SE516208C2 - Procedures and systems for identification - Google Patents

Abstract

The present invention relates to a method and a system for identification. An intermediate client identity is associated with a hand-held unit. The intermediate client identity is provided for enabling association with a contract of a client. A logical connection is thereby provided between said hand-held unit and said contract of a client by means of said intermediate client identity.

Description

25 30 35 516 208 2 over customers and provides their customers with their own type of card or similar device, it is likely that a person owns more cards than his wallet can carry.

Another disadvantage associated with the large number of cards is that each card usually has a different, associated numeric code, which must be remembered or stored in a safe place.

For practical and security reasons, the person who receives a card or other identification device, such as a code generator, from a company is usually obliged to pick it up and sign a receipt at the post office. Alternatively, he can receive the card (or other device) via the mail and a code associated with this at various times. In this way, it takes quite a long time from the time when, regardless of the person signing an agreement with the company to the time when he can actually benefit from the identification device.

SUMMARY OF THE INVENTION An object of the present invention is to provide a method and a system for identification which do not have the above-mentioned disadvantages.

Another object of the invention is to provide people with the ability to use a machine readable card or machine readable code generator with any company, i.e. with any customer register.

According to one aspect of the present invention, there is provided a method of identification. The method comprises the steps of: a) associating an intermediate customer identity with a handheld device; and b) providing the intermediate customer identity to enable association with a customer contract, thereby providing a logical connection between said handheld unit and said customer contract by means of said intermediate customer identity.

According to another aspect of the present invention, there is provided a system for identification. The system comprises: a) first means for associating a hand-held unit with an intermediate customer identity, and b) second means for associating said intermediate customer identity with a customer contract, the system thereby realizing a logical connection between said hand-held unit and said customer contract by said intermediate customer identity.

Through this description, the following definitions will apply: A handheld device is a device used for identification / verification / authentication, etc. when services / information / transactions, etc. are acquired or performed. Examples of handheld devices are machine-readable cards, such as smart cards or smart cards, visually lockable authentication code generators, or similar objects.

A contract can be the type of authorization agreement between two or more parties, such as a business agreement or a definition that governs which information or information is accessible and by whom, a data definition, and the like.

A customer is a private individual or a legal person, such as a company, who has reached an agreement, through a contract, with someone (a person or a company) who provides information, services or products. Such a service provider will hereinafter be defined as a contracting party.

A user may be anyone or anything who can access and use the information provided and the services provided, as mentioned above. Thus, a user does not necessarily have to be a customer.

An intermediate customer identity is an identification code that is associated with a handheld device and is provided to the contracting party that delivers or provides the said information, services or products, thereby enabling association with a customer contract.

In today's system, a handheld device, such as a machine-readable card, such as a debit or credit card, smart card or a code generator, is directly associated with a customer. The present invention has deviated from this line and, contrary to current practice, separated the direct connection between the handheld device and the customer. This is a completely new approach, which creates a number of possibilities, some of which will appear from the following description.

According to the invention, a new object is introduced, namely an intermediate customer identity between the hand-held unit and the customer.

This intermediate customer identity is provided by an authentication intermediary, such as an authentication company, which will act as a third party in transactions between a customer and a contracting party or supplier of information, services or products.

A basic feature of the present invention is that the hand-held device is in no way directly associated with the person purchasing it. However, each handheld device has its own unique identity.

An advantage of this is that a person can acquire or purchase a handheld device in virtually any location. Such a unit could thus be found in the local store or in vending machines, etc.

To activate the handheld device, it must suitably be associated with an intermediate customer identity.

This association is performed by the authentication intermediary.

It should be noted that there is absolutely no need for the person holding the hand-held device in his possession to know the intermediate customer identity which is known. has been associated with his handheld device. When the association to the intermediate customer identity is completed, the person with the unit in their possession has become a user.

Normally, in the prior art, when a person wishes to have access to services or information provided by a company or a contracting party, he will be bound by some kind of contract. As it works today, the contracting party registers the necessary personal data and provides the person with, for example, a smart card that has a unique identity, whereby the said smart card is connected to the person. Each time the person uses the services, he enters a code that is checked in the contracting party's database. Other contracting parties do the same, providing the person with a respective specific card.

