WO2016024220A1 - Procédés et systèmes pour permettre des services associés à la présence - Google Patents

Procédés et systèmes pour permettre des services associés à la présence Download PDF

Info

Publication number
WO2016024220A1
WO2016024220A1 PCT/IB2015/056109 IB2015056109W WO2016024220A1 WO 2016024220 A1 WO2016024220 A1 WO 2016024220A1 IB 2015056109 W IB2015056109 W IB 2015056109W WO 2016024220 A1 WO2016024220 A1 WO 2016024220A1
Authority
WO
WIPO (PCT)
Prior art keywords
mobile device
special area
passwords
defining
signal
Prior art date
Application number
PCT/IB2015/056109
Other languages
English (en)
Inventor
Carlos Alberto Pérez Lafuente
Original Assignee
Afirma Consulting & Technologies S.L
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US14/456,849 external-priority patent/US9210167B1/en
Priority claimed from US14/456,789 external-priority patent/US9253639B1/en
Application filed by Afirma Consulting & Technologies S.L filed Critical Afirma Consulting & Technologies S.L
Publication of WO2016024220A1 publication Critical patent/WO2016024220A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/107Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/021Services related to particular areas, e.g. point of interest [POI] services, venue services or geofences
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/63Location-dependent; Proximity-dependent

Definitions

  • the invention relates to methods and apparatusto enable presence related services.
  • Microprocessor smart cards have been commonly used to protect keys and secret data of given applications from service providers. Being considered as a "anti-tamper" device, the smart cards have been used to protect payment applications from banks, ticketing applications from transportation authorities or personal data for access control purposes.
  • a mobile device application providing access to presence related services need to be anti-tamper, and this invention provides methods to achieve that target even if not using, for example, a microprocessor smart card to either perform part of the mobile device application processing or to store sensitive data of the service providers ' mobile device applications.
  • a mobile deviceapplication in a mobile device is personalized such that the mobile device is able to self- determine its presence status in at least one special areaassociated to the mobile device, each special area being defined by the combination of distinctive wireless signals from one or more radio communication devices; and the mobile devicesends an updating signal about its presence in one or more special areas to the mobile telephone network, the signal being routed to special operating means of a service provider entity, that enable or disable presence related services depending on whether the updating signal indicates that the mobile device is present or not into one or more special areas.
  • Presence updating signals may be used to enable or disable presence related services, and in certain contexts it is desirable to provide mechanisms to securely authenticate at least part of the presence updating signals.
  • client-server-based one-time- usecalculations are used to securely authenticate presence updating signals.
  • the one-time-use calculations depend on input data associated to radio communication devices, but only those radio communication devices associated to special areas personalized into the mobile device application may produce a successful authentication in the referred special operating means of the service provider. So on top of having the right mobile device and mobile device application personalization, the user must be in the right environment for an updating signal being accepted as authentic by the special operating means.
  • a Personal Identification Number is required as input for the referred one-time-use calculations, thus in such implementations the authentication methods are defined such that it is necessary that the user will enter a personal secret code as a precondition for an updating signal being later securely authenticated.
  • pre-calculated tokens and/or hardcoded keys/parameters are used to make the one-time-use calculations that securely authenticate presence updating signals.
  • a fully automatic methodfor securely enabling/disabling presence related services by sending a presence updating signal and a onetime-use related calculation is desired; while in others it may be required that the user will insert a PIN to make presence related services being enabled or disabled by the special operating means of the service provider.
  • the fully automatic methods may be used to make one-time-use calculations associated to N updating signals sent from the mobile device about its presence in one or more special areas, but a PIN may be required as an input for a one-time-use calculation correlated to sending the N+1 updating signal about the mobile device presence in the one or more special areas.
  • two-factor authentication may be used in correlation with at least part of the updating signals sent, so the user identity is verified on a periodic basis.
  • service providers are provided with amethod to securely enable (or disable) presence related services by using amobile device application, where said method can be mostly performed at the domain of the services providers, without restrictions from third party owners of secure elements.
  • this is achieved by providing a method associated with one or more providers of presence related services in connection with the use of a mobile device and at least a first radio communication defining device that transmits a first distinctive defining signal and a second radio communication defining device that transmits a second distinctive defining signal, the first distinctive defining signal at least partly defines a first special area by its coverage, the second distinctive defining signal at least partly defining a second special area by its coverage.
  • the method may include (i) electronically storing in one or more memories data capable of linking the mobile device to the first and second special areas, the data including a first checking data of the first radio communication defining device, a second checking data of the second radio communication defining device, and a first identifier related to the mobile device, (ii)transmitting via a mobile telephone network to the mobile device at least a portion of the first checking data, and transmitting via the mobile telephone network to the mobile device at least a portion of the second checking data, (iii)receiving from the mobile device via the mobile telephone network a first updating signal uncorrelated to any mobile device phone call establishment that identifies the mobile device ' s presence in at least the first special area, and receiving from the mobile device via the mobile telephone network a second updating signal uncorrelated to any mobile device phone call establishment that identifies the mobile device ' s presence in at least the second special area, the first updating signal including a second identifier related to the mobile device, the second updating signal including a third identifier related to the mobile
  • access to presence driven services relates to presence of the mobile device into one or more special areas but, on top of that, additional OTP-based authentication may be performed by the one or more processing devices. Furthermore, at least one of the OTP calculations is performed when the mobile device is present into the first special area, based on information that is included in at least oneof the distinctive defining signals that define the first special area.
  • the mobile device determines that it is present into the first special area, then at least a portion of the checking data received into the distinctive defining signalsthat define the first special area will produce a successful OTP validation by the one or more processing devices, when used as input data to calculate said OTP.
  • This approach can provide a fully automatic OTP calculation, associated to the first updating signal, empowered by information related to the context of the mobile device being into the first special area. More than one OTP may be sent univocally associated to the first updating signal, and said other OTPs may also be calculated using data from the context of the mobile device being into the first special area as input data and/or a user ' s Personal Identification Number (PIN).
  • PIN Personal Identification Number
  • At least one of the OTPs that aresent from the mobile device and that are univocally correlated to an updating signal is calculated by the mobile device by using a user ' s Personal Identification Number (PIN) as input data for the calculation.
  • PIN Personal Identification Number
  • at least one of the OTPs that are sent from the mobile device and that are univocally correlated to an updating signal is calculated by the mobile device based on information that is included in at least one of the distinctive defining signals that define the special area and also using a user ' s Personal Identification Number (PIN) as input data for the OTP calculation.
  • pre-calculated tokens and/or hardcoded keys/parameters may also be used as input data in any of the above referred OTP calculations.
  • the user is prompted to enter a PIN as an input for the OTP calculation.
  • the user is prompted to enter the PIN before the presence updating signal is sent to the service provider, via the mobile telephone network.
  • each OTP may be calculated by the mobile device based on information that is included in at least one of the distinctive defining signals that define the second special area and/or using a user ' s Personal Identification Number (PIN) as input data for the OTP calculation and/or using hardcoded keys/parameters as input data for the OTP calculation and/or using pre-calculated tokens as input data for the OTP calculation.
  • PIN Personal Identification Number
  • Different alternatives are possible in connection to the calculation of the OTPs, and in relation to perform the above referred univocal correlation between an updating signal and an OTP. Some of these alternatives are explained in detail below.
  • an OTP is calculated when the mobile device enters into or exists out of a special area, and the OTP is sent comprised into thepresence updating signal.
  • the OTP and the updating signal are sent in the context of the same https session, so they can be easily correlated.
  • the at least one OTP and the presence updating signal are sent via different channels (e.g. one is sent via an https data connection and the other one is sent via SMS) but both are transmitted with a common identifier, that can be used by the one or more processing devices to later match them.
  • a first OTP is calculated when the mobile device enters into one special area, but the updating signal will be sent later.
  • the updating signal will comprise the referred first OTP (e.g. calculated based on information that is included in at least one of the distinctive defining signals that define the special area) and a second OTP (calculated at the time of sending the presence updating signal, for example, after the user inserts a PIN that is used as an input to calculate the second OTP). So in this example the one or more processing devices will be able to authenticate both the context of the presence determination into the special area (validating the first OTP) and the content of the presence updating defined by the user inserting a PIN (validating the second OTP).
  • a first OTP is calculated when the mobile device remains in a first special area, said first OTP being calculated based on checking data that is included in a received first distinctive defining signal that partly defines a first special area; the first OTP is sent comprised in a first updating signal; and a second OTP is calculated when the mobile device entersinto a second special area, the second OTP calculation requiring the user to insert a PIN; the second OTP is sent comprised into a second updating signal.
  • the OTP is not calculated if the communication channel to send the presence updating signal is not available for the mobile device.
  • the data stored in the one or more memories also includes the keys and parameters necessary to validate by the one or more processing devices the at least one OTP associated to a presence updating signal; and keys and parameters necessary for OTP calculations by the mobile device are transmitted via a mobile telephone network to the mobile device.
  • At least one OTP calculation is triggered by the mobile device being in the first special area, and at least part of the first checking data is inputted to the calculation from the storage/memory of the mobile device.
  • at least one OTP calculation is triggered by the mobile device being in the first special area, and at least part of the checking data that at least partly defines the first special area is inputted to the calculation from the storage/memory of the mobile device (so in this implementation the OTP may be calculated based on information (e.g. checking data) included in the first distinctive defining signal and/or based on information (e.g.
  • checking data that also at least partially defines the first special area included in other distinctive defining signals that may also partly define the first special area.
  • at least part of the first checking data is inputted inat least one OTP calculation after being received(and perhaps decoded) from at least one of the distinctive defining signals that at least partially define the first special area (in these implementations at least part of other checking data that also partly define the first special area may also be inputted into the at least one OTP calculation from the storage/memory of the mobile device).
  • the user is prompted to enter a PIN when the mobile device enters into/remains into/leaves out of an special area (such that a first OTP calculation is made), and to enter the PIN again before the presence updating signal is sent to the service provider system (and a second OTP calculation is made), the presence updating signal comprising the first and the second OTP results.
  • the one or more processing devices will be able to authenticate both the context of the presence determination and the context where the presence updating signal is sent. This may be of interest, for example, when the presence determination information is not sent at the time of determination, but with a delay. So the second OTP ensures that the updating signal sending has also been validated by the user after, for example, inserting a secret code.
  • part of the information that is included in at least one of the distinctive defining signals that define the special area is used as challenge for an OTP calculation, and the PIN inserted by the user is used as part of the OTP key.
  • to make a first special area and/or second special area of one or more providers of presence related services becoming at least partly registered for a mobile device requires the user inserting an activation code into the mobile device and a successful validation of said activation code by the one or more processing devices.
  • there is a first set of checking data related to one or more radio communication defining devices the first set ofchecking data defining (together with special area rules)one of more special areas related, for example, to home presence services
  • a second set of checking data related to one or more other radio communication defining devices the second set ofchecking data defining (together with special area rules) other one or more special areas related, for example, to smart city presence services.
  • to make a first special area and/or second special area of one or more providers of presence related services becoming at least partly registered into a mobile device requires the user inserting an activation code into the mobile device and a successful validation of said activation code by the one or more processing devices, and also requires the user to select or insert a Personal Identification Number (PIN) in the context of said registration process.
  • PIN Personal Identification Number
  • the data stored in the one or more memories related to the first special area is stored in a first memory or set of memories of a first provider of presence related services and the data stored in the one or more memories related to the second special area is stored in a second memory or set of memories of a second provider of presence related services.
  • the mobile telephone network transmits to the mobile device the at least portion of the first checking data and the at least portion of the second checking data at different times.
  • a first special area is defined by a service provider and the related checking data are transmitted to the mobile device;
  • a second special area is defined later by the same service provider, and the checking data are afterwards transmitted to the same mobile device.
  • several special areas are defined by different service providers, and the at least portion of the checking data related to the special areas of each service provider is transmitted to the mobile device independently of the transmission of the at least portion of the checking data related to the special areas of the other service providers.
  • the one or more processing devices has access to at least a portion of thedata (such as, for example an identifier related to the mobile device) and updates at least one first operating parameter in a database of the one or more providers of presence related services depending on the presence of the mobile device in the first special area and/or second special area.
  • thedata such as, for example an identifier related to the mobile device
  • the one or more processing devices has access to at least a portion of thedata (such as, for example an identifier related to the mobile device and the checking data) and updates at least one second operating parameter in a database of the one or more providers of presence related servicesdepending on the result of the validation ofthe at least one OTP that is univocally correlated to the updating signal about the presence of the mobile device in the first special area and/or second special area.
  • thedata such as, for example an identifier related to the mobile device and the checking data
  • the updating of the at least two operating parameters depends on the result of a multi-level authentication, where the first level relates to the mobile device presence status in the special area, as provided by the updating signal, and the other levels relates to the validation result of the at least one OTP that is correlated to said presence updating signal.
  • the first operating parameter is a tariff flag or a service flag that enables or disables a special tariff or a service for the mobile device.
  • the one or more processing devices include a first processing device associated with a first provider of presence related services and a second processing device associated with a second provider of presence related services.
  • the first processing device has access to at least a portion of thedata (such as, for example an identifier related to the mobile device) and updates at least one first operating parameter in a database of the first provider of presence related services depending on the presence of the mobile device in the first special area
  • the second processing device has access to at least a portion of the data (such as, for example an identifier related to the mobile device) and updates at least one first operating parameter in a database of the second provider of presence related services depending on the presence of the mobile device in the second special area.
  • the first processing device has access to at least a portion of thedata (such as, for example an identifier related to the mobile device and the first checking data) and updates at least one second operating parameter in a database of the first provider of presence related services depending on the result of the validation of the at least one OTP that is univocally correlated to the updating signal about the presence of the mobile device in the first special area
  • the second processing device has access to at least a portion of thedata (such as, for example an identifier related to the mobile device and the second checking data) and updates at least one second operating parameter in a database of the second provider of presence related services depending on the result of the validation of the at least one OTP that is univocally correlated to the updating signal about the presence of the mobile device in the second special area
  • the updating of the at least one first operating parameter in a database of the first service provider depends on the presence of the mobile device in the first special area; and the updating of the at least one second operating parameter in a database of the first provider of presence related servicesdepends on the result of the validation of a first OTP that has been calculated based on information that is included in at least one of the distinctive defining signals that define the first special area and on the result of the validation of a second OTP that has been calculated based on a PIN inserted by the user in the mobile device, both OTPs are univocally correlated to the first updating signal.
  • the first operating parameter is a tariff flag or a service flag that enables or disables a special tariff or a service for the mobile device.
  • the first, second and third identifiers related to the mobile device are the same.
  • the enabling or disabling of the first and/or second presence related service includes transmitting via the mobile telephone network a signal to the mobile device that is capable of being used to enable or disable one or more related functions in the mobile device.
  • the signal enables, when the mobile device is present, for example, in a home special area, software in the mobile device that records statistic data about mobile device usage in said home special area (e.g. type of applications used, used connections, periods of activity, etc.). The same applies to other types of special areas, such as, for example, mobile device usage in acompany special area.
  • the signal enables a mobile device payment capability when the mobile device is in a special area defined by, for example, certain NFC Point of Sale terminals at merchant locations; or into a special area defined by certain Bluetooth Low Energy devices.
  • the signal enables a mobile device ticketing capability (e.g. a mobile boarding card) when the mobile device is into a special area defined by certainBLEboarding-area-devices in an airport.
  • the one or more memories and the one or more processing devices reside in one or more servers of the one or more providers of presence related services.
  • the storing of the first and second checking data in the one or more memories comprises electronically receiving from the mobile device the first and second checking data.
  • the mobile telephone network is cellular.
  • at least one of the first and second updating signals comprises the result of a previous determination performed by the mobile device about the mobile device ' s presence in the first and second special areas, respectively.
  • data about wireless home appliances is recorded at the mobile device, when the mobile device enters into the special area defined foreach oneof the appliances (e.g. a wireless TV, a wireless washing machine and a wireless iron).
  • data about each electronic appliance is recorded at the mobile device, together with an OTP calculated using the corresponding home appliance checking data, but the mobile device only sends the information when a threshold in the amount of information to be sent has been exceeded or on a periodic basis (e.g. periods of 30 minutes) after entering in the first special area with data to be sent.
  • the presence status of the mobile device having entered into the different special areas, plus the associated information data, are comprised in a presence updating signal; the OTPs related to the presence of the mobile device into the special areas are also comprised into the updating signal.
  • the conditions to send the updating signal are met, the user is prompted to insert a PIN, and a calculated OTP(PIN) is also send comprised into the updating signal.
  • At least one of the first and second updating signals is received via the mobile telephone network from the mobile device at least one of (i) periodically, (ii) at times recent to when the mobile device respectively enters into or exists from the first special area and/or second special area, (iii) when the mobile device respectively remains in the first special area and/or the second special area, and (iv) when the mobile device respectively remains outside the first special area and/or second special area.
  • At least one of the first and second updating signals comprises a request to access to a service and the one or more processing devices enable the provision of a presence related service based upon the mobile device ' s presence in the first and second special area, respectively, and also depending on the result of the validation of the at least one OTP that is univocally correlated to the updating signal about the presence of the mobile device in the first special area and second special area, respectively.
  • the service is a request to repair an smart city radio communication defining device that measure the traffic flow in a given area
  • the radio device partly defines a special area personalized into the user ' s smartphone
  • the service request includes the alarm related information and the radio communication device serial number.
  • an OTP is comprised into the presence updating signal, and said OTP has been calculated using part of the radio communication defining device serial number (i.e. part of the checking data in this example) as input data.
  • a method associated with the use of a mobile device and at least one radio communication defining device that transmits a distinctive defining signal that at least partly defines a special area by its coverage, the distinctive defining signal including data the method including; (i) receiving and processing one or more defining signals in the mobile device to determine, based on a previously obtained at least portion of the data, whether the one or more defining signals are one or more distinctive defining signals and to determine whether or not the mobile device is present in the special area; (ii) sending from the mobile device via a mobile telephone network an updating signal to one or more servers of a provider of presence related services about the mobile device ' s presence in the special area, the sending of the updating signal being uncorrelated to any mobile device phone call establishment, the updating signal being sent at least one of (i) periodically, (ii) at times recent to when the mobile device enters into or exists from the special area, (iii) when the mobile device remains in the special area and (iv) when the mobile device remains outside the special
  • the updating signal comprises the result of a previous determination performed by the mobile device about the mobile device ' s presence in the special area.
  • the frequency of the updating signal is different from the frequency of the distinctive defining signal.
  • the mobile device enables or disables one or more functions related to a presence related service upon receiving enabling or disabling instructions from the provider of presence related services.
  • a non-transitory computer readable medium storing computer readable program code for causing a processor of a mobile device to perform a method associated with the use of at least one radio communication defining device that transmits a distinctive defining signal that at least partly defines a special area by its coverage, the distinctive defining signal including data.
  • the method includes: (i) receiving and processing one or more defining signals in the mobile device to determine, based on a previously obtained at least portion of the data, whether the one or more defining signals are one or more distinctive defining signals and to determine whether or not the mobile device is present in the special area; (ii) sending from the mobile device via a mobile telephone network an updating signal to one or more servers of a provider of presence related services about the mobile device ' s presence in the special area, the sending of the updating signal being uncorrelated to any mobile device phone call establishment, the updating signal being sent at least one of (i) periodically, (ii) at times recent to when the mobile device enters into or exists from the special area, (iii) when the mobile device remains in the special area and (iv) when the mobile device remains outside the special area; and (iii) sending from the mobile device via a mobile telephone network to the one or more servers of a provider of presence related services at least one One-Time-Password (OTP) that is univocally correlated to the
  • the non-transitory computer readable medium storing computer readable program code further causes the processor to calculateat least one OTP based on information that is included in at least one of the distinctive defining signals that define the special area.
  • a non-transitory computer readable medium storing computer readable program code is provided that further causes the processor to send the updating signal with information related to the result of a previous determination performed by the mobile device about the mobile device ' s presence in the special area.
  • a non-transitory computer readable medium storing computer readable program code is provided that further causes the processor to enable or disable one or more functions in the mobile device related to a presence related service upon the mobile device receiving enabling or disabling instructions from the provider of presence related services.
  • a mobile device is provided that is capable of receiving a distinctive defining signal from a radio communication defining device that at least partly defines a special area by its coverage, the distinctive defining signal including data, the mobile device comprising: (i) an electronic storage medium that stores at least a portion of the data; and (ii) a processor adapted to process one or more defining signals to determine, based on the at least portion of the data, whether the one or more defining signals are one or more distinctive defining signals and to determine whether or not the mobile device is present in the special area, the processor further adapted to send from the mobile device via a mobile telephone network an updating signal to one or more servers of a provider of presence related services about the mobile device ' s presence in the special area, the sending of the updating signal being uncorrelated to any mobile device phone call establishment, the updating signal being sent at least one of (i) periodically, (ii) at times recent to when the mobile device enters into or exists from the special area, (iii) when the mobile device remains in the
  • the processor when the updating signal indicates that the mobile device is present in the special area, the processor is adapted to calculate at least one OTP based on information that is included in at least one of the distinctive defining signals that define the special area.
  • the processor is adapted to enable or disable one or more functions related to a presence related service upon the mobile device receiving enabling or disabling instructions from the provider of presence related services.
  • a mobile device receives first and second distinctive defining signals respectively from first and second radio communication defining devices, the first and second distinctive defining signals at least partly define first and second special areas, respectively, by their coverage, each of the first and second distinctive defining signals respectively including first and second data.
  • a method includes: (i) receiving and processing one or more defining signals in the mobile device to determine, based on a previously obtained at least portion of the first data, whether the one or more defining signals are one or more first distinctive defining signals and to determine whether or not the mobile device is present in the first special area; (ii) receiving and processing one or more defining signals in the mobile device to determine, based on a previously obtained at least portion of the second data, whether the one or more defining signals are one or more second distinctive defining signals and to determine whether or not the mobile device is present in the second special area; (iii) sending from the mobile device via a mobile telephone network, when the mobile device determination refers to the first special area, a
  • the first updating signal is sent with information related to the result of a previous determination performed by the mobile device about the mobile device ' s presence in the first special area.
  • the second updating signal is sent with information related to the result of a previous determination performed by the mobile deviceabout the mobile device ' s presence in the second special area.
  • a non-transitory computer readable medium storing computer readable program code for causing a processor of a mobile device to perform a method associated with the mobile device receiving first and second distinctive defining signals that at least partly define a first and second special areas, respectively, by their coverage, each of the first and second distinctive defining signal respectively including first and second data, the method comprising: (i) receiving and processing one or more defining signals in the mobile device to determine, based on a previously obtained at least portion of the first data, whether the one or more defining signals are one or more first distinctive defining signals and to determine whether or not the mobile device is present in the first special area; (ii) receiving and processing one or more defining signals in the mobile device to determine, based on a previously obtained at least portion of the second data, whether the one or more defining signals are one or more second distinctive defining signals and to determine whether or not the mobile device is present in the second special area,(iii) sending from the mobile device via a mobile telephone network, when the
  • a non-transitory computer readable medium storing computer readable program code further causes the processor to send the first updating signal with information related to the result of a previous determination performed by the mobile device about the mobile device ' s presence in the first special area.
  • a non-transitory computer readable medium storing computer readable program code further causes the processor to send the second updating signal with information related to the result of a previous determination performed by the mobile device about the mobile device ' s presence in the second special area.
  • Fig. 1 Aillustrates a mobile proxy application in the context of an ecosystem of radio communication defining devices
  • Fig. 1 .B shows different possible categories for radio communications defining devices.
  • Fig. 2 shows a mobile device capable of enabling presence related services in an ecosystem of radio communication defining devices
  • Fig. 4 is a schematic diagram illustrating a system according to some implementations to enable presence related services;
  • Fig. 5 shows some scenarios to enable services related to radio communication defining devices and it is used to analyse the benefits of utilizing mobile device centric presence determination capabilities.
  • Fig. 6 also shows some scenarios to enable services related to radio communication defining devices and it is used to analyse how presence determination serves to provide spectral efficiency and adequate user control and privacy.
  • Fig. 7 is a schematic diagram that generally illustrates some functional blocks according to some implementations where mobile centric presence determination and authentication methods are used to securely enable presence related services.
  • Fig.8 is a schematic diagram illustrating methods and apparatusaccording to some implementations to enable presence related services by one or more service providers, where a more detailed description is provided in connection to the presence system of a service provider 1 .
  • FIG. 9 is a schematic diagram illustrating methods and apparatusaccording to some implementations to enable presence related services by one or more service providers, where a detailed description is provided in connection to a first provider of presence related services (service provider 1 ) and to a second provider of presence related services (service provider 2).
  • Fig. 10 is a schematic diagram illustrating methods and apparatusaccording to some implementations where a parameters database of one presence services provider is shown and parameters updating processes are described in the context of presence services provision.
  • Fig. 1 1 illustrates a set of mobile device applications related to a set of service providers where presence updating signals are sent from the mobile device to enable presence related services.
  • Figure 1 Aillustratesan exemplary ecosystem of devices with wireless communication capabilities.
  • the wireless devices may be home appliances, smart city objects, hot spots, base stations, wireless sensors, NFC tags, contactless Point of Sale devices, contactless ATMs, PCT routers, wireless meters, merchants ' short range communication devices, M2M devices, etc., as shown in the figure.
  • barcodes and QR codesassociated to devices may be wirelessly read via optical means and converted to electrical signals.
  • the wireless devices are referred to herein as radio communication defining devices and the devices in Figure 1 A are merely illustrative as shall be understood that in an Internet of Things ecosystem any "thingVobjectVdevice" may become enabled with communication capabilities, so may be a radio communication defining device.
  • Figure I B shows different possible categories for radio communication defining devices. While some of those devices may be interpreted as belonging to a smart home environment, some others may be associated to categories such as smart cities, smart shops, Internet of Things in general, wireless sensors networks, active objects or other categories. These types of categories are well known and are only referenced in this description for illustration purposes.
  • FIG. 1 A a smartphone is shown with a proxy application that is able to receive input data from the radio communication defining devices, retransmitting it (or part of it) to a service provider. So in an example the smartphone is able to receive input signals from NFC, ZigBee, WiFi, Bluetooth, BLE, 2G/3G/4G devices or RFID tags, to process them via the proxy application, and to retransmit the information to the service provider.
  • an application operating as a mere proxy for information coming from radio communication defining devices will produce a set of problems, considering that in the future world there will be trillions of radio communication defining devices.
  • FIG. 2 illustrates again the same ecosystem of radio communication defining devices (i.e. an ecosystem of devices with wireless communication capabilities via NFC, ZigBee, WiFi, Bluetooth, BLE, 2G/3G/4G, RFID, etc.).
  • a personalized and contextual value proposition may be associated to any object, such that an "Internet of Things" service is provided when certain conditions are met.
  • the user is allowed to define himself (or a service provider to define for the user) the set of radio communication defining devices he would like to pair with, in order to receive presence-based services associated to any of them.
  • a presence related status is mobile-device-centric verified and sent to one or more service providers so that one or more defined presence-related services may be provided.
  • Figure 2 illustrates that some special areas have been personalized in the mobile device. Said personalization permits the mobile device to self-determine whether it is present or not into one or more special areas defined by the coverage or one or more radio communication defining devices.
  • the mobile device When signals from the radio communication defining devices are received by the mobile device, it is able to determine whether it is present or not into one or more special areas. To make that determination the mobile device uses information that has been stored in its memory during the referred personalization process, and in particular it uses data referred to herein as "checking data".
  • the stored checking data are used by the mobile device to determine whether or not a defining signal received from a radio communication defining device is or not a distinctive defining signal, where a received signal being distinctive means that itat least partly defines a special area.
  • the mobile device is prepared to receive defining signals from radio communication defining devices, and has to determine whether a defining signal received is or not a distinctive one. In a particular example the mobile device is ready to receive NFC defining signals from contactless POSs, but only those defining signals from certain POS (e.g. those belonging to merchants associated to the service provider) are distinctive (according to the checking data personalization into the mobile device).
  • Figure 3 illustrates coverage areas defined by the combination of the coverage of one or more radio communication defining devices. These coverage areas may be associated to a user ' s mobile device and to a set of services, and are named as special areas in the context in the invention.
  • the radio communication defining devices may be any type of short range wireless communications devices such as Bluetooth, WIFI, Bluetooth Low Energy, Zig Bee or NFC devices; and also long range wireless communication devices such as Base Stations (BTS) or micro/pico/femto cells from mobile network operators.
  • short range wireless communications devices such as Bluetooth, WIFI, Bluetooth Low Energy, Zig Bee or NFC devices
  • long range wireless communication devices such as Base Stations (BTS) or micro/pico/femto cells from mobile network operators.
  • BTS Base Stations
  • micro/pico/femto cells from mobile network operators.
  • the radio communication defining devices may be located in environments like airports, company's premises business centres, homes, train stations, the streets, areas outside a building, lights, bins, etc., and may be embedded in home appliances, vehicles, clothing, food packaging, meters, ATMs, etc.
  • Figure 3A shows an example of a special area defined by the sum of the coverage of three radio communication defining devices 1 (the figure illustrates three BTSs as an example).
  • the mobile device determines that it is present into the special area if it receives a distinctive defining signal from at least one of the three radio communication defining devices (the mobile device uses the appropriate checking data to perform said determination).
  • Figure 3A illustrates a scenario where a mobile device A determines that it is present into the special area because it is receiving distinctive defining signals from two radio communication defining devices (mobile device A uses the stored checking data to perform said determination).
  • Mobile device B has not been personalized for said special area, so in spite of it beingwithin the range of coverage of one of the radio communication defining devices, none of the received defining signals from said radio communication defining deviceis considered as being distinctive for mobile device B, and mobile device B is not present into the special area.
  • Figure 3B shows an example of a special area defined by the coverage of one radio communication defining device 2a (for example a wireless enabled washing machine or a car with an embedded Bluetooth communications).
  • a mobile device determines that it is present into the special area if it receives a distinctive defining signal from the radio communication defining device (the mobile device uses the appropriate checking data to perform said determination).
  • Figure 3C shows an example of a special area defined by the intersection of the coverage of two radio communication defining devices 2b and 2c.
  • the mobile device determines that it is present into the special area if it receives a distinctive defining signal from the two radio communication defining devices, each one defining the special area partly (the mobile device uses the appropriate checking data to perform said determination).
  • Figure 3D shows an example of a special area defined by the sum of the coverage of N radio communication defining devices 2d-2g (the figure illustrates only four of them).
  • the mobile device determines that it is present into the special area if it receives a distinctive defining signal from at least one of the N radio communication defining devices (the mobile device uses the appropriate checking data to perform said determination).
  • the N radio communication defining devices maybe, for example, all the wireless ATMs of a given bank; or all the BLE devices of a given merchant or set of merchants; or a set of wireless enabled home appliances that belongs to the user of the mobile device.
  • Figure 3D also illustrates a scenario where a mobile device A determines that it is present in the special area because it is receiving a distinctive defining signal from one radio communication defining device 2d (mobile device A uses the stored checking data to perform said determination).
  • Mobile device B has not been personalized for said special area, so in spite it is within the range of coverage of one of the radio communication defining devices 2e, none of the received defining signals from said radio communication defining device is considered as being distinctive for mobile device B, and mobile device B is not present into the special area.
  • Figure 3E shows an example of a special area defined by the coverage of one radio communication defining device 2h (for example a Pay per View wireless decoder).
  • a mobile device determines that it is present into the special area if it receives a distinctive defining signal from the radio communication defining device (the mobile device uses the appropriate checking data to perform said determination).
  • Figure 3F shows an example of a special area defined by the coverage of one radio communication defining device 2i (for example an ADSL WiFi router).
  • a mobile device determines that it is present into the special area if it receives a distinctive defining signal from the radio communication defining device (the mobile device uses the appropriate checking data to perform said determination).
  • the distinctive defining signal may contain radio communication defining device identification data and reliable information confirming that the radio communication defining device is effectively located into a predetermined environment.
  • the service provider advantageously avoids fraud linked to a possible shifting of the (portable) radio communication defining device.
  • the checking data stored into the mobile device and associated to the radio communication defining device includes said radio communication defining device identification data.
  • Figure 3F also illustrates a scenario where a mobile device A determines that it is present into the special area because it is receiving a distinctive defining signal from the radio communication defining device (mobile device A uses the stored checking data to perform said determination; and it is required for the received defining signal to be considered as distinctive that the reliable information received will confirm that the radio communication defining device will indicate that it is located into a predetermined environment).
  • Mobile device B is not within the range of coverage of the radio communication defining device, so it is not receiving the related distinctive defining signal, and it is not present into the special area.
  • a special area associated to a mobile device can be defined by one or more distinctive defining signals. Therefore the checking data may preferably contain information included in every distinctive defining signal defining completely a special area (each one defines it partially) and the mobile device tries to find any of this information in any defining signal received by use of comparison means.
  • the mobile device may receive defining signals that do not define any special area for it. In the case where the special area is defined by two or more distinctive defining signals, this special area may be the intersection of all or part of them or the global coverage of the defining signals.
  • the distinctive defining signals may be coded and the mobile device processing means include decoding means to decode the distinctive defining signals received.
  • a radio distinctive defining signal that at least partly defines a special area may be transmitted by a radio communication defining devices in the frequency range allocated to a mobile telephone network (in the case of certain devices, such as BTS, being part of the mobile telephone network of a given mobile telecom operator) or in a different frequency range (which would be the case for the large majority of radio communication defining devices in an loT ecosystem, transmitting information via NFC, BLE, Bluetooth, WiFi, ZigBee, etc.).
  • the radio distinctive defining signal that at least party defines the special area contains radio communication device identification data and the checking data stored into the mobile device and associated to this special area includes this radio communication defining device identification data.
  • This identification data may be a unique identifier of the radio communication defining device (e.g. a serial number for identifying a single manufactured unit; a BTS identification code; a MAC address; a UDID or new identifiers defining for Apple devices, etc.).
  • Processing means of the mobile device processes the defining signals received from radio communication defining devices and compare their radio communication device identification data with the checking data and determine whether one or more distinctive defining signals are received.
  • mobile device A receives from a radio communication defining device 2d its identification data and determines, comparing those data with stored checking data, that it receiving a distinctive defining signal and that it is present into the special area.
  • the checking data associated to the special area includes this at least part of the radio communication defining device identification data (e.g. using the generic part of the data that identify the bins in a city into the distinctive defining signal may be enough for the mobile device to determine it is present in the special area constituted by all the city bins and the mobile device may later send the related bin unique identifier data comprised into the updating signal, to request the city council service provider to empty the bin; e.g.
  • the predetermined environment may be one or more specific geographical locations (for example several fixed points into a restaurant) or a physical environment that can be mobile (for example a car, a plane or a boat). In a particular example the predetermined environment is defined by the provider of presence related services.
  • the reliable information comprised into thedistinctive defining signal confirms that the radio communication defining device is effectively located in a predetermined geographical environment when it is physically connected to any one of a set of fixed network connection points 3 defined for the special area and it is also authenticated into the fixed network through any of the mentioned fixed network connection points.
  • the radio communication defining device 2h also comprises means for communicatingwith the fixed network via any one of the set of fixed connection points 3.
  • some parameters are stored into the radio communication defining device during its configuration stage and such parameters are used by the radio communication defining device to perform the authentication process into the fixed network.
  • These connection points may be PSTN ('Public Switching Telephony Network') connectors for ADSL network services or electrical sockets for PLC ('Power Line Communication') home network services for example.
  • the reliable information comprised into thedistinctive defining signal confirms that the radio communication defining device is effectively located into a predetermined physical environment when:
  • the radio communication defining device 2h is physically connected to a system 3 as illustrated in Figure 3E registered and authorised by the presence services provider for the purposes of the invention and
  • the radio communication defining device is authenticated into the mentioned system.
  • parameters are stored in the radio communication defining device during its configuration stage and such parameters are used by the radio communication defining device to perform the referred authentication process into the system.
  • the system may be an embedded computer in a car or a boat and the radio communication defining device is authenticated into the system.
  • the radio communication defining device is configured to be located either in a geographical environment, such as for example the user's home, or into a physical environment, which may be mobile, such as for example the user's car, such environments being typically defined by the presence services provider.
  • reliable information may be comprised in the distinctive defining signal that confirms that the radio communication defining device is effectively located into a predetermined geographical environment when:
  • the radio communication defining device is able to receive a RBU signal from at least one radio broadcasting unit (RBU),
  • RBU radio broadcasting unit
  • the radio communication defining device receives, through the RBU signal from the RBU, the RBU identification data that are included into a
  • the storage of the RBU identification data into the radio communication defining device RBU identification data database may be done at the radio communication defining device configuration stage.
  • the RBU is a base station 4and the RBU identification data is a base station identification code.
  • the radio communication defining device is authenticated into the mobile telephone network comprising the base station and may receive the base station signal when it is located within the range of coverage of the base station.
  • processing means comprised in the mobile device may compare any radio communication defining device identification data received with the checking data stored in its internal mobile device database and determines that a radio defining signal received is a distinctive defining signal when:
  • radio defining signal is coded in a format predefined for a distinctive defining signal
  • the radio communicationdefining device identification data comprised into the defining signal is equal to at least one of the radio communication device identification data stored into the internal mobile device database for the special area and
  • the reliable information comprised into the defining signal confirms that the radio communication device is effectively located into a predetermined environment.
  • a special area may be defined by just one radio communication defining device or by many; and defining a special area may be the result of using radio communication defining devices transmitting information via a set of communication technologies (for example a BLE iron and a ADSL WiFi router may be used to define the same special area).
  • the special areas may be defined by the sum and/or the intersection of the coverage of a set of radio communication defining devices (e.g. an special area could be defined by the intersection of the coverage of a BTS and a WiFi router plus the sum of the coverage of all the hot spots from a given service provider in a city).
  • FIG. 4 is a schematic diagram illustrating an exemplary mobile system wherein a mobile telephone network is used to perform certain processes.
  • a mobile telephone network typically includes a large number of base stations and all the data processing means required to provide the telecommunication service to each mobile device serviced by said mobile network.
  • the mobile telephone network may be cellular or not.
  • FIG. 4 shows a system associated with one or more providers of presence related services in connection with the use of a mobile device and a set of radio communication defining devices that transmits radio distinctive defining signals where each distinctive defining signal at least partly defines a special area by its coverage.
  • At least a first radio communication defining device transmits a first distinctive defining signal and a second radio communication defining device transmits a second distinctive defining signal, the first distinctive defining signal at least partly defines a first special area by its coverage, the second distinctive defining signal at least partly defining a second special area by its coverage.
  • FIG. 4 illustrates an exemplary preparatory process of adding new checking data into one or more memories of two different service providers, SP1 and SP2, and later sending the checking data to the user mobile device for storage.
  • step (1 .a) a user inputs checking data related to some owned radio communication defining devices into a web interface of SP1 , and the checking data is stored in one or more memories of SP1 ; and also inputs some other checking data related to other owned radio communication defining devices into a web interface of SP2, and the other checking data is stored into one or more memories of SP2.
  • step (1 .a) several entities (e.g. a car manufacturer, an energy provider or a merchant) associated to a set of radio communication defining devices (e.g. wireless devices embedded into cars, PLC WiFi devices at users home location or iBeacon BLE devices at merchants locations) send checking data related to those devices to SP1 .
  • SP1 stores the checking data in one or more memories, and other entities associated to another set of radio communication defining devices send other checking data related to those other devices toSP2, which also stores the other checking data in one or more memories.
  • step (1 .a) SP1 stores some checking data related to some owned radio communication defining devices into one or more of its owned memories and SP2 also stores some checking data related to some owned radio communication defining devices into one or more of its owned memories.
  • step (2. a) the user downloads a mobile device application to enable presence related services from the corresponding applications store to the mobile device.
  • the application store may be Google Play for Android devices, iTunes for Apple devices and Blackberry World for Blackberry devices.
  • the mobile device application is already available in the mobile device memory when the mobile device is initially delivered to the user.
  • step (3. a) some special areas are defined by SP1 and some other special areas are defined by SP2. The definition of each special area relates to checking data associated to the one or more radio communication defining devices that defines it and, when a special area is defined by more than one radio communication defining device, to certain rules that also defines the special area (e.g.
  • a special area may be defined by the sum and/or intersection of the coverage of a set of radio communication defining devices as previously discussed in conjunction with Figure 3.
  • process (3. a) ends the checking data related to the referred special areas and the rules that defines the special areas are stored into the one or more memories of SP1 and SP2 respectively.
  • step (4. a) the stored checking data and associated special area rules are sent from SP1 to the mobile device that stores them in an internal memory of the mobile device; and the stored checking data and associated special area rules are also sent fromSP2 to the mobile device, which stores them in an internal memory of the mobile device.
  • the checking data and the associated special area rules related to special areas defined by SP1 are sent to the mobile device in the context of a registration process of the mobile device for those special areas.
  • the checking data and the associated special area rules are linked in the one or more memories of SP1 to a first identifier related to the mobile device (e.g. the smartphone IMEI), the identifier being sent from the mobile device to the SP1 in the context of the referred registration process.
  • a first identifier related to the mobile device e.g. the smartphone IMEI
  • OTP One Time Password
  • keys and parameters are sent from SP1 to the mobile device during the referred registration process, to be later used in the context of requesting presence related services from the mobile device to SP1 .
  • a PIN may also be selected by the user during the registration process, said PIN being later used to request certain presence related services from the mobile device; the same approach may apply in connection to SP2 and the related special areas.
  • Figure 8 describes this registration process in more detail.
  • the checking data,the associated special area rules and the OTP keys and parameters are stored into a memory of the mobile device that relates to a mobile device application, the mobile device application being the one determining the presence status of the mobile device into one or more special areas.
  • the mobile device Once the mobile device has been personalized for special areas presence determination, it is capable to monitor the presence of the mobile device in one or more special areasassociated to the mobile device. With reference to Figure 4, according to some implementations the following steps are involved.
  • step (1 .b) at least one radio communication defining device transmits repeatedly in at least a channel one radio distinctive defining signal that at least partly defines one of the special areas by its coverage.
  • step (2.b) the mobile device observes the channel and processes any signal received in order to determine whether or not it is receiving any defining signal;
  • step (3.b) the mobile device processes any defining signal received in order to determine, using the above referred checking data and the associated special area rules, whether or not the defining signal received is a distinctive defining signal that at least partly defines one or more of the special areas, and determines whether or not it is present in one or more of the special areas;
  • step (4.b) the mobile device sends an updating signal to a mobile telephone network comprising information about its presence in one or more of the special areas, where the updating signal sending is uncorrelated to any mobile device phone call establishment and comprises an identifier related to the mobile device;
  • step (5.b) the mobile telephone network routes the updating signal to one or more processing devices of SP2 (in this example the updating signal refers to an special area defined by SP2) that adapt in step (6.b) the value of at least one operating parameter depending on the presence of the mobile device in each of the special areas, and depending on such a presence status and other possible defined rules and verifications a presence related service may be provided by SP2 in step (7.b).
  • the updating signal refers to an special area defined by SP2
  • the service provider (SP1 or SP2 depending on whether one or the other defined the first special area) receives (step 6.b) from the mobile device via the mobile telephone network a first updating signal uncorrelated to any mobile device phone call establishment that identifies the mobile device ' s presence in at least the first special area, and the service provider (SP1 or SP2 depending on whether one or the other defined the second special area) receives from the mobile device via the mobile telephone network a second updating signal uncorrelated to any mobile device phone call establishment that identifies the mobile device ' s presence in at least the second special area, the first updating signal including a second identifier related to the mobile device, the second updating signal including a third identifier related to the mobile device,
  • This second and third referred identifiers related to the mobile device have the purpose to match each updating signal with a first mobile device identifier that is stored in the one or more memories of the corresponding service provider. According to some implementations the identifiers for a particular mobile device are the same.
  • step (6.b) the service provider (SP1 or SP2) derives from the first updating signal by one or more processing devices having access to at least a portion of the data whether or not the mobile device is present in the first special area, and deriving from the second updating signal by the one or more processing devices whether or not the mobile device is present in the second special area.
  • step 7.b the service provider (SP1 or SP2) enables or disables by use of the one or more processing devices a presence related service based upon the mobile device ' s presence or non-presence in the first special area, and the service provider enables or disables by use of the one or more processing devices a presence related service based upon the mobile device ' s presence or non-presence in the second special area.
  • a presence related service may be granted depending on the presence of the mobile device in the special area, but also depending on other additional considerations from the service provider.
  • the presence determination information may be enough to enable the presence related services as the secure element itself has the capability to securely store sensitive data and to establish a secure channel with the service provider system, via the mobile telephone network.
  • the mobile device application is to be entirely stored in the memory of the mobile device (it is the device memory where games, videos, productivity, music, health, messaging, applications from applications markets, and the like are stored), additional security measures and processes could be desirable to prevent certain type of attacks to gain unauthorized access to presence related services.
  • enabling the presence related service associated to the mobile device ' s presence in the first special area also depends on a successful validation by use of the one or more processing devices of the service provider of at least one One-Time-Password (OTP) that is sent from the mobile device and that is univocally correlated to the first updating signal, where at least one OTP is calculated based on information that is included in at least one of the distinctive defining signals that define the first special area, and enabling the presence related service associated to the mobile device ' s presence in the second special area also depends on successful validation by use of the one or more processing devices of the service provider of at least one One-Time-Password (OTP) that is sent from the mobile device and that is univocally correlated to the second updating signal.
  • OTP One-Time-Password
  • access to presence driven services relates to presence of the mobile device into one or more special areas but, on top of that, additional OTP-based authentication is performed by the one or more processing devices.
  • additional OTP-based authentication is performed by the one or more processing devices.
  • at least one of the OTP calculations is performed when the mobile device is present in a first special area, based on information from the context. If the context information does not relate to the mobile device being present into the first special area, then the validation of said OTP by the one or more processing devices would not (typically) be successful.
  • the method could also be deployed in scenarios where a secure element into the mobile device stores part of the mobile device application sensitive data.
  • the mobile device application is entirely stored in the referred mobile device memory, thus avoiding the aforementioned business model barriers and technical complexities for the service providers while simultaneously providing the appropriate security.
  • Figure 5 shows different scenarios to enable services related to radio communication defining devices.
  • a "thing" representation into the internet is driven, at least partly, from information provided to the internet by the object itself (or by another element "on behalf" of the object).
  • a city maintenance service can be managed more efficiently if each tree is equipped with a wireless sensor to be able to self-determine and inform to smart city services about when it requires special care, such that maintenance routes can be organized.
  • System A in Figure 5 shows a traditional Machine-To-Machine (M2M) approach where the "things” (RCDDs) are equipped with a SIM card and a data subscription; nevertheless, from a smart sensing perspective, the loT "objects” should generally be equipped with cheap, consumption efficient, short range communications (as shown in connection to systems B and C in Figure 5).
  • M2M Machine-To-Machine
  • the info comprised into the first signal is a "location" info that allows the server to generate a second signal that make server prediction about where the user is going to be in the future (e.g. if the calendar arrangement indicated that the user will arrive tomorrow morning to the office, then the second signal indicates to the office thermostat that the heating shall start at 08h 00).
  • the devices all have long range communications, fixed or mobile, so in case of the devices having long range mobile communications it relates to a traditional M2M approach as the one illustrated in figure 5 (A)and the rationale included herein below would apply.
  • the hub-device supporting proximity interactions with a multiplicity of "objects”, and being endowed with long range communications to deliver the "objects” related information to the internet and to the service provider.
  • the referred hub functions could be provided by dedicated devices (as illustrated for example, in system C of Figure 5), which the user would need to buy "in addition”, or be provided by a user mobile device (as shown in system B of Figure 5).
  • RCDDs wireless enabled things
  • System B of Figure 5 shows the user mobile device being used as the referred hub-device in the context of the potentially trillions of radio communication defining devices but furthermore also illustrates that in an efficient ecosystem, hub-related services shall be enabled by usingmobile centric presence determination methods.
  • the mobile device in system B the mobile device is able to self-determine its presence status around certain personalized special areas, defined each by the coverage of one or more radio communication defining devices, such determination being used to trigger presence related services; if mobile centric presence determination methods would not be used in the referred context, a set of problems would appear, as already commented in connection to Figure 1 A and further elaborated now in connection to Figure 6.
  • Figure 6 also shows different scenarios to enable services related to radio communication defining devices.
  • System A of Figure 6 shows a "hub” mobile device able to determine its proximity toradio communication defining devices ("objects”) and, only as a result of that proximity, a connection to the internet is established to send objects related information to a service provider.
  • objects such devices
  • Such approach would derive in systems being spectrally inefficient, chaotic and out of control, and to daily reduce the battery duration on the mobile device.
  • RCDDs wireless objects
  • they may usehub services from mobile devices (e.g. smartphones, tablets, etc.), the wireless objects being endowed with at least one of BLE, NFC, Bluetooth, WiFi or ZigBee short range communications.
  • BLE Bluetooth
  • WiFi WiFi
  • ZigBee short range communications In a "reference journey" of just one mobile device, it can move through the range of coverage of hundreds/thousands of those radio communication defining devices... every day.
  • the mobile device If the mobile deviceis tomake an internet connection simply for being in the proximity of any of the objects, the mobile device would attempt a connection to the internet hundreds if not thousands of times per day, although it is supposed that ⁇ 1 % of those connections would relate to a service associated to a user-related "thing" (RCDD), the rest being "channel garbage".
  • RCDD user-related "thing”
  • hub mobile device of system A of Figure 6 would not be able to offer an appropriate solution in terms of safe guarding user privacy (as it would be transmitting RCDDs-related information without control).
  • a smartphone from a user would be sending to the internet information about the washing machine of his neighbor as a result of being in the proximity of that "object" (RCDD).
  • RCDD "object"
  • this smartphone resources would be used without the owner ' s authorization to transmit information that is property of a third party. No doubt that a system based on such policies would systematically breach privacy rights of potentially billions of users, making it commercially infeasible.
  • Wireless "things" (RCDDs) related services enabled via mobile devices cannot be massively deployed without adequate personalization and user control.
  • System B of Figure 6 provides this by using "checking data" and special areas personalization in the mobile device which is used to match user related objects with user special areas; by using the checking data and the associatedspecial areas rules, presence status of the mobile device into user personalized coverage areas is determined. So it is possible to configure the system such that mobile device connections associated to RCDDs will be associated to presence of the mobile device into special areas defined by the coverage of one or more radio communication defining devices, so control, spectral efficiency and privacy are properly guaranteed.
  • system B of Figure 6 facilitates: - Usage of just-one technology for the entire ecosystem of "things” (RCDDs) in terms of presence related services, thus avoiding market fragmentation;
  • RCDDs presence-services related to the user ' s things
  • client-server-based one-time-use calculations may be used to securely authenticate a presence updating signal.
  • the one-time-use calculations depend on input data associated to radio communication devices, but only those radio communication devices associated to special areas personalized into the mobile device application may produce a successful authentication by the service provider processing the signal. So in those scenarios, on top of having the right mobile device and mobile device application personalization, the user must be in the right environment for an updating signal being accepted as authentic by the service provider.
  • Figure 7 is a schematic diagram that generally illustrates some functional blocks according to an implementation.
  • Figure 7 shows a legacy system 3000 of a service providerand a network presence system 5000 of the service provider.
  • the network presence system elements may be located in one server, or spread in several servers, or computers.
  • step (1 ) several entities (1001 ....
  • the checking data contains at least part of at least one unique identifier of the corresponding radio communication defining device (e.g. at least part of the serial number of a WiFi router), or at least part of at least one identifier of a radio communication defining device category (e.g.
  • part of the radio communication defining devices may be base stations of one or more mobile telephony networks, and other part may be wireless devices with short range communications capabilities such as Bluetooth, DECT, WIFI, Bluetooth Low Energy (BLE), Near Field Communications (NFC), Zig Bee, etc.
  • Some of the radio communication defining devices are endowed with special area location monitoring means, as those described in connection to figures 3E and 3F, to ensure that they are located in a predetermined environment (e.g. a pay TV wireless decoder is endowed with special area location monitoring means to ensure that presence related pay TV services are not provided if the decoder is moved out of the authorized location).
  • Special areas may be defined by distinctive defining signals from one or more radio communication defining devices, each one at least party defining at least one special area by its coverage; if a special area relates to several radio communication defining devices it may be defined by the sum and/or the intersection of the coverage of one or more distinctive defining signals from the radio communication defining devices; and also, in some cases, a defining signal being distinctive depends on the radio communication defining device being located in the planned location, as controlled by radio communication defining device special area location monitoring means, and reported by the radio communication defining device to the mobile device.
  • therules are defined at the presence system of the service provider (e.g. in the checking data andspecial areas module) and the related data for each special area is stored in one or more memories of the service provider (e.g. into the presence services database)and is sent to the mobile device to allow the mobile device to determine, together with the usage of the checking data, whether it is present or not into one or more special areas.
  • step (2) The user downloads in step (2) a presence-related mobile device application from the corresponding applications store (7000) to the mobile device (6000).
  • a presence-related mobile device application from the corresponding applications store (7000) to the mobile device (6000).
  • several of the special areas defined by the service provider are personalized into the mobile device application in the context of the registration process.
  • the mobile device application sends to the presence system of the service provider a first identifier (e.g. the smartphone IMEI) related to the mobile device, which is then linked to the checking data and the associated special area rules in the one or more memories of the service provider;
  • a first identifier e.g. the smartphone IMEI
  • OTP Time Password
  • the user selects a PIN (e.g. by keying the PIN into the mobile device) during the registration process, and the PIN is sent to the presence system and stored in the one or more memories of the service provider.
  • the PIN is linked to the checking data, the special area rules, the OTP keys and parameters and the first identifier related to the mobile device.
  • the checking data, the associated special area rules and the OTP keys and parameters are sent to the mobile device application in step (3), and are stored into a memory of the mobile device that relates to the mobile device application, the mobile device application being the one determining the presence status of the mobile device into the one or more personalized special areas.
  • So data capable of linking the mobile device to at least one special area is electronically stored in one or more memories of the service provider, the data including checking data of the radio communication defining devices defining the at least one special area, and a first identifier related to the mobile device; and there is a transmission via a mobile telephone network to the mobile device of at least a portion of the checking data.
  • step (4) the mobile device receives radio defining signals and/or radio distinctive defining signalsfrom radio communication defining devices (4000) and is able to determine in step (5), using the checking data, the mobile device application and the special areas presence determination rules, whether it is present or not in at least one special area.
  • the mobile device sends a presence updating signal from the mobile device application to the presence system of the service provider, via the mobile telephone network, the updating signal including a second identifier related to the mobile device.
  • the second identifier related to the mobile device has the purpose to match each updating signal with a first mobile device identifier that is stored in the one or more memories of the corresponding service provider.
  • the mobile device identifiers are the same.
  • the updating signal is sent to the presence system of the service provider at least one of: periodically; when the mobile device enters into, remains into, exits out or remains out of at least one special area.
  • the mobile device sends periodically (for example every 30 seconds) an updating signal about its presence into a special area, such updating signal comprising the result of the last determination performed by the mobile device about its presence into the special area.
  • An updating signal may be sent through a diversity of channels provided by the mobile telephone network (2G/3G/4G data connections, USSD, SMSs, etc.).
  • the data comprised into the updating signal will typically be coded by the mobile device and decoded by the one or more processing devices of the service provider.
  • the presence system of the service provider receives the updating signal and in step (7) derives from the updating signal by one or more processing devices having access to at least a portion of the data (e.g. data stored in the presence services database) whether or not the mobile device is present in at least one special area.
  • the presence updating signal comprises a One-Time-Password (OTP) result.
  • the OTP result is calculated in the mobile devicebased on information that is included in at least one of the distinctive defining signals that define the at least one special area.
  • the OTP result is calculated by the mobile device using as input data a predefined value for that scenario, stored (e.g. obfuscated) in the mobile device application database.
  • step (8) the OTP is verified by the security & OTP module of the presence service provider system.
  • step (9) the presence services module enables or disables the provision of at least one presence related service depending on the presence of the mobile device in one or more special areas; and also depending on successful validation by the security & OTP module of the referred OTP.
  • the presence system of the service provider enables or disables by use of the one or more processing devices at least one presence related service based upon the mobile device ' s presence or non-presence in one or more special areas; wherein according to some implementations,when the updating signal indicates that the mobile device is present in the at least one special area, enabling the at least one presence related service associated to the mobile device ' s presence in one or more special areas also depends on successful validation by use of the one or more processing devices of at least one One-Time-Password (OTP) that is sent from the mobile device and that is univocally correlated to the updating signal, where at least one of those OTPs is calculated based on information that is included in at least one of the distinctive defining signals that define the at least one special area.
  • OTP One-Time-Password
  • Figure 8 shows another implementationassociated with one or more providers of presence related services in connection with the use of a mobile device and at least a radio communication defining device that transmits a distinctive defining signal, the distinctive defining signal at least partly defines one or more special areas by its coverage. The following is described in detail in connection to the presence system of service provider 1 .
  • Figure 8 also shows other service providers of presence related services wherein each of service provider 2 and service provider 6 owns and operates its own presence system; service provider 3 owns and operates its own presence system, but also operates at least part of the presence system of service provider 4 and service provider 5; so the presence system of service provider 4 is partly operated by service provider 3 (on behalf of service provider 4); and the presence system of service provider 5 is also partly operated by service provider 3 (on behalf of service provider 5).
  • the presence system that is enabling/disabling presence related services associated to a set of users and users ' mobile devices is owned and operated by a set of different service providers of presence related services (each one owning/operating a part of it) and the one or more memories and processors of the presence system are spread in several servers, or computers.
  • Figure 8 also illustrates, in detail, an exemplary process to securely personalize one or more special areas into a mobile device application installed in a mobile device, to enable presence services provision.
  • step (1 ) the process to personalize or register one or more special areas in the mobile device application is described in detail in connection to one service provider (service provider 1 ), However, an equivalent registration and updating process may be used to make the mobile device or mobile device application(s) being personalized with many different presence related special areas defined by a multiplicity of service providers.
  • step (1 ) the user downloads a mobile device application from an applications store into his mobile device, and the application is then installed.
  • more than one mobile device application may be downloaded an installed for presence services enablement/disablement, each application being personalized for one or more special areas defined by one or more presence service providers.
  • step (2) a user inputs data (checking data) related to owned or associated radio communication defining devices into the presence system of the service provider 1 , via the web distribution channel of the service provider, and the data is stored in one or more memories of the presence system of the service provider (this storage is represented as "RCDD(CD)" in Figure 8).
  • the mobile device application in the mobile device may obtain and store the checking data into the mobile device application database (selecting, for example, a name for the special area such as "smart TV", "plant” or “bottle of medicines”)when being in the proximity of one or more radio communication defining devices, sending (e.g.
  • the mobile device application after acceptance by the user or operator via the mobile device keyboard) the data to the presence system of the service provider, via the mobile telephone network, for storage into one or more memories; also, the user (or an operator) may manually input checking data into the mobile device application, to be stored in the mobile device application database and tobe sent to the service provider system for storage into one or more memories.
  • a secret code as the one selected in step (1 1 ) herein below in connection to Figure 8 in the case of the user; or a service provider operator code in the case of the operator.
  • the checking data storage referred to in this paragraph is also represented as "RCDD(CD)" in Figure 8).
  • the mobile device application shall receive from the presence system of the service provider a confirmation that the checking data and the definition rules of the given special area have been properly stored and registered into the presence system of the service provider to then make said special area becoming activated into the mobile device application.
  • step (2) also in step (2) some checking data related to some owned radio communication defining devices into its own one or more memories.
  • the checking data storage referred to in this paragraph is also represented as "RCDD(CD)" in Figure 8).
  • the checking data contains at least part of at least one unique identifier of the corresponding radio communication defining device, or at least part of at least one identifier of a radio communication defining device category; and a radio communication defining device may be any wireless device with either long range or short range communications capabilities (Bluetooth, DECT, WIFI, BLE, NFC, Zig Bee, etc.), those devices being part of the Internet of Things ecosystem as a whole. Some of the radio communication defining devices may be endowed with special area location monitoring means as previously described.
  • step (3) some presence special areas are defined for the user.
  • the checking data and special areas module has defined some special areas using at least part of the checking data stored in step (2) and certain rules.
  • the rules may be related to a special area being defined by distinctive defining signals from one or more radio communication defining devices, each one at least partly defining the special area by its coverage; if a special area relates to several radio communication defining devices it may be defined by the sum and/or the intersection of the coverage of one or more distinctive defining signals from the radio communication defining devices; and also, in some cases, a defining signal being distinctive depends on the radio communication defining device being located in the planned location, as controlled by radio communication defining device special area location monitoring means, and reported by the radio communication defining device to the mobile device.
  • some special areas are defined just after the checking data are stored into the one or more memories of the service provider, after being received from user input, or from the mobile device application, or from the service provider itself, or from entities 1 ... N. According to some implementations some special areas are defined during the registration process of the mobile device applicationinto one or more special areas (or into the associated presence related services).
  • the user defines the special areas related to his owned and/or controlled radio communication defining devices via a web interface of the service provider; each entity 1001 -100N defines the special areas related to its owned and/or controlledradio communication defining devices via an interface withthe presence services provider; and the service provider defines the special areas related to its owned and/or controlled radio communication defining devices.
  • the service provider 3 defines special areas for users, on behalf of service provider 4 and service provider 5.
  • the relationship between the user (that is a customer of service provider 1 ), the related radio communication defining devices checking data and the special area rules defined for each special area is stored in the presence services database.
  • the database of service provider 1 may represent the storage and relationships as follows:
  • Steps (4) to (14) show the registration process of a mobile deviceapplication(in a mobile device) into a first special area (SA1 ) for presence services provision.
  • step (4) the user starts the process of registering at least one special area into the mobile device application by sending a request for registration via the web distribution channel of service provider 1 .
  • the request requires a prior payment to be made by the user, e.g. via the web distribution channel of service provider 1 , to have access to the presence related services associated to said at least one special area.
  • an activation code is generated for registering the mobile device application into each special area. So in step (5), and in connection to registering the mobile device application for the SA1 , theACs A iis generated by the security and OTP module, and it is stored, associated to SA1 ,into the presence services database of service provider 1 . According to some implementations a hash value of the ACSAI IS also calculated and stored; this hash value can be later used during this registration process, as detailed herein below. So, at this stage the data relationships into the presence services database of service provider 1 are the following:
  • step (6) the activation code (ACSA-I) for registering the mobile deviceapplication into SAi is displayed to the user via the web distribution channel of service provider 1 .
  • step (7) the user inserts the activation code (ACSA-I) for SA into the mobile device application and in step (8) the mobile deviceapplication in the mobile device sends to one or more processors of service provider 1 , e.g. via https, the hash(ACsA-i) and the Device ID (ciphered with hash(ACsA-i)-
  • the Device ID may be a unique identifier of the mobile device, such as for example the IMEI.
  • step (9) one or more processing devices of service provider 1 identifies the customer reference in connection to SA1 by using the received hash(ACs A i) value.
  • the Device ID ciphered value is then deciphered and stored into the presence services database of service provider 1 , as shown in Figure 8.
  • a new hash(Device ID &ACSAI) value is calculated by the one or more processing devices, and stored into the database, associated to theACs A i, and to the hash(ACsA-i) values; this hash(Device ID &ACSAI) value can be used later as described herein below. So, at this stage the data relationships into the presence services database of service provider 1 are the following:
  • OTP keys and parameters are generated/defined in step (9) by the security and OTP module, and are stored into the presence services database of service provider 1 .
  • the stored OTP keys and parameters are illustrated in Figure 8 as "OTP" in the database of service provider 1 . So at this stagethe data relationships into the presence services database of service provider 1 may be represented as:
  • step (10) the mobile device application is pre-personalized to enable presence related services for SAi.
  • Pre-personalization refers to a step previous to special areas final personalization and in this phase certain application data and configurations are sent to the mobile device application (e.g. OTPkeys and parameters for mobile device OTP related calculations; e.g. certain images, texts, graphics or icons related to presence services associated to SA1 ).
  • OTP keys and parameters may be used to calculate OTP results that uses the PIN as input data, as well as OTP results that do not (e.g. OTP results calculated using information that is included in at least one of the distinctive defining signals that define an special area; examples will be provided herein below).
  • step (10) the mobile device application in the mobile device ispre-registered for presence related services associated to SAi , but receiving checking data and SA1 presence related rules is still pendent.
  • step (9) in case that in step (9) the one or more processing devices determines that the receivedhash(ACsAi) value either does not exists in the database of the presence service provider 1 or the relatedACs A ihas expired (e.g. because the pre-registration process did not finalize within a designated time period after the ACSAI was generated and stored into the database of presence related services), then the pre-registration process fails and the user may start it again from step (4).
  • to makea special area of a provider of presence related services becoming at least partly registered in a mobile device requires the user inserting an activation code into the mobile device and a successful validation of said activation code by one or more processing devices.
  • the ACSAI is validated by validating the relatedhash(ACsA-i) value.
  • step (1 1 ) the user is prompted to select a Personal Identification Number (PIN) for presence related services associated to at least SA (as commented herein below, in some implementations the same PIN may be used to register into the mobile device more special areas related to service provider
  • PIN Personal Identification Number
  • the PIN value is not stored at the mobile device application but is securely sent in step (12), e.g. via https, to the presence system of service provider 1 , together with a One-Time-Password (OTP) that has been calculated using the PIN value and OTP keys and parameters stored in the mobile device applicationdatabase during the previously described pre-registration process; andthe hash(ACsAi) value is also sent, to be able to assign by the one or more processing devices the selected PIN and the OTP result to the right customer reference.
  • OTP One-Time-Password
  • step (13) the PIN is stored in the one or more memories of service provider 1 , in relationship with thepreviously stored keys and parameters for OTP calculations.
  • This PIN storage into the database of service provider 1 is labelled in Figure 8database as "PIN" data.
  • step (13) the one or more processing devices of service provider 1 calculates an OTP result using the stored user PIN and OTP keys and parameters, and compares the result with the one received from the mobile device application. If validation is successful thenSA-ican be personalized into the mobile device application database, and SA related checking data and rules can be sent to the mobile device application.
  • the service provider sends special arearelated checking data and rules to the mobile device application in the mobile device after successful validation of a One Time Password (OTP) received from the mobile device application.
  • OTP One Time Password
  • step (14) SA related checking data and rules are sent from the service provider 1 to the mobile device application; the mobile deviceapplication in the user mobile device receives the data and stores the data for later determination about whether the mobile device is present or not into SA-i . So when step (14) ends SA related personalization has been completed.
  • data capable of linking the mobile device to at least one special area is electronically stored in one or more memories of the service provider of presence related services, the data including checking data of the radio communication defining devices defining the at least one special area, and a first identifier related to the mobile device; and there is transmission via a mobile telephone network to the mobile device of at least a portion of the checking data.
  • the pre-registration and the registration process into at least one special area shall be made in the context of the same https session, such that the PIN shall be selected in the same session where the activation code is entered.
  • time period e.g. 2 minutes
  • step (15) the mobile device receives radio defining signals and/or radio distinctive defining signalsfrom radio communication defining devices and in step (16) is able to determine, using the checking data, the mobile device application and the presence determination rules, whether it is present or not in at least one special area, for example in SA .
  • step (17) the mobile device sends a presence updating signal (about its presence status in SA from the mobile device application to the presence system of service provider 1 , via the mobile telephone network.
  • the presence updating signal is sent to the service provider at least one of: periodically; when the mobile device enters into, remains into, exits out or remains out of at least one special area.
  • the presence updating signal also comprises a One-Time-Password (OTP) result.
  • OTP One-Time-Password
  • the OTP result is calculated based on information that is included in at least one of the distinctive defining signals that define SA1 (as illustrated in connection to step (17) of Figure 8).
  • the OTP result is calculated by the mobile device application using as input data a predefined value for that scenario, stored (e.g. obfuscated) into the mobile device application database.
  • the updating signal indicates that the mobile device is not present in a special area, then an OTP is not calculated by the mobile device.
  • the updating signal also comprises the hash(Device ID&ACSAI), to be able to match at the presence system of service provider 1 the updating signal about the presence status of the mobile device into SA-i , with the right customer reference and with the rest of the related parameters into the database of service provider 1 ; and to validate the OTP result using the appropriate keys, parameters and input data.
  • the presence system of the service provider receives the presence updating signal that identifies the mobile device ' s presence in SAi and in step (18) derives from the updating signal by one or more processing devices having access to at least a portion of the data (stored in the presence services database of Figure 8) whether or not the mobile device is present in SA-
  • step (19) the OTP that was comprised into the presence updating signal is validated by the security & OTP module of the presence service provider 1 .
  • the presence services module of the service provider 1 enable or disable by use of one or more processing devices at least one presence related service based upon the mobile device ' s presence or non- presence into SAi ; and also depending on successful validation by the security & OTP module of the service provider 1 of the referred OTP that was comprised into the presence updating signal.
  • the presence system of the service provider enables or disables by use of the one or more processing devices at least one presence related service based upon the mobile device ' s presence or non-presence in one or more special areas; wherein when the updating signal indicates that the mobile device is present in the at least one special area, enabling the at least one presence related service associated to the mobile device ' s presence in one or more special areas also depends on a successful validation by use of the one or more processing devices of at least one One-Time-Password (OTP) that is sent from the mobile device and that is univocally correlated to the updating signal, where at least one OTP is calculated based on information that is included in at least one of the distinctive defining signals that define the at least one special area.
  • OTP One-Time-Password
  • Figure 9 shows another implementationassociated with several providers of presence related services in connection with the use of a mobile device and at least a radio communication defining device that transmits a distinctive defining signal, the distinctive defining signal at least partly defines one or more special areas by its coverage.
  • the implementation of Figure 9 will be described in connection to a first provider of presence related services (service provider 1 in Figure 9), and a second provider of presence related services (service provider 2 in Figure 9). It is assumed thatthe registering of special areas has already occurred and that the mobile device application has been successfully registered for five specials areas defined by service provider 1 (SA-i, SA 2 , SA 3 , SA 4 and SA 5 ) and four special areas defined by service provider 2 (SAA, SAB, SAc and SA D ). [0261 ] So, at this stage the data relationships into the presence services database of service provider 1 may be represented as follows:
  • An activation code has been generated for registering the mobile device application into each special area.
  • the mobile device application has been personalized to enable presence related services forSAi , SA 2 , SA 3 , SA 4 and SA 5 .
  • the same PIN has been used to register the five special areas (it was selected when registering the mobile device for the first special area and the same PIN was later also used in step (12) of Figure 8 to register the other four special areas). According to other implementations different PINs may be used to register the different sets of special areas.
  • thesame PIN is used by the user in connection to the OTP(PIN) calculations associated to any of the five referred special areas.
  • the OTP keys and parameters have beendefined per each special area, and are stored in the database of service provider 1 (as show in Figure 9); and have been sent and are stored in the database associated to the mobile device application.
  • data capable of linking the mobile device to at least one special area is electronically stored in one or more memories of the service provider 1 , the data including checking data of the radio communication defining devices defining the at least one special area, and a first identifier related to the mobile device; and there is transmission via a mobile telephone network to the mobile device of at least a portion of the checking data.
  • the mobile device receives radio defining signals and/or radio distinctive defining signals from radio communication defining devices and is able to determine, using the checking data, the mobile device application and the presence determination rules, whether it is present or not in at least one special area.
  • a radio defining signal from a radio communication defining device may, for example, be transmitted on a continuous or periodical basis; and the mobile device observation about whether or not it is receiving any defining signal can also becontinuous or periodical.
  • Figure 9 shows several examples of the mobile device sending a presence updating signalabout its presence status into any of the special areas SAi, SA 2 , SA 3 , SA 4 and SA 5 , from the mobile device application to the presence system of service provider 1 , via the mobile telephone network.
  • example (1 ) illustrates the scenario of the updating signal SAi being sent when the mobile device is present into SAi(e.g. when enters into SA-i) and the OTP result being calculated based on information that is included in at least one of the distinctive defining signals that define SAi.
  • the updating signal also comprises a reference to the checking data that has been used as input data to calculate the OTP result, such that one or more processing devices in the service provider 1 system will be able to make the relative OTP calculation and to proceed with the validation of the OTP received.
  • the OTP result would be calculated by the mobile device application using as input data a predefined value for that scenario, known by the service provider 1 and stored into the server database in connection to the given customer reference and special area, and also stored (e.g. obfuscated) in the mobile device application database (this scenario is not illustrated in Figure 9).
  • the updating signal indicates that the mobile device is not present in a special area, then an OTP is not calculated by the mobile device.
  • the hash(Device ID & ACsAi) can be used to match at the presence system of service provider 1 the updating signal about the presence status of the mobile device in SA-i , with the right customer reference and with the rest of the related parameters in the database of service provider 1 ; and to validate the OTP result using the appropriate keys, parameters and input data.
  • the presence system of service provider 1 receives the presence updating signal that identifies the mobile device ' s presence in SA andderives from the updating signal by one or more processing devices having access to at least a portion of the data (stored in the presence services database of Figure 9) whether or not the mobile device is present in SA-i .
  • the presence services module of the service provider 1 enables or disables by use of one or more processing devices at least one presence related service based upon the mobile device ' s presence or non-presence in SA ⁇ and also depending on successful validation by the security & OTP module of the service provider 1 of the referred OTP that was comprised into the presence updating signal.
  • the mobile device also sends an updating signal about its simultaneous presence in SA 3 and SA 4 .
  • Example (2) illustrates the scenario of the updating signal SA 3 andSA 4 being sent when the mobile device is present in both special areas (e.g. when enters into SA 3 and remains into SA 4 ) and there is a first OTP result being calculated based on information that is included in at least one of the distinctive defining signals that define SA3 and a second OTP result being calculated based on information that is included in at least one of the distinctive defining signals that define SA4.
  • the updating signal also comprises a reference to the checking data that has been used as input data to calculate the first OTP SA3 result and a reference to the checking data that has been used as input data to calculate the second OTPSA4 result, such that one or more processing devices in the service provider 1 system will be able to make the relative OTP calculations and to proceed with the validation of the OTPs received.
  • the presence system of the service provider 1 receives the presence updating signal that identifies themobile device ' s presence in SA 3 and SA 4 and derives from the updating signal by one or more processing devices having access to at least a portion of the data (stored in the presence services database of Figure 9) whether or not the mobile device is present in SA 3 and SA 4 .
  • the presence services module of the service provider 1 then enables or disables by use of one or more processing devices at least one presence related service based upon the mobile device ' s presence or non-presence into SA 3 , and also depending on successful validation by the security & OTP module of the service provider 1 of the referred OTP S A3 that was comprised into the presence updating signal.
  • the updating signal processing determines that the mobile device was present inSA 3 and the validation of the OTPsA3result is positive (i.e. the received OTP is equal to the one calculated at the service provider 1 system) then the at least one presence related service is enabled and can be provided.
  • Example (3) illustrates the scenario of the updating signal SA 5 being sent when the mobile device is present inSA 5 (e.g. when remains into SA 5 ) and there is an OTP result being calculated based on the user inputting the PIN in the mobile device application via the mobile device keyboard.
  • the presence system of the service provider 1 receives the presence updating signal that identifies the mobile device ' s presence in SA 5 and derives from the updating signal by one or more processing devices having access to at least a portion of the data (stored in the presence services database of Figure 9) whether or not the mobile device is present in SA 5 .
  • the presence services module of the service provider 1 then enables or disables by use of one or more processing devices at least one presence related service based upon the mobile device ' s presence or non-presence inSA 5 , and also depending on successful validation by the security & OTP module of the service provider 1 of the referred OTPSAS that was comprised into the presence updating signal.
  • the updating signal processing determines that the mobile device was present inSA 5 and the validation of the OTPsAsresult is positive (i.e. the received OTP is equal to the one calculated at the service provider 1 system) then the at least one presence related service is enabled (or remains enabled) and can be provided.
  • the definition ofone or more special areas may change: new checking data may be added; some checking data may be modified, or deleted; and the rules defining special areas may change. Those changes would be reflected into the one or more memories of the service provider (in the database of service provider 1 or the one of service provider 2, as applicable in the implementation of Figure 9).
  • the old special area may become disabled in the database of the service provider, and a new definition is stored in the database.
  • a new activation code to make the new special area definition being personalized into the database associated to the mobile device application.
  • the updating can be made upon the user inserting the PIN in the context of a presence updating signal to the sent.
  • the one or more processing devices of service provider 1 identify that there is a pending updating of SA 2 personalization into the mobile device application, and said updating is then made(upon a successful prior validation of the received OTP(PIN) value)in the context of the https session that is open in connection to the transmission of the updating signal SA 5 . So in this example, when the referred https connection is closed, the SA 2 personalizationhas been successfully updated into the database of the mobile device that is associated to the mobile device application.
  • the presence services related to the special areas associated to a given PIN are blocked inthe presence system of service provider 1 after a number of wrong consecutive PIN entries (e.g. 3).
  • a wrong PIN entry is accounted when the result of the OTP(PIN) verification, that uses the PIN stored into the database of service provider 1 , and OTP keys and parameters, to calculate an OTP result that is compared with the OTP result received from the mobile device application, determines that the entered PIN was not correct.
  • a different PIN value may be associated to each special area; or to a group of special areas.
  • Figure 9 shows, in connection to service provider 2, that a PIN B has been selected when registering the mobile device application to SA B and a PIN D has been selected when registering the mobile device application to SA D .
  • An activation code has been generated for registering the mobile device application into each special area.
  • the mobile device application has been personalized to enable presence related services for SA A , SA B , SA c and SA D .
  • PIN B has been used to register the mobile device application to SA B and PIND has been used to register the mobile device application to SAD.
  • PIN B is used by the user in connection to theOTP calculations associated to SA B that required the PIN as input data for the calculation
  • PIND is used by the user in connection to those OTP calculations associated to SAD that required the PIN as input data for the calculation
  • the OTP keys and parameters are common to the four special areas, and are stored into thedatabase of service provider 2 and have been sent and are stored in the database associated to the mobile device application.
  • Data capable of linking the mobile device to at least one special area is electronically stored in one or more memories of the service provider 2.
  • the data may include checking data of the radio communication defining devices defining the at least one special area, and a first identifier related to the mobile device; and there is transmission via a mobile telephone network to the mobile device of at least a portion of the checking data.
  • Figure 9 shows several examples of the mobile device sending a presence updating signal about its presence status in any of the special areas SAA, SAB, SAcand SAD, from the mobile device application to the presence system of service provider 2, via the mobile telephone network.
  • the mobile device sends an updating signal about its presence in SAD.
  • Example (4) illustrates the scenario of the updating signal SA D being sent when the mobile device is present inSA D (e.g. when enters into SA D ) and there is an OTP result being calculated based on the user inputting the PIND in the mobile device application via the mobile device keyboard.
  • the hash(Device ID & ACSAD) may be used to match at the presence system of service provider 2 the updating signal about the presence status of the mobile device in SA D , with the right customer reference and with the rest of the related parameters into the database of service provider 2; and to validate the OTP result using the appropriate keys, parameters and input data.
  • the presence system of the service provider 2 receives the presence updating signal that identifies the mobile device ' s presence in SAD and derives from the updating signal by one or more processing devices having access to at least a portion of the data (stored in the presence services database of Figure 9) whether or not the mobile device is present in SAD.
  • the presence services module of the service provider 2then enables or disables by use of one or more processing devices at least one presence related service based upon the mobile device ' s presence or non-presence inSA D , and also depending on successful validation by the security & OTP module of the service provider 2 of the referred OTP(PIND) that was comprised into the presence updating signal.
  • the updating signal processing determines that the mobile device was present in to SA D and the validation of the OTP(PIN D )result is positive (i.e. the received OTP is equal to the one calculated at the service provider 2 system) then the at least one presence related service is enabled (or remains enabled) and can be provided.
  • the mobile device also sends an updating signal about its presence in SAc.
  • example (5) illustrates the scenario of the updating signal SAcbeing sent when the mobile device is present inSAc (e.g. when remains inSA c ) and the OTP result being calculated based on information that is included in at least one of the distinctive defining signals that define SA C .
  • the updating signal also comprises a reference to the checking data that has been used as input data to calculate the OTP result, such that one or more processing devices in the service provider 2 system will be able to make the relative OTP calculation and to proceed with the validation of the OTP received.
  • the updating signal SAc indicates that the mobile device is not present inSA c
  • the OTP is calculated by the mobile device application using as input data a predefined value for that scenario, known by the service provider 2 and stored in the server database in connection to the given customer reference and special area, and also stored (e.g. obfuscated) in the mobile device application database (this scenario is not illustrated in Figure 9).
  • the presence system of service provider 2 receives the presence updating signal that identifies the mobile device ' s presence in SA C and derives from the updating signal by one or more processing devices having access to at least a portion of the data (stored in the presence services database of Figure 9) whether or not the mobile device is present in SAc.
  • the presence services module of the service provider 2 then enables or disables by use of one or more processing devices at least one presence related service based upon the mobile device ' s presence or non-presence in SAc; and also depending on successful validation by the security & OTP module of the service provider 2 of the referred OTP that was comprised into the presence updating signal.
  • Example (6) illustrates the scenario of the updating signal SA B being sent when the mobile device is present in special area SA B (e.g. when enters into SA B ) and there is a first OTP result being calculated based on the user inputting the PIN B in the mobile device application via the mobile device keyboard and a second OTP result being calculated based on information that is included in at least one of the distinctive defining signals that define SA B .
  • the updating signal also comprises a reference to the checking data that has been used as input data to calculate the second OTP(CDSAB) result, such that one or more processing devices in the service provider 2 system will be able to make the relative second OTP calculations and to also proceed with the validation of the second OTP received.
  • a single OTP result would be calculated by the mobile device application using as input data a predefined value for that scenario, known by the service provider 2 and stored into the server database in connection to the given customer reference and special area, and also stored (e.g. obfuscated) into the mobile device application database (this scenario is not illustrated in Figure 9).
  • the presence system of the service provider 2 receives the presence updating signal that identifies the mobile device ' s presence in SAB and derives from the updating signal by one or more processing devices having access to at least a portion of the data (stored in the presence services database of Figure 9) whether or not the mobile device is present in SA B .
  • the presence services module of the service provider 2 then enables or disables by use of one or more processing devices at least one presence related service based upon the mobile device ' s presence or non-presence inSAe, and also depending on successful validation by the security & OTP module of the service provider 2 of the referred OTP/OTPs that was/were comprised in the presence updating signal.
  • the definition of one or more special areas e.g. related to the service provider 2 may change: new checking data may be added; some checking data may be modified, or deleted; the rules defining special areas may change; some special area is disabled. Those changes would be reflected in the one or more memories of the service provider 2.
  • the SA C and SA D special areas personalization has been successfully updated (e.g. SA c has been deactivated and SAcChecking data and rules has been modified) into the database of the mobile device that is associated to the mobile device application.
  • Figure 10 representsan exemplary presence relateddatabaseof one service provider.
  • the figure shows a parameters database like the one described in connection to service provider 1 of Figure 9, where the mobile device application has already become successfully registered for five specials areas defined by service provider 1 (SA-i , SA 2 , SA 3 , SA 4 and SA 5 ).
  • the illustrated parameters database links the five special areas with three mobile devices identification codes MD(i-1 ), MD(i) and MD(I+1 ), each of which have an entry, (i-1 ), (i) and (i+1 ).
  • the mobile device application of the three mobile devices has been personalized to enable presence related services for SAi, SA 2 , SA 3 , SA 4 and SA 5 .For simplicity, the examples provided herein below only refer to mobile device MD(i).
  • An activation code (AC) has been generated for registering the mobile device application into each special area and this code is stored in column (c) in connection to each special area for mobile device MD(i).
  • the same PIN has been used to registerMD(i) in the five special areas and its storage is illustrated in the last column of Figure 10, in connection to entry (i). Also the customer reference is illustrated in relationship to entry (i).
  • the OTP keys and parameters have been defined per each special area, and are stored in column (f) in connection to each special area.
  • the hash values calculated by one or more processing devices of service provider 1 during the pre-registration process of the mobile device application into each special area have been stored in columns (d) and (e) respectively, in connection to each special area associated to mobile deviceMD(i).
  • one or more processing devices having access to at least a portion of the parameters/data adjust the value of at least one operating parameter of the parameters database linking the special areas and the mobile device.
  • the value of the operating parameter(s) depends on the information contained in the updating signal about the presence of the mobile device into one or more special areas (and sometimes depends also on information that is correlated to the updating signal).
  • operatingparameters related to some presence related services are enabled or remain enabled in the referred parameters database when the information contained in the updating signal indicates that the mobile device has recently entered or remains located in the corresponding special area; and also operating parameters related to some presence related services are enabled or remain enabled in the referred parameters databasewhen there is a successful validation by the security & OTP module of the service provider 1 of the at least one OTP that was comprised into the presence updating signal.
  • operatingparameters related to some presence related services are disabled or remain disabled in the referred parameters database when the information contained in the updating signal indicates that the mobile device recently left or remains out of the special area; and also operating parameters related to some presence related services are disabled or remain disabled in the referred parameters databasewhen there is a negative validation by the security & OTP module of the service provider 1 of at least one OTP that was comprised into the presence updating signal.
  • the first column of the database of Figure 10 comprises the mobile devices identification codes.
  • a mobile device identification code refers to a unique codeof the mobile device such as, for example, the IMEI.
  • the definition rules and the set of checking data formobile device MD(i) in connection to the special area SA 1 ; defined in column (a) of the entry (i) contains :
  • a checking data 650 comprised in the distinctive defining signal of a first radio communication defining deviceRCDDI (e.g. the identification code of RCDD1 ), such distinctive defining signal defines the special area SA 1 ;
  • a first radio communication defining deviceRCDDI e.g. the identification code of RCDD1
  • - checking data 652 comprised in the distinctive defining signal of a second radio communication defining device RCDD2 (e.g. the identification code of RCDD2), such distinctive defining signal also defines the special area SA 1 ; and
  • a checking data 654 comprised in the distinctive defining signal of a third radio communication defining device RCDD3 (e.g. the identification code of RCDD3), such distinctive defining signal also defines the special area
  • the mobile device determines that it is located in the special area SA ⁇ when it receives at least one of the three identifiers 650, 652, 654 comprised in the distinctive defining signals coming from RCDD1 , RCDD2 and RCDD3, that is when it is located within the range of coverage of any of the three distinctive defining signals (according to one implementation, in the case of the defining signal of RCDD2, in order to consider that such defining signal is a distinctive defining signal, it will additionally be necessary that the reliable information comprised into the defining signal confirms that RCDD2 is effectively located in a predetermined environment).
  • the value of column (b) for the mobile device MD(i) and for the special area SAi is enabled ('+') or disabled ('-') at a given time depending on whether or not the service provider receives a confirmation of new checking data from this mobile device confirming that all the checking data corresponding with the special area has been successfully stored into this mobile device (based on the same principle, it would also be possible to add another column in the parameters database to monitor the reception of confirmations of deactivation of checking data and another one to monitor the reception of confirmations of modification of checking data for a given special area).
  • the value of column (b) for MD(i) is enabled (+) for the special area SA ⁇
  • the value of column (b) for the mobile device MD(i) and for the special area SA1 contains a set of values enabled ('+') or disabled ('-'), one for each checking data.
  • the column (g) corresponding to the operating parameter "Mobile Device Control Flag" is enabled ('+') or disabled ('-') at a given time for the mobile device MD(i) and for the special area SAi depending on the information comprised into the updating signals received about the presence of the mobile device into the special area SA .
  • the mobile device MD(i) is supposed to be in SA1 as the operating parameter "Mobile Device Control Flag" (g) is enabled ('+').
  • the column (h) corresponds to the result of the validation by the security & OTP module of the service provider 1 of the at least one OTP that was comprised in the presence updating signal.
  • the validation has been positive (meaning that the received at least one OTP has been equal tothe at least one calculated by the security and OTP module) and the "OTP validation result" is enabled(V).
  • the 'Service identifier' parameter is then set at ⁇ ' and in the column (I), the 'Service Flag' of said service ⁇ ' is enabled ('+').
  • the 'Service identifier' parameter is set at 'ZZZ' and in the column (n), the 'Service Flag' of said service 'ZZZ' is disabled ('-') because service ZZZ is disabled at that time for the mobile device MD(i) and the special area SA1 .
  • the set of columns (a), (b) and (g) to (n) provides the same kind of information for the special area SA 5 .
  • the set of special area rules and checking data of mobile device MS(i) (column a) refers to radio communication defining device RCDD4 with the checking data 656, FtCDD5with the checking data 658 and RCDD6 with the checking data 660 for the special area SA 5 .
  • the value of column (b) for MS(i) is disabled (-)
  • the operating parameter "Mobile Station Control Flag" (column g) is disabled ('-')
  • the operating parameter "OTP validation result" (column h) is disabled ('-').
  • Service 'PPP' (column i) is enabled ('+' in column j)
  • service 'QQQ' (column k) is enabled ('+' in column I)
  • service 'RRR' (column m) is enabled ('+' in column n).
  • the service PPP and the services QQQ and RRR are associated to mobile station MS(i) when it is in the special area SA 5 .
  • the one or more memories and the one or more processing devices reside in one or more servers of one or more providers of presence related services.
  • Figure 1 1 illustrates part of an implementationassociated withenabling or disabling by use of the one or more processing devices a presence related service based upon the mobile device ' s presence or non-presence in at least one special area.
  • This implementation is associated with the use of a mobile device and at least one radio communication defining device that transmits a distinctive defining signal that at least partly defines a special area by its coverage, the distinctive defining signal including data.
  • Figure 1 1 shows in step (1 ) the process of receiving and processing one or more defining signals from radio communication defining devices in the mobile device to determine in step (2), based on a previously obtained at least portion of the data, whether the one or more defining signals are one or more distinctive defining signals and to determine whether or not the mobile device is present in the at least one special area.
  • step (3) the mobile device sends via a mobile telephone network an updating signal to one or more servers of a provider of presence related services about the mobile device ' s presence in the at least one special area, the updating signal being sent at least one of (i) periodically, (ii) at times recent to when the mobile device enters into or exists from the special area, (iii) when the mobile device remains in the special area and (iv) when the mobile device remains outside the special area.
  • the mobile device also sends via a mobile telephone network to one or more servers of a provider of presence related services at least one One-Time-Password (OTP) that is univocally correlated to the updating signal.
  • OTP One-Time-Password
  • the mobile device sends the at least one OTP when the updating signal indicates that the mobile device is present in at least one special area and at least one OTP is calculated based on information that is included in at least one of the distinctive defining signals that define the at least one special area.
  • at least one OTP is calculated using a user PIN as input data for the calculation.
  • the at least one OTP is only sent, contextually to the sending of the presence updating signal, when the mobile device is present in at least one special area. In other implementations the at least one OTP is also sent when the mobile device is not present into any special area.
  • FIG. 1 illustrates a set of mobile device applications (MDA) where:
  • MDA1 relates to service provider 1 that is a smartphones vendor.
  • - MDA2 relates to service provider 2 that is a provider of smart cities presence services.
  • MDA3 relates to service provider 3, that is a provider of Internet of Things presence services; this service provider enable presence services for service providers type 3. a (car vendors), service providers type 3.b (merchants), service providers type 3.c (banks), service providers type 3.d (transportation entities), etc.
  • MDA4 relates to a service provider 4, that is a contents provider.
  • MDA5 relates to a service provider 5, that is a telecom operator.
  • Figure 1 1 illustrates that SA ; SA 2 and SA 3 have been personalized in MDA1 ; SA 4 and SA 5 have been personalized in MDA2; SA 6 to SA 2 o have been personalized in MDA3; SA 2 i and SA22 have been personalized in MDA4; and SA23 and SA 24 have been personalized in MDA5.
  • Figure 1 1 also illustrates several examplesrelated to information that may be sent either comprised in the presence updating signal or related to it (for simplicity the hash values have not been illustrated in the following examples. Previous examples have described how the hash values may be comprised into the updating signal.
  • MDA1 determines that the mobile device is present inSA ⁇ nd sends a presence updating signal to the presence system of the service provider 1 .
  • the updating signal SA-i is sent when the mobile device is present in SAi (e.g.
  • the updating signal when enters into SA-i) and an OTP result comprised in the updating signal is calculated based on the user inputting the PIN via the mobile device keyboard and also based on information that is included in at least one of the distinctive defining signals that define SAi.
  • the updating signal also comprises a reference to the checking data that has been used as input data to calculate the OTP result, such that one or more processing devices in the service provider 1 system will be able to make the relative OTP calculation and to proceed with the validation of the OTP received.
  • the OTP comprised into the updating signal SA-i is calculated using the checking data of RCDDx and RCDDy, which at least partly defines SAi , and the PIN.
  • MDA1 determines that the mobile device is present inSA 3 and sends a presence updating signal to the presence system of the service provider I .
  • the updating signal SA 3 comprises a first OTP that is calculated based on information that is included in at least one of the distinctive defining signals that define SA 3 (in this example the updating signal also comprises a reference to the checking data that has been used as input data to calculate the OTP result); and a second OTP that is calculated based on the user inputting the PIN via the mobile device keyboard.
  • the updating signal SA 3 is sent with a delay from the instant when the presence of the mobile device into SA 3 was determined. This delay may be due to lack of data connectivity when an attempt for sending it was made, or because the mobile device application is programed to send the updating signalsometime after it was prepared for sending.
  • theupdating signal SA 3 comprises a first OTP(CD SA3 ), associated to the mobile device having been into SA 3 (defined byCDsA3) at the time of presence determination, and a second OTP(PIN), calculated at the time when theupdating signal SA 3 is really going to be sent after the user inserts the PIN.
  • MDA2 determines that the mobile device is present inSA 5 and sends a presence updating signal to the presence system of the service provider 2.
  • the updating signal SA 5 comprises an OTP, the reference to the checking data used for the calculation and a request to access to a service (together with the service related information).
  • MDA3 determines that the mobile device is present inSAio and sends a presence updating signal to the presence system of the service provider 3.
  • the updating signal SA 0 comprises an OTP, the reference to the checking data used for the calculation and a request to access to a multimedia content.
  • MDA3 determines that the mobile device is present inSA and sends a presence updating signal to the presence system of the service provider 3.
  • the updating signal SA 4 comprises an OTP and the reliable information received from one or more radio communication defining devices (which are endowed with special area location monitoring means of those referred to in connection with Figure 3) that at least partly defineSA .
  • the reliable information is sent together with the associated checking data, such that one or more processing devices of service provider 3 will be able to identify the related RCDDs and its associated data and parameters.
  • MDA3 determines that the mobile device is present in two special areas, SA19 andSA 2 o, and sends a presence updating signal to the presence system of the service provider 3.
  • the updating signal SA 9 andSA 2 o comprises an OTP S AI 9 (and the reference to the checking data used for the calculation) and an OTP S A2o (and the reference to the checking data used for the calculation).
  • MDA4 determines that the mobile device is present in special area SA22 and sends a presence updating signal to the presence system of the service provider 4.
  • the updating signal SA22 comprises an OTPSA22 (and the reference to the checking data used for the calculation) and credential data calculated at the security & OTP module of service provider 4 and sent to the mobile device application as explained in step (14) of Figure 8. Verification of credential data is necessary to give access to a presence service related to the special area.
  • credentials data is sent when SA22 personalization is made; and one of them is sent comprised in apresence updating signal as an additional presence signalauthentication token.
  • Credentials may be renewed in the mobile device application database in the context of updating signals such as those referred to in (3) and (6) of Figure 9.
  • the credentials are unstructured data and have been securely obfuscated via a PIN related calculation, before being sent for storage into the mobile device application database. So in this scenario a correct PIN entry into the mobile device would be necessary to send a properly non-obfuscated credential comprised into a presence updating signal.
  • the credentials are payment credentials and at least one of them must be verified by, for example, a bank (an entity type 3.c in the context of Figure 1 1 ) as a precondition for the presence related service to be provided. So advantageously said presence service is only provided after an associated on-line payment has been made.
  • the presence related service isthe on-line payment itself
  • payment acceptance could depend on being present in the special area and also on the successful validation of the OTP.
  • the above referred credential (unstructured data) is used to calculate an OTP(credential) result, that is sent comprised in a presence updating signal, the credential being de-obfuscated (by using the PIN entered by the user) before being used for the OTP calculation.
  • the credentials are first parts of payment credentials, and a second part of one of those is calculated as an OTP value as a result of the user inserting a PIN (that may be different from the PIN related to presence services provision), and the two parts must be verified by, for example, a financial institution (such as, for example, an entity type 3.c in the context of Figure 1 1 ) as a precondition for the presence related service to be provided.
  • a financial institution such as, for example, an entity type 3.c in the context of Figure 1 1
  • the presence service may also only be provided after an associated on-line payment has been made.
  • Presence related services associated to radio communication defining devices and defined special areas is unlimited, considered the huge potential of the coming Internet of Things ecosystem. Examples may cover a variety of user and service provider's related environments.
  • Home presence related services may, for example, refer to new facilities a user may have at home to control how the devices operate and interact with the user, based on mobile-centric presence determination. Periodical data measures required by certain home devices (e.g. gas counter) may be automated based on presence determination. Home systems (e.g. video surveillance or pay per view systems) could also be programmed to operate differently depending on whether any family member is or not at home.
  • Presence services in a merchant environment may be used to provide the user with a contextual and personalized procurement and products/services renewal experience, thus benefiting adopting merchants in terms of increasing sales and customer loyalty. Improved checking processes and contextual tracking information may also be offered to users based on presence determination.
  • Zone pricing services and mobile bandwidth personalization may also be offered to end users. So IT resources and mobile pricing can be adapted to customer preferences and needs in selected environments.
  • the user may also be interested to share certain personal mobile presence information with other users or self-configure via internet a set of personal zones (office, home, gym, car, etc.) for presence determination services.
  • a user can benefit from ambient assisted living programs for dependent people and/or automatic stock renewal of food or medicines based on presence determination.
  • Information from urban or rural radio communication devices may also be managed to provide a wide variety of rural or city-zone presence services, in areas such as wireless sensor network or smart cities.
  • service providers should consider mobile-centric presence determination, based on mobile device applications personalization, and presence services enablement via the mobile device, as an essential piece of their Internet of Thing strategy.
  • using methods and technologies that do not require using a third party owned secure element to enable or disable the referred presence related services gives to service providers the right agility and control of their loT business..
  • the carrier may comprise a storage medium, such as a ROM, for example a CD ROM or a semiconductor ROM, or a magnetic recording medium, for example a floppy disc or hard disk.
  • the carrier may be a transmissible carrier such as an electrical or optical signal which may be conveyed via electrical or optical cable or by radio or other means.
  • the carrier may be constituted by such cable or other device or means.
  • the carrier may be an integrated circuit in which the program is embedded, the integrated circuit being adapted for performing, or for use in the performance of, the relevant processes.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne des procédés et un appareil pour surveiller la présence d'un dispositif mobile dans au moins une zone spéciale, dans lesquels un dispositif de définition de radiocommunication émet un signal de définition distinctif radio qui définit la zone spéciale par sa couverture. Le dispositif mobile traite des signaux reçus pour déterminer si les signaux sont ou non un signal de définition distinctif qui définit au moins partiellement la zone spéciale. Lors d'une détermination du fait que le dispositif mobile est dans une zone spéciale, le dispositif mobile envoie un signal de mise à jour à un moyen d'exploitation spécial d'un fournisseur de services associés à la présence par l'intermédiaire d'un réseau téléphonique mobile, le moyen d'exploitation spécial adapte la valeur d'un ou plusieurs paramètres d'exploitation en réponse à la réception du signal de mise à jour. Le dispositif mobile génère également un mot de passe à usage unique (OTP) calculé sur la base d'informations dans le signal de définition distinctif et envoie l'OTP à un serveur du fournisseur de services associés à la présence.
PCT/IB2015/056109 2014-08-11 2015-08-11 Procédés et systèmes pour permettre des services associés à la présence WO2016024220A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US14/456,849 2014-08-11
US14/456,849 US9210167B1 (en) 2014-08-11 2014-08-11 Methods and systems to enable presence related services
US14/456,789 2014-08-11
US14/456,789 US9253639B1 (en) 2014-08-11 2014-08-11 Methods and systems to enable presence related services

Publications (1)

Publication Number Publication Date
WO2016024220A1 true WO2016024220A1 (fr) 2016-02-18

Family

ID=54011760

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2015/056109 WO2016024220A1 (fr) 2014-08-11 2015-08-11 Procédés et systèmes pour permettre des services associés à la présence

Country Status (1)

Country Link
WO (1) WO2016024220A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210203646A1 (en) * 2018-08-30 2021-07-01 Telefonaktiebolaget Lm Ericsson (Publ) Method for restricting access to a management interface using standard management protocols and software

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8577392B1 (en) 2012-06-13 2013-11-05 Apple Inc. System and method of determining location of wireless communication devices/persons for controlling/adjusting operation of devices based on the location
US20140059347A1 (en) * 2012-08-27 2014-02-27 Optio Labs, LLC Systems and methods for restricting access to network resources via in-location access point protocol
US8738040B2 (en) 2006-03-28 2014-05-27 Afirma Consulting & Technologies, S.L. Method and system for monitoring a mobile station presence in a special area

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8738040B2 (en) 2006-03-28 2014-05-27 Afirma Consulting & Technologies, S.L. Method and system for monitoring a mobile station presence in a special area
US8577392B1 (en) 2012-06-13 2013-11-05 Apple Inc. System and method of determining location of wireless communication devices/persons for controlling/adjusting operation of devices based on the location
US20140059347A1 (en) * 2012-08-27 2014-02-27 Optio Labs, LLC Systems and methods for restricting access to network resources via in-location access point protocol

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
LICHUN BAO: "Location Authentication Methods for Wireless Network Access Control", PERFORMANCE, COMPUTING AND COMMUNICATIONS CONFERENCE, 2008. IPCCC 2008. IEEE INTERNATIONAL, IEEE, PISCATAWAY, NJ, USA, 7 December 2008 (2008-12-07), pages 160 - 167, XP031404355, ISBN: 978-1-4244-3368-1 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210203646A1 (en) * 2018-08-30 2021-07-01 Telefonaktiebolaget Lm Ericsson (Publ) Method for restricting access to a management interface using standard management protocols and software
US11757853B2 (en) * 2018-08-30 2023-09-12 Telefonaktiebolaget Lm Ericsson (Publ) Method for restricting access to a management interface using standard management protocols and software

Similar Documents

Publication Publication Date Title
US9253639B1 (en) Methods and systems to enable presence related services
AU2019226230B2 (en) Method and apparatus for providing secure services using a mobile device
US20220358484A1 (en) System and Method for Dynamic Temporary Payment Authorization in a Portable Communication Device
EP3284274B1 (fr) Procédé et appareil de gestion d'un profil d'un terminal dans un système de communication sans fil
CN101164086B (zh) 能够使用无线网络实现信用卡个人化的方法、系统和移动设备
US10769625B2 (en) Dynamic generation of quick response (QR) codes for secure communication from/to a mobile device
CN101809633B (zh) 与不同的企业无线地执行交易
US9898728B2 (en) System and method for one-time payment authorization in a portable communication device
US9210167B1 (en) Methods and systems to enable presence related services
US20140370879A1 (en) Proximity Application Discovery and Provisioning
US10194005B2 (en) Method to retrieve personal customer data of a customer for delivering online service to said customer
CN108418837A (zh) 移动数据通信设备及操作方法、移动通信系统和存储介质
WO2014072725A1 (fr) Système de sécurité à lecteur d'étiquette mobile
US10708742B2 (en) Wireless service provider system for selling and/or activating wireless services for a wireless device
CN105991610B (zh) 登录应用服务器的方法及装置
KR102495688B1 (ko) 포터블 통신 디바이스의 동적 임시 결제 인가를 위한 시스템 및 방법
KR101301571B1 (ko) 2채널 인증 방법
WO2016024220A1 (fr) Procédés et systèmes pour permettre des services associés à la présence
KR20060102457A (ko) 이중 고객 인증방법 및 시스템과 이를 위한 서버와기록매체
KR20210072731A (ko) 간편 옴니채널 쇼핑을 위한 주문결제 시스템 및 방법
KR101571199B1 (ko) 고객 전화번호 입력에 기초한 로그인 처리 시스템 및 그 제어방법
KR20120119210A (ko) 인증서 운영 방법
KR20120044325A (ko) 인증정보 제공 방법
KR20130052579A (ko) 인증서 운영 방법
KR20170029856A (ko) 사용자 장치, 서비스 제공 장치, 그를 포함하는 결제 시스템, 그의 제어 방법 및 컴퓨터 프로그램이 기록된 기록매체

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15756484

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15756484

Country of ref document: EP

Kind code of ref document: A1