TREA

METHOD FOR PREVENTING THE MISUSE OF ELECTRONIC ACCESS PERMISSIONS, WHICH CAN BE MANAGED IN MOBILE ELECTRONIC DEVICES USING A WALLET APPLICATION AND WHICH ARE TRANSMITTED TO THE MOBILE ELECTRONIC DEVICES BY A SERVER, IN EACH CASE USING A LINK FOR DOWNLOADING THE ACCESS PERMISSION

Follow

Information

  • Patent Application
  • 20250021964
  • Publication Number
    20250021964
  • Date Filed
    June 10, 2024
    7 months ago
  • Date Published
    January 16, 2025
    6 days ago
Information
Abstract
A method for preventing misuse of electronic access permissions, managed in mobile electronic devices using a wallet application and transmitted by a server. A link is purchased from the server, during which a password or authentication data and a mobile electronic device, are specified via the link. When activating the link, an ID of the first mobile electronic device, which is associated with an ID of the purchased access permission, is transmitted to the server. The electronic access permission is only transferable from the first mobile electronic device to another mobile electronic device after the password is first entered with the server. Upon transfer, in the server the access permission ID is associated with the ID of the other mobile electronic device and the access permission stored on the first mobile electronic device is marked as invalid.
Description
FIELD OF THE INVENTION

The present invention relates to a method for preventing the misuse of electronic access permissions, which can be managed in mobile electronic devices using a wallet application and which are transmitted to the mobile electronic devices by a server, in each case using a link for downloading the access permission.


BACKGROUND OF THE INVENTION

From the prior art it is known to store and manage electronic access permissions, for example by means of so-called wallet applications on mobile electronic devices, such as smartphones and tablets. In this case it is possible, for example, by means of the IOS “Wallet” app, to forward electronic access permissions to other mobile electronic devices. This increases the convenience for the user, in the case where an authorized person would like to use a new mobile electronic device; on the other hand, this technique can allow personal electronic access permissions to be “borrowed”, thereby allowing a misuse of these access permissions.


SUMMARY OF THE INVENTION

The object of the present invention is to specify a method for preventing the misuse of electronic access permissions, which can be managed in mobile electronic devices using a wallet application and which are transmitted to the mobile electronic devices by a server, in each case using a link for downloading the access permission, the use of which excludes the possibility of misuse of the access permission while at the same time ensuring the facility for transmitting the electronic access permission to another mobile electronic device of an authorized person.


This object is achieved by the features of the independent claim(s). Further configurations according to the invention and advantages are apparent from the dependent claims.


Consequently, a method is proposed for preventing the misuse of electronic access permissions, which can be managed in mobile electronic devices using a wallet application and which transmitted to the mobile electronic devices by a server, in each case using a link for downloading the access permission, wherein in said method an electronic access permission is purchased by means of an interaction with a server, wherein during the purchase of the electronic access permission by a buyer, a password or authentication data and a mobile electronic device are specified, the electronic access permission is transmitted from the server to the mobile electronic device by means of a link for downloading the access permission.


According to the invention, in implementing the link for downloading the purchased access permission a unique ID of the mobile electronic device is transmitted to the server, which is associated with an ID of the acquired access permission, wherein a transmission of the electronic access permission from the first mobile electronic device to another mobile electronic device takes place only after the input of the password specified by the purchaser of the access permission, and/or input of the authentication data specified by the buyer of the access permission by means of an interaction with the server, wherein on completion of the transfer the access permission ID is associated with the ID of the other mobile electronic device in the server, and the server marks the access permission stored on the first mobile electronic device as invalid.


In the context of one design of the invention, after the transmission of the link for downloading the access permission to the mobile electronic device, a wallet application installed on the mobile device activates the link and in order to download the acquired access permission a unique ID of the mobile electronic device is transmitted to the server, wherein it is verified in the server whether an ID of the acquired access permission is associated with the transmitted unique ID of the mobile electronic device, wherein if this is not the case, the access permission ID and the unique ID of the mobile electronic device are associated with each other and the electronic access permission is then downloaded.


In the event that the electronic access permission is to be transferred from one mobile electronic device to another mobile electronic device, the wallet application of the mobile electronic device, whose unique ID is associated with the access permission ID, transmits a link for downloading the access permission to the other mobile electronic device, wherein the wallet application of the other mobile electronic device activates the link and transmits a unique ID of the other mobile electronic device to the server.


According to the invention, it is verified in the server whether an association of the access permission ID with a unique ID of another mobile electronic device exists, wherein if this is the case, the server sends a link to the other mobile electronic device, the activation of which by the wallet application leads to an input screen for either the password specified by the purchaser of the access permission or for the authentication data specified by the purchaser of the access permission, wherein if the password is valid or the authentication data are valid, the access permission ID is associated with the ID of the other mobile electronic device in the server and the electronic access permission is downloaded to the other mobile electronic device.


Then, the access permission stored on the first mobile electronic device is marked by the server as invalid, preferably by means of a push message to the wallet application, wherein the association of the ID of the first mobile electronic device with the electronic access permission is deleted and the corresponding data are stored on the server.


The design according to the invention provides a method for preventing the misuse of electronic access permissions, which can be managed in mobile electronic devices using a wallet application and which are transmitted to the mobile electronic devices by a server, in each case using a link for downloading the access permission, the activation of which ensures that an access permission can only be transferred to another mobile electronic device if this is a mobile electronic device of an authorized person.


In the context of an extension of the invention, if an access permission is to be transferred from one mobile electronic device to another mobile electronic device, i.e. if the access permission ID has already been associated with a unique ID of a mobile electronic device, then on the basis of the number of the completed associations from the access permission ID to unique IDs of mobile electronic devices it is verified how often the access permission has already been transferred, wherein if the number of completed transfers has reached a predefined threshold value, no further transfer is possible.





BRIEF DESCRIPTION OF THE DRAWING

In the following, an example of the invention is described in greater detail on the basis of the attached FIGURE, which shows a sequence diagram to illustrate the main features of the method according to the invention.





DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

Referring to the attached FIGURE, at the start of the method an electronic access permission is purchased by a buyer 1 by means of an interaction with a server 2 (step 1), wherein when the electronic access permission is purchased by the buyer a password or authentication data is specified. Then (step 2), the electronic access permission is transferred from the server 1 to a mobile electronic device 3 specified during the purchase of the access permission, by means of a link for downloading the access permission, wherein a wallet application installed on the mobile device 3 activates the link and in order to download the acquired access permission, a unique ID of the mobile electronic device is transmitted to the server 2 (step 3), wherein it is verified in the server 2 whether an ID of the acquired access permission is associated with the transmitted unique ID of the mobile electronic device 3, wherein if this is not the case, the access permission ID and the unique ID of the mobile electronic device 3 are associated with each other (step 4) and the electronic access permission is then downloaded.


If the electronic access permission is to be transferred from one mobile electronic device 3 to another mobile electronic device 4, i.e., if the access permission ID has already been associated with a unique ID of a mobile electronic device 3, then after initiation of the process by the owner of the mobile electronic device 3 (step 5) with whose unique ID the access permission ID is associated, the wallet application of the mobile electronic device 3, with whose unique ID the access permission ID is associated, transmits a link for downloading the access permission to the other mobile electronic device 4 (step 6), wherein the wallet application of the other mobile electronic device 4 activates the link (step 7) and transmits a unique ID of the other mobile electronic device 4 to the server 2.


It is then verified in the server 2 whether an association of the access permission ID with a unique ID of another mobile electronic device exists, wherein if this is the case, the server 2 sends a link to the other mobile electronic device 4 (step 8), the activation of which by the wallet application leads to an input screen for entering either the password specified by the purchaser of the access permission or for the authentication data specified by the purchaser of the access permission (step 9), wherein if the password is valid or the authentication data is valid, the access permission ID is associated with the ID of the other mobile electronic device 4 in the server 2 and the electronic access permission is downloaded to the other mobile electronic device 4 (step 10).


The access permission stored on the first mobile electronic device 3 is then marked by the server 2 as invalid (step 11), preferably by means of a push message to the wallet application.

Claims
  • 1-3. (canceled)
  • 4. A method for preventing misuse of an electronic access permission, which is manageable with a mobile electronic device using a mobile device application, the electronic access permission being transmitted to the mobile electronic device by an access permission server controlling an initial creation of the electronic access permission as well as any subsequent transfer of the electronic access permission, the method comprising: receiving at the access permission server, during the initial creation of the electronic access permission, a first mobile electronic device ID;generating an ID associated with the electronic access permission;associating the ID of the electronic access permission with the unique ID of the first mobile electronic device;transmitting the electronic access permission to the first mobile electronic device for management in the mobile device application in response to associating the first mobile electronic device ID with the ID of the electronic access permission; andfollowing transmission of the electronic access permission to the first mobile electronic device, processing a transfer request for transferring the electronic access permission from the first mobile electronic device to a second mobile electronic device, the processing comprising:receiving, from the first mobile electronic device, verification information associated at least with approval by the first mobile electronic device to transfer the electronic access permission;receiving a request for the electronic access permission from the second mobile electronic device in response to the second mobile electronic device receiving the ID of the electronic access permission from the first mobile electronic device, wherein the request includes a unique ID of the second mobile electronic device;verifying at the access permission server that the ID of the electronic access permission is associated with the unique ID of a mobile electronic device different than the second mobile electronic device;requesting by the access permission server that the second mobile electronic device provide verification information associated with transfer approval by the first mobile electronic device;determining that the verification information provided by the second mobile electronic device is validated in comparison to the first mobile electronic device;in response to validating the verification information from the second mobile electronic device, associating the ID of the electronic access permission with the unique ID of the second mobile electronic device;transmitting the electronic access permission to the second mobile electronic device for management through a mobile device application of the second mobile electronic device; andinvalidating the electronic access permission on the first mobile electronic device by means of a message from the access permission server to the first mobile electronic device and deleting on the access permission server, the association between the electronic access permission and the first mobile electronic device.
  • 5. The method of claim 4, wherein the verification information comprises one or more of a password or authentication data specified by a user of the first mobile electronic device during creation of the electronic access privilege.
  • 6. The method of claim 4, wherein the verification information comprises information associated with the unique ID of the second mobile electronic device.
  • 7. The method of claim 4, wherein the initial creation of the electronic access privilege further comprises defining a maximum transmission threshold indicating the total permitted number of times that the electronic access privilege may be transmitted to any mobile electronic device after initial creation.
  • 8. The method of claim 7, wherein transmitting the electronic access privilege to any mobile electronic device after initial creation further comprises increasing a transmission count in the access permission server.
  • 9. The method of claim 8, wherein processing the transfer request further comprises the step of permitting transfer only if the transmission count has not already been equaled the pre-defined maximum transmission threshold.
  • 10. The method of claim 7, wherein transmitting the electronic access privilege to any mobile electronic device further comprises appending the unique ID of the receiving mobile electronic device to a record of all mobile electronic device IDs receiving the electronic access privilege since initial creation; and wherein processing the transfer request further comprises the steps of determining from the record the number of tines the electronic access privilege has been transferred since initial creation andpermitting transfer only if the determined count has not reached the maximum transmission threshold.
  • 11. The method of claim 4, wherein the transmission of any mobile electronic device unique ID is via the mobile application of the mobile electronic device.
  • 12. The method of claim 4, wherein the invalidation message from the access permission server is transmitted to the mobile device application of the first mobile electronic device.
  • 13. The method of claim 4, wherein the access permission server sends a message to the mobile applications of the first and second mobile electronic devices indicating a result of the processing of the transfer request.
  • 14. A method for preventing unauthorized use of electronic access permissions that can be managed in mobile electronic devices by means of mobile device applications, the electronic access permissions being transmitted to the mobile electronic devices from an access permission server, the method comprising: receiving at the access permission server, during the initial creation of the electronic access permission, a first mobile electronic device ID;generating an ID associated with the electronic access permission;associating the ID of the electronic access permission with the unique ID of the first mobile electronic device;transferring the electronic access permission to the first mobile electronic device for management in the mobile device application in response to associating the first mobile electronic device ID with the ID of the electronic access permission;enabling a transfer of the electronic access permission from the first mobile electronic device, the unique ID of which is associated with the ID of the electronic access permission, to a second mobile electronic device; andfollowing transfer of the electronic access permission to the first mobile electronic device, processing a transfer request for transferring the electronic access permission from the first mobile electronic device to the second mobile electronic device if transfer has been enabled, the processing comprising:receiving, from the first mobile electronic device, verification information associated at least with approval by the first mobile electronic device to transfer the electronic access permission;receiving a request for the electronic access permission from the second mobile electronic device in response to the second mobile electronic device receiving the ID of the electronic access permission from the first mobile electronic device, wherein the request includes a unique ID of the second mobile electronic device;verifying at the access permission server that the ID of the electronic access permission is associated with the unique ID of a mobile electronic device different than the second mobile electronic device;requesting by the access permission server that the second mobile electronic device provide verification information associated with transfer approval by the first mobile electronic device;determining that the verification information provided by the second mobile electronic device is validated in comparison to the first mobile electronic device;in response to validating the verification information from the second mobile electronic device, associating the ID of the electronic access permission with the unique ID of the second mobile electronic device;transferring the electronic access permission to the second mobile electronic device for management through a mobile device application of the second mobile electronic device; andinvalidating the electronic access permission for the first mobile electronic device in the access permission server by deleting the association between the electronic access permission ID and the first mobile electronic device ID.
  • 15. The method of claim 14, wherein the verification information comprises one or more of a password or authentication data specified by a user of the first mobile electronic device during creation of the electronic access privilege.
  • 16. The method of claim 14, wherein the verification information comprises information associated with the unique ID of the second mobile electronic device.
  • 17. The method of claim 14, wherein the initial creation of the electronic access privilege further comprises defining a maximum transfer threshold indicating the total permitted number of times that the electronic access privilege may be transferred to any mobile electronic device after initial creation.
  • 18. The method of claim 17, wherein transferring the electronic access privilege to any mobile electronic device after initial creation further comprises increasing a transfer count in the access permission server.
  • 19. The method of claim 18, wherein processing the transfer request further comprises the step of permitting transfer only if the transfer count has not already been equaled the pre-defined maximum transfer threshold.
  • 20. The method of claim 17, wherein transferring the electronic access privilege to any mobile electronic device further comprises appending the unique ID of the receiving mobile electronic device to a record of all mobile electronic device IDs receiving the electronic access privilege since initial creation; and wherein processing the transfer request further comprises the steps of determining from the record the number of tines the electronic access privilege has been transferred since initial creation andpermitting transfer only if the determined count has not reached the maximum transfer threshold.
  • 21. The method of claim 14, wherein the transfer of any mobile electronic device unique ID is via the mobile application of the mobile electronic device.
  • 22. The method of claim 14, wherein the invalidation message from the access permission server is transferred to the mobile device application of the first mobile electronic device.
  • 23. The method of claim 14, wherein the access permission server sends a message to the mobile applications of the first and second mobile electronic devices indicating a result of the processing of the transfer request.
Priority Claims (1)
Number Date Country Kind
17185122.3 Aug 2017 EP regional
Parent Case Info

This application is a continuation of application Ser. No. 18/343,436 filed Jun. 28, 2023, which is a continuation of application Ser. No. 16/040,628 filed Jul. 20, 2018, which claims priority from European patent application serial no. 17185122.3 filed Aug. 7, 2017.

Continuations (2)
Number Date Country
Parent 18343436 Jun 2023 US
Child 18738495 US
Parent 16040628 Jul 2018 US
Child 18343436 US