Method, device and secure element for conducting a secured financial transaction on a device

US 10,558,971 B2
Filed: 01/04/2018
Issued: 02/11/2020
Est. Priority Date: 02/29/2012
Status: Active Grant

First Claim

Patent Images

1. A secure element for installation in a device used as a payment terminal, the device running a point of sale (POS) application, the POS application comprising a payment control application, the payment control application comprising control instructions to control the secure element, the device comprising a processor, a contactless interface and a communication interface, the secure element comprising instructions accessed from a non-transitory computer readable storage medium to cause the secure element, upon executing the instructions, to run:

an Europay, MasterCard, and Visa (EMV) transaction module that is configured to process data acquired by the contactless interface of the device from a payment apparatus, the contactless interface being configured to receive data wirelessly from the payment apparatus;

an operating system (OS) configured to process data provided by the EMV transaction module;

wherein the EMV transaction module is configured to execute;

a reception of a request to conduct a secured financial transaction for receiving a payment;

an acquisition, by the secure element, via the contactless interface of the device, and from the payment apparatus, of data relating to a financial account, the acquisition comprising (i) a sending, via the contactless interface, of a Select Proximity Payment System Environment (PPSE) request to the payment apparatus, (ii) a receiving, via the contactless interface, of a response from the payment apparatus indicating payment applications supported by the payment apparatus and (iii) a selection of a payment application amongst those available;

an establishment of a secured communication channel with a server through the communication interface of the device;

a sending over the secured communication channel to the server of an authorization request to perform the secured financial transaction, the authorization request comprising at least a portion of the data relating to the financial account;

a reception over the secured communication channel from the server of a response to the authorization request; and

a processing of the response to the authorization request to generate a status of the secured financial transaction.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A device and a secure element for conducting a secured financial transaction are disclosed. The device comprises a central processing unit; a communication interface for establishing a communication between the device and a financial institution related to a financial account; an interface for acquiring data relating to the financial account; the secure element for processing at least a portion of the data relating to the financial account acquired by the interface; and control logic for acquiring a purchase amount to be debited from the financial account and for obtaining a transaction authorization from the financial institution related to the financial account, the transaction authorization being based, at least partially, on data processed solely by the secure element independently of data processed by the central processing unit. A method of conducting the secured financial transaction, and a computer program product for execution by the secure element are also disclosed.

114 Citations

19 Claims

1. A secure element for installation in a device used as a payment terminal, the device running a point of sale (POS) application, the POS application comprising a payment control application, the payment control application comprising control instructions to control the secure element, the device comprising a processor, a contactless interface and a communication interface, the secure element comprising instructions accessed from a non-transitory computer readable storage medium to cause the secure element, upon executing the instructions, to run:
- an Europay, MasterCard, and Visa (EMV) transaction module that is configured to process data acquired by the contactless interface of the device from a payment apparatus, the contactless interface being configured to receive data wirelessly from the payment apparatus;
  
  an operating system (OS) configured to process data provided by the EMV transaction module;
  
  wherein the EMV transaction module is configured to execute;
  
  a reception of a request to conduct a secured financial transaction for receiving a payment;
  
  an acquisition, by the secure element, via the contactless interface of the device, and from the payment apparatus, of data relating to a financial account, the acquisition comprising (i) a sending, via the contactless interface, of a Select Proximity Payment System Environment (PPSE) request to the payment apparatus, (ii) a receiving, via the contactless interface, of a response from the payment apparatus indicating payment applications supported by the payment apparatus and (iii) a selection of a payment application amongst those available;
  
  an establishment of a secured communication channel with a server through the communication interface of the device;
  
  a sending over the secured communication channel to the server of an authorization request to perform the secured financial transaction, the authorization request comprising at least a portion of the data relating to the financial account;
  
  a reception over the secured communication channel from the server of a response to the authorization request; and
  
  a processing of the response to the authorization request to generate a status of the secured financial transaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The secure element of claim 1, wherein the establishment of the secured communication channel comprises a sending, by the secure element, of a request to establish the secured communication channel by the payment control application and wherein the request to conduct a secured financial transaction is transmitted by the payment control application running on the processor of the device.
  - 3. The secure element of claim 1, wherein the data relating to the financial account are being processed by the secure element independently of data processed by the processor of the device.
  - 4. The secure element of claim 1, wherein the EMV transaction module is further configured to execute a sending, by the secure element, to the payment control application running on the processor of the device of the status of the secured financial transaction.
  - 5. The secure element of claim 1, wherein the control instructions to control the secure element comprises instructions to cause the sending, by the payment control application to the secure element, of a start payment applet message to the secure element and an activation of the secure element based on the start payment applet message.
  - 6. The secure element of claim 1, wherein the secure element is embedded in one of a chipset embedded on a circuitry of the device, a subscriber identity module (SIM) card, a secure digital (SD) card, a non-volatile memory card, and a housing to be plugged to the device.
  - 7. The secure element of claim 1, wherein the EMV transaction module is a contactless transaction module.
  - 8. The secure element of claim 1, wherein the request to conduct the secured financial transaction comprises a purchase amount to be debited from the financial account.
  - 9. The secure element of claim 1, wherein the payment apparatus is one of a payment card and a mobile device.
  - 10. The secure element of claim 1, wherein the data relating to the financial account include at least one of a key, a certificate, and a payment card number.

