Local trusted services manager for a contactless smart card

US 8,335,932 B2
Filed: 09/26/2011
Issued: 12/18/2012
Est. Priority Date: 12/17/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-implemented method for implementing a trusted service manager (TSM) locally within a secure element of a contactless smart card payment device, the method comprising:

installing, in the secure element of the contactless smart card payment device, a TSM software application, wherein the TSM software application comprises computer code for executing a transmitting function to request application data and a decrypting function to decrypt an encrypted form of received application data, the received application data received at the contactless smart card device in response to a request by the transmitting function;

storing, in the secure element, a private encryption key assigned to the TSM software application and a corresponding public encryption key;

transmitting, by the transmitting function of the TSM software application, the request for application data to a registered remote non-TSM computer configured to access the public key;

receiving, in the contactless smart card payment device from the remote non-TSM computer, the requested application data for installation in the secure element of the contactless smart card payment device, the requested application data comprising at least one of a software application, other than the TSM application, executable in the secure element or data to support an existing software application, other than the TSM application, in the secure element, the received requested application data having been encrypted by the remote non-TSM computer using the public encryption key; and

decrypting, by the decrypting function of the TSM software application, the encrypted received application data using the private key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, computer programs, and devices are disclosed herein for deploying a local trusted service manager within a secure element of a contactless smart card device. The secure element is a component of a contactless smart card incorporated into a contactless smart card device. An asymmetric cryptography algorithm is used to generate public-private key pairs. The private keys are stored in the secure element and are accessible by a trusted service manager (TSM) software application or a control software application in the secure element. A non-TSM computer with access to the public key encrypts and then transmits encrypted application data or software applications to the secure element, where the TSM software application decrypts and installs the software application to the secure element for transaction purposes.

236 Citations

14 Claims

1. A computer-implemented method for implementing a trusted service manager (TSM) locally within a secure element of a contactless smart card payment device, the method comprising:
- installing, in the secure element of the contactless smart card payment device, a TSM software application, wherein the TSM software application comprises computer code for executing a transmitting function to request application data and a decrypting function to decrypt an encrypted form of received application data, the received application data received at the contactless smart card device in response to a request by the transmitting function;
  
  storing, in the secure element, a private encryption key assigned to the TSM software application and a corresponding public encryption key;
  
  transmitting, by the transmitting function of the TSM software application, the request for application data to a registered remote non-TSM computer configured to access the public key;
  
  receiving, in the contactless smart card payment device from the remote non-TSM computer, the requested application data for installation in the secure element of the contactless smart card payment device, the requested application data comprising at least one of a software application, other than the TSM application, executable in the secure element or data to support an existing software application, other than the TSM application, in the secure element, the received requested application data having been encrypted by the remote non-TSM computer using the public encryption key; and
  
  decrypting, by the decrypting function of the TSM software application, the encrypted received application data using the private key.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method according to claim 1, further comprising:
    - writing the decrypted application data to at least one memory block in the secure element.
  - 3. The method according to claim 1, further comprising:
    - managing, by a user-interface software application on the contactless smart card device and resident outside the secure element, the TSM software application in the secure element, thereby executing inputs at the user-interface software application for transmitting request for application data to the remote computer, receiving the encrypted application data, and decrypting the encrypted form of the received application data.
  - 4. The method according to claim 3, wherein the user-interface software application transmits user inputs from a display or a keypad of the contactless smart card device to the TSM software application in the secure element via a secure communication channel.
  - 5. The method according to claim 1, wherein the encrypted application data is received in the secure element or a secure memory outside the secure element of the contactless smart card device, the secure memory connected to the secure element via a secure communication channel.
  - 6. The method according to claim 1, wherein the remote non-TSM computer is registered for deploying application data to the contactless smart card device only when the remote computer is in possession of the public key.
  - 7. The method according to claim 1, wherein the TSM software application further comprises computer code for providing permissions for performing various life-cycle functions on the encrypted application data received in the contactless smart card device, the life-cycle functions including at least one of an initialize function, an install function, a start function, a stop function, and a destroy function.

8. A computer-implemented system for implementing a trusted service manager (TSM) locally within the secure element of a contactless smart card payment device, the system comprising:
- a contactless smart card payment device;
  
  a secure element resident on the device and storing a private encryption key assigned to the secure element and a corresponding public encryption key; and
  
  a TSM software application resident in the secure element, the TSM software application comprising computer code for executing a transmitting function to request application data and a decrypting function for decrypting an encrypted form of received application data, the received application data received at the contactless smart card device in response to a request by the transmitting function, the application data comprising at least one of a software application, other than the TSM application, executable in the secure element or data to support an existing software application, other than the application, in the secure element,wherein the transmitting function of the TSM software application transmits, to a remote non-TSM computer, the request for application data, wherein the remote non-TSM computer is configured to access the public key,wherein the device receives, from the remote non-TSM computer, the requested application data in response to the transmitted request for installation in the secure element of the device, the received application data having been encrypted by the remote non-TSM computer using the public encryption key, andwherein the decrypting function of the TSM software application decrypts the encrypted received application data using the private key.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system according to claim 8, wherein the secure element further comprises a control software application that writes the decrypted application data to at least one memory block in the secure element.
  - 10. The system according to claim 9, further comprising:
    - a user-interface software application resident on the device and outside the secure element that manages the TSM software application in the secure element, thereby executing inputs at the user-interface software application to transmit the request for application data to the remote computer, receive the encrypted application data, and decrypt the encrypted form of the received application data.
  - 11. The system according to claim 10, wherein the user-interface software application transmits user inputs from a display or a keypad of the contactless smart card device to the TSM software application in the secure element via a secure communication channel.
  - 12. The system according to claim 9, wherein the encrypted application data is received in the secure element or a secure memory outside the secure element of the contactless smart card device, the secure memory connected to the secure element via a secure communication channel.
  - 13. The system according to claim 9, wherein the remote non-TSM computer is registered for deploying application data to the contactless smart card device to thereby obtain access to the public key.
  - 14. The system according to claim 9, wherein the TSM software application further comprises computer code for providing permissions for performing various life-cycle functions on the encrypted application data received in the contactless smart card device, the life-cycle functions including at least one of an initialize function, an install function, a start function, a stop function, and a destroy function.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
von Behren, Rob, Wall, Jonathan, Paya, Ismail Cem
Primary Examiner(s)
Flynn, Nathan
Assistant Examiner(s)
Vaughan, Michael R

Application Number

US13/244,715
Publication Number

US 20120159148A1
Time in Patent Office

449 Days
Field of Search

None
US Class Current

713/192
CPC Class Codes

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/3552   Downloading or loading of p...

G06Q 20/35765   Access rights to memory zones

G06Q 20/3823   combining multiple encrypti...

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

Local trusted services manager for a contactless smart card

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

236 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Local trusted services manager for a contactless smart card

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

236 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links