公开(公告)号：US09483249B2

公开(公告)日：2016-11-01

申请号：US14466850

申请日：2014-08-22

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Joakim Linde ,  Mehdi Ziat

IPC: G06F21/00 ,  G06F9/445 ,  G06F9/44 ,  G06F21/71 ,  H04L9/32 ,  H04W12/06 ,  H04W4/00 ,  G06F21/57 ,  H04L29/08

CPC classification number: G06F8/65 ,  G06F21/57 ,  H04L9/3247 ,  H04L67/06 ,  H04L67/306 ,  H04L67/34 ,  H04L67/42 ,  H04W4/60 ,  H04W12/06

Abstract: An electronic device (such as a cellular telephone) automatically installs and personalizes updates to an applet on a secure element in the electronic device. In particular, when a digitally signed update package containing the update is received from an updating device (such as a server), the secure element identifies any previous versions of the applet installed on the secure element. If there are any previously installed versions, the secure element verifies the digital signature of the update package using an encryption key associated with a vendor of the secure element. Then, the secure element uninstalls the previous versions of the applet and exports the associated user data. Next, the secure element installs the update to the applet, and personalizes the new version of the applet using the user data.

Abstract translation: 电子设备（例如蜂窝电话）在电子设备中的安全元件上自动安装并个性化对小应用程序的更新。 特别地，当从更新设备（例如服务器）接收到包含更新的数字签名的更新包时，安全元件识别安装在安全元件上的小应用程序的任何先前版本。 如果有任何先前安装的版本，则安全元件使用与安全元件的供应商相关联的加密密钥验证更新包的数字签名。 然后，安全元素会卸载以前版本的applet并导出关联的用户数据。 接下来，安全元件将更新安装到小程序，并使用用户数据个性化新版本的小应用程序。

公开(公告)号：US20160286391A1

公开(公告)日：2016-09-29

申请号：US14474737

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Ahmer A. Khan

IPC: H04W12/06 ,  G06Q20/38 ,  H04L9/32

CPC classification number: H04W12/06 ,  G06Q20/322 ,  G06Q20/3226 ,  G06Q20/3227 ,  G06Q20/327 ,  G06Q20/382 ,  G06Q20/3821 ,  G06Q20/38215 ,  G06Q20/3825 ,  G06Q20/3827 ,  G06Q20/3829 ,  H04L9/3247 ,  H04L9/3268 ,  H04L9/3271 ,  H04L63/0823 ,  H04W12/12

Abstract: The disclosed embodiments related to a first electronic device (such as a cellular telephone) that includes a secure element. In response to a challenge and a request for a secure-element identifier associated with the secure element, which are received from a second electronic device (such as a trusted services manager that loads content onto the secure element), the secure element provides to the second electronic device: the secure-element identifier, a certificate associated with a provider of the secure element, and a digital signature. The digital signature may include a signed version of the challenge and the secure-element identifier, which are encrypted using an encryption key associated with a provider of the secure element. In this way, the second electronic device may certify the secure element.

Abstract translation: 所公开的实施例涉及包括安全元件的第一电子设备（例如蜂窝电话）。 响应于来自第二电子设备（例如将内容加载到安全元件上的可信服务管理器）接收的与安全元件相关联的安全元件标识符的请求，安全元件提供给 第二电子设备：安全元素标识符，与安全元件的提供者相关联的证书和数字签名。 数字签名可以包括质询的签名版本和安全元素标识符，其使用与安全元件的提供商相关联的加密密钥进行加密。 以这种方式，第二电子设备可以证明安全元件。

公开(公告)号：US09424568B2

公开(公告)日：2016-08-23

申请号：US14474754

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Zachary A. Rosen ,  Joakim Linde

IPC: G06K5/00 ,  G06Q20/32 ,  G06Q20/36 ,  G06Q20/38 ,  G06Q20/04 ,  G06Q20/20 ,  G06Q20/42

CPC classification number: G06Q20/325 ,  G06Q20/0453 ,  G06Q20/10 ,  G06Q20/20 ,  G06Q20/322 ,  G06Q20/3227 ,  G06Q20/3278 ,  G06Q20/36 ,  G06Q20/3821 ,  G06Q20/385 ,  G06Q20/425

Abstract: To facilitate conducting a financial transaction via wireless communication between a portable electronic device (such as a smartphone) and another electronic device (such as a point-of-sale terminal), the portable electronic device may, after a final command is received from the other electronic device, determine a unique transaction identifier for the financial transaction. In particular, the final command may be specific to a payment applet, stored in a secure element in the portable electronic device, which conducts the financial transaction. The secure element may generate the unique transaction identifier based on financial-account information associated with the payment applet, which is communicated to the other electronic device. Moreover, the financial-account information may specify a financial account that is used to pay for the financial transaction. Next, the secure element may provide, to a processor in the portable electronic device, an end message for the financial transaction with the unique transaction identifier.

