Facilitating and authenticating transactions through the use of a dongle interfacing a security card and a data processing apparatus

US 8,825,928 B2
Filed: 10/09/2003
Issued: 09/02/2014
Est. Priority Date: 10/17/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A device for utilizing a cellular telecommunications network to authenticate transactions with third parties, the device comprising:

a Subscriber Identity Module (SIM) registered in association with an account with the cellular telecommunications network and having a storage unit storing;

predetermined information usable for authenticating a telecommunications terminal to the cellular telecommunications network to conduct communications in the cellular telecommunications network in association with the account with the cellular telecommunications network, the cellular telecommunications network having a security services part maintaining an association between a copy of the predetermined information and the account; and

predetermined security data used in determining whether to allow use of the predetermined information stored by the SIM;

an interface for communicatively coupling to a data processing apparatus that is configured to connect to the cellular telecommunications network via a communication link;

a security data entry component for obtaining security data input from a user independently of the data processing apparatus;

a data store for storing the security data obtained by the security data entry component temporarily; and

an interface driver operatively coupled to the SIM that, upon the security data being obtained by the security data entry component, compares the obtained security data with the predetermined security data for determining whether to allow use of the predetermined information stored by the SIM, andwherein the interface driver, upon the interface being communicatively coupled to the data processing apparatus and a determination to allow use of the predetermined information stored by the SIM based on the security data obtained by the security data entry component, facilitates communication between the SIM and the data processing apparatus via the interface during an authentication process that is performed for authorizing a transaction between the data processing apparatus and a third party,wherein the authentication process is carried out via communications between the data processing apparatus and the cellular communication network over the communications link to, using the association between the copy of the predetermined information and the account with the cellular telecommunications network that is maintained by the security services part of the cellular communications network, confirm the predetermined information stored by the SIM that is usable for authenticating a telecommunications terminal to conduct communications in the cellular telecommunications network in association with the account, andwherein the transaction between the data processing apparatus and a third party is authorized upon confirmation of the predetermined information stored by the SIM that is usable for authenticating a telecommunications terminal to conduct communications in the cellular telecommunications network in association with the account with the cellular telecommunications network in the authentication process.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A device or “dongle” (30) is provided for controlling communications between a Subscriber Identity Module (or SIM) (12), such as of the type used in a GSM cellular telephone system, and a computer, such as a WINDOWS® operating system-based PC (10). The SIM (12) can be authenticated by the telephone network, in the same way as for authenticating SIMs of telephone handset users in the network, and can in this way authenticate the user of the PC (10) or the PC (10) itself. Such authentication can, for example, permit use of the PC (10) for a time-limited session in relation to a particular application which is released to the PC (10) after the authentication is satisfactorily completed. The application may be released to the PC (10) by a third party after and in response to the satisfactory completion of the authentication process. A charge for the session can be debited to the user by the telecommunications network and then passed on to the third party. The dongle (30) provides additional security for the authentication data stored on the SIM by requiring a PIN to be entered and/or by only being responsive to requests received from the PC (10) which are encrypted using a key, which requests are generated by a special PC interface driver (38). The PIN may be stored only temporarily. The dongle (30) has an electrical connector (34), and means may be provided for selectively rendering the connector (34) available for coupling to the PC (10).

50 Citations

View as Search Results

54 Claims

1. A device for utilizing a cellular telecommunications network to authenticate transactions with third parties, the device comprising:
- a Subscriber Identity Module (SIM) registered in association with an account with the cellular telecommunications network and having a storage unit storing;
  
  predetermined information usable for authenticating a telecommunications terminal to the cellular telecommunications network to conduct communications in the cellular telecommunications network in association with the account with the cellular telecommunications network, the cellular telecommunications network having a security services part maintaining an association between a copy of the predetermined information and the account; and
  
  predetermined security data used in determining whether to allow use of the predetermined information stored by the SIM;
  
  an interface for communicatively coupling to a data processing apparatus that is configured to connect to the cellular telecommunications network via a communication link;
  
  a security data entry component for obtaining security data input from a user independently of the data processing apparatus;
  
  a data store for storing the security data obtained by the security data entry component temporarily; and
  
