WO2022008806A1 - Wireless communication method and system - Google Patents

Wireless communication method and system Download PDF

Info

Publication number
WO2022008806A1
WO2022008806A1 PCT/FR2021/000071 FR2021000071W WO2022008806A1 WO 2022008806 A1 WO2022008806 A1 WO 2022008806A1 FR 2021000071 W FR2021000071 W FR 2021000071W WO 2022008806 A1 WO2022008806 A1 WO 2022008806A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
mobile
data transfer
mobile terminal
application
Prior art date
Application number
PCT/FR2021/000071
Other languages
French (fr)
Inventor
Emmanuel Lecocq
Frank AUFAURE
Daphne Vermorel
Mathilde JACQUET
Raphael Katz
William Doriat
Danai Fournier
Mael Rival
Pierre Lansade
Radouane Karra
Hafs Bennacer
Abderrazak Talbi
Benaly Issouf
Soufiane Chekraoui
Zakariae El Merzouki
Amine Karoui
Original Assignee
Carrefour Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Carrefour Sa filed Critical Carrefour Sa
Priority to BR112023000197A priority Critical patent/BR112023000197A2/en
Priority to EP21746771.1A priority patent/EP4179494A1/en
Publication of WO2022008806A1 publication Critical patent/WO2022008806A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01SRADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES
    • G01S1/00Beacons or beacon systems transmitting signals having a characteristic or characteristics capable of being detected by non-directional receivers and defining directions, positions, or position lines fixed relatively to the beacon transmitters; Receivers co-operating therewith
    • G01S1/02Beacons or beacon systems transmitting signals having a characteristic or characteristics capable of being detected by non-directional receivers and defining directions, positions, or position lines fixed relatively to the beacon transmitters; Receivers co-operating therewith using radio waves
    • G01S1/04Details
    • G01S1/042Transmitters
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01SRADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES
    • G01S11/00Systems for determining distance or velocity not using reflection or reradiation
    • G01S11/02Systems for determining distance or velocity not using reflection or reradiation using radio waves
    • G01S11/06Systems for determining distance or velocity not using reflection or reradiation using radio waves using intensity measurements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/50Secure pairing of devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup

Definitions

  • the invention relates to the field of wireless communication and its use to facilitate the exchange of data between customers and the information system of a commercial site. It aims more specifically to facilitate the authentication of customers with a mobile digital application specific to the commercial site and also to be able to assess their position inside the commercial site and vis-à-vis an exit terminal with which it can be expected that authenticated clients can be recognized automatically.
  • the invention first of all provides for a wireless communication system to be implemented to ensure, in a physical commercial site, the connection between the mobile terminals of customers coming to make purchases on said site and a set of information processing and communication means such as at least:
  • a supervision processor made up of an electronic calculator of any kind (computer or electronic card, for example) which can alternatively be separate from or integrated into the site server, and whose function is to supervise all the means of wireless communication of said commercial site,
  • wireless communication equipment hereinafter referred to as data transfer stations, linked to the server of the commercial site and each capable of exchanging data with a mobile terminal to which it will be connected, and
  • This system can also be advantageously equipped with a terminal installed near its exit and comprising biometric identification means able to calculate from the image of a customer presenting himself in the visibility zone of said terminal different measurements of its physiognomic characteristics.
  • the information system of the physical commercial site can offer more functionalities to some of its customers equipped with a mobile terminal, it is planned that customers who so wish can, in a stage prior to the entry of said customers in the physical commercial site, install on their terminal a specific mobile application able to interact with the wireless communication system of the site and to memorize various personal information concerning them.
  • biometric data specific to the customer concerned may be stored there.
  • the specific mobile application loaded in the memory of some of the customers of the commercial site must then be able to be activated when the customer whose mobile terminal includes said application enters the commercial site.
  • the invention provides that this activation can be carried out alternately in two different ways:
  • said specific mobile application loaded in the customer's mobile terminal is activated manually by the customer once back in the commercial site.
  • At least one wireless beacon regularly transmits a signal to all the mobile terminals present in said commercial site, so that the mobile terminals of customers who have previously installed said specific mobile application automatically launch the executing said application as soon as they have detected said signal emitted by the at least one wireless beacon.
  • a variant of the invention provides that said mobile application which has detected any signal emitted by at least one wireless beacon responds to it with a first reception message.
  • the supervision processor assigns to each terminal having transmitted for the first time said first reception message a site data transfer station determined so that said station only exchanges data with this single terminal for the duration of its presence in the commercial site. This then allows an exclusive connection to be established via said specific mobile application between the mobile terminal that implements it and the data transfer station that the supervision processor has assigned to it.
  • the supervision processor detects that a mobile terminal which was in communication with a determined data transfer station, has ceased to respond to the signal emitted by the at least one wireless beacon for a predetermined period, said supervision processor is programmed to interrupt all communication between said mobile terminal and the data transfer station to which it was connected.
  • a complementary variant of the invention provides that the reception signal sent by any mobile terminal transported by a customer in said commercial site and in the memory of which said application has been loaded is a measurement of the power in reception of a signal received from type "Received Signal Strength Indication (RSSI)".
  • RSSI Receiveived Signal Strength Indication
  • the invention also provides for strengthening the security of the wireless communication method and respect for the personal data of customers by implementing various technical improvements which are described in the detailed description of the invention below which presents several modes of embodiment of the invention with examples and reference to the drawings.
  • FIG. 1 schematically represents the wireless communication system according to the invention.
  • the invention protects a wireless communication system between a server 10 and at least one mobile terminal of a customer 15 present in a physical commercial site which is equipped with at least the following elements: a server 10 installed in the said commercial site or connected to it by any means of digital communication by wire or wireless,
  • each data transfer station 12 is able to connect to a said mobile terminal 14 and to establish communication between said mobile terminal 14 and said server 10 and by any means of wired or wireless communication, and that
  • the processor supervises said data transfer stations and determines which of said stations will establish a connection with a determined mobile terminal 14 present on the site.
  • the invention also provides that the commercial site can be equipped with a terminal installed near its exit and comprising biometric identification means capable of calculating from the image of a customer 15 presenting himself in the zone of visibility of said terminal different measurements of its physiognomic characteristics, and that - moreover - said biometric measurements are transmitted by at least one transfer station data 12 towards at least one mobile terminal 14 of a customer 15 present on the site.
  • the invention also covers the fact that at least one mobile terminal 14 of at least one customer 15 implements a specific mobile application previously installed in said terminal, that at least one wireless beacon is installed in said commercial site and capable of transmitting a signal detectable by said at least one mobile terminal 14, and that said application is programmed to be able to interact with the elements of the aforementioned wireless communication system via a data transfer station 12.
  • said specific mobile application is able to memorize on the mobile terminal 14 where it is installed biometric measurements specific to the client 15 using the terminal and to compare them with the biometric measurements which will be calculated by the identification means biometrics of said terminal and transmitted by at least one data transfer station 12.
  • the invention covers a wireless communication method which implements such a wireless communication system according to its various aforementioned embodiments and which comprises on the one hand a preliminary step and on the other hand an on-site activation step, such as: during the step prior to their entry into the commercial site, customers 15 have loaded said specific digital application into the memory of their mobile terminal 14,
  • each customer 15 concerned has configured said specific mobile application by recording various personal information therein such as biometric measurements of the face of the customer 15, then
  • the activation of said specific mobile application on the mobile terminal 14 of each customer 15 having previously installed and configured it initiates communication between said mobile terminal 14 and said wireless communication system.
  • the activation of said specific mobile application can be performed manually by the customer 15 having previously installed and configured it in his mobile terminal 14 when the latter enters the commercial site.
  • the activation of said specific mobile application can be automated as follows:
  • At least one wireless beacon regularly emits a signal to all the mobile terminals present in said commercial site, the at least one mobile terminal 14 of at least one customer 15 having previously installed and configured said specific mobile application automatically launches the execution of said application as soon as it detects said signal emitted by the at least one wireless beacon. Once activated, said mobile application responds to the signal transmitted by at least one wireless beacon by transmitting a first reception message.
  • the supervision processor 13 then assigns to each terminal having transmitted for the first time said first reception message a data transfer station 12 of the site determined so that said station only exchanges data with this single terminal during for the entire duration of its presence on the commercial site, each mobile application, once launched, then ensures the exclusive connection between the mobile terminal 14 which implements it and the data transfer station 12 that the supervision processor 13 has assigned to it. This exclusive connection is maintained as long as the mobile terminal
  • the supervision processor 13 is therefore programmed to interrupt all communication between any mobile terminal 14 which ceases to respond to the signal emitted by the at least one wireless beacon for a predetermined duration and the determined data transfer station 12 which was in communication with said mobile terminal 14.
  • the invention indeed also provides in one of its improvements that the distance of each customer 15 having installed and configured on his mobile terminal 14 a specific authenticated mobile digital application, with respect to the data transfer station 12 to which said mobile terminal 14 is connected, or calculated at regular intervals from a measurement by the processor of the power of the signal received from said mobile terminal 14 by said data transfer station 12.
  • Another aspect of the invention relates to securing the method of implementing the wireless communication system by resorting to various generally known cryptographic means.
  • This authentication process can in particular implement an asymmetric public key cryptographic process and is carried out according to the following steps:
  • the specific mobile application installed in the mobile terminal 14 receives from the data transfer station 12 to which said terminal is connected a public key corresponding to the private key of said station, said specific mobile application generates a random number
  • said mobile application encrypts said random number with the public key of the data transfer station 12 to which said terminal is connected and transmits the result of this encryption to it, • the data transfer station 12 decrypts the encrypted data it has received with its private key,
  • said data transfer station 12 establishes an exclusive communication session with said mobile terminal 14 to which it is connected.
  • the authentication of the specific mobile application loaded in the terminal of a client 15 can also be reinforced by an additional authentication phase of the data transfer station 12 to which said terminal is connected.
  • said data transfer station 12 again encrypts the random number resulting from the decryption of the data previously received with its own private key and sends its result back to the connected terminal.
  • the specific mobile application loaded in said terminal then decrypts with the public key of the data transfer station 12 said result. If the decryption is successful and the decrypted data is equal to the random number initially generated by said application, the data transfer station 12 to which it is connected is then considered authenticated.
  • the reception signal sent by any mobile terminal 14 transported by a customer 15 in said commercial site and in which said application has been installed and configured is a measurement of the power in reception of a signal received of the Received Signal Strength Indication (RSSI) type.
  • RSSI Received Signal Strength Indication
  • the method according to the invention can advantageously also comprise a calculation at regular intervals of the distance of each client 15 having installed and configured on his mobile terminal 14 the specific authenticated mobile digital application, with respect to the data transfer station 12 at which said mobile terminal 14 is connected, using the signal strength measurement received from said mobile terminal 14 by said data transfer station 12.
  • the processor calculates an assessment of the distance between the position of each customer 15 concerned and the output terminal, the position of which the system knows in relation to those of each of the data transfer stations.
  • Said exit terminal is therefore programmed in a variant of the invention to perform biometric measurements of any customer 15 approaching said terminal at a distance not exceeding a predetermined distance and substantially close. It is also programmed so that the biometric measurements calculated from each client 15 located at a distance less than or equal to the predetermined distance are only transmitted by the data transfer stations responsible for communication with the mobile terminals implementing a specific mobile digital application authenticated and whose position vis-à-vis said terminal is located at a distance less than or equal to the same predetermined distance.
  • the biometric measurements calculated by the facial recognition means of the terminal on each customer 15 approaching the terminal are not addressed to all the customers 15 located in the physical commercial site, but, for reasons of confidentiality and protection of personal data, are only communicated to a small number of terminals corresponding to previously enrolled customers (having downloaded the specific mobile application) and located in the same area near the exit terminal.
  • the method according to the invention further provides that said mobile terminals transmit a second reception message which takes up the random number used during the authentication of said mobile digital application.
  • an advantageous variant provides that the exchange of information between each data transfer station 12 and the digital application installed on the mobile terminal 14 with which it is in communication takes place according to a packet communication protocol in which the acknowledgment of each packet received is carried out by said specific mobile digital application.
  • the rate of this exchange is then adjusted by each data transfer station 12 according to the speed with which said mobile application to which it is connected regularly, after a predetermined number of packets received, sends a packet of control equivalent to acknowledgment of each new group of packets received.
  • each specific mobile application loaded into a mobile terminal 14 having received biometric measurements from the terminal compares said measurements with those previously recorded in the memory of the terminal in which it is loaded. If there is identity between the biometric measurements received and the biometric measurements previously recorded, the specific mobile application concerned and the server 10 of the commercial site can then initiate a secure transaction, such as in particular an electronic payment order.
  • the invention also covers the computer program which allows a wireless communication system according to the invention to implement the method according to the invention in its various variants. Finally, it provides that all the wireless equipment of the wireless communication system communicate with the mobile terminals of the customers 15 of the commercial site by using a standardized radio communication protocol, such as in particular Bluetooth low energy (Bluetooth Low Energy (BLE)).
  • Bluetooth low energy Bluetooth Low Energy (BLE)

Abstract

Disclosed are a system and a method for wireless communication with mobile terminals of different customers (15) present on a physical business site. The wireless communication method comprises a plurality of steps that enable secure communication between each mobile terminal (14) and a server (10) belonging to the physical business site.

Description

PROCEDE ET SYSTEME DE COMMUNICATION SANS FIL WIRELESS COMMUNICATION METHOD AND SYSTEM
Domaine technique de l’invention Technical field of the invention
L’invention se rapporte au domaine de la communication sans fil et à son utilisation pour faciliter les échanges de données entre des clients et le système d’information d’un site commercial. Elle vise plus particulièrement à faciliter l’authentification des clients disposant d’une application numérique mobile propre au site commercial et à pouvoir également évaluer leur position à l’intérieur du site commercial et vis-à-vis d’une borne de sortie auprès de laquelle il peut être prévu que les clients authentifiés puissent se faire reconnaître automatiquement. The invention relates to the field of wireless communication and its use to facilitate the exchange of data between customers and the information system of a commercial site. It aims more specifically to facilitate the authentication of customers with a mobile digital application specific to the commercial site and also to be able to assess their position inside the commercial site and vis-à-vis an exit terminal with which it can be expected that authenticated clients can be recognized automatically.
Arrière-plan technique Technical background
Les sites commerciaux cherchent à automatiser de plus en plus leurs pratiques de vente et en particulier à bénéficier de tous les avantages que peut apporter la communication directe entre le système d’information d’un site et les terminaux mobiles de ses clients. Ces terminaux sont le plus souvent des téléphones mobiles, mais l’invention ne se limite pas à ce seul type de terminal mobile et vise tout dispositif numérique ayant une capacité de communication numérique sans fil. Pour réaliser une telle communication entre le site commercial et les terminaux mobiles de ses utilisateurs, il faut résoudre plusieurs difficultés. En premier lieu, il convient de pouvoir détecter, se connecter et assurer une communication entre le système d’information du site qui doit être équipé de différents moyens de communication sans fil et les différents terminaux mobiles des clients présents sur le site. Or, ces clients peuvent être relativement nombreux, notamment si le site commercial est de grande taille, ce qui nécessite de superviser la connexion et la communication parallèle avec un nombre potentiellement important de terminaux. Commercial sites are seeking to increasingly automate their sales practices and in particular to benefit from all the advantages that direct communication can bring between a site's information system and its customers' mobile terminals. These terminals are most often mobile telephones, but the invention is not limited to this type of mobile terminal alone and is aimed at any digital device having a wireless digital communication capability. To achieve such communication between the commercial site and the mobile terminals of its users, several difficulties must be resolved. First of all, it is necessary to be able to detect, connect and ensure communication between the site's information system, which must be equipped with different means of wireless communication, and the different mobile terminals of the customers present on the site. However, these customers can be relatively numerous, in particular if the commercial site is large, which requires supervising the connection and the parallel communication with a potentially large number of terminals.
Ensuite, il est nécessaire de pouvoir distinguer parmi les clients sur place, entre ceux qui sont déjà connus du site concerné et qui ont pu être équipés d’un moyen leur permettant de s’identifier de manière fiable lors de leurs achats afin de faciliter le règlement de ceux-ci, et ceux qui ne sont pas préalablement enrôlés et avec lesquels la communication sans fil sera plus limitée et ne permettra pas de bénéficier d’une automatisation du paiement de leurs achats. Résumé de l’invention Next, it is necessary to be able to distinguish, among the customers on site, between those who are already known to the site concerned and who have been able to be equipped with a means enabling them to identify themselves reliably during their purchases in order to facilitate the payment of these, and those who are not previously enrolled and with whom wireless communication will be more limited and will not allow them to benefit from automated payment for their purchases. Summary of the invention
Pour répondre à ces différentes contraintes, l’invention prévoit tout d’abord qu’un système de communication sans fil est mis en œuvre pour assurer dans un site commercial physique la connexion entre les terminaux mobiles des clients venant faire des achats sur ledit site et un ensemble de moyens de traitement de l’information et de communication tels qu’au moins : To respond to these various constraints, the invention first of all provides for a wireless communication system to be implemented to ensure, in a physical commercial site, the connection between the mobile terminals of customers coming to make purchases on said site and a set of information processing and communication means such as at least:
• un serveur informatique local ou distant assurant la gestion de différentes fonctions commerciales du site, • a local or remote computer server ensuring the management of various commercial functions of the site,
• un processeur de supervision, constitué d’un calculateur électronique de toute nature (ordinateur, ou carte électronique, par exemple) qui peut être alternativement distinct ou intégré au serveur du site, et dont la fonction est de superviser l’ensemble des moyens de communication sans fil du dit site commercial, • a supervision processor, made up of an electronic calculator of any kind (computer or electronic card, for example) which can alternatively be separate from or integrated into the site server, and whose function is to supervise all the means of wireless communication of said commercial site,
• des équipements de communication sans fil, dénommés ci-après stations de transfert de données, reliés au serveur du site commercial et aptes à échanger chacun des données avec un terminal mobile auquel il sera connecté, et • wireless communication equipment, hereinafter referred to as data transfer stations, linked to the server of the commercial site and each capable of exchanging data with a mobile terminal to which it will be connected, and
• une ou plusieurs balises sans fil capables d’émettre un signal pouvant être capté par les terminaux mobiles des clients du site. Ce système peut être avantageusement équipé aussi d’une borne installée à proximité de sa sortie et comportant des moyens d’identification biométrique aptes à calculer à partir de l’image d’un client se présentant dans la zone de visibilité de ladite borne différentes mesures de ses caractéristiques physionomiques. Ces différents éléments permettent en effet d’identifier certains clients, dont les données biométriques auront été mémorisées préalablement afin de leur proposer différentes facilités, comme une solution de paiement électronique dématérialisé de leurs achats à la sortie du site commercial. • one or more wireless beacons capable of emitting a signal that can be picked up by the mobile terminals of the site's customers. This system can also be advantageously equipped with a terminal installed near its exit and comprising biometric identification means able to calculate from the image of a customer presenting himself in the visibility zone of said terminal different measurements of its physiognomic characteristics. These different elements make it possible to identify certain customers, whose biometric data will have been memorized beforehand in order to offer them different facilities, as a dematerialized electronic payment solution for their purchases on leaving the commercial site.
Pour que le système d’information du site commercial physique puisse offrir plus de fonctionnalités à certains de ses clients équipés d’un terminal mobile, il est prévu que les clients qui le souhaitent puissent, dans une étape préalable à l’entrée des dits clients dans le site commercial physique, installer sur leur terminal une application mobile spécifique apte à interagir avec le système de communication sans fil du site et à mémoriser différentes informations personnelles les concernant. Parmi lesdites données personnelles, peuvent y être mémorisées des données biométriques propres au client concerné. So that the information system of the physical commercial site can offer more functionalities to some of its customers equipped with a mobile terminal, it is planned that customers who so wish can, in a stage prior to the entry of said customers in the physical commercial site, install on their terminal a specific mobile application able to interact with the wireless communication system of the site and to memorize various personal information concerning them. Among said personal data, biometric data specific to the customer concerned may be stored there.
L’application mobile spécifique chargée dans la mémoire de certains des clients du site commercial doit alors pouvoir être activée au moment où le client dont le terminal mobile comporte ladite application pénètre sur le site commercial. The specific mobile application loaded in the memory of some of the customers of the commercial site must then be able to be activated when the customer whose mobile terminal includes said application enters the commercial site.
L’invention prévoit que cette activation peut être réalisée alternativement de deux manières différentes : The invention provides that this activation can be carried out alternately in two different ways:
• dans une première option, ladite application mobile spécifique chargée dans le terminal mobile du client est activée manuellement par le client une fois rentré dans le site commercial. • in a first option, said specific mobile application loaded in the customer's mobile terminal is activated manually by the customer once back in the commercial site.
• dans une seconde option, au moins une balise sans fil émet régulièrement un signal à destination de l’ensemble des terminaux mobiles présents dans ledit site commercial, de telle sorte que les terminaux mobiles des clients ayant préalablement installé ladite application mobile spécifique lancent automatiquement l’exécution de ladite application dès qu’ils ont détecté ledit signal émis par la au moins une balise sans fil. • in a second option, at least one wireless beacon regularly transmits a signal to all the mobile terminals present in said commercial site, so that the mobile terminals of customers who have previously installed said specific mobile application automatically launch the executing said application as soon as they have detected said signal emitted by the at least one wireless beacon.
Une fois activée l’application mobile chargée sur le terminal mobile d’un client présent sur le site commercial, une variante de l’invention prévoit que ladite application mobile qui a détecté tout signal émis par au moins une balise sans fil y réponde par un premier message de réception. Le processeur de supervision attribue alors à chaque terminal ayant émis pour la première fois ledit premier message de réception une station de transfert de données du site déterminée de manière à ce que ladite station n’échange des données qu’avec cet unique terminal pendant toute la durée de sa présence dans le site commercial. Cela permet alors que s’établisse par le biais de ladite application mobile spécifique une connexion exclusive entre le terminal mobile qui la met en oeuvre et la station de transfert de données que le processeur de supervision lui a assignée. Once activated the mobile application loaded on the mobile terminal of a customer present on the commercial site, a variant of the invention provides that said mobile application which has detected any signal emitted by at least one wireless beacon responds to it with a first reception message. The supervision processor then assigns to each terminal having transmitted for the first time said first reception message a site data transfer station determined so that said station only exchanges data with this single terminal for the duration of its presence in the commercial site. This then allows an exclusive connection to be established via said specific mobile application between the mobile terminal that implements it and the data transfer station that the supervision processor has assigned to it.
A l’inverse, si le processeur de supervision détecte qu’un terminal mobile qui était en communication avec une station de transfert de données déterminée, a cessé de répondre au signal émis par la au moins une balise sans fil pendant une durée prédéterminée, ledit processeur de supervision est programmé pour interrompre toute communication entre ledit terminal mobile et la station de transfert de données à laquelle il était connecté. Conversely, if the supervision processor detects that a mobile terminal which was in communication with a determined data transfer station, has ceased to respond to the signal emitted by the at least one wireless beacon for a predetermined period, said supervision processor is programmed to interrupt all communication between said mobile terminal and the data transfer station to which it was connected.
Une variante complémentaire de l’invention prévoit que le signal de réception envoyé par tout terminal mobile transporté par un client dans ledit site commerciale et dans la mémoire duquel ladite application a été chargée est une mesure de la puissance en réception d'un signal reçu de type « Indication d’intensité du signal reçu » (Received Signal Strength Indication (RSSI)). En étant capable de calculer approximativement la distance entre le terminal et la station de transfert de données avec laquelle il est connecté, l’invention permet également de déterminer quels terminaux se retrouvent à proximité de la borne de sortie qui permet notamment le paiement électronique automatisé des achats par les clients et qui est équipe de moyens de reconnaissance faciale. A complementary variant of the invention provides that the reception signal sent by any mobile terminal transported by a customer in said commercial site and in the memory of which said application has been loaded is a measurement of the power in reception of a signal received from type "Received Signal Strength Indication (RSSI)". By being able to calculate approximately the distance between the terminal and the data transfer station with which it is connected, the invention also makes it possible to determine which terminals are close to the output terminal which allows in particular the automated electronic payment of purchases by customers and which is equipped with means of facial recognition.
L’invention prévoit également de renforcer la sécurité du procédé de communication sans fil et le respect des données personnelles des clients en mettant en oeuvre différents perfectionnements techniques qui sont décrit dans l’exposé détaillé de l’invention ci-après qui présente plusieurs modes de réalisation de l’invention assorti d’exemples et de référence aux dessins. The invention also provides for strengthening the security of the wireless communication method and respect for the personal data of customers by implementing various technical improvements which are described in the detailed description of the invention below which presents several modes of embodiment of the invention with examples and reference to the drawings.
Brève description de la figure D'autres caractéristiques et avantages de l'invention apparaîtront au cours de la lecture de la description détaillée qui va suivre pour la compréhension de laquelle on se reportera à la figure 1 qui représente schématiquement le système de communication sans fil selon l’invention. Modes de réalisation de l’invention Brief description of the figure Other characteristics and advantages of the invention will appear during the reading of the detailed description which will follow for the understanding of which reference will be made to FIG. 1 which schematically represents the wireless communication system according to the invention. Embodiments of the Invention
Dans une première réalisation, l’invention protège un système de communication sans fil entre un serveur 10 et au moins un terminal mobile d’un client 15 présent dans un site commercial physique qui est équipé au moins des éléments suivants : · un serveur 10 installé dans ledit site commercial ou relié à celui- ci par tout moyen de communication numérique par fil ou sans fil, In a first embodiment, the invention protects a wireless communication system between a server 10 and at least one mobile terminal of a customer 15 present in a physical commercial site which is equipped with at least the following elements: a server 10 installed in the said commercial site or connected to it by any means of digital communication by wire or wireless,
• plusieurs stations de transfert de données aptes à échanger des données avec des terminaux mobiles, · un processeur relié aux différentes stations de transfert de données présentes sur le site, et dans lequel • several data transfer stations capable of exchanging data with mobile terminals, a processor connected to the various data transfer stations present on the site, and in which
• chaque station de transfert de données 12 est apte à se connecter à un dit terminal mobile 14 et à établir une communication entre ledit terminal mobile 14 et ledit serveur 10 et par tout moyen de communication par fil ou sans fil, et que • each data transfer station 12 is able to connect to a said mobile terminal 14 and to establish communication between said mobile terminal 14 and said server 10 and by any means of wired or wireless communication, and that
• le processeur assure la supervision des dites stations de transfert de données et détermine laquelle des dites stations va établir une connexion avec un terminal mobile 14 déterminé présent sur le site. L’invention prévoit également que le site commercial peut être équipé d’une borne installée à proximité de sa sortie et comportant des moyens d’identification biométrique aptes à calculer à partir de l’image d’un client 15 se présentant dans la zone de visibilité de ladite borne différentes mesures de ses caractéristiques physionomiques, et que - par ailleurs - lesdites mesures biométriques sont transmises par au moins une station de transfert de données 12 en direction d’au moins un terminal mobile 14 d’un client 15 présent sur le site. • the processor supervises said data transfer stations and determines which of said stations will establish a connection with a determined mobile terminal 14 present on the site. The invention also provides that the commercial site can be equipped with a terminal installed near its exit and comprising biometric identification means capable of calculating from the image of a customer 15 presenting himself in the zone of visibility of said terminal different measurements of its physiognomic characteristics, and that - moreover - said biometric measurements are transmitted by at least one transfer station data 12 towards at least one mobile terminal 14 of a customer 15 present on the site.
L’invention couvre également le fait qu’au moins un terminal mobile 14 d’au moins un client 15 met en oeuvre une application mobile spécifique préalablement installée dans ledit terminal, qu’au moins une balise sans fil est installée dans ledit site commercial et apte à émettre un signal détectable par ledit au moins un terminal mobile 14, et que ladite application est programmée pour pouvoir interagir avec les éléments du système de communication sans fil précité via une station de transfert de données 12. Dans une variante du système de communication sans fil selon l’invention, ladite application mobile spécifique est apte à mémoriser sur le terminal mobile 14 où elle est installée des mesures biométriques propres au client 15 utilisant le terminal et à les comparer aux mesures biométriques qui seront calculées par les moyens d’identification biométriques de ladite borne et transmises par au moins une station de transfert de données 12. The invention also covers the fact that at least one mobile terminal 14 of at least one customer 15 implements a specific mobile application previously installed in said terminal, that at least one wireless beacon is installed in said commercial site and capable of transmitting a signal detectable by said at least one mobile terminal 14, and that said application is programmed to be able to interact with the elements of the aforementioned wireless communication system via a data transfer station 12. In a variant of the communication system wireless according to the invention, said specific mobile application is able to memorize on the mobile terminal 14 where it is installed biometric measurements specific to the client 15 using the terminal and to compare them with the biometric measurements which will be calculated by the identification means biometrics of said terminal and transmitted by at least one data transfer station 12.
L’invention couvre ensuite un procédé de communication sans fil qui met en oeuvre un tel système de communication sans fil selon ses différentes réalisations précitées et qui comporte d’une part une étape préalable et d’autre part une étape d’activation sur site, telles que : · lors de l’étape préalable à leur entrée dans le site commercial, des clients 15 ont chargé dans la mémoire de leur terminal mobile 14 ladite application numérique spécifique, The invention then covers a wireless communication method which implements such a wireless communication system according to its various aforementioned embodiments and which comprises on the one hand a preliminary step and on the other hand an on-site activation step, such as: during the step prior to their entry into the commercial site, customers 15 have loaded said specific digital application into the memory of their mobile terminal 14,
• lors de cette même étape préalable, chaque client 15 concerné a configuré ladite application mobile spécifique en y enregistrant différentes informations personnelles telles que des mesures biométriques du visage du client 15, puis • during this same preliminary step, each customer 15 concerned has configured said specific mobile application by recording various personal information therein such as biometric measurements of the face of the customer 15, then
• dans le site commercial physique, l’activation de ladite application mobile spécifique sur le terminal mobile 14 de chaque client 15 l’ayant préalablement installée et configurée enclenche la communication entre ledit terminal mobile 14 et ledit système de communication sans fil. Selon une des réalisations possibles du dit procédé, l’activation de ladite application mobile spécifique peut être effectuée manuellement par le client 15 l’ayant préalablement installée et configurée dans son terminal mobile 14 lorsque celui-ci rentre dans le site commercial. Selon une réalisation alternative, l’activation de ladite application mobile spécifique peut être automatisée de la manière suivante : • in the physical commercial site, the activation of said specific mobile application on the mobile terminal 14 of each customer 15 having previously installed and configured it initiates communication between said mobile terminal 14 and said wireless communication system. According to one of the possible embodiments of said method, the activation of said specific mobile application can be performed manually by the customer 15 having previously installed and configured it in his mobile terminal 14 when the latter enters the commercial site. According to an alternative embodiment, the activation of said specific mobile application can be automated as follows:
• au moins une balise sans fil émet régulièrement un signal à destination de l’ensemble des terminaux mobiles présents dans ledit site commercial, · le au moins un terminal mobile 14 d’au moins un client 15 ayant préalablement installé et configuré ladite application mobile spécifique lance automatiquement l’exécution de ladite application dès qu’il détecte ledit signal émis par la au moins une balise sans fil. Une fois activée, ladite application mobile répond au signal émis par au moins une balise sans fil en émettant un premier message de réception. Le processeur de supervision 13 attribue alors à chaque terminal ayant émis pour la première fois ledit premier message de réception une station de transfert de données 12 du site déterminée de manière à ce que ladite station n’échange des données qu’avec cet unique terminal pendant toute la durée de sa présence dans le site commercial, Chaque application mobile une fois lancée assure alors la connexion exclusive entre le terminal mobile 14 qui la met en oeuvre et la station de transfert de données 12 que le processeur de supervision 13 lui a assignée. Cette connexion exclusive est maintenue tant que le terminal mobile• at least one wireless beacon regularly emits a signal to all the mobile terminals present in said commercial site, the at least one mobile terminal 14 of at least one customer 15 having previously installed and configured said specific mobile application automatically launches the execution of said application as soon as it detects said signal emitted by the at least one wireless beacon. Once activated, said mobile application responds to the signal transmitted by at least one wireless beacon by transmitting a first reception message. The supervision processor 13 then assigns to each terminal having transmitted for the first time said first reception message a data transfer station 12 of the site determined so that said station only exchanges data with this single terminal during for the entire duration of its presence on the commercial site, each mobile application, once launched, then ensures the exclusive connection between the mobile terminal 14 which implements it and the data transfer station 12 that the supervision processor 13 has assigned to it. This exclusive connection is maintained as long as the mobile terminal
14 continue à répondre régulièrement aux signaux émis périodiquement par une ou plusieurs balises. Le processeur de supervision 13 est donc programmé pour interrompre toute communication entre tout terminal mobile 14 qui cesse de répondre au signal émis par la au moins une balise sans fil pendant une durée prédéterminée et la station de transfert de données 12 déterminée qui était en communication avec ledit terminal mobile 14. L’invention prévoit en effet également dans un de ses perfectionnements que la distance de chaque client 15 ayant installé et configuré sur son terminal mobile 14 une application numérique mobile spécifique authentifiée, par rapport à la station de transfert de données 12 à laquelle ledit terminal mobile 14 est connectée, soit calculée à intervalle régulier à partir d’une mesure par le processeur de la puissance du signal reçu du dit terminal mobile 14 par ladite station de transfert de données 12. 14 continues to respond regularly to signals emitted periodically by one or more beacons. The supervision processor 13 is therefore programmed to interrupt all communication between any mobile terminal 14 which ceases to respond to the signal emitted by the at least one wireless beacon for a predetermined duration and the determined data transfer station 12 which was in communication with said mobile terminal 14. The invention indeed also provides in one of its improvements that the distance of each customer 15 having installed and configured on his mobile terminal 14 a specific authenticated mobile digital application, with respect to the data transfer station 12 to which said mobile terminal 14 is connected, or calculated at regular intervals from a measurement by the processor of the power of the signal received from said mobile terminal 14 by said data transfer station 12.
Un autre aspect de l’invention concerne la sécurisation du procédé de mis en oeuvre du système de communication sans fil en recourant à différents moyens cryptographiques généralement connus. Another aspect of the invention relates to securing the method of implementing the wireless communication system by resorting to various generally known cryptographic means.
Il s’agit tout d’abord de l’authentification par le processeur de supervision 13 de l’application mobile spécifique chargée dans la mémoire du terminal mobile 14 d’un client 15 présent sur le site commercial. C’est ledit processeur qui déclenche via la station de transfert de données 12 auprès de laquelle un dit terminal mobile 14 a été connecté une vérification numérique mettant en oeuvre une fonction cryptographique afin d’authentifier l’application numérique. It is first of all the authentication by the supervision processor 13 of the specific mobile application loaded in the memory of the mobile terminal 14 of a customer 15 present on the commercial site. It is said processor which triggers via the data transfer station 12 to which a said mobile terminal 14 has been connected a digital verification implementing a cryptographic function in order to authenticate the digital application.
Ce processus d’authentification peut en particulier mettre en oeuvre un procédé cryptographique asymétrique à clé publique et s’effectue selon les étapes suivantes : This authentication process can in particular implement an asymmetric public key cryptographic process and is carried out according to the following steps:
• l’application mobile spécifique installée dans le terminal mobile 14 reçoit de la station de transfert de données 12 à laquelle ledit terminal est connecté une clé publique correspondant à la clé privée de ladite station, · ladite application mobile spécifique engendre un nombre aléatoire, • the specific mobile application installed in the mobile terminal 14 receives from the data transfer station 12 to which said terminal is connected a public key corresponding to the private key of said station, said specific mobile application generates a random number,
• ladite application mobile chiffre ledit nombre aléatoire avec la clé publique de la station de transfert de données 12 à laquelle ledit terminal est connectée et lui transmet le résultat de ce chiffrement, • la station de transfert de données 12 déchiffre la donnée chiffrée qu’elle a reçue avec sa clé privée, • said mobile application encrypts said random number with the public key of the data transfer station 12 to which said terminal is connected and transmits the result of this encryption to it, • the data transfer station 12 decrypts the encrypted data it has received with its private key,
• si le déchiffrement est réalisé, ladite station de transfert de données 12 établit une session de communication exclusive avec ledit terminal mobile 14 auquel elle est connectée. • if the decryption is performed, said data transfer station 12 establishes an exclusive communication session with said mobile terminal 14 to which it is connected.
L’authentification de l’application mobile spécifique chargée dans le terminal d’un client 15 peut également être renforcée par une phase d’authentification supplémentaire de la station de transfert de données 12 à laquelle ledit terminal est connecté. Dans cette phase d’authentification supplémentaire ladite station de transfert de données 12 chiffre à nouveau le nombre aléatoire résultant du déchiffrement de la donnée reçue préalablement avec sa propre clé privée et adresse son résultat en retour au terminal connecté. L’application mobile spécifique chargée dans ledit terminal déchiffre alors avec la clé publique de la station de transfert de données 12 ledit résultat. Si le déchiffrement est réussi et que la donnée déchiffrée est égale au nombre aléatoire engendrée initialement par ladite application, la station de transfert de données 12 à laquelle elle est connectée est alors considérée comme authentifiée. The authentication of the specific mobile application loaded in the terminal of a client 15 can also be reinforced by an additional authentication phase of the data transfer station 12 to which said terminal is connected. In this additional authentication phase, said data transfer station 12 again encrypts the random number resulting from the decryption of the data previously received with its own private key and sends its result back to the connected terminal. The specific mobile application loaded in said terminal then decrypts with the public key of the data transfer station 12 said result. If the decryption is successful and the decrypted data is equal to the random number initially generated by said application, the data transfer station 12 to which it is connected is then considered authenticated.
