Algum conteúdo deste aplicativo está indisponível no momento.
Se esta situação persistir, por favor entre em contato conoscoFale conosco & Contato
1. (WO2018011775) METHOD FOR PROVIDING AN ENHANCED LEVEL OF AUTHENTICATION RELATED TO A SECURE SOFTWARE CLIENT APPLICATION PROVIDED BY AN APPLICATION DISTRIBUTION ENTITY IN ORDER TO BE TRANSMITTED TO A CLIENT COMPUTING DEVICE; SYSTEM, APPLICATION DISTRIBUTION ENTITY, SOFTWARE CLIENT APPLICATION, AND CLIENT COMPUTING DEVICE FOR PROVIDING AN ENHANCED LEVEL OF AUTHENTICATION RELATED TO A SECURE SOFTWARE CLIENT APPLICATION, PROGRAM AND COMPUTER PROGRAM PRODUCT
Nota: O texto foi obtido por processos automáticos de reconhecimento ótico de caracteres.
Para fins jurídicos, favor utilizar a versão PDF.

Method for providing an enhanced level of authentication related to a secure software client application provided by an application distribution entity in order to be transmitted to a client computing device; system, application distribution entity, software client application, and client computing device for providing an enhanced level of authentication related to a secure software client application, program and computer program product

BACKGROUND

[0001] The present invention relates to a method for providing an enhanced level of authentication related to a secure software client application that is provided, by an application distribution entity, in order to be transmitted, using a telecommunications network, to a client computing device in view of software code of the software client application being executed by the client computing device, wherein a first secure communication channel is established - in view of transmitting an instance of the software client application to the client computing device - between the client computing device and the application distribution entity, and wherein a second secure

communication channel is established between the application distribution entity and a third party server entity.

[0002] The present invention further relates to a system for providing an enhanced level of authentication related to a secure software client application that is provided, by an application distribution entity, in order to be transmitted, using a telecommunications network, to a client computing device in view of software code of the software client application being executed by the client computing device, the system comprising the client computing device, the application distribution entity and a third party server entity.

[0003] Additionally, the invention relates to an application distribution entity for providing an enhanced level of authentication related to a secure software client application that is provided, by an application distribution entity, in order to be transmitted, using a telecommunications network, to a client computing device in view of software code of the software client application being executed by the client computing device.

[0004] Furthermore, the invention relates to a software client application instance for providing an enhanced level of authentication related to a secure software client application that is provided, by an application distribution entity, in order to be transmitted, using a telecommunications network, to a client computing device in view of software code of the software client application being executed by the client computing device.

[0005] Additionally, the present invention relates to a client computing device for providing an enhanced level of authentication related to a secure software client application that is provided, by an application distribution entity, in order to be transmitted, using a telecommunications network, to a client computing device in view of software code of the software client application being executed by the client computing device.

[0006] Furthermore, the invention relates to a program comprising a computer readable program code and to a computer program product for providing an enhanced level of authentication related to a secure software client application provided by an application distribution entity.

[0007] Today, software - or applications or apps - to be used by client devices (such as desktop computers, or mobile computers such as tablets, mobile phones or the like) is often distributed using download stores or application stores. It is known to provide application stores such that the downloaded software is at least adapted to the client device class, i.e. a different version of the software could be downloaded dependent on whether the requesting client device is, e.g., a phone device or a tablet device.

[0008] However, it becomes more and more important - especially with respect to the development of the internet of things or mobile devices handling sensitive data - that data provided by client devices can be trusted. Since such data are typically provided by software client applications, the software client applications need to be trusted, hence the software client application need to be authenticated.

SUMMARY

[0009] An object of the present invention is to provide a cost effective and

comparatively fast solution, especially an automated solution, for providing an enhanced level of authentication related to a secure software client application that is provided by an application distribution entity and transmitted to a client computing device, and/or for providing an enhanced level of authentication related to data generated or provided by such a secure software client application.

[0010] The object of the present invention is achieved by a method for providing an enhanced level of authentication related to a secure software client application that is

provided, by an application distribution entity, in order to be transmitted, using a telecommunications network, to a client computing device in view of software code of the software client application being executed by the client computing device,

wherein a first secure communication channel is established - in view of transmitting an instance of the software client application to the client computing device - between the client computing device and the application distribution entity, and wherein a second secure communication channel is established between the application distribution entity and a third party server entity,

wherein the method comprises the following steps:

- in a first step, a security token information is generated in view of subsequently allowing for an authenticated transmission of data - provided by the software client application instance upon it being executed by the client computing device - to the third party server entity,

the security token information being generated by a trusted entity and transmitted from the application distribution entity to both the client computing device and the third party server entity using the first secure communication channel and/ using the second secure communication channel, and wherein - besides the security token information - the software client application instance is transmitted, using at least the first secure communication channel, to the client computing device as well,

- in a second step, subsequent to the first step, a cryptographic key information is generated by the client computing device, and a client response information, comprising at least part of the cryptographic key information, is transmitted, from the client computing device, to the third party server entity.

[0011] According to the present invention, it is thereby advantageously possible that a software client application can be authenticated - i.e. provided with an enhanced level of authentication related to the software client application - (and thereby rendered more secure compared to a non-authenticated software client application) in an automated manner by means of transmitting - especially by the application distribution entity -, to the client computing device, at least the security token information (as well as, typically, the software client application instance) using at least the first secure communication channel (or using both the first and the second secure communication channel), wherein the security token information is likewise transmitted - by the application distribution entity and/or by the trusted entity - to the third party server entity, and wherein the cryptographic key information is generated by the client computing device and the client response information, comprising at least part of the cryptographic key information, is transmitted to the third party server entity.

[0012] The security token information is generated, especially generated by the trusted entity, in view of subsequently (i.e. after the software client application instance being transmitted to the client computing device) allowing for an authenticated transmission of data - provided or generated by the software client application instance upon it being executed by the client computing device - to the third party server entity, and especially without the application distribution entity being necessarily involved in the authenticated transmission of data (in a manner such that the application distribution entity would necessarily be able to decrypt and/or authenticate the data generated by the software client application instance).

According to the present invention, the security token information (being generated by the trusted entity) is transmitted to the third party server entity, especially by using the second secure communication channel and especially by means of the application distribution entity transmitting (after having received the security token information from the trusted entity) the security token information to the third party server entity; this transmission (of the security token information to the third party server entity) either occurs (as a separate transmission) prior to or during or after the transmission of at least the software client application instance as well as the security token information to the client computing device.

[0013] By means of using the first secure communication channel between the application distribution entity and the client computing device, and the second secure communication channel between the application distribution entity and the third party server entity, it is advantageously possible according to the present invention to securely (i.e. in a protected manner) transmit the security token information to the client computing device and to the third party server entity, ensuring confidentiality and/or integrity of the security token information during transmission. Alternatively to using the second secure communication channel (between the application distribution entity and the third party server entity), and especially in case that - in an alternative embodiment of the present invention - the trusted entity is neither identical to the application distribution entity nor to the third party server entity, it is also possible that the security token information is transmitted between the trusted entity and the third party sever entity using a further secure communication channel.

[0014] According to the present invention, it is advantageously possible to provide a cryptographically strong authentication of the client computing device and/or of the software client application instance: For each software client application instance that is executed on the client computing device and for which the method according to the present invention is used, a client certificate or client secret is present, on the client

computing device and/or within the software client application instance, by means of which a mutual authentication of the communication channel between the software client application instance (and/or the respective client computing device), on the one hand, and the third party server entity (especially my means of conventionally used server certificates), on the other hand, is possible. Thereby, it is advantageously possible according to the present invention to provide an enhanced level of authentication concerning the communication (i.e. the data exchanged or transmitted) between the software client application instances of the client computing device and the third party server entity, especially relating to data generated or provided by such a secure software client application, such as, e.g., medical data, bank relating data or the like.

[0015] According to the present invention, it is advantageously possible to provide secure software client applications, i.e. software client applications that can be trusted, by means of requiring an authentication step to be performed. Furthermore, data exchanged between especially the software client application instance and the third party server entity should preferably be transmitted in a protected manner, especially regarding confidentiality and/or integrity and/or originality and/or non-repudiation.

[0016] According to the present invention, the third party server entity corresponds, e.g., to an application server, i.e. providing the server component of the software client application (instance) on the client computing device.

[0017] In conventionally known systems, different methods exist in order to improve the security of the communication between software client applications on client computing devices on the one hand, and server entities (or third party server entities) on the other hand (or between different software client applications, especially on different client computing devices): The most common approach consists in using TLS (Transport Layer Security) by means of using server certificates, i.e. the servers are authenticated towards the software client applications. However, typically the software client applications do not have a certificate typically used with a version of the TLS protocol family and, thus, the respective servers are typically not able to authenticate the software client applications in an easy and intuitive (for a user of the software client application) manner, in a comparatively cheap and/or comparatively fast manner, without requiring user interaction (or, at least, without requiring extensive user interaction) and especially automatically. Known authentication techniques involve, e.g., using a separate channel, transmission of data per snail mail, the use of credentials (such as, e.g., user name and password), other authentication techniques such as the use of OAuth-tokens; however, such techniques typically require a registration process step of the user, hence (perhaps unintuitive) user interaction. An alternative consists in transmitting a secret as part of the software client application. However, conventionally such secrets are typically not individual to each software client application instance; this means that two client computing devices, having the same software client application (while, of course, having different instances of the (same) software client application), would have the same secret - hence, an attacker able to retrieve that secret (common to all such instances of the software client application) would be able to eavesdrop on the communication between the software client application instances and the respective server, and could also make the respective server believe being a software client application instance of that kind (impersonation).

[0018] According to the present invention, a security token information is generated by the trusted entity and transmitted, by the application distribution entity, to both the client computing device and the third party server entity, i.e. the security token information is in any case transmitted, using a secure communication channel (i.e. the first secure communication channel) between the application distribution entity and the software client application instance (i.e. the client computing device). This secure communication channel is typically provided by the application distribution entity, i.e. typically by the application store or app store. According to the present invention, it is advantageously possible to combine the distribution of the software client application instance (to a specific client computing device) with a security token information (and hence the distribution or transmission of the security token information). This provides the possibility to at least implicitly bind the security token information to the software client application instance. This binding of the security token information to the software client application instance also ensures that multiple requests to provide or to issue the security token information do not result in providing a plurality of pieces of security token information: typically, the application distribution entity ensures that each client computing device is able to download each software client application only once (of course, the download of updates is normally allowed).

[0019] As a consequence, the client, i.e. the software client application instance within the client computing device, is equipped with a security token information providing the possibility of a cryptographically strong authentication of the client with regard to the third party server entity (and vice versa using the server certificate), e.g. by means of using TLS with mutual authentication. However, the method according to the present invention is independent from which specific protocol is used and which secure communication channel is used; other protocols than TLS, and also the use of a VPN (Virtual Private Network) channel is possible. According to the present invention, besides the authentication of the third party server (by means of server certificates), also the cryptographically strong authentication of the client (i.e. the software client application instance and/or the client computing device) is possible. Thereby, it is possible that a request (or transmitted data) received at the third party server entity is able to be unequivocally assigned to a specific software client application instance (and hence typically a person), or - especially in case of anonymous usage - that at least no fabricated data are received. An example of the latter situation might refer to a software client application that anonymously collects medical data, e.g. for a medical survey: Without an authentication of the data provided by the different software client application instances (of the different client computing devices of the participants of the survey), the reception of fabricated or manipulated data at the third party server entity (potentially leading to false results) cannot be excluded.

[0020] Additionally, the use of a security token information that is individual to the software client application instance limits the motivation of an attacker and also the potential damage: In case that an attacker is able to successfully retrieve the security token information, the use, according to the present invention, of an instance-specific security token information (i.e. specific to each software client application instance) also means that the attacker is only able use this specific security token information, i.e. with respect to this specific software client application instance; in order to use another software client application instance, the corresponding other security token information would need to be retrieved.

[0021] According to the present invention, due to the fact that the generation of the security token information is typically performed on a backend side (typically either at the trusted entity and/or at the application distribution entity and/or at the third party server), the developer of the software client application (or the operator of the application distribution entity) is able to use a comparatively high cryptographic quality of the generated security token information; typically, at a backend side, more resources, especially concerning processing power, high-quality random number generators, etc., are available.

[0022] Furthermore according to the present invention, it is possible to newly transmit a (different) security token information (triggering the generation of a new (different) client certificate) with each update of the software client application instance; especially in case of any doubts that any (previously transmitted security token information and/or - as a consequence - previously used) client certificates might be compromised.

[0023] According to the present invention, the security token information - generated by the trusted entity (and/or a trusted entity as part of the application distribution entity and/or as part of the third party server entity) - is not only transmitted to the client computing device (using the first secure communication channel) but it is also transmitted (in the first step) to the third party server entity, especially using the second secure communication channel (between the application distribution entity and the third party sever entity). In a subsequent second step, a cryptographic key information is generated by the client computing device, and a client response information, comprising at least part of the cryptographic key information, is transmitted, from the client computing device, to the third party server entity. While it is not excluded, according to some embodiments of the present invention, that the security token information is used subsequently and/or repeatedly a plurality of times (related to the same software client application instance), according to other embodiments of the present invention, the security token information is used to provide the possibility to

- initially exchange a secret and/or protected information between the client computing device and the third party server, i.e. the security token information is used like a onetime password, and

- later on use the cryptographic key information to transmit information between the client computing device and the third party server entity in a protected and/or

authenticated manner.

[0024] According to an embodiment of the present invention, a unique identity information is assigned to the software client application instance, the identity information being specific to the software client application instance or to the combination of the software client application instance and the client computing device,

wherein during the first step, the identity information is transmitted to the client computing device as part of the security token information, using at least the first secure

communication channel, wherein preferably the identity information is transmitted to the third party server entity using the second secure communication channel and/or wherein preferably the identity information is transmitted, during the second step and as part of the client response information, to the third party server entity.

[0025] By means of using a unique identity information that is assigned to the software client application instance, it is advantageously possible, according to the present invention, to identify each software client application instance distributed by the application distribution entity. Hence, according to an embodiment of the present invention, the identity information is additionally transmitted to the client computing device using the first secure communication channel (i.e. the identity information is transmitted additionally to the software client application instance as well as the security token information). According to such an embodiment of the present invention, at least one of the identity information and the mutual assignment of the security token information to the identity information is (or are) transmitted to the third party server entity, especially using the second secure communication channel.

