WO2007090042A2 - Module including a memory holding user personal information and a method of transfer of the information - Google Patents

Module including a memory holding user personal information and a method of transfer of the information Download PDF

Info

Publication number
WO2007090042A2
WO2007090042A2 PCT/US2007/061096 US2007061096W WO2007090042A2 WO 2007090042 A2 WO2007090042 A2 WO 2007090042A2 US 2007061096 W US2007061096 W US 2007061096W WO 2007090042 A2 WO2007090042 A2 WO 2007090042A2
Authority
WO
WIPO (PCT)
Prior art keywords
module
user
information
memory
shared device
Prior art date
Application number
PCT/US2007/061096
Other languages
French (fr)
Other versions
WO2007090042A3 (en
Inventor
Peter E. Gydesen
Anker Helsing
Nanna Svane Theisen
Original Assignee
Motorola, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Motorola, Inc. filed Critical Motorola, Inc.
Publication of WO2007090042A2 publication Critical patent/WO2007090042A2/en
Publication of WO2007090042A3 publication Critical patent/WO2007090042A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists

Definitions

  • SIM cards have a number of disadvantages. For example, they are often designed to fit a device of a particular type, e.g. a particular radio type, and may not fit into devices of other types. SIM cards can easily be misplaced, stolen or lost when removed from the device with which they are to be used. Frequent insertion and extraction of the SIM card from a device causes mechanical wear of the SIM card and/or the card reader of the device into which it is inserted. SIM cards are not easily inserted into or removed from a device when the user is wearing gloves, e.g. where the user is a member of the emergency services such as the police or the fire brigade.
  • FIG. 2 is a block schematic diagram showing a functional layout of components of the identity module shown in FIG. 1.
  • FIG. 3 is a flowsheet illustrating a method of use of the identity module of FIGS. 1 and 2 to provide authenticated operation of the radio of FIG. 1.
  • Embodiments of the present invention provide a module, herein called an ⁇ identity' module, including a memory for storing user personal information including information required for authenticated operation by the user of a shared device.
  • the shared device may be any device that the user shares with others.
  • the shared device may be a fixed device such as a personal computer, e.g. shared between two or more workers in an office or other work environment.
  • the shared device may be a mobile device such as a mobile or portable radio.
  • An example of such a mobile shared device is a radio used by members of the police or other emergency service organisations.
  • Such a device may in use be obtained from a depot and operated by an authorised member of the user organisation. The authorised member may for example be different from one day to the next or from one work shift to the next.
  • the identity module embodying the invention includes a memory and a wireless transmitter operable to send user information stored in the memory to the shared device by wireless communication to authenticate personal operation of the shared device by the user.
  • the identity module may therefore be considered as an analogous to a portable SIM card used with devices such as portable radios and mobile telephones as referred to earlier as well as other known electronic devices.
  • the link between the identity module embodying the invention and the shared device to transfer information is a wireless RF link.
  • the identity module embodying the invention may also include a wireless receiver operable to receive by wireless communication information for storage in the memory.
  • the wireless transmitter and receiver may conveniently comprise a transceiver having components common to each of the transmitter and receiver.
  • the shared device to be operated by the person having possession of the identity module will have a receiver for receiving wireless signals from the identity module embodying the invention.
  • the shared device also desirably has a memory for storing information about authorised users of the device. It may also include a processor which carries out functions related to transfer of information between the module and the shared device, e.g. to compare identity information received from the identity module to check that the information matches information stored by the memory of the shared device and to provide access to the shared device by the person having possession of the identity module when a match of the information is found.
  • the radio 100 is a professional user's radio, e.g. as used by a member of the police force or another emergency service organisation. Such radios are expensive items which, as noted earlier, are often shared between different authorised users. It is undesirable for unauthorised users to be able to operate the radio 100 since the unauthorised user may gain access to sensitive information being communicated.
  • the radio 100 operates to communicate with other radios or wireless terminals in a trunked mode, i.e. via an infrastructure of a communication system in which the radio operates, and/or in a direct mode, i.e. without the involvement of any infrastructure.
  • the radio 100 may be employed to communicate speech information or to send data which may comprise alphanumeric text data, picture or video information and the like. As shown in FIG.
  • the radio 100 has a casing 101 and various conventional parts which are externally visible, namely an antenna 102, an electro-optical display 103, a keypad 104 comprising a set of keys to allow data and instructions signals to be entered into the radio, further control buttons 105, an audio speaker 106 and a microphone 107.
  • the identity module 200 is located close to the radio 100 so that the two can communicate by short range RF communication, e.g. in accordance with the BluetoothTM protocols.
  • the identity module 200 has a casing 204 which includes a hollow portion 205 which allows the identity module 200 to be attached to a clip (not shown) carried by a user on an item such as a belt (not shown) .
  • the identity module 200 also has as visible parts an electro-optical display 207 providing an information indicator and a keypad 212 providing a user interface which allows alphanumeric data and control signals to be entered by a user.
  • the identity module 200 also has a data source connector 213, e.g. a connection socket, which allows a connection to be made to an external source of data such as a personal computer.
  • FIG. 2 is a block schematic diagram showing an example of a functional layout of the identity module 200. Items which are shown in FIG. 1 retain the same reference numerals in FIG. 2. Also shown in FIG. 2 are some components of the identity module 200 which are internal to the casing 204 of the identity module 200 and are therefore not shown in FIG.l.
  • the main operations of the identity module 200 are controlled by a controller 201 which operates in conjunction with a memory 210 which stores data and programs used within the identity module 200.
  • a processor 202 processes information included in short range RF signals sent and received by a transceiver 203.
