公开(公告)号：US20200036695A1

公开(公告)日：2020-01-30

申请号：US16436690

申请日：2019-06-10

Applicant: Apple Inc.

Inventor： Christopher Sharp ,  David T. Haggerty ,  George R. Dicker ,  Glen W. Steele ,  Matthew R. Murphy ,  Timothy S. Hurley

IPC: H04L29/06 ,  H04W12/06 ,  G06Q20/32 ,  G06Q20/38 ,  G06Q20/34

Abstract: Systems, methods, and computer-readable media for using an online resource to manage credentials on an electronic device are provided. In one example embodiment, a method, at an electronic device, includes, inter alia, receiving account data via an online resource, accessing commerce credential status data from a secure element of the electronic device, providing initial credential management option data via the online resource based on the received account data and based on the accessed commerce credential status data, in response to the providing, receiving a selection of an initial credential management option via the online resource, and changing the status of a credential on the secure element based on the received selection. Additional embodiments are also provided.

公开(公告)号：US10405181B2

公开(公告)日：2019-09-03

申请号：US15876875

申请日：2018-01-22

Applicant: Apple Inc.

Inventor： Li Li ,  Xiangying Yang ,  Jerrold Von Hauck ,  Christopher B. Sharp ,  Yousuf H. Vaid ,  Arun G. Mathias ,  David T. Haggerty ,  Najeeb M. Abdulrahiman

IPC: H04W12/06 ,  H04L29/06 ,  H04L12/24

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.

公开(公告)号：US09877193B2

公开(公告)日：2018-01-23

申请号：US15076527

申请日：2016-03-21

Applicant: Apple Inc.

Inventor： Li Li ,  Xiangying Yang ,  Jerrold Von Hauck ,  Christopher B. Sharp ,  Yousuf H. Vaid ,  Arun G. Mathias ,  David T. Haggerty ,  Najeeb M. Abdulrahiman

IPC: H04M1/66 ,  H04M1/68 ,  H04M3/16 ,  H04W12/06 ,  H04L29/06 ,  H04L12/24

CPC classification number: H04W12/06 ,  H04L41/28 ,  H04L63/083 ,  H04L63/0838 ,  H04L63/0853

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.

公开(公告)号：US09831903B1

公开(公告)日：2017-11-28

申请号：US15222759

申请日：2016-07-28

Applicant: Apple Inc.

Inventor： Avinash Narasimhan ,  Hemant Purswani ,  Clark P. Mueller ,  David T. Haggerty ,  Li Li ,  Arun G. Mathias ,  Najeeb M. Abdulrahiman

IPC: H04B1/3816 ,  H04L12/24 ,  H04W4/24

CPC classification number: H04W4/24 ,  H04L12/1407 ,  H04L41/0893 ,  H04M15/66 ,  H04M15/80 ,  H04M17/02 ,  H04M17/023 ,  H04M17/026 ,  H04M17/103

Abstract: Methods, devices, and servers for as-needed update of a trusted list are provided herein. An electronic subscriber identity module (eSIM) server receives a request for an eSIM of a particular type from a wireless device. The eSIM server evaluates the particular type and requests an eSIM of the particular type from a second eSIM server, which is not initially trusted by a secure element (SE) of the wireless device. The eSIM server sends a policy update to the wireless device. The wireless device passes the policy update to the SE, for example, a universal integrated circuit card (UICC). The UICC updates the trusted list with an identity of the second eSIM server. When the wireless device downloads a bound profile package (BPP) containing an eSIM from the second eSIM server, the UICC validates the BPP based on the updated trusted list. The eSIM is then installed on the UICC.

公开(公告)号：US09788209B2

公开(公告)日：2017-10-10

申请号：US15263306

申请日：2016-09-12

Applicant: Apple Inc.

Inventor： Jerrold Von Hauck ,  David T. Haggerty

IPC: H04W12/08 ,  H04L9/32 ,  H04L29/06 ,  H04W12/06 ,  H04W4/00 ,  H04W8/24 ,  H04W8/18 ,  H04W12/04 ,  H04W12/12

CPC classification number: H04W12/08 ,  H04L9/3228 ,  H04L9/3247 ,  H04L63/061 ,  H04L63/0869 ,  H04L2209/80 ,  H04W4/60 ,  H04W8/183 ,  H04W8/245 ,  H04W12/04 ,  H04W12/06 ,  H04W12/12

Abstract: Apparatus and methods for controlling the distribution of electronic access clients to a device. In one embodiment, a virtualized Universal Integrated Circuit Card (UICC) can only load an access client such as an electronic Subscriber Identity Module (eSIM) according to an activation ticket. The activation ticket ensures that the virtualized UICC can only receive eSIMs from specific carriers (“carrier locking”). Unlike prior art methods which enforce carrier locking on a software application launched from a software chain of trust (which can be compromised), the present invention advantageously enforces carrier locking with the secure UICC hardware which has, for example, a secure code base.

公开(公告)号：US09619799B2

公开(公告)日：2017-04-11

申请号：US14174791

申请日：2014-02-06

Applicant: Apple Inc.

Inventor： David T. Haggerty ,  Ahmer A. Khan ,  Christopher B. Sharp ,  Jerrold Von Hauck ,  Joakim Linde ,  Kevin P. McLaughlin ,  Mehdi Ziat ,  Yousuf H. Vaid

IPC: G06Q20/36 ,  G06Q20/38 ,  G06Q20/32 ,  G06Q20/12 ,  G06Q20/34

CPC classification number: G06Q20/36 ,  G06Q20/1235 ,  G06Q20/3227 ,  G06Q20/3552 ,  G06Q20/382

Abstract: Methods and apparatus for the deployment of financial instruments and other assets are disclosed. In one embodiment, a security software protocol is disclosed that guarantees that the asset is always securely encrypted, that one and only one copy of an asset exists, and the asset is delivered to an authenticated and/or authorized customer. Additionally, exemplary embodiments of provisioning systems are disclosed that are capable of, among other things, handling large bursts of traffic (such as can occur on a so-called “launch day” of a device).

公开(公告)号：US09332012B2

公开(公告)日：2016-05-03

申请号：US14684273

申请日：2015-04-10

Applicant: Apple Inc.

Inventor： Jerrold Von Hauck ,  David T. Haggerty ,  Kevin McLaughlin

IPC: G06F21/00 ,  H04L29/06 ,  H04W12/04 ,  H04W12/06 ,  H04L9/08 ,  H04L9/30 ,  H04L9/12

CPC classification number: H04L9/32 ,  H04L9/08 ,  H04L9/12 ,  H04L9/30 ,  H04L63/06 ,  H04L63/0853 ,  H04W12/04 ,  H04W12/06

Abstract: Apparatus and methods for storing and controlling access control clients. In one embodiment, transmitting and receiving devices ensure that only one copy of an eSIM is active at any time. Specifically, each transferred eSIM is encrypted for the destination device; the eSIM from the source device is deleted, deactivated, or otherwise rendered unusable. Various aspects of network infrastructure are also described, including electronic Universal Integrated Circuit Card (eUICC) appliances, and mobile devices. Various scenarios for transfer of eSIMs are also disclosed.

公开(公告)号：US20150350177A1

公开(公告)日：2015-12-03

申请号：US14475301

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Christopher Sharp ,  David T. Haggerty ,  George R. Dicker ,  Glen W. Steele ,  Matthew R. Murphy ,  Timothy S. Hurley

IPC: H04L29/06 ,  H04W12/06

CPC classification number: H04L63/08 ,  G06Q20/322 ,  G06Q20/3227 ,  G06Q20/3552 ,  G06Q20/3572 ,  G06Q20/3821 ,  H04L63/0823 ,  H04W12/06

Abstract: Systems, methods, and computer-readable media for using an online resource to manage credentials on an electronic device are provided. In one example embodiment, a method, at an electronic device, includes, inter alia, receiving account data via an online resource, accessing commerce credential status data from a secure element of the electronic device, providing initial credential management option data via the online resource based on the received account data and based on the accessed commerce credential status data, in response to the providing, receiving a selection of an initial credential management option via the online resource, and changing the status of a credential on the secure element based on the received selection. Additional embodiments are also provided.

Abstract translation: 提供了用于使用在线资源管理电子设备上的凭证的系统，方法和计算机可读介质。 在一个示例实施例中，电子设备的方法尤其包括经由在线资源接收帐户数据，从电子设备的安全元件访问商业凭证状态数据，经由在线资源提供初始凭证管理选项数据 基于所接收的帐户数据并且基于所访问的商业凭证状态数据，响应于所述提供，经由所述在线资源接收初始凭证管理选项的选择，以及基于所述安全元件改变所述安全元件上的凭证的状态 收到选择。 还提供了另外的实施例。