`Koh et al.
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 9.240,009 B2
`Jan. 19, 2016
`
`USOO9240009B2
`
`(54) MOBILE DEVICES FOR COMMERCE OVER
`UNSECURED NETWORKS
`
`(75) Inventors: Liang Seng Koh, Fremont, CA (US);
`Hsin Pan, Fremont, CA (US);
`Xiangzhen Xie, Guangdong (CN)
`(73) Assignees: Rich House Global Technology Ltd.,
`Shenzhen (CN); RFCyber Corp.,
`Fremont, CA (US)
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 227 days.
`Appl. No.: 13/350,835
`
`(*)
`
`Notice:
`
`(21)
`(22)
`(65)
`
`Filed:
`
`Jan. 16, 2012
`
`Prior Publication Data
`US 2012/013O839 A1
`May 24, 2012
`Related U.S. Application Data
`(63) Continuation-in-part of application No. 1 1/534,653,
`filed on Sep. 24, 2006, now Pat. No. 8,118,218, and a
`continuation-in-part of application No. 1 1/739,044,
`filed on Apr. 23, 2007.
`
`(51)
`
`(52)
`
`(2012.01)
`(2012.01)
`(2012.01)
`(2012.01)
`
`Int. C.
`G06O20/00
`G06O20/34
`G06O20/36
`G06O 30/06
`U.S. C.
`CPC .......... G06O20/3552 (2013.01); G06O20/352
`(2013.01); G06O20/3672 (2013.01); G06Q
`30/0601 (2013.01)
`
`Processor
`O5
`
`Secured
`memory 107
`
`Og
`Card
`interface
`
`Applet
`
`4.
`
`E-Purse
`Application
`106
`
`Secure Element
`
`NFC controller
`1.
`
`Network interface
`O3
`
`(58) Field of Classification Search
`CPC ..... G06F 21/34; G07F 7/1008; G06Q 20/341;
`G06Q 20/3674; G06Q 20/382: G06Q 20/20;
`G06Q 20/32: G06Q 20/367; G06Q 20/3672
`USPC .................................. 235/379,380, 451, 492
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5/2014 Tompkins .............. G06Q 20/12
`8,725,632 B2 *
`705/39
`2004/00399 19 A1* 2/2004 Takayama et al. ............ T13, 18O
`2005/0187873 A1* 8, 2005 Labrou et al. ................... TO5/40
`2006, O168355 A1* 7, 2006 Shenfield et al. ..
`TO9,250
`2007/O125838 A1* 6, 2007 Law et al. ..............
`... 235,379
`2008/0006685 A1* 1/2008 Rackley, III et al.
`235/379
`2009 OO69051 A1* 3, 2009 Jain et al. .......
`... 455,558
`2010/029 1904 A1* 11/2010 Musfeldt et al. ........... 455,414.1
`* cited by examiner
`Primary Examiner — Christopher Stanford
`(74) Attorney, Agent, or Firm — Joe Zheng
`
`ABSTRACT
`(57)
`Techniques for managing modules or applications installed in
`a mobile device are described. To provide authentic and
`secured transactions with another device, each of the installed
`applications is provisioned with a server through data com
`munication capability in a mobile device. A provisioned
`application is associated with the personalized secure ele
`ment in the mobile device and works with a set of keys that are
`generated in accordance with a set of keys from the person
`alized secure element. Further management of controlling an
`installed application is also described.
`17 Claims, 25 Drawing Sheets
`
`
`
`
`
`2
`
`genuine device?
`
`110
`
`Communicate with a dedicated server (e.g., a TSM) - 4.
`
`Register NFC device with server --- 116
`
`x
`
`122
`
`y
`Request SE-related information from device - 18
`
`Z
`Contact SE manufacture
`get updated device info
`
`Yes
`
`20
`
`Update default
`information?
`-
`No.
`w
`Store the retrieved device info in database --- 124
`
`Generate keys based on the device information - 26
`
`Put the generated key set into the SE ----- 28
`
`Synchronize the keys and device information
`with the SE issuer
`
`--- 30
`
`EN
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 1 of 39
`
`
`
`U.S. Patent
`U.S. Patent
`
`1m9,1n.aJ
`
`nf01m
`
`US 9.240,009 B2
`2B9000,M
`
`U
`
`owo2
`6$9.5m.
