Verification Methods And Apparatus For Use In Providing Application Services To Mobile Communication Devices

US 20100144314A1
Filed: 12/09/2008
Published: 06/10/2010
Est. Priority Date: 12/09/2008
Status: Active Grant

First Claim

Patent Images

1. A method in a mobile communication device adapted to operate in a wireless communication network with use of a communication service provided by a service provider, the method comprising:

accessing the communication service via the wireless network;

receiving, via the wireless network, a token from a token server of the service provider, the token having a digital signature of the service provider;

sending, via the wireless network, a message to an application server, the message including the token having the digital signature of the service provider; and

receiving access, via the wireless network, to an application service of the application server if token validation of the message at the application server is successful.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile communication device operates in a wireless communication network with use of a communication service provided by a service provider (e.g. a wireless carrier for voice telephony, or data service provider for data synchronization). An application server receives, via the wireless network, a message from the mobile device. The message has a field for inclusion of a token having a digital signature corresponding to the service provider. The application server performs token validation of the message, which includes a verification step for verifying the digital signature of the token with a public key corresponding to the service provider. The application server then grants or denies access to an application service depending on the outcome of the token validation. In one embodiment, the application service is an e-commerce transaction service, wherein a proof-of-work (POW) test (e.g. a Captcha test) otherwise utilized for the service is bypassed or excluded.

101 Citations

View as Search Results

27 Claims

1. A method in a mobile communication device adapted to operate in a wireless communication network with use of a communication service provided by a service provider, the method comprising:
- accessing the communication service via the wireless network;
  
  receiving, via the wireless network, a token from a token server of the service provider, the token having a digital signature of the service provider;
  
  sending, via the wireless network, a message to an application server, the message including the token having the digital signature of the service provider; and
  
  receiving access, via the wireless network, to an application service of the application server if token validation of the message at the application server is successful.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising:
    - failing to receive access, via the wireless network, to the application service if token validation of the message at the application server is unsuccessful.
  - 3. The method of claim 1, wherein receiving access to the application service comprises at least one of:
    - receiving, via the wireless network, data for rendering in a display at the mobile communication device;
      
      receiving, via the wireless network, web data for rendering a web page in a browser application of the mobile communication device;
      
      orreceiving access, via the wireless network, to an e-commerce transaction service of the application server for performing an e-commerce transaction via the application server.
  - 4. The method of claim 1, wherein the application server is adapted to provide a proof-of-work (POW) test for accessing the application service, and wherein the application server is further adapted to bypass the POW test for the mobile communication device if the token validation at the application server is successful.
  - 5. The method of claim 1, wherein the application server is adapted to provide a proof-of-work (POW) test for performing an e-commerce transaction via the application server, and wherein the application server is further adapted to bypass the POW test for the mobile communication device if the token validation at the application server is successful.
  - 6. The method of claim 5, wherein the POW test comprises a Captcha test.
  - 7. The method of claim 1 wherein one or more subsequent messages sent by the mobile device are validated based on a previous token validation of a previous message.
  - 8. The method of claim 1 wherein, for token validation, the application server is adapted to test whether a timestamp of the token is within a predetermined time period of a current time of receipt of the message.
  - 9. The method of claim 1, wherein gaining access to the communication service comprises causing authentication credentials of the mobile communication device to be sent via the wireless network for authentication by the service provider.
  - 10. The method of claim 1, wherein the message comprises a Hypertext Transfer Protocol (HTTP) request message, and wherein the method further comprises:
    - receiving display data in response to the HTTP request message.
  - 11. The method of claim 1, wherein the service provider is a wireless carrier for a voice telephony service for the mobile communication device or a data service provider for a data synchronization service for the mobile communication device.

12. A computer program product comprising:
- a computer readable medium;
  
  computer instructions stored on the computer readable medium; and
  
  the computer instructions being executable by one or more processors of a mobile communication device adapted to operate in a wireless communication network with use of a communication service provided by a service provider, for;
  
  receiving, via the wireless network, a token from a token server of the service provider, the token having a digital signature of the service provider;
  
  sending, via the wireless network, a message to an application server, the message including the token having the digital signature of the service provider; and
  
  receiving access, via the wireless network, to an application service of the application server if token validation of the message at the application server is successful.

