WO2008028202A1 - Verfahren und anlage zum freischalten einer mobilstation in einem mobilfunknetz - Google Patents
Verfahren und anlage zum freischalten einer mobilstation in einem mobilfunknetz Download PDFInfo
- Publication number
- WO2008028202A1 WO2008028202A1 PCT/AT2006/000429 AT2006000429W WO2008028202A1 WO 2008028202 A1 WO2008028202 A1 WO 2008028202A1 AT 2006000429 W AT2006000429 W AT 2006000429W WO 2008028202 A1 WO2008028202 A1 WO 2008028202A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- mobile station
- authorization server
- subscriber identifier
- time
- mobile
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3223—Realising banking transactions through M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/326—Payment applications installed on the mobile devices
- G06Q20/3263—Payment applications installed on the mobile devices characterised by activation or deactivation of payment capabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/26—Network addressing or numbering for mobility support
- H04W8/265—Network addressing or numbering for mobility support for initial activation of new user
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/61—Time-dependent
Definitions
- the invention has the goal to provide an automatable, inexpensive and at the same time secure method for unlocking mobile stations in a mobile radio network.
- This object is achieved by a method of the kind mentioned in the opening paragraph, which is characterized by the steps of: a) receiving the subscriber identifier of a mobile station in the authorization server and setting the authorization status of this mobile station to enabled for a predetermined period of time; b) receiving a first activation request comprising a subscriber identification and an account identification in the authorization and if the predetermined period of time has not yet expired, generating an activation code associated with this subscriber identifier and sending the account identifier and the activation code as part of a billing request to the banking network; c) receiving a second unlock request comprising a subscriber identifier and an unlock code in the entitlement server and, if the subscriber identifier and unlock code are associated with each other and the predetermined period of time has not expired, setting the entitlement status of that mobile station to unlocked.
- the mobile station is already “provisionally” (temporarily) enabled during said predetermined period of time, so that it can be operated immediately in the mobile radio network, eg, for telephoning, and at the same time, by limiting the activation to the predetermined time interval in the case Failed checks minimize billing risk without the need for time-consuming and costly manual intervention.
- a first preferred embodiment of the method according to the invention is characterized in that the authorization status is blocked during the predetermined period of time is reset when a preset operating limit for operation in the mobile network is exceeded.
- the predetermined operating limit thus represents a kind of "credit" for the operation of the mobile station within the predetermined period of time ("pre-paid"), which increases the billing security even further. If the operating limit is exceeded, the mobile station can still be released until the expiry of the predetermined period of time by initiating steps b) and c).
- step a) additionally comprises the generation and transmission of a transaction code associated with the subscriber identifier to the mobile station via the mobile network, the first activation request additionally comprising a transaction code, and in step b), only if received ( r) Transaction code and subscriber identification are assigned to each other and the predetermined period of time has not expired, the activation code generated and sent to the banking network.
- the reception in steps b) and c) takes place via the Internet. This represents a simple and convenient way for the user to transmit the activation requests. - A -
- the invention has the goal of creating an automated, cost-effective and at the same time secure system for activating mobile stations in a mobile radio network.
- This object is achieved with a system of the kind mentioned in the introduction, which according to the invention is characterized in that the authorization server receives the subscriber identity of a mobile station and sets the authorization status of this mobile station to enabled for a predetermined period of time; that the authorization server, upon receipt of a first activation request comprising a subscriber identifier and an account identifier, if the predetermined period of time has not expired, generates an activation code assigned to this subscriber identifier and sends the account identifier and the activation code to the banking network as part of a charging request; and that the authorization server upon receipt of a second activation request comprising a subscriber identifier and an activation code, if the subscriber identifier and activation code are assigned to each other and the predetermined period of time has not yet expired, set the authorization status of this mobile station to enabled.
- the invention is based on a sophisticated combination of several measures, which together ensure that a personal verification of the billing identity of the user of the mobile station for their activation is no longer required and yet billing security is guaranteed, so that results in an automatable, cost-effective and highly secure isolation system.
- the transmission of the subscriber identifier ensures an unambiguous assignment of mobile station and user to be unlocked; and sending the unlock code through the banking network and checking the unlock code before the definitive unlock ensures that the user specified billing identity exists and has access thereto.
- the mobile station is already “provisionally” released temporarily during said predetermined period of time, so that it can be operated immediately in the mobile radio network, eg, for telephoning, and at the same time, by limiting the activation to the predetermined period in the case Failed checks minimize the billing risk without the need for time-consuming and costly manual intervention.
- This embodiment is particularly well-suited for an on-line delivery of the first unlock request detached from the mobile station.
- Checking the transaction code also ensures that the user requesting the activation is actually in the physical possession of the mobile station if not used to send the activation request.
- the safety of the system according to the invention is thereby further increased.
- the first and the second activation request each also include the specification of a user password and the authorization server only activates the mobile station if the specified user passwords match. This can further increase the security of customer identification.
- a mobile station MS transmits its subscriber identity ID to an authorization server TC in a mobile radio network.
- the authorization server TC manages the authorization state "stat" of each mobile station MS in the mobile network and is able to set it from "locked” to "free", as known in the art MS in the locked state - with the exception of the dialing of specific emergency numbers or just this initial call to the authorization server TC - neither make / receive calls, send / receive short messages nor send / receive data packets, while in the unlocked state all this is enabled.
- the mobile station MS may be any mobile terminal known in the art, for example a mobile telephone, a PDA, a portable computer, etc.
- the mobile radio network may also be of any type, for example GSM standard, UMTS standard, etc.
- the authorization server TC the mobile network may consist of one or more distributed over the mobile network hardware or software units, as known in the art; For example, the authorization server TC can also access the home location register (HLR) of a GSM network. Access network for storing the authorization status of mobile stations.
- HLR home location register
- the subscriber identifier ID of the mobile station can also be of any type, for example a unique telephone number or device identifier.
- the subscriber identifier ID used is preferably an IMSI identifier stored on the SIM card of the mobile station.
- the authorization server TC thereupon generates-immediately or optionally only later on a separate request "req- TAN (ID)" of the user U - a transaction code TAN assigned to the subscriber identifier ID and sends it back to the mobile station MS via the mobile radio network.
- the authorization server TC Upon receipt of the initial call "call (ID)", the authorization server TC sets the authorization status "stat ⁇ " of the mobile station MS to "free", namely for a predetermined time period T.
- the time period T is, for example, 2 to 6 weeks, preferably 4 weeks.
- the authorization server TC grants the mobile station MS a predetermined operating limit for the operation during the predetermined period of time T, for example a credit on call minutes, a quantity of sendable short messages or data packets etc. If this operating limit is exceeded within the time period T, the authorization status becomes the mobile station MS back to locked ("lock") reset.
- the authorization server TC Also exceeding the predetermined operating limit during the period T can be communicated from the authorization server TC: "You have no more call minutes / text message. To be able to continue calling, log in! "The transaction code TAN, the reminder reminders and the operating limit violation warning can be sent to the mobile station MS via the mobile network in any manner, for example, as voice messages, preferably as short messages, eg SMS in the case of a GSM network.
- a user U at the mobile station MS transmits the previously - if necessary to the optional separate request "req TAN (ID)" - received transaction code TAN together with the subscriber identifier ID and an account identifier KTO in the form a first unlock request "unlocki (ID, TAN, KTO)" to the authorization server TC.
- the unlock request may include a user-selected user password PW.
- Receiving the first unlock request "unlocki" in the authorization server TC can take place via any communication channel, for example from the mobile station MS via the mobile network, but preferably from an Internet terminal PC of the user U via the Internet, of which the optional previous request "reqTAN (ID) "can be discontinued.
- the unlocking request "unlocki” could also be transmitted by the user U by telephone to a call center agent, who can forward these via the Internet terminal.
- PC sends to the authorization server TC or enters directly into this or its network.
- the account identification KTO transmitted in the activation request "unlocki” refers to a clearing account of the user U in a banking network B, via which the operation of the mobile station MS in the mobile radio network can be charged for the user U.
- the authorization server TC checks on receipt of the activation request " unlocki ", if the received subscriber identifier ID and / or account identifier KTO are in a black list, if so, the activation request is ignored.
- the authorization server TC If the subscriber identifier ID received in step b) and the received transaction code TAN are assigned to each other and, moreover, the predetermined time period T has not yet elapsed, the authorization server TC generates a clear activation code COD associated with the subscriber identifier ID and sends the account identifier KTO and the activation code COD in the context of a billing request "batch (KTO, COD)" to the banking network B.
- the activation code COD can for example consist of a customer identifier of the user U and a sequential booking number of the current billing request "batch".
- the generation and transmission of the transaction code TAN in step a) and receiving and checking the transaction code TAN in step b) omitted because here the identification of the sender of the activation request "unlocki" is already ensured by the subscriber identifier ID of the calling mobile station MS.
- the billing request "batch" is preferably selected so that it only debits the account with the account identifier KTO with a small amount, for example 10 cents.
- the release code COD is transmitted as part of the booking record. u.zw. in any case so that it appears readable on the clearing account KTO of the user U for this.
- the billing request "batch (KTO, COD)" to the bank network B fails and accordingly no booking will be displayed to the user U, so that this The activation of the method with step c) is therefore not possible and the mobile station MS would be blocked after the expiry of the predetermined time period T.
