WO2007004865A1 - Access check and ticket therefor - Google Patents

Access check and ticket therefor Download PDF

Info

Publication number
WO2007004865A1
WO2007004865A1 PCT/NL2006/000321 NL2006000321W WO2007004865A1 WO 2007004865 A1 WO2007004865 A1 WO 2007004865A1 NL 2006000321 W NL2006000321 W NL 2006000321W WO 2007004865 A1 WO2007004865 A1 WO 2007004865A1
Authority
WO
WIPO (PCT)
Prior art keywords
ticket
string
user
code
access
Prior art date
Application number
PCT/NL2006/000321
Other languages
French (fr)
Inventor
Hugo Beunder
Original Assignee
Koninklijke Kpn N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Kpn N.V. filed Critical Koninklijke Kpn N.V.
Priority to EP06757814A priority Critical patent/EP1899923A1/en
Publication of WO2007004865A1 publication Critical patent/WO2007004865A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F17/00Coin-freed apparatus for hiring articles; Coin-freed facilities or services
    • G07F17/42Coin-freed apparatus for hiring articles; Coin-freed facilities or services for ticket printing or like apparatus, e.g. apparatus for dispensing of printed paper tickets or payment cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/045Payment circuits using payment protocols involving tickets
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/045Payment circuits using payment protocols involving tickets
    • G06Q20/0457Payment circuits using payment protocols involving tickets the tickets being sent electronically
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B15/00Arrangements or apparatus for collecting fares, tolls or entrance fees at one or more control points

Definitions

  • the invention relates to a method for assessing the access of a user to a service.
  • the invention further relates to a device for allowing or refusing the user access to a service. It is currently known to monitor the access of a user to a service or an event in that during a check the user presents a ticket, the validity of which is checked. Access is granted if the ticket is valid. The validity of a ticket can be checked or verified for authenticity, for instance by making use of special printing techniques when the tickets are issued.
  • the object of the invention is to provide a method and device for granting a user access to a service, wherein this feedback is not necessary, so that the method and device can be applied at locations where no connection to a server is available and/or this connection cannot be established with certainty.
  • this object is achieved in that the method comprises of the user presenting a ticket with a code during a check for access to the service.
  • the method preferably further comprises of detecting the code during the check.
  • the method preferably further comprises of verifying the validity of the ticket on the basis of the detected code.
  • the method preferably further comprises of assessing access to the service on the basis of validity.
  • the method is preferably characterized in that the code of the presented ticket comprises a digital string relating to the service, wherein the validity is verified by checking for the presence of this string in the digital code.
  • the ticket itself hereby has a verifiable data in the form of a digital string which is incorporated in the code. The authenticity of the ticket can be determined on the basis of the ticket itself.
  • the digital string is incorporated or processed into the code.
  • access to a service must for instance be understood to mean the entry to events, but it can also be applied for: travel (aeroplane, train, boat) ; parking (for instance reservation for car parks) ; medical prescriptions; issuing coupons for a plurality of applications (gift tokens, discount cards, refreshment vouchers) ; a combination of applications (for instance a cinema ticket with a refreshment voucher in one value bearer) ; entry to buildings (a matrix code, which only gives access to a specific building or a part thereof within a determined time interval, can for instance be sent to an occasional visitor by SMS) ; train tickets are also possible.
  • the user shows the ticket to the conductor. He/she checks the validity. Although the user is in fact already on the train, access is only then actually granted in the sense of the invention.
  • a ticket according to the invention can be understood to mean a value bearer in a random form, which can preferably be distributed via an electronic channel.
  • An example ticket is a signal which can be sent to the mobile telephone, which signal is displayed as a two-dimensional bar code. The ticket can comprise more than just the code. In addition to the code, the ticket can also comprise characters which can be interpreted by humans.
  • Another example ticket is received via the computer and can be printed on paper by means of a printer.
  • a further example is a signal which is received by the mobile telephone and which can be distributed locally in that the signal is transmitted via a known technique, for instance via Bluetooth and the like.
  • Tickets can be sent by e-mail, by I-mail, via a wireless or via a wired connection, via a telephone network or via a cable network, etc.
  • a digital string in particular a ticket string, comprises or is formed by information which indicates for which purpose the ticket has been generated, such as for instance an indication of the location, date, time, room or hall, row and seat numbers to which the ticket relates.
  • the string comprises at least one, preferably two, and in the preferred embodiment at least three or more indications relating to the service.
  • the string can herein also indicate the number of people having access to the service. Particular features of the people, such as age discount, decreased ability and so on, can be indicated.
  • the string is present in a code of the presented ticket, it is possible to determine that the ticket is valid.
  • Checking for the presence of the string can take place in different ways, for instance on the basis of an algorithm which is executed by means of software. When the presence of the string is confirmed, access can be granted.
  • Such a system can for instance be applied in the distribution of free tickets for a service wherein the use of a ticket is still necessary, for instance for entry to an event which is by invitation only.
  • the method further comprises of deriving the digital string from the detected code.
  • the content of the string can hereby be read.
  • the number of places for which the ticket grants access can be retrieved.
  • particulars such as age and age discount can further also be retrieved and applied.
  • the invention provides a ticket with a code, wherein the code on the one hand comprises the digital string, which gives further information relating to the particular details of the access, and which on the other hand forms the basis for the verification and validity of this ticket. The use of this dual function is particularly efficient.
  • An example of a ticket according to the invention is a credit voucher.
  • Such vouchers can be distributed free of charge.
  • the voucher can relate to a product or a service.
  • the specific property of the voucher is included in the ticket string.
  • the content of the credit voucher can even be copied, not only by the issuer of the voucher but also by the recipient/addressee.
  • the voucher is distributed for payment .
  • presenting of the ticket comprises of making the ticket available locally.
  • the ticket is hereby shown, transmitted, sent or detectable at one location.
  • An access checking device can receive and send the ticket, whereby the checking can take place.
  • the method preferably comprises of the user receiving the ticket electronically.
  • the ticket can hereby be distributed and requested by the user in simple manner. Loss of the ticket can be countered by requesting and sending the ticket again.
  • Different methods of sending and receiving the ticket electronically are known to the skilled person.
  • the technologies for mobile telephony are used in particular, including GSM, WAP, UMTS and other comparable current systems, as well as possible future systems based on the same principles.
  • making locally available comprises of sending the ticket electronically during a check and that the electronically sent ticket is detected during the check.
  • An example hereof is sending the ticket through the mobile telephone by means of Bluetooth.
  • Another example is the NFC. In NFC use is not made of visible tickets, such as for instance the matrix or bar code. The ticket is sent via SMS to the NFC telephone and read in wireless manner by means of RFID technology during a check.
  • the code is preferably compiled on the basis of a ticket string, which ticket string comprises data relating to the service (one or more indications of the service) and the user. It is precisely hereby that a particular digital string is obtained which comprises at least two data, i.e. the service to which access is requested and data relating to the user, which are relevant during the check. Extra verification hereby becomes possible.
  • the name of the user who wishes to gain access can be included in the string and can be verified. By having the user identify him/herself, a second verification can take place during the check for access.
  • the ticket string for instance indicates which service can be obtained with the ticket.
  • the ticket string is derived from the detected code. Granting access preferably takes place on the basis of the ticket string. Access is hereby made dependent on the ticket string.
  • the method comprises of compiling a ticket string on the basis of data relating to the service and the user, encoding this ticket string and sending the encoded ticket string in the form of the ticket with code to the user. Copying of the ticket is prevented to a certain extent by applying encoding. Encoding prevents other parties being able to form tickets.
  • the method further comprises of a user providing data for ordering a ticket for access to the service.
  • a user providing data for ordering a ticket for access to the service.
  • This can for instance be carried out by means of a website which can be set up in the usual manner as a ticket-ordering service.
  • a known website is www.beep.nl.
  • the user wants to order a ticket and for this purpose enters his/her personal data, as well as the desired indications for the service he/she wishes to order.
  • a ticket string is compiled which is encoded and sent to the user.
  • a system is hereby obtained wherein tickets can be ordered up to the last minute by users in simple manner and at low cost, and without having to wait.
  • a particular form of encoding the ticket string comprises of encoding wherein a hash code is formed on the basis of the ticket string, which code is added to the ticket string so as to obtain the encoded ticket string, and wherein the verification of the validity of the code of the ticket comprises of verifying the added hash code, preferably on the basis of the derived ticket string.
  • An example hereof is the SHA-I hash code which is added to the ticket string.
  • the ticket string itself is then not encrypted. The validity of the ticket can however be determined on the basis of the added hash code.
  • the encoding comprises of applying an encryption on the basis of a key to the ticket string so as to obtain the encoded ticket string or of forming a code with ticket string, and wherein verification of the validity comprises of decrypting the code of the ticket by means of the key, whereby the ticket string is obtained.
  • the key for the hash code or the encryption key is present at the location where the check takes place. This can differ from location to location or from day to day.
  • the method according to the invention preferably further comprises of storing the ticket string during the check and refusing access to the user of a ticket with the same ticket string.
  • One ticket string can hereby be used only once.
  • the ticket string herein comprises for instance a particular reference code which is unique for each ticket. When it is established that this part of the ticket string is the same as the ticket string of another, previously checked ticket, the ticket can be refused. This will be the case when the ticket has been copied.
  • the ticket preferably also comprises an identification code for identification of the user. These can be different codes which do not have to be included in the ticket string or in the encoding. They may for instance relate to the name, but in an advanced application can relate to biomedical data of the user.
  • the code identifies the mobile equipment of the user by means of for instance the SIM card or the telephone number of the mobile device with which the ticket is received and with which the ticket is made locally available.
  • a further verification can hereby take place of the identification code and a locally available check option (of the user) , such as the user him/herself or the mobile device.
