Wallet application for interacting with a secure element application without a trusted server for authentication
First Claim
1. A computer-implemented method for communication within payment devices configured to conduct payments via contactless communication, comprising:
- supporting a first secure and isolated memory of a secure element embedded within a chip of a payment device configured to conduct a payment via contactless communication;
locating a control applet and a first sharable interface object (SIO) owned by the control applet within the first secure and isolated memory;
selecting, on a software application of the payment device, a selected card applet to configure from a registered list of card applets, the registered list of card applets comprising application identifiers (AIDs) of card applets within the secure element;
supporting a second secure and isolated memory of the secure element embedded within the chip;
locating the selected card applet and a second SIO owned by the selected card applet within the second secure and isolated memory;
transmitting, through a secure channel, to the control applet within the first secure and isolated memory, an AID associated with the selected card applet and a computer-coded instruction for a selected function to be performed on the selected card applet;
requesting data access from the control applet located within the first secure and isolated memory to the second SIO located within the second secure and isolated memory across a secure firewall within the secure element;
invoking, by the control applet, process method function calls of a card runtime environment, wherein the process method function calls perform the selected function on the selected card applet; and
executing, by the card runtime environment, the process method function calls, thereby performing the selected function on the selected card applet.
4 Assignments
0 Petitions
Accused Products
Abstract
Communication between a software application midlet of a contactless payment device and a control applet resident within a secure element of the contactless payment device includes selecting, on the software application midlet, a card applet to configure from a registered list of card applets, the list comprising application identifiers (AIDs) of card applets resident in the secure element; transmitting, through a secure channel, to the control applet on the secure element, the selected card applet'"'"'s AID and an instruction for a selected function to be performed on the selected card applet; invoking, by the control applet, process method function calls of a card runtime environment, wherein the process method function calls are defined by the card issuer or the card runtime environment for performing the selected function on the selected card applet; and rendering the process method function calls, thereby performing the selected function on the selected card applet.
429 Citations
20 Claims
-
1. A computer-implemented method for communication within payment devices configured to conduct payments via contactless communication, comprising:
-
supporting a first secure and isolated memory of a secure element embedded within a chip of a payment device configured to conduct a payment via contactless communication; locating a control applet and a first sharable interface object (SIO) owned by the control applet within the first secure and isolated memory; selecting, on a software application of the payment device, a selected card applet to configure from a registered list of card applets, the registered list of card applets comprising application identifiers (AIDs) of card applets within the secure element; supporting a second secure and isolated memory of the secure element embedded within the chip; locating the selected card applet and a second SIO owned by the selected card applet within the second secure and isolated memory; transmitting, through a secure channel, to the control applet within the first secure and isolated memory, an AID associated with the selected card applet and a computer-coded instruction for a selected function to be performed on the selected card applet; requesting data access from the control applet located within the first secure and isolated memory to the second SIO located within the second secure and isolated memory across a secure firewall within the secure element; invoking, by the control applet, process method function calls of a card runtime environment, wherein the process method function calls perform the selected function on the selected card applet; and executing, by the card runtime environment, the process method function calls, thereby performing the selected function on the selected card applet. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A payment device, comprising:
-
a secure element embedded within a chip, the secure element comprising; a first memory, a second memory, a control applet, a first sharable interface object (SIO) within the first memory and owned by the control applet, a plurality of card applets, a second SIO within the second memory and owned by one of the plurality of card applets, a firewall operable to separate the first SIO within the first memory and the second SIO within the second memory and to support secure data access and transfer between the first SIO within the first memory and the second SIO within the second memory through the firewall, and a registered list of the card applets, wherein the registered list comprises an application identifier (AID) for each of the card applets resident in the secure element, a software application midlet that receives an input of a selection of at least one of the plurality of card applets to configure from the registered list of card applets, and a secure channel via which the selected card applet'"'"'s AID and a computer-coded instruction for a selected function to be performed on the selected card applet are communicated to the control applet on the secure element, wherein the control applet requests data access to the second SIO across the firewall and invokes process method function calls of a card runtime environment, wherein the process method function calls are defined by a card issuer corresponding to the selected card applet to perform the selected function on the selected card applet, and wherein the card runtime environment executes the process method function calls, thereby performing the selected function on the selected card applet. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A payment device, comprising:
-
a secure element embedded within a chip of a device used for payments; a first memory embedded within the secure element, the first memory operable to store a control application and a first sharable interface object (SIO) within and owned by the control application; a second memory embedded within the secure element, the second memory operable to store a card application and a second SIO within and owned by the card application; a secure firewall embedded within the secure element operable to separate the first SIO and the second SIO, the secure firewall being further operable to support secure data transfer between the first SIO and the second SIO through the firewall in response to the control applet requesting data access from to the second SIO through the secure firewall; and a card runtime environment operable to receive, from a remote trusted service manager (TSM), a received application identifier (AID) code and one or more computer-coded instructions, wherein the one or more computer coded instructions support performing a function upon the card application through the secure firewall in response to the received AID corresponding to an AID associated with the card application. - View Dependent Claims (20)
-
Specification