Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 1 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 1 of 40
`
`
`
`
`EXHIBIT D
`EXHIBIT D
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 1 of 40
`
`
`
`
`EXHIBIT D
`EXHIBIT D
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 2 of 40
`ee” STATAATTA
`
`US009240009B2
`
`a2) United States Patent
`US 9,240,009 B2
`(0) Patent No.:
`Jan. 19, 2016
`(45) Date of Patent:
`Kohet al.
`
`(54)
`
`(75)
`
`(73)
`
`MOBILE DEVICES FOR COMMERCE OVER
`UNSECURED NETWORKS
`
`Inventors: Liang Seng Koh, Fremont, CA (US);
`Hsin Pan, Fremont, CA (US);
`Xiangzhen Xie, Guangdong (CN)
`
`Assignees: Rich House Global Technology Ltd.,
`Shenzhen (CN); RFCyber Corp.,
`Fremont, CA (US)
`
`(*)
`
`Notice:
`
`Subject to any disclaimer, the term ofthis
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 227 days.
`
`(21)
`
`Appl. No.: 13/350,835
`
`(22)
`
`(65)
`
`(63)
`
`Filed:
`
`Jan. 16, 2012
`
`Prior Publication Data
`
`US 201
`
`2/0130839 Al
`
`May24, 2012
`
`Related U.S. Application Data
`
`Continuation-in-part of application No. 11/534,653,
`filed on Sep. 24, 2006, now Pat. No. 8,118,218, and a
`continuation-in-part of application No. 11/739,044,
`filed on Apr. 23, 2007.
`
`(51)
`
`Int. Cl.
`
`G060 20/00
`G060 20/34
`G060 20/36
`G060 30/06
`U.S. Cl.
`
`(52)
`
`(2012.01)
`(2012.01)
`(2012.01)
`(2012.01)
`
`CPC veces G06Q 20/3552 (2013.01); GO6Q 20/352
`(2013.01); G06Q 20/3672 (2013.01); G06Q
`30/0601 (2013.01)
`
`(58) Field of Classification Search
`CPC..... GO6F 21/34; GO7F 7/1008; G06Q 20/341;
`G06Q 20/3674; GO6Q 20/382; G06Q 20/20;
`G06Q 20/32; G06Q 20/367; G06Q 20/3672
`USPC viececesesssesseeseseesensees 235/379, 380, 451, 492
`See application file for complete search history.
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`8,725,632 B2*
`
`5/2014 Tompkins .............. G06Q 20/12
`705/39
`2/2004 Takayamaetal. ............ 713/180
`2004/0039919 Al*
`8/2005 Labrouetal. .......
`bees 705/40
`2005/0187873 Al*
`
`7/2006 Shenfieldet al.
`. 709/250
`2006/0168355 Al*
`
`6/2007 Lawetal. .......
`2007/0125838 Al*
`w. 235/379
`
`w. 235/379
`1/2008 Rackley, III et al.
`2008/0006685 Al*
`3/2009 Jain etal.
`........
`2009/0069051 Al*
`betes 455/558
`2010/0291904 Al* 11/2010 Musfeldtet al.
`beeeeetenes 455/414.1
`
`* cited by examiner
`
`Primary Examiner — Christopher Stanford
`(74) Attorney, Agent, or Firm — Joe Zheng
`
`(57)
`
`ABSTRACT
`
`Techniques for managing modulesor applications installed in
`a mobile device are described. To provide authentic and
`secured transactions with another device, each ofthe installed
`applications is provisioned with a server through data com-
`munication capability in a mobile device. A provisioned
`application is associated with the personalized secure ele-
`ment in the mobile device and workswith a set ofkeys that are
`generated in accordance with a set of keys from the person-
`alized secure element. Further managementof controlling an
`installed application is also described.
`
`17 Claims, 25 Drawing Sheets
`
`Secured
`107
`memory
`405
`
`
`100
` Processor
`
`
`
`
`
`
` Applet
`
`
`
`409
`Card
`interface
`
`Secure Element
`
`
`
`12
`
`110
`
` ¥
`
`
`7~~— 130
`
`
`
`END
`
`
`
`genuine device?
`
`
`
`Communicate with a dedicated server(e.g., a TSM) T-—— 114
`
`
`
`x.
` ¥.
`L_- 116
`Register NFC device with server
`
`
`
`
`Request SE-related information from device {~~ 118
`122
`
`yi
`120
`Z
`&-Purse
` get updated device info
`Application
`Contact SE manufacturer|"eS Update default
`
`information?
`~~
`106
`404
`
`No¥
`p~— 124
`
`"_—* Store the retrieved device info in database
`
`
`
`x
`
`| Generate keys based on the device information 7~—~ 126 x
`
`
`Put the generated keysetinto the SET 128
`Synchronize the keys and device information
`
`with the SE issuer
`
`
`Network interface
`
` NFCcontroller
`
`104
`
`
`
`403
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 3 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 3 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 1 of 25
`
`US 9,240,009 B2
`
`JOSS9001q
`60==psegpounses
`
`eoeelulZo,AsowewSOL
`BORLSJU!YIOMION49|JO4JUODDAN
`
`
`colLOL
`
`ViOld
`
`
`
`JUSWS]>jaiNdaS
`
`esind-3
`
`901
`
`uoneajddy
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 4 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 4 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 2 of 25
`
`US 9,240,009 B2
`
`OLL
`
`vil
`
`LLJOAIOSUUMSdIASPO4NJaysiboy
`
`
`
`
`
`
`
`(INS2'6'9)JaAjaspayeolpapeuyayeolUNUIWOD
`
`
`
` Z901Aapsuinueb~LYVLS
`
`
`
`
`
`
`
`QLLSOIASPWO)UONBLUOJU!PeTBjel-ySisenbey
`
`vat
`
` au)IngtOZ}—~tUONBWUOJUISoIAaPoy]UOpasegshayo}B18UED| fOSEQEIEPUlOJUI
`
`
`SOIASPPOASIIO!OU}B101S
`
`
`9Zi3Sau]o1u!jasAeypeyesouab
`
`
`
`
`
`
`O€L
`
`
`
`
`
`UOEWUOJUIBDIASPpueshayouiSZIUOIYOUAS
`
`
`
`aNa
`
`4aNssiASBuy}YM
`
`Gb‘Old
`
`OL
`
`ZUOHEWIOLUT
`
`
`OjUlSOIASPpeyepdn336
`
`
`
`
`
`
`ynejepayepdy
`SOA
`saunjoejnuewAsjyoeye57col
`
`
`
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 5 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 5 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 3 of 25
`
`US 9,240,009 B2
`
`g720IspeeJdADEPYys)
`
`PAVGLOEOU
`
`
`
`Srnnenreeinriene5
`
`
`
`
`
`
`
`ejepdrGSIynejeq10}yoeouddyyojegsullyo
`
`
`
`
`
`HUSISASWSLJOANIEPMU3S
`
`ISLBISGSPUneeDouloshin
`
`
`
`
`
`
`
`
`
`LUBISAS[AIS]WARDSRATYIRIORI35ISL
`
`
`
`
`
`POSpineWiAIDepJAE
`
`aSeqelepOn
`
`
`
`9L‘SJajepdyqs]ynejeq40)yoeoiddyyoyegauluO
`
`
`
`
`
`heeasec
`
`Seamte:
`
`
`
`
`
`eetnettingpeqodEAR
`
`
`
`MAARneboman
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 6 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 6 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 4 of 25
`
`US 9,240,009 B2
`
`CREMERLS,gLOldpoy
`
`sehedetetatenesBideteteceseaeddehetatntaieietetntaiierstnieiaterenatadatetyeistntntnintaiideiataiaietenenesanieheiedectseaoesnnsstatanceed_neeeetinnerinneinnitintornevttetioies
`
`
`aenee,BEai“3aoe4a
`
`
`
`i:FASTBODENSRO
`
`Ol
`
`joARNTUMGeEHBee't|
`
`
`
`
`
`
`
`3Cpep
`
`
`
`
`
`AGaRasSyeGEN94h
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 7 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 7 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 5 of 25
`
`US 9,240,009 B2
`
`
`
`
`
`ajBuisjobueyy0}spuewiwoDuoHoUnS
`
`
`
`ajbuisaynoexy
`
`OS/
`
`esind-yNddvJOeouenbes
`
`dbSl
`
`
`
`
`
`uonoun4O}SPUBWULUOSsesoyasind-9juawe|duy|
`
`9SvSl
`
`
`
`Jedaeayeseyoind‘dn-do}
`
`
`
`
`
`shezs6e|sseooyaye9seyonssuojesedg
`
`cGL
`
`~2YJOMION
`
`JBAI8S
`
`esind
`
`-puey
`
`paseq
`
`JOWVS
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 8 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 8 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 6 of 25
`
`US 9,240,009 B2
`
`002
`
`
`
`VeSila
`
`OLZ
`
`juewabeuey—NS/_OISPURUDIOIA
`ULOHE]4SIGOIAj“/\OS
`0%NS|éSIOPIADI‘,fSISHE}OU
`SIBPIAGIGa].~,
`902ff\SUOITHSY]
`ddy(O4N)Welshsoog
`
`
`
`juawabeueyBO1AIaSSstodloleaed
`
`SiOplAoidSIOPIADIy0Z
`SIPINGaz/\jeroueul#|
`SOIABC]\\fOO
`idS}WeUIs|y|sequiosqns
`
`anaesaingesjs19sty
`
`wo‘j
`jUusUAeds]igoWA.
`
`
`re:menesiojeisdo
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 9 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 9 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 7 of 25
`
`US 9,240,009 B2
`
`
`
`vee
`
`9”E
`
`ove
`
`Ove
`
`ON
`
`dss|eysu|
`
`8%
`
`“
`
`ass
`
`epayjeysul
`
`VEC
`
`ZUOISIAOIdYes
`
`O02?
`
`LYVLsS
`
`7740Japiaoiduoneajddeay)AON
`
`
`
`
`
`UUMuOHeoNddesuyjosmieyssuy
`
`
`GSSpajfeysulBuisn4geu)YM
`uoyeojddeaujojeyepasedal,
`
`
`
`
`BOIASPOIGOWpalnuop!ou}
`
`jouueUopeinoeseYysiqeysy
`
`
`922|NS]e“6'3)JaAs90SpayeoipapeBUTM
`Bec_Ab‘OldsOOL0}0D
`
`
`CjUIM}}PuesPUROjUlSOIASpPsAdUIayYole
`
`
`J@AJ8SBu}0}UONeORddeau)BusAyQuapl
`
`jaUUBYSUONBOIUNWLUOSeBYsgej|sa
`GS]paaepBuisn4gey)yim
`
`
`j@UUBUOpainoaseBYsiqeisy
`Jenssiau}AynueJasna4}JapUiLUdJJO
`SEYASSu}JON
`
`
`
`peuacisiaoidBuieg
`
`Sax
`
`ve?
`
`0&2
`
`Cpezyeuosied
`
`9E?%
`
`SOX
`
`ON
`
`$!dS$1
`
`pajeioosse
`
`Eddyauljm
`
`déDd
`
`
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 10 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 10 of 40
`
`U.S. Patent
`
`Sheet 8 of 25
`
`US 9,240,009 B2
`
`92‘Old
`
`Agngssanonsasemeso7Guang;L ibsRacise
`
`pbiaygagsey‘ass:
`
`GSSPr
`
`~anuyuays
`
` OSC
`
`
`
`‘bayDeOSIAGarinl
`
`
`
`rdehyPESEACYT
`
`
`
`
`
`“peesaenes)2SJe0085GLBOIGGTBUGOIAx
`
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 11 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 11 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 9 of 25
`
`US 9,240,009 B2
`
`déJd
`
`Lodaeyyepsng
`May
`
`
`
`Aunassacetin“GongEasySegOnyOTi
`aiagei=a;
`Sadaoywer
`
`speduonereuarage1
`
`
`
`Bogusaaaddaydeg|:!iC.Ppay
`
`
`
`REUTERcaeoe|GGZ{[eaionesee|“a-“GharaaeedaseyHidyeissispureasei|/Sleeeneeeeenenneneneenenneneena!
`
`
`
`
`
`RepwoHE
`
`
`
`Senaycpa?0|Bag
`
`DERMOT|
`
`
`
`
`
`
`
`1ROST)SoINarySIGE
`
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 12 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 12 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 10 of 25
`
`US 9,240,009 B2
`
`déSd
`
`
`
`Z1zuoyeojddeayyBuygqesipAqspeesoid4S
`
`
`
`uopesddepaynuep!94}$yO0]ey}FSau}
`
`ble
`
`juawebpajmouyveueyespussFS
`
`
`
`
`
`0120}senbsiUoneledoueSeyeNIUlSOIASpSUL
`
`092
`
`29%
`
`yoo}Wels
`
` lev9eéucneiedo
`
`
`
`
`
`99
`
`YyonsAjUaA,
`
`Zabessaw
`
`
`
`
`
`SdAaP3uiO01(Ndi)PUBLULUICODepuas
`
`
`
`pueuoneoijddeseinoniedeApjuap|
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 13 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 13 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 11 of 25
`
`US 9,240,009 B2
`
`082
`
`déOld
`
`aiqewod
`
`Z8ZSB01Aaq
`
`
`
`
`
`SIBLBJU|SSOPORIUOD|—-ggz
`
`yeuonoun4ajBuis
`
`pueDWes
`
`
`
`jO90}O1gPUeD
`
`1{O00}Oie|
`
`Joyeynuy
`
`yingyeiddy
`
`YMddud
`
`asund-3
`
`asind-3
`
`802
`
`9QZPJIOMSSE>
`
`AW0}ssaooy
`
`vee
`
`BSOISUILUOD-3
`
`SOJSWILUOO-U
`
`
`
`JUSWUOHAUZpesojouy
`
`ueul(uoneLiodsueL
`
`JOS810}S
`
`Ba)
`
`
`
`GOJOWULUODPSSeg-puey
`
`JO}QIeEMpsePYHunsixs
`
`
`jueByqanA
`
`
`
`veedquo
`
`
`
`
`
`Q6¢JapeayssapoejuoD
`
`
`
`MJOMIONuawAeg
`
`062
`
`SIBAIASpue
`
`
`
`
`
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 14 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 14 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 12 of 25
`
`US 9,240,009 B2
`
`VeSl
`
`
`
`CLEjajddy
`
`osund-9
`
`Joyeinuy
`
`SSafjoe|Uuoy
`
`Jepeey
`
`OLE
`
`LLE
`
`
`
`JeBeueyypied
`
`Beeeeeneeeeeeeeeeeeeeeee
`
`Bunsixy
`
`VS
`
`UONEZHPUOSIOd
`
`uoneoiddy
`
`ZOEJBAIOS
`
`esind-8MeN
`
`90EWVS
`
`COE
`
`JQULOSIBg
`
`pazuouiny
`
`© o
`
`O
`
`
`
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 15 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 15 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 13 of 25
`
`US 9,240,009 B2
`
`qeOa
`
`ELE
`jaiddy
`
`esind-a
`
`Joyejnuy
`
`LLE
`
`
`
`seBeueyypied
`
`Nn
`
`Bulsixg
`
`80€weWVS
`
`PZESIBAISS
`
`pueYIOMISN
`
`juauAed
`
`© C
`
`9
`
`gsind-9Man
`
`90¢AWS
`
`ICIN
`
`Coe
`
`
`
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 16 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 16 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 14 of 25
`
`US 9,240,009 B2
`
`JE‘S/d
`
`
`
`
`
`RB9e,pezieuosied,joayeise0}asind-9auleS
`
`GN&3
`
`v9E
`
`SdlAepay)Uljeiddeasind-auepukeWIVSSunsixeay}usemiag|Se}ou}pueWsSunsixsueBIAspiomssed4\\
`
`
`
`
`ajes9uag
`
`
`
`
`
`Jojejnueal;pueprysSuysixeay]usemjeg
`
`
`
`
`
`
`
`zs¢uoHezieuosuadayeniuy
`
`pieoou}WoyG|Se]eyopeay
`
`BSE
`
`9GE
`
`
`
`@dIAapBy)Ulyajddeesund-auepue
`
`O09€
`
`
`
`
`WYSasund-ameuay]usenjagsuidpueshayUOWeIedoesund-aaj}e19Ua5
`
`
`BOIAVPSy}Uljajddeosund-ouepuewysosund-omauueUsEeMjOg
`
`
`
`jouueysANoeseBUSIqeise0}ureLUOpAjundesUOHeONddeesp
`
`
`
`jauueyoAyndeseYUSIqeise0}ulewopAjunoeasuoneayddeesn
`
`
`
`
`
`
`
`
` feolaapayyulyajddeasund-auepueprysuojeyodsueyBuysixeueusamjeg
`
`c9e
`
`
`
`
`
`
`
`q|62)ey)puewsBuysixeau)BIAsoyBjNLUSUeJoShayPeULIOJSUBI]SyesBUSS
`
`
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 17 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 17 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 15 of 25
`
`US 9,240,009 B2
`
`VvSad
`
`
`
`80}@|PIWBu]O]asUOdSSBeSesOdWwODasind-y
`
`OLP
`
`
`
`asuodsaiau)
`
`&PSYLOA
`
`ZipPOLUOAJi‘yuegBuOsuodse0}jsenbe,
`
`eBAeA
`
`
`JajsuedpunyeoyeniulpuejuNoooeBulpuodsaiuco
`
`
`
`PLPyuegey}Woldasuodse,eBaAlgoay
`
`
`
`
`
`90+yojddeasund-9a0)jsenbe&spuas19IGHA
`
`
`
`
`
`JaBeuewasunday]SSeo0e0]Nid
`
`
`
`
`
`vorpyeaBuvayueJayeJeIpiweeIAsenbeseayeniuy
`
`
`
`
`
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 18 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 18 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 16 of 25
`
`US 9,240,009 B2
`
`
`
`
`
`Olyofesseawyompeu&Ulpappequueau)PueMUO4asuodsei
`
`
`
`
`
`
`
`
`
`gLyasind-9ay}0}Wey)PuesPUBSPUBWILUODNG}0eNxXepuedis1e/piyy
`
`OcYy
`
`
`
`
`
`SpUBWUOOSpusspueAOnUaUINeNGdyoY}SeyeAasind-y
`
`
`
`
`
`BojuonoesueyesayepdnpueJoejnNWaoy}O}
`
`GyOld
`
`CN&A
`
`
`
`
`
`UONBOUAAO}e]}JO}pourejasstasuOdselNagyeu}saye
`
`
`
`
`
`veVvjajpiJoyaBessawsnje}s|NJssooonsesje19UayD
`
`
`
`
`
`CCV
`
`
`
`JOAI9sJuBLUAedSU}0}JseNbesWoMjaUBeUl
`
`
`
`
`
`
`
`
`
`asuodsalNGdYVUeSE}EINUUO}JEU}JO{PILUOU}O}]JON!CSA}eIBUayd
`
`
`
`
`
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 19 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 19 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 17 of 25
`
`US 9,240,009 B2
`
`O14
`Il
`
`chy
`
`Buroueul-
`
`yueg
`
`sanafp—Ber
`
`YIOMJONjUSWAeY
`Ovyvor
`SIBAIOSpue
`
`9EP
`
`esind-s
`
`yajddy
`
`
`
`|__|so5eueyy
`
`VICI
`
`asind-a
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 20 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 20 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 18 of 25
`
`US 9,240,009 B2
`
`
`
`006uoneoyddyuoneayddy
`
`
`
`J21PINIjaiddy
`
`
`
`AsoysodayAuoysoday
`
`90SvOG
`
`Alg}9Ig
`
`Asoysodey
`
`Z0S
`
`
`
`LLGVSUoHeolddy
`
`9LSWVSdd
`
`
`
`SUBPIADIBOIAIBS
`
`VLGSIBAIaS
`
`JBAIBSAlopaiq
`
`ZLS
`
`Jemnyen”
`
`¢
`
`SUO}EOIUNLUWOTY
`
`paunoasg
`
`ajqeLog—SLs
`
`02SOMION
`
`jouueyo
`
`v$‘Old
`
`6¢S
`
`ves
`
`
`JUSWE}ypeinoes
`
`22gja\ddyuoneoyjddy
`
`9zgJoBeueypregdd
`
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 21 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 21 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 19 of 25
`
`US 9,240,009 B2
`
`OVSJIPIYyojddyKsoyoauq
`
`
`
`
`—AioysodoyAioysodeyAioysodayy
`
`
`
`9LSWSdd
`
`
`
`LLSWVSUoneoddy
`
`
`
`SIOPIADIBAIS
`
`PLSSI@AIBS
`
`
`
`JaniagAiojooiGq
`
`cLS
`
`
`
`puegesegSd1A9q
`
`ajqeyiodgGe
`
`JOMION™
`
`ulewogStandBegJajndwoD
`
`90SvOS20S
`
`ZSoesSS\"S91MOS
`
`ifZegiaBeueyy
`
`
`
`
`
`6Lgjeuueyo
`
`
`
`OZJIGIWUOHeOddy72gJabeueyys01egpeunoas
`
`
`
`
`
`g¢‘Oldses
`
`
`
`JUsWa|ypaunses
`
`ves
`
`ssajjoe|u0D
`
`12Syajddyuoneorddy97gsaHeueWpeddO270TTTITJepeey/-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 22 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 22 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 20 of 25
`
`US 9,240,009 B2
`
`9S‘Vl
`
`CSG
`
`
`
`jsanbaladiAjasBpuas
`
`
`
`suoyqeaydde/saclAlasAplAdid
`
`
`
`
`
`vSSuonduosqnsuopesegqbuns}
`
`
`
`
`
`99Spajogas|fe}SuIpuepeojumog
`
`8SgpapesufiJojeEjNWapue
`
`
`
`sjajddepapeojuMmopau}azijeuosidg
`
`
`
`
`
`(sjyojdde)suoyeolddesseolnes
`
`
`
`
`
`09SSISIGHANUoHeo|ddepeojumog
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 23 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 23 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 21 of 25
`
`US 9,240,009 B2
`
`V9‘Sid9696016q
`
`69
`
`uoloesuey
`
`aufear
`
`Uay0}-8
`
`peiqeug
`
`IQeHOdjouueyg———7yoyegJO
`
`
`bonedgL9uonesedo
`
`
`069nennececeeeeeeteneeeteeeeedffneenneeeeeecececteeeeeencees!
`
`SUONBOIUNWUIOD>sEINIBD'
`OzGoman_)
`
`
`
`peindesuojoesueyialu}fea
`
`
`
`uonoesuel|SOd
`
`LQJaNIaS
`
`pueqeseg
`
`veg
`
`
`
`yUaWa}ypeunves
`
`6c9
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 24 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 24 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 22 of 25
`
`US 9,240,009 B2
`
`0v9
`
`peunoes
`
`619/jauueuD
`
`
`
`uoyjoesuel]SOdUlEWIOGdqNnd
`
`E19JOAIBSOMEN
`
`LaG
`
`BIQeOd
`
`0€9SSa01Aeq
`
`gegJajndwoy
`
`5$9}]02]U0D
`
`g9Sis
`
`veg
`
`
`
`jUSWW9}qpeunoes
`
`62S
`
`829WVSSOd
`
`
`
`pueqeseg€29WSOd\sepesy
`
`iaBeue.veg
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 25 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 25 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 23 of 25
`
`US 9,240,009 B2
`
`99Dl
`
`
`
`édn-do}awn
`
`Z99
`
` £59é,Uay40}
`
`
`
`dn-do}jenyia10
`
`899dn-do}@Wiopie,d
`
`
`
`j201JOUO
`
`0S9
`
`
`
`Jaseyound@Wold)UayO}]-8UBSASBLIOY
`
`
`
`ZUS}0}-9PIeA
`
`
`
`yBnoudas8y)$
`
`~9ulaouR}eq
`
`
`
`
`
`UdSyO}-8WdJUNOWWepeseuoindjonpeg
`
`
`J@AJ8SpueyoRgO}suOOeSUB.peony
`
`(yo}equlJOUONOesUe.yore)
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 26 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 26 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 24 of 25
`
`US 9,240,009 B2
`
`START
`
`670
`
`Send an initial purchase requestto e-
`token enabled device of a purchaser
`
`674
`
`
`
`
`
`
`
`
`Enough balance
`in e-token
`enabled device?
`
`yes
`
`END
`
`no
`
`672
`
`676
`
`Forward the received responsefrom the e-
`token enabled device to POS SAM
`
`678
`
`6
`
`80
`
`682
`
`Receive a debit request containing a
`MAC from POS SAM
`
`Send the debit request to e-token
`enabled device to debit e-token
`
`Receive debit confirm message including additional
`MACs for transaction verification and settlement
`
`6
`
`84
`
`6
`
`86
`
`Forward the debit confirm message to
`POS SAM for verification
`
`Display transaction after POS SAM
`has recorded the transaction
`
`FIG. 6D
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 27 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 27 of 40
`
`U.S. Patent
`
`Jan. 19, 2016
`
`Sheet 25 of 25
`
`US 9,240,009 B2
`
`hhEe'HWGeqnipag|yuowAedWs
`
`UU
`
`Buneyoy
`
`
`
`aseyoindjayoy
`
`
`
`AJSAEppue
`
`
`
`HuiseyoindSOJOLULUOO-9
`
`jOyOH
`
`
`!9a!aseyoindyeyon1WAISASgeA.OLJ@PIACld
`QOJ@ULUOD-LU'uoHeAIasay|QOIAIOS
`JeyOH-2|@0YOXOog|WW
`
`foNNAia@aiyeppue
`
`
`uojeonddyyzesind-oIGeYOd
` ad|AeqOrajqeyo,
`
`
`Z‘OA
`
`ayeg)
`
`Ul-YOSUD
`
`Jopeoy
`
`vel
`
`
`
`
`
`9Z/JUGWEI9NPeINDes
`
`O]JU0PeJOlsSJex9/]-9
`
`
`*“~oe
`
`
`
`
`
`
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 28 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 28 of 40
`
`US 9,240,009 B2
`
`1
`MOBILE DEVICES FOR COMMERCE OVER
`UNSECURED NETWORKS
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`10
`
`2
`To support this fast evolving business environment, several
`entities including financial institutions, manufactures ofvari-
`ous NFC-enabled mobile phones and software developers, in
`addition to mobile network operators (MNO), become
`involved in the NFC mobile ecosystem. By nature of their
`individual roles, these players need to communicate with
`This application is a continuation-in-part of U.S. patent each other and exchange messagesinareliable and interop-
`
`application Ser. No. 11/534,653 filed on Sep. 24, 2006, now
`erable way.
`USS. Pat. No. 8,118,218, and also a continuation-in-part of
`One of the concerns in the NFC mobile ecosystem is its
`USS. patent application Ser. No. 11/739,044filed on Apr.23,
`security in an open network. Thusthere is a need to provide
`2007, which is a continuation-in-part of U.S. patent applica-
`techniques to personalize a secure element in a contactless
`smart card or an NFC-enabled mobile device so that such a
`tion Ser. No. 11/534,653 filed on Sep. 24, 2006, now U.S. Pat.
`No. 8,118,218.
`
`BACKGROUND
`
`1. Technical Field
`
`The present invention is generally related to commerce
`over networks. Particularly, the present inventionis related to
`techniquesfor personalizing a secure element and provision-
`ing an application such as an electronic purse that can be
`advantageously used in portable devices configured for both
`electronic commerce (a.k.a., e-commerce) and mobile com-
`merce (a.k.a., m-commerce).
`2. Description of the Related Art
`Single functional cards have been successfully used in
`enclosed environments such as transportation systems. One
`example of such single functional cards is MIFAREthat has
`been selected as the most successful contactless smart card
`technology. MIFAREis the perfect solution for applications
`like loyalty and vendingcards, road tolling, city cards, access
`control and gaming.
`However, single functional card applications are deployed
`in enclosed systems, which are difficult to be expandedinto
`other areas such as e-commerce and m-commerce because
`stored values and transaction information are stored in data
`
`storage of each tag that is protected by a set of keys. The
`nature of the tag is that the keys need to be delivered to the
`card for authentication before any data can be accessed during
`a transaction. This constraint makes systems using such tech-
`nology difficult to be expanded to an open environment such
`as the Internet for e-commerce and/or wireless networks for
`
`m-commerce as the delivery of keys over a public domain
`network causes security concerns.
`In general, a smart card, chip card, or integrated circuit card
`(ICC), is any pocket-sized card with embedded integrated
`circuits. A smart card or microprocessor cards contain vola-
`tile memory and microprocessor components. Smart cards
`may also provide strong security authentication for single
`sign-on (SSO) within large organizations. The benefits of
`smart cards are directly related to the volumeof information
`and applications that are programmed for use on a card. A
`single contact/contactless smart card can be programmed
`with multiple banking credentials, medical entitlement, driv-
`er’s license/public transport entitlement, loyalty programs
`and club memberships to namejust a few. Multi-factor and
`proximity authentication can and has been embedded into
`smart cards to increase the security ofall services on the card.
`Contactless smart cards that do not require physical contact
`between card and reader are becoming increasingly popular
`for payment and ticketing applications such as mass transit
`and highway tolls. Such Near Field Communication (NFC)
`between a contactless smart card and a reader presents sig-
`nificant business opportunities when used in NFC-enabled
`mobile phones for applications such as payment, transport
`ticketing, loyalty, physical access control, and other exciting
`new services.
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`device is so secured and personalized whenit comesto finan-
`cial applications or secure transactions. With a personalized
`secure element in an NFC-enabled mobile device, various
`applications or services, such as electronic purse or pay-
`ments, can be realized. Accordingly,there is another need for
`techniquesto provision or manage an application or service in
`connection with a personalized secure element.
`
`SUMMARY
`
`This section is for the purpose of summarizing some
`aspects ofembodimentsofthe present invention andto briefly
`introduce somepreferred embodiments. Simplifications or
`omissionsin this section as well as thetitle and the abstract of
`
`this disclosure may be made to avoid obscuring the purpose of
`the section,thetitle and the abstract. Such simplifications or
`omissions are not intended to limit the scope of the present
`invention.
`
`Broadly speaking, the invention is related to techniques for
`personalizing secure elements in NFC devices to enable vari-
`ous secure transactions over a network (wired and/orwireless
`network). With a personalized secure element (hence secured
`element), techniques for provisioning various applications or
`services are also provided. Interactions among different par-
`ties are managedto effectuate a personalization or provision-
`ing process flawlessly to enable an NFC device for a user
`thereofto start enjoying the convenience of commerce over a
`data network with minimum effort.
`
`As an example of applicationto be provided over a secured
`element, a mechanism is provided to enable devices, espe-
`cially portable devices, to function as an electronic purse
`(e-purse) to conduct transactions over an open network with
`a paymentserver without compromising security. According
`to one embodiment, a device is installed with an e-purse
`manager(i.e., an application). The e-purse manageris con-
`figured to manage various transactions and functions as a
`mechanism to access an emulator therein. Secured financial
`transactions can then be conducted over a wired network, a
`wireless network or a combination ofboth wired and wireless
`network.
`
`According to anotheraspectofthe present invention, secu-
`rity keys (either symmetric or asymmetric) are personalized
`so as to personalize an e-purse and perform a securedtrans-
`action with a paymentserver. In one embodiment, the essen-
`tial data to be personalized into an e-purse include one or
`more operation keys (e.g., a load key and a purchase key),
`default PINs, administration keys (e.g., an unblock PIN key
`and a reload PIN key), and passwords(e.g., from Mifare).
`During a transaction, the security keys are used to establish a
`secured channel between an embedded e-purse and an SAM
`(Security Authentication Module) or a backendserver.
`The present invention may be implemented in various
`forms including a method, a system, an apparatus, a part of a
`system or a computer readable medium. According to one
`embodiment, the present invention is a method for personal-
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 29 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 29 of 40
`
`US 9,240,009 B2
`
`3
`izing a secure element associated with a computing device.
`The method comprisesinitiating data communication with a
`server, sending device information of the secure element in
`respondingto a request from the server after the server deter-
`minesthat the secure elementis registered therewith, wherein
`the device information is a sequence of characters uniquely
`identifying the secure element, and the request is a command
`causing the computing device to retrieve the device informa-
`tion from the secure element, receiving at least a set of keys
`from the server, wherein the keys are generated in the server
`in accordance with the device information ofthe secure ele-
`ment, and storing the set of keys in the secure element to
`facilitate a subsequenttransaction by the computing device.
`According to another embodiment,the present inventionis
`a method for personalizing a secure element associated with
`a computing device. The method comprises receiving an
`inquiry to establish data communication betweena server and
`the computing device, sending a request from the serverto the
`computing device to request device information of the secure
`elementafter the server determines that the computing device
`is registered therewith, wherein the device information is a
`sequence of characters uniquely identifying the secure ele-
`ment, and the request is a commandthat subsequently causes
`the computing deviceto retrieve the device information from
`the secure elementtherein, generating at least a set of keys in
`accordance with the device information received, delivering
`the set of keys through a secured channel over a data network
`to the computing device, wherein the set of keys is caused to
`be stored in the secure element with the computing device,
`and notifying at least a related party that the secure elementis
`now personalized for subsequent trusted transactions.
`According tostill another embodiment, the present inven-
`tion is a methodfor provisioning an application installed in a
`mobile device, the method comprises sending to a server an
`identifier identifying the application together with device
`information of a secure element associated with a mobile
`
`device on whichthe application has been installed, establish-
`ing a secured channel between the secure element and the
`server using a set of key set installed in the secure element,
`receiving data preparedbythe serverto enable the application
`to function as designed on the mobile device; and sending out
`an acknowledgementto a provider of the application about a
`status of the application now being active with the secure
`elementon the mobile device. The data receivedin the mobile
`device includes a user interface of the application per the
`mobile device and a generated application keyset.
`According tostill another embodiment, the present inven-
`tion is a methodfor provisioning an application, the method
`comprises receiving from a mobile device an identifier iden-
`tifying the application together with device information of a
`secure element associated with the mobile device on which
`the application has been installed, establishing a secured
`channel between the secure elementand theserver using a set
`of key set installed on the secure element, preparing data
`necessary for the application to function as designed on the
`mobile device, transporting the data from the server to enable
`the application via the secured channel; and notifying a pro-
`vider of the application about a status of the application now
`active with the secure element on the mobile device.
`
`According to yet another embodiment, the present inven-
`tion is a mobile device for conducting a transaction over a
`network, the mobile device comprises a network interface, a
`secure element, a memory spacefor storing at least a module
`and an application downloadedfrom the network, a processor
`coupled to the memory space and configured to execute the
`module to cause operations including verifying whether the
`application has been provisioned. Whenit is verified that the
`
`5
`
`10
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`4
`application has not been provisioned, the operations further
`comprise sending to a server via the network interface an
`identifier identifying the application together with device
`information ofa secure element, establishing a secured chan-
`nel between the secure elementandthe server using a key set
`installed on the secure element, wherein theserver is config-
`ured to prepare data necessary for the application to function
`as designed on the mobile device, receiving the data from the
`server to associate the application with the secure element,
`and sending out an acknowledgement to a provider of the
`application abouta status of the application that is now active
`with the secure element. The processoris further configured
`to determine if the secure element has been personalized
`before performing a provisioning process ofthe application.
`If the secure element has not been personalized, the mobile
`device is caused to personalize the secure element with a
`designed server.
`Oneofthe objects, features, and advantages of the present
`invention is to enable a mobile device that can be used to
`
`perform a secured transaction with a party(e.g., at a point of
`sale, with a commercial server or accessing remotely) over an
`unsecured network (e.g., the Internet).
`Other objects, features, and advantages of the present
`invention, which will become apparent upon examining the
`following detailed description of an embodiment thereof,
`taken in conjunction with the attached drawings.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The invention will be readily understood by the following
`detailed description in conjunction with the accompanying
`drawings, wherein like reference numerals designate like
`structural elements, and in which:
`FIG. 1A showsa simplified architecture of an NFC-en-
`abled mobile device with a secure element (SE);
`FIG. 1B showsa flowchart or process of personalizing an
`SE according to one embodimentof the present invention;
`FIG. 1C showsrelationships among an SE manufacturer, a
`TSM admin and the TSM system for both offline and online
`modes;
`FIG. 1D illustrates data flows among a user for an NFC
`device (e.g., an NFC mobile phone), the NFC deviceitself, a
`TSMserver, a corresponding SE manufacturer and an SE
`issuer;
`FIG. 1E showsa data flowchart or processof personalizing
`data flow amongthree entities: a land-based SAM ora net-
`work e-purse server, an e-purse acting as a gatekeeper, and a
`single function tag, according to one embodiment;
`FIG. 2A shows a mobile payment ecosystem in which
`related parties are shown in order for the mobile payment
`ecosystem successful;
`FIG. 2B showsa flowchart or process of provisioning one
`or more applications according to one embodiment;
`FIG. 2C showsa data flow illustrating various interactions
`among different parties when an application is being provi-
`sioned in one embodiment;
`FIG. 2D showsa data flow among different entities when
`preparing the application data in provisioning an application;
`FIG. 2E shows a flowchart or process for locking or dis-
`abling an installed application;
`FIG. 2F shows an exemplary architecture diagram of a
`portable device enabled as an e-purse conducting e-com-
`merce and m-commerce, according to one embodimentofthe
`present invention;
`FIG.3A is a block diagram of related modules interacting
`with each other to achieve whatis referred to herein as e-purse
`
`
`
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 30 of 40
`Case 6:22-cv-00697-ADA Document 1-4 Filed 06/28/22 Page 30 of 40
`
`US 9,240,009 B2
`
`6
`places in the specification are not necessarily all referring to
`the same embodiment, norare separate or alternative embodi-
`ments mutually exclusive of other embodiments. Further, the
`order of blocks in process, flowcharts or functional diagrams
`representing one or more embodiments do not inherently
`indicate any particular order nor imply limitations in the
`invention.
`
`5
`personalization by an authorized personnel(a.k.a., personal-
`izing a mobile device or a secure element therein while pro-
`visioning an application);
`FIG. 3B showsa block diagram ofrelated modules inter-
`acting with each other to achi
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
