TR202004363A2 - The method and system of verifying the mobile phone information of the users who are connected to the Internet with a Mobile Device in the GSM Mobile Network area and a Wired/Wireless gateway outside the GSM Mobile Network - Google Patents
The method and system of verifying the mobile phone information of the users who are connected to the Internet with a Mobile Device in the GSM Mobile Network area and a Wired/Wireless gateway outside the GSM Mobile NetworkInfo
- Publication number
- TR202004363A2 TR202004363A2 TR2020/04363A TR202004363A TR202004363A2 TR 202004363 A2 TR202004363 A2 TR 202004363A2 TR 2020/04363 A TR2020/04363 A TR 2020/04363A TR 202004363 A TR202004363 A TR 202004363A TR 202004363 A2 TR202004363 A2 TR 202004363A2
- Authority
- TR
- Turkey
- Prior art keywords
- mobile device
- information
- user
- gsm
- isp
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims description 25
- 238000012795 verification Methods 0.000 claims abstract description 24
- 230000004044 response Effects 0.000 claims description 5
- 230000001960 triggered effect Effects 0.000 claims description 2
- 230000008569 process Effects 0.000 description 5
- 238000010200 validation analysis Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000000670 limiting effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/126—Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/40—Security arrangements using identity modules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/72—Subscriber identity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
SIM Kart (5) takılı ve aktif olarak GSM Mobil Şebekesine bağlı Mobil Cihaz (1) kullanılarak Kablolu/Kablosuz bir Ağ Geçidi (6) üzerinden, bu Ağ Geçidinin bağlı olduğu İnternet Servis Sağlayıcı (ISP) (2) aracılığı ile internete bağlanan kullanıcının telefon numarası bilgisini (MSISDN) doğrulamayı sağlayan sistem olup, GSM Operatörü (4), İnternet Servis Sağlayıcı (ISP)(2), Mobil Cihaz (1), Mobil Cihaza (1) takılı SIM kart (5), Mobil Cihazın (1) içinde takılı SIM karta (5) tek kullanımlık takip/referans bilgisi içeren URL'e bağlanma isteğini tetikleme modu ile gönderen GSM Operatörü SIM Yönetim Platformu (4.1), İnternet Servis Sağlayıcı (ISP) (2) üzerinden bağlandığı takip/referans bilgisi, IP/PORT bilgileri ve sınırlı ya da tam olarak Mobil Cihazı(1) tanımlayıcı olan diğer bütün bilgilerin kontrolü ile kullanıcı telefon numarası (MSISDN) bilgisinin doğrulamasını sağlayan Kullanıcı Doğrulama Platformu (3) ve takip/referans bilgisi, IP/PORT bilgileri ve sınırlı ya da tam olarak Mobil Cihazı(1) tanımlayıcı olan diğer bütün bilgilerin tutulduğu veri tabanı (3.1) içermektedir.The phone of the user who connects to the Internet via a Wired/Wireless Gateway (6) using the Mobile Device (1) with a SIM Card (5) inserted and actively connected to the GSM Mobile Network, via the Internet Service Provider (ISP) (2) to which this Gateway is connected. GSM Operator (4), Internet Service Provider (ISP) (2), Mobile Device (1), SIM card (5) inserted in the Mobile Device (1), inside the Mobile Device (1). GSM Operator sending a request to connect to a URL containing disposable tracking/reference information to the inserted SIM card (5) with trigger mode, the SIM Management Platform (4.1), the tracking/reference information to which it is connected via the Internet Service Provider (ISP) (2), IP/PORT User Authentication Platform (3), which provides verification of user phone number (MSISDN) information with control of information and all other information that is limited or fully identifying the Mobile Device(1), and tracking/reference information, IP/PORT information and limited or full Mobile Device I(1) contains the database (3.1) in which all other descriptive information is kept.
Description
TARIFNAME GSM Mobil Sebeke alaninda olan Mobil Cihaz ile GSM Mobil Sebekesi disinda Kablolu/Kablosuz bir ag geçidi ile internete baglanan kullanicilarin cep telefonu bilgilerini dogrulama yöntemi ve sistemi BULUSUN ILGILI OLDUGU TEKNIK ALAN Bulus; SIM Kart (5) takili ve aktif olarak GSM Mobil Sebekesine bagli Mobil Cihaz (1) ile kablolu/kablosuz bir ag geçidi (6) üzerinden, bu ag geçidinin bagli oldugu Internet Servis Saglayici (ISP) (2) araciligi ile internete baglanan kullanicinin telefon numarasini (MSISDN bilgisini) dogrulamayi saglayan yöntem ile ilgilidir. DESCRIPTION With the Mobile Device in the GSM Mobile Network area and outside the GSM Mobile Network Mobile phone information of users connected to the Internet with a Wired/Wireless gateway. verification method and system TECHNICAL FIELD OF THE INVENTION Meet; With the Mobile Device (1) inserted in the SIM Card (5) and actively connected to the GSM Mobile Network via a wired/wireless gateway (6), the Internet Service Provider to which this gateway is connected (ISP) (2) the phone number (MSISDN information) of the user connected to the internet. relates to the method that provides verification.
BULUSLA ILGILI TEKNIGIN BILINEN DURUMU (ÖNCEKI TEKNIK) Günümüzde GSM Mobil Sebekesi alaninda bulunup, bu sebeke disinda kablolu/kablosuz bir ag geçidi kullanarak internete baglanan kullanicilarin telefon numarasini, son kullanici müdahalesi olmadan dogrulamak mümkün degildir. Bilgimiz dahilinde üç farkli yöntem kullanilmakta olup, bu yöntemler uygulamada yetersiz kalmaktadir. BACKGROUND OF THE INVENTION ART (PRIOR ART) Today, in the GSM Mobile Network area, there is a wired/wireless network outside of this network. phone number of users connecting to the internet using the gateway, end-user intervention It is not possible to verify without it. To the best of our knowledge, three different methods are used, These methods are insufficient in practice.
Yöntem 12 Kullanici GSM Mobil Sebekesi üzerinden internete baglandiginda GGSN( Gateway GPRS Support Node) kullanicinin telefon numarasini GGSN baslik zenginlestirme (GGSN Header Enrichment) yöntemi ile paylasabilmektedir. Kullanicinin GSM Mobil Sebekesi disinda kablolu/kablosuz bir ag kullanarak internete baglanmasi halinde, bu yöntemde kullanicilara MSISDN verilerine ulasilamadigi için internette dolasirken herhangi bir servise baglanma isteginde bulunmalari halinde telefon numaralari dogrulanamamaktadir. (Ör: Giris Islemler, Islem Dogrulama, vs.) Yöntem 2: Kullanicinin Mobil Cihaz GSM hatti üzerinden telefon numarasinin dogrulanmasi istenmesi durumunda, tek kullanimlik sifre (One time password (OTP)) yöntemi kullanilmaktadir. Method 12 When the user connects to the Internet via the GSM Mobile Network, GGSN (Gateway) GPRS Support Node) user's phone number GGSN header enrichment (GGSN Header Enrichment) method. Outside the User's GSM Mobile Network In case of connecting to the internet using a wired/wireless network, this method provides users with Do not connect to any service while surfing the internet because MSISDN data is not available. phone numbers cannot be verified. (Ex: Login Transactions, Transaction verification, etc.) Method 2: Verifying the user's phone number over the Mobile Device GSM line If requested, one time password (OTP) method is used.
Bu yöntem insan müdahalesi gerektirdiginden Phishing (Oltalama/Yemleme) saldirilarina çok açik olup riski sebebiyle kullanimi sinirlandirilmaktadir. Since this method requires human intervention, it is very resistant to Phishing attacks. It is open and its use is limited due to its risk.
Yöntem 3: Kullanicilarin cihazlarina indirecekleri bir mobil uygulama üzerinden cihaz bilgilerini paylasmalarini istemek bir baska çözümdür. Bu çözümde gerekli bilgileri toplayacak uygulamalarin ihtiyaci olan yetkileri, kullanicilar bu tip uygulamalara vermek istememektedir. Method 3: Device information via a mobile application that users will download to their devices Asking them to share is another solution. In this solution you will collect the necessary information users do not want to give these types of applications the privileges that the applications need.
Bunun disinda ilk giriste cihazin kullaniciya ait oldugu bilinen baska bir cihaz (SIM karti) ile dogrulama yapilmasi veya dogrulama yapacak kurulusun bu bilgilere önceden ve dogrulamasi yapilmis bir kanal üzerinden sahip olmasi gerekliligi dogmaktadir. Bu nedenlerden dolayi çözümün uygulanmasi yetersiz kalmaktadir. Apart from this, at the first login, the device must be connected with another device (SIM card) that is known to belong to the user. verification or verification of this information beforehand by the institution that will make the verification It is necessary to have it through a channel that has been made. For these reasons implementation of the solution is insufficient.
Bu anlamda kullanilmakta olan tekniklerin mevcut durumundaki yetersizliklerden ötürü, teknik alanda yeni bir teknigin gelistirme çalismalarinin yapilmasi ihtiyaci dogmustur. In this sense, due to the inadequacies of the current state of the techniques used, technical There is a need for the development of a new technique in the field.
BULUSUN KISA AÇIKLAMASI VE AMAÇLARI Bulus, mobil cihazi üzerinden internete baglanan kullanicilarda kimlik do grulamasi için kullanilan üç temel faktörden biri olan sahip oldugunuz bir seyin dogrulanmasini saglamaktadir. Bulusta dogrulamasi yapilacak istek sahibinin bilgileri ile bu istegin geldigi mobil cihaza takilan SIM kartin bagli oldugu MSISDN bilgisi kullanilarak kullanicinin dogrulanmasi saglanmaktadir. BRIEF DESCRIPTION AND OBJECTIVES OF THE INVENTION Invention is used to authenticate users who connect to the internet via their mobile devices. It provides verification of something you own, one of the three key factors. in the find The information of the requester to be verified and the SIM inserted in the mobile device from which this request is received. Authentication of the user is provided by using the MSISDN information to which the card is connected.
Bulusun bir baska amaci; Mevcut tekniklerde kullanilan çözümlerden farkli olarak kullaniciya bagimli güveni ortadan kaldiran bir yapinin ortaya konulmasidir. Böylece OltalamaNemleme (Phishing) saldirilarinin önüne geçilmesini saglanmaktadir. Bu yöntemde atak yapan kisilerin, kimlik dogrulamasi yapilacak kullanicinin sadece ihtiyaç duyulan bilgilerini almasi yeterli olmayacak, ayni zamanda sahip oldugu cihazi da ele geçirmesi gerekecektir, dolayisiyla bu tip ataklar büyük ölçüde engellenecektir. Another purpose of the invention is; Unlike the solutions used in existing techniques, the user It is the creation of a structure that eliminates dependent trust. So PhishingHumidifying (Phishing) attacks are prevented. In this method, the people who attack, It is sufficient for the user to be authenticated to receive only the necessary information. not only will he have to seize the device he has, so this type of attacks will be largely blocked.
Bulusun bir baska amaci; Kablolu/Kablosuz aglar arkasindan ücretli servislerin kullaniminda kullaniciya ait telefon numarasinin dogrulanmasi ve bu dogrulamaya istinaden ücretlendirmelerin yapilabilmesidir. Another purpose of the invention is; In the use of paid services behind wired / wireless networks verification of the phone number of the user and charges based on this verification it can be done.
Bulusun yapisal ve karakteristik özellikleri asagida verilen sekiller ve bu sekillere atiflar yapilmak suretiyle yazilan detayli açiklama kisimlarinda belirtilmistir. Bulusun getirdigi avantajlar bu sekiller ve detayli açiklama kisimlarinin incelenmesi ile daha net olarak anlasilacaktir. The following figures and references are made to the structural and characteristic features of the invention. It is stated in the detailed explanation sections written by These are the advantages of the invention It will be understood more clearly by examining the figures and detailed explanation parts.
BULUSU AÇIKLAYAN SEKILLERIN TANIMLARI Sekil 1 - Bulusa konu olan sistemin genel gösterimidir. DEFINITIONS OF FIGURES DESCRIBING THE INVENTION Figure 1 - General representation of the system subject to the invention.
Sekil 2 - Bulusa konu olan yöntem ve alternatif islem adimlarini açiklayan genel akis diyagrami gösterimidir. Figure 2 - General flow diagram describing the method and alternative processing steps of the invention is the display.
BULUSU OLUSTURAN UNSURLAR VE PARÇALARIN TANIMLARI . Mobil cihaz (Kullanici) (1) . Internet Servis Saglayici (ISP) (2) . Kullanici Dogrulama Platformu (3) 1. Veri Tabani (3.1) . GSM Operatörü (4) 1. GSM Operatörü SIM Yönetim Platformu (4.1) S1M (5) . Kablolu/Kablosuz Ag Geçidi (6) Kullanici dogrulama sunucusuna giris istegi gönderir. DEFINITIONS OF INVENTION ELEMENTS AND PARTS . Mobile device (User) (1) . Internet Service Provider (ISP) (2) . User Authentication Platform (3) 1. Database (3.1) . GSM Operator (4) 1. GSM Operator SIM Management Platform (4.1) S1M (5) . Wired/Wireless Gateway (6) The user sends a login request to the authentication server.
Dogrulama sunucusu gelen istekten IP/PORT bilgilerini alir. The authentication server receives the IP/PORT information from the incoming request.
Dogrulama sunucusu isleme ait referans belirler, IP/PORT ve diger bilgiler ile veri tabaninda saklar. The authentication server determines the reference of the transaction, IP/PORT and other information and data. stores it at the bottom.
Dogrulama sunucusu operatöre tetiklenecek referans URL istegi gönderir. The validation server sends the operator a reference URL request to be triggered.
Operatör tetikleme istegini GSM Operatörü SIM Yönetim Platformuna iletir. The operator transmits the trigger request to the GSM Operator SIM Management Platform.
Operatör SIM Yönetim Platformu Kullanicinin cihazina tetikleme modu ile SMS gönderir. Operator SIM Management Platform Sends SMS to User's device with trigger mode.
Cihaz SMS içindeki URL'e dogrudan istek gönderir. The device sends a request directly to the URL in the SMS.
Cihaz SMS içerisindeki Deep Link ile uygulamayi açar. The device opens the application with the Deep Link in the SMS.
Uygulama gelen referans kodu ile Dogrulama sunucusuna çagri yapar. The application makes a call to the Verification server with the incoming reference code.
Dogrulama sunucusu cihazin IP/PORT ve diger bilgilerini alir. The authentication server receives the IP/PORT and other information of the device.
Referans numarasi ile veri tabanindaki bilgileri karsilastirir. Compares the reference number with the information in the database.
Dogrulama sunucusu talep edilen istekteki telefon numarasini dogrular. 165. Cihaz PoP-UP SMS'i kullaniciya gösterir. 170. Kullanici onayina göre istek gönderir. The authentication server verifies the phone number in the requested request. 165. The device displays the PoP-UP SMS to the user. 170. User sends request according to approval.
