Method and device for the certification of a transaction

US 20040153419A1
Filed: 12/01/2003
Published: 08/05/2004
Est. Priority Date: 06/01/2001
Status: Abandoned Application

First Claim

Patent Images

1. - A method of certification in mobile telephony between a user of a mobile telephone and a partner in which a message of a transaction between the user and the partner is prepared, the message being signed by means of a signature and authentication algorithm, wherein, to authorize a revocation of the real-time transaction, the transaction message is prevented, in the mobile telephone, from being correctly signed and/or correctly transmitted by neutralizing the method of signature and/or of transmission of the transaction certificate to be validated.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and device for the certification of a transaction A problem of the real-time revocation or neutralization of an X509 type certificate available belatedly in a public database (BD) is resolved by the direct neutralization, in a mobile telephone (1), of a sub-program (26) for the signing and/or transmission of certificates pertaining to transactions to be validated. It is shown that this action leads to neutralization within ten minutes following the signalization, or the neutralization request, whereas 24 to 48 hours are needed with normal administrative channels (AE, PB).

26 Citations

View as Search Results

16 Claims

1. - A method of certification in mobile telephony between a user of a mobile telephone and a partner in which a message of a transaction between the user and the partner is prepared, the message being signed by means of a signature and authentication algorithm, wherein, to authorize a revocation of the real-time transaction, the transaction message is prevented, in the mobile telephone, from being correctly signed and/or correctly transmitted by neutralizing the method of signature and/or of transmission of the transaction certificate to be validated.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. - A method according to one of the claims 1 to 7, wherein in the mobile telephone, the transaction message is prevented from being correctly signed and/or correctly transmitted as soon as (36) a revocation order is received in a database.
  - 9. - A method according to one of the claims 1 to 8, wherein in the mobile telephone, the transaction message is prevented from being correctly signed and/or correctly transmitted through the prompting therein of a modification of the first connection (HLR) to the network of this mobile telephone, or during a relocalization.
  - 10. - A method according to one of the claims 1 to 9, wherein an actor, especially a mobile telephony operator, sends a preventive message to a mobile telephone, rights (37) pertaining to the sending a prevention message by this operator are verified in the mobile telephone, and a prevention algorithm corresponding to the prevention message is executed if the rights allow it.
  - 11. - A method according to one of the claims 1 to 10, wherein the prevention is done in the mobile telephone by the sending of a prevention message transmitted by SMS.
  - 12. - A method according to one of the claims 1 to 11, wherein the mobile telephone is made to transmit a message according to which the transaction is impossible.
  - 13. - A method according to one of the claims 1 to 12, wherein a recording is made in a mobile telephone, through remote transmission by the network, of a certificate, a private key corresponding to this certificate and an administrative authentication key.

2. - A method for the certification of transactions in mobile telephony between a user of a mobile telephone (1) and a partner (6) in which a message of a transaction between the user and the partner is prepared (7), the message of the transaction is signed (8) with a private key (28) of the user, this private key being contained (2) in the mobile telephone of the user, the signed transaction message is transmitted (9) to the partner, the partner must procure (10, BD) the public key (X509) corresponding to the user, the partner must verify (12) the transaction message signed by means of the corresponding public key, wherein, to authorize a revocation of the transaction in real time, the transaction message is prevented (35), in the mobile telephone, from being correctly signed and/or correctly transmitted and, to this end, the use of the private key contained in the mobile telephone is neutralized.
- View Dependent Claims (3, 4, 5, 6, 7)
- - 3. - A method according to claim 2 wherein, in order to neutralize the use, an address of the private key is modified in a SIM card of the mobile telephone.
  - 4. - A method according to one of the claims 2 to 3 wherein, to neutralize the use, the private key is altered in a SIM card of the mobile telephone.
  - 5. - A method according to one of the claims 2 to 4, wherein to neutralize the use, a signature algorithm is modified in a SIM card of the mobile telephone or in a program memory of the mobile telephone.
  - 6. - A method according to one of the claims 2 to 5 wherein, to neutralize the use, an address of at least one instruction of a signature algorithm is modified in a SIM card of the mobile telephone or in a program memory of the mobile telephone.
  - 7. - A method according to one of the claims 2 to 6 wherein, to neutralize the use, the private key is matched with a validity index, and the value of this index is modified.

14. - A device for the certification of a message of a transaction comprising:
- a mobile telephone (1) provided with a secret memory (25), a processing microprocessor (22), and a program memory (24) containing an algorithm (26) for the signing of the message by a private key (28) contained in the secret memory and a sub-program (26) for the transmission of the signed transaction message, wherein the device comprises;
  
  a means (35) to make the signature and/or the transmission incorrect.
- View Dependent Claims (15, 16)
- - 15. - A device according to claim 14, wherein the neutralization means comprises a means for executing a neutralization sub-program.
  - 16. - A device according to claim 15, wherein the neutralization sub-program comprises a verification of action conditioned by an administrative key (37) contained in the secret memory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Societe Francaise De Radiotelephone SA (Altice Europe NV)
Original Assignee
Societe Francaise De Radiotelephone SA (Altice Europe NV)
Inventors
Wary, Jean-Philippe, Arnassand, Daniel

Application Number

US10/479,434
Publication Number

US 20040153419A1
Time in Patent Office

Days
Field of Search
US Class Current

705/71
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/363   with the personal data of a...

G06Q 20/3829   involving key management

G06Q 20/407   Cancellation of a transaction

G07F 7/0866   by active credit-cards adap...

H04L 63/0428   wherein the data content is...

H04L 63/0435   wherein the sending and rec...

H04L 63/0442   wherein the sending and rec...

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 63/123   received data contents, e.g...

H04L 63/126   the source of the received ...

Method and device for the certification of a transaction

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

26 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Method and device for the certification of a transaction

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others