Routing secure element payment requests to an alternate application
First Claim
1. A computer-implemented method for routing invocation requests from a contactless reader to a card software application on a secure element embedded within a chip of a contactless payment device, the computer-implemented method comprising:
- establishing a first sharable interface object (SIO) associated with a first memory within the secure element embedded within the chip operable to store the card software application;
establishing a second SIO associated with a second memory within the secure element embedded within the chip operable to store a control software application;
supporting secure data transfer between the first SIO and the second SIO across a secure firewall within the chip;
notifying, by a process method function call of the secure element, the control software application about successful instantiation of the first sharable interface object (SIO);
receiving, by a process method function call of the secure element, a request from the contactless reader for data from the card software application, the request comprising an application identifier (AID) of the card software application;
retrieving, by a process method function call of the secure element, from the first SIO, an alternate AID for the card software application;
securing data transfer across the secure firewall according to the alternate AID; and
routing, by a process method function call of the secure element, the request to the card software application based on the alternate AID, wherein the routing is performed by replacing the requested AID with the alternate AID.
4 Assignments
0 Petitions
Accused Products
Abstract
Certain legacy contactless card readers recognize only applets having a short-form AID. However, the long-form AID applets can allow more functionality and specifically can allow use of multiple software applications within a mobile device. A legacy card reader requests invocation of a software applet based on the short-form AID known to the legacy card reader. A router applet operating on the mobile device receives the request for the short-form AID applet, determines the long-form AID applet corresponding to the short-form AID applet, and routes the request to the long-form AID applet, thereby invoking the long-form AID applet. In this manner, legacy readers that have stored therein only the short-form AID applet can invoke the functionality of the long-form AID applet on the smart card. Additionally, newer readers implementing the long-form AID applet can request directly the long-form AID applet.
318 Citations
8 Claims
-
1. A computer-implemented method for routing invocation requests from a contactless reader to a card software application on a secure element embedded within a chip of a contactless payment device, the computer-implemented method comprising:
-
establishing a first sharable interface object (SIO) associated with a first memory within the secure element embedded within the chip operable to store the card software application; establishing a second SIO associated with a second memory within the secure element embedded within the chip operable to store a control software application; supporting secure data transfer between the first SIO and the second SIO across a secure firewall within the chip; notifying, by a process method function call of the secure element, the control software application about successful instantiation of the first sharable interface object (SIO); receiving, by a process method function call of the secure element, a request from the contactless reader for data from the card software application, the request comprising an application identifier (AID) of the card software application; retrieving, by a process method function call of the secure element, from the first SIO, an alternate AID for the card software application; securing data transfer across the secure firewall according to the alternate AID; and routing, by a process method function call of the secure element, the request to the card software application based on the alternate AID, wherein the routing is performed by replacing the requested AID with the alternate AID. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for routing requests within a contactless payment device, the method comprising:
-
establishing a runtime environment within an embedded secure element chip of the contactless payment device; instantiating a control application within a first secure memory of the embedded secure element chip; instantiating a payment instrument application within a second secure memory of the embedded secure element chip; establishing a secure firewall within the embedded secure element chip operable to separate the first secure memory from the second secure memory; receiving a request from a contactless interface associated with the contactless payment device; identifying, within the request, an application identifier (AID) of the payment instrument application; determining an alternate AID for the payment instrument application in response to identifying the AID; establishing a secure data transfer route, according to the alternate AID, from a first sharable interface object (SIO) associated with the control application within the first secure memory, through the secure firewall, and to a second SIO associated with the payment instrument application within the second secure memory; and routing the request through the secure data transfer route according to the alternate AID. - View Dependent Claims (7, 8)
-
Specification