1. Patent Search
  2. Details

METHOD FOR PROVIDING ACCESS PRIVILEGES LINKED TO PHYSICAL OBJECTS FOR OBTAINING GOODS AND/OR SERVICES

20230115569 · 2023-04-13

    Inventors

    Cpc classification

    International classification

    Abstract

    The invention relates to a method for providing authorizations, linked to physical objects (101, 102, 103), for retrieving goods and/or services (30), including the steps: creating a digital representation (101′, 102′, 103′) of a physical object (101, 102, 103), preferably on an IoT platform (6), the physical object (101, 102, 103) including at least one information carrier (I), the information carrier (I) including at least one identifier (UID), the physical object (101, 102, 103) being unequivocally assignable to its digital representation (101′, 102′, 103′), based on the identifier (UID), and the information carrier (I) being readable from goods and/or services (30) by use of a mobile terminal (10) and/or by means of an output device (20) in order to at least partially access the particular digital representation (101′, 102′, 103′); providing a configurable authorization profile (101a, 102a, 103a) for the digital representation (101′, 102′, 103′), the authorization profile (101a, 102a, 103a) including at least one authorization for retrieving goods and/or services (30).

    Claims

    1. A method for providing authorizations, linked to physical objects, for retrieving goods and/or services, including the steps: creating a digital representation of a physical object, preferably on an IoT platform, the physical object including at least one information carrier, the information carrier including at least one identifier, the physical object being unequivocally assignable to its digital representation, based on the identifier, and the information carrier being readable from goods and/or services by use of a mobile terminal and/or by means of an output device (20) in order to at least partially access the particular digital representation, providing a configurable authorization profile for the digital representation, the authorization profile including at least one authorization for retrieving goods and/or services.

    2. The method according to claim 1, the method further including: configuring the authorization profile of the digital representation, the configuring of the authorization profile including: i) adding at least one authorization to the authorization profile of the digital representation, and/or ii) removing at least one authorization from the authorization profile of the digital representation.

    3. The method according to claim 1, wherein an owner of the physical object may access at least the authorization profile of the particular digital representation by use of the mobile terminal and/or by use of the output device of goods and/or services, and the owner of the physical object may also activate and/or deactivate authorizations as desired from the authorizations that are available in the authorization profile, wherein only activated authorizations may be used for retrieving the particular goods and/or services, and the activation and/or deactivation of the authorizations preferably take(s) place by use of a mobile terminal.

    4. The method according to claim 1, wherein the at least one authorization present in the authorization profile is activatable and/or deactivatable by an owner of the physical object by use of a mobile terminal, the activation and/or deactivation of the at least one authorization taking place in the digital representation.

    5. The method according to claim 1, wherein for creating the digital representation, an initially unassigned digital representation is created regardless of the existence of the physical object, it being possible to subsequently link to the physical object by means of the identifier.

    6. The method according to claim 1, further including: issuing the physical object with the information carrier, wherein the manufacture of the physical object, the manufacture of the information carrier, and the addition of the information carrier to the physical object take place independently of one another, and are preferably carried out by at least two different actors.

    7. The method according to claim 1, further including: enabling the digital representation for configuring the authorization profile, the enabling being a mandatory prerequisite for configuring the authorization profile of the digital representation, and the enabling preferably including: a) granting permission for the configuring, preferably to certain actors, and/or b) establishing rules for the configuring, wherein the rules may include one or more of the following rule types: b1) only certain authorizations or a certain type of authorization are/is addable to the authorization profile; b2) only certain authorizations or a certain type of authorization are/is removable from the authorization profile; b3) there is a maximum limit for the number of addable authorizations; b4) there is a minimum limit for the number of authorizations that must remain in the authorization profile; b5) the addition or the removal of authorizations may take place within certain time periods and/or at certain times of day; b6) the addition or the removal of authorizations can take place only when a certain further condition besides the enabling of the digital representation is met.

    8. The method according to claim 1, further including: providing an authorization pool that includes available authorizations, it being possible for authorizations of the authorization pool that are newly available to be created by at least one authorization issuer, who preferably is neither the owner nor the issuer of the physical object and/or is preferably an actor who is different from the service provider of the goods and/or services.

    9. The method according to claim 1, wherein the configuring of the authorization profile of the digital representation may be carried out by an authorization issuer, preferably by multiple authorization issuers, the authorization issuer being neither the owner nor the issuer of the physical object, and/or being an actor who is different from the service provider of the goods and/or services.

    10. The method according to claim 1, wherein the configuring of the authorization profile of the digital representations takes place at least semiautomatically, in that the authorizations that are available for the digital representation are preferably automatically preselected, based on a certain feature of the digital representation, via machine learning.

    11. The method according to claim 1, wherein a retrieval of the goods and/or services by a service recipient from a service provider is possible only when at least one predefined condition is met, it being possible in particular for the condition to be how frequently the good and/or service are/is permitted to be retrieved, at what time the good and/or service are/is permitted to be retrieved, or at what location the good and/or service are/is permitted to be retrieved.

    12. The method according to claim 1, further including: storing a piece of retrieval information in the digital representation after a retrieval of the goods and/or services has taken place, the retrieval information preferably including information concerning whether and how often a good and/or service have/has been retrieved, and also preferably including a time stamp for each retrieval.

    13. An IoT platform, or digital representation of a physical object, or reading device, which is preferably designed as a mobile terminal or an output device, and that is configured to carry out the particular steps of the method according to claim 1.

    14. An output device of goods and/or services, wherein the output device includes a reading device and preferably is designed as a beverage vending machine, the output device being configured and designed to carry out the method according to claim 1.

    15. A computer program that includes commands which, when the program is executed by a computer, prompt the computer to carry out the method according to claim 1.

    Description

    BRIEF DESCRIPTION OF THE DRAWINGS

    [0065] Preferred embodiments of the present disclosure are described below with reference to the following figures:

    [0066] FIG. 1 shows a first schematic illustration of embodiments of the present invention.

    [0067] FIG. 2 shows a second schematic illustration of embodiments of the present invention.

    [0068] FIG. 3 shows a third schematic illustration of embodiments of the present invention.

    [0069] FIG. 4a shows a schematic illustration of an output of goods and/or services by an output unit that communicates with an IoT platform, according to embodiments of the present invention.

    [0070] FIG. 4b shows a schematic illustration of an output of goods and/or services by an output unit, with a local authorization memory according to embodiments of the present invention.

    [0071] FIG. 5 schematically shows reading in of an authorization by a mobile terminal according to embodiments of the present invention.

    [0072] FIG. 6a shows a mobile terminal with available authorizations according to embodiments of the present invention.

    [0073] FIG. 6b shows a mobile terminal with available authorizations and an activated authorization according to embodiments of the present invention.

    [0074] FIG. 7 shows one possible design of a web application of a corresponding IoT platform according to embodiments of the present invention.

    DESCRIPTION OF PREFERRED EXEMPLARY EMBODIMENTS

    [0075] According to the embodiment of the present invention illustrated in FIG. 1, an IoT platform 6 that includes an authorization pool 7 and digital representations 101′, 102′, 103′ is provided. The digital representations 101′, 102′, 103′ are each unique representations of respective physical objects 101, 102, 103. The physical objects 101, 102, 103 include an information carrier I with a unique identifier UID stored thereon, via which a particular physical object 101, 102, 103 is unequivocally assignable to its digital representation 101′, 102′, 103′. Conversely, the particular digital representation 101′, 102′, 103′ of a physical object 101, 102, 103 may be unequivocally assigned to the respective physical object 101, 102, 103 by means of a corresponding identifier UID that is also stored in the digital representation 101′, 102′, 103′. For example, the digital representation 101′ is the representation of the physical object 101, the digital representation 102′ is the representation of the physical object 102, and the digital representation 103′ is the representation of the physical object 103.

    [0076] The IoT platform 6 provides an authorization pool 7. The authorization pool 7 includes preconfigured authorizations for retrieving goods and/or services. Preconfigured authorizations may be added to the authorization pool 7 as desired, preconfigured authorizations may be removed from the authorization pool 7, and preconfigured authorizations of the authorization pool 7 may be processed. The addition or removal of authorizations to or from the authorization pool 7 may be carried out in particular by an authorization issuer 4. For this purpose, the authorization issuer 4 accesses the IoT platform 6 and independently makes any desired adaptations to the authorization pool 7. For adapting the authorization pool 7 by an authorization issuer 4, it may be necessary for the authorization issuer 4 to perform a separate authentication in order to check whether or not an adaptation of the authorization pool 7 by the particular authorization issuer 4 is permissible.

