Phone with secure element and critical data

US 20060224887A1
Filed: 04/01/2005
Published: 10/05/2006
Est. Priority Date: 04/01/2005
Status: Active Grant

First Claim

Patent Images

1. A method for accessing sensitive or confidential information remotely over a wireless communication network, comprising:

providing first level authentication information for initiating wireless communication with a remote source, the wireless communication enabling an information request requiring second level authentication information;

providing at least second level authentication information, via a wireless medium, for requesting sensitive or confidential information;

wherein at least one of the first level and second level authentication information includes unique machine-readable identification information for ensuring association with a required context when accessing the sensitive or confidential information.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A wireless communication device is implemented with a smart card module to secure the transmission of sensitive or confidential information. The user of the device must request permission to activate an application on the smart card module from a remote source. After this first level of security is satisfied, the application on the smart card module enables the user to scan data via a machine-readable medium in order to make a data request to the remote source. If a second level authorization is met in regard to the data request, the remote source will transmit the requested sensitive or confidential information to the user to view and/or update.

60 Citations

View as Search Results

31 Claims

1. A method for accessing sensitive or confidential information remotely over a wireless communication network, comprising:
- providing first level authentication information for initiating wireless communication with a remote source, the wireless communication enabling an information request requiring second level authentication information;
  
  providing at least second level authentication information, via a wireless medium, for requesting sensitive or confidential information;
  
  wherein at least one of the first level and second level authentication information includes unique machine-readable identification information for ensuring association with a required context when accessing the sensitive or confidential information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the sensitive or confidential information is requested from a wireless communication device including at least a processor, a memory, a long-range communications interface, a short-range communications interface, a user interface, a short-range input device interface and a secured smart card module.
  - 3. The method of claim 1, wherein the sensitive or confidential information is requested by a wireless communication device capable of long-range communications including at least one of Global System for Mobile Communications (GSM), General Packet Radio Service (GPRS), Universal Mobile Telecommunications System (UMTS), Multimedia Messaging Service (MMS) or Short Messaging Service (SMS).
  - 4. The method of claim 1, wherein the sensitive or confidential information is requested by a wireless communication device capable of short-range communications including at least one of a Bluetooth™
    - Network, a Wireless Local Area Network (WLAN), or an Ultra Wide Band Network (UWB).
  - 5. The method of claim 1, wherein the sensitive or confidential information is requested by a wireless communication device including a short-range input device capable of interpreting machine-readable data;
    - the machine-readable data being read using a communication method including at least one of Radio Frequency Identification (RFID) communication, Bar Code Reader (BCR) communication including processes related to interpreting UPC labels, Optical Character Recognition (OCR) communication or Magnetic Ink Character Recognition (MICR) communication.
  - 6. The method of claim 1, wherein the sensitive or confidential information is requested by a wireless communication device including a secure smart card module;
    - the secure smart card module having at least a processor, a memory, and an interface with which to connect to the wireless communication device.
  - 7. The method of claim 6, wherein a secure application residing in the secure smart card module memory is utilized to request the sensitive or confidential information, and upon activation, the secure application provides a user interface for requesting sensitive or confidential information via the wireless communication device.
  - 8. The method of claim 1, wherein the first level authentication information includes at least identification information and a password associated with a user requesting the sensitive or confidential data.
  - 9. The method of claim 1, wherein in response to the first level authentication, the remote source authorizes the information request by issuing a token session ID to the wireless communication device, wherein the token session ID may be limited by at least a set time, a duration, a number of information requests or a geographic location.
  - 10. The method of claim 9, wherein the second level authentication includes at least the token session ID and a requested data ID;
    - and wherein the required context is ensured by obtaining the requested data ID from the unique machine-readable identification information.

11. A wireless communication device for accessing sensitive or confidential information remotely over a wireless communication network, comprising:
- means for providing first level authentication information for initiating wireless communication with a remote source, the wireless communication enabling an information request requiring second level authentication information;
  
  means for providing at least second level authentication information, via a wireless medium, for requesting sensitive or confidential information;
  
  wherein at least one of the first level and second level authentication information includes unique machine-readable identification information for ensuring association with a required context when accessing the sensitive or confidential information.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The apparatus of claim 11, wherein the wireless communication device includes at least a processor, a memory, a long-range communications interface, a short-range communications interface, a user interface, a short-range input device interface and a secure smart card module.
  - 13. The apparatus of claim 11, wherein the wireless communication device is enabled for long-range communications including at least one of Global System for Mobile Communications (GSM), General Packet Radio Service (GPRS), Universal Mobile Telecommunications System (UMTS), Multimedia Messaging Service (MMS) or Short Messaging Service (SMS).
  - 14. The apparatus of claim 11, wherein the wireless communication device is enabled for short-range communications including at least one of a Bluetooth™
    - Network, a Wireless Local Area Network (WLAN), or an Ultra Wide Band Network (UWB).
  - 15. The apparatus of claim 11, wherein the wireless communication device includes a short-range input device capable of interpreting machine-readable data;
    - the machine-readable data being interpreted using a communication method including at least one of Radio Frequency Identification (RFID) communication, Bar Code Reader (BCR) communication including processes related to interpreting UPC labels, Optical Character Recognition (OCR) communication or Magnetic Ink Character Recognition (MICR) communication.
  - 16. The apparatus of claim 11, wherein the wireless communication device includes a secure smart card module having at least a processor, a memory, and an interface with which to connect to the wireless communication device.
  - 17. The apparatus of claim 16, wherein a secure application residing in the smart card module memory is utilized to request the sensitive or confidential information, and upon activation, the secure application provides a user interface for requesting sensitive or confidential information via the wireless communication device.
  - 18. The apparatus of claim 11, wherein the first level authentication information includes at least identification information and a password associated with a user requesting the sensitive or confidential data.
  - 19. The apparatus of claim 11, wherein in response to the first level authentication, the remote source authorizes the information request by issuing a token session ID to the wireless communication device, wherein the token session ID may be limited by at least a set time, a duration, a number of information requests or a geographic location.
  - 20. The apparatus of claim 19, wherein the second level authentication includes at least the token session ID and a requested data ID;
    - and wherein the required context is ensured by obtaining the requested data ID from the unique machine-readable identification information.

