Secure messaging via a mobile communications network

US 7,245,902 B2
Filed: 01/13/2003
Issued: 07/17/2007
Est. Priority Date: 01/16/2002
Status: Expired due to Fees

First Claim

Patent Images

1. An authentication system for transmitting information, said authentication system storing identification information of a plurality of providing users and a plurality of receiving users and being adapted toreceive information from at least one of said providing users;

authenticate said at least one providing user;

transmit a message including said information via a mobile communications network to a receiving user'"'"'s mobile terminal;

extract a public key specific to said receiving user from said stored identification information; and

use said further public key for encryption of said at least part of said message.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile terminal is adapted to receive a message via a mobile communications network; request authentication data from the user of the mobile terminal; and automatically generate an acknowledgement message to the sender of the message including the authentication data.

Citations

65 Claims

1. An authentication system for transmitting information, said authentication system storing identification information of a plurality of providing users and a plurality of receiving users and being adapted toreceive information from at least one of said providing users;
- authenticate said at least one providing user;
  
  transmit a message including said information via a mobile communications network to a receiving user'"'"'s mobile terminal;
  
  extract a public key specific to said receiving user from said stored identification information; and
  
  use said further public key for encryption of said at least part of said message.

2. An authentication system for transmitting information, said authentication system storing identification information of a plurality of providing users and a plurality of receiving users and being adapted toreceive information from at least one of said providing users;
- authenticate said at least one providing user;
  
  transmit a message including said information via a mobile communications network to a receiving user'"'"'s mobile terminal;
  
  receive an acknowledgement message or a response message from said receiving user; and
  
  transmit a confirmation message to said one providing user based upon said acknowledgement or response message;
  
  wherein said confirmation message requires an acknowledgement message from said one providing user and said authentication system further being adapted to send a confirmation message to said receiver user'"'"'s terminal, notifying the terminal to decrypt and display the decrypted part of said message.

3. A method of transmitting a message via a mobile telecommunications network from a sender'"'"'s device to a user'"'"'s terminal,wherein the user is required to acknowledge receipt of said message in a predetermined way and an acknowledgement message is subsequently transmitted to the sender of said message;
- wherein at least a portion of the text message is encrypted by the sender'"'"'s device before transmission and decrypted by the receiving terminal before display;
  
  wherein the text message comprises a first portion including the body of said message and a second portion containing encryption data used for encryption of said body and required for decryption of data included in said body; and
  
  wherein authentication data provided by the receiving user and/or response data to said message are encrypted using said encryption data.

4. A method of transmitting a message via a mobile telecommunications network from a sender'"'"'s device to a user'"'"'s terminal,wherein the user is required to acknowledge receipt of said message in a predetermined way and an acknowledgement message is subsequently transmitted to the sender of said message;
- wherein in said sender'"'"'s device and in said receiving user'"'"'s terminal a transaction reference counter is implemented and wherein each of said transaction reference counters is incremented if a message is successfully received; and
  
  wherein a transaction reference is included in every message transmitter from the receiving user to the sender.
- View Dependent Claims (5)
- - 5. A method according to claim 4, wherein said sender compares the received transaction reference with its transaction reference counter and the sender only responds if the received transaction reference matches the sender'"'"'s transaction reference counter.

6. An authentication system for transmitting information, said authentication system storing identification information of a plurality of providing users and a plurality of receiving users and being adapted toreceive information from at least one of said providing users;
- authenticate said at least one providing user; and
  
  transmit a message including said information via a mobile communications network to a receiving user'"'"'s mobile terminal;
  
  further being adapted toextract a public key specific to said receiving user from said stored identification infonnation and to use said further public key for encryption of said at least part of said message;
  
  provide a communication specific public/private key pair valid only for a single communication between the authentication system and said receiving user,provide a communication specific public/private key pair valid only for a single communication between the authentication system and said receiving user, wherein said communication comprises a message and a response to said message;
  
  encrypt at least part of said message using said communication specific public/private key pair; and
  
