SYSTEMS AND METHOD FOR PROVIDING MULTIPLE VIRTUAL SECURE ELEMENTS IN A SINGLE PHYSICAL SECURE ELEMENT OF A MOBILE DEVICE
First Claim
1. A method of providing a virtual secure element (virtual SE) to a mobile device having a secure element chip (SE), the method comprising:
- generating, for the virtual SE, a key for a certificate authority security domain (CASD key) for an SE supplier;
forwarding the CASD key to the SE supplier for a previously-created certificate authority security domain (CASD) to cause a card serial number (CSN) and a card production life cycle (CPLC key) from the SE supplier to be provided to a maker of the mobile device;
receiving, from the maker of the mobile device, an updated CSN and CPLC data comprising the International Mobile Equipment Identity (IMEI) for the mobile device;
adding an issuer security domain key (ISD key) to the updated CSN and CPLC data to a master secure element issuer trusted service manager (master SEI TSM);
in response detecting a first use of the mobile device, provisioning a software application to the mobile device, wherein the software application is configured to;
retrieve the CSN, the CPLC data, and the IMEI; and
send the CSN, the CPLC data, and the IMEI to the master SEI TSM; and
based at least in part on the CSN, the CPLC data, and the IMEI, verifying and activating the SE.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems are disclosed for providing a plurality of virtual secure elements (virtual SEs) to mobile devices with secure elements (SEs). A method generates and forwards a certificate authority security domain (CASD) key for a plurality of virtual SEs to an SE supplier that created the CASD. The method receives a card serial number (CSN) and a card production life cycle (CPLC) key from the SE supplier and forwards these to a mobile device maker. An updated CSN and CPLC data is received from the device maker with an International Mobile Equipment Identity (IMEI) and an issuer security domain key (ISD key) is added to the CSN and CPLC data by a master secure element issuer trusted service manager (master SEI TSM). An application is provisioned to the device that retrieves the CSN, CPLC data, and the IMEI, which are used for to verify and activate the virtual SE.
309 Citations
20 Claims
-
1. A method of providing a virtual secure element (virtual SE) to a mobile device having a secure element chip (SE), the method comprising:
-
generating, for the virtual SE, a key for a certificate authority security domain (CASD key) for an SE supplier; forwarding the CASD key to the SE supplier for a previously-created certificate authority security domain (CASD) to cause a card serial number (CSN) and a card production life cycle (CPLC key) from the SE supplier to be provided to a maker of the mobile device; receiving, from the maker of the mobile device, an updated CSN and CPLC data comprising the International Mobile Equipment Identity (IMEI) for the mobile device; adding an issuer security domain key (ISD key) to the updated CSN and CPLC data to a master secure element issuer trusted service manager (master SEI TSM); in response detecting a first use of the mobile device, provisioning a software application to the mobile device, wherein the software application is configured to; retrieve the CSN, the CPLC data, and the IMEI; and send the CSN, the CPLC data, and the IMEI to the master SEI TSM; and based at least in part on the CSN, the CPLC data, and the IMEI, verifying and activating the SE. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer readable storage medium having program instructions stored thereon for providing a plurality of virtual secure elements (virtual SEs) to a mobile device having a secure element chip (SE), executable on a computing device, the instructions comprising:
-
instructions for generating, for each of the plurality of virtual SEs, a certificate authority security domain (CASD key) for an SE supplier of the SE that previously created a corresponding certificate authority security domain (CASD); instructions for forwarding a CASD key for each of the plurality of virtual SEs to the SE supplier that created the corresponding CASD so that the card serial number (CSN) and a card production life cycle (CPLC key) from the SE supplier is forwarded to a maker of the mobile device; instructions for receiving, from the maker of the mobile device, an updated CSN and CPLC data comprising International Mobile Equipment Identity (IMEI) data; instructions for adding an issuer security domain key (ISD key) to the updated CSN and CPLC data to a master secure element issuer trusted service manager (master SEI TSM); in response detecting a first use of the mobile device instructions for provisioning a software application to the mobile device, wherein the software application is configured to; retrieve the CSN, the CPLC data, and the IMEI; and send the CSN, the CPLC data, and the IMEI to the master SEI TSM; and instructions for verifying and activating at least one of the plurality of virtual SEs based at least in part on the CSN, the CPLC data, and the IMEI and a CASD key for the at least one of the plurality of virtual SEs previously forwarded to the SE supplier.
-
-
18. A system for providing a plurality of virtual secure elements (virtual SEs) to a mobile device having a secure element chip (SE), the system comprising:
-
means for generating, for each of the plurality of virtual SEs, a key for a certificate authority security domain (CASD key) for an SE supplier that previously created a corresponding certificate authority security domain (CASD); means for forwarding a CASD key for each of the plurality of virtual SEs to the SE supplier that created the CASD so that the card serial number (CSN) and a card production life cycle (CPLC key) from the SE supplier can be forwarded to a maker of the mobile device; means for receiving, from the maker of the mobile device, an updated CSN and CPLC data comprising International Mobile Equipment Identity (IMEI) data; means for adding an issuer security domain key (ISD key) to the updated CSN and CPLC data to a master secure element issuer trusted service manager (master SEI TSM); in response detecting a first use of the mobile device, means for provisioning a software application to the mobile device, wherein the software application is configured to; retrieve the CSN, the CPLC data, and the IMEI; and send the CSN, the CPLC data, and the IMEI to the master SEI TSM; and based at least in part on the CSN, the CPLC data, and the IMEI, means for verifying and activating at least one of the plurality of virtual SEs. - View Dependent Claims (19, 20)
-
Specification