SECURE NFC DATA AUTHENTICATION

US 20140256251A1
Filed: 03/11/2013
Published: 09/11/2014
Est. Priority Date: 03/11/2013
Status: Active Grant

First Claim

Patent Images

1. A mobile device, comprising:

a wireless transceiver configured to enable wireless data communication via a network;

a host processor configured to control operations of the mobile device;

a security element (SE) configured to allow at least some near field communication;

a near field communication (NFC) system comprising an NFC transceiver and an NFC controller implementing a contactless front end, wherein the contactless front end is configured to;

(i) route a near field communication related to a payment transaction between the NFC system and the SE without going to or from the host processor; and

(ii) route a near field communication not related to a payment transaction, but requiring a security function, between the NFC system and the SE without going to or from the host processor; and

(iii) route a near field communication not related to a payment transaction, and not requiring a security function, between the NFC system and host processor without going to or from the SE.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile device includes a wireless transceiver, a host processor, a secure element (SE), and a near field communication (NFC) system having an NFC transceiver and an NFC controller implementing a contactless front end. The contactless front end routes a near field communication related to a payment transaction between the NFC system and the SE without going to or from the host processor. The contactless front end routes a near field communication not related to a payment transaction, but requiring a security function, between the NFC system and the SE without going to or from the host processor. The contactless front end routes a near field communication not related to a payment transaction, and not requiring a security function, between the NFC system and host processor without going to or from the SE.

Citations

22 Claims

1. A mobile device, comprising:
- a wireless transceiver configured to enable wireless data communication via a network;
  
  a host processor configured to control operations of the mobile device;
  
  a security element (SE) configured to allow at least some near field communication;
  
  a near field communication (NFC) system comprising an NFC transceiver and an NFC controller implementing a contactless front end, wherein the contactless front end is configured to;
  
  (i) route a near field communication related to a payment transaction between the NFC system and the SE without going to or from the host processor; and
  
  (ii) route a near field communication not related to a payment transaction, but requiring a security function, between the NFC system and the SE without going to or from the host processor; and
  
  (iii) route a near field communication not related to a payment transaction, and not requiring a security function, between the NFC system and host processor without going to or from the SE.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The mobile device of claim 1, wherein the SE is part of an integrated circuit card configured to provide a subscriber identity module for communication of the mobile device through the network.
  - 3. The mobile device of claim 1, wherein the SE includes:
    - an applet for processing of the payment transaction; and
      
      an applet for processing of at least one type of communication not related to a payment transaction.
  - 4. The mobile device of claim 1, wherein the near field communication not related to a payment transaction, but requiring a security function is a communication from the group consisting of:
    - a peer-to-peer (P2P) communication;
      
      a reader communication with an NFC enabled device, wherein the contactless front end is configured to read the near field communication not related to a payment transaction, but requiring a security function and send it in the form of a data message to the SE for a security evaluation;
      
      a writer communication wherein the contactless front end is configured to receive a key from the SE to send to the NFC enabled device.
  - 5. The mobile device of claim 1, wherein the contactless front end is configured to determine whether a security function is required.
  - 6. The mobile device of claim 5, wherein the contactless front end is configured to:
    - upon determining that a security function is required, send a near field communication received from an NFC enabled device to the SE in the form of a data message to determine whether the data message is secure.
  - 7. The mobile device of claim 6, wherein the data message comprises at least one of:
    - (i) a payload;
      
      (ii) a token;
      
      or(iii) an identification (ID) of the NFC enabled device.
  - 8. The mobile device of claim 7, wherein the data message further comprises location information provided by a GPS receiver of the mobile device to determine whether the NFC enabled device is in a predetermined location.
  - 9. The mobile device of claim 7, wherein the SE is configured to determine whether the data message is secure by comparing information in the data message to a rule set stored in the SE, the rule set comprising authorization keys provided by a provisioning server.
  - 10. The mobile device of claim 9, wherein the SE is configured to receive the rule set from the provisioning server before receiving the data message from the contactless front end.
  - 11. The mobile device of claim 9, wherein the SE is configured to receive the rule set from the provisioning server upon:
    - determining that a key for the data message received from the contactless front end is not stored in the SE; and
      
      sending the data message to the provisioning server.
  - 12. The mobile device of claim 9, wherein the SE is configured to receive the rule set from the provisioning server over the wireless data communication network.
  - 13. The mobile device of claim 1, wherein the contactless front end is further configured to route the near field communication not related to a payment transaction, but requiring a security function, to the host processor upon receiving a security acknowledgment from the SE.

14. A method comprising the steps of:
- receiving a data message from a near field communication (NFC) enabled device by a mobile device when within NFC range;
  
  determining a mode of operation, wherein the mode of operation is one of;
  
  (i) card emulation;
  
  (ii) peer-to-peer (P2P);
  
  or(iii) read and/or write; and
  
  determining whether a security function is required for the data message; and
  
  routing the data message to a security element (SE) of the mobile device without going to the host processor of the mobile device, when not related to card emulation but requiring a security function.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
- - 15. The method of claim 14, wherein determining whether the security function is required comprises at least one of:
    - (i) the mode of operation for the data message being card emulation;
      
      (ii) determining that the data message includes a key;
      
      or(iii) determining that the payload of the data message links to a Universal Resource Locator (URL).
  - 16. The method of claim 14, wherein the data message comprises at least one of:
    - (i) a payload;
      
      (ii) a token;
      
      or(iii) an identification (ID) of the NFC enabled device.
  - 17. The method of claim 16, further comprising:
    - determining a location information of the NFC enabled device; and
      
      appending the location information to the data message.
  - 18. The method of claim 14, further comprising:
    - receiving a rule set from a provisioning server, wherein the rule set comprises authorization keys;
      
      wherein the step of determining whether the security function is required comprises comparing information in the data message to a rule set stored in the SE,wherein the rule set;
      
      is provided by a provisioning server; and
      
      includes authorization keys.
  - 19. The method of claim 14, further comprising:
    - receiving a rule set from a provisioning server before receiving the data message from the NFC enabled device; and
      
      storing the rule set in the SE for use in determining whether the data message is secure.
  - 20. The method of claim 14, further comprising:
    - upon determining that a key for the data message does not exist in a rule set stored in the SE, sending the data message to a provisioning server to determine whether the data message is secure.
  - 21. The method of claim 20, further comprising receiving a rule set from the provisioning server responsive to the provisioning server determining that the data message is secure.
  - 22. The method of claim 18, wherein the rule set is received from the provisioning server over a wireless data communication network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cellco Partnership, Inc. (Verizon Communications Inc.)
Original Assignee
Cellco Partnership, Inc. (Verizon Communications Inc.)
Inventors
CACERES, Manuel Enrique, LI, Yuk Lun, KAMAL, Mohammad Ashfaq

Granted Patent

US 10,152,706 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/41.1
CPC Class Codes

G06Q 20/3226   Use of secure elements sepa...

G06Q 20/3229   Use of the SIM of a M-devic...

G06Q 20/3278   RFID or NFC payments by mea...

H04B 5/24   Inductive coupling

H04B 5/48   Transceivers

H04B 5/72   for local intradevice commu...

H04B 5/79   for data transfer in combin...

H04M 2250/04   including near field commun...

H04W 12/02   Protecting privacy or anony...

H04W 12/03   Protecting confidentiality,...

H04W 12/084   using delegated authorisati...

H04W 4/80   Services using short range ...

SECURE NFC DATA AUTHENTICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE NFC DATA AUTHENTICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links