    [0077] An authorization profile 101a, 102a, 103a for each digital representation 101, 102, 103 [sic; 101′, 102′, 103′] is also provided on the IoT platform. Authorizations for retrieving goods and/or services 30 may be present in the particular authorization profiles 101a, 102a, 103a. The authorization profiles 101a, 102a, 103a of the respective digital representations 101, 102, 103 [sic; 101′, 102′, 103′] include selected authorizations that are specifically linked for the particular digital representation 101′, 102′, 103′ or for the particular physical object 101, 102, 103 that is associated with the respective digital representation 101′, 102′, 103′. An authorization profile 101a, 102a, 103a may, for example, be at least semiautomatically filled with authorizations from the authorization pool 7, or authorizations from the authorization profile 7 may be actively added to an authorization profile 101a, 102a, 103a, by an authorization issuer 4. In the case of a preconfigured authorization profile 101a, 102a, 103a that already contains authorizations, authorizations may be removed therefrom, in particular by an authorization issuer 4. Desired authorizations may thus be entered into an authorization profile 101a, 102a, 103a or removed from an authorization profile 101a, 102a, 103a in a simple manner. An authorization profile 101a, 102a, 103a may in particular be adapted by an authorization issuer 4. The authorization issuer may preferably also create and add new authorizations that previously were not present in the authorization pool 7.

    [0078] The IoT platform 6 manages the access rights and/or processing rights that an authorization issuer 4 has with regard to the authorization pool 7 and/or authorization profiles 101a, 102a, 103a. Thus, certain authorization issuers 4 may be allowed to process the authorization profiles 101a, 102a, 103a of certain digital representations 101′, 102′, 103′, although the authorization issuer is denied processing of the authorization pool 7. In addition, certain authorization issuers may be allowed to adapt only the authorization pool 7. The accessing and/or the processing of authorization profiles 101a, 102a, 103a and/or the authorization pool 7 may alternatively or additionally be carried out by a service provider 3. A service provider may be any actor who outputs or markets the goods and/or services 30.

    [0079] The service provider 3 may in particular have an output device 20 via which a good and/or service are/is output to a service recipient 1 when an appropriate authorization of the service recipient 1 is present. To check whether an appropriate authorization of the service recipient 1 is present, the output device 20 may communicate with the IoT platform 6 or have an internal authorization memory 21 in which the authorizations, which may be used for retrieving goods and/or services 30, are stored.

    [0080] In the embodiment schematically illustrated in FIG. 1, the service recipient 1 and the owner 2 of the physical objects 101, 102, 103 are the same actor. The service recipient 1 or owner 2 carries the physical objects 101, 102, 103 with him/her. Each physical object 101, 102, 103 has an information carrier I with an identifier UID via which the particular physical objects 101, 102, 103 are unequivocally assignable to a corresponding digital representation 101′, 102′, 103′ in the IoT platform 6. To retrieve a good and/or service 30, the information carrier I is presented to the service provider 3 and/or to the output device 20. The service provider 3 may read in the information carrier I using a reading device 40, for example a mobile terminal of the service provider 3 (see FIG. 5). Alternatively, the output device 20 has a reading device 40 and reads the information carrier (see FIGS. 4a and 4b). The read-out identifier UID may subsequently be used to access the IoT platform 6 and retrieve an appropriate authorization from the authorization profile 101a, 102a, 103a of the respective digital representation 101′, 102′, 103′, or to check whether authorizations that are assigned to the identifier UID are present on the IoT platform. If the output device 20 has an internal authorization memory 21 (see FIG. 4b), the authorizations may be checked without communication with the IoT platform 6. For this purpose, the digital representations and/or authorization profiles are locally stored in the authorization memory 21 in advance, i.e., prior to the retrieval of a service. In the case in which the output device 20 communicates with the IoT platform 6 in order to check the authorizations, the output device 20 preferably converts the identifier UID into a persistent identifier PID. The persistent identifier PID may particularly advantageously include or be formed from the identifier UID, which in particular is designed as a unique identifier, to allow an unequivocal assignment to a digital representation 101′, 102′, 103′ via a data network. A mobile radio communications network, for example, may be used as a data network. The persistent identifier PID may in particular be designed as an internet link, so that the output device 20 may access the digital representation 101′, 102′, 103′ or the authorization profile 101a, 102a, 103a of the respective digital representation 101′, 102′, 103′ via the internet in order to check the presence of any authorization for the particular physical object 101, 102, 103 and to make a decision about whether a requested good and/or service 30 is output.

