DELETION OF CREDENTIALS FROM AN ELECTRONIC DEVICE

US 20150178723A1
Filed: 09/02/2014
Published: 06/25/2015
Est. Priority Date: 12/23/2013
Status: Active Grant

First Claim

Patent Images

1. An electronic device comprising:

a secure element comprising a security domain element stored on the secure element; and

a processor component configured to;

permanently terminate the functionality of the security domain element;

after the functionality has been permanently terminated, communicatively couple the electronic device to a trusted service manager; and

transmit data to the communicatively coupled trusted service manager that is usable by the trusted service manager to determine that the functionality has been permanently terminated.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and computer-readable media for managing credentials are provided. In one example embodiment, an electronic device may include a secure element with a security domain element stored on the secure element. The electronic device may also include a processor component that may be configured to, inter alia, permanently terminate the functionality of the security domain element, after the functionality has been permanently terminated, communicatively couple the electronic device to a trusted service manager, and transmit data to the communicatively coupled trusted service manager that may be usable by the trusted service manager to determine that the functionality has been permanently terminated. Additional embodiments are also provided.

Citations

33 Claims

1. An electronic device comprising:
- a secure element comprising a security domain element stored on the secure element; and
  
  a processor component configured to;
  
  permanently terminate the functionality of the security domain element;
  
  after the functionality has been permanently terminated, communicatively couple the electronic device to a trusted service manager; and
  
  transmit data to the communicatively coupled trusted service manager that is usable by the trusted service manager to determine that the functionality has been permanently terminated.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The electronic device of claim 1, wherein the permanent termination irreversibly prevents the electronic device from sharing information indicative of the security domain element with a user of the electronic device.
  - 3. The electronic device of claim 1, wherein the permanent termination irreversibly prevents the electronic device from sharing information indicative of the security domain element with a merchant subsystem.
  - 4. The electronic device of claim 1, wherein the processor component is configured to permanently terminate the functionality of the security domain element by:
    - detecting a value of a functionality data register of the security domain element; and
      
      in response to the detecting, transitioning a life cycle state of the security domain element from a first type of life cycle state to a second type of life cycle state, wherein the detected value of the functionality data register is configured to allow the transitioning.
  - 5. The electronic device of claim 1, wherein the processor component is configured to permanently terminate the functionality of the security domain element by transitioning a life cycle state of the security domain element from a first type of life cycle state to a second type of life cycle state.
  - 6. The electronic device of claim 5, wherein the permanent termination irreversibly prevents the electronic device from sharing information indicative of the security domain element with at least one of a user of the electronic device and a merchant subsystem.
  - 7. The electronic device of claim 1, wherein the security domain element is a commerce credential applet.
  - 8. The electronic device of claim 1, wherein the security domain element is a supplemental security domain.
  - 9. The electronic device of claim 8, wherein the supplemental security domain comprises at least one commerce credential applet.
  - 10. The electronic device of claim 1, wherein the processor component is configured to permanently terminate the functionality of the security domain element while the electronic device is not communicatively coupled to the trusted service manager.

11. A financial institution system in communication with an electronic device, the financial institution system comprising:
- at least one processor component;
  
  at least one memory component; and
  
  at least one communications component, wherein the financial institution system is configured to;
  
  provision a security domain element on the electronic device;
  
  after the security domain element is provisioned on the electronic device, receive shared data from the electronic device; and
  
  use the received shared data to determine that the functionality of the security domain element has been permanently terminated on the electronic device.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The financial institution system of claim 11, wherein the financial institution system is configured to determine that the functionality of the security domain element has been permanently terminated on the electronic device by detecting a life cycle state of the security domain element in the received shared data.
  - 13. The financial institution system of claim 12, wherein the financial institution system is further configured to transmit response data to the electronic device after detecting the life cycle state of the security domain element in the received shared data.
  - 14. The financial institution system of claim 13, wherein the response data comprises a command to delete the security domain element from the electronic device.
  - 15. The financial institution system of claim 11, wherein the financial institution system is configured to determine that the functionality of the security domain element has been permanently terminated on the electronic device by detecting the absence of a life cycle state of the security domain element in the received shared data.

