USER AUTHENTICATION IN A TAG-BASED SERVICE

US 20110258443A1
Filed: 07/23/2010
Published: 10/20/2011
Est. Priority Date: 04/19/2010
Status: Abandoned Application

First Claim

Patent Images

1. A method for accessing a personalized tag-based service using a mobile communication device, the service being provided by an application server, the method comprising:

capturing the tag using a reader unit of the mobile communication device and passing information included in the tag to an application;

generating a service request based on the information with the application, and adding to the service request a security feature, the security feature being generated using information uniquely assigned to a user of the mobile communication device;

transmitting the service request from the mobile communication device to a certification unit; and

verifying with the certification unit the security feature included in the service request and confirming the authenticity of the service request to the application server in response to a successful verification of the security feature.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

There is provided an exemplary method for accessing a personalized tag-based service using a mobile communication device. The service may be provided by an application server. The exemplary method comprises capturing the tag using a reader unit of the mobile communication device and passing information included in the tag to an application. The exemplary method also comprises generating a service request based on the information with the application, and adding to the service request a security feature, the security feature being generated using information uniquely assigned to a user of the mobile communication device. The service request may be transmitted from the mobile communication device to a certification unit. The exemplary method additionally comprises verifying with the certification unit the security feature included in the service request and confirming the authenticity of the service request to the application server in response to a successful verification of the security feature.

103 Citations

View as Search Results

15 Claims

1. A method for accessing a personalized tag-based service using a mobile communication device, the service being provided by an application server, the method comprising:
- capturing the tag using a reader unit of the mobile communication device and passing information included in the tag to an application;
  
  generating a service request based on the information with the application, and adding to the service request a security feature, the security feature being generated using information uniquely assigned to a user of the mobile communication device;
  
  transmitting the service request from the mobile communication device to a certification unit; and
  
  verifying with the certification unit the security feature included in the service request and confirming the authenticity of the service request to the application server in response to a successful verification of the security feature.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method recited in claim 1, wherein the certification unit receives the service request from the mobile communication device and forwards the service request to the application server in response to a successful verification of the security feature.
  - 3. The method recited in claim 1, wherein the certification unit is configured as a certification server, the certification server being spatially separated from the application server and being trusted by the application server.
  - 4. The method recited in claim 1, wherein the application requests the user of the mobile communication device to enter a credential into the mobile communication device and generates the service request and/or the security feature only after having successfully verified the credential entered by the user.
  - 5. The method recited in claim 1, wherein the information is passed to the application for generating the service request in response to a determination that the information relates to a personalized tag-bases service.
  - 6. The method recited in claim 1, wherein the mobile communication device comprises a terminal and an identification module card inserted into the terminal, the application being executed in the identification module card.
  - 7. The method recited in claim 1, wherein the information included in the tag is determined using a further application, the further application being executed in the terminal for processing information read using the reader unit.
  - 8. The method recited in claim 7, wherein the further application is launched by the application after the application has been started by the user of the mobile communication device.
  - 9. The method recited in claim 1, wherein the service request is transmitted to the certification unit in encrypted form, the encryption being made by the application using an encryption key allocated to the certification unit.
  - 10. The method recited in claim 1, wherein communication details for transmitting the service request to the certification unit, which include an address of the certification unit and/or the key allocated to the certification unit, are pre-installed in the mobile communication device and/or in the identification module card.
  - 11. The method recited in claim 1, wherein the security feature includes a digital signature, the digital signature being generated using a cryptographic key allocated to the user of the mobile communication device.
  - 12. The method recited in claim 1, wherein the tag includes a barcode, particularly a QR code, comprising the information.
  - 13. The method recited in claim 1, wherein the mobile communication device is connected to a mobile communication network and the service request is sent via the mobile communication network.

14. A system for accessing a personalized tag-based service that is provided by an application server, the system comprising:
- a mobile communication device that includes a reader unit for capturing the tag and a component adapted to pass information included in the tag to an application, the application being adapted to generate a service request based on the information and to add to the service request a security feature, the security feature being generated using information uniquely assigned to a user of the mobile communication device, the mobile communication device being adapted to send the service request; and
  
  a certification unit adapted to receive the service request, to verify the security feature included in the service request and to confirm the authenticity of the service request to the application server in response to a successful verification of the security feature.
- View Dependent Claims (15)
- - 15. The system recited in claim 14, wherein the mobile communication device comprises a terminal and an identification module card inserted into the mobile terminal, the application being executable in the identification module card.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vodafone Holding GmbH (Vodafone Group PLC)
Original Assignee
Vodafone Holding GmbH (Vodafone Group PLC)
Inventors
Barry, Aguibou Mountaga

Application Number

US12/842,425
Publication Number

US 20110258443A1
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/31   User authentication

G06F 21/6218   to a system of files or obj...

G06Q 30/06   Buying, selling or leasing ...

G06Q 40/02   Banking, e.g. interest calc...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/3247   involving digital signatures

USER AUTHENTICATION IN A TAG-BASED SERVICE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

103 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

USER AUTHENTICATION IN A TAG-BASED SERVICE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

103 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others