(12) United States Patent
`Koh et al.
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 9.240,009 B2
`Jan. 19, 2016
`
`USOO9240009B2
`
`(54) MOBILE DEVICES FOR COMMERCE OVER
`UNSECURED NETWORKS
`
`(75) Inventors: Liang Seng Koh, Fremont, CA (US);
`Hsin Pan, Fremont, CA (US);
`Xiangzhen Xie, Guangdong (CN)
`(73) Assignees: Rich House Global Technology Ltd.,
`Shenzhen (CN); RFCyber Corp.,
`Fremont, CA (US)
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 227 days.
`Appl. No.: 13/350,835
`
`(*)
`
`Notice:
`
`(21)
`(22)
`(65)
`
`Filed:
`
`Jan. 16, 2012
`
`Prior Publication Data
`US 2012/013O839 A1
`May 24, 2012
`Related U.S. Application Data
`(63) Continuation-in-part of application No. 1 1/534,653,
`filed on Sep. 24, 2006, now Pat. No. 8,118,218, and a
`continuation-in-part of application No. 1 1/739,044,
`filed on Apr. 23, 2007.
`
`(51)
`
`(52)
`
`(2012.01)
`(2012.01)
`(2012.01)
`(2012.01)
`
`Int. C.
`G06O20/00
`G06O20/34
`G06O20/36
`G06O 30/06
`U.S. C.
`CPC .......... G06O20/3552 (2013.01); G06O20/352
`(2013.01); G06O20/3672 (2013.01); G06Q
`30/0601 (2013.01)
`
`Processor
`O5
`
`Secured
`memory 107
`
`Og
`Card
`interface
`
`Applet
`
`4.
`
`E-Purse
`Application
`106
`
`Secure Element
`
`NFC controller
`1.
`
`Network interface
`O3
`
`(58) Field of Classification Search
`CPC ..... G06F 21/34; G07F 7/1008; G06Q 20/341;
`G06Q 20/3674; G06Q 20/382: G06Q 20/20;
`G06Q 20/32: G06Q 20/367; G06Q 20/3672
`USPC .................................. 235/379,380, 451, 492
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5/2014 Tompkins .............. G06Q 20/12
`8,725,632 B2 *
`705/39
`2004/00399 19 A1* 2/2004 Takayama et al. ............ T13, 18O
`2005/0187873 A1* 8, 2005 Labrou et al. ................... TO5/40
`2006, O168355 A1* 7, 2006 Shenfield et al. ..
`TO9,250
`2007/O125838 A1* 6, 2007 Law et al. ..............
`... 235,379
`2008/0006685 A1* 1/2008 Rackley, III et al.
`235/379
`2009 OO69051 A1* 3, 2009 Jain et al. .......
`... 455,558
`2010/029 1904 A1* 11/2010 Musfeldt et al. ........... 455,414.1
`* cited by examiner
`Primary Examiner — Christopher Stanford
`(74) Attorney, Agent, or Firm — Joe Zheng
`
`ABSTRACT
`(57)
`Techniques for managing modules or applications installed in
`a mobile device are described. To provide authentic and
`secured transactions with another device, each of the installed
`applications is provisioned with a server through data com
`munication capability in a mobile device. A provisioned
`application is associated with the personalized secure ele
`ment in the mobile device and works with a set of keys that are
`generated in accordance with a set of keys from the person
`alized secure element. Further management of controlling an
`installed application is also described.
`17 Claims, 25 Drawing Sheets
`
`
`
`
`
`2
`
`genuine device?
`
`110
`
`Communicate with a dedicated server (e.g., a TSM) - 4.
`
`Register NFC device with server --- 116
`
`x
`
`122
`
`y
`Request SE-related information from device - 18
`
`Z
`Contact SE manufacture
`get updated device info
`
`Yes
`
`20
`
`Update default
`information?
`-
`No.
`w
`Store the retrieved device info in database --- 124
`
`Generate keys based on the device information - 26
`
`Put the generated key set into the SE ----- 28
`
`Synchronize the keys and device information
`with the SE issuer
`
`--- 30
`
`EN
`
`IPR2022-00413
`Apple EX1001 Page 1
`
`
`Koh et al.
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 9.240,009 B2
`Jan. 19, 2016
`
`USOO9240009B2
`
`(54) MOBILE DEVICES FOR COMMERCE OVER
`UNSECURED NETWORKS
`
`(75) Inventors: Liang Seng Koh, Fremont, CA (US);
`Hsin Pan, Fremont, CA (US);
`Xiangzhen Xie, Guangdong (CN)
`(73) Assignees: Rich House Global Technology Ltd.,
`Shenzhen (CN); RFCyber Corp.,
`Fremont, CA (US)
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 227 days.
`Appl. No.: 13/350,835
`
`(*)
`
`Notice:
`
`(21)
`(22)
`(65)
`
`Filed:
`
`Jan. 16, 2012
`
`Prior Publication Data
`US 2012/013O839 A1
`May 24, 2012
`Related U.S. Application Data
`(63) Continuation-in-part of application No. 1 1/534,653,
`filed on Sep. 24, 2006, now Pat. No. 8,118,218, and a
`continuation-in-part of application No. 1 1/739,044,
`filed on Apr. 23, 2007.
`
`(51)
`
`(52)
`
`(2012.01)
`(2012.01)
`(2012.01)
`(2012.01)
`
`Int. C.
`G06O20/00
`G06O20/34
`G06O20/36
`G06O 30/06
`U.S. C.
`CPC .......... G06O20/3552 (2013.01); G06O20/352
`(2013.01); G06O20/3672 (2013.01); G06Q
`30/0601 (2013.01)
`
`Processor
`O5
`
`Secured
`memory 107
`
`Og
`Card
`interface
`
`Applet
`
`4.
`
`E-Purse
`Application
`106
`
`Secure Element
`
`NFC controller
`1.
`
`Network interface
`O3
`
`(58) Field of Classification Search
`CPC ..... G06F 21/34; G07F 7/1008; G06Q 20/341;
`G06Q 20/3674; G06Q 20/382: G06Q 20/20;
`G06Q 20/32: G06Q 20/367; G06Q 20/3672
`USPC .................................. 235/379,380, 451, 492
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5/2014 Tompkins .............. G06Q 20/12
`8,725,632 B2 *
`705/39
`2004/00399 19 A1* 2/2004 Takayama et al. ............ T13, 18O
`2005/0187873 A1* 8, 2005 Labrou et al. ................... TO5/40
`2006, O168355 A1* 7, 2006 Shenfield et al. ..
`TO9,250
`2007/O125838 A1* 6, 2007 Law et al. ..............
`... 235,379
`2008/0006685 A1* 1/2008 Rackley, III et al.
`235/379
`2009 OO69051 A1* 3, 2009 Jain et al. .......
`... 455,558
`2010/029 1904 A1* 11/2010 Musfeldt et al. ........... 455,414.1
`* cited by examiner
`Primary Examiner — Christopher Stanford
`(74) Attorney, Agent, or Firm — Joe Zheng
`
`ABSTRACT
`(57)
`Techniques for managing modules or applications installed in
`a mobile device are described. To provide authentic and
`secured transactions with another device, each of the installed
`applications is provisioned with a server through data com
`munication capability in a mobile device. A provisioned
`application is associated with the personalized secure ele
`ment in the mobile device and works with a set of keys that are
`generated in accordance with a set of keys from the person
`alized secure element. Further management of controlling an
`installed application is also described.
`17 Claims, 25 Drawing Sheets
`
`
`
`
`
`2
`
`genuine device?
`
`110
`
`Communicate with a dedicated server (e.g., a TSM) - 4.
`
`Register NFC device with server --- 116
`
`x
`
`122
`
`y
`Request SE-related information from device - 18
`
`Z
`Contact SE manufacture
`get updated device info
`
`Yes
`
`20
`
`Update default
`information?
`-
`No.
`w
`Store the retrieved device info in database --- 124
`
`Generate keys based on the device information - 26
`
`Put the generated key set into the SE ----- 28
`
`Synchronize the keys and device information
`with the SE issuer
`
`--- 30
`
`EN
`
`IPR2022-00413
`Apple EX1001 Page 1
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 1 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`
`
`esind-3
`
`901
`
`uoneajddy
`
`
`
`JUSWS]>jaiNdaS
`
`JOSS9001q
`60==psegpounses
`
`eoeelulZo,AsowewSOL
`BORLSJU!YIOMION49|JO4JUODDAN
`
`
`colLOL
`
`ViOld
`
`IPR2022-00413
`Apple EX1001 Page 2
`
`IPR2022-00413
`Apple EX1001 Page 2
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 2 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`OLL
`
`
`
` Z901Aapsuinueb~LYVLS
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`LLJOAIOSUUMSdIASPO4NJaysiboy
`
`
`
`pil(WS
`
`
`
`
`
`je“B'9)Jaasespayesipap&YIMayeoIUNWLUOD
`
`
`
`
`
`
`
`QLLSOIASPWO)UONBLUOJU!PeTBjel-ySisenbey
`
`Gb‘Old
`
`OL
`
`ZUOHEWIOLUT
`
`
`OjUlSOIASPpeyepdn336
`
`
`
`
`
`vat
`
`
`9Zi3Sau]o1u!jasAeypeyesouab
`
`
`
`
` au)IngtOZ}—~tUONBWUOJUISoIAaPoy]UOpasegshayo}B18UED| fOSEQEIEPUlOJUI
`
`
`SOIASPPOASIIO!OU}B101S
`
`
`
`
`
`
`
`OfLUOEWUOJUIBDIASPpueshayouiSZIUOIYOUAS
`
`
`
`GNE
`aNa
`
`JONSS]FSOU}YIM
`
`IPR2022-00413
`Apple EX1001 Page 3
`
`
`ynejepayepdy
`SOA
`saunjoejnuewAsjyoeye57col
`
`IPR2022-00413
`Apple EX1001 Page 3
`
`
`
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 3 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`heeasec
`
`Seamte:
`
`
`
`
`
`
`
`ejepdrGSIynejeq10}yoeouddyyojegsullyo
`
`
`
`g720IspeeJdADEPYys)
`
`SEVQROPOF
`
`
`Srnnenreeinriene5
`**********, …....