  • the keypad 212 serves as a user interface and allows a user to enter control signals for delivery to the controller 201 to operate functions of the module 200.
  • the keypad 212 also acts as an input transducer allowing entry of alphanumeric and other data for delivery to the processor 202 for processing to send in radio communications by the transceiver 203.
  • the data source connector 213 also provides an input for delivery of data to the processor 202 for storing in the memory and if appropriate for sending as an RF transmission by the transceiver 203.
  • the data connector 213 may comprise a connection to one or more peripheral devices, e.g. it may comprise a USB data connection.
  • An electro-optical display 207 operated by a display driver 206 under control of the controller 201 provides displayed information to a user of the radio 100 in a known manner.
  • a battery 211 provides electrical power to all operational components of the identity module 200.
  • the user identity module is likely to be located close to the shared device when information is to be transferred by wireless communication between the two.
  • the wireless communication established between the transmitter of the identity module and the receiver of the shared device may be one of the known forms of wireless communication operating over a short distance, say less than 10 metres.
  • Such forms include BluetoothTM communication (communication according to the BluetoothTM standard) operating at 2.4 GHz and WiFi (wireless LAN or local area network) communication operating at 2.4 GHz or 4.9 GHz.
  • the identity module and the shared device desirably use a common protocol to establish wireless communications between the two.
  • the identity module embodying the invention is likely to be carried by a user at all times when the user is likely to use the shared device. The identity module is therefore likely to be an important article which the user should keep safely.
  • the identity module may conveniently be adapted to be attached to a clothing or other item worn or carried by a user, in one of the known ways for attaching articles of utility to an item worn or carried by a user.
  • the module may have a clip for attachment to a user's key ring or it may be attached to a strap which may be worn on a user' s wrist or it may include a clip for attachment to a complementary socket, or a socket or hollow portion for attachment to a complementary clip, so that the identity module may be attached to a user' s belt or other securing item worn by a user.
  • the identity module may have a shape and appearance similar to a credit card and may be carried securely by a user in a purse or wallet or the like.
  • the transmission of information between the identity module and the shared device may be in encrypted form.
  • Wireless communication of information in encrypted form is well known per se and known methods of applying such encryption may be employed to transfer information between the identity module and the shared device.
  • an encryption processor in the transmitter of the identity module may be employed to operate an algorithm to combine the information to be transmitted with a secret encryption key which may include a portion derived from a random number.
  • a corresponding decryption processor in the receiver of the shared device may be employed to separate the information from the encryption key.
  • the decryption processor may be supplied with the same secret encryption key as used in the encryption processor to operate the encryption and decryption procedures.
  • the identity module embodying the invention includes a memory to store user identity and other information.
  • the memory is a nonvolatile memory especially a non-volatile random access memory (NVRAM) .
  • a processor in the module which detects the tampering may issue a control signal which causes the user personal information stored in the memory to be erased in a known manner.
  • the control signal may cause all information stored in the memory to be erased.
  • only information stored in the memory which is important to protect to prevent unauthorised use of the shared device may be erased.
  • Other information stored in the memory may be maintained without erasure.
  • the identity module embodying the invention may include a programmed processor, e.g. a digital signal microprocessor, to control functional operations of the module. The capabilities of the processor will depend on the number and complexity of processing operations to be carried out within the module.
  • the processor can deliver information to the memory for storage, retrieve information from the memory and prepare information for wireless transmission to the shared device.
  • this proximity may be detected automatically by the identity module in a known manner, e.g. by the identity module performing background polling by issuing a polling signal and detecting when a response signal is received from a transmitter of the shared device.
  • communication to transfer authentication information from the identity module to the shared device may be triggered automatically by a signal indicating the detection.
  • the identity module embodying the invention desirably includes means for entering user instructions and/or information into the module, e.g. to provide signals to the processor or controller of the module to execute one or more functional operations of the module. Initiation of wireless communication to transfer user identity information is such a functional operation.
  • the module may include a single key or button or a small number of keys or buttons to allow such user instructions to be entered.
  • the identity module may include as a user interface, in addition to a key and/or button or a small number of keys and/or buttons to initiate functional operations, a keypad indicating alphanumeric and other characters that may be entered into the module by the user as information or instructions required by the module.
  • the identity module embodying the invention may conveniently include an information indicator for providing information to a user about operation of the module.
  • this may for example comprise one or more indicator lights, such as provided by a light emitting device (LED) .
  • the light may have a different colour, e.g. red, blue or green, to indicate different functional operations are required or are occurring.
  • the module may include an electro-optical display to provide information to a user in the form of displayed characters and/or graphics.
  • the electro-optical display may be one of the displays known for use in portable electronic devices.
  • the display may be a liquid crystal display or an electroluminescent display.
  • the module may include a connector terminal to engage with a terminal of a connector to provide a wired connection to the module.
  • the terminal of the module could for example be a socket into which a plug of a connector fits or a plug to fit a socket carried on the connector.
  • the wired connection provided by the connector may for example be a connection suitable to transfer data to or from the identity module.