21. A computer program product comprising a computer usable medium having computer readable program code embodied in said medium for accessing sensitive or confidential information remotely over a wireless communication network, comprising:
- a computer readable program code for providing first level authentication information for initiating wireless communication with a remote source, the wireless communication enabling an information request requiring second level authentication information;
  
  a computer readable program code for providing at least second level authentication information, via a wireless medium, for requesting sensitive or confidential information;
  
  wherein at least one of the first level and second level authentication information includes unique machine-readable identification information for ensuring association with a required context when accessing the sensitive or confidential information.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The computer program product of claim 21, wherein the sensitive or confidential information is requested from a wireless communication device including at least a processor, a memory, a long-range communications interface, a short-range communications interface, a user interface, a short-range input device and a secure smart card module.
  - 23. The computer program product of claim 21, wherein the sensitive or confidential information is requested by a wireless communication device capable of long-range communications including at least one of Global System for Mobile Communications (GSM), General Packet Radio Service (GPRS), Universal Mobile Telecommunications System (UMTS), Multimedia Messaging Service (MMS) or Short Messaging Service (SMS).
  - 24. The computer program product of claim 21, wherein the sensitive or confidential information is requested by a wireless communication device capable of short-range communications including at least one of a Bluetooth™
    - Network, a Wireless Local Area Network (WLAN), or an Ultra Wide Band Network (UWB).
  - 25. The computer program product of claim 21, wherein the sensitive or confidential information is requested by a wireless communication device including a short-range input device capable of interpreting machine-readable data;
    - the machine-readable data being read using a communication method including at least one of Radio Frequency Identification (RFID) communication, Bar Code Reader (BCR) communication including processes related to interpreting UPC labels, Optical Character Recognition (OCR) communication or Magnetic Ink Character Recognition (MICR) communication.
  - 26. The computer program product of claim 21, wherein the sensitive or confidential information is requested by a wireless communication device including a secure smart card module;
    - the smart card module having at least a processor, a memory, and an interface with which to connect to the wireless communication device.
  - 27. The computer program product of claim 26, wherein a secure application residing in the smart card module memory is utilized to request the sensitive or confidential information and upon activation, the secure application provides a user interface for requesting sensitive or confidential information via the wireless communication device.
  - 28. The computer program product of claim 21, wherein the first level authentication information includes at least identification information and a password associated with a user requesting the sensitive or confidential data.
  - 29. The computer program product of claim 21, wherein in response to the first level authentication, the remote source authorizes the information request by issuing a token session ID to the wireless communication device, wherein the token session ID may be limited by at least a set time, a duration, a number of information requests or a geographic location.
  - 30. The computer program product of claim 29, wherein the second level authentication includes at least the token session ID and a requested data ID;
    - and wherein the required context is ensured by obtaining the requested data ID from the unique machine-readable identification information.

31. A system for accessing sensitive or confidential information remotely over a wireless communication network, comprising:
- A wireless communication device including a secured smart card module;
  
  A remote source including at least a server containing sensitive or confidential information;
  
  A machine-readable tag for providing at least first level or second level authentication information;
  
  The wireless communication device providing first level authentication information for initiating wireless communication with the server, the wireless communication triggering a response from the server including a token enabling an information request requiring second level authentication information from the secured smart card module;
  
  The wireless communication device providing at least second level authentication information via a wireless medium, for requesting sensitive or confidential information from the server;
  
  wherein at least one of the first level and second level authentication information includes unique identification information read from the machine-readable tag, for ensuring association with a required context when accessing the sensitive or confidential information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NXP B.V. (NXP Semiconductors NV)
Original Assignee
Nokia Corporation
Inventors
Vesikivi, Petri, Sevanto, Jarkko, Viitaniemi, Pekka K.

Granted Patent

US 7,694,331 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/166
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/40   by quorum, i.e. whereby two...

G06F 21/6245   Protecting personal data, e...

H04L 2463/082   applying multi-factor authe...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04W 12/06   Authentication

H04W 84/18   Self-organising networks, e...

Phone with secure element and critical data

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

60 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Phone with secure element and critical data

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

60 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links