13. A mobile communication device, comprising:
- one or more processors;
  
  memory coupled to the one or more processors;
  
  a wireless transceiver coupled to the one or more processors and being operative for communications in a wireless communication network;
  
  the one or more processors being operative to;
  
  access, with use of the wireless transceiver, a communication service of a service provider;
  
  receive, via the wireless transceiver, a token from a token server of the service provider of the communication service, the token having a digital signature of the service provider;
  
  send, via the wireless transceiver, a message to an application server, the message including the token having the digital signature of the service provider; and
  
  receive access, via the wireless transceiver, to an application service of the application server if token validation of the message at the application server is successful.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The mobile communication device of claim 13, wherein the application server is adapted to provide a proof-of-work (POW) test for access to the application service, and further adapted to allow the POW test to be bypassed for the mobile communication device if the token validation at the application server is successful.
  - 15. The mobile communication device of claim 14, wherein the POW test comprises a Captcha test.
  - 16. The mobile communication device of claim 13, wherein gaining access to the communication service comprises causing authentication credentials of the mobile communication device to be sent via the wireless network for authentication by the service provider in the wireless network.
  - 17. The mobile communication device of claim 13, wherein the message comprises a Hypertext Transfer Protocol (HTTP) request message, the one or more processors being further adapted to receive display data in response to the HTTP request message.
  - 18. The mobile communication device of claim 13, wherein the service provider is a data service provider of a data synchronization service for the mobile communication device.

19. A method in an application server for permitting access to an application service for a mobile communication device, the mobile communication device being adapted to operate in a wireless communication network with use of a communication service provided by a service provider, the method comprising:
- receiving, via the wireless network, a message from the mobile communication device, the message having a field for inclusion of a token having a digital signature of the service provider;
  
  performing token validation of the message, which includes a verification step for verifying the digital signature of the token with a public key corresponding to the service provider;
  
  granting the mobile communication device access to an application service of the application server via the wireless network if the token validation is successful; and
  
  denying the mobile communication device access to the application service if the token validation is unsuccessful.
- View Dependent Claims (20, 21, 22, 23, 24, 25)
- - 20. The method of claim 19, wherein granting access to the application service comprises at least one of:
    - sending, via the wireless network, data for rendering in a display at the mobile communication device;
      
      sending, via the wireless network, web data for displaying a web page in a browser application of the mobile communication device;
      
      orgranting the mobile communication device access, via the wireless network, to an e-commerce transaction service for executing an e-commerce transaction via the application server.
  - 21. The method of claim 19, wherein the application server is adapted to provide a proof-of-work (POW) test for accessing the application service, and wherein the method further comprises:
    - bypassing the POW test for the mobile communication device if the token validation is successful.
  - 22. The method of claim 19, wherein the application server is adapted to provide a proof-of-work (POW) test for performing an e-commerce transaction via the application server, and wherein the method further comprises:
    - bypassing the POW test for the mobile communication device if the token validation is successful.
  - 23. The method of claim 21, wherein the POW test comprises a Captcha test.
  - 24. The method of claim of 19, wherein performing the token validation of the message includes testing whether a timestamp of the token is within a predetermined time period of a current time of receipt of the message.
  - 25. The method of claim 19, wherein the service provider is a wireless carrier for a voice telephony service for the mobile communication device or a data service provider for a data synchronization service for the mobile communication device.

26. A computer program product comprising:
- a computer readable medium;
  
  computer instructions stored on the computer readable medium;
  
  the computer instructions being executable by one or more processors of a application server for permitting access to an application service for a mobile communication device adapted to operate in a wireless communication network with use of a communication service provided by a service provider, for;
  
  receiving, via the wireless network, a message from the mobile communication device, the message having a field for inclusion of a token having a digital signature of the service provider;
  
  performing token validation of the message, which includes a verification step for verifying the digital signature of the token with a public key corresponding to the service provider;
  
  granting the mobile communication device access to an application service of the application server via the wireless network if the token validation is successful; and
  
  denying the mobile communication device access to the application service if the token validation is unsuccessful.

27. An application server adapted to provide an application service for a mobile communication device which operates in a wireless communication network using a communication service provided by a service provider, the application server being operative to receive, via the wireless network, a message from the mobile communication device, the message having a field for inclusion of a token having a digital signature corresponding to the service provider;
- perform token validation of the message, which includes a verification step for verifying the digital signature of the token with a public key corresponding to the service provider;
  
  grant the mobile communication device access, via the wireless network, to an application service of the application server if the token validation is successful; and
  
  deny the mobile communication device access to the application service if the token validation is unsuccessful.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Franco, Will D., Sherkin, Alexander

Granted Patent

US 8,386,773 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

G06F 21/33 using certificates

G06Q 20/3226 Use of secure elements sepa...

Verification Methods And Apparatus For Use In Providing Application Services To Mobile Communication Devices

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

101 Citations

27 Claims

Specification

Use Cases

Quick Links

Others

Verification Methods And Apparatus For Use In Providing Application Services To Mobile Communication Devices

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

101 Citations

27 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others