WO2008028202A1 - Verfahren und anlage zum freischalten einer mobilstation in einem mobilfunknetz - Google Patents

Verfahren und anlage zum freischalten einer mobilstation in einem mobilfunknetz Download PDF

Info

Publication number
WO2008028202A1
WO2008028202A1 PCT/AT2006/000429 AT2006000429W WO2008028202A1 WO 2008028202 A1 WO2008028202 A1 WO 2008028202A1 AT 2006000429 W AT2006000429 W AT 2006000429W WO 2008028202 A1 WO2008028202 A1 WO 2008028202A1
Authority
WO
WIPO (PCT)
Prior art keywords
mobile station
authorization server
subscriber identifier
time
mobile
Prior art date
Application number
PCT/AT2006/000429
Other languages
German (de)
English (en)
French (fr)
Inventor
Jens Müller
Original Assignee
Mobilkom Austria Aktiengesellschaft
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mobilkom Austria Aktiengesellschaft filed Critical Mobilkom Austria Aktiengesellschaft
Publication of WO2008028202A1 publication Critical patent/WO2008028202A1/de

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3223Realising banking transactions through M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • G06Q20/3263Payment applications installed on the mobile devices characterised by activation or deactivation of payment capabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/26Network addressing or numbering for mobility support
    • H04W8/265Network addressing or numbering for mobility support for initial activation of new user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/61Time-dependent

Definitions

  • the invention has the goal to provide an automatable, inexpensive and at the same time secure method for unlocking mobile stations in a mobile radio network.
  • This object is achieved by a method of the kind mentioned in the opening paragraph, which is characterized by the steps of: a) receiving the subscriber identifier of a mobile station in the authorization server and setting the authorization status of this mobile station to enabled for a predetermined period of time; b) receiving a first activation request comprising a subscriber identification and an account identification in the authorization and if the predetermined period of time has not yet expired, generating an activation code associated with this subscriber identifier and sending the account identifier and the activation code as part of a billing request to the banking network; c) receiving a second unlock request comprising a subscriber identifier and an unlock code in the entitlement server and, if the subscriber identifier and unlock code are associated with each other and the predetermined period of time has not expired, setting the entitlement status of that mobile station to unlocked.
  • the mobile station is already “provisionally” (temporarily) enabled during said predetermined period of time, so that it can be operated immediately in the mobile radio network, eg, for telephoning, and at the same time, by limiting the activation to the predetermined time interval in the case Failed checks minimize billing risk without the need for time-consuming and costly manual intervention.
  • a first preferred embodiment of the method according to the invention is characterized in that the authorization status is blocked during the predetermined period of time is reset when a preset operating limit for operation in the mobile network is exceeded.
  • the predetermined operating limit thus represents a kind of "credit" for the operation of the mobile station within the predetermined period of time ("pre-paid"), which increases the billing security even further. If the operating limit is exceeded, the mobile station can still be released until the expiry of the predetermined period of time by initiating steps b) and c).
  • step a) additionally comprises the generation and transmission of a transaction code associated with the subscriber identifier to the mobile station via the mobile network, the first activation request additionally comprising a transaction code, and in step b), only if received ( r) Transaction code and subscriber identification are assigned to each other and the predetermined period of time has not expired, the activation code generated and sent to the banking network.
  • the reception in steps b) and c) takes place via the Internet. This represents a simple and convenient way for the user to transmit the activation requests. - A -
  • the invention has the goal of creating an automated, cost-effective and at the same time secure system for activating mobile stations in a mobile radio network.
  • This object is achieved with a system of the kind mentioned in the introduction, which according to the invention is characterized in that the authorization server receives the subscriber identity of a mobile station and sets the authorization status of this mobile station to enabled for a predetermined period of time; that the authorization server, upon receipt of a first activation request comprising a subscriber identifier and an account identifier, if the predetermined period of time has not expired, generates an activation code assigned to this subscriber identifier and sends the account identifier and the activation code to the banking network as part of a charging request; and that the authorization server upon receipt of a second activation request comprising a subscriber identifier and an activation code, if the subscriber identifier and activation code are assigned to each other and the predetermined period of time has not yet expired, set the authorization status of this mobile station to enabled.
  • the invention is based on a sophisticated combination of several measures, which together ensure that a personal verification of the billing identity of the user of the mobile station for their activation is no longer required and yet billing security is guaranteed, so that results in an automatable, cost-effective and highly secure isolation system.
  • the transmission of the subscriber identifier ensures an unambiguous assignment of mobile station and user to be unlocked; and sending the unlock code through the banking network and checking the unlock code before the definitive unlock ensures that the user specified billing identity exists and has access thereto.
  • the mobile station is already “provisionally” released temporarily during said predetermined period of time, so that it can be operated immediately in the mobile radio network, eg, for telephoning, and at the same time, by limiting the activation to the predetermined period in the case Failed checks minimize the billing risk without the need for time-consuming and costly manual intervention.
  • This embodiment is particularly well-suited for an on-line delivery of the first unlock request detached from the mobile station.
  • Checking the transaction code also ensures that the user requesting the activation is actually in the physical possession of the mobile station if not used to send the activation request.
  • the safety of the system according to the invention is thereby further increased.
  • the first and the second activation request each also include the specification of a user password and the authorization server only activates the mobile station if the specified user passwords match. This can further increase the security of customer identification.
  • a mobile station MS transmits its subscriber identity ID to an authorization server TC in a mobile radio network.
  • the authorization server TC manages the authorization state "stat" of each mobile station MS in the mobile network and is able to set it from "locked” to "free", as known in the art MS in the locked state - with the exception of the dialing of specific emergency numbers or just this initial call to the authorization server TC - neither make / receive calls, send / receive short messages nor send / receive data packets, while in the unlocked state all this is enabled.
  • the mobile station MS may be any mobile terminal known in the art, for example a mobile telephone, a PDA, a portable computer, etc.
  • the mobile radio network may also be of any type, for example GSM standard, UMTS standard, etc.
  • the authorization server TC the mobile network may consist of one or more distributed over the mobile network hardware or software units, as known in the art; For example, the authorization server TC can also access the home location register (HLR) of a GSM network. Access network for storing the authorization status of mobile stations.
  • HLR home location register
  • the subscriber identifier ID of the mobile station can also be of any type, for example a unique telephone number or device identifier.
  • the subscriber identifier ID used is preferably an IMSI identifier stored on the SIM card of the mobile station.
  • the authorization server TC thereupon generates-immediately or optionally only later on a separate request "req- TAN (ID)" of the user U - a transaction code TAN assigned to the subscriber identifier ID and sends it back to the mobile station MS via the mobile radio network.
  • the authorization server TC Upon receipt of the initial call "call (ID)", the authorization server TC sets the authorization status "stat ⁇ " of the mobile station MS to "free", namely for a predetermined time period T.
  • the time period T is, for example, 2 to 6 weeks, preferably 4 weeks.
  • the authorization server TC grants the mobile station MS a predetermined operating limit for the operation during the predetermined period of time T, for example a credit on call minutes, a quantity of sendable short messages or data packets etc. If this operating limit is exceeded within the time period T, the authorization status becomes the mobile station MS back to locked ("lock") reset.
  • the authorization server TC Also exceeding the predetermined operating limit during the period T can be communicated from the authorization server TC: "You have no more call minutes / text message. To be able to continue calling, log in! "The transaction code TAN, the reminder reminders and the operating limit violation warning can be sent to the mobile station MS via the mobile network in any manner, for example, as voice messages, preferably as short messages, eg SMS in the case of a GSM network.
  • a user U at the mobile station MS transmits the previously - if necessary to the optional separate request "req TAN (ID)" - received transaction code TAN together with the subscriber identifier ID and an account identifier KTO in the form a first unlock request "unlocki (ID, TAN, KTO)" to the authorization server TC.
  • the unlock request may include a user-selected user password PW.
  • Receiving the first unlock request "unlocki" in the authorization server TC can take place via any communication channel, for example from the mobile station MS via the mobile network, but preferably from an Internet terminal PC of the user U via the Internet, of which the optional previous request "reqTAN (ID) "can be discontinued.
  • the unlocking request "unlocki” could also be transmitted by the user U by telephone to a call center agent, who can forward these via the Internet terminal.
  • PC sends to the authorization server TC or enters directly into this or its network.
  • the account identification KTO transmitted in the activation request "unlocki” refers to a clearing account of the user U in a banking network B, via which the operation of the mobile station MS in the mobile radio network can be charged for the user U.
  • the authorization server TC checks on receipt of the activation request " unlocki ", if the received subscriber identifier ID and / or account identifier KTO are in a black list, if so, the activation request is ignored.
  • the authorization server TC If the subscriber identifier ID received in step b) and the received transaction code TAN are assigned to each other and, moreover, the predetermined time period T has not yet elapsed, the authorization server TC generates a clear activation code COD associated with the subscriber identifier ID and sends the account identifier KTO and the activation code COD in the context of a billing request "batch (KTO, COD)" to the banking network B.
  • the activation code COD can for example consist of a customer identifier of the user U and a sequential booking number of the current billing request "batch".
  • the generation and transmission of the transaction code TAN in step a) and receiving and checking the transaction code TAN in step b) omitted because here the identification of the sender of the activation request "unlocki" is already ensured by the subscriber identifier ID of the calling mobile station MS.
  • the billing request "batch" is preferably selected so that it only debits the account with the account identifier KTO with a small amount, for example 10 cents.
  • the release code COD is transmitted as part of the booking record. u.zw. in any case so that it appears readable on the clearing account KTO of the user U for this.
  • the billing request "batch (KTO, COD)" to the bank network B fails and accordingly no booking will be displayed to the user U, so that this The activation of the method with step c) is therefore not possible and the mobile station MS would be blocked after the expiry of the predetermined time period T.
  • the banking network B can notify the authorization server TC of the success of the booking (not shown), and the authorization server TC can send to the user U a success message "ok", for example in the form of an e-mail to the Internet terminal PC, if the user U specified an email address at the first unlock request "unlocki".
  • a success message "ok” can also be sent to the mobile station MS, for example in the form of an SMS message Since the activation of the mobile station MS has not yet been completed, the authorization server TC continues to transmit "remind" remotely reminders to the mobile station MS.
  • step c) the user U sends a second activation request "unlock 2 (ID, COD) ⁇ to the authorization server TC, which contains the subscriber identifier ID and the activation code COD obtained via the banking network B.
  • the authorization server TC checks whether the received subscriber identifier ID and the received activation code COD are assigned to each other and the predetermined period of time T has not yet expired, and if so, if so, the request for authorization UnIoCk 2 also includes the specification of the previously selected user password PW User password PW matches that specified in the first unlock request, and then sets the permission state "Stat ⁇ the mobile station MS unlocked (" free ⁇ ).
  • the (temporary) activation of the period T is completed.
  • the mobile station MS is now enabled for normal operation in the mobile radio network, for example, the further billing of the operation of the mobile station MS can be carried out in a conventional manner in retrospect ("post-paid"), possibly from the preceding pre-paid Phase remaining credit will be credited.
  • post-paid retrospect
  • step c If the verification of the subscriber identifier ID and the activation code COD (as well as the optional password PW) fails in step c), the authorization status "stat ⁇ remains enabled for the predetermined time period T, but the activation ends when the time period T.
  • the authorization server TC can send success messages "ok" to the mobile station MS and / or the Internet terminal PC of the user U.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Finance (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)
PCT/AT2006/000429 2006-09-05 2006-10-20 Verfahren und anlage zum freischalten einer mobilstation in einem mobilfunknetz WO2008028202A1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ATGM657/2006 2006-09-05
AT0065706U AT9472U1 (de) 2006-09-05 2006-09-05 Verfahren und programmlogik zum freischalten einer mobilstation in einem mobilfunknetz

