KR102632548B1 - Method for uwb transaction and electronic device therefor - Google Patents

Abstract

According to various embodiments, a communication circuit configured to perform short-range wireless communication, a UWB communication circuit configured to perform ultra-wideband (UWB) communication, and an execution environment isolated from an operating system (OS) of the electronic device are provided. An electronic device including a security element configured to do so and a processor is disclosed. The UWB communication circuit performs ranging with an external electronic device, receives a first UWB signal including a MAC header and a MAC payload from the external electronic device, and receives a MAC signal included in the MAC payload. (medium access control) may be configured to determine whether to transmit information included in the MAC payload information element to the security element based at least on the payload information element. In addition, various embodiments are possible.

Description

Method and electronic device for UWB transaction {METHOD FOR UWB TRANSACTION AND ELECTRONIC DEVICE THEREFOR}

Various embodiments disclosed in this document relate to methods and electronic devices for ultra-wideband (UWB) transactions.

Electronic devices can perform transactions based on near field communication (NFC). For example, a user can obtain active keyless entry (AKE) by tagging an electronic device with an NFC function at a close distance (e.g., about 10 cm or less) to an NFC reader. For example, an electronic device can acquire AKE using an applet stored in a secure element (SE) of the electronic device. If the applet can act as a key to a vehicle or security gate, a user can obtain AKE for the vehicle or security gate by tapping or tagging the electronic device with an NFC reader.

In the case of passive keyless entry (PKE), a user can make a payment using an electronic device in the user's bag, etc., without any actions such as tagging. For example, when an electronic device is positioned adjacent to an external electronic device (e.g., a reader) within a specified distance, the external electronic device may be triggered to communicate with the electronic device. For example, with PKE, a user can unlock a vehicle or security gate by simply approaching the vehicle or security gate with an electronic device.

In the case of NFC transactions, the user must perform a designated action to obtain AKE. For example, a user may need to perform an operation of tapping or tagging an electronic device to an NFC reader. As another example, the user may need to run an application for NFC payment.

For an NFC transaction, the user must match the positions of the NFC antenna of the electronic device and the NFC antenna of the reader. In general, since the NFC antenna is not exposed to the outside, for example, users may have difficulty matching the NFC antenna. As another example, NFC transactions may be vulnerable to relay attacks. As another example, in the case of payment through an NFC transaction, the user may have to place the electronic device adjacent to a point of sales (POS) terminal to make the payment without knowing the exact amount.

In various embodiments of this document, UWB transaction methods that can ensure security and improve user experience may be presented.

An electronic device according to an embodiment of the present document includes a communication circuit configured to perform short-range wireless communication, a UWB communication circuit configured to perform ultra-wideband (UWB) communication, and an operating system (OS) of the electronic device ( isolated) a secure element configured to provide an execution environment, and a processor operatively connected to the communication circuit, the UWB communication circuit, and the secure element, the UWB communication circuit comprising: Perform ranging, receive a first UWB signal including a MAC header and a MAC payload from the external electronic device, and perform ranging at least based on a medium access control (MAC) payload information element included in the MAC payload. Thus, it can be set to determine whether to transmit the information included in the MAC payload information element to the security element.

Additionally, an electronic device according to an embodiment of the present document may be operative with a communication circuit configured to perform short-range wireless communication, a UWB communication circuit configured to perform ultra-wideband (UWB) communication, the communication circuit, and the UWB communication circuit. and a processor operatively connected, wherein the UWB communication circuit performs ranging with an external electronic device using a UWB signal, and based on the ranging, the external electronic device is connected to the electronic device. Determine whether the external electronic device is located within a specified distance, and if the external electronic device is located within the specified distance, send a first UWB signal including a designated medium access control (MAC) payload information element to request a UWB transaction to the external electronic device. It can be set to transmit.

In addition, in an embodiment of this document, the UWB transaction method of an electronic device includes an operation of performing ranging with an external electronic device using a UWB signal, and based on the ranging, the MAC from the external electronic device. Receiving a first UWB signal including a header and a MAC payload, and receiving information included in the MAC payload information element based at least on a medium access control (MAC) payload information element included in the MAC payload. It may include transmitting the message to the processor of the electronic device or to a secure element of the electronic device that is isolated from the processor.

According to various embodiments disclosed in this document, a transaction with guaranteed stability can be provided using a UWB transaction.

According to various embodiments disclosed in this document, an electronic device can provide intuitive keyless entry using UWB transactions.

In addition, various effects that can be directly or indirectly identified through this document may be provided.

1 shows a block diagram of an electronic device in a network according to various embodiments.
Figure 2 illustrates a communication environment of an electronic device according to various embodiments.
Figure 3 shows a block diagram of an electronic device according to various embodiments.
Figure 4 shows a MAC frame structure and USS information element structure according to various embodiments.
Figure 5 shows a signal flow diagram of a UWB transaction according to various embodiments.
6 shows a flow diagram of an authentication method according to various embodiments.
7 illustrates a first UI related to payment according to various embodiments.
Figure 8 shows a second UI according to various embodiments.
Figure 9 shows a third UI according to various embodiments.
10 illustrates a notification UI according to various embodiments.
11 shows a flowchart of an authentication method according to various embodiments.
Figure 12 shows a fourth UI according to various embodiments.
Figure 13 shows a fifth UI according to various embodiments.
Figure 14 is a flowchart of a UWB signal transmission method according to various embodiments.
Figure 15 is a flowchart of a UWB signal transmission method according to various embodiments.
16 illustrates a settings UI according to various embodiments.
17 illustrates a settings UI according to various embodiments.
Figure 18 shows a sixth UI according to various embodiments.
FIG. 19 illustrates a USS information element structure using an MPX multiplexed information element (IE) according to various embodiments.
In relation to the description of the drawings, identical or similar reference numerals may be used for identical or similar components.

Hereinafter, various embodiments of this document are described with reference to the attached drawings. The examples and terms used herein are not intended to limit the technology described in this document to specific embodiments, and should be understood to include various modifications, equivalents, and/or substitutes for the examples.