11. A non-transitory computer readable storage medium comprising computer-executable instructions for execution by a secure element of a device used as a payment terminal, the device running a point of sale (POS) application, the POS application comprising a payment control application, the payment control application comprising control instructions to control the secure element, the computer-executable instructions, upon execution by a processor, causing the secure element to run:
- an Europay, MasterCard, and Visa (EMV) transaction module that is configured to process data acquired by a contactless interface of the device from a payment apparatus, the contactless interface being configured to receive data wirelessly from the payment apparatus;
  
  an operating system (OS) configured to process data provided by the EMV transaction module;
  
  wherein the EMV transaction module is configured to execute;
  
  a reception of a request to conduct a secured financial transaction for receiving a payment;
  
  an acquisition, by the secure element, via the contactless interface of the device, and from the payment apparatus, of data relating to a financial account, the acquisition comprising (i) a sending, via the contactless interface, of a Select Proximity Payment System Environment (PPSE) request to the payment apparatus, (ii) a receiving, via the contactless interface, of a response from the payment apparatus indicating payment applications supported by the payment apparatus and (iii) a selection of a payment application amongst those available;
  
  an establishment of a secured communication channel with a server through a communication interface of the device;
  
  a sending over the secured communication channel to the server of an authorization request to perform the secured financial transaction, the authorization request comprising at least a portion of the data relating to the financial account;
  
  a reception over the secured communication channel from the server of a response to the authorization request; and
  
  a processing of the response to the authorization request to generate a status of the secured financial transaction.
- View Dependent Claims (12)
- - 12. The non-transitory computer readable storage medium of claim 11, wherein the establishment of the secured communication channel comprises a sending, by the secure element, of a request to establish the secured communication channel by the payment control application and wherein the request to conduct a secured financial transaction is transmitted by the payment control application running on the processor of the device.

13. A device, the device comprising a processor, a non-transitory computer readable storage medium and a secure element, the device running a point of sale (POS) application, the POS application comprising a payment control application, the payment control application comprising control instructions to control the secure element, the non-transitory computer readable storage medium comprising computer-executable instructions for execution by the secure element, the computer-executable instructions, upon execution by the secure element, causing the secure element to run:
- an Europay, MasterCard, and Visa (EMV) transaction module that is configured to process data acquired by a contactless interface of the device from a payment apparatus, the contactless interface being configured to receive data wirelessly from the payment apparatus;
  
  an operating system (OS) configured to process data provided by the EMV transaction module;
  
  wherein the EMV transaction module is configured to execute;
  
  a reception of a request to conduct a secured financial transaction for receiving a payment;
  
  an acquisition, by the secure element, via the contactless interface of the device, and from the payment apparatus, of data relating to a financial account from the payment apparatus, the acquisition comprising (i) a sending, via the contactless interface, of a Select Proximity Payment System Environment (PPSE) request to the payment apparatus, (ii) a receiving, via the contactless interface, of a response from the payment apparatus indicating payment applications supported by the payment apparatus and (iii) a selection of a payment application amongst those available;
  
  an establishment of a secured communication channel with a server through a communication interface of the device;
  
  a sending over the secured communication channel to the server of an authorization request to perform the secured financial transaction, the authorization request comprising at least a portion of the data relating to the financial account;
  
  a reception over the secured communication channel from the server of a response to the authorization request; and
  
  a processing of the response to the authorization request to generate a status of the secured financial transaction.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The secure element of claim 13, wherein the establishment of the secured communication channel comprises a sending, by the secure element, of a request to establish the secured communication channel by the payment control application and wherein the request to conduct a secured financial transaction is transmitted by the payment control application running on the processor of the device.
  - 15. The device of claim 13, wherein the secure element is one of a processing entity characterized by specific hardware, a processing entity characterized by software embedding secured components and a processing entity characterized by firmware embedding secured components.
  - 16. The device of claim 13, wherein the data relating to the financial account are being processed by the secure element independently of data processed by the processor of the device.
  - 17. The device of claim 13, wherein the EMV transaction module is further configured to execute a sending, by the secure element, to the payment control application running on the processor of the device of the status of the secured financial transaction.
  - 18. The device of claim 13, wherein the control instructions to control the secure element comprises instructions to cause the sending, by the payment control application to the secure element, of a start payment applet message to the secure element and an activation of the secure element based on the start payment applet message.
  - 19. The device of claim 13, wherein the secure element is characterized by software components operating a secured environment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Mobeewave, Inc. (Apple Inc.)
Inventors
Fontaine, Sebastien, Dolcino, Luc, Du Hays, Benjamin, De Nanclas, Maxime, Alberti, Xavier
Primary Examiner(s)
Akintola, Olabode

Application Number

US15/861,963
Publication Number

US 20180144334A1
Time in Patent Office

768 Days
Field of Search

705 35- 44
US Class Current
CPC Class Codes

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/32   using wireless devices

G06Q 20/322   Aspects of commerce using m...

G06Q 20/3227   using secure elements embed...

G06Q 20/3229   Use of the SIM of a M-devic...

G06Q 20/326   Payment applications instal...

G06Q 20/327   Short range or proximity pa...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/34   using cards, e.g. integrate...

G06Q 20/353   Payments by cards read by M...

G06Q 20/3825   Use of electronic signatures

G06Q 20/3829   involving key management

G06Q 20/388   using mutual authentication...

G06Q 20/4012   Verifying personal identifi...

G06Q 20/409   Device specific authenticat...

Method, device and secure element for conducting a secured financial transaction on a device

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

114 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method, device and secure element for conducting a secured financial transaction on a device

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

114 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links