The present invention relates generally to data processing systems and more particularly to secure token device access to services provided by an Internet Service Provider (ISP).
An ISP is a vendor who provides customers with access to the Internet. Examples of ISPs include America Online (AOL), CompuServe and the Microsoft Network (MSN). In addition to providing access to the Internet, ISPs may also provide additional services to their customers, including chat rooms, news services, electronic mail messaging and bulletin board services.
ISPs provide access to the Internet to customers by employing one or more Internet servers. These servers are directly connected to the Internet and act as conduits for customers to access web pages resident on other servers on the Internet. Typically, a customer uses a conventional modem to place a call to a designated ISP server. The modem need not be a conventional modem but may be instead, a cable modem or a wireless modem. The ISP server answers the call and a connection is established between the server and the customer""s computer. After this connection is established, the customer is prompted to login. In particular, the customer is prompted usually to enter a user ID and a password. The information entered by the customer is compared to data stored in a database with the ISP to determine whether the user is who the user purports to be. If the customer provides the proper information and has sufficient privileges, the customer is granted access to the Internet.
There are a number of drawbacks associated with the above-described conventional approach to providing Internet access to customers. First, the Internet Protocol (IP) is used for messaging addressing on the Internet and the protocol is a connectionless protocol. As such, the protocol does not support the persistent storage of contextual information. Thus, any contextual information associated with one customer session on the Internet is not carried forward to the next customer session. Each session must start anew in creating a context. Second, the conventional approach to providing access to the Internet by ISPs is susceptible to fraud. If a party can obtain a user ID and password for a user, the party can gain access to the Internet via the user""s account. Third, most ISPs currently provide only one variety of service such that all customers are offered this single variety of service. For example, all customers may be offered full access to a complete range of services provided by an ISP and all customers may be charged a flat fee for a designated time frame of service (e.g. for a month of service or a year of service). Customers who use the services more frequently than other customers are not charged additional amounts. Hence, there is a lack of flexibility in the pricing and service options available to customers from ISPs in conventional systems.
The present invention addresses the limitations of the prior art by providing users with secure token device access to services offered by ISPs. xe2x80x9cSecure-token devicesxe2x80x9dare devices such as smart cards and ibuttons that hold currency tokens and other information in a secure fashion. Preferably, the secure token device is of a size, shape and weight that it is easily carried by a user. The secure token device may even be wearable by a user. When a user wishes to access services provided by an ISP, the user puts a secure token device in communication with a reader. The reader is a device that is configured to read and communicate with the secure token device. The reader is coupled to a computer system, such as a personal digital assistant (PDA), workstation or a personal computer (PC). When the user places the secure token device in or against the reader (depending on the type of reader), the reader recognizes the insertion of the secure token device and prompts the computer system to begin communicating with the secure token device. The computer system may seek to verify that the user is the proper owner of the secure token device. To that end, the computer system may request that the user enter a personal identification number (PIN). The user enters a PIN and the PIN is compared with a PIN value that is stored on the secure token device. If the PIN value entered by the user matches the PIN value on the secure token device, the computer system verifies that the user is the owner of the secure token device and the process of accessing the ISP services may be initiated.
The secure token device may hold identification information that is globally unique across geographic and political boundaries. This identification information is held securely on the secure token device. It is difficult for a party to physically access the identification information. The secure token device serves as a physical token of authenticity for the party. In order to fraudulently use the secure token device, a party must both physically take the secure token device and also be aware of the PIN associated with the user of the secure token device. Hence, the use of the secure token device helps to decrease the probability of fraud.
Contextual information (i.e., a context) may be stored on the secure token device of the user. The context may, for example, identify user preferences and configuration information. When a user seeks to access the services of the ISP, the context from a previous session may be restored by retrieving the context from the secure token device. This ability to preserve context enhances the services provided to the user and eliminates the need for the user to recreate a context each time the user accesses ISP services.
The secure token device may also support various electronic banking or electronic commerce mechanisms that facilitate the exchange of electronic currency. The secure token device may be used in realizing payment for services provided by ISPs. The user may download currency tokens from the secure token device to the ISP to cover expenses associated with the services provided during a given session. This ability to receive payment for services during a session with the user enhances the ability of ISPs to tailor pricing schemes on a per use basis. An ISP may charge a user for the services rendered during a given session as opposed to using a flat rate scheme over an extended time period, such as a month or a year. Thus, users are charged on the basis of the resources they consume rather than on a flat rate basis.
The secure token device of a user may contain personal information regarding a user, such as name, address, and credit card account information. The user has the ability to customize what portions of this personal information may be accessed by a service provider. Hence, the user may determine that an ISP should only be given access to the user""s name and address and should not given access to the user""s credit card account information. For another service provider, the user may grant the service provider full access to all of the personal information. This approach has the added benefit of storing personal information more securely than instances where the personal information is stored on database maintained by an ISP. It should be noted, however, that ISPs may store additional information on secure token devices that is not readily accessible to users. A further benefit of this approach is that it gives the user control over what personal information the user grants to respective parties. Still, further, the storage of personal information on the secure token device facilitates companies to develop loyalty marketing programs, such as frequent flier programs. The frequent flier miles of a user may be stored on the secure token device, added to the storage on the secure token device and redeemed from the secure token device.