×

Methods and systems for secure communications between client applications and secure elements in mobile devices

  • US 8,904,195 B1
  • Filed: 08/21/2013
  • Issued: 12/02/2014
  • Est. Priority Date: 08/21/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method for secure communication between a client application on a mobile device and a secure hardware element on the mobile device, comprising:

  • providing a physical tamper-resistant integrated circuit chip component of the mobile device, the physical tamper-resistant integrated circuit chip component comprising a secure hardware element having a secure element processor coupled to secure element memory;

    storing, using the secure element processor, a unique user identifier and a user'"'"'s unique private key on the mobile device only in the secure element memory on the secure hardware element of the mobile device;

    storing, using a mobile device processor coupled to mobile device memory, the user'"'"'s unique public key in the mobile device memory on the mobile device;

    receiving, using the mobile device processor, entry of the unique user identifier and a request for user access to a client application on the mobile device processor on the mobile device;

    encrypting, using the mobile device processor, a client application user access request message consisting at least in part of the entered unique user identifier and a randomly generated session key by the client application on the mobile device processor on the mobile device using the user'"'"'s unique public key stored in the mobile device memory on the mobile device and sending the encrypted request message to the secure element processor on the mobile device;

    decrypting, using the secure element processor, the client application user access request message by a secure element application on the secure hardware element on the mobile device with the user'"'"'s unique private key stored on the mobile device only in the secure element memory on the secure hardware element on the mobile device;

    comparing, using the secure element processor, the entered unique user identifier retrieved from the decrypted client application user access request message with the unique user identifier stored on the mobile device only in the secure element memory on the secure hardware element on the mobile device;

    encrypting, using the secure element processor, a client application user access response message by the secure element application on the secure hardware element of the mobile device with the randomly generated session key retrieved from the decrypted request message and sending the encrypted response message to the client application on the mobile device processor on the mobile device; and

    decrypting, using the mobile device processor, the client application user access response message with the randomly generated session key by the client application on the mobile device processor on the mobile device.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×