FOR GETTING SERVICES

FIELD OF THE INVENTION

The present invention relates to the field of physical and information security and, more particularly, to an integral system for depositing subscribers’ chip portable objects carrying data authorizing multiple getting service rights and remotely controlling the aforesaid rights,

BACKGROUND OF THE INVENTION

Access control (AC) is the selective restriction of access to a place or other resource while access management describes the process. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.

The term access control refers to the practice of restricting entrance to a property, a building, or a room to authorized persons. Physical access control can be achieved by a human (a guard, bouncer, or receptionist), through mechanical means such as locks and keys, or through technological means such as access control systems like the mantrap. Within these environments, physical key management may also be employed as a means of further managing and monitoring access to mechanically keyed areas or access to certain small assets.

Physical access control is a matter of who, where, and when. An access control system determines who is allowed to enter or exit or using or consuming.

Electronic access control uses computers to solve the limitations of mechanical locks and keys. A wide range of credentials can be used to replace mechanical keys. The electronic access control system grants access based on the credential presented. When access is granted, tire door is unlocked for a predetermined time and the transaction is recorded. When access is refused, the door remains locked and the attempted access is recorded. The system will also monitor the door and alarm if the door is forced open or held open too long after being unlocked. When a credential is presented to a reader, the reader sends the credential's information, usually a number, to a control panel, a highly reliable processor. The control panel compares the credential's number to an access control list, grants or denies the presented request, and sends a transaction log to a database. When access is denied based on the access control list, the door remains locked. If there is a match between the credential and the access control list, the control panel operates a relay that in turn unlocks the door. The control panel also ignores a door open signal to prevent an alarm. Often the reader provides feedback, such as a flashing red LED for an access denied and a flashing green LED for an access granted.

US 10,033,536 discloses techniques described herein relate to generating and managing digital credentials using a digital credential platform in communication with various digital credential template owners and digital credential issuers. A digital credential platform server may receive and coordinate requests and responses between the digital credential template owners and a set of digital credential issuers, to determine which digital credential issuers are authorized to issue digital credential based on which digital credential templates. The digital credential platform server may provide the authorized issuers with access to particular digital credential templates and the functionality to issue digital credentials to users based on any of the particular digital credential templates. Additional techniques described herein relate to tracking, analyzing, and reporting data metrics for issued digital credentials.

Historically, the getting-service rights to different services is authorized by a smart card (chip card) carried by a user. The aforesaid user having getting-service rights to multiple services has to carry all cards around. Thus, there is a long-felt and unmet need to provide an integral means for authorizing multiple getting-service rights.

SUMMARY OF THE INVENTION

It is hence one object of the invention to disclose an integral system for controlling getting-service rights of a user to a permissioned service or facility comprising: (a) a server configured for retrieving and storing information associated with digital credentials of subscribers and getting service rights thereof; (b) at least one remote repository unit configured for receiving and storing subscribers’ chip portable objects carrying rewritable data authorizing said getting service rights; said remote repository unit connected to said server; (c) at least one transceiver configured for giving an access to a service; (d) at least one user mobile device having dedicated software configured for connecting to at least one transceiver, server and at least one repository.

While said at least user mobile device is located in proximity of said at least one transceiver, said at least one transceiver connects to said server. The dedicated software is configured for inquiring a subscriber’s chip portable object stored in said at least one repository which carries subscriber’s getting service rights associated with said at least one transceiver and, after encountering said subscriber’s getting service rights, interconnecting said at least one transceiver, server, repository and subscriber’s chip portable object carrying said subscriber’s getting service rights via mobile device. The transceiver is configured for providing an access to said service.

Another object of the invention is to disclose at least one of said chip portable objects connected to said repository selected from the group consisting of: a card physically disposed in said repository; a card held by said server and initialized as needed, a card emulated by said server and initialized as needed, a chip connected to said server via a PCI module, a chip combination configured for optimization functioning thereof and any combination thereof.

A further object of the invention is to disclose the communication between said user mobiles devices and transceivers selected from the group consisting of: a mechanical contact, NFC, contactless, Bluetooth, Zigbee, Wi-Fi and any combination thereof.

A further object of the invention is to disclose the transceiver mounted at an entrance of an object selected from the group consisting of: a train station, a metro station, a bus, a tram, a trolleybus, an exercise room, a cinema theater, a swimming pool, a cashier, a payment terminal, a private estate and any combination thereof.

A further object of the invention is to disclose the at least one transceiver comprising a gate arrangement configured to open a free pass if said transceiver receives said message and block said free pass without said message.

A further object of the invention is to disclose at least one of said user mobile devices selected from the group consisting of a smartphone, a tablet computer, a laptop computer, a personal digital assistant, a smartwatch and any combination thereof.

A further object of the invention is to disclose the remote repository, which is located in said private estate. A further object of the invention is to disclose the remote repository residing in said private estate connected to said server via a computer connected to said server via a communication network.

A further object of the invention is to disclose one said chip portable object carrying rights to getting services by a number of users.

A further object of the invention is to disclose a number of said chip portable object carrying rights to getting services by one person.

