(19) United States
`(12) Patent Application Publication (10) Pub. No.: US 2006/0165060A1
`(43) Pub. Date:
`Jul. 27, 2006
`Dua
`
`US 2006O165060A1
`
`(54) METHOD AND APPARATUS FOR
`MANAGING CREDENTIALS THROUGH A
`WIRELESS NETWORK
`
`(76) Inventor: Robin Dua, Vienna, VA (US)
`Correspondence Address:
`Charles B. Lobsenz
`Roberts, Mlotkowski & Hobbes, PC
`Suite 850
`8270 Greensboro Drive
`McLean, VA 22102 (US)
`(21) Appl. No.:
`11/040,847
`
`(22) Filed:
`
`Jan. 21, 2005
`
`Publication Classification
`
`(51) Int. Cl.
`G06Q 99/00
`H04L 2/66
`H04L 2/56
`
`(2006.01)
`(2006.01)
`(2006.01)
`
`(52) U.S. Cl. ............................. 370/352; 370/389; 705/76
`
`(57)
`
`ABSTRACT
`
`A novel system and methodology for conducting financial
`and other transactions using a wireless device. Credentials
`may be selectively issued by issuers such as credit card
`companies, banks, and merchants to consumers permitting
`the specific consumer to conduct a transaction according to
`the authorization given as reflected by the credential or set
`of credentials. The preferred mechanism for controlling and
`distributing credentials according to the present invention is
`through one or more publicly accessible networks Such as
`the Internet wherein the system design and operating char
`acteristics are in conformance with the standards and other
`specific requirements of the chosen network or set of net
`works. Credentials are ultimately supplied to a handheld
`device such as a mobile telephone via a wireless network.
`The user holding the credential may then use the handheld
`device to conduct the authorized transaction or set of trans
`actions via, for example, a short range wireless link with a
`point-of-sale terminal.
`
`
`
`
`
`
`
`
`
`Wireless Device
`(with wallet application)
`
`IPR2022-00413
`Apple EX1004 Page 1
`
`

`

`Patent Application Publication Jul. 27, 2006 Sheet 1 of 9
`
`US 2006/01 65060A1
`
`Wireless Ceteria
`Mara
`
`Wireless evice
`
`200
`
`Carries:
`Tower
`
`
`
`
`
`-e - - - - - - - s
`----->
`Credicard
`personalization machins
`
`
`
`locatio Serei
`
`-------------
`
`IPR2022-00413
`Apple EX1004 Page 2
`
`

`

`Patent Application Publication Jul. 27, 2006 Sheet 2 of 9
`
`US 2006/01 65060A1
`
`
`
`issuer System
`Request
`
`Validate Phone
`Number
`
`Translate PhOne
`Number
`
`Request NAPTR
`Record
`
`SSUe Credentia
`Via SP/SPS
`ProtoCO
`
`31 O
`
`32O
`
`33O
`
`340
`
`350
`
`FIG. 2
`
`IPR2022-00413
`Apple EX1004 Page 3
`
`

`

`Patent Application Publication Jul. 27, 2006 Sheet 3 of 9
`
`US 2006/01 65060A1
`
`-
`
`40
`
`DNs
`Server
`
`460
`
`Y
`location
`Service
`
`
`
`
`
`Wireless
`Network
`
`FIG. 3
`
`Wireless Device
`(with wallet application)
`
`IPR2022-00413
`Apple EX1004 Page 4
`
`

`

`Patent Application Publication Jul. 27, 2006 Sheet 4 of 9
`
`US 2006/01 65060A1
`
`- Sample Bank Proxy .
`520
`sig, sattiplebank. Cott
`
`. MobileCo Proxy --
`walletinobile.co.com.
`53)
`
`.
`
`.
`
`Sample Bank WCM .
`wcitt. samplebank.cotta
`-
`
`S1
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`Bob's SIF
`Phone
`N
`
`SOO
`
`INITE F1
`IN WITE F2
`--------------- -
`IN WITE F4
`100 Trying F3 --------------- >
`----------------
`100 Trying F5 --------------- X
`K--------------
`180 Ringing F6
`180 Ringing FF K---------------
`180 Ringing F8 <--------------- |
`200 OK F9 |
`K---------------
`2OO OK F10
`<---------------
`200 OK F11
`K---------------
`K---------------
`
`|CK F.12
`------------------------------------------------- >
`Media Session
`| <================================================> |
`BYE Fi3
`| <-------------------------------------------------
`2O OK F.
`------------------------------------------------- -
`
`".
`
`IPR2022-00413
`Apple EX1004 Page 5
`
`

