WO2015170363A1 - Confirming trusted locations of users using wireless tag identifications - Google Patents

Abstract

A server may receive a report from a mobile terminal. The report may include a tag identification (ID) of a tag received by the mobile terminal through a wireless transmission from the tag. The tag ID may be compared to a set of tag IDs associated with a trusted geographic location. A trusted location confirmation may be generated indicating the mobile terminal is in an area defined based on the trusted geographic location responsive to a determination that the tag ID is included in the set of tag IDs associated with the trusted geographic location. The trusted location confirmation may be sent to an application configured for the trusted geographic location.

Description

TRUSTED LOCATIONS OF USERS

Embodiments of this invention relate to tags and tag readers.

Radio Frequency Identification (RFID) tags may be embedded in or attached to items that can store identification information and other details. Tags may be small devices, such as a label, with a miniature embedded antenna. A tag reader may interrogate the tag by transmitting an RFID signal, which energizes the embedded antenna to provide power for the tag to transmit a responsive RFID signal to the reader. Some tags may have a power source and/or circuitry to provide transmissions or broadcasts to be picked up by tag readers. Tag readers may be mobile terminals and may receive transmissions from tags and report the transmissions to a server in a network cloud.

Some applications or services may be provided to users that are at a specific geographic location at a specific time. For instance, a mobile application for saving a place in a queue at a busy bank may only permit those who are actually present in the bank to make use of the application. However, some users may try to take advantage of such a service or fake the locations.

Summary

Embodiments of the present invention provide for methods, systems and computer program products to confirm that a user's mobile device is at a specific geographic location.

According to some embodiments of the present invention, a server may include a processor and a memory coupled to the processor and comprising computer readable program code embodied in the memory that when executed by the processor causes the processor to perform operations. The operations may include receiving a report from a mobile terminal. The report may include a tag identification (ID) of a tag received by the mobile terminal through a wireless transmission from the tag. The report may also include a reported geographic location of the mobile terminal. The operations may also include comparing the tag ID to a set of tag IDs associated with a trusted geographic location and generating a trusted location confirmation indicating the mobile terminal is in a geographic area defined based on the trusted geographic location responsive to a determination that the tag ID is included in the set of tag IDs associated with the trusted geographic location. The operations may further include sending the trusted location confirmation to an application, on the mobile terminal or another computing device, configured for the trusted geographic location.

According to some embodiments, the operations may further include generating the set of tag IDs for transmission by the tag and providing the set of tag IDs to the tag.

According to some embodiments, the operations may also include receiving registration information associating the set of tag IDs with the trusted geographic location and storing the set of tag IDs as being associated with the trusted geographic location.

According to some embodiments, the set of tag IDs may include at least 1,000, 2,000, 5,000, 8,000 or 10,000 unique tag IDs. A new tag ID of the set of tag IDs may be transmitted from the tag after a predetermined or random period of time.

According to some embodiments, the operations may also include receiving a report from another computing device, such as another mobile terminal or a stationary tag reader. The report from the other computing device may include the tag ID of the tag received by the other computing device through a wireless transmission from the tag. The operations may also include comparing the tag ID received by the other computing device to the tag ID received by the mobile terminal. Some operations may include comparing the reported geographic location of the mobile terminal to the reported geographic location of the other computing device. The operations may further include generating the trusted location confirmation further based on a determination that the tag ID received by the mobile terminal matches the tag ID received by the other computing device. In some embodiments, the generating may also be based on a determination that the reported geographic location of the mobile terminal is in an area defined based on the reported geographic location of the other computing device.

According to some embodiments, the operations may include instructing the mobile terminal to broadcast a wireless transmission, receiving a report from another computing device, wherein the report from the other computing device comprises data received through a wireless transmission from the mobile terminal and generating the trusted location confirmation based on data received by the other computing device.

According to some embodiments, the operations may further include receiving another report from the mobile terminal. The other report from the mobile terminal comprises another reported geographic location of the mobile terminal. The operations may also include comparing the reported geographic location of the mobile terminal to the other reported geographic location of the mobile terminal and indicating that reports from the mobile terminal are untrusted based on a determination that a distance measurement between the reported geographic location of the mobile terminal and the other reported geographic location of the mobile terminal satisfies a proximity warning rule.

According to some embodiments, the operations may further include comparing the reported geographic location of the mobile terminal to the trusted location associated with the set of tag IDs and indicating that reports from the mobile terminal are untrusted based on a determination that the reported geographic location is not in an area defined based on the trusted geographic location.

According to some embodiments, the operations may further include authenticating an application on the mobile terminal providing the report.

