Payment application lifecycle management in a contactless smart card

US 8,196,131 B1
Filed: 09/26/2011
Issued: 06/05/2012
Est. Priority Date: 12/17/2010
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for managing the lifecycle of a card software application received from a remote trusted service manager (TSM) for a secure element embedded within a chip of a contactless device, the computer-implemented method comprising:

receiving, from the remote TSM to a card runtime environment of the secure element, one of a plurality of card software applications in computer-coded form and one of a plurality of computer-coded instructions for performing a function on the card software application, wherein the card software application comprises account information of a card instrument and an application identifier (AID) code;

rendering, in the secure element, the one of the plurality of computer-coded instructions, wherein the rendered computer-coded instruction performs the function on the card software application or invokes a process method function call of the card runtime environment to perform the function on the card software application;

embedding a firewall within the secure element to separate between a first sharable interface object (SIO) associated with a control software application of the secure element and a second SIO associated with the card software application, wherein the control software application of the secure element and the first SIO associated with the control software application of the secure element are stored in a first memory embedded within the secure element, wherein the card software application and the second SIO associated with the card software application are stored in a second memory embedded within the secure element, and wherein the secure element is embedded within the chip of the contactless device;

supporting secure data transfer between the first SIO and the second SIO through the firewall;

registering, in the control software application of the secure element, the card software application using the AID code, wherein the control software application of the secure element comprises a list of AIDs of previously received and registered card software applications and a card application status tag for each of the listed AIDs; and

updating, in the control software application of the secure element, the card application status tag of the registered card software application, wherein the card application status tag is updated with a computer code related to the function performed.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Managing the lifecycle of a card software application received from a remote trusted service manager (TSM) for a secure element of a contactless smart card comprises receiving, from the remote TSM, a card application and an instruction for performing a function on the card application. The card application comprises account information of one card instrument and an application identifier (AID). The instruction is rendered in the secure element to perform the function on the card application. The card application is registered in a control application of the secure element using the AID. The control application comprises a list of AIDs of previously received and registered card software applications and a card application status tag for each of the listed AIDs. The card application status tag of the registered card application is updated in the control application based on the function performed.

Citations

22 Claims

1. A computer-implemented method for managing the lifecycle of a card software application received from a remote trusted service manager (TSM) for a secure element embedded within a chip of a contactless device, the computer-implemented method comprising:
- receiving, from the remote TSM to a card runtime environment of the secure element, one of a plurality of card software applications in computer-coded form and one of a plurality of computer-coded instructions for performing a function on the card software application, wherein the card software application comprises account information of a card instrument and an application identifier (AID) code;
  
  rendering, in the secure element, the one of the plurality of computer-coded instructions, wherein the rendered computer-coded instruction performs the function on the card software application or invokes a process method function call of the card runtime environment to perform the function on the card software application;
  
  embedding a firewall within the secure element to separate between a first sharable interface object (SIO) associated with a control software application of the secure element and a second SIO associated with the card software application, wherein the control software application of the secure element and the first SIO associated with the control software application of the secure element are stored in a first memory embedded within the secure element, wherein the card software application and the second SIO associated with the card software application are stored in a second memory embedded within the secure element, and wherein the secure element is embedded within the chip of the contactless device;
  
  supporting secure data transfer between the first SIO and the second SIO through the firewall;
  
  registering, in the control software application of the secure element, the card software application using the AID code, wherein the control software application of the secure element comprises a list of AIDs of previously received and registered card software applications and a card application status tag for each of the listed AIDs; and
  
  updating, in the control software application of the secure element, the card application status tag of the registered card software application, wherein the card application status tag is updated with a computer code related to the function performed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computer-implemented method according to claim 1, wherein the card runtime environment is a Java Card Runtime Environment (JCRE).
  - 3. The computer-implemented method according to claim 1, wherein the process method function call of the card runtime environment comprises an application programmable interface (API) function configured to render in the card runtime environment of the contactless device.
  - 4. The computer-implemented method according to claim 1, wherein the plurality of computer-coded instructions to be performed on the card software application comprise one or more of delete, activate, de-activate, add instance, install, block, and unblock.
  - 5. The computer-implemented method according to claim 1, wherein the computer-coded instruction and the card software application are selected via an external software application residing outside the secure element and on the contactless device, and wherein an input selection at the external software application is transmitted through a secure communication channel to the control software application of the secure element.
  - 6. The computer-implemented method according to claim 5, wherein the input selection for the computer-coded instruction is sent from the card runtime environment to the remote TSM for authentication and an authenticated computer-coded instruction is transmitted back to the card runtime environment for rendering.
  - 7. The computer-implemented method according to claim 1, further comprising updating, in a directory software application in the secure element, a list of AIDs of active card software applications and related card application status tags.
  - 8. The computer-implemented method according to claim 7, wherein the directory software application is proximity payment system environment (PPSE).
  - 9. The computer-implemented method according to claim 1, wherein the card instrument comprises a smart card application software package or a software instance to be installed within an existing smart card application software package, and wherein the smart card application software package or the software instance comprises information to access a credit card account, a debit card account, a loyalty card account, a web-based coupon account, a membership account, a gift card account, or an access card account.

