WO2007010081A2 - Method and system for using services in a telecommunication network - Google Patents

Method and system for using services in a telecommunication network Download PDF

Info

Publication number
WO2007010081A2
WO2007010081A2 PCT/FI2006/000249 FI2006000249W WO2007010081A2 WO 2007010081 A2 WO2007010081 A2 WO 2007010081A2 FI 2006000249 W FI2006000249 W FI 2006000249W WO 2007010081 A2 WO2007010081 A2 WO 2007010081A2
Authority
WO
WIPO (PCT)
Prior art keywords
codes
payment
mobile terminal
service
program
Prior art date
Application number
PCT/FI2006/000249
Other languages
French (fr)
Other versions
WO2007010081A3 (en
Inventor
Vesa Juvonen
Original Assignee
Vesa Juvonen
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Vesa Juvonen filed Critical Vesa Juvonen
Publication of WO2007010081A2 publication Critical patent/WO2007010081A2/en
Publication of WO2007010081A3 publication Critical patent/WO2007010081A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/355Personalisation of cards for use
    • G06Q20/3552Downloading or loading of personalisation data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4093Monitoring of device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the invention is concerned with a method and system for using services in a telecommunication network, which comprises a mobile terminal and a service provider, between which there is a secured connection for service created.
  • the invention is especially intended for a service to be used in a payment session.
  • bank security identifiers and use keys with which the bank client has access to his own bank account via an Internet, telephone or other such connection. It is also known that the bank client gets this personal information printed on paper for example by fetching them or delivered home by mail. As the identifiers and keys delivered are numeral information in a known way and partly changing and for one-time use, the client of the bank has to keep the papers with him always when the bank services are needed.
  • the object of this invention has been to develop a solution which enables a more practical and secure method to handle bank services than in prior art.
  • services are used in a telecommunication network, which comprises a mobile terminal and a service provider, between which there is a secured connection for the service created.
  • the service program that performs the service is activated, the service provider sends the codes needed to use the service to the mobile terminal and the mobile terminal saves the codes.
  • the mobile terminal belonging to the system of the invention has a program to use the service for payment sessions.
  • the codes needed to use the service can be received with the program through a secure connection and thereafter saved.
  • the service provider has a program with which the codes needed can be sent to the mobile terminal in order to use the service through said secure connection.
  • a service program working in a mobile terminal for example in a mobile phone, which saves the bank identifiers of the owner of the terminal and the use keys in a secure form, and a bank program, with which the terminal is in contact. New and updated bank identifiers and use keys can be sent to the terminal from the program.
  • the system of the invention thus comprises a service program in the mobile device and a program in the data system of the bank, which communicate with each other via some encrypted protocol known in itself over a wireless radio network in such a way that only these parties understand the content of the information to be transferred. It is also important that the user of the mobile terminal is identified in a trusted and safe way. Both the program at the mobile device and the bank can be implemented to each bank ' s own way to use bank identifiers and use keys.
  • the program of the mobile device can handle the security identifiers of each bank and use keys in the way the bank has defined and present and use the one-time identifiers in the right running order and preferably also show the used identifiers and possibly the following identifiers in some way, for example with a lighter tone.
  • New identifiers can be sent in accordance with different practices, for example by requesting, by given intervals or when the program of the service provider notices that a given amount of codes have been used and new ones probably are needed.
  • the programs identify the user in a secure way and the bank client always has the security codes needed in his mobile device and the use keys in a safe way with a strong encryption known in itself in an encrypted security mode.
  • the user only has to remember one password chosen by himself with which he can access all information wanted at the same time. Even if the mobile device would be lost or stolen, the data can not be accessed in contrary to actual paper or plastic outprints that usually are carried in a wallet or in a corresponding way.
