System and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card

US 6,005,942 A
Filed: 03/24/1998
Issued: 12/21/1999
Est. Priority Date: 03/24/1997
Status: Expired due to Fees

First Claim

Patent Images

1. A method for loading a smart card application onto a smart card after said smart card has been issued to a cardholder, said method comprising:

issuing said smart card to a cardholder, said smart card including a card domain application arranged to manage the post-issuance loading of applications;

establishing communication between said smart card and a provider of said smart card application;

loading said smart card application onto said smart card under control of said card domain application; and

checking a cryptographic signature of said smart card application using said card domain application, whereby said smart card application is loaded onto said smart card post-issuance in a secure manner.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method allow card issuers to securely add applications during the lifetime of the card after the card has already been issued (post issuance). Loading of an application and/or objects from an application server via a card acceptance device (and its supporting system infrastructure delivery mechanism) onto a card post issuance is performed in a secure and confidential manner. A smart card includes a card domain application that manages the card. Any number of security domain applications on the card provide security for loaded applications by managing keys; each application is associated with a security domain. Each of the card domain and security domains has a command interface for off-card communication, and an API for internal card use. The card life cycle includes the states of masked, initialized, load secured and blocked. An application life cycle includes the states of not available, loaded, installed, registered, personalized, activated and blocked. An application can block the card.

616 Citations

24 Claims

1. A method for loading a smart card application onto a smart card after said smart card has been issued to a cardholder, said method comprising:
- issuing said smart card to a cardholder, said smart card including a card domain application arranged to manage the post-issuance loading of applications;
  
  establishing communication between said smart card and a provider of said smart card application;
  
  loading said smart card application onto said smart card under control of said card domain application; and
  
  checking a cryptographic signature of said smart card application using said card domain application, whereby said smart card application is loaded onto said smart card post-issuance in a secure manner.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A method as recited in claim 1 further comprising:
    - providing a cryptographic signature key to said card domain application before said smart card application is loaded onto said smart card;
      
      signing said smart card application using said cryptographic signature before said smart card application is loaded onto said smart card, said cryptographic signature being calculated using said cryptographic signature key;
      
      calculating said cryptographic signature of said smart card application once said smart card application has been loaded onto said smart card, said calculating being performed by said card domain application using said cryptographic signature key provided to said card application, whereby said element of checking may be performed by said card domain application.
  - 3. A method as recited in claim 1 further comprising:
    - decrypting said smart card application by said card domain application once said smart card application has been loaded, whereby said smart card application is loaded onto said smart card post-issuance in a secure manner.
  - 4. A method as recited in claim 3 further comprising:
    - providing a cryptographic encryption key to said card domain application before said smart card application is loaded onto said smart card;
      
      encrypting said smart card application using said cryptographic encryption key before said smart card application is loaded onto said smart card; and
      
      wherein said element of decrypting being performed by said card domain application uses said cryptographic encryption key provided to said card domain application, whereby said smart card application is loaded onto said smart card post-issuance in a secure manner.
  - 5. A method as recited in claim 1 further comprising:
    - loading personalization data for said smart card application onto said smart card under control of said card domain application; and
      
      checking a cryptographic signature of said personalization data using said card domain application, whereby said personalization data for said smart card application is loaded onto said smart card post-issuance in a secure manner.
  - 6. A method as recited in claim 1 wherein said smart card further includes a security domain application arranged to manage the security of post-issuance loading of applications, and said element of checking is performed by said security domain application.
  - 7. A method as recited in claim 1 wherein details of said element of checking said cryptographic signature are kept confidential from an issuer of said smart card.

8. A method for loading a smart card application onto a smart card after said smart card has been issued to a cardholder, said method comprising:
- issuing said smart card to a cardholder, said smart card including a card domain application arranged to manage the post-issuance loading of applications and a security domain application arranged to manage the security of post-issuance loading of applications;
  
  establishing communication between said smart card and a provider of said smart card application;
  
  loading said smart card application onto said smart card; and
  
  invoking a cryptographic service of said security domain application to validate said smart card application, whereby said smart card application is loaded onto said smart card post-issuance in a secure manner.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. A method as recited in claim 8 further comprising:
    - providing a cryptographic signature key to said security domain application before said smart card application is loaded onto said smart card;
      
      signing said smart card application using a cryptographic signature before said smart card application is loaded onto said smart card, said cryptographic signature being calculated using said cryptographic signature key;
      
      calculating said cryptographic signature of said smart card application once said smart card application has been loaded onto said smart card, said calculating being performed by said security domain application using said cryptographic signature key provided to said security domain application, whereby said smart card application is validated.
  - 10. A method as recited in claim 8 further comprising:
    - decrypting said smart card application by said security domain application once said smart card application has been loaded, whereby said smart card application is validated.
  - 11. A method as recited in claim 10 further comprising:
    - providing a cryptographic encryption key to said security domain application before said smart card application is loaded onto said smart card;
      
      encrypting said smart card application using said cryptographic encrypt ion key before said smart card application is loaded onto said smart card; and
      
      wherein said element of decrypting being performed by said security domain application uses said cryptographic encryption key provided to said card domain application.
  - 12. A method as recited in claim 8 further comprising:
    - loading personalization data for said smart card application onto said smart card; and
      
      invoking a cryptographic service of said security domain application to validate said personalization data, whereby said personalization data for said smart card application is loaded onto said smart card post-issuance in a secure manner.
  - 13. A method as recited in claim 8 wherein details of said element of invoking a cryptographic service are kept confidential from an issuer of said smart card.
  - 14. A method as recited in claim 8 wherein said cryptographic service provides encryption, decryption, MACing, hashing or a digital signature technique.

15. A smart card arranged to load an application onto said smart card after said smart card has been issued to a cardholder, said smart card comprising:
- a card domain application arranged to manage loading of said application onto said smart card; and
  
  a security domain application arranged to manage the security of post-issuance loading of applications, said security domain application includinga cryptographic key associated with said application,a cryptographic service for validating said application after said application has been loaded post-issuance, said cryptographic service using said cryptographic key, anda key management function associated with said cryptographic key, whereby said application may be loaded onto said smart card post-issuance in a secure manner using said security domain application.
- View Dependent Claims (16, 17, 18, 19)
- - 16. A smart card as recited in claim 15 wherein said cryptographic key is an encryption key and wherein said cryptographic service is decryption, whereby said security domain application may decrypt said application after loading of said application onto said smart card.
  - 17. A smart card as recited in claim 15 wherein said cryptographic key is a signature key and wherein said cryptographic service calculates a digital signature, whereby said security domain application may check a signature of said application after loading of said application onto said smart card.
  - 18. A smart card as recited in claim 15 wherein said key management function is loading or updating of a key.
  - 19. A smart card as recited in claim 15 wherein security aspects of said security domain application are kept confidential from said card domain application.

20. A smart card arranged to load a plurality of applications onto said smart card after said smart card has been issued to a cardholder, said smart card comprising:
- a card domain application arranged to manage loading of said applications onto said smart card;
  
  a first security domain application arranged to provide security for a first application to be loaded post-issuance, said first security domain application includinga first cryptographic key associated with said first application, said first cryptographic key being kept secret from said card domain and from a second security domain application; and
  
  said second security domain application arranged to provide security for a second application to be loaded post-issuance, said second security domain application includinga second cryptographic key associated with said second application, said second cryptographic key being kept secret from said card domain and from said first security domain application, whereby said first and second applications may be loaded securely post-issuance using said first and second cryptographic keys, respectively.
- View Dependent Claims (21, 22, 23, 24)
- - 21. A smart card as recited in claim 20 wherein said first cryptographic key is an encryption key or a signature key and wherein wherein said second cryptographic key is an encryption key or a signature key.
  - 22. A smart card as recited in claim 20 further comprising:
    - a cryptographic service included with said first security domain for validating said first application after said first application has been loaded post-issuance, said cryptographic service using said first cryptographic key, the details of said cryptographic service being kept secret from said card domain application and from said second security domain application.
  - 23. A smart card as recited in claim 20 further comprising:
    - a key management function included with said first security domain application.
  - 24. A smart card as recited in claim 23 wherein said key management function is loading or updating of a key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GlobalPlatform, Inc.
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Kekicheff, Marc B., Weise, Joel M., Wentker, David C., Chan, Alfred
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US09/046,993
Time in Patent Office

637 Days
Field of Search

380/4, 380/23, 380/24, 380/25, 380/49, 380/50, 380/59, 380/9, 380/21, 380/29, 380/30, 235/379, 235/380, 235/382, 379/93.01, 379/93.05, 379/93.06, 379/93.12
US Class Current

713/187
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/53   by executing in a restricte...

G06F 21/57   Certifying or maintaining t...

G06F 21/572   Secure firmware programming...

G06F 21/74   operating in dual or compar...

G06F 21/77   in smart cards

G06F 2221/2105   Dual mode as a secondary as...

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2149   Restricted operating enviro...

G06F 2221/2153   Using hardware token as a s...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3552   Downloading or loading of p...

G06Q 20/3574   Multiple applications on card

G06Q 20/3576   Multiple memory zones on card

G07F 7/1008   Active credit-cards provide...

System and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

616 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

616 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links