Mobile Information Apparatus That Includes A Secure Element Storing Payment Information And Using A Cryptographic Technique For Implementing Mobile Payment

US 20150363763A1
Filed: 08/25/2015
Published: 12/17/2015
Est. Priority Date: 11/01/2000
Status: Active Application

First Claim

Patent Images

1. A mobile information apparatus operable for making mobile payments by short range point-to-point wireless communication with a wireless controller device that is within a limited physical distance, the wireless output controller being a distinct device from the mobile information apparatus, the mobile information apparatus comprising:

a processing unit;

operating system software;

a touch sensitive screen interface for interacting with the user;

a digital camera for taking pictures;

an antenna for transmitting short range radio frequency signals to wireless controller devices that are within a limited physical distance from the mobile information apparatus;

a wireless communication unit for managing local wireless communication with wireless controller devices that are within a limited physical distance from the mobile information apparatus;

a memory controller;

a memory component;

a protected memory area in the memory component storing protected data that is implemented to be not accessible by a user of the integrated circuit memory device, but is implemented to be accessible by the memory controller implementing, at least in part, a cryptographic algorithm, the protected data stored in the protected memory area of the mobile information apparatus includes at least part of payment information, and the payment information being associated, at least in part, with a credit card or a bank card related to the user of the mobile information apparatus;

wherein the mobile information apparatus is configured for;

establishing, by the wireless communication unit over the antenna, a short range point-to-point radio frequency communication link directly between the mobile information apparatus and the wireless output controller, the establishing of the short range point-to-point radio frequency communication link being when the mobile information apparatus is within a limited local physical distance from the wireless output controller;

accessing, by the memory controller, the protected data that includes at least part of payment information stored in the protected memory area;

implementing, at least in part by the memory controller, a cryptographic algorithm for accessing the protected data stored in the protected memory area;

generating, at the mobile information apparatus, encrypted output data for ensuring security of communication from the mobile information apparatus to the wireless output controller for transaction management, the encrypted output data is associated with the payment information stored at the memory or storage unit of the mobile information apparatus, and the payment information is associated, at least partly, with a credit card;

receiving at least an indication from the user of the mobile information apparatus for releasing payment information from the mobile information apparatus to the wireless output controller, the indication from the user includes an authentication procedure using at least one of a password, a PIN code, or biometrics, individually or in any combination, from the user; and

subsequent to the authentication procedure from the user at the mobile information apparatus, the mobile information apparatus is operable for wireless transmitting at least part of the encrypted output data, over the short range point-to-point radio frequency communication link directly from the mobile information apparatus to the wireless output controller for processing payment associated with a transaction.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile information apparatus that includes a secure element for making mobile payments associated with a credit card or bank card, via a near distance radio frequency wireless communication unit, is herein disclosed and enabled. At least part of payment information or a device identification number is stored in the secure element or protected memory of the mobile information apparatus. Data stored in the secure element or protected memory is implemented to be not accessible by the user, but is accessible by a memory controller included in the mobile information apparatus implementing a cryptographic algorithm. To authorize payment, the user enters authentication information that may include a password, or a pin code, or user biometrics; and subsequent to the authentication, the mobile information apparatus transmits encrypted data over a short range radio frequency communication link to a wireless output controller or reader for making payment and transaction processing.

58 Citations

View as Search Results

20 Claims

1. A mobile information apparatus operable for making mobile payments by short range point-to-point wireless communication with a wireless controller device that is within a limited physical distance, the wireless output controller being a distinct device from the mobile information apparatus, the mobile information apparatus comprising:
- a processing unit;
  
  operating system software;
  
  a touch sensitive screen interface for interacting with the user;
  
  a digital camera for taking pictures;
  
  an antenna for transmitting short range radio frequency signals to wireless controller devices that are within a limited physical distance from the mobile information apparatus;
  
  a wireless communication unit for managing local wireless communication with wireless controller devices that are within a limited physical distance from the mobile information apparatus;
  
  a memory controller;
  
  a memory component;
  
  a protected memory area in the memory component storing protected data that is implemented to be not accessible by a user of the integrated circuit memory device, but is implemented to be accessible by the memory controller implementing, at least in part, a cryptographic algorithm, the protected data stored in the protected memory area of the mobile information apparatus includes at least part of payment information, and the payment information being associated, at least in part, with a credit card or a bank card related to the user of the mobile information apparatus;
  
  wherein the mobile information apparatus is configured for;
  
  establishing, by the wireless communication unit over the antenna, a short range point-to-point radio frequency communication link directly between the mobile information apparatus and the wireless output controller, the establishing of the short range point-to-point radio frequency communication link being when the mobile information apparatus is within a limited local physical distance from the wireless output controller;
  
  accessing, by the memory controller, the protected data that includes at least part of payment information stored in the protected memory area;
  
  implementing, at least in part by the memory controller, a cryptographic algorithm for accessing the protected data stored in the protected memory area;
  
  generating, at the mobile information apparatus, encrypted output data for ensuring security of communication from the mobile information apparatus to the wireless output controller for transaction management, the encrypted output data is associated with the payment information stored at the memory or storage unit of the mobile information apparatus, and the payment information is associated, at least partly, with a credit card;
  
  receiving at least an indication from the user of the mobile information apparatus for releasing payment information from the mobile information apparatus to the wireless output controller, the indication from the user includes an authentication procedure using at least one of a password, a PIN code, or biometrics, individually or in any combination, from the user; and
  
  subsequent to the authentication procedure from the user at the mobile information apparatus, the mobile information apparatus is operable for wireless transmitting at least part of the encrypted output data, over the short range point-to-point radio frequency communication link directly from the mobile information apparatus to the wireless output controller for processing payment associated with a transaction.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus of claim 1 in which the security of the mobile payment is implemented with all of the following techniques:
    - (1) a physical distance restriction directly between the mobile information apparatus and the wireless output controller;
      
      (2) a protected memory component storing a secure element or protected data;
      
      (3) access of protected data or secure element by a controller implementing a cryptographic algorithm;
      
      (4) an encryption technique applied on data being transmitted from the mobile information apparatus to the wireless output controller; and
      
      (5) at least one of user biometrics authentication or user password authentication.
  - 3. The apparatus of claim 1, wherein the mobile information apparatus is further configured for automatically obtaining, at the mobile information apparatus, a device number or device identification associated with the mobile information apparatus as an authentication procedure for authorizing release of payment information to the wireless output controller.
  - 4. The apparatus of claim 1, wherein the mobile information apparatus is further configured for instructing the user of the mobile information apparatus to physically point the mobile information apparatus directly to the wireless output controller to be within a limited physical distance for establishing a short range radio frequency communication link directly between the mobile information apparatus and the wireless output controller.
  - 5. The apparatus of claim 1 in which the mobile information apparatus is a smart phone that includes:
    - a touch sensitive screen interface for interacting with the user;
      
      a graphical user interface over the touch sensitive screen;
      
      a digital camera for taking pictures; and
      
      one or more applications installed, wherein the operating system software further supports an application programming interface (API) to facilitate operations of the one or more applications at the mobile information apparatus, and the smart phone further allows the user to install additional applications for expanding the functionalities of the smart phone.
  - 6. The apparatus of claim 1, wherein the mobile information apparatus is further configured for obtaining, at the mobile information apparatus, fingerprint information associated with the user.

7. A method for mobile payment operable with a mobile information apparatus, the mobile information apparatus having:
- a processing unit,operating system software that is executable, at least partly, by the processing unit of the mobile information apparatus,a touch sensitive screen interface for interacting with the user,a digital camera for taking pictures,an antenna for transmitting short range radio frequency signals for wireless communication with wireless controller devices that are within a limited physical distance from the mobile information apparatus,a wireless communication unit for managing local wireless communication with a wireless controller device that is within a limited physical distance from the mobile information apparatus,a memory controller,a memory component,a protected memory area in the memory component storing protected data that is implemented to be not accessible by a user of the integrated circuit memory device, but is implemented to be accessible by the memory controller implementing, at least in part, a cryptographic algorithm,the method comprising;
  
  storing protected data in the protected memory area of the mobile information apparatus, the protected data stored in the mobile information apparatus being associated with at least part of payment information, and the payment information being associated, at least in part, with a credit card or a bank card related to the user of the mobile information apparatus;
  
  establishing, by the wireless communication unit and over the antenna, a short range point-to-point radio frequency communication link between the mobile information apparatus and a wireless output controller, the wireless output controller being a distinct and separate device from the mobile information apparatus, and the establishing of the short range point-to-point radio frequency communication link is limited to when the mobile information apparatus is within a limited physical distance from the wireless output controller;
  
  accessing, by the memory controller, the protected data that includes at least part of payment information stored in the protected memory area, the access of the protected data from the protected memory area includes implementing a cryptographic algorithm;
  
  generating, at the mobile information apparatus, encrypted output data for ensuring security of communication from the mobile information apparatus to the wireless output controller, the encrypted output data is associated with the payment information, and the payment information is associated, at least partly, with a credit card or a bank card;
  
  receiving at least an indication from the user of the mobile information apparatus for releasing payment information from the mobile information apparatus to the wireless output controller, the indication from the user includes biometric authentication; and
  
  subsequent to receiving the biometric authentication from the user at the mobile information apparatus, wireless transmitting at least part of the encrypted output data, over the short range point-to-point radio frequency communication link directly from the mobile information apparatus, to the wireless output controller for processing payment associated with a transaction.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The method of claim 7 in which the security of the mobile payment method relies, at least in part, on all of the following:
    - (1) a physical distance restriction directly between the mobile information apparatus and the wireless output controller;
      
      (2) a protected memory component storing a secure element or protected data;
      
      (3) access of protected data or secure element by a controller implementing a cryptographic algorithm;
      
      (4) an encryption technique applied on data being transmitted from the mobile information apparatus to the wireless output controller; and
      
      (5) user biometric authentication.
  - 9. The method of claim 7, further comprising implementing an authentication procedure that includes a device number or device identification associated with the mobile information apparatus.
  - 10. The method of claim 7, further comprising instructing the user of the mobile information apparatus to physically point the mobile information apparatus directly to a wireless output controller to be within the limited physical distance for establishing the short range point-to-point radio frequency communication link.
  - 11. The method of claim 7, further comprising discovering the wireless output controller device when the mobile information apparatus is within the limited physical distance directly between the mobile information apparatus and the wireless output controller.
  - 12. The method of claim 7 further comprising, after the wireless output controller receives output data from the mobile information apparatus, the wireless output controller implementing a payment service and a transaction management service, and the user being charged a fee for using the payment service or the transaction management service.
  - 13. The method of claim 7, further comprising obtaining a signature from the user of the mobile information apparatus for authorizing payment.

14. A mobile information apparatus system for mobile payment, the system comprising:
- a processing unit;
  
  software executable by the processing unit for obtaining, at the mobile information apparatus system, at least one of biometric authentication, password authentication, or PIN code authentication, individually or in any combination, from the user of the mobile information apparatus for authorizing mobile payment;
  
  a touch sensitive screen interface for interacting with the user;
  
  a memory controller;
  
  a memory component;
  
  a protected memory area in the memory component storing protected data that is implemented to be not accessible by a user of the integrated circuit memory device, but is implemented to be accessible by the memory controller implementing, at least in part, a cryptographic algorithm, the protected data stored in the protected memory area of the mobile information apparatus includes at least part of payment information, and the payment information being associated, at least in part, with a credit card or a bank card related to the user of the mobile information apparatus;
  
  an antenna for transmitting short range radio frequency signals; and
  
  a wireless communication unit for establishing short range point-to-point radio frequency communication, and wherein subsequent to having received the obtained authentication from the user authorizing payment, the wireless communication unit is configured for;
  
  managing local wireless communication with a wireless output controller that is within a limited physical distance from the mobile information apparatus;
  
  establishing, a short range radio frequency communication link directly between the mobile information apparatus and a wireless output controller, the wireless output controller being a distinct and separate device from the mobile information apparatus, and the establishing of the short range radio frequency communication link is limited to when the mobile information apparatus is within a limited physical distance from the wireless output controller;
  
  obtaining payment information that is stored in the protected memory area of the mobile information apparatus, the payment information is associated, at least partly, with a credit card or a bank card, and the obtaining of the payment information is facilitated, at least in part, by the memory controller;
  
  encrypting data for communication, the encryption for ensuring security of communication from the mobile information apparatus to the wireless output controller; and
  
  transmitting the payment information that includes encrypted data, over the short range point-to-point radio frequency communication link directly from the mobile information apparatus to the wireless output controller for processing payment.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The system of claim 14 in which the security of the mobile payment relies, at least in part, on all of the following:
    - (1) a physical distance restriction directly between the mobile information apparatus and the wireless output controller;
      
      (2) a protected memory component storing a secure element or protected data;
      
      (3) access of protected data or secure element by the memory controller implementing a cryptographic algorithm;
      
      (4) an encryption technique applied on data being transmitted from the mobile information apparatus to the wireless output controller; and
      
      (5) biometric authentication, or password authentication, or PIN code authentication.
  - 16. The system of claim 14, wherein the wireless communication unit is further configured for transmitting the payment information that includes encrypted data to the wireless output controller for processing payment through a payment service of the wireless output controller, the user of the mobile information apparatus being charged a fee for the payment service.
  - 17. The system of claim 14, wherein the wireless communication unit is further configured for instructing the user of the mobile information apparatus to physically point the mobile information apparatus directly to a wireless output controller to be within the limited physical distance for establishing the short range radio frequency communication link.
  - 18. The system of claim 14, wherein the encryption of data is implemented by both software and hardware as a security implementation.
  - 19. The system of claim 14, wherein the wireless communication unit is further configured for obtaining, at the mobile information apparatus, a fingerprint from the user for authorizing payment.
  - 20. The system of claim 14 in which the mobile information apparatus is a smart phone that includes:
    - a touch sensitive screen interface for interacting with the user;
      
      a graphical user interface over the touch sensitive screen;
      
      a digital camera for taking pictures;
      
      one or more applications installed; and
      
      an operating system that supports an application programming interface (API) to facilitate operations of the one or more applications at the mobile information apparatus, wherein the smart phone further allows the user to install additional applications for expanding the functionalities of the smart phone.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Flexiworld Technologies, Inc.
Original Assignee
Flexiworld Technologies, Inc.
Inventors
Chang, William Ho, Viswanathan, Vinaynathan

Application Number

US14/835,585
Publication Number

US 20150363763A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 2212/1052   Security improvement

G06Q 20/3227   using secure elements embed...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 2220/00   Business processing using c...

H04L 2463/102   applying security measure f...

H04L 63/0428   wherein the data content is...

H04L 63/0492   by using a location-limited...

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

H04W 12/069   using certificates or pre-s...

Mobile Information Apparatus That Includes A Secure Element Storing Payment Information And Using A Cryptographic Technique For Implementing Mobile Payment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

58 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Mobile Information Apparatus That Includes A Secure Element Storing Payment Information And Using A Cryptographic Technique For Implementing Mobile Payment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others