WO2002060120A1 - Method and apparatus for enabling a supplier to verify the validity of consumption information - Google Patents
Method and apparatus for enabling a supplier to verify the validity of consumption information Download PDFInfo
- Publication number
- WO2002060120A1 WO2002060120A1 PCT/AU2002/000050 AU0200050W WO02060120A1 WO 2002060120 A1 WO2002060120 A1 WO 2002060120A1 AU 0200050 W AU0200050 W AU 0200050W WO 02060120 A1 WO02060120 A1 WO 02060120A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- consumer
- information
- specific information
- verification code
- customer
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Definitions
- the present invention relates to a method and apparatus for enabling a supplier to verify the validity of consumption information collected at a consumer's premises and transmitted to the supplier.
- metering equipment located at their customer's premises to determine the quantity of service that has been consumed by each customer.
- Meter readings are used to bill customers in accordance with the amount of service which has been consumed. This process requires meter readings to be made periodically.
- a service provider will send a representative to a customer's premises after each billing period to read the customer's meter so that the amount of service consumed by the customer can be determined.
- Remote monitoring units such as those manufactured by Call Direct of Sydney, Australia have been developed to allow electricity providers to remotely read electricity meters.
- the units utilize integrated n ⁇ obile phone circuitry which allows an electricity provider to establish a connection with the meter via a mobile phone network and download usage information.
- Other systems rely on a fixed line connection between the service provider and the meter, such as a telephone line, to relay billing information.
- the invention resides in a method for verifying the validity of consumption information transmitted from a consumer to a supplier, the method including:- at the consumer site, employing a cryptographic transformation process to generate a first verification code based on at least the consumption information and secret-consumer-specific information; transmitting at least the consumption information and first verification code together with public-consumer-specific information from the consumer to the supplier; at the supplier site, determining the secret-consumer-specific information from the transmitted public-consumer-specific information, and then employing the cryptographic transformation process to generate a second verification code based on at least the transmitted consumption information and determined secret-consumer-specific information; and comparing the first verification code and second verification code to determine the validity of the transmitted consumption information.
- a consumption meter including:- secure storage means for storing secret-consumer-specific information; cryptographic transformation means for generating a verification code based on at least consumption information and the secret-consumer-specific information; and means for outputting at least the consumption information and verification code.
- Fig. 1 is a block diagram illustrating an embodiment of the present invention.
- Fig. 2 is a flow diagram illustrating the calculation performed by the processing unit in order to generate a verification code.
- Fig. 3 shows the format of a billing period message string.
- Fig. 4 depicts a sample display of usage information on a service metering device.
- Fig. 5 is a flow diagram showing the verification process performed by a service provider once a customer has communicated usage information.
- Fig. 6 illustrates an example of a reminder slip which may be sent to each
- Fig. 7 illustrates how usage information may be communicated to a service provider using a touch tone telephone.
- Fig. 8 illustrates an example of a reminder slip which may be sent to each customer at the end of each billing period allowing the return of usage information by mail.
- Fig. 9 shows a method of communicating usage information for customers who have access to a phone which can be positioned close to a service metering device.
- Fig. 10 shows a rendered HTML page allowing usage information to be sent to a service provider.
- Fig. 11 illustrates a method of encoding verifiable usage information in an SMS message.
- Fig. 1 is a block diagram illustrating an embodiment of the present invention allowing verifiable consumption information to be communicated to a service provider by a customer.
- a customer premises service metering device consists of digital metering circuitry which measures the amount of service consumed by the customer 101 , a processing unit capable of performing digital calculations on the digital meter readings 102, storage memories for accumulated meter readings 103 and customer specific information 104, a clock module capable of providing the processing unit with the current time/date 105 and a user interface 106 consisting of a display and buttons for interacting with the customer.
- Each customer using the system is allocated a unique public numeric identification code (NIC) and unique 512-bit secret key by the service provider. Both the customer's NIC and secret key are stored in the customer information memory 104 of the service metering device.
