1. Field of the Invention
The present invention relates to a security module and, in particular, to a new and improved security module and security system for processing and transmitting various messages requiring a high degree of data security. The invention is also directed to a mobile station that utilizes the novel security module.
2. Description of Related Art
In mobile communication networks, as for example GSM (Global System for Mobile Communications) networks, heavy encryption is used with the transmission of speech over the radio link between the mobile station and base station. In addition to speech, communication of text or data messages has increased and, with rising and enhanced levels of service, services relying on the communication of text or data have gained ground. Text communication can be utilized in implementing a wide variety of service functions, as for example in effecting payment for services.
At present, one source of difficulties in the encryption of messages lies in the fact that in mobile telephones consistent with current standards for mobile communication, it is not possible to make changes that would facilitate encryption because the user interfaces used in the telephones are manufacturer-specific. The only component that is sufficiently standardized yet open in respect of encryption is the subscriber identity module (SIM).
Mobile telephones consistent with a current mobile communication standard, such as the GSM standard, do not directly provide for the encryption of text-based communication via mobile stations. Thus, although text communication can advantageously be used to implement services, such as banking services, that require a high level of data security, such services cannot become popular unless and until suitable encryption of message communication is possible.
Another problem with the use of mobile communication networks is that currently-implemented message transmission services are not necessarily real-time services and the transmission of such messages can take considerable time. This transmission delay can pose particular difficulties where, for example, a user wishes to pay for his/her shopping at the cash register of a store. In such circumstances, even a slight delay in message transmission will significantly retard execution of the payment transaction and discourage use of the network and, perhaps, result in a loss of the transaction or sale. At present, no part of the mobile communication standard supports local communication between a mobile station and a cash register terminal.
A group of the world's leading enterprises in telecommunications and information technology has developed a technology that permits establishment of a wireless connection between a mobile telephone and, for example, a portable computer. That technology, which has been designated “Bluetooth”, is based on short-range radio technology and can be used to interconnect many types of terminals. A more detailed description of the Bluetooth specification and technology can be found on the World Wide Web at www.bluetooth.com.
Bluetooth technology permits the interconnection of devices via a short-range radio link, and enables establishment of a connection, as between a mobile station and a portable computer, without cumbersome cabling. Printers, work stations, facsimile devices, keyboards and virtually any digital apparatus may form parts of a Bluetooth system or network. The technology provides a universal bridge to existing data networks and peripherals and a means for forming small private groups via interconnected devices without a fixed network infrastructure. In addition, encryption and authentication can be used in the communication between Bluetooth-connected devices permitting, for example, only a predetermined user's mobile telephone to be used with a particular portable computer.
Also heretofore known are smart cards that enable reliable personal authentication and signature reliance. The sphere of applications for such smart cards is virtually unlimited; examples of possible applications include a national electronic identity card (EID), encryption of files, telecommunication and electronic mail, a means for signing of documents, electronic currency, driver's license, voting ballot, and so on.
Although the smart card can be used in the ways described above, there remains a problem in that a separate reading device must still be provided and available for communicating with the smart card. Moreover, the smart card alone is incapable of communicating over any telecommunication network, as a result of which updating of information, as through the use of short messages, is not possible.
In addition, even were it possible to effect a local connection between a mobile station and a cash register terminal using Bluetooth technology and thus utilize the mobile station as a payment instrument, there remains the lack of a facility for providing the encrypted and secure data communication needed for payment transactions.
There is in the prior art no known general-purpose security module which could be connected to different cash register and automated systems, to mobile stations and to other portable devices for safe and secure communication, as between a host device on the one hand and a service provider's device on the other, utilizing the Bluetooth technology or the like with suitable encryption to meet the high data security requirements imposed by banks and authorities.