Apparatus, method and system for authentication

US 7,053,771 B2
Filed: 03/26/2003
Issued: 05/30/2006
Est. Priority Date: 03/26/2002
Status: Expired due to Term

First Claim

Patent Images

1. A portable, electronic device comprising a transponder with a memory unit, and means for writing user-specific information into the transponder memory unit, so that the transponder, upon reception of an interrogating signal containing a request code, generates a response signal comprising the user-specific information, the portable, electronic device further comprising calculating means for calculating an authentication code, to be included in the user-specific information, wherein the authentication code is calculated based on a user-specific key stored in the portable, electronic device, and the request code.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to a portable, electronic device such as a mobile phone. The device is provided with a transponder and may be used for authentication purposes. The device includes means for writing user-specific information into a memory unit, included in the transponder. Thus, when an interrogating reading device stimulates the transponder, the transponder emits the user-specific information. This enables authentication of a user rather than of a device. In a preferred embodiment use is made of a user-specific key, by means of which a single-use code is generated, which is used as the emitted user-specific information. The invention also relates to a method and a system, which may work in connection with such a device.

36 Citations

View as Search Results

18 Claims

1. A portable, electronic device comprising a transponder with a memory unit, and means for writing user-specific information into the transponder memory unit, so that the transponder, upon reception of an interrogating signal containing a request code, generates a response signal comprising the user-specific information, the portable, electronic device further comprising calculating means for calculating an authentication code, to be included in the user-specific information, wherein the authentication code is calculated based on a user-specific key stored in the portable, electronic device, and the request code.
- View Dependent Claims (2, 3, 4, 5, 6, 13)
- - 2. A portable, electronic device as claimed in claim 1, comprising a detachable subscriber unit from which the user-specific information is retrieved.
  - 3. A portable, electronic device as claimed in claim 2, wherein the calculating means is located within the detachable subscriber unit.
  - 4. A portable, electronic device as claimed in claim 2, wherein the user-specific information is a user identity number.
  - 5. A portable, electronic device as claimed in claim 1, wherein the device is a mobile telephone.
  - 6. A portable, electronic device as claimed in claim 1, wherein the transponder is intended to be used as an RFID-tag.
  - 13. A, portable, electronic device as claimed in claim 1, wherein the authentication code is calculated based on the user-specific key and the request code by use of an algorithm.

7. A method for use in an interrogating apparatus for authenticating a user, carrying a portable, electronic device having a calculating means and a transponder with a memory unit, the method comprising the following steps:
- transmitting a transponder interrogating signal containing a request code to the transponder of the portable device;
  
  receiving a response signal, comprising user specific information containing an authentication code, from the transponder, said user-specific information being written, by means in the portable, electronic device, into the memory unit of the transponder wherein the authentication code is calculated based on a user-specific key and the request code; and
  
  determining the authenticity of the user based on the user-specific information, including the authentication code.
- View Dependent Claims (8, 9)
- - 8. A method as claimed in claim 7, wherein the calculating of the authentication code based on the user-specific key and the request code uses an algorithm, wherein the response signal comprises the authentication code;
    - wherein the received authentication code is compared with an authentication code calculated in the same way on the apparatus'"'"' side of the air interface; and
      
      wherein the authenticity of the user is determined based on the comparison.
  - 9. A method as claimed in claim 7, wherein the transponder is intended to be used as an RFID-tag.

10. A system for authenticating a user, carrying a portable, electronic device having a calculating means and a transponder with a memory unit, the system comprisingan interrogating apparatus,means in the interrogating apparatus for transmitting a transponder interrogating signal containing a request code to the transponder of the portable device;
- means in the interrogating apparatus for receiving a response signal, comprising user specific information containing an authentication code, from the transponder, said user-specific information being written, by means in the portable, electronic device, into the memory unit of the transponder wherein the authentication code is calculated based on a user-specific key and the request code; and
  
  means in the interrogating apparatus for determining the authenticity of the user based on the user-specific information.
- View Dependent Claims (11, 12)
- - 11. A system as claimed in claim 10, wherein the calculating of the authentication code based on the user-specific key and the request code uses an algorithm;
    - wherein the response signal comprises the authentication code;
      
      where the system comprises means for comparing the received authentication code with an authentication code calculated in the same way on the apparatus'"'"' side of the air interface; and
      
      wherein the system comprises means for determining the authenticity of the user based on the comparison.
  - 12. A system as claimed in claim 10, wherein the transponder is intended to be used as an RFID-tag.