`momtmgEvEoEmEm2 .owmmooi
`
`
`
`9:Emu850mm
`
`cozmgagq
`
`
`
`EmEmEmSomw
`
`w3‘GE
`
`Q:
`
`vow
`
`
`
`momtBE{9562
`
`5:380Omz
`
`
`
`GOOGLE LLC V. RFCYBER CORP. / Page 2 of 39
`
`GOOG- 1 001
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 2 of 39
`
`
`
`U.S. Patent
`
`US 9.240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`GNE
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 3 of 39
`
`
`
`U.S. Patent
`
`US 9.240,009 B2
`
`
`
`(~~~~………………). 3333333*{&&
`
`*******~~~~~……….....
`
`
`
`**********, …....
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 4 of 39
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 4 of 25
`
`US 9.240,009 B2
`
`&ssssssssssssss
`
`·········---···---····---···---······?{
`
`***&&&&&&
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 5 of 39
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 5 Of 25
`
`US 9.240,009 B2
`
`?sund-3
`
`JeßueW
`
`se s?ový
`
`??eº)
`
`?.
`
`J?d?ay!
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 6 of 39
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 6 of 25
`
`US 9.240,009 B2
`
`00Z
`
`
`
`
`
`....***saoge redo
`
`***)
`***,
`
`*** &
`
`****...
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 7 of 39
`
`
`
`U.S. Patent
`
`US 9.240,009 B2
`
`OZZ
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ON
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 8 of 39
`
`
`
`U.S. Patent
`U.S. Patent
`
`n
`
`10
`
`t
`
`5
`
`US 9.240,009 B2
`2B900
`2.}
`
`U
`
`9_SW
`
`0,._4UN95¢
`
`:..m~fim..wumflu.m.
`
`
`
`mMflfifififlmam.mMmmb_£MMM§.,m_.0._u.
`
`
`
`
`
`6n
`
`
`
`mgMfimMnMflaw"
`
`
`
`a..J.me3mm
`
`
`2,mam.fimwfiww..........................._
`.mg
`
`...............................
`
`
`
`e._..mm............................m.........................."MMMM53mm,.mwmwmcaM.Mwm.M.S....3MM0mm_
`
`
`
`
`
`
`
`0mm
`
`
`
`
`
`MSa833.mini
`
`EMMMEM.MMMMM.M_.EEMMMEmaME.EEMMEMMM.mm
`.l.|.I'll._|.|.w
`
`
`
`
`
`
`
`
`
`
` ..._wm.mmamuwfinvfism_H_A..Qnmfl.
`mumflwmafififim
`
`GOOGLE LLC V. RFCYBER CORP. / Page 9 of 39
`
`GOOG- 1 001
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 9 of 39
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 9 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`
`
`
`
`
`
`
`
`
`
` “is,mmNqucwmfifikfifinfinhflwvwo
`
`
`
`
`
`wwcmwmfifimwmmfiuw,.»mm,.u,mw”3Mg;
`
`
`vam.fimflfigmfifiwafiflfifium:
`
`ON6E
`
`“33¢acmwmflmmfiafimm..m
`
`
`
`anmfiuuwmmax313%»fimozfimfir
`
`
`133‘.“3.5%.flawmwm
`J,
`
`
`
`
`
`
`
`I,
`
`
`
`4&3aflwmwmavwanfiflwmnwfifiumm?fifim#ugfiwmd.