According to some embodiments, a method may include receiving a report from a mobile terminal. The report may include a tag identification (ID) of a tag received by the mobile terminal through a wireless transmission from the tag. The report may also include a reported geographic location of the mobile terminal. The method may also include comparing the tag ID to a set of tag IDs associated with a trusted geographic location and generating a trusted location confirmation indicating the mobile terminal is in an area defined based on the trusted geographic location responsive to a determination that the tag ID is included in the set of tag IDs associated with the trusted geographic location. The method may further include sending the trusted geographic location confirmation to an application, on the mobile terminal or another computing device, on the mobile terminal configured for the trusted geographic location.

According to some embodiments, the method may further include generating the set of tag IDs for transmission by the tag and providing the set of tag IDs to the tag.

According to some embodiments, the method may also include receiving registration information associating the set of tag IDs with the trusted geographic location and storing the set of tag IDs as being associated with the trusted geographic location.

According to some embodiments, the set of tag IDs may include at least 1,000, 2,000, 5,000, 8,000 or 10,000 unique tag IDs. A new tag ID of the set of tag IDs may be transmitted from the tag after a predetermined or random period of time.

According to some embodiments, the method may also include receiving a report from another computing device, such as a mobile terminal or a stationary tag reader. The report from the other computing device may include the tag ID of the tag received by the other computing device through a wireless transmission from the tag and a reported geographic location of the other computing device. The method may also include comparing the tag ID received by the other computing device to the tag ID received by the mobile terminal. In some cases, the method may include comparing the reported geographic location of the mobile terminal to the reported geographic location of the other computing device. The method may further include generating the trusted location confirmation further based on a determination that the tag ID received by the mobile terminal matches the tag ID received by the other computing device. In some cases, the generating may also be based on a determination that the reported geographic location of the mobile terminal is in an area defined based on the reported geographic location of the other computing device.

According to some embodiments, the method may further include receiving another report from the mobile terminal. The other report from the mobile terminal comprises another reported geographic location of the mobile terminal. The method may also include comparing the reported geographic location of the mobile terminal to the other reported geographic location of the mobile terminal and indicating that reports from the mobile terminal are untrusted based on a determination that a distance measurement between the reported geographic location of the mobile terminal and the other reported geographic location of the mobile terminal satisfies a proximity warning rule.

According to some embodiments, the method may include comparing the reported geographic location of the mobile terminal to the trusted geographic location associated with the set of tag IDs and indicating that reports from the mobile terminal are untrusted based on a determination that the reported geographic location is not in an area defined based on the trusted geographic location.

According to some embodiments, the method may further include authenticating an application on the mobile terminal providing the report.

According to some embodiments, a computing device may include a communication interface coupled to the processor and a memory coupled to the processor and comprising computer readable program code embodied in the memory that when executed by the processor causes the processor to perform operations. The operations may include executing an application requiring confirmation of a trusted geographic location and requesting a trusted location confirmation from a server identified for the application. The trusted location confirmation may be based on a report of a tag identification (ID) of a tag received by a mobile terminal through wireless transmissions from the tag. The operations may also include continuing execution of the application responsive to receiving the trusted location confirmation and halting execution of the application responsive to receiving an untrusted notification.

Other devices, methods, and/or computer program products according to embodiments of the invention will be or become apparent to one with skill in the art upon review of the following drawings and detailed description. It is intended that all such additional devices, methods, and/or computer program products be included within this description, be within the scope of the present invention, and be protected by the accompanying claims. Moreover, it is intended that all embodiments disclosed herein can be implemented separately or combined in any way and/or combination.

The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate certain embodiment(s) of the invention.
Figure 1 is a schematic illustration of a tag reader reporting its geographic location to a server. Figure 2A is a schematic block diagram that illustrates tag readers using an application that involves a specific geographic location. Figure 2B is a schematic block diagram that illustrates tag readers using an application that involves a specific geographic location. Figure 3 is a schematic block diagram that illustrates tag readers using an application that involves a specific geographic location, according to various embodiments of the present invention. Figure 4A is a schematic block diagram that illustrates tags, according to various embodiments. Figure 4B is a schematic block diagram that illustrates tags, according to various embodiments. Figure 4C is a schematic block diagram that illustrates tags, according to various embodiments. Figure 5 is a schematic illustration of a tag reader reporting its geographic location and a tag identification receiving from a tag, according to various embodiments. Figure 6 is a flowchart that illustrates operations of a method for confirming a geographic location, according to various embodiments. Figure 7 is a schematic illustration of tag readers attempting to fake a geographic location, according to some embodiments. Figure 8 is a schematic illustration of tag readers reporting their locations and tag identifications, according to various embodiments. Figure 9 is a schematic illustration of tag readers reporting their locations and tag identifications, according to various embodiments. Figure 10 is a flowchart that illustrates operations of a method for confirming a geographic location, according to various embodiments. Figure 11 is a flowchart that illustrates operations of a method for confirming a geographic location, according to various embodiments. Figure 12 is a flowchart that illustrates operations of a method for confirming a geographic location, according to various embodiments. Figure 13 is a flowchart that illustrates operations of a method for confirming a geographic location, according to various embodiments. Figure 14 is a block diagram of illustrating a computing device for implementing some embodiments.

Various embodiments of the present invention will now be described more fully hereinafter with reference to the accompanying drawings. However, this invention should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will convey the scope of the invention to those skilled in the art.

It will be understood that, as used herein, the term "comprising" or "comprises" is open-ended, and includes one or more stated elements, steps and/or functions without precluding one or more unstated elements, steps and/or functions. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. The term "and/or" and "/" includes any and all combinations of one or more of the associated listed items. In the drawings, the size and relative sizes of regions may be exaggerated for clarity. Like numbers refer to like elements throughout.

Some embodiments may be embodied in hardware and/or in software (including firmware, resident software, micro-code, etc.). Consequently, as used herein, the term "signal" may take the form of a continuous waveform and/or discrete value(s), such as digital value(s) in a memory or register. Furthermore, various embodiments may take the form of a computer program product on a computer-usable or computer-readable storage medium having computer-usable or computer-readable program code embodied in the medium for use by or in connection with an instruction execution system. Accordingly, as used herein, the terms "module," "circuit" and "controller" may take the form of digital circuitry, such as computer-readable program code executed by an instruction processing device(s) (e.g., general purpose microprocessor and/or digital signal processor), and/or analog circuitry.

Embodiments are described below with reference to block diagrams and operational flow charts. It is to be understood that the functions/acts noted in the blocks may occur out of the order noted in the operational illustrations. For example, two blocks shown in succession may in fact be executed substantially concurrently or the blocks may sometimes be executed in the reverse order, depending upon the functionality/acts involved. Although some of the diagrams include arrows on communication paths to show a primary direction of communication, it is to be understood that communication may occur in the opposite direction to the depicted arrows.

Some types of services should only be provided to people that are at a specific geographic location at a specific time. For instance, electronic papers might only be available to the customers at a specific cafe or library. The restroom of a restaurant may only be available to customers of the restaurant. Saving or determining a place in a long queue or line at a bank may only be permitted by people present in the bank. Salaries may only be paid for the hours employees are present at the workplace. Property owners may want to ensure that a security company really visits a property during the night. The bus may only stop at a bus station when there is someone actually waiting for the bus. Museum guide information may only be provided to persons close to the artwork. The first prize in an orienteering competition may only go to the participants that have been to every checkpoint. These are a number of instances where it would be beneficial to have a way to prove that a specific person subscribed to a service is truly located at a specific geographic location at a specific time.

In an example, Figure 1 illustrates a mobile terminal 100 reporting its geographic location to another computing device, such as application server 120. The geographic location may be determined or obtained by mobile terminal 100 and reported in a transmission report 102. Mobile terminal 100 may have installed an application that operates to determine a true geographic location of the mobile terminal 100. In this example, the application may hold or save a place in a long queue or line at a bank during a busy time in a downtown location. Perhaps, once a person has arrived at a bank, the place in the queue may be saved and the person may have a seat or grab a drink at a nearby location rather than stand in line. To be fair to the other customers, the person must have been in line or in the bank for the application to begin to save the place in line. To do so, the person's mobile phone will report its geographic location to a cloud server coordinating with the application on the person's mobile phone.

Figure 2A shows mobile device users 210, 220 and 230 with their mobile devices 212, 222 and 232, respectively. They are in a long queue in bank 250. However, some users may be tempted to utilize a software trick or other means to fake his or her true geographic location. Application server 120 should be able to trust that the reported geographic location of a mobile device is really the geographic location of the mobile device. Otherwise, user 240 may be able to create a place in line from a cafe 260 across and down the street without even entering the bank 250 by providing a fake location from mobile device 242. Consequently, in Figure 2B, user 240 may cut in line ahead of other customers who arrived at the bank and in line long before user 240. This will frustrate the bank employees as they hear the complaints from the other customers.

According to embodiments of the present invention, the bank 250 may utilize a tag 302, as shown in Figure 3, to help confirm a location reported by a mobile device. Tags may include devices, labels or printed inks on paper. Tags may be used to track items or people for commercial or personal purposes. The tags may be attached to moveable objects and may be any shape or size that can be incorporated into or on the moveable objects. Tags may also be placed in certain locations to help a service or remote cloud server to verify a location reported by a mobile terminal.

A tag reader may receive wireless broadcast transmissions from one or more of tags. In some embodiments, the tag reader may be a mobile communication terminal, such as mobile terminal 100. A mobile communication terminal may be, for example, a smart phone, Personal Data Assistant (PDA), laptop, tablet, scanner or any other mobile computing device that may have capabilities including cellular telecommunication, Internet/intranet access, and/or a global positioning system (GPS) service. The mobile communication terminal may also support Wi-Fi communication over a local wireless network.