A further object of the invention is to disclose a number of said chip portable object carrying rights to getting services by a number of users.

A further object of the invention is to disclose the chip portable object selected from the group consisting of a smart card, payment card, EMV card, a club card, and a SIM card, a smart key comprising a chip, a transport card, an ID card, a smart passport and any combination thereof.

A further object of the invention is to disclose the server which is a server appliance comprising a number of chip portable objects managed thereby.

A further object of the invention is to disclose the server appliance comprising a repository embedded therein.

A further object of the invention is to disclose the server appliance comprising a plurality of readers configured for reading data carried by said chip portable objects associated with said rights to getting services.

A further object of the invention is to disclose the dedicated software comprising an instraction to identify the user by means of biometric data of the user.

A further object of the invention is to disclose that the transceiver has an identifier recognizable by the user mobile device and transmittable to the server.

A further object of the invention is to disclose the method of for controlling getting- service rights of a user to a permissioned service or facility. The aforesaid method comprises steps of: (a) providing an integral system for controlling getting-service rights of a user to permissioned services further comprising: (i) a server configured for retrieving and storing information associated with digital credentials of subscribers and getting service rights thereof; (ii) at least one remote repository unit configured for receiving and storing subscribers’ chip portable objects carrying rewritable data authorizing said getting service rights; said remote repository unit connected to said server; (iii) at least one transceiver configured for giving an access to a service; (iv) at least one user mobile device having dedicated software configured for connecting to at least one transceiver, server and at least one repository; while said at least user mobile device is located in proximity of said at least one transceiver, said at least one transceiver connects to said server; said dedicated software is configured for inquiring a subscriber’s chip portable object stored in said at least one repository which carries subscriber’s getting service rights associated with said at least one transceiver and, after encountering said subscriber’s getting service rights, interconnecting said at least one transceiver, server, repository and subscriber’s chip portable object carrying said subscriber’s getting service rights; said transceiver is configured for providing an access to said service; (b) depositing said subscribers’ portable objects within said at least one remote repository unit; (c) positioning said at least user mobile device is located in proximity of said at least one transceiver; (d) connecting said transceiver to said server; (d) inquiring a subscriber’s chip portable object stored in said at least one repository which carries subscriber’s getting service rights associated with said at least one transceiver ; (e) interconnecting said at least one transceiver, server, repository and subscriber’s chip portable object carrying said subscriber’s getting service rights after encountering said subscriber’s getting service rights; (f) providing an access to said permissioned service or facility in response to interconnecting said at least one transceiver and said subscriber’s chip portable object carrying said subscriber’s getting service rights.

BRIEF DESCRIPTION OF THE DRAWINGS

In order to understand the invention and to see how it may be implemented in practice, a plurality of embodiments is adapted to be described, by way of non-limiting example only, with reference to the accompanying drawings, in which

Fig. 1 is a schematic diagram of an integral system for controlling getting-service rights of a user to permissioned services or facilities;

Fig. 2 is a schematic diagram of a home-based arrangement controlling getting-service rights of a user to permissioned services or facilities; Fig. 3 is a schematic diagram is a multi-person payment arrangement of an integral system for controlling getting-service rights linked to one portable object accommodated in a repository;

Fig. 4 is a schematic diagram of an integral system for controlling getting-service rights provided with multiple repository unit;

Fig. 5 is a flowchart of a method controlling getting-service rights of a user to permissioned services or fiicilities.

DETAILED DESCRIPTION OF THE INVENTION

The following description is provided, so as to enable any person skilled in the art to make use of said invention and sets forth the best modes contemplated by the inventor of carrying out this invention. Various modifications, however, are adapted to remain apparent to those skilled in the art, since the generic principles of the present invention have been defined specifically to provide an integral system for controlling getting- service rights of a user to permissioned services or fiicilities and a method of doing the same.

Reference is now made to Fig. 1 presenting integral system 100 for controlling getting- service rights of a user to permissioned services or facilities. System 100 comprises server 10, remote repositories 20 and transceivers 30. Repositories 20 are connected to server 10 by a data bus or by a network. Remote repositories configured for receiving chip portable objects such as smart cards or like (not shown) fiom subscribers and storing them. The aforesaid cards carry data authorizing getting-service rights of subscribers. The repositories 20 are established in publically available locations such that the users can deposit all cards of interest in the closest depositories and exercise all getting-service rights by means of delivering user mobile devices 40 into proximity of transceivers 30, which can be mounted at entrance of a controlled area. Providing an access to an internet service in response to positioning user mobile devices 40 in proximity of transceivers 30 is also in scope of the present invention. User mobile device 40 can be realized as a smartphone, a tablet computer, a laptop computer, a personal digital assistant, or smartwatch. It will be appreciated that user mobile device 40 may include dedicated software for interconnecting transceivers 30 having no ID. The term “controlled area” hereinafter refers to a train station, a metro station, a bus, a tram, a trolleybus, an exercise room, a cinema theater, a cashier, a payment terminal, a swimming pool and any similar object. The abovementioned term also refers to internet or other services of limited (paid) access.

