公开(公告)号：US12063513B2

公开(公告)日：2024-08-13

申请号：US16680273

申请日：2019-11-11

Applicant: Apple Inc.

Inventor： Matthew C. Byington ,  Christopher Sharp ,  Jeff W. Lin ,  Rahul Narayan Singh ,  Sourabh Dugar ,  Yousuf H. Vaid

IPC: G06Q20/00 ,  G06F8/30 ,  G06F8/60 ,  G06Q20/32 ,  H04L9/08 ,  H04L9/40 ,  H04W12/30

CPC classification number: H04W12/35 ,  G06F8/30 ,  G06F8/60 ,  G06Q20/3226 ,  H04L9/0822 ,  H04L9/0825 ,  H04L9/083 ,  H04L63/0428 ,  H04L9/0869 ,  H04L2209/56

Abstract: A secure trusted service manager provider may include at least one processor configured to provide, to an electronic device, a first script to provision an applet instance corresponding to a third party server, the script including a public key corresponding to the third party server. The at least one processor may be configured to receive, from the electronic device, an encrypted symmetric key and provide the encrypted symmetric key to the third party server, the symmetric key being encrypted with the public key. The at least one processor may be configured to receive, from the third party server, an encrypted data element corresponding to a transaction to be performed by the applet instance, the encrypted data element being encrypted with the symmetric key, generate a second script that includes the encrypted data element and provide, to the electronic device, the second script that includes the encrypted data element.

公开(公告)号：US11250421B2

公开(公告)日：2022-02-15

申请号：US15017419

申请日：2016-02-05

Applicant: Apple Inc.

Inventor： Christopher B. Sharp ,  Yousuf H. Vaid ,  Vineet Chadha ,  Matthew C. Byington ,  Bhaskar Korlipara

IPC: G06Q20/38 ,  G06Q20/32 ,  G06Q20/02

Abstract: An electronic device may attempt to provision an unprovisioned credential, such as a payment instrument, by providing a message with information specifying the unprovisioned credential to a first computer. This first computer may be associated with a first region in which: a first provisioned credential of a user is supported, the user has registered, and the user can conduct transactions based on the first provisioned credential. However, the unprovisioned credential may be supported in or otherwise associated with a second region. Consequently, the electronic device may receive, from the first computer, redirect information that specifies a second computer associated with the second region. In response, the electronic device can provide the message to the second computer. Further, the electronic device can communicate provisioning information for the unprovisioned credential with the second computer, so the credential can be provisioned.

公开(公告)号：US11042846B2

公开(公告)日：2021-06-22

申请号：US14475128

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： George R. Dicker ,  Christopher B. Sharp ,  Ahmer A. Khan ,  Yousuf H. Vaid ,  Glen W. Steele ,  Christopher D. Adams ,  David T. Haggerty

IPC: G06Q20/38 ,  G06Q20/04 ,  G06Q20/32

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device. The electronic device may also associate receipt information, which is subsequently received from a third party (such as the payment network), with the financial transaction by comparing the determined unique transaction identifier to the computed unique transaction identifier.

公开(公告)号：US11037131B2

公开(公告)日：2021-06-15

申请号：US14474787

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Yousuf H. Vaid ,  George R. Dicker ,  Ahmer A. Khan ,  Christopher B. Sharp ,  Glen W. Steele ,  Christopher D. Adams ,  David T. Haggerty

IPC: G06Q20/32 ,  G06Q20/02 ,  G06Q20/04 ,  G06Q20/10

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, a secure element in the electronic device receives, from a third party, a notification associated with a financial transaction. This third party may be independent of a counterparty in the financial transaction, such as: a provider of the electronic device or a payment network that processes payment for the financial transaction. In response to the notification, the secure element requests, from the third party, receipt information associated with the financial transaction, and then receives the receipt information from the third party. This receipt information may include a first-level information, such as payment status. Alternatively or additionally, the receipt information may include a second-level information, such as an itemized list of purchased items, links to information and/or discounts.

公开(公告)号：US20210004454A1

公开(公告)日：2021-01-07

申请号：US16921283

申请日：2020-07-06

Applicant: Apple Inc.

Inventor： Benjamin D. Chester ,  Hubert Greiche ,  Richard W. Heard ,  Yousuf H. Vaid

IPC: G06F21/45 ,  H04L29/06 ,  H04L9/32 ,  G06Q40/02 ,  G06Q30/00 ,  G06Q20/36

Abstract: Systems, methods, and computer-readable media for facilitating frictionless credential provisioning on a user electronic device are provided.

公开(公告)号：US10405181B2

公开(公告)日：2019-09-03

申请号：US15876875

申请日：2018-01-22

Applicant: Apple Inc.

Inventor： Li Li ,  Xiangying Yang ,  Jerrold Von Hauck ,  Christopher B. Sharp ,  Yousuf H. Vaid ,  Arun G. Mathias ,  David T. Haggerty ,  Najeeb M. Abdulrahiman

IPC: H04W12/06 ,  H04L29/06 ,  H04L12/24

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.

公开(公告)号：US10251054B2

公开(公告)日：2019-04-02

申请号：US15698950

申请日：2017-09-08

Applicant: APPLE INC.

Inventor： Mehdi Ziat ,  Christopher Sharp ,  Kevin P. McLaughlin ,  Li Li ,  Jerrold V. Hauck ,  Yousuf H. Vaid

IPC: H04W4/00 ,  H04W8/22 ,  G06F9/445 ,  G06F9/50

Abstract: Systems and methods for validating and applying modifications to a policy control function (PCF) of a station. The methods include generating a PCF package including a modification to a PCF, and determining whether the PCF package is to be transmitted to the station by a first or second entity. The methods further include when the PCF package is to be transmitted by the first entity, including a first signature of the first entity in a deliverer field of the PCF package, and when the PCF package is to be transmitted by the second entity, including the first signature in an owner field and a second signature of the second entity in the deliverer field. The methods further include receiving the PCF package from the first or second entity, determining whether the PCF package is valid, and applying the modification to the PCF when it is determined the PCF package is valid.

公开(公告)号：US09877193B2

公开(公告)日：2018-01-23

申请号：US15076527

申请日：2016-03-21

Applicant: Apple Inc.

Inventor： Li Li ,  Xiangying Yang ,  Jerrold Von Hauck ,  Christopher B. Sharp ,  Yousuf H. Vaid ,  Arun G. Mathias ,  David T. Haggerty ,  Najeeb M. Abdulrahiman

IPC: H04M1/66 ,  H04M1/68 ,  H04M3/16 ,  H04W12/06 ,  H04L29/06 ,  H04L12/24

CPC classification number: H04W12/06 ,  H04L41/28 ,  H04L63/083 ,  H04L63/0838 ,  H04L63/0853

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.

公开(公告)号：US20170272413A1

公开(公告)日：2017-09-21

申请号：US15462301

申请日：2017-03-17

Applicant: Apple Inc.

Inventor： Christopher D. Adams ,  Scott D. Blakesley ,  Jack K. Chung ,  George R. Dicker ,  Glen W. Steele ,  Katherine B. Skinner ,  Yousuf H. Vaid

IPC: H04L29/06

CPC classification number: H04L63/06 ,  G06Q30/0226 ,  H04L63/061 ,  H04L63/0823 ,  H04W4/60 ,  H04W4/80 ,  H04W12/0023 ,  H04W12/04 ,  H04W12/06 ,  H04W12/0806

Abstract: Systems, methods, and computer-readable media for personalizing program credentials are provided. For example, a program credential (e.g., loyalty pass) associated with a program provider (e.g., an issuer) subsystem may be customized using personal data. The personal data can be collected from an electronic device before provisioning the customized program credential on the electronic device for use in a suitable transaction. However, such personal data may not be collected unless an administration entity subsystem is first able to validate the program provider subsystem. The administration entity subsystem can generate tracking data that may be used during the validation and/or provisioning in order to track when program credentials are personalized.

公开(公告)号：US09626520B2

公开(公告)日：2017-04-18

申请号：US14815391

申请日：2015-07-31

Applicant: Apple Inc.

Inventor： Christopher B. Sharp ,  Yousuf H. Vaid ,  Li Li ,  Jerrold Von Hauck ,  Arun G. Mathias ,  Xiangying Yang ,  Kevin P. McLaughlin

IPC: H04L29/06 ,  G06F21/60 ,  H04W12/08

CPC classification number: G06F21/604 ,  H04L63/102 ,  H04L63/105 ,  H04L63/20 ,  H04W12/08

Abstract: A policy-based framework is described. This policy-based framework may be used to specify the privileges for logical entities to perform operations associated with an access-control element (such as an electronic Subscriber Identity Module) located within a secure element in an electronic device. Note that different logical entities may have different privileges for different operations associated with the same or different access-control elements. Moreover, the policy-based framework may specify types of credentials that are used by the logical entities during authentication, so that different types of credentials may be used for different operations and/or by different logical entities. Furthermore, the policy-based framework may specify the security protocols and security levels that are used by the logical entities during authentication, so that different security protocols and security levels may be used for different operations and/or by different logical entities.