`
`
`
`
`
`
`LUESASJAS)WEEPWSLSAARURS3S
`
`
`
`
`
`
`
`9L‘SJajepdyqs]ynejeq40)yoeoiddyyoyegauluO
`
`
`
`POSpineWiAIDepJAE
`
`aSeqelepOn
`
`
`
`
`
`HISASWSLJOANIEPMU3S
`
`IANSLBISGSTuneepogiody
`
`
`
`eetnettingpeqodEAR
`(~~~~………………). 3333333*{&&
`
`*******~~~~~……….....
`
`
`mannAroneneeenie
`
`
`IPR2022-00413
`Apple EX1001 Page 4
`
`IPR2022-00413
`Apple EX1001 Page 4
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 4 of 25
`
`US 9.240,009 B2
`
`&ssssssssssssss
`
`·········---···---····---···---······?{
`
`***&&&&&&
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 5
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 5 Of 25
`
`US 9.240,009 B2
`
`?sund-3
`
`JeßueW
`
`se s?ový
`
`??eº)
`
`?.
`
`J?d?ay!
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 6
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 6 of 25
`
`US 9.240,009 B2
`
`00Z
`
`
`
`
`
`....***saoge redo
`
`***)
`***,
`
`*** &
`
`****...
`
`IPR2022-00413
`Apple EX1001 Page 7
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 7 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`
`
`vee
`
`9”E
`
`
`
`peuacisiaoidBuieg
`
`ove
`
`Ove
`
`ON
`
`dss|eysu|
`
`8%
`
`“
`
`ass
`
`epayjeysul
`
`
`
`Sax
`
`ve?
`
`0&2
`
`Cpezyeuosied
`
`9E?%
`
`SOX
`
`ON
`ON
`
`$!dS$1
`
`pajeioosse
`
`Eddyauljm
`
`7740Japiaoiduoneajddeay)AON
`
`
`
`
`
`UUMuOHeoNddesuyjosmieyssuy
`
`
`GSSpajfeysulBuisn4geu)YM
`uoyeojddeaujojeyepasedal,
`
`
`
`
`BOIASPOIGOWpalnuop!ou}
`
`jouueUopeinoeseYysiqeysy
`
`922|NS]e“6'3)payeoipapeBUTMJaAs90S
`Bec_Ab‘OldsOOL0}0D
`
`
`CjUIM}}PuesPUROjUlSOIASpPsAdUIayYole
`
`
`J@AJ8SBu}0}UONeORddeau)BusAyQuapl
`
`jaUUBYSUONBOIUNWLUOSeBYsgej|sa
`GS]paaepBuisn4gey)yim
`
`
`j@UUBUOpainoaseBYsiqeisy
`Jenssiau}AynueJasna4}JapUiLUdJJO
`SEYASSu}JON
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`OZZ
`O02?
`
`VEC
`
`LYVLsS
`
`ZUOISIAOIdYes
`
`
`
`
`
`déDd
`
`IPR2022-00413
`Apple EX1001 Page 8
`
`IPR2022-00413
`Apple EX1001 Page 8
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`Sheet 8 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`ABRIADASMESaenSS]03'SHBUESWAISTBAST]BLQOIAx
`
`
`
`
`
`92‘Old
`
`AynyssazonsaseleanorAnon| ibsRacise
`
`pbiayyasHeyGee's:
`
`GSSPr
`
`~anuyuays
`
`
`
` OSC
`
`
`
`‘bayDeOSIAGarinl
`
`
`
`rdehypeopmorry;
`
`IPR2022-00413
`Apple EX1001 Page 9
`
`IPR2022-00413
`Apple EX1001 Page 9
`
`
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 9 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`GG¢c
`
`dé
`‘Old
`
`
`
`
`
`SORIGGJapmorgsavediidenungeidasgeedcidig
`
`
`
`
`pogesaed)JayadeygLdi
`
`
`LatelyMiepwcieeneanssagt
`
` DeyBeeuonexesoRmesfy
`
`
`
` 3eceeegeimseaagel|:HORReaeeryeePt:itannaeaele'ateainaaeteaeeneieaeaaeasieaeeasaweaesiy:“GharaaeedaseyHidyeissispureasei|/Sleeeneeeeenenneneneenenneneena!
`
`SEDuUoHeseUTsbEaayEI
`
`Senaycpa?(||Bag
`
`
`
`
`
`
`
`
`
`
`
`DERMOT|
`
`IPR2022-00413
`Apple EX1001 Page 10
`
`IPR2022-00413
`Apple EX1001 Page 10
`
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 10 of 25
`
`US 9.240,009 B2
`
`E12
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 11
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 11 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`082
`082
`
`
`
`JUBSLUUOUIAUQpesojpuy
`
`ueul(uoHeyodsuely
`
`
`
`JOSA0}S‘'B'9)
`
`
`
`BdIBLULUODpaseq-puey
`
`JO}syempuepyyBunsixy
`
`
`juebyqe
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`v6Zquo
`
`esind-9
`
`UNOS
`
`
`
`MJOMION}ueWwAe
`
`
`
`06¢SIBAIBSPue
`
`déOld
`
`aIQeHod
`
`
`
`
`
`SIBLBJU|SSOPORIUOD|—-ggz
`
`yeuonoun.ajBuis
`
`puegyeug
`
`
`
`jO90}01gPued
`
`:{O00}0ld
`
`Joyeynuy
`
`yingyajddy
`
`YUMddua
`
`asund-s
`
`802
`
`9gzpiomssed40}SSsoo0oy
`
`9Sund-9
`
`
`
`
`
`96zJopeayssajoeju0D
`
`BSOISUILUOD-3
`
`SOJSWILUOO-U
`
`IPR2022-00413
`Apple EX1001 Page 12
`
`IPR2022-00413
`Apple EX1001 Page 12
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 12 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`VeSl
`
`
`
`CLEjajddy
`
`osund-9
`
`Joyeinuy
`
`SSafjoe|Uuoy
`
`Jepeey
`
`OLE
`
`IPR2022-00413
`Apple EX1001 Page 13
`
`LLE
`
`
`
`JeBeueyypied
`
`Beeeeeneeeeeeeeeeeeeeeee
`
`Bunsixy
`
`VS
`
`UONEZHPUOSIOd
`
`uoneoiddy
`
`ZOEJBAIOS
`
`esind-8MeN
`
`90EWVS
`
`Z09
`COE
`JQULOSIBg
`
`pazuouiny
`
`© o
`
`O
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 13
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 13 Of 25
`
`US 9.240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`809
`
`909
`esund-e MeN
`
`
`
`?, ? 9
`
`uefieue W pueO
`
`ZZ9
`
`IPR2022-00413
`Apple EX1001 Page 14
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 14 of 25
`
`US 9,240,009 B2
`
`
`
`zs¢uoHezieuosuadayeniuy
`
`pieoou}WoyG|Se]eyopeay
`
`9SEe
`
`
`
`jouueysANoeseBUSIqeise0}ureLUOpAjundesUOHeONddeesp
`
`
`
`
`
`
`
`
`
`BOIAVPSy}Uljajddeosund-ouepuewysosund-omauueUsEeMjOg
`
`
`
`
`
`
`
`@dIAapBy)Ulyajdde
`
`
`
`
`
`esund-auepueBeWYSasund-ameuay]usenjagsuidpueshayUOWeIedoesund-aaj}e19Ua5
`
`
`
`oosjauueyoAyndeseYUSIqeise0}ulewopAjunoeasuoneayddeesn
`
`
`
`
`
`
`
`vor|Se}ou}pueWsSunsixsueBIAspiomssed4\\ajes9uag
`
`
`
`Jojejnueal;pueprysSuysixeay]usemjeg
`
`
`
`
`
`c9e
`
`
`
`
`
`
`q|62)ey)puewsBuysixeau)BIAsoyBjNLUSUeJoShayPeULIOJSUBI]SyesBUSSfeolaapayyulyajdde
`
`
`asund-auepueprysuojeyodsueyBuysixeueusamjeg
`
`
`
`
`
`
`
`SdlAepay)Uljeiddeasind-auepukeWIVSSunsixeay}usemiag
`
`
`
`
`
`JE‘S/d
`
`
`
`
`
`RB9e,pezieuosied,joayeise0}asind-9auleS
`
`GN&3
`
`
`
`IPR2022-00413
`Apple EX1001 Page 15
`
`IPR2022-00413
`Apple EX1001 Page 15
`
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 15 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`vorpyeaBuvayueJayeJeIpiweeIAsenbeseayeniuy
`
`
`
`
`
`
`
`
`
`90+yojddeasund-9a0)jsenbe&spuas19IGHA
`
`VvSad
`
`
`
`80}@|PIWBu]O]asUOdSSBeSesOdWwODasind-y
`
`OLP
`
`
`
`asuodsaiau)
`
`&PSYLOA
`
`
`
`ZipPOLUOAJi‘yuegBuOsuodse0}jsenbe,
`
`eBAeA
`
`
`JajsuedpunyeoyeniulpuejuNoooeBulpuodsaiuco
`
`
`
`PLPyuegey}Woldasuodse,eBaAlgoay
`
`IPR2022-00413
`Apple EX1001 Page 16
`
`
`
`
`
`JaBeuewasunday]SSeo0e0]Nid
`
`IPR2022-00413
`Apple EX1001 Page 16
`
`
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 16 of 25
`
`US 9.240,009 B2
`
`8 #7
`
`ZZ$7
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 17
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 17 Of 25
`
`US 9.240,009 B2
`
`89 #7
`
`?sund-a
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 18
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 18 of 25
`
`US 9.240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 19
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 19 Of 25
`
`US 9.240,009 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 20
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 20 of 25
`
`US 9.240,009 B2
`
`099
`
`899
`
`
`
`
`
`
`
`IPR2022-00413
`Apple EX1001 Page 21
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 21 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`009
`
`
`
`udHpesuel|SOd
`
`E19JBAIBS
`
`
`
`
`
`
`
`
`
`SUOnBoIUNWUOD>FEINIBD
`
`ozsoman—_)
`
`
`
`peindesuojoesueyialu}fea
`
`v9Oldsoo
`
`uojoesuen
`
`auiyjee~
`
`6¢c9
`
`699|
`
`Uay0}-8
`
`peiqeug
`
`IQeHOdjouueyg———7yoyegJO
`
`
`bonedgL9uonesedo
`
`
`069nennececeeeeeeteneeeteeeeedffneenneeeeeecececteeeeeencees!