Abstract translation: 为了便于通过便携式电子设备（例如智能电话）和另一电子设备（例如销售点终端）之间的无线通信进行金融交易，便携式电子设备可以在从 其他电子设备，确定金融交易的唯一交易标识符。 特别地，最终命令可以特定于存储在便携式电子设备中的执行金融交易的安全元件中的支付小应用程序。 安全元件可以基于与支付小应用程序相关联的财务帐户信息来生成唯一的交易标识符，该信息被传送到另一个电子设备。 此外，金融账户信息可以指定用于支付金融交易的金融账户。 接下来，安全元件可以向便携式电子设备中的处理器提供具有唯一事务标识符的用于金融交易的结束消息。

公开(公告)号：US20150348007A1

公开(公告)日：2015-12-03

申请号：US14475263

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Gregory B. Novick ,  Jerrold V. Hauck ,  Saket R. Vora ,  Yehonatan Perez

IPC: G06Q20/32 ,  G06Q20/38

CPC classification number: G06Q20/3227 ,  G06Q20/32 ,  G06Q20/3278 ,  G06Q20/352 ,  G06Q20/353 ,  G06Q20/367 ,  G06Q20/382 ,  G06Q20/4018 ,  G06Q20/4097 ,  G06Q20/40975

Abstract: Methods for operating a portable electronic device to conduct a mobile payment transaction at a merchant terminal are provided. The electronic device may verify that the current user of the device is indeed the authorized owner by requiring the current user to enter a passcode. If the user is able to provide the correct passcode, the device is only partly ready to conduct a mobile payment. In order for the user to fully activate the payment function, the user may have to supply a predetermined payment activation input such as a double button press that notifies the device that the user intends to perform a financial transaction in the immediate future. The device may subsequently activate a payment applet for a predetermined period of time during which the user may hold the device within a field of the merchant terminal to complete a near field communications based mobile payment transaction.

Abstract translation: 提供了用于操作便携式电子设备以在商务终端进行移动支付交易的方法。 电子设备可以通过要求当前用户输入密码来验证设备的当前用户确实是授权所有者。 如果用户能够提供正确的密码，则该设备仅部分准备进行移动支付。 为了使用户能够完全启动支付功能，用户可能必须提供预定的支付激活输入，例如双按钮按钮，以在不久的将来通知设备用户打算执行金融交易。 该设备随后可以在预定的时间段内激活支付小应用程序，在该预定时间段期间，用户可以将该设备保存在商家终端的字段内，以完成基于近场通信的移动支付交易。

公开(公告)号：US20150142644A1

公开(公告)日：2015-05-21

申请号：US14474787

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Yousuf H. Vaid ,  George R. Dicker ,  Ahmer A. Khan ,  Christopher B. Sharp ,  Glen W. Steele ,  Christopher D. Adams ,  David T. Haggerty

IPC: G06Q20/32 ,  G06Q20/02 ,  G06Q20/10

CPC classification number: G06Q20/3278 ,  G06Q20/02 ,  G06Q20/0453 ,  G06Q20/10 ,  G06Q20/327

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, a secure element in the electronic device receives, from a third party, a notification associated with a financial transaction. This third party may be independent of a counterparty in the financial transaction, such as: a provider of the electronic device or a payment network that processes payment for the financial transaction. In response to the notification, the secure element requests, from the third party, receipt information associated with the financial transaction, and then receives the receipt information from the third party. This receipt information may include a first-level information, such as payment status. Alternatively or additionally, the receipt information may include a second-level information, such as an itemized list of purchased items, links to information and/or discounts.

Abstract translation: 为了通过电子设备和另一电子设备之间的无线通信进行金融交易，电子设备中的安全元件从第三方接收与金融交易相关联的通知。 该第三方可能独立于金融交易中的交易对手，例如：电子设备的提供商或处理金融交易支付的支付网络。 响应于通知，安全元件从第三方请求与金融交易相关联的收据信息，然后从第三方接收收据信息。 该收据信息可以包括诸如付款状态的第一级信息。 或者或另外，收据信息可以包括第二级信息，诸如所购项目的逐项列表，到信息和/或折扣的链接。

公开(公告)号：US20150044964A1

公开(公告)日：2015-02-12

申请号：US14063433

申请日：2013-10-25

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Joakim Linde ,  Joseph Hakim ,  Zachary A. Rosen

IPC: H04W52/02 ,  H04W12/06 ,  H04B5/02

CPC classification number: H04W52/0209 ,  G06F1/3278 ,  G06F21/35 ,  G06F21/606 ,  G06F2221/2137 ,  G06Q20/3278 ,  H04B5/02 ,  H04W12/06 ,  H04W52/0251 ,  H04W52/0254 ,  Y02D10/157 ,  Y02D70/00 ,  Y02D70/1222 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/162 ,  Y02D70/164 ,  Y02D70/166 ,  Y02D70/22 ,  Y02D70/26 ,  Y02D70/42

Abstract: Systems, methods, and computer-readable media for managing near field communications during a low power management mode of an electronic device are provided that may make credentials of a near field communication (“NFC”) component appropriately secure and appropriately accessible white also limiting the power consumption of the NFC component and of other components of the electronic device.

