Methods, Secure Element, Server, Computer Programs and Computer Program Products for Improved Application Management

US 20130019323A1
Filed: 12/04/2009
Published: 01/17/2013
Est. Priority Date: 12/04/2009
Status: Active Grant

First Claim

Patent Images

1-16. -16. (canceled)

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

It presented a method, performed in a secure element, the secure element being arranged to enable user applications of the secure element to verify authenticity of incoming user application commands. The method comprises the steps of: receiving a command from a secure element reader for a user application on the secure element, the command comprising an application identifier of the user application; determining whether there is a matching user application in the secure element; invoking the matching user application; and establishing, when there is an absence of any matching user applications, a communication channel with a remote application manager server and sending an absent user application message to the application manager server indicating that the user application has been requested on the secure element. A corresponding secure element, method for an application manager server and application manager server are also presented.

102 Citations

View as Search Results

30 Claims

1-16. -16. (canceled)

17. A method, performed in a secure element, the secure element configured to enable user applications of the secure element to verify authenticity of incoming user application commands, and the secure element comprised in a mobile communication terminal, the method comprising:
- receiving a command from a secure element reader for a user application on the secure element, the command comprising an application identifier of the user application;
  
  determining whether there is a matching user application in the secure element, the matching user application having an identifier that matches the application identifier;
  
  invoking, in response to there being a matching user application, the matching user application based on the received command;
  
  establishing, in response to there being an absence of any matching user application, a communication channel with a remote application manager server and sending an absent user application message to the application manager server indicating that the user application has been requested on the secure element, the absent user application message including the application identifier of the absent user application and a terminal identifier associated with the mobile communication terminal.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The method of claim 17:
    - wherein the establishing the communication channel and sending the absent user application message comprises establishing the communication channel and sending the absent user application message using an internal application stored in the memory;
      
      wherein the internal application has an association with the application identifier.
  - 19. The method of claim 17 further comprising:
    - receiving, when there is an absence of any matching user applications in the secure element, the user application from the application manager server, the received user application being sent from the application manager server in response to the absent application message;
      
      thereafter, invoking the received user application.
  - 20. The method of claim 19 further comprising receiving an application instance state comprising state data of the received application from when the received application was most recently executed in the secure element.
  - 21. The method of claim 17 wherein the establishing the communication channel comprises establishing the communication channel using Bearer Independent Protocol.

22. A secure element configured to enable user applications of the secure element to verify authenticity of incoming user application commands, wherein the secure element is comprised in a mobile communication terminal, the secure element comprising:
- a receiver configured to receive a command from a secure element reader for a user application on the secure element, the command comprising an application identifier of the user application;
  
  a determiner configured to determine whether there is a matching user application in the secure element, the matching user application having an identifier that matches the application identifier;
  
  an invoker arranged to invoke, in response to there being a matching user application, the matching user application based on the received command;
  
  a transmitter arranged to establish, in response to there being an absence of any matching user applications, a communication channel with a remote application manager server and send an absent user application message to the application manager server indicating that the user application has been requested on the secure element, the absent user application message including the application identifier of the absent user application and a terminal identifier associated with the mobile communication terminal.

23. A computer program product stored in a non-transient computer readable medium and executable in a controller with access to a secure element configured to enable user applications of the secure element to verify authenticity of incoming user application commands, the secure element comprised in a mobile communication terminal, the computer program product comprising software code instructions which, when run on the controller, causes the controller to:
- receive a command from a secure element reader for a user application on the secure element, the command comprising an application identifier of the user application;
  
  determine whether there is a matching user application in the secure element, the matching user application having an identifier that matches the application identifier;
  
  invoke, in response to there being a matching user application, the matching user application based on the received command;
  
  establish, in response to there being an absence of any matching user applications, a communication channel with a remote application manager server and send an absent user application message to the application manager server indicating that the user application has been requested on the secure element, the absent user application message including the application identifier of the absent user application and a terminal identifier associated with the mobile communication terminal.

24. A method, performed in an application manager server, comprising:
- receiving a message indicating an absent user application from a secure element, the secure element configured to enable user applications of the secure element to verify authenticity of incoming user application commands, the secure element comprised in a mobile communication terminal, the absent user application message indicating that a command was sent to access a user application absent on the secure element;
  
  reading a configuration to determine how to handle absent user application for the user application;
  
  retrieving, in response to the configuration for the user application indicating user application retrieval, the user application from a storage accessible to the application manager server;
  
  sending the user application to the secure element.
- View Dependent Claims (25, 26, 27)
- - 25. The method of claim 24 further comprising retrieving an application instance state comprising state data of the user application from when the user application was most recently executed from being stored in the secure element.
  - 26. The method of claim 24 further comprising sending, in response to the configuration for the user application indicating that a service provider server should be informed, the absent user application message to the service provider server, wherein the service provider server is connected to a secure element reader which has requested access to the user application on the secure element.
  - 27. The method of claim 26 further comprising receiving a configuration message from the service provider server indicating how the absent user application message is to be handled by the application manager server.

28. An application manager server comprising:
- a receiver configured to receive an absent user application message from a secure element, the secure element configured to enable user applications of the secure element to verify authenticity of incoming user application commands, the secure element comprised in a mobile communication terminal, the absent user application message indicating that a command was sent to access a user application absent on the secure element;
  
  a transmitter;
  
  a controller configured to read a configuration to determine how to handle absent user application for the user application;
  
  wherein the controller is configured to retrieve, in response to the configuration for the user application indicating user application retrieval, the user application from storage and send the user application to the secure element using the transmitter.
- View Dependent Claims (29)
- - 29. The application manager server of claim 28 wherein the transmitter is configured to, in response to the configuration for the user application indicating that a service provider server should be informed, send the absent user application message to the service provider server, wherein the service provider server is connected to a secure element reader which has requested access to the user application on the secure element.

30. A computer program product stored in a non-transient computer readable medium in an application manager server, the computer program product comprising software code instructions which, when run on the application manager server, causes the application manager server to:
- receive an absent user application message from a secure element, the secure element configured to enable user applications of the secure element to verify authenticity of incoming user application commands, the secure element comprised in a mobile communication terminal, the absent user application message indicating that a command was sent to access a user application absent on the secure element;
  
  read a configuration to determine how to handle absent user application for the user application;
  
  retrieve, in response to the configuration for the user application indicating user application retrieval, the user application from storage;
  
  send the user application to the secure element.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Arvidsson, Petter, Eld, Mattias

Granted Patent

US 9,332,060 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/30
CPC Class Codes

G06F 21/77   in smart cards

G06Q 20/3278   RFID or NFC payments by mea...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0492   by using a location-limited...

H04L 67/10   in which an application is ...

H04W 12/06   Authentication

H04W 12/35   Protecting application or s...

H04W 4/60   Subscription-based services...

Methods, Secure Element, Server, Computer Programs and Computer Program Products for Improved Application Management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

102 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Methods, Secure Element, Server, Computer Programs and Computer Program Products for Improved Application Management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

102 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links