(19) United States
`a2) Patent Application Publication co) Pub. No.: US 2012/0296819 Al
` Lu etal. (43) Pub. Date: Nov. 22, 2012
`
`
`
`US 201202968 19A1
`
`(54) METHOD FOR OPERATING AN E-PURSE
`
`Publication Classification
`
`Inventors:
`
`76)
`(76)
`
`ZhouLu, Beijing
`(CN); Muazhan,
`Yu, Beijing oN N);
`
`8
`
`(51)
`
`(52)
`
`Int. Cl.
`G060 20/34
`
`UWS. C1. ee ccc ceesesesssensreeseerseceeaness 705/41
`
`(2012.01)
`
`(21) Appl. No.:
`
`13/519,187
`
`(22) PCT Filed:
`(86) PCT No.:
`
`Jun. 29, 2011
`PCT/CN2011/076590
`
`§ 371 (c)(1),
`(2), (4) Date:
`
`Jun.26, 2012
`
`(30)
`
`Foreign Application Priority Data
`
`Jun. 29, 2010
`Jun. 29, 2010
`
`(ON) oeeeeeeeceeeee eens 201010213920.3
`(CN) veces 201010214132.6
`
`(57)
`ABSTRACT
`‘The invention discloses a method for operating an e-purse,
`relating to the information security field. ‘he method
`includes that a CPUcard enters into a contactless induction
`area of a terminal, is powered up andinitialized, receives an
`operation initializing instruction from the terminal, reads and
`stores data comprising transaction amount in the operation
`initializing instruction, and performsthe related operation.
`The operation initializing instruction is a complex loading
`initializing instruction or a purchaseinitializing instruction.
`The data comprises lransaction amount.
`
`_ A CPUcard enters into a contactless inductive area ofa |”
`terminal, is powered up andinitialized
`
`
`Receive a loading initialization instruction sent bya
`terminal, read andstore data including atransaction amount- “
`in the instruction, perform loading initialization.
`
`yr 52
`
`; oo $3
`Receive an instruction for updating the complex
`
`| application specific file sent by the terminalandretrieve ~
`thecomplexapplicationspecificfile
`
`
`
`Write pre-determined data in storage space ofthe
`complex application specific file and replace whatis
`Leneaeanemnmanennanrantnnannnnensee
`acinesinnieinnintenennnsnnannntnatntniatanninatcnansaananind
`___previouslyinit.
`
`
`
`
`
`_ Receive the loading instruction sent by the terminal, read _
`and store data in the instruction
`i
`
`.Np
`|}
`' Compute the transaction amount and data in the complex
`_ application specific file with predetermined algorithm to
`obtain a new amount, add the new amountto balance of
`__thee-pursetoobtainnewbalance,andendtheloading._
`
`i i:
`
`iL
`
`J}
`
`L
`
`_® S6
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 1 of 19
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 1 of 19
`
`

`

`Patent Application Publication
`
`Nov. 22,2012 Sheet 1 of 5
`
`US 2012/0296819 Al
`
`A CPUcard enters into a contactless inductive area ofa
`terminal, is powered up and initialized
`
`» 82
`
`Receive a loading initialization instruction sent by a
`terminal, read and store data including a transaction amount ~
`in the instruction, perform loading initialization.
`
`
`Receive an instruction for updating the complex aaa
`_ application specific file sent by the terminal and retrieve ~
`
`
`Lo84
`Write pre-determined data in storage space ofthe
`complex application specific file and replace what is
`
`
`
`_ Receive the loading instruction sent by the terminal, read
`and store data in the instruction
`
`A
`
`_ application specific file with predetermined algorithm to | -» S6
`| obtain a new amount, add the new amount to balance of |
`__thee-pursetoobtainnewbalance,andendtheloading.|
`
`Figure |
`
`Google LLC v. RFCyber Corp. / Page 2 of 19
`
`GOOG-1024
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 2 of 19
`
`

`

`Patent Application Publication
`
`Nov. 22,2012 Sheet 2 of 5
`
`US 2012/0296819 Al
`
`ve Add » 102
`
`a init
`
`read andstor
`
`
`
`
`
`thet
`unmet
`it
`
`Whee: i Sul. pe
`
`ing nunber in the
`_ Yes
`a .
`fe pseudo random sumber and a pro:
`Lae
`
`key
`
`e 105
`vs
`
`106
`
`
`Return asatis code 025403 To
`
`rifal a
`t
`t
`4
`the
`he
`oF a nd ord ne
`
`
`woos DA
`
`
`
`Return am
`i espe
`
`
`1Gthe tern nat
`.
`see
`x.
`“> 108
`Receive an instruction for updating the complex application | ~
`i
`:
`
`to?
`
`
`
`complex application specific file
`r size of Data field in the instruction is
`
`a
`us
`L Return
`» OXGAR4 to the terminal
`
`
`|
`|
`
`
`tield io the received instruction
`
`
`
` No OAT
`
`seen » OxGA82 to the Lerninal
`
`|
`eng1heoper ati on
`
`ncl_endtheoperation he
`
`
`
`Wite datainTataiTaaor “CROATCARPCATACACFE|
`into the conpl ex application specific file and»
`i ie!
`
`
`AE
`
`
`
`Return am
`sponse to UPLATECAFP DATACACHE ad Hs
`atothetermna
`
`
`me a4
`
`a
`
`4 118
`Receive the loading instruction CRELI T FOR CAPP LOAQ Ler 6
`\
`read and store data of
`it
`|
`| Returnastatus code |
`
`09302 to the
`
`
`Hew
`
`
`
`Update transaction details of the e-purse -~
`cecenen
`¥.
`Compute a transaction authenticating code TAC
`Leerop
`
`-
`
`
`Return a message in responsetoCFELDTFCRCARP LODto| ae 122
`
`Figure 2
`
`Google LLC v. RFCyber Corp. / Page 3 of 19
`
`GOOG-1024
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 3 of 19
`
`

`

`Patent Application Publication
`
`Nov. 22,2012 Sheet 3 of 5
`
`US 2012/0296819 Al
`
`
`"ReceivetheirinstructionINITIAL,
`OR
`Pt IRCHASE, read and store:datathereof|
`
`MK
`
`
`
`| Return status code 0x9403 |
`
`___No
`|
`to the terminal and end
`|
`-
`purchase initializing
`operation
`
`
`
`
`
`
`Return status code 0x9401
`fe
`.
`+
`'
`~
`. Yes _» to the terminal and end
`-“6tthe e-purse and determine whethet™
`
`transaction amountincluded in the instruction ig>>—~!
`purchase initializing
`Oe bigger than balance phis overdraft,""
`“operation
`~Limitoofthe e-e-purse es sonar nuonenseninninnnaneac
` r
`
`—~ ® 206
`"Gener:ate § pseudo randomnumber andaaprocess
`<
`key
`
`Sonn
`cy am 207
`: Senda message in responseto the instruction
`.
`[ INTTIALIZEFORPURCHASEtothe terminal
`
`
`
`__puchase
`
`|L
`
`n
`
`208
`
`of
`
`210
`- Return status code |
`
` terminal and end
`+ 0x9302 to the
`~Nithenticate whether MACSincludedtir
`~ the inst
`ction 18 valid bytthe pro key~
`
`
`-dyYes
`eenmenenensonnonnnennenaen LM...
`sasunneyneensnennnnnsentennininnenineny
`“Add.Lto the serial number ofoffline transaction of e- |
`|Purse:anddeductaddition from balanceof the e-purse |
`
`
`| Generated a fourth message authenticating code
`| MAC4 and compute a transaction authenticating
`
`_code TAC —
`
`en
`Return a message in responseto the instruction
`DEBIT FOR PURCHASEtothe terminal and end i “
`operation sd
`
`= -* 213
`
`» 214
`
`Figure 3
`
`Google LLC v. RFCyber Corp. / Page 4 of 19
`
`GOOG-1024
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 4 of 19
`
`

`

`Patent Application Publication
`
`Nov. 22,2012 Sheet 4 of 5
`
`US 2012/0296819 Al
`
`CPU card enters into a contactless induction area ofa
`terminal, is powered up and initialized
`
`sown
`Waitforrreceiving an instructionsentbytheterminal
`
`
`
`
`p 402
`
`io
`
`Upon receiving the purchaseinitializing instruction sent
`bythe terminal, read and store the data includinga
`transaction amountinit.
`
`|
`|
`
`> 403
`
`Compute the transaction amount and value ofarecord 7” 404
`pertained to it in the complex application specific file
`
`-— inthe e-purse to |
`
`[pnrnsconanntitainaistnatitndnanetntttmanttiientntnenct
`
`send a message of
`inadequate balance |
`end theoperation |
`the terminal and
`
`ee
`
`.
`
`~
`
`=e
`
`otSAPUISE
`" overdraft limit of
`
`Generate a pseudo random number and a process key and
`|
`return a message in response to the purchaseinitializing
`instructiontotheterminalJ
`
`asa|
`Receive the purchase instruction sent by the terminal,
`read and store data ofit.
`
`7» 406
`
`to the, purchase instruction to the terminal
`
`Figure 4
`
`Google LLC v. RFCyber Corp. / Page 5 of 19
`
`GOOG-1024
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 5 of 19
`
`

`

`Patent Application Publication
`
`Nov. 22,2012 Sheet 5 of 5
`
`US 2012/0296819 Al
`
`Wait for renwiving an
`application bruce
`
`
`ty
`[MAL Ze POR CAP LOB
`
`AA ae,
`
` is in the
`inciucie:
`
`FOR PURORSE
`Return status
`
`~
`1
`code OS9403
`
`
`
`peckrhentieh 1
`°
`tothe
`flexing mumber
`mictaded in
`ei
`:
`
`veto
`Restioal and
`
`
`L Yes
`) Pompate-the-transnelfion amnountand-enteres
`.
`j
`in eolated racer
`the complex
`)
`application. apecific
`
`| predetermined algorttin and obtain a now
`AOR
`Ge
`sens
`seme
`9
`ra
`,
`anit
`,coe
`Retern sans |
`.
`:
`st
`
`
`
`Wecelve§feet » So a - ;
`
`
`vores
`cade 0x94|
`
`
`
`or than the balance pilus ¢
`to the
`i
`os ee eT DE
`*
`Sredealinsit
`ofthy.e git!
`_beemieal and |
`MPGME, ARUCADgent by the tecnéral |
`& 516
`&
`ore
`:.33
`Letal apes ali or
`
`~
`
`|
`L
`
`
`
`* OS
`
`t
`
`
`
`
`ing humber wielded in the”
`.
`“ad eee ve
`was
`
`
`
`
`
`
`non aith a same SE
`® 833
`iid a MOIS TTTAROHHS
`her there is a Hleaeder
`[onstiaeting ENTE ALL ZE FOR PUR RSE
`aden |
` i wed BABEL
`
`trammaction |
`
`
`x
`
`
` |°Receive the instruction TET POY Re :
`
`
`
`PLPCHAGE sent by the terninal,
`|
`i
`L
`i
`
`j sade ORGARS taf
`
`uf ped and store dala theredt /
`
`Tetrie o
`oR
`
`meaber set in die He
`vee 8b / Bat us oer
`LLANSACLLon
`:
`
`
` aset ing
`
`CLL OF.
`Ox9802 to
`be
`Aarieved $
`he ter rinat |
`
`
`cree
`EF
`es Of
`|
`be
`and end
`code OXBANE CO
`CATA bet din the i nstructPon~
`epetallon.
`
`
`the ter ni nal fees OLS | arger
`than size of the-
`and end the
`“retkLeved recore?”
`
`J oad ng
`oN
`Leansset ior
`“
`Write data in DATA feld of the instructionint
`
`
`
`curd and replace what is previously
`poo
`
`Retuim a message in eeeponse i
`
`|
`|
`|
`
`aia
`aa
`
`* SK
`
`tothe terminal
`
`eevee
`
`S21 9.
`i
`.
`$21
`| Receive the inatnicticn CHEE T AR
`| Pet ai aal .Ceadand
`
`Rea
`\
`
`code Ox83O2. to!
`ade _
`|
`
`i
`| the terminal +
`cy SHO
`[ae ant
`¥
`a_.
`tothe
`|
`| Retaria message sn response
`:
`
`
`aa
`oe
`insimetion ORE T FOR PURCHASE to Lv
`|
`
`cl transactionamounttohalanceoftheadd the
`
`
`the terminal and end transaction |
`the serial number af cntine transacin ofthe €
`
`
`
`Sle
`
`:
`
`ating! /
`mal
`code MACGand compute a transaction
`i
`authenticating code TAC
`ee
`—
`
`_» 339
`
`
`
`eaurse|mnemnoneneennn SeeOFj
`
`Google LLC v. RFCyber Corp. / Page 6 of 19
`
`GOOG-1024
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 6 of 19
`
`

