Apparatus and method for managing use of secure tokens
First Claim
1. A communication device comprising:
- a secure element having a secure element memory with first executable instructions, wherein the secure element, responsive to executing the first executable instructions, performs first operations comprising;
generating a modified secure token by adding identification information to an encrypted secure token stored in the secure element memory and by performing a second encryption of the encrypted secure token with the identification information, wherein the identification information comprises a digital signature, a time stamp or a combination thereof; and
receiving token adjustment instructions from a secure token application function, wherein the token adjustment instructions are received via a remote management server; and
a secure device processor having a secure device processor memory with second executable instructions, wherein the secure device processor is in communication with the secure element, wherein the secure device processor, responsive to executing the second executable instructions, performs second operations comprising;
receiving the modified secure token from the secure element; and
providing the modified secure token to a receiving device to enable the receiving device to provide the modified secure token to the secure token application function for decrypting the modified secure token to analyze the identification information and to obtain token information for use by the receiving device,wherein the receiving of the encrypted secure token from the secure token application function by the secure element is via the remote management server, and wherein keysets are utilized for mutual authentication of the secure element and the secure device processor with the remote management server.
2 Assignments
0 Petitions
Accused Products
Abstract
A system that incorporates the subject disclosure may perform, for example, operations including receiving an encrypted secure token from a secure token application function that is remote from the communication device, storing the encrypted secure token in a secure element memory of the secure element, accessing user input requesting the encrypted secure token where the secure device processor is separate from the secure element and is in communication with the secure element, generating a modified secure token by adding identification information to the encrypted secure token and by performing a second encryption of the encrypted secure token with the identification information, receiving the modified secure token from the secure element, and providing the modified secure token to a receiving device. Other embodiments are disclosed.
128 Citations
19 Claims
-
1. A communication device comprising:
-
a secure element having a secure element memory with first executable instructions, wherein the secure element, responsive to executing the first executable instructions, performs first operations comprising; generating a modified secure token by adding identification information to an encrypted secure token stored in the secure element memory and by performing a second encryption of the encrypted secure token with the identification information, wherein the identification information comprises a digital signature, a time stamp or a combination thereof; and receiving token adjustment instructions from a secure token application function, wherein the token adjustment instructions are received via a remote management server; and a secure device processor having a secure device processor memory with second executable instructions, wherein the secure device processor is in communication with the secure element, wherein the secure device processor, responsive to executing the second executable instructions, performs second operations comprising; receiving the modified secure token from the secure element; and providing the modified secure token to a receiving device to enable the receiving device to provide the modified secure token to the secure token application function for decrypting the modified secure token to analyze the identification information and to obtain token information for use by the receiving device, wherein the receiving of the encrypted secure token from the secure token application function by the secure element is via the remote management server, and wherein keysets are utilized for mutual authentication of the secure element and the secure device processor with the remote management server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
generating, by a secure element of a communication device, a modified secure token by adding identification information to an encrypted secure token stored in a secure element memory of the secure element and by performing a second encryption of the encrypted secure token with the identification information, wherein the identification information comprises a digital signature, a time stamp or a combination thereof; receiving, by a secure device processor of the communication device, the modified secure token from the secure element, wherein the secure device processor is in communication with the secure element; providing, by the secure device processor, the modified secure token to a receiving device to enable the receiving device to provide the modified secure token to a secure token application function for decrypting the modified secure token to analyze the identification information and to obtain token information for use by the receiving device; and receiving, by the secure element, token adjustment instructions from the secure token application function, wherein the token adjustment instructions are received via a remote management server, wherein the receiving of the encrypted secure token from the secure token application function by the secure element is via the remote management server, and wherein keysets are utilized for mutual authentication of the secure element and the secure device processor with the remote management server. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A method comprising:
-
receiving, by a secure token application function, a modified secure token from a receiving device that obtained the modified secure token from a communication device according to user input associated with a token descriptor; decrypting, by the secure token application function, the modified secure token to obtain an encrypted secure token and to obtain identification information, wherein the identification information comprises a digital signature, a time stamp or a combination thereof; verifying, by the secure token application function, the identification information; decrypting, by the secure token application function, the encrypted secure token to obtain a secure token; analyzing, by the secure token application function, the secure token to obtain token information; and providing, by the secure token application function, a notification to the receiving device indicating an acceptance or denial of the token information; providing, by the secure token application function, token adjustment instructions to a secure element of the communication device, wherein the token adjustment instructions are provided via a remote management server, wherein the encrypted secure token is provided to the secure element of the communication device via the remote management server, and wherein keysets are utilized for mutual authentication of the secure element and a secure device processor of the communication device with the remote management server. - View Dependent Claims (18, 19)
-
Specification