WO2001091410A2 - Method for authentication of clients for proof of claim to a service, and system and computer product implementing the method - Google Patents

Method for authentication of clients for proof of claim to a service, and system and computer product implementing the method Download PDF

Info

Publication number
WO2001091410A2
WO2001091410A2 PCT/HU2001/000060 HU0100060W WO0191410A2 WO 2001091410 A2 WO2001091410 A2 WO 2001091410A2 HU 0100060 W HU0100060 W HU 0100060W WO 0191410 A2 WO0191410 A2 WO 0191410A2
Authority
WO
WIPO (PCT)
Prior art keywords
service
client
identifying code
provider
telecommunications
Prior art date
Application number
PCT/HU2001/000060
Other languages
French (fr)
Other versions
WO2001091410A3 (en
Inventor
Rezső DUNAY
Sándor FEJES
Péter Harmat
Attila MÉDL
Gyula ROMÁN
Original Assignee
Dunay Rezsoe
Fejes Sandor
Harmat Peter
Medl Attila
Roman Gyula
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dunay Rezsoe, Fejes Sandor, Harmat Peter, Medl Attila, Roman Gyula filed Critical Dunay Rezsoe
Priority to AU2001274350A priority Critical patent/AU2001274350A1/en
Publication of WO2001091410A2 publication Critical patent/WO2001091410A2/en
Publication of WO2001091410A3 publication Critical patent/WO2001091410A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • the object of the invention is a method for authentication of clients entitled to receive a service, and a system implementing the method.
  • the following steps are performed during the method:
  • a client is contacted by a service provider through a telecommunications network, where the service provider provides a certain type of service.
  • Information is exchanged through the telecommunications network, where the information concerns the service to be provided.
  • An agreement is concluded through the telecommunications network, where the subject of the agreement is the providing of a service.
  • a service identifying code is sent to the client as a confirmation of the ordered service. This service identifying code also serves to identify the contents of the service to be provided.
  • the invention also relates to the system implementing the method, and to the various parts of the system.
  • the client must buy a special card in advance, and the number codes of the card must be provided when making a wager, or the data of the clients bank card must be furnished. In these cases, the client needs further technical means for making the wager, beside the technical means necessary for contacting the service provider.
  • the client possesses the necessary independent means, e. g. a so-called Lucky Card, the phone number provided on the card is called. After connecting to the system, the client is requested to provide the 15-digit number of the Lucky Card. This method is slow and cumbersome.
  • the method and apparatus (system) of the invention seeks to alleviate the above mentioned disadvantage.
  • confirmation of concluded agreement about the service e.g. confirmation of the wager mentioned above, is done through a communications channel established between the client and the betting shop (bookmaker's office), during the continuous use of the channel.
  • the confirmation is done later, with the active participation of the client, and using another communications channel.
  • the automatic betting office reads the selected numbers of the bet, or the client calls the betting phone number, where the client is identified by providing again identification data, and the client may again request to have his actual, valid bet read back by the personnel.
  • the present invention also intends to provide a method where the active participation of the client is not necessary for receiving his confirmation.
  • the only purpose of the authentication is to decide whether the client is entitled to a certain, well-defined service or to a similar claim.
  • games of chance it is of importance to keep the person of the gambler secret, even for the provider or the lottery service.
  • the same level of anonymity must be ensured for the client which is present when the claim of the client is proved by a receipt slip.
  • unequivocal identification is also necessary, that is the winning person must be identified unequivocally, so that it is not possible to claim a prize with a mecanical identification, i. e. simply by possessing a code identifying a service. More precisely, it should be possible to select the really entitled person if several persons present the same service identifying code.
  • the above objects are attained with a method of the type described above, where the service identifying code is generated using a unique client identifying code.
  • This client identifying code is associated to the telecommunication means used by the client for establishing contact through the telecommunications network.
  • the client identifying code is automatically forwarded to the service provider in the course of the normal use of the telecommunications network.
  • the service identifying code being generated so that a service identifying code is associated to one and only one client identifying code.
  • the service is provided to the client who possesses the service identifying code.
  • the apparatus performing the method automatically initiates the establishment of a communications channel after the placement of a wager, and the apparatus sends the service identifying code through the communications channel to the client, e.g. in the form of an SMS message.
  • the method of the invention is particularly suitable for concluding an agreement about a service to be provided, without any further technical means or any further data from the client, e. g. the person making the wager, because the reimbursement of the costs of the service received by the client, e. g. the fees for a wager, are made together with the reimbursing of the cost of the usage of the telecommunications means used by the client.
  • This technical means may be a mobile phone or an Internet WEB-based communication.
  • the active operation of a mobile phone device allows the connecting mobile phone central to charge the mobile phone subscription account of the person using the service or to charge the account of a built-in card in the mobile phone itself.
  • the charging may be done with the usual technical means, e. g.
  • the charging may be connected to the sending of the acknowledgement of the agreement concerning the service.
  • the reimbursing the cost of the service received by the client is performed together with the reimbursing of the cost of the use of the telecommunications means used by the client.
  • the service is the acceptance of a wager in some game of chance.
  • the wager is realised without any real payment by the client, because the client is only using his/her telecommunication device, and must necessarily receive the information sent to him/her, otherwise the wager is technically nor realised.
  • the information is sent to the client during the technical steps in making the wager.
  • the conveying of the information to the client may be done by reading it automatically, or displaying it on a screen of a computer, and the information may contain images, sound, texts, e. g. advertisement materials.
  • the reimbursing the cost of the service received by the client is done together with the reimbursing of the cost of a further service connected to the usage of the telecommunications means used by the client.
  • the further service connected to the usage of the client's telecommunications means is the conveying of the advertisements to the client.
  • the method according to the invention may be realised advantageously in a manner so that the client, e. g. the person placing the wager may remain anonymous, even if he/she is a winner.
  • the client e. g. the person placing the wager may remain anonymous, even if he/she is a winner.
  • the information sent with the acknowledgement of the wager is coded and unique, and this information by itself may be sufficient to identify the winner.
  • the telecommunication means between the service provider and the client is a mobile phone, it is preferable to use the phone number when the acknowledgement character string is generated.
  • the use of other identifiers is also feasible.
  • the E-mail address of the service provider may be used as well when the service identifying code is generated.
  • a secret character string can be used in each betting period, where this character string is used with every person making a wager in the given period.
  • a secret character string can be used in each betting period, where this character string is used with every person making a wager in the given period.
  • the acknowledgement character string i. e. the service identifying code returned to the client contains all these in a coded form.
  • the coding is done in a manner known for coding and storing e.
  • the providing of the service comprises the providing of participation in a game of chance, the game containing elements of betting, and coding into the service identifying code the information identifying the betting of the client.
  • the coded data may contain the data of the betting itself, e. g. the chosen five lucky numbers of a lottery.
  • a telephone network may be employed as the telecommunications network, and the MSISDN sign (Mobile Station International ISDN Number) and/or the IMEI number (International Mobile station Equipment Identity) of the client may be employed as the client identifying code.
  • the central apparatus of the system performing the method receives the data necessary for the betting (e. g. the five lottery numbers), in an SMS (Short Message Service) from the traditional mobile phone of the client. Simultaneously, the central apparatus also receives the phone number of the sender.
  • the software in the central digitally evaluates the received characters string, and controls if it conforms to a character string which may be interpreted as a valid betting. If not, an error message is sent back to the sender.
  • the service identifying code is generated from the sender's phone number, the contents of the SMS message, and from a secret character string associated to the specific betting period (e. g. a character string defined for the relevant week).
  • the applied algorithm generates a code character string with an irreversible coding, e. g. with a coding algorithm similar to the password coding algorithms used in computers, so that the original contents can not be decoded from the final code itself.
  • the central apparatus than sends back this code string and the original SMS contents to the original sender of the SMS. The identifying necessary to receive the winnings is made based on the code string.
  • the algorithm used for generating the service identifying code enables the subsequent identification of the betting person, or his/her mobile phone, respectively, also in case of a dispute or in dubious cases. This is because the algorithm itself, and the secret number associated to the relevant betting period is deposited in escrow at an independent third party, sealed. Therefore, using together the client identifying code, i. e. the phone number of the betting person, the data of the wager and the secret number provided by the bookmaker office, the character string constituting the previous service identifying code may be re-generated again. Using a different phone number or different betting data, or placing the bet in a different betting period would result in a different character string, i. e. a different service identifying code.
  • Fig. 1 is a flow chart illustrating a part of the method of the invention
  • Fig. 2 is a flow chart illustrating another part of the method of the invention
  • Fig.3 is a schematic diagram of the connection between the hardware elements suitable for performing the method of the invention.
  • a client is contacted through a telecommunications network.
  • the contacting is made in the capacity of a service provider providing a certain type of service.
  • the contact is established using a telecommunication means, where in a step 20 a client identifying code is automatically forwarded to the service provider in the course of the normal use of the telecommunications network.
  • This client identifying code is associated to the telecommunication means used by the client for establishing the contact through the telecommunications network.
  • This unique client identifying code is stored at least temporarily by the system in a step 25, for the purpose of later use.
  • a step 30 information is exchanged through the telecommunications network.
  • the information concerns the service to be provided. Presuming that the parties contacted each other wishing to conclude an agreement, only that part of the exchange of information is described Fig. 1, and other eventual steps or transactions between the service provider and the client are not described in detail.
  • the service provider and the client agree through the telecommunications network in the providing of a service.
  • This service may be of any type, but in the following specific examples below, the service comprises the organisation of a game of chance, and the provision of participation in the game by the client, and specifically, paying a prize if the client wins.
  • steps 30 and 40 information is exchanged between the service provider and the client essentially about the contents of the service and other circumstances, to a point when both parties find the service to be properly defined for concluding an agreement with the other party.
  • both the provider and the client may supply data about the promised or desired service, this is illustrated in steps 35 and 36.
  • the agreement is practically concluded in step 50, or, if the client would finally decline from requesting the service, it is possible to continue the information exchange with the service provider in step 55, for the purposes of requesting a different service. Alternatively, the information exchange may be finished completely.
  • the service provider forwards a service identifying code to the client.
  • This service identifying code or shortly service code is generated by the service provider in step 60, and for this purpose the client identifying code, or shortly client code which was previously stored in step 25, is now retrieved in step 65.
  • the service identifying code generated in step 60 partly serves as the confirmation of the ordered service, and partly serves to identify the contents of the service, as it will be explained below.
  • the unequivocal confirmation of the service for a given client is ensured by the fact that the service identifying code is generated so that a service identifying code is associated to one and only one client identifying code.
  • This measure is further combined with the fact that the service identifying code is generated using a unique client identifying code, which client identifying code is associated to the telecommunication means used by the client for establishing contact with the service provider. It is noted again that such a client identifying code is automatically forwarded to the service provider in the course of the normal use of the telecommunications network.
  • the service identifying code generated in step 60 is sent to the client as a confirmation of the ordered service in a further step 70.
  • this service identifying code or shortly service code not only serves to confirm or acknowledge the fact that an agreement has been concluded concerning a service, but also serves to identify the contents of the service to be provided. Therefore, the service code is stored by the service provider as well, in step 75, preferably together with other data concerning the circumstances and contents of the service. Thereafter, the contact between the client and the service provider ends at least temporarily, in a final step 80. Though this last step is not strictly necessary in theory, in most instances this will be the case, because one of the main purposes of the service code is to provide subsequently a connecting link between the service provider and the client, who are not in contact with each other.
  • Fig. 2 illustrates the process when the client again contacts the service provider in a step 110, in order to claim the agreed service.
  • the service provider authenticates the client at least partly.
  • the service provider request at least the service code from the client, but in a given case further identification also may be requested, depending on the type of the service to be provided.
  • telecommunication means are not necessary for the interaction between the client and the service provider, as opposed to the process shown in Fig. 1.
  • step 130 the service provider performs various controls on the service code.
  • the service provider may request further data from its own sources or from the client, as shown in steps 135 and 136. If the service provider finds in a following step 140 that the service code is correct, and nothing else prevents the providing of the service, the service provider proceeds to provide the agreed service in step 150. Following the providing of the service, the contact between the client and the service provider ends in step 160. However, if in step 140 the service provider does not find the service code to be acceptable for any reason, the parties usually conduct in steps 145,156 and 147 a dispute resolution process which is not elaborated in all details here.
  • step 147 the service provider will normally provide the agreed service, or alternatively a further dispute resolution process may be initiated in step 148. Summarising the above, the service provider finally provides the service to the client who possesses the service identifying code.
  • the core content of the service is that the service provider provides participation in a game of chance for the client, where the game contains elements of betting, and paying a prize upon winning.
  • the client is called bettor (wagerer, punter, staker).
  • the game of chance is a lottery, where e. g. five numbers must be bet, in a system known per se.
  • the information identifying the betting of the client in the game of chance is coded into the service identifying code.
  • the information identifying the betting of the client may be the betted lottery numbers.
  • a bettor with a pre-paid GSM-type mobile phone places a bet in SMS, without advertisement
  • the bettor has a pre-paid SIM Card. He sends an SMS message to the service provider which contains the five lottery numbers and eventually a password. 2.
  • the service provider checks out at the GSM (Global System for Mobile communications) provider whether the account of the caller may be debited with the price of the betting. If not, this latter is indicated by the service provider to the bettor in an SMS. If the bettor may be debited, the procedure continues. 3. Subsequently, the service provider generates the service identifying code with random number generation and/or prime number generation, and further, for enhanced security and the possibility of later checkout, the service identifying code is generated using a one-way (irreversible) coding.
  • GSM Global System for Mobile communications
  • the service provider generates an irreversible service code, based on the phone number of the caller (bettor), the secret code of the betting week, the betted numbers and a counter having a default value of 1. If another code generated in this manner is already stored in the system, the counter is increased until a previously not existing code have been generated. In this manner it is possible for a client to place a bet on the same numbers several times, and still the identity of the bettor need not be stored. Thereafter, the service provider may even skip the storing of the phone numbers themselves, e. g. due to personal data protection considerations.
  • the code thus generated is sent by the service provider in an SMS to the client, in the form of a letter or number series.
  • the service provider instructs the GSM provider to debit the account of the bettor with the cost of the service and the wager (betting).
  • the service provider stores the service code and the betted numbers. This list is deposited at a notary public each week, together with the secret code of the betting week.
  • the winner may be authenticated.
  • the code may be re-generated based on the phone number of the bettor, the secret code of the week, and the betted numbers, even in case of multiple betting.
  • the proved ownership of the phone may decide, which client is entitled to claim the service, because the payment of the service can also be proved for that client.
  • the bettor calls the phone number indicated by the service provider.
  • the bettor enters the numbers on the dial, or dictates them.
  • the system controls whether the betted numbers are correct.
  • the system automatically detects the phone number of the calling party.
  • the service provider instructs the betting client to provide the phone number, and the service provider indicates that it is a necessary precondition for the acceptance of the bet.
  • the bettor may also provide a multiple-digit identifier, which is typically remembered by the client with the help of the letters on the phone dial. If the system would contain too many of the supplied identifier, the service provider requests another identifier from the client.
  • the service provider broadcasts an advertisement, which is rated by the client directly, on-line, with the buttons of the phone. Altematively, the client rates not the advertisement itself, but the product advertised. The rating forms the basis of the payment.
  • the service provider stores the results of the rating, to be billed to the advertiser.
  • the service provider dictates a multiple-digit identifier code to the client.
  • the client may later authenticate himself with this identifier code.
  • the identifier provided by the client and the service identifying code are valid together only, and the service provider stores both codes, and optionally deposits it at a notary public before the draw.
  • the provision of a separate client identifying code may be avoided.
  • a bettor with a mobile phone places a bet in SMS, paid through advertising
  • the user of the mobile phone sends an SMS to the lottery organising service provider, containing the betted lottery numbers in a predetermined format.
  • the game organiser responds to the bettor based on the received SMS (if the format is correct, otherwise an error message is sent).
  • the organiser sends one or more SMS messages, which contains either (a) one or more advertising text (b) a questionnaire in connection with an advertisement campaign. In case (a), the code word hidden in the message or a point rating must be sent back (therewith forcing the client to read through the message), while in case (b), the complete list of answers must be sent back by the client.
  • the gambler successfully responded to the questions in step 2, the organiser sends him/her another SMS, containing the betted five numbers, as a reminder, and a confirmation containing x+y digits.
  • the x digits contain the phone number of the user
  • the y digits are the result of some irreversible coding of the time when the first SMS message of the gambler was received.
  • the number generated with the irreversible coding is completely unique, i. e. the service identifying code is generated so that a single service identifying code is associated to one and only one client identifying code. Simultaneously, in the central data base, the phone number associated to the betted numbers are now replaced with this code.
  • the client (the user) becomes a regular gambler (bettor), and the single connection between the user and the lottery numbers ends. Thereafter, the proof of the betting is only valid with the presentation of the service identifying code. 4.
  • the query of the winning numbers may be done through an SMS after the draw, but the client may obtain information about the winning by more traditional channels as well.
  • the client may receive the winning simply after presenting the code. .
  • a bettor with a mobile phone places a bet through a phone call, receives a response in SMS, being paid by advertisement.
  • the user (bettor) places a bet through a subscription mobile phone and b, there is an agreement between the lottery service provider and the mobile phone provider that calls made to the service provider should be billed to the lottery service provider b, the lottery provider may be called on a green number.
  • the server waits for the calls of the bettors on a central phone number.
  • the client calls the central number, where he/she is greeted by an artificially generated voice, informing the client that the five (six) winning numbers may be placed for week 15.
  • the client enters the betted numbers, e. g. by entering the first number, followed by the # sign, second number, # sign, ...., fifth number, # sign.
  • the client is informed by the system that he/she must listen to an advertisement and must rate it (or indicate his/her willingness to buy the product) with one to three stars.
  • the service provider sends an SMS to the client, which contains the service code, which latter functions as the lecturreceipt slip".
  • the system also informs the client that the service provider will only send back the service code if the client has listened to the whole advertisement.
  • the bet is financed by the advertising company.
  • the cost of the service received by the client are reimbursed together with the reimbursing of the cost of a further service connected to the usage of the telecommunications means used by the client, here the further service being the advertisement transmitted to the client.
  • This server has the following tasks:
  • the server continuously monitors the incoming calls. When a call enters, the server first identifies the calling number, and stores it at least temporarily. This is practical if a phone network is employed as the telecommunications network between the client and the service provider. Beside the phone number of the client, the MSISDN sign and/or the IMEI number of the client may be employed as the client identifying code.
  • the E-mail address and/or the registration number of the client's telecommunication software and/or the IP number of the client and/or a characteristic DNS (Domain Name Server) data may be employed as the client identifying code.
  • these may be later deleted, due to data protection considerations.
  • the server generates a service identifying code using the phone number or other client identifying code, which entitles a client to claim the prizes.
  • the identifier contains a counter of at least 24, but preferably 32 bits, which is used for the serial number of the bets on the relevant week, and further contains a random number of 32 bits, which latter ensures a suitably sparse number field, and the identifier contains at least the calling number.
  • a further secret identifier is used for the generation of the service identifying code, where the further secret identifier is generated and recorded by the service provider.
  • the date of the betting and an own identifier of the service provider may be coded as well, if there are multiple service providers operating.
  • the betted numbers are also coded into the service identifying code, beside the client identifying code.
  • the service provider codes into the SMS - which is to be sent as a confirmation - the following data: the betted numbers, the time of the bet (wager), eventually the name or number of the service provider itself, and the client identifying code.
  • the SMS will be sent to the bettor with these data coded in the service identifying code.
  • the service identifying code is automatically forwarded to the client, using the telecommunications system and/or the telecommunications means of the service provider and the client.
  • the server Before sending the SMS, the server broadcasts an advertisement and stores the response in a database. After broadcasting the advertisement, the server sends the SMS to the client. After the SMS have been sent, the calling number may be deleted by the service provider, it need not be stored any longer. This is substituted by the important step during the acceptance of the wager when the betted numbers (typically in ascending order) and the generated identifier are stored by the service provider in a database.
  • a client declares that he has a winning entry, it may be controlled in the following manner: He/she is requested by the service provider to present the numbers that were betted (this is an initial filtering step designed to prevent someone from trying to claim the prize with a randomly generated code). Based on the numbers provided, the service provider retrieves from its database the identifiers) stored with the given numbers. If any of the stored identifiers matches the presented identifier, the bettor may receive the winnings.
  • a bettor with a mobile phone places a bet through a WAP interface, response in
  • the bettor previously receives advertisements with a WAP-compatible device (Wireless Application Protocol), and rates the advertisements, thereby collecting points on his/her account associated to his/her phone number.
  • WAP-compatible device Wireless Application Protocol
  • the bettor accesses the WAP page of the betting, and enters the lottery numbers.
  • a bettor with a mobile phone places a bet through a WAP interface, response in E- mail, paying the costs himself/herself 0,
  • the bettor previously provides his/her personal data and E-mail address on a WAP page dedicated to for this purpose, and agrees with his/her mobile phone provider that he/she pays the costs of a maximal x items of lottery wagers through his/her mobile phone subscription account.
  • the cost of the service received by the client is reimbursed together with the reimbursing of the cost of the usage of the telecommunications means used by the client, the telecommunication means being a mobile phone in this example.
  • Example 7 A bettor with a mobile phone places an advance bet through a WAP interface, response in E-mail, paying the costs himself/herself
  • the bettor previously provides his/her personal data, typically his/her E-mail address on a WAP page dedicated to for this purpose, and agrees with his/her mobile phone provider that he/she pays the costs of a maximal x items of lottery wagers through his/her mobile phone subscription account.
  • a bettor with a mobile phone places an advance bet through a WAP interface, response in SMS, paying the costs himself/herself
  • the bettor previously agrees with his/her mobile phone provider that he/she pays the costs of a maximal x items of lottery wagers through his/her mobile phone subscription account. 1, The bettor accesses the WAP page of the periodic betting, and enters the lottery numbers. Simultaneously, his/her phone number is registered, where the SMS messages to him/her should be sent.
  • a bettor with a mobile phone places an advance bet with SMS, receives the response in SMS, paying the costs himself/herself
  • the bettor sends an SMS with the selected lottery numbers. He/she receives two SMS messages in response: One SMS indicates that in the future his/her betting will be made periodically, the second SMS confirms the betting of the actual week. 2, Thereafter, he/she periodically (e. g. each week) receives in an SMS a response with the coded character series. Of course, he/she may also terminate the bets, e. g. by sending an SMS.
  • the client does not choose the lottery numbers himself/herself, but they are created by the server with a random number generation.
  • the random numbers may change weekly, or they remain constant, so that the numbers are input separately from placement of the bet.
  • the bettor may create the numbers with a random number generator on a WAP page dedicated for this purpose, but the client may also choose to alter the previous numbers, and if he omits it, the system will always regard the lottery numbers of the previous week to be the actual bet.
  • the telecommunications network used between the client and the service provider is a cable and/or mobile phone network and/or computer network.
  • Fig. 3 shows those typical hardware means and their functional connection, which may be used to implement at least certain steps of the method of the invention.
  • Fig. 3 also shows the possible physical connections between the hardware means.
  • the connection is essentially established when the user, i. e. the client sends data through a terminal (e. g. Client terminal, client portable terminal, client mobile phone, client phone) to an Interface element of the Server Configuration.
  • a terminal e. g. Client terminal, client portable terminal, client mobile phone, client phone
  • These interface elements may be the Intemet interface, a GSM interface or a Phone interface.
  • the server need not have all interface types.
  • Fig. 3 only shows a number of interfaces to illustrate the possible different versions.
  • the Server send a return message to the user. This return information need not follow the same connection route as that of the incoming data from the user.
  • the user may have to his/her disposal the most versatile means when using a Client Terminal for the connection to the system.
  • the Client Terminal is a usual device suitable for a network connection, having in most cases a display, keyboard, eventually a voice input. Such devices are mainly realised as a computer or portable computer or a network computer (without own software and data).
  • the Client Terminal connects to the Intemet in a manner known per se, e. g. by connecting to the system of an ISP (Intemet Service Provider).
  • the ISP may be the router or gateway of the local network operating the Client Terminal. With other words, the Client Terminal connects to an ISP Server- 1.
  • connection may be a permanent connection to a local network of the ISP Server- 1, or altematively the connection may be a temporary one, through a PPP (Point-to-Point Protocol) or SLIP (Serial Line Internet Protocol) connection, i. e. through phone, or through a switched line using the data communication channels of a GSM network, or through a cable modem (not shown).
  • PPP Point-to-Point Protocol
  • SLIP Serial Line Internet Protocol
  • the Server Configuration which contributes to the implementation of the method according to the invention, connects to the Intemet through its Intemet interface and an ISP Server-2, which latter is normally different from the previous ISP Server- 1.
  • the user may also connect to the system with a Client Portable Terminal, which is normally a portable device with a smaller or larger screen, but with limited capabilities when compared with the previous Client Terminal.
  • a Client Portable Terminal which is normally a portable device with a smaller or larger screen, but with limited capabilities when compared with the previous Client Terminal.
  • Such a device may be a PalmTop, which may be suitable for telephone applications as well.
  • This device connects to the Intemet similarly to the Client Terminal, directly or indirectly.
  • the Client Portable Terminal may connect to a mobile communication network, represented in Fig. 3 by the GSM Central.
  • connection is established with a GSM data traffic, through a communications channel used in mobile communications, as phone call, SMS forwarding, WAP connection or through any other suitable data exchange protocol.
  • the GSM Central will also connect to the GSM Interface with a protocol characteristic for GSM communications (as an SMS, phone call, data transfer).
  • FIG. 3 shows separately the route when the connection is established to the Intemet, but through the GSM Central. This may be the case when the device connects indirectly to the Intemet, e. g. with the WAP protocol. In this case the connection to the Intemet is established through a Gateway connected to the GSM Central.
  • the user may also connect to the Phone Interface element of the Server Configuration, through the User Phone Terminal, which may be a simple cable phone.
  • This connection is established via a Phone Central, which is a known telephone central, i. e. here the connection is made with a phone call.
  • the Server Configuration comprises the following elements:
  • the Intemet Interface is a known interface unit associated to the computer implementing the method, or to the usual local network consisting of several computers, e. g. in an Ethernet-based local network.
  • Such known interface elements are routers connecting a leased line and the local network, or gateways extending the local network, or ATM units connecting the networks.
  • the GSM Interface may be a GSM card, a device for GSM data traffic, or any other unit comprising a GSM phone.
  • the GSM Interface connects in a known manner to a computer or network for the purposes of data exchange.
  • the Phone Interface is normal voice/fax module, optionally with ISDN capabilities.
  • the method is implemented by data processing steps performed by and between the above elements of the Server Configuration, and by computer programs implementing at least certain steps of the method.
  • the Main Server itself may consist of several computers, which are interconnected in a known manner, mainly in a local network.
  • the above described different types of Interfaces are driven with known interface-manager specific protocols.
  • these may be WEB-servers, WAP-servers, E-mail servers, E-mail clients, and other programs dynamically managing those, such as WEB robots, WEB spiders, E-mail client programs, scripts etc.
  • GSM interface programs are GSM protocol manager and application programs, as caller identifier, cell identifier, SMS receiver, SMS sender, call handler, call initiator, phone call recorder, phone sound generating programs.
  • Phone Interface programs are those using and managing phone call protocols, as caller identifier, D- channel manager, phone call handler, call initiator, phone call recorder, phone sound generating programs.

Abstract

The invention concerns a method for authentication of clients who are entitled to receive a service. The method comprises the following steps: A client is contacted through a telecommunications network by a service provider. Information is exchanged through the telecommunications network, concerning the service to be provided. The parties agree in the providing of a service through the telecommunications network. Thereafter, a service identifying code is sent to the client as a confirmation of the ordered service. The service identifying code also serves to identify the contents of the service to be provided. The service identifying code is generated using a unique client identifying code associated to the telecommunication means used by the client for establishing contact through the telecommunications network. Such a client identifying code is used, which is automatically forwarded to the service provider in the course of the normal use of the telecommunications network. The service identifying code is generated so that a service identifying code is associated to one and only one client identifying code. Finally, the service is provided to the client who possesses the service identifying code. The invention also concerns the system and computer program product implementing the method.

Description

METHOD FOR AUTHENTICATION OF CLIENTS FOR PROOF OF CLAIM TO A SERVICE, AND SYSTEM AND COMPUTER PRODUCT IMPLEMENTING THE METHOD
Technical Field
The object of the invention is a method for authentication of clients entitled to receive a service, and a system implementing the method. The following steps are performed during the method: A client is contacted by a service provider through a telecommunications network, where the service provider provides a certain type of service. Information is exchanged through the telecommunications network, where the information concerns the service to be provided. An agreement is concluded through the telecommunications network, where the subject of the agreement is the providing of a service. During the information exchange, a service identifying code is sent to the client as a confirmation of the ordered service. This service identifying code also serves to identify the contents of the service to be provided. The invention also relates to the system implementing the method, and to the various parts of the system.
Background Art
It is one of the basic problems of the known phone-based or internet-based solutions, that beside the technical means used for concluding an agreement for providing a service, for example a betting on a game of chance, further means must be used, beside the technical means used for the telecommunication between the service provider and the client. These further means are independent from the technical means used for the telecommunication. This independent means are used to identify and authenticate the client receiving the service, e. g. a client making a bet. This means is also customarily used for paying the fee for the service, e. g for the payment of the wager. As an example, the Hungarian Gambling Co. provides to the clients means for making a wager on a cable phone, or mobile phone, or through the Internet, on a WEB surface. For this purpose, the client must buy a special card in advance, and the number codes of the card must be provided when making a wager, or the data of the clients bank card must be furnished. In these cases, the client needs further technical means for making the wager, beside the technical means necessary for contacting the service provider. Once the client possesses the necessary independent means, e. g. a so-called Lucky Card, the phone number provided on the card is called. After connecting to the system, the client is requested to provide the 15-digit number of the Lucky Card. This method is slow and cumbersome. The method and apparatus (system) of the invention seeks to alleviate the above mentioned disadvantage.
Another characteristic of the existing systems is that confirmation of concluded agreement about the service, e.g. confirmation of the wager mentioned above, is done through a communications channel established between the client and the betting shop (bookmaker's office), during the continuous use of the channel.
Alternatively, the confirmation is done later, with the active participation of the client, and using another communications channel. As an example, with a phone connection, the automatic betting office reads the selected numbers of the bet, or the client calls the betting phone number, where the client is identified by providing again identification data, and the client may again request to have his actual, valid bet read back by the personnel. The present invention also intends to provide a method where the active participation of the client is not necessary for receiving his confirmation.
However, it is a particular object of the invention to provide a method where a single client may be reliably authenticated, where the client otherwise wishes to remain anonymous, and the only purpose of the authentication is to decide whether the client is entitled to a certain, well-defined service or to a similar claim. In particular, with games of chance it is of importance to keep the person of the gambler secret, even for the provider or the lottery service. With other words, the same level of anonymity must be ensured for the client which is present when the claim of the client is proved by a receipt slip.
At the same time, unequivocal identification is also necessary, that is the winning person must be identified unequivocally, so that it is not possible to claim a prize with a „photocopied" identification, i. e. simply by possessing a code identifying a service. More precisely, it should be possible to select the really entitled person if several persons present the same service identifying code.
Finally, it is also an object of the invention to provide for convenient payment, so that no special action should be taken for paying each wager, and the payment should be generally fast and convenient.
Summary of the Invention
According to an embodiment of the invention, the above objects are attained with a method of the type described above, where the service identifying code is generated using a unique client identifying code. This client identifying code is associated to the telecommunication means used by the client for establishing contact through the telecommunications network. The client identifying code is automatically forwarded to the service provider in the course of the normal use of the telecommunications network. The service identifying code being generated so that a service identifying code is associated to one and only one client identifying code. The service is provided to the client who possesses the service identifying code. In another implementation of the method, the apparatus performing the method automatically initiates the establishment of a communications channel after the placement of a wager, and the apparatus sends the service identifying code through the communications channel to the client, e.g. in the form of an SMS message.
The method of the invention is particularly suitable for concluding an agreement about a service to be provided, without any further technical means or any further data from the client, e. g. the person making the wager, because the reimbursement of the costs of the service received by the client, e. g. the fees for a wager, are made together with the reimbursing of the cost of the usage of the telecommunications means used by the client. This technical means may be a mobile phone or an Internet WEB-based communication. As an example, the active operation of a mobile phone device allows the connecting mobile phone central to charge the mobile phone subscription account of the person using the service or to charge the account of a built-in card in the mobile phone itself. The charging may be done with the usual technical means, e. g. using the phone charge calculating software with appropriate programming, and the charging may be connected to the sending of the acknowledgement of the agreement concerning the service. In this manner, the reimbursing the cost of the service received by the client is performed together with the reimbursing of the cost of the use of the telecommunications means used by the client.
In a practical realisation of the method according to the invention, the service is the acceptance of a wager in some game of chance. The wager is realised without any real payment by the client, because the client is only using his/her telecommunication device, and must necessarily receive the information sent to him/her, otherwise the wager is technically nor realised. The information is sent to the client during the technical steps in making the wager. The conveying of the information to the client may be done by reading it automatically, or displaying it on a screen of a computer, and the information may contain images, sound, texts, e. g. advertisement materials. With other words, in this case the reimbursing the cost of the service received by the client is done together with the reimbursing of the cost of a further service connected to the usage of the telecommunications means used by the client. In this case the further service connected to the usage of the client's telecommunications means is the conveying of the advertisements to the client.
The method according to the invention may be realised advantageously in a manner so that the client, e. g. the person placing the wager may remain anonymous, even if he/she is a winner. This is because the information sent with the acknowledgement of the wager is coded and unique, and this information by itself may be sufficient to identify the winner. For this purpose it is sufficient to send a unique string of characters to the person making the wager. E. g. if the telecommunication means between the service provider and the client is a mobile phone, it is preferable to use the phone number when the acknowledgement character string is generated. Of course, the use of other identifiers is also feasible. E. g. when using the Internet as the telecommunication means, the E-mail address of the service provider may be used as well when the service identifying code is generated.
It is particularly useful if further secret identifiers are used for the generation of the service identifying code, where the further secret identifier is generated and recorded by the service provider. For example, a secret character string can be used in each betting period, where this character string is used with every person making a wager in the given period. In order to prevent unfounded complaints and fraud, it is also preferable to use for the generation of the service identifying code any of the following: the time and/or place of the agreement concerning the service to be provided, and/or the service provider's serial number of the agreement concerning the service to be provided. The acknowledgement character string, i. e. the service identifying code returned to the client contains all these in a coded form. The coding is done in a manner known for coding and storing e. g. computer passwords, with one-way or irreversible coding, i. e. in way that practically can not be decoded. This procedure guarantees that the same input data always result in the same code string. This way in problematic cases the phone apparatus of the betting person having a certain phone number, or his SIM Card (Subscriber Identity Module), or his E-mail address may be identified, even before third persons.
It is also preferable to implement the method where the providing of the service comprises the providing of participation in a game of chance, the game containing elements of betting, and coding into the service identifying code the information identifying the betting of the client. For example, the coded data may contain the data of the betting itself, e. g. the chosen five lucky numbers of a lottery.
In a practical implementation, a telephone network may be employed as the telecommunications network, and the MSISDN sign (Mobile Station International ISDN Number) and/or the IMEI number (International Mobile station Equipment Identity) of the client may be employed as the client identifying code. This is done in the following manner: The central apparatus of the system performing the method receives the data necessary for the betting (e. g. the five lottery numbers), in an SMS (Short Message Service) from the traditional mobile phone of the client. Simultaneously, the central apparatus also receives the phone number of the sender. The software in the central digitally evaluates the received characters string, and controls if it conforms to a character string which may be interpreted as a valid betting. If not, an error message is sent back to the sender. If the character string is acceptable, the service identifying code is generated from the sender's phone number, the contents of the SMS message, and from a secret character string associated to the specific betting period (e. g. a character string defined for the relevant week). The applied algorithm generates a code character string with an irreversible coding, e. g. with a coding algorithm similar to the password coding algorithms used in computers, so that the original contents can not be decoded from the final code itself. The central apparatus than sends back this code string and the original SMS contents to the original sender of the SMS. The identifying necessary to receive the winnings is made based on the code string.
The algorithm used for generating the service identifying code enables the subsequent identification of the betting person, or his/her mobile phone, respectively, also in case of a dispute or in dubious cases. This is because the algorithm itself, and the secret number associated to the relevant betting period is deposited in escrow at an independent third party, sealed. Therefore, using together the client identifying code, i. e. the phone number of the betting person, the data of the wager and the secret number provided by the bookmaker office, the character string constituting the previous service identifying code may be re-generated again. Using a different phone number or different betting data, or placing the bet in a different betting period would result in a different character string, i. e. a different service identifying code.
Brief Description of Drawings By way of example only, an embodiment of the invention will now be described with reference to the accompanying drawing, in which
Fig. 1 is a flow chart illustrating a part of the method of the invention,
Fig. 2 is a flow chart illustrating another part of the method of the invention, Fig.3 is a schematic diagram of the connection between the hardware elements suitable for performing the method of the invention.
Best Mode for Carrying out the Invention Referring now to Fig. 1, the method for authentication of clients entitled to receive a service is illustrated on the flow chart. In a first step 10, a client is contacted through a telecommunications network. The contacting is made in the capacity of a service provider providing a certain type of service. The contact is established using a telecommunication means, where in a step 20 a client identifying code is automatically forwarded to the service provider in the course of the normal use of the telecommunications network. This client identifying code is associated to the telecommunication means used by the client for establishing the contact through the telecommunications network. This unique client identifying code is stored at least temporarily by the system in a step 25, for the purpose of later use.
Thereafter, in a step 30 information is exchanged through the telecommunications network. The information concerns the service to be provided. Presuming that the parties contacted each other wishing to conclude an agreement, only that part of the exchange of information is described Fig. 1, and other eventual steps or transactions between the service provider and the client are not described in detail. Returning now to Fig. 1, in steps 30 and 40 the service provider and the client agree through the telecommunications network in the providing of a service. This service may be of any type, but in the following specific examples below, the service comprises the organisation of a game of chance, and the provision of participation in the game by the client, and specifically, paying a prize if the client wins. In the steps 30 and 40 information is exchanged between the service provider and the client essentially about the contents of the service and other circumstances, to a point when both parties find the service to be properly defined for concluding an agreement with the other party. During the information exchange, both the provider and the client may supply data about the promised or desired service, this is illustrated in steps 35 and 36. The agreement is practically concluded in step 50, or, if the client would finally decline from requesting the service, it is possible to continue the information exchange with the service provider in step 55, for the purposes of requesting a different service. Alternatively, the information exchange may be finished completely.
Following step 50, the service provider forwards a service identifying code to the client. This service identifying code or shortly service code is generated by the service provider in step 60, and for this purpose the client identifying code, or shortly client code which was previously stored in step 25, is now retrieved in step 65.
The service identifying code generated in step 60 partly serves as the confirmation of the ordered service, and partly serves to identify the contents of the service, as it will be explained below.
The unequivocal confirmation of the service for a given client is ensured by the fact that the service identifying code is generated so that a service identifying code is associated to one and only one client identifying code. This measure is further combined with the fact that the service identifying code is generated using a unique client identifying code, which client identifying code is associated to the telecommunication means used by the client for establishing contact with the service provider. It is noted again that such a client identifying code is automatically forwarded to the service provider in the course of the normal use of the telecommunications network.
The service identifying code generated in step 60 is sent to the client as a confirmation of the ordered service in a further step 70. Here we note again that this service identifying code or shortly service code not only serves to confirm or acknowledge the fact that an agreement has been concluded concerning a service, but also serves to identify the contents of the service to be provided. Therefore, the service code is stored by the service provider as well, in step 75, preferably together with other data concerning the circumstances and contents of the service. Thereafter, the contact between the client and the service provider ends at least temporarily, in a final step 80. Though this last step is not strictly necessary in theory, in most instances this will be the case, because one of the main purposes of the service code is to provide subsequently a connecting link between the service provider and the client, who are not in contact with each other.
Fig. 2 illustrates the process when the client again contacts the service provider in a step 110, in order to claim the agreed service. After requesting the service in step 120, the service provider authenticates the client at least partly. For the authentication process the service provider request at least the service code from the client, but in a given case further identification also may be requested, depending on the type of the service to be provided. It is to be emphasised that here the use of telecommunication means are not necessary for the interaction between the client and the service provider, as opposed to the process shown in Fig. 1. However, even in this case it may be preferable to perform the interaction between the client and the service provider through telecommunication means, e. g. if it is a primary object to preserve the anonymity of the client.
In step 130, the service provider performs various controls on the service code. For this purpose, the service provider may request further data from its own sources or from the client, as shown in steps 135 and 136. If the service provider finds in a following step 140 that the service code is correct, and nothing else prevents the providing of the service, the service provider proceeds to provide the agreed service in step 150. Following the providing of the service, the contact between the client and the service provider ends in step 160. However, if in step 140 the service provider does not find the service code to be acceptable for any reason, the parties usually conduct in steps 145,156 and 147 a dispute resolution process which is not elaborated in all details here. It is sufficient to note that during this dispute resolution, usually the service code will be controlled again, and other control procedures are performed, which will be described in more detail with the examples below. If the complaint of the client is successful in step 147, the service provider will normally provide the agreed service, or alternatively a further dispute resolution process may be initiated in step 148. Summarising the above, the service provider finally provides the service to the client who possesses the service identifying code.
One of the main areas for using the inventive method is the organisation of games of chance. In this case, the core content of the service is that the service provider provides participation in a game of chance for the client, where the game contains elements of betting, and paying a prize upon winning. In this case the client is called bettor (wagerer, punter, staker). In the examples below, the game of chance is a lottery, where e. g. five numbers must be bet, in a system known per se. In this case, as it will be explained below, it is practical if the information identifying the betting of the client in the game of chance is coded into the service identifying code. The information identifying the betting of the client may be the betted lottery numbers.
Example 1.
A bettor with a pre-paid GSM-type mobile phone (having a pre-paid card) places a bet in SMS, without advertisement
1, The bettor has a pre-paid SIM Card. He sends an SMS message to the service provider which contains the five lottery numbers and eventually a password. 2. The service provider checks out at the GSM (Global System for Mobile communications) provider whether the account of the caller may be debited with the price of the betting. If not, this latter is indicated by the service provider to the bettor in an SMS. If the bettor may be debited, the procedure continues. 3. Subsequently, the service provider generates the service identifying code with random number generation and/or prime number generation, and further, for enhanced security and the possibility of later checkout, the service identifying code is generated using a one-way (irreversible) coding. With other words, the service provider generates an irreversible service code, based on the phone number of the caller (bettor), the secret code of the betting week, the betted numbers and a counter having a default value of 1. If another code generated in this manner is already stored in the system, the counter is increased until a previously not existing code have been generated. In this manner it is possible for a client to place a bet on the same numbers several times, and still the identity of the bettor need not be stored. Thereafter, the service provider may even skip the storing of the phone numbers themselves, e. g. due to personal data protection considerations.
4. The code thus generated is sent by the service provider in an SMS to the client, in the form of a letter or number series. At the same time, the service provider instructs the GSM provider to debit the account of the bettor with the cost of the service and the wager (betting).
5. The service provider stores the service code and the betted numbers. This list is deposited at a notary public each week, together with the secret code of the betting week.
6. Based on the code, the winner may be authenticated. In a dispute, the code may be re-generated based on the phone number of the bettor, the secret code of the week, and the betted numbers, even in case of multiple betting. In a dubious situation, e. g. when several clients show up with the same correct code, the proved ownership of the phone may decide, which client is entitled to claim the service, because the payment of the service can also be proved for that client.
Example 2.
A bettor with a cable phone, whose bet is paid to the service provider by a third party delivering advertisement
1. The bettor calls the phone number indicated by the service provider. The bettor enters the numbers on the dial, or dictates them. The system controls whether the betted numbers are correct. At the same time, the system automatically detects the phone number of the calling party. In a phone system where the phone number is not forwarded automatically, the service provider instructs the betting client to provide the phone number, and the service provider indicates that it is a necessary precondition for the acceptance of the bet. Thereafter, the bettor may also provide a multiple-digit identifier, which is typically remembered by the client with the help of the letters on the phone dial. If the system would contain too many of the supplied identifier, the service provider requests another identifier from the client.
2. Subsequently, the service provider broadcasts an advertisement, which is rated by the client directly, on-line, with the buttons of the phone. Altematively, the client rates not the advertisement itself, but the product advertised. The rating forms the basis of the payment.
3. The service provider stores the results of the rating, to be billed to the advertiser.
4. Thereafter the service provider dictates a multiple-digit identifier code to the client. The client may later authenticate himself with this identifier code. In this case, the identifier provided by the client and the service identifying code are valid together only, and the service provider stores both codes, and optionally deposits it at a notary public before the draw. In case the system is able to identify the phone number of the calling party, the provision of a separate client identifying code may be avoided.
Example 3.
A bettor with a mobile phone places a bet in SMS, paid through advertising
1, The user of the mobile phone sends an SMS to the lottery organising service provider, containing the betted lottery numbers in a predetermined format. 2. The game organiser responds to the bettor based on the received SMS (if the format is correct, otherwise an error message is sent). The organiser sends one or more SMS messages, which contains either (a) one or more advertising text (b) a questionnaire in connection with an advertisement campaign. In case (a), the code word hidden in the message or a point rating must be sent back (therewith forcing the client to read through the message), while in case (b), the complete list of answers must be sent back by the client.
3. If the gambler successfully responded to the questions in step 2, the organiser sends him/her another SMS, containing the betted five numbers, as a reminder, and a confirmation containing x+y digits. Here the x digits contain the phone number of the user, the y digits are the result of some irreversible coding of the time when the first SMS message of the gambler was received. The number generated with the irreversible coding is completely unique, i. e. the service identifying code is generated so that a single service identifying code is associated to one and only one client identifying code. Simultaneously, in the central data base, the phone number associated to the betted numbers are now replaced with this code. Therewith the client (the user) becomes a regular gambler (bettor), and the single connection between the user and the lottery numbers ends. Thereafter, the proof of the betting is only valid with the presentation of the service identifying code. 4. The query of the winning numbers may be done through an SMS after the draw, but the client may obtain information about the winning by more traditional channels as well.
5. If the client has won, he/she presents the confirmation code with the game organiser. There the last authentication action is to control whether the registered phone number yields the same number as the first x digits of the service identifying code. This is to filter out persons who has acquired somehow the correct and confirmed code number.
6. Alternatively, the client may receive the winning simply after presenting the code. .
Example 4.
A bettor with a mobile phone places a bet through a phone call, receives a response in SMS, being paid by advertisement.
a, The user (bettor) places a bet through a subscription mobile phone and b, there is an agreement between the lottery service provider and the mobile phone provider that calls made to the service provider should be billed to the lottery service provider b, the lottery provider may be called on a green number.
The server waits for the calls of the bettors on a central phone number.
1. The bets are placed as follows:
The client calls the central number, where he/she is greeted by an artificially generated voice, informing the client that the five (six) winning numbers may be placed for week 15. The client enters the betted numbers, e. g. by entering the first number, followed by the # sign, second number, # sign, ...., fifth number, # sign. Thereafter the client is informed by the system that he/she must listen to an advertisement and must rate it (or indicate his/her willingness to buy the product) with one to three stars. After the rating, the service provider sends an SMS to the client, which contains the service code, which latter functions as the „receipt slip". The system also informs the client that the service provider will only send back the service code if the client has listened to the whole advertisement. In this case the bet is financed by the advertising company. With other words, the cost of the service received by the client are reimbursed together with the reimbursing of the cost of a further service connected to the usage of the telecommunications means used by the client, here the further service being the advertisement transmitted to the client.
On the side of the service provider, the organising work is typically done by a dedicated server. This server has the following tasks:
The server continuously monitors the incoming calls. When a call enters, the server first identifies the calling number, and stores it at least temporarily. This is practical if a phone network is employed as the telecommunications network between the client and the service provider. Beside the phone number of the client, the MSISDN sign and/or the IMEI number of the client may be employed as the client identifying code.
In other cases, e. g. if a computer network is employed as the telecommunications network, instead of the phone number, the E-mail address and/or the registration number of the client's telecommunication software and/or the IP number of the client and/or a characteristic DNS (Domain Name Server) data may be employed as the client identifying code. Optionally, these may be later deleted, due to data protection considerations. The server generates a service identifying code using the phone number or other client identifying code, which entitles a client to claim the prizes. The identifier contains a counter of at least 24, but preferably 32 bits, which is used for the serial number of the bets on the relevant week, and further contains a random number of 32 bits, which latter ensures a suitably sparse number field, and the identifier contains at least the calling number.
With other words, in this case a further secret identifier is used for the generation of the service identifying code, where the further secret identifier is generated and recorded by the service provider. Optionally, the date of the betting and an own identifier of the service provider may be coded as well, if there are multiple service providers operating. Of course, it is preferable to use the betted numbers as well, i. e. here the parameters of the agreed service are also coded into the service identifying code, beside the client identifying code. These fields are coded together with a one-way function, and a code conversion is used so that the final code will be suitable for sending it through an SMS message. The service provider codes into the SMS - which is to be sent as a confirmation - the following data: the betted numbers, the time of the bet (wager), eventually the name or number of the service provider itself, and the client identifying code. The SMS will be sent to the bettor with these data coded in the service identifying code. In this case, the service identifying code is automatically forwarded to the client, using the telecommunications system and/or the telecommunications means of the service provider and the client.
Before sending the SMS, the server broadcasts an advertisement and stores the response in a database. After broadcasting the advertisement, the server sends the SMS to the client. After the SMS have been sent, the calling number may be deleted by the service provider, it need not be stored any longer. This is substituted by the important step during the acceptance of the wager when the betted numbers (typically in ascending order) and the generated identifier are stored by the service provider in a database.
2. Identification of winning entries:
If a client declares that he has a winning entry, it may be controlled in the following manner: He/she is requested by the service provider to present the numbers that were betted (this is an initial filtering step designed to prevent someone from trying to claim the prize with a randomly generated code). Based on the numbers provided, the service provider retrieves from its database the identifiers) stored with the given numbers. If any of the stored identifiers matches the presented identifier, the bettor may receive the winnings.
Example 5.
A bettor with a mobile phone places a bet through a WAP interface, response in
SMS, paid by advertisement
0, The bettor previously receives advertisements with a WAP-compatible device (Wireless Application Protocol), and rates the advertisements, thereby collecting points on his/her account associated to his/her phone number.
1, The bettor accesses the WAP page of the betting, and enters the lottery numbers.
2, The bettor receives a response in an SMS with the code series as described in the examples above. Thereafter the procedure continues similarly to the above.
Example 6.
A bettor with a mobile phone places a bet through a WAP interface, response in E- mail, paying the costs himself/herself 0, The bettor previously provides his/her personal data and E-mail address on a WAP page dedicated to for this purpose, and agrees with his/her mobile phone provider that he/she pays the costs of a maximal x items of lottery wagers through his/her mobile phone subscription account. Hence, in this case the cost of the service received by the client is reimbursed together with the reimbursing of the cost of the usage of the telecommunications means used by the client, the telecommunication means being a mobile phone in this example.
1, The bettor accesses the WAP page of the betting, and enters the lottery numbers. 2, The bettor receives a response to his/her E-mail address specified in point 0, with the code series as described in the examples above. Thereafter the procedure continues similarly to the above.
Example 7. A bettor with a mobile phone places an advance bet through a WAP interface, response in E-mail, paying the costs himself/herself
0, The bettor previously provides his/her personal data, typically his/her E-mail address on a WAP page dedicated to for this purpose, and agrees with his/her mobile phone provider that he/she pays the costs of a maximal x items of lottery wagers through his/her mobile phone subscription account.
1, The bettor accesses the WAP page of the betting, and enters the lottery numbers. In a manner similar to the examples provided above, he/she automatically receives each week a service identifying code to his/her E-mail address specified in point 0,. (Of course, the client may terminate his/her wagers placed for a longer time in advance, before the actual draw takes place. Such termination may be done in en E- mail, or from the WAP-page directly, or with other suitable procedure defined by the service provider). Example 8.
A bettor with a mobile phone places an advance bet through a WAP interface, response in SMS, paying the costs himself/herself
0, The bettor previously agrees with his/her mobile phone provider that he/she pays the costs of a maximal x items of lottery wagers through his/her mobile phone subscription account. 1, The bettor accesses the WAP page of the periodic betting, and enters the lottery numbers. Simultaneously, his/her phone number is registered, where the SMS messages to him/her should be sent.
2, In a manner similar to the examples provided above, he/she periodically (e. g. each week) receives in an SMS the service identifying code of the actual service. Of course, the client still has the option to terminate the bets, e. g directly from the
WAP page or by sending an SMS.
Example 9
A bettor with a mobile phone places an advance bet with SMS, receives the response in SMS, paying the costs himself/herself
0, The bettor previously agrees with his/her mobile phone provider that he/she pays the costs of a maximal x items of lottery wagers through his/her mobile phone subscription account.
1, The bettor sends an SMS with the selected lottery numbers. He/she receives two SMS messages in response: One SMS indicates that in the future his/her betting will be made periodically, the second SMS confirms the betting of the actual week. 2, Thereafter, he/she periodically (e. g. each week) receives in an SMS a response with the coded character series. Of course, he/she may also terminate the bets, e. g. by sending an SMS.
Example 10.
All previous examples may be implemented with the following modification:
The client (bettor) does not choose the lottery numbers himself/herself, but they are created by the server with a random number generation. In case of advance wagers or advance bets, the random numbers may change weekly, or they remain constant, so that the numbers are input separately from placement of the bet. E. g. the bettor may create the numbers with a random number generator on a WAP page dedicated for this purpose, but the client may also choose to alter the previous numbers, and if he omits it, the system will always regard the lottery numbers of the previous week to be the actual bet.
Generally, the telecommunications network used between the client and the service provider is a cable and/or mobile phone network and/or computer network. Fig. 3 shows those typical hardware means and their functional connection, which may be used to implement at least certain steps of the method of the invention. Fig. 3 also shows the possible physical connections between the hardware means. The connection is essentially established when the user, i. e. the client sends data through a terminal (e. g. Client terminal, client portable terminal, client mobile phone, client phone) to an Interface element of the Server Configuration. These interface elements may be the Intemet interface, a GSM interface or a Phone interface. Of course, the server need not have all interface types. Fig. 3 only shows a number of interfaces to illustrate the possible different versions. After the establishment of the connection, the Server send a return message to the user. This return information need not follow the same connection route as that of the incoming data from the user. In the figure, the arrows indicate the possible routes through which the user may send data to the server.
The user may have to his/her disposal the most versatile means when using a Client Terminal for the connection to the system. The Client Terminal is a usual device suitable for a network connection, having in most cases a display, keyboard, eventually a voice input. Such devices are mainly realised as a computer or portable computer or a network computer (without own software and data). The Client Terminal connects to the Intemet in a manner known per se, e. g. by connecting to the system of an ISP (Intemet Service Provider). The ISP may be the router or gateway of the local network operating the Client Terminal. With other words, the Client Terminal connects to an ISP Server- 1. The connection may be a permanent connection to a local network of the ISP Server- 1, or altematively the connection may be a temporary one, through a PPP (Point-to-Point Protocol) or SLIP (Serial Line Internet Protocol) connection, i. e. through phone, or through a switched line using the data communication channels of a GSM network, or through a cable modem (not shown). These possible connection variants are known per se, and they are only relevant to the present invention for the purpose of providing a transparent connection to the Intemet. Therefore, the details of the various connection routes are not shown. The Server Configuration, which contributes to the implementation of the method according to the invention, connects to the Intemet through its Intemet interface and an ISP Server-2, which latter is normally different from the previous ISP Server- 1. In this manner, the connection between the client and the service provider is established through the Intemet. The user may also connect to the system with a Client Portable Terminal, which is normally a portable device with a smaller or larger screen, but with limited capabilities when compared with the previous Client Terminal. Such a device may be a PalmTop, which may be suitable for telephone applications as well. This device connects to the Intemet similarly to the Client Terminal, directly or indirectly. Altematively, the Client Portable Terminal may connect to a mobile communication network, represented in Fig. 3 by the GSM Central. In this case the connection is established with a GSM data traffic, through a communications channel used in mobile communications, as phone call, SMS forwarding, WAP connection or through any other suitable data exchange protocol. The GSM Central will also connect to the GSM Interface with a protocol characteristic for GSM communications (as an SMS, phone call, data transfer).
When a mobile connection is employed, Fig. 3 shows separately the route when the connection is established to the Intemet, but through the GSM Central. This may be the case when the device connects indirectly to the Intemet, e. g. with the WAP protocol. In this case the connection to the Intemet is established through a Gateway connected to the GSM Central.
The user may also connect to the Phone Interface element of the Server Configuration, through the User Phone Terminal, which may be a simple cable phone. This connection is established via a Phone Central, which is a known telephone central, i. e. here the connection is made with a phone call.
The Server Configuration comprises the following elements:
The Intemet Interface is a known interface unit associated to the computer implementing the method, or to the usual local network consisting of several computers, e. g. in an Ethernet-based local network. Such known interface elements are routers connecting a leased line and the local network, or gateways extending the local network, or ATM units connecting the networks.
The GSM Interface may be a GSM card, a device for GSM data traffic, or any other unit comprising a GSM phone. The GSM Interface connects in a known manner to a computer or network for the purposes of data exchange.
The Phone Interface is normal voice/fax module, optionally with ISDN capabilities.
The method is implemented by data processing steps performed by and between the above elements of the Server Configuration, and by computer programs implementing at least certain steps of the method. Accordingly, the Main Server itself may consist of several computers, which are interconnected in a known manner, mainly in a local network. The above described different types of Interfaces are driven with known interface-manager specific protocols. In cases of the Intemet Interface, these may be WEB-servers, WAP-servers, E-mail servers, E-mail clients, and other programs dynamically managing those, such as WEB robots, WEB spiders, E-mail client programs, scripts etc. In case of a GSM interface, such programs are GSM protocol manager and application programs, as caller identifier, cell identifier, SMS receiver, SMS sender, call handler, call initiator, phone call recorder, phone sound generating programs. In case of a Phone Interface, such programs are those using and managing phone call protocols, as caller identifier, D- channel manager, phone call handler, call initiator, phone call recorder, phone sound generating programs.

Claims

Claims:
1. Method for authentication of clients entitled to receive a service, comprising the following steps: a, contacting a client through a telecommunications network, in the capacity of a provider providing a certain type of service, b, exchanging information through the telecommunications network, the information concerning the service to be provided, and agreeing in the providing of a service, c, sending a service identifying code to the client as a confirmation of the ordered service, which service identifying code also serves to identify the contents of the service to be provided, characterised in that d, the service identifying code is generated using a unique client identifying code, the client identifying code being associated to the telecommunication means used by the client for establishing contact through the telecommunications network, and where the client identifying code is automatically forwarded to the service provider in the course of the normal use of the telecommunications network, and further e, the service identifying code is generated so that a service identifying code is associated to one and only one client identifying code, so that d, the service may be provided to the client possessing the service identifying code.
2. The method of claim 1, characterised in employing a cable and/or mobile phone network and/or computer network as the telecommunications network.
3. The method of claim 1 or 2, characterised in generating the service identifying code with random number generation and/or prime number generation.
4. The method of any one of claims 1 to 3, characterised in generating the service identifying code with an irreversible (one-way) coding.
5. The method of any one of claims 1 to 4, characterised in forwarding the service identifying code automatically to the client, using the telecommunications system and/or means of the service provider and the client.
6. The method of any one of claims 1 to 4, characterised in employing a telephone network as the telecommunications network, and employing the MSISDN sign and/or the IMEI number of the client as the client identifying code.
7. The method of any one of claims 1 to 4, characterised in employing a computer network as the telecommunications network, and employing the registration number of the client's telecommunication software and/or the E-mail address and or a characteristic DNS data and/or the IP number of the client as the client identifying code.
8. The method of any one of claims 1 to 7, characterised in coding into the service identifying code the parameters of the agreed service, beside the client identifying code.
9. The method of claim 8, characterised in that the providing of the service comprises the providing of participation in a game of chance, the game containing elements of betting, and coding into the service identifying code the information identifying the betting of the client.
10. The method of any one of claims 1 to 9, characterised in using further secret identifiers for the generation of the service identifying code, the further secret identifier being generated and recorded by the service provider.
11. The method of any one of claims 1 to 10, characterised in using the time and/or place and/or the provider's serial number of the agreement concerning the service to be provided for the generation of the service identifying code.
12. The method of any one of claims 1 to 11, characterised in employing a mobile phone network as the telecommunications network, and using SMS and/or WAP page and/or E-mail for entering into an agreement concerning the service to be provided and/or for forwarding the service identifying code to the client.
13. The method of any one of claims 1 to 12, characterised in reimbursing the cost of the service received by the client together with the reimbursing of the cost of the usage of the telecommunications means used by the client.
14. The method of any one of claims 1 to 12, characterised in reimbursing the cost of the service received by the client together with the reimbursing of the cost of a further service connected to the usage of the telecommunications means used by the client.
15. A system for the authentication of clients entitled to receive a service, comprising subsystems adapted for performing the method of any one of claims 1 to 14, particularly a telecommunications network and a client-side telecommunications means, particularly a terminal and/or telephone and a service-provider-side telecommunications means, particularly a server.
16. A server system, programmed to implement the server side functions of the method of any one of claims 1 to 14.
17. A client-side telecommunications means, particularly a terminal or telephone, programmed to implement the client side functions of the method of any one of claims 1 to 14.
18. A computer program product, comprising commands for implementing the client side steps and/or the service-provider-side steps of the method of any one of claims 1 to 14.
19. A telecommunications means, comprising a memory storing a computer program product of claim 18, the computer program product comprising commands for implementing the client side steps and/or the service-provider-side steps of the method of any one of claims 1 to 14.
20. A data carrier, storing a computer program product of claim 18, the computer program product comprising commands for implementing the client side steps and/or the service-provider-side steps of the method of any one of claims 1 to 14.
PCT/HU2001/000060 2000-05-25 2001-05-25 Method for authentication of clients for proof of claim to a service, and system and computer product implementing the method WO2001091410A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001274350A AU2001274350A1 (en) 2000-05-25 2001-05-25 Method for authentication of clients for proof of claim to service, and systemand computer product implementing the method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
HU0002016A HUP0002016A2 (en) 2000-05-25 2000-05-25 Method of identification of clients for certificate authority to a service, as well as system and computer product for carrying out the method
HUP0002016 2000-05-25

Publications (2)

Publication Number Publication Date
WO2001091410A2 true WO2001091410A2 (en) 2001-11-29
WO2001091410A3 WO2001091410A3 (en) 2002-04-18

Family

ID=89978358

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/HU2001/000060 WO2001091410A2 (en) 2000-05-25 2001-05-25 Method for authentication of clients for proof of claim to a service, and system and computer product implementing the method

Country Status (3)

Country Link
AU (1) AU2001274350A1 (en)
HU (1) HUP0002016A2 (en)
WO (1) WO2001091410A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2839832A1 (en) * 2002-05-14 2003-11-21 Sarl Labo Online Access control system for information server uses first access request, return of authentication, and second request to establish access
EP1953697A1 (en) * 2005-10-28 2008-08-06 OMRON Corporation, a corporation of Japan Shared service resource control system and shared service resource control method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5715314A (en) * 1994-10-24 1998-02-03 Open Market, Inc. Network sales system
US5724424A (en) * 1993-12-16 1998-03-03 Open Market, Inc. Digital active advertising
WO2000022908A2 (en) * 1999-12-10 2000-04-27 Oy Prikatti Ab Method, system and business model for performing electronic betting

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5724424A (en) * 1993-12-16 1998-03-03 Open Market, Inc. Digital active advertising
US5715314A (en) * 1994-10-24 1998-02-03 Open Market, Inc. Network sales system
WO2000022908A2 (en) * 1999-12-10 2000-04-27 Oy Prikatti Ab Method, system and business model for performing electronic betting

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2839832A1 (en) * 2002-05-14 2003-11-21 Sarl Labo Online Access control system for information server uses first access request, return of authentication, and second request to establish access
EP1953697A1 (en) * 2005-10-28 2008-08-06 OMRON Corporation, a corporation of Japan Shared service resource control system and shared service resource control method
EP1953697A4 (en) * 2005-10-28 2012-02-22 Omron Tateisi Electronics Co Shared service resource control system and shared service resource control method

Also Published As

Publication number Publication date
AU2001274350A1 (en) 2001-12-03
HU0002016D0 (en) 2000-08-28
WO2001091410A3 (en) 2002-04-18
HUP0002016A2 (en) 2002-02-28

Similar Documents

Publication Publication Date Title
US6744874B2 (en) Method of universal communication and devices thereof
EP1031106B1 (en) A retail method over a wide area network
US8024567B2 (en) Instant log-in method for authentificating a user and settling bills by using two different communication channels and a system thereof
AU739814B2 (en) Procedure for setting up a secure service connection in a telecommunication system
CN100521608C (en) Pay-per-connection system and method of establishing connection based on pay-per-connection
CA2320413C (en) Method and apparatus for network gaming
EP1615097B1 (en) Dual-path-pre-approval authentication method
US6671358B1 (en) Method and system for rewarding use of a universal identifier, and/or conducting a financial transaction
EP1179271B1 (en) Radiotelephone terminal with smart card equipped with browser
EP1530169A1 (en) Method for performing a voting by mobile terminals
CN1628449B (en) Method, system and device for transferring accounting information
EP1433103A1 (en) Financial transaction system and method using electronic messaging
HU220734B1 (en) Service widening unit and system for facilitating the ordering and paying of services by means of a communication network
JP2003512767A (en) Method and system for utilizing caller-paid service for single use and short-term access to Internet subscription services
EP1254437A1 (en) Service activation by virtual prepaid card
RU2007120466A (en) ELECTRONIC SYSTEM FOR THE PROVISION OF BANK SERVICES
RU2191482C1 (en) Method for making sale offers, filing orders and selling goods and services
WO2001041093A1 (en) A system and method for conducting a financial transaction
WO2001091410A2 (en) Method for authentication of clients for proof of claim to a service, and system and computer product implementing the method
WO2004014090A1 (en) Method and system for the provision of services over a gsm network
KR100484903B1 (en) System for collecting money on-line using of a multi-media public-phone and method of the same
EP1739588A1 (en) Method and system for registration and user identification of web users
FR3005190A1 (en) METHOD OF DELIVERING BY A MOBILE TELEPHONY CARD AUTOMATE SIM WITH PREPAID OR POSTPAYED SUBSCRIPTION
KR20020092140A (en) System and Method for Instant Electronic Lottery on Wireless Internet.
KR20030083942A (en) System and Method for Providing a Call Service Ticket in Mobile Communication Network

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP