公开(公告)号：US10546293B2

公开(公告)日：2020-01-28

申请号：US14475375

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Jerrold V. Hauck ,  George R. Dicker ,  Jeffrey C. Lee ,  Mitchell D Adler ,  Wade Benson

IPC: G06Q20/38 ,  G06Q20/32

Abstract: A system for provisioning credentials onto an electronic device is provided. The system may include a payment network subsystem, a service provider subsystem, and one or more user devices that can be used to perform mobile transactions at a merchant terminal. The user device may communicate with the service provider subsystem in order to obtained commerce credentials from the payment network subsystem. The user device may include a secure element and a corresponding trusted processor. The trusted processor may generate a random authorization number and inject that number into the secure element. Mobile payments should only be completed if the random authorization number on the secure element matches the random authorization number at the trusted processor. The trusted processor may be configured to efface the previous random authorization number and generate a new random authorization number when detecting a potential change in ownership at the user device.

公开(公告)号：US09455985B2

公开(公告)日：2016-09-27

申请号：US14502960

申请日：2014-09-30

Applicant: Apple Inc.

Inventor： Jeffrey C. Lee ,  Andrew R. Whalley ,  Craig A. Marciniak

IPC: G06F21/32 ,  H04L29/06

CPC classification number: H04L63/0861 ,  H04W12/04 ,  H04W12/08 ,  H04W88/02

Abstract: Systems and methods are disclosed for securely injecting one or more key values into an electronic device by reading with a fingerprint sensor a manufactured key device having a key value. A secure communication channel between a fingerprint sensor and a secure processing system enables the reading, processing, and storing of the fingerprint sensor data from the key device. The key device includes a conductive substantially planar substrate (“substrate”) with raised conductive portions configured to encode a key value. The substrate can be made from a non-conductive material and have conductive material applied to the substrate to encode the key value. The substrate can be covered with an opaque, conductive layer so that the encoding cannot be visually perceived. The encoding scheme can be a QR code, a bar code, an image, an alphanumeric string, or other encoding. One or more electronic device access policies can be associated with a key value to control how an electronic device can be used when the electronic device is accessed with the manufactured key device.

Abstract translation: 公开了用于通过用指纹传感器读取具有键值的制造的键装置来将一个或多个键值安全地注入到电子设备中的系统和方法。 指纹传感器和安全处理系统之间的安全通信通道使得能够从密钥设备读取，处理和存储指纹传感器数据。 关键装置包括具有凸起的导电部分的导电的基本平坦的基板（“基板”），该导电部分配置成编码键值。 衬底可以由非导电材料制成并且具有施加到衬底的导电材料以对键值进行编码。 衬底可以用不透明的导电层覆盖，使得编码不能被视觉上察觉。 编码方案可以是QR码，条形码，图像，字母数字串或其他编码。 一个或多个电子设备访问策略可以与键值相关联，以控制当使用所制造的关键设备访问电子设备时如何使用电子设备。

公开(公告)号：US20160094548A1

公开(公告)日：2016-03-31

申请号：US14502960

申请日：2014-09-30

Applicant: Apple Inc.

Inventor： Jeffrey C. Lee ,  Andrew R. Whalley ,  Craig A. Marciniak

IPC: H04L29/06

CPC classification number: H04L63/0861 ,  H04W12/04 ,  H04W12/08 ,  H04W88/02

Abstract: Systems and methods are disclosed for securely injecting one or more key values into an electronic device by reading with a fingerprint sensor a manufactured key device having a key value. A secure communication channel between a fingerprint sensor and a secure processing system enables the reading, processing, and storing of the fingerprint sensor data from the key device. The key device includes a conductive substantially planar substrate (“substrate”) with raised conductive portions configured to encode a key value. The substrate can be made from a non-conductive material and have conductive material applied to the substrate to encode the key value. The substrate can be covered with an opaque, conductive layer so that the encoding cannot be visually perceived. The encoding scheme can be a QR code, a bar code, an image, an alphanumeric string, or other encoding. One or more electronic device access policies can be associated with a key value to control how an electronic device can be used when the electronic device is accessed with the manufactured key device.

Abstract translation: 公开了用于通过用指纹传感器读取具有键值的制造的键装置来将一个或多个键值安全地注入到电子设备中的系统和方法。 指纹传感器和安全处理系统之间的安全通信通道使得能够从密钥设备读取，处理和存储指纹传感器数据。 关键装置包括具有凸起的导电部分的导电的基本平坦的基板（“基板”），该导电部分配置成编码键值。 衬底可以由非导电材料制成并且具有施加到衬底的导电材料以对键值进行编码。 衬底可以用不透明的导电层覆盖，使得编码不能被视觉上察觉。 编码方案可以是QR码，条形码，图像，字母数字串或其他编码。 一个或多个电子设备访问策略可以与键值相关联，以控制当使用所制造的关键设备访问电子设备时如何使用电子设备。

公开(公告)号：US20150348022A1

公开(公告)日：2015-12-03

申请号：US14475375

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Jerrold V. Hauck ,  George R. Dicker ,  Jeffrey C. Lee ,  Mitchell D. Adler ,  Wade Benson

IPC: G06Q20/38 ,  G06Q20/40 ,  G06Q20/32

CPC classification number: G06Q20/385 ,  G06Q20/3226 ,  G06Q20/354 ,  G06Q20/3829

Abstract: A system for provisioning credentials onto an electronic device is provided. The system may include a payment network subsystem, a service provider subsystem, and one or more user devices that can be used to perform mobile transactions at a merchant terminal. The user device may communicate with the service provider subsystem in order to obtained commerce credentials from the payment network subsystem. The user device may include a secure element and a corresponding trusted processor. The trusted processor may generate a random authorization number and inject that number into the secure element. Mobile payments should only be completed if the random authorization number on the secure element matches the random authorization number at the trusted processor. The trusted processor may be configured to efface the previous random authorization number and generate a new random authorization number when detecting a potential change in ownership at the user device.

Abstract translation: 提供了一种用于将凭证提供到电子设备上的系统。 系统可以包括支付网络子系统，服务提供商子系统以及可以用于在商家终端执行移动交易的一个或多个用户设备。 用户设备可以与服务提供商子系统通信，以便从支付网络子系统获得商业凭证。 用户设备可以包括安全元件和相应的可信处理器。 可信处理器可以生成随机授权号，并将该号码注入到安全元件中。 仅当安全元素上的随机授权号码与可信处理器上的随机授权号码匹配时，才应完成移动支付。 信任处理器可以被配置为在检测用户设备的所有权的潜在变化时消除先前的随机授权号码并生成新的随机授权号码。