    [0081] In the configuration schematically illustrated in FIG. 2, the service recipient 1, the same as in FIG. 1, is the same actor as the owner 2. In contrast to the configuration in FIG. 1, the service recipient 1 or owner 2 carries a mobile terminal 10 with him/her, in that the identifier UIDs of the physical objects 101, 102, 103 are stored. For this purpose, the information carrier I of the physical objects 101, 102, 103 has been read out in advance using a reading device 40 of the mobile terminal 10. The physical objects 101, 102, 103 are no longer necessary for retrieving goods and/or services 30 from the output device 20, since the identifiers UID of the physical objects 101, 102, 103 are now stored on the mobile terminal 10. The mobile terminal 10 may thus send requests or identifier UIDs to the output devices 20 or to the service provider 3 to obtain a good and/or service 30. It may be advantageously provided that the mobile terminal 10 stores and/or transfers only object-related information, i.e., the identifier UID, so that in principle it replaces only the existence or the presence of the physical object 101, 102, 103. The mobile terminal 10 may in particular communicate with the IoT platform 6, preferably via a mobile data network, in order to access the authorizations from the digital representations 101′, 102′, 103′ of the respective physical objects 101, 102, 103. A reading device 40 of the mobile terminal 10, which may be designed as a camera or as an NFC or RFID reader, for example, detects the identifier UID on the information carrier I of the physical objects 101, 102, 103. A persistent identifier PID, which is preferably designed as an internet link and in particular may include the particular identifier UIDs, is subsequently created from the particular identifier UIDs. The mobile terminal 10 accesses the IoT platform 6 via an internet connection by calling up the internet link. The mobile terminal 10 is thus led directly to the appropriate digital representation 101′ and may access the authorization profile 101a.

    [0082] In the configuration schematically illustrated in FIG. 3, the service recipient 1 and the owner 2 are different actors. The owner 2 owns the physical objects 101, 102, 103, but for example has no interest him/herself in retrieving goods and/or services 30 that are associated with authorizations. The service recipient 1 owns a mobile terminal 10 that can communicate with the IoT platform 6, preferably via a mobile data network. By use of the mobile terminal 10, which has a reading device 40 that may be designed as a camera or as an NFC or RFID reader, for example, the service recipient 1 reads the information carrier I of the physical objects 101, 102, 103 or the identifiers UID on the information carriers I of the particular physical objects 101, 102, 103. Via the communicative connection of the mobile terminal 10 to the IoT platform 6, the mobile terminal 10 accesses the digital representations 101′, 102′, 103′ or their respective authorization profiles 101a, 102a, 103a, which are unequivocally assignable to the physical objects 101, 102, 103, and stores the authorizations, stored in the respective authorization profiles 101a, 102a, 103a, in a local memory of the mobile terminal 10. As an alternative to storing on a local memory of the mobile terminal 10, for further use the mobile terminal 10 may retrieve the data in real time via the communicative connection to the IoT platform 6; i.e., the data would then be available to the mobile terminal 10 only for retrieval (on demand). As an alternative to storing authorizations on the mobile terminal 10 or accessing authorizations by the mobile terminal 10, it is possible to store only the identifier UID on the mobile terminal 10 in order to present it to an output device 20 or to a service provider 3, so that the output device 20 or the service provider 3 retrieves or checks the authorizations for the particular physical object 101, 102, 103 by communicating with the IoT platform 6.

    [0083] The mobile terminal 10 may now be used independently of the physical objects 101, 102, 103 for retrieving goods and/or services 30, in particular from a service provider 3 and/or an output device 20. For retrieving or checking the authorizations, the output device 20 may have or establish a communicative connection to the IoT platform 6 and/or may have a local authorization memory 21. The checking for whether a valid authorization of the mobile terminal 10 is present takes place either when an authorization is presented, or by comparing the presented authorization to the authorizations on the IoT platform 6 or to the authorizations of the output device 20 stored in the local authorization memory 21. Alternatively, if an identifier UID is presented, the checking takes place in the form of an access to the IoT platform 6, wherein the authorizations stored in the corresponding authorization profile 101a, 102a, 103a of the respective digital representation 101′, 102′, 103′ of the associated physical object 101, 102, 103 are retrieved. In this configuration the mobile terminal 10 acts solely as a carrier of the authorizations and/or as a carrier of the identifier. As a carrier of the identifier UID, in this sense the mobile terminal replaces the physical object 101, 102, 103, or more precisely, replaces the identifier UID stored on the information carrier I of a physical object 101, 102, 103. Further data that could reveal the identity of a certain person are advantageously not necessary. In this regard, the object-related information concerning the particular physical object is sufficient. If an authorization is present in the authorization profile 101a, 102a, 103a, a good and/or service 30 are/is output and the service recipient 1 may receive them/it.

    [0084] FIG. 4a shows an output device 20 designed as a coffee machine, with a reading device 40 and a communicative connection to an IoT platform 6. The communicative connection to the IoT platform 6 is preferably a connection via a mobile data network. For this purpose, the output device 20 may be integrated into a Wi-Fi network 1 of a service issuer 3. In the situation illustrated in FIG. 4a, a good 30, in the present case coffee, is dispensed. A physical object 101, in the present case designed as a coffee cup, having an information carrier I has been inserted, in particular by a service recipient 1, into a receiving area of the output device 20 for receiving coffee. An identifier UID, which in particular may be designed as a unique identifier, is stored on the information carrier I. For this purpose, the information carrier I may be a QR code, a barcode, an NFC chip, or an RFID chip, for example. The issuer of the physical object 101, the issuer of the information carrier I, and the issuer of the physical object 101 equipped with the information carrier I are in particular at least two different actors.

