FI124564B - mobile Certification - Google Patents

Description

MOBIILIVARMENNUS

The present invention relates generally to mobile authentication.

5 Mobile authentication technology is based on the ETSI Mobile Signature Service (MSS) standards, which define a mobile signature service where a service provider can request a user to electronically sign content on a mobile phone by sending a signature request to the user's home operator. The content to be signed may be, for example, an authentication challenge related to a strong user identification or authentication, an e-commerce order confirmation or a user profile change confirmation with an advanced electronic signature defined by the electronic signature of the law, or other content related to a user needing strong identification and

15 The ETSI TS 102 204 defines a service provider interface for mobile signature and user authentication, and the ETSI TS 102 207 defines a signature roaming between different mobile networks.

20 Mobile authentication technology is not yet well established and has been further developed.

The first aspect of the invention provides a method in a network element participating in a mobile authentication event. In method 0 25, at least one additional information related to said mobile authentication transaction is obtained, ainakin at least one of said additional information is signed, and the signed additional information is forwarded to another network element participating in said 1 mobile authentication event or said Ω.

to the entity requesting the mobile authentication transaction. σ> o 30

LO

^ A single mobile authentication event means one, one user

C \ J

request for, and response to, mobile authentication technology in the various network elements.

2

The mobile authentication event thus comprises e.g. forwarding the authentication request to the identifiable user, and processing and returning the response received to the originator of the authentication request according to the original mobile authentication technology.

5

In one embodiment of the invention, said additional information is additional information associated with a user subject to said mobile authentication transaction. The additional information is typically non-unique information that does not allow the target user to be securely identified.

10

In another embodiment of the invention, the method further requests and receives from a user subject to said mobile authentication transaction or another network element participating in said mobile authentication transaction a signature in accordance with mobile authentication technology, verifying the authenticity of said received signature, and verifying and receiving said additional information.

In one embodiment of the invention, the method further returns an error message if the authenticity of said received signature cannot be verified.

In one embodiment of the invention, the result of said authentication event 0 25 is one of said additional information related to the mobile authentication event, ώ The outcome of the authentication event can be called, for example, a co-verification status.

CC

CL

In one embodiment of the invention, the method further comprises receiving the secure information associated with said mobile authentication event, and

CVJ

transmitting said signed additional information along with said received certified information.

3

The verified information received may be, for example, information verified by the user or by another network element participating in the mobile authentication event in question. Thus, information can be incrementally added in 5 different network elements. However, it is possible that the received certified information will not be forwarded with the additional signed information. Instead, the signed additional information may in some way replace the received certified information.

In one embodiment of the invention, said additional information is the age, sex, location, role, company information, or profile information associated with the user of said mobile authentication transaction.

In one embodiment of the invention, said additional signed information is provided in a format compatible with the protocol independent of the mobile authentication technology.

In one embodiment of the invention, the method further comprises receiving the signed additional information in a second network element participating in said mobile authentication event 20 and embedding said signed additional information in said second network element into a message according to a protocol independent of mobile authentication technology for transmitting said mobile authentication event.

o 25 A protocol independent of mobile authentication technology can be, for example, SAML

Security (Security Assertion Markup Language) protocol, p

C/O

Another aspect of the invention provides a device comprising at least one processor Q.

and at least one stored computer program configured with? 30 together with said at least one processor to control said device ^ participate in a mobile authentication event, ^ obtain at least one additional information related to said mobile authentication event, 4 sign at least one of said additional information, and network element or the entity requesting said mobile authentication transaction.

5

The device according to the second aspect of the invention may be adapted to perform a method according to any embodiment associated with the first aspect.

The device according to another aspect of the invention may be, for example, a Home Mobile 10 Signature Service Provider element, a Home Identity Provider element,

Aquiring Entity Element or Aquiring Entity Identity Provider Element.

A third aspect of the invention provides a computer program comprising computer executable program code which, when executed, instructs the device 15 to perform a method according to the first aspect or one of its related embodiments.

The computer program according to the third aspect may comprise program code which may be executed, for example, by any of the following: a general-purpose processor, a microprocessor, an application-specific integrated circuit, and a digital signal processor. The computer program according to the third aspect may be stored on computer-readable media. Such media may be, for example, a floppy disk, CDROM, DVD, BD (Bluray Disc), flash drive or other magnetic or optical storage media.

5 25

CVJ

The invention will now be described, by way of example, with reference to the accompanying drawings, in which: co x Figure 1 illustrates a system illustrating the operating principles of mobile authentication technology; § 30 Figure 2 shows a system according to an embodiment of the invention; Fig. 3 shows an o system according to another embodiment of the invention; 5

Figure 4 shows a system according to a third embodiment of the invention;

Figure 5 shows a system according to a fourth embodiment of the invention; Figure 6 shows a message diagram according to an embodiment of the invention;

Figure 7A illustrates a method according to an embodiment of the invention;

Fig. 7B shows a method according to another embodiment of the invention;

Figure 7C illustrates a method 10 according to a third embodiment of the invention;

Figure 8 shows a device according to an embodiment of the invention;

Figure 9 illustrates an end-user experience in accordance with an embodiment of the invention;

Figure 10 illustrates a credit relationship method according to an embodiment of the invention

FIG. 11 illustrates privacy protection in accordance with one embodiment of the invention.

