`(12) Patent Application Publication (10) Pub. No.: US 2012/0130838 A1
`
` Koh et al. (43) Pub. Date: May 24, 2012
`
`
`
`
`US 20120130838A1
`
`(54) METHOD AND APPARATUS FOR
`7
`PERSONALIZING SECURE ELEMENTS IN
`MOBILE DE‘ ICES
`Inventors:
`Liang Seng Koh, Fremont, CA
`(US); Hsin Pan, Fremont, CA (US);
`Xiangzhcn Xic, Shenzhen (CN)
`RFCyber Corp
`
`(73) Assignee‘
`
`(75)
`
`Publication Classification
`
`(51)
`
`.
`.
`Int Cl
`G06Q 20/32
`213:”;02/2064
`6,06% 21/00
`
`(2012.01)
`(iggggi)
`(2006.01)
`(
`‘
`)
`(52) U.S. Cl. ............................... 705/26.1; 726/6; 705/44
`
`(21) App]. No.:
`_
`.
`.
`(22)
`Flled‘
`
`13/350,832
`
`Jan. 16’ 2012
`Related U.S. Application Data
`
`1 1 /534,65 3,
`(63) Continuation—impart of application No.
`filed on Sep. 24, 2006, now Pat. No. 8,118,218, Con—
`tinuation—in—part of application No. 11/739,044, filed
`on Apr. 23, 2007 , which is a continuation-in-part of
`application No. 11/534,653, filed on Sep. 24, 2006,
`now Pat. No. 8,118,218.
`
`ABSTRACT
`(57)
`Techniques forpersonalizing secure elements inNFC devices
`to enable various secure transactions over a network (wired
`and/or wireless network) are disclosed. With a personalized
`secure element (hence secured element) in place, techniques
`for provisioning, various applications or services are also pro-
`vided. Interactions among, different parties are managed to
`efi‘ectuate a personalization 0r provisioning process flaw-
`lessly to enable an NFC device for a user thereof to start
`enjoying the convenience of commerce over a data network
`with minimum effort.
`
`Frnnaasnré
`$85
`
`gf‘sammfi
`fimfii‘mfiffif
`
`F3"?
`
`mg
`{3.31%
`intarfaoa
`
`13:33;
`
`Senora Fiamant
`
`F3 F3433 warm 1&1?
`
`Rework inimiace
`
`an
`
`Google LLC v. RFCyber Corp. / Page 1 of 40
`
`GOOG-1029
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 1 of 40
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 1 0f 25
`
`US 2012/0130838 A1
`
`mmw;
`
`
`
`
`
`Vamass..3..3..V.V.V:V.V.V:V.V.V..V.V.V.).V.V.V.V.V.V.V.1:............,is.,.V.V.V.,.V.V.V.,.V.V.V.,y.is..V.V.V..V.V.V..V.V.V....V..V.V.>.V.V.>.V..
`
`92maooG
`o4fO2e9aPla.rOCrebV.CFRv.CLLb9OOG
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 2 of 40
`
`
`
`
`Patent Application Publication
`
`teehS
`
`>.tax.
`24‘.
`
`
`
`
`
`
`
`AH:@933;wgmmmm.13.:
`
`mamp,
`
`
`may?afisfifigmfimmwwfiuamyQuuwe516,}?x,..,.\,»x..5.>w...tuu..tLu....uu....uu....uu....uu....‘u....\u...(kkkkumkakktktk»aC«atMw.
`
`
`2,8:Mmfiwwgswwfvaat3mm33%ufimmmm”mmMmhwhmammgzwwmmwmwwwmmamfitl
`
`
`EQW.gm
`
` Mma“Ema3?
`
`
`
`..mefimwm«wwwfiumwwmvmmfigwwm#3.”g3
`
`
`
`
`
`mm”,3,.WmmgGEEm,«f;vfimficmmfimMsagmU.s_mfg0o2m
`
`
`
`S:mmwa}afiwmfificwmfififi3w3mgmgwmwaafiwzwwWUv. Mom.8GPw/.mEmMmemc/r2MemEmmammmgfig.w.
`
`
`
`c
`
`90240cl4ow3e
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 3 of 40
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 3 0f 25
`
`US 2012/0130838 A1
`
`
`
`$anwaMam.»Egg.EMMMMMMMMMMMMMMMEMMMM
`
`
`
`
`
`.2.5.
`
`
`WMMMMMMM@meM,
`
`MMMMMM.Mw3...m3Effia
`
`<A$ki§
`
`
`
`ES“3%£9meMMMMM
`
`MM3%MMM3%
`
`
`
`gnawmamMagmaEMMMMMMMMMfiwmmMafia
`
`
`
`mMMMME;«Mi
`
`$33M”may$3M
`
`
`
`
`
`MMMMMMMMMMMMMMWMwMMMMMMMMMMmmMMMmm
`
`
`
`0h.MealMMMMMMMmmwMMMMMMMMMMMMMMMMMMMMMMMMMMMM
`
`
`
`
`
`92maooG
`04fo4e9aPla.roCrebV.CFRv.CLLb9ooG
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 4 of 40
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 4 0f 25
`
`US 2012/0130838 A1
`
`mg
`
`Q».
`at
`
`“mmMaw,
`
`92maooG
`04fo5e9aPla.roCrebV.CFRv.CLLb9ooG
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 5 of 40
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 5 0f 25
`
`US 2012/0130838 A1
`
`mmw.