    [0085] In contrast to the configuration depicted in FIG. 4a, the output device 20 in FIG. 4b, designed as a coffee machine, has an internal authorization memory 21. The internal authorization memory 21 allows the output device 20 to function even without a communicative connection to the IoT platform 6. Necessary data that are retrieved via the IoT platform 6 in the configuration in FIG. 4a may be stored offline on the authorization memory 21 in the configuration in FIG. 4b. The storing of the necessary authorizations on the internal authorization memory 21 may be carried out in particular by a temporary communicative connection to the IoT platform 6 that is established beforehand. Alternatively or additionally, the service provider 3 may store data on the internal authorization memory 21 of the output device 20 in some other way, in particular via a data transfer interface (USB, SD, micro SD, nano SD), at any given point in time. By providing an internal authorization memory 21, the functionality of the output device 20 may also be advantageously ensured when a communicative connection to an IoT platform 6 is not possible or is unwanted, in particular during operation of an output device in so-called “dead spots.”

    [0086] The reading device 40 of the output device 20 is configured and designed to read in an information carrier I of a physical object 101. Depending on the type and nature of the information carrier I, the reading device 40 is a camera and/or an NFC or RFID interface, for example. The reading device 40 may also be designed to communicate with mobile terminals 10 via conventional data transfer interfaces, for example Bluetooth or Wi-Fi. The functionality may thus be ensured in a case in which the identifier UID is presented via a mobile terminal 10, not via a physical object 101. In particular, a good and/or service 30 may be output even if the physical object 101 is not carried along or is not to be presented. Alternatively or additionally, for the reading device 40 it may be provided that a service provider 3 has a mobile terminal 10 with which the information carrier I or the identifier UID may be read in. The decision as to whether or not a good and/or service 30 is output may thus be made outside the output device 20, for example by a mobile terminal 10 of a service provider 3. After the authorization is checked, the service provider 3 may operate the output device 20 manually and thus bring about the outputting of a good and/or service.

    [0087] FIG. 5 schematically illustrates a situation in which a mobile terminal 10 reads in an information carrier I of a physical object 101 using a reading device 40. The mobile terminal 10 communicates with an IoT platform 6, concurrently or with a time delay, for example to retrieve or check any authorizations that are present in the authorization profile 101a, 102a, 103a of a digital representation 101, 102, 103 [sic; 101′, 102′, 103′] of a respective physical object 101, 102, 103. The mobile terminal 10 may be a mobile terminal 10 of an owner 2 of a physical object 101, 102, 103, a mobile terminal 10 of a service recipient 1 of goods and/or services 30, or a mobile terminal 10 of a service provider 3 for checking authorizations. If the mobile terminal 10 is a mobile terminal 10 of an owner 2 of physical objects 101, 102, 103, or is a mobile terminal 10 of a service recipient 1, the mobile terminal 10 is used only as a carrier of the identifier UID. After the identifier UID has been read in by the reading device 40 of the mobile terminal 10, it may be used via existing communication interfaces of the mobile terminal 10, for example Bluetooth interfaces, Wi-Fi interfaces, NFC interfaces, or via a display device for displaying a visual data code (QR code, for example). In other words, in this configuration the mobile terminal 10 may replace a physical object 101, 102, 103 so that it does not have to be carried along. If the mobile terminal 10 is a mobile terminal 10 of a service provider 3, it is possible for the service provider 3 to check and/or retrieve any authorizations that are present in an authorization profile 101a, 102a, 103a of a digital representation 101, 102, 103 of a respective physical object 101, 102, 103. It is thus possible for the service provider 3 to use nonlinked output devices 20 in order to offer goods and/or services 30.

    [0088] It is also conceivable for the mobile terminal 10 to be a mobile terminal 10 of an authorization issuer 4, it being possible for the authorization issuer 4 to check authorizations that are stored in the authorization profile 101a, 102a, 103a. The checking may be desirable in particular when there is doubt as to whether changes made on the IoT platform 6 have been stored in the particular authorization profiles 101a, 102a, 103a.

    [0089] FIGS. 6a and 6b illustrate a mobile terminal 10 which, in each of the illustrated situations, has read in an identifier UID and accesses the IoT platform 6 or an authorization profile 101a, 102a, 103a. Available authorizations A, B, C, D, E, F that are assigned to the read-in identifier ID are displayed In FIG. 6a. These authorizations are positioned in the lower area of the display device of the mobile terminal 10 in order to visually display to a user of the mobile terminal 10 that these are unactivated authorizations from the authorization profile 101a, 102a, 103a. For activating the available authorizations, it is possible for the user of the mobile terminal 10 to touch an authorization from the lower area of the display device of the mobile terminal 10 and/or to drag it into the field of the display device of the mobile terminal 10 illustrated at the top. This is generally referred to as “swiping.” In the state illustrated in FIG. 6b, the authorization A is activated and is thus situated in the upper area of the display device of the mobile terminal 10. All other authorizations B, C, D, E, F remain unactivated. As the result of providing the option to activate and/or deactivate authorizations, a user of the mobile terminal 10 is advantageously enabled to freely decide which available authorizations he/she would like to use for retrieving goods and/or services 30. Thus, for example, an owner 2 of a physical object 101, 102, 103 or a service recipient 1 may be provided with free and individual control over which authorizations he/she would like to activate. Preferences of owners 2 or service recipients 1 are thus advantageously taken into account. The option of activating and/or deactivating authorizations further increases the security of the method according to the invention, for example with regard to child protection directives. It is particularly advantageous when all activations/deactivations take place on the IoT platform 6, and not locally on the mobile terminal 10. In this case, the mobile terminal 10 is referred to in simple terms as the “window for looking into the IoT platform 6.” Alternatively or additionally, the activations/deactivations may be stored locally on the mobile terminal.

    [0090] FIG. 7 shows one possible design of a web application of a corresponding IoT platform 6 according to embodiments of the present invention.

    [0091] Various use scenarios of the present invention are explained below, but are not limited thereto:

    [0092] A.

    [0093] An end user purchases a reusable coffee cup in a local retail store. The end user thus becomes the owner 2 of the coffee cup, which in this case represents a physical object 101. The coffee cup has an information carrier I that is designed as a QR code. The QR code includes an identifier UID via which the coffee cup or the physical object 101 is unequivocally assignable to a digital representation 101′ on an IoT platform 6. The digital representation 101′ of the coffee cup has been created beforehand, for example at the time the coffee cup was manufactured. The authorization for retrieving coffee has been stored in the corresponding digital representation 101′ in the particular authorization profile 101a by an authorization issuer 4. The authorization issuer 4 may be the service provider 3, or may be a third party who, for example, cooperates with the service provider 3 or pays for the services of the service provider 3. The owner 2 of the coffee cup, using his/her authorization, would now like to retrieve coffee, which in the present case is the good 30, from an appropriate service provider 3. To retrieve the coffee, the service recipient 1 or owner 2 takes his/her physical object 101 to the service provider 3. The service provider 3 has a coffee machine, which in the present case is the output device 20. The output device 20 includes a reading device 40 via which the information carrier I is read out. No data are transferred which could reveal the identity of the service recipient 1 or the owner 2. This involves strictly object-related data, i.e., data that unequivocally identify the physical object 101, which in the present case is a coffee cup, and allow an assignment to a certain associated digital representation 101′. In addition, the output device 20 is in communicative connection with the IoT platform 6. The service recipient 1 or owner 2 places his/her coffee cup in the coffee machine, and the reading device 40 detects the identifier UID on the information carrier I of the coffee cup. A persistent identifier PID which is designed as an internet link and which in particular may include the identifier UID is subsequently created from the identifier UID. The coffee machine accesses the IoT platform 6 via an internet connection by calling up the internet link. The coffee machine is thus led directly to the appropriate digital representation 101′, and may access the authorization profile 101a in order to retrieve the authorization. If an authorization is present, the coffee is dispensed.

    [0094] B.

    [0095] An end user purchases a reusable coffee cup in a local retail store. The end user thus becomes the owner 2 of the coffee cup, which in this case represents a physical object 101. The coffee cup has an information carrier I that is designed as a QR code. The QR code includes an identifier UID via which the coffee cup or the physical object 101 is unequivocally assignable to a digital representation 101′ on an IoT platform 6. The digital representation 101′ of the coffee cup has been created beforehand, for example at the time the coffee cup was manufactured. The authorization for retrieving coffee has been stored in the corresponding digital representation 101′ in the particular authorization profile 101a by an authorization issuer 4. The authorization issuer 4 may be the service provider 3, or may be a third party who, for example, cooperates with the service provider 3 or pays for the services of the service provider 3. The owner 2 of the coffee cup, using his/her authorization, would now like to retrieve coffee, which in the present case is the good 30, from an appropriate service provider 3. The owner has a mobile terminal 10 with a reading device 40 via which the information carrier I of the coffee cup may be read in. The owner reads in the information carrier using his/her mobile terminal 10, and the identifier UID is transferred to the mobile terminal 10. The mobile terminal 10 thus becomes the carrier of the identifier UID, so that it may now be used, just like the coffee cup itself, for retrieving the coffee good from a service provider 3 or an output device 20. Thus, the coffee cup is no longer necessary for the retrieval. To retrieve the coffee, the service recipient 1 goes, without his/her coffee cup, to the service provider 3. The service provider 3 has a coffee machine, which in the present case is the output device 20. The output device 20 includes a reading device 40 via which the information carrier I is read out. No data are transferred which could reveal the identity of the service recipient 1. This involves strictly object-related data, i.e., data that unequivocally identify the physical object 101, which in the present case is a coffee cup, and allow an assignment to a certain associated digital representation 101′. In addition, the output device 20 is in communicative connection with the IoT platform 6. The service recipient 1 presents his/her mobile terminal 10 to the coffee machine, and the reading device 40 detects the identifier UID on the mobile terminal 10. A persistent identifier PID which is designed as an internet link and which in particular may include the identifier UID is subsequently created from the identifier. The coffee machine accesses the IoT platform 6 via an internet connection by calling up the internet link. The coffee machine is thus led directly to the appropriate digital representation 101′, and may access the authorization profile 101a in order to retrieve the authorization. If an authorization is present, the coffee is dispensed.

    [0096] C.

    [0097] An end user purchases a reusable coffee cup in a local retail store. The end user thus becomes the owner 2 of the coffee cup, which in this case represents a physical object 101. The coffee cup has an information carrier I that is designed as a QR code. The QR code includes an identifier UID via which the coffee cup or the physical object 101 is unequivocally assignable to a digital representation 101′ on an IoT platform 6. The digital representation 101′ of the coffee cup has been created beforehand, for example at the time the coffee cup was manufactured. The authorization for retrieving coffee has been stored in the corresponding digital representation 101′ in the particular authorization profile 101a by an authorization issuer 4. The authorization issuer 4 may be the service provider 3, or may be a third party who, for example, cooperates with the service provider 3 or pays for the services of the service provider 3. The owner 2 of the coffee cup does not want to retrieve coffee himself because he does not drink coffee, and has purchased the coffee cup only to use it as a pen holder on a desk. However, the wife of the owner 2 likes to drink coffee very much, and the owner 2 and the wife of the owner 2 would like for the wife of the owner 2 to be able to retrieve the coffee. The wife of the owner 2 is thus to become a service recipient 1. The owner has a mobile terminal 10 with a reading device 40 via which the information carrier I of the coffee cup may be read in. The service recipient reads in the information carrier using her mobile terminal 10, and the identifier UID is transferred to the mobile terminal 10. The mobile terminal 10 thus becomes the carrier of the identifier UID, so that it may now be used, just like the coffee cup itself, for retrieving the coffee good from a service provider 3 or an output device 20. Thus, the coffee cup is no longer necessary for the retrieval. To retrieve the coffee, the service recipient 1 goes, without the coffee cup, to the service provider 3. The service provider 3 has a coffee machine, which in the present case is the output device 20. The output device 20 includes a reading device 40 via which the information carrier I is read out. No data are transferred which could reveal the identity of the service recipient 1. This involves strictly object-related data, i.e., data that unequivocally identify the physical object 101, which in the present case is a coffee cup, and allow an assignment to a certain associated digital representation 101′. In addition, the output device 20 is in communicative connection with the IoT platform 6. The service recipient 1 presents her mobile terminal 10 to the coffee machine, and the reading device 40 detects the identifier UID on the mobile terminal 10. A persistent identifier PID which is designed as an internet link and which in particular may include the identifier UID is subsequently created from the identifier UID. The coffee machine accesses the IoT platform 6 via an internet connection by calling up the internet link. The coffee machine is thus led directly to the appropriate digital representation 101′, and may access the authorization profile 101a in order to retrieve the authorization. If an authorization is present, the coffee is dispensed

    [0098] D.

