Apparatus and method for secure authentication of a communication device
First Claim
1. A communication device comprising:
- a secure element having a secure element memory with first executable instructions, wherein the secure element, responsive to executing the first executable instructions, performs first operations comprising;
receiving a baseline credential and an external credential, wherein the receiving of the baseline credential is from a remote management server that is remote from the communication device;
storing the baseline credential and the external credential in the secure element memory; and
mapping the external credential to the baseline credential in the secure element memory;
a secure device processor having a secure device processor memory with second executable instructions, wherein the secure device processor is separate from the secure element and in communication with the secure element, wherein the secure element and the secure device processor are mutually authenticated with the remote management server using a remote management keyset, wherein the secure device processor, responsive to executing the second executable instructions, performs second operations comprising;
receiving an application registration request, wherein the receiving of the external credential by the secure element is responsive to the application registration request;
receiving user input including a user credential;
providing a request for an authentication to the secure element, wherein the request for the authentication includes the user credential and enables the secure element to compare the user credential with the baseline credential to verify the authentication;
receiving the authentication and the external credential from the secure element without receiving the baseline credential; and
providing the external credential to an external entity device that is remote from the communication device; and
a device processor that is separate from the secure device processor and in communication with the secure device processor, wherein the device processor facilitates wireless communications between the communication device and the remote management server, and wherein the device processor facilitates wireless communications between the communication device and the external entity device.
1 Assignment
0 Petitions
Accused Products
Abstract
A system that incorporates the subject disclosure may perform, for example, receiving a baseline credential and an external credential, mapping the external credential to the baseline credential in a secure element memory, receiving a request for an authentication from a secure device processor of the communication device where the request for the authentication includes a user credential inputted into the communication device, comparing the user credential with the baseline credential to verify the authentication, and providing the authentication and the external credential to the secure device processor without providing the baseline credential to enable the secure device processor to provide the external credential to an external entity device that is remote from the communication device. Other embodiments are disclosed.
107 Citations
20 Claims
-
1. A communication device comprising:
-
a secure element having a secure element memory with first executable instructions, wherein the secure element, responsive to executing the first executable instructions, performs first operations comprising; receiving a baseline credential and an external credential, wherein the receiving of the baseline credential is from a remote management server that is remote from the communication device; storing the baseline credential and the external credential in the secure element memory; and mapping the external credential to the baseline credential in the secure element memory; a secure device processor having a secure device processor memory with second executable instructions, wherein the secure device processor is separate from the secure element and in communication with the secure element, wherein the secure element and the secure device processor are mutually authenticated with the remote management server using a remote management keyset, wherein the secure device processor, responsive to executing the second executable instructions, performs second operations comprising; receiving an application registration request, wherein the receiving of the external credential by the secure element is responsive to the application registration request; receiving user input including a user credential; providing a request for an authentication to the secure element, wherein the request for the authentication includes the user credential and enables the secure element to compare the user credential with the baseline credential to verify the authentication; receiving the authentication and the external credential from the secure element without receiving the baseline credential; and providing the external credential to an external entity device that is remote from the communication device; and a device processor that is separate from the secure device processor and in communication with the secure device processor, wherein the device processor facilitates wireless communications between the communication device and the remote management server, and wherein the device processor facilitates wireless communications between the communication device and the external entity device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
receiving, by a secure element of a communication device, a baseline credential and an external credential, wherein the receiving of the baseline credential is from a remote management server that is remote from the communication device; storing the baseline credential and the external credential in a secure element memory of the secure element; mapping, by the secure element, the external credential to the baseline credential in the secure element memory; receiving, by a secure device processor of the communication device, an application registration request, wherein the receiving of the external credential by the secure element is responsive to the application registration request, wherein the secure device processor is separate from the secure element and in communication with the secure element; receiving, by the secure device processor, user input including a user credential; providing a request for an authentication from the secure device processor to the secure element, wherein the request for the authentication includes the user credential and enables the secure element to compare the user credential with the baseline credential to verify the authentication; receiving, by the secure device processor, the authentication from the secure element without receiving the baseline credential, wherein the secure element and the secure device processor are mutually authenticated with the remote management server using a remote management keyset; and facilitating, by a device processor of the communication device, wireless communications between the communication device and the remote management server, wherein the device processor is separate from the secure device processor and in communication with the secure device processor. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A computer readable storage device comprising instructions which, responsive to being executed by a secure element of a communication device, cause the secure element to perform operations comprising:
-
receiving a baseline credential and an external credential, wherein the receiving of the baseline credential is from a remote management server that is remote from the communication device, wherein the receiving of the external credential by the secure element is responsive to a secure device processor of the communication device receiving an application registration request; storing the baseline credential and the external credential in a secure element memory of the secure element; mapping the external credential to the baseline credential in the secure element memory; receiving a request for an authentication from the secure device processor of the communication device, wherein the secure device processor is separate from the secure element and in communication with the secure element, wherein the request for the authentication includes a user credential inputted into the communication device, wherein the secure element and the secure device processor are mutually authenticated with the remote management server using a remote management keyset; comparing the user credential with the baseline credential to verify the authentication; and providing the authentication and the external credential to the secure device processor without providing the baseline credential to enable the secure device processor to provide the external credential to an external entity device that is remote from the communication device, wherein a device processor of the communication device facilitates wireless communications between the communication device and the remote management server and between the communication device and the external entity device, wherein the device processor is separate from the secure device processor and in communication with the secure device processor. - View Dependent Claims (19, 20)
-
Specification