Tags may transmit wireless signals, such as broadcasts with tag ID information. Many types of tags may lack a power source and transmit a tag ID as an inductive response to a received signal from a tag reader. Other tags may have a power source and/or include additional circuitry for receiving signals and processing commands. Figures 4A-4C are block diagrams illustrating a tag 302.

Figure 4A illustrates a block diagram of a simple tag that has an embedded antenna 402 that receives a tag reader signal that energizes tag 302 so that it may have power to transmit a responsive RFID signal to the tag reader. Such a tag may also include a circuit 404 for transmitting a tag ID. For example, circuit 404 may include an NFC circuit (accessory NFC circuit) that can be powered by and communicate with a UE NFC circuit using short-range high frequency wireless communication technology which enables the exchange of data between devices over about a 10 cm distance, although the NFC circuits are not limited to operating in at any defined range. The NFC circuits may communicate via magnetic field induction.

As illustrated in Figure 4B, tag 302 may include a short-range wireless transmitter 430. Transmitter 430 may include a transmitter circuit to transmit radio frequency communication signals via an antenna system. Transmitter 430 may also include a transceiver circuit that is operative to also receive communication signals. Transmitter 430 may transmit and/or receive signals according to one or more wireless communication protocols, such as Bluetooth(R) protocols, ANT protocols, WLAN protocols (e.g., 802.11a, 802.11b, 802.11e, 802.11g, and/or 802.11i), or other wireless communication protocols. The transmitter 430 may be, for example, a low power Bluetooth(R) protocol transmitter or an ANT protocol transmitter, such as those designed and marketed by Dynastream Innovations Inc., a Cochrane, Canada based company. Tag 302 may include an Application Specific Integrated Circuit (ASIC) circuit 410 or an NFC circuit for transmitting a tag ID and/or for other logic operations.

In some cases, as shown in Figure 4C, tag 302 may also include a processor 420 that includes circuits for overall operation of the tag 302 including coordination of communications via transmitter 430. Processor circuit 420 may be configured to communicate data over the transmitter 430 according to one or more wireless communication protocols, such as Bluetooth(R) protocols, ANT protocols, WLAN protocols (e.g., 802.11a, 802.11b, 802.11e, 802.11g, and/or 802.11i), or other wireless communication protocols. The transmitter 430 may be, for example, a low power Bluetooth(R) protocol transmitter or an ANT protocol transmitter. The tag 302 of Figure 4C may also have an NFC circuit.

Tag 302 may also include a tag identification module 450 that operates with memory 440 to store identification information, such as a unique tag ID. The tag ID may also uniquely identify an object attached to the tag. For example, two different objects can have respective tags that each store different ID information that can be used to distinguish the two objects. In some cases, tag 302 may have a power source or may be connected to a power source.

Mobile terminal 100 may communicate the received tag transmissions to another computer, such as application server 120, over a network commonly employed to provide voice and data communications to subscribers. The transmissions may be included in a tag transmission report 102, which may include one or more tag IDs transmitted once or a number of times. The tag transmission report may be a single transmission to application server 120 or a number of transmissions to server 120 over a period of time. A tag transmission report may include one or more tag IDs. According to some embodiments, mobile terminal 100 may determine geographic location information (or have location information determined), using, for example, GPS, cellular network data or a location service. The location information may be included in transmission report 302 and associated with the tag IDs in the transmission report.

Embodiments of the present invention provide for a way to ensure that a certain user is (or has been) at a specific location, perhaps at a specific time or for a specific period of time. This solution may provide for more application security and protect against users of the service trying to fake his or her location. For instance, the user may have installed a fake application that reports fake locations to the service. The extra layer of security may apply when a user's mobile device reports its location to the service.

Embodiments of the present invention provide for use of existing tag infrastructures to locate tags. Because a whole community of users reports tag locations, tags locations are harder to fake. Also, the owner of a specific tag may make sure that a tag has not been moved or manipulated. For example, a tag may be built into location, such as a bank, to conceal it from users. In some cases, a reported tag location may not be necessary as a tag identity may be enough to prove that a user is at or within a location.

As shown in Figure 5, a tag 302 may broadcast a tag identity in a wireless transmission 504 to all tag readers within range, including mobile terminal 142. In some cases, the tag identity may not be calculated or known by the phone before it is retrieved from the tag. The tag ID may be included in a set or list of tag IDs. Each tag ID on the list may be broadcast for a predetermined or random period of time before the next (or randomized) tag ID on the list is broadcast. A set of tag IDs may include thousands of tag IDs such that a new, unique tag ID is broadcast, for example, each hour for a few years.

In some cases, a secret key may be used to calculate different tag IDs. For example, a single unique tag ID may be encrypted using the secret key. A randomizing operation or random value may also be encrypted. Application server 120 may decrypt the encrypted tag ID, and maybe the random element, to generate a unique tag ID. This unique tag ID may be considered to be the set of tag IDs or part of the set of tag IDs.