Abstract translation: 提供了用于在电子设备的低功率管理模式期间管理近场通信的系统，方法和计算机可读介质，其可以使近场通信（“NFC”）组件的凭证适当地安全并且适当地可访问的白也限制 NFC组件和电子设备的其他组件的功耗。

公开(公告)号：US20240406162A1

公开(公告)日：2024-12-05

申请号：US18205244

申请日：2023-06-02

Applicant: Apple Inc.

Inventor： Ravi Chotrani ,  Ahmer A. Khan ,  David W. Silver ,  Gianpaolo Fasoli ,  Ka Yang ,  Vishnu Janardhanan

IPC: H04L9/40 ,  H04L67/306

Abstract: A computing device can receive a request from a requesting device for one or more data elements associated with a digital credential. The computing device can store the digital credential which includes a set of data elements and a security object. The computing device can determine a subset of the data elements based at least in part on the request. The computing device can generate the response, wherein the response includes the subset of the data elements and the security object. The computing device can transmit the response to the requesting device.

公开(公告)号：US11941620B2

公开(公告)日：2024-03-26

申请号：US17135876

申请日：2020-12-28

Applicant: Apple Inc.

Inventor： Manoj K. Thulaseedharan Pillai ,  Ahmer A. Khan ,  Thomas Elliott ,  Timothy S. Hurley ,  Jennifer J. Bailey ,  David E. Brudnicki

IPC: G06Q20/38 ,  G06F21/45 ,  G06Q20/10 ,  G06Q20/12 ,  G06Q20/32 ,  G06Q20/40 ,  H04W12/069

CPC classification number: G06Q20/3829 ,  G06F21/45 ,  G06Q20/102 ,  G06Q20/12 ,  G06Q20/3226 ,  G06Q20/3227 ,  G06Q20/325 ,  G06Q20/3278 ,  G06Q20/382 ,  G06Q20/3823 ,  G06Q20/40 ,  G06Q20/4016 ,  H04W12/069 ,  G06Q2220/00

Abstract: Systems, methods, and computer-readable media for communicating electronic device secure element data over multiple paths for online payments are provided. In one example embodiment, a method includes, inter alia, at a commercial entity subsystem, receiving, from an electronic device, device transaction data that includes credential data indicative of a payment credential on the electronic device for funding a transaction with a merchant subsystem, accessing a transaction identifier, deriving a transaction key based on transaction key data that includes the accessed transaction identifier, transmitting, to one of the merchant subsystem and the electronic device, merchant payment data that includes a first portion of the credential data and the accessed transaction identifier, and sharing, with a financial institution subsystem using the transaction key, commercial payment data that includes a second portion of the credential data that is different than the first portion of the credential data. Additional embodiments are also provided.

公开(公告)号：US11877157B2

公开(公告)日：2024-01-16

申请号：US17398723

申请日：2021-08-10

Applicant: Apple Inc.

Inventor： Haya Iris Villanueva Gaviola ,  Gianpaolo Fasoli ,  Vinay Ganesh ,  Irene M. Graff ,  Martijn Theo Haring ,  Ahmer A. Khan ,  Franck Farian Rakotomalala ,  Gordon Y. Scott ,  Ho Cheung Chung ,  Antonio Allen ,  Mayura Dhananjaya Deshpande ,  Thomas John Miller ,  Christopher Sharp ,  David W. Silver ,  Policarpo B. Wood ,  Ka Yang

IPC: H04L29/06 ,  H04L29/08 ,  H04W12/69 ,  H04W4/80 ,  H04W12/037 ,  H04W12/47 ,  H04W12/02 ,  H04L29/00 ,  G06Q50/26

CPC classification number: H04W12/69 ,  H04W4/80 ,  H04W12/02 ,  H04W12/037 ,  H04W12/47 ,  G06Q50/265

Abstract: An embodiment includes a method to increase the efficiency of security checkpoint operations. A security checkpoint kiosk serves as a Relying Party System (RPS). The RPS establishes a secure local connection between the RPS and a User Mobile-Identification-Credential Device (UMD). The RPS sends a user information request to the UMD, via the secure local connection, seeking release of user information associated with a Mobile Identification Credential (MIC). The RPS obtains authentication of the user information received in response to the user information request. The RPS retrieves user travel information based on the user information. The RPS determines that the user travel information matches the user information. When the user travel information matches the user information, the RPS approves the user to proceed past the security checkpoint kiosk.

公开(公告)号：US11556165B2

公开(公告)日：2023-01-17

申请号：US17067599

申请日：2020-10-09

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Joakim Linde ,  Joseph Hakim ,  Zachary A. Rosen

IPC: G06F1/3234 ,  G06Q20/32 ,  G06F21/35 ,  G06F21/60 ,  H04W52/02 ,  H04W12/065 ,  H04W12/06 ,  H04B5/02

Abstract: Systems, methods, and computer-readable media for managing near field communications during a low power management mode of an electronic device are provided that may make credentials of a near field communication (“NFC”) component appropriately secure and appropriately accessible while also limiting the power consumption of the NFC component and of other components of the electronic device.