Figure 1 shows a system 100 illustrating the ETSI TS of the ETSI standards

20 102 204 and the mobile authentication technology according to ETSI TS 102 207. The system comprises a service provider (AP, Application

Provider) 101 and two users, user a 102 and user b 103, and two operators providing Mobile Authentication Technology (MSSP, Mobile Signature)

Service Provider), MSSP a 104 and MSSP b 105. Operators 104 and 105 comprise o 25 home provider service element, HMSSP (Home MSSP) 107, 108.

cd Operator 104 further comprises an AE (Acquiring Entity) element 106, which provides the o co service provider 101 with an interface to a mobile signature service. In addition, the x system comprises a Certification Authority (CA) 109.

□ _ σ> o 30 The authentication event in the system of Figure 1 may proceed, for example, as follows: ^ 1a, 1b: User 102, 103 has started or is in the process of initiating a session

C \ J

service provider 101 using any communication channel (e.g., computer browser connection, mobile browser connection, or voice channel).

6 2a, 2b: There is a need for strong identification at the beginning or during the service session

user 102, 103 or authenticate a user feature or request a digital signature from the user. The service provider 101 retrieves the mobile phone number of the user 102, 103 (for example, via the communication channel), 5 generates the content to be signed and delivers them together.

102 in a 204 standard message to the AE 106. The service provider 101 may request additional information regarding the identity of the user 102, 103 in the value-added service section of the message to be sent to the AE 106.

3a, 3b: AE 106 verifies that the signature service 10 and the value-added services requested by the service provider 101 are in accordance with the service provider agreement. By means of the mobile telephone number of the user 102, 103 and the number portability service (Numpac, not shown), the AE 106 retrieves the home operator (HMSSP) 107, 108 of the user 102, 103 and forwards the signature request to the corresponding HMSSP 107, 108 through. The HMSSP 107 of a 102 is managed by the same MSSP 104 as the AE 106. The HMSSP 108 of the b 103 is managed by another MSSP 105 as the AE 106. In other words, the HMSSP of the user may be managed by the same MSSP or another MSSP as the service provider. used by AE.

4a, 4b: The HMSSP 107, 108 ensures that the signature service and value-added services requested by the service provider 101 are allowed by the user 102, 103. The HMSSP 107, 108 forwards a signature request to the mobile phone of the user 102, 103. The user 102, 103 shows the separately agreed name of the service provider 101 between the service provider 101 and the trusted network AE 106. The user signs the content requested by the service provider 101 ώ by entering his personal identifier (for example co PIN) and returns the signed content to the HMSSP 107, 108.

x 5a, 5b: HMSSP 107, 108 retrieves user 102, O from directory 109 of CA

103 certificates corresponding to the signature key. The signature and the certificate associated with it O) § 30 will be made into a PKCS # 7 standard ^ electronic signature message. The HMSSP 107, 108 processes any value-added services requested by the service provider 101 and attaches the value-added service responses to 7 service providers in the electronic signature message (e.g., additional information regarding the identity of the user 102, 103).

6a, 6b: The HMSSP 107, 108 transmits the electronic signature to the AE 106. The AE 106 may validate the electronic signature, i.e., verify the validity of the certificate of the user 102, 103 and the signature.

7a, 7b: The AE 106 forwards the electronic signature to the service provider 101. After processing the event, the service provider 101 may, if desired, send an acknowledgment message to the HMSSP 107, 108 about the success of the transaction. The HMSSP 107, 108 may send an acknowledgment 10 for receiving an acknowledgment message to the AE 106, which forwards it to the service provider 101.

8a, 8b: In response to successful authentication, the service provider 101 provides the user 102, 103 with the desired service through the transaction channel.

15 It should be noted here that the mobile authentication connection (authentication channel) and the communication channel can be technically completely independent of each other. In the event that the communication channel is merely an SMS communication link, the communication channel and the identification channel may not be technically completely independent of each other. Mobile authentication is performed by a mobile phone and the communication channel can be used for example on a computer. Thus, the user elements 102 and 103 shown in Figure 1 may comprise, for example, two separate devices, one used for transaction and the other for mobile authentication. However, it is possible to use the same device for both transactional and mobile authentication, and yet the transactional and authentication channel may be separated from each other because, for example, the mobile data and SMS message channels are δ25 separate.