In the present invention, when a user, someone or someone who has an activated handheld device, wishes to use his device to access information or use services, he together with personal data gives the unique identity of his handheld device to the contracting party for registration in a database. Thus, initially, the identity of the handheld device appears in the signed contract, and this user has now become a customer. When the handheld device is registered in the contractor's database, and someone wishes to use this device to access the contractor's services, he will need to enter at least one code that has previously been associated with the identity of the handheld device. Such a code may be a “non-recurring code” generated in real time or a personal identification code associated with the identity of the handheld device at the time of activation of the handheld device, or a combination of these codes. The code (s) are registered with the authentication intermediary.

Thereafter, the contracting party will forward the identity of the handheld device and the code (s) to the authentication intermediary. The authentication mediator will now verify that the identity of the handheld device and the code (s) are in accordance with (the correct codes) entered for the specific device. each other, i.e. that the correct code If the code (s) are correct (correct), the authentication intermediary will confirm and also communicate to the contracting party the intermediate customer identity associated with the handheld device. If the code is incorrect, the contractor will simply receive a negative response.

Once the contracting party has received the intermediate customer identity, the intermediate customer identity is registered in the customer contract and preferably instead of the identity of the hand-held unit.

In this way, the strict connection, as in the prior art, between the hand-held unit and the customer has been broken. The contracting party does not need to know to whom or to which contract a certain hand-held unit belongs, since there is now an intermediate customer identity that points out the contract and, thus, the customer.

One of the basic advantages of this invention is that a person does not necessarily need more than one hand-held device. The present invention also provides the possibility for contracting parties to associate a second hand-held unit (which is associated with a second intermediate customer identity) to one and the same customer contract.

Thus, in accordance with one embodiment of the invention, a first user having a first handheld device associated with a first intermediate customer identity is a customer of a particular contracting party. A second user has a second handheld device associated with a second intermediate customer identity. The first user would like to allow the second user to access the services provided by said particular contracting party, while the first user is still the responsible customer. Since the second hand-held unit 10 is already associated with a second intermediate customer identity, it cannot, in this embodiment, even be associated with it. first intermediate customer identity.

One way to proceed would be for the first user to register (for example on the web) with the contracting party the identity of the second handheld device.

The contractor would then have registered for the specific customer (the first user) in the database the first intermediate customer identity and the identity of the second handheld device. When the other handheld device is used in connection with the services of this Contracting Party, the normal verification procedure takes place and the second intermediate customer identity will be stored in the database instead of the identity of the other handheld device. Consequently, regardless of which of the two users uses the available services, one and the same customer contract will be pointed out. The above-described embodiment of the present invention is particularly advantageous with respect to the registration of minors or children. Many contracting parties, such as banks, require that the customer has reached the age of majority. In the case described, for example, the second hand-held device could belong to a child and the first hand-held device could belong to his father. The father is the customer and also the person in charge, while both can access the services provided by the contracting party.

A company can also register with a contracting party, for example over the Internet, the identities of several hand-held units, which hand-held units belong to the employees. This can be useful if the contracting party is, for example, a taxi company. The contracting party will initially have the identities of several hand-held units registered in one and the same contract, and eventually the corresponding respective intermediate customer identities. As a result, all employees' travel when they use their own handheld devices will be invoiced at the company. In this 10 15 20 25 30 35 516 208 o - u | o ac 8 cases, the company is the customer and the employees are users.

In some cases, it may be desirable to restrict the extent to which another user can access or manipulate certain services. The customer contract could therefore define different authorization levels. The highest level of authorization would imply an authorization for the user to fully access and / or manipulate the available services. Other authorization levels can be limited in a number of ways, for example which services may be accessible, at what times, etc. A private person who is a customer of a contracting party is also, preferably, a user with the highest authorization level. In the case where a company is a customer of a contracting party, the company can grant one or more users full authorization, which in turn can assign other users any authorization level. The discussion above means that a user may have different authorization levels in connection with different customer contracts.

A customer contract can also refer to the extent to which certain information, for example in a database, is available. The customer contract could define a certain level of authorization. The highest level of authorization would mean authorization for the user to access the said information in full.

A maximum authorization level could also include authorization to add or remove users to / from a customer contract.

In recent years, the development of functions and services for "intelligent homes" or "intelligent houses" has gained increasing attention. For example, various electrical appliances can be controlled or monitored when away from home, the heat can be regulated, etc. The services for intelligent homes that are equipped with different types of detectors, control devices, monitoring devices, etc. can preferably be ordered on a website of a contracting party. , such as a service provider or an income intermediary. The procedure for ordering said services corresponds to those described previously. Assume that a person buys a service that includes control and / or monitoring of some devices in the house. On certain occasions, it may be desirable for others to have access to these services, for example if the said person does not currently have any opportunity to access the said services, or for other practical reasons. He can then register with the contractor who delivers the services to another person's handheld device, such as another family member, a friend or a neighbor, etc. The contractor can have different defined authorization levels for the specific set of services. For example, if a person is on holiday far away from his house, he would like someone to make sure that the lawn in the garden is watered (but only if it is dry), by activating the sprinkler system. He then registers the identity of his neighbor's handheld device, giving him full access to the service associated with controlling the sprinkler system (but limited access to indoor services). In this way, during a dry period, with almost no trouble at all, the neighbor will be able to water the other person's garden.

There are, of course, many other advantages to the method and system of the present invention. An advantage is the ability to associate several handheld units to one and the same intermediate customer identity. Assume that a person, e.g. one parent, has associated multiple handheld devices to the same intermediate customer identity.

He may wish to have them as spare units in case he loses someone. He may also want to distribute them to the other family members. The family members are thereby allowed to use the services of the contracting party and the parent will be responsible to the contracting party (the contracting parties). The parent is thus both a customer and a user, while the other members of the family are only users. However, it is preferred for each per- 10 15 20 25 30 35 516 208 -. To have a handheld device associated with a respective intermediate customer identity.

The next time a handheld device is used by a contractor who has already received and registered the associated intermediate customer identity, the contractor will pass on the identity of the handheld device and the code to the authentication intermediary.

The authentication intermediary will, as before, verify the accuracy and, if the result is positive, preferably also communicate the intermediate customer identity to the contracting party. The contractor will now be able to identify in the database the customer that is related to the received intermediate customer identity.

In another preferred embodiment, the handheld device is associated with a personal identification code, such as a PIN code. This association is preferably performed at the time the code is activated. One possible way is to have one in, for example, “OO0O0” for a non-activated handheld device. When path defined code, a person wishes to activate his handheld device and become a user, he can, for example, register the handheld device with the authentication intermediary, which will then associate the handheld device with an intermediate customer identity.

At this time, the authentication broker will request that the PIN code be changed, for example to “59738”, after which the handheld device will be activated. The authentication intermediary registers the new code with the identity of the handheld device in a database.

According to an embodiment of the invention, the hand-held unit comprises both of the previously mentioned code functions: a code generator which regularly generates a new code in real time and a personal identification code. This obviously reduces the risk of the hand-held unit ending up with a person with malicious intent.

As a security measure, the handheld device is suitably deactivated if a certain number (such as three) of login attempts have failed, in case the handheld device unfortunately falls into the hands of the wrong per- son. son. A login attempt would preferably be defined as a correct entry of the identity of the handheld device and the generated code. Thus, if the other information is correct in addition to the personal identification code, an incorrect login has occurred. However, if the code generated in real time and / or the identity of the handheld device is incorrect, it will not count as a login attempt. An advantage of this method is that one cannot inadvertently enter an arbitrary identity for a handheld device and a code to disable someone else's handheld device without actually having the handheld device in hand. It should be noted that only the handheld device will be disabled after the failed attempts, while the intermediate customer identity will still exist and it will be possible to associate new or other handheld devices to it. This is of course provided that the user has a handheld device in reserve, with which he can come to the registration procedure and register new handheld devices to the same intermediate customer identity.

One way to practically activate a handheld device and associate it with an intermediate customer identity is over a communication network, such as a data communication network, for example the Internet. A person who has a new handheld device in his possession would then suitably be able to visit a website at the authentication intermediary by means of a computer, where a login screen would appear. In this image, there would be input locations for 1. The identity of the handheld device, 2. The generated code, and 3. The PIN code. is preferably clearly shown on the handheld device.

The identity of the handheld device A new code generated in real time, for example, appears every 60 seconds on a screen of the handheld device.

