MOBILE INTEGRATED DISTRIBUTION AND TRANSACTION SYSTEM AND METHOD FOR NFC SERVICES, AND A MOBILE ELECTRONIC DEVICE THEREOF

US 20130332363A1
Filed: 08/12/2013
Published: 12/12/2013
Est. Priority Date: 12/11/2009
Status: Active Grant

First Claim

Patent Images

1. A method for providing access control for widget management on a mobile electronic device having a processor, a memory, code in the memory for implementing in the processor a virtual machine, and an NFC transceiver, the mobile electronic device being operatively coupled to a secure element and being in wireless communication with a server over at least one wireless network, the server having a server processor and a server memory, the method comprising:

generating, by the server, a widget having a widget certificate;

associating, by the server, the widget certificate with application identification (AID) information corresponding to at least one secure application stored in the secure element;

referencing, by the server, the widget certificate and the associated AID information in an access control (AC) file having an AC file certificate;

providing, by the server, the AC file to the mobile electronic device over the wireless network;

configuring the widget certificate and the AC file for authentication; and

determining whether to provide the widget with access to the at least one secure application to enable the at least one secure application to perform at least one NFC transaction;

wherein, in response to the authentication of the widget certificate and the AC file certificate, the virtual machine is configured to provide the widget with access to the at least one secure application when at least one of;

(a) the widget specifies the associated AID information of the at least one secure application referenced in the AC file, and(b) the widget certificate referenced in the AC file matches the authenticated widget certificate.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile integrated distribution and transaction system and method for NFC services are described. The system comprises a server for creating a widget having a lifecycle and a certificate, distributing the widget, and retrieving the widget information used on NFC transactions, and at least one mobile electronic device having a transaction terminal comprising a NFC modem and at least one secure element for storing a plurality of secure applications, and a virtual machine for managing the widget and changing the widget information during the valid lifecycle while the NFC modem is enabling the NFC transactions with the secure element under a specific secure application.

Citations

20 Claims

1. A method for providing access control for widget management on a mobile electronic device having a processor, a memory, code in the memory for implementing in the processor a virtual machine, and an NFC transceiver, the mobile electronic device being operatively coupled to a secure element and being in wireless communication with a server over at least one wireless network, the server having a server processor and a server memory, the method comprising:
- generating, by the server, a widget having a widget certificate;
  
  associating, by the server, the widget certificate with application identification (AID) information corresponding to at least one secure application stored in the secure element;
  
  referencing, by the server, the widget certificate and the associated AID information in an access control (AC) file having an AC file certificate;
  
  providing, by the server, the AC file to the mobile electronic device over the wireless network;
  
  configuring the widget certificate and the AC file for authentication; and
  
  determining whether to provide the widget with access to the at least one secure application to enable the at least one secure application to perform at least one NFC transaction;
  
  wherein, in response to the authentication of the widget certificate and the AC file certificate, the virtual machine is configured to provide the widget with access to the at least one secure application when at least one of;
  
  (a) the widget specifies the associated AID information of the at least one secure application referenced in the AC file, and(b) the widget certificate referenced in the AC file matches the authenticated widget certificate.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising updating the AC file when a widget is added to, modified on, or removed from the mobile electronic device.
  - 3. The method of claim 1, wherein configuring the widget certificate for authentication comprises verifying the widget certificate by the virtual machine upon distribution of the widget to the mobile electronic device;
    - andwherein configuring the AC file for authentication comprises verifying the AC file certificate by the virtual machine upon providing the AC file to the mobile electronic device.
  - 4. The method of claim 1, wherein the AID information comprises an application identifier and at least one access control flag, further comprising configuring the virtual machine to filter widget access to the at least one secure application based on the at least one access control flag.
  - 5. The method of claim 4, further comprising displaying via the widget multimedia content associated with the at least one secure application to which access has been provided based on the at least one access control flag.
  - 6. The method of claim 4, wherein the at least one access control flag is at least one of a payment flag, an identification flag, and a communication flag.
  - 7. The method of claim 1, further comprising dividing the secure element into a plurality of secure domains, and storing the at least one secure application in a respective secure domain.
  - 8. The method of claim 1, further comprising configuring the widget to respond to the at least one NFC transaction occurring by retrieving information on the at least one NFC transaction associated with the secure application.
  - 9. The method of claim 1, wherein the at least one secure application comprises at least one of a transport application, a credit/debit application, a coupon application, a secure access application, a loyalty card application, an electronic purse application, and a ticketing application.
  - 10. The method claim 1, wherein the at least one secure element comprises at least one of a secure SIM card, a secure memory card, and secure internal memory.