`

`
`
`(0001\qoJAV)(0001?qoJAV)
`
`Patent Application Publication Jul. 27, 2006 Sheet 5 of 9
`
`US 2006/01 65060A1
`
`
`
`Xueq 9IduIeS
`
`INOAA
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1004 Page 6
`
`

`

`Patent Application Publication Jul. 27, 2006 Sheet 6 of 9
`
`US 2006/01 65060A1
`
`
`
`Wallet Buttol
`/
`
`Wallet Buttoil
`
`FIG. 6(b)
`
`IPR2022-00413
`Apple EX1004 Page 7
`
`

`

`Patent Application Publication Jul. 27, 2006 Sheet 7 of 9
`
`US 2006/01 65060A1
`
`
`
`--- Credit
`
`IPR2022-00413
`Apple EX1004 Page 8
`
`

`

`Patent Application Publication Jul. 27, 2006 Sheet 8 of 9
`
`US 2006/01 65060A1
`
`
`
`
`
`Wireless, evice
`
`:
`
`Cornfurication
`carer
`
`Mobile operator
`regrk SP
`infrastructure
`
`88O
`
`870
`
`
`
`CD- w aw we arw w. v. ix.
`
`issuer Gateway
`Procol
`Covere
`
`{
`
`:
`
`Egge w
`rates
`
`eso-Scoring . . .
`
`Cst
`Production
`
`aaar
`
`Wireless Crederitial L. sister NS
`Manager
`Sever
`
`810
`
`890
`
`850
`
`Payment
`
`
`
`- issuer Card Management System
`
`Reports
`
`s
`
`Skaterrerts
`Letters
`
`Fratrsk
`
`Management
`
`---
`
`830
`
`IPR2022-00413
`Apple EX1004 Page 9
`
`

`

`Patent Application Publication Jul. 27, 2006 Sheet 9 of 9
`
`US 2006/01 65060A1
`
`
`
`PIN Approval Request
`
`Merchant:
`
`Giant Grocery - Fairfax, WA
`
`DateTime:
`
`Nov 12, 2004 Ol:30 PM
`
`Total:
`
`S99.20
`
`Payment Method: Sample Bank Master XXXX005
`
`Authorization Code: 328.123445
`
`Enter PIN to approve transaction:
`
`XXXX
`
`FIG. 9
`
`IPR2022-00413
`Apple EX1004 Page 10
`
`

