WO2014014369A1

WO2014014369A1 - Method of secure wireless data transmission between peripheral devices of a computer system and a portable communications device with a display, especially between an isolated journalling file system and the portable communications device of a user

Info

Publication number: WO2014014369A1
Application number: PCT/PL2012/000058
Authority: WO
Inventors: Marcin SZARY; Krysztof TOKARCZYK; Anna FUK
Original assignee: Popla Sp. Z O.O.
Priority date: 2012-07-19
Filing date: 2012-07-30
Publication date: 2014-01-23
Also published as: PL400043A1

Abstract

The subject of the invention is the method of secure wireless data transmission between the peripheral devices of a computer system and a portable communications device with a display, especially between an isolated journalling file system and a portable communications device of the user, with the use of electromagnetic waves emitted by the aerials of the transceivers with a unique MAC number. The data exchange happens wirelessly in the FB space shielded from the external electromagnetic radiation, preferably in the frequency range from 6,5 MHz to 244 GHz, in which there are elements of peripheral units of the computer system with the portable communications device. During the transmission, within the distance up to 15 centimetres, a portable communications device after logging to the computer system exchanges data with more than one aerial of the transceivers with a unique MAC number. Optionally, the computer system for an authorised single communications device, which preferably is a mobile phone or a tablet, initiates emissions of several independent of each other aerials of transceivers with unique MAC numbers, of the range of the effective emission up to 15 centimetres, the data from which are displayed simultaneously or in turn on the display of the logged communications device and from which the user chooses at least one source of the data emission or rejects all of them. The transceiver, preferably a laser code reader, of an isolated journalling file system, reads the code from the logged communications device, preferably reads the code from the mobile phone display, the code which has previously been received from one of the several transceivers, and then it saves the data in the database memory cells determined by the unique MAC number of the user's communications device. Optionally, the journalling file system sends to the computer system, through the transceivers, the data changing the state of the used code, preferably in the codebase available to the user. The image of the display of the portable communications device is transmitted outside the FB space, preferably through the optical fibre onto the external display. Preferably, the chosen external GSM, Bluetooth, NFC, Wi-Fi and/or RFID signals are retransmitted to the FB space or in the FB distance. Optionally, from the FB distance the chosen GSM, Bluetooth, NFC, Wi-Fi and/or RFID signals are retransmitted outside the FB distance.

Description

METHOD OF SECURE WIRELESS DATA TRANSMISSION BETWEEN PERIPHERAL DEVICES OF A COMPUTER SYSTEM AND A PORTABLE COMMUNICATIONS DEVICE WITH A DISPLAY, ESPECIALLY BETWEEN AN ISOLATED JOURNALLING FILE SYSTEM AND THE PORTABLE COMMUNICATIONS DEVICE OF A USER

The subject of the invention is the method of secure wireless data transmission between the peripheral devices of a computer system and a portable communications device with a display, especially between an isolated journalling file system and the portable communications device of a user.

The current usable technology enables user identification wirelessly, with the use of many various technologies. These can be mobile phone interfaces or other specialised devices. Currently there are at least a few wireless methods of communication, which ensures adequate standards enabling secure user identification. These are Bluetooth, NFC, Wi-Fi, RFID technologies.

However, only a few of them can be used for user identification, because many implementations will not allow the used system, among other things, to depend on open- access devices, or there are no adequate protections allowing the right security level. In consequence, the costs of entering the technology and its later implementation are too high. Also the lack of protections does not allow to use it in professional solutions. Considering the existing allocation of frequency bands for the civil communication, it is known that those frequencies which are now not reserved should be used. ISM frequencies (Industrial, Scientific, Material) are bands initially designated to be used by the industry, scientific and medical environments. Nowadays using these bands does not require any special licences or authorisations. They are available for any initiative wanting to use them. There are only limitations concerning the transmission power which the working device emits. The above-mentioned bands are used, among other things, for the needs of wireless computer networks Wi-Fi, proximity cards, Bluetooth, mobile networks, cordless landline network and, for example, in cordless headphones. ISM frequency range accepted in Poland

From To Availability

6.765 MHz 6.795 MHz

13.553 MHz 13.567 MHz RFID, NFC

26.957 MHz 27.283 MHz

40.66 MHz 40.70 MHz

2.400 MHz 2.483 MHz Microwave ovens, Wi-Fi, Bluetooth, RFID

5.725 MHz 5.875 MHz Wi-Fi, RFID

24.000 MHz 24.250 MHz

61.00 GHz 61.50 GHz

122.00 GHz 123.00 GHz

244.00 GHz 246.00 GHz

Another chance for changing the information value included in the remote resources, on the basis of authorisation verification, may be the biometric analysis. It includes, among others, the assessment of individual face features, papillary ridges, the iris, the voice and the like. As they are wireless, the voice and the iris are the most frequently analysed. Biometric identifiers are individual in the whole human kind, usually invariable with time and resistant to temperature change and many other limitations which endanger computer methods.

From My Way instruction v. POL.09AC4.0160, Automobiles Citroen, for Citroen C5, the method of pairing the portable GSM phone with the Bluetooth function turned on with the computer system installed in the car is known. On the display of the computer system of the car, after choosing the function 'search for the phone', the devices with the function Bluetooth turned on are shown, the devices whose signal is strong enough to be received by the aerial of the computer system installed in the car. It can be a signal of the user's phone inside the car or a close distance outside the car, as well as in a car nearby. After choosing the specific phone identified by the name displayed, the computer system generates and emits a code which is displayed on the phone's display. The phone user, wanting to use the two-way data transmission between the portable phone and the computer system, especially from the synchronisation of the address book, dial list or conversation by the car microphone and loud speaker set, synchronised with the function of turning down the radio while on the phone in the car, enters the code from the phone's keyboard and confirms it. In this way the Bluetooth connection of the computer system in the car is paired with the GSM phone of the user. If the user moves away with the GSM phone from the car into the distance of more than the range of the effective propagation of the electromagnetic waves of at least one of the Bluetooth transceivers, the connection will break. Every time, at the approach of the user with the paired phone with the Bluetooth function turned on into the range of the signal emitted by the transceiver of the computer system of the car, automatically and without the need of any other action by the GSM phone user, the renewed authentication of the phone happens. The driver driving the car with My Way system can also talk on the phone and dial numbers on the car panel, which are connected through the paired GSM phone left in the bag placed in the boot or through the paired GSM phone of the user from a car nearby.

The methods of information exchange between the moving end device of the user and stationary transceiver within the range of the reception of the radio receivers of close range, are known from WO 02/078381A1, US 20030114104A1 and US 20030110216A1 descriptions, wherein the devices in the reception range are identified in relation to their manufacturers and types of devices and on the basis of this identification the chosen materials are sent in the reception area.

In the patent description EP 1819106 the method of exchanging information between the moving user's end device, especially a mobile phone, PDA, pocket computer or portable PC, netbook from the collection of these end devices, and, preferably, the whole stationary transceiver is described, while the information exchange depends on the user's manipulation, which enables the transceiver to transmit the information from the transceiver to the specific mobile end transmitting device, so that the acceptance sphere, within the range of the transceiver in the distance independent of the X distance from the transceiver, is established, wherein the transmission of the information from the transceiver of the mobile end device happens depending on the relation between the X distance and the Y distance of the mobile end device from the transceiver, and thanks to the tagging used, it is possible for the user to identify the presence of the mobile device in the acceptance area; using the sensor of the level of the transceiver, the radio level of the mobile end device is determined within the range of the transceiver, the limit value of the level is assigned, which matches the X distance and with the use of the analysing unit of the transceiver there appears an indication if the measured actual value of the radio level exceeds the back value of the level or not. The X distance is derived from the radio- technical parameters of the mobile end devices. The radio-technical parameter is the level of intensity of the radio field of the mobile end device, which is measured in the transceiver. The information transmission between the mobile end device and the transceiver happens on the short-band radio distance, especially by Bluetooth. In the characterisation of the Bluetooth requirements the specification for Bluetooth version 1.2 (with RSSI) is used. The information from the transceiver is transmitted to the mobile end device if the mobile end device in the past at least once was closer than the X distance. Then the transmission happens automatically, without creating the personal identification profile and without registration.

Bluetooth is an open technology of the wireless short distance communication. It works in the frequency range from 2.4 to 2.48 GHz. Interfaces working in this standard are built in or placed as extension cards in most of today's portable devices. They are used, among other things, in peripheral devices such as a keyboard, a computer mouse, graphic tablets, a laptop, a smartphone, game consoles. To differentiate between the needs of particular devices there are three classes of the broadcasting power:

- class 1 is the power of 100 m W and the maximum range up to 100 metres;

- class 2 is the power of 2.5 m W and the maximum range up to 10 metres. It is the most frequently used class and it is mainly used for communication in the range of medium distances in the devices such as wireless headphones for mobile phones, remote controls and controllers for TV sets, game consoles and for the synchronisation of GSM mobile phones;

- class 3- 1 m W with the range up to 5 metres.