`
`
`
`m,,,,,,,,,
`
`wwwfiwaar:Mair
`
`GOOGLE LLC V. RFCYBER CORP. / Page 10 of 39
`
`GOOG- 1 001
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 10 of 39
`
`
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 10 of 25
`
`US 9.240,009 B2
`
`E12
`
`
`
`
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 11 of 39
`
`
`
`U.S. Patent
`
`US 9.240,009 B2
`
`082
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`9Sund-9
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 12 of 39
`
`
`
`U.S. Patent
`
`US 9.240,009 B2
`
`Z09
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 13 of 39
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 13 Of 25
`
`US 9.240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`809
`
`909
`esund-e MeN
`
`
`
`?, ? 9
`
`uefieue W pueO
`
`ZZ9
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 14 of 39
`
`
`
`U.S. Patent
`
`J
`
`m9,
`
`0
`
`SU
`
`2Bm
`
`1mo_>o_o9:E53%mmSgécmucmE<m033$26:cm5058m0mmEccmco
`
`
`
`3:303m€5.889EmEocbzsommcozmgaqmmm:
`
`0mm
`
`
`
`mmmcozmuficoflma93::
`
`2.89:Eat993mtoEmma
`
`
`
`
`
`83%m55ExamomSQé
`
`
`
`
`
`cm«Em.Mmmm_>_<mmmSgé3m:05:mmEmnmcacanmixcozfimao859m.396ch
`
`0,02mm.2,Um.GE9mom=UoN=mcomth=u693wm9mmSQ-m9:Em
`
`
`323%m5538959:8@5085:8:qumm:maa83%9:EBaummquécmvcmE<mcozmtoqmcmzmczmmxwcm:8ngm0mmEccmgo
`
`
`
`
`
`
`5552:5m5vcm53m95$9::memnmmom9may9:ucm§<mmczflxmm5m3BESEmcmu5mixnmEngcm:$3950
`
`«mm9mm“05vanE<wmEExmcmm_>$526me“:2mumgmcmo
`
`83%9:E5anmmSQ-mcm25E<m@5QO9:5953
`
`
`
`GOOGLE LLC V. RFCYBER CORP. / Page 15 of 39
`
`GOOG- 1 001
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 15 of 39
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`m9,
`
`m
`
`n
`
`US 9.240,009 B2
`2Bm
`2.}9
`
`t0;
`
`MacmccmsHmmcoamm:on“
`
`Mwow63%083$2“$209a$2365:2
`
`SwofiEEEm59mmcoamm:mwmmanoomqum
`
`JmemcmE99.39:wmmoum925Mvow25>9:355%EEEmm_>53cm:m05%.
`
`
`
`0I
`A0,,5at
`
`m3vx289:Eo¢mmcoqwem968%
`
`
`
`NS»55%:EBm.32::ncmEsooommcficoamotoom>Em>
`
`
`
`8%?2£chmczogoamm2“8an
`
`oov
`
`weI
`
`
`
`
`
`
`
`
`
`
`
`GOOGLE LLC V. RFCYBER CORP. / Page 16 of 39
`
`GOOG- 1 001
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 16 of 39
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 16 of 25
`
`US 9.240,009 B2
`
`8 #7
`
`ZZ$7
`
`
`
`
`
`
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 17 of 39
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 17 Of 25
`
`US 9.240,009 B2
`
`89 #7
`
`?sund-a
`
`
`
`
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 18 of 39
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 18 of 25
`
`US 9.240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 19 of 39
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 19 Of 25
`
`US 9.240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 20 of 39
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 20 of 25
`
`US 9.240,009 B2
`
`099
`
`899
`
`
`
`
`
`
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 21 of 39
`
`
`
`U.S. Patent
`U.S. Patent
`
`mS
`
`.m
`
`US 9.240,009 B2
`2B9009
`
`
`M..M,<©G~H~mam838
`SnmfimcmUcmxoyé
`
`
`
`9528../IM
`
`699|
`mmm+cozomwcg,
`
`9a,9:mem0%£92?JnJamcommoEsEEoo4U5.260
`
`coumkmqoM:885m852%mwmwwmn._
`Cozummcm:
`
`
`08K............................................................_
`
`nEmaUcmnowmm
`
`awemm638%mmm2%m8EEmuLw
`
`009
`\
`
`cow_...........................................................