`
`pueqeseg
`
`veg
`
`
`
`yUaWa}ypeunves
`
`6c9
`
`IPR2022-00413
`Apple EX1001 Page 22
`
`IPR2022-00413
`Apple EX1001 Page 22
`
`
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 22 of 25
`
`US 9.240,009 B2
`
`pueqÐSeg
`
`?ue6\, SOd
`999
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`929 WW7S SOdwJ
`
`IPR2022-00413
`Apple EX1001 Page 23
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 23 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`
`
`dn-do}jenyia10
`
`899dn-do}@Wiopie,d
`
`
`
`j201JOUO
`
`
`
`
`
`
`
`
`
`
`
`0S9
`
`
`
`Jaseyound@Wold)UayO}]-8UBSASBLIOY
`
`
`
`ZUS}0}-9PIeA
`
`
`
`yBnoudas8y)$
`
`~9ulaouR}eq
`
`
`
`
`
`UdSyO}-8WdJUNOWWepeseuoindjonpeg
`
`
`J@AJ8SpueyoRgO}suOOeSUB.peony
`
`(yo}equlJOUONOesUe.yore)
`
`99Dl
`
`
`
`édn-do}awn
`
`Z99
`
` £59é,Uay40}
`
`IPR2022-00413
`Apple EX1001 Page 24
`
`IPR2022-00413
`Apple EX1001 Page 24
`
`
`
`
`
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 24 of 25
`
`US 9.240,009 B2
`
`START
`
`670 O
`
`672
`
`Send an initial purchase request to e
`token enabled device of a purchaser
`
`674
`
`
`
`
`
`Enough balance
`in e-token
`enabled device?
`
`
`
`END
`
`nO
`
`676
`
`yes
`
`Forward the received response from the e
`token enabled device to POS SAM
`
`678
`
`680
`
`682
`
`Receive a debit request containing a
`MAC from POS SAM
`
`Send the debit request to e-token
`enabled device to debite-token
`
`Receive debit confirm message including additional
`MACS for transaction Verification and Settlement
`684
`
`Forward the debit confirm message to
`POS SAM for Verification
`
`686
`
`Display transaction after POS SAM
`has recorded the transaction
`
`END
`
`FIG. 6D
`
`IPR2022-00413
`Apple EX1001 Page 25
`
`
`
`U.S. Patent
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 25 of 25
`
`US 9.240,009 B2
`US 9,240,009 B2
`
`S O
`
`N
`
`2
`
`y
`
`—--eeeKeeKeKeKHEE7/.ihh'HWGeqnipag|yuowAedWs
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`QOJ@ULUOD-LU'uoneAIssay|BVIAIOSyeyon1WAISASgeA.OLJ@PIACld joooNpanaennaewenemasAlaAljeppue9a!aseyoind
`
`JaHOH-2|@0YOXOog|WVaeeeeenenee5Sfo
`
`
`
`
`
`
`
`
`
`
`
`BUTUOAISAappue
`
`
`
`HuiseyoindSOJOLULUOO-9
`
`
`
`eseyoindjeyoy
`
`Buneyoy
`
`uojeojddyyzasund-9
`
`oonIGE
`
`ayeg)
`
`0]UOPalo}s18}91}-8
`
`*“~oe
`
`adiAeq
`
`Ul-YOSUD
`~——->
`
`Z‘OA
`
`Jopeoy
`
`vel
`
`
`
`
`
`Qz/jUaWEI9peinoes
`
`IPR2022-00413
`Apple EX1001 Page 26
`
`IPR2022-00413
`Apple EX1001 Page 26
`
`
`
`
`
`
`
`
`US 9,240,009 B2
`
`1.
`MOBILE DEVICES FOR COMMERCE OVER
`UNSECURED NETWORKS
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`This application is a continuation-in-part of U.S. patent
`application Ser. No. 1 1/534,653 filed on Sep. 24, 2006, now
`U.S. Pat. No. 8,118,218, and also a continuation-in-part of
`U.S. patent application Ser. No. 1 1/739,044 filed on Apr. 23.
`2007, which is a continuation-in-part of U.S. patent applica
`tion Ser. No. 1 1/534,653 filed on Sep. 24, 2006, now U.S. Pat.
`No. 8,118,218.
`
`BACKGROUND
`
`10
`
`15
`
`2
`To support this fast evolving business environment, several
`entities including financial institutions, manufactures of vari
`ous NFC-enabled mobile phones and software developers, in
`addition to mobile network operators (MNO), become
`involved in the NFC mobile ecosystem. By nature of their
`individual roles, these players need to communicate with
`each other and exchange messages in a reliable and interop
`erable way.
`One of the concerns in the NFC mobile ecosystem is its
`security in an open network. Thus there is a need to provide
`techniques to personalize a secure element in a contactless
`Smart card or an NFC-enabled mobile device so that such a
`device is so secured and personalized when it comes to finan
`cial applications or secure transactions. With a personalized
`secure element in an NFC-enabled mobile device, various
`applications or services, such as electronic purse or pay
`ments, can be realized. Accordingly, there is another need for
`techniques to provision or manage an application or service in
`connection with a personalized secure element.
`
`SUMMARY
`
`This section is for the purpose of Summarizing some
`aspects of embodiments of the present invention and to briefly
`introduce some preferred embodiments. Simplifications or
`omissions in this section as well as the title and the abstract of
`this disclosure may be made to avoid obscuring the purpose of
`the section, the title and the abstract. Such simplifications or
`omissions are not intended to limit the scope of the present
`invention.
`Broadly speaking, the invention is related to techniques for
`personalizing secure elements in NFC devices to enable vari
`ous secure transactions over a network (wired and/or wireless
`network). With a personalized secure element (hence secured
`element), techniques for provisioning various applications or
`services are also provided. Interactions among different par
`ties are managed to effectuate a personalization or provision
`ing process flawlessly to enable an NFC device for a user
`thereof to start enjoying the convenience of commerce over a
`data network with minimum effort.
`As an example of application to be provided over a secured
`element, a mechanism is provided to enable devices, espe
`cially portable devices, to function as an electronic purse
`(e-purse) to conduct transactions over an open network with
`a payment server without compromising security. According
`to one embodiment, a device is installed with an e-purse
`manager (i.e., an application). The e-purse manager is con
`figured to manage various transactions and functions as a
`mechanism to access an emulator therein. Secured financial
`transactions can then be conducted over a wired network, a
`wireless network or a combination of both wired and wireless
`network.
`According to another aspect of the present invention, Secu
`rity keys (either symmetric or asymmetric) are personalized
`So as to personalize an e-purse and perform a secured trans
`action with a payment server. In one embodiment, the essen
`tial data to be personalized into an e-purse include one or
`more operation keys (e.g., a load key and a purchase key),
`default PINs, administration keys (e.g., an unblock PIN key
`and a reload PIN key), and passwords (e.g., from Milfare).
`During a transaction, the security keys are used to establish a
`secured channel between an embedded e-purse and an SAM
`(Security Authentication Module) or a backend server.
`The present invention may be implemented in various
`forms including a method, a system, an apparatus, a part of a
`system or a computer readable medium. According to one
`embodiment, the present invention is a method for personal
`
`25
`
`30
`
`35
`
`40
`
`45
`
`1. Technical Field
`The present invention is generally related to commerce
`over networks. Particularly, the present invention is related to
`techniques for personalizing a secure element and provision
`ing an application Such as an electronic purse that can be
`advantageously used in portable devices configured for both
`electronic commerce (a.k.a., e-commerce) and mobile com
`merce (a.k.a., m-commerce).
`2. Description of the Related Art
`Single functional cards have been Successfully used in
`enclosed environments such as transportation systems. One
`example of such single functional cards is MIFARE that has
`been selected as the most Successful contactless Smart card
`technology. MIFARE is the perfect solution for applications
`like loyalty and vending cards, road tolling, city cards, access
`control and gaming.
`However, single functional card applications are deployed
`in enclosed systems, which are difficult to be expanded into
`other areas Such as e-commerce and m-commerce because
`stored values and transaction information are stored in data
`storage of each tag that is protected by a set of keys. The
`nature of the tag is that the keys need to be delivered to the
`card for authentication before any data can be accessed during
`a transaction. This constraint makes systems using Such tech
`nology difficult to be expanded to an open environment Such
`as the Internet for e-commerce and/or wireless networks for
`m-commerce as the delivery of keys over a public domain
`network causes security concerns.
`In general, a Smart card, chip card, or integrated circuit card
`(ICC), is any pocket-sized card with embedded integrated
`circuits. A Smart card or microprocessor cards contain Vola
`tile memory and microprocessor components. Smart cards
`may also provide strong security authentication for single
`sign-on (SSO) within large organizations. The benefits of
`50
`smart cards are directly related to the volume of information
`and applications that are programmed for use on a card. A
`single contact/contactless Smart card can be programmed
`with multiple banking credentials, medical entitlement, driv
`er's license/public transport entitlement, loyalty programs
`and club memberships to name just a few. Multi-factor and
`proximity authentication can and has been embedded into
`Smart cards to increase the security of all services on the card.
`Contactless Smart cards that do not require physical contact
`between card and reader are becoming increasingly popular
`for payment and ticketing applications such as mass transit
`and highway tolls. Such Near Field Communication (NFC)
`between a contactless Smart card and a reader presents sig
`nificant business opportunities when used in NFC-enabled
`mobile phones for applications such as payment, transport
`ticketing, loyalty, physical access control, and other exciting
`new services.
`
`55
`
`60
`
`65
`
`IPR2022-00413
`Apple EX1001 Page 27
`
`
`
`3
`izing a secure element associated with a computing device.
`The method comprises initiating data communication with a
`server, sending device information of the secure element in
`responding to a request from the server after the server deter
`mines that the secure element is registered therewith, wherein
`the device information is a sequence of characters uniquely
`identifying the secure element, and the request is a command
`causing the computing device to retrieve the device informa
`tion from the secure element, receiving at least a set of keys
`from the server, wherein the keys are generated in the server
`in accordance with the device information of the secure ele
`ment, and storing the set of keys in the secure element to
`facilitate a Subsequent transaction by the computing device.
`According to another embodiment, the present invention is
`a method for personalizing a secure element associated with
`a computing device. The method comprises receiving an
`inquiry to establish data communication between a server and
`the computing device, sending a request from the server to the
`computing device to request device information of the secure
`element after the server determines that the computing device
`is registered therewith, wherein the device information is a
`sequence of characters uniquely identifying the secure ele
`ment, and the request is a command that Subsequently causes
`the computing device to retrieve the device information from
`the secure element therein, generating at least a set of keys in
`accordance with the device information received, delivering
`the set of keys through a secured channel over a data network
`to the computing device, wherein the set of keys is caused to
`be stored in the secure element with the computing device,
`and notifying at least a related party that the secure element is
`now personalized for Subsequent trusted transactions.
`According to still another embodiment, the present inven
`tion is a method for provisioning an application installed in a
`mobile device, the method comprises sending to a server an
`identifier identifying the application together with device
`information of a secure element associated with a mobile
`device on which the application has been installed, establish
`ing a secured channel between the secure element and the
`server using a set of key set installed in the secure element,
`receiving data prepared by the server to enable the application
`to function as designed on the mobile device; and sending out
`an acknowledgement to a provider of the application about a
`status of the application now being active with the secure
`element on the mobile device. The data received in the mobile
`device includes a user interface of the application per the
`mobile device and a generated application key set.
`According to still another embodiment, the present inven
`tion is a method for provisioning an application, the method
`comprises receiving from a mobile device an identifier iden
`tifying the application together with device information of a
`secure element associated with the mobile device on which
`the application has been installed, establishing a secured
`channel between the secure element and the server using a set
`of key set installed on the secure element, preparing data
`necessary for the application to function as designed on the
`mobile device, transporting the data from the server to enable
`the application via the secured channel; and notifying a pro
`vider of the application about a status of the application now
`active with the secure element on the mobile device.
`According to yet another embodiment, the present inven
`tion is a mobile device for conducting a transaction over a
`network, the mobile device comprises a network interface, a
`secure element, a memory space for storing at least a module
`and an application downloaded from the network, a processor
`coupled to the memory space and configured to execute the
`module to cause operations including verifying whether the
`application has been provisioned. When it is verified that the
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`US 9,240,009 B2
`
`5
`
`10
`
`15
`
`4
`application has not been provisioned, the operations further
`comprise sending to a server via the network interface an
`identifier identifying the application together with device
`information of a secure element, establishing a secured chan
`nel between the secure element and the server using a key set
`installed on the secure element, wherein the server is config
`ured to prepare data necessary for the application to function
`as designed on the mobile device, receiving the data from the
`server to associate the application with the secure element,
`and sending out an acknowledgement to a provider of the
`application about a status of the application that is now active
`with the secure element. The processor is further configured
`to determine if the secure element has been personalized
`before performing a provisioning process of the application.
`If the secure element has not been personalized, the mobile
`device is caused to personalize the secure element with a
`designed server.
`One of the objects, features, and advantages of the present
`invention is to enable a mobile device that can be used to
`perform a secured transaction with a party (e.g., at a point of
`sale, with a commercial server or accessing remotely) overan
`unsecured network (e.g., the Internet).
`Other objects, features, and advantages of the present
`invention, which will become apparent upon examining the
`following detailed description of an embodiment thereof,
`taken in conjunction with the attached drawings.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The invention will be readily understood by the following
`detailed description in conjunction with the accompanying
`drawings, wherein like reference numerals designate like
`structural elements, and in which:
`FIG. 1A shows a simplified architecture of an NFC-en
`abled mobile device with a secure element (SE):
`FIG. 1B shows a flowchart or process of personalizing an
`SE according to one embodiment of the present invention;
`FIG.1C shows relationships among an SE manufacturer, a
`TSM admin and the TSM system for both offline and online
`modes;
`FIG. 1D illustrates data flows among a user for an NFC
`device (e.g., an NFC mobile phone), the NFC device itself, a
`TSM server, a corresponding SE manufacturer and an SE
`issuer,
`FIG.1E shows a data flowchart or process of personalizing
`data flow among three entities: a land-based SAM or a net
`work e-purse server, an e-purse acting as a gatekeeper, and a
`single function tag, according to one embodiment;
`FIG. 2A shows a mobile payment ecosystem in which
`related parties are shown in order for the mobile payment
`ecosystem successful;
`FIG. 2B shows a flowchart or process of provisioning one
`or more applications according to one embodiment;
`FIG. 2C shows a data flow illustrating various interactions
`among different parties when an application is being provi
`Sioned in one embodiment;
`FIG. 2D shows a data flow among different entities when
`preparing the application data in provisioning an application;
`FIG. 2E shows a flowchart or process for locking or dis
`abling an installed application;
`FIG. 2F shows an exemplary architecture diagram of a
`portable device enabled as an e-purse conducting e-com
`merce and m-commerce, according to one embodiment of the
`present invention;
`FIG. 3A is a block diagram of related modules interacting
`with each other to achieve what is referred to hereinase-purse
`
`IPR2022-00413
`Apple EX1001 Page 28
`
`
`
`US 9,240,009 B2
`
`5
`personalization by an authorized personnel (a.k.a., personal
`izing a mobile device or a secure element therein while pro
`visioning an application);
`FIG. 3B shows a block diagram of related modules inter
`acting with each other to achieve what is referred to herein as
`e-purse personalization by a user of the e-purse;
`FIG. 3C shows a flowchart or process of personalizing an
`e-purse according to one embodiment of the present inven
`tion;
`FIG. 4A and FIG. 4B show together a flowchart or process
`of financing, funding, load or top-up an e-purse according to
`one embodiment of the present invention:
`FIG. 4C shows an exemplary block diagram of related
`blocks interacting with each other to achieve the process FIG.
`4A and FIG. 4B;
`FIG. 5A is a diagram showing a first exemplary architec
`ture of a portable device for enabling e-commerce and
`m-commerce functionalities over a cellular communications
`network (i.e., 3G, LTE or GPRS network), according an
`embodiment of the present invention;
`FIG. 5B is a diagram showing a second exemplary archi
`tecture of a portable device for enabling e-commerce and
`m-commerce functionalities over a wired and/or wireless
`data network (e.g., Internet), according another embodiment
`of the present invention;
`25
`FIG.5C is a flowchart illustrating an exemplary process of
`enabling the portable device of FIG. 5A for services/applica
`tions provided by one or more service providers in accor
`dance with one embodiment of the present invention;
`FIG. 6A is a diagram showing an exemplary architecture,
`in which a portable device is enabled as a mobile POS con
`ducting e-commerce and m-commerce, according to one
`embodiment of the present invention;
`FIG. 6B is a diagram showing an exemplary architecture,
`in which a portable device is enabled as a mobile POS con
`ducting a transaction upload operation over a network,
`according to an embodiment of the present invention;
`FIG. 6C is a flowchart illustrating an exemplary process of
`conducting m-commerce using the portable device enabled as
`a mobile POS with an e-token enabled device as a single
`functional card in accordance with one embodiment of the
`present invention;
`FIG. 6D is a flowchart illustrating an exemplary process of
`conducting m-commerce using the portable device enabled as
`a mobile POS against a an e-token enabled device as a multi
`functional card; and
`FIG. 7 is a diagram depicting an exemplary configuration
`in which a portable device used for an e-ticking application.
`
`10
`
`15
`
`30
`
`35
`
`6
`places in the specification are not necessarily all referring to
`the same embodiment, nor are separate or alternative embodi
`ments mutually exclusive of other embodiments. Further, the
`order of blocks in process, flowcharts or functional diagrams
`representing one or more embodiments do not inherently
`indicate any particular order nor imply limitations in the
`invention.
`Embodiments of the present invention are discussed herein
`with reference to FIGS. 1A-7. However, those skilled in the
`art will readily appreciate that the detailed description given
`herein with respect to these figures is for explanatory pur
`poses only as the invention extends beyond these limited
`embodiments.
`Near Field Communication (NFC) presents significant
`business opportunities when used in mobile phones for appli
`cations such as payment, transport ticketing, loyalty, physical
`access control, and other exciting new services. To Support
`this fast evolving business environment, several entities
`including financial institutions, manufactures of various
`NFC-enabled mobile phones and software developers, in
`addition to Mobile Network Operators (MNO), become
`involved in the NFC mobile ecosystem. By nature of their
`individual roles, these players need to communicate with
`each other and exchange messages in a reliable and interop
`erable way.
`Equally important to these entities or players, is the need
`for ongoing security and confidentiality of sensitive applica
`tions and data downloaded to and stored on an NFC enabled
`handset for performing contactless transactions. The compo
`nent in a mobile phone providing the security and confiden
`tiality required to Support various business models in this
`environment, is referred to as a Secure Element (SE).
`FIG. 1A shows a simplified architecture of a computing
`device 100. Unless otherwise explicitly indicated, the term of
`“computing device'. “mobile device' or “handset' will be
`interchangeably used herein, but those skilled in the art will
`understan
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