  tosend said communication specific public key to said receiving user as part of said message.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 54, 55, 56, 57, 58, 59)
- - 7. An authentication system according to claim 6 further being adapted to authenticate a receiving user as the recipient of said information.
  - 8. An authentication system according to claim 6 wherein a response to said message comprises an acknowledgement message or a response message from said receiving user.
  - 9. An authentication system according to claim 8 further being adapted to transmit a confirmation message to said one providing user based upon said acknowledgement or response message.
  - 10. An authentication system according to claim 9 wherein said confirmation message requires an acknowledgement message from said one confirmation message to said receiver user'"'"'s terminal, notifying the terminal to decrypt and display the decrypted part of said message.
  - 11. An authentication system according to claim 7 wherein said user is required to authenticate himself by providing authentication data.
  - 12. An authentication system according to claim 7 wherein said user'"'"'s terminal automatically generates said acknowledgement message upon supply of said authentication data and/or response data.
  - 13. An authentication system according to claim 7 wherein a central authentication system verifies the user'"'"'s authentication.
  - 14. An authentication system according to claim 7 wherein said message or a portion thereof is only displayed to the receiving user if the receiving user provides a valid authentication.
  - 15. An authentication system according to claim 6 wherein said message is a SMS message according to the GSM standard.
  - 16. An authentication system according to claim 6 wherein in said authentication system and in said receiving user'"'"'s terminal a transaction reference counter is implemented and wherein each of said transaction reference counters is incremented if a message is successfully received.
  - 17. An authentication system according to claim 16 wherein a transaction reference is included in every message transmitter from the receiving user to the authentication system.
  - 18. An authentication system according to claim 17 wherein said sender compares the received transaction reference with its transaction reference counter and the authentication system only responds if the received transaction reference matches the authentication system'"'"'s transaction reference counter.
  - 19. An electronic commerce system incorporating an authentication system according to claim 6.
  - 20. An electronic voting system incorporating an authentication system according to claim 6.
  - 54. An authentication system according to claim 8, further being adapted to decrypt at least part of said response message using said communication specific public/private key pair.
  - 55. An authentication system according to claim 6, wherein said information received from said providing users is encrypted and said authentication system is operable to decrypt said information before forwarding said information on to said user terminal.
  - 56. An authentication system according to claim 55, wherein said information is encrypted using a public/private key pair valid only for a single transaction between said providing user and said authentication system.
  - 57. An authentication system according to claim 56, wherein said public key is transmitted to said providing user'"'"'s terminal before said information is received by said authentication system.
  - 58. An authentication system according to claim 57, wherein said public key is transmitted to said providing user in response to a request received by said authentication system.
  - 59. An authentication system according to claim 57, wherein said public key is transmitted to said user in a prior communication.

21. An authentication system for transmitting information, said authentication system storing identification information of a plurality of providing users and a plurality of receiving users and being adapted toreceive information from at least one of said providing users;
- authenticate said at least one providing user; and
  
  transmit a message including said information via a mobile communications network to a receiving user'"'"'s mobile terminal;
  
  further being adapted toextract a public key specific to said receiving user from said stored identification information and to use said further public key for encryption of said at least part of said message;
  
  provide a communication specific public/private key pair valid only for a single communication between the authentication system and said receiving user;
  
  wherein said communication comprises a message and/or a response to said message;
  
  send said communication specific public key to said receiving user terminal prior to said communication and store said public key in said mobile terminal; and
  
  toencrypt at least part of said message using said communication specific public/private key pair.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 60, 61, 62, 63, 64, 65)
- - 22. An authentication system according to claim 21 further being adapted to authenticate a receiving user as the recipient of said information.
  - 23. An authentication system according to claim 21 wherein a response to said message comprises an acknowledgement message or a response message from said receiving user.
  - 24. An authentication system according to claim 23 further being adapted to transmit a confirmation message to said one providing user based upon said acknowledgement or response message.
  - 25. An authentication system according to claim 24 wherein said confirmation message requires an acknowledgement message from said one providing user and said authentication system further being adapted to send a confirmation message to said receiver user'"'"'s terminal, notifying the terminal to decrypt and display the decrypted part of said message.
  - 26. An authentication system according to claim 22 wherein said user is required to authenticate himself by providing authentication data.
  - 27. An authentication system according to claim 22 wherein said user'"'"'s terminal automatically generates said acknowledgement message upon supply of said authentication data and/or response data.
  - 28. An authentication system according to claim 22 wherein a central authentication system verifies the user'"'"'s authentication.
  - 29. An authentication system according to claim 22 wherein said message or a portion thereof is only displayed to the receiving user if the receiving user provides a valid authentication.
  - 30. An authentication system according to claim 21 wherein said message is a SMS message according to the GSM standard.
  - 31. An authentication system according to claim 21 wherein in said authentication system and in said receiving user'"'"'s terminal a transaction reference counter is implemented and wherein each of said transaction reference counters is incremented if a message is successfully received.
  - 32. An authentication system according to claim 31 wherein a transaction reference is included in every message transmitter from the receiving user to the authentication system.
  - 33. An authentication system according to claim 32 wherein said sender compares the received transaction reference with its transaction reference counter and the authentication system only responds if the received transaction reference matches the authentication system transaction reference counter.
  - 34. An electronic commerce system incorporating an authentication system according to claim 21.
  - 35. An electronic voting system incorporating an authentication system according to claim 21.
  - 60. An authentication system according to claim 23, further being adapted to decrypt at least part of said response message using said communication specific public/private key pair.
  - 61. An authentication system according to claim 21, wherein said information received from said providing users is encrypted and said authentication system is operable to decrypt said information before forwarding said information on to said user terminal.
  - 62. An authentication system according to claim 61, wherein said information is encrypted using a public/private key pair valid only for a single transaction between said providing user and said authentication system.
  - 63. An authentication system according to claim 62, wherein said public key is transmitted to said providing user'"'"'s terminal before said information is received by said authentication system.
  - 64. An authentication system according to claim 63, wherein said public key is transmitted to said providing user in response to a request received by said authentication system.
  - 65. An authentication system according to claim 63, wherein said public key is transmitted to said providing user in a priori communication.

