GB2476989A - Activation of secure function in mobile computing device using authentication tag - Google Patents

Activation of secure function in mobile computing device using authentication tag Download PDF

Info

Publication number
GB2476989A
GB2476989A GB201000837A GB201000837A GB2476989A GB 2476989 A GB2476989 A GB 2476989A GB 201000837 A GB201000837 A GB 201000837A GB 201000837 A GB201000837 A GB 201000837A GB 2476989 A GB2476989 A GB 2476989A
Authority
GB
United Kingdom
Prior art keywords
tag
authentication
computing device
application
mobile computing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB201000837A
Other versions
GB201000837D0 (en
Inventor
Neil Garner
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
PROXAMA Ltd
Original Assignee
PROXAMA Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by PROXAMA Ltd filed Critical PROXAMA Ltd
Priority to GB201000837A priority Critical patent/GB2476989A/en
Publication of GB201000837D0 publication Critical patent/GB201000837D0/en
Publication of GB2476989A publication Critical patent/GB2476989A/en
Application status is Withdrawn legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0853Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using an additional device, e.g. smartcard, SIM or a different communication terminal
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/88Detecting or preventing theft or loss
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/227Payment schemes or models characterized in that multiple accounts are available to the payer
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3227Use of a security embedded in M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/353Payments by additional cards plugged into M-devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0492Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload by using a location-limited connection, e.g. near-field communication or limited proximity of entities

Abstract

A mobile computing device 100, preferably a mobile telephone, is brought into proximity with an authentication tag 101 with which the device communicates. Preferably, the authentication tag 101 comprises a passive radio-frequency identification (RFID) tag 107 within the dimensions of a credit card and the device employs near-field communication (NFC) technology. A communication module of the device causes the tag to transmit authentication data 109, possibly a tag-ID and preferably encrypted and stored as an NFC definition (NDEF) record 108, which is validated by the device. If the data is valid the device executes a secure function such as launching a secure application, which may be associated with an application-ID held in second authentication data from the tag, which IDs must match. The secure application may be an account access application, e.g, a mobile "wallet", and may communicate with a remote server to update account details such as virtual bank cards. Activation of the secure function may comprise activation of a virtual bank card for payment via a contactless payment point.

Description

AN APPARATUS AND A METHOD FOR SECURE AUTHENTICATION

TECHNICAL FIELD

This invention relates to an apparatus for secure authentication. In particular, the present invention relates to a mobile telephone having a function which is activated

using near field communication.

BACKGROUND TO THE INVENTION

Contactless payment technology enables mobile telephones to be used for payment for goods and services. A mobile telephone may include contactless technology, such as a near-field communications (NFC) transceiver, which enables the telephone to act as contactless payment card, such as a bank card or credit card.

Rather than the payment card being a physical card, the payment card is a virtual card stored on the mobile telephone. The mobile telephone may therefore have several payment cards stored on it, for use with different services.

The mobile telephone includes a mobile wallet application in which the virtual cards are accessed. In order to use a card, the user may log into the application using a secure passcode. The mobile wallet is therefore protected against fraudulent use. If someone steals the mobile telephone, they are unable to use any virtual payment cards as the thief will not typically have the passcode. Alternatively, the device may include no passcode, in which case the virtual money is not protected against fraudulent use.

SUMMARY OF EXAMPLES OF THE INVENTION

An example of the invention provides a mobile computing device comprising a communication module for communicating with an authentication tag, in which the authentication tag is for enabling a secure function; wherein the communication module is arranged to cause the authentication tag to transmit first authentication data which may be received by the communication module; and wherein the device determines if the first authentication data is valid, when it is received by the communication module, and if the first authentication data is valid, the device executes the secure function.

Examples of the invention provide a device which is easy to use, and allows a user a initiate a secure function without having to use the user interface of the phone. The user does not have remember a password/passcode. The device makes it more difficult for a phone to be used by an unauthorised person. If the device is stolen, the secure function can't be initiated without the authentication tag.

In an example, the first authentication data is a tag ID and the mobile device executes the secure function if the tag ID is stored on the device. This means different tags with different IDs can be used for different secure functions.

Alternatively, one tag could be used for several secure functions.

In an example, the device further comprises a tag ID record in which tag IDs are stored, wherein the device determines if a tag ID is valid by checking the tag ID store.

In an example, the device further comprises a secure application, and wherein the secure function is launching of the secure application. In an example, the secure application has an associated application ID, and the authentication tag has second authentication data which is the application ID. In an example, the secure application is launched if the second authentication data matches the application ID of the secure application. This enables the device to work out which secure application the tag is for use with.

In an example, the secure application includes a plurality of options, and the authentication tag may be used to cycle through said options. Therefore, in addition to opening an application, the tag can be used to initiate other functions.

In an example, said secure application is an account access application which includes an account record store, arranged to store user account details, and wherein said secure function is activating a user account. In an example, said secure application is arranged to communicate with a remote server. In an example, said user account details may be updated by communication with said remote server. In an example, said authentication tag is used activate the secure application to update said user account details.

In an example, the account access application is a mobile wallet and said user account details are virtual bank cards. In an example, the authentication tag is for activating a virtual bank card for payment. In an example, the mobile wallet includes a plurality of bank cards, and the authentication tag is for cycling through the cards.

In an example, the communications module is further arranged to communicate with a contactless payment point using said virtual bank card. One use of the device is to store virtual bank cards on the device. The cards are activated for payment using the authentication tag. Payments can only be made if the correct authentication card is used to activate the card.

iS In an example, the device further comprises a public key, wherein authentication data stored on the authentication tag is encrypted with a private key, and, in order to read the authentication data, the mobile device uses the public key to decrypt the data. In an example, wherein said tag ID is generated using one-time passcode creation when the communications module communicates with the authentication tag. In an example, wherein said tag ID is generated using challenge-response when the communication module communicates with the authentication tag. These encryption techniques can be used to add further layers of security to the device.

