公开(公告)号：US09299072B2

公开(公告)日：2016-03-29

申请号：US14475263

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Gregory B. Novick ,  Jerrold V. Hauck ,  Saket R. Vora ,  Yehonatan Perez

IPC: G06K5/00 ,  G06Q20/32 ,  G06Q20/38

CPC classification number: G06Q20/3227 ,  G06Q20/32 ,  G06Q20/3278 ,  G06Q20/352 ,  G06Q20/353 ,  G06Q20/367 ,  G06Q20/382 ,  G06Q20/4018 ,  G06Q20/4097 ,  G06Q20/40975

Abstract: Methods for operating a portable electronic device to conduct a mobile payment transaction at a merchant terminal are provided. The electronic device may verify that the current user of the device is indeed the authorized owner by requiring the current user to enter a passcode. If the user is able to provide the correct passcode, the device is only partly ready to conduct a mobile payment. In order for the user to fully activate the payment function, the user may have to supply a predetermined payment activation input such as a double button press that notifies the device that the user intends to perform a financial transaction in the immediate future. The device may subsequently activate a payment applet for a predetermined period of time during which the user may hold the device within a field of the merchant terminal to complete a near field communications based mobile payment transaction.

Abstract translation: 提供了用于操作便携式电子设备以在商务终端进行移动支付交易的方法。 电子设备可以通过要求当前用户输入密码来验证设备的当前用户确实是授权所有者。 如果用户能够提供正确的密码，则该设备仅部分准备进行移动支付。 为了使用户能够完全启动支付功能，用户可能必须提供预定的支付激活输入，例如双按钮按钮，以在不久的将来通知设备用户打算执行金融交易。 该设备随后可以在预定的时间段内激活支付小应用程序，在该预定时间段期间，用户可以将该设备保存在商家终端的字段内，以完成基于近场通信的移动支付交易。

公开(公告)号：US20150324791A1

公开(公告)日：2015-11-12

申请号：US14475251

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Ahmer A. Khan

IPC: G06Q20/38 ,  G06Q20/36

CPC classification number: G06Q20/3821 ,  G06F21/335 ,  G06F21/42 ,  G06F2221/2107 ,  G06F2221/2153 ,  G06Q20/20 ,  G06Q20/3278 ,  G06Q20/36 ,  G06Q20/3829 ,  H04W4/80 ,  H04W8/20 ,  H04W12/04 ,  H04W12/0608 ,  H04W12/0806

Abstract: Systems, methods, and computer-readable media for efficiently storing credential service provider data in a security domain of a secure element of an electronic device are provided. In one example embodiment, an electronic device may include a secure element that, inter alia, receives credential service provider data from a secure element vendor subsystem, and that encrypts a key of the secure element with the received credential service provider data. The electronic device may also include a communications component that transmits the encrypted key to a credential service provider. Additional embodiments are also provided.

Abstract translation: 提供了用于在电子设备的安全元件的安全域中有效地存储凭证服务提供商数据的系统，方法和计算机可读介质。 在一个示例实施例中，电子设备可以包括安全元件，其特别地，从安全元件供应商子系统接收凭证服务提供商数据，并且利用所接收的凭证服务提供商数据来加密安全元件的密钥。 电子设备还可以包括将加密的密钥发送到凭证服务提供商的通信组件。 还提供了另外的实施例。

公开(公告)号：US20150161587A1

公开(公告)日：2015-06-11

申请号：US14475260

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Joakim Linde ,  Zachary A. Rosen ,  Timothy S. Hurley

IPC: G06Q20/32 ,  G06Q20/40

CPC classification number: G06Q20/3226 ,  G06Q20/02 ,  G06Q20/20 ,  G06Q20/3223 ,  G06Q20/3278 ,  G06Q20/352 ,  G06Q20/385 ,  G06Q20/40

Abstract: Systems, methods, and computer-readable media for provisioning and/or authenticating credentials are provided. In one example embodiment, a financial institution system may be in communication with an electronic device and a merchant subsystem. The financial institution system may be configured to, inter alia, create a link between an actual commerce credential and a virtual commerce credential, provision the virtual commerce credential on the electronic device, after the virtual commerce credential is provisioned on the electronic device, receive a transaction request from the merchant subsystem, identify the virtual commerce credential from the received transaction request, and, in response to the identification of the virtual commerce credential, determine if the link between the actual commerce credential and the virtual commerce credential is authenticated for use in a financial transaction. Additional embodiments are also provided.

Abstract translation: 提供用于供应和/或验证凭证的系统，方法和计算机可读介质。 在一个示例性实施例中，金融机构系统可以与电子设备和商务子系统通信。 金融机构系统可以被配置为除了在电子设备上提供虚拟商业凭证之后，在实际的商业凭证和虚拟商业凭证之间建立链接，在电子设备上提供虚拟商业凭证， 来自商务子系统的交易请求，从接收的交易请求中识别虚拟商业凭证，并且响应于虚拟商业凭证的识别，确定实际商业凭证与虚拟商业凭证之间的链接是否被认证用于 金融交易。 还提供了另外的实施例。

公开(公告)号：US20150149336A1

公开(公告)日：2015-05-28

申请号：US14475273

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： David T. Haggerty ,  George R. Dicker ,  Joakim Linde ,  Ahmer A. Khan ,  Timothy S. Hurley

IPC: G06Q40/02

CPC classification number: G06Q40/02 ,  G06F21/42 ,  G06Q20/3278 ,  G06Q20/354 ,  G06Q20/425 ,  H04L9/3215 ,  H04L2209/56 ,  H04L2209/80

Abstract: Systems, methods, and computer-readable media for provisioning credentials on an electronic device are provided. In one example embodiment, a secure platform system may be in communication with an electronic device and a financial institution subsystem. The secure platform system may be configured to, inter alia, detect a selection of a particular commerce credential, access communication mechanism data indicative of at least one communication mechanism of the device, where the at least one mechanism is configured to receive a communication on the device, transmit information to the financial subsystem, where the information includes the mechanism data and the selection of the particular commerce credential, and instruct the financial subsystem to provision the particular commerce credential in a disabled state on the device and communicate credential enablement data to the device using a particular communication mechanism of the at least one communication mechanism indicated by the communication mechanism data.

Abstract translation: 提供了用于在电子设备上提供凭证的系统，方法和计算机可读介质。 在一个示例性实施例中，安全平台系统可以与电子设备和金融机构子系统通信。 安全平台系统可以被配置为特别地检测对特定商业凭证的选择，指示设备的至少一个通信机制的访问通信机制数据，其中所述至少一个机制被配置为在其上接收通信 设备，将信息传送到财务子系统，其中信息包括机构数据和特定商业凭证的选择，并且指示财务子系统将设备上的特定商业凭证设置为禁用状态，并将凭证启用数据传送到 使用由通信机构数据指示的至少一个通信机制的特定通信机制的设备。

公开(公告)号：US20150142671A1

公开(公告)日：2015-05-21

申请号：US14475113

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： George R. Dicker ,  Christopher B. Sharp ,  Ahmer A. Khan ,  Yousuf H. Vaid ,  Glen W. Steele ,  Christopher D. Adams ,  David T. Haggerty

IPC: G06Q20/38

CPC classification number: G06Q20/382 ,  G06Q20/02 ,  G06Q20/0453 ,  G06Q20/327 ,  G06Q20/3827 ,  G06Q20/385

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device. The electronic device may also associate receipt information, which is subsequently received from a third party (such as the payment network), with the financial transaction by comparing the determined unique transaction identifier to the computed unique transaction identifier.

公开(公告)号：US20150127550A1

公开(公告)日：2015-05-07

申请号：US14475092

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Ahmer A. Khan

IPC: G06Q20/40 ,  G06Q20/32 ,  G06Q20/38

CPC classification number: G06Q20/40145 ,  G06Q20/20 ,  G06Q20/3278 ,  G06Q20/382 ,  G06Q20/4014

Abstract: In order to authenticate a user to facilitate conducting a financial transaction via wireless communication between an electronic device (such as a smartphone) and another electronic device (such as a point-of-sale terminal), the electronic device may securely communicate an authentication-complete indicator to a secure element in the electronic device. In particular, a secure enclave processor in a processor may provide the authentication-complete indicator to the secure element using an encrypted token when received authentication information (such as a biometric identifier of the user) matches stored authentication information. Moreover, an authentication applet in the secure element may decrypt the token, and then may set an authentication-complete flag in an operating system of the secure element based on the authentication-complete indicator. This authentication-complete flag may enable an activated payment applet in the secure element to conduct the financial transaction via wireless communication, such as near-field communication.

Abstract translation: 为了通过电子设备（例如智能电话）和另一电子设备（例如销售点终端）之间的无线通信进行金融交易以验证用户，电子设备可以安全地通信认证 - 完整的指示器到电子设备中的安全元件。 特别地，当接收到的认证信息（诸如用户的生物特征识别符）与存储的认证信息相匹配时，处理器中的安全的包围处理器可以使用加密的令牌向安全元件提供认证完成指示符。 此外，安全元件中的认证小应用程序可以解密令牌，然后可以基于认证完成指示符在安全元件的操作系统中设置认证完成标志。 该认证完成标志可以使得安全元件中的激活的支付小程序能够经由诸如近场通信之类的无线通信进行金融交易。

公开(公告)号：US20150058191A1

公开(公告)日：2015-02-26

申请号：US14092205

申请日：2013-11-27

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  David T. Haggerty ,  George R. Dicker ,  Jerrold V. Hauck ,  Joakim Linde ,  Mitchell D. Adler ,  Zachary A. Rosen ,  Yousuf H. Vaid ,  Christopher Sharp

IPC: G06Q20/42 ,  G06Q20/40

CPC classification number: G06Q20/42 ,  G06F21/35 ,  G06Q20/32 ,  G06Q20/3226 ,  G06Q20/40 ,  G06Q20/4016

Abstract: Systems, methods, and computer-readable media for provisioning credentials on an electronic device are provided. In one example embodiment, a secure platform system may be in communication with an electronic device and a financial institution subsystem. The secure platform system may be configured to, inter alia, receive user account information from the electronic device, authenticate a user account with a commercial entity using the received user account information, detect a commerce credential associated with the authenticated user account, run a commercial entity fraud check on the detected commerce credential, commission the financial institution subsystem to run a financial entity fraud check on the detected commerce credential based on the results of the commercial entity fraud check, and facilitate provisioning of the detected commerce credential on the electronic device based on the results of the financial entity fraud check. Additional embodiments are also provided.

Abstract translation: 提供了用于在电子设备上提供凭证的系统，方法和计算机可读介质。 在一个示例性实施例中，安全平台系统可以与电子设备和金融机构子系统通信。 安全平台系统可以被配置为特别地从电子设备接收用户帐户信息，使用接收到的用户帐户信息向商业实体验证用户帐户，检测与经认证的用户帐户相关联的商业凭证，运行商业广告 实体欺诈检查检测到的商业凭证，委托金融机构子系统根据商业实体欺诈检查的结果对检测到的商业凭证进行金融实体欺诈检查，并促进在电子设备上提供检测到的商业凭证 关于金融实体欺诈检查的结果。 还提供了另外的实施例。