10. A system for managing the lifecycle of a card software application received from a remote trusted service manager (TSM) for a contactless smart card, the system comprising:
- a secure element embedded within a chip of the contactless smart card;
  
  a first memory embedded within the secure element, wherein the first memory is operable to store a control software application of the secure element and a first sharable interface object (SIO) associated with the control software application of the secure element;
  
  a second memory embedded within the secure element, wherein the second memory is operable to store the card software application and a second SIO associated with the card software application;
  
  a firewall embedded within the secure element operable to separate between the first SIO and the second SIO, wherein the firewall is further operable to support secure data transfer between the first SIO and the second SIO through the firewall;
  
  a card runtime environment for receiving from the remote TSM, one of a plurality of card software applications in computer-coded form and one of a plurality of computer-coded instructions for performing a function on the card software application, wherein the card software application comprises account information of a card instrument and an application identifier (AID) code;
  
  process method function calls in the card runtime environment of the contactless smart card for rendering the one of the plurality of computer-coded instructions, wherein the rendered computer-coded instruction performs the function on the card software application or invokes a process method function call of the card runtime environment to perform the function on the card software application;
  
  process method function calls in the card runtime environment of the contactless smart card for registering, in the control software application of the secure element, the card software application using the AID code, wherein the control software application of the secure element comprises a list of AIDs of previously received and registered card software applications and a card application status tag for each of the listed AIDs; and
  
  process method function calls in the card runtime environment of the contactless smart card for updating, in the control software application of the secure element, the card application status tag of the registered card software application, wherein the card application status tag is updated with a computer code related to the function performed.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The system according to claim 10, wherein the card runtime environment is a Java Card Runtime Environment (JCRE).
  - 12. The system according to claim 10, wherein the plurality of computer-coded instructions to be performed on the card software application comprise one or more of delete, activate, de-activate, add instance, install, block, and unblock.
  - 13. The system according to claim 10, wherein the computer-coded instruction and the card software application are selected via an external software application residing outside the secure element and on the contactless smart card, and wherein an input selection at the external software application is transmitted through a secure communication channel to the control software application of the secure element.
  - 14. The system according to claim 13, wherein the input selection for the computer-coded instruction is sent from the card runtime environment to the remote TSM for authentication and an authenticated computer-coded instruction is transmitted back to the card runtime environment for rendering.
  - 15. The system according to claim 10, further comprising process method function calls in the card runtime environment of the contactless smart card for updating, in a directory software application in the secure element, a list of AIDs of active card software applications and related card application status tags.
  - 16. The system according to claim 10, wherein the process method function calls in the card runtime environment comprise application programmable interface (API) functions configured to render in the card runtime environment of the contactless smart card.
  - 17. The system according to claim 10, wherein the card instrument comprises a smart card application software package or a software instance to be installed within an existing smart card application software package, and wherein the smart card application software package or the software instance comprises information to access a credit card account, a debit card account, a loyalty card account, a web-based coupon account, a membership account, a gift card account, or an access card account.

18. A contactless smart card configured to manage the lifecycle of a card software application received from a remote trusted service manager (TSM), the contactless smart card comprising:
- a secure element embedded within a chip of the contactless smart card;
  
  a first memory embedded within the secure element, wherein the first memory is operable to store a control software application of the secure element and a first sharable interface object (SIO) associated with the control software application of the secure element;
  
  a second memory embedded within the secure element, wherein the second memory is operable to store the card software application and a second SIO associated with the card software application;
  
  a firewall embedded within the secure element operable to separate between the first SIO and the second SIO, wherein the firewall is further operable to support secure data transfer between the first SIO and the second SIO through the firewall;
  
  a card runtime environment for receiving from the remote TSM, one of a plurality of card software applications in computer-coded form and one of a plurality of computer-coded instructions for performing a function on the card software application, wherein the card software application comprises account information of a card instrument and an application identifier (AID) code;
  
  process method function calls in the card runtime environment of the contactless smart card for rendering the one of the plurality of computer-coded instructions, wherein the rendered computer-coded instruction performs the function on the card software application or invokes a process method function call of the card runtime environment to perform the function on the card software application;
  
  process method function calls in the card runtime environment of the contactless smart card for registering, in the control software application of the secure element, the card software application using the AID code, wherein the control software application of the secure element comprises a list of AIDs of previously received and registered card software applications and a card application status tag for each of the listed AIDs; and
  
  process method function calls in the card runtime environment of the contactless smart card for updating, in the control software application of the secure element, the card application status tag of the registered card software application, wherein the card application status tag is updated with a computer code related to the function performed.
- View Dependent Claims (19, 20, 21, 22)
- - 19. The contactless smart card according to claim 18, wherein the card runtime environment is a Java Card Runtime Environment (JCRE).
  - 20. The contactless smart card according to claim 18, wherein the plurality of computer-coded instructions to be performed on the card software application comprise one or more of delete, activate, de-activate, add instance, install, block, or unblock.
  - 21. The contactless smart card according to claim 18, wherein the process method function calls in the card runtime environment comprise application programmable interface (API) functions configured to render in the card runtime environment of the contactless smart card.
  - 22. The contactless smart card according to claim 18, wherein the card instrument comprises a smart card application software package or a software instance to be installed within an existing smart card application software package, and wherein the smart card application software package or the software instance comprises information to access a credit card account, a debit card account, a loyalty card account, a web-based coupon account, a membership account, a gift card account, or an access card account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Meyn, Hauke, von Behren, Rob, Wall, Jonathan, Muehlberg, Alexej
Primary Examiner(s)
Zhen, Wei
Assistant Examiner(s)
Chen, Qing

Application Number

US13/244,806
Time in Patent Office

253 Days
Field of Search

717168-178, 705 64- 79
US Class Current

717/168
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 9/44552   Conflict resolution, i.e. e...

G06F 9/45508   Runtime interpretation or e...

G06Q 20/02   involving a neutral party, ...

G06Q 20/3263   characterised by activation...

G06Q 20/3563   Software being resident on ...

G06Q 20/3574   Multiple applications on card

G06Q 20/367   involving electronic purses...

G06Q 20/382   insuring higher security of...

Payment application lifecycle management in a contactless smart card

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Payment application lifecycle management in a contactless smart card

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links