Routing secure element payment requests to an alternate application

US 8,807,440 B1
Filed: 09/26/2011
Issued: 08/19/2014
Est. Priority Date: 12/17/2010
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for routing invocation requests from a contactless reader to a card software application on a secure element embedded within a chip of a contactless payment device, the computer-implemented method comprising:

establishing a first sharable interface object (SIO) associated with a first memory within the secure element embedded within the chip operable to store the card software application;

establishing a second SIO associated with a second memory within the secure element embedded within the chip operable to store a control software application;

supporting secure data transfer between the first SIO and the second SIO across a secure firewall within the chip;

notifying, by a process method function call of the secure element, the control software application about successful instantiation of the first sharable interface object (SIO);

receiving, by a process method function call of the secure element, a request from the contactless reader for data from the card software application, the request comprising an application identifier (AID) of the card software application;

retrieving, by a process method function call of the secure element, from the first SIO, an alternate AID for the card software application;

securing data transfer across the secure firewall according to the alternate AID; and

routing, by a process method function call of the secure element, the request to the card software application based on the alternate AID, wherein the routing is performed by replacing the requested AID with the alternate AID.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Certain legacy contactless card readers recognize only applets having a short-form AID. However, the long-form AID applets can allow more functionality and specifically can allow use of multiple software applications within a mobile device. A legacy card reader requests invocation of a software applet based on the short-form AID known to the legacy card reader. A router applet operating on the mobile device receives the request for the short-form AID applet, determines the long-form AID applet corresponding to the short-form AID applet, and routes the request to the long-form AID applet, thereby invoking the long-form AID applet. In this manner, legacy readers that have stored therein only the short-form AID applet can invoke the functionality of the long-form AID applet on the smart card. Additionally, newer readers implementing the long-form AID applet can request directly the long-form AID applet.

318 Citations

8 Claims

1. A computer-implemented method for routing invocation requests from a contactless reader to a card software application on a secure element embedded within a chip of a contactless payment device, the computer-implemented method comprising:
- establishing a first sharable interface object (SIO) associated with a first memory within the secure element embedded within the chip operable to store the card software application;
  
  establishing a second SIO associated with a second memory within the secure element embedded within the chip operable to store a control software application;
  
  supporting secure data transfer between the first SIO and the second SIO across a secure firewall within the chip;
  
  notifying, by a process method function call of the secure element, the control software application about successful instantiation of the first sharable interface object (SIO);
  
  receiving, by a process method function call of the secure element, a request from the contactless reader for data from the card software application, the request comprising an application identifier (AID) of the card software application;
  
  retrieving, by a process method function call of the secure element, from the first SIO, an alternate AID for the card software application;
  
  securing data transfer across the secure firewall according to the alternate AID; and
  
  routing, by a process method function call of the secure element, the request to the card software application based on the alternate AID, wherein the routing is performed by replacing the requested AID with the alternate AID.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method according to claim 1, wherein the AID is a long-form AID, and wherein the alternate AID is a short-form AID.
  - 3. The method according to claim 1, wherein the process method function calls are associated with a card runtime environment.
  - 4. The method according to claim 1, wherein each process method function call is an application programmable interface (API) function configured to render in a runtime environment of the secure element.
  - 5. The method according to claim 1, wherein the card software application is a software instance comprising information to access a credit card account, a debit card account, a loyalty card account, a web-based coupon account, a membership account, a gift card account, or an access card account.

6. A method for routing requests within a contactless payment device, the method comprising:
- establishing a runtime environment within an embedded secure element chip of the contactless payment device;
  
  instantiating a control application within a first secure memory of the embedded secure element chip;
  
  instantiating a payment instrument application within a second secure memory of the embedded secure element chip;
  
  establishing a secure firewall within the embedded secure element chip operable to separate the first secure memory from the second secure memory;
  
  receiving a request from a contactless interface associated with the contactless payment device;
  
  identifying, within the request, an application identifier (AID) of the payment instrument application;
  
  determining an alternate AID for the payment instrument application in response to identifying the AID;
  
  establishing a secure data transfer route, according to the alternate AID, from a first sharable interface object (SIO) associated with the control application within the first secure memory, through the secure firewall, and to a second SIO associated with the payment instrument application within the second secure memory; and
  
  routing the request through the secure data transfer route according to the alternate AID.
- View Dependent Claims (7, 8)
- - 7. The method according to claim 6, wherein the payment instrument application is a software instance comprising information to access a credit card account, a debit card account, a loyalty card account, a web-based coupon account, a membership account, a gift card account, or an access card account.
  - 8. The method according to claim 6, wherein the contactless interface comprises a radio frequency communications device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
von Behren, Rob, Wall, Jonathan, Muehlberg, Alexej, Meyn, Hauke
Primary Examiner(s)
STANFORD, CHRISTOPHER J

Application Number

US13/244,775
Time in Patent Office

1,058 Days
Field of Search

235/487, 235/492, 717/136
US Class Current

235/492
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 9/44552   Conflict resolution, i.e. e...

G06F 9/45508   Runtime interpretation or e...

G06Q 20/02   involving a neutral party, ...

G06Q 20/3263   characterised by activation...

G06Q 20/3563   Software being resident on ...

G06Q 20/3574   Multiple applications on card

G06Q 20/367   involving electronic purses...

G06Q 20/382   insuring higher security of...

Routing secure element payment requests to an alternate application

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

318 Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Routing secure element payment requests to an alternate application

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

318 Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links