WO2003085931A1 - Secure communication of sensitive data in a wireless telephone system - Google Patents

Secure communication of sensitive data in a wireless telephone system Download PDF

Info

Publication number
WO2003085931A1
WO2003085931A1 PCT/US2002/010863 US0210863W WO03085931A1 WO 2003085931 A1 WO2003085931 A1 WO 2003085931A1 US 0210863 W US0210863 W US 0210863W WO 03085931 A1 WO03085931 A1 WO 03085931A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
secure data
wireless telephone
secure
web page
Prior art date
Application number
PCT/US2002/010863
Other languages
French (fr)
Inventor
Ashesh Shah
Original Assignee
Wallaware,Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wallaware,Inc. filed Critical Wallaware,Inc.
Priority to PCT/US2002/010863 priority Critical patent/WO2003085931A1/en
Priority to AU2002311802A priority patent/AU2002311802A1/en
Publication of WO2003085931A1 publication Critical patent/WO2003085931A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Definitions

  • This invention relates to communicating secure data, and more particularly to communicating secure data in a wireless telephone system.
  • Radio frequency signals which are electromagnetic waves, to transmit and receive signals, representing sounds (audio), to and from a base station, which in turn conveys the signals typically over wires (optical or copper) to and through the telephone network.
  • radio frequency signals are not transmitted over a telephone wire
  • wireless telephones are not tied to a location and are sometimes referred to as mobile phones.
  • a person with a receiver that is compatible with the wireless phone signals can receive and decode the radio frequency signals and eavesdrop on a conversation associated with a mobile phone.
  • Certain wireless telephones are also equipped to send and receive digital data, to browse web pages from a network, such as the Internet.
  • the mobile phones then transmit data requests for the web pages to the base station, which in turn transmits the requests over a network to a web site associated with the web page.
  • the web site transmits the web page over the network to the base station, which then transmits the page to the wireless telephone using radio frequency signals.
  • An eavesdropper with a compatible receiver can not only view the web pages sent to the wireless telephone, by receiving and decoding the radio frequency signals, but can also receive and decode data sent by or to the base station. Consequently, secure data, such as credit card information, is seldom transmitted from the wireless telephone system to the base station, and transactions or exchanges of secure information do not occur without concern of interception.
  • the invention relates to methods and apparatus for ensuring the security of sensitive data in a wireless telephone system.
  • the method features, at a server, receiving secure data over a secure computer network, storing the received secure data in the system, transmitting a user ID, associated with the secured data, to the user over the secure computer network, receiving an identifier associated with a wireless telephone used by the user when the user ID is received from the wireless telephone, and storing the identifier in association with the secure data.
  • the wireless telephone after receiving the user ID from the wireless telephone, the wireless telephone is directed to authenticate the user of the wireless telephone and, if the user is successfully authenticated, then receiving and storing the identifier of the wireless telephone and associating the stored secured data with the identifier associated with the wireless telephone.
  • the method further features receiving a request for a web page from the wireless telephone, retrieving the web page from a remote location over a secure network (which may or may not be the same secure network previously noted), determining whether the web page contains a request for the stored secured data, and if the web page contains such a request, directing the wireless telephone to authenticate the operator of the wireless telephone. If the operator is successfully authenticated, the method retrieves stored secure data and transmits that secure data to a designated remote location over a secure communications path. Otherwise, if the web page does not contain a request for the secure data, the method transmits the web page to the wireless telephone without further action.
  • a secure network which may or may not be the same secure network previously noted
  • the method waits a predetermined time period within which time it either receives the user ID and telephone identifier or the user ID and associated secure data are discarded.
  • the invention relates to a system for reading a computer readable medium which stores machine-executable instructions, the instructions causing the system to receive secure data over a secure computer network, store the received secure data in the system, transmit a user ID, associated with the secure data, to the user over the secure computer network, receive an identifier associated with a wireless telephone used by the user when the user ID is received from the wireless telephone, and store the identifier in association with the secure data.
  • the instructions after receiving the user ID from the wireless telephone, the instructions cause the system to direct the wireless telephone to authenticate the user of the wireless telephone and, if the user is successfully authenticated, to receive and store the identifier of the wireless telephone and associate the store secure data with the identifier associated with the wireless telephone.
  • the method and apparatus of the invention provide for a secure method of and apparatus for transmitting sensitive and proprietary information to a web page site when contact with the site is made from a wireless telephone.
  • the secure data is never sent
  • the method and apparatus provide a convenient and easily implemented system.
  • FIG 1 is a block diagram of a wireless telephone system
  • FIG 2 is a flow chart of the process implemented by a celco server of the wireless telephone system to associate a wireless phone with secure data
  • FIG 3 is an example of a web page presented by the celco server of FIG. 1 to collect the secure data from a user;
  • FIG 4 is an example of a web page presented by the celco server of FIG 1 directing the user to call a particular number using the wireless phone; and
  • FIG. 5 is a flow chart of the process implemented by the celco server of FIG.1 to provide the secure data to the remote server of FIG 1.
  • a wireless telephone system 10 includes at least one wireless phone 12 that is equipped to browse web pages 14.
  • An operator of the wireless phone 12 can transmit insecure data 16, such as requests for web pages 14 from the wireless phone.
  • Transmissions to and from the wireless phone are currently transmitted using wireless signals, for example, radio frequency signals, through the atmosphere to a base station 18, which in turn conveys the transmission over a celco network 20, such as an intranet provided by a wireless telephone service provider, to a celco server 22 provided, for example, by the wireless telephone service provider.
  • a celco network 20 such as an intranet provided by a wireless telephone service provider
  • other wireless transmission media could be use, such as for example infrared, optical, or microwave transmission.
  • the celco server 22 retrieves web pages 14 from a remote server 26 over a secure internet connection 27 for transmission to the operator of the wireless phone (through celco local network 20 and the wireless link to the phone 12) and provides the web pages 14 to the wireless phone 12.
  • the celco server 22 also provides celco web pages 28 to a client computer, such as client computer 30, and receives secure data 24 from the client computer 30 as will be described below.
  • An eavesdropper can receive the wireless signals using a receiver that is compatible with the wireless telephone 12 and view the web pages 14 and insecure data 16 transmitted between the wireless phone 12 and the base station 18.
  • the celco server 22 selectively stores secure data 24 in association with each wireless phone 12.
  • the remote server 26 requests the secure data 24
  • the celco server 22 will provide the requested secure data 24 to the remote server 26, under certain authorized conditions, thereby avoiding the transmission of that secure data 24 over the insecure wireless connection between the wireless phone 12 and the base station 18.
  • the celco server 22 receives a request, for example, from a client computer, for the celco to store secure data in its data storage or database.
  • the secure data can be, for example, security passwords, credit card information, financial data, etc. This is indicated at 100.
  • the requests can also come from other than a client computer so long as the request is preferably placed on a secure network or other secure communications channel between the user and the celco server.
  • the celco server after receipt of the secure data as indicated at step 120, generates a user ID in association with the secure data (step 120) and transmits that user ID to the user over a secure communications link such as the network 27.
  • the user is also instructed to call the celco server using the wireless telephone. Upon making the phone call, the user is instructed to enter the user ID for identification purposes. This is indicated at 130.
  • the celco server sends the user ID to a client or user, it also initializes a timer, at 140.
  • the celco is checking, continuously, to see if a call is received corresponding to that user ID (at 150) and if no call is received, it checks (at 160) to see whether the timer value exceeds a predetermined threshold value. If the threshold value is not exceeded, and if no call has been received, then the system returns to checking for a received call at 150. Otherwise, the celco server discards the user ID as well as the secured data previously sent by the user. This is indicated at 170.
  • the celco server requests authentication from the user, at 180. If the authentication received by the user is successful, at 190, the celco server then requests the user ID at 200 and checks that the user ID is correct at 210. If either the user ID is incorrect or authentication fails, the celco server discards the secure data as well as the associated user ID, but only if the threshold value of the timer has been exceeded. Note that without the user ED, there is no identification of which secure data to discard and therefore it is impossible for the celco server to identify the data to discard prior to the expiration of the threshold value which can be, for example, at least 5 or 10 minutes, or longer.
  • the celco saves the secure data in association with a telephone ID in its database.
  • the telephone ID is, for example, the Sim card PUC number and telephone ID number which are stored in a unique association, with each wireless telephone. Accordingly, the celco server associates these pieces of data to each other at 222. Thereafter, when that wireless telephone calls the celco server, the identification of the phone is assured and after a dual identification process as described in more detail in Fig. 5, the secure data can be sent to a requesting website.
  • the secure data can be entered in a web page provided by the celco server to, for example, a client computer.
  • the web page 280 can provide an identification of the credit card number and its type, the name of the credit card holder and his or her billing address, as well as the expiration date of the credit card.
  • the data will include the telephone number of the wireless phone to be associated with this credit card number.
  • the celco server provides a telephone number to call, using the wireless telephone, along with a user ID to be provided, at a prompt, during the call. The celco discards the secure data if the call is not received from the wireless phone within a specified time-frame and the user ID is provided.
  • the celco server also designated a proxy server
  • receives a request for a web page from the wireless phone as indicated at 300
  • the celco or proxy server retrieves the web page from a remote server over a secure internet connection (310).
  • a parser, at the celco or proxy server parses the received web page to determine whether that page includes a request for secure data which has previously been stored at the database within the celco server. This is indicated at 320. If secure data is not requested, the proxy server or celco server transmits the received web page to the wireless telephone (at 330).
  • the proxy server or celco server requests authentication from the user of the wireless telephone. This is indicated at 340. If the user is successfully authenticated, by either passwords and/or the telephone ID embedded in the wireless phone (as checked at 340), the celco provides the secure data, after the user authorizes such action, to the remote server. This is indicated at 350, 360. The secure data is then sent, over a secure Internet connection, to the remote user at 370.
  • the proxy server simply transmits the web page to the wireless phone and the wireless phone user is left to deal with the web page as desired. It is also important to note that should the telephone be stolen or otherwise "comprised” and fall into the hands of an unauthorized user, the failure to properly authenticate the phone can be dealt with by the wireless base station operator turning the phone off and placing it in a locked condition, thereby rendering the phone useless. This built-in protection further advantageously protects the security of any sensitive information stored at the celco.
  • a single user may have several discrete items of secure data.
  • there can be a "wallet" for each user each wallet having a number of items in it.
  • the user is also provided with the flexibility of making the secure information available, selectively, to different devices.
  • a user using a first wireless device may have access to certain elements in the wallet while a user using a different wireless device, for example a child of the original user, may have access to different elements of the wallet.
  • access may be limited depending upon the information provided to the celco so that secure data can only be sent to, for example, certain classes of recipients, depending upon both the data and the device.
  • provision can be made to enable different users to have different "rights" with regard to various elements in the wallet, even using the same device. This may be accomplished, for example, by using different identifications and/or passwords, in combination with different authentications.
  • the secured data is sent to a remote requester, when properly authorized by the user, over a secure network and never over the unsecured wireless network.
  • the user can perform various functions such as the purchase of goods and services, the transmittal of sensitive information, etc. without fear of compromising the sensitive information which can include credit card information, personal data, etc.

Abstract

The invention relates to methods and apparatus for ensuring the security of sensitive data used in connection with wireless telephone systems. A server receives secure data over a secure computer network (110) and stores that data. If then transmits a user ID, associated with the secure data, to the user over the secure network (130). Thereafter, it receives the user ID from the user over a wireless telephone link (200) and in association therewith receives an identifier associated with the wireless telephone. The identifier and the secure data are stored in association which each other (220). Thereafter, upon proper authorization and, if necessary, authentication and validation, the system will send the secure data to a selected receiver, for example, a website, over a secure network in response to instructions over the wireless network.

Description

SECURE COMMUNICATION OF SENSITIVE DATA IN A WIRELESS TELEPHONE SYSTEM
TECHNICAL FIELD
This invention relates to communicating secure data, and more particularly to communicating secure data in a wireless telephone system.
BACKGROUND Wireless telephone systems today use radio frequency signals, which are electromagnetic waves, to transmit and receive signals, representing sounds (audio), to and from a base station, which in turn conveys the signals typically over wires (optical or copper) to and through the telephone network. Because the radio frequency signals are not transmitted over a telephone wire, wireless telephones are not tied to a location and are sometimes referred to as mobile phones. However, a person with a receiver that is compatible with the wireless phone signals, can receive and decode the radio frequency signals and eavesdrop on a conversation associated with a mobile phone.
Certain wireless telephones are also equipped to send and receive digital data, to browse web pages from a network, such as the Internet. The mobile phones then transmit data requests for the web pages to the base station, which in turn transmits the requests over a network to a web site associated with the web page. The web site transmits the web page over the network to the base station, which then transmits the page to the wireless telephone using radio frequency signals. An eavesdropper with a compatible receiver can not only view the web pages sent to the wireless telephone, by receiving and decoding the radio frequency signals, but can also receive and decode data sent by or to the base station. Consequently, secure data, such as credit card information, is seldom transmitted from the wireless telephone system to the base station, and transactions or exchanges of secure information do not occur without concern of interception.
- I - SUMMARY
The invention relates to methods and apparatus for ensuring the security of sensitive data in a wireless telephone system. The method features, at a server, receiving secure data over a secure computer network, storing the received secure data in the system, transmitting a user ID, associated with the secured data, to the user over the secure computer network, receiving an identifier associated with a wireless telephone used by the user when the user ID is received from the wireless telephone, and storing the identifier in association with the secure data. In a particular application, after receiving the user ID from the wireless telephone, the wireless telephone is directed to authenticate the user of the wireless telephone and, if the user is successfully authenticated, then receiving and storing the identifier of the wireless telephone and associating the stored secured data with the identifier associated with the wireless telephone.
In a particular embodiment of the invention, the method further features receiving a request for a web page from the wireless telephone, retrieving the web page from a remote location over a secure network (which may or may not be the same secure network previously noted), determining whether the web page contains a request for the stored secured data, and if the web page contains such a request, directing the wireless telephone to authenticate the operator of the wireless telephone. If the operator is successfully authenticated, the method retrieves stored secure data and transmits that secure data to a designated remote location over a secure communications path. Otherwise, if the web page does not contain a request for the secure data, the method transmits the web page to the wireless telephone without further action.
In yet another aspect of the invention, once the method transmits the user ID to the user, the method waits a predetermined time period within which time it either receives the user ID and telephone identifier or the user ID and associated secure data are discarded.
In other aspects, the invention relates to a system for reading a computer readable medium which stores machine-executable instructions, the instructions causing the system to receive secure data over a secure computer network, store the received secure data in the system, transmit a user ID, associated with the secure data, to the user over the secure computer network, receive an identifier associated with a wireless telephone used by the user when the user ID is received from the wireless telephone, and store the identifier in association with the secure data. In a particular application, after receiving the user ID from the wireless telephone, the instructions cause the system to direct the wireless telephone to authenticate the user of the wireless telephone and, if the user is successfully authenticated, to receive and store the identifier of the wireless telephone and associate the store secure data with the identifier associated with the wireless telephone.
