×

Isolating distinct service provider widgets within a wallet container

  • US 10,032,160 B2
  • Filed: 12/04/2013
  • Issued: 07/24/2018
  • Est. Priority Date: 10/06/2005
  • Status: Active Grant
First Claim
Patent Images

1. An apparatus, comprising:

  • a plurality of widget modules accessible in a memory of a mobile device, wherein each widget module is associated with a service provider; and

    a wallet container that is accessible in the memory, the wallet container operable on the mobile device to;

    isolate a plurality of distinct electronic wallets that are accessible in the memory;

    control access to the plurality of distinct electronic wallets through the plurality of widget modules by authenticating a widget module to access a distinct electronic wallet based on wallet access rights of the service provider associated with the widget module;

    determine wallet access rights of the service provider by processing a widget access context object associated with a specific widget that is used by the wallet container to manage widget access, wherein the widget access context object is a runtime accessible data structure that is populated with information derived from a widget access record;

    securely isolate access to mobile device resources that is allowed for each widget module via limiting access to at least one application programming interface;

    control widget access to resources with service provider-specific security domain applets that are accessible in a memory of the mobile device;

    limit, with the wallet container widget use of security domain applets to a security domain applet of the service provider associated with the widget; and

    store at least one widget module of the plurality of widget modules associated with a service provider in a particular non-volatile service provider-specific security domain memory of a plurality of non-volatile service provider-specific security domain memories of a secure element of the mobile device, the particular security domain memory comprising the at least one widget module and the service provider-specific security domain applet; and

    access the security domain and all applets disposed therein as a group using unique, security domain-specific security keys when accessing the secure element.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×