The input location for the PIN code can either be 10 15 20 25 30 35 u now 0 o v n one now 516 208 other. o oo evo. t ...- v u acne o o on .. -. neon n o coon 12 pre-entered or the person can enter the predefined code himself. Then the person will see a picture, on which he is asked to change the PIN code and he will also be given the opportunity to enter his name, address and personal data, etc. Now the handheld device has been activated and has an associated intermediate customer identity stored at the authentication intermediary_ The step of entering name, address and personal data etc. is optional. Virtually any name can be entered. This means that a parent in a family can be a user of a handheld device, or it can be a child, or even a cat or a piece of furniture. A user of a handheld device can, for example, be a "sofa". interest in the authentication intermediary. But how is it the User's name is not of anything special to a contractor? As explained earlier, when a person who has a handheld device wishes to use it, he must first reach an agreement with the contracting party providing the desired services, such as a bank. In the agreement, the person who becomes a customer states, in addition to conventional personal data, the unique identity of his handheld device. Once an agreement has been reached in the form of some kind of contract, the handheld device can now be used to access the desired services. In the case of a bank that is the party to the contract, the person may wish to transfer money between different accounts (which is agreed in the contract). He can then conveniently visit the bank's website on the Internet from a computer, where he will enter the identity of the handheld device, the code generated in real time and the PIN code. the authentication intermediary, the Bank sends this information to where it is verified that the codes are correct and a positive response is returned to the bank together with the intermediate customer identity associated with the specific handheld device. The bank now registers the received intermediate customer identity, lO 15 20 25 30 35 516 208 a. U .. n n no o-unnø u n. n nu u- o v n o-ono. 13 which in the future will be linked to the specific customer contract. The user's name is obviously of no significance to the contractor. What really matters is the intermediate customer identity, which points out the customer. This means that the contracting party in this situation no longer needs the identity of the handheld device from a system technical point of view. Even if the user's name is not of interest to either the authentication intermediary or the contracting party, it may be useful in other cases. As previously explained, several users can be registered for one and the same customer contract by registering with the contracting party the identity of the handheld device for each user's handheld device. In such cases, the person registering other users can verify that he has indeed entered the correct identity of the handheld device. Because the name of a user can be arbitrary, for example, the user may need to confirm that his username is really "sofa".

As explained earlier, a great advantage of making the logical connection according to the invention between the customer contract and an intermediate customer identity is the possibility of associating several hand-held units to one and the same intermediate customer identity, and thus one and the same customer contract. For example, if a person wishes to have an extra handheld device, in case he loses the first one, he can associate it with the same intermediate customer identity. He preferably logs in with his first handheld device on a web page provided by the authentication intermediary, then enters the identity of the handheld device and the code or codes, after which he can select a function to associate another handheld device. The step of associating is the same as mentioned earlier. Thus, after changing the PIN code of the identity of the second handheld unit, the second handheld unit is activated and associated with the same intermediate customer identity as the first handheld unit. This means that when the other hand-held unit is used, for example with the bank in the previous example, the bank will have the same customer contract designated as before.

Of course, it works in the same way with other contractors.

Another advantage of this invention is the ability to allow additional users to access services authorized in a customer contract. This possibility of associating several users' handheld devices to one and the same intermediate customer identity is illustrated in the following examples. It has in recent years become quite popular for food chains to offer their clients an account.

Usually, some kind of machine-readable card is associated with the client's account. If a client later wishes to receive another card linked to the same account, for example for a family member, according to prior art, new papers stating the family member's name must be sent to the food chain. This procedure can be time consuming and annoying. With the method and system of the present invention, one only registers with the food chain on its website an additional hand-held unit to a The food chain needs a hand-held unit belongs to, the grocery store, he or she will simply and the same customer contract. not know who this other because when someone buys food in enter the identity of their handheld device and the necessary codes at some kind of terminal near the checkout.

The terminal is in communication over a communication network with a database at the authentication provider. Once the store has received a positive verification of the codes along with the associated intermediate customer identity, the customer will be identified in a customer database and the customer's account will be charged for the purchase. In this way, the store or food chain can remain unaware of who the user is, as the correct account will be charged in any case. A large - o 0 u on. nu.-0 u lO 15 20 25 30 35 516 208 15 advantage for the food chain is that their administration will be kept at a reasonable level, as they will only need to register one customer and not every single user associated with said customer account. This of course applies to other contracting parties as well. Instead of having to enter all three sets of numbers, i.e. the identity of the handheld device, the generated code and the PIN code, the handheld device can transmit the first two to the terminal by means of light or sound, whereby the user only needs to enter the PIN code. If the handheld device is a smart card, the terminal having a clock will also automatically read the first two sets of numbers, when the card is inserted into a reading slot, whereby only the PIN code needs to be entered. In the example with said smart card, it is thus not the card itself that has a clock that generates a one-time code, but the reader into which the card is inserted. Such a reader can be available not only in a physical place, personal home computer or a telephone, etc. Alternatively, such as a store, but also in connection with a said smart card itself, just like other code generators, may have a monitor on which a code generated every 60 seconds. This alternative smart card can thus be used as the previously described code generators and / or as a traditional smart card.