- the secret key is not disclosed to the customer, but an electronic record of it is maintained by the service provider.
- the customer information memory is also programmed with sufficient information to enable the processing unit to detect when each billing period for the customer has passed. For instance, if a customer is billed at quarterly intervals the date of commencement of billing for that customer is stored together with the duration of the billing period (2191.5 hours).
- the amount of consumption is measured by the metering circuit 101 and provided in digital form to the processing unit 102.
- the processing unit sums the instantaneous consumption information over a billing period chosen by the service provider using the time and date information provided by the clock module 105. Once a billing period has passed, the total consumption for that period is stored, together with the start and end dates of the billing period, in the usage history memory 103.
- the processing unit then calculates a verification code (VC) based on the customer's secret key and NIC, the start and end dates of the billing period and the total consumption during the period. The resulting verification code is then stored in the usage history memory.
- Fig. 2 shows in detail the calculation performed by the processing unit in order to generate a verification code.
- billing information associated with a particular billing period is concatenated into a billing period message string (BPMS).
- BPMS billing period message string
- Fig. 3 illustrates the format of the ASCII encoded BPMS.
- Each field of the BPMS is separated from the next with a single comma ",".
- the BPMS is composed of four fields: (1) the customer's NIC; (2) the start date of the billing period to which the BPMS relates; (3) the end date of the billing period to which the BPMS relates and (4) the amount of service consumed by the customer during the billing period.
- a sample BPMS is shown in the example in step 201.
- a Message Authentication Code (MAC) algorithm is then applied to the BPMS.
- the widely known hash based MAC algorithm HMAC-RIPEMD160 is utilized.
- the inputs to the MAC algorithm are the customer's secret key and the BPMS.
- the example in step 202 shows hexadecimal representations of a sample 512-bit secret key and the sample ASCII encoded BPMS suitable for input into the HMAC-RIPEMD160 algorithm. A person skilled in the art would appreciate that there is no requirement for a limited or fixed length BPMS.
- the last line of the example in step 202 shows the 160-bit MAC output of the MAC algorithm for the particular test case in hexadecimal.
- the three bytes selected are then concatenated and converted into an integer verification code (VC) in step 204.
- the order of the bytes in the MAC is maintained in the VC.
- the 3-byte size of the VC permits decimal integers in the range 0 - 16777215 giving 16777216 total possible VC values.
- a 3-byte sized VC has been chosen in this embodiment in order to result in a VC which is 8 or less decimal digits in size - a similar length to a telephone number.
- the size of the VC may be easily varied by selection of a larger subset of the MAC.
- MAC algorithm ensures that it is computationally infeasible to: (1) generate a valid VC for a forged BPMS without knowledge of a customer's secret key or (2) ascertain a customer's secret key from known valid BPMS and VC pairs. It will therefore not be feasible for a customer to generate a valid VC for an arbitrary BPMS.
- the customer After the end of each billing period, the customer is sent a reminder (e.g., by post or email) that they should forward consumption information to the service provider for the billing period immediately past.
- the customer can then go to the service metering device installed on their premises, and press a single button annotated "Read Meter”.
- the service metering device retrieves and displays the customer's NIC, the start and end dates of the billing period, the amount of service consumed during the billing period and the VC, as in the example display given in Fig. 4. Since generation of a valid VC requires knowledge of the customer's secret key, which is not disclosed to the customer, a customer cannot generate a valid VC which matches another combination of customer NIC, start and end dates and measurement of the amount of service consumed.
- a customer has retrieved and recorded (e.g., on paper) usage details and a VC for a billing period this information can be conveyed to the service provider for verification.
- Sufficient information concerning a billing period must be conveyed to the service provider in order allow construction of an identical BPMS as that used to generate the relevant VC,
- the start and end dates of each billing period are pre-determined and known by the service provider so will in most circumstances not have to be communicated by the customer.
