Browse Prior Art Database

A security mobile transaction method based on hardware crypto card and SIM card

IP.com Disclosure Number: IPCOM000248878D
Publication Date: 2017-Jan-19
Document File: 5 page(s) / 116K

Publishing Venue

The IP.com Prior Art Database

Abstract

More and more on-line business are moved to mobile system for better convenience and competitiveness. But current ways for data security are not good enough, especially for SMS(Short Message Service). Carriers use plaintext for SMS transfer which will cause security issues. It will result in serious problem if important message is intercepted by criminals. Now, we provide a new way to build a SIM card based secured connection channel for SMS transfer. In order to use this invention in this disclosure, a smart SIM(Subscriber Identification Module) card is needed. Different from the SIM card we are using now, this smart SIM card will be able to store the user certificates signed by CA(Certificate Authority) of SIM cards' ISP(Internet Service Provider) and the SIM card's private key. And also it need to be able to encrypt and decrypt the messages. When first time using a smart phone with the smart SIM card, a procedure of registration will be taken to establish a secure connection. After that the SMS contents could be encrypted and decrypted to ensure the security. By using the invention presented in this disclosure, SMS content will be protected and any third party will not be able to obtain the content of SMS.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

1

A security mobile transaction method based on hardware crypto card and SIM card

The first time when user insert their SIM(Subscriber Identification Module) card to their cell phone and it will register to ISP(Internet Service Provider) for SMS(Short Message Service) service, an authentication will be triggered and a secure connection will be established using the certificate and private key in SIM card between user smart phone and ISP server. After the connection established and encryption algorism communication,every time when user send or receive a SMS, the SMS content will be encrypted and need to be decrypted in SIM card.

This method comprise 1 hardware components which is smart cards containing chips:

SIM card(smart card):

The sim card contain a user certificate signed by the CA(Certificate Authority) certificate of its ISP. The user certificate containing the cell phone information which is encrypted by the private key of the ISP CA certificate. The user certificate also have the public key containing in it and the private key is separately stored in SIM card.

The register and symmetric key load process is as below: 1.When user insert the SIM card to smart phone and will register to the ISP server, the smart phone first get the user certificate from SIM card and send to the ISP along with the register cell phone number. 2.The ISP server get the certificate and decrypt the cell phone number from it using the ISP CA certificate's public key, compare it with the registered cell

phone number. If they are same, then return a cipher text which is the symmetric encryption key encrypted by the user...