`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 1 of 41
`
`EXHIBIT Q
`EXHIBIT Q
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 2 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 2 of 41
`
`
`
`
`EXHIBIT D
`EXHIBIT D
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 3 of 41
`eew= ——STAFTTTAAAEA
`
`US009240009B2
`
`a2) United States Patent
`US 9,240,009 B2
`(0) Patent No.:
`Jan. 19, 2016
`(45) Date of Patent:
`Kohet al.
`
`(54)
`
`(75)
`
`(73)
`
`MOBILE DEVICES FOR COMMERCE OVER
`UNSECURED NETWORKS
`
`Inventors: Liang Seng Koh, Fremont, CA (US);
`Hsin Pan, Fremont, CA (US);
`Xiangzhen Xie, Guangdong (CN)
`
`Assignees: Rich House Global Technology Ltd.,
`Shenzhen (CN); RFCyber Corp.,
`Fremont, CA (US)
`
`(*)
`
`Notice:
`
`Subject to any disclaimer, the term ofthis
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 227 days.
`
`(21)
`
`Appl. No.: 13/350,835
`
`(22)
`
`(65)
`
`(63)
`
`Filed:
`
`Jan. 16, 2012
`
`Prior Publication Data
`
`US 201
`
`2/0130839 Al
`
`May24, 2012
`
`Related U.S. Application Data
`
`Continuation-in-part of application No. 11/534,653,
`filed on Sep. 24, 2006, now Pat. No. 8,118,218, and a
`continuation-in-part of application No. 11/739,044,
`filed on Apr. 23, 2007.
`
`(51)
`
`Int. Cl.
`
`G060 20/00
`G060 20/34
`G060 20/36
`G060 30/06
`U.S. Cl.
`
`(52)
`
`(2012.01)
`(2012.01)
`(2012.01)
`(2012.01)
`
`CPC veces G06Q 20/3552 (2013.01); GO6Q 20/352
`(2013.01); G06Q 20/3672 (2013.01); G06Q
`30/0601 (2013.01)
`
`(58) Field of Classification Search
`CPC..... GO6F 21/34; GO7F 7/1008; G06Q 20/341;
`G06Q 20/3674; GO6Q 20/382; G06Q 20/20;
`G06Q 20/32; G06Q 20/367; G06Q 20/3672
`USPC viececesesssesseeseseesensees 235/379, 380, 451, 492
`See application file for complete search history.
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`8,725,632 B2*
`
`5/2014 Tompkins .............. G06Q 20/12
`705/39
`2/2004 Takayamaetal. ............ 713/180
`2004/0039919 Al*
`8/2005 Labrouetal. .......
`bees 705/40
`2005/0187873 Al*
`
`7/2006 Shenfieldet al.
`. 709/250
`2006/0168355 Al*
`
`6/2007 Lawetal. .......
`2007/0125838 Al*
`w. 235/379
`
`w. 235/379
`1/2008 Rackley, III et al.
`2008/0006685 Al*
`3/2009 Jain etal.
`........
`2009/0069051 Al*
`betes 455/558
`2010/0291904 Al* 11/2010 Musfeldtet al.
`beeeeetenes 455/414.1
`
`* cited by examiner
`
`Primary Examiner — Christopher Stanford
`(74) Attorney, Agent, or Firm — Joe Zheng
`
`(57)
`
`ABSTRACT
`
`Techniques for managing modulesor applications installed in
`a mobile device are described. To provide authentic and
`secured transactions with another device, each ofthe installed
`applications is provisioned with a server through data com-
`munication capability in a mobile device. A provisioned
`application is associated with the personalized secure ele-
`ment in the mobile device and workswith a set ofkeys that are
`generated in accordance with a set of keys from the person-
`alized secure element. Further managementof controlling an
`installed application is also described.
`
`17 Claims, 25 Drawing Sheets
`
`Secured
`107
`memory
`405
`
`
`100
` Processor
`
`
`
`
`
`
` Applet
`
`
`
`409
`Card
`interface
`
`Secure Element
`
`
`
`12
`
`110
`
` ¥
`
`
`7~~— 130
`
`
`
`END
`
`
`
`genuine device?
`
`
`
`Communicate with a dedicated server(e.g., a TSM) T-—— 114
`
`
`
`x.
` ¥.
`L_- 116
`Register NFC device with server
`
`
`
`
`Request SE-related information from device {~~ 118
`122
`
`yi
`120
`Z
`&-Purse
` get updated device info
`Application
`Contact SE manufacturer|"eS Update default
`
`information?
`~~
`106
`404
`
`No¥
`p~— 124
`
`"_—* Store the retrieved device info in database
`
`
`
`x
`
`| Generate keys based on the device information 7~—~ 126 x
`
`
`Put the generated keysetinto the SET 128
`Synchronize the keys and device information
`
`with the SE issuer
`
`
`Network interface
`
` NFCcontroller
`
`104
`
`
`
`403
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 4 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 4 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 1 of 25
`
`US 9,240,009 B2
`
`JOSS9001q
`60==psegpounses
`
`eoeelulZo,AsowewSOL
`BORLSJU!YIOMION49|JO4JUODDAN
`
`
`colLOL
`
`ViOld
`
`
`
`JUSWS]>jaiNdaS
`
`esind-3
`
`901
`
`uoneajddy
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 5 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 5 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 2 of 25
`
`US 9,240,009 B2
`
`OLL
`
`vil
`
`LLJOAIOSUUMSdIASPO4NJaysiboy
`
`
`
`
`
`
`
`(INS2'6'9)JaAjaspayeolpapeuyayeolUNUIWOD
`
`
`
` Z901Aapsuinueb~LYVLS
`
`
`
`
`
`
`
`QLLSOIASPWO)UONBLUOJU!PeTBjel-ySisenbey
`
`vat
`
` au)IngtOZ}—~tUONBWUOJUISoIAaPoy]UOpasegshayo}B18UED| fOSEQEIEPUlOJUI
`
`
`SOIASPPOASIIO!OU}B101S
`
`
`9Zi3Sau]o1u!jasAeypeyesouab
`
`
`
`
`
`
`O€L
`
`
`
`
`
`UOEWUOJUIBDIASPpueshayouiSZIUOIYOUAS
`
`
`
`aNa
`
`4aNssiASBuy}YM
`
`Gb‘Old
`
`OL
`
`ZUOHEWIOLUT
`
`
`OjUlSOIASPpeyepdn336
`
`
`
`
`
`
`ynejepayepdy
`SOA
`saunjoejnuewAsjyoeye57col
`
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 6 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 6 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 3 of 25
`
`US 9,240,009 B2
`
`g720IspeeJdADEPYys)
`
`PAVGLOEOU
`
`
`
`Srnnenreeinriene5
`
`
`
`
`
`
`
`9L‘SJajepdyqs]ynejeq40)yoeoiddyyoyegauluO
`
`
`
`POSpineWiAIDepJAE
`
`aSeqelepOn
`
`
`
`
`
`HUSISASWSLJOANIEPMU3S
`
`rntennnntiennarrnnneptieenmerrnter,podpba
`ISLBISGSPUneeDouloshin
`werentTtBes*
`
`
`
`
`
`
`
`
`
`ejepdrGSIynejeq10}yoeouddyyojegsullyo
`
`
`
`
`
`
`
`heeasec
`
`Seamte:
`
`
`
`LUBISAS[AIS]WARDSRATYIRIORI35ISL
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 7 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 7 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 4 of 25
`
`US 9,240,009 B2
`
`CREMERLS,gLOldpoy
`
`sehedetetatenesBideteteceseaeddehetatntaieietetntaiierstnieiaterenatadatetyeistntntnintaiideiataiaietenenesanieheiedectseaoesnnsstatanceed_neeeetinnerinneinnitintornevttetioies
`
`
`aenee,BEai“3aoe4a
`
`
`
`i:FASTBODENSRO
`
`Ol
`
`joARNTUMGeEHBee't|
`
`
`
`
`
`
`
`3Cpep
`
`
`
`
`
`AGaRasSyeGEN94h
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 8 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 8 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 5 of 25
`
`US 9,240,009 B2
`
`QSL
`
`uonjounj
`
`ajBuis
`
`sBey
`
`OS/
`
`dbSl
`
`uonoun4
`
`ajbuisaynoexy
`
`esind-y
`joBbueyy
`
`NddvJOeouenbes
`
`O}SPUBLULUOD
`
`-puey
`
`paseq
`
`JOWVS
`
`0}SpUBLULUOD
`sespy
`
`sHelsseooy
`
`v
`SL
`
`
`Jadaey
`
`ayes)
`
`esind-9juewe|diw}
`
`~2YJOMION
`
`
`
`seyonssuonjesedo
`
`
`
`aseyoind‘dn-do}
`
`cGL
`
`JBAI8S
`
`esind
`
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 9 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 9 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 6 of 25
`
`US 9,240,009 B2
`
`002
`
`
`
`VeSila
`
`OLZ
`
`juswebeury~_Nei/we/SJUBYOIBY]
`
`ULOHE]4SIGOIAj“/\OS
`0%NS|éSIOPIADI‘,fSISHE}OU
`SIBPIAGIGa].~,
`902ff\SUOITHSY]
`ddy(O4N)Welshsoog
`
`
`
`juawabeueyBO1AIaSSstodloleaed
`
`SiOplAoidSIOPIADIy0Z
`SIPINGaz/\jeroueul#|
`SOIABC]\\fOO
`idS}WeUIs|y|sequiosqns
`
`anaesaingesjs19sty
`
`wo‘j
`jUusUAeds]igoWA.
`
`
`re:menesiojeisdo
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 10 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 10 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 7 of 25
`
`US 9,240,009 B2
`
`
`
`vee
`
`9”E
`
`7740Japiaoiduoneajddeay)AON
`
`
`
`
`
`UUMuOHeoNddesuyjosmieyssuy
`
`
`GSSpajfeysulBuisn4geu)YM
`uoyeojddeaujojeyepasedal,
`
`
`
`
`BOIASPOIGOWpalnuop!ou}
`
`jouueUopeinoeseYysiqeysy
`
`
`922|NS]e“6'3)JaAs90SpayeoipapeBUTM
`Bec_Ab‘OldsOOL0}0D
`
`
`CjUJIM}}PuasPUBOJUlSOIASPaASUISY
`
`
`J@AJ8SBu}0}UONeORddeau)BusAyQuapl
`
`jaUUBYSUONBOIUNWLUOSeBYsgej|sa
`GS]paaepBuisn4gey)yim
`
`
`j@UUBUOpainoaseBYsiqeisy
`Jenssiau}AynueJasna4}JapUiLUdJJO
`SEYASSu}JON
`
`ove
`
`Ove
`
`ON
`
`dss|eysu|
`
`E72
`
`“
`
`ass
`
`epayeysup
`
`VEC
`
`ZUOISIAOIdYes
`
`O02?
`
`LYVLsS
`
`
`
`peuacisiaoidBuieg
`
`Sax
`
`ve?
`
`0&2
`
`Cpezyeuosied
`
`cL?
`
`9E?%
`
`SOX
`
`ON
`
`$!dS$1
`
`pajeioosse
`
`Eddyauljm
`
`déDd
`
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 11 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 11 of 41
`
`U.S. Patent
`
`Sheet 8 of 25
`
`US 9,240,009 B2
`
`92‘Old
`
` OSC
`
`
`
`“pasaCISPE:
`
`G31
`
`GSSPr
`
`
`
`‘bayDeOSIAGarinl
`
`
`
`rdehyPESEACYT
`
`pbiaygagsey‘ass:
`
`Agngssanonsasemeso7Guang;L ibsRacise
`
`~anuyuays
`
`
`
`
`
`“peesaenes)2SJe0085GLBOIGGTBUGOIAx
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 12 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 12 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 9 of 25
`
`US 9,240,009 B2
`
`déJd
`
`Lodaeyyepsng
`May
`
`
`
`
`
`
`
`AgnaSsacetesAgonyoTI‘dchyEosmiesy
`aiagei=a;
`Sadaoywer
`
`speduonereuarage1
`
`
`
`Bogusaaaddaydeg|:!iC.Ppay
`
`
`
`REUTERcaeoe|GGZ{[eaionesee|“a-“GharaaeedaseyHidyeissispureasei|/Sleeeneeeeenenneneneenenneneena!
`
`
`
`
`
`RepwoHE
`
`
`
`Senaycpa?0|Bag
`
`DERMOT|
`
`
`
`
`
`
`
`1ROST)SoINarySIGE
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 13 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 13 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 10 of 25
`
`US 9,240,009 B2
`
`déSd
`
`
`
`Z1zuoyeojddeayyBuygqesipAqspeesoid4S
`
`
`
`uopesddepaynuep!94}$yO0]ey}FSau}
`
`ble
`
`juawebpajmouyveueyespussFS
`
`
`
`
`
`0120}senbsiUoneledoueSeyeNIUlSOIASpSUL
`
`092
`
`29%
`
`yoo}Wels
`
` lev9eéucneiedo
`
`
`
`
`
`99
`
`YyonsAjUaA,
`
`Zabessaw
`
`
`
`
`
`SdAaP3uiO01(Ndi)PUBLULUICODepuas
`
`
`
`pueuoneoijddeseinoniedeApjuap|
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 14 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 14 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 11 of 25
`
`US 9,240,009 B2
`
`082
`
`déOld
`
`aiqewod
`
`Z8ZSB01Aaq
`
`
`
`
`
`SIBLBJU|SSOPORIUOD|—-ggz
`
`yeuonoun4ajBuis
`
`pueDWes
`
`
`
`jO90}O1gPUeD
`
`1{O00}Oie|
`
`Joyeynuy
`
`yingyeiddy
`
`YMddud
`
`asund-3
`
`asind-3
`
`802
`
`9QZPJIOMSSE>
`
`AW0}ssaooy
`
`vee
`
`BSOISUILUOD-3
`
`SOJSWILUOO-U
`
`
`
`JUSWUOHAUZpesojouy
`
`ueul(uoneLiodsueL
`
`JOS810}S
`
`Ba)
`
`
`
`GOJOWULUODPSSeg-puey
`
`JO}QIeEMpsePYHunsixs
`
`
`jueByqanA
`
`
`
`veedquo
`
`
`
`
`
`Q6¢JapeayssapoejuoD
`
`
`
`MJOMIONuawAeg
`
`062
`
`SIBAIASpue
`
`
`
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 15 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 15 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 12 of 25
`
`US 9,240,009 B2
`
`VeSl
`
`
`
`CLEjajddy
`
`osund-9
`
`Joyeinuy
`
`SSafjoe|Uuoy
`
`Jepeey
`
`OLE
`
`LLE
`
`
`
`JeBeueyypied
`
`Beeeeeneeeeeeeeeeeeeeeee
`
`Bunsixy
`
`VS
`
`UONEZHPUOSIOd
`
`uoneoiddy
`
`ZOEJBAIOS
`
`esind-8MeN
`
`90EWVS
`
`COE
`
`JQULOSIBg
`
`pazuouiny
`
`© o
`
`O
`
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 16 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 16 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 13 of 25
`
`US 9,240,009 B2
`
`qeOa
`
`ELE
`jaiddy
`
`esind-a
`
`Joyejnuy
`
`LLE
`
`
`
`seBeueyypied
`
`Nn
`
`Bulsixg
`
`80€weWVS
`
`PZESIBAISS
`
`pueYIOMISN
`
`juauAed
`
`© C
`
`9
`
`gsind-9Man
`
`90¢AWS
`
`ICIN
`
`Coe
`
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 17 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 17 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 14 of 25
`
`US 9,240,009 B2
`
`JE‘S/d
`
`
`
`
`
`RB9e,pezieuosied,joayeise0}asind-9auleS
`
`GN&3
`
`v9E
`
`SdlAepay)Uljeiddeasind-auepukeWIVSSunsixeay}usemiag|Se}ou}pueWsSunsixsueBIAspiomssed4\\
`
`
`
`
`ajes9uag
`
`
`
`
`
`Jojejnueal;pueprysSuysixeay]usemjeg
`
`
`
`
`
`
`
`zs¢uoHezieuosuadayeniuy
`
`pieoou}WoyG|Se]eyopeay
`
`BSE
`
`9GE
`
`
`
`@dIAapBy)Ulyajddeesund-auepue
`
`O09€
`
`
`
`
`WYSasund-ameuay]usenjagsuidpueshayUOWeIedoesund-aaj}e19Ua5
`
`
`BOIAVPSy}Uljajddeosund-ouepuewysosund-omauueUsEeMjOg
`
`
`
`jouueysANoeseBUSIqeise0}ureLUOpAjundesUOHeONddeesp
`
`
`
`jauueyoAyndeseYUSIqeise0}ulewopAjunoeasuoneayddeesn
`
`
`
`
`
`
`
`
` feolaapayyulyajddeasund-auepueprysuojeyodsueyBuysixeueusamjeg
`
`c9e
`
`
`
`
`
`
`
`q|62)ey)puewsBuysixeau)BIAsoyBjNLUSUeJoShayPeULIOJSUBI]SyesBUSS
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 18 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 18 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 15 of 25
`
`US 9,240,009 B2
`
`VvSad
`
`
`
`80}@|PIWBu]O]asUOdSSBeSesOdWwODasind-y
`
`OLP
`
`
`
`asuodsaiau)
`
`&PSYLOA
`
`ZipPOLUOAJi‘yuegBuOsuodse0}jsenbe,
`
`eBAeA
`
`
`JajsuedpunyeoyeniulpuejuNoooeBulpuodsaiuco
`
`
`
`PLPyuegey}Woldasuodse,eBaAlgoay
`
`
`
`
`
`90+yojddeasund-9a0)jsenbe&spuas19IGHA
`
`
`
`
`
`JaBeuewasunday]SSeo0e0]Nid
`
`
`
`
`
`vorpyeaBuvayueJayeJeIpiweeIAsenbeseayeniuy
`
`
`
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 19 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 19 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 16 of 25
`
`US 9,240,009 B2
`
`
`
`
`
`Olyofesseawyompeu&Ulpappequueau)PueMUO4asuodsei
`
`
`
`
`
`
`
`
`
`gLyasind-9ay}0}Wey)PuesPUBSPUBWILUODNG}0eNxXepuedis1e/piyy
`
`OcYy
`
`
`
`
`
`SpUBWUOOSpusspueAOnUaUINeNGdyoY}SeyeAasind-y
`
`
`
`
`
`BojuonoesueyesayepdnpueJoejnNWaoy}O}
`
`GyOld
`
`CN&A
`
`
`
`
`
`UONBOUAAO}e]}JO}pourejasstasuOdselNagyeu}saye
`
`
`
`
`
`veVvjajpiJoyaBessawsnje}s|NJssooonsesje19UayD
`
`
`
`
`
`CCV
`
`
`
`JOAI9sJuBLUAedSU}0}JseNbesWoMjaUBeUl
`
`
`
`
`
`
`
`
`
`asuodsalNGdYVUeSE}EINUUO}JEU}JO{PILUOU}O}]JON!CSA}eIBUayd
`
`
`
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 20 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 20 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 17 of 25
`
`US 9,240,009 B2
`
`O14
`Il
`
`chy
`
`Buroueul-
`
`yueg
`
`sanafp—Ber
`
`YIOMJONjUSWAeY
`Ovyvor
`SIBAIOSpue
`
`9ePV
`
`esind-3
`
`yojddy
`
`
`
`|__|so5eueyy
`
`VICI
`
`asind-a
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 21 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 21 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 18 of 25
`
`US 9,240,009 B2
`
`
`
`AsoysodayAuoysoday
`
`90SvOs
`
`:00SheoyaayfuoqoauigEIGN
`
`
`
`
`uoneoydduoneoyddJO1PINja\ddyKona,‘ouAAR
`
`
`
`
`9LSWVSdd
`
`
`
`LLGVSUoHeolddy
`
`
`
`SUBPIADIBOIAIBS
`
`VLGSIBAIaS
`
`JBAIBSAlopaiq
`
`ZLS
`
`Jemnyen”
`
`¢
`
`SUO}EOIUNLUWOTY
`
`paunoasg
`
`ajqeLog—SLs
`
`02SOMION
`
`jouueyo
`
`v$‘Old
`
`6¢S
`
`ves
`
`
`JUSWE}ypeinoes
`
`22gja\ddyuoneoyjddy
`
`9zgJoBeueypregdd
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 22 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 22 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 19 of 25
`
`US 9,240,009 B2
`
`OVSJIPIYyojddyKsoyoauq
`
`
`
`
`—AioysodoyAioysodeyAioysodayy
`
`
`
`9LSWSdd
`
`
`
`LLSWVSUoneoddy
`
`
`
`SIOPIADIBAIS
`
`PLSSI@AIBS
`
`
`
`JaniagAiojooiGq
`
`cLS
`
`
`
`puegesegSd1A9q
`
`ajqeyiodgGe
`
`JOMION™
`
`ulewogStandBegJajndwoD
`
`90SvOS20S
`
`ZSoesSS\"S91MOS
`
`ifZegiaBeueyy
`
`
`
`
`
`6Lgjeuueyo
`
`
`
`OZJIGIWUOHeOddy72gJabeueyys01egpeunoas
`
`
`
`
`
`g¢‘Oldses
`
`
`
`JUsWa|ypaunses
`
`ves
`
`ssajjoe|u0D
`
`12Syajddyuoneorddy97gsaHeueWpeddO270TTTITJepeey/-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 23 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 23 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 20 of 25
`
`US 9,240,009 B2
`
`9S‘Vl
`
`
`
`
`
`cSGjsanbaladiAjasBpuas
`
`
`
`suoyqeaydde/saclAlasAplAdid
`
`
`
`
`
`vSSuonduosqnsuopesegqbuns}
`
`
`
`
`
`99Spajogas|fe}SuIpuepeojumog
`
`85S
`
`pepesuIJoyeNWepue
`
`
`
`sjajddepapeojuMmopau}azijeuosidg
`
`
`
`
`
`(sjyojdde)suoyeolddesseolnes
`
`
`
`
`
`09SSISIGHANUoHeo|ddepeojumog
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 24 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 24 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 21 of 25
`
`US 9,240,009 B2
`
`
`
`ao1Aaq8L9
`
`
`
`
`
`ooeeeceeecececeeesesceedWeeneee,
`
`V9‘Sid9696016q
`
`69
`
`uoloesuey
`
`aufear
`
`Uay0}-8
`
`peiqeug
`
`pueqeseg
`
`veg
`
`
`
`yUaWa}ypeunves
`
`6c9
`
`uopesado
`
`
`
`
`
`a|qewodjouueyg———7yo}eqJO
`
`SUONBOIUNWUIOD>JEIN|IBO
`OzSHoman—_)
`
`
`
`peindesuojoesueyialu}fea
`
`
`
`uonoesuel|SOd
`
`LQJaNIaS
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 25 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 25 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 22 of 25
`
`US 9,240,009 B2
`
`0v9
`
`peunoes
`
`619/jauueuD
`
`
`
`uoyjoesuel]SOdUlEWIOGdqNnd
`
`E19JOAIBSOMEN
`
`LaG
`
`BIQeOd
`
`0€9SSa01Aeq
`
`gegJajndwoy
`
`5$9}]02]U0D
`
`g9Sis
`
`veg
`
`
`
`jUSWW9}qpeunoes
`
`62S
`
`829WVSSOd
`
`
`
`pueqeseg€29WSOd\sepesy
`
`iaBeue.veg
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 26 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 26 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 23 of 25
`
`US 9,240,009 B2
`
`99Dl
`
`
`
`édn-do}awn
`
`Z99
`
` £59é,Uay40}
`
`
`
`dn-do}jenyia10
`
`899dn-do}@Wiopie,d
`
`
`
`j201JOUO
`
`0S9
`
`
`
`Jaseyound@Wold)UayO}]-8UBSASBLIOY
`
`
`
`ZUS}0}-9PIeA
`
`
`
`yBnoudas8y)$
`
`~9ulaouR}eq
`
`
`
`
`
`UdSyO}-8WdJUNOWWepeseuoindjonpeg
`
`
`J@AJ8SpueyoRgO}suOOeSUB.peony
`
`(yo}equlJOUONOesUe.yore)
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 27 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 27 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 24 of 25
`
`US 9,240,009 B2
`
`START
`
`670
`
`Send an initial purchase requestto e-
`token enabled device of a purchaser
`
`674
`
`
`
`
`
`
`
`
`Enough balance
`in e-token
`enabled device?
`
`yes
`
`END
`
`no
`
`672
`
`676
`
`Forward the received responsefrom the e-
`token enabled device to POS SAM
`
`678
`
`6
`
`80
`
`682
`
`Receive a debit request containing a
`MAC from POS SAM
`
`Send the debit request to e-token
`enabled device to debit e-token
`
`Receive debit confirm message including additional
`MACs for transaction verification and settlement
`
`6
`
`84
`
`6
`
`86
`
`Forward the debit confirm message to
`POS SAM for verification
`
`Display transaction after POS SAM
`has recorded the transaction
`
`FIG. 6D
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 28 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 28 of 41
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 25 of 25
`
`US 9,240,009 B2
`
`2
`
`y
`
`—--eeeKeeKeKeKHEE7/.ihh'HWGeqnipag|yuowAedWs
`
`QOJ@ULUOD-LU'UOHBAIOSAY|BOIAIOGyeyon1WAISASgeA.OLJ@PIACld joooNpanaennaewenemasAlaAljeppue9a!aseyoind
`
`JeyOH-a|@0YOXOog|WVaeeeeenenee5Sfo
`
`
`
`
`
`
`
`Z‘OA
`
`vel
`
`UU
`
`Buneyoy
`
`
`
`aseyoindjayoy
`
`
`
`AJSAEppue
`
`
`
`HuiseyoindSOJOLULUOO-9
`
`
`uojeonddyyzesind-oIGeYOd
` ad|AeqOrajqeyo,
`
`
`epee
`
`unioouDQZJUaWE|apeinoes
`
`
`
`ayegOJUOPaso}s}949-94gy
`
`
`
`
`
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 29 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 29 of 41
`
`US 9,240,009 B2
`
`1
`MOBILE DEVICES FOR COMMERCE OVER
`UNSECURED NETWORKS
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`10
`
`2
`To support this fast evolving business environment, several
`entities including financial institutions, manufactures ofvari-
`ous NFC-enabled mobile phones and software developers, in
`addition to mobile network operators (MNO), become
`involved in the NFC mobile ecosystem. By nature of their
`individual roles, these players need to communicate with
`This application is a continuation-in-part of U.S. patent each other and exchange messagesinareliable and interop-
`
`application Ser. No. 11/534,653 filed on Sep. 24, 2006, now
`erable way.
`USS. Pat. No. 8,118,218, and also a continuation-in-part of
`One of the concerns in the NFC mobile ecosystem is its
`USS. patent application Ser. No. 11/739,044filed on Apr.23,
`security in an open network. Thusthere is a need to provide
`2007, which is a continuation-in-part of U.S. patent applica-
`techniques to personalize a secure element in a contactless
`smart card or an NFC-enabled mobile device so that such a
`tion Ser. No. 11/534,653 filed on Sep. 24, 2006, now U.S. Pat.
`No. 8,118,218.
`
`BACKGROUND
`
`1. Technical Field
`
`The present invention is generally related to commerce
`over networks. Particularly, the present inventionis related to
`techniquesfor personalizing a secure element and provision-
`ing an application such as an electronic purse that can be
`advantageously used in portable devices configured for both
`electronic commerce (a.k.a., e-commerce) and mobile com-
`merce (a.k.a., m-commerce).
`2. Description of the Related Art
`Single functional cards have been successfully used in
`enclosed environments such as transportation systems. One
`example of such single functional cards is MIFAREthat has
`been selected as the most successful contactless smart card
`technology. MIFAREis the perfect solution for applications
`like loyalty and vendingcards, road tolling, city cards, access
`control and gaming.
`However, single functional card applications are deployed
`in enclosed systems, which are difficult to be expandedinto
`other areas such as e-commerce and m-commerce because
`stored values and transaction information are stored in data
`
`storage of each tag that is protected by a set of keys. The
`nature of the tag is that the keys need to be delivered to the
`card for authentication before any data can be accessed during
`a transaction. This constraint makes systems using such tech-
`nology difficult to be expanded to an open environment such
`as the Internet for e-commerce and/or wireless networks for
`
`m-commerce as the delivery of keys over a public domain
`network causes security concerns.
`In general, a smart card, chip card, or integrated circuit card
`(ICC), is any pocket-sized card with embedded integrated
`circuits. A smart card or microprocessor cards contain vola-
`tile memory and microprocessor components. Smart cards
`may also provide strong security authentication for single
`sign-on (SSO) within large organizations. The benefits of
`smart cards are directly related to the volumeof information
`and applications that are programmed for use on a card. A
`single contact/contactless smart card can be programmed
`with multiple banking credentials, medical entitlement, driv-
`er’s license/public transport entitlement, loyalty programs
`and club memberships to namejust a few. Multi-factor and
`proximity authentication can and has been embedded into
`smart cards to increase the security ofall services on the card.
`Contactless smart cards that do not require physical contact
`between card and reader are becoming increasingly popular
`for payment and ticketing applications such as mass transit
`and highway tolls. Such Near Field Communication (NFC)
`between a contactless smart card and a reader presents sig-
`nificant business opportunities when used in NFC-enabled
`mobile phones for applications such as payment, transport
`ticketing, loyalty, physical access control, and other exciting
`new services.
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`device is so secured and personalized whenit comesto finan-
`cial applications or secure transactions. With a personalized
`secure element in an NFC-enabled mobile device, various
`applications or services, such as electronic purse or pay-
`ments, can be realized. Accordingly,there is another need for
`techniquesto provision or manage an application or service in
`connection with a personalized secure element.
`
`SUMMARY
`
`This section is for the purpose of summarizing some
`aspects ofembodimentsofthe present invention andto briefly
`introduce somepreferred embodiments. Simplifications or
`omissionsin this section as well as thetitle and the abstract of
`
`this disclosure may be made to avoid obscuring the purpose of
`the section,thetitle and the abstract. Such simplifications or
`omissions are not intended to limit the scope of the present
`invention.
`
`Broadly speaking, the invention is related to techniques for
`personalizing secure elements in NFC devices to enable vari-
`ous secure transactions over a network (wired and/orwireless
`network). With a personalized secure element (hence secured
`element), techniques for provisioning various applications or
`services are also provided. Interactions among different par-
`ties are managedto effectuate a personalization or provision-
`ing process flawlessly to enable an NFC device for a user
`thereofto start enjoying the convenience of commerce over a
`data network with minimum effort.
`
`As an example of applicationto be provided over a secured
`element, a mechanism is provided to enable devices, espe-
`cially portable devices, to function as an electronic purse
`(e-purse) to conduct transactions over an open network with
`a paymentserver without compromising security. According
`to one embodiment, a device is installed with an e-purse
`manager(i.e., an application). The e-purse manageris con-
`figured to manage various transactions and functions as a
`mechanism to access an emulator therein. Secured financial
`transactions can then be conducted over a wired network, a
`wireless network or a combination ofboth wired and wireless
`network.
`
`According to anotheraspectofthe present invention, secu-
`rity keys (either symmetric or asymmetric) are personalized
`so as to personalize an e-purse and perform a securedtrans-
`action with a paymentserver. In one embodiment, the essen-
`tial data to be personalized into an e-purse include one or
`more operation keys (e.g., a load key and a purchase key),
`default PINs, administration keys (e.g., an unblock PIN key
`and a reload PIN key), and passwords(e.g., from Mifare).
`During a transaction, the security keys are used to establish a
`secured channel between an embedded e-purse and an SAM
`(Security Authentication Module) or a backendserver.
`The present invention may be implemented in various
`forms including a method, a system, an apparatus, a part of a
`system or a computer readable medium. According to one
`embodiment, the present invention is a method for personal-
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 30 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 30 of 41
`
`US 9,240,009 B2
`
`3
`izing a secure element associated with a computing device.
`The method comprisesinitiating data communication with a
`server, sending device information of the secure element in
`respondingto a request from the server after the server deter-
`minesthat the secure elementis registered therewith, wherein
`the device information is a sequence of characters uniquely
`identifying the secure element, and the request is a command
`causing the computing device to retrieve the device informa-
`tion from the secure element, receiving at least a set of keys
`from the server, wherein the keys are generated in the server
`in accordance with the device information ofthe secure ele-
`ment, and storing the set of keys in the secure element to
`facilitate a subsequenttransaction by the computing device.
`According to another embodiment,the present inventionis
`a method for personalizing a secure element associated with
`a computing device. The method comprises receiving an
`inquiry to establish data communication betweena server and
`the computing device, sending a request from the serverto the
`computing device to request device information of the secure
`elementafter the server determines that the computing device
`is registered therewith, wherein the device information is a
`sequence of characters uniquely identifying the secure ele-
`ment, and the request is a commandthat subsequently causes
`the computing deviceto retrieve the device information from
`the secure elementtherein, generating at least a set of keys in
`accordance with the device information received, delivering
`the set of keys through a secured channel over a data network
`to the computing device, wherein the set of keys is caused to
`be stored in the secure element with the computing device,
`and notifying at least a related party that the secure elementis
`now personalized for subsequent trusted transactions.
`According tostill another embodiment, the present inven-
`tion is a methodfor provisioning an application installed in a
`mobile device, the method comprises sending to a server an
`identifier identifying the application together with device
`information of a secure element associated with a mobile
`
`device on whichthe application has been installed, establish-
`ing a secured channel between the secure element and the
`server using a set of key set installed in the secure element,
`receiving data preparedbythe serverto enable the application
`to function as designed on the mobile device; and sending out
`an acknowledgementto a provider of the application about a
`status of the application now being active with the secure
`elementon the mobile device. The data receivedin the mobile
`device includes a user interface of the application per the
`mobile device and a generated application keyset.
`According tostill another embodiment, the present inven-
`tion is a methodfor provisioning an application, the method
`comprises receiving from a mobile device an identifier iden-
`tifying the application together with device information of a
`secure element associated with the mobile device on which
`the application has been installed, establishing a secured
`channel between the secure elementand theserver using a set
`of key set installed on the secure element, preparing data
`necessary for the application to function as designed on the
`mobile device, transporting the data from the server to enable
`the application via the secured channel; and notifying a pro-
`vider of the application about a status of the application now
`active with the secure element on the mobile device.
`
`According to yet another embodiment, the present inven-
`tion is a mobile device for conducting a transaction over a
`network, the mobile device comprises a network interface, a
`secure element, a memory spacefor storing at least a module
`and an application downloadedfrom the network, a processor
`coupled to the memory space and configured to execute the
`module to cause operations including verifying whether the
`application has been provisioned. Whenit is verified that the
`
`5
`
`10
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`4
`application has not been provisioned, the operations further
`comprise sending to a server via the network interface an
`identifier identifying the application together with device
`information ofa secure element, establishing a secured chan-
`nel between the secure elementandthe server using a key set
`installed on the secure element, wherein theserver is config-
`ured to prepare data necessary for the application to function
`as designed on the mobile device, receiving the data from the
`server to associate the application with the secure element,
`and sending out an acknowledgement to a provider of the
`application abouta status of the application that is now active
`with the secure element. The processoris further configured
`to determine if the secure element has been personalized
`before performing a provisioning process ofthe application.
`If the secure element has not been personalized, the mobile
`device is caused to personalize the secure element with a
`designed server.
`Oneofthe objects, features, and advantages of the present
`invention is to enable a mobile device that can be used to
`
`perform a secured transaction with a party(e.g., at a point of
`sale, with a commercial server or accessing remotely) over an
`unsecured network (e.g., the Internet).
`Other objects, features, and advantages of the present
`invention, which will become apparent upon examining the
`following detailed description of an embodiment thereof,
`taken in conjunction with the attached drawings.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The invention will be readily understood by the following
`detailed description in conjunction with the accompanying
`drawings, wherein like reference numerals designate like
`structural elements, and in which:
`FIG. 1A showsa simplified architecture of an NFC-en-
`abled mobile device with a secure element (SE);
`FIG. 1B showsa flowchart or process of personalizing an
`SE according to one embodimentof the present invention;
`FIG. 1C showsrelationships among an SE manufacturer, a
`TSM admin and the TSM system for both offline and online
`modes;
`FIG. 1D illustrates data flows among a user for an NFC
`device (e.g., an NFC mobile phone), the NFC deviceitself, a
`TSMserver, a corresponding SE manufacturer and an SE
`issuer;
`FIG. 1E showsa data flowchart or processof personalizing
`data flow amongthree entities: a land-based SAM ora net-
`work e-purse server, an e-purse acting as a gatekeeper, and a
`single function tag, according to one embodiment;
`FIG. 2A shows a mobile payment ecosystem in which
`related parties are shown in order for the mobile payment
`ecosystem successful;
`FIG. 2B showsa flowchart or process of provisioning one
`or more applications according to one embodiment;
`FIG. 2C showsa data flow illustrating various interactions
`among different parties when an application is being provi-
`sioned in one embodiment;
`FIG. 2D showsa data flow among different entities when
`preparing the application data in provisioning an application;
`FIG. 2E shows a flowchart or process for locking or dis-
`abling an installed application;
`FIG. 2F shows an exemplary architecture diagram of a
`portable device enabled as an e-purse conducting e-com-
`merce and m-commerce, according to one embodimentofthe
`present invention;
`FIG.3A is a block diagram of related modules interacting
`with each other to achieve whatis referred to herein as e-purse
`
`
`
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 31 of 41
`Case 6:21-cv-00916-ADA Document 134-5 Filed 02/06/23 Page 31 of 41
`
`US 9,240,009 B2
`
`6
`places in the specification are not necessarily all referring to
`the same embodiment, norare separate or alternative embodi-
`ments mutually exclusive of other embodiments. Further, the
`order of blocks in process, flowcharts o