This invention relates to communication apparatus and methods and in particular to communication methods and devices requiring identity authentication such as cellular mobile phones for interconnection with a network.
The invention will be described with respect to cellular mobile phones but it is not intended that the invention in its broadest sense should be restricted to such devices.
The problem to which this invention is directed relates to a current method by which identification for authentication purposes and subsequent connection to and retention with a network service provider is achieved with respect to cellular mobile phones.
It is conventional that a person requiring the services of a network shall enter into a contract with a network provider who then provides a subscriber identification module which is inserted within a mobile phone and which is thereafter able to be accessed by the network provider to establish that use of the network is authorised and continues to be authorised for access to that network. It is the subscriber identification module which is accessed by the network provider that provides the identification and authentication necessary for charging or other regulatory process as far as a selected network service provider is concerned.
Currently, access to that authentication information is controlled entirely by the network provider who for commercial and contractual reasons will wish to maintain the absolute confidentiality of such information.
However, there could be considerable value to others who provide different services, if a further identification or authentication process could be available through the network or using the similar or same equipment but not subject to approval from the network provider.
For instance, banks, regulatory authorities such as policing personnel, and even those involved in ordinary commerce could all be advantaged by such an ability but currently it would not appear economically feasible or even technically possible given current circumstances in existing technologies.
A first problem is that a mobile phone is only empowered to be connected to a network service provider for full communication services through a subscriber identification module (SIM). This not only carries data but is arranged to also run a program (for instance a GSM connect program) which has embedded information and generates data that is not available to any third party whereby data is communicated back to a service provider upon an appropriate interrogation signal being received. The security of this system is extremely important to the network service provider.
Further, much of the empowering software for the functions of a mobile phone is in the subscriber identification module so that if additional functionality is required (for third party access or etc) this will need to be installed in the SIM which is under the control of the network service provider. As such, the basis of any commercial arrangement is therefore going to be subject to permission and costs applied by the network provider.
A further complexity is the fact that equipment such as a mobile phone is provided by suppliers so that access to the internal circuits to modify these is likely to breach warranties for maintenance of a unit but is also possibly going to trigger security mechanisms which may destroy the circuits if interfered with. Further, many phones are supplied as a part of an ongoing contract and it would be a breach of some of the contract provisions if any unauthorised attempt is made to open the equipment to further make or modify electrical connections.
This leaves the position as seemingly to be strongly in the control of the providers of the networks and the mobile phones.
It is an object of this invention to provide an arrangement which will reduce the above problem.
In one form the invention can be said to reside in a digital mobile phone of a type including means to hold an identification member in electrical communication with its operating system for identification of a user, and a further arrangement adapted such that in the event of identification signals appropriate for seeking identification of a network providers subscriber identification module being received, then there are means effecting a direction of such incoming inquiry signals to information being stored whereby the appropriate identification can be provided in reply, and in the event of an interrogation other than from the network provider, directing such further interrogation to other memory means.
In a further preferred form the invention can be said to reside in a remote communication apparatus adapted to receive or effect interrogation from time to time with respect to the identification of a user of the apparatus and including means to hold a subscriber identification module within the apparatus which can provide for that authentication of the user to an external interrogation, characterised in that there is connected to the electrical contacts in a socket adapted to electrically connect with an appropriate subscriber identification module, intermediary processor means to receive any interrogation signals and adapted in the case that the identification signals are appropriate for seeking identification of a network providers subscriber identification module, then effecting a direction of such incoming interrogation signals to information being stored whereby the appropriate identification can be provided in reply, and in the event of an interrogation other than from the network provider, then as appropriate directing such further interrogation and other signals to other memory and transmission means.
In one embodiment the intermediary processor means may be incorporated within a mobile telephone at the time of manufacture or alternatively the intermediary processor means may be incorporated in an additional arrangement that can be connected to a mobile telephone.
Hence the remote communication apparatus may be further characterised in that the intermediary processor is a processor incorporated in the remote communication apparatus at original manufacture, said processor being the main CPU of the apparatus or alternatively an additional CPU incorporated in the original equipment.
Alternatively the intermediary processor is a processor incorporated in an attachment to the remote communication apparatus.
What is proposed in one embodiment of this invention is an arrangement that will have a take-off connector that will insert into and electrically connect with the available electrical contacts within a socket. Then there is provided the intermediate processor means which is electrically connected to one (or more) subscriber identification modules so that when connected electrically to the electrical connections in the phone act in a way that will act to send interrogation signals provided from the phone by reason of a startup signal or otherwise through to the SIM and transmit replies back from the SIM so that, to the network service provider, the effect is the same as if the SIM is in its appropriate location in the socket. However, this then allows for the processor to add its own functionality to the mobile phone or through this to others while as necessary, maintaining the ongoing connection with and through the network provider.
There is, therefore a piggy backing of existing normal devices and the networks of a cellular mobile phone system in a way that will be without breaching any current warranty or contract provision. Further, it becomes possible to use a transmission mode which in practice is now able to be accessed and controlled by the intermediate processor means in a cellular mobile telephone which is conventionally referred to as a short messaging service (SMS). This may allow for transmissions to occur at charging rates that are somewhat less expensive than voice communications. As such, data can be economically transferred through this arrangement.
In preference the remote communication apparatus is a cellular mobile phone.
In preference the intermediary processor includes a program and data and there is a removable unit reader which may receive removable units with data stored therein which data can be read through the reader and where the program and data of the intermediary processor are adapted to relate to and use such data when appropriate.
In preference, the removable unit reader is a smart card reader.
In an alternative preferred arrangement there are further memory means remote from the apparatus.
In such a case there can be a communication through an infrared link or wireless or wired connection to the apparatus.
In preference, the additional apparatus providing for intelligent routing of an interrogation signal can be attached and integrated with a power supply of the mobile phone.
In preference, there is at least a holder and reader for a further device that is attachable or attached to the mobile phone so that such additional reader or other receiving means can be used to insert for instance an authenticating smart card provided by an alternate supplier.
There may be more than one SIM card socket in the apparatus.
In preference then, the additional apparatus provides what in effect can be referred to as a virtual subscriber identification module by having an active central processing unit with appropriate programming held in appropriate memory so that it will be adapted to receive and appropriately respond in the case of appropriate interrogation signals being received by the network provider.
This can be achieved by providing that the subscriber identification module which is conventionally provided by the network provider can be in electrical contact with the processing unit so that in effect, when the appropriate interrogation signals are detected, the central processing unit will simply switch those signals through to the original subscriber identification module and this then will act in accord with conventional existing techniques.
The advantage of the invention however is that now that there is intelligent switching, and an ability to send different interrogation signals as well, the central processing unit can be programmed to respond to such alternate and different interrogation signals and as appropriate, direct these to an alternative active or passive authentication or identification means.
Active can mean that the authentication or identification means include a computer processor.
The additional identification means are accordingly not subject to any control by the network provider and therefore not subject to either the contractual restraints that might be required or imposed by the network provider, and can be used in addition to the conventional communication link which can still be maintained while the additional interrogation program is being operated.
In preference, such additional apparatus providing for intelligent switching is joined to existing electrical equipment as originally provided by a manufacturer by means which do not in substance alter the original equipment.
Accordingly, there can be in one instance provided circuitry which connects by contact with the original equipment and then through a highly flexible and adhering material, to provide continuing electrical connections to an external location by passing through conventional manufacturing gaps between housing conventionally existing in currently manufactured equipment.
Accordingly, in a number of mobile phones then, use can be made of the battery housing and connections providing for the holding of the battery in position with respect to the phone.
By having an alternate housing which has the appropriate physical interconnections to hold the battery both physically with the remaining housing of the mobile phone, and providing for electrical connections, then additional connections can be made and additional equipment can be included in the housing in addition to the batteries so as to provide for this intelligent switching and further, to provide for receipt of an authentication or identification module.
Such an apparatus can include a smart card reader which then can be provided by any alternate organisation wishing to use this facility and arranging for subscribers to establish a contractual relationship and be able to then in addition authenticate their relationship for different services.
It is well understood that appropriate programming and embedding techniques can be used to maintain continuing confidentiality as far as information on any further authenticating module or medium.
Reference has been made to mobile phones, but as previously explained, it is not intended that the application should be restricted necessarily to mobile phones.
Other equipment does require authentication from time to time for instance decoders for translation of television signals which might be connected by optical cable and otherwise to a signal provider, and such devices also then include an authentication module to ensure that a subscriber has an arrangement to effect payment for the services provided.
In accord with the general concept of this invention then, there would be provided active means to intercept any interrogation signal and to effect a redirection of this in the event that the signals contain information which would appear to the processor not to be for the purpose of interrogating the existing subscriber identification module but directing any interrogation signal to or from the subscriber identification module to a network provider in order to keep the access to the network open and useful.
In a further form the invention can be said to reside in a digital phone network where there is included in communication with the network a mobile digital phone with an arrangement as characterized in any one of the preceding claims.
In a further form the invention can be said to reside in a digital mobile phone of a type including means to hold an identification member in electrical communication with its operating system for identification of a user, and a further arrangement adapted such that in the event of identification signals appropriate for seeking identification of a network providers subscriber identification module being received then there are means effecting a direction of such incoming inquiry signals to information being stored whereby the appropriate identification can be provided in reply, and in the event of an interrogation other than from the network provider, directing such further interrogation to other memory means.
Such an arrangement as has been described has the further advantage that it would not appear to breach any contract that might exist between a user and a network provider. It will at least in most cases be expected to still use the network so that it will improve usage of the network to the advantage of the network provider, and it would not otherwise breach any warranty provisions by interfering with the original equipment being provided by a mobile phone or other apparatus provider.