Accordingly, the method and apparatus of the invention provide for a secure method of and apparatus for transmitting sensitive and proprietary information to a web page site when contact with the site is made from a wireless telephone. The secure data is never sent
"in the clear" over an insecure line. Accordingly, the likelihood of interception and theft is substantially reduced. Furthermore, the method and apparatus provide a convenient and easily implemented system.
The details of one or more embodiments of the invention are set forth in the accompa- nying drawings and the description below. Other features, objects, and advantages of the invention will be apparent from the description and drawings, and from the claims.
DESCRIPTION OF DRAWINGS
FIG 1 is a block diagram of a wireless telephone system;
FIG 2 is a flow chart of the process implemented by a celco server of the wireless telephone system to associate a wireless phone with secure data;
FIG 3 is an example of a web page presented by the celco server of FIG. 1 to collect the secure data from a user;
FIG 4 is an example of a web page presented by the celco server of FIG 1 directing the user to call a particular number using the wireless phone; and FIG. 5 is a flow chart of the process implemented by the celco server of FIG.1 to provide the secure data to the remote server of FIG 1.
Like reference symbols in the various drawings indicate like elements.
DETAILED DESCRIPTION
Referring to FIG 1, a wireless telephone system 10, in this embodiment, includes at least one wireless phone 12 that is equipped to browse web pages 14. An operator of the wireless phone 12 can transmit insecure data 16, such as requests for web pages 14 from the wireless phone. Transmissions to and from the wireless phone are currently transmitted using wireless signals, for example, radio frequency signals, through the atmosphere to a base station 18, which in turn conveys the transmission over a celco network 20, such as an intranet provided by a wireless telephone service provider, to a celco server 22 provided, for example, by the wireless telephone service provider. In other embodiments of the invention, other wireless transmission media could be use, such as for example infrared, optical, or microwave transmission. The celco server 22 retrieves web pages 14 from a remote server 26 over a secure internet connection 27 for transmission to the operator of the wireless phone (through celco local network 20 and the wireless link to the phone 12) and provides the web pages 14 to the wireless phone 12. The celco server 22 also provides celco web pages 28 to a client computer, such as client computer 30, and receives secure data 24 from the client computer 30 as will be described below.
An eavesdropper can receive the wireless signals using a receiver that is compatible with the wireless telephone 12 and view the web pages 14 and insecure data 16 transmitted between the wireless phone 12 and the base station 18. As will be described in greater detail below, the celco server 22 selectively stores secure data 24 in association with each wireless phone 12. When the remote server 26 requests the secure data 24, the celco server 22 will provide the requested secure data 24 to the remote server 26, under certain authorized conditions, thereby avoiding the transmission of that secure data 24 over the insecure wireless connection between the wireless phone 12 and the base station 18.
Referring to Fig. 2, in a particular embodiment of the operation of the invention, the celco server 22 receives a request, for example, from a client computer, for the celco to store secure data in its data storage or database. The secure data can be, for example, security passwords, credit card information, financial data, etc. This is indicated at 100. The requests can also come from other than a client computer so long as the request is preferably placed on a secure network or other secure communications channel between the user and the celco server. In response, the celco server after receipt of the secure data as indicated at step 120, generates a user ID in association with the secure data (step 120) and transmits that user ID to the user over a secure communications link such as the network 27. The user is also instructed to call the celco server using the wireless telephone. Upon making the phone call, the user is instructed to enter the user ID for identification purposes. This is indicated at 130. In a typical environment, when the celco server sends the user ID to a client or user, it also initializes a timer, at 140. When the user thereafter calls from the wireless telephone, and sends its user ID, the celco is checking, continuously, to see if a call is received corresponding to that user ID (at 150) and if no call is received, it checks (at 160) to see whether the timer value exceeds a predetermined threshold value. If the threshold value is not exceeded, and if no call has been received, then the system returns to checking for a received call at 150. Otherwise, the celco server discards the user ID as well as the secured data previously sent by the user. This is indicated at 170.
If the wireless call is received within the time period allowed (the "threshold value"), in a particular preferred embodiment of the invention, the celco server requests authentication from the user, at 180. If the authentication received by the user is successful, at 190, the celco server then requests the user ID at 200 and checks that the user ID is correct at 210. If either the user ID is incorrect or authentication fails, the celco server discards the secure data as well as the associated user ID, but only if the threshold value of the timer has been exceeded. Note that without the user ED, there is no identification of which secure data to discard and therefore it is impossible for the celco server to identify the data to discard prior to the expiration of the threshold value which can be, for example, at least 5 or 10 minutes, or longer.
Once the correct authentication and user ID have been provided, the celco, at 220, saves the secure data in association with a telephone ID in its database. The telephone ID is, for example, the Sim card PUC number and telephone ID number which are stored in a unique association, with each wireless telephone. Accordingly, the celco server associates these pieces of data to each other at 222. Thereafter, when that wireless telephone calls the celco server, the identification of the phone is assured and after a dual identification process as described in more detail in Fig. 5, the secure data can be sent to a requesting website. Referring now to Figs. 3 and 4, in a particular embodiment of the invention, the secure data can be entered in a web page provided by the celco server to, for example, a client computer. If the secure data is credit card information, the web page 280 can provide an identification of the credit card number and its type, the name of the credit card holder and his or her billing address, as well as the expiration date of the credit card. In addition, the data will include the telephone number of the wireless phone to be associated with this credit card number. In response to receiving the completed form, referring to Fig. 5, the celco server provides a telephone number to call, using the wireless telephone, along with a user ID to be provided, at a prompt, during the call. The celco discards the secure data if the call is not received from the wireless phone within a specified time-frame and the user ID is provided.
In operation, referring now to Fig. 5, when the celco server, also designated a proxy server, receives a request for a web page from the wireless phone, as indicated at 300, the celco or proxy server retrieves the web page from a remote server over a secure internet connection (310). A parser, at the celco or proxy server parses the received web page to determine whether that page includes a request for secure data which has previously been stored at the database within the celco server. This is indicated at 320. If secure data is not requested, the proxy server or celco server transmits the received web page to the wireless telephone (at 330).
On the other hand, if the web page does request data which has been stored within the celco database as "secure data", the proxy server or celco server requests authentication from the user of the wireless telephone. This is indicated at 340. If the user is successfully authenticated, by either passwords and/or the telephone ID embedded in the wireless phone (as checked at 340), the celco provides the secure data, after the user authorizes such action, to the remote server. This is indicated at 350, 360. The secure data is then sent, over a secure Internet connection, to the remote user at 370.
If the user decides not to send the secure data from the celco or proxy server, or if the requested data is not stored at the proxy server, it still receives the web page but the proxy server will not provide the secure data to the remote site and the user must either provide it over the insecure wireless communications link or not provide it at all. Further, if the telephone was not successfully authenticated, the proxy server simply transmits the web page to the wireless phone and the wireless phone user is left to deal with the web page as desired. It is also important to note that should the telephone be stolen or otherwise "comprised" and fall into the hands of an unauthorized user, the failure to properly authenticate the phone can be dealt with by the wireless base station operator turning the phone off and placing it in a locked condition, thereby rendering the phone useless. This built-in protection further advantageously protects the security of any sensitive information stored at the celco.
Further, it is also important to recognize that a single user may have several discrete items of secure data. Thus, in the creation of the database for holding the secured data at the celco, there can be a "wallet" for each user, each wallet having a number of items in it. In a preferred embodiment of the invention, the user is also provided with the flexibility of making the secure information available, selectively, to different devices. Thus, a user using a first wireless device may have access to certain elements in the wallet while a user using a different wireless device, for example a child of the original user, may have access to different elements of the wallet. Further, access may be limited depending upon the information provided to the celco so that secure data can only be sent to, for example, certain classes of recipients, depending upon both the data and the device. In yet other embodiments, provision can be made to enable different users to have different "rights" with regard to various elements in the wallet, even using the same device. This may be accomplished, for example, by using different identifications and/or passwords, in combination with different authentications.
Accordingly, therefore, the secured data is sent to a remote requester, when properly authorized by the user, over a secure network and never over the unsecured wireless network. As a result, therefore, the user can perform various functions such as the purchase of goods and services, the transmittal of sensitive information, etc. without fear of compromising the sensitive information which can include credit card information, personal data, etc.
Although the invention has been described with reference to a particular embodiment, it will be understood that various additions, deletions, and other modifications may be made without departing from the spirit and scope of the invention. Accordingly, other embodiments are within the scope of the following claims.

Claims

WHAT IS CLAIMED
1. A method for ensuring the security of sensitive data comprising: receiving secure data over a secure computer network; storing said secure data; transmitting a user ID, associated with the secure data, to the user over the secure computer network; receiving the user ED from a wireless telephone; receiving an identifier associated with the wireless telephone; and storing said identifier in association with said secure data.
2. The method of claim 1 further comprising: timing the duration between said transmitting and user ID receiving steps; and terminating said method should said time duration be greater than a predetermined time duration.
3. A method for ensuring the security of sensitive data comprising: receiving secure data over a secure computer network; storing said secure data; transmitting a user ID associated with the secure data to the user over the secure computer network; receiving the user ID from a wireless telephone; directing the wireless telephone to authenticate a user of the wireless telephone; and if the user is successfully authenticated: receiving and storing an identifier of the wireless telephone; and associating the stored secure data with the identifier of the wireless telephone.
4. The method of claim 3 further comprising: receiving a request for a web page from the wireless telephone; retrieving the web page from a remote location over a secure network; determining whether the web page contains a request for stored secure data; if the web page contains a request for the stored secure data: directing the wireless telephone to authenticate the operator of the wireless telephone; if the operator is successfully authenticated, in response to a user request, retrieving the stored secure data and transmitting the secure data to the remote location; otherwise if the web page does not contain a request for the secure data: transmitting the web page to the wireless telephone
5. The method of claim 3 further comprising: prior to receiving the secure data from the client computer: transmitting a web page to the client computer requesting the secure data.
6. An article comprising a computer-readable medium which stores machine-executable instructions, the instructions causing a machine to: receive secure data over a secure computer network; transmit a user ED associated with the secure data, to the user over the secure computer network; receive the user ED from a wireless telephone; receive an identifier associated with the wireless telephone; and store the identifier in association with the secure data.
7. A method for ensuring the security of sensitive data comprising: receiving secure data over a secure computer network; transmitting a user ID associated with the secure data to the user over the secure computer network; receiving the user ID from a wireless telephone; directing the wireless telephone to authenticate the user of the wireless telephone; and if the user is successfully authenticated: storing an identifier of the wireless telephone in association with the secure data.
8. The method of claim 7 further comprising: receiving a request for a web page from the wireless telephone; retrieving the web page from a remote location; determining whether the web page contains a request for the stored secure data; if the web page contains a request for the stored secure data: directing the wireless telephone to authenticate the user of the wireless telephone; if the user is successfully authenticated, retrieving, upon user request, the requested stored secure data and transmitting the secure data to the remote location over a secure network; otherwise, if the web page does not contain a request for the secure data: transmitting the web page to the wireless telephone.
9. The method of claim 7 further comprising: prior to receiving the secure data: transmitting a web page to a client computer requesting the secure data.
10. An apparatus for ensuring the security of sensitive data comprising: means for receiving secure data over a secure computer network; means for storing said secure data; means for transmitting a user ED, associated with the secure data, to the user over the secure computer network; means for receiving the user ED from a wireless telephone; means for receiving an identifier associated with the wireless telephone; and means for storing said identifier in association with said secure data.
11. The apparatus of claim 10 further comprising: means for timing the duration between transmitting a user ED and receiving the user ID from a wireless telephone; and means for terminating said operation should said time duration be greater than a predetermined time duration.
12. An apparatus for ensuring the security of sensitive data comprising: means for receiving secure data over a secure computer network; means for storing said secure data; means for transmitting a user ID associated with the secure data to the user over the secure computer network; means for receiving the user ED from a wireless telephone; means for directing the wireless telephone to authenticate a user of the wireless telephone; and means, if the user is successfully authenticated, for receiving and storing an identifier of the wireless telephone, and associating the stored secure data with the identifier of the wireless telephone.
13. The apparatus of claim 12 further comprising: means for receiving a request for a web page from the wireless telephone; means for retrieving the web page from a remote location over a secure network; means for determining whether the web page contains a request for the stored secure data; means, if the web page contains a request for the stored secure data, for directing the wireless telephone to authenticate the operator of the wireless telephone;
I I means, if the operator is successfully authenticated, in response to a user request, for retrieving the stored secure data; and means for transmitting the secure data to the remote location; and means, if the web page does not contain a request for the secure data, for transmitting the web page to the wireless telephone.
14. The apparatus of claim 13 further comprising: means, prior to receiving the secure data from the client computer, for transmitting a web page to the client computer requesting the secure data.
15. An apparatus for ensuring the security of sensitive data comprising: means for receiving secure data over a secure computer network; means for transmitting a user ID associated with the secure data to the user over the secure computer network; means for receiving the user ID from a wireless telephone; means for directing the wireless telephone to authenticate the user of the wireless telephone; and means, if the user is successfully authenticated, for storing an identifier of the wireless telephone in association with the secure data.
16. The apparatus of claim 15 further comprising: means for receiving a request for a web page from the wireless telephone; means for retrieving the web page from a remote location; means for determining whether the web page contains a request for the stored secure data; means, if the web page contains a request for the stored secure data, for directing the wireless telephone to authenticate the user of the wireless telephone; means, if the user is successfully authenticated, for retrieving, in response to a user request, the requested stored secure data and transmitting the secure data to the remote location over a secure network; and means, if the web page does not contain a request for the secure data, for transmitting the web page to the wireless telephone.
17. The apparatus of claim 15 further comprising: means, prior to receiving the secure data, for transmitting a web page to a client computer requesting the secure data.
PCT/US2002/010863 2002-04-04 2002-04-04 Secure communication of sensitive data in a wireless telephone system WO2003085931A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/US2002/010863 WO2003085931A1 (en) 2002-04-04 2002-04-04 Secure communication of sensitive data in a wireless telephone system
AU2002311802A AU2002311802A1 (en) 2002-04-04 2002-04-04 Secure communication of sensitive data in a wireless telephone system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2002/010863 WO2003085931A1 (en) 2002-04-04 2002-04-04 Secure communication of sensitive data in a wireless telephone system

Publications (1)

Publication Number Publication Date
WO2003085931A1 true WO2003085931A1 (en) 2003-10-16

Family

ID=28789626

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2002/010863 WO2003085931A1 (en) 2002-04-04 2002-04-04 Secure communication of sensitive data in a wireless telephone system

Country Status (2)

Country Link
AU (1) AU2002311802A1 (en)
WO (1) WO2003085931A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8635668B1 (en) 2012-07-11 2014-01-21 International Business Machines Corporation Link analysis tool for security information handling system
US8726350B2 (en) 2012-07-11 2014-05-13 International Business Machines Corporation Network selection tool for information handling system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0848361A1 (en) * 1996-12-13 1998-06-17 Nixu Oy Method and system for performing money transactions
WO2001099378A1 (en) * 2000-06-22 2001-12-27 Icl Invia Oyj Arrangement for authenticating user and authorizing use of secured system
WO2002019614A1 (en) * 2000-08-29 2002-03-07 Myespace.Net Private Limited Method and system for authenticating e-commerce transaction

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0848361A1 (en) * 1996-12-13 1998-06-17 Nixu Oy Method and system for performing money transactions
WO2001099378A1 (en) * 2000-06-22 2001-12-27 Icl Invia Oyj Arrangement for authenticating user and authorizing use of secured system
WO2002019614A1 (en) * 2000-08-29 2002-03-07 Myespace.Net Private Limited Method and system for authenticating e-commerce transaction

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8635668B1 (en) 2012-07-11 2014-01-21 International Business Machines Corporation Link analysis tool for security information handling system
US8726350B2 (en) 2012-07-11 2014-05-13 International Business Machines Corporation Network selection tool for information handling system
US8800000B2 (en) 2012-07-11 2014-08-05 International Business Machines Corporation Link analysis tool for security information handling system
US8806575B2 (en) 2012-07-11 2014-08-12 International Business Machines Corporation Network selection tool for information handling system

Also Published As

Publication number Publication date
AU2002311802A1 (en) 2003-10-20

Similar Documents

Publication Publication Date Title
US7979054B2 (en) System and method for authenticating remote server access
US8646063B2 (en) Methods, apparatus, and computer program products for subscriber authentication and temporary code generation
US6490687B1 (en) Login permission with improved security
US20030061503A1 (en) Authentication for remote connections
US7502931B2 (en) Method and device for authenticating a user on a remote server
WO2001080525A1 (en) Network access security
US7827411B2 (en) Method, system, and end user device for identifying a sender in a network
CN104618401A (en) Real-name system-based wifi one-key logging method
CN108347730B (en) Wireless communication processing method and device
US7177425B2 (en) Device and method for securing information associated with a subscriber in a communication apparatus
JP2000184448A (en) Personal communication system and its communicating method
EP0948851A1 (en) Method for identification of a data transmission device
CN108513272B (en) Short message processing method and device
CN101420430B (en) Methods and apparatus for information security protection
EP1176760A1 (en) Method of establishing access from a terminal to a server
US9648495B2 (en) Method and device for transmitting a verification request to an identification module
WO2003085931A1 (en) Secure communication of sensitive data in a wireless telephone system
JP2011192129A (en) Log-in authentication system using portable telephone terminal
KR100791254B1 (en) Apparatus and method for retrieving multimedia message in mobile communication terminal
EP2204030B1 (en) Transmission of messages
CN103490888A (en) Implementation method and system for binding reader and terminal safety control module
KR20000018668A (en) Method for communicating in a mobile communication system
US7933582B2 (en) Telecommunication system with improved confidentiality
EP1590919A1 (en) Method for setting up a secure connection using public and private key generated in user terminal
JP2009211515A (en) Personal authentication system, personal authentication server, personal authentication method, and personal authentication program

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP