| CLAIMS:
1. A system for authorising a mobile communications device to access a communications network, the system including:
a reader to read a memory of a portable memory device, which memory has stored therein an identification of the portable memory device, a mobile communications device serial number and a mobile communications device network identification number ;
an input module for a user to input a pin number;
a processor in communication with the reader and the input module to receive a request to grant the mobile communications device access to the network, the request including a portable memory device identification, a mobile communications devices serial number and network identification number which have all been read off a portable memory device by the reader, the request further including a pin number which has been input into the input module by a user of the mobile communications device, wherein the processor processes the received request to authorise themobile communications device to access the communications network.
2. A system according to claim 1 wherein the processor processes the received request to authorise the mobile communications device by forwarding the portable memory device identification, mobile communications devices serial number, network identification number and pin number via a communications network to a server which uses the information to authenticate the request and to authorise the device to access the network.
3. A system according to claim 1 wherein the processor processes the received request by using the portable memory device identification, mobile communications device serial number, network identification number and pin number and comparing these with previously stored data to ensure that the portable memory device, mobile communications device, network identification number and pin number correspond with the previously stored data and if so, to authenticate the request and to authorise the device to access the network.
4. A system according to claim 3 wherein if the request is authenticated, the mobile communications device is given access to the network for a predetermined period of time.
5. A system according to any preceding claim wherein the portable memory device is a magnetic stripe card or a smart card and the reader is a magnetic stripe card or smart card reader.
6. A system according to any preceding claim wherein the input module is a keypad.
7. A system according to any preceding claim wherein the portable memory device includes a security feature.
8. A system according to claim 7 wherein the security feature is readable by a reader.
9. A system according to claim 7 or claim 8 wherein the security feature is at least one of UV ink, infra red ink, a hologram with nano/pica print, a laser verification feature and micro dot technology.
10. A method of authorising a mobile communications device to access a communications network, the method including: receiving a request to grant the mobile communications device access to the network, the request including a portable memory device identification, a mobile communications devices serial number and network identification number which have all been read off a portable memory device by the reader, the request further including a pin number which has been input into the input module by a user of the mobile communications device;
comparing the received portable memory device identification, mobile communications devices serial number, network identification number and pin number with a previously stored portable memory device identification, mobile communications devices serial number, network identification number and pin number and if these correspond then authorising the mobile communications device to access the communications network.
11. A method according to claim 10 wherein if the request is authenticated, the mobile communications device is given access to the network for a predetermined period of time.
12. A method according to claim 10 or claim 11 further including:
receiving a request to register a mobile communications device for future authorisation on the network;
prompting a user to enter a mobile communications devices serial number and network identification number;
prompting the user to enter a pin number; reading a portable memory device identification from a portable memory device which has been inserted into a reader;
storing the portable memory device identification, mobile communications devices serial number, network identification number and pin number in a memory; and
transmitting the mobile communications devices serial number and network identification number to a portable memory device writer to be written into the memory of the portable memory device. |
A SYSTEM AND METHOD FOR AUTHORISING A MOBILE COMMUNICATIONS DEVICE TO ACCESS A COMMUNICATIONS
NETWORK
BACKGROUND OF THE INVENTION
THIS invention relates to a system and method for authorising a mobile communications device to access a communications network.
For a communications network operator, one of the biggest challenges is the need to ensure that mobile communications devices which access the network are authorised.
This is important to the network operator both from a revenue collection point of view but also from a crime prevention point of view whereby stolen mobile communications devices are prevented from accessing the network which in turn prevents the theft of such devices.
The present invention seeks to address these issues with a system and method for authorising a mobile communications device to access a communications network.
SUMMARY OF THE INVENTION
According to a first embodiment there is provided a system for authorising a mobile communications device to access a communications network, the system including:
a reader to read a memory of a portable memory device, which memory has stored therein an identification of the portable memory device, a mobile communications device serial number and a mobile communications device network identification number ;
an input module for a user to input a pin number;
a processor in communication with the reader and the input module to receive a request to grant the mobile communications device access to the network, the request including a portable memory device identification, a mobile communications devices serial number and network identification number which have all been read off a portable memory device by the reader, the request further including a pin number which has been input into the input module by a user of the mobile communications device, wherein the processor processes the received request to authorise themobile communications device to access the communications network.
In one example, the processor processes the received request to authorise the mobile communications device by forwarding the portable memory device identification, mobile communications devices serial number, network identification number and pin number via a communications network to a server which uses the information to authenticate the request and to authorise the device to access the network.
In another example the processor processes the received request by using the portable memory device identification, mobile communications device serial number, network identification number and pin number and
comparing these with previously stored data to ensure that the portable memory device, mobile communications device, network identification number and pin number correspond with the previously stored data and if so, to authenticate the request and to authorise the device to access the network.
If the request is authenticated, the mobile communications device may be given access to the network for a predetermined period of time.
The portable memory device may be a magnetic stripe card or a smart card and the reader is a magnetic stripe card or smart card reader.
The input module may be a keypad.
According to a second embodiment there is provided a method of authorising a mobile communications device to access a communications network, the method including:
receiving a request to grant the mobile communications device access to the network, the request including a portable memory device identification, a mobile communications devices serial number and network identification number which have all been read off a portable memory device by the reader, the request further including a pin number which has been input into the input module by a user of the mobile communications device;
comparing the received portable memory device identification, mobile communications devices serial number, network identification number and pin number with a previously stored portable memory device identification, mobile communications devices serial number, network identification number and pin number and if these correspond then authorising the mobile communications device to access the communications network.
If the request is authenticated, the mobile communications device may be given access to the network for a predetermined period of time.
The method may further include:
receiving a request to register a mobile communications device for future authorisation on the network;
prompting a user to enter a mobile communications devices serial number and network identification number;
prompting the user to enter a pin number;
reading a portable memory device identification from a portable memory device which has been inserted into a reader;
storing the portable memory device identification, mobile communications devices serial number, network identification number and pin number in a memory; and
transmitting the mobile communications devices serial number and network identification number to a portable memory device writer to be written into the memory of the portable memory device.
BRIEF DESCRIPTION OF THE DRAWINGS
Figure 1 shows an example system for authorising a mobile communications device to access a communications network; and
Figure 2 shows an example method for authorising a mobile communications device to access a communications network.
DESCR1PTION OF PREFERRED EMBODIMENTS
A system for authorising a mobile communications device 10 to access a communications network 12 is illustrated in Figure 1.
It will be appreciated that the example embodiment is described wherein the mobile communications device 10 is a cellular telephone and the communications network 12 is a cellular communications network. However, the system and methodology described below could be applied to other communications devices and the networks which they access.
In any event, a user of a mobile communications device 10 that wants to access the mobile communications network is required to register.
The user is issued with a portable memory device 14 which may take the form of a magnetic stripe card, smart card or flash drive, for example.
The portable memory device 14 may also include overt or covert security features.
A covert security feature is usually a tiny area that can contain a relatively large amount of information if necessary, depending on the application. It is usually not visible to the naked eye. It needs to be magnified and sometimes decoded which is done with special reading devices.
Some of these security features can contain 350 Million characters in a 3.5 sqcm area that needs to be magnified and decoded to be read.
An overt security feature, such as a visible hologram is used to recognize the card as authentic and may have built in features that are covert and only select people in the chain will know where this is on the card and know how to read it as well as have the reader to read it.
This covert security feature is specifically there to prevent people making their own clone or counterfeit cards and trying to access the network with them. Firstly this probably won't work anyway as the card needs to have a serial number on the in manufacture process as well. However if this is done, then the retailer would pick up that the covert feature is not on the card by reading it with a specific reader.
This reader (not shown in the accompanying drawing) could be built into the portable memory device reader and vending machines card slot.
Some examples of security features are UV ink, infra red ink, hologram with nano/pica print, laser verification feature and micro dot technology.
The user presents the portable memory device 14 to a reader 16 to read a memory of a portable memory device.
The memory has stored therein an identification of the portable memory device.
The reader may also read a security device if the portable memory device includes one.
A server 20 is in communication with the reader 16 and the input device 18.
The user is prompted to enter a mobile communications devices serial number and network identification number into an input device 18, typically in the form of a keypad.
It will be appreciated that mobile communications devices have different parts to them. One part is the actual mobile communications device hardware and another part is a communications module which identifies the subscriber. In one example, the communications module is a subscriber identity module (SIM) card. This is a smart card which securely stores the key identifying a mobile phone service subscriber, as well as subscription
information, preferences and text messages. The equivalent of a SIM in UMTS is a Universal Subscriber Identity Module (USIM).
The SIM also stores network state information such as its current location area identity (LAI).
A subscriber is identified by way of the SIM card normally irrespective of the device that they will be using.
Thus the mobile communications devices serial number in this example is the serial number of the device and network identification number is an identification of the SIM card.
Next the user is prompted to enter a personal identification number (pin) into the input device 18.
The server 22 includes at least one processor, and processes the received request.
This is either done locally at the server 20 which is in communication with the communications network 12. Alternatively, in the illustrated embodiment, the request is forwarded to a second server 22 with an associated database 24.
This will typically be the scenario where the system and methodology is not implemented by the network operator itself but by a third party such as a retailer in which case the reader 16 and the input device 18 may form part of a point of sale device or may be part of a stand-alone vending machine.
Thus the server 20 processes the received registration request by forwarding the portable memory device identification, mobile communications devices serial number, network identification number and pin number via a communications network to a server which links the information for future use to authenticate a request to authorise the device
to access the network. If applicable, the security device details are also linked to the remainder of the information.
In addition, the server 20 transmits the mobile communications devices serial number and network identification number to a portable memory device writer to be written into the memory of the portable memory device. In the illustrated embodiment, the portable memory device writer is incorporated into the reader 16.
The server 22 stores the received data in the database 24 and the user is registered to use the system.
When the user wishes to use the system to authorise their mobile communications device to access the communications network, they present the portable memory device 14 to the reader 16.
The reader 16 reads the portable memory device identification, mobile communications device serial number and network identification number from the memory of the portable memory device 14.
If the portable memory device includes a security device, the reader 16 will also read this security device.
In addition, the user is prompted to enter the pin into the input device 18.
In the illustrated embodiment, all of this information is forwarded by server 20 to server 22 which uses the portable memory device identification, mobile communications device serial number, network identification number and pin number and compares these with previously stored data to ensure that the portable memory device, mobile communications device, network identification number and pin number correspond with the previously stored data. If they do correspond then the request is authenticated and the device access to the network 12 is authorised.
Typically, access to the network is given for a predetermined period of time. This may be determined by an airtime window and may be the amount of time that the user is able to make and/or receive telephone calls on the network, for example.
The methodology may be integrated with a recharge process whereby the user purchases airtime from the network operator. In this methodology, the reader 16 and input device 18 will typically form part of a device that is able to accept payment for the airtime.
The system and method provide a number of advantages. At any given time the amount of users on the system will be known as there is a registration process requiring one card per mobile telephone at a time. If this card is lost or stolen then there must be a de-linking and re-linking again with a new card to the sim, mobile telephone and pin number. Phone theft will be reduced as the user would need the phone that is linked to the card and SIM as well as know the secret pin to access the network.
There would not be too many cards in manufacture as the cards are more permanent cards. In addition users will not be changing their phone numbers and cards as often due to the inconvenience of de-linking and relinking. This may also help reduce other crime as criminal activity is often conducted using prepaid phones as criminal's change the number often.
It will be appreciated that the card or phone can not be stolen and used individually or together, so this system will offer security of the card and phone as nobody's card, phone or sim can be used without the secret pin and thus complete link.