`
`
`
`conomwcmc.wOn_
`
`m552%
`
`
`
`
`
`
`
`
`
`GOOGLE LLC V. RFCYBER CORP. / Page 22 of 39
`
`GOOG- 1 001
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 22 of 39
`
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 22 of 25
`
`US 9.240,009 B2
`
`pueqÐSeg
`
`?ue6\, SOd
`999
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`929 WW7S SOdwJ
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 23 of 39
`
`
`
`U.S. Patent
`U.S. Patent
`
`J
`
`01,,
`
`Ef03
`
`US 9.240,009 B2
`2B900,
`
`9S
`
`0Im,0mGE
`
`
`
`6wmo939_m:t_>Em91%:m5:0th
`
`mmcoxofim96>
`
`2nmm.a«“952wE:
`-0“cwwcommm.me5:00._nSx:96965m
`
`g
`
`
`
`EwmcogsamE0:cmxowécmm>mEmm
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`£365EotEsoEm33:236280
`
`UN8388E5cozommcm::83
`
`
`
`
`
`
`
`$23ucmxomnBmacsommcm:3053
`
`GOOGLE LLC V. RFCYBER CORP. / Page 24 of 39
`
`GOOG- 1 001
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 24 of 39
`
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 24 of 25
`
`US 9.240,009 B2
`
`START
`
`670 O
`
`672
`
`Send an initial purchase request to e
`token enabled device of a purchaser
`
`674
`
`
`
`
`
`Enough balance
`in e-token
`enabled device?
`
`
`
`END
`
`nO
`
`676
`
`yes
`
`Forward the received response from the e
`token enabled device to POS SAM
`
`678
`
`680
`
`682
`
`Receive a debit request containing a
`MAC from POS SAM
`
`Send the debit request to e-token
`enabled device to debite-token
`
`Receive debit confirm message including additional
`MACS for transaction Verification and Settlement
`684
`
`Forward the debit confirm message to
`POS SAM for Verification
`
`686
`
`Display transaction after POS SAM
`has recorded the transaction
`
`END
`
`FIG. 6D
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 25 of 39
`
`
`
`U.S. Patent
`U.S. Patent
`
`S O
`°|O
`[\
`N
`
`.\v.
`
`IIIIIIIIIIIIIIIII..\.mEm,xN38285WE338_>_<m
`
`o:omo5cosmoiQ/xvmmmquéEtam@56on395:0
`J.\\
`
`
`
`moBEEooé2,”cocmammmm"momimwubxouéUmoEOxomXm................._..\..
`
`
`mo..mEEoo-mEm>=mucam.a82836x0;w969.23
`
`
`"KI........own.69556uoE."mmmzoSa6x0:mEmyflnw
`
`Exec»//u................n29szsaw
`
`@250
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`US 9.240,009 B2
`2B9
`2,
`
`W.A0,,kmil
`
`
`
`mmaU“Thuomwgmoomx.#58668508
`
`
`
`ME
`
`.0:090m¢on
`93Hn:xpj09.
`
`GOOGLE LLC V. RFCYBER CORP. / Page 26 of 39
`
`GOOG- 1 001
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 26 of 39
`
`
`
`
`US 9,240,009 B2
`
`1.
`MOBILE DEVICES FOR COMMERCE OVER
`UNSECURED NETWORKS
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`This application is a continuation-in-part of U.S. patent
`application Ser. No. 1 1/534,653 filed on Sep. 24, 2006, now
`U.S. Pat. No. 8,118,218, and also a continuation-in-part of
`U.S. patent application Ser. No. 1 1/739,044 filed on Apr. 23.
`2007, which is a continuation-in-part of U.S. patent applica
`tion Ser. No. 1 1/534,653 filed on Sep. 24, 2006, now U.S. Pat.
`No. 8,118,218.
`
`BACKGROUND
`
`10
`
`15
`
`2
`To support this fast evolving business environment, several
`entities including financial institutions, manufactures of vari
`ous NFC-enabled mobile phones and software developers, in
`addition to mobile network operators (MNO), become
`involved in the NFC mobile ecosystem. By nature of their
`individual roles, these players need to communicate with
`each other and exchange messages in a reliable and interop
`erable way.
