知搜-全球专利检索

  1. Login
  2. Sign Up

Search Results

97 records (took 0.025 seconds)

    Apparatuses and Methods for Using a Random Authorization Number to Provide Enhanced Security for a Secure Element
    31.
    发明申请
    Apparatuses and Methods for Using a Random Authorization Number to Provide Enhanced Security for a Secure Element 审中-公开
    使用随机授权号码为安全元素提供增强安全性的设备和方法

    公开(公告)号:US20150348022A1

    公开(公告)日:2015-12-03

    申请号:US14475375

    申请日:2014-09-02

    Applicant: Apple Inc.

    Inventor: Ahmer A. Khan Jerrold V. Hauck George R. Dicker Jeffrey C. Lee Mitchell D. Adler Wade Benson

    IPC: G06Q20/38 G06Q20/40 G06Q20/32

    CPC classification number: G06Q20/385 G06Q20/3226 G06Q20/354 G06Q20/3829

    Abstract: A system for provisioning credentials onto an electronic device is provided. The system may include a payment network subsystem, a service provider subsystem, and one or more user devices that can be used to perform mobile transactions at a merchant terminal. The user device may communicate with the service provider subsystem in order to obtained commerce credentials from the payment network subsystem. The user device may include a secure element and a corresponding trusted processor. The trusted processor may generate a random authorization number and inject that number into the secure element. Mobile payments should only be completed if the random authorization number on the secure element matches the random authorization number at the trusted processor. The trusted processor may be configured to efface the previous random authorization number and generate a new random authorization number when detecting a potential change in ownership at the user device.

    Abstract translation: 提供了一种用于将凭证提供到电子设备上的系统。 系统可以包括支付网络子系统,服务提供商子系统以及可以用于在商家终端执行移动交易的一个或多个用户设备。 用户设备可以与服务提供商子系统通信,以便从支付网络子系统获得商业凭证。 用户设备可以包括安全元件和相应的可信处理器。 可信处理器可以生成随机授权号,并将该号码注入到安全元件中。 仅当安全元素上的随机授权号码与可信处理器上的随机授权号码匹配时,才应完成移动支付。 信任处理器可以被配置为在检测用户设备的所有权的潜在变化时消除先前的随机授权号码并生成新的随机授权号码。

    SECURE PROVISIONING OF CREDENTIALS ON AN ELECTRONIC DEVICE USING ELLIPTIC CURVE CRYPTOGRAPHY
    32.
    发明申请
    SECURE PROVISIONING OF CREDENTIALS ON AN ELECTRONIC DEVICE USING ELLIPTIC CURVE CRYPTOGRAPHY 审中-公开
    使用ELLIPTIC CURVE CRYPTOGRAPHY安全地在电子设备上提供证书

    公开(公告)号:US20150213433A1

    公开(公告)日:2015-07-30

    申请号:US14475227

    申请日:2014-09-02

    Applicant: Apple Inc.

    Inventor: Ahmer A. Khan

    IPC: G06Q20/32 G06Q20/38 H04L9/30

    CPC classification number: G06Q20/3227 G06Q20/3821 G06Q20/3829 G06Q2220/00 H04L9/0844 H04L9/3013 H04L9/3066 H04L2209/56 H04L2209/80

    Abstract: Systems, methods, and computer-readable media for provisioning credentials are provided. In one example embodiment, an electronic device may include a communications component that receives encrypted commerce credential data from a service provider subsystem. The electronic device may also include a secure element that, inter alia, generates on the secure element a secure element public key and a secure element private key, derives on the secure element a secure element shared secret from the secure element private key, derives on the secure element a secure element secure key from the secure element shared secret, and decrypts on the secure element the encrypted commerce credential data using the secure element secure key. Additional embodiments are also provided.