14. A method for use in an interrogating apparatus for authenticating a user, carrying a portable, electronic device having a calculating means and a transponder with a memory unit, the method comprising the following steps:
- transmitting, from the interrogating apparatus, a transponder interrogating signal containing a request code to the transponder of the portable device;
  
  receiving a response signal, comprising user-specific information containing an authentication code, from the transponder to the interrogating apparatus, said user-specific information being written, by means in the portable, electronic device, into the memory unit of the transponder, wherein the authentication code is calculated based on a user-specific key stored in the portable, electronic device and based on the request code,determining the authenticity of the user based on the user-specific information, including the authentication code,further wherein the interrogating apparatus transmits the same request code to a server which in turn generates an authentication code based upon the same user-specific key stored in the portable, electronic device, which authentication code is transmitted back to the interrogating apparatus, andfurther wherein the determining the authenticity of the user based upon the user-specific information, including the authentication code received from the portable, electronic device is performed by comparing the authentication code received from the portable, electronic device with the authentication code received from the server.

15. A method for use in an interrogating apparatus for authenticating a user, carrying a portable, electronic device having a calculating means, and a transponder with a memory unit, the portable, electronic device having a user identity information and a user-specific key stored therein, the method comprising the following steps:
- the interrogating apparatus transmitting a first interrogating signal to the transponder of the portable, electronic device for causing the transponder to transmit to the interrogating apparatus the user identity information,the interrogating apparatus transmitting a request containing the user identity information to a server, wherein the server, based upon the user identity information, generates a request code and an authentication code that are transmitted to the interrogating apparatus,the interrogating apparatus transmitting the request code to the portable, electronic device as a second transponder interrogating signal,the portable, electronic device generating an authentication code based upon the user-specific key and the request code,the portable, electronic device transmitting the authentication code to the interrogating apparatus, anddetermining the authenticity of the user by comparing the authentication code received from the portable, electronic device with the authentication code received from the server.

16. A portable, electronic device comprising a transponder with a memory unit, a calculating means, user identity information and a user-specific key and means for writing user-specific information into the transponder unit, so that the transponder, upon receipt of a first interrogating signal, generates a first response signal containing user-specific information that includes the user identity information, and upon reception of a second interrogating signal containing a request code, generates a second response signal containing user-specific information that includes an authentication code, wherein the authentication code is generated by the calculating means based on the user-specific key and the request code.

17. A system for authenticating a user, carrying a portable, electronic device having a calculating means and a transponder with a memory unit, the system further comprisingan interrogating apparatus and a server,means in the interrogating apparatus for transmitting a transponder interrogating signal containing a request code to the transponder of the portable device,means in the interrogating apparatus for receiving a response signal, comprising user specific information containing an authentication code, from the transponder, said user-specific information being written, by means in the portable, electronic device, into the memory unit of the transponder wherein the authentication code is calculated based on a user-specific key and the request code, andmeans in the interrogating apparatus for determining the authenticity of the user based on the user-specific information,further wherein the interrogating apparatus transmits the same request to the server which in turn generates an authentication code based upon the same user-specific key in the portable, electronic device, which authentication code is transmitted back to the interrogating apparatus, andfurther wherein the determining the authenticity of the user based upon the user-specific information, including the authentication code received from the portable, electronic device is performed by comparing the authentication code received from the portable, electronic device with the authentication code received from the server.

18. A system for authenticating a user, carrying a portable, electronic device having a calculating means and a transponder with a memory unit, the portable, electronic device having a user identity information and a user-specific key stored therein, the system further comprisingan interrogating apparatus and a server,the interrogating apparatus having means for transmitting a first interrogating signal to the transponder of the portable, electronic device for causing the transponder to transmit to the interrogating apparatus the user identity information,the interrogating apparatus having means for transmitting a request containing the user identity information to the server, wherein the server, based upon the user identity information, generates a request code and an authentication code that are transmitted to the interrogating apparatus,the interrogating apparatus having means for transmitting the request code to the portable, electronic device as a second transponder interrogating signal,the portable, electronic device calculating means generating an authentication code based upon the user-specific key and the request code,the portable, electronic device transponder transmitting the authentication code to the interrogating apparatus, andthe interrogating apparatus having means for determining the authenticity of the user by comparing the authentication code received from the portable, electronic device with the authentication code received from the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vivo Mobile Communication Co., Ltd. (Vivo Communication Technology Co. Ltd.)
Original Assignee
Nokia Corporation
Inventors
Hussmann, Holger
Primary Examiner(s)
Mullen, Jr., Thomas J.
Assistant Examiner(s)
Walk, Samuel J.

Application Number

US10/401,112
Publication Number

US 20030218532A1
Time in Patent Office

1,161 Days
Field of Search

34/54, 34/54.1, 34/54.2, 34/58, 34/58.1, 235/380, 235/381, 235/382, 235/382.5, 455/407, 455/411, 455/557, 705/17, 705/18, 705/19, 370/539.11, 340/5.4, 340/5.41, 340/5.42, 340/5.81
US Class Current

340/539.11
CPC Class Codes

B60R 2325/105   Radio frequency identificat...

B60R 2325/205   Mobile phones

B60R 25/24   using electronic identifier...

G06Q 20/204   comprising interface for re...

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

H04W 12/06   Authentication

H04W 12/47   using near field communicat...

H04W 88/02   Terminal devices

Apparatus, method and system for authentication

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus, method and system for authentication

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links