[0026] According to a further embodiment of the present invention, the cryptographic key information corresponds to a symmetric cryptographic key, and wherein the symmetric cryptographic key is transmitted as at least part of the client response information, wherein especially the symmetric cryptographic key is used as a pre-shared cryptographic key in order to establish a TLS (Transport Layer Security) tunnel between the client computing device and the third party server entity.

[0027] It is thereby advantageously possible according to the present invention that the communication between the client computing device and the third party server entity can be protected in a comparatively easy manner. It is, of course, mandatory to be able to transmit the symmetric cryptographic key, generated by the client computing device, to the third party server entity in a protected and/or secured manner, typically by using the first secure communication channel and/or the second secure communication channel and/or a further or additional secure communication channel.

[0028] According to a further embodiment of the present invention, the cryptographic key information corresponds to an asymmetric pair of cryptographic keys, comprising a specific private cryptographic key and a specific public cryptographic key, and wherein the specific public cryptographic key is transmitted as at least part of the client response information.

[0029] It is thereby advantageously possible according to the present invention that the communication between the client computing device and the third party server entity can be protected by means of generating an asymmetric pair of cryptographic keys at the client computing device. After the pair of specific cryptographic keys is generated by the client computing device, only the specific public cryptographic key is transmitted - as at least part of the client response information - to the third party server entity, and the specific private cryptographic key is especially stored in a secure manner, e.g. using a secure element, within the client computing device.

[0030] By means of using the unique identity information (being assigned to the software client application instance) in addition to using the cryptographic key information as part of the client response information (the cryptographic key information being either in the form of a symmetric cryptographic key or in the form of the specific public cryptographic key), it is advantageously possible, according to the present invention, to both identify each software client application instance distributed by the application distribution entity and furthermore to achieve a higher level of authentication. Especially, it is advantageously possible that the cryptographic key information (generated by the client computing device) constitutes a sort of client application certificate information, the authenticity of which can be verified, by the third party server entity, by means of the security token information.

[0031] Especially in case of an asymmetric pair of cryptographic keys being generated by the client computing device, it is advantageously possible to use a cryptographic signature operation (typically performed on a piece of data, such as both the identity information and the specific public cryptographic key itself or the result of a hashing operation performed on the identity information and the specific public cryptographic key (i.e. applying a hash operation to the combination of the identity information and the specific public cryptographic key)) using the specific private cryptographic key to produce a digital signature of the combination of the identity information and the specific public cryptographic key; this means that thereafter, it is possible to verify this signature by performing a cryptographic operation with the specific public key on the signature obtained. According to a further embodiment of the present invention, a server certificate is additionally transmitted to the client computing device, using the first secure communication channel.

[0032] According to the present invention, different possibilities can be used for transmitting the whole of the software client application instance on the one hand, and the additional pieces of information (such as the security token information, the identity information and/or the server certificate) on the other hand, to the client computing device using the first secure communication channel. According to the present invention, at least the additional pieces of information provide for an individualization of the software client application instance (i.e. as related to the specific client computing device and/or as related to a specific user of the client computing device). The software client application instance itself (i.e. without the additional pieces of information) might be (but does not need to be) provided in an un-individualized manner, i.e. being related to an information content representing, e.g., code executable on the client computing device, such code being, if applicable (but not necessarily), specific to the device class of the client computing device but not (individually) specific to the client computing device itself, i.e. individually to the client computing device. If the software client application instance (itself) is provided in an un-individualized manner, then the additional pieces of

information provide for an individualization of the whole of the software client application instance on the one hand, and the additional pieces of information on the other hand. The whole of the software client application instance and the additional pieces of information is also called application instance package. The additional pieces of information are transmitted to the client computing device either separately from the software client application instance (e.g. as separate "files" or transmission content representing or being able to represent "files"; e.g. the software client application instance could be transmitted initially, and the (or part of the) additional pieces of information transmitted in a subsequent step or in a plurality of subsequent steps) or while transmitting the software client application instance (especially as part of the application instance package, e.g. representing one individualized "file").

[0033] According to a further embodiment of the present invention, the client response information is transmitted using a third secure communication channel between the client computing device and the third party server entity, wherein especially the third secure communication channel is established after the second step with the use of the security token information, or

wherein the client response information is transmitted using a communication channel between the client computing device and the third party server entity.

[0034] By means of using a third secure communication channel between the client computing device and the third party server entity, it is advantageously possible to transmit the client response information data in a secure and protected manner, especially by means of using the security token information. However, it is also possible that the client response information is transmitted using an unprotected (normal) communication channel between the client computing device and the third party server entity.