  an interface driver operatively coupled to the SIM that, upon the security data being obtained by the security data entry component, compares the obtained security data with the predetermined security data for determining whether to allow use of the predetermined information stored by the SIM, andwherein the interface driver, upon the interface being communicatively coupled to the data processing apparatus and a determination to allow use of the predetermined information stored by the SIM based on the security data obtained by the security data entry component, facilitates communication between the SIM and the data processing apparatus via the interface during an authentication process that is performed for authorizing a transaction between the data processing apparatus and a third party,wherein the authentication process is carried out via communications between the data processing apparatus and the cellular communication network over the communications link to, using the association between the copy of the predetermined information and the account with the cellular telecommunications network that is maintained by the security services part of the cellular communications network, confirm the predetermined information stored by the SIM that is usable for authenticating a telecommunications terminal to conduct communications in the cellular telecommunications network in association with the account, andwherein the transaction between the data processing apparatus and a third party is authorized upon confirmation of the predetermined information stored by the SIM that is usable for authenticating a telecommunications terminal to conduct communications in the cellular telecommunications network in association with the account with the cellular telecommunications network in the authentication process.
- View Dependent Claims (2, 3, 4, 5, 6, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 2. The device of claim 1, wherein the security data obtained by the security data entry component is stored temporarily by means of a transient power source.
  - 3. The device of claim 2, wherein the transient power source comprises piezo electric means.
  - 4. The device of claim 3, wherein the piezo electric means comprises one or more piezo electric cells.
  - 5. The device of claim 2, wherein the transient power source is charged via the security data entry component.
  - 6. The device of claim 2, wherein the transient power source comprises a rechargeable battery.
  - 15. The device of claim 1, wherein the device controls access to the predetermined information.
  - 16. The device of claim 1, wherein the security data entry component comprises alphanumeric data entry means.
  - 17. The device of claim 1, wherein the security data entry component comprises a keypad.
  - 18. The device of claim 1, wherein the security data comprise a Personal Identification Number (PIN), and wherein the interface driver compares the PIN obtained by the security data component with a PIN stored as the predetermined security data by the SIM and only allows use of the predetermined information when respective PINs match.
  - 19. The device of claim 1, comprising a display for displaying security information.
  - 20. The device of claim 1, comprising a data processing module for controlling communication with the data processing apparatus via the interface driver.
  - 21. The device of claim 20, wherein the data processing module of the device is configured for communicating with a corresponding data processing module of the data processing apparatus.
  - 22. The device of claim 21, wherein communication between the SIM and the data processing apparatus is performed via the respective data processing modules.
  - 23. The device of claim 20, wherein the data processing module of the device is configured to decrypt encrypted data received from the data processing module of the data processing apparatus.
  - 24. The device of claim 20, wherein the data processing module of the device is configured to encrypt data transmitted to the data processing module of the data processing apparatus.
  - 25. The device of claim 23, wherein the data processing module of the device comprises a key for allowing decryption of data.
  - 26. The device of claim 25, wherein the key comprises a shared secret key for each of the respective data processing modules.
  - 27. The device of claim 1, in which the transaction is a transaction involving use of data processing functions of the data processing apparatus.
  - 28. The device of claim 1, in which the SIM is specific to that device.
  - 29. The device of claim 1, in which the authentication process involves sending of a message and generation of a response dependent on the message and the predetermined information.
  - 30. The device of claim 1, wherein the cellular telecommunications network is configured to levy a charge for the transaction when authorised.
  - 31. The device of claim 1, wherein the security data entry component comprises a rotary knob.
  - 32. The device of claim 1 in combination with the data processing apparatus.
  - 33. The device of claim 1 in combination with the cellular telecommunications network.
  - 34. The device of claim 1, wherein the SIM communicates wirelessly with the data processing apparatus during the authentication process.

7. A device for utilizing a cellular telecommunications network to authenticate transactions with third parties, the device comprising:
- a Subscriber Identity Module (SIM) registered in association with an account with the cellular telecommunications network and having a storage unit storing;
  
  predetermined information usable for authenticating a telecommunications terminal to the cellular telecommunications network to conduct communications in the cellular telecommunications network in association with the account with the Cellular telecommunications network, the cellular telecommunications network having a security services part maintaining a copy of the predetermined information in association with the account; and
  
  predetermined security data used in determining whether to allow use of the predetermined information stored by the SIM;
  
  an interface for communicatively coupling to a data processing apparatus that is configured to connect to the cellular telecommunications network via a communication link;
  
  a security data entry component for obtaining security data input from a user independently of the data processing apparatus;
  
  a data store for storing the security data obtained by the security data entry component temporarily;
  
  a protective member configurable to physically render the interface available or unavailable for coupling to the data processing apparatus; and
  
  an interface driver operatively coupled to the SIM that, upon the security data being obtained by the security data entry component, compares the obtained security data with the predetermined security data for determining whether to allow use of the predetermined information stored by the SIM, andwherein the interface driver, upon the interface being communicatively coupled to the data processing apparatus and a determination to allow use of the predetermined information stored by the SIM based on the security data obtained by the security data entry component, facilitates communication between the SIM and the data processing apparatus via the interface during an authentication process that is performed for authorizing a transaction between the data processing apparatus and a third party,wherein the authentication process is carried out via communications between the data processing apparatus and the cellular communication network over the communications link to, using the association between the copy of the predetermined information and the account with the cellular telecommunications network that is maintained by the security services part of the cellular communications network, confirm the predetermined information stored by the SIM that is usable for authenticating a telecommunications terminal to conduct communications in the cellular telecommunications network in association with the account, andwherein the transaction between the data processing apparatus and a third party is authorized upon confirmation of the predetermined information stored by the SIM that is usable for authenticating a telecommunications terminal to conduct communications in the cellular telecommunications network in association with the account with the cellular telecommunications network in the authentication process.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54)
- - 8. The device of claim 7, further comprising a housing with which the SIM and the interface are integrated, and wherein the protective member is configurable to selectively render the interface available externally of the housing.
  - 9. The device of claim 8, wherein the protective member comprises a removable cap.
  - 10. The device of claim 8, wherein the protective member comprises a closure member coupled to and moveable with respect to the housing for selectively opening and closing an aperture in the housing.
  - 11. The device of claim 10, further comprising a connector for connecting the closure member and the interface, and wherein, as the closure member is moved to open the aperture, the connector actuates the interface to emerge from the aperture.
  - 12. The device of claim 7, further comprising a housing with which the SIM and the interface are integrated and a knob mounted on the housing for rotation with respect thereto, and wherein the knob is rotatable to actuate linear movement of the interface such that rotation of said knob in a first direction causes the interface to emerge from an aperture in the housing and rotation of said knob in a second direction causes the interface to be retracted through said aperture.
  - 13. The device of claim 8, wherein the housing includes two parts moveable with respect to one another between a first arrangement in which the interface is contained within the housing and a second arrangement in which the interface is exposed for connection to the data processing apparatus.
  - 14. The device of claim 13, wherein the two parts are pivotally coupled together.
  - 35. The device of claim 7, wherein the device controls access to the predetermined information.
  - 36. The device of claim 7, wherein the security data entry component comprises an alphanumeric data entry interface.
  - 37. The device of claim 7, wherein the security data entry component comprises a keypad.
  - 38. The device of claim 7, wherein the security data comprise a Personal Identification Number (PIN), and wherein the interface driver compares the PIN obtained by the security data means with a PIN stored as the predetermined security data by the SIM and only allows use of the predetermined information when respective PINs match.
  - 39. The device of claim 7, comprising a display for displaying security information.
  - 40. The device of claim 7, comprising a data processing module for controlling communication with the data processing apparatus via the interface driver.
  - 41. The device of claim 40, wherein the data processing module of the device is configured for communicating with a corresponding data processing module of the data processing apparatus.
  - 42. The device of claim 40, wherein communication between the SIM and the data processing apparatus is performed via the respective data processing modules.
  - 43. The device of claim 40, wherein the data processing module of the device is configured to decrypt encrypted data received from the data processing module of the data processing apparatus.
  - 44. The device of claim 40, wherein the data processing module of the device is configured to encrypt data transmitted to the data processing module of the data processing apparatus.
  - 45. The device of claim 44, wherein the data processing module of the device comprises a key for allowing decryption of data.
  - 46. The device of claim 45, wherein the key comprises a shared secret key for each of the respective data processing modules.
  - 47. The device of claim 7, in which the transaction is a transaction involving use of the data processing functions of the data processing apparatus.
  - 48. The device of claim 7, in which the SIM is specific to that device.
  - 49. The device of claim 7, in which the authentication process involves sending of a message and generation of a response dependent on the message and the predetermined information.
  - 50. The device of claim 7, wherein the cellular telecommunications network is configured to levy a charge for the transaction when authorised.
  - 51. The device claim 7, wherein the security data entry component comprises a rotary knob.
  - 52. The device of claim 7 in combination with the data processing apparatus.
  - 53. The device of claim 7 in combination with the cellular telecommunications network.
  - 54. The device of claim 7, wherein the SIM communicates wirelessly with the data processing apparatus during the authentication process.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vodafone Group PLC
Original Assignee
Vodafone Group PLC
Inventors
Jeal, David, Mudie, George Stronach
Primary Examiner(s)
Abad, Farley
Assistant Examiner(s)
YU, HENRY W

Application Number

US10/531,431
Publication Number

US 20070226805A1
Time in Patent Office

3,981 Days
Field of Search

710/62, 710/5, 710/8, 710/10, 713/159, 713/200, 713155-156, 713171-172, 320/101, 320/128, 726/34, 726/9, 340/5.2, 340/5.65, 379/433.09, 380/43, 380/247, 455/411, 455/419, 455/406, 705/26, 705/44
US Class Current

710/62
CPC Class Codes

G06F 21/12   Protecting executable software

G06F 21/335   for accessing specific reso...

G06F 21/34   involving the use of extern...

G06F 21/35   communicating wirelessly

G06K 7/10237   the reader and the record c...

G06Q 20/1235   with control of digital rig...

G06Q 20/305   using wired telephone networks

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3552   Downloading or loading of p...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

G06Q 20/40975   using encryption therefor

G07F 7/0886   the card reader being porta...

G07F 7/1008   Active credit-cards provide...

H04L 2463/102   applying security measure f...

H04L 63/0428   wherein the data content is...

H04L 63/0853   using an additional device,...

H04L 9/3234   involving additional secure...

Facilitating and authenticating transactions through the use of a dongle interfacing a security card and a data processing apparatus

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

50 Citations

54 Claims

Specification

Solutions

Use Cases

Quick Links

Facilitating and authenticating transactions through the use of a dongle interfacing a security card and a data processing apparatus

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

50 Citations

54 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links