LOCAL TRUSTED SERVICES MANAGER FOR A CONTACTLESS SMART CARD

US 20120159148A1
Filed: 09/26/2011
Published: 06/21/2012
Est. Priority Date: 12/17/2010
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for implementing a trusted service manager (TSM) locally within a secure element of a contactless smart card payment device, used the method comprising:

installing, in the secure element of the contactless smart card payment device, a TSM software application, wherein the TSM software application comprises computer code for executing a transmitting function to request application data and a decrypting function to decrypt an encrypted form of received application data, the received application data received at the contactless smart card device in response to a request by the transmitting function;

storing, in the secure element, a private encryption key assigned to the TSM software application and a corresponding public encryption key;

transmitting, by the transmitting function of the TSM software application, the request for application data to a registered remote non-TSM computer configured to access the public key;

receiving, in the contactless smart card payment device from the remote non-TSM computer, the requested application data for installation in the secure element of the contactless smart card payment device, the received requested application data having been encrypted by the remote non-TSM computer using the public encryption key; and

decrypting, by the decrypting function of the TSM software application, the encrypted received application data using the private key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, computer programs, and devices are disclosed herein for deploying a local trusted service manager within a secure element of a contactless smart card device. The secure element is a component of a contactless smart card incorporated into a contactless smart card device. An asymmetric cryptography algorithm is used to generate public-private key pairs. The private keys are stored in the secure element and are accessible by a trusted service manager (TSM) software application or a control software application in the secure element. A non-TSM computer with access to the public key encrypts and then transmits encrypted application data or software applications to the secure element, where the TSM software application decrypts and installs the software application to the secure element for transaction purposes.

104 Citations

View as Search Results

19 Claims

1. A computer-implemented method for implementing a trusted service manager (TSM) locally within a secure element of a contactless smart card payment device, used the method comprising:
- installing, in the secure element of the contactless smart card payment device, a TSM software application, wherein the TSM software application comprises computer code for executing a transmitting function to request application data and a decrypting function to decrypt an encrypted form of received application data, the received application data received at the contactless smart card device in response to a request by the transmitting function;
  
  storing, in the secure element, a private encryption key assigned to the TSM software application and a corresponding public encryption key;
  
  transmitting, by the transmitting function of the TSM software application, the request for application data to a registered remote non-TSM computer configured to access the public key;
  
  receiving, in the contactless smart card payment device from the remote non-TSM computer, the requested application data for installation in the secure element of the contactless smart card payment device, the received requested application data having been encrypted by the remote non-TSM computer using the public encryption key; and
  
  decrypting, by the decrypting function of the TSM software application, the encrypted received application data using the private key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, further comprising:
    - writing, by the TSM software application or a control software application in the secure element, the decrypted application data to at least one memory block in the secure element.
  - 3. The method according to claim 1, further comprising:
    - managing, by a user-interface software application on the contactless smart card device and resident outside the secure element, the TSM software application in the secure element, thereby executing inputs at the user-interface software application for transmitting the request for application data to the remote computer, receiving the encrypted application data, and decrypting the encrypted form of the received application data.
  - 4. The method according to claim 3, wherein the user-interface software application transmits user inputs from a display or a keypad of the contactless smart card device to the TSM software application in the secure element via a secure communication channel.
  - 5. The method according to claim 1, wherein the encrypted application data is received in the secure element or a secure memory outside the secure element of the contactless smart card device, the secure memory connected to the secure element via a secure communication channel.
  - 6. The method according to claim 1, wherein the remote computer is registered for deploying application data to the contactless smart card device only when the remote computer is in possession of the public key.
  - 7. The method according to claim 1, wherein application data comprises at least one of a software application executable in the secure element or data to support an existing software application in the secure element.
  - 8. The method according to claim 1, wherein the TSM software application further comprises computer code for providing permissions for performing various life-cycle functions on the encrypted application data received in the contactless smart card device, the life-cycle functions including at least one of an initialize function, an install function, a start function, a stop function, and a destroy function.

9. A computer-implemented system for implementing a trusted service manager (TSM) locally within the secure element of a contactless smart card payment device, the system comprising:
- a contactless smart card payment device;
  
  a secure element resident on the device and storing a private encryption key assigned to the secure element and a corresponding public encryption key; and
  
  a TSM software application resident in the secure element, the TSM software application comprising computer code for executing a transmitting function to request application data and a decrypting function for decrypting an encrypted form of received application data, the received application data received at the contactless smart card device in response to a request by the transmitting function,wherein the transmitting function of the TSM software application transmits, to a remote non-TSM computer, the request for application data, wherein the remote non-TSM computer is configured to access the public key,wherein the device receives, from the remote non-TSM computer, the requested application data in response to the transmitted request for installation in the secure element of the device, the received application data having been encrypted by the remote non-TSM computer using the public encryption key, andwherein the decrypting function of the TSM software application decrypts the encrypted received application data using the private key.

10. The system according to claim 10, wherein the secure element further comprises a control software application that writes the decrypted application data to at least one memory block in the secure element.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The system according to claim 10, further comprising:
    - a user-interface software application resident on the device and outside the secure element that manages the TSM software application in the secure element, thereby executing inputs at the user-interface software application to transmit the request for application data to the remote computer, receive the encrypted application data, and decrypt the encrypted form of the received application data.
  - 12. The system according to claim 11, wherein the user-interface software application transmits user inputs from a display or a keypad of the contactless smart card device to the TSM software application in the secure element via a secure communication channel.
  - 13. The system according to claim 10, wherein the encrypted application data is received in the secure element or a secure memory outside the secure element of the contactless smart card device, the secure memory connected to the secure element via a secure communication channel.
  - 14. The system according to claim 10, wherein the remote computer is registered for deploying application data to the contactless smart card device to thereby obtain access to the public key.
  - 15. The system according to claim 10, wherein application data comprises one of at least a software application executable in the secure element or data to support an existing software application in the secure element.
  - 16. The system according to claim 10, wherein the TSM software application further comprises computer code for providing permissions for performing various life-cycle functions on the encrypted application data received in the contactless smart card device, the life-cycle functions including at least one of an initialize function, an install function, a start function, a stop function, and a destroy function.

17. A computer-implemented method for implementing a trusted service manager (TSM) locally within the a secure element of a contactless smart card payment device, the method comprising:
- registering a non-TSM computer with a controller of access to the secure element of the contactless smart card payment device, thereby obtaining access for the non-TSM computer to a public encryption key for encrypting application data prior to transmission of the encrypted data by the non-TSM computer to the contactless smart card payment device, the public key corresponding to a private encryption key assigned to the contactless smart card payment device and stored in the secure element of the contactless smart card payment device, the non-TSM computer being remote from the contactless smart card payment device;
  
  receiving, by the non-TSM computer from the contactless smart card payment device, a request for application data managed by non-TSM computer;
  
  encrypting, by the non-TSM computer, the requested application data using the public key; and
  
  transmitting, by the non-TSM computer to the contactless smart card payment device, the encrypted application data for input into the secure element of the contactless smart card payment device by the local TSA is the secure element of the contactless smart card payment device.

19. The method according to claim 19, wherein the encrypted application data is transmitted from the non-TSM computer to the secure element of the contactless smart card payment device.
- View Dependent Claims (18)
- - 18. The method according to claim 19, wherein the application data comprises at least one of a software application executable in the secure element or data required to support an existing software application in the secure element.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Wall, Jonathan, Paya, Ismail Cem, Behren, Rob von

Granted Patent

US 8,335,932 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/150
CPC Class Codes

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/3552   Downloading or loading of p...

G06Q 20/35765   Access rights to memory zones

G06Q 20/3823   combining multiple encrypti...

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

LOCAL TRUSTED SERVICES MANAGER FOR A CONTACTLESS SMART CARD

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

104 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

LOCAL TRUSTED SERVICES MANAGER FOR A CONTACTLESS SMART CARD

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

104 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links