EP1155582A1 - Tamper-proof communication terminal - Google Patents

Tamper-proof communication terminal

Info

Publication number
EP1155582A1
EP1155582A1 EP00904835A EP00904835A EP1155582A1 EP 1155582 A1 EP1155582 A1 EP 1155582A1 EP 00904835 A EP00904835 A EP 00904835A EP 00904835 A EP00904835 A EP 00904835A EP 1155582 A1 EP1155582 A1 EP 1155582A1
Authority
EP
European Patent Office
Prior art keywords
communication terminal
user
authentication
ready
fee
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP00904835A
Other languages
German (de)
French (fr)
Inventor
Klaus-Peter Karmann
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens AG
Original Assignee
Siemens AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG filed Critical Siemens AG
Publication of EP1155582A1 publication Critical patent/EP1155582A1/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Definitions

  • the present invention solves this problem by specifying a communication terminal with features according to claim 1.
  • This communication terminal has a device which, when the terminal is ready to receive, requires authentication before the user initiates a fee-based usage process.
  • the easiest way to implement an authentication query is to use a suitable extension to the software of conventional mobile phones. Of course, it is not limited to mobile phones. There is an ever-increasing variety of different types of mobile or non-mobile communication terminals, where there is a risk that they will be used by unauthorized persons for a fee on account of the authorized user when they are ready to receive.
  • the invention can be in
  • the software can be expanded in such a way that a software routine is provided which, when the terminal is ready to receive, requires authentication before the user initiates a fee-based usage process.
  • chargeable usage processes are the establishment of a chargeable connection, calling up a chargeable value-added service, etc.
  • authentication can be carried out by entering a string of characters and / or numbers. It can also be done in the same way as entering the PIN, which must be done before the network search for the mobile phone according to the GSM standard.
  • a fingerprint sensor is particularly suitable for the acquisition of authentication information, especially if this sensor is attached to a position on the surface of the housing at which a finger can be easily and continuously placed on the sensor when the user is in the usual hand position, so that a sequence of several Authentications in In the event of a sequence of several usage processes subject to a charge, the user can not actively participate.
  • the device for querying the authentication can be implemented not only by means of software expansion but also by means of a suitable hardware expansion or by a combination of both measures.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

The invention relates to a tamper-proof communication terminal which in the ready-to-receive state is protected against being tampered with by unauthorized persons, for example if the terminal is lost or temporarily unattended. To this end, the ready-to-receive terminal requires the user to authenticate himself before a process that is subject to fees can be initiated. Said authentication can be provided very conveniently, for example by means of a fingerprint sensor.

Description

Beschreibungdescription
MISSBRAUCHSGESICHERTES KOMMUNIKATIONSENDGERÄTMISUSE-PROOF COMMUNICATION TERMINAL
Heutige Mobiltelefone sind im empfangsbereiten Zustand nicht gegen Mißbrauch geschützt, weil z.B. nach dem GSM-Standard die sogenannte PIN eingegeben werden muß, damit das Endgerät eine Verbindung mit dem Mobilfunknetz aufnehmen kann. Nach Eingabe der PIN, die zur Authentifikation des berechtigten Benutzers dient, ist das Mobiltelefon zwar Empfangsbereit aber für jeden, der es in Besitz nimmt, ungehindert und unbegrenzt benutzbar und daher nicht gegen Mißbrauch geschützt.Today's mobile phones are not protected against misuse when ready to receive, because e.g. According to the GSM standard, the so-called PIN must be entered so that the terminal can establish a connection with the mobile network. After entering the PIN, which is used to authenticate the authorized user, the mobile phone is ready to receive but can be used by anyone who takes it in, unhindered and unlimited and therefore not protected against misuse.
Sollte der berechtigte Benutzer das Gerät im empfangsbereiten Zustand unbeaufsichtigt lassen, es verlieren oder sollte es gestohlen werden, könnte ein Finder oder Dieb damit großen finanziellen Schaden anrichten, denn er könnte ungehindert auf Kosten des Inhabers der im gerät befindlichen SIM-Karte mit dem Gerät telefonieren, solange dieses nicht abgeschaltet wird. Mit einem handelsüblichen Ladegerät ist dieser Zeitraum praktisch unbegrenzt.If the authorized user leaves the device unattended when it is ready to receive it, loses it or if it is stolen, a finder or thief could cause great financial damage because he could call the device unhindered at the expense of the holder of the SIM card in the device as long as it is not switched off. With a standard charger, this period is practically unlimited.
Erst wenn der Besitzer der SIM-Karte den Verlust bemerkt, was gerade bei gelegentlichen Benutzern unter unglücklichen Umständen Tage oder gar Wochen Dauern kann, hat er die Möglichkeit, die SIM-Karte sperren zu lassen. Bis dahin kann ein immenser finanzieller Schaden entstanden sein.Only when the owner of the SIM card notices the loss, which can take days or even weeks, especially for occasional users under unfortunate circumstances, can he have the SIM card blocked. Until then, immense financial damage can have occurred.
Dieses Problem löst die vorliegende Erfindung durch Angabe eines Kommunikationsendgerätes mit Merkmalen nach Anspruch 1. Dieses Kommunikationsendgerät verfügt über eine Einrichtung, die im empfangsbereiten Zustand des Endgerätes vor einer Einleitung eines kostenpflichtigen Nutzungsvorgangs vom Benutzer eine Authentifikation verlangt. Vorteilhafte Weiterbildugen der Erfindung sind Gegenstand untergeordneter Ansprüche.The present invention solves this problem by specifying a communication terminal with features according to claim 1. This communication terminal has a device which, when the terminal is ready to receive, requires authentication before the user initiates a fee-based usage process. Advantageous further developments of the invention are the subject of subordinate claims.
Im folgenden wird die Erfindung anhand bevorzugter Ausführungsbeispiele näher beschrieben.The invention is described in more detail below on the basis of preferred exemplary embodiments.
Die Einrichtung zur Abfrage einer Authentifikation läßt sich am einfachsten durch eine geeignete Erweiterung der Software herkömmlicher Mobiltelefone realisieren. Sie ist natürlich nicht auf Mobiltelefone beschränkt. Es gibt eine ständig wachsende Vielfalt unterschiedlicher Arten von mobilen oder nicht mobilen Kommunikationsendgeräten, bei denen die Gefahr besteht, daß diese im empfangsbereiten Zustand durch Unberechtigte kostenpflichtig auf Rechnung des berechtigten Benutzers benutzt werden. Die Erfindung läßt sich imThe easiest way to implement an authentication query is to use a suitable extension to the software of conventional mobile phones. Of course, it is not limited to mobile phones. There is an ever-increasing variety of different types of mobile or non-mobile communication terminals, where there is a risk that they will be used by unauthorized persons for a fee on account of the authorized user when they are ready to receive. The invention can be in
Zusammenhang mit allen derartigen Endgeräten verwenden.Use in conjunction with all such devices.
Die Softwareerweiterung kann in der Weise erfolgen, daß eine Software-Routine vorgesehen wird, die im empfangsbereiten Zustand des Endgerätes vor einer Einleitung eines kostenpflichtigen Nutzungsvorgangs vom Benutzer eine Authentifikation verlangt. Beipiele für kostenpflichtige Nutzungsvorgänge sind der Aufbau einer gebührenpflichtigen Verbindung, das Aufrufen eines kostenpflichtigen Mehrwertdienstes, etc. Die Authentifikation kann im einfachsten Fall durch Eingabe einer Zeichen- und/oder Ziffernfolge erfolgen. Sie kann auch in der gleichen Weise erfolgen wie die Eingabe der PIN, die vor der Netzsuche beim Mobiltelefon nach dem GSM-Standard erfolgen muß.The software can be expanded in such a way that a software routine is provided which, when the terminal is ready to receive, requires authentication before the user initiates a fee-based usage process. Examples of chargeable usage processes are the establishment of a chargeable connection, calling up a chargeable value-added service, etc. In the simplest case, authentication can be carried out by entering a string of characters and / or numbers. It can also be done in the same way as entering the PIN, which must be done before the network search for the mobile phone according to the GSM standard.
Ein Fingerabdrucksensor ist für die Erfassung einer Authentifikationsinformation besonders geeignet, zumal, wenn dieser Sensor an einer Position auf der Gehäuseoberfläche angebracht ist, an der bei üblicher Handhaltung des Benutzers ein Finger leicht auch andauernd auf den Sensor gelegt werden kann, so daß auch eine Folge mehrfacher Authentifikationen im Falle einer Folge mehrerer kostenpflichtiger Nutzungsvorgange ohne aktive Mitwirkung des Benutzers erfolgen kann.A fingerprint sensor is particularly suitable for the acquisition of authentication information, especially if this sensor is attached to a position on the surface of the housing at which a finger can be easily and continuously placed on the sensor when the user is in the usual hand position, so that a sequence of several Authentications in In the event of a sequence of several usage processes subject to a charge, the user can not actively participate.
Bei einigen Arten der kostenpflichtigen Nutzung eines Endgerätes fallen mit der Zeit laufend weitere Gebühren an. In diesen Fällen ist es besonders vorteilhaft, die Einrichtung so auszugestalten, daß sie im zeitlichen Verlauf eines kostenpflichtigen Nutzungsvorgangs wiederholt eine Authentifikation verlangt. Eine entsprechende Software- Routine muß dazu beispielsweise in festen zeitlichen Abständen oder stichprobenartig eine Authentifikation verlangen. Diese Ausführungsform der Erfindung kann für den Benutzer besonders komfortabel ausgestaltet werden, wenn sie mit dem Fingerabdrucksensor kombiniert wird.For some types of paid use of a device, additional fees will accrue over time. In these cases, it is particularly advantageous to design the device so that it repeatedly requests authentication over the course of a fee-based usage process. A corresponding software routine must, for example, require authentication at fixed time intervals or at random. This embodiment of the invention can be made particularly comfortable for the user if it is combined with the fingerprint sensor.
Dem Fachmann ist anhand der vorliegenden Beschreibung klar, daß die Einrichtung zur Abfrage der Authentifikation nicht nur durch eine Software-Erweiterung sondern auch durch eine geeignete Hardware-Erweiterung oder durch eine Kombination aus beiden Maßnahmen verwirklicht werden kann. It is clear to the person skilled in the art from the present description that the device for querying the authentication can be implemented not only by means of software expansion but also by means of a suitable hardware expansion or by a combination of both measures.

Claims

Patentansprüche claims
1. Kommunikationsendgerät mit einer Einrichtung, die im empfangsbereiten Zustand des Endgerätes vor einer Einleitung eines kostenpflichtigen Nutzungsvorgangs vom Benutzer eine Authentifikation verlangt.1. Communication terminal with a device that requires authentication from the user in the ready-to-receive state of the terminal before initiating a chargeable usage process.
2. Kommunikationsendgerät nach Anspruch 1, bei dem die Authentifikation des Benutzers vor Einleitung eines kostenpflichtigen Nutzungsvorgangs mit Hilfe eines Fingerabdrucksensors erfolgt.2. Communication terminal according to claim 1, in which the authentication of the user takes place before the initiation of a fee-based usage process with the aid of a fingerprint sensor.
3. Kommunikationsendgerät nach Anspruch 1, bei dem der Fingerabdrucksensor an einer Position auf der Gehäuseoberfläche angebracht ist, an der bei üblicher Handhaltung des Benutzers ein Finger leicht auch andauernd auf den Sensor gelegt werden kann, so daß auch eine Folge mehrfacher Authentifikationen im Falle einer Folge mehrerer kostenpflichtiger Nutzungsvorgänge ohne aktive Mitwirkung des Benutzers erfolgen kann.3. Communication terminal according to claim 1, wherein the fingerprint sensor is attached to a position on the housing surface at which a finger can be easily and continuously placed on the sensor in the usual hand position of the user, so that a sequence of multiple authentications in the event of a consequence several usage processes subject to a charge can take place without the active participation of the user.
4. Kommunikationsendgerät nach einem der vorhergehenden Ansprüche mit einer Einrichtung, die im zeitlichen Verlauf eines kostenpflichtigen Nutzungsvorgangs wiederholt eine Authentifikation verlangt. 4. Communication terminal according to one of the preceding claims with a device that repeatedly requests authentication over the course of a fee-based usage process.
EP00904835A 1999-01-14 2000-01-05 Tamper-proof communication terminal Withdrawn EP1155582A1 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE19901155 1999-01-14
DE19901155 1999-01-14
PCT/DE2000/000042 WO2000042796A1 (en) 1999-01-14 2000-01-05 Tamper-proof communication terminal

Publications (1)

Publication Number Publication Date
EP1155582A1 true EP1155582A1 (en) 2001-11-21

Family

ID=7894225

Family Applications (1)

Application Number Title Priority Date Filing Date
EP00904835A Withdrawn EP1155582A1 (en) 1999-01-14 2000-01-05 Tamper-proof communication terminal

Country Status (3)

Country Link
EP (1) EP1155582A1 (en)
CN (1) CN1337132A (en)
WO (1) WO2000042796A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7418255B2 (en) * 2002-02-21 2008-08-26 Bloomberg Finance L.P. Computer terminals biometrically enabled for network functions and voice communication
KR100544460B1 (en) 2003-11-21 2006-01-24 삼성전자주식회사 Method and Apparatus for volume control using volume key in remote controller in ?? device

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2709221B1 (en) * 1993-08-16 1995-09-15 Alcatel Mobile Comm France Mobile station of a radiocommunication system.
WO1998011750A2 (en) * 1996-09-11 1998-03-19 Yang Li Method of using fingerprints to authenticate wireless communications

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO0042796A1 *

Also Published As

Publication number Publication date
WO2000042796A1 (en) 2000-07-20
CN1337132A (en) 2002-02-20

Similar Documents

Publication Publication Date Title
DE602005000552T2 (en) Wireless access control for telematics and voice services
DE60121135T2 (en) SERVICE ACTIVATION BY MEANS OF A VIRTUAL ADVANCE PAYMENT CARD
WO2003013170A2 (en) Mobile station and method for accessing a service in the stand-by mode
EP1756966B1 (en) Telecommunication system
WO2009049693A1 (en) Locking system, particularly bluetooth car key
DE69730959T2 (en) MOBILE WIRELESS EQUIPMENT WITH CONTROLLED USE
EP1155582A1 (en) Tamper-proof communication terminal
EP0852092B1 (en) Process for ensuring a securing interface between a telephone with a card and the network in a telephone system
EP0957624B1 (en) Method for taking over call charges in individual calls, telephone network and terminal
WO1999045690A1 (en) Method and device for universal access to telephone networks
DE102010019467A1 (en) Contactless entry system for use in hotel to open door, has digital keys, where count contained in keys is compared with count stored in near-field enabled lock, and lock is released based on positive comparison result
DE19542732B4 (en) Procedure for detecting the misuse of an access authorization
EP1860595B1 (en) Chip card with at least two identities
EP0935870B1 (en) Authentication system for a communication network
DE10035739C1 (en) Mobile telephone call connection method provides called telephone number upon input of vehicle registration number and incorporates blocking of unwanted calls
CH647116A5 (en) Method for subscriber identification
EP0935869B1 (en) Method of rendering misuse of communication services more difficult
WO2000065871A1 (en) Terminal with biometric authentification
DE19621390C2 (en) System consisting of a 1st device and a 2nd device as a card writing and reading device
DE10300897A1 (en) Method for operating a mobile part of a mobile radio system
DE10047177A1 (en) Authentication method for a telecommunications subscriber and telecommunications system
WO2002054806A1 (en) Method for protecting a user device in a radio communication system against undesired operation and corresponding user device
EP0930769B1 (en) Method for processing user data in databases of communications networks with credit of charges and terminal equipments
WO2001011851A1 (en) Communications terminal and method for securing a communications terminal
DE19821566C2 (en) Method and device for monitoring and securing public telephone systems

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20010504

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

RBV Designated contracting states (corrected)

Designated state(s): DE FR GB

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20040803