`

`US 2012/0296819 Al
`
`Nov. 22, 2012
`
`METHOD FOR OPERATING AN E-PURSE
`
`FIELD OF THE INVENTION
`
`[0001] The invention relates to the information securily
`field, in particular to a method for operating an e-purse in a
`CPUcard.
`
`BACKGROUND OF THE INVENTION,
`
`[0002] CPUcard has a microprocessor which functions as
`a micro processor, inside of its chip and includes a central
`processor unit (CPU), aread-only memory (ROM), a random
`
`access memory (RAM)and anelectrically erasable program-
`
`
`
`mable read-only memory (EEPROM), and thus boasts of
`high-volume,highersecurity, off-line job and multi-function
`development.
`[0003] The CPU card improvessecurity by applying a pow-
`erful andstable security controller, and the internal and exter-
`nal authentication system particular to it and excluded
`authentication system flagged by Banking ICcard specifica-
`tion ensure validity and security of a transaction, and firewall
`function of the CPUcard guarantees security and indepen-
`dence of different applications in one card. and the high-
`volumestorage space of the CPU card mects requirement of
`storage of more customerinformation generated bypredict-
`able large amount expenditure applications.
`[0004]
`In the priorart, e-purse in a CPU card can perform
`basic transaction functions such as general loading, purchas-
`ing, cash withdrawing, and overdraw limit updating. How-
`ever, for a special application, for example promotionon tier
`discounts for different loading amounts in those member
`cards of shopping mall. super market, restaurant, gymnasium
`and the like, the general loading and purchasing function of
`the e-pursein priorart is deficient.
`
`
`
`SUMMARYOF THE INVENTION
`
`
`In order to solve the problem in thepriorart, the
`[0005]
`invention provides a method for operating an e-purse.
`[0006] A method for operating an e-purse, comprising:
`[0007]
`entering into a contactless induction area of a
`terminal, being powered up andinitialized by a CPU
`card, receiving an operation initializing instruction,
`which is
`a complex-complex loading initializing
`instruction or a purchase initializing instruction sent by
`the terminal, reading and storing data comprising a
`transaction amount, included in the operation initializ-
`ing instruction:
`in case that the operationinitializing instruction is a complex-
`loading initializing instruction, performing a complex-load-
`ing initializing operation by the CPU card, receiving an
`instruction for updating a complex application specific file
`sent by the terminal, retrieving the complex application spe-
`cific file, writing predetermined data into the storage space of
`the complex application specific file to replace what is previ-
`ously in the storage space, receiving the complex-complex
`loading instruction sent by the terminal, reading and storing
`data in the complex-complex loading instruction, computing
`the transaction amount and data in the complex application
`specific file according to predetermined algorithmto obtain a
`new amount and adding the new amountto balance of the
`e-purse to obtain a newbalance;
`in case that the operationinitializing instructionis a purchase
`initializing instruction, computing the transaction amount
`and value in related record ofthe complex application specific
`
`file according to predetermined algorithm to obtain a new
`amount by the CPU card, reading balance of the c-purse,
`determining whether the new amountis larger than balance of
`the e-purse plus the overdraft limit of the e-purse, if yes,
`returning a message of inadequate balance in the e-purse to
`the terminal and ending the operation by the CPU card; ifno,
`generaling a pseudo random umber and a process key, send-
`ing a message in responseto the purchase initializing instruc-
`tion to the terminal, receiving a purchase instruction sent by
`the terminal, reading andstoring data in the purchase imstruc-
`tion, deducting the new amount from balance ofthe e-purse to
`obtain a newer amount and returning a messagein response to
`the purchase instruction to the terminal.
`[0008] Advantages:
`[0009]
`‘The invention discloses a method for operating an
`e-purse, which makes the whole transaction safer, prevents
`the complex application specific file in a CPUcard from being
`modified invalidly, simplifies the tier discounts bysetting the
`complex application specific file in case of loading, and
`reduces cost on management.
`
`
`
`BRIEF DESCRIPTIONS OF THE DRAWINGS
`
`FIG. 1 is a flow chart of a method for complex-
`[0010]
`loading an e-purse provided in Embodiment 1;
`[0011]
`FIG. 2 is a detailed flow chart of a method for com-
`
`plex-loading an e-purse provided in Embodiment 1;
`[0012]
`FIG.3 is a detailed flow chart of a method for pur-
`chase with an e-purse provided in Embodiment1;
`[0013]
`FIG. 41s a flowchart ofa method for purchase with
`an c-purse provided in Fmbodiment 2; and
`[0014]
`FIG. 5 is a detailed flow chart of a method for pur-
`chase with an c-purse provided in Embodiment2.
`
`DETAILED DESCRIPTIONS OF THE
`EMBODIMENTS
`
`For making purpose, solution and advantage ofthe
`[0015]
`invention more explicit, a detailed description will be given of
`embodiments of the invention in accompany with the draw-
`ings.
`
`Embodiment 1
`
`[0016] Forsimplifying the tier discounts preference, acom-
`plex application specific file is required to be set in case of
`complex loading. The embodiment provides a method for
`complex-loading an e-purse, as shown in FIG. 1, including
`steps as follows.
`[0017]
`Step $1, CPU card enters into a contactless induc-
`tion area of a terminal, is powered up and initialized.
`[0018]
`Step $2, the CPU card receives a complex loading
`initializing instruction sent by the terminal, reads and stores
`data including transaction amount, in the complex loading
`initializing instruction and executes the complex loading ini-
`tializing operation.
`[0019]
`Step 83, the CPU card receives an instruction for
`updating the complex application specific file sent by the
`terminal andretrieves the complex application specific file.
`[0020]
`Step $4, write predetermined data to the storage
`space of the complex application specific file and replace
`what is previously in the storage space.
`[0021]
`Step S5, receive the complex loading instruction
`sent by the terminal, read and store data in the complex
`loading instruction.
`
`Google LLC v. RFCyber Corp. / Page 7 of 19
`
`GOOG-1024
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 7 of 19
`
`

`

`US 2012/0296819 Al
`
`Nov. 22, 2012
`
`[0024] The embodiment provides a method for complex-
`loading an e-purse, for example an e-purse in a CPU card in
`the embodiment. Besides basic transaction functions of a
`common e-purse, the e-purse in a CPU card boasts of all
`transaction functions of a complex application e-purse along
`with the complex-loading function, and the complex-loading
`ofthe e-purse in a CPU card is executed at a CPU terminal.
`Whencomplex-loading ofthe e-purse in a CPU card, it com-
`putes a transaction amountand a value specially defined in the
`complex application specific file with predetermined algo-
`rithm to obtain a new amount and adds the new amount to
`balance of the e-purse, and correspondingly the paymentis
`executed with the balance in case of paying.
`[0025] As shown in FIG. 2, a method for complex loading
`of an e-purse in a CPU card includessteps as follows.
`[0026]
`Step 101,aCPUcardenters into a contactless induc-
`tion area of a terminal, is powered up and initialized.
`[0027]
`Step 102, receive a complex-loading initializing
`instruction INITIALIZE FOR CAPP LOADsentbytheter-
`minal, read and store data in the instruction.
`[0028]
`In the embodiment, the complex-loading initializ-
`ing instruction INITIALIZE FOR CAPP LOAD is used for
`initializing the complcx-loading transaction, and message in
`the instruction INITIALIZE FOR CAPP LOADis comprised
`of an instruction header and an instruction body, which are
`respectively (CLA INS+P1+P2) and (Le+Data+Le).
`[0029] CLA+INS+P1+P2 refer to the instruction header
`and Lc+Data+Lereferto the instruction body. The instruction
`header includes codesofthe instruction. ofwhich CLArefers
`to typeof the instruction, INS to codesof the instruction, P1
`and P2 to parameters ofthe instruction respectively. Ofthe
`instruction body, Le refers to size of the data in Data field,
`Data to data in the instruction INITIALIZE FOR CAPP
`TOAD and Te to the maximum numberof bytes in APDU
`datafield.
`[0030] The data in Data field of the instruction TNITTAT.-
`IZE FOR CAPP LOADincludes a key indexing number, a
`transaction amount and a terminal number in the embodi-
`ment.
`
`[0035] The generating process key in the embodiment
`Step 86, compute the transaction amountanddata in
`[0022]
`includessteps of linking the pscudo random number,scrial
`the complex application specific file with predetermined
`number of online transaction of the e-purse and 8000
`algorithm to obtain a new amount, add the new amountto
`together, encrypting the linked data with a loading key DLK
`balance of the e-purse to obtain a new balance, and end the
`to obtain encrypted data, that is the process key.
`complex loading.
`[0023] Embodiments are provided below for detailed
`[0036]
`Step 106, compute a first message authenticating
`description of the method ofthe invention.
`code MAC] with the process key.
`[0037] The computingafirst message authenticating code
`Embodiment 1
`MAC1 with the process key includes steps of linking the
`balance, transaction amount, transaction type ID and terminal
`number of the e-purse together before the transaction,
`encrypting the linked data with the process key. The first four
`bytes of the encrypted data are the first message authenticat-
`ing code MAC1.
`[0038]
`Step 107, return a message in response to the
`instruction INITIALIZE FOR CAPP LOADto the terminal.
`[0039] The message in response to the instruction INI-
`TIALIZE FOR CAPP LOADis comprised of Datatsw1+
`sw2, in case of a successful executionofthe instruction INI-
`‘TIALIZE FOR CAPP LOAD,bothstatus codes sw1 and sw2
`in the response message are 9000 and data in Data field ofthe
`response messageincludes balance of CPU c-purse before the
`transaction, serial numberof online transaction of the CPU
`e-purse, version numberofthe key, algorithm identification
`(ID), pseudo random number and MAC1;
`[0040]
`or in case of a failed execution of the instruction
`
`INITIALIZE FOR CAPP LOAD,both status codes sw1 and
`sw2 in the response message are not 9000 andthere is not a
`DATAfield.
`[0041]
`Specifically, the message in responseto the instruc-
`tion INITIALIZE FOR CAPP LOADis 00 00 00 00 00 01 02
`03 01 02 03 04 00 01 B10A 90 00.
`
`[0042]
`Step 108, receive an instruction UPDATE CAPP
`DATA CACHEfor updating the complex application specific
`file sent by the terminal.
`The instruction UPDATE CAPP DATA CACHEis used for
`updating data in the complex application specific file.
`The complex application specific file is comprised of a file
`header anda file body. The file header includes a two-byte
`FILE_ID, one-byte FILE TYPE, two-byte FILE SIZE, one-
`
`byte ACI, one-byte AC2 and two-byte RFU. FILE TYPE 00
`indicates a binary file, 01 a fix-sized record file, 02 a change-
`able-sized record file, 03 a recycle file and 05 a keyfile.
`Correspondingly, File Size for a binaryfile represents size of
`the file, Vile Size for a fix-sized record file refers to number
`and size of records, File Size for a changeable-sized record
`file to number and maximum size of records, File Size for a
`recyclefile to numberand size of records, and File Size for a
`
`
`[0031] key file to numberandsize of records. AC] refers toafileSpecifically, the received instruction INITIALIZE
`FOR CAPP LOADin the embodimentis 80 50 06 02 OB 02
`reading privilege and AC2to a file writing privilege. What is
`
`00 00 03 E8 00 00 00 00 0001 10, ofwhich 80 refers to CLA,
`in the file body is data in the complex application specific file.
`50 to INS, 06 to P1 which is defined as a complex-loading
`[0043]
`Specifically, the complex application specific file is
`
`initializing flag, 02 to P2 which is defined as an e-purseflag,
`a binary file, and so FILE TYPEis 00, FILE SIZE refers to
`OB to Le, 02 to the key indexing numberin Data field, 00 00
`size of the file which is O00B and contentin the file bodyis
`03 E8 to the transaction amount in Data field, 00 00 00 00 00
`empty.
`01 to the terminal numberin Data field and 10 to Le.
`Further, message ofthe instruction UPDATE CAPP
`[0044]
`[0032]
`Step 103, check whether the CPU carditself sup-
`DATA CACHEis comprised of CLA+INS+P1+P2 Le+Data
`and in the embodiment, the instruction UPDATE CAPP
`ports the key indexing number included in the instruction
`DATA CACHEis 80 D6 92 B1 04 00 01 20 00, of which 80
`INITIALIZE TOR CAPP LOAD,if no, Step 104 is executed;
`refers to CLA, D6 to INS, 92 to P1, B to P2, 04 to Le and 00
`if yes, Step 105 is executed.
`Q1 20 00 to Data.
`[0033]
`Step 104,return a status code 0x9403 to the terminal
`
`[0045] Data in Datafield ofthe instruction UPDATE CAPP
`and end the complex loading initializing operation.
`
`[0034]
`Step 105, generate a four-byte pseudo-random num-
`DATA CACHEis newdata to be written to the complex
`ber and a process key.
`application specific file. Because special application of the
`
`
`
`
`
`
`
`Google LLC v. RFCyber Corp. / Page 8 of 19
`
`GOOG-1024
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 8 of 19
`
`

`

`US 2012/0296819 Al
`
`Nov. 22, 2012
`
`Go
`
`It includessteps of writing a rate value of 120%to
`[0058]
`complex application specific file may be defined by a card
`the complex application specific file and replacing what is
`distributor, so be data in Data ficld. Specifically, in case that
`previously in it.
`the complex application specific file is defined asa ratefile,
`data in Data field is value of the rate, such as 120%.
`[0059] Because the complex application specific file is an
`[0046]
`Incase of a defined rate value of 120%, data in the
`emptyfile, the step is writing 00 01 20 00 in Datafield of the
`
`instruction UPDATE CAPP DATA CACHEto the complex
`instruction UPDATE CAPP DATA CACHE may be not
`120%, but 83.3 or 20%.
`applicationspecific file.
`[0060]
`In case of a rate value of 83% in the instruction
`[0047] Or data in the instruction UPDATE CAPP DATA
`
`
`UPDATE CAPP DATA CACHE,the step is writing 83.3% to
`CACHEmaynotincludea rate value, but generate a rate value
`with a transaction amountafter determinationofthe transac-
`the complex applicationspecific file: or in case ofa rate value
`of20% in the instruction UPDATE CAPP DATA CACHE,the
`tion amount included in the complex loading initializing
`slep is writing 20%into the complex application specific file.
`instruction by the CPU card, and the generated rate value is
`
`[0061] Or data in the instruction UPDATE CAPP DATA
`written to the complex application specific file.
`
`[0048] CACHEmaynotincludearate value, but generate arate valueFor example, in case of a transaction amount of
`
`RMB800 yuan in the complex loading, initializing instruc-
`with a transaction amount according to predetermined algo-
`rithmafter determinationofthe transaction amount included
`tion, less than the predetermined lower limit RMB2000 yuan,
`arate value of 90%or 111.1% or 11.1% or RMB100 yuanis
`in the complex loading initializing instruction by the CPU
`generated; in case of a transaction amount of RMB5000 yuan
`card, and then the generated rate value is written to the com-
`in the complex loading initializing instruction, between the
`plex application specific file after determining whether size of
`predetermined lower limit RMB2000 yuan and the upper
`the generated valueis larger than size of the complex appli-
`limit RMB6000 yuan,a rate valuc of 80% or 125%or 25% or
`cationspecific file ornot. For example, in case of a transaction
`RMB600 yuanis generated; in case ofa transaction amount of
`amount of RMB800 yuan in the complex-loadinginitializing
`RMB8000 yuan in the complex loading initializing instruc-
`instruction,
`less
`than the predetermined lower
`limit
`tion, more thanthe predetermined lowerlimit, a value of75%,
`RMB2000 yuan,a rate value of 90% or 111.1% or RMB100
`or 133%, or 33%, or RMB2000 yuanandetc. is generated.
`yuan is generated and written to the complex application
`specific file; in case of a transaction amount of RMB5000
`[0049]
`Step 109, determine whether there is an SFI (short
`file identifier) field in the received instruction UPDATE
`yuanin the complex-loadinginitializing instruction, between
`the predetermined lower limit RMB2000 yuanand the upper
`CAPP DATA CACHE,ifyes, Step 110 is executed; ifno, Step
`111 is executed.
`limit RMB6000 yuan,a rate value of 80%or 125% or 25% or
`RMB600 yuanis generated and written to the complex appli-
`[0050] The determining whetherthere is an SFIfield in the
`
`cation specific file;
`in case of a transaction amount of
`instruction UPDATE CAPP DATA CACHEincludessteps of
`RMB8000 yuan in the complex-loadinginitializing instruc-
`determining whether the higher three bits of the instruction
`tion, bigger than the predetermined upper limit RMB6000
`UPDATE CAPP DATA CACHEare 100,if yes, there is an
`SFIfield and the lower five bits refer to value ofthe SF!field;
`yuan, a rate value of 75% or 133% or 33% or RMB2000 yuan
`is generated and written to the complex application specific
`or if no, there is not an SFI field.
`file.
`[0051]
`Specifically, P1 of the instruction UPDATE CAPP
`
`Step 115, return a message in response to the
`[0062]
`DATA CACHEis 92, which indicates that the higher three
`
`instruction UPDATE CAPP DATA CACHEtothe terminal.
`bits of P1 are 100 and there is an SFIfield.
`[0063] The message in response to the instruction
`[0052]
`Step 110, retrieve whether there is a file under the
`
`UPDATE CAPP DATA CACHEis comprised of swl+sw2
`current application of the CPU card with a same SI'l as the
`and there is nota DATAfield. In case ofa successful execution
`SFTin the instruction UPDATE CAPP DATA CACHE,if no,
`ofthe instruction, the response messageis 9000 while in case
`Step 111 is executed; if yes, Step 112 is executed.
`ofa failed execution ofthe instruction,the response message
`[0053]
`Step 111, return a status code 0x6A82 to the term1-
`is not 9000.
`nal and end the operation.
`[0064]
`Step 116, receive the complex-loading instruction
`[0054]
`Step 112, take the file retrieved at Step 110 as the
`CREDIT FOR CAPP LOAD sent by the terminal, read and
`complex application specific file and check whether size of
`store data in Datafield ofthe instruction.
`Data field in the instruction UPDATE CAPP DATA CACHE.
`[0065] The complex-loading instruction CREDIT FOR
`is larger than size of the complex application specific file, if
`CAPP LOADisused for complex loading thetransaction, and
`yes, Step 113 is executed; or if no, Step 114 is executed.
`message of the instruction CREDIT FOR CAPP LOADis
`[0055] Because the complex application specific file is a
`comprised ofCLA+INS+P1+P2+Lce+Data+Le, ofwhich data
`binary file, size of it is value of FILE SIZE. Step 112 specifi-
`in Datafield includestransaction date, transaction time and a
`cally is determining whether value of Lc field in the instruc-
`second message authenticating code MAC2.
`tion UPDATE CAPP DATA CACHEis biggerthan the value
`[0066] The received instruction CREDIT FOR CAPP
`of FILE SIZE in the complex application specific file. The
`LOADis 80 52 00 00 0B 07 DA 06 08 0A 14 2D 0001 Al 0B
`value of Le field in the instruction UPDATE CAPP DATA
`08, of which 80 refers to CI.A, 52 to TINS, 00 to Pt, 00 to P2,
`CACHEis 04 and value of FILE SIZE is OOOB, and therefore
`size of Data field in the instruction UPDATE CAPP DATA
`OB to Lc, 07 DA 0608to transaction date in Datafield, OA 14
`2D to the transaction time in Data field, 00 01.A1 OB to MAC2
`CACHEis not larger than that of the complex application
`in Data field and 08 to Le.
`specific file.
`[0056]
`Step 113, return a status code 0x6A84 to the termi-
`[0067]
`Step 117, authenticate whether the second message
`authenticating code MAC2 is valid,
`if no, Step 118 is
`nal and end the operation.
`executed; or if yes, Step 119 is executed.
`[0057]
`Step 114, write data in Datafield ofthe instruction
`
`UPDATE CAPP DATA CACHEto the complex application
`[0068] The authenticating whether MAC2is valid includes
`specific file and replace what is previouslyin it.
`steps of linking the transaction amount, transaction typeid,
`
`
`
`
`
`
`
`Google LLC v. RFCyber Corp. / Page 9 of 19
`
`GOOG-1024
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 9 of 19
`
`

`

`US 2012/0296819 Al
`
`Nov. 22, 2012
`
`new amount RMB10060 yuanto the balance RMBO yuan of
`terminal number, transaction date and time together, encrypt-
`the e-purse and the new balanceis biggerthan the transaction
`ing the linked data withthe process key generated at step 105,
`amount RMB8000 yuan plus the balance RMBO yuan ofthe
`and comparing the first four bytes of the encrypted data to
`MAC2in Datafield of the instruction CREDIT FOR CAPP
`e-purse. For further example, in case ofa written rate value of
`LOAD,ifa match is not found, MAC2is invalid; or ifa match
`33%, a new amount of RMB10060 yuan is obtained bythe
`is found, MAC2is valid.
`transaction amount RMB8000 yuan *the rate value 33%+the
`transaction amount of RMB8000 yuan, and a newbalance of
`[0069]
`Step 118,return a status code 0x9302to the terminal
`RMB10060 yuan of the e-purse is computed by adding the
`and prompt an invalid MAC2.
`new amount RMB10060 yuanto the balance RMBOyuan of
`[0070]
`Step 119, add 1 to the serial numberof online trans-
`the e-purse and the new balanceis bigger than the transaction
`action of the e-purse, compute the transaction amount and
`amount RMB8000 yuan plus the balance RMBO yuan ofthe
`value in the complex application specific file with a predeter-
`e-purse.l'or further example, in case ofa written rate value of
`mined algorithm to obtain a new amount and add the new
`RMB2000 yuan, a new amount of RMB10000 yuan is com-
`amount to balance of the e-purse.
`puted by adding the transaction amount RMB8000 yuanto
`[0071] The predetermined algorithm includes multiplex,
`the rate value RMB2000 yuan, and a new balance RMB10000
`division, addition, subtraction and various combinations of
`yuan is computed by the new amount RMB10000 yuan plus
`the four algorithms.
`the balance RMBO yuan,and the new balanceis larger than
`[0072]
`Further, value in the complex application specific
`the transaction amount RMB8000 yuan plus the balance
`file refers to a rate value, for example 120%, and in case ofa
`RMBOyuan ofthe e-purse.
`transaction amount of RMB1000 yuan and a balance of
`[0076]
`Step 120, update transaction details of the e-purse.
`RMBOyuanin the e-purse, a new amount RMB1200 yuan is
`[0077]
`Specifically the step is linking serial number of
`obtained by multiplexing the transaction amount RMB1000
`online transaction of the e-purse, transaction amount, trans-
`yuan by the rate value of 120%recorded in the complex
`action lype id, terminal number, transaction date and time
`application specific file, and then a new balance RMB1200
`together to form a record for updating the standard transac-
`yuan is obtained by adding the new amount RMB1200 yuan
`tion details.
`to the balance RMBO yuanofthe e-purse, and so the new
`
`[0078] Step 121, computeatransaction authenticating code
`balance RMB1200 yuan of the e-purse is bigger than the
`TAC.
`transaction amount RM