  • the identification code which is added to the ticket can for instance be a PIN (personal identification number) code which is encoded in the code of the ticket.
  • the PIN code can be given by the user during the check, whereby an extra verification takes place.
  • the ticket preferably further comprises a period of validity.
  • the period of validity can form part of the ticket string. It can hereby be determined during a check that the period of validity has expired and that access to the service must be refused. This can for instance relate to access to a building, but also to a ticket for a service such as a train or an aeroplane.
  • Making the ticket locally available preferably comprises of displaying the received ticket with the code on a screen and detecting the ticket by scanning the screen.
  • a method is hereby obtained wherein the screen of the mobile device can be used and can be scanned.
  • the invention also relates to a device for allowing or refusing access to a service, comprising a detecting means for detecting a ticket presented locally by a user.
  • the device preferably further comprises a verification means connected to the detecting means for verifying the validity of the detected ticket, and in further preference access means connected to the verification means for granting the user access to the service on the basis of a valid ticket.
  • the invention is preferably characterized in that the presented ticket comprises a digital string relating to the service, and that the verification means has a processing means for determining the validity on the basis of the presence of this string in the presented ticket.
  • a device is hereby obtained which checks the validity through the presence of a digital string with data relating to that service which are present in the ticket.
  • An access device is hereby obtained which verifies tickets on the basis of a code with partially digital content. The device can check the validity of the ticket.
  • the access device can itself then determine the validity independently of a remote device, such as a server, on which registration codes are updated.
  • the digital string is preferably a ticket string which comprises data relating to the service and the user. Feedback to the service for which access is requested can hereby be verified, and the ticket string can on the other hand be linked to the user.
  • the detecting means preferably has a deriving means for deriving the digital string from the ticket.
  • the data relating to the service and/or the user can hereby be derived.
  • the processing means is preferably adapted to encode a digital string and the verification means is adapted to check the validity of the ticket by comparing the ticket to the encoded digital string provided by the processing means. Because the encoding of the ticket string is repeated in the access device, the ticket is once again compiled from the original digital string, in particular the ticket string, and these two can be compared. When these correspond, the ticket is valid and access can be granted.
  • the processing means for the encoding is a hash means for compiling a hash code on the basis of the digital string, and the processing means further comprises an adding means for adding the hash code to the digital string.
  • the string is for instance signed with an SHA-I signature and then converted into for instance a matrix code, for instance a two-dimensional matrix code.
  • Software can be used for this purpose, for instance from TEC-IET, an Austrian company specializing in the production of software for diverse types of bar and matrix codes.
  • the application of hashing has the advantage that the digital string itself is not encoded and is or remains readable.
  • the processing means comprises an encryption means for encoding the string on the basis of a key.
  • the ticket string itself is hereby encoded.
  • the ticket is compiled, encoded and sent to the user.
  • An example is the so-called triple DES encryption software.
  • the ticket string consists of a number of bytes, for instance 52, which contain information relating to location, room or hall, date, time, row and seat numbers and personal data.
  • the ticket can be converted using software by means of encoding in a standard ECC 200 matrix code. This can be printed after receipt by the user, or be sent to a mobile telephone of the user via SMS or e-mail.
  • validation takes place by means of for instance scanning the matrix code or reading from the LCD display of the mobile telephone or from paper.
  • the device according to the invention preferably has a memory for registration of the detected ticket and/or the string, a comparing means for comparing the detected ticket and/or string with the content of the memory, coupled to the access means.
  • a device is hereby obtained wherein, when a ticket and/or the string has already been previously detected, it cannot be used again for access to the service.
  • the device according to the invention itself updates a checking register for already used tickets/strings .
  • the access device can further comprise additional identification checking means, such as scanners for checking an identity of the user.
  • additional identification checking means such as scanners for checking an identity of the user.
  • the detected identity- can be compared to the identification code incorporated in the ticket, preferably in the code.
  • Figure 1 shows a flow diagram of an embodiment of the invention
  • Figure 2 shows a ticket according to an embodiment
  • Figures 3a-3d show four steps for obtaining a ticket;
  • Figure 4 shows a checking device according to an embodiment .
  • FIG. 1 shows a flow diagram for the method of the invention. The steps of the flow diagram will be discussed.
  • a user wishes to gain access to a determined service such as an event, entry to a building or a ticket, for instance for a means of transport such as the train.
  • step 21 data are entered by the user. This will be further illustrated with reference to figure 3. Entering of the data for instance comprises of giving the identity of the applicant, for instance including an account number with which the ticket will be paid, address information and the like.
  • age and the like are also asked, whereby specific discounts, such as discount for people of 65 and over, can also be determined immediately.
  • data are entered relating to the desired service. In respect of the service it is possible to indicate how many people must gain access, in particular which people must gain access.
  • four people are for instance granted access with one ticket according to the invention.
  • four different tickets, which are sent to four different people can be ordered in one order.
  • Entering the data can be implemented in a manner known to the skilled person, for instance via a website.
  • the visitor to the website can for instance identify him/herself by means of a user name in combination with a password.
  • the website provides different locations to which access can be gained. The user can choose herefrom.
  • the times at which the locations can be accessed are advantageously indicated here.
  • An example here is for instance a cinema ticket. The times at which the cinema ticket is valid can be stated.
  • a digital string is formed which comprises a number of those data, including for instance a period of validity of the ticket.
  • entry into the building in which the film is being shown can also be incorporated in the ticket. In said example this can for instance be from seven o'clock.
  • a digital string consisting for instance of several bytes, is in this way made in step 22. Use is made of a determined format.
  • the ticket is a combination ticket for different services. The user wishing entry to the cinema can simultaneously make a combination with public transport, for instance with a train ticket, optionally even in combination with a meal or drink. Data relating to various services are then incorporated in one ticket string.
  • a ticket can be compiled in step 24 by encoding indicated with step 23.
  • the encoding can proceed via a number of routes, two of which are shown in the flow diagram of figure 1.
  • the encoding takes place by means of encryption.
  • the digital string is encoded with a key, which is supplied by means of 27, whereby the whole string is modified.
  • the code obtained by the encryption of step 25 comprises the ticket string in preferably non-visible manner. Different encryption techniques can be used.
  • the encryption of the digital string can take place using software, by means of so-called triple DES encryption.
  • the ticket string a particular form of the digital string, consists of a number of bytes, preferably 52 or 64 bytes containing information relating to location, room or hall, date, time, row and/or seat numbers and/or the number of people for which the ticket is valid.
  • step 23 Another example of the encoding in step 23 is the use of a hash algorithm.
  • the so-called SHA-I hash code can be added via step 26 to the formed digital string 22.
  • the hash is formed and added to the string.
  • the content of the string is possibly visible.
  • step 24 Compiling of the ticket can for instance take place by combining in step 23 the encoded string with a software-based conversion to a matrix code in the form of a two-dimensional bar code.
  • the matrix code is formed by means of step 28.
  • An example of such a code is the ECC 200 matrix code.
  • Other forms of compiling the ticket are also possible in step 24.
  • the encoded string in step 23 can be converted into an SMS which can be sent to a mobile terminal of a user via known techniques, GSM, UMTS or other cellular networks.
  • the ticket can also be compiled such that a user can send the ticket in the form of a locally transmittable signal, such as Bluetooth or FHS, from the mobile terminal at which he/she received the ticket.
  • a locally transmittable signal such as Bluetooth or FHS
  • the skilled person will be familiar with the techniques necessary for compiling the ticket in step 24.
  • the invention is not limited to the use of the matrix code according to step 28.
  • step 29 the ticket is sent to the user.
  • the user does not have to be the same person as the person who requests the ticket in step 20.
  • the ticket can be ordered by a third person and sent as a gift to the actual user. In a particular embodiment free tickets are made available, for instance for an invitation to a gathering. Ordering of the ticket in step 20 can then indicate a group of users.
  • the ticket which is compiled in step 24 is sent for instance to the mobile terminal, i.e. the mobile telephone for instance of the user entered in step 21.
  • the ticket is sent to one or more cells of a cellular system.
  • the ticket is sent by post or e-mail or via another distribution system. When sent, the ticket compiled in step 24 is then in the form of a printable message.
  • step 30 the ticket is received by the user. Should he/she lose the ticket in step 31, the user can then request the ticket again 32 and the ticket is sent once more to the user via step 29.
