Secure reset of personal and service provider information on mobile devices
First Claim
1. A computer-implemented method for resetting secure elements within network computing devices configured to conduct financial transactions, comprising:
- receiving an encrypted reset request message by a secure element of a network computing device configured to conduct financial transactions, the encrypted reset request message being associated with a request to change control of the secure element from a first trusted service manager to a second trusted service manager, the encrypted reset request message originating from a source other than the first trusted service manager;
providing a communication key within the secure element;
decrypting the encrypted reset request message within the secure element using the communication key;
verifying authorization for the reset request message; and
clearing parameters associated with the first trusted service manager from the secure element based on instructions provided in the verified reset request message that originated from the source other than the first trusted service manager.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are described herein for supporting end users of a mobile device, such as a mobile phone, to reset a secure element associated with the communication device. The reset process may include clearing the secure element, associated memories, and storage devices of any user specific or personalized information associated with the user. The reset process may also include removing or resetting keys or other identifiers within the secure element that associate the mobile device with a particular secure service provider. According to various embodiments, a computer-implemented method for resetting a secure element within a network device may include receiving an encrypted reset request message at the secure element, decrypting the encrypted reset request message using a communication key, verifying authorization for the reset request message, and atomically clearing parameters associated with the secure element.
-
Citations
25 Claims
-
1. A computer-implemented method for resetting secure elements within network computing devices configured to conduct financial transactions, comprising:
-
receiving an encrypted reset request message by a secure element of a network computing device configured to conduct financial transactions, the encrypted reset request message being associated with a request to change control of the secure element from a first trusted service manager to a second trusted service manager, the encrypted reset request message originating from a source other than the first trusted service manager; providing a communication key within the secure element; decrypting the encrypted reset request message within the secure element using the communication key; verifying authorization for the reset request message; and clearing parameters associated with the first trusted service manager from the secure element based on instructions provided in the verified reset request message that originated from the source other than the first trusted service manager. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer program product, comprising:
-
a non-transitory computer-readable medium having computer-readable program instructions embodied therein that when executed by a computer perform a method for resetting secure memories within network computing devices configured to conduct financial transactions, the computer-readable program instructions comprising; computer-readable program instructions for receiving an encrypted reset request message by a secure memory of a network computing device configured to engage in financial transactions, the encrypted reset request message being associated with a request to change control of the secure memory from a first electronic entity to a second electronic entity, the encrypted reset request message originating from a source other than the first electronic entity; computer-readable program instructions for storing a communication key within a secure certificate associated with the secure memory of the network computing device; computer-readable program instructions for decrypting the encrypted reset request message within the secure memory using the communication key; computer-readable program instructions for verifying authorization for the reset request message; and computer-readable program instructions for clearing parameters associated with the first electronic entity from the secure memory based on instructions provided in the verified reset request message that originated from the source other than the first electronic entity. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A system for resetting secure memories within network computing devices, the system comprising:
-
a computing device configured to convey payment information for a financial transaction; and a resettable secure element existing in the computing device, the resettable secure element comprising; a memory; a secure element identity certificate stored in the memory; a secure element identity communication key stored in the memory; a secure element identity signing key stored in the memory; a processor; and computer executable programs stored in the memory that when executed by the processor cause the system to; (i) receive an encrypted reset request message within the secure element, the encrypted reset request message being associated with a request to change control of the secure element from a first electronic entity to a second electronic entity, the encrypted reset request message originating from a source other than the first electronic entity, (ii) decrypt the reset request messaging using the communication keys, (iii) verify authorization of the reset request message using the signing key, and (iv) reset one or more payment card keys associated with the resettable secure element in response to verifying authorization of the reset request message and based on instructions provided in the verified reset request message that originated from the source other than the first electronic entity. - View Dependent Claims (23, 24, 25)
-
Specification