- the customer's NIC in order to identify the customer, the amount of service consumed during the relevant period and a VC will usually have to be communicated by the customer.
- the service provider will typically be aware of the units of measurement applying to the amount of service consumed, a customer will generally only have to communicate the numeric value without units.
- Fig. 5 shows the verification process performed by a service provider once a customer has communicated these usage details.
- the process mirrors that performed in the service metering device in order to generate a VC.
- the customer's NIC, billing period start and end dates and amount of service consumed are concatenated to form a BPMS. If units have not been provided by the customer these are also added.
- the start and end billing period dates have been determined from the service provider's billing records.
- the resulting BPMS is illustrated in the example next to step 501.
- the HMAC-RIPEMD160 algorithm is then applied to the BPMS using the service provider's record of the 512-bit secret key assigned to the customer, in step 502.
- step 503 a 3-byte subset consisting of bits 16 to 23, 84 to 91 and 114 to 151 is selected. This subset is concatenated and converted to an integer service provider generated Verification Code (SVC) in step 504. Finally, in step 505 the SVC is compared to the VC communicated by the customer. If both are identical the usage information provided by the customer can be trusted as having originated from the service metering device. If there is no match between the SVC and VC the customer has supplied erroneous or fraudulent usage information.
- SVC integer service provider generated Verification Code
- the system is resistant to a customer attempting to replay usage details and a VC from a previous billing period since the start and end dates of each billing period are included in the BPMS used to generate the VC for that period.
- Use of another customer's meter reading is also not possible since each VC is generated from a BPMS which includes the customer's NIC. In both cases there will be a discrepancy between the SVC generated by the service provider and the VC communicated by the customer.
- VC has been provided to the customer as a decimal number which allows communication through common touch-tone telephones.
- Fig. 6 illustrates an example of a reminder slip which may be sent to each customer at the end of each billing period.
- the slip contains instructions on how to obtain a meter reading and how to communicate the reading back to the service provider.
- Fig. 7 shows how billing information may then be relayed back to the service provider through manual operation of a touch tone telephone by a customer.
- step 701 the customer is asked to enter their NIC. If the customer is providing usage details for the most recent billing period (step 702) they can proceed to keying in the usage amount (step 703) and VC (step 704). Following successful verification the customer may be prompted for a credit card, cheque, bank account or other number from which funds can be obtained to satisfy the debt associated with the amount of service used (step 705).
- the customer may be given an opportunity to re-enter the VC or correct any mistakenly entered usage details a preset number of times (e.g., five). If all opportunities to enter a correct VC fail, the customer would be prevented from further attempts and manual reading of the service metering device by the service provider would take place. This prevents brute force searching for the correct VC out of the total possible range of 16777216 values.
- Fig. 8 depicts an alternative post based method of both reminding the customer that usage details are required and giving the customer an opportunity to provide such details.
- the customer is sent a slip by post which explains that a meter reading is due for a specific period, and areas on the slip are set aside to allow the customer to indicate the amount of service consumed and provide a matching VC.
- the slip is returned to the service provider by post for subsequent verification.
- Fig. 9 shows a method of communicating usage details for customers who have access to a mobile phone.
- the customer must again call a telephone number to provide usage details (step 901) but does not have to manually key in the information to be communicated, which is instead sent via a loudspeaker in the service metering device.
- the service provider's billing system step 902
- the customer holds the microphone of the mobile phone in front of the speaker on the service metering device and by pressing a button on the device (step 903) initiates transmission of the billing information as a sequence of touch tones (step 904).
- the customer can return the mobile phone speaker to their ear to receive a message indicating that the usage details have been successfully received and verified (step 906).
- This method will also work in conjunction with cordless telephones and fixed telephones provided that the microphone of the telephone can be positioned in close proximity to the loudspeaker of the service metering device.
- Fig. 10 shows a HyperText Markup Language form supporting entry of a usage amount and corresponding verification code. Upon clicking on the "Send" button the service provider is sent usage information for a billing period and may verify those details in real time.
- a form may also be implemented in Wireless Markup Language allowing a customer with a mobile phone supporting the Wireless Application Protocol to receive the form and enter usage information using the keypad of the phone while in front of the service metering device.
- Fig. 11 illustrates how usage information may be encapsulated in a Short Message Service (SMS) message for transmission to a service provider via a mobile phone.
- SMS Short Message Service
- a customer may compose a message consisting of (1) the customer's NIC; (2) the amount of service consumed; and (3) the relevant VC. Each field is separated from the next with a comma character ",".
- the use of a SMS message allows customers to compose the message on a mobile phone which supports SMS by transposing information off the display of the service metering device.
- the methods of communicating usage information using the system are not limited to those described above.
- the presence of a short, human readable but secure verification code allows verifiable usage information to be communicated to the service provider by the customer using any mechanism supporting the transmission of numerical information. In all cases the communication of a VC is essential to prevent falsification of the usage information provided.
- a BPMS consisting of (1) the customer's NIC; (2) the current date (in numeric DDMMYY format); and (3) a measurement of the total overall consumption, is generated.
- Fig. 12 illustrates the format of this string.
- the service metering device displays (1 ) the customer's NIC; (2) the date on which the button was pressed; (3) a measurement of the total overall consumption; and (4) a matching VC.
- the customer may then communicate all four of these items to the service provider. Since the current date is encoded as a six digit number and represented to the customer in this format, it may easily be transmitted using number only devices such as telephones.
- the service provider can perform the verification calculation illustrated in Fig. 5 (with the alternative BPMS) in order to determine whether the usage details are legitimate. Operation of the service metering device in this way enables a customer to communicate the amount of service they have consumed at any point in time. A service provider can ascertain the amount of service a person has consumed since they last communicated usage details by subtracting the previous total consumption measurement they received. Both this mode of operation and the billing period based mode described above may be supported within a single service metering device.
- any secure MAC algorithm or other cryptographic transformation could be utilized.
- more than one consumption measurement can be embedded in a BPMS. For instance, it is possible to embed both peak and off peak consumption amounts, such as "2038 kWh peak, 1017 kWh off-peak" in the last field of the BPMS. A customer can then provide both these figures to the service provider and the verification process can take place as for one consumption measurement.
Abstract
Description
Claims
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2002224657A AU2002224657B2 (en) | 2001-01-23 | 2002-01-22 | Method and apparatus for enabling a supplier to verify the vaildity of consumption information |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AUPR2723 | 2001-01-23 | ||
AUPR2723A AUPR272301A0 (en) | 2001-01-23 | 2001-01-23 | Method and apparatus for enabling a supplier to verify the validity of consumption information |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2002060120A1 true WO2002060120A1 (en) | 2002-08-01 |
Family
ID=3826750
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/AU2002/000050 WO2002060120A1 (en) | 2001-01-23 | 2002-01-22 | Method and apparatus for enabling a supplier to verify the validity of consumption information |
Country Status (2)
Country | Link |
---|---|
AU (1) | AUPR272301A0 (en) |
WO (1) | WO2002060120A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9410833B1 (en) | 2011-03-18 | 2016-08-09 | Soneter, Inc. | Methods and apparatus for fluid flow measurement |
CN113203452A (en) * | 2021-04-13 | 2021-08-03 | 湖南省计量检测研究院 | Calibration device and method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4159468A (en) * | 1977-11-17 | 1979-06-26 | Burroughs Corporation | Communications line authentication device |
US4749992A (en) * | 1986-07-03 | 1988-06-07 | Total Energy Management Consultants Corp. (Temco) | Utility monitoring and control system |
US5239584A (en) * | 1991-12-26 | 1993-08-24 | General Electric Corporation | Method and apparatus for encryption/authentication of data in energy metering applications |
US6029150A (en) * | 1996-10-04 | 2000-02-22 | Certco, Llc | Payment and transactions in electronic commerce system |
-
2001
- 2001-01-23 AU AUPR2723A patent/AUPR272301A0/en not_active Abandoned
-
2002
- 2002-01-22 WO PCT/AU2002/000050 patent/WO2002060120A1/en active IP Right Grant
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4159468A (en) * | 1977-11-17 | 1979-06-26 | Burroughs Corporation | Communications line authentication device |
US4749992A (en) * | 1986-07-03 | 1988-06-07 | Total Energy Management Consultants Corp. (Temco) | Utility monitoring and control system |
US4749992B1 (en) * | 1986-07-03 | 1996-06-11 | Total Energy Management Consul | Utility monitoring and control system |
US5239584A (en) * | 1991-12-26 | 1993-08-24 | General Electric Corporation | Method and apparatus for encryption/authentication of data in energy metering applications |
US6029150A (en) * | 1996-10-04 | 2000-02-22 | Certco, Llc | Payment and transactions in electronic commerce system |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9410833B1 (en) | 2011-03-18 | 2016-08-09 | Soneter, Inc. | Methods and apparatus for fluid flow measurement |
US9874466B2 (en) | 2011-03-18 | 2018-01-23 | Reliance Worldwide Corporation | Methods and apparatus for ultrasonic fluid flow measurement and fluid flow data analysis |
CN113203452A (en) * | 2021-04-13 | 2021-08-03 | 湖南省计量检测研究院 | Calibration device and method |
Also Published As
Publication number | Publication date |
---|---|
AUPR272301A0 (en) | 2001-02-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1252478C (en) | Method for transmitting and storing value and valve store electric power meter using the same | |
US6529883B1 (en) | Prepayment energy metering system with two-way smart card communications | |
US7431202B1 (en) | System and method to monitor credit card transactions | |
CN1332550C (en) | Implementation of charging in a telecommunications system | |
WO2002093888A1 (en) | Method of universal communication and devices thereof | |
WO2002073483A1 (en) | Electronic money settlement method using mobile communication terminal | |
WO2002037358A1 (en) | User authentication method in network | |
GB2455965A (en) | Remote control of commodity access and metering | |
CN105989466A (en) | Method of payment with mobile phone | |
CN111784317A (en) | Method and device for automatic payment | |
AU751465B2 (en) | Improvements relating to metering systems | |
US20010029498A1 (en) | Payment acting service method and system | |
EP1242983B1 (en) | A system for recharging a prepaid value in respect of a telephone connection | |
AU2002224657B2 (en) | Method and apparatus for enabling a supplier to verify the vaildity of consumption information | |
WO2002060120A1 (en) | Method and apparatus for enabling a supplier to verify the validity of consumption information | |
AU2002224657A1 (en) | Method and apparatus for enabling a supplier to verify the vaildity of consumption information | |
JP2006209589A (en) | Acquisition system of house information for use in authentication | |
JP2001307272A (en) | Checking meter checking system and checking method | |
JP3538154B2 (en) | Electricity usage metering system and power usage metering method | |
KR20000034234A (en) | Method for using remote inspection combined wireless terminal capable of verifying rates | |
JPH06161354A (en) | Ic card terminal and system using the same | |
KR20050106209A (en) | Billing system according to ordering by telephone and method thereof | |
KR100826056B1 (en) | Smart card no charge filling up service method | |
KR20010009666A (en) | Method for inspecting remote using wireless terminal | |
KR100421568B1 (en) | Meter wireless meter reading method using handy terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG US UZ VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2002224657 Country of ref document: AU |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase |
Ref country code: JP |
|
WWW | Wipo information: withdrawn in national office |
Country of ref document: JP |
|
WWG | Wipo information: grant in national office |
Ref document number: 2002224657 Country of ref document: AU |