`Case 6:21-cv-00916-ADA Document 43-7 Filed 04/19/22 Page 1of8
`
`EXHIBIT 7
`EXHIBIT 7
`
`
`
`Case 6:21-cv-00916-ADA Document 43-7 Filed 04/19/22 Page 2 of 8
`
`Common Electronic Purse Specifications
`
`Technical Specification
`
`Version 2.3
`
`March 2001
`
`Copyright CEPSCO 1999, 2000, 2001
`All rights reserved
`
`Samsung Ex. 1009, Page 1 of 292
`Samsung Electronics America, Inc. v. RFCyber Corp.
`IPR2021-00979
`APL-RFC0916-PA-00008069
`
`
`
`Case 6:21-cv-00916-ADA Document 43-7 Filed 04/19/22 Page 3 of 8
`
`ii
`
`March 2001
`CEPS Technical Specification version 2.3
`
`TABLE OF CONTENTS
`
`1. REVISION LOG
`
`2. DOCUMENT OVERVIEW
`
`PURPOSE
`2.1
`INTENDED AUDIENCE
`2.2
`INCLUDED IN THIS DOCUMENT
`2.3
`NOT INCLUDED IN THIS DOCUMENT
`2.4
`REFERENCE INFORMATION
`2.5
`2.5.1 Requirement Numbering
`2.5.2 References
`2.5.3 Notational Conventions
`2.6
`DOCUMENT ORGANIZATION
`
`3.
`
`ENTITY OVERVIEW
`
`3.1
`3.1.1
`3.2
`3.3
`3.4
`3.5
`3.6
`3.6.1
`3.6.2
`
`MERCHANT ACQUIRER
`PSAM Creators
`LOAD ACQUIRER
`CARD ISSUER
`FUNDS ISSUER
`PROCESSOR
`SCHEME PROVIDER
`Processor for the Scheme Provider
`Certification Authority
`
`4.
`
`POS DEVICE TRANSACTION OVERVIEW
`
`4.1
`4.2
`
`PURCHASE
`CANCEL LAST PURCHASE
`
`5.
`
`LOAD DEVICE TRANSACTION OVERVIEW
`
`5.1
`5.2
`
`LOAD
`CURRENCY EXCHANGE
`
`6. CERTIFICATES AND SIGNATURES
`
`6.1
`6.2
`6.3
`6.3.2
`6.3.3
`6.4
`6.5
`6.6
`6.7
`
`RETRIEVAL OF CERTIFICATES FROM THE CEP CARD
`PROCESSING CERTIFICATES FROM THE POS DEVICE
`VERIFYING CERTIFICATES
`The CEP Card Certificate Hierarchy
`The PSAM Certificate Hierarchy
`DYNAMIC SIGNATURE VERIFICATION
`CRYPTOGRAPHIC MECHANISMS
`UNLINKED LOAD SECURITY FLOW
`SECURITY FLOW FOR POS DEVICE VALIDATION OF CEP CARDS
`
`7.
`
`SCHEME PROVIDER PROCEDURES
`
`7.1
`7.2
`7.3
`7.4
`7.5
`
`OPERATING RULES AND REGULATIONS
`CERTIFICATION
`CERTIFICATION AUTHORITY MANAGEMENT
`RISK MANAGEMENT
`OPERATING RULES
`
`1
`
`8
`
`8
`9
`10
`10
`10
` 10
` 11
` 12
` 14
`
`16
`
`16
` 17
`17
`20
`21
`21
`22
`22
`23
`
`24
`
`24
`25
`
`26
`
`26
`27
`
`28
`
`28
`31
`32
`33
`37
`41
`41
`43
`44
`
`48
`
`48
`49
`50
`51
`53
`
`Samsung Ex. 1009, Page 2 of 292
`Samsung Electronics America, Inc. v. RFCyber Corp.
`IPR2021-00979
`
`APL-RFC0916-PA-00008070
`
`
`
`Case 6:21-cv-00916-ADA Document 43-7 Filed 04/19/22 Page 4 of 8
`
`264
`
`March 2001
`CEPS Technical Specification version 2.3
`
`20. Glossary
`
`A.
`
`Aggregation
`The total amount, consisting of the sum of all transactions in a given
`batch, is provided to the issuer. Details of the individual transactions that
`make up the total are not provided, or recoverable.
`
`Application
`A computer program and associated data that resides on an integrated
`circuit chip and satisfies a business function. Examples of applications
`include: spreadsheets, word processing, databases, electronic purse,
`loyalty, etc.
`
`Asymmetric Key Cryptography
`See Public Key Cryptography and Encryption.
`
`Auditability
`The ability to quantify an issuer's outstanding value to its initialized value.
`
`Authentication
`A cryptographic process used to validate a user, card, terminal or message
`contents in which one entity proves its identity and the integrity of the data
`it may send to another entity. Also known as a handshake, the
`authentication uses unique data to create a code that can be verified in real
`time or batch mode. An umbrella term for several risk management
`processes that may be performed during chip card transactions.
`
`Samsung Ex. 1009, Page 276 of 292
`Samsung Electronics America, Inc. v. RFCyber Corp.
`IPR2021-00979
`
`APL-RFC0916-PA-00008344
`
`
`
`Case 6:21-cv-00916-ADA Document 43-7 Filed 04/19/22 Page 5 of 8
`
`268
`
`E.
`
`F.
`
`March 2001
`CEPS Technical Specification version 2.3
`
`EMV Specifications
`Technical specifications for credit/debit applications developed
`cooperatively by Europay, MasterCard and Visa (EMV) to create standards
`and ensure global interoperability for the use of chip technology in the
`payments industry.
`
`Error Recovery
`A group of transactions used for correcting certain errors observed during
`processing of normal transactions.
`
`Electronic Purse
`An electronic purse uses an integrated circuit for the storage and
`processing of monetary value that is used for purchase of goods or
`services. It is generally positioned to displace small value coins and cash
`purchase amounts. The card may be disposable or reloadable.
`
`Electronic Value
`The value stored and exchanged in an electronic purse card system. The
`electronic value is offset by hard currency in the specified currency.
`
`Encryption
`The transformation of data into a form unreadable by anyone without a
`secret decryption key.
`
`Funds Card
`The traditional bank card used to purchase a disposable card or load value
`to a reloadable card. The card issued to a cardholder by the funding bank.
`
`Funds Issuer
`The financial institution that domiciles the accounts used to load value to a
`reloadable electronic purse card.
`
`Samsung Ex. 1009, Page 280 of 292
`Samsung Electronics America, Inc. v. RFCyber Corp.
`IPR2021-00979
`APL-RFC0916-PA-00008348
`
`
`
`Case 6:21-cv-00916-ADA Document 43-7 Filed 04/19/22 Page 6 of 8
`
`March 2001
`CEPS Technical Specification version 2.3
`
`275
`
`Purchase Log
`Data in a electronic purse card non-volatile memory used to record
`information on at least the latest purchase transaction.
`
`Purchase Secure Application Module (PSAM)
`A PSAM is a secure device, typically, a chip that is embedded typically on
`a card that resides in a card acceptance device (CAD) or a hardware
`security module (HSM). The PSAM contains security keys and performs
`the functions of authenticating an electronic purse card during a purchase
`transaction and securing the payment and collection totals.
`
`Samsung Ex. 1009, Page 287 of 292
`Samsung Electronics America, Inc. v. RFCyber Corp.
`IPR2021-00979
`APL-RFC0916-PA-00008355
`
`
`
`Case 6:21-cv-00916-ADA Document 43-7 Filed 04/19/22 Page 7 of 8
`
`276
`
`R.
`
`s.
`
`March 2001
`CEPS Technical Specification version 2.3
`
`RSA
`A public key cryptography algorithm developed by mathematicians Rivest,
`Shamir and Adleman of MIT. See Public Key Cryptography and
`Encryption.
`
`Reconciliation
`The process of validating that appropriate credits and debits are processed
`for load and unload transactions. An audit process that ensures that data
`residing on more than one database is in balance.
`
`Refund
`The return of goods by a consumer in exchange for the return of money
`(electronically or otherwise) paid for the goods.
`
`Reloadable Card
`An electronic purse card that has the capability for a consumer to add
`value or unload value from the card.
`
`Repudiate
`The act of rejecting, renouncing or disclaiming a transaction that was
`previously accepted.
`
`Scheme
`An electronic purse card system including the card and terminal
`application, central system, and security.
`
`Scheme Provider
`The electronic purse card authority that defines the program operating
`rules and conditions. The organization is responsible for the overall
`functionality and security of an electronic purse card system.
`
`Samsung Ex. 1009, Page 288 of 292
`Samsung Electronics America, Inc. v. RFCyber Corp.
`IPR2021-00979
`APL-RFC0916-PA-00008356
`
`
`
`Case 6:21-cv-00916-ADA Document 43-7 Filed 04/19/22 Page 8 of 8
`
`March 2001
`CEPS Technical Specification version 2.3
`
`277
`
`Secret Key
`A key used with symmetric cryptographic techniques and usable only by a
`set of specified entities. The key is kept secret at both the originator and
`the recipient locations.
`
`Secure Application Module (SAM)
`A logical device used to provide security for insecure environments. It is
`protected against tampering, and stores secret and/or critical information.
`
`Security Architecture
`The utilization of detailed security mechanisms, including cryptographic
`algorithms and the key management necessary to implement security
`requirements.
`
`Settlement
`A process performed by the system operator. Based on data from purchase
`and load transactions, payment is effected from the system operator to the
`acquirers and in some cases from the load acquirers to the system operator.
`
`Signature
`A cryptographic algorithm used in security protocols to authenticate both
`devices and the integrity of data.
`
`Slot
`A set of data elements associated with a specific currency.
`
`Smart Card
`A card that contains an integrated circuit for data storage and processing.
`A typical smart card chip includes a microprocessor or CPU, ROM (for
`storing operating instructions), RAM (for storing data during processing)
`and EPROM or EEPROM memory for non-volatile storage of information.
`
`Samsung Ex. 1009, Page 289 of 292
`Samsung Electronics America, Inc. v. RFCyber Corp.
`IPR2021-00979
`
`APL-RFC0916-PA-00008357
`
`