`Koh et al.
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 9.240,009 B2
`Jan. 19, 2016
`
`USOO9240009B2
`
`(54) MOBILE DEVICES FOR COMMERCE OVER
`UNSECURED NETWORKS
`
`(75) Inventors: Liang Seng Koh, Fremont, CA (US);
`Hsin Pan, Fremont, CA (US);
`Xiangzhen Xie, Guangdong (CN)
`(73) Assignees: Rich House Global Technology Ltd.,
`Shenzhen (CN); RFCyber Corp.,
`Fremont, CA (US)
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 227 days.
`Appl. No.: 13/350,835
`
`(*)
`
`Notice:
`
`(21)
`(22)
`(65)
`
`Filed:
`
`Jan. 16, 2012
`
`Prior Publication Data
`US 2012/013O839 A1
`May 24, 2012
`Related U.S. Application Data
`(63) Continuation-in-part of application No. 1 1/534,653,
`filed on Sep. 24, 2006, now Pat. No. 8,118,218, and a
`continuation-in-part of application No. 1 1/739,044,
`filed on Apr. 23, 2007.
`
`(51)
`
`(52)
`
`(2012.01)
`(2012.01)
`(2012.01)
`(2012.01)
`
`Int. C.
`G06O20/00
`G06O20/34
`G06O20/36
`G06O 30/06
`U.S. C.
`CPC .......... G06O20/3552 (2013.01); G06O20/352
`(2013.01); G06O20/3672 (2013.01); G06Q
`30/0601 (2013.01)
`
`Processor
`O5
`
`Secured
`memory 107
`
`Og
`Card
`interface
`
`Applet
`
`4.
`
`E-Purse
`Application
`106
`
`Secure Element
`
`NFC controller
`1.
`
`Network interface
`O3
`
`(58) Field of Classification Search
`CPC ..... G06F 21/34; G07F 7/1008; G06Q 20/341;
`G06Q 20/3674; G06Q 20/382: G06Q 20/20;
`G06Q 20/32: G06Q 20/367; G06Q 20/3672
`USPC .................................. 235/379,380, 451, 492
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5/2014 Tompkins .............. G06Q 20/12
`8,725,632 B2 *
`705/39
`2004/00399 19 A1* 2/2004 Takayama et al. ............ T13, 18O
`2005/0187873 A1* 8, 2005 Labrou et al. ................... TO5/40
`2006, O168355 A1* 7, 2006 Shenfield et al. ..
`TO9,250
`2007/O125838 A1* 6, 2007 Law et al. ..............
`... 235,379
`2008/0006685 A1* 1/2008 Rackley, III et al.
`235/379
`2009 OO69051 A1* 3, 2009 Jain et al. .......
`... 455,558
`2010/029 1904 A1* 11/2010 Musfeldt et al. ........... 455,414.1
`* cited by examiner
`Primary Examiner — Christopher Stanford
`(74) Attorney, Agent, or Firm — Joe Zheng
`
`ABSTRACT
`(57)
`Techniques for managing modules or applications installed in
`a mobile device are described. To provide authentic and
`secured transactions with another device, each of the installed
`applications is provisioned with a server through data com
`munication capability in a mobile device. A provisioned
`application is associated with the personalized secure ele
`ment in the mobile device and works with a set of keys that are
`generated in accordance with a set of keys from the person
`alized secure element. Further management of controlling an
`installed application is also described.
`17 Claims, 25 Drawing Sheets
`
`
`
`
`
`2
`
`genuine device?
`
`110
`
`Communicate with a dedicated server (e.g., a TSM) - 4.
`
`Register NFC device with server --- 116
`
`x
`
`122
`
`y
`Request SE-related information from device - 18
`
`Z
`Contact SE manufacture
`get updated device info
`
`Yes
`
`20
`
`Update default
`information?
`-
`No.
