The present invention relates to a method for controlling a device requiring user-related permissions via a mobile terminal, such as a smartphone or tablet.
Known from the prior art are devices, for example lock mechanisms, which can be controlled via a user's mobile terminal, such as a smartphone or tablet. Here, a local data connection to the device is established for the purpose of controlling the device, wherein the permission for controlling the device is acquired by means of an interaction between the mobile terminal and a server, typically via the Internet.
The WIPO publication WO2013/181682A1, for example, describes a method for controlling a lock mechanism by a user with a mobile terminal, wherein a local data connection to the lock mechanism is established by the mobile terminal for the purpose of controlling the lock mechanism and wherein an Internet connection to an identity provider is established for the purpose of issuing a key for opening the lock mechanism with the mobile terminal.
With this known method, the user authenticates himself to the identity provider via the mobile terminal. Authentication information is transmitted by the identity provider to the mobile terminal which is forwarded by the mobile terminal to an authorization entity in a network. After the authorization entity verifies the authentication information, a key is issued that is used to open the lock mechanism. A connection to an existing identity provider is established in order to receive the key for opening the lock mechanism. The key is then transferred from the mobile terminal to the lock mechanism via a local data connection between the mobile terminal and the lock mechanism.
With this known method, and with all methods for controlling a device requiring user-related permissions via a mobile terminal as are known in the prior art, the required permission for controlling the device is, or the control commands linked to required permissions are, stored in the mobile terminal and are transferred to the device to be controlled. However, this method may prove to be disadvantageous since, for one, the permissions or the commands linked to the permissions for controlling the device are linked to a particular mobile device and, for another, the local storage of the permissions, or of the commands linked to the permissions, in a mobile terminal presents a security risk if the mobile terminal is used by non-authorized persons for the purpose of controlling the device.
Linking the permission for controlling the device, or the commands linked to this permission to control a device, to a mobile terminal also presents a loss of convenience. For example, with this concept it is not possible to place a bicycle in a bicycle depot and to allow for the bicycle to be used by another person with another mobile terminal after opening the respective lock mechanism.