`
`
`
`
`
`3083
`
`8Al
`
`US 201201
`
`(19) United States
`a2) Patent Application Publication co) Pub. No.: US 2012/0130838 Al
`(43) Pub. Date: May 24, 2012
`
`Kohetal.
`
`(54)
`
`METHOD AND APPARATUS FOR
`PERSONALIZING SECURE ELEMENTSIN
`MOBILEDEVICES
`
`(75)
`
`Inventors:
`
`Liang Seng Koh, Fremont, CA
`(US); Hsin Pan, Fremont, CA (US);
`Xiangzhen Xic, Shenzhen (CN)
`
`Publication Classification
`
`(51)
`
`Int. Cl.
`G06O 20/32
`HOAW12/04
`G06O 30/06
`GU6E21/00
`
`(2012.01)
`(2009.01)
`(2012.01)
`(2006.01)
`
`(73)
`
`Assignee:
`
`RECyber Corp.
`
`(21)
`
`Appl. No.:
`
`13/350,832
`
`(22)
`
`Tiled:
`
`Jan. 16, 2012
`
`Related U.S. Application Data
`
`(63)
`
`Continuation-in-part of application No. 11/534,653,
`filed on Sep. 24, 2006, now Pat. No. 8,118,218, Con-
`tinuation-in-part of application No. 11/739,044, filed
`on Apr. 23, 2007, which is a continuation-in-part of
`application No. 11/534,653, filed on Sep. 24, 2006,
`now Pat. No. 8,118,218.
`
`(52) US. CM. cescccsssssssesssssesesssee 705/26.1; 726/6; 705/44
`
`(57)
`
`ABSTRACT
`
`Techniques for personalizing secure elements in NFC devices
`to enable various secure transactions over a network (wired
`and/or wireless network) are disclosed. With a personalized
`secure element (hence secured element) in place, techniques
`for provisioning, various applications or servicesare also pro-
`vided. Interactions among, different parties are managed to
`effectuate a personalization or provisioning process flaw-
`lessly to enable an NFC device for a user thereof to start
`enjoying the convenience of commerce over a data network
`with minimum effort.
`
`E
`Processor |
`a ee
`yz
`
`Secured
`
`memary
`
`40?
`
`409
`Card
`interface
`
`404 Network interface
`
`Secure Element
`
`NEC controller
`
`103
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 1 of 40
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 1 of 40
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 1 of 25
`
`US 2012/0130838 Al
`
`6ob pleD|painseg=sossaodig
`
`
`BORO|yo.AjoujeusSUL
`
`
`
`juoReayddy|BSNaa
`
`
`
`RARAAAAARRRRERSSEORAERESCARAERAEAREEAESEORAEERSSOAAARMERERREAORRRERSSORARARARENERERRAAERASTaemsannnarennmnssenngenssestoe
`
`
`
`
`
`
`
`£04|SOBLS]ULOMB
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`SoTt—°N®D©oO—ai°Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 2 of 40
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 2 of 25
`
`US 2012/0130838 Al
`
`anaOLL“oy
`
`Hera
`
`
` noneSa{SOREaunusdcanoe
`
`
`
`are
`
`”
`
`MIS
`
`
`
`
`
`PloaGeLeB4}RASSPOIAODBulUABye8)
`
`Ohhmoe
`
`neJeibend
`
`
`iiOug1208
` BILLDOE
`
`
`
`
`
`fo
`Nea
`
`ag
`
`ws;osoeEGOERUOFi.ayomaanpoppin98£)]
`
`OF}ieminaeanondececccetcecscttscctscccnnccnssnssonttontseaniteatscttesttiscth
`
`
`
`
`
`SOBulOyyasAmypapaualaugWd|
`
`BQ
`
`
`
`WOUUCYLYGAGEHUDGlueaunSziMEAS
`
`JOSS!ESBUUA
`
`
`
`
`
`eentRstaANNAahaharsshrseerannsssemanas
`
`CNS
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`SoTt—°©®D©oO—ai°Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 3 of 40
`
`
`
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 3 of 25
`
`US 2012/0130838 Al
`
`AepueACenAE
`
`ASEHRIEDOHH
`
`eee
`
`teOEEPEERRms
`
`
`
`
`
`WeYSAGISLPAUPWNLJee9S
`
`
`
`BjepdyGS}yejeq10]yseouddyyojyegeuiC
`
`
`
`
`
`anespantpA
`
`HeeDON
`
`
`
`HEBIEARAGLARTIRTABG
`
`
`
`
`
`4L‘c)]afayepdyGS!|uNejeqJo)yoRouddyyoyegauyuc
`
`
`
`
`
`aaa2D°3oO
`
`Oo
`
`LLaSs
`
`i®2>Oo
`
`aoNS©3OoO
`SoTt—°s®D©oO—ai°Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 4 of 40
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`OFL
`
`PRESS
`
`—=aoe=nD
`
`a=eSa+gheeaaay5
`
`=Oo=o8
`ef)—S:S2=g<Pq*o-SGt‘Ola:=ee2=“nae>a°Ac=):>Ooaaa2emno°°+°©
`ooOa
`
`ow
`
`TO
`
`av—_
`
`ao
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 5 of 40
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 5 of 25
`
`US 2012/0130838 Al
`
`Fb‘Old
`
`
`
`
`
`OGLfiwep%-asnyoind‘dn-doy
`
`OSL
`
`uoggund
`aijug
`BIGsisexs
`
`uourn.
`
`
`
`poundCiCietyJOsQuenbas
`
`
`
`Jebueyy€}SPUBLAIOS
`
`
`
`SeYoNssuoneieds
`
`ssooyiO]SPURUHUOSshey
`
`
`igaind-eyrouueduy
`
`Pi
`
`“2YIOANIGN
`
`IBAIBS
`
`asund
`
`“PUEY
`
`pesey
`
`40Wys
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`SoTt—°©®D©oO—ai°Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 6 of 40
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 6 of 25
`
`US 2012/0130838 Al
`
`008
`
`einoes
`
`jusUIEIS
`
`SISPAGld
`
`COE
`
`ddy
`
`SIBPIAGI
`
`@O1AGC)
`
`S1@plAOld
`
`OLE
`
`VeSia
`ULIOPE]|SIO
`jusuebeury-
`BOCsiapyAdd
`
`aO4N)wersksoogAyuswheg
`
`gotf‘jeouUEUlS
`SIUSUBIa8siequosqns
`
`syqoy|
`
`BiNIe>pares
`:\SUONNYNSU]
`S1apiaodid"Oz
`
`BSUAIOSS1IVCOl@Aa
`iQddy
`
`ELE
`
` «~Sispepey
`
`oo”Faeyoreyy
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`SoTt—°xR®D©oO—ai°Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 7 of 40
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 7 of 25
`
`US 2012/0130838 Al
`
`reeporeeeeeeebenncniSEE|Gayeie)pasespepe@UE|we4GSS3EIS,|,ULEYDUOROUNDBSIGS|
`
`
`
`
`
`
`
`
`
`
`
`i
`
`PUNE?DRS&URISS
`
`f
`ff
`¥
`
`in
`
`%
`
`| §
`
`
`
`hoe,a!
`
`i<
`
`cagyorsinosdBASoSaeeee
`
`pauNuER!oNee|usinvoneogddeorgjosnyesaug<soy,oyrr7BJepLAO.KIaigAONerEYaSMsHeoORO62miuogeowdde
`
`
`
`
`eeTauengep.Feeeee
`|goIAepaggo
`opeaoO
`.nopcasseoeannSH‘088-caeGZOld
`
`
`
`
`
`
`
`
`
` gy_poseoooenoseneuensonesnessoensoencesoceantbenncnetsuetneNNeONENITECNEONSINES|GSSparsisuaBuisn9gayypes
`
`oe
`
`
`
`
`
`a?voqeagideayyijepepauedaig
`
`poucusiacudBua
`
`
`
`
`
`wud$BUUBUODOINOeSapincers|
`
`
`
`OS]pasuepGuissgEennqua
`
`
`
`ON
`
`ig9378
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`SoTt—°©®D©oO—ai°Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 8 of 40
`
`
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 8 of 25
`
`US 2012/0130838 Al
`
`22‘Old
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`SoTt—°o>)®D©oO—ai°Oo
`
`oS
`iy
`Od
`
`potenettentetenie
`
`}}}}y
`
`
`
`BEE,BIARGBES
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 9 of 40
`
`
`
`
`
`
`Patent Application Publication
`
`nN=Sa+aPa=
`
`oSe
`
`aPAGEON
`
`
`
`ieatinasuerssaat
`
`
`
`sruaierudnddunddidddetidddn:—CebuddbentttCLTHPLIHEITEPDTEEDDE,
`
`
`
`
`
`SoaS>“oniL=)aw>OoawmanN2ml°5“A°-oOaoe=a
`
`=Oooot=o<odOs&oOx~=2=eynomey5SC}o=r#,
`
`a+—_
`
`oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 10 of 40
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 10 of 25
`
`US 2012/0130838 Al
`
`aggweSianegwrtBote,.edLEEAE,
`fEmente,
`ern*a,aebe
`
`eS,
`
`#02ie
`peYOYMEGae
`
`
`
`
`
`|,UOHRodepeyKuaMayySNOG]yeu)ASSut
`
`ose"|GhysanbesuoreredouesayeqnaoiAeDGUL
`
`
`
`SAREERENIKEAKERnReRAKeRnnAmaaennnnnnnininennneatinranneannennnnnnneannnnnnnenanenananasennaannnaannunnnennns
`
`uogeagddeagBuqqesipAqspeesoid9g|
`
`fSOA
`
`
`
`nueuonmouddewinced@Anguep
`
`
`
`AQASDGu}O}(Wiel)PUBLICS&pues
`
`ysndepues|aiepcrnnccscnnsnrneingsintniisnaeititiiiitetititie
`
`BBEwereiTerenceOSALBAaeOy
`
`noree|povep@@abeceau
`
`
`
`
`
`
`
`plz-~|spuasZs|Oaenwauelipamouyoeueyorg
`
` ca
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`So+—3<=®D©oO~ai3Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 11 of 40
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 11 of 25
`
`US 2012/0130838 Al
`
`
`
`O8eAWS
`
`
`
`FUGUUCAUSDeSsDIOUT
`
`ueul(uoneuadaue:|
`
`
`
`eneesnneencnnnenBOeJapRo2)SeORO
`
`
`
`SIMO’POSEPURDedUOpew]O8ERIBUBEpue
`
`
`20)SueapueysBugsy|mabyden,
`
`icSaunt3BeayerAARRAEPSEAAEERAREESESORTED
`
`
`
`
`MATER)JUGHIAR|
`
`déOld
`
`
`
`SIGEes
`
`EREAanne~~
`
`Sorpaiu
`
`ipeucirnangabuse
`
`COOPIB
`GSCI|pespes{SSSOHIOS|aoe
`
`eaund-a
`
`
`
`JN*iYRANoff)LDhewaGeupyy
`
`Hirgjoyddygence
`
`BOS
`
`es|dA0)sse0oy
`
`FACHIN
`
`?f4,é
`QONPLRLIOD2
`
`
`
`
`
`
`
`augedeeddieeeseeseineseoeeeleeeleeleeeeeeeevaebinnetit
`
`SUG
`
`Lea>oO--2Da°°°Oo
`
`a2>Oo
`
`aoNS©3OoO
`So+—°N=ooD©a—ar=°oO
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 12 of 40
`
`
`
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 12 of 25
`
`US 2012/0130838 Al
`
`VeSia
`
`COE
`
`BE
`
`
`
`SeenERRORS&
`
`Gugexg||wonezqeucsie.4
`WS[Menpeayddy
`
`aoneemmemaneenneamneenanemeneit
`BOEAWS
`
`surimen
`
`EEE#
`
`ieund-¢
`
` izbEyaudchy
`
`ACEH
`
`saesissesseeeserssoonieesrrerss
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`So+—°o2®D©oO~ai3Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 13 of 40
`
`
`
`
`
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 13 of 25
`
`US 2012/0130838 Al
`
`Ge‘Oia
`
` ZeSIGNSS
`eeund<<Mon
`
`BUGHIOMISR,
`
`yuewAg
`
`BAS
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`So+—3+=®D©oO~ai3Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 14 of 40
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 14 of 25
`
`US 2012/0130838 Al
`
` aoeiyayiddeasnd-3OidenedoeanedebomcuseuaraceeeaeIPsGundemeuounueesiedsuidpupedeyuonm|deauund-eapmeuery: SaiNaR
`sexiaeund-s
`
`
`
`
`
`seibeUi
`
`
`
`
`
`ea4£*£)|aaascc
`
`ia@uepews64Hah
`
`
`
`ESE—‘chBeaeannueweveFinjoeGu)BIAJORSTTLGSUSIOSASyDeLLOruGrepexscy
`
`Seawa3SthRUEFYWSBusiauUSaaIEG~
`
`
`
`
`
`
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`So+—°re)=®D©oO~ai3Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 15 of 40
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 15 of 25
`
`US 2012/0130838 Al
`
`VPOld
`
`
`
`PULFesRUD
`
`~rrannnnnnnnnnnnnnnnnnn
`
`
`
`Peterpuny8ayennnpuRpuneooeBuiprodsanceeBAgIAA|
`
`nen —]jobouwur
`wearedGunSeRo5eOFNic
`
`
`
`MenentetetesctattihtetttttCnOteleCetOCsAACtCLEDACAALLAERAALLLEEELERDALCTIEEREETE
`
`sy=1.BRUGESELoeDipee
`weERR
`
`geenON,
`
`wt
`
`oa
`
`es
`=F
`
`Lea>oO--2Da°°°Oo
`
`a2>Oo
`
`aoNS©3OoO
`So+—°©=ooD©a—ar=°oO
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 16 of 40
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 16 of 25
`
`US 2012/0130838 Al
`
`
`
`aLbwealesseOMjSUBUIpeppaqusesuodseloLyPleANuo|
`
`
`
`
`
`
`
`ele,8SuNd-8OU)O]LUBLYDuesPURSPURUAUOSIiddyPRikenuediisleIpyy
`
`
`
`
`
`
`
`
`
`SPUBLLLUIOOspuasDueAMOQUGLINGMididyGuisaquesacind-a
`
`
`
`
`
`
`
`
`
`Ba,uonoesuma@seyepcdnDueioueSu]oO}
`
`
`
`
`
`SSuCdea(iCledtyUESETRINUIC)JEU)TERIBulCO}jowONBSepmoUad)
`
`
`
`
`
`
`
`j@aiesjueuAedoLnOLisenbesyronieu2uN
`
`
`
`
`
`gp“Sls
`
`
`
`
`
`[UONRDYLISABIE]401PepaulEye:8!;asuodsal-ndavaulaye|
`
`Lea>oO--2Da°°°Oo
`
`a2>Oo
`
`aoNS©3OoO
`So+—°--ooD©a~ar=°oO
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 17 of 40
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 17 of 25
`
`US 2012/0130838 Al
`
`“ZRFOPPPPP
`
`Deceunceurccucceuceeeceevcnevonenenenecenesenetttate
`
`3
`
`
`
`
`DOMIONWweWAR?
`
`:SIGAIOSDUR
`
`
`
`
`
`£ALLELEALLELELIEEANCCEORALERLEERLERAREttl
`
`
`
`
`
`
`
`IbDla
`
`seuA
`
`33
`
`aeane“ehseaenenenenenenanenaeeWi
`yerddy©Bein
`
`
`FAC
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`So+—°©2®D©oO~ai3Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 18 of 40
`
`
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 18 of 25
`
`US 2012/0130838 Al
`
`ae;POS
`
`BREuoyeagdyone,HOHBOHEYbeeeesseyoyAoi]
`
`
`
`Arpsetiay,at,vviotinn,AIBCBYpoet
`
`apypoPeayiunysodey
`
`
`SEMEAEoiesain,oahiiesiwetswortCOG
`
`GSVESdotee
`BAMAOasSAG
`
`FLOSIGAIOG
`
`ae
`aw“
`
`EbSiaesAomenG
`
`ronaneteeeeeea,a“NS,
`ao.,
`seserge,
`DEGOMANf)eUUREDiL.Shonmoumuanay’5panes:
`
`sagarcagaeit
`
`Peoae
`
`a
`
`e
`
`
`Ons:OC}coePomei
`ogOSi:fa
`
`peteeries,FE
`
`vs‘Old
`
`629i
`
`oeGJO}aS
`
`
`
`
`
`quSUWETypaunoeg~~
`
`
`
`
`
`£25waddyuoqeaddyozyiadeueyypeIS
`
`Pepuegeseg-~
`
`
`aFrevenwrenerewneeucecucerececerceeecenereneceeetereierederetedes+£wewereweedheendrenewedeweneecnnecanereneceneccnecenceeneeedePa
`
`
`fESmipuoHBoydyMeZGDRURYBOIAIES
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`So+—°o2®D©oO~ai3Oo
`
`f
`
`
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 19 of 40
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 19 of 25
`
`US 2012/0130838 Al
`
`puegesegSHADEeeBIG”otGFve‘“vn
`62SFINNuogeayddy|gzgwebeueyysovuegpainveg|y#4a\pegp69
`|a,
`
`
`
`
`
`2;&
`
`
`
`ZEGARSucyeoyddy
`
`zOPSmAETS
`sseeeeeArcuieaciosy
`
`‘a.-
`wecainnanianeee
`
`;z3i3
`
`
`
`posthocny
`
`Sy
`
`ody
`
`eneHOE
`Aeysodey
`
`otha
`a
`
`
`
`SISAGIGGABE
`
`¥LOSeAIS
`
`
`
`
`
`J“enapaegtggaenanaeewa
`yIOMyERY.iUEC”BangHK
`a“renin&einen
`weNA,
`foSEGUO
`
`
`
`@$‘Old62s
`
`BEGSARS
`
`tf
`
`
`
`juswegpeinasga
`
`
`
`£26yoreuogecnidy
`
`
`
`gggseBeueyyIEDdEWennSpREY~~~
`
`
`INRrenrtetg—;feSBARORUODf:BLEaaeney
`
`2
`
`
`
`BOHAIS|
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`So+—3SoN®D©oO—ai3Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 20 of 40
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 20 of 25
`
`US 2012/0130838 Al
`
`oS
`43
`ei:
`
`uogduosaneuopesegBuns
`
`
`
`GES"peratasqeNeURPURROLL]
`
`non|SieKdde}sucgecpidessamases
`
`
`
`
`GscsssetssetssOPSSADSSAISIADSIADSLADSIADSLADAALISSADSSADSSADSSADSSADSSADSSADASADSSADDSADISE%
`
`
`
`2¢‘Oldenn
`
`
`
`aocwhe——PSPaouBeqnsLueree—
`
`itanidepepsoumopouezymucdiag
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`aoNS©3OoO
`So+—3<N®D©oO—ai3Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 21 of 40
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 21 of 25
`
`US 2012/0130838 Al
`
`V9Old969s01009
`
`
`
`HOHORSUREiauuyyessOl
`
`869i
`
`USNS
`
`PORRUG
`
`eesGh:vonmiada
`SIGEMOed:IMRIBYO
`:LEE)uc:
`
`t
`
`869FFcacnvnvennemvanvarsmnvarardhadavacnenvnviwnvavanmernnuraran
`
`rFNS
`Teacti
`
`aiB25WOMIan)
`
`
`
`a,gobo,Sui)oa
`
`DaagaLOOSE
`
`awPED
`
`pupgeded
`
`
`
`}URUEIYpounded
`
`629
`
`aaa2D°3oO
`
`LLaSOo
`
`i®2>Oo
`
`aoNS©3OoO
`So+—3nNN®D©oO~ai3Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 22 of 40
`
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 22 of 25
`
`US 2012/0130838 Al
`
`Ove
`
`pampas
`
`fBUURYTS
`
`
`
`89Jah
`
`fag
`retfeetn,
`
`uogoNSUELLSO||.
`£19suesaomen:
`WELTON)MINoebananas
`feoixjuslySOc
`
`sept:
`
`G9Old
`
`9RURQSSESR
`
`BOAR]aRGRUO
`oof
`
`
`
`WiGWelyPAIS
`
`Sees
`
`an
`a
`“te
`6G.
`
`sx
`
`RE
`ERS
`
`Sanceraernnnnnnaennenstt
`
`aaa2D°3oO
`
`LLaSOo
`
`i®2>Oo
`
`aoNS©3OoO
`So+—°Ce)N®D©oO~ai3Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 23 of 40
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 23 of 25
`
`US 2012/0130838 Al
`
`25
`
`J2A198FusooO)SUCoesuEpeony
`
`sP
`
`e
`
`
`
`
`
`
`
`freaduw"30BORTRSHENyope)
`
`
`
`gc9ado}LBAIO
`
`ne~dr-doypeUasok
`
`cNe)
`
`sagie&
`
`aecnet
`{SoyOrePBA,>“nr
`
` OMnAilagOGG-“peteiwaenvloguaOeCERNal(041390ene~@LyBoUBIEGaa,B“eseea“BraueBiBSphgntenawee
`
`
`DEEooBOROHOYyunowe2paseyaandApe|Pr
`
`z
`
`
`
`aaa2D°3oO
`
`LLa>Oo
`
`i®2>Oo
`
`GOOG-1029
`So+—3xN®D©oO—ai3Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 24 of 40
`
`
`
`
`
`
`
`
`
`Patent Application Publication May 24,2012 Sheet 24 of 25
`
`US 2012/0130838 Al
`
`START
`
`Oo) ™] ©
`
`Send an initial purchase requestto e-
`token enabled device of a purchaser
`
`72
`
`676
`
`674
`
`
`
`
`
`
`Enough balance
`in e-token
`
`enabled device?
`
`
`
`yes
`
`no
`
`END
`
`Forward the received responsefrom the e-
`token enabled device to POS SAM
`
`678
`
`Receive a debit request containing a
`MAC from POS SAM
`
`Send the debit request to e-token
`enabled device to debit e-token
`
`Receive debit confirm message including additional
`MACs for transaction verification and settlement
`
`Forward the debit confirm message to
`POS SAM for verification
`
`86
`
`Display transaction after POS SAM
`has recorded the transaction
`
`FIG. 6D
`
`
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 25 of 40
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 25 of 40
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 25 of 25
`
`US 2012/0130838 Al
`
`002
`
`ens
`
`HGSCARAL
`
`queued
`
`nue,Zee
`
`taysdg
`Phd
`-oy,
`
`Z£9ld
`
`
`toep\“.AIBAYBP
`FONOBMa4i.
`
`PUB‘ahd5OYaseuciedjeyoniqueASf|egtleerveSoBU-t0iESIUaSEyy:,SOgOxOg|
`
`HaofauUn
`
`isAIGAHODPubéNSeeeundTaNon?Burmegund“\SsHeuAOS-e-
`
`uorearddy
`
`Ob
`
`ofaside
`
`
`
` SeDEeN|UPSOBUSleood
`
`
`
`oesjuaUIENSFaynoas
`
`quoPRIOISPeyoNs
`
`“SsOBE
`
`BGO
`
`SABC
`
`aaa2D°3oO
`
`LLaSOo
`
`i®2>Oo
`
`aoNS©3OoO
`So+—°©N®D©oO~ai3Oo
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 26 of 40
`
`
`
`
`
`
`
`
`
`
`US 2012/0130838 Al
`
`May 24, 2012
`
`METHOD AND APPARATUS FOR
`PERSONALIZING SECURE ELEMENTSIN
`MOBILE DEVICES
`
`
`
`CROSS-REFERENCE TO RELATED
`
`APPLICATIONS
`
`
`
`continuation-in-part of
`a
`[0001] This application is
`co-pending U.S. patent application Ser. No.: 11/534,653 filed
`
`on Sep. 24, 2006, nowUSPat. No.
`, and also a con-
`tinuation-in-part of U.S. patent application Ser. No.: 11/739,
`044 filed on Apr. 23, 2007, which is a continuation-in-part of
`co-pending U.S. patent application Ser. No.: 11/534,653 filed
`on Sep. 24, 2006, now U.S. Pat. No.
`
`BACKGROUND
`
`1. Technical Field
`[0002]
`[0003] The present invention is generallyrelated to com-
`merce over networks. Particularly, the present invention is
`related to techniques for personalizing a secure element and
`provisioning an application such as an electronic purse that
`can be advantageously used in portable devices configured
`for both electronic commerce (a.k.a., e-commerce) and
`mobile commerce (a.k.a., m-commerce).
`[0004]
`2. Description of the Related Art
`[0005]
`Single functional cards have been successfully used
`in enclosed environments such as transportation systems.
`One example of such single functional cards is MIPARE that
`has been selected as the most successful contactless smart
`card technology. MIFAREis the perfect solution for applica-
`tions like loyalty and vending cards, roadtolling, city cards,
`access control and gaming.
`[0006] However, single functional card applications arc
`deployed in enclosed systems, which are difficult to be
`expanded into other areas such as e-commerce and m-com-
`merce because stored values and transaction information are
`stored in data storage of each tag that is protected bya set of
`keys. The natureofthe tag, is that the keys need to be delivered
`to the card for authentication before any data can be accessed
`during a transaction. This constraint makes systems using
`such technology difficult to be expanded to an open environ-
`ment such as the Internet for e-commerce and/or wireless
`networks for m-commerce as the delivery of keys over a
`public domain network causes security concerns.
`[0007]
`In general, a smart card, chip card, or integrated
`circuit card (CC), is any pocket-sized card with embedded
`integrated circuits. A smart card or microprocessor cards
`contain volatile memory and microprocessor components.
`Smart cards mayalso provide strong security authentication
`for single sign-on (SSO) within large organizations. The ben-
`efits of smart cards are directly related to the volume of
`information and applicationsthat are programmedfor use on
`a card. A single contact/contactless smart card can be pro-
`grammed with multiple banking credentials, medical entitle-
`ment, driver’s license/public transport entitlement, loyalty
`programs and club memberships to name just a few. Multi-
`factor and proximityauthentication can and has been embed-
`ded into smart cards to increase the security of all services on
`the card.
`
`[0008] Contactless smart cards that do not require physical
`contact between card and reader are becoming increasingly
`popular for payment andticketing applications such as mass
`transit and highwaytolls. Such Near Field Communication
`(NI'C) between a contactless smart card anda reader presents
`
`significant business opportunities when used in NFC-enabled
`mobile phones for applications such as payment, transport
`ticketing, loyalty, physical access control, and other exciting
`new services.
`[0009]
`To support this fast evolving business environment,
`several entities including financial institutions, manufactures
`of various NFC-enabled mobile phones and sofiware devel-
`opers,
`in addition to mobile network operators (MNO),
`become involved in the NFC mobile ecosystem. By nature of
`their individual roles, these players need to communicate
`with each other and exchange messages in a reliable and
`interoperable way.
`[0010] Onc ofthe concerns in the NFC mobile ecosystem is
`its security in an open network. Thusthere is a need to provide
`techniques to personalize a secure element in a contactless
`smart card or an NFC-enabled mobile device so that such a
`device is so secured and personalized when it comesto finan-
`cial applications or secure transactions. With a personalized
`secure element in an NFC-enabled mobile device. various
`applications or services, such as electronic purse or pay-
`ments, can be realized. Accordingly, there is another need for
`techniques to provision or manage anapplicationor service in
`connection with a personalized secure element.
`
`SUMMARY
`
`[0011] This sectionis forthe purpose of summarizing some
`aspects ofembodimentsofthe present invention and to briefly
`introduce some preferred embodiments. Simplifications or
`omissionsin this section as well as thetitle and the abstract of
`this disclosure may be made to avoid obscuring the purpose of
`the section, the title and the abstract. Such simplifications or
`omissions are not intended to limit the scope ofthe present
`invention.
`[0012] Broadly speaking, the inventionis related to tech-
`niques for personalizing secure elements in NI'Cdevices to
`enable various secure transactions over a network (wired
`and/or wireless network). With a personalized secure clement
`(hence secured clement), techniques for provisioning various
`applicationsorservices are also provided. Interactions among
`different parties are managed to effectuate a personalization
`or provisioning process flawlessly to enable an NFC device
`for a user thereof to start enjoying the convenience of com-
`merce over a data network with minimum effort.
`[0013] As an example ofapplication to be provided over a
`secured element, a mechanism is provided to enable devices,
`especially portable devices, to functionas an electronic purse
`(e-purse) to conduct transactions over an open network with
`a payment server without compromising security. According
`to one embodiment, a device is installed with an e-purse
`manager(i.e., an application). The e-purse manager is con-
`figured to manage various transactions and functions as a
`mechanism to access an emulator therein. Secured financial
`transactions can then be conducted over a wired network, a
`wireless network or a combination ofboth wired and wireless
`network.
`[0014] According to another aspect of the present inven-
`tion, security keys (either symmetric or asymmetric) are per-
`sonalized so as to personalize an e-purse and perform a
`secured transaction with a paymentserver. In one embodi-
`ment, the essential data to be personalized into an e-purse
`include one or more operation keys (e.g., a load key and a
`purchase key), default PINs, administration keys (e.g., an
`unblock PIN key and a reload PIN key), and passwords(e.g.,
`from Mifare). During a transaction, the security keys are used
`
`
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 27 of 40
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 27 of 40
`
`
`
`US 2012/0130838 Al
`
`May 24, 2012
`
`to establish a secured channel between an embedded e-purse
`and an SAM (Security Authentication Module) or a backend
`server.
`
`enable the application via the secured channel; and notifying
`a providerof the application abouta status of the application
`now active with the secure element on the mobile device.
`[0019] According to yet another embodiment, the present
`[0015] The present invention may be implemented in vari-
`invention is a mobile device for conducting a transaction over
`ous forms including a method, a system, an apparatus, a part
`a network, the mobile device comprises a network interface,
`ofa systemor acomputer readable medium. According to one
`asecure element, amemoryspace forstoring al least a module
`embodiment, the present invention is a method for personal-
`and anapplication downloadedfromthe network, a processor
`izing a secure element associated with a computing device.
`coupled to the memory space and configured to execute the
`The method comprisesinitiating data communication with a
`module to cause operations including verifying whether the
`server, sending device information of the secure element in
`application has been provisioned. Whenit 1s verified that the
`responding to a request from theserver after the server deter-
`application has not been provisioned, the operations further
`mines that the secure elementis registered therewith, wherein
`comprise sending to a server via the network interface an
`the device information is a sequence of characters uniquely
`identifier identifying the application together with device
`identifying the secure element, and the requestis a command
`information ofa secure element, establishing a secured chan-
`causing the computing device to retrieve the device informa-
`nel between the secure element and theserver using a key set
`tion from the secure element, receiving at least a set of keys
`installed on the secure element, wherein the server is config-
`fromthe server, wherein the keys are generated in the server
`in accordance with the device informationof the secure ele-
`ured to prepare data necessaryfor the application to function
`as designed on the mobile device, receiving the data from the
`ment, and storing the set of keys in the secure element to
`server to associate the application with the secure element,
`facilitate a subsequent transaction by the computing device.
`and sending out an acknowledgement to a provider of the
`[0016] According to another embodiment,
`the present
`application about a status of the application that is now active
`invention is a method for personalizing a secure element
`with the secure element. The processoris further configured
`associated with a computing device. The method comprises
`to determine if the secure element has been personalized
`receiving an inquiry to establish data communication
`before performing a provisioning process of the application.
`betweena server and the computing device, sending a request
`If the secure clement has not been personalized, the mobile
`from the server to the computing device to request device
`information of the secure elementafter the server determines
`device is caused to personalize the secure element with a
`designed server.
`that the computing deviceis registered therewith, wherein the
`[0020] One ofthe objects, features, and advantages of the
`device information is a sequence ofcharacters uniquelyiden-
`presentinvention is to enable a mobile device that can be used
`tifying the secure element, and the request is a commandthat
`to perform a secured transaction withaparty (e.g., al a point
`subsequently causes the computing device to retrieve the
`ofsale, with a commercial server or accessing, remotely) over
`device information from the secure element therein, generat-
`an unsecured network (e.g., the Internet).
`ing al least a set of keys in accordance with the device infor-
`[0021] Other objects,
`features, and advantages of the
`mation received, delivering the set of keys through a secured
`present invention, which will become apparent upon exam-
`channel over a data network to the computing, device, wherein
`ining the following detailed description of an embadiment
`the set ofkeys is caused to be stored in the secure element with
`thercof, taken in conjunction with the attached drawings.
`the computing device, and notifying at least a related party
`that the secure element is nowpersonalized for subsequent
`trusted transactions.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`
`
`[0017] According to still another embodiment, the present
`invention is a method for provisioning, an application
`installed in a mobile device, the method comprises sending, to
`a serveranidentifier identifying the application together with
`device information of a secure element associated with a
`mobile device on which the application has been installed,
`establishing a secured channel between the secure element
`and the server using a set of key set installed in the secure
`element, receiving data prepared bythe server to enable the
`application to function as designed on the mobile device; and
`sending out an acknowledgementto a provider of the appli-
`cation about a status of the application now being active with
`the secure element on the mobile device. The data received in
`the mobile device includes a user interface of the application
`per the mobile device and a generated application keyset.
`[0018] According tostill another embodiment, the present
`invention is a method for provisioning an application, the
`method comprises receiving from a mobile device an identi-
`fier identifying the application together with device informa-
`tion of a secure element associated with the mobile device on
`which the application has been installed, establishing a
`secured channel between the secure element and the server
`using a set of key set installed on the secure element, prepar-
`ing data necessary for the applicationto function as designed
`on the mobile device, transporting the data from the server to
`
`[0022] The invention will be readily understood by the
`following detailed description in conjunction withthe accom-
`panying, drawings, wherein like reference numerals designate
`like structural elements, and in which:
`[0023] FIG.1A showsa simplified architecture of an NFC-
`
`enabled mobile device with a secure element (SE);
`[0024]
`FIG. 1B showsa flowchart or process of personal-
`izing an SE according to one embodiment of the present
`invention;
`
`[0025]
`FIG. 1C showsrelationships among an SE manu-
`facturer, a TSM admin and the TSM system for both offline
`and online modes;
`[0026]
`FIG. 1D illustrates data flows among a user for an
`NFC device (e.g., an NFC mobile phone), the NFC device
`itself, a TSM server, a corresponding SE manufacturer and an
`SE issuer;
`[0027]
`FIG. 1E showsa data flowchart or process ofper-
`sonalizing data flow amongthree entities: a land-based SAM
`or a network e-purseserver, an e-purseacting, as a gatekeeper,
`and a single function tag, according to one embodiment;
`[0028]
`FIG. 2A shows a mobile payment ecosystem in
`whichrelated parties are shown in order for the mobile pay-
`ment ecosystem successful:
`[0029]
`FIG. 2B showsa flowchart or process of provision-
`ing one or more applications according to one embodiment;
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 28 of 40
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 28 of 40
`
`
`
`US 2012/0130838 Al
`
`May 24, 2012
`
`Go
`
`FIG. 2C showsa data flow illustrating variousinter-
`[0030]
`actions amongdifferent parties when an application is being
`provisioned in one embodiment;
`[0031]
`['IG. 2D showsa data flow among different entities
`whenpreparing the application data in provisioning an appli-
`cation;
`FIG. 2E showsa flowchart or process for locking or
`[0032]
`disabling an installed application:
`[0033]
`FIG. 2F shows an exemplary architecture diagram
`ofa portable device enabled as an e-purse conducting e-com-
`merce and m-commerce, according to one embodiment of the
`present invention;
`[0034] FIG.3A isa block diagram ofrelated modulesinter-
`acting with each other to achieve whatis referred to herein as
`e-purse personalization by an authorized personnel (a.k.a.,
`personalizing a mobile device or a secure element therein
`while provisioning an application);
`[0035]
`FIG. 3B showsa block diagram of related modules
`interacting with cach other to achieve what is referred to
`herein as e-purse personalization bya user of the e-purse;
`[0036]
`FIG. 3C showsa flowchart or process of personal-
`izing an e-purse according to one embodimentof the present
`invention;
`[0037]
`[TIG. 4A and FIG. 4B showtogether a flowchart or
`process of financing, funding,
`load or top-up an e-purse
`according to one embodimentofthe present invention;
`[0038]
`FIG. 4C shows an exemplary block diagram of
`related blocks interacting with eachother to achieve the pro-
`cess FIG. 4A and FIG. 4B;
`[0039]
`FIG. 5A is a diagram showing a first exemplary
`architecture of a portable device for enabling e-commerce
`and m-commerce functionalities over a cellular communica-
`tions network (i.e., 3G, LTE or GPRSnetwork), according an
`embodimentof the present invention;
`[0040]
`FIG. 5B is a diagram showing a second exemplary
`architecture of a portable device for enabling e-commerce
`and m-commerce functionalities over a wired and/or wireless
`data network(e.g., Internet), according another embodiment
`of the present invention;
`[0041]
`FIG. 5C is a flowchart illustrating an exemplary
`process of enabling the portable device of FIG. 5A for ser-
`vices/applications provided byone or moreservice providers
`in accordance with one embodimentofthe present invention;
`[0042]
`['IG. 6A is a diagram showing an exemplary archi-
`tecture, in which a portable device is enabled as amobile POS
`conducting e-commerce and m-commerce, according to one
`embodimentofthe present invention;
`[0043]
`FIG.6B is a diagram showing an exemplary archi-
`tecture, in which a portable device is enabled as amobile POS
`conducting a transaction upload operation over a network,
`according to an embodiment of the present invention;
`[0044]
`FIG. 6C is a flowchart illustrating an exemplary
`process of conducting m-commerceusing the portable device
`enabled as a mobile POS with an e-token enabled device as a
`single functional card in accordance with one embodiment of
`the present invention;
`[0045]
`FIG. 6D is a flowchart illustrating an exemplary
`process of conducting m-commerceusing the portable device
`enabled as a mobile POS against a an e-token enabled device
`as a multi-functional card; and.
`
`[0046] FIG.7 is adiagram depicting an exemplaryconfigu-
`ration in which a portable device used for an e-ticking appli-
`cation.
`
`DETAILED DESCRIPTION OF ‘THE INVENTION
`
`In the following description, numerous specific
`[0047]
`details are set forth to provide a thorough understanding ofthe
`present invention. The present invention may be practiced
`without these specific details. The description and represen-
`tation herein are the means used by those experienced or
`skilled in the art to effectively convey the substance oftheir
`work to others skilled in the art. In other instances, well-
`known methods, procedures, components, and circuitry have
`not been described in detail since they are already well under-
`stood and to avoid unnecessarily obscuring aspects of the
`present invention.
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