In an example, wherein the secure function may be initiation of a telephone call. The device may be used for various secure functions, apart from a mobile wallet. For example, imitating an emergency call.

In an example, said communications module is a near-field communications module, and said authentication tag is an RFID tag and said data is stored as an NDEF record. In an example, said secure function is initiated by bringing the mobile device into close proximity with the authentication tag. In an example, said authentication tag is located in an authentication card which has the dimensions of a credit card. In an example, the authentication card is arranged to be attached to an item of clothing, and the secure function is initiated by moving the phone to the card. In an example, the device is a mobile telephone.

In a further example embodiment, the present invention provides a cellular telephone for communicating with a cellular telephone network, comprising a near-field communication module for communicating with RFID tags, wherein the near-filed communication module is arranged to cause any REID tags brought into proximity with the telephone to transmit a tag ID and an application ID stored on the tags, and wherein the telephone includes a mobile wallet application, having an application ID, the mobile wallet application including at least one virtual bank card, and wherein the telephone further includes a tag ID record, and when the communication module receives the tag ID and application ID, it validates the tag by checking the tag ID is stored in the tag ID record, and if valid, the telephone opens the mobile wallet application and activates at least one virtual bank card.

In a further example embodiment, the present invention provides a method of operating the device described above.

In a further example embodiment, the present invention provides a method comprising: bringing an authentication tag and a mobile computing device into proximity with each other; receiving, at a communication module of the device, first authentication data, transmitted from the authentication tag; determining, on the mobile device, if the first authentication data is valid; and executing a secure function if the first authentication data is valid.

In a further example embodiment, the present invention provides a system comprising: the mobile computing device described above; and an authentication tag; wherein the authentication tag has first authentication data stored thereon.

In a further example embodiment, the present invention provides a computer program to be run by a processor on a mobile computing device, to: determine if first authentication data, received from an authentication tag, is valid; and execute a secure function on the mobile device, if the first authentication data is valid.

In a further example embodiment, the present invention provides a computer-readable medium comprising instructions, which when executed by a mobile computing device causes the device to: determining if first authentication data, received from an authentication tag, is valid; execute a secure function, if the first authentication data is valid.

This summary provides examples of the invention which are not intended to be limiting on the scope of the invention. The features of the invention described above and recited in the claims may be combined in any suitable manner. The combinations described above and recited in the claims are not intended to limit the scope of the invention.

Features and advantages associated with the examples of the invention will be apparent from the following description of some examples of the invention.

BRIEF DESCRIPTION OF THE DRAWINGS

Examples of the invention are hereinafter described with reference to the accompanying figures in which: Figure 1 shows a mobile telephone and an authentication card in an example of the invention; Figure 2 is a schematic diagram showing some components of the mobile telephone shown in Figure 1; Figure 3 shows some details of the authentication card of Figure 1; Figure 4 shows some of the applications and data stored in the memory of the mobile telephone shown in Figure 1; Figure 5 is a flow chart showing a method of operation of the mobile telephone shown in Figure 1; Figure 6 shows the mobile telephone of Figure 1 during use; Figure 7 shows a system which includes the mobile telephone of Figure 1.

Figure 8 is a flow chart showing a further method of operation of the mobile telephone shown in Figure 1; and Figure 9 is a flow chart showing a further method of operation of the mobile telephone shown in Figure 1.

DESCRIPTION OF EXAMPLES OF THE INVENTION

In a first example embodiment, the present invention provides a system for secure payment. This is shown in Figure 1. The system includes a mobile telephone 100 which includes a NFC module, which may use RFID technology, for example. The NFC module enables the mobile telephone to communicate with contactless payment points. A mobile wallet is stored on the mobile telephone and includes one or more virtual bank cards. A user is able to pay for goods or services using the virtual cards. In order to make a payment, the user selects the card they wish to use and waves the mobile telephone in front of the contactless payment point. Money is then deducted from the virtual card.

In addition, the user has one or more authentication cards, such as authentication card 101, as shown in Figure 1. The authentication card 101 is used to unlock the mobile wallet to enable a user to make a payment. The authentication card 101 is a plastic, credit card sized card which has an RFID tag embedded therein. In order to make a payment, the user waves the mobile telephone 100 in front of the authentication card 101. The NFC module interrogates the RFID tag, which transmits a unique code back to the mobile telephone 100. This unique code is used to open the mobile wallet and activate a virtual card for payment. If the user loses their mobile phone, no payments can be made. In order to make payments, anyone who obtains the telephone must also have the authentication card.

The present invention is not limited to for use with a mobile wallet. In other embodiments, the system may be used to launch secure applications, authorise top-up of a mobile phone account, lock/unlock the mobile telephone 100, prove identification and make emergency calls. Other functions are possible with the scope of the present invention.

The present invention is not limited to the features an combinations described in the detailed description. Different features and combinations of features may be possible. In some embodiments, the mobile telephone may be replaced by other computing devices, including PDAa, handheld computers, games consoles, laptops, etc. The following detailed description provides examples of some ways of carrying out the present invention.

As noted above, the mobile telephone 100 is enabled for NFCs using, for example, RFID technology. The authentication card 101 is, for example, a plastic, credit card sized card, containing an RFID tag. The mobile telephone 100 is arranged to interrogate the authentication card 101, and the authentication card is arranged to transmit data, stored on the card, to the mobile telephone. The data sent by the authentication card 101 is used by the mobile telephone 100 to authenticate a user to open a secure application, or to authenticate a user access certain functions associated with a secure application. As noted above, this application may be a mobile wallet, amongst other possibilities.