[0035] According to still a further embodiment of the present invention, a server certificate is transmitted to the client computing device, using the first secure

communication channel, wherein the server certificate is especially transmitted during the first step and as part of the security token information, wherein the server certificate is especially specific to the software client application instance or to the combination of the software client application instance and the client computing device,

wherein especially a TLS (Transport Layer Security) tunnel is established using the server certificate and/or wherein especially a certificate pinning is realized using the server certificate.

[0036] It is thereby advantageously possible to enhance the security level in the communication between the client computing device on the one hand, and the third party server entity on the other hand.

[0037] According to still a further embodiment of the present invention, a further cryptographic key information is generated by the third party server entity, the further cryptographic key information comprising a further asymmetric pair of cryptographic keys, comprising a further specific private cryptographic key and a further specific public cryptographic key, and wherein the further specific public cryptographic key is especially transmitted as at least part of the security token information during the first step.

[0038] It is thereby advantageously possible to establish a protected communication channel, between the client computing device and the third party server entity, such that both sides use a pair of asymmetric cryptographic keys (the client computing device using the specific private and public cryptographic keys, and the third party server entity using the further specific private and public cryptographic keys). According to an especially advantageously embodiment of the present invention, the further specific public and private cryptographic keys are specific to the software client application instance of the client computing device.

[0039] According to still a further embodiment of the present invention, the client response information comprises a challenge information, especially in encrypted form, and especially by means of the client computing device encrypting, prior to the second step, the specific public cryptographic key and the challenge information using the further specific public cryptographic key, wherein, subsequent to the second step, the third party server entity especially generates a further response information, especially by means of the third party server entity encrypting a signature of the challenge information using the specific public cryptographic key, and transmits the further response information to the client computing device, wherein the client computing device especially verifies the challenge information, after having received the further response information, and especially establishes a fourth secure communication channel, especially based on a TLS tunnel.

[0040] It is thereby advantageously possible to further protect the communication between the client computing device and the third party server entity by means of a challenge-response mechanism: The challenge information is generated by the client computing device and transmitted to the third party server entity, especially by means of encrypting, using the further specific public cryptographic key, the challenge information (preferably the challenge information is encrypted together with the specific public

cryptographic key). Preferably, the third party server entity decrypts the received information (using the further specific private cryptographic key), and generates - as part of the further response information - an encrypted signature (or encrypted signature information) of the challenge information, using the further specific public cryptographic key, wherein the encrypted signature (or encrypted signature information) is encrypted using the specific public cryptographic key. After transmission to the client computing device, the encrypted signature information is decrypted, using the specific private cryptographic key, and verified, using the further specific public cryptographic key. It is thereby possible for the client computing device to ensure that the challenge information is correctly transmitted (in encrypted form) to the third party server entity, and again back to the client computing device. By means of using the two pairs of cryptographic keys, a protected communication is possible between the client computing device and the third party server entity.

[0041] According to still a further embodiment of the present invention, in a third step, subsequent to the second step, client application data, generated by and/or involving the software client application instance are transmitted, from the client computing device, to the third party server entity and/or to a further client computing device and/or to a further software client application instance

[0042] According to a further embodiment of the present invention, in a fourth step, subsequent to the second step, the software client application instance, using the cryptographic key information, is used to securely communicate with the application distribution entity and/or with the third party server entity and/or with a further client computing device and/or with a further software client application instance.

[0043] Thereby, it is advantageously possible to subsequently use the inventive concept of (initially) transmitting, in a trusted and secured manner, the security token information to the client computing device (or to the software client application instance) -using the first secure communication channel - and furthermore to transmit, likewise in a trusted and secured manner, at least a part of a cryptographic key information as part of the client response information to the third party server entity. If the confidentiality and integrity of the transmission of at least the security token information and the (or part of the) cryptographic key information, especially using the first secure communication channel, can be relied on, any data generated and/or transmitted by the software client application instance (and received by the third party server entity and/or any other server entity or device (such as a further client computing device and/or a further software client application instance)) can be authenticated and hence its confidentiality, integrity and/or plausibility verified.

[0044] According to a further embodiment of the present invention, the unique identity information is an anonymous information or a pseudonymous information or an information identifying the user of the software client application instance, and wherein -in case of the unique identity information being anonymous information - especially the unique identity information is independent from an identification of either the software client application instance and/or the software client application and/or the client computing device and/or the user of the client computing device (as in this case otherwise that data might be misused to break the intended anonymity).

[0045] According to a further embodiment of the present invention, the application distribution entity is an application store, wherein especially the trusted entity is identical to the third party server entity.