`w
`Store the retrieved device info in database --- 124
`
`Generate keys based on the device information - 26
`
`Put the generated key set into the SE ----- 28
`
`Synchronize the keys and device information
`with the SE issuer
`
`--- 30
`
`EN
`
`IPR2022-00413
`Apple EX1001 Page 1
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 1 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`
`
`esind-3
`
`901
`
`uoneajddy
`
`
`
`JUSWS]>jaiNdaS
`
`JOSS9001q
`60==psegpounses
`
`eoeelulZo,AsowewSOL
`BORLSJU!YIOMION49|JO4JUODDAN
`
`
`colLOL
`
`ViOld
`
`IPR2022-00413
`Apple EX1001 Page 2
`
`IPR2022-00413
`Apple EX1001 Page 2
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 2 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`OLL
`
`
`
` Z901Aapsuinueb~LYVLS
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`LLJOAIOSUUMSdIASPO4NJaysiboy
`
`
`
`pil(WS
`
`
`
`
`
`je“B'9)Jaasespayesipap&YIMayeoIUNWLUOD
`
`
`
`
`
`
`
`QLLSOIASPWO)UONBLUOJU!PeTBjel-ySisenbey
`
`Gb‘Old
`
`OL
`
`ZUOHEWIOLUT
`
`
`OjUlSOIASPpeyepdn336
`
`
`
`
`
`vat
`
`
`9Zi3Sau]o1u!jasAeypeyesouab
`
`
`
`
` au)IngtOZ}—~tUONBWUOJUISoIAaPoy]UOpasegshayo}B18UED| fOSEQEIEPUlOJUI
`
`
`SOIASPPOASIIO!OU}B101S
`
`
`
`
`
`
`
`OfLUOEWUOJUIBDIASPpueshayouiSZIUOIYOUAS
`
`
`
`GNE
`aNa
`
`JONSS]FSOU}YIM
`
`IPR2022-00413
`Apple EX1001 Page 3
`
`
`ynejepayepdy
`SOA
`saunjoejnuewAsjyoeye57col
`
`IPR2022-00413
`Apple EX1001 Page 3
`
`
`
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 3 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`heeasec
`
`Seamte:
`
`
`
`
`
`
`
`ejepdrGSIynejeq10}yoeouddyyojegsullyo
`
`
`
`g720IspeeJdADEPYys)
`
`SEVQROPOF
`
`
`Srnnenreeinriene5
`**********, …....
`
`
`
`
`
`
`LUESASJAS)WEEPWSLSAARURS3S
`
`
`
`
`
`
`
`9L‘SJajepdyqs]ynejeq40)yoeoiddyyoyegauluO
`
`
`
`POSpineWiAIDepJAE
`
`aSeqelepOn
`
`
`
`
`
`HISASWSLJOANIEPMU3S
`
`IANSLBISGSTuneepogiody
`
`
`
`eetnettingpeqodEAR
`(~~~~………………). 3333333*{&&
`
`*******~~~~~……….....
`
`
`mannAroneneeenie
`
`
`IPR2022-00413
`Apple EX1001 Page 4
`
`IPR2022-00413
`Apple EX1001 Page 4
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 4 of 25
`
`US 9.240,009 B2
`
`&ssssssssssssss
`
`·········---···---····---···---······?{
`
`***&&&&&&
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 5
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 5 Of 25
`
`US 9.240,009 B2
`
`?sund-3
`
`JeßueW
`
`se s?ový
`
`??eº)
`
`?.
`
`J?d?ay!
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 6
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 6 of 25
`
`US 9.240,009 B2
`
`00Z
`
`
`
`
`
`....***saoge redo
`
`***)
`***,
`
`*** &
`
`****...
`
`IPR2022-00413
`Apple EX1001 Page 7
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 7 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`
`
`vee
`
`9”E
`
`
`
`peuacisiaoidBuieg
`
`ove
`
`Ove
`
`ON
`
`dss|eysu|
`
`8%
`
`“
`
`ass
`
`epayjeysul
`
`
`
`Sax
`
`ve?
`
`0&2
`
`Cpezyeuosied
`
`9E?%
`
`SOX
`
`ON
`ON
`
`$!dS$1
`
`pajeioosse
`
`Eddyauljm
`
`7740Japiaoiduoneajddeay)AON
`
`
`
`
`
`UUMuOHeoNddesuyjosmieyssuy
`
`
`GSSpajfeysulBuisn4geu)YM
`uoyeojddeaujojeyepasedal,
`
`
`
`
`BOIASPOIGOWpalnuop!ou}
`
`jouueUopeinoeseYysiqeysy
`
`922|NS]e“6'3)payeoipapeBUTMJaAs90S
`Bec_Ab‘OldsOOL0}0D
`
`
`CjUIM}}PuesPUROjUlSOIASpPsAdUIayYole
`
`
`J@AJ8SBu}0}UONeORddeau)BusAyQuapl
`
`jaUUBYSUONBOIUNWLUOSeBYsgej|sa
`GS]paaepBuisn4gey)yim
`
`
`j@UUBUOpainoaseBYsiqeisy
`Jenssiau}AynueJasna4}JapUiLUdJJO
`SEYASSu}JON
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`OZZ
`O02?
`
`VEC
`
`LYVLsS
`
`ZUOISIAOIdYes
`
`
`
`
`
`déDd
`
`IPR2022-00413
`Apple EX1001 Page 8
`
`IPR2022-00413
`Apple EX1001 Page 8
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`Sheet 8 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`ABRIADASMESaenSS]03'SHBUESWAISTBAST]BLQOIAx
`
`
`
`
`
`92‘Old
`
`AynyssazonsaseleanorAnon| ibsRacise
`
`pbiayyasHeyGee's:
`
`GSSPr
`
`~anuyuays
`
`
`
` OSC
`
`
`
`‘bayDeOSIAGarinl
`
`
`
`rdehypeopmorry;
`
`IPR2022-00413
`Apple EX1001 Page 9
`
`IPR2022-00413
`Apple EX1001 Page 9
`
`
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 9 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`GG¢c
`
`dé
`‘Old
`
`
`
`
`
`SORIGGJapmorgsavediidenungeidasgeedcidig
`
`
`
`
`pogesaed)JayadeygLdi
`
`
`LatelyMiepwcieeneanssagt
`
` DeyBeeuonexesoRmesfy
`
`
`
` 3eceeegeimseaagel|:HORReaeeryeePt:itannaeaele'ateainaaeteaeeneieaeaaeasieaeeasaweaesiy:“GharaaeedaseyHidyeissispureasei|/Sleeeneeeeenenneneneenenneneena!
`
`SEDuUoHeseUTsbEaayEI
`
`Senaycpa?(||Bag
`
`
`
`
`
`
`
`
`
`
`
`DERMOT|
`
`IPR2022-00413
`Apple EX1001 Page 10
`
`IPR2022-00413
`Apple EX1001 Page 10
`
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 10 of 25
`
`US 9.240,009 B2
`
`E12
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 11
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 11 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`082
`082
`
`
`
`JUBSLUUOUIAUQpesojpuy
`
`ueul(uoHeyodsuely
`
`
`
`JOSA0}S‘'B'9)
`
`
`
`BdIBLULUODpaseq-puey
`
`JO}syempuepyyBunsixy
`
`
`juebyqe
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`v6Zquo
`
`esind-9
`
`UNOS
`
`
`
`MJOMION}ueWwAe
`
`
`
`06¢SIBAIBSPue
`
`déOld
`
`aIQeHod
`
`
`
`
`
`SIBLBJU|SSOPORIUOD|—-ggz
`
`yeuonoun.ajBuis
`
`puegyeug
`
`
`
`jO90}01gPued
`
`:{O00}0ld
`
`Joyeynuy
`
`yingyajddy
`
`YUMddua
`
`asund-s
`
`802
`
`9gzpiomssed40}SSsoo0oy
`
`9Sund-9
`
`
`
`
`
`96zJopeayssajoeju0D
`
`BSOISUILUOD-3
`
`SOJSWILUOO-U
`
`IPR2022-00413
`Apple EX1001 Page 12
`
`IPR2022-00413
`Apple EX1001 Page 12
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 12 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`VeSl
`
`
`
`CLEjajddy
`
`osund-9
`
`Joyeinuy
`
`SSafjoe|Uuoy
`
`Jepeey
`
`OLE
`
`IPR2022-00413
`Apple EX1001 Page 13
`
`LLE
`
`
`
`JeBeueyypied
`
`Beeeeeneeeeeeeeeeeeeeeee
`
`Bunsixy
`
`VS
`
`UONEZHPUOSIOd
`
`uoneoiddy
`
`ZOEJBAIOS
`
`esind-8MeN
`
`90EWVS
`
`Z09
`COE
`JQULOSIBg
`
`pazuouiny
`
`© o
`
`O
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 13
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 13 Of 25
`
`US 9.240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`809
`
`909
`esund-e MeN
`
`
`
`?, ? 9
`
`uefieue W pueO
`
`ZZ9
`
`IPR2022-00413
`Apple EX1001 Page 14
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 14 of 25
`
`US 9,240,009 B2
`
`
`
`zs¢uoHezieuosuadayeniuy
`
`pieoou}WoyG|Se]eyopeay
`
`9SEe
`
`
`
`jouueysANoeseBUSIqeise0}ureLUOpAjundesUOHeONddeesp
`
`
`
`
`
`
`
`
`
`BOIAVPSy}Uljajddeosund-ouepuewysosund-omauueUsEeMjOg
`
`
`
`
`
`
`
`@dIAapBy)Ulyajdde
`
`
`
`
`
`esund-auepueBeWYSasund-ameuay]usenjagsuidpueshayUOWeIedoesund-aaj}e19Ua5
`
`
`
`oosjauueyoAyndeseYUSIqeise0}ulewopAjunoeasuoneayddeesn
`
`
`
`
`
`
`
`vor|Se}ou}pueWsSunsixsueBIAspiomssed4\\ajes9uag
`
`
`
`Jojejnueal;pueprysSuysixeay]usemjeg
`
`
`
`
`
`c9e
`
`
`
`
`
`
`q|62)ey)puewsBuysixeau)BIAsoyBjNLUSUeJoShayPeULIOJSUBI]SyesBUSSfeolaapayyulyajdde
`
`
`asund-auepueprysuojeyodsueyBuysixeueusamjeg
`
`
`
`
`
`
`
`SdlAepay)Uljeiddeasind-auepukeWIVSSunsixeay}usemiag
`
`
`
`
`
`JE‘S/d
`
`
`
`
`
`RB9e,pezieuosied,joayeise0}asind-9auleS
`
`GN&3
`
`
`
`IPR2022-00413
`Apple EX1001 Page 15
`
`IPR2022-00413
`Apple EX1001 Page 15
`
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 15 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`vorpyeaBuvayueJayeJeIpiweeIAsenbeseayeniuy
`
`
`
`
`
`
`
`
`
`90+yojddeasund-9a0)jsenbe&spuas19IGHA
`
`VvSad
`
`
`
`80}@|PIWBu]O]asUOdSSBeSesOdWwODasind-y
`
`OLP
`
`
`
`asuodsaiau)
`
`&PSYLOA
`
`
`
`ZipPOLUOAJi‘yuegBuOsuodse0}jsenbe,
`
`eBAeA
`
`
`JajsuedpunyeoyeniulpuejuNoooeBulpuodsaiuco
`
`
`
`PLPyuegey}Woldasuodse,eBaAlgoay
`
`IPR2022-00413
`Apple EX1001 Page 16
`
`
`
`
`
`JaBeuewasunday]SSeo0e0]Nid
`
`IPR2022-00413
`Apple EX1001 Page 16
`
`
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 16 of 25
`
`US 9.240,009 B2
`
`8 #7
`
`ZZ$7
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 17
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 17 Of 25
`
`US 9.240,009 B2
`
`89 #7
`
`?sund-a
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 18
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 18 of 25
`
`US 9.240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 19
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 19 Of 25
`
`US 9.240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 20
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 20 of 25
`
`US 9.240,009 B2
`
`099
`
`899
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 21
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 21 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`009
`
`
`
`udHpesuel|SOd
`
`E19JBAIBS
`
`
`
`
`
`
`
`
`
`SUOnBoIUNWUOD>FEINIBD
`
`ozsoman—_)
`
`
`
`peindesuojoesueyialu}fea
`
`v9Oldsoo
`
`uojoesuen
`
`auiyjee~
`
`6¢c9
`
`699|
`
`Uay0}-8
`
`peiqeug
`
`IQeHOdjouueyg———7yoyegJO
`
`
`bonedgL9uonesedo
`
`
`069nennececeeeeeeteneeeteeeeedffneenneeeeeecececteeeeeencees!
`
`pueqeseg
`
`veg
`
`
`
`yUaWa}ypeunves
`
`6c9
`
`IPR2022-00413
`Apple EX1001 Page 22
`
`IPR2022-00413
`Apple EX1001 Page 22
`
`
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 22 of 25
`
`US 9.240,009 B2
`
`pueqÐSeg
`
`?ue6\, SOd
`999
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`929 WW7S SOdwJ
`
`IPR2022-00413
`Apple EX1001 Page 23
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 23 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`
`
`dn-do}jenyia10
`
`899dn-do}@Wiopie,d
`
`
`
`j201JOUO
`
`
`
`
`
`
`
`
`
`
`
`0S9
`
`
`
`Jaseyound@Wold)UayO}]-8UBSASBLIOY
`
`
`
`ZUS}0}-9PIeA
`
`
`
`yBnoudas8y)$
`
`~9ulaouR}eq
`
`
`
`
`
`UdSyO}-8WdJUNOWWepeseuoindjonpeg
`
`
`J@AJ8SpueyoRgO}suOOeSUB.peony
`
`(yo}equlJOUONOesUe.yore)
`
`99Dl
`
`
`
`édn-do}awn
`
`Z99
`
` £59é,Uay40}
`
`IPR2022-00413
`Apple EX1001 Page 24
`
`IPR2022-00413
`Apple EX1001 Page 24
`
`
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 24 of 25
`
`US 9.240,009 B2
`
`START
`
`670 O
`
`672
`
`Send an initial purchase request to e
`token enabled device of a purchaser
`
`674
`
`
`
`
`
`Enough balance
`in e-token
`enabled device?
`
`
`
`END
`
`nO
`
`676
`
`yes
`
`Forward the received response from the e
`token enabled device to POS SAM
`
`678
`
`680
`
`682
`
`Receive a debit request containing a
`MAC from POS SAM
`
`Send the debit request to e-token
`enabled device to debite-token
`
`Receive debit confirm message including additional
`MACS for transaction Verification and Settlement
`684
`
`Forward the debit confirm message to
`POS SAM for Verification
`
`686
`
`Display transaction after POS SAM
`has recorded the transaction
`
`END
`
`FIG. 6D
`
`IPR2022-00413
`Apple EX1001 Page 25
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 25 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`S O
`
`N
`
`2
`
`y
`
`—--eeeKeeKeKeKHEE7/.ihh'HWGeqnipag|yuowAedWs
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`QOJ@ULUOD-LU'uoneAIssay|BVIAIOSyeyon1WAISASgeA.OLJ@PIACld joooNpanaennaewenemasAlaAljeppue9a!aseyoind
`
`JaHOH-2|@0YOXOog|WVaeeeeenenee5Sfo
`
`
`
`
`
`
`
`
`
`
`
`BUTUOAISAappue
`
`
`
`HuiseyoindSOJOLULUOO-9
`
`
`
`eseyoindjeyoy
`
`Buneyoy
`
`uojeojddyyzasund-9
`
`oonIGE
`
`ayeg)
`
`0]UOPalo}s18}91}-8
`
`*“~oe
`
`adiAeq
`
`Ul-YOSUD
`~——->
`
`Z‘OA
`
`Jopeoy
`
`vel
`
`
`
`
`
`Qz/jUaWEI9peinoes
`
`IPR2022-00413
`Apple EX1001 Page 26
`
`IPR2022-00413
`Apple EX1001 Page 26
`
`
`
`
`
`
`
`
`US 9,240,009 B2
`
`1.
`MOBILE DEVICES FOR COMMERCE OVER
`UNSECURED NETWORKS
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`This application is a continuation-in-part of U.S. patent
`application Ser. No. 1 1/534,653 filed on Sep. 24, 2006, now
`U.S. Pat. No. 8,118,218, and also a continuation-in-part of
`U.S. patent application Ser. No. 1 1/739,044 filed on Apr. 23.
`2007, which is a continuation-in-part of U.S. patent applica
`tion Ser. No. 1 1/534,653 filed on Sep. 24, 2006, now U.S. Pat.
`No. 8,118,218.
`
`BACKGROUND
`
`10
`
`15
`
`2
`To support this fast evolving business environment, several
`entities including financial institutions, manufactures of vari
`ous NFC-enabled mobile phones and software developers, in
`addition to mobile network operators (MNO), become
`involved in the NFC mobile ecosystem. By nature of their
`individual roles, these players need to communicate with
`each other and exchange messages in a reliable and interop
`erable way.
`One of the concerns in the NFC mobile ecosystem is its
`security in an open network. Thus there is a need to provide
`techniques to personalize a secure element in a contactless
`Smart card or an NFC-enabled mobile device so that such a
`device is so secured and personalized when it comes to finan
`cial applications or secure transactions. With a personalized
`secure element in an NFC-enabled mobile device, various
`applications or services, such as electronic purse or pay
`ments, can be realized. Accordingly, there is another need for
`techniques to provision or manage an application or service in
`connection with a personalized secure element.
`
`SUMMARY
`
`This section is for the purpose of Summarizing some
`aspects of embodiments of the present invention and to briefly
`introduce some preferred embodiments. Simplifications or
`omissions in this section as well as the title and the abstract of
`this disclosure may be made to avoid obscuring the purpose of
`the section, the title and the abstract. Such simplifications or
`omissions are not intended to limit the scope of the present
`invention.
`Broadly speaking, the invention is related to techniques for
`personalizing secure elements in NFC devices to enable vari
`ous secure transactions over a network (wired and/or wireless
`network). With a personalized secure element (hence secured
`element), techniques for provisioning various applications or
`services are also provided. Interactions among different par
`ties are managed to effectuate a personalization or provision
`ing process flawlessly to enable an NFC device for a user
`thereof to start enjoying the convenience of commerce over a
`data network with minimum effort.