16. An electronic device comprising:
- a secure element comprising a security domain element stored on the secure element; and
  
  a processor component configured to;
  
  irreversibly end the ability of the electronic device to share information indicative of the security domain element with at least one of a user of the electronic device and a remote merchant subsystem;
  
  after the ability has been irreversibly ended, communicatively couple the electronic device to a trusted service manager; and
  
  transmit data to the communicatively coupled trusted service manager that is usable by the trusted service manager to determine that the ability has been irreversibly ended.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The electronic device of claim 16, wherein the data is indicative of a life cycle state of the security domain element.
  - 18. The electronic device of claim 16, wherein the data is not indicative of a life cycle state of the security domain element.
  - 19. The electronic device of claim 16, wherein the processor component is configured to irreversibly end the ability by deleting the security domain element from the electronic device.
  - 20. The electronic device of claim 16, wherein:
    - the processor component is further configured to receive an instruction from the user of the electronic device; and
      
      the processor component is configured to irreversibly end the ability in response to the received instruction.

21. A method comprising:
- terminating the functionality of a security domain element on an electronic device while the electronic device is not communicatively coupled to a trusted service manager of the security domain element;
  
  after the terminating, communicatively coupling the electronic device to the trusted service manager; and
  
  communicating data from the electronic device to the communicatively coupled trusted service manager, wherein the communicated data is usable by the trusted service manager to determine that the functionality of the security domain element has been terminated on the electronic device.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The method of claim 21, wherein the security domain element comprises a commerce credential applet.
  - 23. The method of claim 21, further comprising:
    - before the terminating, communicatively coupling the electronic device to the trusted service manager;
      
      before the terminating, receiving the security domain element on the electronic device from the communicatively coupled trusted service manager; and
      
      before the terminating but after the receiving, communicatively de-coupling the electronic device from the trusted service manager.
  - 24. The method of claim 23, wherein the receiving further comprises receiving a functionality data register for the security domain element configured to allow the transition a life cycle state of the security domain element from a first type of life cycle state to a second type of life cycle state.
  - 25. The method of claim 21, wherein the communicated data is indicative of a life cycle state of the security domain element.
  - 26. The method of claim 25, further comprising:
    - after the communicating, receiving shared data at the electronic device from the communicatively coupled trusted service manager; and
      
      using the received shared data to delete the security domain element from the electronic device.
  - 27. The method of claim 21, wherein the communicated data is not indicative of a life cycle state of the security domain element.
  - 28. The method of claim 21, wherein the terminating comprises deleting the security domain element from the electronic device.
  - 29. The method of claim 21, wherein the terminating comprises transitioning a life cycle state of the security domain element from a first type of life cycle state to a second type of life cycle state.
  - 30. The method of claim 29, wherein:
    - the terminating further comprises detecting a value of a functionality data register of the security domain element; and
      
      the detected value of the functionality data register is configured to allow the transitioning.

31. A non-transitory computer-readable medium comprising computer-readable instructions recorded thereon for:
- terminating the functionality of a security domain element on an electronic device;
  
  after the terminating, communicatively coupling the electronic device to a trusted service manager; and
  
  communicating data from the electronic device to the communicatively coupled trusted service manager, wherein the communicated data is usable by the trusted service manager to determine that the functionality of the security domain element has been terminated.

32. An electronic device comprising:
- a secure element comprising a security domain element stored on the secure element; and
  
  a processor component configured to terminate the functionality of the security domain element without any communication between the electronic device and any remote entity.

33. An electronic device comprising:
- a secure element comprising a security domain element stored on the secure element; and
  
  a processor component configured to terminate the functionality of the security domain element independent of any communication between the electronic device and a trusted service manager.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Khan, Ahmer A., Linde, Joakim, Sharp, Christopher, Hauck, Jerrold V.

Granted Patent

US 10,552,830 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06Q 20/3226   Use of secure elements sepa...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/3821   Electronic credentials

H04W 12/082   using revocation of authori...

H04W 12/086   using security domains

H04W 12/35   Protecting application or s...

DELETION OF CREDENTIALS FROM AN ELECTRONIC DEVICE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

DELETION OF CREDENTIALS FROM AN ELECTRONIC DEVICE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links