  • the data connection per radio is not bound in the mobile device to a given technique. Instead, the invention can be performed with the best actual technique a by the mobile device in order to form a transfer connection. It can be e.g. GSM data, GSM modem, GPRS, EDGE, 3G or any other technique supported by the mobile device.
  • Figure 1 presents an architectural view of an environment in which the invention can be implemented.
  • Figure 2 is a presents a signal diagram of a preferable embodiment of the invention.
  • FIG. 1 presents an example of a telecommunication network in which the invention can be implemented.
  • the telecommunication network of figure 1 comprises a mobile terminal 1 and a server 3 of a service provider having a connection to internet 2.
  • the mobile terminal can be mobile phone, a laptop, a so called communicator or other wireless device, preferable a portable device.
  • the service provider is for example a bank offering bank services for instance for payment sessions.
  • the secured connection is known in itself, for example a SSL connection.
  • SSL Secure Sockets Layer
  • SSL Secure Sockets Layer
  • S-HTTP Secure HTTP
  • SSL creates a secure connection between the client and the server
  • S-HTTP is designed to transfer individual messages in a secure way.
  • Both protocols are standards accepted by the organ Internet Engineering Task Force (IETF).
  • security protocol it is, however, not essential for the invention which security protocol is used. It can be any desired security or encryption method. For the time being, the primary practical secure connection has meant to be the SSL protocol.
  • the service provider in this case a bank, has a program with which payment sessions can be performed from a given account.
  • a password is needed to access the service.
  • a user ID and a user key are needed and possibly also a confirmation code.
  • the use of these passwords, user IDs and confirmation codes is individual for each bank and in practice they are used a little differently.
  • connection 6 has to be defined along which the service for this user and this account works.
  • PC personal computer
  • Another possible embodiment is such an embodiment, wherein the user himself performs the payment session from the mobile terminal 1 , either via the connection 4 or via another connection between some other mobile terminal and server 3.
  • Figure 2 presents a signal diagram of an advantageous embodiment of the invention.
  • the mobile terminal has a program with which codes necessary to use the service can be received via a secured connection between the mobile terminal and the service provider and thereafter they can be stored in the mobile terminal.
  • the service provider has a program with which codes needed to use the service can be sent with the mobile terminal through said secured connection.
  • the user has received the program in this mobile terminal from a bank or other distribution channel to be stored in the mobile terminal, for example in a mobile station, to which the connection between the mobile terminal and the server has been defined.
  • the user installs this program to his mobile terminal, such as to a mobile station.
  • the user wants to use the service for the first time, the user starts the service in step 1 in figure 1 and the program sends the request in step 2 to the service provider.
  • the bank has given the first identifiers to the user after the installation of the program which he stores in the program of the mobile device. Thereafter, the program can contact the system of the bank (which now is done in step 2) and open the service in a trusted way.
  • step 3 in figure 1 the program of the service provider sends the codes needed to use the service after having identified the user, i.e. the user ID and a key series and possibly also confirmation codes, if such codes are needed.
  • step 4 in figure 1 the program installed in the mobile terminal stores these codes automatically in the memory of the terminal.
  • the screen of the mobile terminal can in step 5 of figure 1 get a message of successful storing of the codes.
  • step 7 When the user wants to use the service for example for performing some payment, he inputs the password needed to open the service program in step 6 of figure 1 which, action opens the service (step 7).
  • the program now searches the user ID needed and other necessary codes (the key and possibly a confirmation code needed to perform the payment session) from the memory (or memory card) of the mobile terminal in step 9. These are sent to the screen of the user in step 10.
  • the user can now input the payment information, the user ID and the confirmation numbers in step 11 in the payment program working on the computer (step 12), which program sends the payment to the bank in step 13 in a previously known way.
  • this service program requests the bank to send new identifiers with requirements of another type.

Abstract

In the method of the invention services are used in a telecommunication network, which comprises a mobile terminal (1) and a service provider (3), between which there is a secured connection for the service created. In the steps of the method, the service program that performs the service is activated, the service provider sends the codes needed to use the service to the mobile terminal (1) and the mobile terminal (1) saves the codes. The mobile terminal belonging to the system of the invention has a program to use the service for payment sessions. The codes needed to use the service can be received with the program through a secure connection and thereafter they can be saved. The service provider (3) has a program with which the codes needed can be sent to the mobile terminal (1) to use the service through said secure connection.

Description

METHOD AND SYSTEM FOR USING SERVICES IN A TELECOMMUNICATION NETWORK
TECHNICAL FIELD
The invention is concerned with a method and system for using services in a telecommunication network, which comprises a mobile terminal and a service provider, between which there is a secured connection for service created. The invention is especially intended for a service to be used in a payment session.
BACKGROUND ART
It is known that banks are using bank security identifiers and use keys, with which the bank client has access to his own bank account via an Internet, telephone or other such connection. It is also known that the bank client gets this personal information printed on paper for example by fetching them or delivered home by mail. As the identifiers and keys delivered are numeral information in a known way and partly changing and for one-time use, the client of the bank has to keep the papers with him always when the bank services are needed.
Furthermore, it is known to preserve different personal information in a mobile terminal, also in a secure form. It is, however, not possible to keep bank identifiers and use keys in a useful form in these programs. It is also difficult to input data to these programs.
The object of this invention has been to develop a solution which enables a more practical and secure method to handle bank services than in prior art. SUMMARY OF THE INVENTION
In the method of the invention, services are used in a telecommunication network, which comprises a mobile terminal and a service provider, between which there is a secured connection for the service created. In the steps of the method, the service program that performs the service is activated, the service provider sends the codes needed to use the service to the mobile terminal and the mobile terminal saves the codes.
The mobile terminal belonging to the system of the invention has a program to use the service for payment sessions. The codes needed to use the service can be received with the program through a secure connection and thereafter saved. The service provider has a program with which the codes needed can be sent to the mobile terminal in order to use the service through said secure connection.
The preferable embodiments have the characteristics of the subclaims.
In this invention it is possible to have a service program working in a mobile terminal, for example in a mobile phone, which saves the bank identifiers of the owner of the terminal and the use keys in a secure form, and a bank program, with which the terminal is in contact. New and updated bank identifiers and use keys can be sent to the terminal from the program.
The system of the invention thus comprises a service program in the mobile device and a program in the data system of the bank, which communicate with each other via some encrypted protocol known in itself over a wireless radio network in such a way that only these parties understand the content of the information to be transferred. It is also important that the user of the mobile terminal is identified in a trusted and safe way. Both the program at the mobile device and the bank can be implemented to each bank's own way to use bank identifiers and use keys. The program of the mobile device can handle the security identifiers of each bank and use keys in the way the bank has defined and present and use the one-time identifiers in the right running order and preferably also show the used identifiers and possibly the following identifiers in some way, for example with a lighter tone. New identifiers can be sent in accordance with different practices, for example by requesting, by given intervals or when the program of the service provider notices that a given amount of codes have been used and new ones probably are needed.
The programs of the mobile device and the bank belonging to the invention have numerous advantages.
The programs identify the user in a secure way and the bank client always has the security codes needed in his mobile device and the use keys in a safe way with a strong encryption known in itself in an encrypted security mode. The user only has to remember one password chosen by himself with which he can access all information wanted at the same time. Even if the mobile device would be lost or stolen, the data can not be accessed in contrary to actual paper or plastic outprints that usually are carried in a wallet or in a corresponding way.
It is also a considerable advantage that the transferring of new security codes and use keys to the mobile device is performed by means of a secured data transfer per radio and that the information thus not necessary need be stored manually in the mobile device. In other words, the bank does not need to send the security codes or use keys in form of paper prints. This is a considerable improvement with respect to data security and cost saving.
It is also an advantage that the data connection per radio is not bound in the mobile device to a given technique. Instead, the invention can be performed with the best actual technique a by the mobile device in order to form a transfer connection. It can be e.g. GSM data, GSM modem, GPRS, EDGE, 3G or any other technique supported by the mobile device.
In the following, the invention is described more in detail by means of a figure to which the invention is not restricted. One skilled in the art understands that the details of the embodiments presented and also the system of the identifier and other input systems can vary in accordance with different bank practices.
FIGURES
Figure 1 presents an architectural view of an environment in which the invention can be implemented.
Figure 2 is a presents a signal diagram of a preferable embodiment of the invention.
DETAILED DESCRIPTION
Figure 1 presents an example of a telecommunication network in which the invention can be implemented. The telecommunication network of figure 1 comprises a mobile terminal 1 and a server 3 of a service provider having a connection to internet 2. The mobile terminal can be mobile phone, a laptop, a so called communicator or other wireless device, preferable a portable device. The service provider is for example a bank offering bank services for instance for payment sessions. There is a secured connection 4 between the service provider 3 and the mobile terminal 1 for the service created. The secured connection is known in itself, for example a SSL connection. One known protocol is SSL (Secure Sockets Layer), which is developed for transferring individual documents over internet. SSL works by using a secret key over the SSL connection in order to encrypt transferred data. Both Netscape Navigator and Internet Explorer (browsers, with which internet pages can be seen) support the SSL protocol and many web sites use this protocol for receiving confidential information, such as credit card information. Usually, the internet addresses that work with an SSL connection begin with the letters https, whereas unprotected ones usually begin with the letters http.
Another protocol to transfer information in a secure way in internet, such as over the World Wide Web network (the most common internet server system), is Secure HTTP (S-HTTP). SSL creates a secure connection between the client and the server, and S-HTTP is designed to transfer individual messages in a secure way. Both protocols are standards accepted by the organ Internet Engineering Task Force (IETF).
It is, however, not essential for the invention which security protocol is used. It can be any desired security or encryption method. For the time being, the primary practical secure connection has meant to be the SSL protocol.
The service provider, in this case a bank, has a program with which payment sessions can be performed from a given account. A password is needed to access the service. In order to perform the payment session itself from the account, a user ID and a user key are needed and possibly also a confirmation code. The use of these passwords, user IDs and confirmation codes is individual for each bank and in practice they are used a little differently.
So that the mobile user could use the payment service offered by the bank, there first has to be an account to which the service is connected and also a user ID defining the user having the right to use the service, with respect to this given account.
Furthermore, a connection has to be defined along which the service for this user and this account works. Primarily, it has been the intention in the invention that the payment traffic itself, in other words the payments, would be performed from a personal computer (PC) marked with reference number 5 in figure 1. Thus, the service for this user and this account works via connection 6 in figure 1.
Another possible embodiment is such an embodiment, wherein the user himself performs the payment session from the mobile terminal 1 , either via the connection 4 or via another connection between some other mobile terminal and server 3.
Figure 2 presents a signal diagram of an advantageous embodiment of the invention.
So that the user could use the service of the invention, the mobile terminal has a program with which codes necessary to use the service can be received via a secured connection between the mobile terminal and the service provider and thereafter they can be stored in the mobile terminal. The service provider has a program with which codes needed to use the service can be sent with the mobile terminal through said secured connection.
The user has received the program in this mobile terminal from a bank or other distribution channel to be stored in the mobile terminal, for example in a mobile station, to which the connection between the mobile terminal and the server has been defined. The user installs this program to his mobile terminal, such as to a mobile station. When the user wants to use the service for the first time, the user starts the service in step 1 in figure 1 and the program sends the request in step 2 to the service provider.
So that the mobile terminal could identify the user in a trusted way in step 2, the bank has given the first identifiers to the user after the installation of the program which he stores in the program of the mobile device. Thereafter, the program can contact the system of the bank (which now is done in step 2) and open the service in a trusted way.
In step 3 in figure 1 , the program of the service provider sends the codes needed to use the service after having identified the user, i.e. the user ID and a key series and possibly also confirmation codes, if such codes are needed.
In step 4 in figure 1 , the program installed in the mobile terminal stores these codes automatically in the memory of the terminal.
If desired, the screen of the mobile terminal can in step 5 of figure 1 get a message of successful storing of the codes.
When the user wants to use the service for example for performing some payment, he inputs the password needed to open the service program in step 6 of figure 1 which, action opens the service (step 7).
The program now searches the user ID needed and other necessary codes (the key and possibly a confirmation code needed to perform the payment session) from the memory (or memory card) of the mobile terminal in step 9. These are sent to the screen of the user in step 10.
The user can now input the payment information, the user ID and the confirmation numbers in step 11 in the payment program working on the computer (step 12), which program sends the payment to the bank in step 13 in a previously known way.
When the codes/keys are almost used, this service program requests the bank to send new identifiers with requirements of another type.

Claims

1. Method of using a service in a telecommunication network, which comprises a mobile terminal (1) and a service provider (3), between which there is a secured connection (4) for a code exchange service created and which have a service program for exchanging codes needed in payment sessions, which service provider (3) also has a program for payment sessions, whereby said codes are used to perform payments, in which method a) the service program performing the code exchange service is started, b) the service provider sends the codes needed for performing the payments to the mobile terminal (1), c) the mobile terminal (1) saves the codes, characterized in that d) the code exchange service is opened for use by means of a password, e) the program installed in the mobile terminal (1) for the code exchange fetches the right codes to use the service from the memory and the codes are presented on the screen of the mobile terminal (1), f) the codes presented by the mobile terminal (1) are used to perform the payment by means of the program of the service provider for payment sessions in such a way that the user performs the payment service by inputting the information needed for the payment session and the codes fetched from the mobile terminal (1).
2. Method of claim ^characterized in that the connection (4) between the mobile terminal (1) and the service provider (3) is secured by means of the SSL protocol.
3. Method of claim 1 and 2, characterized in that the service created is started in step (1) by sending a request from the mobile terminal (1) to the service provider (3) to use the code exchange service.
4. Method of any of claims 1 -3, ch a racte ri zed in that the codes are used in payment communication for which payment communication the client has an account and a user ID connected to the account.
5. Method of any of claims 1 -4, ch a racterized in that the codes used in step b) consists of a user ID and a series of keys and/or confirmation codes, whereby the series of keys/confirmation codes consist of separate keys and/or confirmation codes for each individual payment session.
6. Method of any of claims 1 -5, characterized in that in step c), the mobile terminal (1) stores the codes in the telephone memory or memory card of a mobile station.
7. Method of any of claims 1 -6, c h a ra cte ri ze d in that in addition to the right code to be used for the actual payment session, one or more of the forgoing codes are presented and also one or more of the following codes in turn.
8. Method of claim 7, characterized in that the right code for the actual payment session is distinguished from the foregoing and/or following code(s) by means of tone, size, font or other such things.
9. Method of any of claims 1 -8, ch a ra cte ri zed in that the telecommunication network also comprises a personal computer (5), whereby the user performs the payment session of step f) with the personal computer (5) and fetches the ID and the codes for the payment session from the mobile terminal and performs the payment session by inputting the information needed for the payment and/or the codes fetched by the mobile terminal (1).
10. Method of any of claims 1-8, characterized in that the user performs the payment of step f) with his mobile terminal (1), whereby the payment is performed by fetching the identifier and the codes for the payment from the memory or memory card of the mobile terminal (1) directly to the payment and by inputting other information needed for the payment.
11. System for using services in a telecommunication network, which comprises a mobile terminal (1) and a service provider (3), which service provider (3) has a program for payment sessions, whereby codes are used to perform the payment sessions, whereby the mobile terminal (1) and the service provider (3) has a service program for exchanging the codes needed in the payment sessions and there is a secured connection (4) between the mobile terminal (1) and the service provider (3) for the code exchange service created, whereby the codes needed for the payment can be received through said secured connection with the code exchange program in the mobile terminal (1) and thereafter they can be stored and the code exchange program at the service provider (3) can be used to send the codes needed to the mobile terminal (1) through said secured connection, characterized in that, the code exchange service program in the mobile terminal (1) is opened by means of the password and it presents the right codes needed for the actual payment to use the service from the memory on the screen of the mobile terminal (1).
12. System of claim 11, characterized in that the connection (4) between the mobile terminal (1) and the service provider (3) is secured by means of the SSL protocol.
13. System of claim 11 or 12, characterized in that the codes consist of a user ID and a key series and/or confirmation codes for the payment session, for which payment session the client has an account, and a user ID connected to the account.
14. System of any of claims 11-13, characterized in that one or more of the forgoing codes are presented in addition to the right code for the actual payment session and one or more codes of the following codes being in turn, whereby the right code for the actual payment is distinguished from the foregoing code or codes and/or from the following code or codes by means of reflection density, size, font or other such property.
15. System of any of claims 11 -14, characterized in that there furthermore is a personal computer (5) in said telecommunication network with which the payment is performed.
16. Computer program, c h a r a ct e r i z e d in that it comprises program code means arranged to perform the method, the method steps a) to e) defined in any of claims 1 -10 when performing the program in a computer.
PCT/FI2006/000249 2005-07-21 2006-07-13 Method and system for using services in a telecommunication network WO2007010081A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI20050777A FI20050777L (en) 2005-07-21 2005-07-21 Method and system for using services in a telecommunications network
FI20050777 2005-07-21

Publications (2)

Publication Number Publication Date
WO2007010081A2 true WO2007010081A2 (en) 2007-01-25
WO2007010081A3 WO2007010081A3 (en) 2007-05-03

Family

ID=34803232

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI2006/000249 WO2007010081A2 (en) 2005-07-21 2006-07-13 Method and system for using services in a telecommunication network

Country Status (2)

Country Link
FI (1) FI20050777L (en)
WO (1) WO2007010081A2 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010007983A1 (en) * 1999-12-28 2001-07-12 Lee Jong-Ii Method and system for transaction of electronic money with a mobile communication unit as an electronic wallet
WO2002023303A2 (en) * 2000-09-14 2002-03-21 Giesecke & Devrient Gmbh Method for securing a transaction on a computer network
DE10114237A1 (en) * 2001-03-22 2002-09-26 Cyberos Ges Fuer Sicherheitssy Charging method for goods or services uses comparison of individual identification code with code provided via mobile telephone for authorizing charge deduction from bank account
US20020165830A1 (en) * 2000-04-19 2002-11-07 Magic Axess Process and device for electronic payment
DE10315940A1 (en) * 2003-04-06 2004-11-04 Steffens, Sebastian, Dr. PIN-TAN authentication method for online banking in which generation of transaction numbers occurs in a self-based authorization step within an application via a secure connection between a user and his bank
EP1489535A1 (en) * 2002-03-25 2004-12-22 Fujitsu Limited Cash automatic dealing system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010007983A1 (en) * 1999-12-28 2001-07-12 Lee Jong-Ii Method and system for transaction of electronic money with a mobile communication unit as an electronic wallet
US20020165830A1 (en) * 2000-04-19 2002-11-07 Magic Axess Process and device for electronic payment
WO2002023303A2 (en) * 2000-09-14 2002-03-21 Giesecke & Devrient Gmbh Method for securing a transaction on a computer network
DE10114237A1 (en) * 2001-03-22 2002-09-26 Cyberos Ges Fuer Sicherheitssy Charging method for goods or services uses comparison of individual identification code with code provided via mobile telephone for authorizing charge deduction from bank account
EP1489535A1 (en) * 2002-03-25 2004-12-22 Fujitsu Limited Cash automatic dealing system
DE10315940A1 (en) * 2003-04-06 2004-11-04 Steffens, Sebastian, Dr. PIN-TAN authentication method for online banking in which generation of transaction numbers occurs in a self-based authorization step within an application via a secure connection between a user and his bank

Also Published As

Publication number Publication date
FI20050777L (en) 2007-01-22
FI20050777A0 (en) 2005-07-21
WO2007010081A3 (en) 2007-05-03

Similar Documents

Publication Publication Date Title
US6895234B1 (en) Method and apparatus for accessing a common database from a mobile device and a computing device
US6606663B1 (en) Method and apparatus for caching credentials in proxy servers for wireless user agents
US6421781B1 (en) Method and apparatus for maintaining security in a push server
EP1766847B1 (en) Method for generating and verifying an electronic signature
CN1701295B (en) Method and system for a single-sign-on access to a computer grid
JP4616352B2 (en) User confirmation apparatus, method and program
CN101350717B (en) Method and system for logging on third party server through instant communication software
US7231371B1 (en) Method and system for ordering and delivering digital certificates
CN101448001B (en) System for realizing WAP mobile banking transaction security control and method thereof
KR20010085380A (en) System and method of associating devices to secure commercial transactions performed over the internet
CN101025806A (en) Identity authentication method of fee payment via mobile communication terminal
WO2003007538A1 (en) Operating model for mobile wireless network based transaction authentication and non-repudiation
CN102045715B (en) Method, device and system for realizing mobile signature
CN106845986A (en) The signature method and system of a kind of digital certificate
CA2451313A1 (en) Systems and methods for controlling access to a public data network from a visited access provider
JP2005513955A (en) Electronic signature method
JP2003202978A (en) Secure printing method and system using personal electronic device
JP2002342285A (en) Information-issuing system
KR100848966B1 (en) Method for authenticating and decrypting of short message based on public key
KR20060117881A (en) Electronic signature processing system using mobile telecommunication terminal and the method thereof
EP1437024B1 (en) Method and arrangement in a communications network
WO2007010081A2 (en) Method and system for using services in a telecommunication network
JP2004524780A (en) Cryptographic signatures on small devices
KR200375171Y1 (en) Mobile Communication Devices for Using Unique IP Address as Certification Information
EP1301886A1 (en) Procedure and system for transmission of data

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Country of ref document: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 06764473

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 06764473

Country of ref document: EP

Kind code of ref document: A2