The invention relates to telecommunication service provision in a visited telecommunication system.
In mobile communication networks, a transmission path consists at least partly of a wireless section, whereby data is transmitted via the radio path. The radio path is a resource, which is physically open and which involves security risks. In digital mobile communication networks, various solutions for improving the security of data transmission, e.g. methods of encryption and user identification, have been developed. As an example, this application uses the second generation mobile communication system, the GSM system, in which a data transmission encryption can be used that is difficult to decrypt, whereby speech converted into a digital form and a data signal are encrypted, i.e. coded in a mobile station to be transferred over the radio path. Correspondingly, the encrypted transmission received in the GSM network is decoded into unencrypted speech and data. The encryption and user identification utilize encryption keys and algorithms, which are preferably only available for appropriate transmission and reception means.
To prevent misuses and secure charging in particular, a user identification is arranged in the GSM system. To profit from the services provided by the GSM system, a subscriber, which may be a different person than the real user of the mobile station, has to make an agreement with the operator possessing the network. To identify the user, for instance, the operator gives the mobile station user a so-called smart card comprising a SIM application (Subscriber Identity Module). In this application, a SIM card is regarded as a user-specific identifier, whereby the user is also a subscriber. The SIM card can naturally also be considered as a subscriber-specific identifier. Smart cards, such as a SIM card, comprise at least a microprocessor and memory. The user identification is typically arranged in smart cards by means of a PIN identifier (Personal Identity Number), and so the card can only be used by the user who knows the PIN.
SIM cards, too, use a PIN code to check the right user. Using information of the SIM card in a GSM connection set-up, a mobile station transmits the GSM network identification data, on the basis of which the SIM card and the user are identified. The SIM card particularly comprises information concerning the mobile operator, e.g. SIM card-specific user identifier IMSI (International Mobile Subscriber Identity) of the mobile communication services user and the temporary identifier of the location area TMSI (Temporary Mobile Subscriber Identity). The more detailed specifications of the SIM card are described in the GSM standard 11.11.
As a mobile station sets up a connection with the GSM network, the mobile communication network checks the TMSI, which the mobile communication network has allowed to be used instead of the IMSI, if the mobile station has been in the location area of the network in question last time when the connection was set up. If no TMSI is available, the mobile communication network requests the mobile station for the IMSI, which the mobile communication network checks from the home location register HLR. There-after, an authentication is typically performed, whereby it is checked that the SIM card is right and that it relates to the IMSI. The mobile station further comprises an identifier for the mobile station IMEI (International Mobile Equipment Identity), which can be used for checking, which mobile station is using the mobile communication network. A more detailed description of the GSM system can be found for example in the work xe2x80x9cThe GSM System for Mobile Communicationsxe2x80x9d, M. Mouly and M. Pautet, Palaiseau, France, 1992, ISBN:2-9507190-0-.
In this application, a home network refers to a mobile communication network, with which a mobile station user has an agreement, to which he has a right to access and from which he has received means for user identification in the GSM networks (i.e. a SIM card in the GSM system). A user has always a direct right to access to the home network. A visited network refers to a mobile communication network, to which a mobile station user has no direct right to access beforehand. When a mobile station is roaming, it is in some other area than that of the home network, i.e. in the area of a visited network. However, if a SIM card has been inserted into the mobile station, the visited network can, on the basis of the IMSI, contact the home network, which identifies the user, and the mobile station is offered services in the visited network, which means the user has a so-called indirect right to access to the network. This requires, however, that an agreement is made beforehand between the visited network and home network and that the telecommunication connections between them are working. The user has no right to access for example, when there is no functional SIM card in the mobile station or no roaming agreement exists between the visited network and home network. A mobile station without right to access refers in this application to a mobile station, whose user does not have a right to use telecommunication services of a visited network.
The use of GSM telecommunication services according to the GSM standards requires principally that a SIM card is inserted into the mobile station. As an exception to this, emergency calls can be made from various GSM mobile communication networks without a SIM card. In an emergency call, it is possible to contact the emergency number without that the user""s SIM card would be identified. The emergency call solution can only be utilized when the call is made to specific emergency numbers.
However, all mobile station users do not want to commit themselves to services provided by a specific mobile communication operator, but they possibly want to select the operator they use at each time. People who use a mobile station seldom do not always want to make a special agreement, and many of them do not want to give their personalia to the mobile communication network. Because of charging problems, customers"" creditworthiness is checked in many countries, before making mobile communication service agreements. Different GSM operators have offered various prepaid SIM cards, which can be bought like conventional telephone cards. Prepaid SIM cards can be used in the same way as conventional SIM cards; the difference is that telecommunication services have been paid for in advance. These prepaid SIM cards have proved to be very popular.
Smart cards have recently become more common as means of payment in particular. Instead of magnetic tape cards, for example, smart cards have been introduced in bank cards. Smart cards are planned to be used for securing electronic commerce via the Internet, for example. A smart card reader is connected to a computer, and using the information of the smart card, a user identification and encryption of a credit card number, for example, are performed. As the use of general-purpose payment applications based on a smart card become more popular, many mobile station users may want to use them for paying for mobile communication services as well.
The patent application WO 9834430 describes a method of allocating a temporary username from a wireless telecommunication network. In said publication, a mobile communication service is described, which is used without a previously made agreement and without a SIM card. According to the central idea of the publication, a mobile communication network can thus be contacted anonymously, and the network gives a temporary username for the duration of the call. By means of this identifier, the service offered for a specific mobile station is distinguished from the services of other mobile stations. This makes the use of mobile communication services more flexible and provides the user with more alternatives. The method described in the publication may well be used in free mobile communication services and also in the method of payment on a smart card, on which the mobile communication operator can rely.
A problem in the above arrangement is that it is not possible for the network operator to identify a user without identification means, such as a SIM card, and the payer of the bill, for example, cannot thus be guaranteed. The network operator has no guarantee of obtaining a compensation for the use of the telecommunication connection, unless some other reliable credit card is simultaneously charged. If the user remains unidentified, there is a growing risk of potential criminal actions, since the only identifier that is required is a mobile station identifier. According to the prior art, it is not possible to contact a visited mobile communication network, with which the home network does not have a roaming agreement.
The object of the invention is thus to provide a method and an apparatus for implementing the method such that the above problems can be avoided. The object of the invention are achieved with a method, a telecommunication system, and a network element which are characterized by what is disclosed in the independent claims. The preferred embodiments of the invention are disclosed in the dependent claims.
The method comprises the following steps: A connection is established from a terminal device to a fixed network providing network access for the terminal device. A first identifier of the terminal device is checked in the fixed network. A connection is established from the fixed network to a third party for obtaining a confirmation. A second identifier is transmitted from said terminal device to the third party for identification. The fixed network is replied with the confirmation given by the third party if the third party accepts the second identifier. The terminal device is allowed to use the telecommunication services of the fixed network in response to the confirmation from the third party.
According to a preferred embodiment of the invention, the use of telecommunication services is charged for on the basis of the confirmation transmitted by a third party.
According to a preferred embodiment of the invention, a third party identifier, such as a telephone number, is transmitted during a connection establishment from said terminal device to said fixed network, on the basis of which identifier a connection is established to said third party.
According to a preferred embodiment of the invention, a time limit is set for the duration of a telecommunication connection of said terminal device, a timer is activated when establishing the telecommunication connection of said terminal device and when the time measured by the timer exceeds the time limit, the offering of the telecommunication connection to said terminal device is prevented.
The invention is based on the idea that when a user (subscriber) of a terminal device, preferably a mobile station, does not have a (direct or an indirect) right to access to the fixed network, i.e. the terminal device cannot transmit an acceptable, a so-called first identifier, e.g. the IMSI of the SIM card, to the network, the fixed network, typically the visited network, allows a connection to be established to a third party preferably for user identification. The terminal device transmits a so-called second identifier, e.g. a digital signature of a payment application, to the third party. The third party identifies the user and, if the user is acceptable, informs the fixed network of having checked the user and preferably of ensuring the charging of the user. Thus, the visited network can offer telecommunication services in a manner requested by the terminal device, since the visited network has advantageously received a confirmation that the telecommunication services used by the terminal device will be paid for. The visited network may charge for the services according to charging instructions that are either received from the third party or are determined in advance. The service charging is addressed for example directly to the third party, which takes care of the further charging of the user. The third party can be contacted in order to verify the creditworthiness, for example, even if the visited network identified the terminal device user by means of a valid SIM card, for example.
According to a preferred embodiment of the invention, a mobile station transmits a third party identifier to the visited network during a connection set-up.
According to an embodiment, the visited network may require a confirmation from the third party each time the mobile station requests for a new telecommunication connection or only when the user registers in the network for the first time. Then, in accordance with a preferred embodiment of the invention, the visited network gives the mobile station a temporary user identity either for the duration of one telecommunication connection or for a longer time. The connection established to the third party to identify the user can according to an embodiment be time-supervised, too: if no confirmation from the third party is received within a pre-set time limit, the visited network disconnects the connection.
The method and apparatus of the invention provide the advantage that when a terminal device having no right to access to the visited network requests for telecommunication services from the visited network, a confirmation from a third party, e.g. from another mobile communication network or a credit company, can be transmitted to the visited network. On the basis of the confirmation, the visited network can thus have more confidence in receiving the payment for the services, for example, or in the user""s identity. The solution of the invention enables a more flexible use of telecommunication services without an agreement made in advance, and the used telecommunication services can preferably be paid for by a current payment method of the third party.
The solution of the invention may also protect the real identity of a user from the visited network offering telecommunication services. This may be of use for example in a situation, in which a user is offered a chance of voting with his mobile station, whereby only an authority acting as a third party would identify the user. Further, the visited network can receive extra income by charging via the third party also those users for the services that have not made an agreement with the visited network. In accordance with an embodiment of the invention, the visited network can restrict users having no right to access from using telecommunication services preferably by setting a certain time when the offering of telecommunication services is allowed and thus making the risk of misuses smaller.