    Abstract translation: 提供了用于供应凭证的系统,方法和计算机可读介质。 在一个示例实施例中,电子设备可以包括从服务提供商子系统接收加密的商业凭证数据的通信组件。 电子设备还可以包括安全元件,其特别地,在安全元件上生成安全元件公钥和安全元件私钥,从安全元件私有密钥导出安全元件共享秘密的安全元件,导出 所述安全元件是来自所述安全元件共享秘密的安全元件安全密钥,并且使用所述安全元件安全密钥在所述安全元件上解密所述加密的商业凭证数据。 还提供了另外的实施例。

    ON-BOARD APPLET MIGRATION
    33.
    发明申请
    ON-BOARD APPLET MIGRATION 有权
    板上方法移动

    公开(公告)号:US20150193221A1

    公开(公告)日:2015-07-09

    申请号:US14466850

    申请日:2014-08-22

    Applicant: Apple Inc.

    Inventor: Ahmer A. Khan Joakim Linde Mehdi Ziat

    IPC: G06F9/445 G06F21/71 H04W12/06 H04L9/32 G06F9/44

    CPC classification number: G06F8/65 G06F21/57 H04L9/3247 H04L67/06 H04L67/306 H04L67/34 H04L67/42 H04W4/60 H04W12/06

    Abstract: An electronic device (such as a cellular telephone) automatically installs and personalizes updates to an applet on a secure element in the electronic device. In particular, when a digitally signed update package containing the update is received from an updating device (such as a server), the secure element identifies any previous versions of the applet installed on the secure element. If there are any previously installed versions, the secure element verifies the digital signature of the update package using an encryption key associated with a vendor of the secure element. Then, the secure element uninstalls the previous versions of the applet and exports the associated user data. Next, the secure element installs the update to the applet, and personalizes the new version of the applet using the user data.

    Abstract translation: 电子设备(例如蜂窝电话)在电子设备中的安全元件上自动安装并个性化对小应用程序的更新。 特别地,当从更新设备(例如服务器)接收到包含更新的数字签名的更新包时,安全元件识别安装在安全元件上的小应用程序的任何先前版本。 如果有任何先前安装的版本,则安全元件使用与安全元件的供应商相关联的加密密钥验证更新包的数字签名。 然后,安全元素会卸载以前版本的applet并导出关联的用户数据。 接下来,安全元件将更新安装到小程序,并使用用户数据个性化新版本的小应用程序。

    DELETION OF CREDENTIALS FROM AN ELECTRONIC DEVICE
    34.
    发明申请
    DELETION OF CREDENTIALS FROM AN ELECTRONIC DEVICE 审中-公开
    从电子设备中删除证书

    公开(公告)号:US20150178723A1

    公开(公告)日:2015-06-25

    申请号:US14475292

    申请日:2014-09-02

    Applicant: Apple Inc.

    Inventor: Ahmer A. Khan Joakim Linde Christopher Sharp Jerrold V. Hauck

    IPC: G06Q20/38 H04L29/06 G06Q20/32

    Abstract: Systems, methods, and computer-readable media for managing credentials are provided. In one example embodiment, an electronic device may include a secure element with a security domain element stored on the secure element. The electronic device may also include a processor component that may be configured to, inter alia, permanently terminate the functionality of the security domain element, after the functionality has been permanently terminated, communicatively couple the electronic device to a trusted service manager, and transmit data to the communicatively coupled trusted service manager that may be usable by the trusted service manager to determine that the functionality has been permanently terminated. Additional embodiments are also provided.

    Abstract translation: 提供了用于管理凭证的系统,方法和计算机可读介质。 在一个示例实施例中,电子设备可以包括具有存储在安全元件上的安全域元素的安全元件。 电子设备还可以包括处理器组件,其可以被配置为在功能已经被永久地终止之后永久地终止安全域元件的功能,通信地将电子设备耦合到可信服务管理器,并且发送数据 涉及由可信服务管理器可用以确定功能已被永久终止的通信耦合的可信服务管理器。 还提供了另外的实施例。

    USING BIOMETRIC AUTHENTICATION FOR NFC-BASED PAYMENTS
    35.
    发明申请
    USING BIOMETRIC AUTHENTICATION FOR NFC-BASED PAYMENTS 审中-公开
    使用基于NFC的付款的生物识别认证

    公开(公告)号:US20150127549A1

    公开(公告)日:2015-05-07

    申请号:US14474803

    申请日:2014-09-02

    Applicant: Apple Inc.

    Inventor: Ahmer A. Khan

    IPC: G06Q20/38 G06Q20/32 G06Q20/20 G06Q20/40

    CPC classification number: G06Q20/3829 G06Q20/20 G06Q20/32 G06Q20/3227 G06Q20/3278 G06Q20/40145

    Abstract: In order to validate a user to facilitate conducting a high-valued financial transaction via wireless communication between an electronic device (such as a smartphone) and another electronic device (such as a point-of-sale terminal), the electronic device may authenticate the user prior to the onset of the high-valued financial transaction. In particular, a secure enclave processor in a processor may provide local validation information that is specific to the electronic device to a secure element in the electronic device when received local authentication information that is specific to the electronic device (such as a biometric identifier of the user) matches stored authentication information. Moreover, an authentication applet in the secure element may provide the local validation information to an activated payment applet in the secure element. This may enable the payment applet to conduct the high-valued financial transaction via wireless communication, such as near-field communication.

    Abstract translation: 为了验证用户以便通过电子设备(例如智能电话机)和另一电子设备(例如销售点终端)之间的无线通信进行高价值的金融交易,电子设备可以认证 用户在高价值金融交易发生之前。 特别地,处理器中的安全飞地处理器可以在接收到特定于电子设备的本地认证信息时(例如,电子设备的生物识别标识符)向电子设备中的安全元件提供特定于电子设备的本地验证信息 用户)匹配存储的认证信息。 此外,安全元件中的认证小应用程序可以将本地验证信息提供给安全元件中的激活的支付小应用程序。 这可以使得支付小程序通过诸如近场通信的无线通信来进行高价值的金融交易。

    ONLINE PAYMENTS USING A SECURE ELEMENT OF AN ELECTRONIC DEVICE
    36.
    发明申请
    ONLINE PAYMENTS USING A SECURE ELEMENT OF AN ELECTRONIC DEVICE 审中-公开
    使用电子设备安全元件的在线付款

    公开(公告)号:US20150095238A1

    公开(公告)日:2015-04-02

    申请号:US14481526

    申请日:2014-09-09

    Applicant: Apple Inc.

    Inventor: Ahmer A. Khan Timothy S. Hurley Anton K. Diederich George R. Dicker Scott M. Herz Christopher Sharp

    IPC: G06Q20/38 G06Q20/10

    CPC classification number: G06Q20/325 G06Q20/10 G06Q20/12 G06Q20/3227 G06Q20/3278 G06Q20/382 G06Q20/3823 G06Q20/3829 G06Q20/40

    Abstract: Systems, methods, and computer-readable media for securely conducting online payments with a secure element of an electronic device are provided. In one example embodiment, a method includes, inter alia, at an electronic device, generating first data that includes payment card data, generating second data by encrypting the first data and merchant information with a first key, transmitting to a commercial entity subsystem the generated second data, receiving third data that includes the first data encrypted with a second key that is associated with the merchant information, and transmitting the received third data to a merchant subsystem that is associated with the merchant information, where the first key is not accessible to the merchant subsystem, and where the second key is not accessible to the electronic device. Additional embodiments are also provided.

    Abstract translation: 提供了使用电子设备的安全元件安全地进行在线支付的系统,方法和计算机可读介质。 在一个示例实施例中,一种方法尤其包括在电子设备上,生成包括支付卡数据的第一数据,通过用第一密钥加密第一数据和商家信息来生成第二数据,向商业实体子系统发送生成的 第二数据,接收包括用与所述商家信息相关联的第二密钥加密的第一数据的第三数据,以及将所接收的第三数据发送到与所述商家信息相关联的商户子系统,其中所述第一密钥不可访问 商业子系统,以及第二密钥不能被电子设备访问的地方。 还提供了另外的实施例。

Patent Agency Ranking