The ability to associate multiple handheld devices to one and the same intermediate customer identity can also be beneficial in companies. This was mentioned earlier in connection with a company that uses a certain taxi company.

The service life of a handheld device is preferably limited. The user of a hand-held device will suitably be informed in time, for example when using the hand-held device, that he must acquire a new hand-held device. The user will activate a new handheld device by associating it with the same intermediate customer identity, as previously described. De 10 15 20 25 30 35 'u u .-. u n I I nu n. .a,. . n. n u, o Un .one, u 516 208 16 different contractors who have the intermediate customer identity in their databases will not pay attention to this change of handheld devices. The legal connection, i.e. The history of the various handheld devices associated with the intermediate customer identity is conveniently stored in a database of the authentication intermediary.

One way of realizing the present invention would be for a contracting party to pass on relevant information, such as the intermediate customer identity, to an external party (eg a bank), preferably after a positive authentication has been made.

Brief Description of the Drawings The invention will now be described with reference to the accompanying drawings, in which: Fig. 1 schematically illustrates the connection between a customer and a hand-held unit according to prior art.

Fig. 2 schematically illustrates the inventive idea of the present application.

Fig. 3 illustrates the method of activating a hand-held device.

Fig. 4 illustrates the procedure when the hand-held unit is used for accessing a particular service.

Detailed Description of the Drawings Fig. 1 schematically illustrates the prior art connection between a customer 100 and a handheld unit 110.

In the prior art, when a natural or legal person wishes to have access to certain types of services that require some level of security, he must sign a contract with the service provider or the contracting party. The person thereby becomes a customer 100. The service provider or contracting party provides the customer 100 with a hand-held unit 110, by means of which he will be able to access the said services. The unique identity of the handheld device 110 comes with the customer 100. : sauce 10 15 20 25 30 35 516 208 17 names and other data to be stored in a database of the service provider or contractor. The figure illustrates this fixed connection between the customer 100 and the hand-held unit 110. The customer 100 will have the same type of fixed connections to other hand-carried units as are provided by other contracting parties. The prior art thus enables a specific contracting party to identify each customer who is associated / linked to the contracting party in question.

Fig. 2 schematically illustrates, by means of a left picture and a right picture, the inventive idea of the present application. According to the invention, the previous band between a customer 120 and a hand-held unit 140 is divided and the separate intermediate customer. A new object has been introduced: the identity 130. This means, as previously described, that someone who has a handheld device 140 will have it linked to an intermediate customer identity 130, through which he becomes a user. This link is illustrated in the right image and is performed by the authentication mediator. The connection in Fig. 2 between the intermediate customer identity 130 and the hand-held unit 140 is a fixed connection. Once established, the connection will suitably not be divisible.

As explained earlier, a contractor will only need to identify the handheld device when initially establishing a contract with a customer. In later stages, the identity of the handheld device may be disregarded, as it will be replaced by the associated, intermediate customer identity provided by the authentication intermediary. New handheld devices can be associated with the same intermediate customer identity without the knowledge of the contracting party. Thus, in the left image of Fig. 2, a connection is illustrated, in a contracting party's database, between the customer 120 and the intermediate customer identity 130. From these schematic drawings it should be clear that the present invention, by breaking up the previously known 10 The coupling, provides superior flexibility and applicability over the prior art.

Fig. 3 illustrates the procedure for activating a handheld device 10. When a person who has acquired a new handheld device (for example from a vending machine), it is not yet activated. To activate it, he visits a specific website at the authentication provider, by means of a computer 14. The web address to be visited is suitably printed on the handheld device or on one with the attached note. On the website, he will be asked to enter the identity of his handheld device, a code generated in real time (hereinafter referred to as a one-time code) and a PIN code.

The person thus continues to find out the necessary numbers. This is illustrated with an eye 12.

The identity of the hand-held device is suitably clearly printed on the hand-held device. The one-time code can be generated regularly (for example twice a minute), the current code being constantly visible on a screen or appearing only when a button is pressed. The default PIN code for a not yet activated handheld device is preferably attached. Once he has found out all the numbers or characters, the person will enter them at the corresponding entry points on the website. An arrow 18 illustrates this. Although the side of the screen on the computer 14 in Fig. 3 is illustrated with three input locations, there are other possibilities if other types of hand-held devices are used. The computer 14 may, for example, have a smart card reader associated therewith, or a light or sound reader. As described earlier, in all these cases the person will only need to enter the PIN code. The reader can t.o.m. have the ability to detect a not yet activated hand-held device.