  • data or programs to be stored in the memory of the module may be transferred to the module from a computer, e.g. held at a depot at which the shared devices, where mobile devices, are stored.
  • the identity module embodying the present invention may conveniently include a battery or other energy source, to power active components such as the transmitter (or transceiver) , the processor, the memory and, if included, the user interface and user indication means (e.g. electro-optical display) .
  • the battery may be disposable or re-chargeable. Where the battery is rechargeable, the module may include a charger terminal connected to the battery allowing the battery to be charged, e.g. by connection to the main (mains) electricity supply or to a charger point, e.g. in a vehicle .
  • the procedure used depends on the form of implementation of the module, the shared device and the communication protocol between the two. In a low tier implementation the transfer may, as noted earlier, be initiated automatically when proximity between the module and the shared device is detected. In a higher tier implementation where the identity module includes a user interface such as a keypad, the procedure may include initially putting the module in an active mode and the user entering a PIN (personal identity number) code into the module so that the user is identified to the module. The procedure may also include the user entering a PIN code into the shared device. This may be the same PIN as entered into the module or a different one.
  • PIN personal identity number
  • the shared device may be switched from an information receiving mode to an operational mode in which the user may proceed to operate the shared device in a normal manner.
  • the module may be switched to an inactive mode. This may be provided automatically by detection of the completion within the module or it may be provided in response to the entry of an instruction signal from the user.
  • the identity module remains in the inactive mode until it is put in the active mode again, e.g. by another instruction signal from the user.
  • FIG. 3 An example of a method 300 of establishing authenticated operation of the radio 100 by use of the identity module 200 is illustrated in FIG. 3.
  • the identity module 200 is put in a provisional active state by the user entering a control signal by operation of one of the keys of the keypad 212 of the identity module 200.
  • the controller 201 of the identity module 200 recognises the signal and switches the state of the identity module 200 to provisionally active.
  • the controller 201 then issues a message to the user which is shown on the display 207 prompting the user to enter a PIN (personal identity number) code.
  • PIN personal identity number
  • the controller 201 compares the entered PIN code with a pre-recorded PIN code stored in the memory 210. If the entered PIN code and the stored PIN code match, the controller 201 issues in a step 309 a signal which puts the identity module 200 into a fully active state in which it is able to communicate with the radio 100.
  • the user also enters a PIN code into the radio 100 via the keypad 104. This PIN code may be the same as the PIN code entered into the identity module 200 or a different one.
  • the PIN code entered into the radio 100 is compared in a step 313 with a previously recorded PIN code stored in the radio 100 in a similar manner to the comparison procedure applied in the identity module 200.
  • the radio 100 is put into an active state in which it is able to communicate with the identity module 200.
  • the identity module 200 and the radio 100 are both in a fully active state, wireless transfer of information needed to begin authenticated operation of the radio 100 is provided in a step 317 by the identity module 200.
  • the information may include an identity code of the user, e.g. a unique police operator number, stored in the memory 210, and retrieved under control of the controller 201.
  • the information is processed by the processor 202 into a form suitable for RF communication by the transceiver 203.
  • the information retrieved from the memory 210 and communicated in this way may also include user profile details, e.g.
  • the retrieved and transferred information may also include details of settings required in the radio 100 to suit operation by the particular user. Alternatively, these settings could be stored in a memory of the radio 100 and retrieved when a signal identifying the user and indicating initiation of the retrieval is received by the radio 100 from the transceiver 203 of the module 100.
  • a step 319 the transfer of information from the identity module 200 to the radio 100 to establish authenticated operation by the user of the radio 100 is suitably completed.
  • the module 100 is then switched in a step 321 to an inactive state. This may be provided automatically by detection by the controller 201 of completion of the procedure within the module 200, e.g. by receipt via the transceiver 203 and processor 202 of a signal from the radio 100 that the radio 100 has been successfully activated, or it may be provided in response to the entry of an instruction signal from the user on the keypad 212, e.g. when the user has seen an indication on the display 103 of the radio 100 that the radio 100 has been successfully activated.
  • the identity module 200 remains in the inactive state until it is put in the active state again, e.g. by another instruction signal from the user via the keypad 212.
  • the module 200 overcomes the disadvantages of the prior art mentioned above in that the module 200 can be adapted to be worn or carried safely by a user.
  • the module 200 communicates with the shared device, the radio 100 in the embodiment described with reference to FIG. 1, by RF communication so does not require insertion in the shared device which, as noted earlier can be difficult in some applications.
  • the identity module 200 does not suffer from the problem of mechanical wear and tear caused by insertion in and removal from the shared device (the radio 100) in the way that prior art SIM cards suffer. Furthermore, there is no problem arising from mechanical damage to a corresponding SIM card reader in the shared device as used in the prior art, since such a device is not required with the RF communicating module 200.
  • the information stored in the memory 210 may be protected in one or more of the ways described earlier. Thus the information stored may be encrypted.
  • the memory 210 may be tamper evident, e.g. by the controller 201 causing a signal to be displayed on the display 207 to indicate tampering.
  • the memory 210 may be self-erasing, under control of a signal from the controller 201, to erase the sensitive information if tampering is detected by the controller 201.
  • relational terms such as first and second, top and bottom, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions.
  • the terms “comprises,” “comprising,” “has”, “having,” “includes”, “including,” “contains”, “containing” or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises, has, includes, contains a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.

Abstract

A module (200) including a memory (210) for storing user personal information required for authenticated operation by the user of a shared device (100) is characterised in that the module includes a wireless transmitter (203) operable to send user information to the shared device by wireless communication to authenticate personal operation of the shared device by the user. Also described is a method of providing authenticated operation of the shared device by use of the module.

Description

MODULE INCLUDING A MEMORY HOLDING USER PERSONAL INFORMATION AND A METHOD OF TRANSFER OF THE INFORMATION
FIELD OF THE INVENTION
The present invention relates to a module including a memory holding user personal information and to a method of transfer of the information to and from a device.
BACKGROUND OF THE INVENTION
A number of electronic devices are shared between different users and require different personal information to be entered into the device when operated by each different user. A known example of such a shared device is a mobile communication terminal such as a portable radio. The information includes for example an identity number identifying the particular user as well as telephone numbers of interest to the particular user in use of the device. A well known way of storing and providing such user personal information is to use a SIM (subscriber identity module) card. Such a card is inserted into the shared device to be operated and thereby forms a mechanical and electrical connection with the processing circuitry of the shared device to provide an auxiliary memory and optionally an auxiliary processor of the shared device. Information stored on the SIM card is electronically read by a processor within the shared device and can be used in operation of the shared device.
Conventional SIM cards have a number of disadvantages. For example, they are often designed to fit a device of a particular type, e.g. a particular radio type, and may not fit into devices of other types. SIM cards can easily be misplaced, stolen or lost when removed from the device with which they are to be used. Frequent insertion and extraction of the SIM card from a device causes mechanical wear of the SIM card and/or the card reader of the device into which it is inserted. SIM cards are not easily inserted into or removed from a device when the user is wearing gloves, e.g. where the user is a member of the emergency services such as the police or the fire brigade.
SUMMARY OF THE INVENTION
According to the present invention in a first aspect there is provided a module as defined in claim 1 of the accompanying claims.
According to the present invention in a second aspect there is provided a method as defined in claim 11 of the accompanying claims. Further features of the invention are defined in the accompanying dependent claims and are disclosed in the embodiments of the invention to be described.
Embodiments of the present invention will now be described by way of example with reference to the accompanying drawings, in which: BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a front view of a radio and an associated identity module in accordance with an embodiment of the invention.
FIG. 2 is a block schematic diagram showing a functional layout of components of the identity module shown in FIG. 1.
FIG. 3 is a flowsheet illustrating a method of use of the identity module of FIGS. 1 and 2 to provide authenticated operation of the radio of FIG. 1.
DESCRIPTION OF EMBODIMENTS OF THE INVENTION
Embodiments of the present invention provide a module, herein called an ^identity' module, including a memory for storing user personal information including information required for authenticated operation by the user of a shared device. The shared device may be any device that the user shares with others. The shared device may be a fixed device such as a personal computer, e.g. shared between two or more workers in an office or other work environment. Alternatively, the shared device may be a mobile device such as a mobile or portable radio. An example of such a mobile shared device is a radio used by members of the police or other emergency service organisations. Such a device may in use be obtained from a depot and operated by an authorised member of the user organisation. The authorised member may for example be different from one day to the next or from one work shift to the next.
The identity module embodying the invention includes a memory and a wireless transmitter operable to send user information stored in the memory to the shared device by wireless communication to authenticate personal operation of the shared device by the user. The identity module may therefore be considered as an analogous to a portable SIM card used with devices such as portable radios and mobile telephones as referred to earlier as well as other known electronic devices. However, unlike the prior art in which the SIM card is physically inserted in the shared device to form a Vired' connection to the shared device to allow the transfer of information between the two, the link between the identity module embodying the invention and the shared device to transfer information is a wireless RF link.
The identity module embodying the invention may also include a wireless receiver operable to receive by wireless communication information for storage in the memory. In this case, the wireless transmitter and receiver may conveniently comprise a transceiver having components common to each of the transmitter and receiver.
The shared device to be operated by the person having possession of the identity module will have a receiver for receiving wireless signals from the identity module embodying the invention. The shared device also desirably has a memory for storing information about authorised users of the device. It may also include a processor which carries out functions related to transfer of information between the module and the shared device, e.g. to compare identity information received from the identity module to check that the information matches information stored by the memory of the shared device and to provide access to the shared device by the person having possession of the identity module when a match of the information is found.
An illustrative example of an identity module embodying the invention and its use in authentication of use of a shared device which is a portable radio will now be described with reference to the accompanying drawings. The portable radio is indicated in FIG. 1 by reference numeral 100 and the identity module is indicated by reference numeral 200.
The radio 100 is a professional user's radio, e.g. as used by a member of the police force or another emergency service organisation. Such radios are expensive items which, as noted earlier, are often shared between different authorised users. It is undesirable for unauthorised users to be able to operate the radio 100 since the unauthorised user may gain access to sensitive information being communicated. Typically the radio 100 operates to communicate with other radios or wireless terminals in a trunked mode, i.e. via an infrastructure of a communication system in which the radio operates, and/or in a direct mode, i.e. without the involvement of any infrastructure. The radio 100 may be employed to communicate speech information or to send data which may comprise alphanumeric text data, picture or video information and the like. As shown in FIG. 1, the radio 100 has a casing 101 and various conventional parts which are externally visible, namely an antenna 102, an electro-optical display 103, a keypad 104 comprising a set of keys to allow data and instructions signals to be entered into the radio, further control buttons 105, an audio speaker 106 and a microphone 107.
The identity module 200 is located close to the radio 100 so that the two can communicate by short range RF communication, e.g. in accordance with the Bluetooth™ protocols. The identity module 200 has a casing 204 which includes a hollow portion 205 which allows the identity module 200 to be attached to a clip (not shown) carried by a user on an item such as a belt (not shown) . The identity module 200 also has as visible parts an electro-optical display 207 providing an information indicator and a keypad 212 providing a user interface which allows alphanumeric data and control signals to be entered by a user. The identity module 200 also has a data source connector 213, e.g. a connection socket, which allows a connection to be made to an external source of data such as a personal computer.
FIG. 2 is a block schematic diagram showing an example of a functional layout of the identity module 200. Items which are shown in FIG. 1 retain the same reference numerals in FIG. 2. Also shown in FIG. 2 are some components of the identity module 200 which are internal to the casing 204 of the identity module 200 and are therefore not shown in FIG.l. The main operations of the identity module 200 are controlled by a controller 201 which operates in conjunction with a memory 210 which stores data and programs used within the identity module 200. A processor 202 processes information included in short range RF signals sent and received by a transceiver 203. The keypad 212 serves as a user interface and allows a user to enter control signals for delivery to the controller 201 to operate functions of the module 200. The keypad 212 also acts as an input transducer allowing entry of alphanumeric and other data for delivery to the processor 202 for processing to send in radio communications by the transceiver 203. The data source connector 213 also provides an input for delivery of data to the processor 202 for storing in the memory and if appropriate for sending as an RF transmission by the transceiver 203. The data connector 213 may comprise a connection to one or more peripheral devices, e.g. it may comprise a USB data connection. An electro-optical display 207 operated by a display driver 206 under control of the controller 201 provides displayed information to a user of the radio 100 in a known manner. A battery 211 provides electrical power to all operational components of the identity module 200.
There are various ways in which the user identity module, the shared device and wireless transmission of information between the two may be implemented in embodiments of the invention. These various ways may be considered as being in different tiers of complexity depending on the level of protection needed for the shared device to avoid unauthorised use of the device. In practice, the identity module is likely to be located close to the shared device when information is to be transferred by wireless communication between the two. Thus, the wireless communication established between the transmitter of the identity module and the receiver of the shared device may be one of the known forms of wireless communication operating over a short distance, say less than 10 metres. Such forms include Bluetooth™ communication (communication according to the Bluetooth™ standard) operating at 2.4 GHz and WiFi (wireless LAN or local area network) communication operating at 2.4 GHz or 4.9 GHz. Whichever form of wireless communication is used, the identity module and the shared device desirably use a common protocol to establish wireless communications between the two. The identity module embodying the invention is likely to be carried by a user at all times when the user is likely to use the shared device. The identity module is therefore likely to be an important article which the user should keep safely. The identity module may conveniently be adapted to be attached to a clothing or other item worn or carried by a user, in one of the known ways for attaching articles of utility to an item worn or carried by a user. For example, the module may have a clip for attachment to a user's key ring or it may be attached to a strap which may be worn on a user' s wrist or it may include a clip for attachment to a complementary socket, or a socket or hollow portion for attachment to a complementary clip, so that the identity module may be attached to a user' s belt or other securing item worn by a user. In another form, the identity module may have a shape and appearance similar to a credit card and may be carried securely by a user in a purse or wallet or the like.
In higher tier implementations embodying the invention, the transmission of information between the identity module and the shared device may be in encrypted form. Wireless communication of information in encrypted form is well known per se and known methods of applying such encryption may be employed to transfer information between the identity module and the shared device. In general, an encryption processor in the transmitter of the identity module may be employed to operate an algorithm to combine the information to be transmitted with a secret encryption key which may include a portion derived from a random number. A corresponding decryption processor in the receiver of the shared device may be employed to separate the information from the encryption key. The decryption processor may be supplied with the same secret encryption key as used in the encryption processor to operate the encryption and decryption procedures.
Where information is to be transmitted from a transmitter of the shared device to a receiver of the identity module, the information may also be in encrypted form, e.g. as applied in the manner described above . The identity module embodying the invention includes a memory to store user identity and other information. In one embodiment, the memory is a nonvolatile memory especially a non-volatile random access memory (NVRAM) .
In higher tier implementations embodying the invention, the memory of the identity module may be operable to store user personal information in encrypted form in a known manner. In higher tier implementations embodying the invention, the memory of the identity module may be tamper-evident, whether or not the information stored in the memory is in encrypted form. This means that if a person who is not the authorised holder of the identity module attempts to tamper with the module to discover information stored in the memory an indication is provided to the authorised user of this tampering. Tamper evident techniques are known per se and the identity module embodying the invention may use such a known technique. For example, tamper-resistant microprocessor chips are commercially available for use in storing and processing private or sensitive information, such as private keys or electronic money credit. In order to prevent an unauthorised person from retrieving or modifying the information, such chips are designed so that the information is not accessible through external means and can be accessed only by embedded software in the chip, which contains the appropriate security measures. Examples of tamper- resistant chips include secure cryptoprocessors, such as chips used in smartcards .
Alternatively, or in addition, when tampering with the identity module embodying the invention is detected, a processor in the module which detects the tampering may issue a control signal which causes the user personal information stored in the memory to be erased in a known manner. The control signal may cause all information stored in the memory to be erased. Alternatively, only information stored in the memory which is important to protect to prevent unauthorised use of the shared device may be erased. Other information stored in the memory may be maintained without erasure. The identity module embodying the invention may include a programmed processor, e.g. a digital signal microprocessor, to control functional operations of the module. The capabilities of the processor will depend on the number and complexity of processing operations to be carried out within the module. As a minimum, the processor can deliver information to the memory for storage, retrieve information from the memory and prepare information for wireless transmission to the shared device. In lower tier implementations embodying the invention it is not necessary to provide any means for the user to enter instructions into the identity module. For example, when the module is within a range suitable for communication between the module and the shared device, this proximity may be detected automatically by the identity module in a known manner, e.g. by the identity module performing background polling by issuing a polling signal and detecting when a response signal is received from a transmitter of the shared device. When such proximity has been detected, communication to transfer authentication information from the identity module to the shared device may be triggered automatically by a signal indicating the detection. However, the identity module embodying the invention desirably includes means for entering user instructions and/or information into the module, e.g. to provide signals to the processor or controller of the module to execute one or more functional operations of the module. Initiation of wireless communication to transfer user identity information is such a functional operation. In lower tier implementations embodying the invention the module may include a single key or button or a small number of keys or buttons to allow such user instructions to be entered. In higher tier implementations embodying the invention, the identity module may include as a user interface, in addition to a key and/or button or a small number of keys and/or buttons to initiate functional operations, a keypad indicating alphanumeric and other characters that may be entered into the module by the user as information or instructions required by the module.
The identity module embodying the invention may conveniently include an information indicator for providing information to a user about operation of the module. In lower tier implementations, this may for example comprise one or more indicator lights, such as provided by a light emitting device (LED) . The light may have a different colour, e.g. red, blue or green, to indicate different functional operations are required or are occurring. In higher tier operations the module may include an electro-optical display to provide information to a user in the form of displayed characters and/or graphics. The electro-optical display may be one of the displays known for use in portable electronic devices. For example, the display may be a liquid crystal display or an electroluminescent display.
In some implementations of the identity module embodying the present invention, the module may include a connector terminal to engage with a terminal of a connector to provide a wired connection to the module.
The terminal of the module could for example be a socket into which a plug of a connector fits or a plug to fit a socket carried on the connector. The wired connection provided by the connector may for example be a connection suitable to transfer data to or from the identity module. For example, data or programs to be stored in the memory of the module may be transferred to the module from a computer, e.g. held at a depot at which the shared devices, where mobile devices, are stored.
The identity module embodying the present invention may conveniently include a battery or other energy source, to power active components such as the transmitter (or transceiver) , the processor, the memory and, if included, the user interface and user indication means (e.g. electro-optical display) . The battery may be disposable or re-chargeable. Where the battery is rechargeable, the module may include a charger terminal connected to the battery allowing the battery to be charged, e.g. by connection to the main (mains) electricity supply or to a charger point, e.g. in a vehicle .
Where authentication of a user to operate a shared device is required by transfer of information from the identity module embodying the invention, the procedure used depends on the form of implementation of the module, the shared device and the communication protocol between the two. In a low tier implementation the transfer may, as noted earlier, be initiated automatically when proximity between the module and the shared device is detected. In a higher tier implementation where the identity module includes a user interface such as a keypad, the procedure may include initially putting the module in an active mode and the user entering a PIN (personal identity number) code into the module so that the user is identified to the module. The procedure may also include the user entering a PIN code into the shared device. This may be the same PIN as entered into the module or a different one. In one implementation, in the module and in the shared device the entered PIN code can be compared with a previously stored PIN code and the module and shared device can each produce a signal to indicate that the PIN code has been correctly entered. The module then enters an active mode which provides wireless transfer of information needed to begin operation of the shared device. The information may include an identity code of the user stored in the memory of the module. It may also include user profile details, e.g. including the user's organisational department and unit. The transferred information may also include details of settings required in the shared device to suit operation by the user. Alternatively, these settings could be stored in a memory of the shared device and retrieved when a signal identifying the user and indicating initiation of the retrieval is received from the identity module.
When the transfer of information from the identity module to the shared device to establish operation by the user of the shared device has been suitably completed, the shared device may be switched from an information receiving mode to an operational mode in which the user may proceed to operate the shared device in a normal manner. After completion of the information transfer, the module may be switched to an inactive mode. This may be provided automatically by detection of the completion within the module or it may be provided in response to the entry of an instruction signal from the user. The identity module remains in the inactive mode until it is put in the active mode again, e.g. by another instruction signal from the user.
An example of a method 300 of establishing authenticated operation of the radio 100 by use of the identity module 200 is illustrated in FIG. 3. Initially, in a step 301 the identity module 200 is put in a provisional active state by the user entering a control signal by operation of one of the keys of the keypad 212 of the identity module 200. The controller 201 of the identity module 200 recognises the signal and switches the state of the identity module 200 to provisionally active. In a step 303, the controller 201 then issues a message to the user which is shown on the display 207 prompting the user to enter a PIN (personal identity number) code. The user then enters a PIN code into the identity module 200 via the keypad 212 in a step 305. In a step 307, the controller 201 compares the entered PIN code with a pre-recorded PIN code stored in the memory 210. If the entered PIN code and the stored PIN code match, the controller 201 issues in a step 309 a signal which puts the identity module 200 into a fully active state in which it is able to communicate with the radio 100. In a step 311, the user also enters a PIN code into the radio 100 via the keypad 104. This PIN code may be the same as the PIN code entered into the identity module 200 or a different one. The PIN code entered into the radio 100 is compared in a step 313 with a previously recorded PIN code stored in the radio 100 in a similar manner to the comparison procedure applied in the identity module 200. If the correct PIN code is found to have been entered, in a step 315 the radio 100 is put into an active state in which it is able to communicate with the identity module 200. When the identity module 200 and the radio 100 are both in a fully active state, wireless transfer of information needed to begin authenticated operation of the radio 100 is provided in a step 317 by the identity module 200. The information may include an identity code of the user, e.g. a unique police operator number, stored in the memory 210, and retrieved under control of the controller 201. The information is processed by the processor 202 into a form suitable for RF communication by the transceiver 203. The information retrieved from the memory 210 and communicated in this way may also include user profile details, e.g. including the user's organisational department and unit. The retrieved and transferred information may also include details of settings required in the radio 100 to suit operation by the particular user. Alternatively, these settings could be stored in a memory of the radio 100 and retrieved when a signal identifying the user and indicating initiation of the retrieval is received by the radio 100 from the transceiver 203 of the module 100.
In a step 319, the transfer of information from the identity module 200 to the radio 100 to establish authenticated operation by the user of the radio 100 is suitably completed. The module 100 is then switched in a step 321 to an inactive state. This may be provided automatically by detection by the controller 201 of completion of the procedure within the module 200, e.g. by receipt via the transceiver 203 and processor 202 of a signal from the radio 100 that the radio 100 has been successfully activated, or it may be provided in response to the entry of an instruction signal from the user on the keypad 212, e.g. when the user has seen an indication on the display 103 of the radio 100 that the radio 100 has been successfully activated. The identity module 200 remains in the inactive state until it is put in the active state again, e.g. by another instruction signal from the user via the keypad 212.
The module 200 overcomes the disadvantages of the prior art mentioned above in that the module 200 can be adapted to be worn or carried safely by a user. In addition, the module 200 communicates with the shared device, the radio 100 in the embodiment described with reference to FIG. 1, by RF communication so does not require insertion in the shared device which, as noted earlier can be difficult in some applications. The identity module 200 does not suffer from the problem of mechanical wear and tear caused by insertion in and removal from the shared device (the radio 100) in the way that prior art SIM cards suffer. Furthermore, there is no problem arising from mechanical damage to a corresponding SIM card reader in the shared device as used in the prior art, since such a device is not required with the RF communicating module 200. The information stored in the memory 210, at least any sensitive information included therein, may be protected in one or more of the ways described earlier. Thus the information stored may be encrypted. The memory 210 may be tamper evident, e.g. by the controller 201 causing a signal to be displayed on the display 207 to indicate tampering. The memory 210 may be self-erasing, under control of a signal from the controller 201, to erase the sensitive information if tampering is detected by the controller 201. In the foregoing specification, specific embodiments of the present invention have been described. However, one of ordinary skill in the art appreciates that various modifications and changes can be made without departing from the scope of the present invention as set forth in the claims below. Accordingly, the specification and figures are to be regarded in an illustrative rather than a restrictive sense, and all such modifications are intended to be included within the scope of present invention. The benefits, advantages, solutions to problems, and any element (s) that may cause any benefit, advantage, or solution to occur or become more pronounced are not to be construed as a critical, required, or essential features or elements of any or all the claims. The invention is defined solely by the appended claims including any amendments made during the pendency of this application and all equivalents of those claims as issued. Moreover in this document, relational terms such as first and second, top and bottom, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. The terms "comprises," "comprising," "has", "having," "includes", "including," "contains", "containing" or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises, has, includes, contains a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. An element proceeded by "comprises ...a", "has ...a", "includes ...a", "contains ...a" does not, without more constraints, preclude the existence of additional identical elements in the process, method, article, or apparatus that comprises, has, includes, contains the element. The terms "a" and "an" are defined as one or more unless explicitly stated otherwise herein. The terms "substantially", "essentially", "approximately", "about" or any other version thereof, are defined as being close to as understood by one of ordinary skill in the art, and in one non-limiting embodiment the term is defined to be within 10%, in another embodiment within 5%, in another embodiment within 1% and in another embodiment within 0.5%. The term "coupled" as used herein is defined as connected, although not necessarily directly and not necessarily mechanically. A device or structure that is "configured" in a certain way is configured in at least that way, but may also be configured in ways that are not listed.

Claims

1. A module including: a memory for storing user personal information required for authenticated operation by the user of a shared device, the module including a wireless transmitter operable to send user information to the shared device by wireless communication to authenticate personal operation of the shared device by the user.
2. A module according to claim 1 wherein the module also includes a wireless receiver operable to receive by wireless communication information for storage in the memory and is operable to store the information in the memory.
3. A module according to claim 2 wherein the module is operable to send and/or receive user personal information in encrypted form.
4. A module according to claim 3 wherein the memory is a non-volatile memory operable to store user personal information in encrypted form.
5. A module according to claim 4 wherein the memory is tamper-evident .
6. A module according to claim 5 wherein the module is operable to erase user personal information stored in the memory when tampering of the memory or the module is detected.
7. A module according to claim 6 further a programmed processor to control functional operations of the module.
8. A module according to claim 7 further including a user interface for entering user instructions into the module .
9. A module according to claim 8 further including ding an information indicator for providing information to a user about operation of the module.
10. A module according to claim 9 wherein the information indicator comprises an electro-optical display.
PCT/US2007/061096 2006-01-31 2007-01-26 Module including a memory holding user personal information and a method of transfer of the information WO2007090042A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0601907.9 2006-01-31
GB0601907A GB2434903B (en) 2006-01-31 2006-01-31 Module Including A Memory Holding User Personal Informatioon And A Method Of Transfer Of The Information

Publications (2)

Publication Number Publication Date
WO2007090042A2 true WO2007090042A2 (en) 2007-08-09
WO2007090042A3 WO2007090042A3 (en) 2008-01-03

Family

ID=36061175

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/061096 WO2007090042A2 (en) 2006-01-31 2007-01-26 Module including a memory holding user personal information and a method of transfer of the information

Country Status (2)

Country Link
GB (1) GB2434903B (en)
WO (1) WO2007090042A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010138592A3 (en) * 2009-05-26 2011-07-07 Qualcomm Incorporated Portable personal sim card

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104735606B (en) * 2015-02-10 2019-03-05 惠州Tcl移动通信有限公司 Communication means and system based on wearable device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5185717A (en) * 1988-08-05 1993-02-09 Ryoichi Mori Tamper resistant module having logical elements arranged in multiple layers on the outer surface of a substrate to protect stored information
US5565857A (en) * 1991-10-31 1996-10-15 Lee; Kwang-Sil Electronic indentification system having remote automatic response capability and automatic identification method thereof
US20040180657A1 (en) * 2002-06-24 2004-09-16 Toshiba America Research Inc. (Tari) Authenticating multiple devices simultaneously using a single wireless subscriber identity module
US6871063B1 (en) * 2000-06-30 2005-03-22 Intel Corporation Method and apparatus for controlling access to a computer system

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5131038A (en) * 1990-11-07 1992-07-14 Motorola, Inc. Portable authentification system
GB9102104D0 (en) * 1991-01-31 1991-03-13 Tait Robert A R Non-contacting transaction system
GB2309808A (en) * 1996-02-03 1997-08-06 Michael John Lake Security data use
JP2004213162A (en) * 2002-12-27 2004-07-29 Dainippon Printing Co Ltd Non-contact communication sim reader/writer or the like for cellphone and personal computer, and sim reader/writer for cellphone
GB2418759A (en) * 2004-09-29 2006-04-05 Siemens Ag System access

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5185717A (en) * 1988-08-05 1993-02-09 Ryoichi Mori Tamper resistant module having logical elements arranged in multiple layers on the outer surface of a substrate to protect stored information
US5565857A (en) * 1991-10-31 1996-10-15 Lee; Kwang-Sil Electronic indentification system having remote automatic response capability and automatic identification method thereof
US6871063B1 (en) * 2000-06-30 2005-03-22 Intel Corporation Method and apparatus for controlling access to a computer system
US20040180657A1 (en) * 2002-06-24 2004-09-16 Toshiba America Research Inc. (Tari) Authenticating multiple devices simultaneously using a single wireless subscriber identity module

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010138592A3 (en) * 2009-05-26 2011-07-07 Qualcomm Incorporated Portable personal sim card
US8244181B2 (en) 2009-05-26 2012-08-14 Qualcomm Incorporated Portable personal SIM card
KR101372628B1 (en) * 2009-05-26 2014-03-17 퀄컴 인코포레이티드 Portable personal sim card

Also Published As

Publication number Publication date
GB2434903A (en) 2007-08-08
GB2434903B (en) 2008-11-26
GB0601907D0 (en) 2006-03-08
WO2007090042A3 (en) 2008-01-03

Similar Documents

Publication Publication Date Title
CN106255984B (en) Apparatus and method for operating a portable electronic device to conduct a mobile payment transaction
US9210733B2 (en) Method and apparatus to facilitate pairing between wireless devices
US9198037B2 (en) Identification processing apparatus and mobile device using the same
US8880055B1 (en) Method and apparatus for using near field communication (NFC) to perform transactions on a mobile device
EP2770702B1 (en) Mobile phone and communication method thereof
US20180117944A1 (en) Card and application program
KR100815148B1 (en) System and method for settlement security using nfc
US7845567B2 (en) Contactless card reader and information processing system
US20150171928A1 (en) Usb memory device connected with smart phone
JPWO2004086294A1 (en) Authentication card and wireless authentication system for mutual authentication using the authentication card
JP2006338480A (en) Processor
CN101719295A (en) Electronic equipment with radio frequency identification (RFID) technology and losing prevention method thereof
KR20080023712A (en) Nfc function control device for mobile terminal having id card and nfc chip
JP2015215688A (en) Portable type settlement terminal device
KR102444619B1 (en) Integrator of identification device
WO2020075317A1 (en) Authentication system and smartphone case used therefor
TWI280770B (en) System against illegal use of mobile phone
JP2012123818A (en) Communicable information storage medium and secret information storage system using the medium
WO2007090042A2 (en) Module including a memory holding user personal information and a method of transfer of the information
JPH10105663A (en) Wrong use preventing device for ic card
KR101659294B1 (en) An apparatus for secure usb memory using beacon signals and the operating method thereof
JP4347610B2 (en) Personal information protection method, personal information protection program and mobile phone terminal
US20200387765A1 (en) Security Measures in Relation to Data Tags and Contactless Cards
JP2006195559A (en) Information processing unit and data communication system
JP2006270487A (en) Function-utilizing control unit for mobile information terminal

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07717435

Country of ref document: EP

Kind code of ref document: A2