In order to open a secure application, or in order for a function associated with a secure application to be executed, the user must bring an authentication card, such as card 101, into proximity with the mobile telephone 100. The authentication card 101 has data stored on it which identifies secure application with which it is associated, and a unique code which identifies the card itself. When the authentication card 101 is brought into close proximity with the mobile telephone 100, the telephone interrogates the card 101, and the card transmits the data stored on it to the mobile telephone 100. The mobile telephone 100 then validates the data received from the card 101, and causes the relevant secure application to open or to execute the relevant function. Further details of the mobile telephone 101, authentication card 101 and the method of operation will be described below.

The mobile telephone 100 will now be described in more detail with reference to Figure 2. The mobile telephone includes a processor 102, memory 103, an input device 104, a display 105, and an NEC module 106. The processor 102 controls the operation of the mobile telephone 100 by executing computer code stored in memory 103. A user can control the mobile telephone 100 using the input device 104 which may be a keypad. The mobile telephone 100 provides feedback to the user via display 105. The NFC module 106 enables the mobile telephone 100 to interact with other NFC devices, such as the authentication cards described above, as well as with NFC payment points. The memory 103 is used to store secure applications for use with authentication cards, such as card 101, amongst various other software elements.

The mobile telephone 100 may include additional components as is known in the art.

For example, the mobile phone 100 may include various buses to connect the various components, various types of memory, multiple processors for different functions, and a mobile radio for communication with a mobile phone network. The skilled person will understand the components necessary for the mobile phone 100 to function. Only those components which relate to the present invention are described in detail here.

The authentication card 101 will now be described in more detail in connection with Figure 3. The card 101 is a credit card shaped card which includes a passive RFID tag 107. The tag 107 includes an NFC Data Exchange Format (NDEF) record 108.

The record 108 includes data 109 which may be sent to a mobile telephone, such as telephone 100, when the tag 107 is interrogated by such a telephone. The data stored on the tag 107 will be described in more detail below.

The secure applications and the authentication data stored in the mobile phone 100 and the authentication card 101 will now be described in more detail with reference to Figure 4. In this example, several secure applications 200a, 200b and 200c are stored in memory 103. The memory 103 is arranged to store one or more secure applications. Each of the secure applications 200a, 200b, 200c has at least one unique mobile application identifier (MAI) associated with it. In this example, each secure application has a single MAI. These MAIs are shown in Figure 4 as MAIs 201a, 201b, and 201c. Memory 103 also includes a MAI record 202 which is used to store the MAts of all secure applications stored in memory. As can be seen in Figure 4, the MAt record 202 includes MAts 201a, 201b and 201c.

Each authentication card has a unique card ID. When a card is registered with a particular mobile telephone, the card ID is stored in the mobile telephone. The card ID is used as a passcode to open certain secure applications and to unlock certain secure functions. This process will be described in more detail below. The memory 103 also includes a card ID record 203. In the present case, the card ID record 203 includes three card IDs; card ID 204a, 204b and 204c. This is shown in Figure 4.

Each authentication card has data 109 stored on it, as noted above. The data includes the MAI for the secure application or function which the authentication card is for use with. The data 109 also includes the card ID for that authentication card.

The memory 103 also includes a virtual card store 205 which has virtual cards 206a, 206b, 206c stored therein. In this example, the authentication card 101 corresponds to virtual card 206a. Virtual card 206a is a primary bank card of the user. The primary bank card 206a has a cash balance. The cash balance is stored in memory 103 with the virtual card 206a.

The memory 103 also includes a NFC module controller 207 which is for controlling the operation of the NFC module 106. When data is received by the NFC module 106, the NFC module controller 207 is responsible for handling the data. The operation of the NEC module controller will be described in more detail below.

As can be seen above, the mobile phone includes a record of MAIs and a record of card IDs. The user is in possession of various authentication cards, each of which is designed for a different purpose. Each card also has a MAI and a card ID. When the user brings a card near to the mobile phone, the data stored on the card is transmitted to the mobile telephone. The MAI is used to identify the application or function which the card is designed to unlock, and the card ID is used to authenticate the card.

A method of operation of the mobile telephone 100, in accordance with an example embodiment, will now be described in connection with Figure 5.

In this example, secure application 200a is mobile wallet application. As noted above, a mobile wallet is a virtual wallet which stores virtual bank cards, as will be described in more detail below. In this example, authentication card 101 is for authorising a payment to be made by such a virtual bank card. The mobile wallet 200a has MAI 201a. Authentication card 101 has MAI 201a and card ID 204a stored in the NDEF record 108. The authentication card 101 has already been registered with the mobile telephone 100. The card ID 204a is stored in card ID record 203.

The process for registration will be described in more detail below.

The mobile telephone 100 is set up so that the NFC module 106 is in an interrogation mode. When in interrogation mode, the NEC module 106 is transmitting an interrogation signal in order to discover RFID tags. When an REID tag is brought into proximity of the mobile telephone 100, the tag receives the interrogation signal and transmits a response to the NFC module 106.

In the present case, when the user wants to make a payment with the primary bank card, they bring the authentication card 101 into proximity of the mobile telephone (block 301). The authentication card 101 transmits a response to the interrogation signal (block 302). The response includes the card ID 204a and the MAI 201a for the mobile wallet 200a. The NEC module controller 207 cross references the MAI 201a with the MAI record 202 (block 303). As the MAI 201a is in the record 202, the NEC module controller 207 passes the data received from the tag 107 to the mobile wallet application 200a (block 304). The mobile wallet application 200a then validates the data received from the authentication card 101 (block 305). In this case, the mobile wallet application 200a checks the card ID with the card ID record 203 (block 306). In this case, the card ID 204a matches the entry in the card ID record 203. The mobile wallet application 200a then opens and displays the virtual card 206a on the mobile telephone display 105. This is shown in Figure 6.

