Payment scheme for a mobile communication service
First Claim
1. A method of paying for a communication service in a mobile communication system comprising at least one mobile communication appliance comprising a secure module for securely storing data;
- wherein the mobile communication system comprises a credit reload server; and
in that the method comprises the steps of;
in the secure module;
generating a reload request message and authenticating at least part of the reload request message;
the reload request message comprising an identification of the secure module and a module transaction number; and
in the mobile communication appliance;
transmitting the authenticated reload request message to the reload server;
in the reload server;
receiving and confirming the authentication of the authenticated reload request message;
upon a positive confirmation;
verifying whether the module transaction number of the received reload request message matches a server transaction number for the identified secure module; and
upon a positive verification;
determining a new server transaction number for the identified secure module and storing the new server transaction number as the server transaction number for the identified secure module;
generating a reload grant message and authenticating at least part of the reload grant message;
the reload grant message comprising an indication of a granted number of communication credits and the server transaction number; and
transmitting the secured reload grant message to the mobile communication appliance;
in the mobile communication appliance;
receiving the authenticated reload grant message; and
in the secure module;
confirming the authentication of the authenticated reload grant message; and
upon a positive confirmation;
determining a new module transaction number from the module transaction number;
verifying whether the new module transaction number matches the server transaction number; and
upon a positive verification, updating a balance of communication credits stored in the secure module according to the granted number of communication credits and storing the new module transaction number as the module transaction number;
the method further comprising registering an attempt to fraud upon receiving one of a reload request message having a module transaction number outside a predetermined range of the server transaction number and upon receiving a reload grant message having a server transaction number outside another predetermined range of the module transaction number.
1 Assignment
0 Petitions
Accused Products
Abstract
In a mobile communication system, communication credits are stored in a secure module 30 of a mobile communication appliance 10. Credits are reloaded over-the-air (OTA) from a reload server 20. For requesting a reload, the secure module 30 generates an authenticated reload request message 50, which is transmitted to the reload server 20. In response to receiving the reload request message 50, the reload server 20 informs the secure module 30 of how many credits have been granted in the form of an authenticated reload grant message 60. Successive messages are made to differ by using different transaction numbers. A received authenticated message is only accepted if a transaction number in the message matches a local transaction number.
291 Citations
20 Claims
-
1. A method of paying for a communication service in a mobile communication system comprising at least one mobile communication appliance comprising a secure module for securely storing data;
- wherein the mobile communication system comprises a credit reload server; and
in that the method comprises the steps of;in the secure module;
generating a reload request message and authenticating at least part of the reload request message;
the reload request message comprising an identification of the secure module and a module transaction number; andin the mobile communication appliance;
transmitting the authenticated reload request message to the reload server;in the reload server;
receiving and confirming the authentication of the authenticated reload request message;
upon a positive confirmation;
verifying whether the module transaction number of the received reload request message matches a server transaction number for the identified secure module; and
upon a positive verification;determining a new server transaction number for the identified secure module and storing the new server transaction number as the server transaction number for the identified secure module; generating a reload grant message and authenticating at least part of the reload grant message;
the reload grant message comprising an indication of a granted number of communication credits and the server transaction number; andtransmitting the secured reload grant message to the mobile communication appliance; in the mobile communication appliance;
receiving the authenticated reload grant message; andin the secure module;
confirming the authentication of the authenticated reload grant message; and
upon a positive confirmation;determining a new module transaction number from the module transaction number; verifying whether the new module transaction number matches the server transaction number; and
upon a positive verification, updating a balance of communication credits stored in the secure module according to the granted number of communication credits and storing the new module transaction number as the module transaction number;the method further comprising registering an attempt to fraud upon receiving one of a reload request message having a module transaction number outside a predetermined range of the server transaction number and upon receiving a reload grant message having a server transaction number outside another predetermined range of the module transaction number. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- wherein the mobile communication system comprises a credit reload server; and
-
10. A mobile communication system comprising at least one mobile communication appliance comprising a secure module for securely storing data;
- wherein the mobile communication system comprises a credit reload server;
the secure module comprises means for generating a reload request message and for authenticating at least part of the reload request message;
the reload request message comprising an identification of the secure module and a module transaction number;the mobile communication appliance comprises transmission means for transmitting the authenticated reload request message to the reload server; the reload server comprises; reception means for receiving the authenticated reload request message; confirmation means for confirming the authentication of the authenticated reload request message; means for, upon a positive confirmation, verifying whether the module transaction number of the received reload request message matches a server transaction number for the identified secure module, and upon positive verification; determining a new server transaction number for the identified secure module and storing the new server transaction number as the server transaction number for the identified secure module; generating a reload grant message and authenticating at least part of the reload grant message;
the reload grant message comprising an indication of a granted number of communication credits and the server transaction number; andtransmission means for transmitting the authenticated reload grant message to the mobile communication appliance; the mobile communication appliance further comprises reception means for receiving the authenticated reload grant message; and the secure module further comprises; means for confirming the authentication of the authenticated reload grant message; means for, upon a positive confirmation, determining a new module transaction number from the module transaction number, verifying whether the new module transaction number matches the server transaction number, and, upon positive verification, updating a balance of communication credits stored in the secure module according to the granted number of communication credits and storing the new module transaction number as the module transaction number; wherein one of said reload server and said mobile communication appliance comprises means for registering an attempt to fraud upon receiving one of a reload request message having a module transaction number outside a predetermined range of the server transaction number and upon receiving a reload grant message having a server transaction number outside another predetermined range of the module transaction number. - View Dependent Claims (11, 12, 13, 14, 20)
- wherein the mobile communication system comprises a credit reload server;
-
15. A mobile communication appliance comprising a secure module for securely storing data, wherein
the secure module comprises means for generating a reload request message and for authenticating at least part of the reload request message; - the reload request message comprising an identification of the secure module and a module transaction number;
the mobile communication appliance comprises transmission means for transmitting the authenticated reload request message to a reload server; and
reception means for receiving an authenticated reload grant message from the reload server;
the reload grant message comprising an indication of a granted number of communication credits and a server transaction number and at least part of the reload grant message being authenticated; andthe secure module further comprises; means for confirming the authentication of the authenticated reload grant message; means for, upon a positive confirmation, determining a new module transaction number from the module transaction number, verifying whether the new module transaction number matches the server transaction number, and, upon positive verification, updating a balance of communication credits stored in the secure module according to the granted number of communication credits and storing the new module transaction number as the module transaction number; wherein one of said reload server and said mobile communication appliance comprises means for registering an attempt to fraud upon receiving one of a reload request message having a module transaction number outside a predetermined range of the server transaction number and upon receiving a reload grant message having a server transaction number outside another predetermined range of the module transaction number. - View Dependent Claims (16, 17, 18, 19)
- the reload request message comprising an identification of the secure module and a module transaction number;
Specification