`One of the concerns in the NFC mobile ecosystem is its
`security in an open network. Thus there is a need to provide
`techniques to personalize a secure element in a contactless
`Smart card or an NFC-enabled mobile device so that such a
`device is so secured and personalized when it comes to finan
`cial applications or secure transactions. With a personalized
`secure element in an NFC-enabled mobile device, various
`applications or services, such as electronic purse or pay
`ments, can be realized. Accordingly, there is another need for
`techniques to provision or manage an application or service in
`connection with a personalized secure element.
`
`SUMMARY
`
`This section is for the purpose of Summarizing some
`aspects of embodiments of the present invention and to briefly
`introduce some preferred embodiments. Simplifications or
`omissions in this section as well as the title and the abstract of
`this disclosure may be made to avoid obscuring the purpose of
`the section, the title and the abstract. Such simplifications or
`omissions are not intended to limit the scope of the present
`invention.
`Broadly speaking, the invention is related to techniques for
`personalizing secure elements in NFC devices to enable vari
`ous secure transactions over a network (wired and/or wireless
`network). With a personalized secure element (hence secured
`element), techniques for provisioning various applications or
`services are also provided. Interactions among different par
`ties are managed to effectuate a personalization or provision
`ing process flawlessly to enable an NFC device for a user
`thereof to start enjoying the convenience of commerce over a
`data network with minimum effort.
`As an example of application to be provided over a secured
`element, a mechanism is provided to enable devices, espe
`cially portable devices, to function as an electronic purse
`(e-purse) to conduct transactions over an open network with
`a payment server without compromising security. According
`to one embodiment, a device is installed with an e-purse
`manager (i.e., an application). The e-purse manager is con
`figured to manage various transactions and functions as a
`mechanism to access an emulator therein. Secured financial
`transactions can then be conducted over a wired network, a
`wireless network or a combination of both wired and wireless
`network.
`According to another aspect of the present invention, Secu
`rity keys (either symmetric or asymmetric) are personalized
`So as to personalize an e-purse and perform a secured trans
`action with a payment server. In one embodiment, the essen
`tial data to be personalized into an e-purse include one or
`more operation keys (e.g., a load key and a purchase key),
`default PINs, administration keys (e.g., an unblock PIN key
`and a reload PIN key), and passwords (e.g., from Milfare).
`During a transaction, the security keys are used to establish a
`secured channel between an embedded e-purse and an SAM
`(Security Authentication Module) or a backend server.
`The present invention may be implemented in various
`forms including a method, a system, an apparatus, a part of a
`system or a computer readable medium. According to one
`embodiment, the present invention is a method for personal
`
`25
`
`30
`
`35
`
`40
`
`45
`
`1. Technical Field
`The present invention is generally related to commerce
`over networks. Particularly, the present invention is related to
`techniques for personalizing a secure element and provision
`ing an application Such as an electronic purse that can be
`advantageously used in portable devices configured for both
`electronic commerce (a.k.a., e-commerce) and mobile com
`merce (a.k.a., m-commerce).
`2. Description of the Related Art
`Single functional cards have been Successfully used in
`enclosed environments such as transportation systems. One
`example of such single functional cards is MIFARE that has
`been selected as the most Successful contactless Smart card
`technology. MIFARE is the perfect solution for applications
`like loyalty and vending cards, road tolling, city cards, access
`control and gaming.
`However, single functional card applications are deployed
`in enclosed systems, which are difficult to be expanded into
`other areas Such as e-commerce and m-commerce because
`stored values and transaction information are stored in data
`storage of each tag that is protected by a set of keys. The
`nature of the tag is that the keys need to be delivered to the
`card for authentication before any data can be accessed during
`a transaction. This constraint makes systems using Such tech
`nology difficult to be expanded to an open environment Such
`as the Internet for e-commerce and/or wireless networks for
`m-commerce as the delivery of keys over a public domain
`network causes security concerns.
`In general, a Smart card, chip card, or integrated circuit card
`(ICC), is any pocket-sized card with embedded integrated
`circuits. A Smart card or microprocessor cards contain Vola
`tile memory and microprocessor components. Smart cards
`may also provide strong security authentication for single
`sign-on (SSO) within large organizations. The benefits of
`50
`smart cards are directly related to the volume of information
`and applications that are programmed for use on a card. A
`single contact/contactless Smart card can be programmed
`with multiple banking credentials, medical entitlement, driv
`er's license/public transport entitlement, loyalty programs
`and club memberships to name just a few. Multi-factor and
`proximity authentication can and has been embedded into
`Smart cards to increase the security of all services on the card.
`Contactless Smart cards that do not require physical contact
`between card and reader are becoming increasingly popular
`for payment and ticketing applications such as mass transit
`and highway tolls. Such Near Field Communication (NFC)
`between a contactless Smart card and a reader presents sig
`nificant business opportunities when used in NFC-enabled
`mobile phones for applications such as payment, transport
`ticketing, loyalty, physical access control, and other exciting
`new services.
`
`55
`
`60
`
`65
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 27 of 39
`
`
`
`3
`izing a secure element associated with a computing device.
`The method comprises initiating data communication with a
`server, sending device information of the secure element in
`responding to a request from the server after the server deter
`mines that the secure element is registered therewith, wherein
`the device information is a sequence of characters uniquely
`identifying the secure element, and the request is a command
`causing the computing device to retrieve the device informa
`tion from the secure element, receiving at least a set of keys
`from the server, wherein the keys are generated in the server
`in accordance with the device information of the secure ele
`ment, and storing the set of keys in the secure element to
`facilitate a Subsequent transaction by the computing device.
`According to another embodiment, the present invention is
`a method for personalizing a secure element associated with
`a computing device. The method comprises receiving an
`inquiry to establish data communication between a server and
`the computing device, sending a request from the server to the
`computing device to request device information of the secure
`element after the server determines that the computing device
`is registered therewith, wherein the device information is a
`sequence of characters uniquely identifying the secure ele
`ment, and the request is a command that Subsequently causes
`the computing device to retrieve the device information from
`the secure element therein, generating at least a set of keys in
`accordance with the device information received, delivering
`the set of keys through a secured channel over a data network
`to the computing device, wherein the set of keys is caused to
`be stored in the secure element with the computing device,
`and notifying at least a related party that the secure element is
`now personalized for Subsequent trusted transactions.
`According to still another embodiment, the present inven
`tion is a method for provisioning an application installed in a
`mobile device, the method comprises sending to a server an
`identifier identifying the application together with device
`information of a secure element associated with a mobile
`device on which the application has been installed, establish
`ing a secured channel between the secure element and the
`server using a set of key set installed in the secure element,
`receiving data prepared by the server to enable the application
`to function as designed on the mobile device; and sending out
`an acknowledgement to a provider of the application about a
`status of the application now being active with the secure
`element on the mobile device. The data received in the mobile
`device includes a user interface of the application per the
`mobile device and a generated application key set.
`According to still another embodiment, the present inven
`tion is a method for provisioning an application, the method
`comprises receiving from a mobile device an identifier iden
`tifying the application together with device information of a
`secure element associated with the mobile device on which
`the application has been installed, establishing a secured
`channel between the secure element and the server using a set
`of key set installed on the secure element, preparing data
`necessary for the application to function as designed on the
`mobile device, transporting the data from the server to enable
`the application via the secured channel; and notifying a pro
`vider of the application about a status of the application now
`active with the secure element on the mobile device.
`According to yet another embodiment, the present inven
`tion is a mobile device for conducting a transaction over a
`network, the mobile device comprises a network interface, a
`secure element, a memory space for storing at least a module
`and an application downloaded from the network, a processor
`coupled to the memory space and configured to execute the
`module to cause operations including verifying whether the
`application has been provisioned. When it is verified that the
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`US 9,240,009 B2
`
`5
`
`10
`
`15
`
`4
`application has not been provisioned, the operations further
`comprise sending to a server via the network interface an
`identifier identifying the application together with device
`information of a secure element, establishing a secured chan
`nel between the secure element and the server using a key set
`installed on the secure element, wherein the server is config
`ured to prepare data necessary for the application to function
`as designed on the mobile device, receiving the data from the
`server to associate the application with the secure element,
`and sending out an acknowledgement to a provider of the
`application about a status of the application that is now active
`with the secure element. The processor is further configured
`to determine if the secure element has been personalized
`before performing a provisioning process of the application.
