Method of preventing fraudulent use of a security module

US 9,173,105 B2
Filed: 11/06/2012
Issued: 10/27/2015
Est. Priority Date: 11/08/2011
Status: Active Grant

First Claim

Patent Images

1. A method of preventing fraudulent use of a security module in a device, the method being automatically performed by the security module, the method comprising:

retrieving a device identifier of the device from the device;

checking whether negative allowance information is stored in the security module for the retrieved device identifier;

checking whether positive allowance information is stored in the security module for the retrieved device identifier;

when neither negative allowance information nor positive allowance information are stored in the security module for the retrieved device identifier, transmitting a security module identifier of the security module and said retrieved device identifier to a server, wherein said server contains information on what security module identity is allowed to operate with what device identity;

receiving a response from said server regarding whether the security module is allowed to operate with the identified device; and

storing negative allowance information in the security module for the retrieved device identifier, if the security module is not allowed to operate with the identified device according to the server response.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method includes preventing fraudulent use of a security module in a device, and the security module is designed to perform the following steps of: retrieving a device identifier of the device from the device; checking whether negative allowance information is stored in the security module for the retrieved device identifier and transmit a security module identifier of the security module and the retrieved device identifier to a server; and receiving a response from the server regarding whether the security module is allowed to operate with the identified device and store negative allowance information in the security module for the retrieved device identifier, if the security module is not allowed to operate with the identified device according to the server response. A security module may execute the method, and a system may include the device and the server.

Citations

11 Claims

1. A method of preventing fraudulent use of a security module in a device, the method being automatically performed by the security module, the method comprising:
- retrieving a device identifier of the device from the device;
  
  checking whether negative allowance information is stored in the security module for the retrieved device identifier;
  
  checking whether positive allowance information is stored in the security module for the retrieved device identifier;
  
  when neither negative allowance information nor positive allowance information are stored in the security module for the retrieved device identifier, transmitting a security module identifier of the security module and said retrieved device identifier to a server, wherein said server contains information on what security module identity is allowed to operate with what device identity;
  
  receiving a response from said server regarding whether the security module is allowed to operate with the identified device; and
  
  storing negative allowance information in the security module for the retrieved device identifier, if the security module is not allowed to operate with the identified device according to the server response.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. Method according to claim 1, wherein the security module deletes the stored negative allowance information when a predetermined criteria is reached.
  - 3. Method according to claim 2, wherein the predetermined criteria is reached when a reset counter reaches a given value.
  - 4. Method according to claim 2, wherein the predetermined criteria is a time criteria.
  - 5. Method according to claim 2, wherein the security module deletes the negative allowance information when it has been used once in the step of checking.
  - 6. Method according to claim 1, wherein the security module disables at least one of its functions when it stores negative allowance information for the retrieved device identifier.
  - 7. Method according to claim 1, wherein, in case said identifiers are allowed together, said device identifier is stored as allowed in a memory of the security module.
  - 8. Method according to claim 6, wherein the security module enables the at least one of its functions when it stores positive allowance information for the retrieved device identifier.
  - 9. Method according to claim 1, wherein the number of said device identifiers stored as or stored with positive and/or negative allowance information stored in the memory of said security module may be two or more.
  - 10. Method according to claim 1, wherein the device identifier is an IMEI (International Mobile Equipment Identifier) and/or the security module identifier is an ICCID (Integrated Circuit Card ID) and/or the IMSI (International Mobile Subscriber Identity).
  - 11. A system comprising a security module according to claim 10 arranged in a device and the server, which contains the information on what security module identity is allowed to operate with what device identity.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Giesecke + Devrient Mobile Security GmBH (Giesecke & Devrient GmbH)
Original Assignee
Giesecke & Devrient GmbH
Inventors
Bosved, Jan, Hult, Jorgen
Primary Examiner(s)
TRAN, CONGVAN

Application Number

US14/356,966
Publication Number

US 20140308926A1
Time in Patent Office

1,085 Days
Field of Search

455/410, 455/411, 455/414.1, 455/558
US Class Current

1/1
CPC Class Codes

H04L 63/0853   using an additional device,...

H04L 63/101   Access control lists [ACL]

H04W 12/08   Access security

H04W 12/12   Detection or prevention of ...

H04W 12/126   Anti-theft arrangements, e....

H04W 12/48   using secure binding, e.g. ...

Method of preventing fraudulent use of a security module

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Method of preventing fraudulent use of a security module

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links