DELEGATED MANAGEMENT OF SMART CARD APPLICATIONS
First Claim
1. A method of delegated loading of an application onto a smart card, said method comprising:
- receiving a load command from an application provider via a card acceptance device, said load command including an indication of an application to be loaded and an appended command authentication pattern;
verifying said load command using said command authentication pattern;
receiving said application from an application provider via said card acceptance device, said application including an appended application authentication pattern;
verifying said application using said application authentication pattern; and
loading said application into memory of said smart card, whereby said application provider is allowed to load said application onto said smart card.
2 Assignments
0 Petitions
Accused Products
Abstract
A smart card architecture includes a run-time environment, a card manager, one or more security domains, a provider application and an issuer application. One or more APIs provide communication. The life cycle of the card and card manager includes states: Pre-production, Ready, Initialized, Secured, Locked and Terminated. The life cycle of an application includes states: Installed, Selectable, Personalized, Blocked, Locked and Deleted. A card registry keeps track of card manager and application data elements. The functionality of a security domain on a smart card is extended to allow it to perform delegated management of smart card applications: delegated loading, installation and/or deletion of an application. A provider of an application is assured of more direct control and management of their application, yet an issuer still maintains some control over the management of the card. The card issuer empowers application providers to initiate changes to the issuer'"'"'s smart cards that are pre-approved by the card issuer. A method of delegated loading of an application onto a smart card first receives a load command from an application provider via a card acceptance device. The load command includes an indication of an application to be loaded and an appended command authentication pattern. Next, the load command is verified using the command authentication pattern. Then, an application is received from an application provider via the card acceptance device; the application also includes an appended application authentication pattern which is used to verify the application. Finally, the application is loaded into memory of the smart card.
269 Citations
18 Claims
-
1. A method of delegated loading of an application onto a smart card, said method comprising:
-
receiving a load command from an application provider via a card acceptance device, said load command including an indication of an application to be loaded and an appended command authentication pattern;
verifying said load command using said command authentication pattern;
receiving said application from an application provider via said card acceptance device, said application including an appended application authentication pattern;
verifying said application using said application authentication pattern; and
loading said application into memory of said smart card, whereby said application provider is allowed to load said application onto said smart card. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for delegated loading of an application onto a smart card, said system comprising:
-
a host computer under control of an application provider;
a software application included in said host computer to be loaded onto a smart card, said application including an appended application authentication pattern produced by an issuer of said smart card that verifies said application to said smart card;
a smart card acceptance device linked to said host computer; and
a smart card included in said card acceptance device, said smart card including code arranged to verify said application using said application authentication pattern, whereby said application provider is allowed to load said application onto said smart card. - View Dependent Claims (9, 10, 11, 12, 13, 15, 16, 17, 18)
-
-
14. A method of delegated installation of an application on a smart card, said method comprising:
-
loading an application onto a smart card;
receiving an install command from an application provider via a card acceptance device, said install command including an indication of said application to be installed, install parameters and an appended install authentication pattern;
verifying said install command using said install authentication pattern; and
installing said application on said smart card using said install parameters, whereby said application provider is allowed to install said application on said smart card.
-
Specification
-
- Resources
-
Current AssigneeGlobalPlatform, Inc.
-
Original AssigneeVisa International Service Association (Visa, Inc.)
-
InventorsGUNGL, KLAUS P., WENTKER, DAVID C.
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current235/492
-
CPC Class CodesG06F 8/60 Software deploymentG06Q 20/341 Active cards, i.e. cards in...G06Q 20/3552 Downloading or loading of p...G06Q 20/3576 Multiple memory zones on cardG07F 7/1008 Active credit-cards provide...