`If the secure element has not been personalized, the mobile
`device is caused to personalize the secure element with a
`designed server.
`One of the objects, features, and advantages of the present
`invention is to enable a mobile device that can be used to
`perform a secured transaction with a party (e.g., at a point of
`sale, with a commercial server or accessing remotely) overan
`unsecured network (e.g., the Internet).
`Other objects, features, and advantages of the present
`invention, which will become apparent upon examining the
`following detailed description of an embodiment thereof,
`taken in conjunction with the attached drawings.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The invention will be readily understood by the following
`detailed description in conjunction with the accompanying
`drawings, wherein like reference numerals designate like
`structural elements, and in which:
`FIG. 1A shows a simplified architecture of an NFC-en
`abled mobile device with a secure element (SE):
`FIG. 1B shows a flowchart or process of personalizing an
`SE according to one embodiment of the present invention;
`FIG.1C shows relationships among an SE manufacturer, a
`TSM admin and the TSM system for both offline and online
`modes;
`FIG. 1D illustrates data flows among a user for an NFC
`device (e.g., an NFC mobile phone), the NFC device itself, a
`TSM server, a corresponding SE manufacturer and an SE
`issuer,
`FIG.1E shows a data flowchart or process of personalizing
`data flow among three entities: a land-based SAM or a net
`work e-purse server, an e-purse acting as a gatekeeper, and a
`single function tag, according to one embodiment;
`FIG. 2A shows a mobile payment ecosystem in which
`related parties are shown in order for the mobile payment
`ecosystem successful;
`FIG. 2B shows a flowchart or process of provisioning one
`or more applications according to one embodiment;
`FIG. 2C shows a data flow illustrating various interactions
`among different parties when an application is being provi
`Sioned in one embodiment;
`FIG. 2D shows a data flow among different entities when
`preparing the application data in provisioning an application;
`FIG. 2E shows a flowchart or process for locking or dis
`abling an installed application;
`FIG. 2F shows an exemplary architecture diagram of a
`portable device enabled as an e-purse conducting e-com
`merce and m-commerce, according to one embodiment of the
`present invention;
`FIG. 3A is a block diagram of related modules interacting
`with each other to achieve what is referred to hereinase-purse
`
`GOOG-1001
`GOOGLE LLC v. RFCYBER CORP. / Page 28 of 39
`
`
`
`US 9,240,009 B2
`
`5
`personalization by an authorized personnel (a.k.a., personal
`izing a mobile device or a secure element therein while pro
`visioning an application);
`FIG. 3B shows a block diagram of related modules inter
`acting with each other to achieve what is referred to herein as
`e-purse personalization by a user of the e-purse;
`FIG. 3C shows a flowchart or process of personalizing an
`e-purse according to one embodiment of the present inven
`tion;
`FIG. 4A and FIG. 4B show together a flowchart or process
`of financing, funding, load or top-up an e-purse according to
`one embodiment of the present invention:
`FIG. 4C shows an exemplary block diagram of related
`blocks interacting with each other to achieve the process FIG.
`4A and FIG. 4B;
`FIG. 5A is a diagram showing a first exemplary architec
`ture of a portable device for enabling e-commerce and
`m-commerce functionalities over a cellular communications
`network (i.e., 3G, LTE or GPRS network), according an
`embodiment of the present invention;
`FIG. 5B is a diagram showing a second exemplary archi
`tecture of a portable device for enabling e-commerce and
`m-commerce functionalities over a wired and/or wireless
`data network (e.g., Internet), according another embodiment
`of the present invention;
`25
`FIG.5C is a flowchart illustrating an exemplary process of
`enabling the portable device of FIG. 5A for services/applica
`tions provided by one or more service providers in accor
`dance with one embodiment of the present invention;
`FIG. 6A is a diagram showing an exemplary architecture,
`in which a portable device is enabled as a mobile POS con
`ducting e-commerce and m-commerce, according to one
`embodiment of the present invention;
`FIG. 6B is a diagram showing an exemplary architecture,
`in which a portable device is enabled as a mobile POS con
`ducting a transaction upload operation over a network,
`according to an embodiment of the present invention;
`FIG. 6C is a flowchart illustrating an exemplary process of
`conducting m-commerce using the portable device enabled as
`a mobile POS with an e-token enabled device as a single
`functional card in accordance with one embodiment of the
`present invention;
`FIG. 6D is a flowchart illustrating an exemplary process of
`conducting m-commerce using the portable device enabled as
`a mobile POS against a an e-token enabled device as a multi
`functional card; and
`FIG. 7 is a diagram depicting an exemplary configuration
`in which a portable device used for an e-ticking application.
