Secure reset of personal and service provider information on mobile devices

US 8,971,533 B2
Filed: 04/22/2013
Issued: 03/03/2015
Est. Priority Date: 04/06/2012
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for resetting secure memories within computing devices configured to conduct financial transactions, comprising:

receiving an encrypted reset request message for a secure memory of a computing device configured to conduct financial transactions, the encrypted reset request message being associated with a request to change control of the secure memory from a first secure service provider to a second secure service provider, the encrypted reset request message originating from a source other than the first secure service provider;

providing a communication key within the secure memory;

decrypting the encrypted reset request message within the secure memory using the communication key;

verifying authorization for the reset request message; and

clearing parameters associated with the first secure service provider from the secure memory based on instructions provided in the verified reset request message that originated from the source other than the first secure service provider.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are described herein for supporting end users of a mobile device, such as a mobile phone, to reset a secure element associated with the communication device. The reset process may include clearing the secure element, associated memories, and storage devices of any user specific or personalized information associated with the user. The reset process may also include removing or resetting keys or other identifiers within the secure element that associate the mobile device with a particular secure service provider. According to various embodiments, a computer-implemented method for resetting a secure element within a network device may include receiving an encrypted reset request message at the secure element, decrypting the encrypted reset request message using a communication key, verifying authorization for the reset request message, and atomically clearing parameters associated with the secure element.

Citations

27 Claims

1. A computer-implemented method for resetting secure memories within computing devices configured to conduct financial transactions, comprising:
- receiving an encrypted reset request message for a secure memory of a computing device configured to conduct financial transactions, the encrypted reset request message being associated with a request to change control of the secure memory from a first secure service provider to a second secure service provider, the encrypted reset request message originating from a source other than the first secure service provider;
  
  providing a communication key within the secure memory;
  
  decrypting the encrypted reset request message within the secure memory using the communication key;
  
  verifying authorization for the reset request message; and
  
  clearing parameters associated with the first secure service provider from the secure memory based on instructions provided in the verified reset request message that originated from the source other than the first secure service provider.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The computer-implemented method of claim 1, further comprising revoking an access key of the first secure service provider to access the secure memory of the computing device in connection with the request to change from the first secure service provider to the second secure service provider.
  - 3. The computer-implemented method of claim 1, further comprising receiving a certificate request and providing a certificate associated with the communication key in response to receiving the certificate request.
  - 4. The computer-implemented method of claim 1, wherein clearing parameters associated with the secure memory comprises resetting one or more card keys of the first secure service provider within the secure memory.
  - 5. The computer-implemented method of claim 1, wherein verifying authorization for the reset request message comprises verifying a signature of the reset request message from a trusted authority.
  - 6. The computer-implemented method of claim 1, wherein verifying authorization for the reset request message comprises receiving an authorization code over a wireless interface.
  - 7. The computer-implemented method of claim 1, wherein the communication key comprises a private public key pair.
  - 8. The computer-implemented method of claim 1, further comprising providing a signing key within the secure memory.
  - 9. The computer-implemented method of claim 1, wherein the secure memory is associated with a Near Field Communication interface.
  - 10. The computer-implemented method of claim 1, wherein clearing parameters associated with the secure memory comprises an atomic operation.
  - 11. The computer-implemented method of claim 1, wherein the secure memory is comprised in a secure element.

12. A computer program product, comprising:
- a non-transitory computer-readable medium having computer-readable program instructions embodied therein that when executed by a computer cause the computer to reset secure memories within computing devices configured to conduct financial transactions, the computer-readable program instructions comprising;
  
  computer-readable program instructions to receive an encrypted reset request message for a secure memory of a computing device configured to engage in financial transactions, the encrypted reset request message being associated with a request to change control of the secure memory from a first electronic entity to a second electronic entity, the encrypted reset request message originating from a source other than the first electronic entity;
  
  computer-readable program instructions for storing a communication key within a secure certificate associated with the secure memory of the computing device;
  
  computer-readable program instructions for decrypting the encrypted reset request message within the secure memory using the communication key;
  
  computer-readable program instructions for verifying authorization for the reset request message; and
  
  computer-readable program instructions for clearing parameters associated with the first electronic entity from the secure memory.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The computer program product of claim 12, wherein the first electronic entity is a first secure service provider and the second electronic entity is a second secure service provider.
  - 14. The computer program product of claim 13, further comprising computer-readable program instructions to revoke an access key of the first secure service provider to access the secure memory of the computing device in connection with the request to change from the first secure service provider to the second secure service provider.
  - 15. The computer program product of claim 12, wherein clearing parameters associated with the secure memory comprises resetting card keys associated with the secure memory.
  - 16. The computer program product of claim 12, wherein the secure memory is associated with a Near Field Communication interface.
  - 17. The computer program product of claim 12, wherein verifying authorization for the reset request message comprises verifying a signature of the reset request message from a trusted authority.
  - 18. The computer program product of claim 12, wherein verifying authorization for the reset request message comprises receiving an authorization code over a wireless interface.
  - 19. The computer program product of claim 12, wherein verifying authorization for the reset request message comprises receiving an authorization code over a Near Field Communications interface.
  - 20. The computer program product of claim 12, wherein clearing parameters associated with the secure memory comprises an atomic operation.
  - 21. The computer program product of claim 12, wherein the secure certificate comprises a public key for signing a message associated with the secure memory.
  - 22. The computer program product of claim 12, wherein the secure memory is comprised in a secure element.

23. A system for resetting secure memories within computing devices, comprising:
- a storage device;
  
  a processor communicatively coupled to the storage device, wherein the processor executes application code instructions that are stored in the storage device to cause the system to;
  
  receive an encrypted reset request message for a secure memory of a computing device configured to engage in financial transactions, the encrypted reset request message being associated with a request to change control of the secure memory from a first electronic entity to a second electronic entity, the encrypted reset request message originating from a source other than the first electronic entity;
  
  store a communication key within a secure certificate associated with the secure memory of the computing device;
  
  decrypt the encrypted reset request message within the secure memory using the communication key;
  
  verify authorization for the reset request message; and
  
  clear parameters associated with the first electronic entity from the secure memory.
- View Dependent Claims (24, 25, 26, 27)
- - 24. The system of claim 23, wherein the first electronic entity is a first trusted service manager and the second electronic entity is a second trusted service manager.
  - 25. The system of claim 23, wherein the secure memory is associated with a Near Field Communication interface.
  - 26. The system of claim 23, wherein clearing parameters associated with the secure memory comprises resetting card keys associated with the secure memory.
  - 27. The system of claim 23, wherein the secure memory is comprised in a secure element.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Wall, Jonathan, von Behren, Rob
Primary Examiner(s)
Lanier, Benjamin
Assistant Examiner(s)
An, Wayne

Application Number

US13/868,041
Publication Number

US 20130266140A1
Time in Patent Office

680 Days
Field of Search
US Class Current

380/255
CPC Class Codes

G06Q 20/3226   Use of secure elements sepa...

G06Q 20/3227   using secure elements embed...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/3672   initialising or reloading t...

G06Q 20/3825   Use of electronic signatures

G06Q 20/3829   involving key management

H04L 2209/12   Details relating to cryptog...

H04L 2209/50   Oblivious transfer

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/0897   involving additional device...

H04L 9/3263   involving certificates, e.g...

H04M 15/48   Secure or trusted billing, ...

H04W 12/04   Key management, e.g. using ...

H04W 12/082   using revocation of authori...

H04W 12/086   using security domains

H04W 12/35   Protecting application or s...

Secure reset of personal and service provider information on mobile devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Secure reset of personal and service provider information on mobile devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links