CLIAMS:What is claimed is:
1. A method for granting permission to use a software product on a mobile device associated with a user, the method comprising:
a. sending a first serial key to the mobile device associated with the user;
b. receiving identity information of the mobile device, wherein the identity information is sent by the mobile device user entering the first serial key on the mobile device;
c. comparing the received identity information of the mobile device with a stored plurality of identity information associated with a plurality of mobile devices stored; and
d. sending a second serial key on detecting originality, wherein the second serial key grants permission to use the software product on the mobile device of the user.
2. The method as claimed in claim 1, wherein the method further comprises storing the identity information in the subscription register on finding originality.
3. The method as claimed in claim 1, wherein the method further comprises receiving a subscription request, and wherein the subscription request comprises mobile subscriber integrated services digital network-number (MSISDN) of the mobile device associated with the user.
4. The method as claimed in claim 1, wherein the identity information of the mobile device comprises the international mobile subscriber identity (IMSI) number of the user and international mobile equipment identity (IMEI) number of the mobile device.
5. A system for providing access to a software product on a mobile device, the system comprising:
a. a transmitter configured to:
i. send a first serial key to a mobile device; and
ii. send a second serial key to the mobile device, wherein the second serial key provides access to the software product on the mobile device;
b. a receiver configured to receive identity information of the mobile device; and
c. an comparator configured to compare the received identity information of the mobile device.
6. The system as claimed in claim 5, further comprising a subscription register configured to store the identity information of the mobile device.
7. The system as claimed in claim 5, wherein the receiver is configured to receive a subscription request, the subscription request comprising mobile subscriber integrated services digital network-number (MSISDN).
8. The system as claimed in claim 5, wherein the identity information comprises the international mobile subscriber identity (IMSI) number of the user and international mobile equipment identity (IMEI) number of the mobile device.
,TagSPECI:SYSTEM AND METHOD FOR LICENSE VERIFICATION OF A MOBILE APPLICATION

FIELD OF THE INVENTION
[0001] The present invention relates to mobile applications and in particular, it relates to license verification of mobile applications.
BACKGROUND
[0002] Mobile phones have become articles of everyday use as they provide users with ever more sophisticated features and services such as, music downloads and video streaming, through various mobile applications. Mobile application is a software application designed to run on mobile devices. Mobile applications are usually available through application distribution platforms such as Google PlayTM, Apple App StoreTM, Windows Phone StoreTM and the like. These distribution platforms are based on the Internet. The increase in distribution of mobile applications over the Internet raises security concerns such as unauthorized redistribution and hacking. One of the methods of reducing the security risks is licensing of the mobile application.
[0003] A mobile application license is a legal instrument governing the use, modification and redistribution of the mobile application. A typical mobile application license provides the end user permission to use the application. In addition, licensing mechanism is used for revenue generation. Traditionally, mobile application had been widely distributed electronically through shareware or trial versions. However, these versions did not succeed in generating revenue because of applications that crack or patch the mobile application and allow unrestricted use. Therefore, the user could continue using the mobile application after the trial period had ended, without purchasing the license.
[0004] Currently, licensing schemes are enforced through mobile application itself. A license key is stored inside the mobile application. A graphical user interface (GUI) of the mobile application compares a user-entered key with the stored key. If a match is detected, the mobile application allows the user unrestricted access to all its features. However, this method is vulnerable to security attacks such as a third party hacking into the mobile application to retrieve the license key for unauthorized redistribution of the mobile application.
[0005] EP1819124A1 describes a method for mobile application license verification. This method uses a verification server that receives a request for a service. The request includes identity information associated with a subscriber identity module (hereinafter referred to as SIM) of the user. The verification server then verifies and stores the identity information. Further, the method also compares a user entered key with a stored key to provide access to the application. However, this method uses only one verification key, which is stored in the verification server. This increases the risk of a third party hacking the verification server and retrieving the key for fraudulent authentication. In addition, this method verifies only the SIM associated with the user. This allows the user to use a different SIM and re-register the application with no provision for the verification to detect the duplication of the mobile application.
[0006] EP1936526A1 describes a system for mobile application license verification. This system consists of a verification server that verifies a request for service. The request includes identity information associated with a SIM and identity information related to the hand held device of the user. However, the system does not store the identity information, allowing the user to re-register the mobile application thereby increasing the risk of duplication. In addition, this system does not use any key-based verification thereby increasing the risk of fraudulent authorizations.
