公开(公告)号：US20160358157A1

公开(公告)日：2016-12-08

申请号：US15243041

申请日：2016-08-22

Applicant: Apple Inc.

Inventor： Ahmer A. KHAN ,  Zachary A. ROSEN ,  Joakim LINDE

IPC: G06Q20/32 ,  G06Q20/10

CPC classification number: G06Q20/325 ,  G06Q20/0453 ,  G06Q20/10 ,  G06Q20/20 ,  G06Q20/322 ,  G06Q20/3227 ,  G06Q20/3278 ,  G06Q20/36 ,  G06Q20/3821 ,  G06Q20/385 ,  G06Q20/425

Abstract: To facilitate conducting a secure transaction via wireless communication between a portable electronic device (such as a smartphone) and another electronic device (such as a point-of-sale terminal), the portable electronic device may, after a final command is received from the other electronic device, determine a unique transaction identifier for the secure transaction. In particular, the final command may be specific to an applet, stored in a secure element in the portable electronic device, which conducts the secure transaction. The secure element may generate the unique transaction identifier based on financial-account information associated with the applet, which is communicated to the other electronic device. Next, the secure element may provide, to a processor in the portable electronic device, an end message for the secure transaction with the unique transaction identifier.

Abstract translation: 为了便于通过便携式电子设备（例如智能电话）和另一电子设备（例如，销售点终端）之间的无线通信进行安全交易，便携式电子设备可以在从 其他电子设备，确定安全事务的唯一事务标识符。 特别地，最终命令可以特定于存储在便携式电子设备中的安全元件中的applet，其执行安全交易。 安全元件可以基于与小应用程序相关联的财务帐户信息生成唯一的事务标识符，该信息通信给另一个电子设备。 接下来，安全元件可以向便携式电子设备中的处理器提供具有唯一事务标识符的安全事务的结束消息。

公开(公告)号：US20160028702A1

公开(公告)日：2016-01-28

申请号：US14872024

申请日：2015-09-30

Applicant: Apple Inc.

Inventor： Ahmer A. KHAN

IPC: H04L29/06 ,  H04W12/04

CPC classification number: H04L63/062 ,  G06F21/72 ,  G06Q20/3229 ,  G06Q20/3829 ,  H04L9/0877 ,  H04L9/0891 ,  H04L9/3234 ,  H04W12/04

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for key management for Issuer Security Domain (ISD) using GlobalPlatform Specifications. A client receives from a server an authorization to update a first ISD keyset. The client encrypts, via a client-side secure element, a second ISD keyset with a server public key. The client sends the encrypted second ISD keyset to the server for updating the first ISD keyset with the encrypted second ISD keyset. Prior to updating, the client generates the first ISD keyset at a vendor and sends the first ISD keyset to the client-side secure element and sends the first ISD keyset encrypted with the server public key to the server. The disclosed method allows for updating of an ISD keyset of which only the client-side secure element and a server have knowledge.

公开(公告)号：US20140019367A1

公开(公告)日：2014-01-16

申请号：US13631838

申请日：2012-09-28

Applicant: APPLE INC.

Inventor： Ahmer A. KHAN ,  Brian J. Tucker ,  David T. Haggerty ,  Scott M. Herz

IPC: G06Q30/06 ,  H04L9/32 ,  H04L9/28

CPC classification number: G06Q30/06 ,  G06Q20/204 ,  G06Q20/322 ,  G06Q20/3227 ,  G06Q20/3278 ,  G06Q20/3829 ,  G06Q20/425 ,  G06Q30/02

Abstract: A commercial transaction method is disclosed. The method first establishes a secure link over a first air interface by a purchasing device. This secure link is between the purchasing device and a point of sale device. The method further identifies a second air interface, which is different from the first air interface, and the second air interface is used to conduct a secure commercial transaction.

Abstract translation: 公开了商业交易方法。 该方法首先通过购买设备在第一空中接口上建立安全链路。 此安全链接位于采购设备和销售点设备之间。 该方法还识别与第一空中接口不同的第二空中接口，并且第二空中接口用于进行安全商业交易。

公开(公告)号：US20240265383A1

公开(公告)日：2024-08-08

申请号：US18615993

申请日：2024-03-25

Applicant: Apple Inc.

Inventor： Manoj K. Thulaseedharan PILLAI ,  Ahmer A. KHAN ,  Thomas ELLIOTT ,  Timothy S. HURLEY ,  Jennifer J. BAILEY ,  David E. BRUDNICKI

IPC: G06Q20/38 ,  G06F21/45 ,  G06Q20/10 ,  G06Q20/12 ,  G06Q20/32 ,  G06Q20/40 ,  H04W12/069

CPC classification number: G06Q20/3829 ,  G06F21/45 ,  G06Q20/102 ,  G06Q20/12 ,  G06Q20/3226 ,  G06Q20/3227 ,  G06Q20/325 ,  G06Q20/3278 ,  G06Q20/382 ,  G06Q20/3823 ,  G06Q20/40 ,  G06Q20/4016 ,  H04W12/069 ,  G06Q2220/00

Abstract: Systems, methods, and computer-readable media for communicating electronic device secure element data over multiple paths for online payments are provided. In one example embodiment, a method includes, inter alia, at a commercial entity subsystem, receiving, from an electronic device, device transaction data that includes credential data indicative of a payment credential on the electronic device for funding a transaction with a merchant subsystem, accessing a transaction identifier, deriving a transaction key based on transaction key data that includes the accessed transaction identifier, transmitting, to one of the merchant subsystem and the electronic device, merchant payment data that includes a first portion of the credential data and the accessed transaction identifier, and sharing, with a financial institution subsystem using the transaction key, commercial payment data that includes a second portion of the credential data that is different than the first portion of the credential data. Additional embodiments are also provided.

公开(公告)号：US20230127816A1

公开(公告)日：2023-04-27

申请号：US18088515

申请日：2022-12-23

Applicant: Apple Inc.

Inventor： Ahmer A. KHAN ,  Joakim LINDE ,  Joseph HAKIM ,  Zachary A. ROSEN

IPC: G06Q20/32 ,  H04W52/02 ,  G07F7/08 ,  G06Q20/36

Abstract: Systems, methods, and computer-readable media for managing near field communications during a low power management mode of an electronic device are provided that may make credentials of a near field communication (“NFC”) component appropriately secure and appropriately accessible while also limiting the power consumption of the NFC component and of other components of the electronic device.

公开(公告)号：US20220101301A1

公开(公告)日：2022-03-31

申请号：US17549847

申请日：2021-12-13

Applicant: Apple Inc.

Inventor： Matthias LERCH ,  Ahmer A. KHAN ,  Oren M. ELRAD ,  Franck RAKOTOMALALA

IPC: G06Q20/32 ,  H04L29/06

Abstract: A device implementing a scalable wireless transaction system includes at least one processor configured to receive, from a wireless transaction system server, a list of wireless transaction group identifiers, and an indication of at least one applet associated with each of the wireless transaction group identifiers. The at least one processor is further configured to receive, from a wireless transaction device, a polling frame that includes one of the wireless transaction device group identifiers. The at least one processor is further configured to select an applet provisioned on a device secure element that is assigned to the wireless transaction group identifier, the assigning being based at least in part on the received list. The at least one processor is further configured to utilize the selected applet to perform a wireless transaction with the wireless transaction device.

公开(公告)号：US20210295282A1

公开(公告)日：2021-09-23

申请号：US17341711

申请日：2021-06-08

Applicant: Apple Inc.

Inventor： George R. DICKER ,  Christopher B. SHARP ,  Ahmer A. KHAN ,  Yousuf H. VAID ,  Glen W. STEELE ,  Christopher D. ADAMS ,  David T. HAGGERTY

IPC: G06Q20/04 ,  G06Q20/32 ,  G06Q20/38

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device. The electronic device may also associate receipt information, which is subsequently received from a third party (such as the payment network), with the financial transaction by comparing the determined unique transaction identifier to the computed unique transaction identifier.

公开(公告)号：US20210026436A1

公开(公告)日：2021-01-28

申请号：US17067599

申请日：2020-10-09

Applicant: Apple Inc.

Inventor： Ahmer A. KHAN ,  Joakim LINDE ,  Joseph HAKIM ,  Zachary A. ROSEN

IPC: G06F1/3234 ,  G06Q20/32 ,  G06F21/35 ,  G06F21/60 ,  H04W52/02 ,  H04W12/06 ,  H04B5/02

Abstract: Systems, methods, and computer-readable media for managing near field communications during a low power management mode of an electronic device are provided that may make credentials of a near field communication (“NFC”) component appropriately secure and appropriately accessible while also limiting the power consumption of the NFC component and of other components of the electronic device.

公开(公告)号：US20200320188A1

公开(公告)日：2020-10-08

申请号：US16840200

申请日：2020-04-03

Applicant: Apple Inc.

Inventor： Irene M. GRAFF ,  Ahmer A. KHAN ,  Christopher SHARP ,  Libor SYKORA ,  Lucia E. BALLARD ,  Rupamay SAHA

IPC: G06F21/45 ,  H04L29/06 ,  H04W12/06

Abstract: A device for controlled identity credential release may include at least one processor configured to receive a request to release an identity credential of a user, the identity credential being stored on the device. The at least one processor may be further configured to authenticate the user associated with the identity credential. The at least one processor may be further configured to, responsive to the authentication, provide at least a portion of the identity credential, such as for display and/or to a terminal device over a direct wireless connection. The at least one processor may be further configured to cause the electronic device to enter a locked state and/or to remain in a locked state, responsive to providing the at least the portion of the identity credential.

公开(公告)号：US20170003954A1

公开(公告)日：2017-01-05

申请号：US15269490

申请日：2016-09-19

Applicant: Apple Inc.

Inventor： Ahmer A. KHAN ,  Joakim Linde ,  Mehdi Ziat

IPC: G06F9/445 ,  G06F21/57 ,  H04L29/08 ,  H04L9/32 ,  H04W12/06 ,  H04W4/00 ,  G06F9/44 ,  G06F21/71

CPC classification number: G06F8/65 ,  G06F21/57 ,  H04L9/3247 ,  H04L67/06 ,  H04L67/306 ,  H04L67/34 ,  H04L67/42 ,  H04W4/60 ,  H04W12/06

Abstract: An electronic device (such as a cellular telephone) automatically installs and personalizes updates to an applet on a secure element in the electronic device. In particular, when a digitally signed update package containing the update is received from an updating device (such as a server), the secure element identifies any previous versions of the applet installed on the secure element. If there are any previously installed versions, the secure element verifies the digital signature of the update package using an encryption key associated with a vendor of the secure element. Then, the secure element uninstalls the previous versions of the applet and exports the associated user data. Next, the secure element installs the update to the applet, and personalizes the new version of the applet using the user data.

Abstract translation: 电子设备（例如蜂窝电话）在电子设备中的安全元件上自动安装并个性化对小应用程序的更新。 特别地，当从更新设备（例如服务器）接收到包含更新的数字签名的更新包时，安全元件识别安装在安全元件上的小应用程序的任何先前版本。 如果有任何先前安装的版本，则安全元件使用与安全元件的供应商相关联的加密密钥验证更新包的数字签名。 然后，安全元素会卸载以前版本的applet并导出关联的用户数据。 接下来，安全元件将更新安装到小程序，并使用用户数据个性化新版本的小应用程序。