WO1999048242A1 - Method and system for reliable and safe identification of a contracting party____________________________________________________ - Google Patents

Method and system for reliable and safe identification of a contracting party____________________________________________________ Download PDF

Info

Publication number
WO1999048242A1
WO1999048242A1 PCT/FI1999/000208 FI9900208W WO9948242A1 WO 1999048242 A1 WO1999048242 A1 WO 1999048242A1 FI 9900208 W FI9900208 W FI 9900208W WO 9948242 A1 WO9948242 A1 WO 9948242A1
Authority
WO
WIPO (PCT)
Prior art keywords
party
verification
contracting
identification
reliable
Prior art date
Application number
PCT/FI1999/000208
Other languages
English (en)
French (fr)
Inventor
Harri Vatanen
Original Assignee
Sonera Smarttrust Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sonera Smarttrust Oy filed Critical Sonera Smarttrust Oy
Priority to AU28385/99A priority Critical patent/AU751923B2/en
Priority to CA002324240A priority patent/CA2324240A1/en
Priority to EP99908986A priority patent/EP1064753A1/en
Priority to JP2000537340A priority patent/JP2002507812A/ja
Publication of WO1999048242A1 publication Critical patent/WO1999048242A1/fi

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the present invention relates to a procedure as defined in the preamble of claim 1 and to a system as defined in the preamble of claim 7 for reliable and safe identification of a contracting party in various contracts, deeds, offers, and deals requiring authen- tication by a notary and in other corresponding applications .
  • a notariate, notary public or a corresponding functionary verifies that the con- tracting party really is the person he/she purports to be and in whose name he/she is signing the agreement.
  • There is no known identification method based on an electronic signature identifying a person on the basis of an electronic signature would make things considerably easier because in this case the electronic signature could be sent over a telecommunica- tion network to a notariate, a notary public or a reliable third party for verification.
  • the object of the present invention is to eliminate or at least to significantly reduce the problems described above.
  • a specific object of the present invention is to disclose a new type of method and procedure for re- liable and safe identification of contracting parties.
  • a further object of the invention is to disclose a system for reliably and acceptably implementing the identification of contracting parties as stipulated by law by making use of a telecommunication network.
  • the telecommunication network used may be a mobile communication network, public telephone network, data network or a combination of these.
  • the terminals used in the procedure may be any terminal devices compatible with the telecommunication network.
  • a first contracting party is authenticated by means of a first terminal.
  • the authentication may be accomplished using any method.
  • the essential point is that the authentication is implemented in conformity with the standards apply- ing to electronic signature.
  • a verification request is sent to a reliable third party for verification of the identity of the first contracting party.
  • the verification request is preferably sent via the first terminal, which is also used for the authentication.
  • the identity of the first party is confirmed for a second party by sending the second party an identification message given by the reliable third party.
  • the invention makes it possible to implement a service corresponding to a notarial service in a flexible and advantageous manner.
  • the invention allows easy introduction of electronic signature in conjunction with the use of mobile telephones and other suitable terminal devices. This makes it possible to use a mobile tele- phone as an instrument of payment, as a credit card or equivalent .
  • the second party e.g. in the case of a real estate deal, is identified in the same way as the first party.
  • the second party is also authenticated by means of a second terminal.
  • the second party may use the first party's first terminal for his/her own identification.
  • the second party uses his/her own subscription or other information individualising the second party in conjunction with the first terminal.
  • Another possibility is to establish separate service points provided with terminal equipment for subscriber identification, which is utilised by both contracting parties for giving an electronic sample signature and for identification of the other party.
  • the second contracting party is identified after the second party has received an identification and verification message concerning the first contracting party. Identify- ing the second party is useless unless the first party can be reliably identified.
  • the verification request is saved to a verification database.
  • This verification database may be a database server managed by a reliable party, such as a public authority.
  • the record in question preferably contains information indicating the party who sent the verification request, the party to whom the verification and identification message is sent, the matter or contract to which the verification is related and the point of time of the event. The same information is preferably comprised in the verification requests sent by the first and second contracting parties .
  • the system of the invention for reliable and safe identification of contracting parties comprises a telecommunication network and a terminal device connected to it and compatible with it.
  • the telecommunication network may be a combination of a mobile communication network and a telephone network and the ter- minal device may be a mobile telephone.
  • the telecommunication network may also be a data network, in which case the terminal device is preferably a computer or other terminal compatible with the data network.
  • the system comprises means connected to a first terminal for authentication of a first contracting party.
  • the system also comprises a reliable database apparatus or a corresponding application server, to which the verification request of the first contracting party is sent.
  • This server or database may be under the management of a third party known to be reliable, and it may be connected e.g. via a data-secure link to the telecommunication network used for the operations.
  • the database or server in question preferably comprises means for sending a verification and identification message to the second contracting party on the basis of identification by the reliable third party.
  • the system can be used to identify and verify the second contracting party's identity for the first contracting party. It is also possible for each contracting party to be identified by a different reliable third party. This may be pos- sible in cases where the contracting parties are citizens of different countries or otherwise have established their identification data with different third parties .
  • the advantages of the system of the invention reference is made to the advantages of the procedure of the invention.
  • the system comprises a verification database server connected to an identification database server of a reliable third party.
  • a record concerning the verification request and verification can be saved by the identification database server to allow examination and tracing at a later time.
  • Fig. 1 represents a preferred system according to the present invention.
  • Fig. 2 presents a block diagram representing an embodiment of the procedure of the invention.
  • the system presented in Fig. 1 comprises a telecommunication network 1, which in this example is a combination of a mobile telephone network and the public telephone network.
  • the system involves the use of two terminals TE1, TE2 , which are mobile stations and connected to a mobile communication network GSM and further to the public telephone network PSTN.
  • the mobile stations are consistent with the current GSM standard, but, as is obvious to the skilled person, other applicable mobile stations can also be used.
  • an identification and verification system TTP of a reliable third party is connected to the telecommunication network 1 .
  • This identification and verification system comprises a first verification server TTP1 and a second verification server TTP2. These servers are connected via a suitable link to the telecommunication network, over which they communicate with the terminals TE1, TE2.
  • the verification servers TTP1 and TTP2 are con- nected to a central storage server TTP3 , to which the verification servers write records concerning the verification and identification actions they have carried out.
  • a first and a second contracting party are making a deal which requires verification of the identity of the contracting parties by a notary public.
  • the first contracting party is first authenticated using his/her electronic signature, which may consist of e.g. a PIN code in a mobile station.
  • the PIN code must be entered when the mobile station TE1 is activated. Therefore, upon receiving the correct PIN code, a mo- bile station belonging to a subscriber can send an electronic signature message to an address selected by the subscriber.
  • Authentication is represented by block 21.
  • the first contracting party sends a verification request to a verification server TTP1, block 22.
  • the verification server receives the subscriber's request and checks the validity of the electronic signature supplied by the subscriber by comparing it with its own information about the subscriber, block 23.
  • the verification server discovers the sub- scriber's identity and finds that the identification was successful, it sends an identification and verification message to the second contracting party to a 7
  • a verification procedure for establishing the identity of the second contracting party is started.
  • the second party is authenticated, whereupon he/she sends a confirmation and verification request to his/her own reliable third party, in this example to verification server TTP2 , block 27.
  • verification server TTP2 verifies the identity of the second contracting party, block 28, and if the identity is found to be right, then an identification message is sent to the first contracting party, block 29. If the identification of the second contracting party in block 28 fails, then the procedure goes on to block 29 and the identification process is ended.
PCT/FI1999/000208 1998-03-17 1999-03-17 Method and system for reliable and safe identification of a contracting party____________________________________________________ WO1999048242A1 (fi)

Priority Applications (4)

Application Number Priority Date Filing Date Title
AU28385/99A AU751923B2 (en) 1998-03-17 1999-03-17 Procedure and system for reliable and safe identification of a contracting party
CA002324240A CA2324240A1 (en) 1998-03-17 1999-03-17 Procedure and system for reliable and safe identification of a contracting party
EP99908986A EP1064753A1 (en) 1998-03-17 1999-03-17 Procedure and system for reliable and safe identification of a contracting party
JP2000537340A JP2002507812A (ja) 1998-03-17 1999-03-17 契約当事者を高信頼かつ安全に識別するための手順およびシステム

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI980591 1998-03-17
FI980591A FI980591A (fi) 1998-03-17 1998-03-17 Menetelmä ja järjestelmä sopimusosapuolen luotettavaksi ja turvallisek si tunnistamiseksi

Publications (1)

Publication Number Publication Date
WO1999048242A1 true WO1999048242A1 (fi) 1999-09-23

Family

ID=8551296

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI1999/000208 WO1999048242A1 (fi) 1998-03-17 1999-03-17 Method and system for reliable and safe identification of a contracting party____________________________________________________

Country Status (7)

Country Link
EP (1) EP1064753A1 (fi)
JP (1) JP2002507812A (fi)
CN (1) CN1297636A (fi)
AU (1) AU751923B2 (fi)
CA (1) CA2324240A1 (fi)
FI (1) FI980591A (fi)
WO (1) WO1999048242A1 (fi)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001071971A1 (en) * 2000-03-21 2001-09-27 Smarttrust Systems Oy Digital contract
WO2002042889A1 (en) * 2000-11-24 2002-05-30 Nokia Corporation Improvement in and relating to transaction security
EP1308871A2 (en) * 2001-11-02 2003-05-07 Nokia Corporation Controlling transactions
US10615978B2 (en) 2015-10-10 2020-04-07 China Iwncomm Co., Ltd. Multi-TTP-based method and device for verifying validity of identity of entity
US10812480B2 (en) 2015-10-10 2020-10-20 China Iwncomm Co., Ltd. Method and device for verifying validity of identity of entity
CN112165597A (zh) * 2020-09-28 2021-01-01 平安普惠企业管理有限公司 一种基于多方视频的数据审批方法及装置

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003345988A (ja) * 2002-05-24 2003-12-05 Aioi Insurance Co Ltd 保険契約支援システム
CN1455340A (zh) * 2002-12-31 2003-11-12 魏建青 筛眼式网络数据安全存取系统与方法
CN101645776B (zh) * 2009-08-28 2011-09-21 西安西电捷通无线网络通信股份有限公司 一种引入在线第三方的实体鉴别方法
CN106572065B (zh) * 2015-10-10 2019-11-22 西安西电捷通无线网络通信股份有限公司 一种多ttp参与的实体身份有效性验证方法及装置

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1997004410A1 (en) * 1995-07-18 1997-02-06 Sloo Marshall A On-line contract negotiating apparatus and method
US5615268A (en) * 1995-01-17 1997-03-25 Document Authentication Systems, Inc. System and method for electronic transmission storage and retrieval of authenticated documents
WO1997012344A2 (en) * 1995-09-29 1997-04-03 Dallas Semiconductor Corporation Method, apparatus, system and firmware for secure transactions
US5629982A (en) * 1995-03-21 1997-05-13 Micali; Silvio Simultaneous electronic transactions with visible trusted parties
US5659616A (en) * 1994-07-19 1997-08-19 Certco, Llc Method for securely using digital signatures in a commercial cryptographic system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5659616A (en) * 1994-07-19 1997-08-19 Certco, Llc Method for securely using digital signatures in a commercial cryptographic system
US5615268A (en) * 1995-01-17 1997-03-25 Document Authentication Systems, Inc. System and method for electronic transmission storage and retrieval of authenticated documents
US5629982A (en) * 1995-03-21 1997-05-13 Micali; Silvio Simultaneous electronic transactions with visible trusted parties
WO1997004410A1 (en) * 1995-07-18 1997-02-06 Sloo Marshall A On-line contract negotiating apparatus and method
WO1997012344A2 (en) * 1995-09-29 1997-04-03 Dallas Semiconductor Corporation Method, apparatus, system and firmware for secure transactions

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001071971A1 (en) * 2000-03-21 2001-09-27 Smarttrust Systems Oy Digital contract
WO2002042889A1 (en) * 2000-11-24 2002-05-30 Nokia Corporation Improvement in and relating to transaction security
EP1308871A2 (en) * 2001-11-02 2003-05-07 Nokia Corporation Controlling transactions
GB2381633A (en) * 2001-11-02 2003-05-07 Nokia Corp Controlling transactions
EP1308871A3 (en) * 2001-11-02 2004-01-14 Nokia Corporation Controlling transactions
US10615978B2 (en) 2015-10-10 2020-04-07 China Iwncomm Co., Ltd. Multi-TTP-based method and device for verifying validity of identity of entity
US10812480B2 (en) 2015-10-10 2020-10-20 China Iwncomm Co., Ltd. Method and device for verifying validity of identity of entity
CN112165597A (zh) * 2020-09-28 2021-01-01 平安普惠企业管理有限公司 一种基于多方视频的数据审批方法及装置
CN112165597B (zh) * 2020-09-28 2023-05-02 平安普惠企业管理有限公司 一种基于多方视频的数据审批方法及装置

Also Published As

Publication number Publication date
FI980591A (fi) 2000-01-03
AU751923B2 (en) 2002-08-29
JP2002507812A (ja) 2002-03-12
AU2838599A (en) 1999-10-11
CA2324240A1 (en) 1999-09-23
FI980591A0 (fi) 1998-03-17
CN1297636A (zh) 2001-05-30
EP1064753A1 (en) 2001-01-03

Similar Documents

Publication Publication Date Title
AU755054B2 (en) Method, arrangement and apparatus for authentication through a communications network
US5181238A (en) Authenticated communications access service
EP0993662B1 (en) Procedure for the control of applications stored in a subscriber identity module
US7689204B2 (en) Method of unlocking a mobile telephone type wireless communication terminal
EP1615097B1 (en) Dual-path-pre-approval authentication method
CN101005503B (zh) 用于侦听客户端和服务之间的通信的方法和数据处理系统
DE69933012T2 (de) Verfahren zur dynamischen aktualisierung von einheitskryptoschlüsseln in einem zellularen telefonsystem
CN109089264A (zh) 一种移动终端免密登录的方法及系统
EP1264490B1 (de) Verfahren zum festellen der authentizität der identität eines dienste-nutzers und vorrichtung zum durchführen des verfahrens
JPH11507451A (ja) 許可されていないアカウントアクセスを検出するシステム
US6993666B1 (en) Method and apparatus for remotely accessing a password-protected service in a data communication system
EP0749618B1 (en) Method to identify clients and method for using a teleterminal device
AU751923B2 (en) Procedure and system for reliable and safe identification of a contracting party
EP1610528A2 (en) System and method of asserting identities in a telecommunications network
CN100574345C (zh) 用于匿名呼叫建立的方法与装置
CN115982694A (zh) 一种资源访问的方法、装置、设备及介质
EP1680940A1 (en) Method of user authentication
EP0645688A1 (en) Method for the identification of users of telematics servers
CN112398858A (zh) 一种快递员进行实名身份认证的方法及系统
CN105162600A (zh) 互联网应用的认证信息发送方法和装置
EP1935202A1 (de) Entsperren von mobilfunkkarten
DE102005003208A1 (de) Authentisierung eines Benutzers
CN111885073B (zh) 车辆赠予方法及服务器
RU2747039C1 (ru) Способ идентификации абонента в сети оператора связи и его подключения к оператору связи
WO2022173354A1 (en) Method for validating the identity of parties to a call

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 99804083.5

Country of ref document: CN

AK Designated states

Kind code of ref document: A1

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SL SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWE Wipo information: entry into national phase

Ref document number: 1999908986

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 28385/99

Country of ref document: AU

ENP Entry into the national phase

Ref document number: 2324240

Country of ref document: CA

Ref document number: 2324240

Country of ref document: CA

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: KR

WWP Wipo information: published in national office

Ref document number: 1999908986

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: CA

WWG Wipo information: grant in national office

Ref document number: 28385/99

Country of ref document: AU

WWW Wipo information: withdrawn in national office

Ref document number: 1999908986

Country of ref document: EP