JP6926349B2 - 商用オフザシェルフ又はモノのインターネットデバイスを使用して安全な金融取引を処理するための方法 - Google Patents
商用オフザシェルフ又はモノのインターネットデバイスを使用して安全な金融取引を処理するための方法 Download PDFInfo
- Publication number
- JP6926349B2 JP6926349B2 JP2020565801A JP2020565801A JP6926349B2 JP 6926349 B2 JP6926349 B2 JP 6926349B2 JP 2020565801 A JP2020565801 A JP 2020565801A JP 2020565801 A JP2020565801 A JP 2020565801A JP 6926349 B2 JP6926349 B2 JP 6926349B2
- Authority
- JP
- Japan
- Prior art keywords
- cots
- iot device
- tag
- distance
- iot
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims description 35
- 238000012545 processing Methods 0.000 claims description 10
- 238000004519 manufacturing process Methods 0.000 claims description 6
- 230000003287 optical effect Effects 0.000 claims description 4
- 238000001514 detection method Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 5
- 238000012795 verification Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 238000009434 installation Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 240000007594 Oryza sativa Species 0.000 description 1
- 235000007164 Oryza sativa Nutrition 0.000 description 1
- 238000007792 addition Methods 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 235000009566 rice Nutrition 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3226—Use of secure elements separate from M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/02—Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/308—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using the Internet of Things
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/321—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wearable devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/326—Payment applications installed on the mobile devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
- H04W12/106—Packet or message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
- H04W12/108—Source integrity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/067—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
- G06K19/07—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
- G06K19/0723—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips the record carrier comprising an arrangement for non-contact communication, e.g. wireless communication circuits on transponder cards, non-contact smart cards or RFIDs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q2220/00—Business processing using cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
- H04L2209/805—Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor
Description
Claims (9)
- 商用オフザシェルフ(COTS)又はモノのインターネット(IoT)デバイスを使用して不換通貨の安全な金融取引を処理する方法であって、
前記方法は、
前記COTS/IoTデバイスにおいて、
セキュアプロビジョニングマネジャ(SPM)にCOTS/IoTデバイスのアイデンティティを検証して前記COTS/IoTデバイスの信頼された環境(TE)に信頼されたアプリケーション(TA)をデプロイするように要求することと、
前記COTS/IoTデバイスでアプリケーションを実行することと、
前記TAがインストールされている前記COTS/IoTデバイスから所定の距離内にタグがある場合に共振応答を開始し、前記タグからタグ情報を受け取ることと、
前記TEにアクセスして、受け取られた前記タグ情報に基づいて前記COTS/IoTデバイスを使用して安全な金融取引を処理することと、
を含み、
前記TEは、前記TAが実行される前記COTS/IoTデバイスの保護された部分であり、
前記タグの前記所定の距離は、前記タグが発見されると継続的に監視され、これにより、第1の共振応答で計算された距離が第2又はそれ以降の共振応答で計算された距離よりも大きく、前記タグが前記COTS/IoTデバイスから前記所定の距離内にある場合、前記タグ情報が前記COTS/IoTデバイスによって受け取られて、その後、金融取引が開始され、
距離を計算するための前記共振応答は、支払い処理の開始のため、相対距離を判断するために光近接、音近接、加速器のうちの一又は複数を使用して実施され、
前記距離は、不正検出と支払いスキームのコンプライアンスとのために調整可能であることを特徴とする方法。 - 前記COTS/IoTデバイスは分散型台帳を備え、
前記分散型台帳は、前記COTS/IoTデバイスの所有権、製造、及び使用情報の少なくとも1つに対応する情報を含むことを特徴とする、請求項1に記載の方法。 - 前記分散型台帳の前記COTS/IoTデバイスに対応する情報は、前記TEを介して修正されることを特徴とする、請求項2に記載の方法。
- 前記アプリケーションは、前記COTS/IoTデバイスのオペレーティングシステムで実行されることを特徴とする、請求項1に記載の方法。
- 前記SPMは、前記COTS/IoTデバイスのアイデンティティを検証して前記COTS/IoTデバイスの前記TEに前記TAをインストールするリモートシステムであることを特徴とする、請求項1に記載の方法。
- 前記共振応答は複数回行われて、複数回の共振応答の各々について、前記COTS/IoTデバイスからの前記タグの距離が計算され、
前記COTS/IoTデバイスを使用する後続する共振応答において距離の減少が識別された場合に、安全な金融取引が開始されることを特徴とする、請求項1に記載の方法。 - 安全な金融取引を処理するための商用オフザシェルフ(COTS)又はモノのインターネット(IoT)デバイスであって、
前記COTS/IoTデバイスは、
プロセッサのオペレーティングシステム部分を使用して、前記COTS/IoTデバイスでアプリケーションを実行することと、
前記プロセッサの前記オペレーティングシステム部分を使用して、セキュアプロビジョニングマネジャ(SPM)にCOTS/IoTデバイスのアイデンティティを検証して前記COTS/IoTデバイスの信頼された環境(TE)に信頼されたアプリケーション(TA)をインストールするように要求することと、
前記COTS/IoTデバイスでアプリケーションを実行することと、
前記プロセッサの前記オペレーティングシステム部分を使用して、前記TAがインストールされている前記COTS/IoTデバイスから所定の距離内にタグがある場合に共振応答を開始し、前記タグからタグ情報を受け取ることと、
前記プロセッサの前記オペレーティングシステム部分を使用して、前記TEにアクセスして、受け取られた前記タグ情報に基づいて前記COTS/IoTデバイスを使用して安全な金融取引を処理することと、
を実行するように構成され、
前記TEは、前記COTS/IoTデバイスの保護された部分であり、実行され、
前記タグの前記所定の距離は、分散型台帳を含む前記COTS/IoTデバイスのプロファイルに基づいて計算され、
前記タグの前記所定の距離は、前記タグが発見されると継続的に監視され、これにより、第1の共振応答で計算された距離が第2又はそれ以降の共振応答で計算された距離よりも大きく、前記タグが前記COTS/IoTデバイスから前記所定の距離内にある場合、前記タグ情報が前記COTS/IoTデバイスによって受け取られて、その後、金融取引が開始され、
距離を計算するための前記共振応答は、支払い処理の開始のため、相対距離を判断するために光近接、音近接、加速器のうちの組み合わせを使用して実施され、
前記距離は、不正検出と支払いスキームのコンプライアンスとのために調整可能であることを特徴とするCOTS/IoTデバイス。 - 前記分散型台帳は、COTS/IoTデバイスの所有権、製造、及び使用情報の少なくとも1つに対応する情報を含むことを特徴とする、請求項7に記載のCOTS/IoTデバイス。
- 前記分散型台帳の前記COTS/IoTデバイスに対応する情報は、前記TEを介して修正されることを特徴とする、請求項8に記載のCOTS/IoTデバイス。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
MYPI2018702015 | 2018-05-24 | ||
MYPI2018702015A MY197067A (en) | 2018-05-24 | 2018-05-24 | Method for processing a secure financial transaction using a commercial off-the-shelf or an internet of things device |
PCT/MY2019/050032 WO2019226042A1 (en) | 2018-05-24 | 2019-05-24 | Method for processing a secure financial transaction using a commercial off-the-shelf or an internet of things device |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2021519471A JP2021519471A (ja) | 2021-08-10 |
JP6926349B2 true JP6926349B2 (ja) | 2021-08-25 |
Family
ID=68616131
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2020565801A Active JP6926349B2 (ja) | 2018-05-24 | 2019-05-24 | 商用オフザシェルフ又はモノのインターネットデバイスを使用して安全な金融取引を処理するための方法 |
Country Status (9)
Country | Link |
---|---|
US (1) | US20210209579A1 (ja) |
JP (1) | JP6926349B2 (ja) |
CN (1) | CN112166449A (ja) |
AU (1) | AU2019272261A1 (ja) |
GB (1) | GB2587746B (ja) |
MY (1) | MY197067A (ja) |
SG (1) | SG11202011225YA (ja) |
TW (1) | TW202004635A (ja) |
WO (1) | WO2019226042A1 (ja) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111045690B (zh) * | 2018-10-12 | 2023-04-28 | 阿里巴巴集团控股有限公司 | 区块链节点服务部署方法、装置、系统、计算设备及介质 |
US11520895B2 (en) | 2020-12-07 | 2022-12-06 | Samsung Electronics Co., Ltd. | System and method for dynamic verification of trusted applications |
US11463130B1 (en) * | 2021-10-13 | 2022-10-04 | Roku, Inc. | Proving physical possession of internet-of-things (IoT) devices |
Family Cites Families (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8006291B2 (en) * | 2008-05-13 | 2011-08-23 | Veritrix, Inc. | Multi-channel multi-factor authentication |
NZ592576A (en) * | 2011-04-29 | 2013-09-27 | Jenkin Timber Ltd | A fixing system for cladding and a cladded structure |
US8817240B2 (en) * | 2012-05-25 | 2014-08-26 | Mitutoyo Corporation | Interchangeable optics configuration for a chromatic range sensor optical pen |
DE102013201730A1 (de) * | 2013-02-04 | 2014-08-07 | Bundesdruckerei Gmbh | Bereitstellung von Positionsdaten mittels eines Distance-Bounding Protokolls |
CN104937900B (zh) * | 2013-01-25 | 2018-11-06 | 联邦印刷有限公司 | 定位系统、智能卡以及给智能卡提供位置数据的方法 |
US9818092B2 (en) * | 2014-06-04 | 2017-11-14 | Antti Pennanen | System and method for executing financial transactions |
US9608829B2 (en) * | 2014-07-25 | 2017-03-28 | Blockchain Technologies Corporation | System and method for creating a multi-branched blockchain with configurable protocol rules |
US9871821B2 (en) * | 2014-11-11 | 2018-01-16 | Oracle International Corporation | Securely operating a process using user-specific and device-specific security constraints |
WO2016132458A1 (ja) * | 2015-02-17 | 2016-08-25 | 楽天株式会社 | 携帯端末、制御方法およびプログラム |
EP3262582B1 (en) * | 2015-02-27 | 2021-03-17 | Samsung Electronics Co., Ltd. | Electronic device providing electronic payment function and operating method thereof |
CN106899552B (zh) * | 2015-12-21 | 2020-03-20 | 中国电信股份有限公司 | 认证方法,认证终端以及系统 |
US20170243193A1 (en) * | 2016-02-18 | 2017-08-24 | Skuchain, Inc. | Hybrid blockchain |
US10515350B2 (en) * | 2016-03-15 | 2019-12-24 | Samsung Electronics Co., Ltd. | Method and apparatus to trigger mobile payment based on distance |
GB201607476D0 (en) * | 2016-04-29 | 2016-06-15 | Eitc Holdings Ltd | Operating system for blockchain IOT devices |
US10705894B2 (en) * | 2016-05-30 | 2020-07-07 | Samsung Electronics Co., Ltd. | Electronic device for authenticating application and operating method thereof |
US20180147552A1 (en) * | 2016-11-28 | 2018-05-31 | Sarfaraz K. Niazi | Zero gravity process device |
CN106682897B (zh) * | 2016-12-27 | 2020-09-08 | 努比亚技术有限公司 | 确定nfc支付的装置及方法 |
US10554634B2 (en) * | 2017-08-18 | 2020-02-04 | Intel Corporation | Techniques for shared private data objects in a trusted execution environment |
US20190340481A1 (en) * | 2018-05-02 | 2019-11-07 | Capital One Services, Llc | Secure contactless payment method and device with active electronic circuitry |
-
2018
- 2018-05-24 MY MYPI2018702015A patent/MY197067A/en unknown
-
2019
- 2019-05-24 GB GB2020524.1A patent/GB2587746B/en active Active
- 2019-05-24 WO PCT/MY2019/050032 patent/WO2019226042A1/en active Application Filing
- 2019-05-24 AU AU2019272261A patent/AU2019272261A1/en not_active Abandoned
- 2019-05-24 JP JP2020565801A patent/JP6926349B2/ja active Active
- 2019-05-24 SG SG11202011225YA patent/SG11202011225YA/en unknown
- 2019-05-24 TW TW108118038A patent/TW202004635A/zh unknown
- 2019-05-24 US US17/058,061 patent/US20210209579A1/en active Pending
- 2019-05-24 CN CN201980035082.4A patent/CN112166449A/zh active Pending
Also Published As
Publication number | Publication date |
---|---|
MY197067A (en) | 2023-05-24 |
TW202004635A (zh) | 2020-01-16 |
US20210209579A1 (en) | 2021-07-08 |
AU2019272261A1 (en) | 2021-01-21 |
GB202020524D0 (en) | 2021-02-03 |
GB2587746B (en) | 2023-01-11 |
JP2021519471A (ja) | 2021-08-10 |
WO2019226042A1 (en) | 2019-11-28 |
CN112166449A (zh) | 2021-01-01 |
GB2587746A (en) | 2021-04-07 |
AU2019272261A2 (en) | 2022-04-14 |
SG11202011225YA (en) | 2020-12-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP7030981B2 (ja) | 資産管理方法および装置、および電子デバイス | |
US11113404B2 (en) | Securing operating system configuration using hardware | |
US10748144B2 (en) | System and method for transaction security enhancement | |
CN107430657B (zh) | 通过代理的认证 | |
US9871821B2 (en) | Securely operating a process using user-specific and device-specific security constraints | |
KR101492757B1 (ko) | 애플리케이션 사용 정책 시행 | |
US10673831B2 (en) | Systems and methods for automating security controls between computer networks | |
US9569602B2 (en) | Mechanism for enforcing user-specific and device-specific security constraints in an isolated execution environment on a device | |
JP6926349B2 (ja) | 商用オフザシェルフ又はモノのインターネットデバイスを使用して安全な金融取引を処理するための方法 | |
JP2020524836A (ja) | ソフトウェア起動及びライセンス追跡用のシステム及び方法 | |
TW201241666A (en) | Client hardware authenticated transactions | |
CN111770112B (zh) | 一种信息共享方法、装置及设备 | |
US20170300692A1 (en) | Hardware Hardened Advanced Threat Protection | |
KR20220090537A (ko) | 정책 적용을 위한 가상 환경 유형 검증 | |
US20170083906A1 (en) | Token assurance level based transaction processing | |
EP3195551B1 (en) | Method and system for managing fine-grained policies for requiring user approval of device management operations | |
JP7445017B2 (ja) | ユーザ識別子および署名収集を利用したモバイルアプリケーション偽造・変造探知方法、コンピュータプログラム、コンピュータ読み取り可能な記録媒体およびコンピュータ装置 | |
US11494762B1 (en) | Device driver for contactless payments | |
US11507958B1 (en) | Trust-based security for transaction payments | |
US10970058B2 (en) | Software package installations with proximity tags |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A821 Effective date: 20210113 Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20210113 Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20210219 |
|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20210219 |
|
A711 | Notification of change in applicant |
Free format text: JAPANESE INTERMEDIATE CODE: A711 Effective date: 20201118 |
|
A871 | Explanation of circumstances concerning accelerated examination |
Free format text: JAPANESE INTERMEDIATE CODE: A871 Effective date: 20210219 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20210430 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20210611 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20210611 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20210705 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20210804 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 6926349 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |