Classifications

• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/38—Payment protocols; Details thereof
  • G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
  • G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
  • G06Q20/322—Aspects of commerce using mobile devices [M-devices]
  • G06Q20/3223—Realising banking transactions through M-devices
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
  • G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
  • G06Q20/322—Aspects of commerce using mobile devices [M-devices]
  • G06Q20/3229—Use of the SIM of a M-device as secure element
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
  • G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
  • G06Q20/327—Short range or proximity payments by means of M-devices
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
  • G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
  • G06Q20/327—Short range or proximity payments by means of M-devices
  • G06Q20/3278—RFID or NFC payments by means of M-devices
• • G—PHYSICS
  • G07—CHECKING-DEVICES
  • G07F—COIN-FREED OR LIKE APPARATUS
  • G07F19/00—Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
  • G07F19/20—Automatic teller machines [ATMs]
  • G07F19/208—Use of an ATM as a switch or hub
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
  • H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
  • H04L63/0492—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload by using a location-limited connection, e.g. near-field communication or limited proximity of entities
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
  • H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
  • H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04W—WIRELESS COMMUNICATION NETWORKS
  • H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
  • H04W12/06—Authentication
  • H04W12/068—Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
  • G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
  • G06Q20/326—Payment applications installed on the mobile devices
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
  • H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04W—WIRELESS COMMUNICATION NETWORKS
  • H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
  • H04W12/60—Context-dependent security
  • H04W12/65—Environment-dependent, e.g. using captured environmental data

Definitions

• the invention concerns an apparatus comprising an interface arranged to conduct a transaction via a short-range communications interface. Furthermore the invention concerns a wireless apparatus comprising an interface arranged to conduct a transaction via the short-range communications interface. Yet furthermore the invention concerns a method for operating the apparatuses. Yet furthermore the invention concerns a computer program arranged to perform operations of the method when stored and run on a computer.
• wireless communication apparatuses Modern society has quickly adopted, and become reliant upon, handheld apparatuses for wireless communication. For example, cellular telephones continue to proliferate in the global marketplace due to technological improvements in both the communication quality and device functionality.
• These wireless communication apparatuses have become common for both personal and business use, allowing users to transmit and receive voice, text and graphical data from a multitude of geographic locations.
• the communication networks utilized by these apparatuses span different frequencies and cover different transmission distances, each having strengths desirable for various applications.
• the wireless communication apparatuses can communicate with short-range and wide area wireless communications networks.
• Short-range wireless networks provide communication solutions that avoid some of the problems seen in large cellular- networks.
• BluetoothTM is an example of a short-range wireless technology quickly gaining acceptance in the marketplace.
• a 1 Mbps BluetoothTM radio may transmit and receives data at a rate of 720 Kbps within a range of 10 meters, and may transmit up to 100 meters with additional power boosting.
• Enhanced data rate (EDR) technology also available may enable maximum asymmetric data rates of 1448 Kbps for a 2 Mbps connection and 2178 Kbps for a 3 Mbps connection.
• a user does not actively instigate a BluetoothTM network. Instead, a plurality of devices within operating range of each other may automatically form a network group called a "piconet".
• Any apparatus may promote itself to the master of the piconet, allowing it to control data exchanges with up to seven "active" slaves and 255 "parked” slaves. Active slaves exchange data based on the clock timing of the master. Parked slaves monitor a beacon signal in order to stay synchronized with the master. These apparatuses continually switch between various active communication and power saving modes in order to transmit data to other piconet members.
• BluetoothTM other popular short-range wireless networks include WLAN (of which "Wi-Fi" local access points communicating in accordance with the IEEE 802.11 standard, is an example), WUSB, UWB and ZigBee (802.15.4, 802.15.4a). All of these wireless mediums have features and advantages that make them appropriate for various applications.
• near field communications technologies which can be considered for providing very short-range or near to touch communication technologies, have become more interesting lately for providing new use and functionality to wireless communication devices.
• An example of near field communications technologies comprise Radio Frequency Identification (RFID) technology, which already exists in various consumers applications from transportation and payment systems to various identification systems including implantable RFID tags.
• RFID Radio Frequency Identification
• NFC Near Field Communication
• the technology is based on RFID, which makes it compatible with the existing contactless infrastructure already in use for public transportation and payment.
• Near Field Communication (NFC) Forum is a non-profit industry association that promotes the use of NFC short-range wireless interaction in various consumer electronics, wireless devices and PCs. The NFC Forum supports implementation and standardization of NFC technology to make it easier to get information, easier to pay for goods and services, easier to use public transport, and easier to share data between devices.
• a wireless device such as, for example, a mobile phone implementing a radio frequency identification (RFID) transponder may be utilized to provide/present a digitally coded or electronic ticket, which has been obtained before, to a ticket checkpoint system of an entrance of a public transportation system.
• the digitally coded ticket is read out by corresponding radio frequency identification (RFID) reader, with which the checkpoint system is equipped, and is analyzed thereby.
• RFID radio frequency identification
• the digitally coded tickets are not necessarily only a piece of code. They may also include authentication information, such as for instance in case of 30 travel tickets, wherein the actual purchase of a ticket may need to be included in the ticketing application, so that an inspector notices that the person has actually purchased those tickets.
• such a ticket checkpoint system may be available for public transportation systems in various cities, which may result in the requirement for coding different digitally coded tickets.
• the illustrated ticket checkpoint system may be extended to similar digitally coded records such as credit card information, loyalty card information, cinema tickets and the like, where the portable terminal performs information exchange with the very same equipment, e.g. point-of-sale equipment.
• the same applications may be realized by using optical or visual codes presented by an optical or visual encoding means and an optical or visual scanning means allowing for reading-out the optical or visual codes from the optical or visual encoding means.
• smartcards provide application developer with a secure and tamperproof environment for developing high value, secure and complex applications.
• Said smartcards include a central processing unit as well as secure memory areas making unwanted access by third parties very difficult.
• cryptographic means are provided within the smartcard, which opens the deployment of smartcards for secure applications like banking or even personal identification applications.
• smart cards create a secure environment for storing items of monetary value while the contactless feature is fast and convenient for users who only need to bring the card in close proximity to a card reader. These types of contactless cards do not require a Personal Identification Number (PIN) and are therefore suited for high-volume, low-value transactions.
• PIN Personal Identification Number
• ATM Automated Teller Machine
• a kiosk to transfer money from a checking account, savings account, a credit card account or by inserting cash into the ATM.
• the user puts their ATM card or cash into the machine and positions a contactless card near the contactless reader/writer to complete the transfer of money.
• These ATMs are typically located at the entrance to the transit station where the customers purchase transit tokens.
• the popularity of contactless cards for transit has grown so that other vendors in area surrounding the transit system also accept the contactless card for payment for purchases such as parking, fast food, convenience stores, gas stations and vending machines.
• Many merchants are installing contactless smart card reader/writers in their stores to provide the ability to accept smart cards as a form of payment.
• a wireless apparatus such as, for example a mobile phone may contain a NFC module or other type of near field communications module. Furthermore the apparatus may contain a secure element such as a secure smart card. The secure element is used in association with the near field communications module to carry out acts that require trust and confident. Examples of these kinds of acts may be a payment, electronic payment, true identification, credit card, secure transaction, electronic ticket purchasing and validation etc. Another example can be a payment made by a mobile phone.
• a real authentication is however a problem with transaction related acts when the actual transaction operations are conducted electronically, such as, for example in connection with transaction operations involving the secure smart card.
• the transaction itself can be carried out quite easily and conveniently by the system nowadays.
• a known solution is to carry it out by non-electric means. For example by personally demonstrating a personal identification card such as a passport.
• Another known solution is to make a personal signature by hand.
• Yet another known solution is to enter a personal identification code matching with the secure element by hand with a keypad.
• Yet another solution is to conduct the authentication by way of biometric identification of the user.
• a common problem for these and any similar or equivalent known solutions is that the authentication involving the person carrying the wireless apparatus requires taking an effort by said person.
• an apparatus comprising: a controller;
• a near field communications module operatively coupled to the controller
• a first secure storage location operatively coupled to the controller and configured to store at least partly information for carrying out a transaction operation by way of a transaction communications protocol via the near field communications module;
• a second secure storage location operatively coupled to the controller and configured to store at least authentication information regarding authentic user of the apparatus
• controller is configured to switch communications from said transaction communications protocol to another communications protocol in response to detecting that said transaction is substantially carried out and communicate the at least authentication information regarding the authentic user of the apparatus via the another communications protocol.
• a wireless apparatus comprising: a controller;
• a near field communications module operatively coupled to the controller; a first secure storage location operatively coupled to the controller and configured to store at least partly information for carrying out a transaction operation by way of a transaction communications protocol via the near field communications module;
• a second secure storage location operatively coupled to the controller and configured to store at least authentication information regarding authentic user of the apparatus; wherein the controller is configured to switch communication from said transaction communications protocol to another communications protocol in response to detecting that said transaction is substantially carried out and communicate the at least authentication information regarding the authentic user of the wireless apparatus via the another communications protocol.
• Figure 1 depicts a block diagram of an apparatus in which general principles of the various embodiment of the invention can be applied
• Figure 2 depicts a block diagram of an apparatus having a switch configured to switch the protocol between the secure transaction element and the authentication module of the apparatus according to various further embodiments of the invention
• Figure 3 depicts a flow chart of the operations of the apparatus according to various further embodiments of the invention
• Figure 4 depicts schematically a block diagram including functional and structural components of the apparatus according to some further embodiments of the invention. DESCRIPTION OF FURTHER EMBODIMENTS
• the apparatus 100 comprises a first secure storage location 101 such as a transaction element 101.
• the transaction element 101 may be, according to at least one embodiment, a secure smart card element configured for transaction operations for example.
• the secure transaction element 101 is arranged to communicate by a first communications protocol.
• the apparatus comprises a second secure storage location 102 such as an authentication module 102.
• the authentication module 102 can be a smart card of the apparatus 100 for authentication.
• the authentication module 102 is arranged to communicate by a second communications protocol.
• the apparatus 100 comprises also a near field communications module 103, which can be alternatively referred to as as a short-range communications module.
• the apparatus comprises also a controller SW1 , which is coupled with the secure transaction element 101.
• the controller SW 1 is also coupled with the authentication module 102 and with the near field communications module 103.
• the controller SW1 is configured to switch communications from the first communications protocol to the second communications protocol once it is detected that a transaction operation is substantially carried out so as to provide means to authenticate a user of the apparatus responsible for carrying out the transaction using said another communications protocol.
• the authentication relating to the transaction is carried out on a basis of the authentication of the user of the apparatus.
• the apparatus 100 may contain hardware, software and/or middleware for carrying out the operations of various embodiments.
• the apparatus 100 has computer code and/or the hardware for performing the operations of further embodiments.
• the apparatus 100 may be a wireless radio frequency apparatus having a near field and/or a short range wireless communication capability.
• the apparatus 100 can be, according to a further embodiment, a mobile phone containing near field communications capability.
• Various embodiments of the invention provide blocks or modules for a cashier/ticketing inspector to request authentication information regarding the user of the apparatus 100 by way of switching from the transaction protocol (for example ISO-14443 communication) to peer-to-peer communications (for example NFC-IP) and requesting user authentication information from the apparatus 100.
• the authentication information may include, according to at least one embodiment, an image of the user or like, but also other kind of information that can be used as a proof of authenticity of the person using the apparatus 100 can be used as well.
• the authentication information is typically secured and may be, according to at least one embodiment, stored e.g. in the authentication module 102 in a secure memory location, such as, for example within a secure smart card (for example SIM card in case of a mobile phone). It should be also noted that in accordance of at least one further embodiment of the invention, the secure transaction element
• a secure smart card 102 such as, for example SIM card in a mobile phone apparatus.
• the authentication information (e.g. the image of the owner of the apparatus or like) can be secured by way of for example signing the authentication information with secure key of some reliable account provider.
• a credit issuing company such as, for example MasterCard may provide, in addition to actual payment application within the secure smart card element 102, also a secure signing of the authentication information with its secure key so that the authentication information can also be secured to prevent potential misuse.
• the authentication information is provided to the cashier/ticketing inspector, it is conformed with the public key corresponding to the secure key so that the authentication information cannot be hacked.
• the user of the apparatus needs to first sign in and authenticate oneself to e.g. the entity via e.g. the entity's web pages, and only after the user is signed in, and authenticated, the user is provided an opportunity to amend or change the authentication information of the apparatus.
• This kind of feature is especially suitable in situations where the apparatus is sold to another person and the ticketing information needs to be updated so that the new user can utilize his/her own tickets etc. after purchase of the apparatus while ensuring that the person selling the apparatus doesn't loose his/her tickets in connection with the transaction.
• FIG. 2 depicts a block diagram of an apparatus 100' having a controller SW1' configured to switch the protocol between the secure transaction element 101 ' and the authentication module 102' of the apparatus 100' according to various further embodiments of the invention.
• the apparatus 100' comprises the secure transaction element 101'.
• the apparatus 100' comprises near field communications module 103', a CPU, and an authentication module 102', such as, for example the SIM of the apparatus 100'.
• the secure transaction smart card element/module 101 ' is connected via the controller SWV either to a near field communication NFC 103' interface providing connectivity with external devices by means of using for example RFID or optical connection.
• the secure transaction smart card element/module 10V is connected via the controller SWV with a terminal CPU for providing control to the secure smart card element 10V.
• the NFC 103' interface allows both reading and writing operations to be conducted both to and from external tags/devices and also peer-to-peer type communication between two NFC terminals.
• the secure transaction smart card element 10V is directly linked to the NFC 103' interface by means of the controller SWV, in order to ensure that there will be no unnecessary delays within terminal logic that might hinder/prevent transactions due to the nature of RFID communications, which will typically require fast response times.
• An RFID transaction for instance, will be typically conducted within, e.g., hundreds of milliseconds.
• the secure element 10V is thus connected with the controller SWV.
• the controller SWV is connected with the near field communications module 103'.
• the CPU is connected to the SW1' and also to the NFC module 103'.
• the controller SW1' may switch communications to the authentication module 102'.
• the authentication module 102' applies another communications protocol than the secure element 101 '.
• the CPU instructs the controller SW1' to switch to another communications protocol and further to the authentication module 102'.
• Apparatus 100' comprises also a memory which is connected with CPU.
• the apparatus 100' may comprise a short-range transceiver which is coupled with CPU.
• Apparatus 100' comprises a network receiver which is couples with CPU.
• the apparatus 100' comprises application storage which is coupled with a CPU.
• the application storage may be coupled directly with the secure transaction element 101 '.
• the apparatus comprises also a display which is coupled with the previous components.
• the apparatus comprises an antenna which is coupled with the network transceiver and possibly with the short- range transceiver.
• a transaction is started in the step 200.
• the transaction is performed with the apparatus 100.
• the transaction takes place by reading and writing opertations that are concluded by the secure transaction element 101.
• the secure transaction element 101 may communicate via the near field communications module 103.
• the secure transaction element 101 may communicate via other communications modules of the apparatus 100, such as, for example, the network transceiver 105 and short range transceiver 104.
• the transaction takes place by using a communication protocol such as, for example, the ISO-14443 communications protocol.
• the transaction is completed using the communications protocol in the step 200.
• a controller SW1 switches communications to another communications protocol such as, for example the ISO-18092, or ISO-21481 , once the transaction is substantially completed and carried out;
• the controller SW1 may switch communications to ISO-18092, or ISO- 21481 , which are examples of other communications protocols for NFC-IP based peer-to-peer communications.
• An authentication procedure for the transaction may now start in the step 202.
• the authentication information may be requested from the apparatus 100.
• the authentication information is requested from the authentication module 102 of the apparatus 100.
• the authentication is requested from a smart card 102' of the apparatus 100, such as, for example the SIM card or the like.
• the requesting party of the transaction is provided with the authentication information in the step 203.
• the authentication information is advantageously used to complete the transaction.
• the authentication information may be transferred for example by transmitting image information of the authenticated user of the device that can be presented as a picture of the authenticated user of the apparatus 100. Furthermore by providing the parties with digital signature etc. As said previously there are various examples.
• the controller SW1 is configured to switch communications from the secure transaction mode into the authentication mode.
• the authentication mode authenticates the user of the apparatus 100 by the necessary authentication information.
• the authentication information can be presented where necessary.
• the controller SW1 is further configured to detect whether the transaction has substantially been carried out so as to switch to said another communications protocol.
• the controller SW1 may be further configured to detect specific data of the transaction so as to determine whether the transaction continues or is about to be substantially carried out.
• the controller SW 1 may further be coupled with a timer (not shown) configured to prompt the controller to check a status of the transaction and/or determine whether messages related to the transaction has been exchanged within a certain predefined time period in yet another further embodiment.
• the controller SW1 may determine that the transaction is substantially carried out if the controller SW1 detects no transaction related messages have been exchanged within a predefined time period.
• the near filed communications module 103 may use various near field communications, such as, e.g. the NFC or the like.
• the near field communications module 103 alternatively referred to as near field communications interface, provides necessary means to communicate with external tags/devices using e.g. RFID technology so that the terminal can conduct RFID-based payment and ticketing transactions, but not limited thereto.
• the near field communications module allows both reading and writing operations to be conducted both to and from external tags/devices and also peer-to-peer type communication between two terminals.
• the secure transaction module 101 and the secure authentication module 102 can be directly linked to the near filed communications interface 103, by means of the controller SW1 , in order to ensure that there will be no unnecessary delays within terminal logic that might hinder/prevent transactions due to the nature or RFID communication, which will typically require fast response times.
• a RFID transaction for instance, will be typically conducted within hundreds of milliseconds.
• NFC itself is a short-range wireless technology which enables the communication between devices over a short distance. The technology can be used in mobile phones and other RFID based apparatuses.
• NFC is compatible with the existing contactless infrastructure, for example in use for public transportation and payment. NFC works by magnetic field induction. It can operate within the globally available and unlicensed RF band of 13.56 MHz.
• Working distance can be 0-20 centimetres, and the speed: 106 Kbit/s, 212 Kbit/s or 424 Kbit/s.
• Passive Communication Mode The Initiator device provides a carrier field and the target device answers by modulating existing field. In this mode, the Target device may draw its operating power from the Initiator-provided electromagnetic field, thus making the Target device a transponder.
• Active Communication Mode Both Initiator and Target device communicate by generating their own field. In this mode, both devices typically need to have a power supply.
• NFC can be used to configure and initiate other wireless network connections such as Bluetooth, Wi-Fi or Ultra-wideband.
• NFC Non-Fi Protected Access
• Reader mode the NFC device is active and read a passive RFID tag, for example for interactive advertising.
• P2P mode two NFC devices are communicating together and exchanging information.
• Mobile ticketing in public transport an extension of the existing contactless infrastructure.
• Mobile Payment the mobile phone acts as a debit/ credit payment card.
• Smart poster the mobile phone is used to read RFID tags on outdoor billboards in order to get info on the move.
• Pairing - in the pairing of devices with NFC support may be as easy as bringing them close together and accepting the pairing.
• the process of activating on both sides, searching, waiting, pairing and authorization can be replaced by a simple "touch" of the mobile phones.
• Other applications in the could include: Electronic tickets - airline tickets, concert/event tickets, and others, Electronic money, Travel cards, Identity documents, Mobile commerce, Electronic keys - car keys, house/office keys, hotel room keys, etc
• NFC is an open platform technology standardized in ECMA-340 and ISO/IEC 18092. These standards specify the modulation schemes, coding, transfer speeds and frame format of the RF interface of NFC devices, as well as initialization schemes and conditions required for data collision-control during initialization-for both passive and active NFC modes. Furthermore, they also define the transport protocol, including protocol activation and data-exchange methods. NFC incorporates a variety of pre-existing standards including ISO_14443 both A (normal) and B (banking/short range), ISO_15693, and FeIiCa.
• a further embodiment of the invention takes advantage of smart card such as a subscriber identity module (SIM).
• SIM card may be an SD card or actually any other auxiliary secure element.
• SIM card contains the secure transaction element 101 as well.
• the switch mat switch between these blocks, for example as described in various embodiment of the invention.
• the user activates elements, and may further select at least one of the transaction/applications to be active at the time.
• the selection may be based on e.g. default selection, based on user selection or alternatively the terminal 100 may be capable of selecting the suitable application based on the current context/environment of the terminal 100.
• the selection of the context/environment of the terminal 100 may be performed by the user e.g. by initiating reading a dedicated tag through the NFC module 103', wherein the tag could indicated the presence of certain type of POS terminal (e.g.
• the selection of the context/environment may alternatively be based on the current location of the mobile terminal, which may be based on GPS positioning information or alternatively information received through wide-area- or local-area networks.
• the user can, for example, simply "touch” (i.e. brings his mobile terminal device in close proximity) the POS terminal NFC interface with the terminal 100, which results the terminals NFC interface 103' to communicate with the POS terminals NFC interface, so that the necessary information for conducting the agreed transaction will be exchanged.
• the NFC interfaces 103 of the terminal 100 and the POS terminal may include any communication interface suitable for near field communication including RF and optical interfaces two name a couple of non-limiting examples.
• the necessary information includes at least following communication operations.
• Fig. 4 illustrates schematically an implementation of an apparatus 100" such as a portable consumer electronic device being equipped with a RFID device according to some further embodiments of the invention.
• the block diagram of Fig. 4 illustrates a principle structural design of a cellular terminal, which should exemplary represent any kind of portable CE device 100" employable with the present invention. It shall be understood that the present invention is not limited to any specific kind of portable CE device such as that illustrated.
• the illustrated portable CE device 100 comprises typically a central processing unit (CPU) 410, a data storage 420, an application storage 430, input/output means including audio input/output (I/O) means 450, a keypad with input controller (Ctrl) 460 and a display with display controller (Ctrl) 470.
• the portable CE device 100" includes a cellular interface (I/F) 480 coupled to a cellular antenna and operable with a corresponding subscriber identification module (SIM) 440.
• I/F cellular interface
• SIM subscriber identification module
• the smartcard module when integrating the smartcard module into the handheld mobile phone, security is improved as in order to use the mobile phone a PIN input is needed enabling GSM SIM in the mobile phone when the mobile phone is switched on.
• the smartcard module may be integrated in to SIM card of the portable CE device 100" instead of being a separate module.
• the smartcard module may be integrated into a MMC card or memory stick module in connection with the data storage 420 of the portable CE device.
• the portable CE device 100" according to a further embodiment of the invention comprises also a local data interface (I/F) 400 and a general data interface (I/F) 490.
• I/F local data interface
• I/F general data interface
• the local (short-range) data interface (I/F) 400 or local (short-range) transceiver may be additionally implemented in portable CE device 100" to provide for local data communication with a corresponding counterpart network, base station or transceiver.
• the local data interface (I/F) 400 can be realized by a low- power radio frequency (LPRF) transceiver such as a Bluetooth transceiver, a WLAN (wireless local area network) transceiver, an ultra-wide band (UWB) transceiver or any other transceiver operable with an IEEE 8O2.xx standard.
• LPRF low- power radio frequency
• the local data interface (I/F) 400 can be also implemented as an infrared-based interface such as an IrDA (infrared direct access) interface or an interface being based on radio frequency identification (RFID) technology, namely RFID reader, RFID transponder and near field communication (NFC) standard, respectively.
• IrDA infrared direct access
• RFID radio frequency identification
• the cellular interface (I/F) 480 is arranged as a cellular transceiver to receive signals from the cellular antenna, decodes the signals, demodulates them and also reduces them to the base band frequency.
• the cellular interface 480 provides for an over-the-air interface, which serves in conjunction with the subscriber identification module (SIM) 440 for cellular communications with a corresponding radio access network (RAN) of a public land mobile network (PLMN).
• SIM subscriber identification module
• RAN radio access network
• PLMN public land mobile network
• the output of the cellular interface (I/F) 480 thus consists of a stream of data that may require further processing by the central processing unit (CPU) 410.
• the cellular interface (I/F) 480 arranged as a cellular transceiver also receives data from the central processing unit (CPU) 410, which are to be transmitted via the over-the-air interface to the radio access network (RAN). Therefore, the cellular interface (I/F) 480 encodes, modulates and converts the signal to the radio frequency, which is to be used. The cellular antenna then transmits the resulting radio frequency signal to the corresponding radio access network (RAN) of the public land mobile network (PLMN).
• RAN radio access network
• the portable CE 100" device may include in certain embodiments of the present invention, a broadcast receiver interface (not shown), which allows the portable CE to access broadcast transmission services that include Digital Video broadcasting (DVB-T, DVB-H), Digital Audio Broadcasting (DAB), Digital Radio Musice (DRM), Integrated Services Digital Broadcasting-Terrestrial (ISDB-T), Advanced Television Systems Committee (ATSC) and Digital Multimedia Broadcasting (DMB-T) techniques to name a few.
• DVD-T Digital Video Broadcasting
• DVB-H Digital Audio Broadcasting
• DRM Digital Radio Mondiale
• ISDB-T Integrated Services Digital Broadcasting-Terrestrial
• ATSC Advanced Television Systems Committee
• DMB-T Digital Multimedia Broadcasting
• the display and display controller (Ctrl) 470 are controlled by the central processing unit (CPU) 410 and provides information for the user typically by the means of a user interface.
• the keypad and keypad controller (Ctrl) 460 are provided to allow the user to input information.
• the information input via the keypad is supplied to the central processing unit (CPU) 410, which may be controlled in accordance with the input information.
• the audio input/output (I/O) means 450 includes at least a speaker for reproducing an audio signal and a microphone for recording an audio signal.
• the central processing unit (CPU) 410 may control the conversion of audio data to audio output signals and the conversion of audio input signals into audio data, where the audio data have a suitable format for cellular transmission.
• the data interface (I/F) 490 serves for interfacing data and instruction communications between the local data interface module 400 and the portable CE device 100".
• the data interface (I/F) 490 may be established by various appropriate hardware and/or software interfaces.
• the portable CE device 100" further comprises a protected memory, which is adapted for storing a plurality of data records, for instance within said smartcard module 101 and 103.
• each data record shall be understood as a digital representation of information relating to for instance digital ticket data and digital payment data according to an embodiment of the present invention.
• the protected memory is specifically adapted to meet requirements, which have to be considered to ensure security and privacy aspects relevant in view of the sensitive digital information stored therein.
• the portable CE device 100 may anyone of the example devices comprising illustratively a portable phone, a personal digital assistant, a pocket personal computer, a portable personal computer, a communicator terminal or any other portable consumer electronics (CE) with processing capability and appropriate communication means; i.e. comprising at least a transaction module 101 , an authentication module 102, a and a near field communications module 103.
• the portable CE device 100" embodies a processor-based device, which allows implementation of the inventive concept.
• the following embodiment will illustrate enhanced identification device operation, which is for instance implementable in each of the aforementioned consumer electronic (CE) devices.
• illustration of the identification device will be given with respect to illustrated portable CE device 100", which has attached or has embedded such an identification device. But it shall be noted that the invention is not specifically limited to those identification devices and to portable CE device coupled thereto, respectively, which are herein illustrated merely for the way of illustration on the basis of embodiments according to the present invention.
• the computer program can be a computer program product.
• the product is an example of a tangible object.
• it can be a medium such as a disc, a hard disk, an optical medium, CD-ROM, floppy disk, or the like storage etc.
• the product may in a form of a signal such as an electromagnetic signal.
• the signal can be transmitted within the network for example.
• the product comprises computer program code or code means arranged to perform the operations of various embodiments of the invention.

Landscapes

• Engineering & Computer Science (AREA)
• Business, Economics & Management (AREA)
• Accounting & Taxation (AREA)
• Computer Networks & Wireless Communication (AREA)
• Computer Security & Cryptography (AREA)
• Physics & Mathematics (AREA)
• General Physics & Mathematics (AREA)
• Strategic Management (AREA)
• General Business, Economics & Management (AREA)
• Theoretical Computer Science (AREA)
• Signal Processing (AREA)
• Computing Systems (AREA)
• General Engineering & Computer Science (AREA)
• Computer Hardware Design (AREA)
• Finance (AREA)
• Mobile Radio Communication Systems (AREA)
• Telephone Function (AREA)

Applications Claiming Priority (1)

Publications (1)

Family

ID=40717341

Family Applications (1)

Country Status (3)

Families Citing this family (18)

Family Cites Families (7)

• 2007
  • 2007-12-07 EP EP07858312A patent/EP2218238A1/de not_active Withdrawn
  • 2007-12-07 WO PCT/FI2007/000288 patent/WO2009071734A1/en active Application Filing
  • 2007-12-07 CN CN200780101647A patent/CN101868953A/zh active Pending

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events