- the banking network B can notify the authorization server TC of the success of the booking (not shown), and the authorization server TC can send to the user U a success message "ok", for example in the form of an e-mail to the Internet terminal PC, if the user U specified an email address at the first unlock request "unlocki".
- a success message "ok” can also be sent to the mobile station MS, for example in the form of an SMS message Since the activation of the mobile station MS has not yet been completed, the authorization server TC continues to transmit "remind" remotely reminders to the mobile station MS.
- step c) the user U sends a second activation request "unlock 2 (ID, COD) ⁇ to the authorization server TC, which contains the subscriber identifier ID and the activation code COD obtained via the banking network B.
- the authorization server TC checks whether the received subscriber identifier ID and the received activation code COD are assigned to each other and the predetermined period of time T has not yet expired, and if so, if so, the request for authorization UnIoCk 2 also includes the specification of the previously selected user password PW User password PW matches that specified in the first unlock request, and then sets the permission state "Stat ⁇ the mobile station MS unlocked (" free ⁇ ).
- the (temporary) activation of the period T is completed.
- the mobile station MS is now enabled for normal operation in the mobile radio network, for example, the further billing of the operation of the mobile station MS can be carried out in a conventional manner in retrospect ("post-paid"), possibly from the preceding pre-paid Phase remaining credit will be credited.
- post-paid retrospect
- step c If the verification of the subscriber identifier ID and the activation code COD (as well as the optional password PW) fails in step c), the authorization status "stat ⁇ remains enabled for the predetermined time period T, but the activation ends when the time period T.
- the authorization server TC can send success messages "ok" to the mobile station MS and / or the Internet terminal PC of the user U.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Accounting & Taxation (AREA)
- General Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Finance (AREA)
- Databases & Information Systems (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
ATGM657/2006 | 2006-09-05 | ||
AT0065706U AT9472U1 (de) | 2006-09-05 | 2006-09-05 | Verfahren und programmlogik zum freischalten einer mobilstation in einem mobilfunknetz |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2008028202A1 true WO2008028202A1 (de) | 2008-03-13 |
Family
ID=37681525
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/AT2006/000429 WO2008028202A1 (de) | 2006-09-05 | 2006-10-20 | Verfahren und anlage zum freischalten einer mobilstation in einem mobilfunknetz |
Country Status (5)
Country | Link |
---|---|
AT (1) | AT9472U1 (hr) |
BG (1) | BG65731B1 (hr) |
DE (1) | DE202006015366U1 (hr) |
HR (1) | HRPK20060343B3 (hr) |
WO (1) | WO2008028202A1 (hr) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102007059252A1 (de) * | 2007-12-07 | 2009-07-30 | T-Mobile Internationale Ag | Verfahren zur einfachen online Aktivierung für SIM Karten mit Datennutzung |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6064879A (en) * | 1994-01-10 | 2000-05-16 | Fujitsu Limited | Mobile communication method, and mobile telephone switching station customer management system, and mobile unit for implementing the same |
US6124799A (en) * | 1995-12-12 | 2000-09-26 | Bellsouth Intellectual Property Corporation | Methods and apparatus for locking communications devices |
US6393270B1 (en) * | 1996-10-11 | 2002-05-21 | Bellsouth Intellectual Property Corp. | Network authentication method for over the air activation |
WO2002058361A2 (en) * | 2000-11-07 | 2002-07-25 | At & T Wireless Services, Inc. | System and method for using a temporary electronic serial number for over-the-air activation of a mobile device |
EP1424617A1 (de) * | 2002-11-26 | 2004-06-02 | Siemens Aktiengesellschaft | Verfahren zur Authentisierung und Vergebührung eines Teilnehmers eines Funknetzes |
EP1662832A1 (en) * | 2004-11-30 | 2006-05-31 | Axalto SA | Preservation of the continuity of service in a telecommunications network |
-
2006
- 2006-09-05 AT AT0065706U patent/AT9472U1/de not_active IP Right Cessation
- 2006-10-05 DE DE202006015366U patent/DE202006015366U1/de not_active Expired - Lifetime
- 2006-10-10 HR HR20060343A patent/HRPK20060343B3/hr not_active IP Right Cessation
- 2006-10-20 WO PCT/AT2006/000429 patent/WO2008028202A1/de active Application Filing
- 2006-11-09 BG BG109734A patent/BG65731B1/bg unknown
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6064879A (en) * | 1994-01-10 | 2000-05-16 | Fujitsu Limited | Mobile communication method, and mobile telephone switching station customer management system, and mobile unit for implementing the same |
US6124799A (en) * | 1995-12-12 | 2000-09-26 | Bellsouth Intellectual Property Corporation | Methods and apparatus for locking communications devices |
US6393270B1 (en) * | 1996-10-11 | 2002-05-21 | Bellsouth Intellectual Property Corp. | Network authentication method for over the air activation |
WO2002058361A2 (en) * | 2000-11-07 | 2002-07-25 | At & T Wireless Services, Inc. | System and method for using a temporary electronic serial number for over-the-air activation of a mobile device |
EP1424617A1 (de) * | 2002-11-26 | 2004-06-02 | Siemens Aktiengesellschaft | Verfahren zur Authentisierung und Vergebührung eines Teilnehmers eines Funknetzes |
EP1662832A1 (en) * | 2004-11-30 | 2006-05-31 | Axalto SA | Preservation of the continuity of service in a telecommunications network |
Also Published As
Publication number | Publication date |
---|---|
DE202006015366U1 (de) | 2007-01-11 |
BG65731B1 (bg) | 2009-08-31 |
HRP20060343A2 (hr) | 2008-04-30 |
HRPK20060343B3 (hr) | 2009-07-31 |
AT9472U1 (de) | 2007-10-15 |
BG109734A (en) | 2008-04-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE69111553T2 (de) | Funktelefonanlage mit gesichertem Münzfernsprechdienst. | |
EP1326469B1 (de) | Verfahren und Anordnung zur Überprüfung der Authentizität eines Dienstanbieters in einem Kommunikationsnetz | |
DE10223248A1 (de) | Verfahren zum Registrieren eines Kommunikationsendgeräts | |
WO2005046196A1 (de) | Verfahren zum betreiben eines mobilteils in einem mobilfunknetz | |
EP1264490A2 (de) | Verfahren zum festellen der authentizität der identität eines dienste-nutzers und vorrichtung zum durchführen des verfahrens | |
EP1379935A2 (de) | Verfahren zur authentifizierung eines anwenders bei einem zugang zu einem softwarebasierten system über ein zugangsmedium | |
WO2000079822A1 (de) | Verfahren und einrichtung zum zugang zu einem telekommunikationsnetz und zur abrechnung von telekommunikationsdienstleistungen | |
WO2005031667A1 (de) | Verfahren zur abwicklung einer elektronischen transaktion | |
EP0957624B1 (de) | Verfahren zur Übernahme von Anrufsgebühren in einzelnen Verbindungen sowie Telefonnetz und Endgerät | |
DE10128948A1 (de) | Verfahren zum Freischalten oder Sperren von Funktionen eines Mobilfunkendgeräts | |
WO2008028202A1 (de) | Verfahren und anlage zum freischalten einer mobilstation in einem mobilfunknetz | |
DE19818846A1 (de) | Verfahren zum Schutz vor Mißbrauch von Mobilfunkdiensten durch vervielfältigte GSM-SIM Karten | |
EP1034685B1 (de) | Verfahren zur authorisierung eines endgeräteanschlusses eines telekommunikationsnetzes | |
DE10211674B4 (de) | Verfahren zur Bereitstellung und Abrechnung von WIM-Funktionalitäten bei mobilen Kommunikationsendeinrichtungen | |
DE19738707C2 (de) | Verfahren zur Zuordnung einer für begrenzte Zeiteinheiten zur Telekommunikation in einem Telekommunikationsnetz berechtigenden Temporär-Zugangsberechtigung | |
EP1516499B1 (de) | Verfahren und vorrichtung zum aufbau einer kommunikationsverbindung zwischen einer zentrale und einem endgerät | |
DE102011009486A1 (de) | Verfahren zum Konfigurieren eines Kommunikationsgerätes sowie Kommunikationsgerät | |
WO2004070492A2 (de) | Kontrolle von kreditkarten-transaktionen | |
DE10210792B4 (de) | Verfahren und System zur Freischaltung eines kostenpflichtigen Mobilfunk- oder Online-Dienstes | |
EP1586210A1 (de) | Verfahren zum freischalten von leistungsmerkmalen in telekommunikationsgeräten mittels servicenachrichten | |
EP1179269B1 (de) | Verfahren und anordnung zur steuerung von anlagen und/oder prozessen unter mitverwendung von mobilkommunikationsnetzen | |
EP3058696B1 (de) | Verfahren zur automatischen authentifizierung eines benutzers gegenüber einem elektronischen netzwerkdienst | |
WO2005046197A1 (de) | Verfahren zum betreiben eines mobilteils in einem mobilfunknetz | |
WO2004102939A1 (de) | Netzbasierte absicherung von mehrwertdiensten gegen automatisierte verbindungen | |
DE10342065A1 (de) | Verfahren zum Erbringen eines Dienstes mittels eines Kommunikationsnetzes |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 06804357 Country of ref document: EP Kind code of ref document: A1 |
|
DPE2 | Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101) | ||
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: A20090261 Country of ref document: BY |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 06804357 Country of ref document: EP Kind code of ref document: A1 |