Configuring a plurality of security isolated wallet containers on a single mobile device
First Claim
1. A high security mobile electronic transaction device for ensuring isolated access to a plurality of distinct service-provider specific electronic wallets disposed in a non-transient memory of the device comprising:
- a non-transient memory accessible by a processor of the mobile device;
at least one mobile transaction platform-specific application programming interface stored in the memory and configured to facilitate access to secure mobile transaction platform resources by a wallet container executing on the mobile device;
a wallet container disposed in the memory of the mobile device and executable by the processor, wherein the wallet container interfaces with secure mobile transaction platform resources via the at least one application programming interface, the wallet container comprising;
an access controller that ensures a wallet disposed in the at least one of the plurality of distinct wallet containers only has access to mobile device resources to which the disposed wallet has permissions by limiting access to the at least one application programming interface;
at least one service provider-specific wallet disposed in the wallet container, wherein service provider-specific wallet security is enforced by the wallet container accessing a portion of the secure mobile transaction platform resources via the at least one application programming interface; and
at least one wallet companion applet, for each of the at least one service provider-specific wallets, stored in a particular non-volatile service provider-specific security domain of a plurality of non-volatile service provider-specific security domains of a secure element, wherein the particular security domain comprises the at least one wallet companion applet and at least one other applet, the security domain and all applets disposed therein being accessible as a group by the mobile transaction platform when using unique, security through use of domain-specific security keys when accessing the secure element.
2 Assignments
0 Petitions
Accused Products
Abstract
Configuring a plurality of security isolated wallet containers on a single mobile device includes configuring at least one mobile transaction platform-specific application programming interface for facilitating access to secure mobile transaction platform resources by a wallet container executing on a mobile device; disposing a plurality of distinct wallet containers in a memory of the mobile device, wherein each wallet container interfaces with secure mobile transaction platform resources via the at least one application programming interface; disposing at least one service provider-specific wallet in each of the plurality of distinct wallet containers; and enforcing service-provider specific wallet security by a distinct wallet container accessing a portion of the secure mobile transaction platform resources via the at least one application programming interface.
-
Citations
20 Claims
-
1. A high security mobile electronic transaction device for ensuring isolated access to a plurality of distinct service-provider specific electronic wallets disposed in a non-transient memory of the device comprising:
-
a non-transient memory accessible by a processor of the mobile device; at least one mobile transaction platform-specific application programming interface stored in the memory and configured to facilitate access to secure mobile transaction platform resources by a wallet container executing on the mobile device; a wallet container disposed in the memory of the mobile device and executable by the processor, wherein the wallet container interfaces with secure mobile transaction platform resources via the at least one application programming interface, the wallet container comprising; an access controller that ensures a wallet disposed in the at least one of the plurality of distinct wallet containers only has access to mobile device resources to which the disposed wallet has permissions by limiting access to the at least one application programming interface; at least one service provider-specific wallet disposed in the wallet container, wherein service provider-specific wallet security is enforced by the wallet container accessing a portion of the secure mobile transaction platform resources via the at least one application programming interface; and at least one wallet companion applet, for each of the at least one service provider-specific wallets, stored in a particular non-volatile service provider-specific security domain of a plurality of non-volatile service provider-specific security domains of a secure element, wherein the particular security domain comprises the at least one wallet companion applet and at least one other applet, the security domain and all applets disposed therein being accessible as a group by the mobile transaction platform when using unique, security through use of domain-specific security keys when accessing the secure element. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A high security mobile electronic transaction device for ensuring isolated access to a plurality of distinct service-provider specific security domains disposed in a non-transient memory of the device comprising:
-
a non-transient memory accessible by a processor of the mobile device; at least one mobile transaction platform-specific application programming interface stored in the memory and configured to facilitate access to secure mobile transaction platform resources by a wallet container executing on the mobile device; a distinct wallet container disposed in the memory of the mobile device and executable by the processor, wherein the wallet container ensures a wallet disposed in the distinct wallet container only has access to mobile device resources to which the disposed wallet has permissions by limiting access to the at least one application programming interface; and at least one wallet companion applet, for the wallet, stored in a non-volatile service provider-specific security domain of a non-volatile secure element comprising the at least one wallet companion applet and at least one other applet, the security domain and all applets disposed therein being accessible as a group through use of domain-specific security keys when accessing the secure element. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification