Method of personalizing a NFC chipset

US 8,861,733 B2
Filed: 12/07/2007
Issued: 10/14/2014
Est. Priority Date: 10/23/2007
Status: Active Grant

First Claim

Patent Images

1. A method for personalizing a secure processor in a Near Field Communication (NFC) system to execute a secure application, the method comprising steps of:

establishing a communication link between a remote processor and a storage medium carried by a user, the storage medium memorizing in a secured way user identification data identifying the user,transmitting by the storage medium the user identification data stored in the storage medium to the remote processor,obtaining by the remote processor user personalization data corresponding to the user identification data, the user personalization data allowing a secure application to be executed in connection with the user identification data,obtaining by the remote processor using the user identification data, NFC system identification data identifying a NFC system of the user, the NFC system, the storage medium and the remote processor being distinct devices from one another, the NFC system comprising a secure processor and an NFC interface for contactless communications, the NFC system identification data comprising an encryption key of the secure processor,encrypting by the remote processor the user personalization data using the encryption key,transmitting by the remote processor the encrypted user personalization data to the NFC system,receiving and deciphering the encrypted user personalization data by the secure processor, andmemorizing in a secured way the user personalization data by the secure processor.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to a method for personalizing a secure processor in a NFC system to execute a secure application, comprising steps of obtaining by a server identification data of a user memorized in a secure storage medium, personalization data corresponding to the user identification data, and identification data of a NFC system of the user, comprising an encryption key of the secure processor, encrypting by the server personalization data using the encryption key, transmitting to the NFC system encrypted personalization data, receiving by the secure processor encrypted personalization data, deciphering personalization data, and memorizing in a secured way personalization data by the secure processor.

154 Citations

36 Claims

1. A method for personalizing a secure processor in a Near Field Communication (NFC) system to execute a secure application, the method comprising steps of:
- establishing a communication link between a remote processor and a storage medium carried by a user, the storage medium memorizing in a secured way user identification data identifying the user,transmitting by the storage medium the user identification data stored in the storage medium to the remote processor,obtaining by the remote processor user personalization data corresponding to the user identification data, the user personalization data allowing a secure application to be executed in connection with the user identification data,obtaining by the remote processor using the user identification data, NFC system identification data identifying a NFC system of the user, the NFC system, the storage medium and the remote processor being distinct devices from one another, the NFC system comprising a secure processor and an NFC interface for contactless communications, the NFC system identification data comprising an encryption key of the secure processor,encrypting by the remote processor the user personalization data using the encryption key,transmitting by the remote processor the encrypted user personalization data to the NFC system,receiving and deciphering the encrypted user personalization data by the secure processor, andmemorizing in a secured way the user personalization data by the secure processor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method according to claim 1, wherein the user identification data are transmitted to the remote processor by putting in communication the storage medium and a terminal connected to the remote processor.
  - 3. The method according to claim 1, wherein the identification data of the NFC system are at least partially supplied by the user to a terminal connected to the remote processor.
  - 4. The method according to claim 1, wherein the identification data of the NFC system are at least partially supplied to the secure processor by a contactless link established between the NFC interface of the NFC system and a terminal connected to the remote processor.
  - 5. The method according to claim 1, wherein the identification data of the NFC system comprise an identifier of a NFC processor and/or a host processor coupled to the NFC processor.
  - 6. The method according to claim 1, comprising steps of generating a common secret data shared by the remote processor and a terminal connected to the remote processor and to which the user has access, and the terminal supplying the secret data to the user, then the user supplying it to the NFC system.
  - 7. The method according to claim 6, wherein:
    - a processor of the NFC system calculates a condensed value by applying a deterministic encryption function to the identification data of the NFC system and the secret data, and the NFC system transmits the calculated condensed value and the identification data of the NFC system to the remote processor, andthe remote processor calculates a condensed value by applying the deterministic encryption function to the identification data of the NFC system and the secret data, and stops a personalization process of the secure processor if the received condensed value is different from the calculated condensed value.
  - 8. The method according to claim 1, wherein the NFC system is integrated into a mobile telecommunication terminal and the encrypted user personalization data are transmitted by the remote processor to the NFC system through a mobile telecommunication network.
  - 9. The method according to claim 1, wherein the encrypted user personalization data are transmitted by the remote processor to the NFC system by a contactless link established between a terminal connected to the remote processor and comprising a NFC interface in communication with the NFC interface of the NFC system.
  - 10. The method according to claim 1, wherein the encrypted user personalization data are transmitted to the NFC system through a memory card given to the user and susceptible of being put in communication through a contactless link with the NFC interface of the NFC system.
  - 11. The method according to claim 10, wherein the memory card comprises a NFC interface to establish a contactless link with the NFC interface of the NFC system.
  - 12. The method according to claim 10, wherein the memory card transmits the encrypted user personalization data to the NFC system through a contactless link established with a terminal connected to the memory card and comprising the NFC interface.
  - 13. The method according to claim 1, whereinthe remote processor transmits to the NFC system the encrypted user personalization data with a condensed value obtained by applying a deterministic encryption function to the encrypted user personalization data and the identification data of the NFC system, andthe NFC system receives the encrypted user personalization data and the condensed value, calculates a condensed value by applying the deterministic encryption function to the encrypted user personalization data received from the remote processor and the identification data of the NFC system, and stops a personalization process of the secure processor if the condensed value received is different from the condensed value calculated.
  - 14. The method according to claim 1, wherein the encryption key of the secure processor comprises a public key and a corresponding secret key which are locally generated by the secure processor.
  - 15. The method according to claim 1, wherein the encryption key of the secure processor comprises a public key and a secret key which are inserted into the secure processor with a certificate emitted by a certification authority.

16. A system for personalizing a secure processor in a Near Field Communication (NFC) system to execute a secure application, the system comprising:
- a NFC system of a user, comprising a secure processor and an NFC interface for contactless communications, anda remote processor configured to;
  
  receive user identification data identifying the user, by a communication link established with a storage medium carried by the user and memorizing in a secured way the user identification data,obtain user personalization data corresponding to the user identification data,obtain NFC system identification data identifying the NFC system using the user identification data, the NFC system identification data comprising an encryption key of the secure processor, andencrypt the user personalization data using the encryption key of the secure processor, and transmit to the NFC system the encrypted user personalization data,the secure processor being configured to receive and decipher the encrypted user personalization data, and to memorize in a secured way the user personalization data, wherein the NFC system, the remote processor and the storage medium are distinct devices from one another.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 17. The system according to claim 16, comprising a terminal connected to the remote processor and the storage medium, the terminal being configured to extract from the storage medium the user identification data and to transmit the user identification data to the remote processor.
  - 18. The system according to claim 16, comprising a terminal connected to the remote processor, the terminal being configured to receive from the user at least partially, the identification data of the NFC system.
  - 19. The system according to claim 16, comprising a terminal connected to the remote processor and comprising a contactless interface configured to establish a contactless link with the secure processor, the secure processor and the terminal being configured so that the user identification data are at least partially transmitted through the contactless link of the NFC system from the secure processor to the terminal.
  - 20. The system according to claim 16, wherein the identification data of the NFC system comprise an identifier of a NFC processor and/or a secure host processor coupled to the NFC processor.
  - 21. The system according to claim 16, comprising a terminal connected to the remote processor and to which the user has access, the terminal and the remote processor being configured to generate a common secret data shared by the remote processor and the terminal, the terminal being configured to supply the secret data to the user, the NFC system being configured to receive the secret data from the user.
  - 22. The system according to claim 21, wherein:
    - the NFC system is configured to calculate a condensed value by applying a deterministic encryption function to the identification data of the NFC system and to the secret data, and to transmit the calculated condensed value with the identification data of the NFC system to the remote processor, andthe remote processor is configured to receive and check the condensed value, to calculate a condensed value by applying the encryption function to the identification data of the NFC system and to the secret data it has generated, and to stop a personalization process of the secure processor if the received condensed value is different from the calculated condensed value.
  - 23. The system according to claim 16, wherein the NFC system is integrated into a mobile telecommunication terminal, the remote processor being configured to transmit the encrypted user personalization data to the NFC system through a mobile telecommunication network.
  - 24. The system according to claim 16, comprising a terminal connected to the remote processor and comprising a NFC interface in communication through a contactless link with the NFC system, the remote processor, the terminal and the NFC system being configured so that the encrypted user personalization data are transmitted from the remote processor to the NFC system through the contactless link via the terminal.
  - 25. The system according to claim 16, comprising a memory card given to the user and susceptible of being put in communication through a contactless link with the NFC system, the memory card being configured to memorize the encrypted user personalization data and transmit the encrypted user personalization data to the NFC system.
  - 26. The system according to claim 16, comprising a memory card given to the user and a terminal susceptible of being connected to the memory card and comprising a NFC interface in communication through a contactless link with the NFC system, the memory card being configured to memorize the encrypted user personalization data, the memory card, the terminal and the NFC system being configured so that the encrypted user personalization data are transmitted from the memory card to the NFC system via the terminal.
  - 27. The system according to claim 16, wherein:
    - the remote processor is configured to transmit the encrypted user personalization data with a condensed value obtained by applying a deterministic encryption function to the encrypted user personalization data and the identification data of the NFC system,the NFC system is configured to receive the condensed value, to calculate a condensed value by applying the encryption function to the encrypted user personalization data received from the remote processor and to the identification data of the NFC system, and to stop a personalization process of the secure processor if the received condensed value is different of the calculated condensed value.
  - 28. The system according to claim 16, wherein the secure processor is configured to generate the encryption key of the secure processor which is a public key and a secret key corresponding to the public key.
  - 29. The system according to claim 16, wherein the secure processor is configured to receive the encryption key of the secure processor which is a public key and a secret key corresponding to the public key, with a certificate emitted by a certification authority.

30. An apparatus comprising a processor for personalizing a secure processor of a Near Field Communication (NFC) system in order to execute a secure application, the processor configured to:
- receive user identification data identifying a user, by a communication link established with a storage medium carried by the user and memorizing in a secure way the user identification data,obtain user personalization data corresponding to the user identification data,obtain NFC system identification data identifying a NFC system of the user using the user identification data, the NFC system being separate from the storage medium, the identification data comprising an encryption key of a secure processor of the NFC system, andencrypt the user personalization data using the encryption key, and transmit to the NFC system the encrypted user personalization data, wherein the NFC system, the processor and the storage medium are distinct devices from one another.
- View Dependent Claims (31, 32, 33, 34, 35, 36)
- - 31. The apparatus according to claim 30, wherein the identification data of the NFC system comprise an identifier of a NFC processor and/or a host processor coupled to the NFC processor.
  - 32. The apparatus according to claim 30, wherein the processor is further configured to generate a secret data, the secret data being shared by the processor and a terminal which the processor is connected to.
  - 33. The apparatus according to claim 32, wherein the processor is further configured to:
    - receive a condensed value,calculate a condensed value by applying an encryption function to the identification data of the NFC system and to the secret data, andstop a personalization process of the secure processor if the received condensed value is different of the calculated condensed value.
  - 34. The apparatus according to claim 30, wherein the processor is further configured to transmit the encrypted user personalization data to the NFC system via a mobile telecommunication network.
  - 35. The apparatus according to claim 30, wherein the processor is further configured to transmit the encrypted user personalization data to the NFC system via a terminal connected to the processor via a network and to the NFC system via a contactless link.
  - 36. The apparatus according to claim 30, wherein the processor is further configured to transmit the encrypted user personalization data with a condensed value obtained by applying a deterministic encryption function to the encrypted user personalization data and the identification data of the NFC system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verimatrix Incorporated (Verimatrix SA)
Original Assignee
Inside Secure SA
Inventors
Benteo, Bruno, Feix, Benoit, Nerot, Sebastien
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
NGUYEN, TRONG H

Application Number

US11/952,911
Publication Number

US 20090103732A1
Time in Patent Office

2,503 Days
Field of Search

380/270, 380/279, 380/282, 380/283, 380/44, 713 1- 2, 713/100, 713168-171, 713180-181, 726/3, 726 26- 30
US Class Current

380/270
CPC Class Codes

G06Q 20/3265   characterised by personalis...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/3552   Downloading or loading of p...

G06Q 20/3558   Preliminary personalisation...

G07F 7/1008   Active credit-cards provide...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/0442   wherein the sending and rec...

H04L 63/0492   by using a location-limited...

H04L 63/0876   based on the identity of th...

H04L 63/18   using different networks or...

H04L 63/20   for managing network securi...

H04L 9/30   Public key, i.e. encryption...

H04W 12/02   Protecting privacy or anony...

H04W 12/04   Key management, e.g. using ...

H04W 12/35   Protecting application or s...

H04W 12/47   using near field communicat...

Method of personalizing a NFC chipset

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

154 Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

Method of personalizing a NFC chipset

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

154 Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links