Dans une variante de l’invention, le signal de réception envoyé par tout terminal mobile 14 transporté par un client 15 dans ledit site commercial et dans lequel ladite application a été installée et configurée est une mesure de la puissance en réception d'un signal reçu de type Received Signal Strength Indication (RSSI). Cette spécification peut en effet permettre des mesures intéressantes pour l’utilisation de l’invention en facilitant notamment des mesures de distance entre chaque terminal connecté et la station de transfert de données 12 à laquelle il est connecté, ce qui permet notamment au système de traitement de l’information du site concerné de pouvoir situer la position du client 15 porteur du terminal concerné, en particulier (mais non exclusivement) dans la phase finale de sa présence dans le site considéré. Le procédé selon l’invention peut avantageusement comporter également un calcul à intervalle régulier de la distance de chaque client 15 ayant installé et configuré sur son terminal mobile 14 l’application numérique mobile spécifique authentifiée, par rapport à la station de transfert de données 12 à laquelle ledit terminal mobile 14 est connectée, en utilisant la mesure de la puissance du signal reçu du dit terminal mobile 14 par ladite station de transfert de données 12. In a variant of the invention, the reception signal sent by any mobile terminal 14 transported by a customer 15 in said commercial site and in which said application has been installed and configured is a measurement of the power in reception of a signal received of the Received Signal Strength Indication (RSSI) type. This specification can in fact allow interesting measurements for the use of the invention by facilitating in particular distance measurements between each connected terminal and the data transfer station 12 to which it is connected, which in particular allows the processing system information of the site concerned to be able to locate the position of the customer 15 carrying the terminal concerned, in particular (but not exclusively) in the final phase of his presence in the site considered. The method according to the invention can advantageously also comprise a calculation at regular intervals of the distance of each client 15 having installed and configured on his mobile terminal 14 the specific authenticated mobile digital application, with respect to the data transfer station 12 at which said mobile terminal 14 is connected, using the signal strength measurement received from said mobile terminal 14 by said data transfer station 12.
A partir d’une telle mesure, le processeur calcule une appréciation de la distance entre la position du chaque client 15 concerné et la borne de sortie, dont le système connaît la position par rapport à celles de chacune des stations de transfert de données. Ladite borne de sortie est donc programmée dans une variante de l’invention pour effectuer des mesures biométriques de tout client 15 s’approchant de ladite borne à une distance ne dépassant pas une distance prédéterminée et sensiblement rapprochée. Elle est également programmée pour que les mesures biométrique calculées à partir de chaque client 15 situé à une distance inférieure ou égale à la distance prédéterminée soient uniquement émis par les seules stations de transfert de données ayant en charge la communication avec les terminaux mobiles mettant en oeuvre une application numérique mobile spécifique authentifiée et dont la position vis-à-vis de ladite borne est située à une distance inférieure ou égale à la même distance prédéterminée. From such a measurement, the processor calculates an assessment of the distance between the position of each customer 15 concerned and the output terminal, the position of which the system knows in relation to those of each of the data transfer stations. Said exit terminal is therefore programmed in a variant of the invention to perform biometric measurements of any customer 15 approaching said terminal at a distance not exceeding a predetermined distance and substantially close. It is also programmed so that the biometric measurements calculated from each client 15 located at a distance less than or equal to the predetermined distance are only transmitted by the data transfer stations responsible for communication with the mobile terminals implementing a specific mobile digital application authenticated and whose position vis-à-vis said terminal is located at a distance less than or equal to the same predetermined distance.
De cette manière, les mesures biométriques calculées par les moyens de reconnaissance faciale de la borne sur chaque client 15 se rapprochant de la borne ne sont pas adressés à l’ensemble des clients 15 situés dans le site commercial physique, mais, pour des raisons de confidentialité et de protection des données personnelles, ne sont communiquées qu’à un petit nombre de terminaux correspondant à des clients 15 préalablement enrôlés (en ayant téléchargé l’application mobile spécifique) et situés dans la même zone à proximité de la borne de sortie. Pour sécuriser également la transmission des mesures biométriques calculées par les moyens de reconnaissance faciale de la borne aux terminaux mobiles des clients 15 mettant en œuvre une application numérique mobile authentifiée, le procédé selon l’invention prévoit encore que lesdits terminaux mobiles émettent un deuxième message de réception qui reprend le nombre aléatoire utilisé lors de l’authentification de ladite application numérique mobile. In this way, the biometric measurements calculated by the facial recognition means of the terminal on each customer 15 approaching the terminal are not addressed to all the customers 15 located in the physical commercial site, but, for reasons of confidentiality and protection of personal data, are only communicated to a small number of terminals corresponding to previously enrolled customers (having downloaded the specific mobile application) and located in the same area near the exit terminal. To also secure the transmission of the biometric measurements calculated by the facial recognition means from the terminal to the mobile terminals of customers 15 implementing an authenticated mobile digital application, the method according to the invention further provides that said mobile terminals transmit a second reception message which takes up the random number used during the authentication of said mobile digital application.
Pour rendre encore plus efficace le procédé de communication selon l’invention, une variante avantageuse prévoit que l’échange d’informations entre chaque station de transfert de données 12 et l’application numérique installée sur le terminal mobile 14 avec lequel elle se trouve en communication s’effectue selon un protocole de communication par paquets dont l’acquittement de chaque paquet reçu est effectué par ladite application numérique mobile spécifique. Le débit de cet échange est alors ajusté par chaque station de transfert de données 12 en fonction de la vitesse avec laquelle ladite application mobile à laquelle elle est connectée effectue régulièrement, après un nombre prédéterminé de paquets reçus, l’envoi d’un paquet de contrôle valant acquittement de chaque nouveau groupe de paquets reçus. To make the communication method according to the invention even more efficient, an advantageous variant provides that the exchange of information between each data transfer station 12 and the digital application installed on the mobile terminal 14 with which it is in communication takes place according to a packet communication protocol in which the acknowledgment of each packet received is carried out by said specific mobile digital application. The rate of this exchange is then adjusted by each data transfer station 12 according to the speed with which said mobile application to which it is connected regularly, after a predetermined number of packets received, sends a packet of control equivalent to acknowledgment of each new group of packets received.
Dans une dernière variante de l’invention, chaque application mobile spécifique chargée dans un terminal mobile 14 ayant reçu des mesures biométriques en provenance de la borne compare lesdites mesures avec celles enregistrées préalablement dans la mémoire du terminal dans lequel elle est chargée. S’il y a identité entre les mesures biométriques reçues et les mesures biométriques préalablement enregistrées, l’application mobile spécifique concernée et le serveur 10 du site commercial peuvent alors engager une transaction sécurisée, tel que notamment un ordre de paiement électronique. In a final variant of the invention, each specific mobile application loaded into a mobile terminal 14 having received biometric measurements from the terminal compares said measurements with those previously recorded in the memory of the terminal in which it is loaded. If there is identity between the biometric measurements received and the biometric measurements previously recorded, the specific mobile application concerned and the server 10 of the commercial site can then initiate a secure transaction, such as in particular an electronic payment order.
L’invention couvre également le programme informatique qui permet à un système de communication sans fil selon l’invention de mettre en œuvre le procédé selon l’invention dans ses différentes variantes. Elle prévoit enfin que l’ensemble des équipements sans fil du système de communication sans fil communiquent avec les terminaux mobiles des clients 15 du site commercial en utilisant un protocole de communication radio standardisé, tel qu’en particulier le Bluetooth basse énergie (Bluetooth Low Energy (BLE)). The invention also covers the computer program which allows a wireless communication system according to the invention to implement the method according to the invention in its various variants. Finally, it provides that all the wireless equipment of the wireless communication system communicate with the mobile terminals of the customers 15 of the commercial site by using a standardized radio communication protocol, such as in particular Bluetooth low energy (Bluetooth Low Energy (BLE)).

Claims

REVENDICATIONS
1. Procédé de communication sans fil pour un système comprenant un serveur (10) et au moins un terminal mobile (14) d’un client (15) présent dans un site commercial physique, le système comportant :1. Wireless communication method for a system comprising a server (10) and at least one mobile terminal (14) of a client (15) present in a physical commercial site, the system comprising:
- plusieurs stations de transfert de données aptes à échanger des données avec au moins un terminal mobile (14) d’un client (15), - several data transfer stations capable of exchanging data with at least one mobile terminal (14) of a client (15),
- un processeur relié aux différentes stations de transfert de données présentes sur le site, le processeur assurant la supervision desdites stations de transfert de données et déterminant laquelle desdites stations va établir une connexion avec un terminal mobile (14) déterminé présent sur le site, - a processor connected to the various data transfer stations present on the site, the processor supervising said data transfer stations and determining which of said stations will establish a connection with a determined mobile terminal (14) present on the site,
- au moins un terminal mobile (14) d’au moins un client (15) mettant en oeuvre une application mobile spécifique préalablement installée dans ledit terminal, - at least one mobile terminal (14) of at least one client (15) implementing a specific mobile application previously installed in said terminal,
- au moins une balise sans fil installée dans ledit site commercial et apte à émettre un signal détectable par ledit au moins un terminal mobile (14), ladite application mobile spécifique étant programmée pour pouvoir interagir avec les éléments dudit système via une station de transfert de données (12), le procédé comportant les étapes suivantes : - at least one wireless beacon installed in said commercial site and capable of emitting a signal detectable by said at least one mobile terminal (14), said specific mobile application being programmed to be able to interact with the elements of said system via a transfer station data (12), the method comprising the following steps:
- lors d’une étape préalable à leur entrée dans le site commercial, des clients (15) ont chargé dans la mémoire de leur terminal mobile (14) ladite application numérique spécifique, - during a step prior to their entry into the commercial site, customers (15) have loaded the said specific digital application into the memory of their mobile terminal (14),
- lors de cette même étape préalable, chaque client (15) concerné configure ladite application mobile spécifique en y enregistrant différentes informations personnelles, - during this same preliminary step, each customer (15) concerned configures said specific mobile application by recording various personal information therein,
- dans le site commercial physique, l’activation de ladite application mobile spécifique sur le terminal mobile (14) de chaque client (15) l’ayant préalablement installée et configurée enclenche la communication entre ledit terminal mobile (14) et ledit système de communication sans fil,- in the physical commercial site, the activation of said specific mobile application on the mobile terminal (14) of each customer (15) having previously installed and configured it initiates communication between said mobile terminal (14) and said communication system wireless,
- l’application mobile spécifique chargée dans la mémoire d’au moins un terminal mobile (14) transporté par un client (15) dans ledit site commercial qui a détecté un signal émis par ladite au moins une balise sans fil, y répond par un premier message de réception, - the specific mobile application loaded in the memory of at least one mobile terminal (14) transported by a customer (15) in said commercial site which has detected a signal emitted by said at least one wireless beacon, responds to it with a first reception message,
- le processeur de supervision (13) attribue à chaque terminal ayant émis pour la première fois ledit premier message de réception une station de transfert de données (12) du site déterminée de manière à ce que ladite station n’échange des données qu’avec cet unique terminal pendant toute la durée de sa présence dans le site commercial, - the supervision processor (13) allocates to each terminal having transmitted for the first time said first reception message a data transfer station (12) of the site determined so that said station only exchanges data with this single terminal for the duration of its presence on the commercial site,
- ladite application une fois lancée assure la connexion exclusive entre le terminal mobile (14) qui la met en oeuvre et la station de transfert de données (12) que le processeur de supervision (13) lui a assignée, - said application once launched ensures the exclusive connection between the mobile terminal (14) which implements it and the data transfer station (12) that the supervision processor (13) has assigned to it,
- et ledit processeur de supervision (13) est programmé pour interrompre toute communication entre tout terminal mobile (14) qui cesse de répondre au signal émis par la au moins une balise sans fil pendant une durée prédéterminée et la station de transfert de données (12) déterminée qui était en communication avec ledit terminal mobile (14). - and said supervision processor (13) is programmed to interrupt all communication between any mobile terminal (14) which ceases to respond to the signal emitted by the at least one wireless beacon for a predetermined period and the data transfer station (12 ) determined who was in communication with said mobile terminal (14).
2. Procédé selon la revendication 1 caractérisé en ce que ladite application mobile spécifique peut être activée manuellement par le client (15) l’ayant préalablement installée et configurée dans son terminal mobile (14) lorsque celui-ci rentre dans le site commercial. 2. Method according to claim 1 characterized in that said specific mobile application can be activated manually by the customer (15) having previously installed and configured it in his mobile terminal (14) when the latter enters the commercial site.
3. Procédé selon la revendication 1 caractérisé en ce que au moins une balise sans fil émet régulièrement un signal à destination de l’ensemble des terminaux mobiles présents dans ledit site commercial, et en ce que le au moins un terminal mobile (14) d’au moins un client (15) ayant préalablement installé et configuré ladite application mobile spécifique lance automatiquement l’exécution de ladite application dès qu’il détecte ledit signal émis par la au moins une balise sans fil. 3. Method according to claim 1 characterized in that at least one wireless beacon regularly transmits a signal to all the mobile terminals present in said commercial site, and in that the at least one mobile terminal (14) d at least one client (15) having previously installed and configured said specific mobile application automatically launches the execution of said application as soon as it detects said signal emitted by the at least one wireless beacon.
4. Procédé selon l’une ou plusieurs des revendications 1 à 3 caractérisé en ce que le processeur de supervision (13) déclenche via la station de transfert de données (12) auprès de laquelle ledit terminal mobile (14) a été connecté une vérification numérique mettant en œuvre une fonction cryptographique afin d’authentifier l’application mobile spécifique chargée dans la mémoire du dit terminal mobile (14) dont le client (15) se trouve dans le site commercial, et il déconnecte ensuite toute connexion engagée entre toute station de transfert de données (12) et un terminal mobile (14) dont l’application numérique ne serait pas authentifiée. 4. Method according to one or more of claims 1 to 3 characterized in that the supervision processor (13) triggers via the data transfer station (12) with which said terminal mobile (14) has been connected a digital verification implementing a cryptographic function in order to authenticate the specific mobile application loaded in the memory of said mobile terminal (14) whose customer (15) is in the commercial site, and it then disconnects any connection engaged between any data transfer station (12) and a mobile terminal (14) whose digital application would not be authenticated.
5. Procédé selon l’une ou plusieurs des revendications 1 à 4 caractérisé en ce que l’authentification de ladite application mobile spécifique chargée dans la mémoire de chaque terminal et la station de transfert de données (12) qui assure la connexion met en œuvre un procédé cryptographique asymétrique à clé publique et s’effectue selon les étapes suivantes : 5. Method according to one or more of claims 1 to 4 characterized in that the authentication of said specific mobile application loaded in the memory of each terminal and the data transfer station (12) which provides the connection implements an asymmetric public key cryptographic process and is carried out according to the following steps:
- l’application mobile spécifique installée dans le terminal mobile (14) reçoit de la station de transfert de données (12) à laquelle ledit terminal est connecté une clé publique correspondant à la clé privée de ladite station,- the specific mobile application installed in the mobile terminal (14) receives from the data transfer station (12) to which said terminal is connected a public key corresponding to the private key of said station,
- ladite application mobile spécifique engendre un nombre aléatoire,- said specific mobile application generates a random number,
- ladite application mobile chiffre ledit nombre aléatoire avec la clé publique de la station de transfert de données (12) à laquelle ledit terminal est connectée et lui transmet le résultat de ce chiffrement, - la station de transfert de données (12) déchiffre la donnée chiffrée qu’elle a reçue avec sa clé privée, - said mobile application encrypts said random number with the public key of the data transfer station (12) to which said terminal is connected and transmits the result of this encryption to it, - the data transfer station (12) decrypts the data encrypted that she received with her private key,