The user's identity on the mobile device may be authenticated towards the application server 120 of a cloud location service (using any authentication solution) and set up a secure channel towards the cloud service. The authenticated user identity may be used to provide a trusted mobile terminal location. The mobile terminal 142 may send the tag ID, with or without a current location of the mobile terminal 142, in a transmission report 502 through a secure channel to the cloud service, or to application server 120.

Figure 6 illustrates a process for confirming a location, according to some embodiments. Such a solution may provide proof of a geographic location of a mobile device in relation to a certain registered tag location. By using secure communication channels with known user identities, a location service may know the location of a mobile terminal based on the tag's registered trusted location. At application server 120, the tag ID received from the tag by the tag reader, or mobile terminal 142, may be received in a report from mobile terminal 142 (block 602). In some cases, the report may also include a reported location of mobile terminal 142.

The application may be authenticated by the cloud through any available authentication method, such as using a password or certificate. Reports received from the application may be authenticated to help reduce the ability of users to send fake reports with fake locations.

The tag ID is then compared to a set of tag IDs stored by the application server 120 and associated with a location (block 604). This location may be a trusted location as it is registered by an owner of the tag. The owner of the tag may have a keen interest in ensuring the tag is being used to confirm a trusted location.

At block 606, a trusted location confirmation may be generated responsive to a determination that the tag ID is included in the set of tag IDs associated with the trusted location. The trusted location confirmation may indicate that the mobile terminal is in a trusted location or truly in the location reported by mobile terminal 142, in the case that mobile terminal 142 reported its own location. In some cases, this may mean that mobile terminal 142 is in a geographic area defined based on the trusted location. The mobile terminal may be located in the area or within a defined area surrounding the trusted location.

The operations may further include sending the trusted location confirmation to an application on mobile terminal 142 configured for the trusted location (block 608). This confirmation may have been requested by another computing device, such as a mobile terminal, tablet or local computer, executing an application that is based on or requires verification of the user's mobile device location. For example, a bank queuing system may display for the customers present the name of each user, identified through a social media application username, login or other identity.

Figure 13 shows a flowchart of a computing device, such as a mobile device, requesting a trusted location confirmation, according to some embodiments. For example, at block 1302, an application requiring confirmation of a trusted location is executed. A request for a trusted location confirmation from an application or cloud server is made (block 1304). The confirmation is based on a report of a tag ID received from a tag in a wireless transmission. The report is sent to the server.

At block 1306, if the trusted location confirmation is received, or the response is positive, the application is able to proceed. If an untrusted notification is received, or the response is negative, the execution cannot proceed and may be halted (block 1308).

Such solutions may be useful for a variety of applications or purposes. For instance, the solution may assist a service that allows free access to online magazines, a user may associate a common user or social media account (e.g., a Facebook(R) account) with the user account on the location-based service. The magazine download service may ask the location-based service if the user is at a certain location and only then permit access. This is similar to another instance where complementary information is provided online in a museum, but should not be available outside the museum.

The solution may also involve a user being in a location for a certain amount of time. For example, restaurant restroom access may involve an electronic lock accessed through NFC or by entering a secret code. The code may permit access only to users whose location could be proven for a certain time period.

In another example, physical queuing could be replaced by an online queuing system. Instead of taking a number or a ticket indicating your place in the queue for service, a ticket may be requested through a mobile application or through an online service available through a smart phone. The online service would require that the user to be at the location before the user is permitted to enter the queue. Otherwise, everyone would enter the queue before arriving at the bank. The online ticket may be shown to the counter or teller personnel. Other solutions may involve verifying employee workplace time clock entry and security check registration by security companies.

In a further example, a bus driver may wish to verify someone is waiting at the bus stop. Otherwise, if riders could fake arrival at the bus stop, everyone would register his or her presence before arriving at the bus stop. In another example, game or party applications may wish to verify that competitors arrive at certain locations. Scavenger hunt and orienteering competition directors can verify that users have passed every checkpoint.

Some users may attempt to fake their locations, whether alone or with the help of other users that may truly be at the location. Figure 7 is a diagram illustrating two users attempting to trick the system employed by bank 250. Mobile device 222 of user 220 may read the current tag ID provided by tag 302 in transmission 702 while in the bank 250. User 220 may use mobile device 222 to forward the current tag ID received in transmission 702 to mobile device 242 of user 240 in an online or short-range transmission 704. User 240 has been hanging out in cafe 260 and has not yet entered bank 250. As soon as user 220 gets near the front of the line, he or she can notify user 240, who then enters the bank and cuts in front of others who have legitimately arrived before user 240. Of course, friends and family can appropriately join someone in line without acting in bad form, but this example is provided for the purpose of illustrating users attempting to fake a location. Other attempts to fake a location may have more serious consequences.

In order to guard against collaborators faking a location, some embodiments may include utilizing a trusted execution environment available on many devices in order to help guarantee legitimate tag reports and legitimate mobile device GPS locations. If only trusted applications are allowed to report data to the cloud server, it will be more difficult to inject a tag ID or tag report from another location (retrieved in another transmission) through the application.

In some cases, it may be necessary to receive a report from another mobile terminal, including a trusted tag reader. Figure 9 shows installation of a trusted tag reader 902. Figure 10 illustrates a process for confirming a location, according to some embodiments. At block 1002, a report from another computing device is received. The other computing device may be another mobile terminal. This may also be another tag reader that may be mobile or stationary. For example, trusted tag reader 902 may be a mobile device or a fixed tag reader installed in bank 250.

The report from the other computing device may include a tag ID received by the other computing device through a wireless transmission from the tag. For example, trusted tag reader 902 may also receive a tag ID from tag 302. Application server 120 may compare the tag ID received by trusted tag reader 902 to the tag ID received by the mobile terminal 220 (block 1004). A trusted location confirmation may be generated based on a determination that the tag ID received by mobile terminal 222 matches the tag ID received by trusted tag reader 902.

In some embodiments, application server 120 may instruct the mobile terminal, or another mobile terminal, to broadcast a wireless transmission and receive a report from another computing device, such as trusted tag reader 902. The report from the other computing device may include data received through a wireless transmission from the mobile terminal. A trusted location confirmation may be generated based on data received by the other computing device. The data may indicate that the mobile terminal is in the trusted location.

In some embodiments, other reports from the same mobile terminal may be used to detect if a device is attempting to fake its location. For example, there may be a discrepancy between a current reported location and a past reported location of a mobile terminal. In some cases, the previous reported location may be too far away from the current reported location to be practical.

Figure 11 illustrates a process for identifying such a discrepancy, according to some embodiments. The first report of a mobile terminal may have included a reported location. At block 1102, another report from the mobile terminal is received, including another reported location. At block 1104, the first reported location is compared to a second reported location. A distance measurement between the reported locations may be calculated. If the distance measurement and the timestamps of both reports satisfy a proximity warning rule, than the reports or mobile terminal of the reports may be indicated by application server 120 as being untrustworthy or deserving further scrutiny (block 1106).

According to some embodiments, the proximity warning rule may define a threshold distance for a certain time period. For example, in a busy city environment, two locations a mile away cannot be reasonably reported in less than a minute. In some embodiments, while certain actions may be taken if the reporting rule is satisfied, such as sending an untrusted notification, no action may take place when the rule is not satisfied. In other embodiments, other actions may take place when the rule is not satisfied, such as sending a trusted location confirmation.

In some cases, transmission reports may be sent by a tag reader to application server 120 almost simultaneously upon receiving a wireless transmission from a tag. In other cases, a wireless transmission from a tag may be time-stamped (and maybe position-stamped) upon receipt by a tag reader. However, the transmission report may be sent by the tag reader a little later. Therefore, for accuracy purposes, the reported location of the tag may be the location of the tag reader when, or at the time, it received the wireless transmission from the tag. In other cases, the location of the tag reader may be determined a time period after the wireless transmission from the tag is received. These factors may be taken into account, for example, when comparing reported locations to conditions of a proximity warning rule.

In other embodiments, the collective reports from other mobile devices in the bank 250 or cafe 260 may help to verify whether a mobile terminal is in the trusted location or reporting its true location. Normally the registration of the trusted location for tag 302 is performed by the owner of tag 302, who has an innate interest in ensuring that the correct location is registered with application server 120 for tag 302. However, in some cases, an owner of a tag may register a different location than the true location. However, other mobile devices may help to determine if certain mobile devices are faking their location. For example, Figure 8 shows tag 802 in cafe 260. Application server 120 may compare tag IDs received by mobile terminals at bank 250 from tag 302 to tag IDs received by mobile terminals at cafe 260 from tag 802. If mobile device 242 and mobile device 812 are reporting a same tag ID, but mobile device 242 is reporting the bank location 240, while mobile device 812 is reporting a different location, such as its true location cafe 260, the application server 120 may indicate that reports from mobile device 242 are not trustworthy.

In some embodiments, mobile devices 212, 222, 232 and/or 242 may be instructed by application server 120 to broadcast as if they were tags. Trusted tag reader 902 may then detect broadcasts from mobile devices 212, 222 and 232, but not mobile device 242. Application server 120 may receive a report from a tag reader in cafe 260 that mobile device 242 is broadcasting in cafe 260 and not from bank 250.

Figure 12 illustrates a process for confirming a location, according to some embodiments. At block 1202, the reported location of the mobile terminal is compared to a trusted location associated with the set of tag IDs. At block 1204, it is indicated that reports from the mobile terminal are untrusted based on a determination that the reported location is not in an area defined based on the trusted location.

Some conventional systems may require an affirmative action or entry of a password by a user at a computing device to verify an identity or authorization of the user. By contrast, various embodiments of the present invention automatically provide tag ID and location reports. Application server 120 takes advantage of these reports, analyzing them to determine if a location of a mobile terminal, or reported location of a mobile terminal, is trustworthy. No user actions are necessary when the mobile terminal enters the location in order to verify the location. The location is verified through the automatic collections and transmission of tag IDs of mobile devices subscribed to tag location services. Also, the location is verified for the mobile device rather than the tag. Furthermore, this service is a personal service that may be associated with a unique user identity or a social network identity.

Application server 120 may have a memory that stores data structures for reported tag IDs, reported tag locations, mobile terminal IDs, trusted tag reader IDs, tag ID sets and associated trusted locations. Application server 120 and/or mobile terminal 100 may also have a memory that stores computer program instructions that, when executed by a processor circuit, executes or carries out the operations described herein and shown in the figures. The memory can be a volatile memory or a non-volatile memory, such as EEPROM (flash memory), that retains the stored data while power is removed from the memory.

Mobile terminal 100 may be a mobile electronic device, such as a smartphone, and include computing device and communication components as shown, for example, in Figure 11. Figure 14 is a schematic block diagram of an electronic device 1400, according to various embodiments. The diagram of electronic device 1400 is not limited to a mobile terminal. The diagram of electronic device 1400 may also include parts of another electronic device, such as application server 120. Electronic device 1400 may communicate using communication interface 1440. Communication interface 1440 may be used with a wireline connection, the internet, and/or a wireless local network to connect to other devices. Wireless communication protocols may include, but are not limited to, IEEE 802.11a, 802.11b, 802.11g, 802.11n, 802.11ac, Bluetooth(R) protocols, IEEE 802.15 protocols, near field communication (NFC) protocols, RFID protocols and/or any other wireless local area network protocols. In some embodiments, communication interface 1440 of electronic device 1400 may include an antenna system 1446 and a cellular and/or Wi-Fi transceiver 1442 (e.g., multi-band with transceivers 1443 and 1445).

Electronic device 1400 may also include other various components, such as a processor 1451, a memory 1453, display 1454, keypad 1452, speaker 1456, microphone 1450 and/or camera 1458. Some embodiments provide that the display 1454 may include a touch sensitive display or screen, or the like.

The memory 1453 stores software that may be executed by the processor 1451, and may include one or more erasable programmable read-only memories (EPROM or Flash EPROM), battery backed random access memory (RAM), magnetic, optical, or other digital storage device, and may be separate from, or at least partially within, the processor 1451. The processor 1451 may include more than one processor, such as, for example, a general purpose processor and a digital signal processor, which may be enclosed in a common package or separate and apart from one another. In particular, the processor 1451 may be configured to control various functions of electronic device 1400, including receiving input from a touch sensitive screen or other sensors.

Electronic device 1400 may communicate with a base station of a network using radio frequency signals, which may be communicated through antenna system 1446. For example, electronic device 1400 may be configured to communicate via the cellular transceiver 1442 using one or more cellular communication protocols such as, for example, Advanced Mobile Phone Service (AMPS), ANSI-136, Global Standard for Mobile (GSM) communication, General Packet Radio Service (GPRS), enhanced data rates for GSM evolution (EDGE), code division multiple access (CDMA), wideband-CDMA, CDMA2000, and/or Universal Mobile Telecommunications System (UMTS), among others. Communication protocols as used herein may specify the information communicated, the timing, the frequency, the modulation, and/or the operations for setting-up and/or maintaining a communication connection. In some embodiments, the antenna system 1446 may be a single antenna.

It is to be understood that the present invention is not limited to the particular configurations shown in Figures 3-14, but is intended to encompass any configuration capable of carrying out operations described herein. While particular functionalities are shown in particular blocks by way of illustration, functionalities of different blocks and/or portions thereof may be combined, divided, and/or eliminated. Moreover, the functionality of the hardware/software architecture may be implemented as a single processor system or a multi processor system in accordance with various embodiments of the present invention.

In the drawings and specification, there have been disclosed typical preferred embodiments of the invention and, although specific terms are employed, they are used in a generic and descriptive sense only and not for purposes of limitation, the scope of the invention being set forth in the following claims.

Claims (20)

1. A server, comprising:
   a processor;
   a memory coupled to the processor and comprising computer readable program code embodied in the memory that when executed by the processor causes the processor to perform operations comprising:
   receiving a report from a mobile terminal, wherein the report comprises a tag identification (ID) of a tag received by the mobile terminal through a wireless transmission from the tag;
   comparing the tag ID to a set of tag IDs associated with a trusted geographic location; and
   generating a trusted location confirmation indicating the mobile terminal is in an area defined based on the trusted geographic location responsive to a determination that the tag ID is included in the set of tag IDs associated with the trusted geographic location.
2. The server of claim 1, wherein the operations further comprise sending the trusted location confirmation to an application configured for the trusted geographic location.
3. The server of claim 1, wherein the operations further comprise:
   receiving a report from another computing device, wherein the report from the other computing device comprises the tag ID of the tag received by the other computing device through a wireless transmission from the tag;
   comparing the tag ID received by the other computing device to the tag ID received by the mobile terminal; and
   generating the trusted location confirmation based on a determination that the tag ID received by the mobile terminal matches the tag ID received by the other computing device.
4. The server of claim 1, wherein the operations further comprise:
   instructing the mobile terminal to broadcast a wireless transmission;
   receiving a report from another computing device, wherein the report from the other computing device comprises data received through a wireless transmission from the mobile terminal; and
   generating the trusted location confirmation based on data received by the other computing device.
5. The server of claim 1, wherein the report comprises a reported geographic location of the mobile terminal.
6. The server of claim 8, wherein the operations further comprise:
   receiving another report from the mobile terminal, wherein the other report from the mobile terminal comprises another reported geographic location of the mobile terminal;
   comparing the reported geographic location of the mobile terminal to the other reported geographic location of the mobile terminal; and
   indicating that reports from the mobile terminal are untrusted based on a determination that a distance measurement between the reported geographic location of the mobile terminal and the other reported geographic location of the mobile terminal satisfies a proximity warning rule.
7. The server of claim 8, wherein the operations further comprise:
   comparing the reported geographic location of the mobile terminal to the trusted geographic location associated with the set of tag IDs; and
   indicating that reports from the mobile terminal are untrusted based on a determination that the reported geographic location is not in an area defined based on the trusted geographic location.
8. The server of claim 1, wherein the operations further comprise:
   generating the set of tag IDs for transmission by the tag; and
   providing the set of tag IDs to the tag.
9. The server of claim 1, wherein the operations further comprise:
   receiving registration information associating the set of tag IDs with the trusted geographic location; and
   storing the set of tag IDs as being associated with the trusted geographic location.
10. The server of claim 1, wherein the set of tag IDs comprises at least 5,000 unique tag IDs, and wherein a new tag ID of the set of tag IDs is transmitted from the tag after a period of time.
11. A method, comprising:
    receiving, at a computing device, a report from a mobile terminal, wherein the report comprises a tag identification (ID) of a tag received by the mobile terminal through a wireless transmission from the tag;
    comparing the tag ID to a set of tag IDs associated with a trusted geographic location; and
    generating a trusted location confirmation indicating the mobile terminal is in an area defined based on the trusted geographic location responsive to a determination that the tag ID is included in the set of tag IDs associated with the trusted geographic location.
12. The method of claim 11, further comprising:
    receiving a report from another computing device, wherein the report from the other computing device comprises the tag ID of the tag received by the other computing device through a wireless transmission from the tag;
    comparing the tag ID received by the other mobile terminal to the tag ID received by the mobile terminal; and
    generating the trusted location confirmation based on a determination that the tag ID received by the mobile terminal matches the tag ID received by the other mobile terminal.
13. The method of claim 11, wherein the report comprises a reported geographic location of the mobile terminal.
14. The method of claim 16, further comprising:
    receiving another report from the mobile terminal, wherein the other report from the mobile terminal comprises another reported geographic location of the mobile terminal;
    comparing the reported geographic location of the mobile terminal to the other reported geographic location of the mobile terminal; and
    indicating that reports from the mobile terminal are untrusted based on a determination that a distance measurement between the reported geographic location of the mobile terminal and the other reported geographic location of the mobile terminal satisfies a proximity warning rule.
15. The method of claim 16, further comprising:
    comparing the reported geographic location of the mobile terminal to the trusted geographic location associated with the set of tag IDs; and
    indicating that reports from the mobile terminal are untrusted based on a determination that the reported geographic location is not in an area defined based on the trusted geographic location.
16. The method of claim 11, further comprising authenticating an application on the mobile terminal providing the report.
17. The method of claim 11, further comprising:
    generating the set of tag IDs for transmission by the tag; and
    providing the set of tag IDs to the tag.
18. The method of claim 11, further comprising:
    receiving registration information associating the set of tag IDs with the trusted geographic location; and
    storing the set of tag IDs as being associated with the trusted geographic location.
19. The method of claim 11, wherein the set of tag IDs comprises at least 5,000 unique tag IDs, and wherein a new tag ID of the set of tag IDs is transmitted from the tag after a period of time.
20. A computing device, comprising;
    a communication interface coupled to the processor;
    a memory coupled to the processor and comprising computer readable program code embodied in the memory that when executed by the processor causes the processor to perform operations comprising:
    executing an application requiring confirmation of a trusted geographic location;
    requesting a trusted location confirmation from a server identified for the application, wherein the trusted location confirmation is based on a report of a tag identification (ID) of a tag received by a mobile terminal through wireless transmissions from the tag;
    responsive to receiving the trusted location confirmation, continuing execution of the application; and
    responsive to receiving an untrusted notification, halting execution of the application.

Images