BULUSUN DETAYLI AÇIKLAMASI Bu kisimda yer alan detayli açiklamada yer alan bulusun tercih edilen yapilanmalari, sadece konunun daha iyi anlasilmasina yönelik olarak ve hiçbir sinirlayici etki olusturmayacak sekilde ifade edilmistir. DETAILED DESCRIPTION OF THE INVENTION Preferred embodiments of the invention in the detailed description in this section are only for a better understanding of the subject and without any limiting effect. expressed.
Kullanici sahip oldugu SIM Kart (5) takili ve aktif olarak GSM Mobil Sebekesine bagli Mobil Cihazi (l) kullanilarak kablolu/kabIOSuz Ag Geçidinin (6) ve bu agin bagli oldugu Internet Servis Saglayici (ISP) (2) araciligi ile Kullanici Dogrulama Platformuna (3) baglanir ve giris talebinde bulunur (100). Bu talebin geldigi Mobil Cihazin (1) bagli oldugu aga ait IP ve PORT bilgisi internet servis saglayici (2) tarafindan kalici ya da geçici olarak atanir (105). Atamasi yapilan IP ve PORT bilgisi istek ile birlikte Kullanici Dogrulama Platformuna (3) iletilir (110) ve kullanici Mobil Cihazina (l) ait bu IP/PORT bilgileri ve takip/referans bilgisi Veri Tabanina (3.1) kayit edilir (115). Buradaki bilgiler sadece IP/PORT ile sinirli olmayip cihazi sinirli ya da tam olarak tanimlayici olan konum, evrensel olarak benzersiz bir tanimlayici (UUID), Kullanici Ajani (User Agent) gibi tüm bilgileri içerebilir. Tek basina bu bilgiler kullanici cihazinin kullaniciya aitligi konusunda bilgi vermez. Olusturulan takip/ referans bilgileri her bir islem için benzersiz olup, belli bir yasam süreleri (Time to live (TTL)) vardir. Takip/referans bilgileri ilk kullanim sonrasinda tekrar kullanilamamaktadirlar. Ayni takip/referans bilgisi ile birden fazla istegin dogrulama sunucusuna ulasmasi halinde ise ilgili takip/referans bilgisine sahip tüm kullanicilardan gelen giris islemi talebi reddedilir ve varsa aktif baglantilari sonlandirilir. The user has a SIM Card (5) inserted and actively connected to the GSM Mobile Network. Using its device (l), wired/wireless Gateway (6) and the Internet Service to which this network is connected It connects to the User Authentication Platform (3) through the Provider (ISP) (2) and requests login. is found (100). IP and PORT information of the network to which the Mobile Device (1) this request is connected to permanently or temporarily appointed by the internet service provider (2) (105). Assigned IP and PORT information is forwarded to the User Authentication Platform (3) with the request (110) and the user This IP/PORT information and tracking/reference information belonging to the Mobile Device (l) are registered in the Database (3.1). is done (115). The information here is not only limited to IP/PORT, but also limited or completely location, which is an identifier, a universally unique identifier (UUID), User Agent (User Agent) can contain all information such as. This information alone is the ownership of the user device to the user. does not provide information on The created tracking/reference information is unique for each transaction and they have a lifetime (Time to live (TTL)). Tracking/reference information after first use they cannot be reused. Verification of multiple requests with the same tracking/reference information If it reaches the server, the input from all users with the relevant tracking/reference information. The request for the operation is denied and active connections, if any, are terminated.
Kullanici Dogrulama Platformu (3) kisinin telefon numarasini teyit etmek için GSM Operatörüne (3) kullanici telefon numarasina iletilmek üzere tek kullanimlik takip/referans bilgisi içeren URL dogrulama istegi gönderir ( GSM Operatörü SIM Yönetim Platformu araciligi ( mevcutta bulunan Global Platform v2.2 Amendment B standartlarina göre tek kullanimlik URL”e erisecek HTTPS baglantisi tetikleme modu ile (Push Mode) olusturulur. Tetikleme modunda, Mobil Cihaza (1) takili SIM karta(5) GSM Operatörü SIM Yönetim Platformu ( tek kullanimlik takip/referans bilgisi içeren URL'ine baglanma istegi içeren binary (ikili, kontîgürasyonel, kullanici tarafindan görülmeyen ve okunamayan) SMS gönderilir(l 30). User Authentication Platform (3) to the GSM Operator to confirm the person's phone number. (3) URL with one-time tracking/reference information to be forwarded to the user phone number sends a verification request ( GSM Operator SIM Management Platform via (currently available Global Platform v2.2 Triggering an HTTPS connection to a disposable URL according to Amendment B standards It is created with (Push Mode) mode. In trigger mode, GSM is connected to the SIM card (5) inserted in the Mobile Device (1). Operator SIM Management Platform ( single binary (binary, configurational, invisible and unreadable by the user) SMS is sent(l 30).
Gönderilen Tetikleme SMS°i kullanicinin cihazinda üç farkli sekilde yorumlanabilir. 1. Tetikleme SMS'inin içeriginde Mobil Cihazin (1) hangi URL”e baglanmasi gerektigi yer almaktadir. Bu mesaji alan Mobil Cihaz (l) SMS içerisinde belirtilen URL`e baglanma istegini Internet Servis Saglayici (ISP) (2) üzerinden veya bu ag üzerinde baglanti sorunu bulunmasi durumunda 3G, 4G veya benzeri GSM sebekeleri üzerinden gerçeklestirir (135). The Trigger SMS sent can be interpreted in three different ways on the user's device. 1. What URL should the Mobile Device (1) be connected to in the content of the Trigger SMS? takes. Mobile Device (l) receiving this message, connecting to the URL specified in the SMS connection problem on this network or via Internet Service Provider (ISP) (2) If it is found, it is carried out over 3G, 4G or similar GSM networks (135).
Belirtilen URL, Kullanici Dogrulama Platformu (5) URL”idir ve Mobil Cihaz (1) bu URL'i kullanarak Kullanici Dogrulama Platformuna (5) baglanir. 2. Tetikleme SMS”inin içeriginde gelen veriler Pop-up SMS olarak kullaniciya ekranda gösterilir (165). Burada kullaniciya giris talebi hakkinda bilgiler gösterilerek isleme devam edip etmeyecegi / islemi onaylayip onaylamadigi sorusu sorulur. Kullanicidan gelen yanita göre takip/referans bilgisi ile sinirli olmayip cihazi sinirli ya da tam olarak tanimlayici olan tüm bilgiler ile birlikte islem dogrulamasi talebi Kullanici Dogrulama Platformuna (5) 3. Kullanici Dogrulama Platformuna gelen giris talebinin Kullanici Dogrulama Platformu Entegre Mobil Uygulama üzerinden gelmesi halinde Tetikleme SMS'inin içeriginde bulunan URL ile Mobil Cihazin (1) Deep Link yapisini kullanarak dogrudan bu mobil uygulamayi açmasi saglanir (140). Kullanici Dogrulama Platformu entegrasyonu sayesinde Deep Link içerisindeki veriler Mobil Cihaz (1) üzerinde çalisan Dogrulama Platformu Entegre Mobil Uygulama ile alinir. Tasinan bu veri ile Dogrulama Platformu Entegre Mobil Uygulama, Kullanici Dogrulama Platformuna (5) dogrudan çagri yapar (145). The specified URL is the User Authentication Platform (5) URL and the Mobile Device (1) uses this URL. It connects to the User Authentication Platform (5) using 2. The data in the content of the Trigger SMS is displayed to the user as a Pop-up SMS. is shown (165). Here, the user continues the process by showing information about the login request. You will be asked whether to approve the transaction or not. Response from user not limited to tracking/reference information, but limited or fully descriptive of the device. Transaction verification request with all information to the User Verification Platform (5) 3. User Authentication Platform of the login request to the User Authentication Platform In the content of the Trigger SMS, if it comes via the Integrated Mobile Application. This mobile device directly using the Deep Link structure of the Mobile Device (1) with the URL found it is provided to open the application (140). User Authentication Platform integration Thanks to the data in the Deep Link, the Verification running on the Mobile Device (1) Platform is available with Integrated Mobile Application. Verification Platform with this transferred data Integrated Mobile App calls the User Authentication Platform (5) directly (145).
Kullanici Dogrulama Platformu (5) baglanan cihazin takip/referans, lP/PORT bilgileri ve sinirli ya da tam olarak Mobil Cihazi (1) tanimlayici olan diger bütün bilgilerini alir (150). Takip/ referans bilgisi aracigi ile daha önceden kayit edilen IP adresi ve PORT numarasi (155) ve cihazin tetikleme sonrasi URL ile baglanarak ilettigi bilgiler ile karsilastirilarak kullanicinin cihaz sahipligi dogrulanacaktir (160).Kullanici bu dogrulama süreci boyunca aktif bir islem/düzenleme/müdahale yapmadigi/yapamadigi için olasi bilgi paylasimlari ve kullanici hatalarinin önüne geçilmis olur. User Authentication Platform (5) tracking/reference, LP/PORT information of the connected device and limited or all other information that fully identifies the Mobile Device (1) (150). Tracking/reference IP address and PORT number (155) registered previously and triggering of the device via device ownership by the user compared to the information transmitted by connecting with the URL after will be validated (160). The user has not taken any active action/editing/intervention during this validation process. possible information sharing and user errors are prevented.
Kullanicinin Mobil Cihazina takili SIM kart numarasi sahipligi dogrulanarak kimlik dogrulamasi yapilmis olur. Authentication by verifying ownership of the SIM card number inserted in the User's Mobile Device it will be done.
Cihaz ayni anda 2G/3G/4G vb. sebekelerden SMS alabilmektedir. Internet servis saglayici (ISP) baglantisinda bir sorun oldugunda 2G/3G/4G vb. sebekelerine data kullanmak amaçli geçebilmektedir. Burada (135) MSISDN Forwarding yöntemi kullanilarak kullanicinin kimlik dogrulamasi yapilmis olur. The device can support 2G/3G/4G etc at the same time. can receive SMS from networks. Internet service provider (ISP) 2G/3G/4G etc. when there is a problem with the connection. to use data to networks can pass. Here (135) the identity of the user is determined using the MSISDN Forwarding method. verification is done.
Dogrulama islemi Kayitli Kullanicinin giris isleminde cep telefonu sahipligi, yeni kullanici kayit isleminde kullanicinin iddia ettigi telefon numarasina gerçekten sahip olup olmamasi, islem onaylari islemleri ile sinirli olmayip kullanicinin kimlik dogrulamasi gereken her islemde kullanilabilir. Verification process Registered User's login process, mobile phone ownership, new user registration Whether the user really has the phone number claimed in the transaction, the transaction It is not limited to approvals transactions, but in every transaction where the user needs to be authenticated. can be used.
Bulusa konu olan sistemi olusturan unsurlar ve islevleri sunlardir; 0 Kullanicinin dogrulama isleminde kullanacagi Mobil Cihaz (l) 0 Kullanicinin dogrulama isleminde kullanacagi Mobil Cihaza (1) takili SIM kart (5), - Mobil Cihazin (1) Internet Servis Saglayiciya (ISP) (2) baglanmasi için kullanilacak Kablolu/Kablosuz Ag Geçidi (6), 0 Mobil Cihazin (l) internete baglanmasini saglayan Internet servis saglayici (ISP)(2), . Mobil Cihazin (1) dogrulama için baglandigi Kullanici Dogrulama Platformu (3) . Kullanici Dogrulama Platformunun (3) Internet servis saglayicidan (ISP)(2) aldigi bilgilerin tutuldugu veri tabani (3.1), 0 Kullanici Dogrulama Platformunun kullanici telefon numarasi dogrulamasi için baglandigi GSM Operatörü (4) . Mobil cihaza (l) takili SIM karta (5) tek kullanimlik takip/referans bilgisi içeren URL'e baglanma istegi içeren tetikleme modu gönderen GSM Operatörü SIM Yönetim Platformu (4.1), Bulusa konu olan sistemin gerçeklestirdigi islem adimlari su sekildedir; Kullanicinin aktif olarak GSM Mobil Sebekesine bagli Mobil Cihazi (l) kullanilarak kablolu/kablosuz Ag Geçidinin (6) ve bu agin bagli oldugu Internet Servis Saglayici (ISP) (2) araciligi ile Kullanici Dogrulama Platformuna (3) baglanmasi ve giris talebinde bulunmasi (100), Internet Servis Saglayici (ISP) (2) tarafindan IP/PORT bilgisinin Mobil Cihaz (1) veya bagli bulundugu aga Mobil Cihaz (1) özelinde atamasi (105), Internet Servis Saglayici (ISP) (2) tarafindan Mobil Cihaz (1) özelinde atanan IP/PORT bilgisinin, Kullanici Dogrulama Platformu (3) tarafindan gelen istek içerisinden alinmasi (110), Kullanici Dogrulama Platformu (3) tarafindan takip/referans, IP/PORT bilgileri ve sinirli ya da tam olarak Mobil Cihazi (1) tanimlayici olan diger bütün bilgilerinin Veri Tabanina (3.1) kayit edilmesi (115), Kullanici Dogrulama Platformu (3) tarafindan talepte bulunan kisinin telefon numarasini dogrulamak için GSM Operatörüne (4) kullanici telefon numarasina gönderilecek sekilde tek kullanimlik takip/referans bilgisi içeren URL bilgisinin yönlendirilmesi (120), GSM Operatörünün (4) gelen istegi GSM Operatörü SIM Yönetim Platformuna (4.1) iletmesi (125), GSM Operatörü SIM Yönetim Platformunun ( mevcutta bulunan Global Platform v.2.2 Amendment B standartlarina göre tek kullanimlik URL”e erisecek HTTPS baglantisi tetikleme modu ile (Push Mode) olusturmasi, Tetikleme modunda, Mobil Cihaza (l) takili SIM karta (5) GSM Operatörü SIM Yönetim Platformu ( tek kullanimlik takip/referans bilgisi içeren URL'ine baglanma istegi içeren binary (ikili, konfigürasyonel, kullanici tarafindan görülmeyen ve okunamayan) SMS gönderilmesi (130), Gönderilen Tetikleme SMS°inin ku11anicinin cihazinda üç farkli seçenekten biri seklinde yorumlanmasi, 0 Tek kullanimlik URL adresine baglanma mesajini alan Mobil Cihazin (1), SMS içerisinde belirtilen URL adresine Kablolu/Kablosuz Ag Geçidi (6) ve Internet Servis Saglayici (ISP) (2) üzerinden erismesi (135), 0 Tek kullanimlik URL adresine baglanma mesajini alan Mobil Cihazin (1), kullaniciya Pop-Up SMS olarak ekranda giris talebi bilgilerinin gösterilmesi (165) ve kullanicidan gelen yanita göre SMS içerisinde belirtilen URL adresine Kablolu/Kablosuz Ag Geçidi (6) ve Internet Servis Saglayici (ISP) (2) üzerinden istekte bulunmasi (170), 0 Tek kullanimlik URL adresine baglanma mesajini alan Mobil Cihazin (1), üzerinde kurulu olan Kullanici Dogrulama Platformu Entegre Mobil Uygulamasini açmasi (140), Deep Link içerisindeki veriler ile kullaniciya giris talebi bilgilerinin gösterilmesi ve kullanicidan gelen yanita göre ya da kullaniciya herhangi bir bilgi göstermeden dogrudan Kullanici Dogrulama Platformuna (3), Kablolu/Kablosuz Ag Geçidi (6) ve Internet Servis Saglayici (ISP) (2) üzerinden istekte bulunmasi (145), Mobil Cihazin (1), Tetikleme Modu SMS”i ile gelen URL yönlendirmesini kullanarak Kullanici Dogrulama Platformuna (3) baglanmasi ile, Mobil Cihazin (l) bagli bulundugu Internet Servis Saglayicinin (ISP)(2) atadigi IP/PORT bilgileri ve sinirli ya da tam olarak Mobil Cihazi( 1) tanimlayici olan diger bütün bilgilerin alinmasi (150) ve Kullanici Dogrulama Platformunun (3) takip/referans bilgisini kullanarak veri tabaninda sakladigi lP/PORT bilgileri ve sinirli ya da tam olarak Mobil Cihazi(1) tanimlayici olan diger bütün bilgiler ile karsilastirilmasi (155) sonucu kullanicinin telefon numarasi bilgisinin dogrulanmasidir (160).The elements that make up the system that is the subject of the invention and their functions are as follows; 0 Mobile Device (l) that the user will use in the verification process 0 SIM card (5) inserted in the Mobile Device (1) that the user will use in the authentication process, - To be used to connect the Mobile Device (1) to the Internet Service Provider (ISP) (2) Wired/Wireless Gateway (6), 0 Internet service provider (ISP) (2), which enables the Mobile Device (l) to connect to the Internet, . User Authentication Platform (3) to which the Mobile Device (1) is connected for authentication . The User Authentication Platform (3) receives from the Internet service provider (ISP) (2). database where information is kept (3.1), 0 Where the User Authentication Platform is connected for user phone number verification GSM Operator (4) . URL with one-time tracking/reference information on the SIM card (5) inserted in the mobile device (l) GSM Operator SIM Management Platform that sends a trigger mode with a request to connect (4.1), The process steps of the system, which is the subject of the invention, are as follows; By using the User's Mobile Device (l) that is actively connected to the GSM Mobile Network Wired/wireless Gateway (6) and the Internet Service Provider (ISP) to which this network is connected Connecting to the User Authentication Platform (3) via (2) and requesting login found (100), IP/PORT information from the Internet Service Provider (ISP) (2) to the Mobile Device (1) or Assignment (105) specific to the Mobile Device (1) to the network it is connected to, IP/PORT assigned by the Internet Service Provider (ISP) (2) specific to the Mobile Device (1) obtaining the information from the request received by the User Authentication Platform (3) (110), Tracking/reference, IP/PORT information and limited data by User Authentication Platform (3) or to the Database of all other information that fully identifies the Mobile Device (1). (3.1) to be registered (115), The phone number of the person making the request by the User Authentication Platform (3). to be sent to the GSM Operator (4) to the user's phone number for verification. redirecting URL information containing disposable tracking/reference information (120), Incoming request of GSM Operator (4) to GSM Operator SIM Management Platform (4.1) transmit (125) GSM Operator SIM Management Platform (available One-time URL according to Global Platform v.2.2 Amendment B standards to create an HTTPS connection with trigger mode (Push Mode), In trigger mode, SIM card (5) inserted in Mobile Device (l) GSM Operator SIM Management Platform (single use binary (binary, configurational, sending an unreadable and invisible SMS to the user (130), Send Trigger SMS as one of three different options on the user's device. interpretation, 0 The Mobile Device (1) that receives the message of connecting to the one-time URL address, Wireless Gateway (6) and Internet address to the URL specified in Access via the Service Provider (ISP) (2) (135), 0 The Mobile Device (1) that receives the message of connecting to a one-time URL address, Displaying login request information on the screen as Pop-Up SMS to the user (165) and to the URL address specified in the SMS according to the response from the user. Via Wired/Wireless Gateway (6) and Internet Service Provider (ISP) (2) request (170), 0 On the Mobile Device (1) that receives the message of connecting to a one-time URL address, Opening the installed User Authentication Platform Integrated Mobile Application (140) the data in the Deep Link and the login request information to the user. display and any information to the user according to the response from the user. directly to User Authentication Platform (3), Wired/Wireless Making requests through Gateway (6) and Internet Service Provider (ISP) (2) (145), Using the URL redirection of the Mobile Device (1) with the Trigger Mode SMS By connecting to the User Authentication Platform (3), the Mobile Device (l) is connected. IP/PORT information assigned by the Internet Service Provider (ISP)(2) and limited or complete Receiving all other information identifying the Mobile Device (1) (150) and the User The Verification Platform (3) uses the tracking/reference information stored in the database. lP/PORT information and any other limited or complete identifier of the Mobile Device(1) the phone number of the user as a result of comparison with the information (155). confirmation (160).
Claims (4)
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TR2020/04363A TR202004363A2 (en) | 2020-03-20 | 2020-03-20 | The method and system of verifying the mobile phone information of the users who are connected to the Internet with a Mobile Device in the GSM Mobile Network area and a Wired/Wireless gateway outside the GSM Mobile Network |
EP21771313.0A EP4104478A4 (en) | 2020-03-20 | 2021-03-15 | Method and system of verifying mobile phone information of users who are connected to the internet with a wired/wireless gateway other than the gsm mobile network with a mobile device in the gsm mobile network area |
PCT/TR2021/050228 WO2021188081A1 (en) | 2020-03-20 | 2021-03-15 | Method and system of verifying mobile phone information of users who are connected to the internet with a wired/wireless gateway other than the gsm mobile network with a mobile device in the gsm mobile network area |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TR2020/04363A TR202004363A2 (en) | 2020-03-20 | 2020-03-20 | The method and system of verifying the mobile phone information of the users who are connected to the Internet with a Mobile Device in the GSM Mobile Network area and a Wired/Wireless gateway outside the GSM Mobile Network |
Publications (1)
Publication Number | Publication Date |
---|---|
TR202004363A2 true TR202004363A2 (en) | 2021-09-21 |
Family
ID=77771139
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TR2020/04363A TR202004363A2 (en) | 2020-03-20 | 2020-03-20 | The method and system of verifying the mobile phone information of the users who are connected to the Internet with a Mobile Device in the GSM Mobile Network area and a Wired/Wireless gateway outside the GSM Mobile Network |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP4104478A4 (en) |
TR (1) | TR202004363A2 (en) |
WO (1) | WO2021188081A1 (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114390461A (en) * | 2022-01-17 | 2022-04-22 | 湖南塔澳通信有限公司 | SIM card pool resource management platform |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3975061B2 (en) * | 2001-03-29 | 2007-09-12 | ソフトバンクモバイル株式会社 | Authentication system |
JP4311617B2 (en) * | 2003-03-28 | 2009-08-12 | 三菱電機株式会社 | Terminal device |
JP2006268641A (en) * | 2005-03-25 | 2006-10-05 | Nec Corp | Authentication method and authentication system |
CN102437914B (en) * | 2010-12-08 | 2013-12-04 | 袁永亮 | Method by utilizing telecommunication network to supply user identity label and user identity authentication to Internet service |
WO2014032549A1 (en) * | 2012-08-31 | 2014-03-06 | 宝利数码有限公司 | Telecommunication service provider based mobile identity authentication and payment method and system |
JP2015231177A (en) * | 2014-06-06 | 2015-12-21 | 日本電信電話株式会社 | Device authentication method, device authentication system, and device authentication program |
CN108990059B (en) * | 2017-06-02 | 2021-06-29 | 创新先进技术有限公司 | Verification method and device |
US10277586B1 (en) * | 2018-10-29 | 2019-04-30 | Syniverse Technologies, Llc | Mobile authentication with URL-redirect |
-
2020
- 2020-03-20 TR TR2020/04363A patent/TR202004363A2/en unknown
-
2021
- 2021-03-15 EP EP21771313.0A patent/EP4104478A4/en active Pending
- 2021-03-15 WO PCT/TR2021/050228 patent/WO2021188081A1/en unknown
Also Published As
Publication number | Publication date |
---|---|
EP4104478A1 (en) | 2022-12-21 |
EP4104478A4 (en) | 2023-07-26 |
WO2021188081A1 (en) | 2021-09-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR102321781B1 (en) | Processing electronic tokens | |
US8533798B2 (en) | Method and system for controlling access to networks | |
US8365258B2 (en) | Multi factor authentication | |
US9762576B2 (en) | Enhanced multi factor authentication | |
WO2016188256A1 (en) | Application access authentication method, system, apparatus and terminal | |
CA2789495C (en) | Seamless mobile subscriber identification | |
KR20060047252A (en) | Account creation via a mobile device | |
KR20130109322A (en) | Apparatus and method to enable a user authentication in a communication system | |
ES2274980T3 (en) | ARCHITECTURE TO PROVIDE INTERNET SERVICES. | |
US11812269B2 (en) | Asserting user, app, and device binding in an unmanaged mobile device | |
JP4551367B2 (en) | Service system and service system control method | |
TR202004363A2 (en) | The method and system of verifying the mobile phone information of the users who are connected to the Internet with a Mobile Device in the GSM Mobile Network area and a Wired/Wireless gateway outside the GSM Mobile Network | |
KR20170103691A (en) | Authentication mehtod and system using ip address and short message service | |
US11397821B2 (en) | Remote access control system | |
GB2547231A (en) | Apparatus, method and computer program product for use in authenticating a user | |
JP2004166226A (en) | Method and system for controlling online access from terminal user to content service | |
JP3914152B2 (en) | Authentication server, authentication system, and authentication program | |
CN102318376B (en) | For realizing the method and system that privacy controls | |
AU2018101015A4 (en) | A system and method for facilitating the delivery of secure hyperlinked content via mobile messaging | |
JP5632429B2 (en) | Service authentication method and system for building a closed communication environment in an open communication environment | |
WO2009090428A1 (en) | Mobile approval system and method | |
US20100132033A1 (en) | Service system | |
US11968531B2 (en) | Token, particularly OTP, based authentication system and method | |
JP7070860B2 (en) | Wireless access point device and wireless communication method | |
RU2740308C1 (en) | Method for identifying online user and device thereof |