TRUSTED REMOTE ATTESTATION AGENT (TRAA)
First Claim
1. A system for use with a service provider and a consumer electronic device, the system comprising:
- an agent module configured to;
perform a set of checking mechanisms to ensure that a communication connection between the consumer electronic device and the service provider is available and active,wherein the frequency of the checking mechanisms may be adjusted by the system.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for use with a service provider and a consumer electronic device include a trusted remote attestation agent (TRAA) configured to perform a set of checking procedures or mechanisms to help ensure the security status of a consumer electronic device (e.g., a mobile terminal or phone) that holds financial instruments. The checking procedures may include: self-verifying integrity by the TRAA; checking for presence of a provisioning SIM card (one that was present when the financial instruments were enabled on the device); checking that a communication connection between the consumer electronic device and the service provider is available and active; and checking that communication connectivity to a home mobile network is available and active. The frequency of the checking mechanisms may be adjusted, for example, according to a risk-profile of a user associated with the device or the location (e.g., GPS location) of the device. The checks may be used, for example, to temporarily disable or limit the use of the financial instruments from the device.
-
Citations
20 Claims
-
1. A system for use with a service provider and a consumer electronic device, the system comprising:
-
an agent module configured to; perform a set of checking mechanisms to ensure that a communication connection between the consumer electronic device and the service provider is available and active, wherein the frequency of the checking mechanisms may be adjusted by the system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for use with a consumer electronic device and a service provider, the method comprising:
-
determining whether a SIM card is present on the consumer electronic device; determining whether a data in a secure element of the consumer electronic device has changed; determining, if the SIM card is present, whether a network connection to the service provider is available; and enforcing a predetermined restriction on the consumer electronic device if either the SIM card is not present or the data in the secure element has changed and there is no confirmation from the service provider through the network connection. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A computer program product comprising a computer readable medium having computer readable code for instructing a processor of a device to perform a method, the method comprising:
-
self-verifying integrity of the computer readable code; checking for presence of a provisioning SIM card present when the device is provisioned with a financial instrument; checking for connectivity to a financial service provider (FSP); checking for connectivity to a trusted service manager (TSM) via a home mobile network; if the self-verifying fails, putting a financial instrument on the device in a lock state so that the financial instrument is required to be re-enabled by calling the service provider; if a SIM card is determined present, verifying whether the SIM card matches the provisioning SIM card; if the verification of the provisioning SIM card fails, putting the financial instrument in a hold state so that the financial instrument will become available for use once the provisioning SIM card is again present in the device; and if checking for connectivity to the FSP fails and checking for connectivity to the TSM fails, putting the financial instrument in a cap state, wherein financial transactions for more than a predetermined cap value are denied to the device. - View Dependent Claims (17, 18, 19, 20)
-
Specification