Payment scheme for a mobile communication service

US 6,115,601 A
Filed: 10/15/1997
Issued: 09/05/2000
Est. Priority Date: 10/23/1996
Status: Expired due to Fees

First Claim

Patent Images

1. A method of paying for a communication service in a mobile communication system comprising at least one mobile communication appliance comprising a secure module for securely storing data;

wherein the mobile communication system comprises a credit reload server; and

in that the method comprises the steps of;

in the secure module;

generating a reload request message and authenticating at least part of the reload request message;

the reload request message comprising an identification of the secure module and a module transaction number; and

in the mobile communication appliance;

transmitting the authenticated reload request message to the reload server;

in the reload server;

receiving and confirming the authentication of the authenticated reload request message;

upon a positive confirmation;

verifying whether the module transaction number of the received reload request message matches a server transaction number for the identified secure module; and

upon a positive verification;

determining a new server transaction number for the identified secure module and storing the new server transaction number as the server transaction number for the identified secure module;

generating a reload grant message and authenticating at least part of the reload grant message;

the reload grant message comprising an indication of a granted number of communication credits and the server transaction number; and

transmitting the secured reload grant message to the mobile communication appliance;

in the mobile communication appliance;

receiving the authenticated reload grant message; and

in the secure module;

confirming the authentication of the authenticated reload grant message; and

upon a positive confirmation;

determining a new module transaction number from the module transaction number;

verifying whether the new module transaction number matches the server transaction number; and

upon a positive verification, updating a balance of communication credits stored in the secure module according to the granted number of communication credits and storing the new module transaction number as the module transaction number;

the method further comprising registering an attempt to fraud upon receiving one of a reload request message having a module transaction number outside a predetermined range of the server transaction number and upon receiving a reload grant message having a server transaction number outside another predetermined range of the module transaction number.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a mobile communication system, communication credits are stored in a secure module 30 of a mobile communication appliance 10. Credits are reloaded over-the-air (OTA) from a reload server 20. For requesting a reload, the secure module 30 generates an authenticated reload request message 50, which is transmitted to the reload server 20. In response to receiving the reload request message 50, the reload server 20 informs the secure module 30 of how many credits have been granted in the form of an authenticated reload grant message 60. Successive messages are made to differ by using different transaction numbers. A received authenticated message is only accepted if a transaction number in the message matches a local transaction number.

291 Citations

20 Claims

1. A method of paying for a communication service in a mobile communication system comprising at least one mobile communication appliance comprising a secure module for securely storing data;
- wherein the mobile communication system comprises a credit reload server; and
  
  in that the method comprises the steps of;
  
  in the secure module;
  
  generating a reload request message and authenticating at least part of the reload request message;
  
  the reload request message comprising an identification of the secure module and a module transaction number; and
  
  in the mobile communication appliance;
  
  transmitting the authenticated reload request message to the reload server;
  
  in the reload server;
  
  receiving and confirming the authentication of the authenticated reload request message;
  
  upon a positive confirmation;
  
  verifying whether the module transaction number of the received reload request message matches a server transaction number for the identified secure module; and
  
  upon a positive verification;
  
  determining a new server transaction number for the identified secure module and storing the new server transaction number as the server transaction number for the identified secure module;
  
  generating a reload grant message and authenticating at least part of the reload grant message;
  
  the reload grant message comprising an indication of a granted number of communication credits and the server transaction number; and
  
  transmitting the secured reload grant message to the mobile communication appliance;
  
  in the mobile communication appliance;
  
  receiving the authenticated reload grant message; and
  
  in the secure module;
  
  confirming the authentication of the authenticated reload grant message; and
  
  upon a positive confirmation;
  
  determining a new module transaction number from the module transaction number;
  
  verifying whether the new module transaction number matches the server transaction number; and
  
  upon a positive verification, updating a balance of communication credits stored in the secure module according to the granted number of communication credits and storing the new module transaction number as the module transaction number;
  
  the method further comprising registering an attempt to fraud upon receiving one of a reload request message having a module transaction number outside a predetermined range of the server transaction number and upon receiving a reload grant message having a server transaction number outside another predetermined range of the module transaction number.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method as claimed in claim 1, wherein the method comprises:
    - determining an initial number of communication credits to be debited;
      
      determining an account and a financial authority for debiting for the identified secure module;
      
      requesting the financial authority to debit the account in accordance with the initial number of communication credits; and
      
      upon a positive response from the financial authority, incorporating the initial number of communication credits in the reload grant message as the granted number of communication credits.
  - 3. A method as claimed in claim 1, wherein the method comprises the steps of the reload server transmitting an acknowledgement message to the mobile communication appliance, after successfully verifying that the module transaction number of the received reload request message matches a server transaction number for the identified secure module.
  - 4. A method as claimed in claim 3, wherein the method comprises the step of the mobile communication appliance informing a user that reloading communication credits is in progress, in response to receiving the acknowledgement message.
  - 5. A method as claimed in claim 3, wherein the method comprises the steps of:
    - the reload server authenticating at least part of the acknowledgement message; and
      
      the secure module, in response to receiving the authenticated acknowledgement message, verifying the authentication of the authenticated acknowledgement message and, upon a positive verification, enabling communicating up to a predetermined negative balance of communication credits.
  - 6. A method as claimed in claim 1, wherein the method comprises the step of the secure module, in response to a trigger from the mobile communication appliance to reload a specified number of communication credits:
    - checking whether the specified number of communication credits falls within a predetermined communication credit range stored in the secure module; and
      
      upon a positive outcome of the checking, incorporating the specified number in the reload request message.
  - 7. A method as claimed in claim 6, wherein the method comprises the step of the mobile communication appliance reading the communication credit range and communication credit balance from the secure module and presenting the communication credit range and communication credit balance to a user.
  - 8. A method as claimed in claim 7, wherein the method comprises the step of the mobile communication appliance receiving input from a user requesting a reload of a specified number of communication credits;
    - checking whether the specified number of communication credits falls within the communication credit range read from the secure module; and
      
      issuing to the secure module the trigger to reload if the outcome of the checking is positive.
  - 9. A method as claimed in claim 2, wherein the reload request message comprises an indication of the communication credit balance and wherein determining the initial number of communication credits to be debited comprises calculating a minimum of a predetermined upper limit of communication credits and a summation of the balance of communication credits and the requested number of communication credits;
    - and using the minimum as the initial number.

10. A mobile communication system comprising at least one mobile communication appliance comprising a secure module for securely storing data;
- wherein the mobile communication system comprises a credit reload server;
  
  the secure module comprises means for generating a reload request message and for authenticating at least part of the reload request message;
  
  the reload request message comprising an identification of the secure module and a module transaction number;
  
  the mobile communication appliance comprises transmission means for transmitting the authenticated reload request message to the reload server;
  
  the reload server comprises;
  
  reception means for receiving the authenticated reload request message;
  
  confirmation means for confirming the authentication of the authenticated reload request message;
  
  means for, upon a positive confirmation, verifying whether the module transaction number of the received reload request message matches a server transaction number for the identified secure module, and upon positive verification;
  
  determining a new server transaction number for the identified secure module and storing the new server transaction number as the server transaction number for the identified secure module;
  
  generating a reload grant message and authenticating at least part of the reload grant message;
  
  the reload grant message comprising an indication of a granted number of communication credits and the server transaction number; and
  
  transmission means for transmitting the authenticated reload grant message to the mobile communication appliance;
  
  the mobile communication appliance further comprises reception means for receiving the authenticated reload grant message; and
  
  the secure module further comprises;
  
  means for confirming the authentication of the authenticated reload grant message;
  
  means for, upon a positive confirmation, determining a new module transaction number from the module transaction number, verifying whether the new module transaction number matches the server transaction number, and, upon positive verification, updating a balance of communication credits stored in the secure module according to the granted number of communication credits and storing the new module transaction number as the module transaction number;
  
  wherein one of said reload server and said mobile communication appliance comprises means for registering an attempt to fraud upon receiving one of a reload request message having a module transaction number outside a predetermined range of the server transaction number and upon receiving a reload grant message having a server transaction number outside another predetermined range of the module transaction number.
- View Dependent Claims (11, 12, 13, 14, 20)
- - 11. A communication system as claimed in claim 10, wherein the reload server comprises means for:
    - determining an initial number of communication credits to be debited;
      
      determining an account and a financial authority for debiting for the identified secure module;
      
      requesting the financial authority to debit the account in accordance with the initial number of communication credits; and
      
      upon a positive response from the financial authority, incorporating the initial number of communication credits in the reload grant message as the granted number of communication credits.
  - 12. A communication system as claimed in claim 10, wherein the reload server comprises means for causing the transmission means to transmit an acknowledgement message to the mobile communication appliance, after successfully verifying that the module transaction number of the received reload request message matches a server transaction number for the identified secure module.
  - 13. A communication system as claimed in claim 10, wherein the secure module comprises means for, in response to a trigger from the mobile communication appliance to reload a specified number of communication credits, checking whether the specified number of communication credits falls within a predetermined communication credit range stored in the secure module;
    - and upon a positive outcome of the checking incorporating the specified number in the reload request message.
  - 14. A communication system as claimed in claim 11, wherein the reload request message comprises an indication of the communication credit balance and wherein determining the initial number of communication credits to be debited comprises calculating a minimum of a predetermined upper limit of communication credits and a summation of the balance of communication credits and the requested number of communication credits;
    - and using the minimum as the initial number.
  - 20. A secure module for use in mobile communication appliance as claimed in claim 13.

15. A mobile communication appliance comprising a secure module for securely storing data, whereinthe secure module comprises means for generating a reload request message and for authenticating at least part of the reload request message;
- the reload request message comprising an identification of the secure module and a module transaction number;
  
  the mobile communication appliance comprises transmission means for transmitting the authenticated reload request message to a reload server; and
  
  reception means for receiving an authenticated reload grant message from the reload server;
  
  the reload grant message comprising an indication of a granted number of communication credits and a server transaction number and at least part of the reload grant message being authenticated; and
  
  the secure module further comprises;
  
  means for confirming the authentication of the authenticated reload grant message;
  
  means for, upon a positive confirmation, determining a new module transaction number from the module transaction number, verifying whether the new module transaction number matches the server transaction number, and, upon positive verification, updating a balance of communication credits stored in the secure module according to the granted number of communication credits and storing the new module transaction number as the module transaction number;
  
  wherein one of said reload server and said mobile communication appliance comprises means for registering an attempt to fraud upon receiving one of a reload request message having a module transaction number outside a predetermined range of the server transaction number and upon receiving a reload grant message having a server transaction number outside another predetermined range of the module transaction number.
- View Dependent Claims (16, 17, 18, 19)
- - 16. A mobile communication appliance as claimed in claim 15, wherein the mobile communication appliance comprises user interface means;
    - and means for informing a user that reloading communication credits is in progress, in response to receiving the acknowledgement message.
  - 17. A mobile communication appliance as claimed in claim 15, wherein the secure module comprises means for, in response to a trigger from the mobile communication appliance to reload a specified number of communication credits, checking whether the specified number of communication credits falls within a predetermined communication credit range stored in the secure module;
    - and upon a positive outcome of the checking incorporating the specified number in the reload request message.
  - 18. A mobile communication appliance as claimed in claim 17, wherein the mobile communication appliance comprises user interface means, and means for reading the communication credit range and communication credit balance from the secure module and using the user interface means to present the communication credit range and communication credit balance to a user.
  - 19. A mobile communication appliance as claimed in claim 18, wherein the mobile communication appliance comprises means for using the user interface means to receive input from a user requesting a reload of a specified number of communication credits;
    - for checking whether the specified number of communication credits falls within the communication credit range read from the secure module; and
      
      for issuing to the secure module the trigger to reload if the outcome of the checking is positive.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
US Philips Corporation (Koninklijke Philips N.V.)
Original Assignee
US Philips Corporation (Koninklijke Philips N.V.)
Inventors
Ferreira, Ronald
Primary Examiner(s)
Bost, Dwayne D.
Assistant Examiner(s)
Trinh, Sonny

Application Number

US08/950,571
Time in Patent Office

1,056 Days
Field of Search

455/405, 455/406, 455/407, 455/408, 455/550, 455/558, 455/410, 379/357, 379/93.22, 379/114, 380/23, 380/24, 380/25, 235/379, 235/380
US Class Current

455/406
CPC Class Codes

H04M 15/47   Fraud detection or preventi...

H04M 17/00   Prepayment of wireline comm...

H04M 17/02   Coin-freed or check-freed s...

H04M 17/20   with provision for rechargi...

H04M 17/201   automatic recharging with p...

H04M 2017/22   with automatic recharging o...

H04M 2215/0148   Fraud detection or preventi...

H04M 2215/32   Involving wireless systems

Payment scheme for a mobile communication service

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

291 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Payment scheme for a mobile communication service

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

291 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links