the standard.
In this case, the control unit 10 corresponds to an example of “determination means” and functions to determine whether or not the driver's license satisfies a predetermined operation condition.

Moreover, when performing such a determination process, a predetermined notification process may be performed when it is determined in the determination process that the driver's license does not satisfy the prescribed operation conditions. For example, when “the renewal deadline of the driver's license has not passed” is set as the operation condition, the display unit 13 when the renewal deadline included in the license information obtained in S20 has passed. The license holder may be informed that the renewal deadline has passed by a display (for example, a message display such as “Renewal deadline has passed”) or voice notification. Alternatively, when the operation condition is that “the license type of the driver's license corresponds to the predetermined license type”, the license information obtained in S20 does not include the predetermined license type The license holder is informed that the license type does not meet the standard by displaying on the display unit 13 (for example, displaying a message such as “License type does not meet the standard”) or by voice notification. It may be.
In this case, the control unit 10 and the display unit 13 (or a speaker (not shown) or the like) correspond to an example of “notification unit”, and it is determined by the “determination unit” that the driver's license does not satisfy the operation condition. In this case, it functions to perform a predetermined notification process.

(Main effects of the first embodiment)
According to the IC card reading system 1 according to the present embodiment, the encrypted license information (personal identification information) recorded on the IC card 5 and the encrypted information (password) required for decoding the personal identification information. Can be acquired by the reading device 2 (reading means) at the same time, and the burden such as the password input process can be reduced, and the authorized person can easily and quickly enter the password. It is possible to input, and erroneous input can be effectively reduced.
In addition, the code number necessary for decrypting the license information (personal identification information) recorded on the IC card 5 is partially recorded in a secret code C (information recording medium) in an encrypted state. In addition, since the decryption key can be decrypted only by the reading means in which the decryption key is stored, the leakage of the personal identification number can be prevented more reliably.

  Further, in the IC card reading system 1 according to the present embodiment, the information acquisition means has a partially private code C (information recording medium) prior to acquisition of the license information (personal identification information) recorded on the IC card 5. The encrypted information (information obtained by encrypting the personal identification number) recorded in the information is obtained, and when the encrypted information is decrypted by the encrypted information decrypting means, the license information (personal identification information) Acquisition processing has started. By doing this, the license information (personal identification information) is not acquired when the encrypted information is not decrypted, and the license information (personal identification information) is obtained without the correct password being entered. It is possible to effectively prevent useless processing such as.

  As an actual usage example, there are many cases where the IC card 5 is stored in the IC card case 4 as shown in FIG. In this case, the partially private code C (information recording medium) attached to the IC card case 4 and the IC card 5 are simultaneously put against the reading device 2 (reading means), but the IC card according to the present embodiment In the reading system 1, as described with reference to FIG. 9, the information acquisition unit first acquires the encryption information partially recorded in the secret code C before acquiring the license information recorded on the IC card 5. Will do. Therefore, the license information (personal information can be entered in a state where the correct password cannot be entered by not performing the acquisition process of the license information (personal identification information) when the encrypted information is not decrypted. The effect of preventing wasteful processing such as acquiring (identification information) is likely to occur.

  In addition, the IC card reading system 1 according to the present embodiment includes a canceling unit that stops reading the IC card 5 when a predetermined cipher is not acquired by the encrypted information decrypting unit. According to this configuration, it is possible to prevent erroneous input from being repeated, and to suppress problems caused by repeated erroneous input.

Also, in the IC card reading system 1 according to the present embodiment, the “information recording medium” includes a public area Ca in which public information that can be decrypted without using a decryption key is recorded, and a private area in which encrypted information is recorded. The information acquisition unit includes a wireless communication unit that performs wireless communication with the IC card 5 and an imaging unit that captures the partially private code C. . The “encrypted information decrypting means” decodes the public area Ca based on the code image of the partially private code C imaged by the imaging means, and decrypts the recorded information in the memory 11 (decryption key storage means). Decoding means for decoding the private area Cb based on the key is provided.
In this way, it is easy to configure the information recording medium at a lower cost and more compactly while enabling the input process of a security code with little information leakage and high security.

Further, the IC card reading system 1 according to the present embodiment is provided with a generating unit that generates encrypted information by encrypting a password based on a predetermined public key, and the reading device 2 (reading unit) A memory 11 (secret key storage means) for storing a secret key corresponding to the public key is provided. The personal identification information decrypting means obtains the first encrypted data by decrypting the encrypted information (the second encrypted data obtained by further encrypting the first encrypted data obtained by encrypting the password) by the encrypted information decrypting means. If this is the case, the security code is obtained by decrypting the obtained decrypted data (first encrypted data) based on the secret key, and the encrypted license information (personal identification) is obtained based on the security code. Information).
According to this configuration, the encryption number for decrypting the license information (personal identification information) can be double-encrypted, and the security of the password can be further enhanced.

  In the present embodiment, the IC card 5 is configured as a driver's license including at least an address, name, and license number as personal identification information. And a judging means for judging whether or not the driving license satisfies a predetermined operation condition based on the license information (personal identification information) decrypted by the personal identification information decrypting means; And a notification means for performing a predetermined notification process when it is determined that the driver's license does not satisfy the operation conditions. According to this configuration, it can be easily confirmed whether or not the driver's license satisfies the prescribed operation conditions, which is extremely advantageous in appropriately performing the operation management. In addition, it is possible to prevent leakage of the license information (personal identification information) recorded in the driver's license, and to reduce the burden of PIN input and reading errors when reading this license information (personal identification information). Can be achieved.

  Further, in the present embodiment, the driver's license includes at least one of the license type information and the renewal time information as the personal identification information, and the determination means stores the license type recorded in the driver's license. It is judged whether the driver's license satisfies the operating condition based on whether the predetermined type condition is satisfied, or whether the renewal time recorded in the driver's license satisfies the predetermined time condition. . According to this configuration, it is possible to quickly and surely determine whether the driver's license satisfies a predetermined type condition or whether the renewal time of the driver's license satisfies a predetermined time condition. It is possible to appropriately notify that the certification condition is not satisfied, and to further enhance the effect of suppressing erroneous operation in a state where the prescribed license condition is not satisfied.

[Second Embodiment]
Next, a second embodiment will be described. FIG. 11 is a block diagram conceptually illustrating the hardware configuration of the authentication IC card used in the IC card reading system of the second embodiment. FIG. 12 is a flowchart illustrating the flow of a license reading process performed in the IC card reading system according to the second embodiment.

  In the second embodiment, an authentication IC card 205 having a memory for recording encrypted information is mainly used as an “information recording medium” for holding a personal identification number, instead of a partially private code C. 12 is different from the first embodiment in that the process of FIG. 12 is performed instead of the process of FIG. Note that the hardware configuration of the reading device 2 is the same as that of the first embodiment shown in FIGS. 2 and 3, and the configuration of the IC card 5 is the first configuration shown in FIGS. 4 and 5A. The configuration is the same as that of the embodiment.

  As shown in FIG. 11, the authentication IC card 205 used in the second embodiment has a hardware configuration similar to that of the IC card 5, and includes an antenna 51, a power circuit 52, a demodulator of the IC card 5. An antenna 251, a power supply circuit 252, a demodulation circuit 253, a control circuit 254, a memory 255, and a modulation circuit 256 having the same configuration as the circuit 53, the control circuit 54, the memory 55, and the modulation circuit 56 are provided.

  Further, the memory 255 of the authentication IC card 205 stores encrypted information obtained by encrypting a personal identification number arbitrarily set by the user (license owner). For example, a predetermined secret key is stored in the memory 11 of the reading device 2 as in the first embodiment, and the password is encrypted by a public key encryption method based on the public key corresponding to the secret key. It has become. Data obtained by encrypting the code number based on the public key (first encrypted data) is stored in the memory 255 of the authentication IC card 250. The storage format for storing the first encrypted data in the memory 255 may be a predetermined specific format. In this case, only a reading device capable of data analysis according to the structure of the format can encrypt the encrypted data. (First encrypted data) can be decrypted.

  The license reading process in the IC card reading system according to the second embodiment is performed in the flow as shown in FIG. 12, and first, the process of capturing the authentication IC card 250 is performed (S21). In the process of S21, a specific capturing command corresponding to the type of the authentication IC card 250 is transmitted, and a response result from the authentication IC card 250 is detected. In the present embodiment, for example, the card type of the authentication IC card 250 is different from the card type of the IC card 5, and the capture command for capturing the authentication IC card 250 and the IC card 5 are captured. The capture command is different. Accordingly, when a capture command is transmitted to the authentication IC card 250, the IC card 5 does not return a response, the authentication IC card 250 returns a response, and the authentication IC card 250 is captured prior to the IC card 5. It is like that.

  Thereafter, the data in the memory 255 is analyzed by an analysis method according to the format of the authentication IC card 250, and the encryption information (the PIN number set by the license owner) stored in the memory 255 is disclosed above. The first encrypted data encrypted based on the key is acquired, and the decryption of the first encrypted data is attempted (S22). In the present embodiment, a secret key corresponding to the public key used for encrypting the first encrypted data is stored in the memory 11, and a decryption algorithm corresponding to the encryption algorithm used for encrypting the first encrypted data is stored in the memory. The first encrypted data can be decrypted only when it is stored in the memory 11. Thereafter, it is determined whether or not the first encrypted data has been successfully decrypted based on such a secret key and a decryption algorithm (S23). If the decryption fails, the process proceeds to No in S23, and the license reading process shown in FIG.

    On the other hand, if the first encrypted data is successfully decrypted in S22 and the personal identification number (PIN) recorded on the authentication IC card is obtained, the process proceeds to Yes in S23 and the IC card 5 (driver's license) is obtained. Process to capture. Since the processing after S24 is the same as the processing after S17 shown in FIG. 9, detailed description thereof will be omitted. However, in the decoding / judgment processing of the license information shown at S26, S22 is the same as in S19. Attempt to decipher the license information encrypted using the PIN number acquired in step S4, and if the decipherment is successful, proceed to Yes in S26 and perform the same process of using the license information as in the first embodiment. (S27).

  In the present embodiment, the control unit 10 and the wireless reader unit 20 of the reading device 2 correspond to examples of “information acquisition unit” and “wireless communication unit”, and perform wireless communication with the IC card 5 and the authentication IC card 250. The IC card 5 is captured before the IC card 5 is captured, and then the IC card 5 is captured on the condition that the encrypted information is decrypted by the encrypted information decrypting means. To function.

In the IC card reading system according to the present embodiment, the “information recording medium” includes an authentication IC card 250 including a memory for recording encrypted information, and the “information acquisition unit” includes the IC card 5 and the authentication IC. The wireless communication means is configured to perform wireless communication with the card 250. The wireless communication means captures the authentication IC card 250 prior to capturing the IC card 5, and then captures the IC card 5 on condition that the encrypted information is decrypted by the encrypted information decrypting means. Processing is in progress.
In this way, it is possible to input a personal identification number for decrypting the license information (personal identification information) recorded on the IC card 5 using another IC card, and the license information (personal identification information) The hardware configuration for acquiring the password and the hardware configuration for acquiring the personal identification number can be combined. In addition, since the IC card 5 on which the license information (personal identification information) is recorded is captured after the authentication IC card 250 is captured and the encrypted information is decrypted, the license can be obtained in a state where the password cannot be obtained. It is possible to effectively prevent useless processing such as obtaining certificate information (personal identification information).

[Other Embodiments]
The present invention is not limited to the embodiments described with reference to the above description and drawings. For example, the following embodiments are also included in the technical scope of the present invention.

  In the above embodiment, the IC card reading system 1 is used as an operation management system and the operation management data as shown in FIG. 10A is generated. However, the IC card reading system 1 is used for other purposes. May be. For example, the IC card reading system 1 can be used as an attendance management system. In this case, for example, when the reading process of S20 is performed during the first predetermined time (for example, in the morning) on the work day, the work time data of the license holder is generated as shown in FIG. Then, when the reading process of S20 is performed at the second predetermined time on the work day, it is possible to generate the work time data of the license holder as shown in FIG. By combining these, it is possible to generate the history data of the attendance time and the departure time of each license owner. In this way, the driver's license can also be used for attendance management, and a legitimate person can easily perform the reading process while ensuring security by encryption. Increased further.

DESCRIPTION OF SYMBOLS 1 ... IC card reading system 2 ... Reading apparatus (reading means)
3. Management device (generation means)
5 ... IC card (driver's license)
10. Control unit (encrypted information decryption means, personal identification information decryption means, decode means, information acquisition means, wireless communication means, stop means, determination means, notification means)
11 ... Memory (decryption key storage means, secret key storage means)
20 ... Wireless reader (information acquisition means, wireless communication means)
30 ... Information code reading section (information acquisition means, imaging means)
250 ... IC card for authentication (information recording medium)
255 ... Memory C ... Partially private code (information recording medium)

Claims (8)

An information recording medium on which predetermined encrypted information is recorded;
An IC card on which encrypted personal identification information is recorded;
Reading means capable of reading the information recording medium and the IC card;
An IC card reading system comprising:
The reading means includes
Decryption key storage means capable of storing a decryption key corresponding to encryption of the encrypted information;
When the information recording medium and the IC card are arranged at a readable position, the encrypted information is acquired by reading the information recording medium, and the personal identification information is acquired by reading the IC card. Information acquisition means,
Encrypted information decrypting means for decrypting the encrypted information acquired by the information acquiring means based on the decryption key stored in the decryption key storage means;
Personal identification information decrypting means for decrypting the encrypted personal identification information based on the obtained decrypted data when the encrypted information is decrypted by the encrypted information decrypting means;
An IC card reading system comprising:   The information acquisition means is configured to acquire the encrypted information prior to acquisition of the personal identification information, and when the encrypted information is decrypted by the encrypted information decryption means, the personal identification information 2. The IC card reading system according to claim 1, wherein an acquisition process is started.   3. The IC card according to claim 2, wherein the information acquisition unit includes a cancellation unit that stops reading the IC card when a predetermined cipher is not acquired by the encrypted information decryption unit. Reading system. The information recording medium comprises a partially private code having a public area in which public information that can be decrypted without using the decryption key is recorded, and a private area in which the encrypted information is recorded,
The information acquisition unit includes a wireless communication unit that performs wireless communication with the IC card, and an imaging unit that captures the partially private code,
The encrypted information decrypting means decodes the public area based on the code image of the partially private code imaged by the imaging means, and based on the decryption key recorded in the decryption key storage means The IC card reading system according to any one of claims 1 to 3, further comprising decoding means for decoding the non-public area. The information recording medium comprises an authentication IC card including a memory for recording the encrypted information,
The information acquisition means includes wireless communication means for performing wireless communication with the IC card and the authentication IC card,
The wireless communication means performs a process of capturing the authentication IC card prior to capturing the IC card, and then, on the condition that the encrypted information is decrypted by the encrypted information decrypting means. The IC card reading system according to any one of claims 1 to 3, wherein a capturing process is performed. Generating means for generating the encrypted information by encrypting a password based on a predetermined public key;
The reading means has a secret key storage means for storing a secret key corresponding to the public key;
The personal identification information decrypting means obtains the personal identification number by decrypting the decrypted data obtained based on the secret key when the encrypted information is decrypted by the encrypted information decrypting means, The IC card reading system according to any one of claims 1 to 5, wherein the encrypted personal identification information is decrypted based on the personal identification number. An operation management system including the IC card reading system according to any one of claims 1 to 6,
The IC card is a driver's license including at least an address, name, and license number as the personal identification information,
Further, based on the personal identification information decoded by the personal identification information decoding means, a determination means for determining whether or not the driving license satisfies a predetermined operation condition;
Notification means for performing a predetermined notification process when the determination means determines that the driver's license does not satisfy the operation conditions;
An operation management system characterized by comprising The driver's license includes at least one of license type information and renewal time information as the personal identification information,
The determination means determines whether the license type recorded in the driver's license satisfies a predetermined type condition, or whether the renewal time recorded in the driver's license satisfies a predetermined time condition. 8. The operation management system according to claim 7, wherein it is determined whether or not the driving license satisfies the operation condition.

Images