`
`m“6E
`
`
`
`mQQQQ6%;wa
`
`QWWQQu.mQ.QQQQQQS
`
`
`
`QQQQQQ,QQQQQQQQQQQ
`
`
`
`.QQQQ,QQQQQmQMQQQQSQQ
`
`
`
`QWQQQQQQQQfimsmHmfiafiaQQQQQQ
`
`,mm»,,
`
`QQMQQQQQQQ
`
`QQQQ
`
`
`
`92maooG
`04fo6e9aPla.roCrebV.CFRv.CLLb9ooG
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 6 of 40
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 6 0f 25
`
`US 2012/0130838 A1
`
`
`
`mam.wwmfifiwfimm
`,,,gm
`
`a
`
`wow
`
`wmmammwgflwwwmm»wmm
`
`
`“.mwfiwwmfixwfifiwfifiafimmw
`
`
`
`
`
`gammawwwfimw
`
`figgfixm
`
`gm
`
`$3,“
`
`mmxmfifiwmmwfi
`
`mgmfimwafi
`
`
`
`..wmnwfimmawwwaafi
`
`
`
`madamfimfimgwm..x
`
`fiafiafi
`
`figfimg
`
`mww
`
`
`
`,3&339
`
`.fiwmmfiwm
`
`Eflfifiwfi
`
`a&GE
`
`wwwmwm
`
`Mgfiwmgwfi
`
`.fiwfimfim
`
`cwm
`
`fiwfipfim3m
`
`
`
`3&3fififiwfifi
`
`
`
`wMm.fimfimfi
`
`92maooG
`o4fO7e9aPla.rOCrebV.CFRv.CLLb9OOG
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 7 of 40
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 7 0f 25
`
`US 2012/0130838 A1
`
`.,m
`
`
`
`
`
`2...-.-55555555555555......,
`
`
`
`...3....(5....
`
`1.3....
`
`55.5.5...........................
`5.555555.5555.55.55.55
`
`5
`
`
`
`55555555555565555.50.55.555555555555355
`
`
`
`555.55555555.5555...555.55555555......
`
`
`
`
`
`5a....s..s..s..s....c.sc..5...c.scissss.§.§.$§2.....fsfsfs
`
`
`
`
`
`
`
`
`
`3.5555553.55.555555555555555.55555555555
`
`
`
`555.55....555.555.55.555555.5555.55555555.5
`
`
`...2.55.5.555.55
`
`
`
`
`.
`
`,'
`
`‘
`
`.
`
`2
`
`'
`
`f:u"
`3:5
`
`,5
`
`-
`
`.
`
`Wwvw.‘wawuuuua
`
`
`
`m55.55.5555555.5..
`
`
`
`
`
`
`
`5555.55555.5555555555.55
`
`5......z...
`255......
`
`
`
`
`
`
`
`555555.555...55555555555...5555555555555
`
`
`5.5.5.555555.55555.
`$33.5.....
`(a.2......
`
`.555
`
`
`
`
`
`5.55555.55.555.5555.555555.5555555......
`
`
`
`
`
`5.55.5.5.55.5....mmmm
`5.555.555.5555....,.......a..
`
`
`
`55.55.
`
`
`
`
`
`5.5.55555...5555555.5.5-..
`
`92m5.5.ooG
`o4fO8e9aP/n.rOCrebV.CFRv.CLLb9OOG
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 8 of 40
`
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 8 0f 25
`
`US 2012/0130838 A1
`
`92maooG
`04fo9e9aPla.roCrebV.CFRv.CLLb9ooG
`
`
`
`i)¢.i$...>..§..ia....»$.>.v.,..$...\,z$.5i.)
`
`,
`
`3;
`5:;
`a“
`w w WM a WAW 353
`5%
`033
`
`yvavavavavowvv'va
`
`{$3iE$:kkkk
`
`
`v.7.”
`
`i3.fiwfi.
`
`5m
`
`33%
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 9 of 40
`
`
`
`
`
`
`
`Patent Application Publication
`
`eehS21024a2ym
`
`f
`
`wmw
`
`«a»flawMum
`
`.
`
`
`
`m§2ufiw§umzwwfiwvfiwwmv,
`
`w»P8/.mm13,:O0K:c/.21b0V.2CSFUR
`
`1eA09
`
`om.9OtG
`
`5L2m
`
`vCL
`
`Ga
`
`o1
`
`GO
`
`40
`
`240f
`
`90
`
`
`
`titttttttttt}.$535.5.txtxxtxtxtxxti.
`
`
`
`
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 10 of 40
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 10 0f 25
`
`US 2012/0130838 A1
`
`5.,:
`
`ua
`.my21.1.:5},
`
`...:11.Hflfimum.Q,:52
`{}I,4,.11c!»
`$2.3..,kit?
`
`A.»
`
`@N5M2
`212213W...$.11
`
`a.
`
`
`w.......2......2......2......2......2......2......2......25....25....;5....25....he...;5....;2....22......2......2......2xxxxxxxxxxxxxxxxxxxxxxxuWm.5%mEmammmfixmamam.umwm
`M.2.2h.22..22..2....2...22...22...22..222..222..222..22mm2222222222..22.222.22.2222222252215
`
`WWWwNtflurtksautisMMwmem.mwfiflmkmxnwva:4.232.53...:Hf.ck..t....t....t.$k2k2
`gmm.