CVJ

CD

cp co If any step in the signing transaction fails and the service provider 101 x is returned an error message, the service provider 101 may send an acknowledgment message to the HMSSP 107, 108 that it has received the error message. The acknowledgment message may p 30 include an error message to be sent to the terminal 102 of the user 102, 103, o

C \ J

In one embodiment of the invention, the authentication chain of the mobile authentication technology has been expanded so that the network elements involved in the transaction chain can authenticate (additional) information related to the authentication transaction with their signature, and in particular (additional) information relating to the person authenticated by the mobile authentication. The additional information may be messages according to another protocol that is independent of mobile authentication technology. In other words, the response of an authentication transaction based on a strong electronic identification method (such as a system based on mobile authentication technology) can be enriched with additional information, the data source of which may be an external and independent data source for the authentication system. Some embodiments of the invention provide the ability to introduce new information (additional information) into the original mobile authentication system 10 while preserving the integrity and authenticity of information through electronic signatures. An example of a mobile authentication system is a system according to the ETSI standards ETSI TS 102 204 and ETSI TS 102 207. In one embodiment, the additional information is provided in a form that differs from the notation of the mobile authentication technology and can be utilized directly in another authentication system, unchanged. One example of this is to enrich the resistance according to ETSI TS 102 204 with additional information records formatted according to the SAML protocol.

Figures 2-5 illustrate examples of systems in which one or more features of various embodiments of the invention may be implemented.

In the examples presented here, the user accesses an electronic service on his or her computer, i.e., a transaction channel according to mobile authentication technology is established between 0 25 the user's computer and the service. Mobile authentication mukainen authentication is performed on the user's mobile phone or other device co mobile / radio network. However, this is only 1 non-limiting example and is practically for transaction and / or mobile authentication

CL

any other suitable device may be used. For example, the same device as mobile authentication can be used.

LO

δ

C \ J

Further, the examples are provided without taking a stand on whether the user's HMSSP is managed by the same operator as the AE being used or not. There are 9 possible options. It should be noted that, in other respects, the embodiments disclosed herein are merely examples of possible embodiments, and that the details of practical embodiments of the various embodiments of the invention may differ from those disclosed herein.

Figure 2 shows a system 200 according to an embodiment of the invention.

The system comprises a user 201 having a computer 202 and a mobile device 203, an Internet network 204, an electronic service provider 205, an AE element 206, an MSS Mesh network 208, an HMSSP element 209, and a radio network 211. The system further comprises a H idP (Home IdentityProvider) element 210 and AE IdP element 207.

The authentication event in the system of Figure 2 may, for example, proceed as follows: 21: User 201 has started or is in the process of initiating or starting a session from the computer 15 202 to the service provider 205 (transaction connection).

22: At the beginning or during the service session, there is a need to strongly identify the user 201 or to authenticate a user feature or to request a digital signature from the user. The service provider 205 acts as an AP service provider according to the mobile authentication technology and 20 retrieves the mobile number of the user 201, generates the content to be signed and delivers them together in an ETSI TS 102 204 message to the AE 206. The user 205 requests the AE 206 message identity information.

δ 25 23: AE 206 ensures, for example with AE ldP 207, that

CVJ

ώ The signature service and value-added services requested by the service provider 205 are in accordance with the service agreement for the co service provider. With the help of the User 201 x Mobile Phone Number and Number Portability Service (Numpac, not shown), the AE 206 retrieves the User 201 Home Operator o 30 (HMSSP) 209 and forwards the signature request using the HMSSPJI 209 ^ ETSI TS 102 207 standard protocol.

C \ J

via network 208.

10 24: The HMSSP 209 can verify that the signature service and value-added services requested by the service provider 205 are allowed by the user 201. The HMSSP 209 forwards a signature request to the user 201 mobile phone 203 via the radio network 211. The user signs the content requested by the service provider 205 5 by providing his personal identification (for example, a PIN) and returns the signed content to the HMSSP 209. The HMSSP 209 retrieves a certificate corresponding to the user's signature key from the CA directory. The signature and the associated certificate are generated in accordance with PKCS # 7 electronic signature 10.

25: The HMSSP 209 may use its own Hdd 210 (or other source) to collect additional information related to the verification / authentication. H IdP 210 signs additional information sections with its own key, a certificate of which is available to anyone who needs it. The HMSSP 15 209 appends the value-added service responses to the AE 206 to the electronic signature message for transmission to the service provider 205. In one embodiment of the invention, the HMSSP 209 forwards to the AE 206 only additional information items such as user 201 age or gender 20 HETU and / or electronic service ID SATU). Other possible additional information may include, for example, the user's location, occupation, hobbies, interests, roles, company information, or other group to which the user belongs.