  • the ticket can take various forms. During the check which takes place after 50 the ticket will have to be made detectable. This takes place in step 33. Making the ticket detectable can take place in different ways, depending on the form in which the ticket is compiled in step 24. According to a first embodiment the ticket is made physically detectable, for instance by being printed on paper. According to another embodiment the ticket is visualized on for instance the screen of the mobile telephone on which the ticket is received, for instance on the LCD screen of the GSM device of the user. According to yet another embodiment the ticket is sent in local manner in 36, for instance via FHS or Bluetooth. At the moment he/she wishes to be checked for access the user must initiate transmission of the signal. In a preferred embodiment a period of validity is incorporated in the ticket. When the receiving unit has received the ticket and for instance derives the digital string, the period of validity can be determined, whereby enabling and disabling of providing local availability of the ticket takes place automatically, for instance in the GSM or other mobile device of the user.
  • the ticket is made available by the user and can be detected.
  • the user presents the ticket with code for access check.
  • the code or other parts of the ticket are detected during a check.
  • the digital string formed in step 22 is derived once again in step 39.
  • this can take place in two ways. For instance via step 40, by deriving the ticket string from the code detected in 38 since this code is directly detectable, for instance because use is made of encoding in step 23 in the form of a hash code.
  • the ticket string is derived in step 41 by means of decryption which is present in the form of step 42. During a check, key 27 is present in reverse manner, whereby decryption can be carried out.
  • the string is for instance obtained in its original form. Deriving the ticket locally in the access device can be/become the subject of a divisional application.
  • step 40 it is possible to determine the validity of the ticket string in step 43 in that during the check the encoded string is once more compiled in the same way, on the basis of the digitally detected string, by means of encoding.
  • step 44 the code is computed again on the basis of the detected string.
  • step 43 the code computed in step 44 is compared to the code detected in step 38. If they correspond, access is granted via step 45. When the computed code 44 does not correspond with the code detected in step 38, access is not granted 46.
  • the string 41 derived from code 38 is for instance verified in step 47.
  • the derived string must conform to a number of characteristics. If these characteristics are present the validity of the string is established and access 45 can be granted. When the characteristics are not present, access is not granted 46.
  • the name of the service in the string must for instance correspond with the service for which access is requested.
  • the detected code 38 and/or the derived ticket string 39 can be stored 48 independently of the validity of the ticket. A second verification is hereby obtained.
  • code 38 has already been stored previously in a step 48, access is not granted 46 during the check in step 43.
  • the detected code has after all already been used before.
  • the skilled person will be familiar with known registers in which such codes can be stored.
  • An identification check of the user is carried out in step 49. The user can for instance be asked for his/her passport or other proof of identification. This must correspond with the user data incorporated in the ticket string. If they are not the same, access cannot be granted. Access can be granted 45 when identification 49 does correspond with the data from the derived string.
  • Step 49 can comprise of scanning a biometric feature.
  • the access device for instance comprises a scan.
  • the scan is compared to an identification code which is incorporated in the ticket and can be read.
  • the user can be asked for a pin code which the user has given when ordering. After being entered, the pin code is compared to a code in the ticket.
  • the flow diagram of figure 1 shows a number of variants. In addition, not all steps of the flow diagram as shown in figure 1 are necessary for the method according to the invention. It need not be the user who enters data when ordering. Ordering is not essential. In some cases copying of the ticket is allowed. This is the case for instance for a ticket which provides access to an event with free entry. Encoding is not essential, likewise when a ticket is involved which may be copied and may be transferred by the user.
  • Compiling of the ticket can take place in very diverse ways. What is essential is that the ticket comprises the string in encoded or directly visible form. The verification of the validity of the ticket can be carried out due to the presence of the string in digital form in a code, which code can take diverse forms, for instance the two-dimensional bar code. The check on the basis of an additional identification means and the check by means of a memory in which previous tickets are stored are embodiments.
  • Figure 2 shows an example ticket. The ticket is shown as it is received by the mobile telephone of a user. The ticket is sent electronically to the mobile terminal via the ether, via a cellular network.
  • the message can be a short message service provided with a figure, or can be sent as an electronic signal which is interpreted by the mobile device and displayed as a two- dimensional bar code, as shown.
  • the ticket can comprise more information than just this part.
  • the ticket can also have a written message, which indicates the purpose of the ticket and other data relating to the service/event for which the ticket is intended. It is hereby apparent to the user which ticket is intended for what purpose.
  • the ticket can for instance have a title.
  • the digital string and other data incorporated in the ticket can be encoded in unique manner.
  • the ticket or the part of the ticket formed by the shown bar code is the code in which the digital string according to the invention is incorporated. In this case the digital string is not "visible".
  • the content of the digital string can be derived by detecting the code, in this example scanning it with a device as shown in figure 4, wherein the shown code is converted into a digital form. Usual means can be used for this purpose. The conversion can take place using software.
  • the digital string can therefore be derived from the code when the steps for forming the ticket are reversed. This is particularly the case for encryption and decryption.
  • the two- dimensional bar code is converted into a digital code from which the ticket string can be read directly.
  • hashing can for instance be performed on the ticket string in order to establish whether the signature added to the string is valid.
  • Figure 3a shows a detect of a screen of a website via which tickets according to the invention can be ordered. The entry field for the personal data of a user is shown.
  • Figure 3a shows the entry screen for the profile of a user. The user enters his/her mobile telephone number in 80. The brand name and type of the mobile device are entered in 81 and 82 respectively.
  • the server which will compile and send the ticket to this mobile device can hereby take account of the features of the mobile device.
  • the ticket can be compiled subject to the technical features of the receiving device.
  • Personal data of a user such as name, address, are entered at reference numerals 83-88. These data become part of a profile which is stored on the server of the website and which can be retrieved and/or modified by a user at any later point in time by means of a combination of user name and password.
  • An option feature for the method of payment is designated at 89.
  • the user can choose from different methods of payment, for instance via credit card.
  • Agreement with the general conditions can be indicated in 90.
  • Figure 3b shows an ordering screen of the website.
  • the user can order specific tickets from a selection.
  • a cinema film and a date are designated here with 91 and 92.
  • the location and name of the cinema are entered or displayed in 93 and 94.
  • the options are shown on the screen in clear manner 95.
  • the user can order a number of tickets by entering a determined number 96.
  • a plurality of tickets can thus be ordered and generated with a single order.
  • the tickets are ordered by entering the order by means of 97.
  • Figure 3c shows an outline of the ordered ticket. This is in fact a part of the digital string which is sent together with the ordered ticket according to the invention.
  • the mobile number to which the ticket will be sent is once again shown in 100.
  • the ticket has been given a number 101.
  • 102 shows an outline of the details relating to the ticket and the service ordered.
  • 103 shows the room or hall number. Also shown is that seating is free. The user is not restricted to a specific seat or row.
  • the server will receive the request and compile the ticket by means of entered and retrieved data, optionally only after payment has been guaranteed.
  • the digital string in this example contains inter alia the mobile number, the name of the user, ticket number, the event, location, date, time and room or hall, and the number of tickets.
  • the ticket string can contain more data.
  • the server of the website After the server of the website has received the order and the user is in agreement, in this case has also agreed to the payment, the server will begin to compile the ticket on the basis of the ticket string. Encoding, for instance hashing or encryption, is applied on the basis of the ticket string.
  • the user has indicated how he/she wishes to receive the ticket.
  • the ticket with encoded ticket string can be sent electronically, here to the mobile telephone.
  • the ticket is sent by e-mail.
  • Figure 3d shows an e-mail which is received by the user after placing a similar order as described above.
  • the e-mail shows a part of the ticket string.
  • the ticket string is incorporated in the ticket in encoded manner, here consisting of a two- dimensional bar code 110.
  • the user will open and print the ticket. During entry check to the cinema the user shows the printed ticket. During the check the bar code is scanned.
  • the ticket string can derived from the bar code. It will hereby be apparent during a check whether the user gains access to the service.
  • the bar code or (a part of) the ticket string can optionally be stored in the scanner. As a result this ticket cannot be used twice. Because the time of the service is included in the ticket string, the ticket also obtains a determined period of validity.
  • Figure 4 shows an exemplary device which can be used for checking purposes. Shown here is a scanner which is adapted to scan the image shown on the screen of a mobile telephone. The scanner can be coupled to an access gate. This makes it possible to save on staff costs. In another embodiment, after scanning and verification of the validity, staff present are shown for how many people the ticket is valid and how many people must be given access. After scanning and verification it is also possible to indicate who the user should be. Staff can then check the identity of the user. An additional check hereby becomes possible.

Abstract

Method for assessing the access of a user to a service, comprising of - the user presenting a ticket with a code during a check for access to the service, - detecting the code during the check, - verifying the validity of the ticket on the basis of the detected code, - assessing access to the service on the basis of validity, wherein the code of the presented ticket comprises a digital string relating to the service, wherein the validity is verified by checking for the presence of this string in the code.

Description

ACCESS CHECK AND TICKET THEREFOR
The invention relates to a method for assessing the access of a user to a service. The invention further relates to a device for allowing or refusing the user access to a service. It is currently known to monitor the access of a user to a service or an event in that during a check the user presents a ticket, the validity of which is checked. Access is granted if the ticket is valid. The validity of a ticket can be checked or verified for authenticity, for instance by making use of special printing techniques when the tickets are issued.
In so-called mobile ticketing use is made of an electronically sent ticket which is received by the user and which the user then presents when he/she wishes to gain access to the service. According to the prior art such a ticket is provided with a code, for instance in the form of a two-dimensional bar code. Once the ticket with code has been detected, feedback is sent to a server. If this code is registered on the server, access is granted.
In prior art mobile ticketing a coupling to this server, for instance by means of a network, is necessary each time in order to verify the validity of the ticket. The object of the invention is to provide a method and device for granting a user access to a service, wherein this feedback is not necessary, so that the method and device can be applied at locations where no connection to a server is available and/or this connection cannot be established with certainty. According to the invention this object is achieved in that the method comprises of the user presenting a ticket with a code during a check for access to the service. The method preferably further comprises of detecting the code during the check. The method preferably further comprises of verifying the validity of the ticket on the basis of the detected code. The method preferably further comprises of assessing access to the service on the basis of validity. The method is preferably characterized in that the code of the presented ticket comprises a digital string relating to the service, wherein the validity is verified by checking for the presence of this string in the digital code. The ticket itself hereby has a verifiable data in the form of a digital string which is incorporated in the code. The authenticity of the ticket can be determined on the basis of the ticket itself. The digital string is incorporated or processed into the code.
According to the invention access to a service must for instance be understood to mean the entry to events, but it can also be applied for: travel (aeroplane, train, boat) ; parking (for instance reservation for car parks) ; medical prescriptions; issuing coupons for a plurality of applications (gift tokens, discount cards, refreshment vouchers) ; a combination of applications (for instance a cinema ticket with a refreshment voucher in one value bearer) ; entry to buildings (a matrix code, which only gives access to a specific building or a part thereof within a determined time interval, can for instance be sent to an occasional visitor by SMS) ; train tickets are also possible. The user shows the ticket to the conductor. He/she checks the validity. Although the user is in fact already on the train, access is only then actually granted in the sense of the invention.
A ticket according to the invention can be understood to mean a value bearer in a random form, which can preferably be distributed via an electronic channel. An example ticket is a signal which can be sent to the mobile telephone, which signal is displayed as a two-dimensional bar code. The ticket can comprise more than just the code. In addition to the code, the ticket can also comprise characters which can be interpreted by humans. Another example ticket is received via the computer and can be printed on paper by means of a printer. A further example is a signal which is received by the mobile telephone and which can be distributed locally in that the signal is transmitted via a known technique, for instance via Bluetooth and the like.
Tickets can be sent by e-mail, by I-mail, via a wireless or via a wired connection, via a telephone network or via a cable network, etc.
A digital string, in particular a ticket string, comprises or is formed by information which indicates for which purpose the ticket has been generated, such as for instance an indication of the location, date, time, room or hall, row and seat numbers to which the ticket relates. The string comprises at least one, preferably two, and in the preferred embodiment at least three or more indications relating to the service. The string can herein also indicate the number of people having access to the service. Particular features of the people, such as age discount, decreased ability and so on, can be indicated.
Because the string is present in a code of the presented ticket, it is possible to determine that the ticket is valid. Checking for the presence of the string can take place in different ways, for instance on the basis of an algorithm which is executed by means of software. When the presence of the string is confirmed, access can be granted. Such a system can for instance be applied in the distribution of free tickets for a service wherein the use of a ticket is still necessary, for instance for entry to an event which is by invitation only.
According to a preferred embodiment, the method further comprises of deriving the digital string from the detected code. The content of the string can hereby be read. The number of places for which the ticket grants access can be retrieved. According to this preferred embodiment particulars such as age and age discount can further also be retrieved and applied. The invention provides a ticket with a code, wherein the code on the one hand comprises the digital string, which gives further information relating to the particular details of the access, and which on the other hand forms the basis for the verification and validity of this ticket. The use of this dual function is particularly efficient.
An example of a ticket according to the invention is a credit voucher. Such vouchers can be distributed free of charge. The voucher can relate to a product or a service. The specific property of the voucher is included in the ticket string. The content of the credit voucher can even be copied, not only by the issuer of the voucher but also by the recipient/addressee. In another embodiment the voucher is distributed for payment .
According to a further embodiment, presenting of the ticket comprises of making the ticket available locally. The ticket is hereby shown, transmitted, sent or detectable at one location. An access checking device can receive and send the ticket, whereby the checking can take place.
The method preferably comprises of the user receiving the ticket electronically. The ticket can hereby be distributed and requested by the user in simple manner. Loss of the ticket can be countered by requesting and sending the ticket again. Different methods of sending and receiving the ticket electronically are known to the skilled person. The technologies for mobile telephony are used in particular, including GSM, WAP, UMTS and other comparable current systems, as well as possible future systems based on the same principles.
It is further useful that making locally available comprises of sending the ticket electronically during a check and that the electronically sent ticket is detected during the check. An example hereof is sending the ticket through the mobile telephone by means of Bluetooth. Another example is the NFC. In NFC use is not made of visible tickets, such as for instance the matrix or bar code. The ticket is sent via SMS to the NFC telephone and read in wireless manner by means of RFID technology during a check.
The code is preferably compiled on the basis of a ticket string, which ticket string comprises data relating to the service (one or more indications of the service) and the user. It is precisely hereby that a particular digital string is obtained which comprises at least two data, i.e. the service to which access is requested and data relating to the user, which are relevant during the check. Extra verification hereby becomes possible. The name of the user who wishes to gain access can be included in the string and can be verified. By having the user identify him/herself, a second verification can take place during the check for access. In addition, the ticket string for instance indicates which service can be obtained with the ticket.
In a preferred embodiment the ticket string is derived from the detected code. Granting access preferably takes place on the basis of the ticket string. Access is hereby made dependent on the ticket string.
It is further favourable that the method comprises of compiling a ticket string on the basis of data relating to the service and the user, encoding this ticket string and sending the encoded ticket string in the form of the ticket with code to the user. Copying of the ticket is prevented to a certain extent by applying encoding. Encoding prevents other parties being able to form tickets.
The method further comprises of a user providing data for ordering a ticket for access to the service. This can for instance be carried out by means of a website which can be set up in the usual manner as a ticket-ordering service. A known website is www.beep.nl. The user wants to order a ticket and for this purpose enters his/her personal data, as well as the desired indications for the service he/she wishes to order. On the basis of the service ordered and the entered data a ticket string is compiled which is encoded and sent to the user. A system is hereby obtained wherein tickets can be ordered up to the last minute by users in simple manner and at low cost, and without having to wait. A particular form of encoding the ticket string comprises of encoding wherein a hash code is formed on the basis of the ticket string, which code is added to the ticket string so as to obtain the encoded ticket string, and wherein the verification of the validity of the code of the ticket comprises of verifying the added hash code, preferably on the basis of the derived ticket string. An example hereof is the SHA-I hash code which is added to the ticket string. The ticket string itself is then not encrypted. The validity of the ticket can however be determined on the basis of the added hash code.
According to another embodiment, the encoding comprises of applying an encryption on the basis of a key to the ticket string so as to obtain the encoded ticket string or of forming a code with ticket string, and wherein verification of the validity comprises of decrypting the code of the ticket by means of the key, whereby the ticket string is obtained. The key for the hash code or the encryption key is present at the location where the check takes place. This can differ from location to location or from day to day.
The method according to the invention preferably further comprises of storing the ticket string during the check and refusing access to the user of a ticket with the same ticket string. One ticket string can hereby be used only once. The ticket string herein comprises for instance a particular reference code which is unique for each ticket. When it is established that this part of the ticket string is the same as the ticket string of another, previously checked ticket, the ticket can be refused. This will be the case when the ticket has been copied. The ticket preferably also comprises an identification code for identification of the user. These can be different codes which do not have to be included in the ticket string or in the encoding. They may for instance relate to the name, but in an advanced application can relate to biomedical data of the user. In a particular embodiment the code identifies the mobile equipment of the user by means of for instance the SIM card or the telephone number of the mobile device with which the ticket is received and with which the ticket is made locally available. During the check a further verification can hereby take place of the identification code and a locally available check option (of the user) , such as the user him/herself or the mobile device. The identification code which is added to the ticket can for instance be a PIN (personal identification number) code which is encoded in the code of the ticket. The PIN code can be given by the user during the check, whereby an extra verification takes place.
The ticket preferably further comprises a period of validity. The period of validity can form part of the ticket string. It can hereby be determined during a check that the period of validity has expired and that access to the service must be refused. This can for instance relate to access to a building, but also to a ticket for a service such as a train or an aeroplane.
Making the ticket locally available preferably comprises of displaying the received ticket with the code on a screen and detecting the ticket by scanning the screen. A method is hereby obtained wherein the screen of the mobile device can be used and can be scanned.
The invention also relates to a device for allowing or refusing access to a service, comprising a detecting means for detecting a ticket presented locally by a user. The device preferably further comprises a verification means connected to the detecting means for verifying the validity of the detected ticket, and in further preference access means connected to the verification means for granting the user access to the service on the basis of a valid ticket. The invention is preferably characterized in that the presented ticket comprises a digital string relating to the service, and that the verification means has a processing means for determining the validity on the basis of the presence of this string in the presented ticket. A device is hereby obtained which checks the validity through the presence of a digital string with data relating to that service which are present in the ticket. An access device is hereby obtained which verifies tickets on the basis of a code with partially digital content. The device can check the validity of the ticket. The access device can itself then determine the validity independently of a remote device, such as a server, on which registration codes are updated.
The digital string is preferably a ticket string which comprises data relating to the service and the user. Feedback to the service for which access is requested can hereby be verified, and the ticket string can on the other hand be linked to the user.
The detecting means preferably has a deriving means for deriving the digital string from the ticket. The data relating to the service and/or the user can hereby be derived.
The processing means is preferably adapted to encode a digital string and the verification means is adapted to check the validity of the ticket by comparing the ticket to the encoded digital string provided by the processing means. Because the encoding of the ticket string is repeated in the access device, the ticket is once again compiled from the original digital string, in particular the ticket string, and these two can be compared. When these correspond, the ticket is valid and access can be granted.
Preferably applied in the processing means for the encoding is a hash means for compiling a hash code on the basis of the digital string, and the processing means further comprises an adding means for adding the hash code to the digital string. The string is for instance signed with an SHA-I signature and then converted into for instance a matrix code, for instance a two-dimensional matrix code. Software can be used for this purpose, for instance from TEC-IET, an Austrian company specializing in the production of software for diverse types of bar and matrix codes. The application of hashing has the advantage that the digital string itself is not encoded and is or remains readable.
According to another embodiment, or as addition to the described hashing, the processing means comprises an encryption means for encoding the string on the basis of a key. The ticket string itself is hereby encoded. The ticket is compiled, encoded and sent to the user. An example is the so-called triple DES encryption software. The ticket string consists of a number of bytes, for instance 52, which contain information relating to location, room or hall, date, time, row and seat numbers and personal data. The ticket can be converted using software by means of encoding in a standard ECC 200 matrix code. This can be printed after receipt by the user, or be sent to a mobile telephone of the user via SMS or e-mail.
In the device according to the invention validation takes place by means of for instance scanning the matrix code or reading from the LCD display of the mobile telephone or from paper.
The device according to the invention preferably has a memory for registration of the detected ticket and/or the string, a comparing means for comparing the detected ticket and/or string with the content of the memory, coupled to the access means. A device is hereby obtained wherein, when a ticket and/or the string has already been previously detected, it cannot be used again for access to the service. At the checking location the device according to the invention itself updates a checking register for already used tickets/strings .
The access device can further comprise additional identification checking means, such as scanners for checking an identity of the user. The detected identity- can be compared to the identification code incorporated in the ticket, preferably in the code.
The invention will be further described with reference to the accompanying drawings, in which: Figure 1 shows a flow diagram of an embodiment of the invention;
Figure 2 shows a ticket according to an embodiment;
Figures 3a-3d show four steps for obtaining a ticket; Figure 4 shows a checking device according to an embodiment .
Figure 1 shows a flow diagram for the method of the invention. The steps of the flow diagram will be discussed. In step 20 a user wishes to gain access to a determined service such as an event, entry to a building or a ticket, for instance for a means of transport such as the train.
In step 21 data are entered by the user. This will be further illustrated with reference to figure 3. Entering of the data for instance comprises of giving the identity of the applicant, for instance including an account number with which the ticket will be paid, address information and the like.
In a preferred embodiment age and the like are also asked, whereby specific discounts, such as discount for people of 65 and over, can also be determined immediately. In addition, data are entered relating to the desired service. In respect of the service it is possible to indicate how many people must gain access, in particular which people must gain access. In a preferred embodiment four people are for instance granted access with one ticket according to the invention. In another embodiment four different tickets, which are sent to four different people, can be ordered in one order.
Entering the data can be implemented in a manner known to the skilled person, for instance via a website. The visitor to the website can for instance identify him/herself by means of a user name in combination with a password. The website provides different locations to which access can be gained. The user can choose herefrom. The times at which the locations can be accessed are advantageously indicated here. An example here is for instance a cinema ticket. The times at which the cinema ticket is valid can be stated.
On the basis of the input data, as well as on the basis of the data relating to the service ordered, for instance the time at which the film will start at the cinema, a digital string is formed which comprises a number of those data, including for instance a period of validity of the ticket. For a cinema film starting at eight o' clock entry can be gained between seven-thirty and eight-thirty. In a particular embodiment entry into the building in which the film is being shown can also be incorporated in the ticket. In said example this can for instance be from seven o'clock.
A digital string, consisting for instance of several bytes, is in this way made in step 22. Use is made of a determined format. In a particular embodiment the ticket is a combination ticket for different services. The user wishing entry to the cinema can simultaneously make a combination with public transport, for instance with a train ticket, optionally even in combination with a meal or drink. Data relating to various services are then incorporated in one ticket string.
By means of the digital string formed in 22 a ticket can be compiled in step 24 by encoding indicated with step 23. The encoding can proceed via a number of routes, two of which are shown in the flow diagram of figure 1. In 25 the encoding takes place by means of encryption. The digital string is encoded with a key, which is supplied by means of 27, whereby the whole string is modified. The code obtained by the encryption of step 25 comprises the ticket string in preferably non-visible manner. Different encryption techniques can be used. The encryption of the digital string can take place using software, by means of so-called triple DES encryption. The ticket string, a particular form of the digital string, consists of a number of bytes, preferably 52 or 64 bytes containing information relating to location, room or hall, date, time, row and/or seat numbers and/or the number of people for which the ticket is valid.
Another example of the encoding in step 23 is the use of a hash algorithm. The so-called SHA-I hash code can be added via step 26 to the formed digital string 22. On the basis of the digital string the hash is formed and added to the string. In this embodiment the content of the string is possibly visible.
After the encoding in 23 the ticket is compiled in step 24. Compiling of the ticket can for instance take place by combining in step 23 the encoded string with a software-based conversion to a matrix code in the form of a two-dimensional bar code. The matrix code is formed by means of step 28. An example of such a code is the ECC 200 matrix code. Other forms of compiling the ticket are also possible in step 24. The encoded string in step 23 can be converted into an SMS which can be sent to a mobile terminal of a user via known techniques, GSM, UMTS or other cellular networks. The ticket can also be compiled such that a user can send the ticket in the form of a locally transmittable signal, such as Bluetooth or FHS, from the mobile terminal at which he/she received the ticket. The skilled person will be familiar with the techniques necessary for compiling the ticket in step 24. The invention is not limited to the use of the matrix code according to step 28.
In step 29 the ticket is sent to the user. The user does not have to be the same person as the person who requests the ticket in step 20. The ticket can be ordered by a third person and sent as a gift to the actual user. In a particular embodiment free tickets are made available, for instance for an invitation to a gathering. Ordering of the ticket in step 20 can then indicate a group of users. The ticket which is compiled in step 24 is sent for instance to the mobile terminal, i.e. the mobile telephone for instance of the user entered in step 21. In a particular embodiment the ticket is sent to one or more cells of a cellular system. In another embodiment the ticket is sent by post or e-mail or via another distribution system. When sent, the ticket compiled in step 24 is then in the form of a printable message.
In step 30 the ticket is received by the user. Should he/she lose the ticket in step 31, the user can then request the ticket again 32 and the ticket is sent once more to the user via step 29.
As stated above, the ticket can take various forms. During the check which takes place after 50 the ticket will have to be made detectable. This takes place in step 33. Making the ticket detectable can take place in different ways, depending on the form in which the ticket is compiled in step 24. According to a first embodiment the ticket is made physically detectable, for instance by being printed on paper. According to another embodiment the ticket is visualized on for instance the screen of the mobile telephone on which the ticket is received, for instance on the LCD screen of the GSM device of the user. According to yet another embodiment the ticket is sent in local manner in 36, for instance via FHS or Bluetooth. At the moment he/she wishes to be checked for access the user must initiate transmission of the signal. In a preferred embodiment a period of validity is incorporated in the ticket. When the receiving unit has received the ticket and for instance derives the digital string, the period of validity can be determined, whereby enabling and disabling of providing local availability of the ticket takes place automatically, for instance in the GSM or other mobile device of the user.
After 50 the ticket is made available by the user and can be detected. In step 37 the user presents the ticket with code for access check. In step 38 the code or other parts of the ticket are detected during a check.
In the shown embodiment the digital string formed in step 22 is derived once again in step 39. In the shown embodiment this can take place in two ways. For instance via step 40, by deriving the ticket string from the code detected in 38 since this code is directly detectable, for instance because use is made of encoding in step 23 in the form of a hash code. In another embodiment the ticket string is derived in step 41 by means of decryption which is present in the form of step 42. During a check, key 27 is present in reverse manner, whereby decryption can be carried out. By applying decryption to the detected code in 38, the string is for instance obtained in its original form. Deriving the ticket locally in the access device can be/become the subject of a divisional application.
Other steps can be performed additionally or instead, for instance deriving of the encoded string from a bar code. In the (ticket) string derived in step 40 it is possible to determine the validity of the ticket string in step 43 in that during the check the encoded string is once more compiled in the same way, on the basis of the digitally detected string, by means of encoding. In step 44 the code is computed again on the basis of the detected string. In step 43 the code computed in step 44 is compared to the code detected in step 38. If they correspond, access is granted via step 45. When the computed code 44 does not correspond with the code detected in step 38, access is not granted 46. In another embodiment the string 41 derived from code 38 is for instance verified in step 47. The derived string must conform to a number of characteristics. If these characteristics are present the validity of the string is established and access 45 can be granted. When the characteristics are not present, access is not granted 46. The name of the service in the string must for instance correspond with the service for which access is requested.
The detected code 38 and/or the derived ticket string 39 can be stored 48 independently of the validity of the ticket. A second verification is hereby obtained. When code 38 has already been stored previously in a step 48, access is not granted 46 during the check in step 43. The detected code has after all already been used before. The skilled person will be familiar with known registers in which such codes can be stored. An identification check of the user is carried out in step 49. The user can for instance be asked for his/her passport or other proof of identification. This must correspond with the user data incorporated in the ticket string. If they are not the same, access cannot be granted. Access can be granted 45 when identification 49 does correspond with the data from the derived string.
Step 49 can comprise of scanning a biometric feature. The access device for instance comprises a scan. The scan is compared to an identification code which is incorporated in the ticket and can be read. In addition, the user can be asked for a pin code which the user has given when ordering. After being entered, the pin code is compared to a code in the ticket.
The flow diagram of figure 1 shows a number of variants. In addition, not all steps of the flow diagram as shown in figure 1 are necessary for the method according to the invention. It need not be the user who enters data when ordering. Ordering is not essential. In some cases copying of the ticket is allowed. This is the case for instance for a ticket which provides access to an event with free entry. Encoding is not essential, likewise when a ticket is involved which may be copied and may be transferred by the user.
Compiling of the ticket can take place in very diverse ways. What is essential is that the ticket comprises the string in encoded or directly visible form. The verification of the validity of the ticket can be carried out due to the presence of the string in digital form in a code, which code can take diverse forms, for instance the two-dimensional bar code. The check on the basis of an additional identification means and the check by means of a memory in which previous tickets are stored are embodiments. Figure 2 shows an example ticket. The ticket is shown as it is received by the mobile telephone of a user. The ticket is sent electronically to the mobile terminal via the ether, via a cellular network. The message can be a short message service provided with a figure, or can be sent as an electronic signal which is interpreted by the mobile device and displayed as a two- dimensional bar code, as shown. The ticket can comprise more information than just this part. The ticket can also have a written message, which indicates the purpose of the ticket and other data relating to the service/event for which the ticket is intended. It is hereby apparent to the user which ticket is intended for what purpose. The ticket can for instance have a title. With the tickets according to the embodiment of figure 2 the digital string and other data incorporated in the ticket can be encoded in unique manner. The ticket or the part of the ticket formed by the shown bar code is the code in which the digital string according to the invention is incorporated. In this case the digital string is not "visible". The content of the digital string can be derived by detecting the code, in this example scanning it with a device as shown in figure 4, wherein the shown code is converted into a digital form. Usual means can be used for this purpose. The conversion can take place using software.
The digital string can therefore be derived from the code when the steps for forming the ticket are reversed. This is particularly the case for encryption and decryption. In another embodiment the two- dimensional bar code is converted into a digital code from which the ticket string can be read directly. In this case hashing can for instance be performed on the ticket string in order to establish whether the signature added to the string is valid. Figure 3a shows a detect of a screen of a website via which tickets according to the invention can be ordered. The entry field for the personal data of a user is shown. Figure 3a shows the entry screen for the profile of a user. The user enters his/her mobile telephone number in 80. The brand name and type of the mobile device are entered in 81 and 82 respectively. The server which will compile and send the ticket to this mobile device can hereby take account of the features of the mobile device. The ticket can be compiled subject to the technical features of the receiving device.
Personal data of a user, such as name, address, are entered at reference numerals 83-88. These data become part of a profile which is stored on the server of the website and which can be retrieved and/or modified by a user at any later point in time by means of a combination of user name and password.
An option feature for the method of payment is designated at 89. In 89 the user can choose from different methods of payment, for instance via credit card. Agreement with the general conditions can be indicated in 90.
Figure 3b shows an ordering screen of the website. After a user has registered in the form of a created or retrieved profile, the user can order specific tickets from a selection. A cinema film and a date are designated here with 91 and 92. The location and name of the cinema are entered or displayed in 93 and 94. The options are shown on the screen in clear manner 95. The user can order a number of tickets by entering a determined number 96. A plurality of tickets can thus be ordered and generated with a single order. The tickets are ordered by entering the order by means of 97.
Figure 3c shows an outline of the ordered ticket. This is in fact a part of the digital string which is sent together with the ordered ticket according to the invention. The mobile number to which the ticket will be sent is once again shown in 100. The ticket has been given a number 101. 102 shows an outline of the details relating to the ticket and the service ordered. 103 shows the room or hall number. Also shown is that seating is free. The user is not restricted to a specific seat or row.
104 shows that a total of one ticket has been ordered. In addition, the costs are indicated. The user will agree to the payment by operating button 105. The server will receive the request and compile the ticket by means of entered and retrieved data, optionally only after payment has been guaranteed. The digital string in this example contains inter alia the mobile number, the name of the user, ticket number, the event, location, date, time and room or hall, and the number of tickets. The ticket string can contain more data. After the server of the website has received the order and the user is in agreement, in this case has also agreed to the payment, the server will begin to compile the ticket on the basis of the ticket string. Encoding, for instance hashing or encryption, is applied on the basis of the ticket string. The user has indicated how he/she wishes to receive the ticket. The ticket with encoded ticket string can be sent electronically, here to the mobile telephone. In another embodiment the ticket is sent by e-mail. Figure 3d shows an e-mail which is received by the user after placing a similar order as described above. The e-mail shows a part of the ticket string. In addition, the ticket string is incorporated in the ticket in encoded manner, here consisting of a two- dimensional bar code 110. The user will open and print the ticket. During entry check to the cinema the user shows the printed ticket. During the check the bar code is scanned. The ticket string can derived from the bar code. It will hereby be apparent during a check whether the user gains access to the service. The bar code or (a part of) the ticket string can optionally be stored in the scanner. As a result this ticket cannot be used twice. Because the time of the service is included in the ticket string, the ticket also obtains a determined period of validity.
Figure 4 shows an exemplary device which can be used for checking purposes. Shown here is a scanner which is adapted to scan the image shown on the screen of a mobile telephone. The scanner can be coupled to an access gate. This makes it possible to save on staff costs. In another embodiment, after scanning and verification of the validity, staff present are shown for how many people the ticket is valid and how many people must be given access. After scanning and verification it is also possible to indicate who the user should be. Staff can then check the identity of the user. An additional check hereby becomes possible.

Claims

1. Method for assessing the access of a user to a service, comprising of (1) - the user presenting a ticket with a code during a check for access to the service,
(2) - detecting the code during the check,
(3) - verifying the validity of the ticket on the basis of the detected code, (4) - assessing access to the service on the basis of validity, characterized in that the code of the presented ticket comprises a digital string relating to the service, wherein the validity is verified by checking for the presence of this string in the code.
2. Method as claimed in claim 1, characterized in that the method further comprises of
(5) - deriving the string from the detected code.
3. Method as claimed in claim 1 or 2, characterized in that presenting of the ticket comprises of making the ticket available locally.
4. Method as claimed in any of the foregoing claims, characterized in that the method further comprises of (6) - the user receiving the ticket electronically.
5. Method as claimed in claim 4, characterized in that making locally available comprises of sending the ticket electronically and that detecting of the ticket comprises of receiving the electronically sent ticket.
6. Method as claimed in any of the foregoing claims, characterized in that the code is compiled on the basis of a ticket string, which ticket string comprises data relating to the service and the user.
7. Method as claimed in claim 6, characterized in that the string derived from the detected code forms the ticket string.
8. Method as claimed in claim 6 or 7, characterized in that granting access takes place on the basis of the ticket string.
9. Method as claimed in any of the claims 6-8, characterized in that the method further comprises of
(7) - compiling a ticket string on the basis of data relating to the service and the user,
(8) - encoding the ticket string,
(9) - sending the encoded ticket string in the form of the ticket with code to the user.
10. Method as claimed in claim 9, characterized in that the method further comprises of
(10) - a user providing data for ordering a ticket for access to a service.
11. Method as claimed in claim 9 or 10, characterized in that the encoding comprises of forming a hash code on the basis of the compiled ticket string, and adding the hash code to the ticket string so as to obtain the encoded ticket string, wherein the verification of the validity of the code of the ticket comprises of verifying the added hash code together with the ticket string.
12. Method as claimed in claim 9 or 10, characterized in that the encoding comprises of applying an encryption of the ticket string on the basis of a key so as to obtain the encoded ticket string, and wherein verification of the validity comprises of decrypting the ticket by means of the key whereby the ticket string is also obtained.
13. Method as claimed in any of the claims 6-12, characterized in that the method further comprises of (11) - storing the ticket string during the check and refusing access to the user of a ticket with the same ticket string.
14. Method as claimed in any of the foregoing claims, characterized in that the ticket also comprises an identification code for identification of the user.
15. Method as claimed in any of the foregoing claims, characterized in that the ticket further comprises a period of validity.
16. Method as claimed in any of the foregoing claims, characterized in that the ticket is shown on a screen and is detected by scanning the ticket.
17. Device for allowing or refusing access to a service, comprising
- a detecting means for detecting a ticket presented locally by a user,
- a verification means connected to the detecting means for verifying the validity of the detected ticket, and
- access means connected to the verification means for granting the user access to the service on the basis of a valid ticket, characterized in that the presented ticket comprises a digital string relating to the service, and that the verification means has a processing means for determining the validity on the basis of the presence of this string.
18. Device as claimed in claim 17, characterized in that the string is a ticket string which comprises data relating to the service and the user.
19. Device as claimed in claim 17 or 18, characterized in that the detecting means has a deriving means for deriving the digital string from the ticket.
20. Device as claimed in any of the claims 17-19, characterized in that the processing means is adapted to encode the digital string and the verification means for checking the validity of the ticket compares the ticket to the encoded digital string provided by the processing means .
21. Device as claimed in claim 20, characterized in that the processing means comprises a hash means for compiling a hash code on the basis of the digital string, and an adding means for adding the hash code to the digital string.
22. Device as claimed in claim 20, characterized in that the processing means comprises an encryption means for encoding the string on the basis of a key.
23. Device as claimed in any of the claims 17-22, characterized in that the device comprises a memory for registration of the detected ticket and/or the string, a comparing means for comparing the detected ticket and/or string with the content of the memory, coupled to the access means.
24. System for granting a user access to a service, comprising:
- a ticket device which can be carried by a user and provided with an exchange unit with an input means for receiving a message and an output means for locally outputting the message, and
- a device as claimed in any of the claims 17-23.
25. System as claimed in claim 24, characterized in that the system further comprises: - an ordering means provided with input means for input by the user of data for ordering an entry ticket for an event and output means for sending these data,
- a sales device provided with an exchange unit with input means for receiving the data inputted on the ordering means, - processing means for processing the data and forming a ticket string on the basis of the data,
- encoding means for encoding the formed ticket string on the basis of a key, and - output means for sending the encoded ticket string to the portable ticket device.
PCT/NL2006/000321 2005-06-30 2006-06-28 Access check and ticket therefor WO2007004865A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP06757814A EP1899923A1 (en) 2005-06-30 2006-06-28 Access check and ticket therefor

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
NL1029388 2005-06-30
NL1029388A NL1029388C2 (en) 2005-06-30 2005-06-30 Access control and ticket therefor.

Publications (1)

Publication Number Publication Date
WO2007004865A1 true WO2007004865A1 (en) 2007-01-11

Family

ID=36968218

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/NL2006/000321 WO2007004865A1 (en) 2005-06-30 2006-06-28 Access check and ticket therefor

Country Status (3)

Country Link
EP (1) EP1899923A1 (en)
NL (1) NL1029388C2 (en)
WO (1) WO2007004865A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2449284A (en) * 2007-05-17 2008-11-19 Yourrail Ltd Mobile ticket authentication
EP2088561A1 (en) * 2008-02-08 2009-08-12 SkiData AG Method for carrying out customer loyalty programs
EP2759970A1 (en) * 2013-01-25 2014-07-30 Bonwal OY Verifying the validity of an electronic ticket
EP2922010A3 (en) * 2013-11-15 2015-10-21 Robert Culyer Digital voucher authentication
CN110909519A (en) * 2019-11-18 2020-03-24 湖南一路畅行互联科技有限公司 Bill dynamic code generation method based on time limitation

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020023027A1 (en) * 2000-08-18 2002-02-21 Grant Simonds Method and system of effecting a financial transaction
WO2003098503A1 (en) * 2002-05-21 2003-11-27 Nokia Corporation A method and a device for providing digital tickets in a mobile communications environment
GB2390211A (en) * 2002-06-29 2003-12-31 Prepayment Cards Ltd Ticket and authentication data stored on portable handset
DE202004013762U1 (en) * 2004-09-03 2004-11-11 Mega-Tel Ag/Sa Electronic ticket, e.g. for travel or entertainment, provision and checking system, comprises a ticket center and a connecting mobile terminal that has means for visualizing an encrypted part of an electronic ticket

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020023027A1 (en) * 2000-08-18 2002-02-21 Grant Simonds Method and system of effecting a financial transaction
WO2003098503A1 (en) * 2002-05-21 2003-11-27 Nokia Corporation A method and a device for providing digital tickets in a mobile communications environment
GB2390211A (en) * 2002-06-29 2003-12-31 Prepayment Cards Ltd Ticket and authentication data stored on portable handset
DE202004013762U1 (en) * 2004-09-03 2004-11-11 Mega-Tel Ag/Sa Electronic ticket, e.g. for travel or entertainment, provision and checking system, comprises a ticket center and a connecting mobile terminal that has means for visualizing an encrypted part of an electronic ticket

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
DONAL O'MAHONY, MICHAEL PEIRCE AND HITESH TEWARI: "Electronic payment systems", 1997, ARTECH HOUSE INC., ISBN: 0-89006-925-5, XP002399508 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2449284A (en) * 2007-05-17 2008-11-19 Yourrail Ltd Mobile ticket authentication
EP2088561A1 (en) * 2008-02-08 2009-08-12 SkiData AG Method for carrying out customer loyalty programs
EP2759970A1 (en) * 2013-01-25 2014-07-30 Bonwal OY Verifying the validity of an electronic ticket
EP2922010A3 (en) * 2013-11-15 2015-10-21 Robert Culyer Digital voucher authentication
CN110909519A (en) * 2019-11-18 2020-03-24 湖南一路畅行互联科技有限公司 Bill dynamic code generation method based on time limitation

Also Published As

Publication number Publication date
EP1899923A1 (en) 2008-03-19
NL1029388C2 (en) 2007-01-04

Similar Documents

Publication Publication Date Title
US11232670B2 (en) Identification verification system
CA2577190C (en) Method and system for access verification within a venue
US8346580B2 (en) System and method for managing transfer of ownership rights to access to a venue and allowing access to the venue to patron with the ownership right
AU2007329308B2 (en) Methods and systems for access control using a networked turnstele
AU2001252615B2 (en) Method for attaching authentication bar code, authentication method, apparatus for attaching authentication bar code, authentication apparatus and portable terminal
WO2003100696A1 (en) Positive identification system and method
WO2007004865A1 (en) Access check and ticket therefor
JP4621521B2 (en) Electronic ticket system using mobile phone
TWI495321B (en) Qr code authentication system combining dynamic passwords and method thereof
JP2003167972A (en) Ticket reservation management method and device therefor, program therefor, and ticket reservation confirmation method
JP2004206703A (en) Authentication system and authentication method using code, and service provision device
JP2004072312A (en) Authentication method using mobile communication terminal
KR100386790B1 (en) Identity Certification and Ticketting System Using Internet
JP7142185B1 (en) Check-in system, check-in method and program
KR20050031218A (en) Method for perchasing in advance on line

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2006757814

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE