| CPC H04L 9/3226 (2013.01) [H04L 9/0825 (2013.01); H04L 9/0861 (2013.01); H04L 9/0897 (2013.01); H04L 9/3247 (2013.01); H04L 9/3263 (2013.01)] | 11 Claims |
|
11. A non-transitory computer-readable medium storing an application program that is executed by a body processor included in a user device which is a portable device possessed by a user and causes the user device to function as a terminal for utilizing an online service provided through the Internet by a service providing server,
wherein the user device has a plurality of integrated circuit (IC) chips,
wherein each of the plurality of IC chips includes:
a memory that non-transitorily stores at least personal information used for user authentication to confirm validity of a party using the user device, a private key of the user, a public key of the user paired with the private key, and an electronic certificate of the user including the public key, wherein the personal information is biometric information of the user including a facial image, a voiceprint, an iris, a fingerprint, or a vein, and
a processor that has at least an authentication function of executing the user authentication by collating information given from the application program with the personal information and an electronic signature function of executing an electronic signature on data given from the application program using the private key, wherein the application program causes the user device to function as:
a user authentication unit configured to execute the user authentication using the authentication function of the IC chip based on information acquired from the party using the user device, and
a transmission unit configured to create the electronic signature using the electronic signature function of the IC chip in a case where the party using the user device is confirmed to be valid through the user authentication, and transmit a login request including the created electronic signature to the service providing server through the Internet,
wherein the plurality of IC chips have different identification information from each other, and
wherein the user device and the service providing server execute communication in which the IC chip to be used is identified with the identification information, wherein each IC chip of the plurality of IC chips as an area that is inaccessible from outside in the memory, and
wherein each IC chip of the plurality of IC chips stores at least the personal information, which is data used by the user authentication unit for the user authentication in order to allow the party using the user device to use the electronic signature function of the IC chip, and the private key in its own area that is inaccessible from the outside.
|