Method and device for the certification of a transaction
First Claim
1. - A method of certification in mobile telephony between a user of a mobile telephone and a partner in which a message of a transaction between the user and the partner is prepared, the message being signed by means of a signature and authentication algorithm, wherein, to authorize a revocation of the real-time transaction, the transaction message is prevented, in the mobile telephone, from being correctly signed and/or correctly transmitted by neutralizing the method of signature and/or of transmission of the transaction certificate to be validated.
1 Assignment
0 Petitions
Accused Products
Abstract
Method and device for the certification of a transaction A problem of the real-time revocation or neutralization of an X509 type certificate available belatedly in a public database (BD) is resolved by the direct neutralization, in a mobile telephone (1), of a sub-program (26) for the signing and/or transmission of certificates pertaining to transactions to be validated. It is shown that this action leads to neutralization within ten minutes following the signalization, or the neutralization request, whereas 24 to 48 hours are needed with normal administrative channels (AE, PB).
26 Citations
16 Claims
- 1. - A method of certification in mobile telephony between a user of a mobile telephone and a partner in which a message of a transaction between the user and the partner is prepared, the message being signed by means of a signature and authentication algorithm, wherein, to authorize a revocation of the real-time transaction, the transaction message is prevented, in the mobile telephone, from being correctly signed and/or correctly transmitted by neutralizing the method of signature and/or of transmission of the transaction certificate to be validated.
-
2. - A method for the certification of transactions in mobile telephony between a user of a mobile telephone (1) and a partner (6) in which
a message of a transaction between the user and the partner is prepared (7), the message of the transaction is signed (8) with a private key (28) of the user, this private key being contained (2) in the mobile telephone of the user, the signed transaction message is transmitted (9) to the partner, the partner must procure (10, BD) the public key (X509) corresponding to the user, the partner must verify (12) the transaction message signed by means of the corresponding public key, wherein, to authorize a revocation of the transaction in real time, the transaction message is prevented (35), in the mobile telephone, from being correctly signed and/or correctly transmitted and, to this end, the use of the private key contained in the mobile telephone is neutralized.
-
14. - A device for the certification of a message of a transaction comprising:
-
a mobile telephone (1) provided with a secret memory (25), a processing microprocessor (22), and a program memory (24) containing an algorithm (26) for the signing of the message by a private key (28) contained in the secret memory and a sub-program (26) for the transmission of the signed transaction message, wherein the device comprises;
a means (35) to make the signature and/or the transmission incorrect. - View Dependent Claims (15, 16)
-
Specification