36. A method of transmitting a message via a mobile telecommunications network from a sender'"'"'s device to a user'"'"'s terminal, whereinthe user is required to acknowledge receipt of said message in a predetermined way;
- an acknowledgement message is subsequently transmitted to the sender of said message;
  
  said user is required to authenticate himself by providing authentication data; and
  
  a central authentication system verifies the user'"'"'s authentication; and
  
  whereinat least a portion of the text message is encrypted by the sender'"'"'s device before transmission and decrypted by the receiving terminal before display, the text message comprising a first portion including the body of said message and a second portion containing encryption data used for encryption of said body and required for decryption of data included in said body; and
  
  wherein said authentication data provided by the receiving user and/or response data to said message are encrypted using said encryption data.
- View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53)
- - 37. A method according to claim 36 wherein said user'"'"'s terminal automatically generates said acknowledgement message upon supply of said authentication data and/or response data.
  - 38. A method according to claim 36 wherein said message or a portion thereof is only displayed to the receiving user if the receiving user provides a valid authentication.
  - 39. A method according to claim 36 wherein said second portion is unencrypted.
  - 40. A method according to claim 36 wherein said first portion of said text message is encrypted using a private/public key pair, wherein said public key is valid only for a predetermined number of text messages and wherein said public key is transmitted in said second portion of said text message.
  - 41. A method according to claim 36, wherein said encryption data are valid only for a single communication between the sender and the receiving user, said communication comprising said message and a response to said message.
  - 42. A method according to claim 36 wherein said encryption requires further encryption data stored in the sender'"'"'s device.
  - 43. A method according to claim 36 wherein said decryption requires further encryption data stored in the receiving terminal.
  - 44. A method according to claim 42 wherein said further encryption data is a public key transmitted in a text message, which is transmitted prior to said text message.
  - 45. A method according to claim 36 wherein at least a portion of said message and/or response message to said message is automatically deleted after a predetermined time period from said mobile terminal.
  - 46. A method according to claim 36 wherein authentication data are used for encryption and decryption of said portion of said message.
  - 47. A method according to claim 36 wherein conventional short message protocols and software applications running on the communications devices are used to implement the method.
  - 48. A method according to claim 36 wherein said message is a SMS message according to the GSM standard.
  - 49. A method according to claim 36 wherein in said sender'"'"'s device and in said receiving user'"'"'s terminal a transaction reference counter is implemented and wherein each of said transaction reference counters is incremented if a message is successfully received.
  - 50. A method according to claim 49 wherein a transaction reference is included in every message transmitter from the receiving user to the sender.
  - 51. A method according to claim 50 wherein said sender compares the received transaction reference with its transaction reference counter and the sender only responds if the received transaction reference matches the sender'"'"'s transaction reference counter.
  - 52. An electronic commerce system incorporating a method of transmitting a message via a mobile telecommunications network according to claim 36.
  - 53. An electronic voting system incorporating a method of transmitting a message via a mobile telecommunications network according to claim 36.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Broca Plc (MXC Capital Ltd. (Guernsey))
Original Assignee
2 Ergo Ltd. (Eagle Eye Solutions Group Plc)
Inventors
Hawkes, Michael
Primary Examiner(s)
Kincaid; Lester G.
Assistant Examiner(s)
Au; Gary

Application Number

US10/521,812
Publication Number

US 20060019634A1
Time in Patent Office

1,646 Days
Field of Search

455/411, 455/422.1, 455/410, 455/415, 455/435.1, 713/16, 713/170, 713/200, 709/206, 709/218, 709/219
US Class Current

455/411
CPC Class Codes

G06F 21/305   by remotely controlling dev...

G06F 21/606   by securing the transmissio...

G06F 21/72   in cryptographic circuits

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2103   Challenge-response

G06F 2221/2143   Clearing memory, e.g. to pr...

G06Q 30/06   Buying, selling or leasing ...

H04L 2209/80   Wireless

H04L 51/58   Message adaptation for wire...

H04L 9/3226   using a predetermined code,...

H04W 12/033   of the user plane, e.g. use...

H04W 12/06   Authentication

H04W 12/10   Integrity

Secure messaging via a mobile communications network

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

65 Claims

Specification

Solutions

Use Cases

Quick Links

Secure messaging via a mobile communications network

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

65 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links