Server 10 configured for retrieving and storing information associated with digital credentials of subscribers and getting service rights thereof. Repositories 20 are connected to server 10 by communication channel 13. Wireless channels 13 are in the scope of the present invention. User mobile devices 40 are connectable to server 10 by means of wireless link 15. Optionally, transceivers 30 are also connectable to server 10.

When user mobile device 40 delivered into the proximity of transceiver 30, the dedicated software (not shown) installed on user mobile device 40 inquires a subscriber’s chip portable object (not shown) stored in repository 20. The subscriber’s chip portable object carries subscriber’s getting service rights associated with transceiver 30. After encountering the subscriber’s getting service rights, the dedicated software installed on user mobile device 40 interconnects transceiver 30, server 10, repository 20 and subscriber’s chip portable object carrying said subscriber’s getting service rights communication channels 13, 15 and 45. According to one embodiment of the present invention, the transceiver has an identifier recognizable by the user mobile device and transmittable to the server. Transceiver 30 provides an access to the permitted service. The dedicated software comprises an instruction to collect user biometric data such as finger prints or facial data of the user and user is identified by means of said biometric data stored on said subscribers’ chip portable objects. Optionally, biometric data collected by said dedicated software is coded and used to identify user by coded biometric data of user stored on said subscribers’ chip portable objects. Communication 45 between user mobiles devices 40 and transceivers 30 is can be implemented by means of a mechanical contact, NFC, Bluetooth, Zigbee, Wi-Fi or any similar manner. Transceiver 30 can be provided with a gate arrangement configured to open a free pass if transceiver 30 receives the message and block said free pass without said message.

Mounting transceiver 30 at a train station, a metro station, a bus, a tram, a trolleybus, an exercise room, a cinema theater, a swimming pool, a private estate and similar locations are in the scope of the present invention. The scope of the present invention relating to the chip portable object includes a smart card, payment card, a club card, a SIM card, a smart key comprising a chip, a transport card, an ID card, a smart passport and any combination thereof. Numeral 25 refers to a wireless communication configured for providing an option of access of mobile device 40 to the chip portable objects including sim card, smart card, payment card, a club card, a SIM card, a smart key comprising a chip, a transport card, an ID card, a smart passport and any combination thereof, stored within repository 20.

At least one of the chip portable objects connected to the repository selected from the group consisting of: a card physically disposed in the repository, a card held by the server and initialized as needed, a card emulated by the server and initialized as needed, a chip connected to said the via a PCI module, a chip combination configured for optimization functioning thereof and any combination thereof.

One chip portable object can carry rights to getting services by one user or a number of users. According to an alternative embodiment of the present invention, a number of said chip portable object can carry rights to getting services by one person.

Reference is now made to Fig. 2 presenting the embodiment of the present invention where remote repository 20a resides in private estate 50. According to this embodiment, the chip portable objects are stored in personal repository 20a which is connected to server 10 via computer 55 and communication channel 13.

Reference is now made to Fig. 3 illustrating a multi-person payment arrangement. Chip portable object 27 is stored in repository 20. Chip portable object 27 allows paying by a number of users when they deliver mobile devices 40 in proximity of payment terminal 31. Storing a chip portable object providing the right to pay to a group or family members is in the scope of the sent invention.

Reference is now made to Fig. 4 presenting a multi-repository arrangement. Repositories 21, 22, 23 and 24 are specifically configured for storing smart cards, transport cards, smart keys, payment cards and smart ID documents such as passports, respectively.

According to one embodiment of the integral system for controlling getting-service rights of a user to permissioned services or facilities comprises a server appliance configured for managing this system and secure means such as an intrusion detection unit, an encrypted communication channel or the like. The server appliance can include a repository embedded therein. The server appliance can include a plurality of readers or PCI units configured for reading data carried by the chip portable objects associated with said rights to getting services.

Reference is now made to Fig. 5 presenting method 200 of controlling getting-service rights of a user to permissioned services or facilities. Method 200 is based on use of the system described above. After providing this system at step 210, the subscriber who desires to exercise the getting-service rights he or she possesses deposits all portable objects (smart cards) in a repository (step 220). These smart cards are configured for carrying rewritable data associated with the services to which the subscriber is authorized to get. The transceiver is optionally connectable to the system via the mobile device at step 240. When the user mobile device is positioned in proximity of the transceiver (step 230), the dedicated software inquires a subscriber’s chip portable object stored in the repository. The inquired subscriber’s getting service rights are associated with said at least one transceiver (step 250). Then, the dedicated software interconnects transceiver, server, repository and subscriber’s chip portable object carrying said subscriber’s getting service rights after encountering said subscriber’s getting service rights (step 260). An access to the permissioned service or facility at step 270 is provided in response to interconnecting the transceiver and the subscriber’s chip portable object carrying said subscriber’s getting service rights.

Those skilled in the art to which this invention pertains will readily appreciate that numerous changes, variations and modifications can be effectuated without departing fiom the true spirit and scope of the invention as defined in and by the appended claims.