`
`
`
`
`
`2,2252%.3$221113iii)?13531.55......
`
`
`
`
`
`.gamma?mgmfimmwgfiufifigmmEM
`
`gm,1}3”gag“23.3%?mmmfifimmfi3%.».wmEm,
`
`
`
`:535..3.5a2.355553555355555555.35.1.:535.a5..3..3.5a»55555333535555.35
`
`
`3mm2LEgmmmwfifimfimmm”@quwwawmmmw.......e......e......e......e......e.....xxaxxxaxxxaxfiaxfitfiifia
`.t.e..t2...t2..b.2..b.2..b.2..«xxxanaxasaxaxaxhtfia
`
`.afifiaaw2%333%.3232%mm
`
`:13
`
`
`
`.....32.:
`
`
`
`gnawmfi3gammawagfimam3%.
`
`mam“mmmufimam.m.3.me
`
`92maooG
`o4fO11e9aPla.rOCrebV.CFRv.CLLb9OOG
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 11 of 40
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 11 0f 25
`
`US 2012/0130838 A1
`
`gm
`
`fimwmaam.
`
`
`
`1%“?5mm.
`
`\xfifi:
`
`3megemgmfizwmmxm
`
`
`
`MR$2??memmmmmxw
`
`Egg3_3%wamamflafifikfimmmfi
`
`
`
`E.mmmwuwwrm?“
`
`Mam?may»
`
`gm0%ma
`
`M‘fiwflwmEmgmmfiw
`
`«m
`
`5....5EEEEEEEEEbin»!!!imitw
`
`
`
`mmmimémmmam
`
`w,
`
`
`
` M\m.a,mwwwfimmwfimmmmuflccm
`
`wwWWwwwfi
`
`u,wmcfimagwwmmmw
`
`
` .memmmasfiwumwacummm
`
`mme
`
`mfiwfie‘gzmh
`
`.v._\.\..............
`
`
`
`may“figmafifisg
`
`mm6E
`
`hawmwsém!figm6ma,V.kwmmgfi
`
`
`
`mamMagmawfimaé
`
`mam
`
`my»3$33
`
`Egg
`
`
`
`mummmfiax,
`
`“mmm.N:am
`
`.mms;
`
`Egg
`
`3335v.33
`
`a“33$th.
`
`.lOC.lebV.CFRv.CLLbg0OG
`
`92maooG
`o4fO21egaPla.
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 12 of 40
`
`
`
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 12 0f 25
`
`US 2012/0130838 A1
`
`«8mm
`
` WNwm“flaw
`
`mflma$
`
`.WQMmWmgm
`
`3mm
`
`xm\\ENE?“
`
`......u......u..uuuuuuuuuuuuuuuuuuuVuuuV
`
`mafigfiw
`iiiiiiiiiiiiii{
`mamNEWMAN
`
`mmmwfiwwgfiwfim
`
`wfimmtfiwa
`
`.lOC.lebV.CFRv.CLLbg0OG
`
`92maooG
`o4fO31egaPla.
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 13 of 40
`
`
`
`
`
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 13 0f 25
`
`US 2012/0130838 A1
`
`mmSE
`
` wwmmkmkwm
`wawfiwmma
`
`mgxugfimx
`
`.lOC.lebV.CFRv.CLLbg0OG
`
`92maooG
`o4fO41egaPla.
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 14 of 40
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 14 0f 25
`
`US 2012/0130838 A1
`
`
`
`-QQQQQQQQ.QQQQQQ
`
`
`
`QQQQ
`
`
`
`Q.Q.Q..QQQVQQ3QMQQQQQQQQQ;QQQ
`
`3%«MW.WWWMy.»
`
`
`
`
`
`Q3QQQWQQQQQQQQ8.QmQQQQQQQQQQQQQQQQQQQQQQQQQQ
`
`
`
`
`
`
`
`QQQQQQQQQQVQQQQQQQQQQQQQQWQQQQQQVQQQQQVQQQQQQQQQQQQQQQQQ.V
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`VWQVEm?QQVM.QQQ.waQOQVQQQQQQfiQQQQQQQ
`
`
`
`mem.V.EfdmQQQQQQQQ$meQQQQQVmgmg?QQWQQEQQQQQQQQQQQQQQQQQEQQQQ
`
`
`
`
`
`QVQQQQQQQV
`
`
`
`V.V VVVVVVVQQQQQQVQQ.
`
`
`EmmQQQQQQQQ»QQQQQQQQQ.VQQQQQQQQQQQV
`
`
`
`
`VQQQVVQQQfififQQQVVV:QQVQ3
`
`
`
`
`
`HMVVVVHVVVVHVVVVHVMVHVVHVVVVUQ
`
`HEM
`
`.lOC.lebV.CFRv.CLLbg0OG
`
`92maooG
`o4fO51egaPla.
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 15 of 40
`
`
`
`
`
`
`
`
`
`
`.hwAtnet3P
`
`n0fi3c.hbuPn0m
`
`May 24, 2012 Sheet 15 0f 25
`
`US 2012/0130838 A1
`
`cN3
`
`
`
`
`
`
` ..m“mmmmfir
`
`mfimmm3“,ammuamQ33%
`
`fig,$23%mxmfimw3%»,Emmamflawmmmgm{away.m
`
`3»Mai
`
` ufimmfiwmafia
`
`
`
`QfiwxwmgMamfiwummcfiefiammfigamfiwb
`
`.23.2;.2;$5i;$54...,4...,4...,.3,5a,5a,5a,5555.25555WW5.2555.25$$$$$$$$$$$$$$$$$i>i>i>i>§§w
`
`.lOC.lebV.CFRv.CLLbg0OG
`
`92maooG
`o4fO61egaPla.
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 16 of 40
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 16 0f 25
`
`US 2012/0130838 A1
`
`
`
`
`
`w?352“mmmmmma$33memmmfimwwmmgwmagma?“gmEmfimfi
`
`
`
`
`
`www23,mmfiaéwmum“flEma“wagmammmmmfifimmmmmmfiMummxmmamgammamemfi
`
`
`
`
`
`
`
`mammgmmmwagm.mfimmmnmamfifimfimmfi.fi
`
`
`
`mwmmfifiggagmam"wmflwwwmmfimgWmmwmmagm.wwwwmmmfimmfim
`
`
`
`
`
`
`
`
`
`”mmwnwfiawwfififififi“flaw“£megm.8Egg“m.wfimwmmwmw3wa}?$3.3EwfimmfiwwmEmemmmmwmwfig“?m,gwwmammfiw
`
`
`
`
`
`
`
`
`
`
`
`«w.Egg““mmmmmwwgmmwmwmmemmmwmmmwmwmmmmmwsaw,
`
`
`
`
`
`
`
`
`
`
`
`mammgfimwwfiwfiwwwmmfiwww.wwmaanfi3&mewfi“mam.
`
`
`
`
`
`.lOC.lebV.CFRv.CLLbg0OG
`
`92maooG
`o4fO71egaPla.
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 17 of 40
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 17 0f 25
`
`US 2012/0130838 A1
`
`UVGE
`
`.mmw.wfi»
`
`
`
` w.ua.5...xxxxxxtxfixxfixxfixtt$55..e...................xxfitfitfitfixtttt
`
`
`
`fifimfimV‘wfima$
`
`“$me
`
`k.Aa..qAa..qAa..qAaxqAaxqAquaxqsnisniaiaiaxiqx#3m3mmm
`
`w
`
`«fimawmmam,
`
`
`
`£53meEwgmma...............................
`
`.lOC.lebV.CFRv.CLLbg0OG
`
`92maooG
`o4fO81egaPla.
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 18 of 40
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 18 0f 25
`
`US 2012/0130838 A1
`
`
`
`mmNNNNNNQNNNNNNNNNNNNNNNNENN
`
`
`
`$.133319ty..3Ex5.3u.v{Suérfiiéi
`
`NNNNNNNNNN3........
`
`mam3m
`
`
`
`NmNmNNN.32.3.;NNNNNNNNN.
`
`
`
`
`
`.NNNNNNMNNNNNNNWN.......NNQNNNNNNNWN
`
`
`
`
`
`NNNNNNNNNNNN.NNNNw.3...:
`
`
`
`«NNE
`
`mmm
`
`
`
`MWNWNfiwflmgm
`
`
`
`
`
`NagfimNNNNNNNQNNm.3...
`
`
`
`.NwmNNNNNNNNNNNNN.3;
`
`wfimN.
`
`
`
`Nmmm.mm.NmNNN....N.N.m.-.W3§:§:NNN.NNNNNNNNNNNNNN
`
`
`
`
`
`
`
`
`
`NNN.NNNNNNNNNNNNNNNN.NNNNNNNNNNNNNNNN
`
`m
`
`
`
`\ENNN.{ENE/.mgNNNNNNNQ..NNNNNNNNNONN
`
`
`
`
`
`
`.513(are?3%;33,»...Ehfifiiu.‘
`
`\NNNNNNNNNNNUN31
`\NW0%NNNNNNNNNNN:N2.»NNNNNNNNNNNU\NNQNNNNNNNNNNNNNNUJNNNNNNNNNNM
`
`
`
`33.NNN.
`NNNNNNNNNNNNNN
`
`$335
`
`.lOC.lebV.CFRv.CLLbg0OG
`
`92maooG
`o4fO91egaPla.
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 19 of 40
`
`
`
`
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 19 0f 25
`
`US 2012/0130838 A1
`
`»W»
`
`Ma...gmafifiwama
`
`wwmfifiwam,
`
`
`
`fimmfimfi$3me
`
`3mwfifimw
`
`
`
`mammmmmm$3,“.fiwa
`
`m...ammfimmawmumWK}
`
`
`
`
`
`.\sk).?.Mwu\me(.flt.S..:6..\}.21)..x....
`
`
`......»...Mafia}.x.\.../K
`
`um.m.m.mm
`
`mmm
`
`2%....mfiwmgmfi.
`3m$3.,1......
`
`....
`(ciliilm.
`
`an...»
`
`fiammammm
`
`“mafiaW...
`
`“gift...gmmilk
`
`Effie...J.
`
`mmm.fifimfim ,.«a...$6
`
`
`
`53.......c.................,..c..vi.?..,..
`
`wwwmwww
`
`mwmwmmmmafi
`
`....
`
`.u.
`
`.\.
`... .
`
`
`..\....w/zwN)»\\3%..
`
`xm..
`Kid..«-..xx.
`
`Ki?.2?.x...
`
`
`
`mm..mm
`
`
`
`wamfimmMumxfifi
`
`mmm
`
`wmmmemmfiww
`
`mmmmumwmmm
`
`hwmmwm
`
`3..
`
`:2wmwmmfi.
`
`833m.
`
`92.m.aooG
`o4fOo2e9aPla.rOCrebV.CFRv.CLLb9OOG
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 20 of 40
`
`
`
`
`
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 20 0f 25
`
`US 2012/0130838 A1
`
`
`
`.wwm3agwwmwgmmmcw,n33Egg
`
`
`
`”flxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxm
`
`mmm3W;mwfimfimmmwmnw3amagmwéfi
`
`
`
`
`
`,WWmwfimamwmawwmumnafimmfififim
`
`om.QE駧§
`
`
`
`mmm,arm/.1..................3%?m2memeE@3%........................
`
`Wfiflmmmnmmmgaammwrmmammaafima
`
`92maooG
`o4fo12e9aPla.roCrebV.CFRv.CLLb9ooG
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 21 of 40
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 21 0f 25
`
`US 2012/0130838 A1
`
`..aw4444444444444
`
`,13m45444.3
`
`44_m4.4.4.4.me
`
`mfimgmW$.3me3,5,1.»44£345.5
`mmfiaawmmamummgw
`
`
`
`.n,48.4.44$
`
`.mm.»,Eman
`
`
`
`..Fm»...a‘5...
`
`gm4*m<\\:4.14..32...:4.4....wékcifiz$%¢.z9¢9<.>¢.w..¢y,my¢$¢>¢y<¥¢$ca¢¥<¥£2¢afilfikybfik~
`
`
`
`.a4.
`
`66fit444.444
`
`4444444
`
`gamma
`
`5494mm
`
`mmmnmmmm
`
`”4.343..M$433
`
`mww
`
`92maooG
`o4fo22e9aPla.roCrebV.CFRv.CLLb9ooG
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 22 of 40
`
`
`
`
`
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 22 0f 25
`
`US 2012/0130838 A1
`
`Mm.QE
`
`wwwfiw
`
`fifiumfi
`
`”.mxgmaw
`
`333$memflmm
`,2wwm$ng..,fiafiwwg.3.
`
`
`
`
`
`
`if!«Xx‘13.”5fiJAgiifK,gm
`
`WMmmwmgwwmmgmamaw\7..NW$$$$¢r$¢r$¢r$¢r$¢r$¢r$$$$$$$,
` mmwwEmmi@Qfim
`
`
`4”",
`
`
`
`mmwhmwgmfiaw
`
`%mm3;;2y,
`
`wwgmcm
`
`wmww@3vaix
`
`
`
`M_m®mm§m3%qu
`
`.3.\\~.\\\~.\\\u\\“\
`
`3M
`{3)
`”3:3
`{£3
`
`’
`
`‘
`r!
`
`«mum-(Hun
`
`92maooG
`o4fo32e9aPla.roCrebV.CFRv.CLLb9ooG
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 23 of 40
`
`
`
`
`
`
`
`Patent Application Publication
`
`m.
`
`
`
`
`
`WmmWWW...WWWa3%..EW.V.aWWWAWWWW.
`WWWW-WWWWW.WWWWWWQWWW-fi-MW-----WW...
`
`$3.33.
`
`
`2fx..-..3.
`
`..W“6&6WWWxwwwgi3....Wm.m..3....m..3..a...2.
`
`
`
`
`
`61.93.m.W-wwMu.WWW-WM.m36%.an..3.-.-«.5633......-
`..3“?22......WWW?Wmmm.E...-3.53.e22w.§.,.,.,..,.,.,..,.,.,..,.,.,.Aus,..3%Ewwmmwwmm
`
`
`
`
`
`
`
`
`I93.O2WJ3OaWWW.WwWWQ-w{EWWWW-WWWEWWWmmrmfimfi«666$WnoW-géiiiiiésgésfigéiiiiiéssii€6.632magma-66W663mm,M5.-.-.-......-........-...........-.-........,mn6%a-W...away-WWW.m..6»..me-:.....WWWWWWWWWWWWWWWWrmwummaWW-WW 1oeAGw8P3/8.m0%wt0m.cna.....7.3....3.~~.0mMWWWWWW
`
`
`WWWWWWE.-.W.MWW.WG..:issxzr...
`
`
`
`
`90240cl4Omn
`
`
`
`
`
`
`
`mmw3%.-WWWWWWWWWWWWW..WW.WWWWWWWWWWWWWWWWW-WWW..WWWWW..3.-£wa-M
`
`
`
`
`
`
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 24 of 40
`
`
`
`
`
`
`Patent Application Publication May 24, 2012 Sheet 24 of 25
`
`US 2012/0130838 A1
`
`START
`
`|\.O
`
`672
`
`Send an initial purchase request to e-
`token enabled device of a purchaser
`
`674
`
`
`
`
`
`Enough balance
`in e-token
`enabled device?
`
`
`
`
`
`no
`
`END
`
`676
`
`
`
`yes
`
`Forward the received response from the e-
`token enabled device to P08 SAM
`
`678
`
`680
`
`682
`
`Receive a debit request containing a
`MAC from POS SAM
`
`Send the debit request to e-token
`enabled device to debit e-token
`
`Receive debit confirm message including additional
`MACs for transaction verification and settlement
`
`684
`
`686
`
`Forward the debit confirm message to
`P08 SAM for verification
`
`Display transaction after POS SAM
`has recorded the transaction
`
`END
`
`FIG. GD
`
`
`
`Google LLC v. RFCyber Corp. / Page 25 of 40
`
`GOOG-1029
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 25 of 40
`
`
`
`Patent Application Publication
`
`May 24, 2012 Sheet 25 0f 25
`
`US 2012/0130838 A1
`
`a?”
`
`NwAMw.w»Aa“wA
`
`La6E
`
`mfiwfimfi
`
`Ewfimafi
`
`E.
`
`mmwm
`
`$39ng
`
`$3me
`
` Em
`
`1'.xsasfisssxsxsfisxsfisxsfisstvfi
`
`k22
`
`i‘
`
`$3mwfimEgg
`
`
`
`mmmmgmfifim$393
`
`mmmmfimsfi
`
`wmw
`
`.
`
`wmammaa
`
`www.mwm
`
`92maooG
`o4fo62e9aPla.roCrebV.CFRv.CLLb9ooG
`
` wwfiwxafiwfififi$\\,.A,\x3...
`
`
`“Egan3m.xmwmmgmm
`
`
`W MW. *3“ WW M
`
`wfiwmwEN»Wmegmmm
`“Ewwmmwv,3‘
`
`gwwawmmm_mMama,
`
`,mamamm,,.VI3mmwfiwfiwmaué
`
`
`7437353333.v.IN{aa.«mumwbmwwmam“
`
`
`
`
`
`
`mmWk:MW5,45%“avakmwwzaamwmmwWmMmm«Mmewmuwmw
`
`i 3
`
`i
`
`%”
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 26 of 40
`
`
`
`
`
`
`
`
`
`
`US 2012/0130838 A1
`
`May 24, 2012
`
`lWETI-IOD AND APPARATUS FOR
`PERSONALIZING SECURE ELEMENTS IN
`MOBILE DEVICES
`
`
`
`
`
`APPLICATIONS
`
`CROSS-R % F 4 RENCE TO RELATED
`
`continuation—in—part of
`a
`[0001] This application is
`co—pending US. patent application Ser. No.: 11/534,653 filed
`on Sep. 24, 2006, now US Pat. No.
`, and also a con—
`tinuation—in—part of US. patent application Ser. No.: 1 1/739,
`044 filed on Apr. 23. 2007, which is a continuation-in—part of
`co-pending US. patent application Ser. No.: 11/534,653 filed
`on Sep. 24, 2006, now US. Pat. No.
`
`BACKG R0 UN D
`
`1. Technical Field
`[0002]
`[0003] The present invention is generally related to com-
`merce over networks. Particularly, the present invention is
`related to techniques for personalizing a secure element and
`provisioning an application such as an electronic purse that
`can be advantageously used in portable devices configured
`for both electronic commerce (a,k.a., e-commerce) and
`mobile commerce (aka, m-eommerce).
`[0004]
`2. Description of the Related Art
`[0005]
`Single functional cards have been successfully used
`in enclosed environments such as transportation systems.
`One example of such single functional cards is MIFARE that
`has been selected as the most successful contactless smart
`card technology. MIFARF, is the perfect solution for applica-
`tions like loyalty and vending cards, road tolling, city cards,
`access control and gaming.
`[0006] However, single functional card applications are
`deployed in enclosed systems, which are difficult to be
`expanded into other areas such as e—commerce and m—com—
`merce because stored values and transaction information are
`stored in data storage of each tag that is protected by a set of
`keys. The nature ofthe tag is that the keys need to be delivered
`to the card for authentication before any data can be accessed
`during a transaction. This constraint makes systems using
`such technology diflicult to be expanded to an open environ-
`ment such as the Internet for e-commerce and/or wireless
`networks for m-commerce as the delivery of keys over a
`public domain network causes security concerns.
`[0007]
`In general, a smart card, chip card, or integrated
`circuit card (ICC), is any pocket-sized card with embedded
`integrated circuits. A smart card or microprocessor cards
`contain volatile memory and microprocessor components.
`Smart cards may also provide strong security authentication
`for single sign-on (SSO) within large organizations. The ben-
`efits of smart cards are directly related to the volume of
`information and applications that are programmed for use on
`a card. A single contact/contactless smart card can be pro-
`grammed with multiple banking credentials, medical entitle-
`ment, driver’s license/public transport entitlement, loyalty
`programs and club memberships to name just a few. Multi-
`factor and proximity authentication can and has been embed-
`ded into smart cards to increase the security of all services on
`the card.
`
`[0008] Contactless smart cards that do not require physical
`contact between card and reader are becoming increasingly
`popular for payment and ticketing applications such as mass
`transit and highway tolls. Such Near Field Commtmication
`(NFC) between a contactless smart card and a reader presents
`
`significant business opportunities when used in NFC-enabled
`mobile phones for applications such as payment, transport
`ticketing, loyalty, physical access control, and other exciting
`new services.
`[0009]
`To support this fast evolving business environment,
`several entities including financial institutions. manufactures
`of various NFC-enabled mobile phones and software devel-
`opers,
`in addition to mobile network operators (MNO),
`become involved in the NFC mobile ecosystem. By nature of
`their individual roles, these players need to conununicate
`with each other and exchange messages in a reliable and
`interoperable way.
`[0010] One ofthe concerns in the NFC mobile ecosystem is
`its security in an open network. Thus there is a need to provide
`techniques to personalize a secure element in a contactless
`smart card or an NFC—enabled mobile device so that such a
`device is so secured and personalized when it comes to finan—
`cial applications or secure transactions. With a personalized
`secure element in an NFC-enabled mobile device. various
`applications or services, such as electronic purse or pay-
`ments, can be realized. Accordingly, there is another need for
`techniques to provision or manage an application or service in
`connection with a personalized secure element.
`
`SUMMARY
`
`[0011] This section is forthc purpose of summarizing some
`aspects ofembodiments ofthe present invention and to briefly
`introduce some preferred embodiments. Simplifications or
`omissions in this section as well as the title and the abstract of
`this disclosure may be made to avoid obscuring the purpose of
`the section, the title and the abstract. Such simplifications or
`omissions are not intended to limit the scope of the present
`invention.
`[0012] Broadly speaking, the invention is related to tech-
`niques for personalizing secure elements in NFC devices to
`enable various secure transactions over a network (wired
`and/or wireless network). With a personalized secure clement
`(hence secured clement), techniques for provisioning various
`applications or services are also provided. Interactions among
`different parties are managed to effectuate a personalization
`or provisioning process flawlessly to enable an NFC device
`for a user thereof to start enjoying the convenience of com-
`merce over a data network with miuirnum effort.
`[0013] As an example of application to be provided over a
`secured element, a mechanism is provided to enable devices,
`especially portable devices, to function as an electronic purse
`(e-purse) to conduct transactions over an open network with
`a payment server without compromising security. According
`to one embodiment, a device is installed with an e-purse
`manager (i.e., an application). The e-purse manager is con-
`figured to manage various transactions and functions as a
`mechanism to access an emulator therein. Secured financial
`transactions can then be conducted over a wired network, a
`wireless network or a combination ofboth wired and wireless
`network.
`[0014] According to another aspect of the present inven—
`tion, security keys (either symmetric or asynunetric) are per—
`sonalized so as to personalize an e-purse and perform a
`secured transaction with a payment server. In one embodi-
`ment, the essential data to be personalized into an e-purse
`include one or more operation keys (e.g., a load key and a
`purchase key), default PINs, administration keys (e.g., an
`unblock PIN key and a reload PIN key), and passwords (e. g.,
`from Mifare). During a transaction, the security keys are used
`
`
`
`Google LLC v. RFCyber Corp. / Page 27 of 40
`
`GOOG-1029
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 27 of 40
`
`
`
`US 2012/0130838 A1
`
`May 24, 2012
`
`to establish a secured channel between an embedded e-purse
`and an SAM (Security Authentication Module) or a backend
`server.
`
`[0015] The present invention may be implemented in vari-
`ous forms including a method, a system, an apparatus, a part
`ofa system or a computer readable medium. According to one
`embodiment, the present invention is a method for personal-
`izing a secure element associated with a computing device
`The method comprises initiating data communication with a
`server, sending device information of the secure element in
`responding to a request from the server after the server deter—
`mines that the secure element is registered therewith. wherein
`the device information is a sequence of characters uniquely
`identifying the secure element, and the request is a command
`causing the computing device to retrieve the device informa-
`tion from the secure element, receiving at least a set of keys
`from the server, wherein the keys are generated in the server
`in accordance with the device information of the secure ele-
`ment, and storing the set of keys in the secure element to
`facilitate a subsequent transaction by the computing device.
`[0016] According to another embodiment,
`the present
`invention is a method for personalizing a secure element
`associated with a computing device. The method comprises
`receiving an inquiry to establish data commtmication
`between a server and the computing device, sending a request
`from the server to the computing device to request device
`information of the secure element after the server determines
`that the computing device is registered therewith, wherein the
`device information is a sequence ofcharacters uniquely iden—
`tifying the secure element, and the request is a command that
`subsequently causes the computing device to retrieve the
`device information from the secure element therein, generat-
`ing at least a set of keys in accordance with the device infor-
`mation received, delivering the set of keys through a secured
`channel over a data network to the computing device, wherein
`the set ofkeys is caused to be stored in the secure element with
`the computing device, and notifying at least a related party
`that the secure element is now personalized for subsequent
`trusted transactions.
`
`[0017] According to still another embodiment, the present
`invention is a method for provisioning an application
`installed in a mobile device, the method comprises sending to
`a server an identifier identifying the application together with
`device information of a secure element associated with a
`mobile device on which the application has been installed,
`establishing a secured channel between the secure element
`and the server using a set of key set installed in the secure
`element, receiving data prepared by the server to enable the
`application to function as designed on the mobile device; and
`sending out an acknowledgement to a provider of the appli—
`cation about a status of the application now being active with
`the secure element on the mobile device. The data received in
`the mobile device includes a user interface of the application
`per the mobile device and a generated application key set.
`[0018] According to still another embodiment, the present
`invention is a method for provisioning an application, the
`method comprises receiving from a mobile device an identi—
`fier identifying the application together with device informa-
`tion of a secure element associated with the mobile device on
`which the application has been installed, establishing a
`secured channel between the secure element and the server
`using a set of key set installed on the secure element, prepar-
`ing data necessary for the application to function as designed
`on the mobile device, transporting the data from the server to
`
`enable the application via the secured channel; and notifying
`a provider of the application about a status of the application
`now active with the secure element on the mobile device.
`[0019] According to yet another embodiment, the present
`invention is a mobile device for conducting a transaction over
`a network, the mobile device comprises a network interface,
`a secure element, a memory space for storing at least a module
`and an application downloaded from the network, a processor
`coupled to the memory space and configured to execute the
`module to cause operations including verifying whether the
`application has been provisioned. When it is verified that the
`application has not been provisioned, the operations further
`comprise sending to a server via the network interface an
`identifier identifying the application together with device
`information ofa secure element, establishing a secured chan—
`nel between the secure element and the server using a key set
`installed on the secure element, wherein the server is config—
`ured to prepare data necessary for the application to function
`as designed on the mobile device, receiving the data from the
`server to associate the application with the secure element,
`and sending out an acknowledgement to a provider of the
`application about a status of the application that is now active
`with the secure element, The processor is further configured
`to determine if the secure element has been personalized
`before performing a provisioning process ofthe application.
`If the secure element has not been personalized, the mobile
`device is caused to personalize the secure element with a
`designed server.
`[0020] One of the objects, features, and advantages of the
`present invention is to enable a mobile device that can be used
`to perform a secured transaction with a party (e. g., at a point
`ofsale, with a commercial server or accessing remotely) over
`an unsecured network (e.g., the Internet).
`[0021] Other objects,
`features, and advantages of the
`present invention, which will become apparent upon exam-
`ining the following detailed description of an embodiment
`thereof, taken in conjunction with the attached drawings.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`
`
`[0022] T16 invention will be readily understood by the
`following c etailed description in conjunction with the accom-
`panying drawings, wherein like reference numerals designate
`like structural elements, and in which:
`[0023]
`F G. 1A shows a simplified architecture of an NFC-
`
`enabled mobile device with a secure element (SE);
`[0024]
`F G. IE shows a flowchart or process of personal-
`izing an SE according to one embodiment of the present
`invention;
`
`[0025]
`F G. 1C shows relationships among an SE manu—
`facturer, a TSM admin and the TSM system for both offline
`and online modes;
`[0026]
`F G. 1D illustrates data flows among a user for an
`NFC device (e.g., an NFC mobile phone), the NFC device
`itself, a TSVI server, a corresponding SE manufacturer and an
`SE issuer;
`[0027]
`F G. 1E shows a data flowchart or process of per-
`sonalizing data flow among three entities: a land-based SAM
`or a network e-purse server, an e-purse acting as a gatekeeper,
`and a single function tag, according to one embodiment;
`[0028]
`F G. 2A shows a mobile payment eco system in
`which related parties are shown in order for the mobile pay-
`ment ecosystem successful;
`[0029]
`F G. 2B shows a flowchart or process of provision-
`ing one or more applications according to one embodiment;
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 28 of 40
`
`GOOG-1029
`Google LLC v. RFCyber Corp. / Page 28 of 40
`
`
`
`US 2012/0130838 A1
`
`Li.)
`
`May 24, 2012
`
`FIG. 2C shows a data flow illustrating various inter-
`[0030]
`actions among different parties when an application is being
`provisioned in one embodiment;
`[0031]
`FIG. 2D shows a data flow among different entities
`when preparing the application data in provisioning an appli-
`cation;
`FIG. 2E shows a flowchart or process for locking or
`[0032]
`disabling an installed application;
`[0033]
`FIG. 2F shows an exemplary architecture diagram
`ofa portable device enabled as an e-purse conducting e-com-
`merce and m-commerce, according to one embodiment of the
`present invention;
`[0034]
`FIG. 3A is a block diagram ofrelated modules inter-
`acting with each other to achieve what is referred to herein as
`e—purse personalization by an authorized personnel (a.k.a.,
`personalizing a mobile device or a secure element therein
`while provisioning an application);
`[0035]
`FIG. 3B shows a block diagram of related modules
`interacting with each other to achieve what is referred to
`herein as e-purse personalization by a user of the e-purse;
`[0036]
`FIG. 3C shows a flowchart or process of personal-
`izing an e-purse according to one embodiment of the present
`invention;
`[0037]
`FIG. 4A and FIG. 4B show together a flowchart or
`process of financing, ftmding,
`load or top-up an e-purse
`according to one embodiment of the present invention;
`[0038]
`FIG. 4C shows an exemplary block diagram of
`related blocks interacting with each other to achieve the pro-
`cess FIG. 4A and FIG. 4B,
`[0039]
`FIG. 5A is a diagram showing a first exemplary
`architecture of a portable device for enabling e-commerce
`and m-commerce functionalities over a cellular communica-
`tions network (i.e., 3G, LTE or GPRS network), according an
`embodiment of the present invention;
`[0040]
`FIG. 5B is a diagram showing a second exemplary
`architecture of a portable device for enabling e-commerce
`and m-commerce functionalities over a wired and/or wireless
`data network (e.g., Internet), according another embodiment
`of the present invention;
`[0041]
`FIG. 5C is a flowchart illustrating an exemplary
`process of enabling the portable device of FIG. 5A for ser-
`vices/applications provided by one or more service providers
`in accordance With one embodiment of the present invention;
`[0042]
`FIG. 6A is a diagram showing an exemplary archi-
`tecture, in which aportahle device is enabled as a mobile POS
`conducting e-commerce and m-commerce, according to one
`embodiment of the present invention;
`[0043]
`FIG. 6B is a diagram showing an exemplary archi-
`tecture, in which aportable device is enabled as amobile POS
`conducting a transaction upload operation over a network,
`according to an embodiment o