    [0099] At an inn in which an innkeeper serves customers beer in beer glasses, the following may be provided: A beer glass may be a physical object 101 with an information carrier I on which an identifier UID of the beer glass is stored. The owner of the beer glass is the innkeeper. The innkeeper washes his/her beer glass in a dishwasher, and subsequently refills it with fresh beer in order to serve it to customers. In this case the dishwasher is a first output device 20 with a reading device 40 that is able to read the information carrier I of the beer glass. In addition, the innkeeper has a tap for filling beer glasses with beer. The tap is a second output device 20 with a reading device 40 that is able to read the information carrier I of the beer glass. The following procedure may take place based on the described starting situation: The innkeeper places the beer glass in the dishwasher. The dishwasher reads the information carrier I of the beer glass and detects the object-related identifier UID. Based on the object-related identifier UID, the dishwasher, which is able to communicate with an IoT platform 6 via a communicative connection, forms a persistent identifier PID that is designed as an internet link and contains the object-related identifier UID. Using the persistent identifier PID, the dishwasher accesses the digital representation 101′ or the authorization profile 101a, which on the IoT platform 6 is assigned to the beer glass or the object-related identifier UID. The dishwasher detects that an authorization for a certain washing program is present, and starts the washing program. At the start of, during, or after the washing operation, the dishwasher sends a piece of retrieval information to the IoT platform 6, as the result of which a verification that a wash cycle has taken place, including a time stamp, is stored in the digital representation 101′ of the beer glass. After the wash cycle has concluded, the innkeeper takes the glass from the dishwasher and places it under the tap. The beer glass has just been removed from the dishwasher, and consequently has a temperature that is greatly above room temperature. The tap with its reading device 40 reads the information carrier I of the beer glass, and accesses the digital representation 101′ or the authorization profile 101a in the same way as the dishwasher. There, the tap finds the authorization for dispensing beer; however, this authorization additionally contains a condition that must be met so that the authorization can be used and the tap dispenses beer. The condition states that when a wash cycle has been carried out, a certain time period must elapse before beer is dispensed. The tap denies the dispensing of beer, or starts it only after the time period has elapsed. The time period may be predefined, and based on the time stamp it may be checked whether the time period has already elapsed. The time period may be predefined as a function of the particular washing program. It is thus ensured that beer is dispensed only in cooled beer glasses, so that enjoyable drinking of the beer is guaranteed.

    [0100] Further examples are summarized briefly:

    [0101] E.

    [0102] A merchandizing product or fan article, such as a T-shirt, may be provided with a sewn-in information carrier I via which certain goods and/or services (free drinks, raffle participation, or the like) may be retrieved at a festival, for example.

    [0103] F.

    [0104] A textile may have a sewn-in information carrier I. When the textile is put into a washing machine to be washed, a reading device of the washing machine detects the information carrier, and from the digital representation 101′ retrieves the correct wash cycle based on the correspondingly stored authorization in the authorization profile 101a. For example, the durability of the textile may be increased in this way.

    [0105] G.

    [0106] Object-related mixing of intermediate products may be achieved by use of the method according to the invention. Filling quantities and/or metering rates of certain components of a product to be mixed may thus be output by a dispensing device, based on stored authorizations. It would be conceivable, for example, to use the method for pharmaceutical preparation in pharmacies, where mixing vessels may be physical objects 101, 102, 103 within the meaning of the present invention. It is also conceivable to use the method for mixing cereals, nutritional supplements, or fitness drinks.

    [0107] H.

    [0108] In the handling of sensitive intermediate products and/or products that are moved in transport containers in the context of logistics, it may be desirable to allow the sensitive intermediate products and/or products to be moved, i.e., exposed to vibrations, for only a certain period of time. By use of the method according to the invention, specific authorizations for transport containers, which may be physical objects 101, 102, 103 within the meaning of the present invention, may be stored, via which so-called “track-and-trace” logistics are established. A conveyor belt reads the information carrier I of a transport container, accesses the authorization, and acts as specified. For example, the conveyor belt stops at certain time intervals during transport in order to give the sensitive intermediate products and/or products rest periods. The method according to the invention may be used in a particularly advantageous manner, In particular for transport of chemicals.

    [0109] I.

    [0110] By use of the method according to the invention and a corresponding implementation of authorizations in authorization profiles 101a, 102a, 103a of digital representations 101, 102, 103 [sic; 101′, 102′, 103′] of semi-finished products on the way to the end product, certain production machines may read in the information carrier I of the semi-finished products and act as specified in the authorizations. In particular, a certain sequence of processing steps may be set. Alternatively or additionally, a “just-in-time” and/or “just-in-sequence” provision of auxiliary substances may be automatically triggered by reading authorizations of the semi-finished products. In addition, subsequent delivery processes may thus be efficiently planned and/or controlled.

    LIST OF REFERENCE SYMBOLS

    [0111] 1 service recipient [0112] 2 owner (of the physical objects) [0113] 3 service provider [0114] 4 authorization issuer [0115] 5 issuer (of the physical objects) [0116] 6 IoT platform [0117] 7 authorization pool [0118] 10 mobile terminal [0119] 20 output device [0120] 21 authorization memory [0121] 30 goods and/or services [0122] 40 reading device [0123] 101, 102, 103 physical objects [0124] 101′, 102′, 103′ digital representations [0125] I information carrier [0126] UID identifier [0127] authorization profile 101a, 102a, 103a