To return to Fig. 3, when the three pieces of information have been entered, these are sent to a server 22 of the authentication mediator. This is illustrated by an arrow 20. can be registered in and retrieved from the database 26. This Server 22 has an associated database 26. Information is illustrated by a bidirectional arrow 24. The server 22 thus comes by means of the database 26, and by means of a DES algorithm. as will be described, to ensure that the three pieces of information are consistent with each other.

Thereafter, the server 22 will associate an intermediate customer identity with the received identity of the handheld device, both of which are now registered and stored in the database 26.

According to one embodiment of the invention, the handheld device is a visually readable authentication code generator that regularly generates a new code in real time, for example a new code every 60 seconds. The code is generated by implementing a DES (Data Encryption Standard) algorithm, which is well known to those skilled in the art. There are preferably three inputs to the DES algorithm. These are the identity of the handheld device, the current time and a secure identity that has been associated with the handheld device at the time of manufacture.

The hand-held devices are suitably manufactured by the authentication intermediary or by another party under the supervision of the authentication intermediary. The secure identity and the identity of the handheld device will be registered with the authentication intermediary, as well as the time of manufacture of the handheld device, thus providing a type of synchronization with the handheld device's clock. The authentication mediator will thus have the same three inputs to the DES algorithm and will therefore be able to confirm that a user has entered the correct code, when using the handheld device. Although not illustrated in Fig. 3, the person will then be shown a page on his computer screen, where he will be asked to change the PIN code. As explained earlier, he will also have the ability to register a username, address, etc. The handheld device has now been activated and the person has become a user.

When a user wishes to register a new second handheld device, he will visit the authentication intermediary's website, and just as in Fig. 3, he will enter the three pieces of information related to his first handheld device. This time, however, it will not be the predefined default PIN code, was the first handheld device. After the code without the one to which he changed when he shares has been verified in the authentication intermediary's database, he will be able to click on an icon or a link to register an additional, new handheld device. The user will then repeat the procedure performed to activate the first handheld device, this time however, he will enter the information parts related to the second handheld device.

Thus, even in this case, he will be asked to change the PIN code. the device is associated with the same intermediate customer identity After this, the second has handheld as the first. The user now has a handheld device in reserve.

Fig. 4 illustrates the method when the hand-held unit is used for accessing a certain service. A user who has a handheld device 40 wishes to take advantage of services provided by a contracting party. The services can, for example, be provided or accessed over the Internet or at a physical location, such as a store. In either case, the user (illustrated by an arrow 44) communicates the associated codes to a computer or computer-based identity of the handheld device and the device 42 of the contractor. This can be done by the user, for example from his home computer via the Internet, or by the user being physically present at a terminal in connection with the computer-based device 42.

The computer-based unit 42 will send the received information to a server 46 of the authentication mediator, via a communication network. This is illustrated by an arrow 48. The authentication server 46 will then verify in a database 50 which is associated with the correctness of the codes which are sent together with the specific identity of the handheld device. This is illustrated by a bidirectional arrow 52. The database 50 includes fields for intermediate customer identities, identities for handheld devices, codes and possibly usernames, and other related data.

Fig. 4 shows an abbreviated table 54, as an illustration of the database 50. It should be noted that the table 54 is by no means complete and that it is intended only as an illustrative example. For the sake of clarity, Table 54 therefore shows only two fields in the database 50. The left field is for intermediate client identities (ICI) and the right field is for hand-held unit identities. ”, HHUI). Three different intermediate customer identities and four different identities for handheld devices are shown in Table 54. The intermediate customer identity with number “590896” has two handheld devices associated with it. The owner or owners of its two devices can be one and the same user who has a handheld device in reserve or simply two users (eg family members). For the sake of clarity, only one field has been shown for intermediate customer identities and identities for hand-held units. However, due to possible “multi-associations” (i.e., the association of multiple handheld devices to an intermediate customer identity), it may be more convenient to have multiple fields.

To return to the procedure in Fig. 4, after the server 46 has positively confirmed by the database 50 and the DES algorithm that the codes sent with the identity of the handheld device are correct, a confirmation (illustrated by an arrow 56) is transmitted to the contracting party's computer-based unit 42 over the communication network. Furthermore, the intermediate customer identity associated with the controlled identity of the handheld device is retrieved and transmitted along with the positive response. If there is a negative verification, only a negative response will be sent, without the intermediate customer identity.

The computer-based unit will now, by means of an associated second database, search for and / or identify a customer contract that corresponds to the received intermediate customer identity. This is illustrated by a bidirectional arrow 60. An abbreviated table 62 is (as before) illustrated only as an illustrative example. Only the fields for client contracts (C.C.) and intermediate client identities (I.C.I.) are shown for clarity.

"Smith" The Smith contract is associated with the inter- "590896", previously experienced has in turn two associated hand-carried Thus, two different customer contracts are shown: and "Jones". the customer identity with the number which we units. Thus, two users could both access or benefit from the services provided by the contracting party, but only one customer will be invoiced.

The Jones contract has two associated intermediate customer identities, namely numbers “590894” and “590895”. In this case, the customer has reached an agreement with the contracting party to register an additional intermediate customer identity. The reason for this is that the additional user already has a handheld device associated with another intermediate customer identity. It is probably more practical for both the contracting party and the users to have only an intermediate customer identity.

Thus, once the computer-based unit 42 has identified a customer contract by the second database 58, the desired service can be accessed. If there is no corresponding customer contract in database 58, the user can be given the opportunity by the contracting party to become a customer.

As previously described, when a contract is signed, the user indicates the identity of his handheld device, and then when he wishes to access the service, he will be verified by the authentication mediator. The contractor who has received the intermediate customer identity, after a positive verification, will register it in the customer contract.

In Table 62, for the sake of clarity, only one field has been shown for customer contracts and intermediate customer identities, respectively. However, due to possible "multi-associations", it may be more convenient to have several fields.

It should be noted that several modifications and variations may be made without departing from the scope of the present invention as defined in the appended claims.

It should thus be understood that even if certain specific contracting parties have been designated, they are only illustrative examples to facilitate understanding. Many others are obviously conceivable.

In addition, although the previous description has largely emphasized computer-based communication, other means are equally possible. A person can, for example, communicate with a contracting party or the authentication mediator by means of a telephone which can send DTMF tones or by means of a mobile telephone with a WAP interface, etc.

Incidentally, hand-held devices, such as smart cards or visually lockable authentication code generator devices, and their manufacture are well known and as such do not form part of the present invention. Various alternatives are thus possible for use in accordance with the objects of the invention.

Claims (46)

lO 15 20 25 30 35 516 208 24 PATENTKRAV A method of identification, comprising the steps of: a) associating an intermediate customer identity with a handheld device; and b) providing the intermediate customer identity to enable association with a customer contract, thereby establishing a logical connection between said handheld unit and said customer contract by means of said intermediate customer identity. The method of claim 1, wherein said association step is performed in a first location and said association between said intermediate customer identity and said contract is performed in a second location. The method of claim 2, wherein said providing step comprises transmitting said intermediate customer identity over a communication network from said first location to said second location. A method according to any one of claims 2-3, wherein said associating step is performed in a first server, and wherein said providing step comprises transferring said intermediate customer identity from said first server to a second server, which first and second server are both operationally connected to a common data communication network. A method according to any one of claims 2-4, wherein said association performed at said second location comprises registering said intermediate customer identity in a database comprising said contract. A method according to any one of claims 2-4, wherein said second location comprises a database of customer contracts, and wherein said association performed at said second location comprises the step of using the intermediate customer identity to identify a customer contract in the database. 10 15 20 25 30 35 516 208 25 A method according to any one of claims 2-6, wherein said associating step performed at said first location comprises associating said intermediate customer identity with a second handheld unit, thereby providing a logical connection between said second handheld unit and said customer contract by means of said intermediate customer identity. The method of claim 5, wherein said associating step performed at said first location comprises associating a second intermediate customer identity with a second handheld device and said associating performed at said second location comprises associating said second intermediate customer identity with said contract. and registering said second intermediate customer identity in the database. A method according to any one of claims 1-8, wherein said contract determines the extent to which certain information is accessible and / or subject to manipulation of said intermediate customer identity. A method according to claim 9, wherein said contract determines at least one authorization profile, the authorization profile determining an authorization level. A method according to claim 10, wherein the level of authorization determines the extent to which said information or a service is accessible and / or subject to manipulation. A method according to claim 10 or 11, wherein a certain authorization profile comprises the ability to associate and dissociate new or other intermediate customer identities with said contract. A method according to any one of claims 9-12, wherein said contract is related to a natural person. A procedure according to any one of claims 9-12, wherein said contract is related to a legal person. A method according to any one of claims 1-14, wherein said handheld unit has a unique identity, and wherein said associating step comprises associating the identity of the handheld unit 26 to said intermediate customer identity. The method of claim 15, wherein at least one code is associated with said identity of the handheld device identity. The method of claim 16, wherein said at least one code is a one-time code generated in real time. The method of claim 16, wherein said at least one code comprises two codes, a one-time code generated in real time and a personal identification code entered by a person having the handheld device in his possession. The method of any of claims 16-18, comprising the further steps of: receiving the identity of the handheld device and said at least one code; verifying that there is a match between the identity of the handheld device and the at least one code; obtaining the intermediate customer identity associated with said handheld device, said further steps being performed before said providing steps. A method according to any one of claims 1-19, wherein said handheld device is a visually readable device with authentication code generator. A method according to any one of claims 1-20, wherein said handheld device is a smart card. An identification system, comprising: a) first means for associating a handheld device with an intermediate customer identity; and b) other means for associating said intermediate customer identity with a customer contract, whereby the system realizes a logical connection between said hand-held unit and said customer contract by means of said intermediate customer identity. 10 15 20 25 30 35 s 1 and 2608 27 The system of claim 22, wherein said first means is realized as a first database and said second means is realized as a second database. The system of claim 23, wherein said first database is associated with a first server and said second database is associated with a second server, and wherein said intermediate customer identity is transferable from said first server to said second server, which first and other servers are both operatively connected to a common data communication network. A system according to any one of claims 22-24, in which said handheld unit has a unique identity, and in which said first means are arranged to associate the identity of the handheld unit to said intermediate customer identity. The system of claim 25, wherein at least one code is associated with said identity of the handheld device. The system of claim 26, wherein said at least one code is a one-time code generated in real time. The system of claim 26, wherein said at least one code comprises two codes, a one-time code generated in real time and a personal identification code entered by a person having the handheld device in his possession. The system of any of claims 26-28, wherein said first database includes fields for at least intermediate customer identities, handheld device identities, and codes associated with handheld device identities. A system according to any one of claims 23-29, in which said second database comprises at least fields for customer-related data, intermediate customer identities, and preferably identities for hand-held devices. A method of identification, comprising the steps of: a) associating an intermediate customer identity with an identity of a handheld device; b) to receive, from an external party, the identity of the handheld device; c) to receive, from the external party, at least one code associated with the identity of the handheld device; d) verifying that said at least one code is in accordance with the received identity of the handheld device; e) to retrieve the intermediate customer identity associated with the identity of the handheld device, and f) to send the retrieved intermediate customer identity to the external party. The method of claim 31, wherein said transmitted intermediate customer identity is received and registered in a database comprising customer contracts, whereby the intermediate customer identity is associated with a specific customer contract. The method of claim 31, wherein said external party comprises a database of customer contracts, comprising the step of using, with said external party, the intermediate customer identity to identify a customer contract in the database. A method according to any one of claims 32-33, wherein said customer contract determines the extent to which certain information is accessible and / or subject to manipulation by said intermediate customer identity. A method according to claim 34, wherein said customer contract determines at least one authorization profile, the authorization profile determining an authorization level with which said information or service is accessible and / or subject to tampering. A method according to claim 34 or 35, wherein said contract relates to a natural person. lO 15 20 25 30 35 516 2208 29 A method according to claim 34 or 35, wherein said contract relates to a legal person. A method according to any one of claims 31-37, wherein said code is a one-time code generated in real time. A method according to any one of claims 31-37, wherein said step of receiving at least one code comprises receiving two codes, a one-time code generated in real time and a personal identification code entered by a person having the handheld device in his property. A method according to any one of said handheld devices having an authentication code generator. A method according to any of which said hand-held device is A method according to any one of said steps of associating claims 31-39, in a visually readable unit of claims 31-40, with a smart card. of claims 31-41, in the case of an intermediate customer identity with a hand-held unit is performed after receiving said identity for the hand-held unit from a person who owns the same. A method according to any one of claims 31-42, wherein the identity of a second handheld device is associated with one and the same intermediate customer identity. A method according to any one of claims 31-43, wherein steps a) - f) to identify are performed in a first server and in which the external party is a second server, which first and second server are both operatively connected to a common data communication network. . Use of a method according to claims 1-21 or 31-44 for identifying existing customer contracts that are associated with an intermediate customer identity. Use of a procedure according to claims 1-21 or 31-44 for registration and something of an existing specific one of associating an intermediate customer identity with an existing customer contract.