US 9,811,858 B2
Method for enrolling and authenticating a cardholder
Valery Arnald, Meudon (FR); Sylvain Godbert, Meudon (FR); Philippe Mezger, Meudon (FR); and Kanza Jaafar, Meudon (FR)
Assigned to GEMALTO SA, Meudon (FR)
Appl. No. 14/358,031
Filed by GEMALTO SA, Meudon (FR)
PCT Filed Nov. 14, 2012, PCT No. PCT/EP2012/072556
§ 371(c)(1), (2) Date May 13, 2014,
PCT Pub. No. WO2013/072335, PCT Pub. Date May 23, 2013.
Claims priority of application No. 11306494 (EP), filed on Nov. 15, 2011.
Prior Publication US 2014/0324654 A1, Oct. 30, 2014
Int. Cl. G06Q 40/02 (2012.01); G06Q 20/32 (2012.01); G06Q 20/34 (2012.01); G07F 7/10 (2006.01); G06Q 30/00 (2012.01)
CPC G06Q 40/02 (2013.01) [G06Q 20/3276 (2013.01); G06Q 20/3558 (2013.01); G06Q 30/018 (2013.01); G07F 7/10 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for enrolling and authenticating a bank's cardholder to a service provider to enable services of an application executing on the cardholder's mobile device, comprising the following steps applied by the service provider (SP):
receiving on a first communication channel established between a data-processing workshop (DP) and the service provider (SP) a file comprising an identification cardholder data (ID) and a phone number of the cardholder previously emitted by the bank of the cardholder;
storing cardholder ID and cardholder phone number;
receiving from a mobile device operated by the bank's cardholder the identification cardholder data (ID), bank-provided enrollment data, and identification data of the mobile device via a second channel established between said mobile device and the service provider using the phone number of the cardholder;
during activation of an application on the mobile device for use with the service provider, storing the identification cardholder data (ID), the bank-provided enrollment data, and the identification data of the mobile device;
transmitting to the mobile device on a third channel, an activation link for the cardholder to use to activate an account with the service provider for use with the mobile device application;
during post-activation use of the application to access services, transmitting the identification data of the mobile device and authenticating the mobile device by checking the mobile device identification data;
using, by the service provider, the cardholder identification data linked to the mobile device identification data to determine services available to the cardholder; and
proposing, by the service provider, services to the cardholder via the mobile application.