Throughout the years, there have been many versions of Bluetooth standard but only four of them are effectively used as the ones which define subsequent upgrades on the offered list. They differ in the speed of data transmission, functionality and power consumption. They are as follows:

- version 1.2 - it enables the transmission with the flow capacity of up to 1 Mbit/s (practical 0.7 Mbit/s), practically the first, stable version; - version 2.0 - it enables the transmission with the flow capacity of up to 3 Mbit/s (practical 2.1 Mbit/s), supporting the decreased use of the energy for the devices, which is a substantial change owing to the mobile character of the Bluetooth transceivers;

- version 3.0 - it enables the transmission with the flow capacity of up to 24 Mbit/s with the cooperation with the WiFi network and using the WiFi network to transmit the actual data, wherein Bluetooth is used for controlling data transmission, that is so called negotiations and making the call;

- version 4.0 - similarly to the version 3.0, it enables the use of the WiFi network to transmit the actual data, while Bluetooth is used for controlling data transmission (negotiations and making the call);

In the Bluetooth standard there is a list of profiles, so called functionalities, which have to be supported by the device so that it could be certified as compatible with Bluetooth. There are about 30 of them, however, those functionalities which describe the most important ones and are most frequently used are:

- GAP (Generic Access Profile) as the basic profile - it determines the basic modes of work for Bluetooth and the access procedures, as well as the methods of routing calls between devices;

- SDAP (Service Discovery Application Profile) - is responsible for identifying the list of available services on other devices, which is established while making the connection between devices;

- SPP (Serial Port Profile) - is responsible for the emulation of connections which use serial port through the radio links;

- HP (Headset Profile) - is the profile providing routing the wireless connection and having the role of the output and input device for the sound signals sent from the matched Bluetooth devices wanting to send sound, for example wireless headphones;

- DUN (Dial-up Networking Profile) - as the profile which makes it possible to provide access to the Internet for the computer through the mobile phone which has a modem, mainly to create configuration phone (treated as a modem) - computer to work with the Internet outdoors;

- FP (Fax Profile) as the profile making it possible to use fax services offered by Bluetooth - GEOP (Generic Object Exchange Profile) as the main profile defining the serial transmission consisting of exchanging objects of various types between devices, on which all the applications base, which allows the synchronisation, among other things, between computers and mobile phones, with the use of the client - server architecture;

- OPP (Object Push Profile) as the profile of sending objects, and it is different from GEOP in that it can initiate sending and receiving data, wherein it is impossible to view them like in the previous case, e.g. serves, among other things as a way of exchanging business cards (vCard);

- FTP (File Transfer Profile) is the profile which enables the file transfer by the wireless link Bluetooth, with the possibility to browse the list of servers within the network's range and operate the file transfer, look through their resources, copy in both directions, create and delete objects;

- PAN (Personal Area Networking Profile). The profile describes how devices can create ad hoc network. The mechanism can be used to access the remote network through the network access point. The profile determines also the access point in the ad hoc network, the ad hoc network and the personal network user.

There are also a few profiles directed mainly at the tasks of operating the audiovisual equipment. These are GAVDP (Generic Audio/Video Distribution Profile), A2DP (Advanced Audio Distribution Profile), VDP (Video Distribution Profile), AVRCP (Audio/Video Remote Control Profile) profiles which are responsible, among other things, for sending audio and video streams to TV headphones, mono sound and stereo sound transmission of high quality, audiovisual transmission to the portable player or from the camcorder to the TV, remote control of the devices, for example a TV remote control.

The subsequent profiles have a more industrial application. HCRP (Hard Copy Cable Replacement Profile), HFP (Hands-Free Profile), HID (Human Interface Device Profile), SAP (SIM Access Profile) profiles used for wireless printing in the remote printers which have Bluetooth, operating devices in a hands-free mode (car Bluetooth set), using keyboards, console controllers and other pointing devices, and they also allow the devices such as car phones with the built-in GSM transceiver, to connect with the SIM card in the phone equipped with a Bluetooth connection, eliminating the need for rearranging SIM cards between GSM phones.

The architecture of the Bluetooth system bases on a slave - master set, which can be met in most implementations of electronic systems, based on the commutation of the links used for data transmission. A piconet can consist of the managing node type master and up to 7 nodes managed by the main node, which are of a slave type. Owing to the infrastructural design, there can be many networks in one area. Those piconets can be linked with each other with the node type bridge, creating a bigger infrastructure with a relatively big possibility as far as covering the surface is concerned. Such a juxtaposition is called a scatternet. Apart from seven subordinated nodes, a piconet can include up to 255 nodes, which are synchronised with the main node, wherein they are in the low power consumption mode and awaiting and they do not take part in the data exchange. Their task is to remain in the state of low power consumption and wait for the activation signal from the node of a master type. The Bluetooth's architecture allows only the master-slave transmissions. The data transmission between two slave nodes is not possible either.

Every device in the "visible" mode makes the following data concerning itself public: the name of the device, for example Nokia 63 lOi, iPhone (John Smith) etc, the class of the device, the list of the functionalities available, technical information, such as the device's potential, the device's producer and the version of the Bluetooth implementation, the value of the internal clock to synchronise. The connection request with the use of target address, because every device has its unique 48-bit device address, will be accepted and the device will allow the check of the data indicated above (the name, the class of the device, the list of functionalities etc). Thanks to that, many Bluetooth devices are able to send their private data, making it possible to have the control over the device available, making available the internet access wirelessly. Because of security aspects, the devices require unambiguous identification, to irrefutably determine if the node attempting the connection is authorised and if taking over the control should be made possible for it. On the other hand, from Bluetooth devices the simplicity of service is required, so that they could make a connection on their own, as soon as they are again in range. Its aim is to automatise the processes. To make it possible, Bluetooth uses a process called bonding. It is created during the process of pairing devices. It enables the creation of a connection which during the creation requires confirmation of the fact the the two devices "know each other". Its aim is to make sure that an unwanted "trusted" connection will not happen. It could have negative consequences in the case of transmitting sensitive data between the Bluetooth transceivers. For the same reasons, bondings do not have a permanent character and can be removed by the user later.

During the process of pairing, two devices decide between each other the dependence by creating a shared, secret key known as a link key. In case the key is stored on both devices, it can be claimed that they are bonded or paired. A device, which should communicate only with bonded devices, can use cryptography to see if it connects again with the same Bluetooth node. The moment the link key is generated, wireless links between the nodes may be encrypted to prevent eavesdropping on the transmitted data. Generally, Bluetooth services require either ciphering or authentication, to allow their functionalities. Some of them, however, do not require either ciphering or authentication because their function is rather publicity (e.g. Object Push Profile).

The mechanism of pairing devices itself is relatively easy. It can be done on the basis of PIN codes. To route the connection one has to give the same PIN code in both connected devices. There are some implementations of this type of pairing. There are Bluetooth headsets, which have only one specific PIN, usually "0000" or "1234". More complicated numerical codes for simple Bluetooth devices are also used, and they contain up to 16 digits. The safest are smart phones and computers, which allow alphanumeric passwords. To simplify, and at the same time secure in a better way, SSP procedures (Secure Simple Pairing) have been invented. They require Bluetooth 2.1 version or higher. They use those makes which base on the form of cryptography of the public key, the makes which automatically connect but require from the user the confirmation of the desire for pairing and are used for the needs of simple Bluetooth headphones. A more sophisticated method is a scheme, in which on the paired devices 6 digits appear, which are compared by the user on both devices and their compatibility is confirmed by the choice options "Yes/No" on the display of the compatible devices. As opposed to the previous case, this method is MITM attack resistant (Man In the Middle) assuming the correct code verification by the person operating the devices. An even more advanced method of securing pairing of Bluetooth devices is the method in which on the display of one of the devices 6 digits appear, which in turn must be copied to the other device. The second option is to enter a compatible code to both devices. There is also the last option, where the authentication itself is done in a different way than Bluetooth and is indispensable to confirm data required to pair the devices. This approach is relatively easy because it does not require from the user the password generation and for the cases where there is no danger of an MITM attack, the necessity of the user's intervention was eliminated. Also numerical comparison of digit sequences is simple for the person who uses this solution. The highest number of simplifications can be observed while pairing with the use of external technologies, because there is no need to look for devices and you just pair the closest device in the surroundings.

On the technology of transmission side, Bluetooth operates in the public range. These are the frequencies from the range between 2,402 and 2,480 GHz. So as not to interfere with other protocols which use the frequencies of the 2,45 GHz band Bluetooth protocol divides the range of the frequencies into 79 channels of 1 MHz range and changes the channel about 800 times a second. Theoretically, 2.0 version has a bigger power consumption than 1.0 version.

Wi-Fi is a popular technology which enables the devices compatible with this technology to exchange data wirelessly using radio waves. The wireless local area network (WLAN) is most frequently used, substituting wireless solutions used so far. Devices using Wi-Fi solutions such as, for example, personal computers, smart phones, games consoles, tablets, TV sets, can connect to the Internet in this simple way through the wireless access point. The range of such a solution (access point) is, approximately, up to 15-20 metres in a building and up to 100 metres in the open space without obstacles. The actual range is considerably dependent on the quality of the equipment used, the number of connected clients and the power which is used to transmit the signal. Thanks to that, access points can cover both small areas in buildings where walls block the signal considerably, as well as huge areas in the open space, where the radio waves propagation is not limited by terrain obstacles. To connect the computer to the WiFi network, it has to have a wireless interface. The connection of the computer with the network controller is called a station. Within the network, all stations share the same frequency range. The transmission in this channel is received by all the stations. For this reason, Wi-Fi networks are public stations. Wi-Fi devices can connect with the Internet when they are in the range of the network connected to the Internet. The range of one or more connected access points (hotspots) may cover a few rooms or a few square kilometres. For the bigger areas, the range is realised by the groups of hotspots with their ranges overlapping. At present, wireless networks are used in houses, streets, and public places. Bigger shopping centres, airports offer free Internet access to make their offer more interesting and attract more clients. Free Wi-Fi access also drives advertising of many companies. Internet access is also often gained by routers with DSL or cable modems. Lately, portable access points have become very popular and they are routers which make the Internet available by the mobile networks used for that purpose. Also, newer GSM phones make it possible to create their own AP (access point).

In many cities municipal Wi-Fi networks have been created and they include all agglomerations in their range. A similar things are done by universities in their dormitories. It is a relatively cheap way of Internet distribution on the area where cabling would be extremely expensive. There is also a WiFi implementation where computers connect each other, without the need for an access point. This type of communication was called ad-hoc Wi-Fi transmission. This functionality is used by smaller, portable devices for data exchange. Also some phones use this kind of wireless communication to make the Internet available to other devices (e.g. iPhone), becoming hotspots. Wi-Fi allows a simple, uncomplicated and at the same time cheap implementation of the LAN network. There are many places where, because of technical (open spaces) and aesthetic aspects (historical monuments), wireless networks are the only option for providing communication between computer systems. Because of the popularization of the standard, today the price of electronic things allowing the use of the benefits of WLAN is low, so most of the devices are equipped with network cards. Contrary to mobile phones, Wi-Fi devices will work all over the world. Also all devices with the "Wi-Fi Certified" logo awarded by Wi-Fi Alliance will be compatible with each other and are reversely compatible. Prepared individual developments of the 802.11 standard make it possible to increase the security and at the same time to increase the security of the data sent.

Some limitation is the fact that awarded frequency ranges are not consistent all over the world. Generally, in Europe there are 13 channels available, in the USA 11 and Japan allows the existence of 14 channels is the 2,4 GHz range. Besides, in Europe, the power of the signal is limited to 100 mW. W-Fi network range is also limited. An average hotspot (802.11 b/g) with average aerials has the range of about 30 metres inside buildings and about 100 metres in the open space.

Only 802.11η standard is able to double the wireless network range. The next modification influencing the range are aerials. By using dedicated radiators it is possible to increase its value until the level defined by the local radio-communication law concerning the maximum broadcasting power for the needs of amateur needs. All of that requires considerable levels of energy needs. In comparison with other solutions, e.g. Bluetooth, Wi-Fi uses relatively high amounts of energy. However, other solutions do not offer such a big range. Production use of WLAN is limited to wireless readers, electric vehicles, with the limitation to small spaces.

We can differentiate a few standards of wirelesss networks: - 802.11a - speed up to 54 Mb/s, frequency 5 GHz;

- 802.11b - speed up to 11 Mb/s, frequency 2,4 GHz, the range in buildings 30 m, in the open space up to 120 m;

- 802. l lg - speed up to 54 Mb/s, frequency 2,4 GHz the range similar to 802.11b but it is more prone to disruptions;

- 802.11η - speed up to 300 Mb/s, frequency 5 GHz.

- 802.1 lac - speed up to 6 Gb/s, frequency 5 GHz.

Nowadays the most frequently used is 802. l lg standard. For industrial applications and popular hotspots it is 802.11b, because nowadays only this standard guarantees that it will be operated by every WLAN interface. In the table below 802.11 standard versions.

At first it was a big problem to ensure appropriate protection for wireless networks. A few security implementations have been designed:

- WEP protocol (Wired Equivalent Privacy). In this case the security is achieved with the use of a shared ciphering key of the length of 10 or 104 bits. Currently WEP security is the simplest protection offered in WLAN networks. With the big load of the network (and the possibility of taking a big number of samples for analysis) a faster computer can break the ciphering in 30 minutes. - WPA protocol is an enhanced WEP version. It was established as a transitory version between WPA2 and WEP because it implements a permanent ciphering key change. Most network cards and access points compatible with WEP, also operate WPA. It allowed for the increase of security without the need for the equipment change. WPA protocol can use the enterprise mode - which uses RADIUS server, which assigns keys to suitable users, or the personal mode, which does not divide the keys into particular users but all the connected stations use one shared key (PSK - Pre-Shared Key)

Apart from the above-mentioned WEP, WPA/WPA2 security, very often the combination of procedures are used, such as: filtering MAC addresses (an access point has a list of stations which are to have access to the WLAN network ensured), isolation of working stations (working stations are isolated from each other so that they cannot "see" each other), using VPN for movement (each client is treated as a remote VPN client and his/her movement to the access point is encrypted in the tunnel), hiding the name of the access point (this method is used to impede exposure of the SSID name). Using the combination of the protections increases the level of the transmission's security. It is quite inconvenient and can be applied rather when the clients connect to the specified AP (Access Point), because it does not force the reconfiguration of the access point with every new WLAN station.

The components of WLAN network are:

- Wireless Access Point (WAP), whose task is to separate the wireless signal received by the cable. It ensures the connection of wired stations with the wireless ones. From the point of view of the network topography, WAP is a hub (signal distributor) and at the same time the signal converter form the wired into the wireless and vice versa;

- wireless interface, whose task is to ensure the connection with the wireless network.

Usually they are connected as PCI expansion, miniPCI, USB, Express Card. Nowadays most devices have them built in the motherboard

- wireless routers, which unite functionalities of WAP, switch and router ensuring forwarding of the signals from external interfaces.

- bridges of wireless network. Their task is to connect traditional network with the wireless one. An access point is different from the bridge in that it works on the data surface. Bridges are used when two localisations of the traditional computer network should be connected, for example two office buildings, by the use of the radio network without using cables.

- multipliers of signals (amplifiers) are used to increase the range of wireless networks.

Their task is to eliminate "dead" points in WLAN range or lengthening the range in specified points.

A Near Field Communication system (NFC) was designed to make two-way communication between endpoints possible. Previously the wireless connection systems made only one-way communication possible. Since unpowered NFC implementation versions can be read by a different NFC device, it is possible to replace earlier one-way installations with the new ones.

Using NFC system for a secure data exchange between devices is known from many patent descriptions, among , others from: EP1938242, EP1851865, EP2169924, EP1958470, EP2203835, EP1729253.

From the patent description EP2203834 we know of a system of managing application data in NFC system which is implemented in a portable object which is a GSM phone and in contactless data transmission. The method includes stages of creating internal application data in response to the appearance of the internal event in NFC system and delivering internal application data to the processor host of the NTC system.

In the EP 1729253 patent description there is a safe way of data transmission using the NFC interface, wherein the data in the data memory of NFC marker are stored and made available using an NFC scanner through the NFC interface. Through the central module, authentication data and/or at least an electronic key are generated, wherein authentication data and/or an electronic key, at least partially, by at least one telecommunications network are transmitted to the module controlling NFC markers and/or to the controlling module of an NFC scanner, which is authenticated by authenticating the data transmission by the NFC interface of an NFC scanner. Encrypted data, which have been transmitted through an NFC scanner from the NFC marker on the module controlling an NFC scanner, can be decrypted using the controlling module with an NFC scanner using the electronic key. Authentication happens through the authentication data transmission by the NFC interface by the module controlling the NFC scanner. Not until the positive authorisation from the NFC scanner enables the access to the data from NFC. For deciphering in the central module there is an electronic key stored and available for the identification connected with the encrypted data.

NFC devices can be used as contactless payment systems, concurrent with the ones currently used in credit cards and electronic loyalty cards, making it possible for the mobile payments to be replaced by or to coexist with the above-mentioned solutions. Today NFC implementations can be used in the following cases: to send images to be printed or displayed, to pay by holding the phone with the built in NFC near the NFC reader, to exchange information (about meetings, business cards etc) through identification offered by NFC, to realise access systems through validation of an access code and/or an access key, to confirm identity, as two-factor authentication, with more advanced methods of data transmission by Bluetooth or Wi-Fi, to identify identification documents in small range (in order to ensure data protection) and to support ciphering transmission of the data sent, safer than RFID.

NFC is a set of short distance wireless technologies operating within the distances of two inches or fewer. An initiator and a target device are always engaged in the transmission. The initiator generates electromagnetic field which powers a passive target device. It enables the implementation of NFC as a simple device (object forms) which does need its own separate power supply. These can be stickers, labels, key rings, cards in the form of payment cards.

NFC labels contain data and usually are "read only" type, but they can also be writeable. The can be written with unique client data or use the NFC Forum specification, which is being developed by an organisation which takes care of the NFC standard development. Labels enable secure storage of personal data such as: debit and credit card information, loyalty programs data, access codes and so on. NFC Forum defines four types of labels regarding the communication speed and the configuration possibilities, memory capacity (between 96 and 4096 bites), ensured level of security and the number of possible write-ons. NFC communication happens thanks to the phenomenon of magnetic induction between the two aerial loops, localised on the label. It works on the basis of a transformer, changing energy contained in the magnetic field into the electric energy. Everything works in the public frequencies of 13,56 MHz. The theoretical range, with presumed, standard aerials, is up to 20 cm. However, the practical, unproblematic transmission happens on the distances up to two inches. The processed transmission speeds are 106, 212 and 424 kb/s. There are two modes of work in NFC communication:

- passive communication mode, in which the initiator makes the magnetic field of a specified carrier frequency available. A target device responds by changing (modulating) the current magnetic field. In this case the target device takes energy indispensable for acting from the field generated by the initiator.

- active communication mode, in which both the initiator and the target device separately create their own magnetic fields. The device switches off its field when it is waiting for the data. In this case there is a need for both devices to have chargers.

NFC system uses two different coding modes. If an active device transmits the data with the speed of 106 kb/s, a modified Miller's coding is used, in other cases Manchester coding is used, used among others in the Ethernet network.

NFC devices can at the same time send and receive data. They can also discover possible collisions of signals. The unquestionable disadvantage of NFC is the situation when the owner loses its label (card or telephone). Nothing prevents the finder from using the device as if they were the user. The mobile phone can be protected with the PIN 1 access code, but a normal card does not have such a functionality.

Summing up, NFC solutions are perfect for a simple user identification. The standard itself does not supply such perfect protection that the critical systems are effectively and sufficiently secured. It is sufficient for product identification, loyalty cards and small money transactions.

RFID label can be placed and used for monitoring and managing of goods, valuable things, animals or people. In comparison with traditional printed codes, it has many advantages. It does not need to be clearly visible and it is possible to read hundreds of RFID labels at the same time. This is impossible in the case of barcodes. Currently, the prices of RFID labels are between a few cents in the case of passive ones, up to several dollars in the case of complicated, active chips. Various RFID implementations can be used in order to: check access, trace people and animals, trace goods, tolls and contactless payments, trace luggage at the airports. The number of applications depends on the user's creativity. It should be kept in mind, though, that it is a very primitive system offering very basic functionalities.

RFID works on the basis of identification made by the radio by the use of labels or stickers placed on objects which are to be identified. The signal transmitter, known as a reader, sends a signal to a label and reads its response. Then the reader sends the result into the computer or software in order for it to be analysed further. The information is stored in an electronic form as an unbreakable memory content. RFID labels contain a little transmitter which is a transmitter and receiver at the same time. The reader sends a radio signal to the label and asks it After receiving the message, the response with the identification data happens, which can be a unique serial number of the label, data specific to the marked product such as the production date, product name, series number etc. The labels can be passive, battery assisted passive (BAP) or active. BAP labels use a small battery placed on the board which is activated the moment it is awakened by the RFID reader. Obviously, passive labels are cheaper and smaller because of their much simpler construction and there is no need for the battery. However, the labels use reader energy instead. It must be situated close enough to provide a sufficient level of transmitted power. Because labels can have unique numbers, RFID system can differentiate between many labels which can appear within the reader range and can read them all at the same time. Labels can be of a type read-only and also have a serial number which can be linked to the records in the database or maybe of the overwrite type where the user decides about the values defined by himself/herself. From the technical point of view, RFID labels consist of at least two parts: an aerial for sending and receiving signals and an integrated circuit whose task is to store and process information, decode and code the signals received, transform the energy from the radio waves generated by the reader.

A great RFID labels' advantage are their small sizes. During scientific tests, RFID labels were placed on insects. In subsequent miniaturisation stages it was possible to achieve sizes of the hundredths of millimetres. It causes the miniaturization of the aerials integrated with the devices, and, consequently, decreasing the range of activity of the label-reader pair. The presented solutions were used, among others, in the mobile phones communication. Solutions in the form of microSD card have appeared, which can be a passive label, but after being put into the phone and charged by the card reader, can become an RFID reader. The solutions of using RFID labels have also been implemented by Nokia in a few makes of phones of this company.

Readers usually have a very specified range distance into which they can read labels. This enables them to define areas of read and limit distances which crossing makes reading impossible.

In the chart there are the frequencies used by the RFID.

RFID labels solutions have been implemented in various logistic systems, storing systems and access control, and among others to: label fixed assets in companies and products on shop shelves, mark parts of a large number of elements of a bigger product to unambiguously interpret their origins and destination, especially in enterprises where because of a large number of parts, an average worker is not able to determine the use of all the construction elements of a bigger machine or a vehicle, anti-theft protections in the shape of labels of books, clothes and other, especially more expensive, products which can be found on shop shelves, access control, in which the RFID labels exchanged old, often failing magnetic cards, with the simultaneous elimination of magnetic readers in comparison to which the RFID label readers do not require physical contact, minimising the risk of damaging the card or the reader; in transport and logistics, where because of the high speed of reading, the standard found its place with labelling the packages, to secure id documents making it difficult to forge documents, tolls, e.g. by using RFID labels as a form of prepaid tickets in public transport, which reduces queues at ticket offices and decreases distribution costs, animal and people identification, where some implants have been implemented to make it possible to identify lost pets and people, managing large herds of farm animals and in case of people to identify permanent clients of bars and other places.

The obvious application of identification systems based on RFID are big public institutions. These are mainly:

- health service using such tags to mark the test samples and also the tools used during the operation to avoid leaving them inside the patient

- libraries where RFID labels are used for the automation of the borrowing process and catalogue service and protection of valuable books against theft

- museums where RFID labels make it easier to catalogue expositions and cooperate with electronic guides but they also serve as anti-theft protections

- schools and universities where RFID labels are used in the systems of access control and attendance control

As every solution, this system has its weaknesses which can lead to damages disqualifying RFID labels from the subsequent action. Depending on the kind and frequency of the magnetic field, it is possible to make it totally impossible to read the data. The quality of RFID labels influences the using conditions and high temperature and jolts can lead to the separation of the components of RFID tags.

Biometric systems depend on using the unique traits of a person which allow to unambiguously identify this person. An iris is the most unique. It shapes within the first two years of a person's life and remains unchanged unless it is mechanically damaged. A degenerative illness like cancer may have some influence over the changes. Also a person's death causes almost immediate changes to the iris, making it impossible to identify the person using this trait. An important argument supporting the use of iris is the possibility of differentiating more than 260 characteristic points defining the individuality of a given case. It is a decisively bigger number than in the case of papillary lines. From the point of view of an action algorithm, during the person's identification what happens is that video equipment catches the image. Next, the limits of the iris are demarcated and environmental influences are eliminated, such as light reflexes and blinking etc. The encrypted pattern is sent to be decrypted. In the case of equipment scanners it takes a few seconds. The basic advantages of using the irises for contactless protections are described as follows. The eye is an internal human organ. It is protected against the external factors and relatively rarely gets damaged. Mathematical description of the eye is uncomplicated and allows a large number of possible combinations. The human eye reacts to light so it excludes a simple replacement of the iris with photography or video recording and the iris depends on relation in a small degree and, thus, on a genetic code.

In the patent description US 2009307139 a biometric authorisation of the mobile financial transactions is presented. The method of authentication of financial transactions in the point of sale (POS) concerns keeping the application program in the first secure module in the user's phone. The application is configured to generate codes to make the financial transaction at the verification of the user's identity. User's certificates are stored in the second secure module of the phone which is able to verify the user's identity through the biometric traits entered into the phone by the user and to generate the data authorising the financial transaction in response to the verification of the user's identity. At the point of sale, the user starts an application and then enters an established biometric code into the telephone. The second secure module checks the identity of the user and only after the verification does it generate transaction authentication data. The financial data of the transaction, including the instruction codes and authentication data are then sent from the phone to POS.

For the change of information included in remote resources it is necessary to verify the rights to do the mentioned activities. It is optimal to make it wirelessly. At the same time it is necessary to fulfil some essential conditions: unambiguous identification of the user wanting to make such changes, excluding eavesdropping on the wireless communication, preventing intercepting the session by MITM attack (Man In The Middle), owing to the current electromagnetic smog, authorised devise should be isolated.

To increase the security the problems shown above can be considerably reduced by shortening the range of the receivers. Based on experiments, two main directions of reductions have been found: through the regulation of the power of the reader using software of the interface and/or using the shielding of the reader.

In each of the technologies mentioned before (Wi-Fi, RFID, NFC, Bluetooth or biometrics) increasing the security can be done. Which one will be used depends on the implementation. In the place where the contactless card system already exists, it will be easier to build subsequent solutions using this category. The level of security can be regulated, using complementary solutions, adding two-factor authentication etc. Except technologies, whose application is way beyond the current security standards, not finding rational arguments in the issue of the costs for their implementation, one can safely assume that by limiting the range of readers an appropriate level of security will be ensured.

So called Faraday cagees are known whose cases are made from the conductive material or a net from such a material. Such a case blocks external static and non-static electric fields. M. Faraday established that the external static field will make the electric charges inside the conductive material move in such a way to compensate the field effects inside the cage. This phenomenon is used for example to protect the electronic equipment from lightning strikes and other electrostatic discharges. Faraday cage cannot block static and slowly variable fields, such as the magnetic field of the Earth. That is why devices such as compass will still be working inside. At the same time it will considerably protect the inside against the impingement of the electromagnetic radiation. The condition is that the holes in the cage have to be much smaller than the length of the radiated electromagnetic waves. Some experiments or medical research require shielding of the electronic components and systems so as to provide them with the environment devoid of electromagnetic disturbances which can be introduced from the outside. The rooms for the experiments mentioned are basically totally closed by one or more layers of a fine metal net or perforated sheeting. Metal layers are grounded so as to disperse the electric currents generated from the external electromagnetic fields, and at the same time block a big amount of electromagnetic disturbances. The reception of external radio signals, by the aerial on the cage, can be made much more difficult or even totally blocked.

The effectiveness of the shielding of the static electric field depends on the geometry of the conductive material. In the case of non-linear variable electric field and at the same time accompanying it magnetic field, the field goes through the net of some size. To shield well it is important to take care about good conductivity of the cage and small, suitable size of the holes in the cage, preferably it is 8 or 16 times less the size of the required length of the blocked wave. Good examples of Faraday cage are:

- shielding from the shielded cable, for example concentric cable used for the transmission of the cable TV signal, it protects the internal wires from external electric disturbances;

- shopping bag lined with aluminium foil acts as a Faraday cage. It is very often used by shoplifters to steal RFID-tagged items;

- clothes, so called Faraday suits worn by linemen, which enable them to work on live, high voltage power lines without risk of electrocution, without the theoretical voltage limit;

- the scan room of a Magnetic Resonance Imaging, designed as a Faraday cage, which prevents interfering of external electromagnetic signals with the signals from measurements, making it impossible for them to affect resulting image. Radiologists can identify the characteristic artefacts created on the images, should the Faraday cage be damaged.

To limit the range of propagation of the electromagnetic waves the software producer offers the options of using the configuration parameters which are made available with the interface drivers. The equipment contractor, after presenting the product, publishes the software set indispensable if one wants to use the whole potential of the apparatus. Usually the flow capacity of the solution is regulated here, defining the standard in which the interface should be working. In the case of a Wi-Fi network, the network can be suppressed using the smallest speeds available. Also the energy levels of radiated power amplifier by the transceiver aerial can be determined. Most frequently the producer determines a few power levels for the transmitter. While using the professional solutions or the software written by the open-source community, it is possible to define exact figures of the strengthening. By using the combination of the mentioned parameters, there is a possibility of a precise calibration of the interface to the needs of range limitation. Software range limitation usually makes it possible to model the area coverage in a more precise way, the area which we want to monitor. A disadvantage is the dependence on a solution suggested by the third party. In exchange we have to take into consideration the fact that the next version of the interface or the drivers might not make available the possibilities we require while the solution is working.

Authentication with the help of any technologies presented above needs determining the rules on which the authentication will take place. The equipment layer does not ensure the right level of security. It is necessary to determine a set of procedures, especially user's guide, of the constructed implementation. Regardless of whether the protections are achieved through the encrypted wireless transmission or by using some different options, it seems necessary to establish the centre which could be a registration centre at the same time.

The centre's task is to unambiguously determine that a given system label or possible ID of the device, which can be, for example, RFID label or MAC address of the network interface, belongs to a concrete solution. It should prevent other people from being able to access the system and make it difficult to impersonate the users. It will enable bonding chosen devices to tasks (actions, system events) that they are to initiate.

Assigning a unique number in the system to a unique equipment identification (label, MAC address of the network interface) will be called the connection authorisation. As a result of such an action, a given device (e.g. it can be a Bluetooth interface of a mobile phone) will be able to initiate an event which will make a change of state of information or information change in the remote resources. Among other things, they will be subordinate to the authorisation:

- IEEE MAC address of the Bluetooth device as a unique device address using the Bluetooth technology. It is a 45-bit number written in a hexadecimal system.

- MAC address of the Ethernet device (Media Access Control). It is a 48-bit number written in a hexadecimal system. The first 24 bits describe the producer of the serial card, the other 24 bits are a unique identifier of a given copy of the card. MAC address occurs in the case of every Ethernet interface. It is a consistent address for all serial cards and includes the wired and wireless connections.

- RFID serial number. Taking into consideration the fact that these are solutions offering many possibilities, it should be first stated how big range of unique numbers will ensure the sufficient number of unique labels.

- any unique identifier possible to check wirelessly.

Most labels in their serial number (MAC address) have encrypted information who is the producer of the solution. It will make it possible to preliminarily see if the user uses the supported equipment (visual identification), if the user wants to impersonate another person, etc.

From the procedural point of view, the registration in the authentication centre will start with reading wirelessly a unique identifier of the device which will be used by the user. Next, it will be linked with a unique number in the system. The next step will make it possible to get the powers to do things possible in a given system and planned for this specific user. During the registration some problems might appear, which are mostly connected to the electromagnetic smog and the lack of compatibility between the interfaces and label readers. In the first case the hindrances will be caused by a too high number of labels that could be linked. It might happen that in the close to the reader there will be a few unconnected to the system devices which might cause a random connection. The solution to that can be clearing the areas from any unwanted disturbances, using the Faraday cage on the label reader (signal suppression) or localising the registration point in a secluded area. In the case of the compatibility mismatch of the devices, it will be necessary to build a base of supported devices/interfaces which will be known as operating with the system.

Summing up the registration procedure: reading the unique identifier, creating a link system user unique identifier, determining the users' rights.

In the resources of IT systems information about different activities of individual people is gathered. A classic example of such systems are loyalty programs, where to a person buying a product or a service is assigned a number of points matching the purchased product or service or some other bonus. According to the current state of technology, such systems base on using a plastic card (most frequently a card with a bar code or a magnetic card) and while using it the client indicates an account onto which the records of his activity are to be saved. Such records are in the form of entering data into the IT system. It is not important for the records to be connected to a concrete person. It is enough if in the data resource exists an account which does not need to have a defined user. In the current state of technology every loyalty program is operated with a different card, so as a result a given person usually has at their disposal a big number of cards for many loyalty programs, which causes difficulties using them.

Changes in the organisation of loyalty programs bring about introducing shared cards for many entities within shared loyalty programs. However, a limitation of such solutions is the case where in a given group of goods and services it is not possible to promote clients' loyalty by the entities competing with each other in the same sector of the market.

To be able to enter the data to the resources gathered in the IT systems in the shape of databases, it is essential to confirm that the data which are to be entered concerns a given person or a given user account if it is not associated with a concrete person. The identification method using a device which communicates wirelessly helps simplify and speed up entering the data into the resources gathered in the IT systems, but it is not personal data in the sense of the legal regulations but it is about saving into the user's account the results of a given activity.

From the patent description US20070197261 we know of a solution of a mobile phone with the function of a remote control AIO (All In One) or a card software to block the radio, car, house and RFID, with the authentication and paying function. There is a function of using a universal key based on the wireless connection GSM, UMTS, W- LAN, Bluetooth, RFID transmitter, for every kind of locks, gates and entrances, which enables to perform the functions of direct electronic settling of payments through mobile phones for all accesses, services or information realised. T One can enter after with the fingerprint or an oral command, with the direct biometric confirmation by the sensor. The NFC transmitter allows: loading the information, direct cash payments, access control, controlling functions, authentication in the Internet auctions, bets and transactions, and above all for RFID-tag identification of valuable objects, electronic devices and their parts etc, from GSM on the basis of a website or balancing the account. The device allows to authenticate various operations from the platform of a mobile telephone equipped with the papillary lines sensor or through the function of mobile video in the user's phone.

From the patent description US2012019361 we know of a method and device for a three-feature authentication with the use of a small wireless device. The wireless device stores a digital key and sends the digital key wirelessly to the external application or device. The wireless device can be authenticated by the user's voice or movements in two- or three-dimentional space.

To increase the safety there is a need to shorten the range of the waves propagation so that the technologies mentioned could be made more secure. With the assumption of limiting the range of the activity of the reading devices the aim was to design a solution of secure data exchange in the limited range of the wireless communication of the devices.

The essence of the invention is that the transmission happens wirelessly in the FB space shielded from the external electromagnetic radiation, preferably within the range of 6.5 MHz to 244 GHz, in which there are elements of peripheral units of the computer system together with the portable communications device. Preferably during the transmission, to the distance of 15 centimetres, a portable communications device after logging into the computer system, exchanges data with more than one aerial of the transceivers with the unique MAC number. Optionally, the computer system for an authorised single communications device, which preferably is a mobile phone or a tablet, there is an initiation of the emission from a few independent of each other transceivers with the unique MAC numbers, with the effective emission range of up to 15 cm, the data from which are simultaneously or in turn displayed on the display of a logged communications device and from which the user chooses at least one source of the data emission or rejects all of them. Transceiver, preferably a laser code reader, of an isolated joumalling file system reads the code from the logged communications device, the code which has previously been received from one of many transceivers, and then saves the data in the memory cells of the database indicated by the unique MAC number of the user's communications device. The isolated joumalling file system sends to the computer system, through the transceiver, data changing the state of the used code, preferably in the codebase available to the user. Preferably, the display of the portable communications device is transmitted outside the FB space, preferably by the optical fibre onto the external display.

A beneficial trait of the solution according to the invention is increasing the security of the wireless data transmission between the computer system, especially the isolated journalling file system and the private portable communications device against uncontrolled eavesdropping, and also the choice of different payment methods and loyalty options, without the need of having various payment cards and loyalty cards, prepaid coupond or vouchers, and particularly eliminating the need to remember about the possibility of using in a specific situation, the existing options, associated directly with the MAC number or indirectly through the code, randomly ascribed to the MAC number, saved in the database of the computer system.

According to the invention, the way of secure wireless transmission of the data between the peripheral devices of the computer system and the portable communications device with a display, with the use of electromagnetic waves emitted by the aerials of the transceivers with the unique MAC number, is done wirelessly in the FB space, creating so called Faraday cage. The FB space is shielded from the external electromagnetic radiation within the range from 6,5 MHz to 244 GHz or in part of these frequencies. In the FB space there are elements of peripheral structures of the computer system and the portable communications device placed by the user, which can be a GSM mobile phone. The shielded FB space limits internal signal emission to the distance of 15 cm. A portable communications device, after logging into the computer system, exchanges data with more than one aerial of the transceivers with the unique MAC number, depending on the device's specification and the transmission protocol. The computer system for an authorised single communications device, which preferably is a mobile phone or a tablet, initiates emissions from a few independent of each other transceivers with the unique MAC numbers, with the effective emission range of up to 15 cm, the data from which are simultaneously or in turn displayed on the display of a logged communications device and from which the user chooses at least one source of the data emission or rejects all of them. Transceivers are connected with one or more separate computer systems. A transceiver, preferably a laser code reader, of an isolated journalling file system reads the code from the logged communications device. The code sent from the transceiver of one computer system to the communications device and displayed on the display of this communications device, is received by other transceiver in the FB space, and because of that it initiates the change of the data record in the memory cells of the database indicated by the unique MAC number of the user's communications device. The isolated joumalling file system sends to the computer system, through the transceiver, data changing the state of the used code in the code base available to the user. The user observes the display of their portable communications device on the external display, to which the image is transmitted from the FB space by the optical fibre. Depending on the needs and construction of the device with the shielded FB space, to the FB space or in the FB space, selected GSM, Bluetooth, NFC, Wi-Fi and/or RFID external signals are retransmitted. Similarly, from the FB space selected GSM, Bluetooth, NFC, Wi-Fi and/or RFID signals are retransmitted wirelessly outside the FB space.

The basis of the identification method using the device communicating wirelessly is that a given person is represented by the device - especially but not exclusively by the mobile phone, in which an active device communicating wirelessly is built in especially but not exclusively in the Bluetooth standard - IEEE 802.15.1 or Wi-Fi IEEE 802.11. Such a device is characterised by a unique - that is separate individual number in the shape of an address expressed according to the standard of a given communication protocol in which a device functions, sent (propagated) by this device. The technical standard in which the device communicates is of no importance. The communication device might be an element of a mobile phone or a separate device (Bluetooth Tag type), which propagates (sends) its unique address.

The method consists of making it possible to enter the data into the resources in the IT systems after establishing on the basis of reading the unique address of the communication device that a given activity of the person using the device is to be noted by entering the data into the account ascribed to the address user's account in the IT system.

The same address of the communicating device can be ascribed by its holder to various users' accounts in separate and different IT systems. The terminal of an IT system which recognises the address of the communicating device is in every case assigned to the specific IT system.

In the method of the identification using the wirelessly communicating device is the possibility of using one device wirelessly communicating and for the needs of entering data into many IT systems. The identification happens through bringing closer the wirelessly communicating device and to the IT system terminal which enables making a record in the IT systems' resources. The target unit of the IT system recognises the address of the device communicating wirelessly.

The beneficial results in regard to the previous technology condition:

The method of identifying using the wirelessly communicating device can be particularly used to register promotion points resulting from purchasing specific goods or services on the accounts of the participants of loyalty programs dedicated to clients.

Using in this case the mobile phone with the communication module turned on allows the clients who take part in many, not operated by one shared operator and even rival, loyalty programs to make changes to their accounts in the loyalty programs not because they have a magnetic card specific to a given loyalty program but because of one device - mobile phone, whose communicating device address is the ID of the account in every available loyalty program. The beneficial result is then no need for carrying many cards by the clients and using for these needs only the mobile phone, which the clients usually takes with them in every situation as a portable communication device.

To better explain the method, an application of the invention has been described below with the identification using the device communicating wirelessly.

A client purchasing goods and services is a participant of a loyalty program. He chooses goods or services at the point of sale while buying. The salesperson enters the list of goods or services chosen by the client into the installed in this point of sale end unit (terminal) of the central IT CSI system operating the loyalty program and/or payments. The client holds his GSM mobile phone with the active Bluetooth module near the CSI reader terminal. To increase the security of the data exchange, the transceiver of the CSI reader terminal or its aerial and phone are placed in the shielded FB space, which makes it impossible for a radio contact with the external transceivers to happen. The software installed on the CSI terminal reads the Bluetooth address of the telephone and then sends the whole package of the data including: the purchases or services list chosen by the client and the Bluetooth address of the phone representing the client, into the central database. The CSI system recognises the address sent from the Bluetooth address. Then, if the Bluetooth address is already registered in the CSI database, the data are associated with the user's data in the database, that is the user's account, by assigning this number to the client or if the Bluetooth address in not registered in the database, then it registers a new client by setting the client's account and then it associates the current data with the client data in the database in the newly created client's account. The CSI system sends to the CSI terminal a return package containing information about the client, and the package can be of two kinds: if the Bluetooth address has been recognised in the previous step by the central CSI system as associated with the registered phone user, the return package will cause the display on the terminal display the notification of the CSI system confirming recognition, however, if the Bluetooth address have not been recognised in the previous step by the central system as associated with the registered client, the return package will cause the display on the display of the terminal a numerical keyboard to assign the phone number to the previously sent Bluetooth number, in order to associate the newly recognised Bluetooth address with the phone number of the user. If the user agrees to make the number available by entering it, the number will become in the central system associated with the Bluetooth address which has previously been held near the CSI reader, and by doing that the transactions will be assigned to the user's phone number, using the Bluetooth address of the phone.

If the client does not agree to make the number available, the system will associate this Bluetooth address with the randomly generated pseudo phone number and will give it an identification code in the database of the CSI system. Thanks to such a solution, the client's all transactions will be registered in the CSI system and assigned to a given GSM phone.

In this way data registration happens, particularly increasing the value or number of loyalty points on the client's account as the participant of the loyalty program.

After the whole registration process in the authorisation centre (registration) it will be possible to use labels, also in the form of portable communications devices, to authenticate. They will be later called system labels. The aim of these actions will range from doing the verification of the rights to initiating the events in the remote system, which in the general case is the change of values of the information included in the remote system. Its aim is to automatise the processes defined in the system, which can be initiated by the presence of the user itself and to increase the security of the IT systems by the two-factor authentication, because the user needs to have a label to get authenticated. On the side of the remote resources there will be a database, whose value will be changed thanks to the event, which will be initiated by identifying the user authorised to do some actions in the system. Usually, the expected configuration will be the agent managing the reception of the information from the system's ends, which themselves will be readers or will manage their work. The agent will take care of saving the data into the database as well.

The user's identification will happen by the reading of the equipment identifier, sending the result of the reading to the agent, who will associate it with the unique system number and, as a result, the powers given to it during the registration. The identifying element is here a unique equipment identifier which, as mentioned before, can be a MAC address of the network interface, IEEE MAC address of the Bluetooth interface or any other wireless interface which can be unambiguously identified because its serial number contains a unique sequence of digits, letters or digital-literal.

The functional use of the system is making a simple procedure, in which after registering the system label, deciding on the level of user's authorisation, it will be ready to use. The user, holding it near the reader, initiates the reading. If the label is the interface of Bluetooth kind or the wireless network Ethernet, it should be turned on or set to the finding mode (public). The result of these actions is sent to the remote system and associated with the system user and the level of authorisation that it has in the system's hierarchy. If an automated activity is assigned to the system user's account, such as the change of number of visits of a specific reader (incrementation by 1), display of the notification, sending a text message or an email, it will be done. In this moment a change of the value of the information stored in the remote system happens. In the case of positive verification all of these will take place. If the user is not registered in the system, the remote system will not return any errors or will do the action for this case, for example will switch on the light, will show a notification, will note in the database the date and the circumstances of the event.

Summing up the verification process of the powers, it concerns: reading the unique identifier, defining a given system user and their powers, presenting return communication, for example confirming doing the action.

Every loyalty or discount-payment program generates the need of having and carrying a program card (e.g. PAYBACK, concerned with collecting the points for paying by the defined credit card or for doing the shopping in selected shops), printed code of so called group shopping (e.g. Groupon) permitting the discount or pre-paid card bought in the loyalty program (e.g. ORLEN card or Lukoil card in Lyoness) more cheaply or with the immediate discount calculation and the return of the cash to the account after using the code on the coupon, which can be reused at the next purchase in the program (Lyoness). The recently increasing number of loyalty programs causes that most of the chain shops and chain service providers and also small companies, even with promotional aims, participate in group promotions organised by external, specialised agencies. A client carries loyalty cards of many or all petrol stations, discount coupons from various supermarkets, codes and vouchers of various restaurants and service providers, which compete with each other. Bank debit and credit cards contributed to the increase of the number of cards. It is difficult to substitute them with one system label. The solution to this problem is using a portable communications device, in the form of a GSM phone, which can also be a so called electronic wallet to make small payments, for example on public transport, confirmed by the information on the phone display as a text or identification number CID (Caller ID). Nowadays, most people have a GSM phone. Among these devices most new ones have Bluetooth interface with a 48-bit unique MAC address, which unambiguously identifies the device in the world scale. The basic condition is for the authentication and data exchange between the devices to be in the most secure isolated environment.

The method will be described below on the example of a person making a transaction of fuelling the petrol at the BP petrol station. It can be predicted that such a person will be asked if they have a PAYBACK-BP-citivisa credit card with the loyalty function or the intention of participating in the loyalty program PAYBACK. If the client agrees, and so far has not had an account in the database integrated with the mobile phone, a specific identifier of a system user will be assigned to him/her. During the realisation of the method, the client will be asked to turn on Bluetooth in his mobile phone and hold it near the reader in the shielded FB space and, possibly give their personal data and contact email address. After holding the phone near the reader, IEEE MAC Bluetooth address, the client's name and email address will be paired as complimentary data describing the system user and sent to the remote system, wherein possibly there can be a change of identification data in the remote system after the wireless verification of identity. The data identifying the user's phone will be saved in the database and from this moment the client will be identified by the label ascribed to the phone, and not PAYBACK card or BP-citivisa credit card. It matches the registration procedure from the general scheme.

From the IT point of view, the CSI system works in the client-server architecture. The server consists of the following elements:

- the www server application (e.g. Apache, IIS, etc.), which takes care of the presentation of the user's / administrator's interfaces;

- the database (e.g. MySQL, Oracle DB, DB2, etc.), whose task is to store data concerning the users, parameters of configuration and registers of events and activities;

- the application, as the agent mediating in the data exchange between the client and the server. It also operates the sites for www server.

The client consists of the following elements:

- the reader of system labels, which can be a Bluetooth interface built into the device, e.g. a smart phone with Bluetooth or it may be a dongle connected to the central unit of a PC class. In both cases the interface itself needs to be shielded, in the form similar to Faraday cage, or by software, to reduce the range to about 10-15 cm;

- the client application installed on the unit controlling the Bluetooth interface. It is a software which takes care of a physical reading of the unique MAC address, formatting a question to the server and also making any signal signs for the end user.

The registration process concerns turning on the Bluetooth interface on the client's phone. On the central unit, the Bluetooth interface starts listening and receiving signals from the nearest surroundings. The further range is eliminated thanks to suppressing the interface of the CSI system in the shielded FB space, fulfilling the conditions similar to Faraday cage, or thanks to software. The moment the MAC address of the user's device is extracted, the client application sends a request to the CSI server if a unique system number has been assigned to the found address. All the communication is encrypted in order to ensure confidentiality of the transfer of the client data. If the number is not found in the database on the CSI server, then the CSI server will suggest registration. The central system unit service will enter the essential data and after confirmation, the data package will get to the CSI system service in order to create a unique record in the database, describing the user.

The next use is definitely more trivial from the point of view of functional procedures. A person who uses a program will use the phone again if they want to get some bonus at the point of sale belonging to the program,. The staff will enter the parameters of the reward. The user will turn on Bluetooth on their phone. When the reader registers the Bluetooth address, it will send it to the remote CSI system, where it will be found and the points added to the current balance. Functionally, the use process is about identifying the user and giving a suitable bonus to them. After turning on the Bluetooth interface and making it visible in the radio space, MAC address will be read by the central unit, which is in the reading mode. The read MAC address will be transferred further. The client application sends a request to the server if a unique system number has been assigned to the found address. Similarly as in the case of registration, the whole communication is encypted in order to ascertain confidentiality of the client data transfer.

If the user exists in the data base, the CSI system server will request the information about the kind and amount of bonuses that should be noted in the database. After saving, the CSI system server returns the operation result to the client application which asks the user to confirm the correctness of the operation using the known signalisation, e.g. turning on the diode, notification on the control board, etc.

So far there has been no totally integrated system which would allow various operations by using one authentication.

The PAYBACK-BR-citivisa card described above integrates various functions, but they are done in separate procedures during the purchase and separate used in loyalty terminals and paying terminals, and in the case of additional personal discount coupons received by the user into their email account, their codes are additionally read by the scanner to the loyalty programs or discount programs in the CSI system.

The secure data exchange used in the method according to invention in the shielded FB space with more that one aerial of the transceivers of a unique MAC number, particularly when the CSI computer system for the authorised single communications device which is a mobile phone, initiates emission from several independent from each other aerials of transceivers of unique MAC numbers, enables various operations for one user authentication.

The data are simultaneously or in turn displayed on the display of a communications device logged in the CSI system and from it the user chooses at least one source of the data emission or rejects all of them, and then the CSI system suggests a new program. A transceiver, preferably a laser code reader, of an isolated journalling file system, reads the code from the logged communications device, preferably reads the code from the mobile phone display, the code which has been previously received from one of many transceivers, and then saves the data into the memory cells of the database indicated by the unique MAC number of the user's communications device. Optionally, an isolated journalling file system sends to the computer system, through the transceiver, data changing the state of the used code, preferably in the codebase available to the user. The display of the portable communications device is transmitted outside the FB space, preferably by the optical fibre onto the external display, on which the phone user can observe the received codes, e.g. from the phone display.

In the case of the requirement of the making an independent phone connection through the GSM network, to the shielded FB space or in the shielded FB space, selected GSM, Bluetooth, NFC, Wi-Fi and/or RFID external signals are retransmitted. In another realisation of the method it is possible to retransmit signals in the reversed direction, that is from the shielded FB space selected GSM, Bluetooth, NFC, Wi-Fi and/or RFID signals are retransmitted outside the FB space.

It should be noted that nowadays in big commercial objects access proximity cards are used, based on the RFID technologies. In the future it could be a reader which will be able to read person's DNA. In this way it will eliminate the need of possessing any items identifying a person. Currently it is only possible to register that an anonymous user of the GSM mobile phone enters commercial rooms, e.g. enters the shopping centre and automatically register the route, time spent in the specific parts of the centre or the shops, e.g. through the label readers on the gates of the rooms. It is also possible to quickly associate a specific MAC number of the phone with the face of the phone's user, for example to determine the gender and age of the client or their interests, as this kind of information has some value for the salesperson in the moment of doing the shopping in one of the shops in the shopping centre, particularly while using the telephone with Bluetooth in order to realise the method. This activity of the client can be noted by the function of the signal intensity of the phone with the turned on Bluetooth and time spent by the GSM phone user near the paying terminal.

Making clients register anonymously their phones at entering the shopping centre, by the randomly assigned code in the client database, makes is possible not only to follow single visits but also adding into the database information about the following visits by the same client, identified by the same MAC phone number.

The user's registration process means registering the label in the system. After establishing the serial address of the phone card, the client application sends a request to the CSI server if a unique system number has been assigned to the found address. All the communication is encypted in order to ensure confidentiality of the transfer of the client data. If the number is not found in the database on the server, the CSI server will suggest registration. The central system unit staff will enter the essential data and after confirming, the data package will get to the CSI system service in order to create a unique record in the database, describing the user.

Another example of realizing the method is different than in the case of loyalty program. A person entering their workplace, to be able to get through the gate, just needs to have a GSM phone with Bluetooth turned on, which they will hold near the reader in the shielded FB space to confirm their identity. The ends monitoring the worker's movements, counting their work time, being near their place of work and in the company canteen, which allows counting the units spent, allows the control of the worker's behaviour in the company, who has limited possibilities of movement using the door opened by the Bluetooth signal from the phone if they have no phone on them. Depending on the place, different actions are undertaken in the remote system after identifying the person wirelessly. The loyalty program is similar to paying for the food in the canteen. In this case if a person using the card wants to pay at the point of sale, they will use the RFID card. The staff will enter the purchase parameters, the user will hold the card close to the reader. When the reader registers the number, it will be sent to the remote system where it will be found and the balance updated. It will eliminate the need to have money in the workplace. Functionally, the process of the use is about identifying the user and transferring the data into the system. The client application sends a request to the server if a unique system number has been assigned to the found address. If the user is found in the database, the server will order a suitable action. In the case of entering the workplace it will be opening the gate. At the workplace the doors to subsequent rooms will be opened (or will stay closed). In the canteen a notification will be displayed informing about the value that should be included in the balance. After making changes in the remote database, the system will return the information about the system's response, e.g. to the worker's phone with the agreement about their resources in the form of remuneration after deductions. Thanks to creating such a system the employer or a logistics unit can monitor the productivity of the staff, take care of the optimal use of human resources and also eliminate redundant problems associated with the monetary system in the workplace.

Banking institutions are subordinated to very peculiar regulations. In this environment there are solutions not met anywhere else. These are among others specific systems of accessing the protected areas. An example can be a safety box in the safe localised in the bank. Usually such a solution requires creating suitable levels of security because without them the idea makes no sense. It is achieved by, among other things, biometric protections and personal keys.

A higher level of security is achieved when the access is made possible after an independent authentication of two, rarely more people. For example, in the bank the safe is opened by two, independent of each other people. In the case of a safety box, one of them is a client with their unique identifier established on the basis of the phone placed in the shielded space and putting the finger to the papillary lines reader, and the other is the director of the bank branch. Only fulfilling both of these conditions will make it possible to give access to the secured places in which the client stays as in in the shielded FB space together with the phone. The whole system can be a two- or more- factor authentication system.

Such an IT system has to work in the client-server architecture. System endings will have to be made as consistent devices which will ensure connections with the server. The connection has to be encrypted, and, consequently, resistant to MITM attacks and eavesdropping. The server, like previously, consists of the following elements: - the www server application which takes care of the presentation of the user's / administrator's interfaces and the layer of the system's service

- the database whose task is to store data concerning the users, parameters of configuration and registers of events and activities. In this case there must be a clear assigning and ensuring the lack of possibilities of modifying the system registers.

- the application - an agent mediating in the data exchange between the client and the server which also is responsible for serving websites of the www server.

- VPN server (Virtual Private Network), whose task is to ensure a safe channel for the whole communication associated with processing the information sent by the system endings and processing the system endings

Like in other cases, the construction of the client end is similar and consists of the following elements:

- the reader of system labels. The bank client is unambiguously identified by the RFID card or rather GSM phone, whose turning on is secured by the biometric traits of the user.

- the client application installed on the unit controlling the label reader. It is a software which is responsible for the physical reading of the unique serial number of the card and formatting the request to the server and also controlling any signalling signs for the end user.

- VPN client application. Its task will be routing the safe VPN tunnel by which the system data will be sent.

Nowadays in the banking institutions it is possible to use RFID proximity cards or biometric security. The latter is particularly popular because of a very high level of security. Banking institutions also have a big budget so any new kinds of security will surely be quickly implemented. Introducing the next method of identification according to the invention will not change the principle of changing information in the remote systems after the wireless identification. Also in the case of banking system, a system of registering the labels will have to function. Thanks to the VPN tunnel the data transfer will be secured through ciphering, in order to secure the data transfer confidentiality inside the bank.

In the example of the realization of the method for the isolated rooms protection of the people protecting the security of the sphere or the supervision system, with the assumption that in the whole shielded FB sphere of the room there must be at least three people at the same time, CSI system does not create the passage in the sluice if in the isolated room there are fewer people than permissible. Because the process of authentication by possessing the phone happens wirelessly (secretly), other people present in the room do not differentiate the security workers from other visitors to the shielded FB sphere. In the shielded FB sphere there were a few aerials of the transceivers, which independently of each other exchange data with the supervising CSI IT system. The possibility of the data retransmission from the GSM phones from the inside of the room is being limited, controlled and admitted e.g. exclusively for those who have such rights. Similarly, the retransmission of the data into the shielded room is limited to the GSM phones of those permitted, and the other people in the room do not know what rights have the GSM phones of other users. However, the rights to receive the data in the room with the shielded FB sphere and to retransmit it from the room with the shielded FB sphere outside can be divided and assigned to different people.

From the point of view of the system architecture and the processes taking place during the authentication, we can distinguish the following events. First, the system users are identified. The data about them are sent to the system. After using the system label, the client application sends a request to the server if a unique system number has been assigned to the found address. If the user exists in the database, it will be checked if one of them is the user defined as the director of the branch. Next it is checked of the second person is a client allowed to enter the secured area. It this is true, CSI server will arrange for the action of unblocking the entrance door to take place. In the case of verifying the access to the safety boxes, the situation is repeated, though the system verifies as well if a given user is assigned to the record describing the box which he wants the access to. Every operation is accompanied by changes to the remote database, which is responsible for reading from the database or the record to the system register about the given actions. This approach to the security of the access to the places of limited access makes it possible to simplify the access procedures with the simultaneous increase of the security level. The data enabling identification are geographically located in a different place. For the correct authentication two people's presence is indispensable, while one of them is trusted. It annihilates also the margin for the embezzlement inside the company because apart from the director, the presence of a client is also required without whom the door will not be unlocked.

In most cases most people are able to leave home without their wallet but not without their phone. That is why directing towards the mobile phoning as the provider of the unique system labels is perfectly reasonable. Rapidly increasing number of mobile viruses, one of the most troublesome dangers of the last years, make it necessary for the users to use safer than before methods of data exchange in the communication of NFC close distances. Nowadays the viruses, mostly, are distributed by the Bluetooth technology but because phones are slowly becoming small portable computers, the forms of danger distributions will surely grow. Limiting the possibilities of intercepting data by having the transmission in the shielded FB sphere will exclude the dangers on this stage of the transaction between the isolated computer system and the portable communications device in the form of a GSM phone.

Implementing the method as a part of a bigger project can work perfectly well in differently organised and realised loyalty programs, without the need of sharing the personal data or the place of residence of the user of the portable communications device at the very beginning, because it can be differentiated by the specific MAC number of the device or randomly assigned code in the database of the computer system as the method of identifying anonymous user together with the change of the number of points in the system. If the method according to invention is used to operate and monitor the workplaces, it will enable the automation of the time of work, strengthening the security system of health and life and even everyday assigning more and more credit to use, together with the counted work time.

The solution presented does not imply too big and expensive input threshold to use secure data exchange wirelessly even for an anonymous GSM phone user.

Claims

Patent Claims

1. The method of secure wireless data transmission between the peripheral devices of a computer system and a portable communications device with a display, especially between an isolated joumalling file system and a portable communications device of the user, with the use of electromagnetic waves emitted by the aerials of the transceivers with a unique MAC number, characterised in that the data exchange happens wirelessly in the FB space shielded from the external electromagnetic radiation, preferably in the frequency range from 6.5 MHz to 244 GHz, in which there are elements of peripheral units of a computer system with together a portable communications device.

2. The method according to claim 1, characterised in that during the transmission, within the distance up to 10 centimetres, a portable communications device after logging into the computer system exchanges data with more than one aerial of the transceivers with a unique MAC number.

3. The method according to claim 1, characterised in that the computer system for an authorised single communications device, which preferably is a mobile phone or a tablet, initiates emissions from several independent of each other aerials of the transceivers with unique MAC numbers, of the range of the effective emission up to 15 centimetres, data from which are displayed simultaneously or in turn on the display of the logged communications device and from which the user chooses at least one source of the data emission or rejects all of them.

4. The method according to claim 1 or 2, characterised in that the transceiver, preferably a laser code reader, of an isolated joumalling file system reads the code from the logged communications device, preferably reads the code from the mobile phone display, the code which has previously been received from one of the several transceivers, and then saves the data in the database memory cells determined by the unique MAC number of the user's communications device.

5. The method according to claim 3, characterised in that the isolated joumalling file system sends to the computer system, through the transceiver, the data changing the state of the used code, preferably in the codebase available to the user.

6. The method according to claim 1 or 2, characterised in that the image of the display of the portable communications device is transmitted outside the FB space, preferably through the optical fibre, onto the external display.

7. The method according to claim 1 or 2, characterised in that to or in the FB space the chosen external GSM, Bluetooth, NFC, Wi-Fi and/or RFID signals are retransmitted.

8. The method according to claim 1 or 2, characterised in that from the FB distance the chosen GSM, Bluetooth, NFC, Wi-Fi and/or RFID signals are retransmitted outside the FB distance.