[0007] In light of the above discussion, there is a need for a method and a system that would overcome above-mentioned disadvantages.
SUMMARY OF THE INVENTION
[0008] The above-mentioned shortcomings, disadvantages and problems are addressed herein which will be understood by reading and understanding the following specification.
[0009] In embodiments, the present invention provides a method for granting permission to use a software product on a mobile device associated with a user, the method includes sending a first serial key to the mobile device associated with the user. In addition, the method includes receiving identity information of the mobile device, wherein the identity information is sent by the mobile device on the user entering the first serial key on the mobile device. In addition, the method includes comparing the received identity information of the mobile device with a plurality of identity information of a plurality of mobile devices stored. In addition, the method includes sending a second serial key on detecting originality, wherein the second serial key is for granting permission to use the software product on the mobile device of the user.
[0010] In an aspect, the invention provides a method for storing the identity information in the subscription register upon authentication. In yet another aspect, the invention provides a method for receiving a subscription request. In yet another aspect, the subscription request includes mobile subscriber integrated services digital network-number (MSISDN) of the mobile device associated with the user.
[0011] In yet another aspect, the identity information of the mobile device includes the international mobile subscriber identity (IMSI) number of the user and international mobile equipment identity (IMEI) number of the mobile device.
[0012] In yet another aspect, the invention provides a system for providing access to a software product on a mobile device, the system including a transmitter configured to send a first serial key to a mobile device send a second serial key to the mobile device, wherein the second serial key provides access to the software product on the mobile device. In yet another aspect, the present invention provides a receiver configured to receive identity information of the mobile device. In yet another aspect the invention provides a comparator configured to compare the received identity information of the mobile device.
[0013] In yet another aspect, the invention provides a subscription register configured to store the identity information of the mobile device. In yet another aspect the invention provides a system wherein the receiver is configured to receive a subscription request, the subscription request include mobile subscriber integrated services digital network-number (MSISDN). In yet another aspect, the identity information includes the international mobile subscriber identity (IMSI) number of the user and international mobile equipment identity (IMEI) number of the mobile device.
[0014] Systems and methods of varying scope are described herein. In addition to the aspects and advantages described in this summary, further aspects and advantages will become apparent by reference to the drawings and with reference to the detailed description that follows.
BRIEF DESCRIPTION OF THE DIAGRAMS
[0015] Figure 1 illustrates a system for validating a license of a software product in accordance with various embodiments of the present invention;
[0016] Figure 2 illustrates a block diagram of an authentication system in accordance with various embodiments of the present invention;
[0017] Figure 3 illustrates a flowchart for validating a license of a software product in accordance with various embodiments of the present invention;
[0018] Figure 4 illustrates a flowchart for authenticating a mobile identity of a mobile device in accordance with various embodiments of the present invention;
[0019] Figure 5 illustrates a sequence diagram for validating a license of a software product in accordance with various embodiments of the present invention;
[0020] Figure 6 illustrates a screenshot of the mobile device on sending the identity information in accordance with various embodiments of the present invention; and
[0021] Figure 7 illustrates a screenshot of the mobile device on receiving a serial key in accordance with various embodiments of the present invention.
DETAILED DESCRIPTION OF THE INVENTION
[0022] In the following detailed description, reference is made to the accompanying drawings that form a part hereof, and in which is shown by way of illustration specific embodiments, which may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the embodiments, and it is to be understood that other embodiments may be utilized and that logical, mechanical, electrical and other changes may be made without departing from the scope of the embodiments. The following detailed description is, therefore, not to be taken in a limiting sense.
[0023] Figure 1 illustrates a system 100 for validating a license of a software product in accordance with various embodiments of the present invention. A user 104 interacts with an authentication system 102 to perform a transaction. In an embodiment, the user 104 is a customer who purchases a software product. Examples of the software product are but may not be limited to an operating system, interactive games, office suites and the like. The authentication system 102 validates the license of the software product that the user 104 purchases. In addition, the authentication system 102 ensures that the license of the software product is validated only once.
[0024] In another embodiment, the user 104 is a voter who registers himself or herself in a valid voter list. Examples of a voter include but may not be limited to an employee giving a feedback, a viewer voting for a contestant, a citizen voting for assembly election and the like. The authentication system 102 is a voting management system that registers the voter. In addition, the voting management system provides the voter an interface for electronic voting. In addition, the voting management system ensures that the voter can cast his or her vote only once.
[0025] In yet another embodiment, the user 104 is a patient or nominee who uses a prescription to purchase medicine. Examples of a prescription include but may not be limited to a QR code containing medicine details, a link to a web page containing the medicine details and the like. The authentication system 102 is a server that registers the patient or nominee. In addition, the server provides access to the medicine that the patient or the nominee wants to purchase. In addition, the server ensures that a patient can purchase medicines with a prescription only once.
[0026] In context of the present invention, the authentication system 102 is a server. In an embodiment, the authentication system 102 includes an interactive platform where the user 104 selects a software product from a list of available software products. Examples of the interactive platform include but may not be limited to web based portals, Wireless Application Protocol (WAP) based portals, mobile application and Interactive Voice Response (IVR). The server processes the transaction by communicating with a mobile device 106 associated with the user 104.
[0027] In an embodiment, as mentioned above, the authentication system 102 is a web-based system that provides a list of candidates. The user 104 sends his or her vote via the mobile device 106 associated with the user 104. In another embodiment, the authentication system 102 is a text-based system. The user 104 casts his or her vote by sending a text message to the authentication system102 via the mobile device 106.
[0028] In another embodiment, the authentication system 102 sends a QR code containing the prescription to the mobile device 106 associated with the user 104. The authentication system 102 authenticates the user 104 and provides access to the required medicine.
[0029] In the context of the present invention, the mobile device 106 refers to a handheld electronic device that communicates with the authentication system 102 via a telecommunication infrastructure. Examples of the mobile device 106 include but may not be limited to a cell phone, a smart phone, a personal digital assistant (PDA), a wireless email terminal, a laptop, and a tablet computer. In context of the present invention, the telecommunication infrastructure refers to a telecommunication network. The mobile device 106 communicates with the authentication system 102 via the telecommunication network. Examples of the types of telecommunication network include but may not be limited to a global system for mobile communication (GSM) network, a general packet radio service (GPRS) network, a code division multiple access (CDMA) system, enhanced data GSM environment (EDGE) and wideband CDMA (WCDMA).
[0030] Figure 2 illustrates a block diagram 200 of the authentication system 202 in accordance with various embodiments of the present invention. The authentication system 202 includes a receiver 204. The receiver 204 receives a subscription request from the mobile device 106. The user 104 uses an interactive platform to input his or her credentials into the registration request. Examples of credentials may include but may not be limited to postal information, username and the like. In addition, the subscription request includes Mobile Subscriber Integrated Services Digital Network-Number (hereinafter referred to as MSISDN) associated with the mobile device 104.
[0031] In addition, the authentication system 202 includes a transmitter 206. The transmitter 206 sends serial key to the mobile device 104. A first serial key is sent to the mobile device 104 on receiving the subscription request form the mobile device 104.
[0032] In addition, the authentication system 202 includes a comparator 208. The comparator 208 compares the received MSISDN with a plurality of MSISDNs associated with a plurality of mobile devices. The plurality of MSISDNs associated with the plurality of mobile devices is stored in a subscription register 210.
[0033] In an embodiment, the subscription register 210 is a storage module. Examples of the storage module include but may not be limited to a compact disc, magnetic tape, silicon storage devices and the like.
[0034] In addition, the receiver 204 is configured to receive the mobile identity of the mobile device 106. The mobile identity refers to a digital identity provided via the mobile device 106 and a communication networks. In an embodiment, the mobile identity is an identity code unique to the mobile device 106. Examples of the identity code include but may not be limited to an International Mobile Subscriber Identity (IMSI), Mobile Subscriber Integrated Services Digital Network-Number (MSISDN), International Mobile Equipment Identity (IMEI) and a mobile digital signature of the mobile device 106. In an example, a key generator present on the mobile device 106 generates the identity code. The identity code is used to identify the mobile device 106 uniquely.
[0035] In addition, the comparator 208 is configured to compare the received mobile identity with a plurality of mobile identities stored in the subscription register 210. If the received mobile identity is not present in the subscription register, the received mobile identity is stored.
[0036] In addition, the transmitter 206 is configured to send a second serial key on the received mobile identity being stored in the subscription register. In addition, if the received mobile identity is present in the subscription register 210, the transmitter 206 sends a message to the mobile device 106 denying access.
[0037] Figure 3 illustrates a flowchart 300 for validating a license of a software product in accordance with various embodiments of the present invention. The flowchart 300 initiates at step 302.
[0038] As explained above, at step 304, the authentication system 102 sends a first serial key to the mobile device 104. Subsequently, on the user 104 entering the first serial key in the mobile device 106, the mobile device 106 sends the mobile identity to the authentication system 102. In an embodiment, the authentication system 102 sends the first serial key on receiving a subscription request. The subscription request includes the MSISDN of the mobile device 106.
[0039] As explained above, at step 306, the authentication system 102 receives the mobile identity of the mobile device 106. As explained above, the mobile identity refers to a digital identity provided via the mobile device 106 and a communication networks. In an embodiment, the mobile identity is an identity code unique to the mobile device 106. Examples of the identity code include but may not be limited to an International Mobile Subscriber Identity (IMSI), Mobile Subscriber Integrated Services Digital Network-Number (MSISDN), International Mobile Equipment Identity (IMEI) and a mobile digital signature of the mobile device 106. In an example, a key generator present on the mobile device 106 generates the identity code. The identity code is used to identify the mobile device 106 uniquely.
[0040] As explained above, at step 308, the comparator 208 of the authentication system 102 compares the received mobile identity with the mobile identities stored in the subscription register 210. On a match not being found, the received mobile identity is stored in the subscription register 210.
[0041] As explained above, at step 310, the transmitter 206 of the authentication system 102 sends a second serial key to the mobile device 106 on the comparator 208 not finding any match of the received mobile identity. Subsequently, on the comparator 208 finding a match of the received mobile identity, the authentication system 102 denies access to the software product. The authentication system 102 provides access to the software product on the user 104 entering the second serial key in the mobile device 106. The flowchart 300 terminates at step 312.
[0042] Figure 4 illustrates a flowchart 400 for authenticating a mobile identity of a mobile device in accordance with various embodiments of the present invention. The flowchart 400 initiates at step 402. As explained above, at step 404 the authentication system 102 receives the mobile identity of the mobile device 106. As explained above, at step 406, the comparator 208 compares the received mobile identity with the plurality of mobile identities stored in the subscription register 210. If the received mobile identity is found in the subscription register 210, the flowchart terminates 400 at step 410. If the received mobile identity is not found in the subscription register, at step 408 the authentication system 102 sends a second serial key to the mobile device 106.
[0043] Figure 5 illustrates a sequence diagram 500 for validating a license of a software product in accordance with various embodiments of the present invention. The sequence diagram 500 has two participants: a user 502 and an authentication system 504. The user 502 sends a subscription request 506 to the authentication system 504. The subscription request 506 includes the MSISDN of a mobile device associated with the user 502. At step 508, the authentication system 504 registers the MSISDN of the mobile device associated with the user 502. The authentication system 504 sends a serial key 510 to the user 502. At step 512, the user 502 enters the received serial key 510 in the mobile device associated with the user 502. The user 502 sends mobile identity 514 of the mobile device associated with the user 502 to the authentication system 504. At step 516, the authentication system 504 compares the received mobile identity with a stored plurality of mobile identities of a plurality of mobile devices. On a match not being found, the authentication system 504 sends a second serial key 518 to the user 502. On a match being found, the authentication system 504 denies the user 502 the access to the software product. At step 520, the user 502 enters the received second serial key. At step 522, the authentication system 504 stores the received mobile identity.
[0044] Figure 6 illustrates a screenshot 600 of the mobile device 602 on sending the identity information in accordance with various embodiments of the present invention. The button 604 is for sending the identity information to the authentication system 102.
[0045] Figure 7 illustrates a screenshot 700 of the mobile device 702 on receiving a serial key in accordance with various embodiments of the present invention. The button 704 is for submitting the received serial key. A person skilled in the art will be able to appreciate that this figure is valid for both the received keys.
[0046] This written description uses examples to describe the subject matter herein, including the best mode, and also to enable any person skilled in the art to make and use the subject matter. The patentable scope of the subject matter is defined by the claims, and may include other examples that occur to those skilled in the art. Such other examples are intended to be within the scope of the claims if they have structural elements that do not differ from the literal language of the claims, or if they include equivalent structural elements with insubstantial differences from the literal language of the claims.