- si le déchiffrement est réalisée, ladite station de transfert de données (12) établit une session de communication exclusive avec ledit terminal mobile (14) auquel elle est connectée. - If decryption is performed, said data transfer station (12) establishes an exclusive communication session with said mobile terminal (14) to which it is connected.
6. Procédé selon la revendication 5 caractérisé en ce que : 6. Method according to claim 5 characterized in that:
- une phase d’authentification supplémentaire de la station de transfert de données (12) succède à la phase d’authentification de l’application mobile spécifique, - an additional authentication phase of the data transfer station (12) follows the authentication phase of the specific mobile application,
- durant ladite phase d’authentification supplémentaire ladite station de transfert de données (12) chiffre à nouveau le nombre aléatoire résultant du déchiffrement de la donnée reçue préalablement avec sa propre clé privée et adresse son résultat en retour au terminal connecté, - during said additional authentication phase said data transfer station (12) again encrypts the resulting random number the decryption of the data previously received with its own private key and sends its result back to the connected terminal,
- l’application mobile spécifique chargée dans ledit terminal déchiffre le résultat avec la clé publique de la station de transfert de données (12). - the specific mobile application loaded in said terminal decrypts the result with the public key of the data transfer station (12).
7. Procédé selon l’une ou plusieurs des revendications 1 à 6 caractérisé en ce que la distance de chaque client (15) ayant installé et configuré sur son terminal mobile (14) une application numérique mobile spécifique authentifiée, par rapport à la station de transfert de données (12) à laquelle ledit terminal mobile (14) est connectée, est calculée à intervalle régulier à partir d’une mesure par le processeur de la puissance du signal reçu du dit terminal mobile (14) par ladite station de transfert de données (12). 7. Method according to one or more of claims 1 to 6 characterized in that the distance of each client (15) having installed and configured on his mobile terminal (14) a specific authenticated mobile digital application, with respect to the station of data transfer (12) to which said mobile terminal (14) is connected, is calculated at regular intervals from a measurement by the processor of the power of the signal received from said mobile terminal (14) by said transfer station data (12).
8. Procédé selon l’une ou plusieurs des revendications 1 à 7 caractérisé en ce que le signal de réception envoyé par tout terminal mobile (14) transporté par un client (15) dans ledit site commercial et dans lequel ladite application a été installée et configurée est une mesure de la puissance en réception d'un signal reçu de type « Indication d’intensité du signal reçu » (« Received Signal Strength Indication »). 8. Method according to one or more of claims 1 to 7 characterized in that the reception signal sent by any mobile terminal (14) transported by a customer (15) in said commercial site and in which said application has been installed and configured is a received signal strength measurement of the Received Signal Strength Indication type.
9. Procédé selon la revendication 8 caractérisé en ce que : - ladite application mobile spécifique est apte à mémoriser sur le terminal mobile (14) où elle est installée des mesures biométriques et à les comparer aux mesures biométriques calculées par les moyens d’identification biométriques de ladite borne transmises par au moins une station de transfert de données (12), - ledit processeur de supervision (13) détermine à partir de la distance calculée entre chaque client (15) mettant en œuvre sur son terminal mobile (14) une application numérique mobile spécifique authentifiée et la station de transfert de données (12) à laquelle est connectée son terminal, la distance du dit client (15) par rapport à ladite borne de sortie, - ladite borne de sortie est programmée pour effectuer des mesures biométriques de tout client (15) s’approchant de ladite borne à une distance ne dépassant pas une distance prédéterminée et sensiblement rapprochée, 9. Method according to claim 8 characterized in that: - said specific mobile application is able to memorize on the mobile terminal (14) where it is installed biometric measurements and to compare them with the biometric measurements calculated by the biometric identification means of said terminal transmitted by at least one data transfer station (12), - said supervision processor (13) determines from the calculated distance between each client (15) implementing on his mobile terminal (14) an application authenticated specific mobile digital device and the data transfer station (12) to which its terminal is connected, the distance of said client (15) with respect to said output terminal, - said output terminal is programmed to carry out measurements biometrics of any customer (15) approaching said terminal at a distance not exceeding a predetermined distance and substantially close,
- ladite borne de sortie est programmée pour que les mesures biométrique calculées à parti de chaque client (15) situé à une distance inférieure ou égale à la distance prédéterminée soient uniquement émis par les seules stations de transfert de données ayant en charge la communication avec les terminaux mobiles mettant en oeuvre une application numérique mobile spécifique authentifiée et dont la position vis-à-vis de ladite borne est située à une distance inférieure ou égale à la même distance prédéterminée. - said output terminal is programmed so that the biometric measurements calculated from each client (15) located at a distance less than or equal to the predetermined distance are only transmitted by the data transfer stations responsible for communicating with the mobile terminals implementing a specific authenticated mobile digital application and whose position vis-à-vis said terminal is located at a distance less than or equal to the same predetermined distance.
10. Procédé selon la revendication 9 caractérisé en ce que les terminaux mobiles mettant en oeuvre une application numérique mobile authentifiée qui reçoivent des mesures biométriques émettent un deuxième message de réception qui reprend le nombre aléatoire utilisé lors de l’authentification de ladite application numérique mobile. 10. Method according to claim 9 characterized in that the mobile terminals implementing an authenticated mobile digital application which receive biometric measurements send a second reception message which takes up the random number used during the authentication of said mobile digital application.
11. Procédé selon l’une ou plusieurs des revendications 1 à 10 caractérisé en ce que : 11. Method according to one or more of claims 1 to 10 characterized in that:
- l’échange d’informations entre chaque station de transfert de données (12) et l’application numérique installée sur le terminal mobile (14) avec lequel elle se trouve en communication s’effectue selon un protocole de communication par paquets dont l’acquittement de chaque paquet reçu est effectué par ladite application numérique mobile spécifique, et - the exchange of information between each data transfer station (12) and the digital application installed on the mobile terminal (14) with which it is in communication is carried out according to a packet communication protocol whose acknowledgment of each packet received is performed by said specific mobile digital application, and
- le débit de cet échange est ajusté par chaque station de transfert de données (12) en fonction de la vitesse avec laquelle ladite application mobile à laquelle elle est connectée effectue régulièrement après un nombre prédéterminé de paquets reçus l’envoi d’un paquet de contrôle valant l’acquittement de chaque nouveau groupe de paquets reçus. - the rate of this exchange is adjusted by each data transfer station (12) according to the speed with which said mobile application to which it is connected regularly sends a packet of control worth the acknowledgment of each new group of packets received.
12. Procédé selon l’une ou plusieurs des revendications 1 à 10 caractérisé en ce que : - chaque application mobile spécifique chargée dans un terminal mobile (14) ayant reçu des mesures biométriques en provenance de la borne compare lesdites mesures avec celles enregistrées préalablement dans la mémoire du terminal dans lequel elle est chargée, et - s’il y a identité entre les mesures biométriques reçues et les mesures biométriques préalablement enregistrées, l’application mobile spécifique concernée et le serveur (10) du site commercial peuvent alors engager une transaction sécurisée, tel que notamment un ordre de paiement électronique. 12. Method according to one or more of claims 1 to 10 characterized in that: - each specific mobile application loaded into a mobile terminal (14) having received biometric measurements from the terminal compares said measurements with those previously recorded in the memory of the terminal in which it is loaded, and - if there is identity between the biometric measurements received and the biometric measurements previously recorded, the specific mobile application concerned and the server (10) of the commercial site can then initiate a secure transaction, such as in particular an electronic payment order.
PCT/FR2021/000071 2020-07-10 2021-07-08 Wireless communication method and system WO2022008806A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
BR112023000197A BR112023000197A2 (en) 2020-07-10 2021-07-08 WIRELESS COMMUNICATION METHOD
EP21746771.1A EP4179494A1 (en) 2020-07-10 2021-07-08 Wireless communication method and system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FRFR2007363 2020-07-10
FR2007363A FR3112415B1 (en) 2020-07-10 2020-07-10 Wireless communication method and system

Publications (1)

Publication Number Publication Date
WO2022008806A1 true WO2022008806A1 (en) 2022-01-13

Family

ID=74045493

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FR2021/000071 WO2022008806A1 (en) 2020-07-10 2021-07-08 Wireless communication method and system

Country Status (4)

Country Link
EP (1) EP4179494A1 (en)
BR (1) BR112023000197A2 (en)
FR (1) FR3112415B1 (en)
WO (1) WO2022008806A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140006286A1 (en) * 2012-07-02 2014-01-02 Mark Gerban Process to initiate payment
US20170134902A1 (en) * 2015-04-09 2017-05-11 Datalogic Ip Tech S.R.L. High accuracy indoor locating system
US20180137729A1 (en) * 2016-11-14 2018-05-17 Datalogic IP Tech, S.r.l. Systems, methods and articles to prevent unauthorized removal of mobile processor-based devices from designated areas
US20180248694A1 (en) * 2014-02-10 2018-08-30 Qualcomm Incorporated Assisted device provisioning in a network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140006286A1 (en) * 2012-07-02 2014-01-02 Mark Gerban Process to initiate payment
US20180248694A1 (en) * 2014-02-10 2018-08-30 Qualcomm Incorporated Assisted device provisioning in a network
US20170134902A1 (en) * 2015-04-09 2017-05-11 Datalogic Ip Tech S.R.L. High accuracy indoor locating system
US20180137729A1 (en) * 2016-11-14 2018-05-17 Datalogic IP Tech, S.r.l. Systems, methods and articles to prevent unauthorized removal of mobile processor-based devices from designated areas

Also Published As

Publication number Publication date
EP4179494A1 (en) 2023-05-17
FR3112415A1 (en) 2022-01-14
BR112023000197A2 (en) 2023-04-25
FR3112415B1 (en) 2023-09-01

Similar Documents

Publication Publication Date Title
EP1549011A1 (en) Communication method and system between a terminal and at least a communication device
EP3238474B1 (en) Method for securing contactless transactions
WO2006125885A1 (en) Method for controlling connection of a peripheral to an access point, corresponding access point and peripheral
WO2019094071A1 (en) Biometric validation process utilizing access device and location determination
US20210282019A1 (en) Proximity based user identification and authentication system and method
WO2012164368A1 (en) Method and system for securing data exchanges between a client module and a server module
EP2912594A1 (en) Method of providing a secured service
WO2011110436A1 (en) Protection against rerouting in an nfc circuit communication channel
WO2011128142A1 (en) Detection of the rerouting of a communication channel of a telecommunication device connected to an nfc circuit
US20200008251A1 (en) System and method for peer-to-peer wireless communication
EP3625928A1 (en) Method for securing communication without management of states
EP1851901A1 (en) Method for fast pre-authentication by distance recognition
EP3552327B1 (en) Method of personalizing a secure transaction during a radio communication
EP2469904A1 (en) Electronic device and communication method
EP3963823A1 (en) Method for securely connecting to an onboard web service and corresponding device
EP4179494A1 (en) Wireless communication method and system
FR2869745A1 (en) SYSTEM AND METHOD FOR SECURE ACCESS OF VISITOR TERMINALS TO AN IP-TYPE NETWORK
FR3083627A1 (en) METHOD FOR SECURE TRANSMISSION OF CRYPTOGRAPHIC DATA
EP3479325A1 (en) Method for authenticating payment data, corresponding devices and programs
EP1802026A2 (en) Method of unblocking a resource using a contactless device
FR2924843A1 (en) Access control system for e.g. computer in public/private enterprise, has authentication architecture comprising control procedure for providing access to computing system based on identity and contextual information relative to person
EP3890214A1 (en) Acquisition of temporary right by transmission of near-field radio wave
EP4081989A1 (en) Method and system for sharing authentication data for an access control and deletion of the data after use
CN109145561A (en) The method for authenticating and its equipment and storage medium of computer
FR3108996A1 (en) Grant of rights by near-field radio wave transmission

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21746771

Country of ref document: EP

Kind code of ref document: A1

REG Reference to national code

Ref country code: BR

Ref legal event code: B01A

Ref document number: 112023000197

Country of ref document: BR

ENP Entry into the national phase

Ref document number: 2021746771

Country of ref document: EP

Effective date: 20230210

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 112023000197

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20230105