[0046] Furthermore, the present invention relates to a system for providing an enhanced level of authentication related to a secure software client application that is provided, by an application distribution entity, in order to be transmitted, using a telecommunications network, to a client computing device in view of software code of the software client application being executed by the client computing device, the system comprising the client computing device, the application distribution entity and a third party server entity,

wherein a first secure communication channel is established - in view of transmitting an instance of the software client application to the client computing device - between the client computing device and the application distribution entity, and wherein a second secure communication channel is established between the application distribution entity and a third party server entity,

wherein the system is configured such that:

- a security token information is generated in view of subsequently allowing for an authenticated transmission of data - provided by the software client application instance upon it being executed by the client computing device - to the third party server entity, the security token information being generated by a trusted entity and transmitted from the application distribution entity to both the client computing device and the third party server entity using the first secure communication channel and/or using the second secure communication channel, and wherein - besides the security token information -the software client application instance is transmitted, using at least the first secure communication channel, to the client computing device as well,

- a cryptographic key information is generated by the client computing device, and a client response information, comprising at least part of the cryptographic key information, is transmitted, from the client computing device, to the third party server entity.

[0047] By means of such a system, it is advantageously possible according to the present invention to securely (i.e. in a protected manner) transmit the secret of the security token information to the client computing device, and to the third party server entity.

[0048] Additionally, the present invention relates to an application distribution entity for providing an enhanced level of authentication related to a secure software client application that is provided, by an application distribution entity, in order to be transmitted, using a telecommunications network, to a client computing device in view of software code of the software client application being executed by the client computing device, wherein a first secure communication channel is established - in view of transmitting an instance of the software client application to the client computing device - between the client computing device and the application distribution entity, and wherein a second secure communication channel is established between the application distribution entity and a third party server entity,

wherein the application distribution entity is configured such that:

- a security token information is generated in view of subsequently allowing for an authenticated transmission of data - provided by the software client application instance upon it being executed by the client computing device - to the third party server entity, the security token information being generated by a trusted entity and transmitted from the application distribution entity to both the client computing device and the third party server entity using the first secure communication channel and/or using the second secure communication channel, and wherein - besides the security token information -the software client application instance is transmitted, using at least the first secure communication channel, to the client computing device as well,

- a cryptographic key information is generated by the client computing device, and a client response information, comprising at least part of the cryptographic key information, is transmitted, from the client computing device, to the third party server entity.

[0049] By means of such an application distribution entity, it is advantageously possible according to the present invention to securely (i.e. in a protected manner) transmit the secret of the security token information to the client computing device, and to the third party server entity.

[0050] Furthermore, the present invention relates to a software client application instance for providing an enhanced level of authentication related to a secure software client application that is provided, by an application distribution entity, in order to be transmitted, using a telecommunications network, to a client computing device in view of software code of the software client application being executed by the client computing device,

wherein a first secure communication channel is established - in view of transmitting an instance of the software client application to the client computing device - between the client computing device and the application distribution entity, and wherein a second secure communication channel is established between the application distribution entity and a third party server entity,

wherein the software client application is configured such that:

- a security token information is generated in view of subsequently allowing for an authenticated transmission of data - provided by the software client application instance upon it being executed by the client computing device - to the third party server entity, the security token information being generated by a trusted entity and transmitted from the application distribution entity to both the client computing device and the third party server entity using the first secure communication channel and/or using the second secure communication channel, and wherein - besides the security token information -the software client application instance is transmitted, using at least the first secure communication channel, to the client computing device as well,

- a cryptographic key information is generated by the client computing device, and a client response information, comprising at least part of the cryptographic key information, is transmitted, from the client computing device, to the third party server entity.

[0051] By means of such a software client application instance, it is advantageously possible according to the present invention to securely (i.e. in a protected manner) transmit the secret of security token information to the client computing device, and to the third party server entity.

[0052] Additionally, the present invention relates to a client computing device for providing an enhanced level of authentication related to a secure software client application that is provided, by an application distribution entity, in order to be transmitted, using a telecommunications network, to a client computing device in view of software code of the software client application being executed by the client computing device, wherein a first secure communication channel is established - in view of transmitting an instance of the software client application to the client computing device - between the client computing device and the application distribution entity, and wherein a second

secure communication channel is established between the application distribution entity and a third party server entity,

wherein the client computing device is configured such that:

- a security token information is generated in view of subsequently allowing for an authenticated transmission of data - provided by the software client application instance upon it being executed by the client computing device - to the third party server entity, the security token information being generated by a trusted entity and transmitted from the application distribution entity to both the client computing device and the third party server entity using the first secure communication channel and/or using the second secure communication channel, and wherein - besides the security token information -the software client application instance is transmitted, using at least the first secure communication channel, to the client computing device as well,

- a cryptographic key information is generated by the client computing device, and a client response information, comprising at least part of the cryptographic key information, is transmitted, from the client computing device, to the third party server entity.

[0053] By means of such a client computing device, it is advantageously possible according to the present invention to securely (i.e. in a protected manner) transmit the secret of the security token information to the client computing device, and to the third party server entity.

[0054] Furthermore, the present invention relates to a program comprising a computer readable program code which, when executed on a computer or on a client computing device or as part of a software client application instance or on an application distribution entity or on a trusted entity, or in part on a client computing device and/or in part as part of a software client application instance and/or in part on an application distribution entity and/or in part on a trusted entity, causes the computer and/or the client computing device and/or the software client application instance and/or the application distribution entity and/or the trusted entity to perform an inventive method.

[0055] Still additionally, the present invention relates to computer program product for providing an enhanced level of authentication related to a secure software client application provided by an application distribution entity, the computer program product comprising a computer program stored on a storage medium, the computer program comprising program code which, when executed on a computer or on a client computing device or as part of a software client application instance or on an application distribution entity or on a trusted entity, or in part on a client computing device and/or in part as part of a software client application instance and/or in part on an application distribution entity and/or in part on a trusted entity, causes the computer and/or the client computing device and/or the software client application instance and/or the application distribution entity and/or the trusted entity to perform an inventive method.

[0056] These and other characteristics, features and advantages of the present invention will become apparent from the following detailed description, taken in conjunction with the accompanying drawings, which illustrate, by way of example, the principles of the invention. The description is given for the sake of example only, without limiting the scope of the invention. The reference figures quoted below refer to the attached drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

[0057] Figure 1 schematically illustrates an exemplary system and situation according to the present invention where a mobile communication network - with a user equipment connected to the mobile communication network - is connected to an application distribution entity, and the application distribution entity is able to exchange information with a trusted entity and/or with a third party server entity.

[0058] Figure 2 schematically illustrates an exemplary communication diagram related to the invention.

DETAILED DESCRIPTION

[0059] The present invention will be described with respect to particular

embodiments and with reference to certain drawings but the invention is not limited thereto but only by the claims. The drawings described are only schematic and are non-limiting. In the drawings, the size of some of the elements may be exaggerated and not drawn on scale for illustrative purposes.

[0060] Where an indefinite or definite article is used when referring to a singular noun, e.g. "a", "an", "the", this includes a plural of that noun unless something else is specifically stated.

[0061] Furthermore, the terms first, second, third and the like in the description and in the claims are used for distinguishing between similar elements and not necessarily for describing a sequential or chronological order. It is to be understood that the terms so used are interchangeable under appropriate circumstances and that the embodiments of the invention described herein are capable of operation in other sequences than described or illustrated herein.

[0062] In Figure 1 , a system for realizing the present invention is schematically shown, the system comprising a telecommunications network 100, especially a mobile communication network 100, and especially a public land mobile network 100. The telecommunications network 100 is connected to a user equipment 20 that is also referred to as a client computing device 20. The system furthermore also comprises an application distribution entity 200, a trusted entity 300, and a third party server entity 400.

[0063] According to the present invention, a software client application instance 121 is transmitted to the client computing device 20, i.e. after this transmission, the client computing device 20 comprises the software client application instance 121. Furthermore according to the present invention, a security token information 401 is transmitted to the client computing device 20, using at least a first secure communication channel 251 between the application distribution entity 200 and the client computing device 20. A second secure communication channel 252 might also be used for transmitting the security token information 401 to the client computing device 20 but is in any case used to transmit the security token information 401 to the third party server entity 400.

[0064] According to the present invention, the communication between the client computing device 20 and the third party server entity 400 is to be secured by means of not only relying on the use of a (comparatively high level) server certificate but also using a kind of (comparatively high level) client certificate. According to the present invention, the third party server entity 400 corresponds, e.g., to an application server, i.e. providing the server component of the software client application (instance) on the client computing device 20.

[0065] In Figure 2 an exemplary communication diagram relating to different embodiments of the present invention is schematically represented. The communication diagram involves the client computing device 20, the application distribution entity 200, the trusted entity 300 and the third party server entity 400. The application distribution entity 200 typically distributes a multitude of different software client applications to a multitude of different client computing devices, e.g. as an app store or the like. Hence, an instance of the software client application, i.e. a software client application instance 121 , is able to be provided by the application distribution entity 200.

[0066] According to the present invention, in a first processing step 201 , a request is transmitted from the client computing device 20 to the application distribution entity 200 to transmit a software client application, i.e. to install the software client application on the client computing device 20. In a second processing step 202 (subsequent to the first processing step 201 and corresponding to the first step according to the inventive method), the application distribution entity 200 transmits at least the software client application instance 121 as well as the security token information 401 to the client computing device 20 (especially as an application instance package). The security token information 401 is typically generated by a trusted entity 300 (and provided to the application distribution entity 200 if the application distribution entity 200 is not identical to the trusted entity 300, which is the case according to a specific embodiment of the present invention). Furthermore, the security token information 401 is also transmitted to the third party server entity 400, which transmission is, however, not specifically represented in Figure 1 ; this transmission being performed, especially, using the second secure communication channel 252. Hence, as a result of these transmissions of the security token information 401 , the security token information 401 is transmitted from the trusted entity 300 to both the client computing device 20 and the third party server entity 400. According to a variant of the exemplary embodiment represented in Figure 1 , an identity information 221 is transmitted to the client computing device 20 in the second processing step 202; this is represented by means of a dashed line and reference sign 221 in Figure 1.

[0067] Subsequently, a cryptographic key information is generated by the client computing device 20, and in a third processing step 203 (subsequent to the second processing step 202), a client response information 402, comprising at least part of the cryptographic key information generated by the client computing device 20, is

transmitted, from the client computing device 20, to the third party server entity 400. Generating, by the client computing device 20, the cryptographic key information and transmitting the client response information 402 (with the cryptographic key information as at least part thereof) corresponds to the second step according to the inventive method. According to the present invention, several variants are possible regarding the second step: According to one variant thereof, the cryptographic key information generated by the client computing device 20 corresponds to a symmetric cryptographic key 223, and the cryptographic key information, being a symmetric cryptographic key 223, is transmitted as at least part of client response information 402 to the third party server entity 400. According to another variant of the second step, the cryptographic key information generated by the client computing device 20 corresponds to a pair of

(specific) asymmetric cryptographic keys, comprising a specific private cryptographic key 222, and a specific public cryptographic key 223 (represented in Figure 1 by means of reference signs 222 and 223), and typically a part of the cryptographic key information, namely the specific public cryptographic key 223, is transmitted as at least part of client response information 402 to the third party server entity 400. According to a variant of the exemplary embodiment represented in Figure 1 , a challenge information (not specifically represented in Figure 1) is transmitted to the third party server entity, especially as part of the client response information 402, i.e. in the third processing step 203. This is especially advantageous in combination with the generation, at the third party server entity 400, of a further pair of cryptographic keys, comprising a further specific private cryptographic key 422, and a further specific public cryptographic key 423, which is schematically represented by a curved dashed line in Figure 1. The use of a challenge information triggers a response by the third party server entity 400 that is transmitted, to the client computing device 20, by means of a further response information 403 in a fourth processing step 204.

[0068] After having exchanged the necessary pieces of information between the client computing device 20 and the third party server entity 400, a protected and confidential exchange of data is possible; this is represented in Figure 1 by means of a dashed double arrow at the bottom of the communication diagram of Figure 1.

[0069] According to an alternative embodiment of the present invention, the second processing step 202 slightly is modified such that in a fifth processing step 205

(represented by a dashed arrow in Figure 1), subsequent to the first processing step 201 , the application distribution entity 200 - upon receiving the request from the client computing device 20 to transmit a software client application - requests from the third party server entity 400 to provide the security token information 401. In a subsequent sixth processing step 206 (likewise represented by a dashed arrow in Figure 1), the security token information 401 is transmitted to the application distribution entity 200 (typically using the second secure communication channel 252). After the sixth processing step 206, the application distribution entity 200 transmits at least the software client application instance 121 as well as the security token information 401 to the client computing device 20 in accordance with the second processing step 202 (subsequent to the first processing step 201 and corresponding to the first step according to the inventive method).

[0070] According to the present invention, it is especially advantageous that the specific private cryptographic key 222 is generated at the client computing device 20 and is not transmitted (using either the first secure communication channel 251 or the second secure communication channel 252) at all. Thereby, it is advantageously possible that no other party knows about the specific private cryptographic key 222. Thereby, it is possible that the integrity and confidentiality of the data transmitted can be assured. Additionally, mechanisms of the application distribution entity 200 (i.e. of the app store), can assure that only one copy of an app (i.e. one software client application instance) can be downloaded to any client computing device, and, hence, also to the client computing device 20; thereby it is advantageously possible that the application distribution entity 200 prevents an attacker from using a valid security token information that could potentially be non-manually (i.e. by a robot) requested and used in a manipulated software client application instance.

[0071] As mentioned above, an additional step according to the method of the present invention might consist of transmitting the further specific public cryptographic key 423 (or server certificate 423) to the client computing device 20 that the software client application instance 121 might use to perform a better or more secure verification or authentication of the server side, e.g. by means of storing the server certificate, and, during verification in the context of the TLS connection setup, only allowing this server certificate as a valid certificate (in an analogous manner to a certificate pinning process or protocol).

[0072] The specific implementation of the method according to the present invention might encompass to also modify the operating system of the client computing device 20, e.g. in order optimally support the steps or processing steps according to the present invention and/or according to the inventive method, e.g., by means of the app installer (i.e. a component of the operating system of the client computing device 20, used to install new software client application instances) storing the additional pieces of information (i.e. the application certificate, i.e. especially the security token information and/or at least part of the cryptographic key information and/or the identity information 221 and/or the further specific public cryptographic key 423 (or server certificate 423 but without the further specific private key 422)) at an appropriate location within the client computing device 20, e.g. private keys in an iOS keychain and/or by means of using the Android API (application programming interface) of the keychain.