26: AE 206 can validate the electronic signatures it receives, i.e., o 25 checks the validity and signature 201 of the user 201 certificate and / or the validity of the 210 certificate and co signature of the HddP. The AE 206 may add additional information received from the AE IdP x 207 to the response, which will be signed by the AE IdP 207 itself. AE 206 forwards the electronic signature to the service provider 205. § 30 28: In response to a successful authentication, the service provider 205 provides the user 201 with the desired service through the transaction channel.

CVJ

11

At the end of the transaction, an acknowledgment message (not shown in the figure) according to the mobile authentication technology can be sent.

Figure 3 shows a system 5,300 according to another embodiment of the invention.

This embodiment differs from the embodiment of Fig. 2 in that: - User 201 uses the service provider 305 of his computer 202.

Service Providers 305 acts as an SP-10 Service Provider (SP) providing end-user service, but not directly as an AP Service Provider with Mobile Authentication Technology and having a direct connection to AE element 206.

The service provider 305 communicates with the ETSI-Proxy element 301 which provides the functionality of the AP service provider 15 according to the mobile authentication technology and communicates with the AE element 206.

When the service authentication service provider 305 needs a mobile authentication service, the service provider 305 sends a signature request 32 to the ETSI Proxy element 301.

- the ETSI-Proxy element 301 retrieves the mobile number of the user 201,

20 forms the content to be signed and submits them together to ETSI TS

102 in a 204 standard message to 33 AEs 206.

In other respects, the flow of the authentication process in the system of Figure 3 may be similar to that shown in connection with Figure 2.

δ 25

CVJ

Figure 4 shows a cp co system 400 according to a third embodiment of the invention.

CC

CL

This embodiment differs from the embodiment of Figure 2 in the following: o §30 - The user 201 uses the service provider 405 service on his computer 202.

^ - 405 ISPs provide end-user SP-

C \ J

as a Service Provider (SP), but not directly as an AP Service Provider with 12 mobile authentication technologies with a direct connection to the AE 206.

The functionality of the AP service provider according to the mobile authentication technology is provided by the ETSI Front-end element 401, which is connected to the AE element 206.

When there is a need for mobile authentication in the service of the service provider 405, the service provider 405 redirects 41, 42 to the ETSI Front-end element 401 of the browser 202 of the computer 202.

- The ETSI front-end element 401 retrieves the mobile number of the user 201 10, generates the content to be signed and delivers them in a single message according to ETSI TS 102 204 to 43 AE 206.

When the mobile authentication transaction is complete, the browser of the computer 202 is redirected to the service of the service provider 405.

15

In other respects, the process of the authentication process in the system of Figure 4 may be similar to that shown in connection with Figure 2.

Figure 5 shows a system 20,500 according to a fourth embodiment of the invention.

This embodiment differs from the embodiment of Fig. 2 in that: - User 201 uses the service provider 505 of his computer 202.

- Service Providers 505 acts as an SP-δ 25 Service Provider (SP) for end-user service, but not directly

CM

ώ an AP service provider according to mobile authentication technology with 0 co direct connection to the AE element 206.

1 - Authentication service provided by mobile authentication technology is provided separately

CL

an authentication service provider IdP 501 using an AP element 502 providing functionality of an AP service provider ^ according to mobile authentication technology, which is in communication with the AE-00 element 206.

13 - When there is a need for mobile authentication in the service of the service provider 505, the service provider 505 redirects 51, 52 to the IdP service 501 of the browser of the computer 202.

The IdP 501 retrieves the mobile phone number of the user 201 and forwards 5 authentication requests 53 to the AP 502. The IDP 501 requests the AP 502 to identify the person behind the mobile number (e.g., MSISDN).

The AP 502 generates the content to be signed and delivers it in a message according to ETSI TS 102 204 to 54 AE 206.

When the mobile authentication transaction is complete, the browser of the computer 202 10 is redirected to the service of the service provider 505.

In other respects, the process of the authentication process in the system of Figure 5 may be similar to that illustrated in connection with Figure 2.

In this embodiment, the IdP 501 can utilize the Security Assertion Markup Language (SAML) technology. IdP 501 may pass through the AP 502 a standard SAML request (federation) to the MSSP and receive via AP 502 a standard SAML response (association), for example AE IdP 207 and / or H IdP 210. The IdP 501 can then forward the received 20 standard SAML responses to the service provider 505. Thus, the service provider 505 does not need to know any details about the mobile authentication technology used by the IdP 501. In one embodiment, the AP 502 may further function as a gateway element between the ldP 501 and the mobile authentication system and use the SAML protocol or some other interface supported by the ldP 501 for communicating with the ldP 501 and the ETSI mobile authentication protocol. In this case, even the co IdP element 501 does not need to support the ETSI mobile authentication protocols. Thus, AP 502 x and / or IdP 501 can embed content signed by H ldP or AE ldP in a SAML-

protocol message. In one embodiment, H IdP 210 and / or AE IdP

O) § 30,207 produces the additional information he signs directly as SAML compliant, so ^ AP 502 does nothing but extract SAML compliant

C \ J

additional information element from the message according to the ETSI protocol and forwarding this SAML-14 compliant additional information element in response to IdP 501 and further to service 505.

It should be noted here that SAML is only one example and that instead of SAML, it is possible to utilize another communication protocol or interface independent of mobile authentication technology.

Figure 6 shows a message diagram according to an embodiment of the invention, which may be implemented, for example, in the system of Figure 5.

10 601: An end-user SP service application detects the need for authentication and requests authentication from the SP provider's authentication functionality.

602: The authentication request from the SP provider is forwarded to ldP.

15 603: IdP forwards the authentication request to the AP.

604: The AP generates an authentication request to the AE according to the mobile authentication technology.

605: The AE forwards the authentication request to the HMSSP.

606. The HMSSP requests a signature from the user's mobile phone.

20 607: The signature is sent from the user's mobile phone to the HMSSP.

608: HMSSP requests more information about H ldP.

609: H IdP returns the requested additional information to HMSSP (with signature).

610: HMSSP returns signed content to AE.

0 25 611: AE requests more information from AE ldP.

ώ 612: AE IdP returns the requested additional information to AE (with signature).

i co 613: The AE passes certified information and any additional information to the AP.

1614: The AP passes the verified information and any additional information to the IdP.

cc J

CL

615: IdP passes certified information and any additional information to SP. o 1 o 30 616: The SP passes the verified information and any additional information to the application requesting the LO 1 ^ certificate.

C \ 1 15 It should be noted here that it is not necessary to seek additional information from both H ldP and AE ldP. Additional information may be sought from either HddP or AE ldP as appropriate, or, in general, additional information may be sought from different locations as appropriate.

Fig. 7A illustrates a method according to an embodiment of the invention which can be applied, for example, to the systems of Figs. 1-5, and in particular to the HMSSP 107, 108, 209 disclosed therein; H IdP 210; AE 106, 206 and / or AE IdP 207 elements.

In step 701, a mobile authentication event (e.g., HMSSP, HldP, AE or AE IdP) is attended.

In step 702, additional information is obtained, for example, from an IdP element or other source. In one embodiment, the additional information to be obtained is additional information relating to 15 persons subject to the mobile authentication transaction.

Additional user-related information may be static and is defined, for example, at the time the user enters into a mobile authentication service agreement or opens a subscription with their home operator (HMSSP). Such static data can be, for example, gender and the year of birth in Göda can be derived at any given time).

In addition, or alternatively, it is possible that the additional user-related information may be wholly or partially dynamic. In this case, the user can update them himself, where applicable, through a suitable web connection or an tai client management tool provided by the operator. This type of user-updated information i co may include, for example, hobbies and interests.

X

CC

0_

Also, an external system or service may update or update o 30 additional user information - either at regular intervals or whenever such additional information changes. Such information updated by an external system or service may be, for example, ™ the location of the user or the group to which the user belongs.

16

In step 703, the acquired additional information is signed according to the mobile authentication technology. For example, the IdP element providing additional information may sign the additional information in question.

In step 704, the signed additional information is forwarded from the network element to another network element or to the entity requesting the mobile authentication event in question. Further information may be provided with or without other signed content associated with the mobile authentication transaction in question.

10

The signed additional information may be forwarded as a data element according to the mobile authentication technology or as a data element independent of the mobile authentication technology or in accordance with another authentication protocol separate from the mobile authentication technology. Such another authentication protocol may be, for example, the SAML-15 protocol.

Fig. 7B shows a method according to another embodiment of the invention which can be applied, for example, in the systems of Figs. 1-5, and in particular in the IdP element 501 and / or the AP element 502 shown in Fig. 5.

20

In step 705, a user authentication request according to the first protocol is received. The first protocol may be, for example, the SAML protocol.

0 25 In step 706, identification of the user in question is performed

ώ using the mobile authentication protocol. Authentication is performed, for example, in ETSI TS

co 102 204 and using a system conforming to ETSI TS 102 207.

CC

CL

In step 707, a response according to the first protocol is returned to the? 30 request for authentication based on the result of the user authentication performed using the mobile authentication technology. In one embodiment

CVJ

the response received using the mobile authentication protocol is converted to a format compatible with the first protocol. In another embodiment, the response received using the 17 mobile authentication protocols includes one or more data elements that are directly compatible with the first protocol and can thus be returned as such in response to a received user authentication request under the first protocol.

5

Fig. 7C shows a method according to a third embodiment of the invention, which can be applied, for example, to the systems of Figs. 1-5, and in particular to the ETSI Proxy element 301 shown in Fig. 3, ETSI Front-end elements 401 shown in Fig. element 501 and / or AP element 502.

The ETSI Proxy 301, ETSI Front-end 401, IdP 501 or AP 502 or similar network element acts as a kind of gateway or interface between end-user service providers (SP service providers) and AE-15 elements of different operators. Such an interface element is independent of the telecommunications operators used by different users or at least of the mobile authentication systems.

In step 708, the interface element receives a user authentication request.

In step 709, the interface element determines what is the user's own mobile authentication operator for the authentication request. In practice, the interface element determines which telecommunications operator the subscriber user is.

The interface element performs user authentication using mobile authentication protocol 0 25. In step 710, a user authentication request according to the mobile authentication protocol lähet is sent directly from the interface element directly to the mobile authentication system of the user's communications operator co. Substantially sending 1 here means that the request is sent directly to the right

CL

operator, and there is no longer a need to route requests from one operator to another, even if a 30 user and service / interface element use different operators. In step 711, the interface element receives a 00 response according to the mobile authentication protocol to the authentication request it has sent according to the mobile authentication protocol.

18

In step 712, the interface element returns a response to a received user authentication request based on a response received by the mobile authentication protocol.

Thus, the interface element disclosed herein may assume the role of the AE element of the mobile authentication system to determine which operator subscriber is involved. In this case, the interface element is able to direct mobile authentication system identification queries directly to the correct operator 10 (e.g. directly to the subscriber's own AE or HMSSP) and thus the mobile authentication system can be simplified since routing from one operator to another is no longer necessary.

Fig. 8 shows an example of a device 80 suitable for implementing some embodiments of the invention. The device may be, for example, a general purpose computer or a server and may be adapted to provide, for example, the functionality of a network element of Figures 2-5.

The device 80 comprises a processor 81 for controlling the operation of the device and a memory 82 comprising a computer program / software 83. The computer software 83 may comprise instructions for the processor to control the device 80, such as an operating system and various applications. Further, the computer software 83 may comprise an application comprising instructions for controlling the device 80 so as to provide functionality in accordance with one of the δ 25 embodiments of the invention. c \ i

CD

cp co The processor 81 may be, for example, a central processing unit (x CPU), a microprocessor, a digital signal processor (□ _ DSP), a graphics processor, or the like. The figure shows a single processor, but the o 30 device may have multiple processors, δ c \ j

The memory 82 may be, for example, read-only memory (ROM), programmable read-only memory (PROM), EPAS (erasable 19 programmable read-only memory), EEPROM (Electronically erasable programmable read-only memory) memory), random access memory (RAM), flash memory, optical or magnetic memory, or the like. Your device may have multiple memories. The memory may be part of the device 80 or it may be a separate module that can be connected to the device 80. The memory can only be used to store data or it can also be used for data processing.

The device 80 further comprises a communication unit 85. The communication unit provides an interface for communicating with other devices. The interface can be, for example, a wired connection such as an Ethernet connection or an ADSL / VDSL connection, or a wireless connection such as WLAN, Bluetooth, GSM / GPRS, CDMA, WCDMA or LTE. The communication interface module may be integrated into the device 80 or may be part of an adapter, card or the like which may be connected to the device 80. The communication unit may support one or more communication technologies or the device may have multiple communication units.

To receive input from the user and output to the user, the device 80 may also comprise a user interface unit (not shown), which may comprise, for example, a display and keyboard (not shown) which may be an integral part of the device 80 or independent components connectable to the device 80. However, the user interface may not be needed or the user interface may be implemented remotely through the communication unit 85.

Device 80 may also comprise one or more databases 84 (represented by a dashed line). The databases may comprise, for example, additional information used in various embodiments of the invention.

i

C/O

1 In addition to the elements shown in Figure 8, the device 80 may comprise other Ω.

elements.

§ 30

LO

^ In many mobile authentication technology applications, the end user will be o 00 uniquely identified by his Social Security Number (HETU) or Electronic Transaction ID (SATU). Such a strong means of authentication is well suited to, for example, governmental or banking applications, but for all services such as adult entertainment services, the end user may not want to provide his or her social security number or other personally identifiable information such as an electronic transactional identifier (SATU).

5

In one embodiment of the invention, only additional information / attributes related to the identifiable user are provided to the service requesting the authentication, but not information that identifies the end user. For example, HMSSP may perform user authentication based on a signature provided by a user authentication mobile authentication technology 10, based on that authentication, retrieve additional user information / attributes, and provide this additional information / attribute with its own signature (or HddP signature) to the requesting service. In this way, HMSSP warrants, without personal identification of the end user, that the additional information / attributes provided will be specific to the 15 users who are using the service in question. The service must therefore rely on the HMSSP or H IdP element. At the same time, however, user privacy is guaranteed when only additional information / attributes signed by HMSSP and / or H IdP are delivered to the service.

Figure 9 illustrates the end-user experience of such an embodiment of the invention.