Publications (1)

Publication Number Publication Date
WO2008028202A1 true WO2008028202A1 (de) 2008-03-13

Family

ID=37681525

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AT2006/000429 WO2008028202A1 (de) 2006-09-05 2006-10-20 Verfahren und anlage zum freischalten einer mobilstation in einem mobilfunknetz

Country Status (5)

Country Link
AT (1) AT9472U1 (hr)
BG (1) BG65731B1 (hr)
DE (1) DE202006015366U1 (hr)
HR (1) HRPK20060343B3 (hr)
WO (1) WO2008028202A1 (hr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102007059252A1 (de) * 2007-12-07 2009-07-30 T-Mobile Internationale Ag Verfahren zur einfachen online Aktivierung für SIM Karten mit Datennutzung

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6064879A (en) * 1994-01-10 2000-05-16 Fujitsu Limited Mobile communication method, and mobile telephone switching station customer management system, and mobile unit for implementing the same
US6124799A (en) * 1995-12-12 2000-09-26 Bellsouth Intellectual Property Corporation Methods and apparatus for locking communications devices
US6393270B1 (en) * 1996-10-11 2002-05-21 Bellsouth Intellectual Property Corp. Network authentication method for over the air activation
WO2002058361A2 (en) * 2000-11-07 2002-07-25 At & T Wireless Services, Inc. System and method for using a temporary electronic serial number for over-the-air activation of a mobile device
EP1424617A1 (de) * 2002-11-26 2004-06-02 Siemens Aktiengesellschaft Verfahren zur Authentisierung und Vergebührung eines Teilnehmers eines Funknetzes
EP1662832A1 (en) * 2004-11-30 2006-05-31 Axalto SA Preservation of the continuity of service in a telecommunications network

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6064879A (en) * 1994-01-10 2000-05-16 Fujitsu Limited Mobile communication method, and mobile telephone switching station customer management system, and mobile unit for implementing the same
US6124799A (en) * 1995-12-12 2000-09-26 Bellsouth Intellectual Property Corporation Methods and apparatus for locking communications devices
US6393270B1 (en) * 1996-10-11 2002-05-21 Bellsouth Intellectual Property Corp. Network authentication method for over the air activation
WO2002058361A2 (en) * 2000-11-07 2002-07-25 At & T Wireless Services, Inc. System and method for using a temporary electronic serial number for over-the-air activation of a mobile device
EP1424617A1 (de) * 2002-11-26 2004-06-02 Siemens Aktiengesellschaft Verfahren zur Authentisierung und Vergebührung eines Teilnehmers eines Funknetzes
EP1662832A1 (en) * 2004-11-30 2006-05-31 Axalto SA Preservation of the continuity of service in a telecommunications network

Also Published As

Publication number Publication date
DE202006015366U1 (de) 2007-01-11
BG65731B1 (bg) 2009-08-31
HRP20060343A2 (hr) 2008-04-30
HRPK20060343B3 (hr) 2009-07-31
AT9472U1 (de) 2007-10-15
BG109734A (en) 2008-04-30

Similar Documents

Publication Publication Date Title
DE69111553T2 (de) Funktelefonanlage mit gesichertem Münzfernsprechdienst.
EP1326469B1 (de) Verfahren und Anordnung zur Überprüfung der Authentizität eines Dienstanbieters in einem Kommunikationsnetz
DE10223248A1 (de) Verfahren zum Registrieren eines Kommunikationsendgeräts
WO2005046196A1 (de) Verfahren zum betreiben eines mobilteils in einem mobilfunknetz
EP1264490A2 (de) Verfahren zum festellen der authentizität der identität eines dienste-nutzers und vorrichtung zum durchführen des verfahrens
EP1379935A2 (de) Verfahren zur authentifizierung eines anwenders bei einem zugang zu einem softwarebasierten system über ein zugangsmedium
WO2000079822A1 (de) Verfahren und einrichtung zum zugang zu einem telekommunikationsnetz und zur abrechnung von telekommunikationsdienstleistungen
WO2005031667A1 (de) Verfahren zur abwicklung einer elektronischen transaktion
EP0957624B1 (de) Verfahren zur Übernahme von Anrufsgebühren in einzelnen Verbindungen sowie Telefonnetz und Endgerät
DE10128948A1 (de) Verfahren zum Freischalten oder Sperren von Funktionen eines Mobilfunkendgeräts
WO2008028202A1 (de) Verfahren und anlage zum freischalten einer mobilstation in einem mobilfunknetz
DE19818846A1 (de) Verfahren zum Schutz vor Mißbrauch von Mobilfunkdiensten durch vervielfältigte GSM-SIM Karten
EP1034685B1 (de) Verfahren zur authorisierung eines endgeräteanschlusses eines telekommunikationsnetzes
DE10211674B4 (de) Verfahren zur Bereitstellung und Abrechnung von WIM-Funktionalitäten bei mobilen Kommunikationsendeinrichtungen
DE19738707C2 (de) Verfahren zur Zuordnung einer für begrenzte Zeiteinheiten zur Telekommunikation in einem Telekommunikationsnetz berechtigenden Temporär-Zugangsberechtigung
EP1516499B1 (de) Verfahren und vorrichtung zum aufbau einer kommunikationsverbindung zwischen einer zentrale und einem endgerät
DE102011009486A1 (de) Verfahren zum Konfigurieren eines Kommunikationsgerätes sowie Kommunikationsgerät
WO2004070492A2 (de) Kontrolle von kreditkarten-transaktionen
DE10210792B4 (de) Verfahren und System zur Freischaltung eines kostenpflichtigen Mobilfunk- oder Online-Dienstes
EP1586210A1 (de) Verfahren zum freischalten von leistungsmerkmalen in telekommunikationsgeräten mittels servicenachrichten
EP1179269B1 (de) Verfahren und anordnung zur steuerung von anlagen und/oder prozessen unter mitverwendung von mobilkommunikationsnetzen
EP3058696B1 (de) Verfahren zur automatischen authentifizierung eines benutzers gegenüber einem elektronischen netzwerkdienst
WO2005046197A1 (de) Verfahren zum betreiben eines mobilteils in einem mobilfunknetz
WO2004102939A1 (de) Netzbasierte absicherung von mehrwertdiensten gegen automatisierte verbindungen
DE10342065A1 (de) Verfahren zum Erbringen eines Dienstes mittels eines Kommunikationsnetzes

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 06804357

Country of ref document: EP

Kind code of ref document: A1

DPE2 Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: A20090261

Country of ref document: BY

122 Ep: pct application non-entry in european phase

Ref document number: 06804357

Country of ref document: EP

Kind code of ref document: A1