Web Server Bypass of Backend Process on Near Field Communications and Secure Element Chips
First Claim
Patent Images
1. A mobile access terminal providing access to secure information in a secure element of the mobile access terminal comprising:
- the secure element storing the secure information;
a web browser configured to transmit a secure information request to a server and transmit the secure information to a vendor;
a trusted security zone, wherein the trusted security zone provides at least one chipset with a hardware root of trust, a secure execution environment for applications, and secure access to peripherals; and
the server residing and executing within at least one of the secure element or the trusted security zone of the mobile access terminal, wherein the server is configured to provide access to the secure information stored in the secure element exclusively to the web browser in response to receiving the secure information request from the web browser, and wherein the server is configured to block access to the secure information stored in the secure element when receiving secure information requests from entities other than the web browser.
6 Assignments
0 Petitions
Accused Products
Abstract
A mobile access terminal providing access to data in a secure element of the mobile access terminal is provided. The mobile access terminal comprises the secure element; a web browser; a near field communications system; an over-the-air proxy; an application programming interface layer; and a web server residing on a secure storage area of the mobile access terminal, wherein the web browser is provided with exclusive access to the web server.
-
Citations
20 Claims
-
1. A mobile access terminal providing access to secure information in a secure element of the mobile access terminal comprising:
-
the secure element storing the secure information; a web browser configured to transmit a secure information request to a server and transmit the secure information to a vendor; a trusted security zone, wherein the trusted security zone provides at least one chipset with a hardware root of trust, a secure execution environment for applications, and secure access to peripherals; and the server residing and executing within at least one of the secure element or the trusted security zone of the mobile access terminal, wherein the server is configured to provide access to the secure information stored in the secure element exclusively to the web browser in response to receiving the secure information request from the web browser, and wherein the server is configured to block access to the secure information stored in the secure element when receiving secure information requests from entities other than the web browser. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for securing user data on a mobile access terminal comprising:
-
providing, by a mobile access terminal, a secure element, a web browser, a trusted security zone, and a server, wherein the server executes from and is located in at least one of the secure element or the trusted security zone, and wherein the trusted security zone provides at least one chipset with a hardware root of trust, a secure execution environment for applications, and secure access to peripherals; securely storing, by the mobile access terminal, secure user data of the user of the mobile access terminal in a secure storage area; initiating, by the mobile access terminal, a transaction with another system; transmitting a secure user data request from the web browser to the server in response to initiating the transaction with the other system; accessing, by the web browser, the secure user data from the secure storage area via the server in response to the server receiving the secure user data request from the web browser, wherein the server is configured to provide access to the secure user data stored in the secure storage area exclusively to the web browser in response to receiving the secure user data request from the web browser, and wherein the server is configured to block access to the secure user data stored in the secure storage area when receiving secure user data requests from entities other than the web browser; and executing a secure transaction, by the mobile access terminal, with the other system. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A mobile access terminal providing access to secure information in the mobile access terminal, the mobile access terminal comprising:
-
a secure element; a web browser configured to transmit a secure information request to a server and transmit the secure information to a vendor; a trusted security zone, wherein the trusted security zone provides at least one chipset with a hardware root of trust, a secure execution environment for applications, and secure access to peripherals, and wherein the trusted security zone and the secure element are located in a core of the mobile access terminal; and the server residing and executing within at least one of the secure element or the trusted security zone, wherein the server is configured to provide access to the secure information stored in the secure element or the trusted security zone exclusively to the web browser in response to receiving the secure information request from the web browser, and wherein the server is configured to block access to the secure information stored in the secure element or the trusted security zone when receiving secure information requests from entities other than the web browser. - View Dependent Claims (17, 18, 19, 20)
-
Specification