Language selection

/ Gouvernement du Canada
Search

Patent 2363220 Summary

Third-party information liability

Some of the information on this Web page has been provided by external sources. The Government of Canada is not responsible for the accuracy, reliability or currency of the information supplied by external sources. Users wishing to rely upon this information should consult directly with the source of the information. Content provided by external sources is not subject to official languages, privacy and accessibility requirements.

Claims and Abstract availability

Any discrepancies in the text and image of the Claims and Abstract are due to differing posting times. Text of the Claims and Abstract are posted:

  • At the time the application is open to public inspection;
  • At the time of issue of the patent (grant).
(12) Patent Application: (11) CA 2363220
(54) English Title: SIMCARD AUTHORIZATION: ONLINE CREDIT CARD TRANSACTION APPROVAL, PRIVACY, AUTHENTICATION AND NON-REPUDIATION
(54) French Title: AUTORISATION PAR CARTE SIM (MODULE D'IDENTITE DE L'ABONNE) : AUTORISATION DE TRANSACTION PAR CARTE DE CREDIT EN LIGNE, CONFIDENTIALITE, AUTHENTIFICATION ET NON-REPUDIATION
Status: Deemed Abandoned and Beyond the Period of Reinstatement - Pending Response to Notice of Disregarded Communication
Bibliographic Data
(51) International Patent Classification (IPC):
  • G06Q 20/34 (2012.01)
(72) Inventors :
  • MALEK, EMAD (United States of America)
(73) Owners :
  • TRUSTSHIELD TECHNOLOGIES INC.
(71) Applicants :
  • TRUSTSHIELD TECHNOLOGIES INC. (Canada)
(74) Agent:
(74) Associate agent:
(45) Issued:
(22) Filed Date: 2001-11-23
(41) Open to Public Inspection: 2003-05-23
Availability of licence: N/A
Dedicated to the Public: N/A
(25) Language of filing: English

Patent Cooperation Treaty (PCT): No

(30) Application Priority Data: None

Abstracts

English Abstract


Subscriber identity module (SIM) Card authorization is a mechanism
that provides for a very strong authentication and non-repudiation
as well as greater privacy and personal data encapsulation in an
online purchase transaction. The objective of the SIM card
authorization is to use a SIM card as a credit card, the mobile
equipment as the credit card reader and identification challenger
to the user, and user's private key stored on the SIM for user's
digital signature, thus transforming the device and the
encompassing components and capabilities into a strong electronic
online authentication device.


Claims

Note: Claims are shown in the official language in which they were submitted.

Sorry, the claims for patent document number 2363220 were not found.
Text is not available for all patent documents. The current dates of coverage are on the Currency of Information  page

Description

Note: Descriptions are shown in the official language in which they were submitted.


Trustshield - patent 2 - DESCRIPTION.txt
DESCRIPTION
Subscriber identity module (SIM) Card authorization is a mechanism
that provides for a very strong authentication and non-repudiation
as well as greater privacy and personal data encapsulation in an
online purchase transaction. The objective of the SIM card
authorization is to use a SIM card as a credit card, the mobile
equipment as the credit card reader and identification challenger
to the user, and user's private key stored on the SIM for user's
digital signature, thus transforming the device and the
encompassing components and capabilities into a strong electronic
online authentication device.
The mechanism provides for a new method of payment for online
transactions using a credit card of choice based on existing
online payment infrastructure. An online shopper need only provide
their mobile phone number at checkout time. A crypto short message
service (SMS) is sent to the user's mobile requesting credit card
payment information, user's information, digital signature as well
as user's explicit approval of the transaction. All data is stored
on the SIM card residing in the user's mobile equipment.
MODE OF OPERATION
SIM Card authorization is based on the premise of explicit
identification, authentication and the production of a
non-repudiated bill, by using two factors:
Something that you have: The SIM card in the mobile equipment as a
tamper proof device that encapsulates user's information, credit
card data and private key.
Something that you know: The PIN number used to sign into the
private key locally and challenged by the mobile equipment.
By achieving the above identification, authentication and
non-repudiation objectives, SIM Card authorization transforms the
nature of an online transaction using a credit card from a "Card
Absent" transaction into a much secure "Card Present" transaction,
SIM card being user's credit card and the PIN to the private key
being the first level authentication factor. SIM Card
authorization also achieves greater privacy for the user, as the
credit card data remains unknown to the online merchant; only the
authorization number is forwarded.
Network operator deploys an applet over the air to the mobile
equipment (ME)to install on the SIM card using the network
infrastructure with the proper access signature for AIM card file
Page 1
CA 02363220 2001-11-23

Trustshield - patent 2 - DESCRIPTION.txt
system authorized access.
The ME user would uses the applet installed on the SIM card to
enter the credit card data of choice, download the digital
signature and set the appropriate PIN number.
Online merchants would incorporate an SIM Card authorization
application programmer interface (API) into their payment
application interface. At payment time, user provides only their
mobile phone number, the number as well as the bill data is fed
into the API, which makes an secure socket layer (SSL), based
request to the an intermediate payment proxy/SMS gateway. SIM
Card authorization server forwards bill through crypto short
message service (SMS) -using a CA private key- to the mobile
equipment corresponding to that number. The applet already
deployed on the SIM card is enabled through the SMS download. The
applet decrypts the SMS using the certification authority (CA)
public key. The applet displays the contents of the bill to the
user, asks for approval, when granted, the user is challenged to
the PIN associated with his private key residing on the SIM card
and only accessible through the PIN. Once successful, the
digitally signed message is sent through crypto SMS-using CA
public key- back to the gateway, which verifies it and forwards it
to the original third party payment gateway the online merchant
originally uses, once an authorization number is received from the
third party payment gateway, it is forwarded back to the merchant
and thus, the transaction is concluded. SIM Card authorization
maintains the current online payment topology; SIM Card
authorization proxy gateway acts as a merchant to the payment
gateway and acts as a payment gateway to the merchant. The mobile
network operator ensures the appropriate certificate issuance and
identity verification of the mobile user based on subscriber data
warehouse already verified at service initiation time.
Figure #1 provides a visual overview of the mode of operation.
The SIM Card authorization mechanism shields user's private data
from the online merchant thus ensuring the privacy of user's data
as well as diminishing the risk of private data loss due to
unauthorized access when data is stored at merchant site.
The mechanism also greatly simplifies the payment process which
otherwise involves extensive data entry from the part of the user.
The greatest advantage of SIM Card authorization is the
transformation of nature for an online transaction from a highly
fraud prone and highly costly "Card Absent" type to the much more
secure and much less costly "Card Present" type. Thus delivering
great savings to the online merchant.
Page 2
CA 02363220 2001-11-23

Trustshield - patent 2 - DESCRIPTION.txt
Figure 2 is a Comparative chart of current credit card transaction
types vs. proposed mechanisim.
Page 3
CA 02363220 2001-11-23

Representative Drawing
A single figure which represents the drawing illustrating the invention.
Administrative Status

2024-08-01:As part of the Next Generation Patents (NGP) transition, the Canadian Patents Database (CPD) now contains a more detailed Event History, which replicates the Event Log of our new back-office solution.

Please note that "Inactive:" events refers to events no longer in use in our new back-office solution.

For a clearer understanding of the status of the application/patent presented on this page, the site Disclaimer , as well as the definitions for Patent , Event History , Maintenance Fee  and Payment History  should be consulted.

Event History

Description Date
Inactive: IPC deactivated 2012-01-07
Inactive: First IPC from PCS 2012-01-01
Inactive: IPC from PCS 2012-01-01
Inactive: IPC expired 2012-01-01
Inactive: IPC removed 2011-10-03
Inactive: First IPC assigned 2011-10-03
Inactive: IPC removed 2011-10-03
Inactive: IPC removed 2011-10-03
Inactive: IPC removed 2011-10-03
Inactive: IPC deactivated 2011-07-29
Inactive: IPC from MCD 2006-03-12
Inactive: IPC from MCD 2006-03-12
Application Not Reinstated by Deadline 2004-02-26
Inactive: Dead - No reply to Office letter 2004-02-26
Deemed Abandoned - Failure to Respond to Maintenance Fee Notice 2003-11-24
Inactive: Adhoc Request Documented 2003-08-27
Inactive: Adhoc Request Documented 2003-08-11
Deemed Abandoned - Failure to Respond to Notice Requiring a Translation 2003-07-15
Application Published (Open to Public Inspection) 2003-05-23
Inactive: Cover page published 2003-05-22
Inactive: Status info is complete as of Log entry date 2003-04-22
Inactive: Incomplete 2003-04-15
Inactive: Abandoned - No reply to Office letter 2003-02-26
Inactive: IPC assigned 2002-01-22
Inactive: IPC assigned 2002-01-22
Inactive: IPC assigned 2002-01-22
Inactive: First IPC assigned 2002-01-22
Inactive: Filing certificate - No RFE (English) 2001-12-18
Filing Requirements Determined Compliant 2001-12-18
Application Received - Regular National 2001-12-18

Abandonment History

Abandonment Date Reason Reinstatement Date
2003-11-24
2003-07-15

Fee History

Fee Type Anniversary Year Due Date Paid Date
Application fee - small 2001-11-23
Owners on Record

Note: Records showing the ownership history in alphabetical order.

Current Owners on Record
TRUSTSHIELD TECHNOLOGIES INC.
Past Owners on Record
EMAD MALEK
Past Owners that do not appear in the "Owners on Record" listing will appear in other documentation within the application.
Documents

To view selected files, please enter reCAPTCHA code :



To view images, click a link in the Document Description column. To download the documents, select one or more checkboxes in the first column and then click the "Download Selected in PDF format (Zip Archive)" or the "Download Selected as Single PDF" button.

List of published and non-published patent-specific documents on the CPD .

If you have any difficulty accessing content, you can call the Client Service Centre at 1-866-997-1936 or send them an e-mail at CIPO Client Service Centre.

 Download Selected in PDF format (Zip Archive)
 Download Selected as Single PDF
Document
Description 		 Date
(yyyy-mm-dd) 		 Number of pages   Size of Image (KB) 
Claims 2003-05-23 1 2
Representative drawing 2002-06-17 1 12
Cover Page 2003-04-25 2 45
Description 2001-11-23 3 144
Abstract 2001-11-23 1 19
Drawings 2001-11-23 2 44
Filing Certificate (English) 2001-12-18 1 163
Request for evidence or missing transfer 2002-11-26 1 102
Courtesy - Abandonment Letter (Office letter) 2003-04-02 1 167
Notice: Maintenance Fee Reminder 2003-08-26 1 115
Courtesy - Abandonment Letter (incomplete) 2003-08-05 1 167
Courtesy - Abandonment Letter (Maintenance Fee) 2004-01-19 1 176
Correspondence 2001-12-19 1 37
Correspondence 2001-12-19 1 34
Correspondence 2002-11-26 1 54
Correspondence 2003-04-11 1 20
Correspondence 2003-04-02 1 97
Correspondence 2003-08-05 1 96
Correspondence 2003-08-26 1 60
Correspondence 2004-01-19 1 87