Assignment and distribution of access credentials to mobile communication devices
First Claim
Patent Images
1. A method comprising:
- selecting an access credential from a pool of unassigned access credentials;
assigning the access credential to a specific individual;
transmitting the access credential over a secure and authenticated channel to a mobile communication device that is associated with the specific individual, such that the access credential is receivable by the mobile communication device; and
receiving from the mobile communication device an indication that a secondary device is accessible by the mobile communication device and an indication of the proximity technology or technologies supported by the secondary device, wherein the access credential is intended for use by the secondary device.
4 Assignments
0 Petitions
Accused Products
Abstract
A server storing a pool of unassigned access credentials selects an access credential from the pool, assigns it to an individual, identifies a mobile communication device associated with the individual, and pushes the access credential to the mobile communication device over a secure and authenticated channel such that the access credential is receivable by the mobile communication device. If the mobile communication device supports a proximity technology and is proximate to an access node that supports the proximity technology, the mobile communication device employs the proximity technology to present the access credential to the access node.
80 Citations
22 Claims
-
1. A method comprising:
-
selecting an access credential from a pool of unassigned access credentials; assigning the access credential to a specific individual; transmitting the access credential over a secure and authenticated channel to a mobile communication device that is associated with the specific individual, such that the access credential is receivable by the mobile communication device; and receiving from the mobile communication device an indication that a secondary device is accessible by the mobile communication device and an indication of the proximity technology or technologies supported by the secondary device, wherein the access credential is intended for use by the secondary device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for a mobile communication device that supports a proximity technology, the method comprising:
-
receiving from a server over a secure and authenticated channel an access credential assigned to an individual with which the mobile communication device is associated; when the mobile communication device is proximate to an access node that supports the proximity technology, employing the proximity technology to present the access credential to the access node; and requiring successful user authentication in order to permit employing the proximity technology to present the access credential to the access node, wherein the successful user authentication involves a biometric of an authorized user of the mobile communication device. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A method for a mobile communication device, the method comprising:
-
transmitting to a server an indication that a secondary device is accessible by the mobile communication device and an indication of the proximity technology or technologies supported by the secondary device; receiving from the server over a secure and authenticated channel an access credential assigned to an individual with which the mobile communication device is associated, wherein the access credential is intended for use by the secondary device; and transmitting the access credential in a manner receivable by the secondary device. - View Dependent Claims (17, 18)
-
-
19. A server comprising:
-
a network interface; a processor; and a memory storing code which, when executed by the processor, causes the server; to select an access credential from a pool of unassigned access credentials stored in the memory; to assign the access credential to a specific individual; to transmit, via the network interface, the access credential over a secure and authenticated channel to a mobile communication device that is associated with the specific individual, such that the access credential is receivable by the mobile communication device; and to receive from the mobile communication device, via the network interface, an indication that a secondary device is accessible by the mobile communication device and an indication of the proximity technology or technologies supported by the secondary device, wherein the access credential is intended for use by the secondary device.
-
-
20. A mobile communication device that supports a proximity technology, the mobile communication device comprising:
-
a network interface to receive from a server over a secure and authenticated channel an access credential assigned to an individual with whom the mobile communication device is associated; a processor; and a memory storing code which, when executed by the processor, causes the mobile communication device, when the mobile communication device is proximate to an access node that supports the proximity technology, to employ the proximity technology to present the access credential to the access node, and requires successful user authentication in order to permit employing the proximity technology to present the access credential to the access node, wherein the successful user authentication involves a biometric of an authorized user of the mobile communication device.
-
-
21. A mobile communication device comprising:
-
a network interface to receive from a server over a secure and authenticated channel an access credential assigned to an individual with whom the mobile communication device is associated and to transmit to the server an indication that a secondary device is accessible by the mobile communication device and an indication of the proximity technology or technologies supported by the secondary device, wherein the access credential is intended for use by the secondary device; a processor; and a memory storing code which, when executed by the processor, causes the mobile communication to transmit the access credential in a manner receivable by the secondary device.
-
-
22. A system comprising:
-
a server arranged to store a pool of unassigned access credentials, the server coupled to a network; a mobile communication device that is able to communicate over a secure and authenticated channel with the server via the network; an access system comprising an access node that supports a proximity technology and controls access to a controlled element; and a secondary device that supports the proximity technology and that is accessible by the mobile communication device, wherein the mobile communication device is arranged to transfer the access credential to the secondary device, and wherein the secondary device is arranged to employ the proximity technology to present the access credential to the access node when the secondary device is proximate to the access node.
-
Specification