`As an example of application to be provided over a secured
`element, a mechanism is provided to enable devices, espe
`cially portable devices, to function as an electronic purse
`(e-purse) to conduct transactions over an open network with
`a payment server without compromising security. According
`to one embodiment, a device is installed with an e-purse
`manager (i.e., an application). The e-purse manager is con
`figured to manage various transactions and functions as a
`mechanism to access an emulator therein. Secured financial
`transactions can then be conducted over a wired network, a
`wireless network or a combination of both wired and wireless
`network.
`According to another aspect of the present invention, Secu
`rity keys (either symmetric or asymmetric) are personalized
`So as to personalize an e-purse and perform a secured trans
`action with a payment server. In one embodiment, the essen
`tial data to be personalized into an e-purse include one or
`more operation keys (e.g., a load key and a purchase key),
`default PINs, administration keys (e.g., an unblock PIN key
`and a reload PIN key), and passwords (e.g., from Milfare).
`During a transaction, the security keys are used to establish a
`secured channel between an embedded e-purse and an SAM
`(Security Authentication Module) or a backend server.
`The present invention may be implemented in various
`forms including a method, a system, an apparatus, a part of a
`system or a computer readable medium. According to one
`embodiment, the present invention is a method for personal
`
`25
`
`30
`
`35
`
`40
`
`45
`
`1. Technical Field
`The present invention is generally related to commerce
`over networks. Particularly, the present invention is related to
`techniques for personalizing a secure element and provision
`ing an application Such as an electronic purse that can be
`advantageously used in portable devices configured for both
`electronic commerce (a.k.a., e-commerce) and mobile com
`merce (a.k.a., m-commerce).
`2. Description of the Related Art
`Single functional cards have been Successfully used in
`enclosed environments such as transportation systems. One
`example of such single functional cards is MIFARE that has
`been selected as the most Successful contactless Smart card
`technology. MIFARE is the perfect solution for applications
`like loyalty and vending cards, road tolling, city cards, access
`control and gaming.
`However, single functional card applications are deployed
`in enclosed systems, which are difficult to be expanded into
`other areas Such as e-commerce and m-commerce because
`stored values and transaction information are stored in data
`storage of each tag that is protected by a set of keys. The
`nature of the tag is that the keys need to be delivered to the
`card for authentication before any data can be accessed during
`a transaction. This constraint makes systems using Such tech
`nology difficult to be expanded to an open environment Such
`as the Internet for e-commerce and/or wireless networks for
`m-commerce as the delivery of keys over a public domain
`network causes security concerns.
`In general, a Smart card, chip card, or integrated circuit card
`(ICC), is any pocket-sized card with embedded integrated
`circuits. A Smart card or microprocessor cards contain Vola
`tile memory and microprocessor components. Smart cards
`may also provide strong security authentication for single
`sign-on (SSO) within large organizations. The benefits of
`50
`smart cards are directly related to the volume of information
`and applications that are programmed for use on a card. A
`single contact/contactless Smart card can be programmed
`with multiple banking credentials, medical entitlement, driv
`er's license/public transport entitlement, loyalty programs
`and club memberships to name just a few. Multi-factor and
`proximity authentication can and has been embedded into
`Smart cards to increase the security of all services on the card.
`Contactless Smart cards that do not require physical contact
`between card and reader are becoming increasingly popular
`for payment and ticketing applications such as mass transit
`and highway tolls. Such Near Field Communication (NFC)
`between a contactless Smart card and a reader presents sig
`nificant business opportunities when used in NFC-enabled
`mobile phones for applications such as payment, transport
`ticketing, loyalty, physical access control, and other exciting
`new services.
`
`55
`
`60
`
`65
`
`IPR2022-00413
`Apple EX1001 Page 27
`
`
`
`3
`izing a secure element associated with a computing device.
`The method comprises initiating data communication with a
`server, sending device information of the secure element in
`responding to a request from the server after the server deter
`mines that the secure element is registered therewith, wherein
`the device information is a sequence of characters uniquely
`identifying the secure element, and the request is a command
`causing the computing device to retrieve the device informa
`tion from the secure element, receiving at least a set of keys
`from the server, wherein the keys are generated in the server
`in accordance with the device information of the secure ele
`ment, and storing the set of keys in the secure element to
`facilitate a Subsequent transaction by the computing device.
`According to another embodiment, the present invention is
`a method for personalizing a secure element associated with
`a computing device. The method comprises receiving an
`inquiry to establish data communication between a server and
`the computing device, sending a request from the server to the
`computing device to request device information of the secure
`element after the server determines that the computing device
`is registered therewith, wherein the device information is a
`sequence of characters uniquely identifying the secure ele
`ment, and the request is a command that Subsequently causes
`the computing device to retrieve the device information from
`the secure element therein, generating at least a set of keys in
`accordance with the device information received, delivering
`the set of keys through a secured channel over a data network
`to the computing device, wherein the set of keys is caused to
`be stored in the secure element with the computing device,
`and notifying at least a related party that the secure element is
`now personalized for Subsequent trusted transactions.
`According to still another embodiment, the present inven
`tion is a method for provisioning an application installed in a
`mobile device, the method comprises sending to a server an
`identifier identifying the application together with device
`information of a secure element associated with a mobile
`device on which the application has been installed, establish
`ing a secured channel between the secure element and the
`server using a set of key set installed in the secure element,
`receiving data prepared by the server to enable the application
`to function as designed on the mobile device; and sending out
`an acknowledgement to a provider of the application about a
`status of the application now being active with the secure
`element on the mobile device. The data received in the mobile
`device includes a user interface of the application per the
`mobile device and a generated application key set.
`According to still another embodiment, the present inven
`tion is a method for provisioning an application, the method
`comprises receiving from a mobile device an identifier iden
`tifying the application together with device information of a
`secure element associated with the mobile device on which
`the application has been installed, establishing a secured
`channel between the secure element and the server using a set
`of key set installed on the secure element, preparing data
`necessary for the application to function as designed on the
`mobile device, transporting the data from the server to enable
`the application via the secured channel; and notifying a pro
`vider of the application about a status of the application now
`active with the secure element on the mobile device.
`According to yet another embodiment, the present inven
`tion is a mobile device for conducting a transaction over a
`network, the mobile device comprises a network interface, a
`secure element, a memory space for storing at least a module
`and an application downloaded from the network, a processor
`coupled to the memory space and configured to execute the
`module to cause operations including verifying whether the
`application has been provisioned. When it is verified that the
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`US 9,240,009 B2
`
`5
`
`10
`
`15
`
`4
`application has not been provisioned, the operations further
`comprise sending to a server via the network interface an
`identifier identifying the application together with device
`information of a secure element, establishing a secured chan
`nel between the secure element and the server using a key set
`installed on the secure element, wherein the server is config
`ured to prepare data necessary for the application to function
`as designed on the mobile device, receiving the data from the
`server to associate the application with the secure element,
`and sending out an acknowledgement to a provider of the
`application about a status of the application that is now active
`with the secure element. The processor is further configured
`to determine if the secure element has been personalized
`before performing a provisioning process of the application.
`If the secure element has not been personalized, the mobile
`device is caused to personalize the secure element with a
`designed server.
`One of the objects, features, and advantages of the present
`invention is to enable a mobile device that can be used to
`perform a secured transaction with a party (e.g., at a point of
`sale, with a commercial server or accessing remotely) overan
`unsecured network (e.g., the Internet).
`Other objects, features, and advantages of the present
`invention, which will become apparent upon examining the
`following detailed description of an embodiment thereof,
`taken in conjunction with the attached drawings.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The invention will be readily understood by the following
`detailed description in conjunction with the accompanying
`drawings, wherein like reference numerals designate like
`structural elements, and in which:
`FIG. 1A shows a simplified architecture of an NFC-en
`abled mobile device with a secure element (SE):
`FIG. 1B shows a flowchart or process of personalizing an
`SE according to one embodiment of the present invention;
`FIG.1C shows relationships among an SE manufacturer, a
`TSM admin and the TSM system for both offline and online
`modes;
`FIG. 1D illustrates data flows among a user for an NFC
`device (e.g., an NFC mobile phone), the NFC device itself, a
`TSM server, a corresponding SE manufacturer and an SE
`issuer,
`FIG.1E shows a data flowchart or process of personalizing
`data flow among three entities: a land-based SAM or a net
`work e-purse server, an e-purse acting as a gatekeeper, and a
`single function tag, according to one embodiment;
`FIG. 2A shows a mobile payment ecosystem in which
`related parties are shown in order for the mobile payment
`ecosystem successful;
`FIG. 2B shows a flowchart or process of provisioning one
`or more applications according to one embodiment;
`FIG. 2C shows a data flow illustrating various interactions
`among different parties when an application is being provi
`Sioned in one embodiment;
`FIG. 2D shows a data flow among different entities when
`preparing the application data in provisioning an application;
`FIG. 2E shows a flowchart or process for locking or dis
`abling an installed application;
`FIG. 2F shows an exemplary architecture diagram of a
`portable device enabled as an e-purse conducting e-com
`merce and m-commerce, according to one embodiment of the
`present invention;
`FIG. 3A is a block diagram of related modules interacting
`with each other to achieve what is referred to hereinase-purse
`
`IPR2022-00413
`Apple EX1001 Page 28
`
`
`
`US 9,240,009 B2
`
`5
`personalization by an authorized personnel (a.k.a., personal
`izing a mobile device or a secure element therein while pro
`visioning an application);
`FIG. 3B shows a block diagram of related modules inter
`acting with each other to achieve what is referred to herein as
`e-purse personalization by a user of the e-purse;
`FIG. 3C shows a flowchart or process of personalizing an
`e-purse according to one embodiment of the present inven
`tion;
`FIG. 4A and FIG. 4B show together a flowchart or process
`of financing, funding, load or top-up an e-purse according to
`one embodiment of the present invention:
`FIG. 4C shows an exemplary block diagram of related
`blocks interacting with each other to achieve the process FIG.
`4A and FIG. 4B;
`FIG. 5A is a diagram showing a first exemplary architec
`ture of a portable device for enabling e-commerce and
`m-commerce functionalities over a cellular communications
`network (i.e., 3G, LTE or GPRS network), according an
`embodiment of the present invention;
`FIG. 5B is a diagram showing a second exemplary archi
`tecture of a portable device for enabling e-commerce and
`m-commerce functionalities over a wired and/or wireless
`data network (e.g., Internet), according another embodiment
`of the present invention;
`25
`FIG.5C is a flowchart illustrating an exemplary process of
`enabling the portable device of FIG. 5A for services/applica
`tions provided by one or more service providers in accor
`dance with one embodiment of the present invention;
`FIG. 6A is a diagram showing an exemplary architecture,
`in which a portable device is enabled as a mobile POS con
`ducting e-commerce and m-commerce, according to one
`embodiment of the present invention;
`FIG. 6B is a diagram showing an exemplary architecture,
`in which a portable device is enabled as a mobile POS con
`ducting a transaction upload operation over a network,
`according to an embodiment of the present invention;
`FIG. 6C is a flowchart illustrating an exemplary process of
`conducting m-commerce using the portable device enabled as
`a mobile POS with an e-token enabled device as a single
`functional card in accordance with one embodiment of the
`present invention;
`FIG. 6D is a flowchart illustrating an exemplary process of
`conducting m-commerce using the portable device enabled as
`a mobile POS against a an e-token enabled device as a multi
`functional card; and
`FIG. 7 is a diagram depicting an exemplary configuration
`in which a portable device used for an e-ticking application.
`
`10
`
`15
`
`30
`
`35
`
`6
`places in the specification are not necessarily all referring to
`the same embodiment, nor are separate or alternative embodi
`ments mutually exclusive of other embodiments. Further, the
`order of blocks in process, flowcharts or functional diagrams
`representing one or more embodiments do not inherently
`indicate any particular order nor imply limitations in the
`invention.
`Embodiments of the present invention are discussed herein
`with reference to FIGS. 1A-7. However, those skilled in the
`art will readily appreciate that the detailed description given
`herein with respect to these figures is for explanatory pur
`poses only as the invention extends beyond these limited
`embodiments.
`Near Field Communication (NFC) presents significant
`business opportunities when used in mobile phones for appli
`cations such as payment, transport ticketing, loyalty, physical
`access control, and other exciting new services. To Support
`this fast evolving business environment, several entities
`including financial institutions, manufactures of various
`NFC-enabled mobile phones and software developers, in
`addition to Mobile Network Operators (MNO), become
`involved in the NFC mobile ecosystem. By nature of their
`individual roles, these players need to communicate with
`each other and exchange messages in a reliable and interop
`erable way.
`Equally important to these entities or players, is the need
`for ongoing security and confidentiality of sensitive applica
`tions and data downloaded to and stored on an NFC enabled
`handset for performing contactless transactions. The compo
`nent in a mobile phone providing the security and confiden
`tiality required to Support various business models in this
`environment, is referred to as a Secure Element (SE).
`FIG. 1A shows a simplified architecture of a computing
`device 100. Unless otherwise explicitly indicated, the term of
`“computing device'. “mobile device' or “handset' will be
`interchangeably used herein, but those skilled in the art will
`understan