-
公开(公告)号:US11443028B2
公开(公告)日:2022-09-13
申请号:US16578198
申请日:2019-09-20
Applicant: Apple Inc.
Inventor: Matthias Lerch , Florian Galdo
Abstract: A device implementing a digital credential revocation system includes at least one processor configured to maintain a valid digital credential list, a revocation list, and a synchronization counter value. The at least one processor is configured to transmit a request to synchronize the valid digital credential list with an electronic device, the request including the valid digital credential list and the revocation list. The at least one processor is further configured to, in response to receipt of an updated valid digital credential list from the electronic device: clear the revocation list, replace the valid digital credential list with the updated valid digital credential list, and increment the synchronization counter value, and fulfill a received credential maintenance request when the received credential maintenance request comprises an other synchronization counter value that is greater than or equal to the incremented synchronization counter value, otherwise deny the received credential maintenance request.
-
公开(公告)号:US20210250355A1
公开(公告)日:2021-08-12
申请号:US17251140
申请日:2019-06-07
Applicant: Apple Inc.
Inventor: Florian Galdo , Stephanie R. Martin , Yannick L. Sierra , Ivan Krstic , Christopher A. Volkert , Najeeb M. Abdulrahiman , Matthias Lerch , Onur E. Tackin , Kyle C. Brogle
Abstract: Techniques are disclosed relating to sharing access to electronically-secured property. In some embodiments, a first computing device having a first secure element receives, from a second computing device associated with an owner of the electronically-secured property, an indication that the second computing device has transmitted a token to server computing system, the token permitting a user of the first computing device access to the electronically-secured property. Based on the received indication, the first computing device sends a request for the transmitted token to the server computing system and, in response to receiving the requested token, securely stores the received token in the first secure element of the first computing device. The first computing device subsequently transmits the stored token from the first secure element of the first device to the electronically-secured property to obtain access to the electronically-secured property based on the token.
-
公开(公告)号:US11074582B2
公开(公告)日:2021-07-27
申请号:US15709925
申请日:2017-09-20
Applicant: Apple Inc.
Inventor: Herve Sibert , Oren M. Elrad , Jerrold V. Hauck , Onur E. Tackin , Zachary A. Rosen , Matthias Lerch
IPC: G06Q20/14 , G06Q20/10 , G06Q20/40 , G06Q20/38 , G06F16/182 , G06Q20/32 , G06Q20/20 , G06F21/32 , G06F21/31 , H04W12/065 , H04W12/06 , H04L9/32
Abstract: Techniques are disclosed relating to secure data storage. In various embodiments, a mobile device includes a wireless interface, a secure element, and a secure circuit. The secure element is configured to store confidential information associated with a plurality of users and to receive a request to communicate the confidential information associated with a particular one of the plurality of users. The secure element is further configured to communicate, via the wireless interface, the confidential information associated with the particular user in response to an authentication of the particular user. The secure circuit is configured to perform the authentication of the particular user. In some embodiments, the mobile device also includes a biosensor configured to collect biometric information from a user of the mobile device. In such an embodiment, the secure circuit is configured to store biometric information collected from the plurality of users by the biosensor.
-
公开(公告)号:US10972911B2
公开(公告)日:2021-04-06
申请号:US15718242
申请日:2017-09-28
Applicant: Apple Inc.
Inventor: Matthias Lerch , Florian Galdo
IPC: G06F7/04 , G06F15/16 , H04L29/06 , H04W12/06 , H04W12/12 , H04W76/10 , G06Q20/38 , G06Q20/22 , G06Q20/32 , G06Q20/20 , G01S5/14 , H04W4/80
Abstract: The present disclosure includes an electronic device for selecting a credential based at least in part on location information. The electronic device can include a secure transaction subsystem and a processor. The secure transaction subsystem can be configured to store a plurality of credentials. The processor can be communicatively coupled to the secure transaction subsystem and configured to receive the location information from one or more radios. Further, the processor can be configured to determine that a distance between the electronic device and a terminal is less than a predetermined distance based on the location information. In response to determining the distance between the electronic device and the terminal is less than the predetermined distance, the processor can be configured to select the credential from the plurality of credentials based at least in part on the type of terminal.
-
公开(公告)号:US12139104B2
公开(公告)日:2024-11-12
申请号:US17716843
申请日:2022-04-08
Applicant: Apple Inc.
Inventor: Matthias Lerch , Gordon Y Scott , Najeeb M Abdulrahiman , Oren M Elrad
Abstract: An electronic device that at least semi-automatically performs car-key pairing is described. During operation, the electronic device may perform wireless pairing with a second electronic device (e.g., a vehicle), where the wireless pairing establishes a connection between the electronic device and the second electronic device. Moreover, during the wireless pairing, the electronic device may receive information associated with the car-key pairing of the electronic device and the second electronic device. Then, after the wireless pairing is completed, the electronic device may determine that the car-key pairing is supported or available based at least in part on the information. Next, the electronic device may selectively and at least semi-automatically perform the car-key pairing based at least in part on the information, where the car-key pairing enables the electronic device to function as a digital key for the second electronic device using wireless communication via the wireless pairing or another communication protocol.
-
Patent Agency Ranking
公开(公告)号:US20240185245A1
公开(公告)日:2024-06-06
申请号:US18487723
申请日:2023-10-16
Applicant: Apple Inc.
Inventor: Herve Sibert , Oren M. Elrad , Jerrold V. Hauck , Onur E. Tackin , Zachary A. Rosen , Matthias Lerch
IPC: G06Q20/40 , G06F21/31 , G06F21/32 , G06Q20/20 , G06Q20/32 , G06Q20/38 , H04L9/32 , H04W12/06 , H04W12/065
CPC classification number: G06Q20/40145 , G06F21/31 , G06F21/32 , G06Q20/204 , G06Q20/3278 , G06Q20/382 , G06Q20/4014 , H04L9/3231 , H04W12/065 , H04W12/068
Abstract: Techniques are disclosed relating to secure data storage. In various embodiments, a mobile device includes a wireless interface, a secure element, and a secure circuit. The secure element is configured to store confidential information associated with a plurality of users and to receive a request to communicate the confidential information associated with a particular one of the plurality of users. The secure element is further configured to communicate, via the wireless interface, the confidential information associated with the particular user in response to an authentication of the particular user. The secure circuit is configured to perform the authentication of the particular user. In some embodiments, the mobile device also includes a biosensor configured to collect biometric information from a user of the mobile device. In such an embodiment, the secure circuit is configured to store biometric information collected from the plurality of users by the biosensor.
-
公开(公告)号:US11888594B2
公开(公告)日:2024-01-30
申请号:US17479571
申请日:2021-09-20
Applicant: Apple Inc.
Inventor: Florian Galdo , Arun G. Mathias , Matthias Lerch , Najeeb M. Abdulrahiman , Onur E. Tackin , Yannick Sierra
CPC classification number: H04L9/3263 , H04L9/0841 , H04L9/3247 , H04L63/0823
Abstract: Techniques are disclosed relating to electronic security, e.g., for authenticating a mobile electronic device to allow access to system functionality (e.g., physical access to the system, starting an engine/motor, etc.). In some embodiments, a system and mobile device exchange public keys of public key pairs during a pairing process. In some embodiments, an asymmetric transaction process includes generating a shared secret using a key derivation function over a key established using a secure key exchange (e.g., elliptic curve Diffie-Hellman), and verifying a signature of the system before transmitting any information identifying the mobile device. In various embodiments, disclosed techniques may increase transaction security and privacy of identifying information.
-
公开(公告)号:US20220078029A1
公开(公告)日:2022-03-10
申请号:US17479571
申请日:2021-09-20
Applicant: Apple Inc.
Inventor: Florian Galdo , Arun G. Mathias , Matthias Lerch , Najeeb M. Abdulrahiman , Onur E. Tackin , Yannick Sierra
Abstract: Techniques are disclosed relating to electronic security, e.g., for authenticating a mobile electronic device to allow access to system functionality (e.g., physical access to the system, starting an engine/motor, etc.). In some embodiments, a system and mobile device exchange public keys of public key pairs during a pairing process. In some embodiments, an asymmetric transaction process includes generating a shared secret using a key derivation function over a key established using a secure key exchange (e.g., elliptic curve Diffie-Hellman), and verifying a signature of the system before transmitting any information identifying the mobile device. In various embodiments, disclosed techniques may increase transaction security and privacy of identifying information.
-
公开(公告)号:US11190507B2
公开(公告)日:2021-11-30
申请号:US16267314
申请日:2019-02-04
Applicant: Apple Inc.
Inventor: Matthias Lerch , Florian Galdo
Abstract: A device implementing a trusted device establishment system includes at least one processor configured to receive, via a direct wireless connection and from an other device, a public key associated with the other device and an indication of a data item previously provided to the other device via an out-of-band channel. The at least one processor is further configured to verify that the indication of the data item corresponds to the data item previously provided to the other device, and store, in a secure memory region, the public key in association with an identifier corresponding to the other device when the indication of the data item is verified. The at least one processor is further configured to authorize the public key to access a secure device based at least in part on the public key being stored in the secure memory region.
-
公开(公告)号:US10579997B2
公开(公告)日:2020-03-03
申请号:US15941705
申请日:2018-03-30
Applicant: Apple Inc.
Inventor: Herve Sibert , Onur E. Tackin , Matthias Lerch , Ahmer A. Khan , Franck Rakotomalala , Oren M. Elrad
Abstract: Techniques are disclosed relating to authenticate a user with a mobile device. In one embodiment, a computing device includes a short-range radio and a secure element. The computing device reads, via the short-range radio, a portion of credential information stored in a circuit embedded in an identification document issued by an authority to a user for establishing an identity of the user. The computing device issues, to the authority, a request to store the credential information, the request specifying the portion of the credential information. In response to an approval of the request, the computing device stores the credential information in the secure element, the credential information being usable to establish the identity of the user. In some embodiments, the identification document is a passport that includes a radio-frequency identification (RFID) circuit storing the credential information, and the request specifies a passport number read from the RFID circuit.
-
-
-
-
-
-
-
-
-
Search Results
31
records
(took 0.018 seconds)