11. A system for providing widget access control management on a mobile electronic device having a processor, a memory, code in the memory for implementing in the processor a virtual machine, and an NFC transceiver, the mobile electronic device being operatively coupled to a secure element and being in wireless communication with a server over at least one wireless network, the server having a server processor and a server memory, the system comprising:
- a widget generator for creating a widget having a widget certificate and application identification (AID) information corresponding to at least one secure application stored in the secure element and associated with the widget;
  
  an Access Control (AC) file manager for managing data stored in an AC file having an AC file certificate; and
  
  a communication interface for distributing the widget and the AC file to the mobile electronic device over the at least one wireless network;
  
  wherein the widget certificate and the AID information of the associated at least one secure application are stored by the AC file manager in the AC file;
  
  wherein the widget certificate and the AC file are configured for authentication; and
  
  wherein, in response to a request by the widget to enable the at least one secure application to perform at least one NFC transaction, and subject to the authentication of the widget certificate and the AC file certificate, the virtual machine is configured to provide the widget with access to the at least one secure application when at least one of;
  
  (a) the widget specifies the associated AID information of the at least one secure application referenced in the AC file, and(b) the widget certificate referenced in the AC file matches the authenticated widget certificate.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The system of claim 11, wherein the AC file manager is further configured to update the AC file when a widget is added to, modified on, or removed from the mobile electronic device.
  - 13. The system of claim 11, wherein the widget is configured for authentication through verification of the widget certificate by the virtual machine upon distribution of the widget to the mobile electronic device;
    - andwherein the AC file is configured for authentication through verification of the AC file certificate by the virtual machine upon providing the AC file to the mobile electronic device.
  - 14. The system of claim 11, wherein the AID information comprises an application identifier and at least one access control flag, wherein the virtual machine is further configured to filter widget access to the at least one secure application based on the at least one access control flag.
  - 15. The system of claim 14, wherein the widget is further configured to display multimedia content associated with the at least one secure application to which access has been provided based on the at least one access control flag.
  - 16. The system of claim 14, wherein the at least one access control flag is at least one of a payment flag, an identification flag, and a communication flag.
  - 17. The system of claim 11, wherein the secure element is divided into a plurality of secure domains, and wherein the at least one secure application is stored in a respective secure domain.
  - 18. The system of claim 11, wherein the widget is configured to respond to the at least one NFC transaction occurring by retrieving information on the at least one NFC transaction associated with the secure application.
  - 19. The system of claim 11, wherein the at least one secure application comprises at least one of a transport application, a credit/debit application, a coupon application, a secure access application, a loyalty card application, an electronic purse application, and a ticketing application.
  - 20. The system of claim 11, wherein the at least one secure element comprises at least one of a secure SIM card, a secure memory card, and secure internal memory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
TORO Holding Corporation BV
Original Assignee
TORO Development Limited
Inventors
Renard, Laurent, Puente-Castan, Gregory

Granted Patent

US 8,942,672 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/44
CPC Class Codes

G06Q 20/3227   using secure elements embed...

G06Q 20/326   Payment applications instal...

G06Q 20/327   Short range or proximity pa...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/38215   Use of certificates or encr...

G06Q 30/06   Buying, selling or leasing ...

G06Q 40/02   Banking, e.g. interest calc...

H04B 5/72   for local intradevice commu...

H04B 5/77   for interrogation

H04L 63/0823   using certificates cryptogr...

H04W 12/069   using certificates or pre-s...

H04W 12/088   using filters or firewalls

H04W 12/35   Protecting application or s...

H04W 12/47   using near field communicat...

MOBILE INTEGRATED DISTRIBUTION AND TRANSACTION SYSTEM AND METHOD FOR NFC SERVICES, AND A MOBILE ELECTRONIC DEVICE THEREOF

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

MOBILE INTEGRATED DISTRIBUTION AND TRANSACTION SYSTEM AND METHOD FOR NFC SERVICES, AND A MOBILE ELECTRONIC DEVICE THEREOF

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links