Method and device for controlling access from the device to a card via a NFC interface

US 9,977,890 B2
Filed: 08/21/2015
Issued: 05/22/2018
Est. Priority Date: 08/22/2014
Status: Active Grant

First Claim

Patent Images

1. A method for controlling access from a device to a card via a Near Field Communication (NFC) interface, the method comprising:

storing at a memory of the device an Access Control List (ACL) comprising application signatures and corresponding card identifiers;

receiving at a processor of the device a request from a specific application executing on the device for accessing a particular NFC-enabled card via the NFC interface of the device, the request comprising a particular card identifier of the particular NFC card and a specific signature of the specific application; and

determining by the processor based on the specific signature, the particular card identifier and the ACL, if the specific application is granted access to the particular NFC card via the NFC interface or alternatively if the specific application is denied access to the particular NFC card via the NFC interface.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present relates to a method and device for controlling access from the device to a card via a Near Field Communication (NFC) interface of the device. An Access Control List (ACL) is stored at a memory of the device. The ACL comprises application signatures and corresponding card identifiers. A request is received at a processor of the device from a specific application executing on the device. The request is for accessing a particular NFC enabled card via the NFC interface of the device. The request comprises a particular card identifier of the particular card and a specific signature of the specific application. A determination is made by the processor based on the specific signature, the particular card identifier and the ACL. The determination consists in whether the specific application is granted or alternatively denied access to the particular card via the NFC interface.

Citations

21 Claims

1. A method for controlling access from a device to a card via a Near Field Communication (NFC) interface, the method comprising:
- storing at a memory of the device an Access Control List (ACL) comprising application signatures and corresponding card identifiers;
  
  receiving at a processor of the device a request from a specific application executing on the device for accessing a particular NFC-enabled card via the NFC interface of the device, the request comprising a particular card identifier of the particular NFC card and a specific signature of the specific application; and
  
  determining by the processor based on the specific signature, the particular card identifier and the ACL, if the specific application is granted access to the particular NFC card via the NFC interface or alternatively if the specific application is denied access to the particular NFC card via the NFC interface.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 21)
- - 2. The method of claim 1, further comprising configuring the device to grant or alternatively deny access of the specific application to the particular NFC card via the NFC interface based on the determination by the processor.
  - 3. The method of claim 1, wherein the processor is embedded in a Contactless Front End (CLF) of the NFC interface and the specific application is executed by one of the following:
    - a Central Processing Unit (CPU) of the device or a Secure Element of the device.
  - 4. The method of claim 3, wherein the memory is embedded in one of the following:
    - the CLF or the Secure Element.
  - 5. The method of claim 1, wherein the processor and the memory are embedded in a Secure Element of the device and the specific application is executed by one of the following:
    - a CPU of the device or the Secure Element.
  - 6. The method of claim 1, wherein the processor is embedded in a CPU of the device, receiving and determining by the processor are executed in a Trusted Execution Environment of the processor, the specific application is executed by the CPU, and the ACL is stored in a Trusted Execution Environment of the memory.
  - 7. The method of claim 1, wherein the specific signature consists of a hash generated by signing the binary code of the specific application with a certificate.
  - 8. The method of claim 1, wherein the particular NFC card is one of the following:
    - a NFC enabled credit card, a NFC enabled transit payment card, a NFC enabled facility access card, a NFC enabled identity document, a Radio-Frequency Identification (RFID) tag.
  - 9. The method of claim 1, further comprising receiving via a communication interface of the device an update of the ACL and updating the ACL stored in the memory with the received update.
  - 21. The method of claim 1, further comprising, prior to the receiving at the processor of the device the request from the specific application executing on the device for accessing the particular NFC-enabled card via the NFC interface of the device:
    - receiving at the NFC interface of the device an indication of the particular NFC enabled card;
      
      receiving at the processor of the device the indication of the particular NFC enabled card from the NFC interface of the device.

10. A device comprising:
- a Near Field Communication (NFC) interface including a Contactless Front End (CLF) for exchanging data between the device and a NFC enabled card;
  
  a memory for storing an access control list (ACL) comprising application signatures and corresponding card identifiers; and
  
  a processor for;
  
  receiving a request from a specific application executing on the device for accessing a particular NFC enabled card via the NFC interface, the request comprising a particular card identifier of the particular NFC card and a specific signature of the specific application; and
  
  determining based on the specific signature, the particular card identifier and the ACL, if the specific application is granted access to the particular NFC card via the NFC interface or alternatively if the specific application is denied access to the particular NFC card via the NFC interface.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The device of claim 10, wherein the processor further configures the device to grant or alternatively deny access of the specific application to the particular NFC card via the NFC interface based on the determination by the processor.
  - 12. The device of claim 10 further comprising a Central Processing Unit (CPU) and a Secure Element, the processor being embedded in the CLF, the specific application being executed by one of the following:
    - the CPU or the Secure Element.
  - 13. The device of claim 12, wherein the memory is embedded in one of the following:
    - the CLF or the Secure Element.
  - 14. The device of claim 10 further comprising a CPU and a Secure Element, the processor and the memory being embedded in the Secure Element, the specific application being executed by one of the following:
    - the CPU or the Secure Element.
  - 15. The device of claim 10 further comprising a CPU, the processor being embedded in the CPU, receiving and determining by the processor being executed in a Trusted Execution Environment of the processor, the specific application being executed by the CPU, and the ACL being stored in a Trusted Execution Environment of the memory.
  - 16. The device of claim 10, wherein the specific signature consists of a hash generated by signing the binary code of the specific application with a certificate.
  - 17. The device of claim 10, wherein the particular NFC card is one of the following:
    - a NFC enabled credit card, a NFC enabled transit payment card, a NFC enabled facility access card, a NFC enabled identity document, a Radio-Frequency Identification (RFID) tag.
  - 18. The device of claim 10, further comprising a communication interface for receiving an update of the ACL, the ACL stored in the memory being updated with the received update.

19. A non-transitory computer program product deliverable via an electronically-readable media such as storage media and communication links, the computer program product comprising instructions which when executed by a processor of a device provide for controlling access from the device to a card via a Near Field Communication (NFC) interface by:
- storing at a memory of the device an Access Control List (ACL) comprising application signatures and corresponding card identifiers;
  
  receiving at a processor of the device a request from a specific application executing on the device for accessing a particular NFC enabled card via the NFC interface of the device, the request comprising a particular card identifier of the particular NFC card and a specific signature of the specific application; and
  
  determining by the processor based on the specific signature, the particular card identifier and the ACL, if the specific application is granted access to the particular NFC card via the NFC interface or alternatively if the specific application is denied access to the particular NFC card via the NFC interface.
- View Dependent Claims (20)
- - 20. The non-transitory computer program product of claim 19, further comprising configuring the device to grant or alternatively deny access of the specific application to the particular NFC card via the NFC interface based on the determination by the processor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Mobeewave, Inc. (Apple Inc.)
Inventors
Alberti, Xavier, Alimi, Vincent, De Nanclas, Maxime, Du Hays, Benjamin, Fontaine, Sebastien
Primary Examiner(s)
Armouche, Hadi S
Assistant Examiner(s)
Steinle, Andrew J

Application Number

US15/503,743
Publication Number

US 20170251369A1
Time in Patent Office

1,005 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/35   communicating wirelessly

G06F 21/44   Program or device authentic...

G06F 21/445   by mutual authentication, e...

G06K 19/042   the record carrier having a...

H04L 63/101   Access control lists [ACL]

H04L 63/107   wherein the security polici...

H04W 12/08   Access security

H04W 4/80   Services using short range ...

Method and device for controlling access from the device to a card via a NFC interface

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Method and device for controlling access from the device to a card via a NFC interface

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links