`

`US 2006/01 65060A1
`
`Jul. 27, 2006
`
`METHOD AND APPARATUS FOR MANAGING
`CREDENTALS THROUGH A WIRELESS
`NETWORK
`
`BACKGROUND
`0001) 1. Field of the Invention
`0002 The present invention relates generally to systems
`and methodologies for conducting electronic commerce and
`more particularly to systems and methodologies for issuing,
`managing, storing and using credentials authorizing the
`legitimate holder of Such a credential to accomplish a
`desired result.
`
`BACKGROUND OF THE INVENTION
`0003. According to current practices, consumers typi
`cally carry multiple single-purpose cards, tags, passes, and
`tokens which allow them to identify themselves to or present
`account information to retailers, service providers, financial
`institutions, government agencies, and other organizations.
`These single-purpose devices may contain combinations of
`encoded personal, account, and/or security information in
`order to identify a user and to authorize the user to conduct
`a particular transaction. Data on these devices may be
`encoded on a variety of media types such as magnetic
`stripes, bar codes, chips, and/or embossed or printed data.
`The creation of standards for many encoding formats has
`contributed to the proliferation of certain card and device
`types.
`0004 For example, data may be encoded on magnetic
`stripe cards using a proprietary methodology or by employ
`ing an “open' or 'standard’ encoding pattern. Magnetic
`stripe cards have been embraced by financial institutions,
`merchants, and consumers ever since standards for Such
`cards were adopted by the industry in the 1970s. A magnetic
`stripe is encoded with bit patterns, which correspond to three
`tracks of ASCII characters. Credit cards and other bank
`cards typically use only tracks 1 and 2. Track 3 is a
`read/write track, but its usage is not standardized among
`financial institutions and is seldom used. The majority of
`magnetic cards in circulation conform to International Stan
`dards Organization (ISO) standards for magnetic cards.
`0005 Magnetic stripe technology is widely used through
`out the world and remains the dominant technology in the
`United States for transaction processing and access control.
`One drawback associated with magnetic stripe technology is
`the limited amount of information that it can hold. Other
`technologies such as bar code and Smart chip cards are also
`widely used in large part because they can hold more
`information than magnetic stripe cards.
`0006 Another drawback of magnetic stripe technology is
`that it provides little in the way of card authentication. The
`data on the stripe can be easily read by a card reader and
`potentially "skimmed' and then copied onto a fraudulent
`card. Because of the static nature of the magnetic stripe,
`bank issuers are notable to distinguish card data originating
`from a genuine card from card data read from a copied
`(cloned) card during an “online' authorization.
`0007 Smart cards provide a distinct advantage in that
`they offer the ability to provide authentication in connection
`with a transaction. Card authentication can be performed by
`the reader terminal and/or the issuer's systems using
`
`dynamic techniques that distinguish genuine cards from
`clones. A Smart card generally includes an embedded semi
`conductor device which is programmed before issue with the
`account holders information. This data is protected through
`secure encryption methods, making it difficult to fraudu
`lently replicate a Smart card. The integrated circuits within
`Smart cards in general have continued to improve with
`miniaturization, low power requirements, the addition of
`strong encryption capability, and tamper-proof standards for
`crypto-processor chips
`0008. There are three general categories of smart cards:
`contact, contactless, and hybrid Smart cards. A contact Smart
`card requires that the user insert the Smart card into a Smart
`card reader with a direct connection to a conductive micro
`module on the surface of the card. It is via these physical
`contact points, that transmission of commands, data, and
`card status takes place.
`0009. A contactless Smart card requires only close prox
`imity to a reader. Both the reader and the card have antennas
`and it is via this contactless link that the two communicate
`via radio frequency (RF) when in close proximity. Most
`contactless cards typically receive power for on-card elec
`tronic functions via this electromagnetic signal. The range is
`typically two to three inches for non-battery powered cards,
`and this is ideal for applications such as mass transit which
`requires a very fast card interface.
`0010. The third category of smart cards is known as
`hybrid Smart cards. These cards typically have a dual
`interface enabling both contact and contactless communica
`tion with the cards chip.
`0011. As stated, RF communication is used in connection
`with both contactless and hybrid Smart cards. RF and Radio
`Frequency Identification (RFID) technologies come in a
`variety of forms, each of which may be tailored for use in
`different types of environments. These technologies differ
`in, for example, the frequency bands they employ, which in
`turn influences the rate of data transfer between the tag and
`reader. Consequently, different data transfer rate require
`ments influence the types of solutions that RFID services
`can and should be expected to provide. RFID technology is
`typically used for POS payments, electronic toll collection,
`access control, and numerous other applications.
`0012 Contactless applications are particularly attractive
`to the retail payments segment where speed, convenience,
`and security are essential. Contactless payment systems are
`used successfully around the globe and offer a number of
`advantages to issuers, retailers, and consumers. Contactless
`payments allow issuers to penetrate the cash payment mar
`ket, enjoy increased customer transaction volume, reduce
`fraud, and utilize the existing transaction processing infra
`structure. Retailers realize benefits due to improved opera
`tional efficiency and lower operating costs. Consumers
`enjoy the convenience of faster transaction times and the
`ability to integrate multiple payment and loyalty accounts on
`one device.
`0013 American Express, MasterCard, and Visa have
`agreed on a single contactless payment standard in the
`United States, ISO/IEC 14443, and are implementing a
`contactless payment approach that leverages the existing
`payments infrastructure. As a result, merchants can easily
`add a contactless RF reader to their existing POS systems
`
`IPR2022-00413
`Apple EX1004 Page 11
`
`

`

`US 2006/01 65060A1
`
`Jul. 27, 2006
`
`and immediately begin accepting contactless payment. Mas
`terCard and Visa have also been working jointly over the last
`few years to develop specifications that define a set of
`requirements for security and interoperability between chip
`cards and terminals on a global basis, regardless of the
`manufacturer, the financial institution, or where the card is
`used.
`0014. As a result of the increased move towards stan
`dardization, improving technology and more demanding
`security and authorization requirements, Smart cards are
`slowly replacing the magnetic stripe card as the dominant
`technology for conducting financial transactions. The
`enhanced ability of smart cards to secure confidential infor
`mation and the ability of POS systems to authenticate the
`chip cards makes them an attractive alternative to magnetic
`stripe cards. Also, the reduction of fraudulent transactions
`achieved by smart cards results in lower risk, and lower fees
`for the consumer and the merchant.
`0015. Another important trend in consumer-related elec
`tronics is the increased speed and the reduced size of
`available electronic components which has contributed to
`the proliferation of powerful wireless devices. Mobile
`devices including personal digital assistants (PDAs) and
`cellular phones now number over one billion worldwide.
`The capability of wireless devices has been augmented by
`their ability to connect to the Internet and also to exchange
`data over short ranges with other wireless devices or readers.
`0016 Common short-range communications network
`standards defined by the International Electrical and Elec
`tronic Engineers association (IEEE) include 802.11a,
`802.11b, and 802.11g. Many mobile devices employ these
`IEEE network standards to establish wireless LAN (WLAN)
`connectivity. Various other short-range technologies cur
`rently in use for device-to-device communication include
`Bluetooth and infra-red. One major short-range infra-red
`(IR) communications network protocol is defined by the
`Infra-red Device Association (IrDA), and is known as the
`IrDA standard. Wireless devices with integrated RFID prox
`imity chips or Near Field Communication (NFC) technology
`may also provide users the ability to transfer information to
`a reader device.
`0017 With reference to the aforementioned fraud con
`cerns as well as the general inconvenience of having to carry
`a large number of cards, tags and tokens, it would be
`beneficial to be able to conduct consumer and other financial
`transactions in a different manner. Although a completely
`cashless society is unlikely at least for the foreseeable future,
`it would be desirable to provide consumers with the ability
`to conduct more transactions without the need for cash.
`0018. The short-range data transmission capability of
`wireless devices, coupled with electronic wallet software
`operating on the devices, could allow users to carry out
`various transactions using a personal trusted device (PTD)
`that is loaded with the user's payment, identification, and/or
`other credentials. Unfortunately, there remain various
`obstacles to solutions using PTDs or other portable devices
`for conducting financial transactions. One primary hurdle to
`the broad-based deployment of such a solution is the diffi
`culty in providing for the convenient, efficient, and secure
`distribution of credentials into wireless devices such that
`only those authorized to conduct the transactions may do so
`and only to the extent of their authorization.
`
`0019 Various possible solutions present a variety of
`drawbacks. Allowing the user to manually enter his or her
`personal information or account data that was previously
`stored on magnetic stripe, bar code, or chip cards directly
`into the wireless device leaves open the possibility that the
`data could be lost or used by an unauthorized party to make
`fraudulent transactions. Banks and other organizations in
`turn are reluctant to allow manual importation of sensitive
`information into wireless devices, owing primarily to Secu
`rity risks. Accordingly, there is a need for a solution which
`provides for the secure importation of financial and other
`personal information into wireless devices.
`0020 Since there is such a large number of credential
`issuers, mobile operators, and wireless end-users world
`wide, there is also a need for a credential issuance and
`management system that is readily accessible by Such a
`broad and diverse set of users. There is also a need for a
`system and method through which credential issuers can
`securely and rapidly target specific wireless devices for the
`distribution of the appropriate credentials over public and
`private networks.
`
`SUMMARY OF THE INVENTION
`0021. It is therefore a primary object of the present
`invention to provide a system and methodology which
`improves upon prior art systems and methodologies and
`their related drawbacks as described above.
`0022.
`It is another object of the present invention to
`provide for the convenient, efficient, and secure distribution
`of credentials into wireless devices such that only those
`authorized to conduct the transactions may do so and only to
`the extent of their authorization.
`0023. It is a still further object of the present invention to
`provide for the secure importation of financial and other
`personal information into wireless devices.
`0024. It is a yet further object of the present invention to
`provide a system and method through which credential
`issuers can securely and rapidly target specific wireless
`devices for the distribution of the appropriate credentials.
`0025. It is an even further object of the present invention
`to provide an overall system and processing methodology
`through which financial transactions can be conducted in a
`secure context without the need for credit cards, tags, tokens
`or other physical embodiments of currency or the authority
`to conduct a transaction.
`0026. These and other objects of the present invention are
`obtained through the use of a novel system and methodology
`for conducting financial and other transactions requiring
`authorization. According to the methodology of the present
`invention, credentials may be selectively issued by issuers
`Such as credit card companies, banks, and merchants to
`consumers permitting the specific consumer to conduct a
`transaction according to the authorization given as reflected
`by the credential or set of credentials. The preferred mecha
`nism for controlling and distributing credentials according to
`the present invention is through one or more publicly
`accessible networks such as the Internet wherein the system
`design and operating characteristics are in conformance with
`the standards and other specific requirements of the chosen
`network or set of networks. According to a preferred
`embodiment of the invention, credentials are ultimately
`
`IPR2022-00413
`Apple EX1004 Page 12
`
`

`

`US 2006/01 65060A1
`
`Jul. 27, 2006
`
`supplied to a handheld device such as a mobile telephone via
`a wireless network. The user holding the credential may then
`use the handheld device to conduct the authorized transac
`tion or set of transactions via, for example, a short range
`wireless link with a point-of-sale (POS) terminal.
`0027. These and other advantages and features of the
`present invention are described herein with specificity So as
`to make the present invention understandable to one of
`ordinary skill in the art.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`0028 FIG. 1 is a overall view of the components of the
`present system and their relationship to one another accord
`ing to a preferred embodiment of the present invention;
`0029 FIG. 2 is a flowchart illustrating the steps in the
`process for issuing a credential according to a preferred
`embodiment of the present invention:
`0030 FIG. 3 illustrates some of the SIP components,
`their relationship to one another and the protocols that are
`employed in a preferred embodiment of the present inven
`tion;
`FIG. 4 is an illustration of a typical SIP message
`0031
`exchange between a credential issuer and a fictitious mobile
`user,
`0032 FIG. 5 is a block diagram illustrating the steps in
`the SIP registration process of a wireless device according to
`a preferred embodiment of the present invention;
`0033 FIGS. 6(a) and 6(b) are graphical representations
`showing examples of where a “wallet button” might be
`situated on a wireless device according to a preferred
`embodiment of the present invention:
`0034 FIGS. 7(a) and 7(b) are graphical representations
`showing examples of where “hot buttons’ might be situated
`on a wireless device according to a preferred embodiment of
`the present invention;
`0035 FIG. 8 is a diagram illustrating the over-the-air
`PIN verification scheme of the present invention; and
`0036 FIG. 9 is an example screen shot of a PIN
`Approval Request displayed by the wallet application
`according to a preferred embodiment of the present inven
`tion.
`
`DETAILED DESCRIPTION OF THE
`INVENTION
`0037. The present invention for transaction processing
`and related credential management and distribution is now
`described in specific terms sufficient to teach one of skill in
`the practice the invention herein. In the description that
`follows, numerous specific details are set forth by way of
`example for the purposes of explanation and in furtherance
`of teaching one of skill in the art to practice the invention.
`It will, however, be understood that the invention is not
`limited to the specific embodiments disclosed and discussed
`herein and that the invention can be practiced without such
`specific details and/or substitutes therefor. The present
`invention is limited only by the appended claims and may
`include various other embodiments which are not particu
`larly described herein but which remain within the scope and
`spirit of the present invention.
`
`0038 A general discussion of the present invention is
`now provided and is thereafter followed by a detailed
`description of each of the components and functions of the
`invention according to specific preferred embodiments.
`FIG. 1 is an overall system diagram illustrating some of the
`key components of the credential distribution system of the
`present invention in a preferred embodiment thereof. The
`ultimate goal of the present invention is to securely, accu
`rately and rapidly distribute credentials to the proper wire
`less devices based upon the actions of credential issuers. It
`is also important that these credential issuers have the ability
`to securely, accurately and rapidly update credentials as
`required. In furtherance of this, wireless credential manager
`110 of the present invention functions to manage, distribute
`and update credentials so that they are contained as desired
`in a wallet Software application running on wireless device
`200. A set of components 100 collectively comprise a
`Subsystem capable of, among other things, causing the
`issuance of a credential to wireless device 200 according to
`the teachings of the present invention.
`0039. Although FIG. 1 shows only a single wireless
`device 200 it will be readily understood that in deploying the
`present invention, credential issuers obtain the ability to
`selectively control credentials held by a practically unlim
`ited number of wireless devices. The teachings of the present
`invention illustrate techniques for ensuring that the proper
`credentials are made available only to the proper wireless
`device or set of wireless devices. Various addressing and
`other techniques are used in the present invention to ensure
`secure control over the distribution of credentials to the
`wireless devices.
`0040. In a preferred embodiment of the present invention,
`distribution of credentials is made via a transmission initi
`ated by Issuer Cardholder System 120 to Wireless Credential
`Manager 110 which causes the credential or set of creden
`tials to be transmitted to wireless device 200 via the Internet
`and/or one or more alternative public or private networks.
`Based upon the specific addressing schemes employed
`herein, the credential may then ultimately make its way to
`the targeted wireless device via an over-the-air wireless link.
`0041 As stated above, the present invention preferably
`involves the distribution of credentials to a “wireless
`device'. As used herein, wireless device 200 is preferably a
`device that is capable of wirelessly connecting to the Inter
`net using network protocols such as GSM/GPRS,
`CDMA2000, W-CDMA, EDGE, HDR, 1xRTT, UMTS,
`IMT-2000, 802.11a, 802.11b, 802.11g, or BLUETOOTH or
`other relevant protocols developed hereinafter. Preferably,
`wireless device 200 has a display screen and a key pad for
`alphanumeric and special character data input. It is further
`preferred that wireless device 200 has processing and secure
`storage capabilities allowing it to host and operate a wallet
`application capable of receiving, storing, managing and
`transmitting multiple payment, identification, and other con
`fidential information electronically. Wireless device 200 also
`preferably has an integrated short-range communication
`capability for transmitting confidential information and
`exchanging other data between the wallet application and an
`external reader that is in proximity to the wireless device.
`0.042
`Wireless device 200 further preferably is of a type
`that has an assigned E. 164 phone number, Uniform
`Resource Identifier (URI), or other type of unique address
`
`IPR2022-00413
`Apple EX1004 Page 13
`
`

`

`US 2006/01 65060A1
`
`Jul. 27, 2006
`
`that can be resolved over the Internet. In a preferred embodi
`ment, wireless device 200 also has a Session Initiation
`Protocol (SIP) Application Programming Interface (API)
`framework embedded in or running on top of a resident
`operating system, which allows for multiple SIP-based
`applications, such as the wallet application discussed herein,
`to function. The wallet application may also rely on its own
`SIP architecture, alleviating the need for a SIP API frame
`work that could be used by multiple SIP applications.
`0043 Wireless Credential Manager (WCM) 110 main
`tains, controls and distributes credentials in accordance with
`the teachings herein. In a preferred embodiment, WCM 110
`is able to interface with a payment, identification, and/or
`other existing user management or card management sys
`tems such as issuer cardholder system 120. An issuer rep
`resentative may interface with issuer cardholder system 120
`through the use of customer care terminal 150. The process
`for issuing a credential according to the present invention
`may be initiated manually by an issuer representative via
`terminal 150. Alternatively, the customer himself may ini
`tiate the process through interactive voice response (IVR)
`system 160 by calling in through wireline phone 165 via
`PSTN network 170.
`0044) Other alternatives for initiating the process include
`the use of computer via the requesting party's ISP 178, the
`Internet 180 and through the issuer's web server 182 to
`issuer cardholder system 120. Still another alternative for
`initiating the credential issuing process is through wireless
`device 200 via mobile operator network 155, SIP proxy 157,
`Internet 180 and issuers web server 182. The wireless
`device used to initiate the credential issuance process may
`be either the device to receive the credential or another
`wireless device.
`0045. The bottom of FIG. 1 including a credit card
`personalization machine, a credit card and an envelope
`indicates that in connection with the delivery of a wireless
`device credential according to the teachings of the present
`invention, it is also possible to deliver a conventional credit
`card or other physical form of the credential for use by the
`CuStOmer.
`0046) WCM 110 provides for the secure Internet delivery
`of electronic credentials to wireless device 200 which is
`loaded with a wallet application. WCM 110 provides a
`secure and robust means of issuing, canceling, and manag
`ing electronic credentials on wireless devices via the Inter
`net. WCM 110 leverages existing Internet protocols and
`technologies, making it easy for issuers to integrate with
`their existing systems, and alleviating the need to establish
`direct links with multiple mobile operators.
`0047 E. 164 is the name of the international telephone
`numbering plan administered by the International Telecom
`munication Union (ITU), which specifies the format, struc
`ture, and administrative hierarchy of telephone numbers.
`“E.164” refers to the ITU document that describes the
`structure of telephone numbers. The ITU issues country
`codes to sovereign nations, but administration of telephone
`numbers within each country is governed by that country's
`telecommunications regulatory agency. A fully qualified
`E.164 number is designated by a country code, an area or
`city code, and a phone number. For example, a fully quali
`fied, E. 164 number for the phone number 555-1234 in
`Washington, D.C. (area code 202) in the United States
`(country code 1) would be +1-202-555-1234.
`
`0048. According to the teachings of the present inven
`tion, an E. 164 phone number is used to target a user's wallet
