LOCAL TRUSTED SERVICES MANAGER FOR A CONTACTLESS SMART CARD

US 20120159163A1
Filed: 09/17/2011
Published: 06/21/2012
Est. Priority Date: 12/17/2010
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for implementing a trusted service manager (TSM) locally within a secure element of a contactless smart card device, the method comprising:

installing, in the secure element of the contactless smart card device, a TSM software application, wherein the TSM software application comprises computer code for executing a transmitting function to request application data and a decrypting function to decrypt an encrypted form of received application data, the received application data received at the contactless smart card device in response to the request from the transmitting function;

storing, in the secure element, a private encryption key assigned to the TSM software application and a corresponding public encryption key;

transmitting, by the transmitting function of the TSM software application, a request for application data to a registered remote computer, wherein the remote computer is configured to access the public key, and wherein the remote computer encrypts the requested application data using the public key;

receiving, in the contactless smart card device, the encrypted application data responsive to the transmitted request; and

decrypting, by the decrypting function of the TSM software application, the encrypted application data using the private key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, computer programs, and devices are disclosed herein for deploying a local trusted service manager within a secure element of a contactless smart card device. The secure element is a component of a contactless smart card incorporated into a contactless smart card device. An asymmetric cryptography algorithm is used to generate public-private key pairs. The private keys are stored in the secure element and are accessible by a trusted service manager (TSM) software application or a control software application in the secure element. A non-TSM computer with access to the public key encrypts and then transmits encrypted application data or software applications to the secure element, where the TSM software application decrypts and installs the software application to the secure element for transaction purposes.

Citations

19 Claims

1. A computer-implemented method for implementing a trusted service manager (TSM) locally within a secure element of a contactless smart card device, the method comprising:
- installing, in the secure element of the contactless smart card device, a TSM software application, wherein the TSM software application comprises computer code for executing a transmitting function to request application data and a decrypting function to decrypt an encrypted form of received application data, the received application data received at the contactless smart card device in response to the request from the transmitting function;
  
  storing, in the secure element, a private encryption key assigned to the TSM software application and a corresponding public encryption key;
  
  transmitting, by the transmitting function of the TSM software application, a request for application data to a registered remote computer, wherein the remote computer is configured to access the public key, and wherein the remote computer encrypts the requested application data using the public key;
  
  receiving, in the contactless smart card device, the encrypted application data responsive to the transmitted request; and
  
  decrypting, by the decrypting function of the TSM software application, the encrypted application data using the private key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, further comprising:
    - writing, by the TSM software application or a control software application in the secure element, the decrypted application data to at least one memory block in the secure element.
  - 3. The method according to claim 1, further comprising:
    - managing, by a user-interface software application on the contactless smart card device and resident outside the secure element, the TSM software application in the secure element, thereby executing inputs at the user-interface software application for transmitting a request for application data to the remote computer, receiving the encrypted application data, and decrypting the encrypted form of the received application data.
  - 4. The method according to claim 3, wherein the user-interface software application transmits user inputs from a display or a keypad of the contactless smart card device to the TSM software application in the secure element via a secure communication channel.
  - 5. The method according to claim 1, wherein the encrypted application data is received in the secure element or a secure memory outside the secure element of the contactless smart card device, the secure memory connected to the secure element via a secure communication channel.
  - 6. The method according to claim 1, wherein the remote computer is registered for deploying application data to the contactless smart card device only when the remote computer is in possession of the public key.
  - 7. The method according to claim 1, wherein application data comprises at least one of a software application executable in the secure element or data to support an existing software application in the secure element.
  - 8. The method according to claim 1, wherein the TSM software application further comprises computer code for providing permissions for performing various life-cycle functions on the encrypted application data received in the contactless smart card device, the life-cycle functions including at least one of an initialize function, an install function, a start function, a stop function, and a destroy function.

9. A computer-implemented system for implementing a trusted service manager (TSM) locally within the secure element of a contactless smart card device, the system comprising:
- a contactless smart card device;
  
  a secure element resident on the device and storing a private encryption key assigned to the secure element and a corresponding public encryption key;
  
  a TSM software application resident in the secure element, the TSM software application comprising computer code for executing a transmitting function to request application data and a decrypting function for decrypting an encrypted form of received application data, the received application data received at the contactless smart card device in response to the request from the transmitting function,wherein the transmitting function of the TSM software application transmits, to one of a plurality of remote computers, a request for application data, wherein the remote computer is configured to access the public key, and wherein the remote computer encrypts the requested application data using the public key;
  
  wherein the device receives the encrypted application data in response to the transmitted request, andwherein the decrypting function of the TSM software application decrypts the encrypted application data using the private key.

10. The system according to claim 10, wherein the secure element further comprises a control software application that writes the decrypted application data to at least one memory block in the secure element.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The system according to claim 10, further comprising:
    - a user-interface software application resident on the device and outside the secure element that manages the TSM software application in the secure element, thereby executing inputs at the user-interface software application to transmit a request for application data to the remote computer, receive the encrypted application data, and decrypt the encrypted form of the received application data.
  - 12. The system according to claim 11, wherein the user-interface software application transmits user inputs from a display or a keypad of the contactless smart card device to the TSM software application in the secure element via a secure communication channel.
  - 13. The system according to claim 10, wherein the encrypted application data is received in the secure element or a secure memory outside the secure element of the contactless smart card device, the secure memory connected to the secure element via a secure communication channel.
  - 14. The system according to claim 10, wherein each of the plurality of registered remote computers is registered for deploying application data to the contactless smart card device only when the remote computer is in possession of the public key.
  - 15. The system according to claim 10, wherein application data comprises one of at least a software application executable in the secure element or data to support an existing software application in the secure element.
  - 16. The system according to claim 10, wherein the TSM software application further comprises computer code for providing permissions for performing various life-cycle functions on the encrypted application data received in the contactless smart card device, the life-cycle functions including at least one of an initialize function, an install function, a start function, a stop function, and a destroy function.

17. A computer-implemented method for implementing a trusted service manager (TSM) locally within the secure element of a contactless smart card device, the method comprising:
- registering a non-TSM computer thereby obtaining access for the non-TSM computer to a public encryption key for encrypting application data prior to transmission of the encrypted data to the contactless smart card device, the public key corresponding to a private encryption key assigned to the contactless smart card device;
  
  receiving, at the non-TSM computer from a contactless smart card device, a request for application data, the application data resident in the remote non-TSM computer, the request comprising the public key;
  
  encrypting, at the non-TSM computer, the requested application data using the public key; and
  
  transmitting, to the contactless smart card device, the encrypted application data.

19. The method according to claim 19, wherein encrypted application data is transmitted from the non-TSM computer to a secure element of the contactless smart card.
- View Dependent Claims (18)
- - 18. The method according to claim 19, wherein application data comprises at least one of a software application executable in the secure element or data required to support an existing software application in the secure element.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
von BEHREN, Rob, Wall, Jonathan, Paya, Ismail Cem

Granted Patent

US 8,352,749 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/3552   Downloading or loading of p...

G06Q 20/35765   Access rights to memory zones

G06Q 20/3823   combining multiple encrypti...

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

LOCAL TRUSTED SERVICES MANAGER FOR A CONTACTLESS SMART CARD

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

LOCAL TRUSTED SERVICES MANAGER FOR A CONTACTLESS SMART CARD

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links