The first display 901 displays a notification of a received authentication request. The notification includes the transaction ID and the name of the service provider. The service provider ^ 25 may display the transaction ID to the user in the transaction channel, whereby the user δ ^ is able to associate the authentication request with the transaction in question.

CD

9 The name of the service provider to be provided may be separately agreed between the service provider and HMSSP.

CC

CL

g 30 The second display 902 shows information about the user to be transmitted to the o! £ service provider. The content of this display depends, for example, on what information / parameters the service provider has requested from the value-added service. In this example, the age and sex of the user are conveyed to the service. Other information 21 that may be conveyed may be, for example, location, occupation, hobbies, interests, roles, business information, or other group to which the user belongs.

The third display 903 is a standard prompt to enter a 5 key for identification to confirm the authentication event.

The fourth display 904 is an optional acknowledgment message sent by the service provider on the success or failure of the transaction. The content of the acknowledgment message is up to the service provider.

10

In various embodiments of the invention, there may be a bidirectional credit relationship between the network element requesting authentication and the additional authentication element, but this is not necessary. It is sufficient for the party requesting the certification to rely on the certification body for further information. In other words, it is sufficient that the upstream entity (ies) in the certification request chain 15 trust the additional certification body.

Figure 10 illustrates a credit relationship according to an embodiment of the invention, for example, in the system of Figure 5.

20,1001: AP trusts cell phone signature.

1002: AE IdP relies on HddP signature.

1003: IdP relies on AE ldP signature.

1004: The end-to-end SP service provider relies on the 0 25 signatures of ldP.

ώ 1005: In addition, the actual i co end-user application of the SP service provider providing the end-user service can explicitly rely on the other 1 applications of the SP service provider.

CC

CL

1006: The actual o 30 end-user application of the SP service provider providing the end-user service can also rely on the signature of the mobile phone.

δ

CVJ

22

FIG. 11 illustrates privacy protection in accordance with one embodiment of the invention. Each party that generates attributes / information can encrypt the message or part of it.

1101: H IdP encrypts the message and IdP can decrypt it.

1102: H IdP encrypts the message and the actual end-user application of the SP service provider providing the end-user service is able to decrypt it.

1103: H IdP encrypts the message and AE IdP can decrypt it.

1104: AE IdP encrypts the message and IdP can decrypt it.

10 1105: AE IdP encrypts the message and the actual end-user application of the SP service provider providing the end-user service is able to decrypt it.

For example, various embodiments of the invention may provide some of the following advantages: 15 - The functionality of the IdP service 501 of the system of Figure 5 can be implemented using standard form mobile authentication technology products. For example, IdP 501 can be implemented with a standard form IdP product that supports the SAML protocol. The AP 502 then remains responsible for implementing any interface provided by IdP 501 in the direction of the ldP 501. Similarly, AE 206 20 can be implemented with a standard AE product that supports the ETSI mobile authentication protocol, and AP 502 implements the ASI 206 in the direction of the ETSI interface. In this way, the AP 502 acts as a gateway element between two different communication protocols (SAML communication in the direction of ldP 501 and ETSI communication in the AE 206 ^ 25). In this way, an IdP product that supports the standard ^ SAML protocol can be utilized, which may not be easily available to directly support the ETSI mobile authentication protocol.

co - With the current MSS-mesh infra, high security may be possible

X

£ level because MSS-mesh remains closed and thus a secure § 30 environment, o! £ - In one embodiment, the additional information signatures are unambiguous, ^ independent of the XML signatures of the MSSP system. The signatures of the additional information are so-called. advanced digital signatures, such as XML signatures. Additional information 23 signatures in XML can be directly utilized, for example, in SAML messages. In one example, information about which part of the information H IdP validates with his signature and which part of the signature is verified by AE IdP is included as part of the certified additional information and / or its signature.

5 - The network element participating in the authentication event can verify / verify the correctness of the received signature and include this verification result in the signature as one attribute. Using such a verification status can avoid potential liability issues and simplify the trust chain. In one of the 10 examples, the IdP can determine which information is coming from the AE IdP and which is not, and furthermore, from the verification status signed by the AE Idp, the IdP can determine whether the AE IdP has verified, for example, the authenticity of the HddP signature. In this way, the AE IdP can take responsibility for the data on behalf of the H IdP, and the ldP does not have to separately verify the signatures of the H idp, when the AE Idp has already verified the correctness of the sign of the Hdp.

- Since H IdP and AE IdP sign up for the additional information they provide, the additional information can be trusted. For example, the IdP element 501 of Figure 5 reliably obtains user-validated attributes from H IdP 210 and / or AE IdP 207. These attributes may include: PKCS # 7 package, user attributes (roles, 20 Company information, profile information, etc.), results required for certificate validation (OCSP Response), electronic notary signature and timestamp.

- There may be a two-way credit relationship between the authentication requesting element and the authentication request element, but this is not necessary. It is sufficient for the party requesting the certification to rely on the certification of the additional information

25 bodies. For example, IdP and H IdP may have a credit relationship such that IdP

° trust H ldP but H ldP need not rely on ldP.

o - The AE ldP attribute service can sign the authentication request H IdP: Me.

$ 2 - IdP can sign certification request for AE IdP: Me and Home IdP: Me.

£ - Additional information / attributes can be passed through the network and MSS-mesh Q_ (j) 30 confidentially to the entity using the attributes. There may be a two-way credit relationship between these entities, or the keys 5 used for encryption may otherwise be exchanged reliably.

CVJ

24 - Confidentially transmitted attributes can be issued on the network without this information being visible at any time in the transactions of the relayed network elements.

- Additional information / attributes authenticated by network elements allow 5 end-user service providers to generate new business and services for users. For example, it is possible to provide services that guarantee user privacy.

The foregoing description provides non-limiting examples of some embodiments of the invention. However, it will be apparent to one skilled in the art that the invention is not limited to the details set forth, but that the invention may be practiced in other equivalent ways. For example, it will be appreciated that in the disclosed methods, the order of the individual process steps may be rearranged and that some steps may be repeated several times or omitted entirely. It is also to be understood that in this document the terms "comprising" and "containing" are open expressions and are not intended to be restrictive.

In addition, some features of the disclosed embodiments of the invention may be utilized without the use of other features. The foregoing description is to be considered as such only as a description of the principles of the invention and not as a limitation of the invention. The scope of the invention is limited only by the appended claims.

δ

CVJ

co cp co

X

X

Q.

o o o m δ

CVJ

Claims (13)

A method in a network element (206, 207, 209, 210) participating in a mobile authentication event according to the ETSI mobile signature service standard, characterized in that in the method a signature according to the mobile authentication technology is received from the user (201) subject to said mobile authentication event or from a second network element (209, 210) participating in said mobile authentication event, (702) provides at least one additional task with respect to said mobile authentication event from a relative to the said mobile authentication event, further, (704) the signed additional information is delivered to a third network element (206, 207, 502) participating in said mobile authentication event or to the party (205, 301, 401, 501, 502) requesting said mobile authentication event. Method according to claim 1, characterized in that said additional information is an additional information concerning the user (201) which is the subject of said mobile authentication event. Method according to claim 1 or 2, characterized in that the method also verifies the accuracy of said received signature, and said acquisition, signing and delivery of the supplementary task ώ in response to said verification. o CO x Method according to claim 3, characterized in that, in the method, an error message is also returned if the accuracy of said received signature cannot be verified. m δ CVJ Method according to claim 3 or 4, characterized in that the end result of said verification event is one of said additional information regarding the mobile authentication event. 5 Method according to Claim 1 or 2, characterized in that the method further receives a controlled information relating to said mobile authentication event, and said signed information is further supplied with said received controlled information. A method according to any one of claims 1 to 6, characterized in that said additional information is the parent, gender, location or role of or a corporate information about the user that is the subject of said mobile authentication event or a user profile profile. Method according to any one of claims 1 to 7, characterized in that said signed additional information is further supplied in a form which is compatible with a protocol independent of the mobile authentication technology. 20 Method according to any one of claims 1 to 8, characterized in that the method further receives (706) the signed additional information to the second network element (501, 502) participating in said mobile authentication event, and embedded (707) said signed additional information. said second network element (501, 502) in a message according to one of the mobile authentication technology and independent protocol to be communicated to the party (305, 405, 501, 505) requesting x for said mobile authentication event □ 0) A device (206, 207, 209, 210) having at least one processor and at least one computer program stored in memory configured to control CJ with said at least one processor controlling said device to participate in a mobile authentication event according to ETSI mobile signature service standard, characterized in that said at least one computer program is additionally configured to control with said at least one processor said device to receive a signature according to the mobile authentication technology from the user (201) which is the subject of said mobile authentication event or from a second network element ( 209, 210) participating in the mobile authentication event provide (702) at least one additional task relating to said mobile authentication event from a source of external data related to said mobile authentication event, sign (703) at least one of said additional information the additional task is further subscribed to a third network element (206, 207, 502) participating in said mobile authentication event or to the party (205, 301, 401, 501, 502) requesting said mobile authentication event. Device according to claim 10, characterized in that said device is a Home Mobile Signature Service Provider element, Home Identity Provider element, Aquiring Entity element or an Aquiring Entity Identity Provider 20 element. Device according to claim 10 or 11, characterized in that said at least one computer program is to control said device together with said at least one processor to deliver said signed additional task in a form which is compatible with a co-protocol independent of mobile authentication technology. co A computer program with a computer executable program code, characterized in that the program code, upon execution, directs a computer to perform a method according to any one of claims 1-9. δ CVJ