The mobile wallet application 200a indicates to the user the card balance and the fact that the card is active. If either the card ID 204a or MAI 201 a are not validated, the mobile wallet application 205 displays an error message (block 307).

Once a virtual card is active, the user can pay for services by moving the phone into proximity with a contractless payment point. The technology and mechanisms for making contactless payments are known in the art and sill not be described in any detail here.

In a further example embodiment, the present invention provides a system for making an emergency telephone call. In this case, the authentication card 101 is for making an emergency call. The mobile telephone 100 includes a secure application which is for initiating an emergency call. The memory 103 includes the MAt of the emergency application, and the card ID of the authentication card. In order to make an emergency call, the user holds the card against the mobile telephone 100. The user must hold the card against the phone for a minimum time-period; for example five seconds. After five seconds the application launches, the phone vibrates to alert the user, and displays the message, "Request Emergency Assistance: Yes/Cancel?". In order to message the emergency services, the user can press "yes". Alternatively, if they are not in a position to do this, the user can remove the card from the phone, and place it against it again, and the phone will send a message. The message will include the user ID and details of their location. Such a system could be invaluable to those who find themselves in a vulnerable situation, and do not wish to alert anyone to the fact that they are calling the emergency services.

In a further example embodiment, the mobile wallet stored in memory 103 may includes several virtual cards. Tapping the authentication card against the mobile phone 100 causes the phone to cycle through the cards. In this example, the authentication card 101 is not specific to any one card. Instead it is just specific to the mobile wallet. Once the wallet has authenticated the card, it opens. Tapping the card against the phone cycles through the various cards.

In a further example embodiment, the authentication card can be used to open other secure application on the mobile device. Any application which requires the use of a passcode in order to access it may use this system. For example, social networking applications which require a passcode to access could have an authentication card instead. A single card could enable access to several applications, or different cards could be issued for different applications.

In a further example embodiment, the authentication card could be used to lock or unlock the phone.

In a further example embodiment, the authentication card could be sued to retrieve a PIN. For example, if a user has forgotten or locked a PIN, the authentication card could be used as part of an authentication process. The application provider or network operator could require use of an authentication card in order to retrieve the PIN or unlock it.

In a further example embodiment, the authentication card could be used as mobile phone insurance or a warranty identifier. The authentication card could include an account reference, stored as data, and printed on the card. If the phone is lost, stolen or broken, the card could be used as evidence of ownership. The details could also be used to repatriate the card if lost.

In a further example embodiment, the authentication card could include an application for checking ID. The phone could have the ID record of the owner stored in memory. The system could be used in such a way that the ID is displayed on the phone when an ID authentication card is held next to the phone. This could be used by retailers to check the age of customers. It could also be used by health workers to find details about a patient.

Some of the embodiments mentioned above require the authentication card to be registered. In addition, in most embodiments the card must be issued to the user in a secure manner. There are also circumstances when the user needs to contact service in order to, for example, top-up an account on the mobile phone. In order to enable this, in a further example embodiment, the present invention provides a system as shown in Figure 7.

As can be seen in Figure 7, the system includes the mobile telephone 100 and the authentication card 101. The system also includes an administration server 401, a tag issuer 402 and third party services 403. The administration server 401 has several purposes, including registration of secure applications, topping-up of mobile phone credit etc. The mobile telephone 101 communicates with the administration server, as required, using conventional communication techniques. The tag issuer 402 is a third party that provides a particular service. For example, the tag issuer 402 may be a bank that issues a mobile wallet bank card. The tag issuer 402 communicates with the administration server 401 in order to register any tags which are issued to users. The administration server 401 therefore has a record of all authentication cards 101. Third party services 403 may include a service to top-up an account of the mobile telephone 101. The mobile telephone 101 communicates via the administration server 402 in order to top-up the account.

The process of registering an authentication card will now be described with reference to Figure 8. In order to use a particular service, for example a virtual bank card, a user must sign-up to the service and obtain a corresponding authentication card. In the case of a bank card, a user may sign-up to a particular card service on-line, via the bank's website. The bank's website is one of the third party services 403 shown in Figure 7. The bank creates an account for the user and sends an authentication card 101 to the user using the tag issuer 402 (block 501). The bank then registers these details with the administration server 402. When the user receives the card, they go back to the bank website and provide the card ID of the card they have been sent. The user then registers the card with the mobile wallet application 200a on the mobile telephone 100 (block 502). The user does this by entering the card ID 204a of the authentication card and the account number of the bank account. The mobile wallet application 200a then contacts the administration server 402 to verify the details (block 503). If the details are correct, the administration server 402 confirms this to the mobile wallet application 200a (block 504). The authentication card 101 and associated bank card are then ready for use.

In a further embodiment, the bank card is cash card. In other words, virtual money is stored in the mobile wallet, When this money runs out, the virtual bank card must be topped up. In this embodiment, the present invention provides a mechanism for topping-up a bank card. This will be described in connection with Figure 9.

In order to open the mobile wallet 200a, the user places their authentication card 101 against the mobile phone 100, as described above. In this situation, the virtual bank card 206a is displayed on the mobile telephone 100, and the available balance is shown. The mobile wallet 200a, includes a top-up now' option, which the user can select in order to top-up the cash on the virtual card. In this case, the user selects the top-up now' option (block 601). The user can the select to top-up by a set amount (for example, £5, £10 or £20), or they can enter specific amount (block 602).

The application then prompts the user to tap their authentication card 101, against the phone 100 to confirm the transaction (block 603). The phone then contacts the bank via the administration server 402 to process the top-up request (block 604).

The bank checks that the details (card ID etc) are correct and updates the virtual card with the new balance (block 605). If the details are incorrect, and error message is returned (block 606). The bank then updates the user's online bank account to reflect the transfer of funds to the virtual card (block 607). As an option, the bank may require the user to enter an additional passcode, when topping-up an account, to act as an extra layer of security.

In a further embodiment, data stored on the authentication card, including the card ID and any MAls, may be have a digital signature applied to it. The signature can be made using a private asymmetric key of the trusted third party service. This may be the key of the bank issuing the authentication card. The mobile wallet may include the public key of the bank, which is used to validate the card data.

In a further embodiment, the card ID mentioned above may be replaced by one-time passcode creation. In this case, there is a counter on the authentication card and on the mobile telephone. Each time a user uses an authentication card, a new passcode is created using a cryptographic key. This passocde acts as the new card ID. This mechanism is transparent to the user and provides greater security than the use of a static card ID.

In a further embodiment, the system may use a challenge-response technique to further improve security. In this case, when a user uses an authentication card, the phone sends a challenge signal to the authentication card. The RFID tag then calculates a response using a cryptographic key, based on the challenge signal, and sends this back to the phone. The phone only allows the user to continue if the response is correct.

The authentication card may come in various form factors. In the examples described above, the card may be a credit card shaped plastic card. This enables the card to be placed in a users wallet. The card may take other shapes that can easily be attached to the users body. For example the card may be incorporated into a belt. In this manner, when a user wishes to make a payment, they can simply wave the mobile telephone phone over the correct portion of the belt. This has particular advantages because the user does not have to locate a card in their wallet to make a payment. Instead, the user intuitively moves their phone to a position on their belt.

An authentication tag may be any suitable sized tag which may store and transmit data to a mobile device. There are no particular limitations on the size, shape or technology used by the tag.

Various modifications, changes, and/or alterations may be made to the above described examples to provide further examples which use the underlying inventive concept, falling within the spirit and/or scope of the invention. Any such further examples are intended to be encompassed by the appended claims.

Claims (43)

  1. Claims 1. A mobile computing device comprising a communication module for communicating with an authentication tag, in which the authentication tag is for enabling a secure function; wherein the communication module is arranged to cause the authentication tag to transmit first authentication data which may be received by the communication module; and wherein the device determines if the first authentication data is valid, when it is received by the communication module, and if the first authentication data is valid, the device executes the secure function.
  2. 2. A mobile computing device according to claim 1, wherein the first authentication data is a tag ID and the mobile device executes the secure function if the tag ID is stored on the device.
  3. 3. A mobile computing device according to claim 2, further comprising a tag ID record in which tag IDs are stored, wherein the device determines if a tag ID is valid by checking the tag ID store.
  4. 4. A mobile computing device according to claims 1, 2 or 3, further comprising a secure application, and wherein the secure function is launching of the secure application.
  5. 5. A mobile computing device according to claim 4, wherein the secure application has an associated application ID, and the authentication tag has second authentication data which is the application ID.
  6. 6. A mobile computing device according to claim 5, wherein the secure application is launched if the second authentication data matches the application ID of the secure application.
  7. 7. A mobile computing device according to claims 4 to 6, wherein the secure application includes a plurality of options, and the authentication tag may be used to cycle through said options.
  8. 8. A mobile computing device according to claims 4 to 7, wherein said secure application is an account access application which includes an account record store, arranged to store user account details, and wherein said secure function is activating a user account.
  9. 9. A mobile computing device according to claim 8, wherein said secure application is arranged to communicate with a remote server.
  10. 10. A mobile computing device according to claim 9, wherein said user account details may be updated by communication with said remote server.
  11. 11 A mobile computing device according to claim 10, wherein said authentication tag is used activate the secure application to update said user account details.
  12. 12. A mobile computing device according to claims 8 to 11, wherein the account access application is a mobile wallet and said user account details are virtual bank cards.
  13. 13. A mobile computing device according to claim 12, wherein the authentication tag is for activating a virtual bank card for payment.
  14. 14. A mobile computing device according to claim 13, wherein the mobile wallet includes a plurality of bank cards, and the authentication tag is for cycling through the cards.
  15. 15. A mobile computing device according to claims 12 to 14, wherein the communications module is further arranged to communicate with a contactiess payment point using said virtual bank card.
  16. 16. A mobile computing device according to any preceding claim, further comprising a public key, wherein authentication data stored on the authentication tag is encrypted with a private key, and, in order to read the authentication data, the mobile device uses the public key to decrypt the data.
  17. 17. A mobile computing device according to any preceding claim, wherein said tag ID is generated using one-time passcode creation when the communications module communicates with the authentication tag.
  18. 18. A mobile computing device according to any preceding claim, wherein said tag ID is generated using challenge-response when the communication module communicates with the authentication tag.
  19. 19. A mobile computing device according claim 1, wherein the secure function may be initiation of a telephor)e call.
  20. 20. A mobile computing device according to any preceding claim, wherein said communications module is a near-field communications module, and said authentication tag is an RFID tag and said data is stored as an NDEF record.
  21. 21. A mobile computing device according to any preceding claim, wherein said secure function is initiated by bringing the mobile device into close proximity with the authentication tag.
  22. 22. A mobile computing device according to claim 21, wherein said authentication tag is located in an authentication card which has the dimensions of a credit card.
  23. 23. A mobile computing device according to claim 22, wherein the authentication card is arranged to be attached to an item of clothing, and the secure function is initiated by moving the phone to the card.
  24. 24. A mobile computing device according to any preceding claim, the device being a mobile telephone.
  25. 25. A cellular telephone for communicating with a cellular telephone network, comprising a near-field communication module for communicating with RFID tags, wherein the near-filed communication module is arranged to cause any RFID tags brought into proximity with the telephone to transmit a tag ID and an application ID stored on the tags, and wherein the telephone includes a mobile wallet application, having an application ID, the mobile wallet application including at least one virtual bank card, and wherein the telephone further includes a tag ID record, and when the communication module receives the tag ID and application ID, it validates the tag by checking the tag ID is stored in the tag ID record, and if valid, the telephone opens the mobile wallet application and activates at least one virtual bank card.
  26. 26. A method of operating the device of any of claims 1 to 25.
  27. 27. A method comprising: bringing an authentication tag and a mobile computing device into proximity with each other; receiving, at a communication module of the device, first authentication data, transmitted from the authentication tag; determining, on the mobile device, if the first authentication data is valid; and executing a secure function if the first authentication data is valid.
  28. 28. A method according to claim 27, wherein the first authentication data is a tag ID and the method comprises executing the secure function if the tag ID is stored on the device.
  29. 29. A method according to claim 28, wherein the device further comprises a tag ID record in which tag IDs are stored, and the method further comprises determining if a tag ID is valid by checking the tag ID store.
  30. 30. A method according to claims 27 to 29, further comprising a secure application, and wherein executing the secure function is launching of the secure application.
  31. 31. A method according to claim 30, wherein the secure application has an associated application ID, and the authentication tag has second authentication data which is the application ID.
  32. 32. A method according to claim 31, further comprising launching the secure application if the second authentication data matches the application ID of the secure application.
  33. 33. A method according to claims 30 to 32, wherein the secure application includes a plurality of options, and the method further comprises using the authentication tag to cycle through said options.
  34. 34. A method according to claims 30 to 33, wherein said secure application is an account access application which includes an account record store, arranged to store user account details, and wherein said secure function is activating a user account.
  35. 35. A system comprising: the mobile computing device of any of claims 1 to 25; and an authentication tag; wherein the authentication tag has first authentication data stored thereon.
  36. 36. The system of claim 35, further comprising an administration server.
  37. 37. The system of claim 36, wherein user account details are stored on the mobile device and said authentication card is for activating a user account, and wherein a user account may be updated by communicating with the administration server.
  38. 38. A computer program to be run by a processor on a mobile computing device, to: determine if first authentication data, received from an authentication tag, is valid; and execute a secure function on the mobile device, if the first authentication data is valid.
  39. 39. A computerreadable medium comprising instructions, which when executed by a mobile computing device causes the device to: determining if first authentication data, received from an authentication tag, is valid; execute a secure function, if the first authentication data is valid.
  40. 40. A device substantially as herein described and shown in the Figures.
  41. 41. A method substantially as herein described and shown in the Figures.
  42. 42. A system substantially as herein described and shown in the Figures.
  43. 43. A computer program substantially as herein described and shown in the Figures.
GB201000837A 2010-01-19 2010-01-19 Activation of secure function in mobile computing device using authentication tag Withdrawn GB2476989A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB201000837A GB2476989A (en) 2010-01-19 2010-01-19 Activation of secure function in mobile computing device using authentication tag

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB201000837A GB2476989A (en) 2010-01-19 2010-01-19 Activation of secure function in mobile computing device using authentication tag
PCT/GB2011/050082 WO2011089423A2 (en) 2010-01-19 2011-01-19 An apparatus and a method for secure authentication

Publications (2)

Publication Number Publication Date
GB201000837D0 GB201000837D0 (en) 2010-03-03
GB2476989A true GB2476989A (en) 2011-07-20

Family

ID=42028550

Family Applications (1)

Application Number Title Priority Date Filing Date
GB201000837A Withdrawn GB2476989A (en) 2010-01-19 2010-01-19 Activation of secure function in mobile computing device using authentication tag

Country Status (2)

Country Link
GB (1) GB2476989A (en)
WO (1) WO2011089423A2 (en)

Cited By (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2575408A1 (en) * 2011-09-29 2013-04-03 Broadcom Corporation Single nfc device identity selection on a multiple-identity supported device
WO2013054072A1 (en) 2011-10-12 2013-04-18 Technology Business Management Limited Id authentication
CH705774A1 (en) * 2011-11-16 2013-05-31 Swisscom Ag A method and a system for authentication of a user by an application.
WO2013089568A1 (en) 2011-12-12 2013-06-20 Iif Spółka Akcyjna Method of making payment transaction via cellular telephone system and telecommunication system for conducting payment transactions
WO2013127520A1 (en) * 2012-02-28 2013-09-06 Giesecke & Devrient Gmbh Authenticated transaction approval
GB2500560A (en) * 2011-11-03 2013-10-02 Proxama Ltd Authorising transactions in a mobile device
ITMI20120988A1 (en) * 2012-06-07 2013-12-08 Ekboo Ltd System and method for automatic authentication in a mobile device.
WO2014116191A1 (en) * 2013-01-24 2014-07-31 Ekmekçi İsmail A virtual wallet
EP2763370A1 (en) * 2013-01-31 2014-08-06 Nxp B.V. Security token and service access system
EP2811724A1 (en) * 2013-06-07 2014-12-10 BlackBerry Limited Mobile wireless communications device providing near field communication (nfc) unlock and tag data change features and related methods
CN104200176A (en) * 2014-08-28 2014-12-10 电子科技大学 System and method for carrying out transparent encryption and decryption on file in intelligent mobile terminal
WO2014210563A1 (en) * 2013-06-28 2014-12-31 Nexkey, Inc. Fingerprinting a mobile device through near field communication
EP2843898A1 (en) * 2013-06-04 2015-03-04 Robb Fujioka Access control systems
WO2015061354A1 (en) * 2013-10-22 2015-04-30 Accenture Global Services Limited Facilitating secure transactions using a contactless interface
CN104603809A (en) * 2012-04-16 2015-05-06 盐技术股份有限公司 Systems and methods for facilitating a transaction using a virtual card on a mobile device
WO2014083335A3 (en) * 2012-11-28 2015-06-18 Hoverkey Ltd A method and system of providing authentication of user access to a computer resource via a mobile device using multiple separate security factors
EP2860681A4 (en) * 2012-06-08 2015-08-05 Zte Corp Mobile terminal and method and system for inquiring information of intelligent card
US9210133B2 (en) 2012-11-28 2015-12-08 Hoverkey Ltd. Method and system of providing authentication of user access to a computer resource via a mobile device using multiple separate security factors
US9222282B2 (en) 2013-10-11 2015-12-29 Nexkey, Inc. Energy efficient multi-stable lock cylinder
US9276643B2 (en) 2013-06-07 2016-03-01 Blackberry Limited Mobile wireless communications device providing near field communication (NFC) unlock and tag data change features and related methods
EP2927856A4 (en) * 2012-11-28 2016-06-08 Mozido Corfire Korea Ltd Method for setting temporary payment card, and mobile device applying same
CN105653963A (en) * 2014-11-20 2016-06-08 阿里巴巴集团控股有限公司 Information display method and device
RU2587472C1 (en) * 2013-12-09 2016-06-20 Кэнон Кабусики Кайся Communication device and method of controlling said device
CZ306674B6 (en) * 2013-10-03 2017-05-03 Software602 A.S. A method of securing mobile devices
US10102510B2 (en) 2012-11-28 2018-10-16 Hoverkey Ltd. Method and system of conducting a cryptocurrency payment via a mobile device using a contactless token to store and protect a user's secret key

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9053478B2 (en) 2011-05-03 2015-06-09 Verifone, Inc. Mobile commerce system
CN110414950A (en) * 2012-07-09 2019-11-05 英特尔公司 System and method for the enabled Secure Transaction using mobile device
EP2893736A1 (en) 2012-09-10 2015-07-15 Assa Abloy Ab Method, apparatus, and system for providing and using a trusted tag
US9685057B2 (en) 2013-03-15 2017-06-20 Assa Abloy Ab Chain of custody with release process
EP2974219A2 (en) 2013-03-15 2016-01-20 Assa Abloy AB Method, system, and device for generating, storing, using, and validating nfc tags and data
EP3017580A1 (en) 2013-07-01 2016-05-11 Assa Abloy AB Signatures for near field communications
WO2015163771A1 (en) * 2014-04-23 2015-10-29 Julien Truesdale Payment systems
US9703968B2 (en) 2014-06-16 2017-07-11 Assa Abloy Ab Mechanisms for controlling tag personalization
US10440012B2 (en) 2014-07-15 2019-10-08 Assa Abloy Ab Cloud card application platform

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070118891A1 (en) * 2005-11-16 2007-05-24 Broadcom Corporation Universal authentication token
US20070262134A1 (en) * 2006-05-10 2007-11-15 First Data Corporation System and method for activating telephone-based payment instrument
US20080141361A1 (en) * 2006-12-11 2008-06-12 Palo Alto Research Center Incorporated Systems and methods for lightweight authentication
US20080168542A1 (en) * 2007-01-10 2008-07-10 Konica Minolta Business Technologies, Inc. Control terminal, image processing apparatus, control system, control program and control method
US20090210940A1 (en) * 2008-01-24 2009-08-20 Intermec Ip Corp. System and method of using rfid tag proximity to grant security access to a computer

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SE521480C2 (en) * 2001-04-18 2003-11-04 Tagmaster Ab Method and apparatus for authentication and access control
US7920827B2 (en) * 2002-06-26 2011-04-05 Nokia Corporation Apparatus and method for facilitating physical browsing on wireless devices using radio frequency identification
EP3023899A1 (en) * 2003-09-30 2016-05-25 Broadcom Corporation Proximity authentication system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070118891A1 (en) * 2005-11-16 2007-05-24 Broadcom Corporation Universal authentication token
US20070262134A1 (en) * 2006-05-10 2007-11-15 First Data Corporation System and method for activating telephone-based payment instrument
US20080141361A1 (en) * 2006-12-11 2008-06-12 Palo Alto Research Center Incorporated Systems and methods for lightweight authentication
US20080168542A1 (en) * 2007-01-10 2008-07-10 Konica Minolta Business Technologies, Inc. Control terminal, image processing apparatus, control system, control program and control method
US20090210940A1 (en) * 2008-01-24 2009-08-20 Intermec Ip Corp. System and method of using rfid tag proximity to grant security access to a computer

Cited By (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2575408A1 (en) * 2011-09-29 2013-04-03 Broadcom Corporation Single nfc device identity selection on a multiple-identity supported device
GB2495704B (en) * 2011-10-12 2014-03-26 Technology Business Man Ltd ID Authentication
WO2013054072A1 (en) 2011-10-12 2013-04-18 Technology Business Management Limited Id authentication
GB2495704A (en) * 2011-10-12 2013-04-24 Technology Business Man Ltd Authenticating a user of computer equipment by use of a separate device
US9805364B2 (en) 2011-10-12 2017-10-31 Technology Business Management Limited ID authentication
JP2015511336A (en) * 2011-10-12 2015-04-16 テクノロジー・ビジネス・マネジメント・リミテッド ID authentication
GB2500560A (en) * 2011-11-03 2013-10-02 Proxama Ltd Authorising transactions in a mobile device
US9047497B2 (en) 2011-11-16 2015-06-02 Swisscom Ag Method and system for authenticating a user by means of an application
CH705774A1 (en) * 2011-11-16 2013-05-31 Swisscom Ag A method and a system for authentication of a user by an application.
WO2013089568A1 (en) 2011-12-12 2013-06-20 Iif Spółka Akcyjna Method of making payment transaction via cellular telephone system and telecommunication system for conducting payment transactions
WO2013127520A1 (en) * 2012-02-28 2013-09-06 Giesecke & Devrient Gmbh Authenticated transaction approval
CN104603809B (en) * 2012-04-16 2019-07-05 盐技术股份有限公司 Promote the system and method for transaction using virtual card on the mobile apparatus
EP2842092A4 (en) * 2012-04-16 2016-01-20 Salt Technology Inc Systems and methods for facilitating a transaction using a virtual card on a mobile device
CN104603809A (en) * 2012-04-16 2015-05-06 盐技术股份有限公司 Systems and methods for facilitating a transaction using a virtual card on a mobile device
ITMI20120988A1 (en) * 2012-06-07 2013-12-08 Ekboo Ltd System and method for automatic authentication in a mobile device.
EP2860681A4 (en) * 2012-06-08 2015-08-05 Zte Corp Mobile terminal and method and system for inquiring information of intelligent card
US10223692B2 (en) 2012-11-28 2019-03-05 Mozido Corfire-Korea, LTD. Method for setting temporary payment card and mobile device applying the same
US9210133B2 (en) 2012-11-28 2015-12-08 Hoverkey Ltd. Method and system of providing authentication of user access to a computer resource via a mobile device using multiple separate security factors
EP2927856A4 (en) * 2012-11-28 2016-06-08 Mozido Corfire Korea Ltd Method for setting temporary payment card, and mobile device applying same
US10102510B2 (en) 2012-11-28 2018-10-16 Hoverkey Ltd. Method and system of conducting a cryptocurrency payment via a mobile device using a contactless token to store and protect a user's secret key
US9135425B2 (en) 2012-11-28 2015-09-15 Arnold Yau Method and system of providing authentication of user access to a computer resource on a mobile device
WO2014083335A3 (en) * 2012-11-28 2015-06-18 Hoverkey Ltd A method and system of providing authentication of user access to a computer resource via a mobile device using multiple separate security factors
WO2014116191A1 (en) * 2013-01-24 2014-07-31 Ekmekçi İsmail A virtual wallet
EP2763370A1 (en) * 2013-01-31 2014-08-06 Nxp B.V. Security token and service access system
US9503260B2 (en) 2013-01-31 2016-11-22 Nxp B.V. Security token and service access system
EP2843898A1 (en) * 2013-06-04 2015-03-04 Robb Fujioka Access control systems
US9276643B2 (en) 2013-06-07 2016-03-01 Blackberry Limited Mobile wireless communications device providing near field communication (NFC) unlock and tag data change features and related methods
EP2811724A1 (en) * 2013-06-07 2014-12-10 BlackBerry Limited Mobile wireless communications device providing near field communication (nfc) unlock and tag data change features and related methods
WO2014210563A1 (en) * 2013-06-28 2014-12-31 Nexkey, Inc. Fingerprinting a mobile device through near field communication
US9271151B2 (en) 2013-06-28 2016-02-23 Nexkey, Inc. Fingerprinting a mobile device through near field communication
CZ306674B6 (en) * 2013-10-03 2017-05-03 Software602 A.S. A method of securing mobile devices
US9222282B2 (en) 2013-10-11 2015-12-29 Nexkey, Inc. Energy efficient multi-stable lock cylinder
AU2014340234B2 (en) * 2013-10-22 2016-10-20 Accenture Global Services Limited Facilitating secure transactions using a contactless interface
WO2015061354A1 (en) * 2013-10-22 2015-04-30 Accenture Global Services Limited Facilitating secure transactions using a contactless interface
RU2587472C1 (en) * 2013-12-09 2016-06-20 Кэнон Кабусики Кайся Communication device and method of controlling said device
CN104200176A (en) * 2014-08-28 2014-12-10 电子科技大学 System and method for carrying out transparent encryption and decryption on file in intelligent mobile terminal
EP3221774A4 (en) * 2014-11-20 2017-11-01 Alibaba Group Holding Limited Method and apparatus for displaying information
CN105653963A (en) * 2014-11-20 2016-06-08 阿里巴巴集团控股有限公司 Information display method and device
US10366230B2 (en) 2014-11-20 2019-07-30 Alibaba Group Holding Limited Method and apparatus for displaying information

Also Published As

Publication number Publication date
WO2011089423A3 (en) 2011-10-06
GB201000837D0 (en) 2010-03-03
WO2011089423A2 (en) 2011-07-28

Similar Documents

Publication Publication Date Title
US9251513B2 (en) Stand-alone secure PIN entry device for enabling EMV card transactions with separate card reader
US9531548B2 (en) Security system for handheld wireless devices using time-variable encryption keys
US7350230B2 (en) Wireless security module
US8200582B1 (en) Mobile device password system
RU2576586C2 (en) Authentication method
US8694436B2 (en) Data transfer from a near field communication terminal to a remote server with prior authentication
US9065812B2 (en) Protecting transactions
EP3198907B1 (en) Remote server encrypted data provisioning system and methods
US9734496B2 (en) Trusted remote attestation agent (TRAA)
US9904800B2 (en) Portable e-wallet and universal card
EP2378451B1 (en) User authentication in a tag-based service
US9531696B2 (en) Apparatus, system and method for secure payment
US20090112765A1 (en) System and method for validation of transactions
US9317846B2 (en) Point of sale for mobile transactions
US20100306076A1 (en) Trusted Integrity Manager (TIM)
US9558481B2 (en) Secure account provisioning
US20130204793A1 (en) Smart communication device secured electronic payment system
US8843757B2 (en) One time PIN generation
US8438063B2 (en) Mobile payment using picture messaging
US7322043B2 (en) Allowing an electronic device accessing a service to be authenticated
US9280772B2 (en) Security token for mobile near field communication transactions
US20160005039A1 (en) Secure identity binding (sib)
US20180174131A1 (en) System and method for one-time payment authorization in a portable communication device
US20120284195A1 (en) Method and system for secure user registration
US10037516B2 (en) Secure transactions using a point of sale device

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)