`application on Internet-enabled wireless device 200 for the
`delivery of credentials and confidential data, including but
`not limited to credit card, debit card, ATM card, loyalty card,
`driver's license, electronic ticket, coupons and other infor
`mation. In addition, an E. 164 phone number is used accord
`ing to the present invention to target a user's wallet appli
`cation residing on wireless device 200 for the remote
`cancellation or updating of credentials. Also, E.164 phone
`numbers may be used as described herein to make person
`to-person, person-to-company, or company-to-company
`electronic payments or fund transfers using wireless device
`200. Although a preferred embodiment, this invention is not
`necessarily limited to the use of E.164 phone numbers.
`Rather, the use of URIs and other address types that are
`capable of being translated to an Internet address is also
`possible for the purposes mentioned above.
`0049. In a preferred embodiment, WCM 110 of the
`present invention uses the Electronic Numbering (ENUM)
`protocol to resolve a fully qualified E. 164 telephone number
`for the particular wireless device 200 (with a loaded wallet
`application) to a fully qualified domain name address cor
`responding to the same device using a DNS-based architec
`ture. ENUM (E.164 Number Mapping, RFC 3761) is a
`system that uses DNS (Domain Name Service, RFC 1034)
`in order to translate certain telephone numbers, like
`+12025551234, into URIs (Uniform Resource Identifiers,
`RFC 2396) like "sip:user(a).sipcarrier.com. ENUM exists
`primarily to facilitate the interconnection of systems that
`rely on telephone numbers with those that use URIs to route
`transactions. E. 164 is the ITU-T standard international num
`bering plan, under which all globally reachable telephone
`numbers are organized.
`0050. The use of ENUM presupposes the collection of
`these records into a central or hierarchical service. Accord
`ing to a preferred embodiment, the resolved Internet address
`is used to establish secure real-time communication between
`WCM 110 and the wallet application on wireless device 200
`using the Session Initiation Protocol (SIP) (for example,
`according to the RFC 3261 standard) to transfer encrypted
`credentials. The issuer WCM 110 may also be used to update
`credentials or update the status of credentials on wireless
`device 200. WCM 110 may also be used to authenticate a
`mobile user's identity in real-time during a transaction.
`While the use of SIP for such purposes is preferred, alter
`native application protocols may be used in lieu of SIP while
`still remaining within the spirit and scope of the present
`invention.
`0051. The use of SIP for transmitting and managing
`credentials on wireless device 200 is preferred as mobile
`operators and fixed line operators are moving towards a
`SIP-based architecture for voice and other multimedia ser
`vices. It is envisioned that the use of SIP for communication
`between a credential issuer and a wallet application resident
`on wireless device 200 could leverage the same SIP regis
`trar, proxy, and presence servers used to deliver real-time
`interactive converged communication services within a
`mobile operator's network.
`0.052 According to a preferred embodiment, ENUM is
`used as follows. The E. 164 number is first converted into a
`query in the e164.arpa domain. The domain "e164.arpa' is
`
`IPR2022-00413
`Apple EX1004 Page 14
`
`

`

`US 2006/01 65060A1
`
`Jul. 27, 2006
`
`being populated in order to provide the infrastructure in
`DNS for storage of E. 164 numbers. In order to facilitate
`distributed operations, this domain is divided into sub
`domains. The resultant set of serv