Method and apparatus for remotely disabling and enabling access to secure transaction functions of a mobile terminal
First Claim
1. A method of remotely controlling a security element of a mobile terminal for disabling and enabling access to secured functions of the mobile terminal, the method comprising:
- receiving a request from a user;
verifying authenticity of the user;
creating a signed push message including, at least, an address for the mobile terminal and content which causes a disablement application to be executed; and
sending the signed push message to the mobile terminal.
1 Assignment
0 Petitions
Accused Products
Abstract
Method and apparatus for remotely disabling and enabling access to secure transaction functions of a mobile terminal. A service enables a user to immediately block access to the payment and user authentication functions in the security element of a phone or other type of mobile terminal by sending a radio message, such as a wireless application protocol (WAP) push message. These functions can be turned on again with another radio message. The security element includes a memory that is encoded with keys or key pairs for authentication and/or digital signatures, and a status register or status indicator associated with each such key. The status register is settable to a first state wherein access the key is enabled and to a second state wherein access to the key is disabled. If the terminal is equipped with a GPS subsystem, the terminal can return a confirmation message containing position information.
285 Citations
51 Claims
-
1. A method of remotely controlling a security element of a mobile terminal for disabling and enabling access to secured functions of the mobile terminal, the method comprising:
-
receiving a request from a user;
verifying authenticity of the user;
creating a signed push message including, at least, an address for the mobile terminal and content which causes a disablement application to be executed; and
sending the signed push message to the mobile terminal. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. Apparatus for remotely controlling a security element of a mobile terminal for disabling and enabling access to functions of the mobile terminal, the apparatus comprising:
-
means for receiving a request from a user;
means for verifying authenticity of the user;
means for creating a signed push message including, at least, an address for the mobile terminal and content which causes a disablement application to be executed;
means for sending the signed push message to the mobile terminal;
means for receiving a confirmation message from the mobile terminal; and
means for sending a response to the user based the confirmation message.
-
-
20. A computer program product for enabling a computer system to remotely control a security element of a mobile terminal for disabling and enabling access to secured functions of the mobile terminal, the computer program product including a computer program comprising:
-
instructions for receiving a request from a user;
instructions for verifying authenticity of the user;
instructions for creating a signed push message including, at least, an address for the mobile terminal and content which causes a disablement application to be executed;
instructions for sending the signed push message to the mobile terminal; and
instructions for sending a response to the user based on an outcome of the sending of the signed push message. - View Dependent Claims (21, 22, 23, 24, 25, 27, 28, 29, 30, 31)
-
-
26. A programmed computer system operable for controlling a security element of a mobile terminal for disabling and enabling access to secured functions of the mobile terminal by performing a method comprising:
-
receiving a request from a user;
verifying authenticity of the user;
creating a signed push message including, at least, an address for the mobile terminal and content which causes a disablement application to be executed;
sending the signed push message to the mobile terminal; and
sending a response to the user based on an outcome of the sending of the signed push message.
-
-
32. A system for controlling a security element of a mobile terminal for disabling and enabling access to secured functions of the mobile terminal, the system comprising:
-
a push initiator operable to create and send signed push messages including, at least, an address for the mobile terminal and content which causes a disablement application to be executed;
a proxy gateway operable to receive the signed push messages and send over-the-air messages to the mobile terminal corresponding to the signed push messages; and
a network interconnecting the push initiator and the proxy gateway.
-
-
33. A mobile terminal comprising:
-
a radio block;
a security element encoded with at least one security key for securing transactions; and
a processor system operably connected to the radio block and the security element, the processor system further operable to disable and enable access to the key in response to unsolicited, over-the-air messages received through the radio block. - View Dependent Claims (34, 35, 36, 37, 38, 39)
-
-
40. A security element for a mobile terminal, the security element encoded with a data structure for providing user authentication services, the data structure comprising:
-
at least one key for securing at least some transactions initiated by a user of the mobile terminal; and
at least one status indicator associated with the at least one key, the status indicator settable by the mobile terminal alternatively to a first state wherein access to the at least one key is enabled and a second state wherein access to the at least one key is disabled. - View Dependent Claims (41)
-
-
42. In a mobile terminal, a method of controlling access to a security key in a security element, the method comprising:
-
receiving an unsolicited, over-the-air request to disable access to the security key in the security element;
updating a status register in the security element to disable access to the security key; and
sending an over-the-air, secured confirmation message indicating success of disabling access to the security key. - View Dependent Claims (43, 44, 45, 48, 49, 50, 51)
-
-
46. A mobile terminal comprising apparatus for controlling access to at least one security key in a security element, the apparatus comprising:
-
means for receiving unsolicited, over-the-air requests to disable access to the at least one security key in the security element and to re-enable access to the at least one security key in the security element;
means for updating a status register in the security element in accordance with requests to disable and re-enable access to the at least one security key; and
means for sending over-the-air, secured confirmation messages indicating success of disabling and re-enabling access to the at least one security key.
-
-
47. A mobile terminal comprising:
-
a radio block;
an interface operable to access a security element encoded with at least one security key; and
a processor system operably connected to the radio block and the security element, the processor system further operable to disable and enable access to the key in response to unsolicited, over-the-air messages received through the radio block.
-
Specification