公开(公告)号：US11068883B2

公开(公告)日：2021-07-20

申请号：US15482478

申请日：2017-04-07

Applicant: Apple Inc.

Inventor： David T. Haggerty ,  Ahmer A. Khan ,  Christopher B. Sharp ,  Jerrold Von Hauck ,  Joakim Linde ,  Kevin P. McLaughlin ,  Mehdi Ziat ,  Yousuf H. Vaid

IPC: G06Q20/36 ,  G06Q20/38 ,  G06Q20/32 ,  G06Q20/12 ,  G06Q20/34

Abstract: Methods and apparatus for the deployment of financial instruments and other assets are disclosed. In one embodiment, a security software protocol is disclosed that guarantees that the asset is always securely encrypted, that one and only one copy of an asset exists, and the asset is delivered to an authenticated and/or authorized customer. Additionally, exemplary embodiments of provisioning systems are disclosed that are capable of, among other things, handling large bursts of traffic (such as can occur on a so-called “launch day” of a device).

公开(公告)号：US20160232521A1

公开(公告)日：2016-08-11

申请号：US15017419

申请日：2016-02-05

Applicant: Apple Inc.

Inventor： Christopher B. Sharp ,  Yousuf H. Vaid ,  Vineet Chadha ,  Matthew C. Byington ,  Bhaskar Korlipara

IPC: G06Q20/38

CPC classification number: G06Q20/3821 ,  G06Q20/02 ,  G06Q20/3224 ,  G06Q20/3229

Abstract: An electronic device may attempt to provision an unprovisioned credential, such as a payment instrument, by providing a message with information specifying the unprovisioned credential to a first computer. This first computer may be associated with a first region in which: a first provisioned credential of a user is supported, the user has registered, and the user can conduct transactions based on the first provisioned credential. However, the unprovisioned credential may be supported in or otherwise associated with a second region. Consequently, the electronic device may receive, from the first computer, redirect information that specifies a second computer associated with the second region. In response, the electronic device can provide the message to the second computer. Further, the electronic device can communicate provisioning information for the unprovisioned credential with the second computer, so the credential can be provisioned.

Abstract translation: 电子设备可以通过向第一计算机提供具有指定未提供的证书的信息的消息来尝试提供未提供的证书，例如支付工具。 该第一计算机可以与第一区域相关联，其中：支持用户的第一提供凭据，用户已经注册，并且用户可以基于第一提供凭证进行交易。 然而，未提供的凭证可能在第二个地区支持或以其他方式与第二个地区相关联。 因此，电子设备可以从第一计算机接收指定与第二区域相关联的第二计算机的重定向信息。 作为响应，电子设备可以向第二计算机提供消息。 此外，电子设备可以与第二计算机通信用于未配置凭证的供应信息，因此可以提供凭证。

公开(公告)号：US20150193764A1

公开(公告)日：2015-07-09

申请号：US14474773

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： David T. Haggerty ,  George R. Dicker ,  Ahmer A. Khan ,  Christopher B. Sharp ,  Timothy S. Hurley ,  Vineet Chadha

IPC: G06Q20/32 ,  H04W8/22 ,  G06Q20/40

CPC classification number: G06Q20/3226 ,  G06Q20/322 ,  G06Q20/40 ,  G06Q20/4014 ,  H04W8/22

Abstract: If a user loses an electronic device that has the capability to conduct financial transactions, the user may report that the electronic device is lost using a lost-device software application to a management electronic device associated with a provider of the electronic device. In response to receiving this information, a disabling command is sent to a payment network associated with the financial account of the user to temporarily disable use of the electronic device to conduct the financial transactions. In particular, the electronic device may include a secure element that stores a payment applet for a financial account, and the disabling command may disable a mapping from a virtual identifier for the financial account to a financial primary account number. Subsequently, if the user finds the electronic device, the user may re-enable the capability (and, thus, the mapping) by providing authentication information to the electronic device.

Abstract translation: 如果用户丢失了具有进行金融交易能力的电子设备，则用户可以使用丢失的设备软件应用向与电子设备的提供商相关联的管理电子设备报告电子设备丢失。 响应于接收到该信息，禁用命令被发送到与用户的财务帐户相关联的支付网络，以暂时禁止使用电子设备进行金融交易。 特别地，电子设备可以包括存储用于金融帐户的支付小应用程序的安全元件，并且禁用命令可以禁用从财务帐户的虚拟标识符到财务主帐号的映射。 随后，如果用户发现电子设备，则用户可以通过向电子设备提供认证信息来重新启用能力（并且因此映射）。

公开(公告)号：US20150142665A1

公开(公告)日：2015-05-21

申请号：US14475128

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： George R. Dicker ,  Christopher B. Sharp ,  Ahmer A. Khan ,  Yousuf H. Vaid ,  Glen W. Steele ,  Christopher D. Adams ,  David T. Haggerty

IPC: G06Q20/38 ,  G06Q20/32

CPC classification number: G06Q20/0453 ,  G06Q20/322 ,  G06Q20/385

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device. The electronic device may also associate receipt information, which is subsequently received from a third party (such as the payment network), with the financial transaction by comparing the determined unique transaction identifier to the computed unique transaction identifier.

Abstract translation: 为了通过电子设备和另一电子设备之间的无线通信进行金融交易，电子设备基于传送到另一电子设备的金融账户信息确定用于金融交易的唯一交易标识符。 财务账户信息指定用于支付金融交易的金融账户。 此外，唯一交易标识符可能能够由与金融交易相关联的一个或多个其他实体（诸如金融交易中的交易对手或处理金融交易支付的支付网络）独立计算， 由便携式电子设备传送的帐户信息。 电子设备还可以将随后从第三方（例如支付网络）接收到的接收信息与金融交易相关联，通过将确定的唯一交易标识符与所计算的唯一交易标识符进行比较。

公开(公告)号：US20140222688A1

公开(公告)日：2014-08-07

申请号：US14174791

申请日：2014-02-06

Applicant: APPLE INC.

Inventor： David T. Haggerty ,  Ahmer A. Khan ,  Christopher B. Sharp ,  Jerrold Von Hauck ,  Joakim Linde ,  Kevin P. McLaughlin ,  Mehdi Ziat ,  Yousuf H. Vaid

IPC: G06Q20/36 ,  G06Q20/38

CPC classification number: G06Q20/36 ,  G06Q20/1235 ,  G06Q20/3227 ,  G06Q20/3552 ,  G06Q20/382

Abstract: Methods and apparatus for the deployment of financial instruments and other assets are disclosed. In one embodiment, a security software protocol is disclosed that guarantees that the asset is always securely encrypted, that one and only one copy of an asset exists, and the asset is delivered to an authenticated and/or authorized customer. Additionally, exemplary embodiments of provisioning systems are disclosed that are capable of, among other things, handling large bursts of traffic (such as can occur on a so-called “launch day” of a device).

Abstract translation: 披露部署金融工具和其他资产的方法和手段。 在一个实施例中，公开了一种安全软件协议，其保证资产始终被安全地加密，存在资产的仅一个和仅一个副本，并且该资产被传递给认证的和/或授权的客户。 此外，公开供应系统的示例性实施例，其能够处理大量业务突发（例如可能发生在设备的所谓“启动日”）。

公开(公告)号：US11250421B2

公开(公告)日：2022-02-15

申请号：US15017419

申请日：2016-02-05

Applicant: Apple Inc.

Inventor： Christopher B. Sharp ,  Yousuf H. Vaid ,  Vineet Chadha ,  Matthew C. Byington ,  Bhaskar Korlipara

IPC: G06Q20/38 ,  G06Q20/32 ,  G06Q20/02

Abstract: An electronic device may attempt to provision an unprovisioned credential, such as a payment instrument, by providing a message with information specifying the unprovisioned credential to a first computer. This first computer may be associated with a first region in which: a first provisioned credential of a user is supported, the user has registered, and the user can conduct transactions based on the first provisioned credential. However, the unprovisioned credential may be supported in or otherwise associated with a second region. Consequently, the electronic device may receive, from the first computer, redirect information that specifies a second computer associated with the second region. In response, the electronic device can provide the message to the second computer. Further, the electronic device can communicate provisioning information for the unprovisioned credential with the second computer, so the credential can be provisioned.

公开(公告)号：US11042846B2

公开(公告)日：2021-06-22

申请号：US14475128

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： George R. Dicker ,  Christopher B. Sharp ,  Ahmer A. Khan ,  Yousuf H. Vaid ,  Glen W. Steele ,  Christopher D. Adams ,  David T. Haggerty

IPC: G06Q20/38 ,  G06Q20/04 ,  G06Q20/32

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device. The electronic device may also associate receipt information, which is subsequently received from a third party (such as the payment network), with the financial transaction by comparing the determined unique transaction identifier to the computed unique transaction identifier.

公开(公告)号：US11037131B2

公开(公告)日：2021-06-15

申请号：US14474787

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Yousuf H. Vaid ,  George R. Dicker ,  Ahmer A. Khan ,  Christopher B. Sharp ,  Glen W. Steele ,  Christopher D. Adams ,  David T. Haggerty

IPC: G06Q20/32 ,  G06Q20/02 ,  G06Q20/04 ,  G06Q20/10

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, a secure element in the electronic device receives, from a third party, a notification associated with a financial transaction. This third party may be independent of a counterparty in the financial transaction, such as: a provider of the electronic device or a payment network that processes payment for the financial transaction. In response to the notification, the secure element requests, from the third party, receipt information associated with the financial transaction, and then receives the receipt information from the third party. This receipt information may include a first-level information, such as payment status. Alternatively or additionally, the receipt information may include a second-level information, such as an itemized list of purchased items, links to information and/or discounts.

公开(公告)号：US10405181B2

公开(公告)日：2019-09-03

申请号：US15876875

申请日：2018-01-22

Applicant: Apple Inc.

Inventor： Li Li ,  Xiangying Yang ,  Jerrold Von Hauck ,  Christopher B. Sharp ,  Yousuf H. Vaid ,  Arun G. Mathias ,  David T. Haggerty ,  Najeeb M. Abdulrahiman

IPC: H04W12/06 ,  H04L29/06 ,  H04L12/24

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.

公开(公告)号：US09877193B2

公开(公告)日：2018-01-23

申请号：US15076527

申请日：2016-03-21

Applicant: Apple Inc.

Inventor： Li Li ,  Xiangying Yang ,  Jerrold Von Hauck ,  Christopher B. Sharp ,  Yousuf H. Vaid ,  Arun G. Mathias ,  David T. Haggerty ,  Najeeb M. Abdulrahiman

IPC: H04M1/66 ,  H04M1/68 ,  H04M3/16 ,  H04W12/06 ,  H04L29/06 ,  H04L12/24

CPC classification number: H04W12/06 ,  H04L41/28 ,  H04L63/083 ,  H04L63/0838 ,  H04L63/0853

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.