`
`10
`
`15
`
`30
`
`35
`
`6
`places in the specification are not necessarily all referring to
`the same embodiment, nor are separate or alternative embodi
`ments mutually exclusive of other embodiments. Further, the
`order of blocks in process, flowcharts or functional diagrams
`representing one or more embodiments do not inherently
`indicate any particular order nor imply limitations in the
`invention.
`Embodiments of the present invention are discussed herein
`with reference to FIGS. 1A-7. However, those skilled in the
`art will readily appreciate that the detailed description given
`herein with respect to these figures is for explanatory pur
`poses only as the invention extends beyond these limited
`embodiments.
`Near Field Communication (NFC) presents significant
`business opportunities when used in mobile phones for appli
`cations such as payment, transport ticketing, loyalty, physical
`access control, and other exciting new services. To Support
`this fast evolving business environment, several entities
`including financial institutions, manufactures of various
`NFC-enabled mobile phones and software developers, in
`addition to Mobile Network Operators (MNO), become
`involved in the NFC mobile ecosystem. By nature of their
`individual roles, these players need to communicate with
`each other and exchange messages in a reliable and interop
`erable way.
`Equally important to these entities or players, is the need
`for ongoing security and confidentiality of sensitive applica
`tions and data downloaded to and stored on an NFC enabled
`handset for performing contactless transactions. The compo
`nent in a mobile phone providing the security and confiden
`tiality required to Support various business models in this
`environment, is referred to as a Secure Element (SE).
`FIG. 1A shows a simplified architecture of a computing
`device 100. Unless otherwise explicitly indicated, the term of
`“computing device'. “mobile device' or “handset' will be
`interchangeably used herein, but those skilled in the art will
`understand the description herein shall be equally applicable
`to other devices such as a Smart phone, a tablet, a laptop
`computer, a contactless Smart card and other portable device.
`The mobile device 100 includes a near field communica
`tion (NFC) controller 101 that enables the device 100 to
`interact with another device wirelessly to exchange data with.
`For example, a user may use the mobile device 100 as an
`e-purse or a wallet to pay for a purchase or an admission. In
`operation, the e-purse is controlled by a secure element (SE)
`102. Essentially, the SE 102 enables such a mobile device 100
`to perform financial transaction, transport ticketing, loyalty,
`physical access control, and other exciting new services in a
`secured manner. To offer such services, the SE 102 is config
`ured to Support various applets, applications or modules (only
`two samples 104 and 106 are shown in FIG. 1A). Depending
`on implementation, these modules may be hardware modules
`embedded or inserted thereon, or software modules down
`loadable from one or more servers via a data network.
`When a mobile device is first purchased by or delivered to
`a customer, the SE 102 in the mobile device is installed with
`a set of default keys (e.g., an Issuer Security Domain (ISD)
`key set by the SE manufacturer). Depending on implementa
`tion, the SE 102 may be inform of a smart card, an integrated
`circuit (IC) or a software module upgradable by overwriting
`Some of all of the components therein. In one embodiment,
`the SE 102 is a tamper proof Smart Card chip capable to
`embed Smart card-grade applications (e.g., payment, trans
`port ...) with the required level of security and features. In
`FIG. 1A, the SE 102 embeds or associates with contactless
`and NFC-related applications and is connected to the NFC
`controller 101 to act as the contactless front end.
`
`40
`
`45
`
`DETAILED DESCRIPTION OF THE INVENTION
`
`50
`
`In the following description, numerous specific details are
`set forth to provide a thorough understanding of the present
`invention. The present invention may be practiced without
`these specific details. The description and r