The invention concerns a method of starting a device protected against unauthorized use by a PIN without using an input, particularly by improving the user friendliness of such devices while simultaneously increasing the protection against unauthorized use.
To protect devices against unauthorized use and establish individualization, it is known in the state of the art to provide so-called PINs which must be manually entered by an authorized person into the device. For example with mobile telephones it is usual to ask for a four-digit PIN after the device is started, without the correct input of which no logging into the operator""s network can take place. This ensures that turned-off mobile telephones become unattractive to thieves, because they cannot be used without first entering the PIN.
Even though this safety function is justified for mobile telephones which are not always carried by a user, it is sometimes considered bothersome to have to enter the PIN to individualize an authorized use. This applies especially when the mobile telephone is used in an environment which itself is protected against unauthorized use. If this environment is a vehicle, it means that the respective PIN must be entered every time the vehicle is used, unless the mobile telephone user gives up the theft protection and thus PIN request for logging into the network is omitted.
To avoid this problem, DE-A-19722181 indicates a method and an array which makes it superfluous to enter the PIN when an automobile with a PIN-protected mobile telephone is started. This is essentially accomplished in that the built-in mobile telephone fixture in the automobile has a memory which stores the PIN required to operate the mobile telephone. In addition a device for detecting a release signal and a device for transmitting-receiving a code signal is provided, which upon request transmits the stored PIN to the mobile telephone as a function of the release signal""s detection. Since according to other configurations the release signal is always an ignition signal which upon receipt triggers a start-up signal in the mobile telephone, the release or ignition signal is nothing more than the on-board power supply which provides voltage to the mobile telephone and to the memory when the ignition is activated. Once the mobile telephone and the memory are connected to the on-board power supply by activating the ignition, an inquiry about a stored PIN is made to the memory. In the affirmative the PIN stored in the memory is transmitted to the mobile telephone so that the network log-in can then take place. If no PIN is found the user is requested to enter the PIN manually. To prevent the stored PIN from being transmitted in xe2x80x9cclear textxe2x80x9d form to the mobile telephone, in another embodiment a request for the PIN produces a random data word in the mobile telephone and is sent to the memory. This data word then encodes the PIN and is made available in this form to the mobile telephone; it is subsequently decoded. If the encoded PIN corresponds to a PIN that authorizes the use of the mobile telephone, a network log-in takes place.
Although the known array contributes to simplifying the network log-in, it only provides insufficient protection against theft or unauthorized use. This is so because the ignition signal, namely the on-board power supply, can very easily be triggered or simulated. Furthermore the known array cannot ensure that different users of the vehicle have different authorizations for using the mobile telephone, because as soon as a user operates a vehicle equipped with the known array, he always has telephone function, unless additional steps to deactivate the mobile telephone have been taken. If the deactivating steps have been taken, the mobile telephone is now completely useless, even though this situation only requires protection against calls made from the mobile telephone, but not against received calls.
It is therefore the objective of the invention to indicate a method for the input-free starting of a device that is protected by a PIN against unauthorized use, and when it operates in an environment which is also protected against unauthorized use, it has greater flexibility and user friendliness in addition to improved safety against unauthorized use.
This objective is achieved by a method of starting a device which is protected against unauthorized use by a PIN without using an input, where the device operates in an environment which in turn allows the use of an array by comparing a user code with a unique identity number stored in the array, characterized in that in a first step the PIN, which is needed to use the protected device, is encoded by means of the unique identity number and is then stored in a memory, and that with a xe2x80x9ccomparisonxe2x80x9d between the user code and the unique identity number which allows the use of the array, the encoded PIN is decoded by means of the unique identity number and is made available to the protected device to establish its operating status.
This objective is also achieved by a method of starting a device protected against unauthorized use by a PIN without using an input, where the device operates in an environment which in turn allows the use of an array by comparing a user code with a unique identity number stored in the array, characterized in that in a first step the PIN, which is needed to use the protected device, is encoded by means of at least a portion of the user code and is then stored in a memory, and that with a xe2x80x9ccomparisonxe2x80x9d between the user code and the unique identity number, which allows the use of the array, the encoded PIN is decoded by means of the user code and made available to the protected device to establish its operating status.
A unique identity number is used to encode or decode a PIN stored in or read out from a memory, and is also used for the array in which the device operates, the device is also protected with the same safety as the array itself. It does not matter where the memory containing the encoded PIN is located. If it is located in the device itself and the unique identity number is transmitted to the device, the PIN always remains hidden and cannot be decoded, or only with a disproportionately large effort. Less safety is provided if the memory belongs to the array, because when the array operates the PIN is transmitted to the device without encoding. But even if the transmission of the unencoded PIN is less than optimal from the safety point of view, this operating mode ensures that the unique identity number does not leave the array.
It should already be pointed out here that the user code which allows the use of the array in conjunction with the unique identity number, need not necessarily differ from the unique identity number. For example if the user code and the identity code are the same, the authorized use of the array can very easily be checked by simply comparing the user code with the identity code. However since this does not ensure either that the unique identity number remains in the array, for reasons of safety the user code should be arranged so that it is decoded in the array, and the result of the decoding is compared with the unique identity number as proof of an authorized use.
If instead of the unique identity number, a number which is derived from the unique identity number is used to encode or decode the PIN, and for example only the first three digits or a hash code of the unique identity number is used to encode or decode the PIN, the unique identity number is sufficiently protected, even if the memory containing the PIN is located in the device.
If the PIN is encoded or decoded by means of a true user code, i.e. one that differs from the unique identity number, and an authorized use of the array is determined by comparing the true user code with the unique identity number, whatever kind of disclosure of the unique identity number is prevented outside of the array.
If a number of different user codes is provided and all of them, after a comparison with the unique identity number, enable an authorized use which does not necessarily include all the functions of the array, and either the degree of conformation of the respective user code with the unique identity number or the respective user code itself decide about the decoding of the stored PIN and/or its usage, it creates a stepped access authorization to the device, which either does or does not allow use of the device as a function of the entered user code. In this connection it should also be pointed out that when several user codes exist, the PIN can only be encoded or decoded by means of one user code.
If the protected device is a telephone, particularly a mobile telephone, and the environment in which the telephone operates is a vehicle or a building, the telephone can be operated without entering the required PIN, although the PEN always protects the telephone.