WO2009090428A1 - Mobile approval system and method - Google Patents

Mobile approval system and method Download PDF

Info

Publication number
WO2009090428A1
WO2009090428A1 PCT/GB2009/050029 GB2009050029W WO2009090428A1 WO 2009090428 A1 WO2009090428 A1 WO 2009090428A1 GB 2009050029 W GB2009050029 W GB 2009050029W WO 2009090428 A1 WO2009090428 A1 WO 2009090428A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
approval
over
unsecured
method
Prior art date
Application number
PCT/GB2009/050029
Other languages
French (fr)
Inventor
Vedat Demir
Original Assignee
Vodafone Group Plc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to TR08/00255 priority Critical
Priority to TR2008/00255A priority patent/TR200800255A1/en
Application filed by Vodafone Group Plc filed Critical Vodafone Group Plc
Publication of WO2009090428A1 publication Critical patent/WO2009090428A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0853Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using an additional device, e.g. smartcard, SIM or a different communication terminal
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/42User authentication using separate channels for security data
    • G06F21/43User authentication using separate channels for security data wireless channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or paths for security, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
    • H04W12/06Authentication

Abstract

Mobile Approval System and Method is a system and method providing the approval of transactions such as banking, login into sub-networks and e-questionnaire on secured GSM networks in a session-based structure realized over the Internet or similar networks, which are not secured and which require an approval. This invention uses protocols, which the Internet network supports on the unsecured Internet side and the session-based USSD service protocols operating on all mobile telephones on the SS7-based GSM network. A gateway is provided taking over the functioning of an 'Approval Server' between the Internet network and the GSM networks. With this gateway, service requests coming via the Internet network are processed by the interfaces listening to the Internet protocols of the gateway and sent to the GSM networks over USSD (Unstructured Supplementary Service Data). In the proposed method, the user is requested to enter the password or the approval of the menu into the mobile phone, so that with this action there is no need for another interface and as there is only one session open between the user and the bank, nobody else can interfere. Further, in the method proposed, as the approval mechanism is the mobile phone when shopping is realized with a credit card, others will not be able to use the credit card or the information even though they pass into the hands of others.

Description

Mobile Approval System and Method

Technical Field:

The invention relates to a system and method for providing the approval of transactions such as banking, login into sub-networks and filling in of e-questionnaires etc. on secured GSM networks in a session-based structure realized over the Internet or similar networks, which are not secured and which require an approval.

Background Technology

The internet represents an example of an unsecured network where there is little control or governance around the allocation or uses of IP addresses to identify or verify identification of an actual user. Access permission or transaction authorisation over such unsecured networks have therefore heavily relied on password/identification processes to verify an end users identity and to permit such actions or transactions. GSM Networks

In contrast, standards based mobile telecommunication networks and, in particular by way of example, the GSM (Global System for Mobile communications) network, (the technical standards for which are administered by ETSI (European Telecommunications Standards Institute) represents a secure network whereby communication between the network and a mobile device are subject to robust security protocols and each mobile device utilizes identification mechanisms which can be associated with specific users or accounts i.e. the mobile telecommunication network is able to identify the mobile device with which it is communicating and associating such device with a user or account..

However, there is no known system or method, which grants the approval of the transactions realized over unsecured networks in a session-based structure over secured GSM networks. Whilst existing approaches are known which seek to utilise the security associated with a mobile telecoms (eg GSM) network to support and/or facilitate transactions over a non secure network, such known techniques can be distinguished in two main groups, the first relating to the use of approval methods realized directly on GSM networks and approval methods, which are not application customized and session- based. Alternatively, the second group relates to transactions realized over unsecured networks (eg. Internet) whereby authentication can be secured by use of password distribution over the secured (eg GSM) nework - the passwords being sent by SMS.

For the first group, transaction authorisation can be effected and realized directly on GSM networks, examples of which are disclosed in the following patent specifications, US 6,665,529 Bl (Mills, Jr) and US 5,642,401 (Yahagi)

However, the basic differentiation achieved by the subject invention is, that whilst transactions are carried out over unsecured networks, they are authorized over secured over mobile telecommunications (eg. GSM)networks. The invention considers the problems associated with different networks having different network integrity within the system and interacts with session-based clients existing in these different networks and operates with different protocols to carry out and effect authorization over a secured GSM network..

For transactions effected by thesecond group of known techniques, transactions realized over unsecured networks can utilise passwords sent by SMS over a secured GMS (or like) network. However, these are not session-based methods and are provide clumsy solutions only for their related fields. For example, when shopping with credit cards, the target web application my request that the user identity be confirmed via a secure GMS network, preferably by requesting the users mobile details and requesting the users network verifies identification or authorisation by sending an authentication code to the users mobile telephone. However, in order to enter the password sent by SMS, again the screens on the Internet have to be used. Therefore, these systems can only operate on individual web sites of the banks and the transactions are realized over unsecured networks. Further, the application has to know, that the security code of the credit card will be send by SMS and for this purpose, extra applications have to be developed.

In the method of the patent given below, an example has been given related to the use of SMS services over the GSM network while connecting to secured servers. US 6,230,002 Bl Approaches of the prior art of the second group have been shown in Figure 1 in form of a diagram. The steps of this approach are as follows:

1. The client requests a service from the Application Web Site.

2. This request is transmitted to the GSM Network. 3. A password is sent to the mobile phone of the client over the GSM network.

4. The client enters the incoming password to the appropriate screen on the Application Web Site.

5. If the entered password is correct, the client will have received the approval and will continue the transaction.

The basic problem of the prior art to be addressed by the current invention is to effect a simple and efficient approval of transactions or other events over unsecured networks in a secured environment (such as a GSM network), by means of a session-based structure and server oriented and thus to secure the requests of the users. There is no need for an additional application development for the use of all applications existing in the proposed system.

Conversely, a simplified embodiment of an approach of the proposed invention is shown graphically in Figure 2 wherein the detailed steps of the embodiment are shown in more detail in Figure 3.

Summary of the Invention:

It is an object of the present invention to provide an improved method and arrangement for effecting secure transactions over an unsecured network.

According to a first embodiment of the present invention there is provided a method of effecting secure transactions over an unsecured network by requiring an approval step over a second, secure, network wherein approval is effected through a secured standardised mobile telecommunications network in a session based structure. Preferably, the unsecured network is the internet and the secured standardised mobile telecommunications network is a GSM network.

Usually, the transaction effected on the unsecured network uses protocols supported by that unsecured network, and the protocols used in the secured standardised mobile telecommunications network employ session-based USSD (Unstructured Supplementary Service Data) service protocols operating on mobile telephones on the SS7-based GSM network.

Preferably, the method of the invention will utilise a gateway functioning as an approval server between the internet network and GSM network, such gateway processing internet protocol authorisation requests from the internet network to enable such requests to be converted to session-based USSD service protocols to be sent over the GSM network. This is usually effected by an internet application sending an authorisation request relating to a transaction to the approval server over an internet session wherein such request is processed for transmission over the GSM network to a targeted mobile device registered on that GSM network for actioning. The method will further, preferably, comprise the step of facilitating the mobile device with a client configured to recognise such request via a USSD session and to enable the user of such device respond thereto by a second USSD session over the same GSM network, via the approval server, to the internet application.

According to an alternative form of the invention, there is provided a method of effecting secure transactions over an unsecured network by requiring an approval step over a second, secure, network wherein approval is effected through a secured standardised mobile telecommunications network in a session based structure wherein a transaction request is submitted to a network application over the unsecured network and said network application initiates an approval process over the secured standardised mobile telecommunications network in a session based structure. This approval process may first transmit an approval request to the mobile telecommunications network via a gateway between the secure and unsecured network, wherein the mobile telecommunications network then transmits the approval request over a secure network to a designated approver device securely registered to such secure network and the designated approver device is configured to effect an approval response to such request and return such approval response, via the secure network, to the gateway for onward transmission to the network application.

Preferably, the inventive method will further comprise the step of having the gateway convert the approval request from the first, unsecured network protocol, to the second, secured network protocols to enable such approval request to be transmitted over the secure network, and having the gateway convert the approval response from the second, secured network protocol, to the first, unsecured network protocols to enable such approval response to be transmitted over the unsecured network.

A preferred embodiment of the invention provides that the transaction effected on the unsecured network uses protocols supported by that unsecured network, and the secured network comprises a GSM network with the protocols used in the GSM network employing session-based USSD (Unstructured Supplementary Service Data) service protocols operating on mobile telephones on the SS7-based GSM network.

Usually, the approval request is initiated by an end user interoperating with the network application and comprises the steps of providing an identifier associated by such end user which is incorporated with the approval request, such identifier being recognisable by the secure network to enable the secure network to deliver such approval request to an approver device associated with the end user. The approver device may be a mobile telephone registered to said user or the users employer. It is important to note that the approver device does not need to be physically associated with the actual user, as it is merely a vehicle to provide approval over a secure and trusted network

According to a further embodiment of the present invention there is provided an approval system for effecting secure transactions over an unsecured network( eg the internet) by requiring an approval step over a second, secure, network wherein approval is effected through a said second secure network in a session based structure, said system comprising an unsecured network having a user facing network interface (an internet web site accessible via the internet) , a secured mobile telecommunication network (eg GSM) having at least one mobile device securely registered thereon and a gateway between said secured and unsecured networks, wherein the gateway is configured to recognise and convert an approval request from the first, unsecured network protocols, to the second, secured network protocols to enable such approval request to be transmitted over the secure network, to the mobile device for requesting approval. Preferably, the gateway is further configured to recognise and convert the approval response from the second, secured network protocol, to the first, unsecured network protocols to enable such approval response to be transmitted over the unsecured network to the network interface. As the communication in between is session-based, the subject approval system is superior in terms of its flexible and instant answering features. In some applications, these features are compulsory.

As the approval system in the proposed method is carried out directly and only over the secured GSM network instead over the Internet, the security of the transaction is granted, so that 3rd parties and other users are prevented from intervening the transaction.

GSM networks provide features enabling the direct access of user and to start the transaction by the server. Thus, the server sends the service request for approval only to the related person. Even if 3rd parties obtain this information, they will not be able to initiate the transactions of other users.

Since the device used for entering the information is a telephone, there shall be no need for any additional development in the systems applied (in the sections of application and/or telephone).

Description of the Pictures

Below attached figures show the implementation of the technique developed to reach the purpose of the invention.

Figure 1- Approval method according to the prior art, which is application customized and not session-based: The currently used mobile approval method, which is application customized and not session-based, is explained in a diagram.

Figure 2- The proposed mobile approval method according to the present invention: The proposed session-based mobile approval method is explained in this figure with reference to the following specific description.

Figure 3- The Functioning of the Mobile Approval System and its Method: schematic illustration explaining the steps of approval of the transactions over secured GSM networks in a session-based structure realized over unsecured networks. Explanation of the Invention

The Mobile Approval System and Method is a system and method providing the approval of transactions such as banking, login into sub-networks (e.g. accessing secure files held on a remote database) and e-questionnaire on secured GSM networks in a session-based structure realized over the Internet or similar networks, which are not secured and which require approval for security purposes. The specific embodiment of the invention to be described herein contains a system and a method which provides the connection between unsecured networks (herein the internet) and mobile telecommunication networks (herein, by way of preferred example) GSM networks. This system uses protocols, which the Internet network supports on the unsecured Internet side and the session-based USSD service protocols operating on all mobile telephones on the SS7-based GSM network.

Today, the Internet can offer services with a wide variety of content such as banking transactions and e-shopping to users based on high data carrying capacity. On the other hand, in comparison to the Internet network, GSM networks are superior in terms of security and coverage area and user access. Today, GSM networks cover more than 98% of the living areas.

Another important advantage of GSM network is, that it is much securer than Internet network. In a GSM network, terminal devices (telephones) are securely registered to the mobile network (through conventional registration techniques and security protocols) and a foreign (unauthorised) user cannot enter the system. A full description of the registration of users and individual devices on a mobile network is not provided herein but is introduced as common general knowledge since the security and registration processes of GSM networks can be readily referenced from publicly available resources (GSM Association, ETSI and most reference repositories). However, in summary, conventional use of SIM (subscriber identity modules), IMSI (International Mobile Subscriber Identity and MSISDN (the number uniquely identifying a subscription in a GSM or UMTS mobile network) enables a mobile device to be securely associated with a defined user within a mobile network so that a trusted and secure communication link can be established. The users in the system can be followed as they are known and can be contacted directly. By comparison, in the internet environment, users without a fixed IP address cannot be accessed directly, as the owner of the determined IP address is not known in the Internet network or the owners of applications (websites) accessible over such unsecured network. Unless a user has registered a specific account with an internet application which has been verified by alternative means, the internet site has no means to identify or trust the user requesting a transaction (the term transaction is not limited to a financial transaction, such as payment for goods, but may be a security transaction requesting access to controlled information)

The most important component of the subject invention is the gateway taking over the functioning of an "Approval Server" between the Internet network and the GSM networks. With this gateway, service requests coming over the Internet network are processed by the interfaces listening to the Internet protocols of the gateway and sent to the GSM networks over USSD (Unstructured Supplementary Service Data). USSD is the technology operating in all existing telephones being the unique application, which is session-based in GSM networks. The USSD can set up a session-based communication between the Internet network and the GSM network.

Thus, a secured approval mechanism can be established between the Internet network, which offers variety of services and the secured GSM networks. For instance, when shopping is made over the Internet, a menu can be offered to request the approval for the transaction of the shopping over the mobile phone or to enter the approval password.

Preferably, an internet application will be provided with an authorisation client which is configured, when requested to initiate a secure approval process over a secure GSM network. This may take the form of requesting the user to enter a telephone number associated with an account number for accessing certain restricted information. The authorisation client will then be configured to contact a first server associated with that account number to determine the phone number is recognised as a valid number of that account. If yes, the server will pass a session based request using standard internet protocol to a gateway server which serves to convert the authorisation request to the appropriate USSD service protocols to passed to the GSM network to be processed. The GSM network is able to identify the appropriate device associated with the entered telephone number and transmit the authorisation request to that device. Ideally, the device will have an authorisation client which is configured to recognise the authorisation request and launch an application on the mobile device allowing the device user to accept or reject such request and transmit such response back to the network through a further USSD session. This response is subsequently passed to the gateway where it is again processed to convert to the necessary internet protocols to be communicated back to the internet application. Dependent on the response, the internet application can then approve or reject the requested transaction.

This embodiment is purely by way of example. Many clear variations are possible. For example, the authorisation request may involve the user of a device being prompted to enter a code displayed on the internet application when prompted by his handset requesting authorisation. However, this is not necessary as the authoriser does not need to be the person accessing the specific internet application.

Today, the use of approval transactions of GSM networks are provided with a single use password (OTP- One Time Password), by sending a SMS to users with similar methods. In this method, the user enters the password received with an SMS into the screens, via a separate password screen into the Internet. Whereas this solution results in the fact, that the use is entirely restricted with the own Internet site of the service provider and requires the realization of the verification over the unsecured Internet platform. In the method of the proposed invention, the user is requested to enter his/her password or menu approval into the mobile phone, so that there are no other interfaces needed for the completion of the transaction. As there has been opened a session between the user and the bank, nobody else can interfere.

In the method proposed, the steps related to the functioning of the Mobile Approval System and Method have been shown graphically in Figure 3 and are in the following order:

1. The client requests a service (a request for Electronic Fund Transfer or shopping) from the Application Web Site.

2. This request reaches the Bank's Virtual Server operating under the Bank Web Server.

3. In order to get the approval of the user, the Bank sends this request received to the "Approval Server". Thus, an Internet session is opened between the "Approval Server " and the bank. 4. "The Approval Server" sends the received request to the USSD system of the GSM operator by using the USSD service protocols in order to send it to the user. 5. The alert for approval request is sent to the client over the GSM network by opening an USSD session (Here, the user can be sent an approval alert in form of a menu, which requests the approval or the entering of the approval password).

6. The client processes the incoming request (selects the option over the menu or enters the approval password).

7. The answer of the client reaches the USSD system of the GSM operator via the USSD session.

8. The operator sends this reply to the "Approval Server".

9. The 'Approval Server' returns this reply to the bank via the Internet session opened. 10. The bank returns the reply of the client to the Application Web Site, which has made the request.

11. The Application Web Site in return gives information related to the approval to the client making the request.

Whilst the specific embodiment relates to the internet and a GSM network, the invention is not so limited. The invention could apply to the implementation on any unsecured network or any standards defined (ie. Specified by an Internationally recognised Standards Setting organisation - such as ETSI or 3GPP) secure mobile telecommunication network (eg UMTS Universal Mobile Telecommunications System) and any reference herein to GMS should be construed accordingly.

In the proposed method, the user is requested to enter the password or the approval of the menu into the mobile phone, so that with this action there is no need for another interface and as there is only one session open between the user and the bank, nobody else can interfere. Further, in the method proposed, as the approval mechanism is the mobile phone when shopping is realized with a credit card, others will not be able to use the credit card or the information even though they pass into the hands of others.

Application of the Invention to the Industry

Examples of usage areas;

• Approval of banking transactions (Mobile approval) • Realization of questionnaires (As it is secure and quick)

• Access to secured sites (such as company networks or limited Internet sites)

Claims

Claims
1. A method of effecting secure transactions over an unsecured network by requiring an approval step over a second, secure, network wherein approval is effected through a secured standardised mobile telecommunications network in a session based structure.
2. A method as claimed in claim 1 wherein the unsecured network is the internet and the secured standardised mobile telecommunications network is a GSM network.
3. A method as claimed in claim 1 or claim 2 wherein the transaction effected on the unsecured network uses protocols supported by that unsecured network, and the protocols used in the secured standardised mobile telecommunications network employ session-based USSD (Unstructured Supplementary Service Data) service protocols operating on mobile telephones on the SS7-based GSM network.
4. A method as claimed in claim 3 utilising a gateway functioning as an approval server between the internet network and GSM network, such gateway processing internet protocol authorisation requests from the internet network to enable such requests to be converted to session-based USSD service protocols to be sent over the GSM network
5. A method as claimed in claim 4 wherein an internet application sends an authorisation request relating to a transaction to the approval server over an internet session wherein such request is processed for transmission over the GSM network to a targeted mobile device registered on that GSM network for actioning .
6. A method as claimed in claim 5 further comprising the step of facilitating the mobile device with a client configured to recognise such request via a USSD session and to enable the user of such device respond thereto by a second USSD session over the same GSM network, via the approval server, to the internet application.
7. A method as claimed in claim 1 wherein a transaction request is submitted to a network application over the unsecured network and said network application initiates an approval process over the secured standardised mobile telecommunications network in a session based structure.
8. A method as claimed in claim 7 wherein the approval process first transmits an approval request to the mobile telecommunications network via a gateway between the secure and unsecured network, wherein the mobile telecommunications network then transmits the approval request over a secure network to a designated approver device securely registered to such secure network and the designated approver device is configured to effect an approval response to such request and return such approval response, via the secure network, to the gateway for onward transmission to the network application.
9. A method as claimed in claim 8 further comprising the step of having the gateway convert the approval request from the first, unsecured network protocol, to the second, secured network protocols to enable such approval request to be transmitted over the secure network, and having the gateway convert the approval response from the second, secured network protocol, to the first, unsecured network protocols to enable such approval response to be transmitted over the unsecured network.
10. A method as claimed in claim 9 wherein the transaction effected on the unsecured network uses protocols supported by that unsecured network, and the secured network comprises a GSM network with the protocols used in the GSM network employing session-based USSD (Unstructured Supplementary Service Data) service protocols operating on mobile telephones on the SS7-based GSM network.
11. A method as claimed in any one of claims 8 to 10 wherein the approval request is initiated by an end user interoperating with the network application and comprises the steps of providing an identifier associated by such end user which is incorporated with the approval request, such identifier being recognisable by the secure network to enable the secure network to deliver such approval request to an approver device associated with the end user.
12. A method as claimed in claim 11 in which the approver device is a mobile telephone registered to said user.
13. An approval system for effecting secure transactions over an unsecured network by requiring an approval step over a second, secure, network wherein approval is effected through a said second secure network in a session based structure, said system comprising an unsecured network having a user facing network interface, a secured mobile telecommunication network having at least one mobile device securely registered thereon and a gateway between said secured and unsecured networks, wherein the gateway is configured to recognise and convert an approval request from the first, unsecured network protocols, to the second, secured network protocols to enable such approval request to be transmitted over the secure network, to the mobile device for requesting approval.
14. A system as claim in claim 13 wherein the gateway is further configured to recognise and convert the approval response from the second, secured network protocol, to the first, unsecured network protocols to enable such approval response to be transmitted over the unsecured network to the network interface
PCT/GB2009/050029 2008-01-15 2009-01-15 Mobile approval system and method WO2009090428A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
TR08/00255 2008-01-15
TR2008/00255A TR200800255A1 (en) 2008-01-15 2008-01-15 Mobile check system and method.

Publications (1)

Publication Number Publication Date
WO2009090428A1 true WO2009090428A1 (en) 2009-07-23

Family

ID=40513668

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2009/050029 WO2009090428A1 (en) 2008-01-15 2009-01-15 Mobile approval system and method

Country Status (2)

Country Link
TR (1) TR200800255A1 (en)
WO (1) WO2009090428A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102009060946A1 (en) * 2009-12-23 2011-06-30 Doering, Wolfram, 13469 A method for electronic communication of bank orders and communication system for practicing the method
WO2012004640A1 (en) * 2010-07-08 2012-01-12 Entersect Technologies (Pty) Ltd. Transaction authentication
WO2012134330A1 (en) 2011-03-25 2012-10-04 Общество С Ограниченной Ответственностью "Аилайн Кэмьюникейшнс Снг" Method for presenting information when conducting distributed transactions and structure for implementing same

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000003316A1 (en) * 1997-05-28 2000-01-20 Telefonaktiebolaget Lm Ericsson (Publ) A method for securing access to a remote system
WO2001017310A1 (en) * 1999-08-31 2001-03-08 Telefonaktiebolaget L M Ericsson (Publ) Gsm security for packet data networks

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000003316A1 (en) * 1997-05-28 2000-01-20 Telefonaktiebolaget Lm Ericsson (Publ) A method for securing access to a remote system
WO2001017310A1 (en) * 1999-08-31 2001-03-08 Telefonaktiebolaget L M Ericsson (Publ) Gsm security for packet data networks

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"Digital cellular telecommunications system (Phase 2); Unstructured Supplementary Service Data (USSD) - Stage 2 (GSM 03.90); ETS 300 549" ETSI STANDARDS, LIS, SOPHIA ANTIPOLIS CEDEX, FRANCE, vol. SMG3, no. Second Edition, 1 June 1996 (1996-06-01), XP014013630 ISSN: 0000-0001 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102009060946A1 (en) * 2009-12-23 2011-06-30 Doering, Wolfram, 13469 A method for electronic communication of bank orders and communication system for practicing the method
WO2012004640A1 (en) * 2010-07-08 2012-01-12 Entersect Technologies (Pty) Ltd. Transaction authentication
WO2012134330A1 (en) 2011-03-25 2012-10-04 Общество С Ограниченной Ответственностью "Аилайн Кэмьюникейшнс Снг" Method for presenting information when conducting distributed transactions and structure for implementing same
CN103688559A (en) * 2011-03-25 2014-03-26 眼界通讯有限责任公司 Method for presenting information when conducting distributed transactions and structure for implementing same
US20140141748A1 (en) * 2011-03-25 2014-05-22 Vitaliy Shamilovich Gumirov Method for presenting information when conducting distributed transactions and structure for implementing same
EP2690897A4 (en) * 2011-03-25 2015-06-03 Ltd Liability Company Eyeline Comm Cis Method for presenting information when conducting distributed transactions and structure for implementing same
US9226154B2 (en) 2011-03-25 2015-12-29 Eyeline Communications Cis, Llc. Method for presenting information when conducting distributed transactions and structure for implementing same

Also Published As

Publication number Publication date
TR200800255A1 (en) 2009-08-21

Similar Documents

Publication Publication Date Title
JP4975762B2 (en) End user authentication system, apparatus and method
CN100592827C (en) System, method and apparatus for federated single sign-on services
EP1833219B1 (en) Methods, apparatus and software for using a token to calculate time-limited password within cellular telephone
KR101137269B1 (en) Method and system for performing delegation of resources
EP1741268B1 (en) A method for verifying a first identity and a second identity of an entity
US9357384B2 (en) System and method to support identity theft protection as part of a distributed service oriented ecosystem
US6606663B1 (en) Method and apparatus for caching credentials in proxy servers for wireless user agents
US7756748B2 (en) Application of automatic internet identification methods
US7133662B2 (en) Methods and apparatus for restricting access of a user using a cellular telephone
AU2007281028B2 (en) Transaction authorisation system and method
US8510319B2 (en) Location based information for emergency services systems and methods
US20150302413A1 (en) Appartus and method to perform point of sale transactions using near-field communication (nfc) and biometric authentication
US8667579B2 (en) Methods, systems, and computer readable media for bridging user authentication, authorization, and access between web-based and telecom domains
EP2359570B1 (en) Process for providing network access for a user via a network provider to a service provider
EP1834465B1 (en) Remote access system and method for enabling a user to remotely access a terminal equipment from a subscriber terminal
US20070055785A1 (en) Location based authorization of financial card transactions systems and methods
CN101473670B (en) Method and system for controlling access to networks
US20070053306A1 (en) Location based rules architecture systems and methods
US20070015492A1 (en) Methods and apparatus for restricting access of a user using a cellular telephnoe
CN100469000C (en) System and method for creating a secure network using identity credentials of batches of devices
US8752125B2 (en) Authentication method
CN102301642B (en) Transaction authentication security
US20030084288A1 (en) Privacy and identification in a data
US7788711B1 (en) Method and system for transferring identity assertion information between trusted partner sites in a network using artifacts
US20030084171A1 (en) User access control to distributed resources on a data communications network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09702692

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct app. not ent. europ. phase

Ref document number: 09702692

Country of ref document: EP

Kind code of ref document: A1