1 is a block diagram of an electronic device 101 in a network environment 100, according to various embodiments. Referring to FIG. 1, in the network environment 100, the electronic device 101 communicates with the electronic device 102 through a first network 198 (e.g., a short-range wireless communication network) or a second network 199. It is possible to communicate with the electronic device 104 or the server 108 through (e.g., a long-distance wireless communication network). According to one embodiment, the electronic device 101 may communicate with the electronic device 104 through the server 108. According to one embodiment, the electronic device 101 includes a processor 120, a memory 130, an input device 150, an audio output device 155, a display device 160, an audio module 170, and a sensor module ( 176), interface 177, haptic module 179, camera module 180, power management module 188, battery 189, communication module 190, subscriber identification module 196, or antenna module 197. ) may include. In some embodiments, at least one of these components (eg, the display device 160 or the camera module 180) may be omitted, or one or more other components may be added to the electronic device 101. In some embodiments, some of these components may be implemented as a single integrated circuit. For example, the sensor module 176 (e.g., a fingerprint sensor, an iris sensor, or an illumination sensor) may be implemented while being embedded in the display device 160 (e.g., a display).

The processor 120, for example, executes software (e.g., program 140) to operate at least one other component (e.g., hardware or software component) of the electronic device 101 connected to the processor 120. It can be controlled and various data processing or calculations can be performed. According to one embodiment, as at least part of data processing or computation, the processor 120 stores commands or data received from another component (e.g., sensor module 176 or communication module 190) in volatile memory 132. The commands or data stored in the volatile memory 132 can be processed, and the resulting data can be stored in the non-volatile memory 134. According to one embodiment, the processor 120 includes a main processor 121 (e.g., a central processing unit or an application processor), and an auxiliary processor 123 that can operate independently or together (e.g., a graphics processing unit, an image signal processor). , sensor hub processor, or communication processor). Additionally or alternatively, the auxiliary processor 123 may be set to use less power than the main processor 121 or to specialize in a designated function. The auxiliary processor 123 may be implemented separately from the main processor 121 or as part of it.

The auxiliary processor 123 may, for example, act on behalf of the main processor 121 while the main processor 121 is in an inactive (e.g., sleep) state, or while the main processor 121 is in an active (e.g., application execution) state. ), together with the main processor 121, at least one of the components of the electronic device 101 (e.g., the display device 160, the sensor module 176, or the communication module 190) At least some of the functions or states related to can be controlled. According to one embodiment, co-processor 123 (e.g., image signal processor or communication processor) may be implemented as part of another functionally related component (e.g., camera module 180 or communication module 190). there is.

The memory 130 may store various data used by at least one component (eg, the processor 120 or the sensor module 176) of the electronic device 101. Data may include, for example, input data or output data for software (e.g., program 140) and instructions related thereto. Memory 130 may include volatile memory 132 or non-volatile memory 134.

The program 140 may be stored as software in the memory 130 and may include, for example, an operating system 142, middleware 144, or application 146.

The input device 150 may receive commands or data to be used in a component of the electronic device 101 (e.g., the processor 120) from outside the electronic device 101 (e.g., a user). The input device 150 may include, for example, a microphone, mouse, keyboard, or digital pen (eg, stylus pen).

The sound output device 155 may output sound signals to the outside of the electronic device 101. The sound output device 155 may include, for example, a speaker or a receiver. The speaker can be used for general purposes such as multimedia playback or recording playback, and the receiver can be used to receive incoming calls. According to one embodiment, the receiver may be implemented separately from the speaker or as part of it.

The display device 160 can visually provide information to the outside of the electronic device 101 (eg, a user). The display device 160 may include, for example, a display, a hologram device, or a projector, and a control circuit for controlling the device. According to one embodiment, the display device 160 may include touch circuitry configured to detect a touch, or a sensor circuit configured to measure the intensity of force generated by the touch (e.g., a pressure sensor). there is.

The audio module 170 can convert sound into an electrical signal or, conversely, convert an electrical signal into sound. According to one embodiment, the audio module 170 acquires sound through the input device 150, the sound output device 155, or an external electronic device (e.g., directly or wirelessly connected to the electronic device 101). Sound may be output through the electronic device 102 (e.g., speaker or headphone).

The sensor module 176 detects the operating state (e.g., power or temperature) of the electronic device 101 or the external environmental state (e.g., user state) and generates an electrical signal or data value corresponding to the detected state. can do. According to one embodiment, the sensor module 176 includes, for example, a gesture sensor, a gyro sensor, an air pressure sensor, a magnetic sensor, an acceleration sensor, a grip sensor, a proximity sensor, a color sensor, an IR (infrared) sensor, a biometric sensor, It may include a temperature sensor, humidity sensor, or light sensor.

The interface 177 may support one or more designated protocols that can be used to connect the electronic device 101 directly or wirelessly with an external electronic device (eg, the electronic device 102). According to one embodiment, the interface 177 may include, for example, a high definition multimedia interface (HDMI), a universal serial bus (USB) interface, an SD card interface, or an audio interface.

The connection terminal 178 may include a connector through which the electronic device 101 can be physically connected to an external electronic device (eg, the electronic device 102). According to one embodiment, the connection terminal 178 may include, for example, an HDMI connector, a USB connector, an SD card connector, or an audio connector (eg, a headphone connector).

The haptic module 179 can convert electrical signals into mechanical stimulation (e.g., vibration or movement) or electrical stimulation that the user can perceive through tactile or kinesthetic senses. According to one embodiment, the haptic module 179 may include, for example, a motor, a piezoelectric element, or an electrical stimulation device.

The camera module 180 can capture still images and moving images. According to one embodiment, the camera module 180 may include one or more lenses, image sensors, image signal processors, or flashes.

The power management module 188 can manage power supplied to the electronic device 101. According to one embodiment, the power management module 188 may be implemented as at least a part of, for example, a power management integrated circuit (PMIC).

The battery 189 may supply power to at least one component of the electronic device 101. According to one embodiment, the battery 189 may include, for example, a non-rechargeable primary battery, a rechargeable secondary battery, or a fuel cell.

The communication module 190 provides a direct (e.g., wired) communication channel or a wireless communication channel between the electronic device 101 and an external electronic device (e.g., the electronic device 102, the electronic device 104, or the server 108). It can support establishment and communication through established communication channels. Communication module 190 operates independently of processor 120 (e.g., an application processor) and may include one or more communication processors that support direct (e.g., wired) communication or wireless communication. According to one embodiment, the communication module 190 is a wireless communication module 192 (e.g., a cellular communication module, a short-range wireless communication module, or a global navigation satellite system (GNSS) communication module) or a wired communication module 194 (e.g., : LAN (local area network) communication module, or power line communication module) may be included. Among these communication modules, the corresponding communication module is a first network 198 (e.g., a short-range communication network such as Bluetooth, WiFi direct, or IrDA (infrared data association)) or a second network 199 (e.g., a cellular network, the Internet, or It may communicate with an external electronic device 104 through a computer network (e.g., a telecommunication network such as a LAN or WAN). These various types of communication modules may be integrated into one component (e.g., a single chip) or may be implemented as a plurality of separate components (e.g., multiple chips). The wireless communication module 192 uses subscriber information (e.g., International Mobile Subscriber Identifier (IMSI)) stored in the subscriber identification module 196 within a communication network such as the first network 198 or the second network 199. The electronic device 101 can be confirmed and authenticated.

The antenna module 197 may transmit or receive signals or power to or from the outside (e.g., an external electronic device). According to one embodiment, the antenna module 197 may be formed of a conductor or a conductive pattern, and according to some embodiments, it may further include other components (e.g., RFIC) in addition to the conductor or conductive pattern. . According to one embodiment, the antenna module 197 may include one or more antennas, from which at least one antenna is suitable for a communication method used in a communication network such as the first network 198 or the second network 199. The antenna may be selected by the communication module 190, for example. Signals or power may be transmitted or received between the communication module 190 and an external electronic device through the selected at least one antenna.

At least some of the components are connected to each other through a communication method between peripheral devices (e.g., bus, general purpose input and output (GPIO), serial peripheral interface (SPI), or mobile industry processor interface (MIPI)) and signal ( (e.g. commands or data) can be exchanged with each other.

According to one embodiment, commands or data may be transmitted or received between the electronic device 101 and the external electronic device 104 through the server 108 connected to the second network 199. Each of the external electronic devices 102 and 104 may be of the same or different type as the electronic device 101. According to one embodiment, all or part of the operations performed in the electronic device 101 may be executed in one or more of the external electronic devices 102, 104, or 108. For example, when the electronic device 101 needs to perform a certain function or service automatically or in response to a request from a user or another device, the electronic device 101 may perform the function or service instead of executing the function or service on its own. Alternatively, or additionally, one or more external electronic devices may be requested to perform at least part of the function or service. One or more external electronic devices that have received the request may execute at least a portion of the requested function or service, or an additional function or service related to the request, and transmit the result of the execution to the electronic device 101. The electronic device 101 may process the result as is or additionally and provide it as at least part of a response to the request. For this purpose, for example, cloud computing, distributed computing, or client-server computing technologies may be used.

According to various embodiments, the electronic device 101 may include at least some of the components of the electronic device 101 shown in FIG. 1 . According to one embodiment, the electronic device 101 includes a communication module 190, a processor 120 operatively connected to the communication module 190, and a memory 130 operatively connected to the processor 120. may include. For example, the memory 130 may store instructions that, when executed, cause the processor 120 to perform operations of the electronic device 101, which will be described later. According to one embodiment, the electronic device 101 may further include components not shown in FIG. 1 . For example, the electronic device 101 may further include a housing that accommodates at least some of the components of the electronic device 101.

FIG. 2 illustrates a communication environment 200 of an electronic device 101 according to various embodiments.

According to various embodiments, the electronic device 101 may measure the distance to another electronic device based on a UWB signal. For example, a UWB signal may be a signal with a frequency band of 500 MHz or more. As another example, the UWB signal may be a signal whose bandwidth is approximately 20% or more of the center frequency of the UWB signal. Since the UWB signal has similar characteristics to an impulse signal in the time domain, the electronic device 101 can perform ranging with an external electronic device using the UWB signal. For example, ranging may include measuring the distance between the electronic device 101 and an external electronic device. For example, the electronic device 101 receives a UWB signal from an external electronic device, and uses time information (e.g., time stamp information) of the received UWB signal to determine the distance between the electronic device 101 and the external electronic device. It can be measured.

According to various embodiments, the electronic device 101 may communicate with other external electronic devices based on UWB signals. For example, communication based on UWB signals may be referred to as UWB communication. According to one embodiment, the electronic device 101 may perform a UWB transaction using a UWB signal. The electronic device 101 may use UWB transactions for various applications (or applets) operating on the electronic device 101.

According to various embodiments, the electronic device 101 may perform a payment service using a UWB transaction. According to one embodiment, the electronic device 101 may be set to execute an application for a payment service when a UWB signal including specified information is received from the POS terminal 202. For example, if the POS terminal 202 determines that the electronic device 101 is located at a designated distance, the POS terminal 202 may transmit a UWB signal containing information related to payment. For another example, when the electronic device 101 determines that the POS terminal 202 is located within a specified distance from the electronic device 101 based on the UWB signal, it transmits a UWB signal requesting transmission of information related to payment. can do. When a request for information related to payment is received, the POS terminal 202 may transmit a UWB signal including information related to payment.

According to one embodiment, the electronic device 101 may execute a payment application stored in the electronic device 101 using information related to the received payment. For example, when a UWB signal containing designated information is received from the POS terminal 202, the electronic device 101 may execute a designated application for a payment service. Accordingly, the user can make a payment based on the UWB signal without tagging or tapping the electronic device 101 to the POS terminal 202. Additionally, because distance measurement based on UWB signals is used, a payment service that is safe from relay attacks can be provided to users.

According to one embodiment, the electronic device 101 may provide at least part of information related to the received payment to the user. For example, the electronic device 101 may provide payment information to the user based on information included in the UWB signal received from the POS terminal 202. For example, payment information may include distance information (eg, the distance between the electronic device 101 and the POS terminal 202). For example, the payment information may further include additional information such as purchase amount, information on the POS terminal 202 (eg, business name), and/or product information. Since the user can approve the payment after confirming the payment information, a payment service with guaranteed stability can be provided to the user.

According to one embodiment, the electronic device 101 may obtain keyless entry using a UWB transaction. For example, when a UWB signal containing designated information is received from the vehicle 203, the electronic device 101 locks the vehicle by transmitting information for keyless entry (e.g., authentication information) to the vehicle 203. It can be released. According to one embodiment, when the vehicle 203 determines that the electronic device 101 is located at a specified distance, the vehicle 203 may transmit a UWB signal including information requesting authentication. The electronic device 101 may provide a notification requesting authentication to the user or, depending on the settings of the electronic device 101, transmit a UWB signal including authentication information to the vehicle 203 without user approval. According to one embodiment, when the electronic device 101 determines that the vehicle 203 is located within a specified distance based on the UWB signal, it provides the user with a notification requesting authentication or configures the settings of the electronic device 101. Therefore, a UWB signal including authentication information can be transmitted to the vehicle 203 without user approval. Accordingly, the user can obtain keyless entry to the vehicle 203 without performing keyless entry operations with the electronic device 101. In this case, because distance measurement based on UWB signals is used, keyless entry safe from relay attack can be provided to the user. Similarly, electronic device 101 may obtain keyless entry for laptop 204 and/or door lock 205 based on UWB signals. Keyless entry is illustrative, and the operation of vehicle 203 and electronic device 101 based on the UWB transactions of this disclosure is not limited thereto. According to one embodiment, the vehicle 203 and/or the electronic device 101 may be configured to perform different operations based on the distance between the electronic device 101 and the vehicle 203. For example, vehicle 203 determines whether electronic device 101 is inside or outside vehicle 203 based on the UWB signal, and if electronic device 101 is inside vehicle 203, If the electronic device 101 is outside the vehicle 203, it may be set to perform a second operation that is different from the first operation.

The applications based on UWB transactions described above with reference to FIG. 2 are illustrative, and embodiments of this document are not limited thereto. For example, the electronic device 101 may use UWB transactions for various applications based on proximity, such as proximity-based advertising, in addition to payment and/or keyless entry.

FIG. 3 shows a block diagram 300 of an electronic device 101 according to various embodiments.

According to various embodiments, the electronic device 101 includes a processor 320 (e.g., processor 120 of FIG. 1), a memory 330 (e.g., memory 130 of FIG. 1), and a security element (SE); secure element) 340, a communication circuit 340 (e.g., the communication module 190 of FIG. 1), and a UWB communication circuit 391. For example, the processor 320 may be operatively connected to the memory 330, the communication circuit 390, and the UWB communication circuit 391. The memory 330 may store instructions that enable the processor 320 to perform various operations of the electronic device 101 . The processor 320 may communicate with the secure element 340 through a trusted execution environment (TEE) of the processor 320. For example, TEE may be used to process information that requires high security, such as digital rights management (DRM), financial services, and/or authentication, and may be used by the operating system (OS) of the electronic device 101. ) may be an execution environment that runs in parallel.

According to various embodiments, the security element 340 may be a component for providing security to the electronic device 101. For example, secure element 340 may be isolated from the operating system of electronic device 101. Secure element 340 may be accessed only by authorized programs (e.g., applications and/or applets). For example, the secure element 340 may run a designated secure application (eg, a payment application) and store security-sensitive information. For example, secure element 340 may be implemented as a separate chip from processor 320. According to one embodiment, the secure element 340 may be a secure element (eSE) embedded in the electronic device 101.

According to various embodiments, the communication circuit 390 may perform communication with an external electronic device based on various communication standards. For example, the communication circuit 390 may be referred to as a communication module capable of performing communication based on communication standards other than UWB communication. For example, the communication circuit 390 may perform Bluetooth, Bluetooth low energy (BLE), wireless fidelity (WiFi), neighbor awareness networking (NAN), cellular communication, and/or infrared communication. there is.

According to various embodiments, the UWB communication circuit 391 may control UWB communication. For example, the UWB communication circuit 391 can transmit and receive UWB signals. According to one embodiment, the UWB communication circuit 391 may process UWB signals in multiple layers. For example, the UWB communication circuit 391 may process data in a physical layer 301, a medium access control (MAC) layer 302, and a higher layer 303. For example, the upper layer 303 may include a network layer, a security layer, an application framework layer, and/or an application layer.

According to various embodiments, the UWB communication circuit 391 processes data received from an external electronic device (e.g., the electronic device 102 of FIG. 1) based on information stored in the upper layer 303 to the processor 320 ( It may be delivered to the secure element 340 (e.g., an OS or an application on the OS running by the processor 320) or to the secure element 340 (e.g., an application on the secure element 340). According to one embodiment, the UWB communication circuit 391 may route data to the processor 320 or the secure element 340 based on specified information about the data. For example, the processor 320 or the secure element 340 may perform a designated operation using information about the received data. For example, the processor 320 or the secure element 340 may execute an application for processing received data or provide an application selection user interface (UI).

According to one embodiment, the UWB communication circuit 391 uses information included in the MAC layer 302 of the received UWB signal (e.g., MAC IE (information element)) and information stored in the upper layer 303 to Data received from an electronic device can be routed. For example, the upper layer 303 may store a routing table or mapping information for routing data.

According to one embodiment, the UWB communication circuit 391 may communicate with the secure element 340 through an inter-integrated chip (I2C) bus. The UWB communication circuit 391 can communicate with the processor 320 through a serial peripheral interface (SPI).

Figure 4 shows the structure of a MAC frame 401 and a USS information element 402 or 403 according to various embodiments.

According to various embodiments, the electronic device 101 (e.g., the UWB communication circuit 391) uses a MAC frame 401 in a format defined by the Institute of Electrical and Electronics Engineering (IEEE) technical standard 802.15.4 and related standards. ) format can be used. For example, MAC frame 401 may include a header and payload. The payload information element 460 of the MAC frame 401 may include at least one information element. For example, payload information element 460 may include USS information element 402 or 403.

According to one embodiment, the MAC header includes a frame control 410, a sequence control 420, an address 430, an auxiliary security header 440, and a header information element. )(480). For example, frame control 410 may be 1 or 2 bytes long. The frame control 410 includes frame type information, frame version information, security enable information, pending frame information, ACK (acknowledgement) request information, sequence number suppression information, and the presence of an information element (IE). (present) information, destination address mode information, and/or source address mode information. For example, sequence control 420 may have a length of 0 bytes or 1 byte. Sequence control 420 may include sequence identifier information of MAC frame 401. For example, address 430 may include network group information, destination address information, and/or source address information. For example, the auxiliary security header 440 may include information required for security processing. For example, the header information element 450 may include various information and may be omitted. The header information element 450 may include an information element indicating the end point of the header.

According to one embodiment, the payload may include a payload information element 460 and a data payload 470. For example, payload information element 460 may include at least one information element and may include an information element indicating an end point of payload information element 460. For example, data payload 470 may include information specified depending on the individual frame type.

According to one embodiment, the frame check sequence (FCS) 480 may include information (eg, cyclic redundancy check (CRC)) for checking the integrity of the MAC frame 401.

According to various embodiments, the payload information element 460 may include an information element including information for routing data included in the UWB signal. For example, an information element containing information for routing may be referred to as a UWB secure service (USS) information element 402 or 403. According to one embodiment, the USS information element 402 or 403 may have a nested information element format with a MAC sublayer management entity (MLME) group ID. Below, the structure of various USS information elements 402 or 403 is described with reference to FIG. 4. Hereinafter, for convenience of explanation, the first USS information element 402 and the second USS information element 403 are distinguished, but both the first USS information element 402 and the second USS information element 403 are included in this document. It may be referenced by the USS information element 402 or 403 referenced in .

According to one embodiment, the first USS information element 402 includes at least technical 451, protocol 452, reserved 453, USSID (USS identifier) length 454, additional information length 455, and USSID. (456), and/or may include additional information (457).

For example, the technical 451 may indicate the NFC type corresponding to the security service (eg, UWB transaction) corresponding to the USSID. For example, technical 451 may be NFC signaling type A (e.g., signaling based on international organization for standardization (ISO)/international electrotechnical commission (IEC) 14443A), NFC signaling type B (e.g., signaling based on ISO/IEC 14443B), Alternatively, it may indicate NFC signaling type F (e.g. signaling based on FeliCA JIS X6319-4). Technical 451 may have a length of, for example, 2 bits. For example, the value “00” of technical 451 may indicate NFC type A, “01” may indicate NFC type B, and “10” may indicate type F. The value “11” of technical (451) may be a reserved value.

For example, protocol 452 may include NFC communication protocol information associated with a UWB transaction. For example, protocol 452 may indicate data exchange protocol (ISO-DEP), MIFARE, or FELICA. Protocol 452 may be, for example, 2 bits long. For example, the value “00” of protocol 452 may indicate ISO-DEP, “01” may indicate MIFARE, and “10” may indicate “FELICA”. The value “11” of protocol 452 may be a reserved value.

For example, reserved 453 may have a length of 4 bits.

For example, the USSID length 454 is a field with a length of 4 bits and may include information indicating the number of bytes of the USSID 456.

For example, the additional information length 455 is a field with a length of 4 bits and may include information indicating the number of bytes of the additional information 457.

For example, USSID 456 may have a length of 1 to 16 bytes. For example, USSID 456 may include information for identification of a service associated with a UWB transaction. USSID 456 may include an identifier, application identifier (AID), or system code for identification of UWB security service. For example, the identifier may be located in the first byte of USSID 456 if an AID or system code is not used. For example, the identifier value “0x01” may indicate MIFARE Classic, “0x02” may indicate MIFARE Desfire, and “0x03” may indicate implicit select. For example, the system code can be used to distinguish each service when the type of technical 451 is NFC type F. The system code may occupy two bytes (e.g., the 2nd and 3rd bytes) of USSID 456. For example, the system code value “0x8008” may indicate the Octopus service. For example, AID may refer to the AID specified by ISO 7816-4. AID can have a length of 4 bytes or more and 16 bytes or less. AID may indicate identifier information of an application involved in a UWB transaction.

For example, side information 457 may include side information associated with a UWB transaction. For example, additional information may include payment amount information, information about the subject of the transaction (e.g., vehicle name, security gate location information, and/or UWB reader association information), and/or items associated with the transaction (e.g., the item being traded). ) information may be included. Additional information 457 may have a maximum length of 16 bytes and may be omitted. According to one embodiment, the electronic device 101 may provide information related to a UWB transaction (eg, UWB security service) to the user using the additional information 457.

With reference to the first USS information element 402 of FIGS. 3 and 4 , when the received UWB signal includes the first USS information element 402, the electronic device 101 (e.g., UWB communication circuit 391) ) can detect the first USS information element 402 on the MAC layer 302. When the first USS information element 402 is detected, the electronic device 101 transfers the first USS information element 402 to the processor 320 or You can decide to forward to one of the secure elements 340.

According to one embodiment, the routing table may include information about each first USS information element 402 and permission status information about each first USS information element 402. The routing table may include mapping information indicating protocol (eg, NFC protocol) information used by the USSID and access authority information of the security element 340 for the USSID. For example, the routing table is information about the first USS information element 402, including NFC type information (e.g., technical 451 information) and protocol information (e.g., protocol 452) of the first USS information element 402. ) information), and USSID (456) can be stored. For example, the routing table may include information indicating the current permission status for the corresponding first USS information element 402 as permission status information. For example, the permission state may indicate always allow, allow in this session, undecided, or deny or not-allowed.

In one embodiment, “always allow” may mean that the first USS information element 402 for that USSID may always be routed to the secure element 340. For example, “Always Allow” may be allowed for UWB transactions for keyless entry. For another example, the permission status of “Always Allowed” may not be allowed for the USSID associated with the payment. For another example, “always allow” may be the default for UWB security services other than payment.

In one embodiment, “allow only for this session” means that the security element 340 is valid for only one session after authentication of the user (e.g., entering a password or authenticating biometric information (e.g., fingerprint and/or iris)). It may mean access rights. For example, “Allow only in this session” may be allowed for UWB transactions for payment.

In one embodiment, “undetermined” may refer to the status of the UWB security service that has not been confirmed by the user. For example, permissions for a payment service may be indicated as “undetermined” before user authentication, and may be indicated as “allowed only for this session” after user authentication. When a UWB security service in an “undecided” state is received, the electronic device 101 may be set to inquire from the user about permission for the UWB security service. As another example, “Undecided” may be the default option for a payment service. As another example, the electronic device 101 may treat a UWB security service that does not exist in the routing table as “undecided.”

In one embodiment, “disapproved” may mean a state in which access to the secure element 340 for the corresponding UWB security service is not permitted. For example, a user can specify a “disapproved” status for a specific UWB security service. As another example, certain UWB security services may be designated as “unapproved” by the manufacturer or service provider. As another example, certain UWB security services may be designated as “disapproved” based on specified security criteria.

The structure of the first USS information element 402 shown in FIG. 4 is illustrative, and the embodiments of this document are not limited thereto. The USS information element may have a different structure from the first USS information element 402. For example, the USS information element may have the same structure as the second USS information element 403.

The second USS information element 403 may have a nested information element format with a MAC sublayer management entity (MLME) group ID.

According to one embodiment, the second USS information element 403 includes at least a payload type 498, a reserved 493, a USS identifier (USSID) length 494, an additional information length 495, and a USSID 496. , and/or may include additional information 497.

For example, payload type 498 may indicate the type of content included in the MAC payload field (e.g., USSID 496 and/or additional information 497). For example, the meaning of the value of the payload type 498 may be as shown in Table 1.

Payload type value meaning 0 MAC payload field contains APDU (application protocol data unit) defined by ISO/IEC 7816-4 One MAC payload field contains Mifare Classic command 2 MAC payload field contains Mifare Desire command 3 MAC payload field contains information fields defined by JIS etc RESERVED

For example, reserved 493 may have a length of 4 bits.

As another example, the meaning of the value of the payload type 498 may be as shown in Table 2.

Payload type value meaning 0 MAC Payload field contains an APDU as defined by ISO/IEC 7816-4 One MAC Payload field contains a Mifare Desfire® command or response. 2 MAC Payload field contains a Mifare Desfire® command or response. 3 MAC Payload field contains an Information field as defined by JIS All other values RESERVED

As another example, the meaning of the value of the payload type 498 may be as shown in Table 3.

Payload type value meaning 0 Application specific payload One MAC Payload field contains an APDU as defined by ISO/IEC 7816-4 2 MAC Payload field contains a Mifare Desfire® command or response. 3 MAC Payload field contains a Mifare Desfire® command or response. 4 MAC Payload field contains an Information field as defined by JIS All other values RESERVED

For example, the USSID length 494 is a field with a length of 5 bits and may include information indicating the number of bytes of the USSID 496. For example, if the value of the USSID length 494 is 0, the USSID length 494 may indicate “implicit select.” For example, values of USSID length 494 greater than 16 may be reserved (revserved) values.

For example, the additional information length 495 is a field with a length of 5 bits and may include information indicating the number of bytes of the additional information 497. If the value of the additional information length 495 is 0, the second USS information element 403 may not include the additional information 497. For example, the additional information 497 may be omitted from the second USS information element 403. The additional information length 495 may have a value between 0 and 31.

According to various embodiments, USSID 496 and additional information 497 may provide information about the transaction. For example, information about a transaction may include user information and information that can be used for authentication.

According to various embodiments, USSID 496 may include an application identifier (AID) or a system code. For example, USSID 496 can have a length of 0 to 16 bytes. According to one embodiment, USSID 496 may be located in the first frame used in the transaction. The USSID 496 may be included in the second USS information element 403 whenever the target AID or system code changes.

According to one embodiment, USSID 496 may include information for identification of a service (eg, application) associated with a UWB transaction. For example, if USSID 496 includes an AID, the AID may indicate an identifier (e.g., an identifier with a length of 5 bytes to 16 bytes) corresponding to the application associated with the transaction. In this case, AID may include the application identifier defined by ISO/IEC 7816-4. USSID 496 may contain an AID only if the value of Payload Type 498 is 0.

According to one embodiment, when USSID 496 includes a system code, the system code may include a system code defined by JIS For example, USSID 496 may contain a system code only if the value of payload type 498 is 3.

According to various embodiments, the additional information 497 may include character string information. For example, side information 497 may include side information associated with a UWB transaction. For example, additional information may include payment amount information, information about the subject of the transaction (e.g., vehicle name, security gate location information, and/or UWB reader association information), and/or items associated with the transaction (e.g., the item being traded). ) information may be included. According to one embodiment, the characters of the additional information 497 may be encoded according to a designated format (eg, unicode transformation format (UTF)-8). Within the character string of the additional information 497, a delimiter indicating a line change of the character string may be included in the character string. For example, the value of a delimiter may correspond to a specified value (e.g., carriage return line feed (CRLF) in UTF-8).

According to one embodiment, the additional information 497 may have a length of 0 to 31 bytes and may be omitted. For example, additional information 497 may always be present in the first frame used in a transaction.

With reference to the second USS information element 403 of FIGS. 3 and 4 , when the received UWB signal includes the second USS information element 403, the electronic device 101 (e.g., UWB communication circuit 391) ) can detect the second USS information element 403 on the MAC layer 302. When the second USS information element 403 is detected, the electronic device 101 transfers the second USS information element 403 to the processor 320 or You can decide to forward to one of the secure elements 340.

According to one embodiment, the routing table may include information about each second USS information element 403 and permission status information about each second USS information element 403. The routing table may include permission status information corresponding to at least a portion of the second USS information element 403, for example. For example, the routing table is information about the second USS information element 403 and may store the payload type 498 and USSID 496 of the second USS information element 403. For example, the routing table may include information indicating the current permission status of the information of the corresponding second USS information element 403 as permission status information. For example, the permission state may indicate always allow, allow in this session, undecided, or deny or not-allowed.

In one embodiment, “always allow” may mean that the second USS information element 403 may always be routed to the secure element 340. For example, “Always Allow” may be allowed for UWB transactions for keyless entry. For another example, the permission status of “Always Allowed” may not be allowed for the USSID associated with the payment. For another example, “always allow” may be the default for UWB security services other than payment.

In one embodiment, “allow only for this session” means that the security element 340 is valid for only one session after authentication of the user (e.g., entering a password or authenticating biometric information (e.g., fingerprint and/or iris)). It may mean access rights. For example, “Allow only in this session” may be allowed for UWB transactions for payment.

In one embodiment, “undetermined” may refer to the status of the UWB security service that has not been confirmed by the user. For example, permissions for a payment service may be indicated as “undetermined” before user authentication, and may be indicated as “allowed only for this session” after user authentication. When a UWB security service in an “undecided” state is received, the electronic device 101 may be set to inquire from the user about permission for the UWB security service. As another example, “Undecided” may be the default option for a payment service. As another example, the electronic device 101 may treat a UWB security service that does not exist in the routing table as “undecided.”

In one embodiment, “disapproved” may mean a state in which access to the secure element 340 for the corresponding UWB security service is not permitted. For example, a user can specify a “disapproved” status for a specific UWB security service. As another example, certain UWB security services may be designated as “unapproved” by the manufacturer or service provider. As another example, certain UWB security services may be designated as “disapproved” based on specified security criteria.

Referring back to Figure 2, according to one embodiment, POS terminal 202 may transmit a USS information element 402 or 403 containing a USSID corresponding to the payment service to an electronic device 101 within a specified distance. . When the USSID and/or payload type is detected, the electronic device 101 may check the permission status of the UWB security service (e.g., UWB transaction) corresponding to the detected USSID and/or payload type using a routing table. . For example, the permission status of a payment service may be “undetermined.” In this case, the electronic device 101 provides a UI that prompts the user as to whether to allow the payment service, and when a user input allowing the payment service is received, sets the permission status corresponding to the USSID of the payment service to “this time.” After changing to “Permit only sessions,” the USS information element (402 or 403) can be transmitted to the security element (340). For example, the secure element 340 may execute an application for a payment service using an applet installed on the secure element 340. After the session for the payment service is terminated, the electronic device 101 may change the permission status corresponding to the USSID and/or payload type of the payment service back to “undetermined.”

According to one embodiment, vehicle 203 may transmit a USS information element 402 or 403 containing a USSID corresponding to a keyless entry service to an electronic device 101 within a specified distance. When the USS information element 402 or 403 is detected, the electronic device 101 provides a UWB security service corresponding to the detected USS information element 402 or 403 (e.g., USSID and/or payload type) using a routing table. You can check the permission status of (e.g. UWB transaction). For example, the permission status of the vehicle's keyless entry service may be “Always Allowed.” In this case, the electronic device 101 transmits the USS information element 402 or 403 to the secure element 340, and the secure element 340 uses an applet installed on the secure element 340 to create an application for keyless entry. You can run . For example, the electronic device 101 can unlock the vehicle 203 by transmitting a UWB signal containing information for keyless entry.

According to various embodiments, the electronic device 101 may manage application information to process each UWB security service (eg, UWB transaction). For example, the OS of the electronic device 101 may store UWB security service information associated with each application. For example, when an application supporting UWB security service is installed, it can register UWB security service information associated with it to the OS. For example, UWB security service information may include the name of the application, application-related image (e.g., banner) information, application category, payload type, and/or USSID (e.g., identifier, AID, and/or system code). You can. For example, the application category may include payment and others.

According to various embodiments, application information related to the UWB security service may further include notification method information. For example, notification method information may indicate a method for providing notification about the corresponding UWB security service. According to one embodiment, the notification method information may include vibration, ring, off, and/or pop-up. For example, when the notification method is set to vibration or ring, the electronic device 101 may provide notification by providing vibration or ring tone along with a pop-up message. For another example, when the notification method is set to pop-up, the electronic device 101 may provide only the pop-up without providing vibration or ring tone. For another example, when the notification method for the application is set to off, the electronic device 101 may not provide a notification to the user even if it receives a UWB signal including a USSID associated with the application. For example, when performing a UWB transaction or attempting a UWB transaction, the electronic device 101 may provide a notification according to the notification method of an application related to the UWB transaction. The method of providing notifications of the UWB security service of the electronic device 101 may be limited depending on the method of providing notifications set for the electronic device 101.

According to one embodiment, for services related to payment, user approval may always be required. For example, for applications related to payment, “off” may not be selectable as notification method information.

According to one embodiment, the user can select a notification method. For example, the electronic device 101 may provide a settings UI for selecting a notification method for an application.

According to one embodiment, the USS information element 402 or 403 may be included in an MPX multiplexed information element (IE) disclosed in IEEE standard specification 802.15.9. For example, USS information element 402 or 403 may utilize the format of MPX IE.

FIG. 19 illustrates a USS information element structure using an MPX multiplexed information element (IE) according to various embodiments.

The first MPX IE (1901) may have a structure defined in IEEE standard specification 802.15.9. For example, the first MPX IE 1901 may be included in the MAC payload (e.g., payload information element 460 in Figure 4), the transaction control 1911, the fragment number 1921, and the total upper-layer It may include frame size (1931), multiplex ID (identifier) (1941), and upper-layer frame fragment (1951).

For example, transaction control 1911 may include transfer type 1912 and transaction ID 1913 fields. The transfer type 1912 indicates the type of the corresponding MPX IE and may have a length of 3 bits. The transaction ID 1913 includes a unique value used for the transaction and may have a length of 5 bits.

The fragment number 1921 can be used to indicate a fragmented upper layer frame. Total upper-layer frame size 1931 can be used to indicate the total size of the upper layer frame. The multiplex ID 1941 can be used to multiplex different upper layer protocols.

The upper-layer frame fragment 1951 can have a variable length. The upper-layer frame fragment 1951 may contain part of the frame of the upper layer. The top-layer frame fragment 1951 may be empty.

According to various embodiments, the USS information element (402 or 403 in FIG. 4) may use the format of the first MPX IE 1901 described above.

According to one embodiment, the USS information element (402 or 403 in FIG. 4) may be included in the upper-layer frame fragment 1951 field. For example, the value of the transfer type 1912 of the transaction control 1911 is set to a specified value (e.g., 0b001 ) such that the upper-layer frame fragment 1951 contains a USS information element (402 or 403 in Figure 4). It can be instructed to do so.

According to one embodiment, in the case of an MPX IE including a USS information element (402 or 403 in FIG. 4), some fields of the first MPX IE (1901) may be omitted. For example, the MPX IE including the USS information element (402 or 403 in FIG. 4) may have the same structure as the second MPX IE (1902). When containing a USS information element (402 or 403 in FIG. 4), the value of the transfer type 1912 may be set to a specified value (e.g., 0b001). When containing a USS information element (402 or 403 in FIG. 4), the upper-layer fragment may not be used. In this case, the fragment number 1921 and total upper-layer frame size 1931 may be omitted from the first MPX IE 1901, like the second MPX IE 1902. If the value of the transfer type (1912) is set to a value other than the preset value (e.g., 0b000 or 0b010), the multiplex ID (1941) field is omitted and information corresponding to that field will be included in the transaction ID (1913). You can. If the second MPX IE 1902 contains a transfer type 1912 of a specified value (e.g. 0b001) indicating that it contains a USS information element 1999 (e.g. 402 or 403 in Figure 4), the multiplex ID (1941) may also be omitted. Accordingly, the second MPX IE 1902 may be comprised of a transaction control 1911 and a USS information element 1999 (402 or 403 in FIG. 4). The transfer type 1912 of the second MPX IE 1902 is set to a specified value (eg, 0b001), and the transaction ID 1913 may include a multiplex ID. For example, the multiplex ID included in the transaction ID 1913 may be set to a value indicating that the corresponding MPX IE or frame contains information used for a secure transaction.

Figure 5 shows a signal flow diagram 500 of a UWB transaction according to various embodiments.

1. Payment service

According to one embodiment, the external electronic device 501 may be a payment device (eg, POS terminal). For example, the UWB transaction in FIG. 5 may illustrate signal flow for a UWB security service for a payment service.

According to various embodiments, in operation 505, the electronic device 101 and the external electronic device 501 may initiate a session. For example, session initiation may include discovery of the electronic device 101 by the external electronic device 501. According to one embodiment, the electronic device 101 and the external electronic device 501 can discover the other device based on UWB communication. For example, the electronic device 101 may initiate a session with the external electronic device 501 using the UWB communication circuit 391. According to one embodiment, a session with the external electronic device 501 may be initiated using the electronic device 101 and a communication circuit (eg, the communication circuit 390 of FIG. 3). For example, the electronic device 101 and the external electronic device 501 may discover the other device based on Bluetooth, Bluetooth low energy, WiFi, and/or NAN. In one embodiment, when the electronic device 101 discovers the external electronic device 501 through a communication method other than UWB communication (e.g., Bluetooth, Bluetooth low energy, WiFi, and/or NAN), the external electronic device 501 ), the UWB communication circuit 391 can be activated. For example, the UWB communication circuit 391 may include a UWB controller for controlling UWB communication. For example, UWB communications circuitry 391 may further include a UWB controller and other components associated with UWB communications.

According to various embodiments, in operation 510, the external electronic device 501 and the electronic device 101 may perform ranging. For example, the electronic device 101 and the external electronic device 501 can measure the distance between the external electronic device 501 and the electronic device 101 by transmitting and receiving UWB signals. According to one embodiment, the external electronic device 501 transmits a UWB signal for ranging to the electronic device 101, and uses the time stamp information of the UWB signal received from the electronic device 101 to The distance between 501) and the electronic device 101 can be measured. According to one embodiment, the electronic device 101 can determine the distance between the external electronic device 501 and the electronic device 101 by transmitting and receiving UWB signals using the UWB communication circuit 391. In the embodiment of FIG. 5 , the electronic device 101 is assumed to perform ranging with the external electronic device 501, but the embodiments of this document are not limited thereto. For example, the electronic device 101 may determine the distance from the electronic device 101 to at least one other external electronic device through ranging.

According to various embodiments, in operation 515, the external electronic device 501 may determine whether the electronic device 101 is within a specified distance. For example, the external electronic device 501 may perform ranging until the electronic device 101 is located within a specified distance. For example, the external electronic device 501 may perform ranging at a designated period.

According to various embodiments, in operation 520, the external electronic device 501 may transmit a first UWB signal. For example, the first UWB signal may include information related to a payment service. For example, information related to a payment service may be included in a MAC payload information element (e.g., USS information element 402 or 403 or MPX IE containing USS information element). For example, information related to the payment service may include an identifier (eg, USSID) associated with the payment service. For example, information related to the payment service may further include payment amount information related to payment, payment target information (eg, company name), and/or payment item information. According to one embodiment, the MAC payload of the first UWB signal may include information indicating a proximity payment system environment (PPSE).

According to various embodiments, at operation 525, UWB communication circuitry 391 may determine whether the UWB transaction requested by the first UWB signal is a permitted request. According to one embodiment, UWB communication circuitry 391 may use a routing table (e.g., mapping information) to determine whether a UWB transaction is a permitted request. For example, the UWB communication circuit 391 may determine whether the requested UWB transaction is a permitted request based on the permission status of the payment service of the received first UWB signal. The UWB communication circuit 391 can check the permission information specified for the payment service identifier (eg, USSID) in the routing table. For example, if the permission status for the requested service is “allowed” or “always allowed,” the UWB communication circuit 391 may provide a notification according to operation 527. For example, the permission status for a payment service may be “undetermined.” In this case, the UWB communication circuit 391 may determine that the payment service request is not permitted and perform the authentication procedure 530. For example, because permissions for payment services cannot be set to “Allow” or “Always Allow,” the UWB communication circuit 391 may perform an authentication procedure for each session. For example, the UWB communication circuit 391 may provide ranging information (e.g., distance information between the electronic device 101 and the external electronic device 501) and a MAC payload information element (e.g., USS information element) of the first UWB signal. The authentication procedure can be performed by transmitting information (402 or 403) or MPX IE) including the USS information element to the processor 320. For example, the UWB communication circuit 391 may perform an authentication procedure based on the category of the received USSID. For example, if the USSID category is a payment category, the UWB communication circuit 391 may perform an authentication procedure according to the authentication method of FIG. 6.

Figure 6 shows a flow diagram 600 of an authentication method according to various embodiments. With reference to FIG. 6, authentication procedures according to various embodiments may be described. According to various embodiments, the electronic device 101 may perform the authentication process differently based on the category of the requested UWB transaction (eg, payment or other). If the USSID of the requested UWB transaction is not registered in the electronic device 101 (e.g., UWB communication circuit 391), or if the USSID is registered for both payment and other purposes, the electronic device 101 The category of UWB transactions can be considered payment services. Below, the authentication procedure for the payment service can be described.

According to various embodiments, in operation 602, the electronic device 101 may determine whether the USSID associated with the UWB transaction is a USSID registered in the routing table of the electronic device 101.

According to various embodiments, in operation 605, when the USSID is registered in the routing table, the electronic device 101 (e.g., the UWB communication circuit 391) executes a plurality of programs corresponding to the USSID of the received first UWB signal. can determine whether an application (e.g. application and/or applet) exists. For example, the electronic device 101 may determine whether programs (e.g., applications and/or applets) with the same USSID corresponding to the corresponding USSID exist based on program information registered in the OS of the electronic device 101. . If a duplicate USSID exists in the program information, since multiple programs (e.g., applications and/or applets) can perform operations (e.g., payment) for the UWB security service, select one of the multiple programs. We can provide you with a method to choose from.

According to various embodiments, when a plurality of programs with the same USSID exist, the electronic device 101 may provide a first UI in operation 610. For example, the first UI may be a UI for selecting one program (eg, an application or an applet) among a plurality of programs related to a payment service. For example, multiple programs associated with the same USSID may be multiple programs set by the user for the same UWB security service. Referring to FIG. 7 , various embodiments of the first UI 700 are shown. For example, the electronic device 101 may display the first UI 700 on at least a partial area of the display of the electronic device 101 (eg, the display device 160 of FIG. 1). Hereinafter, programs may be referred to as applications and/or applets.

According to various embodiments, at reference numeral 701, the first UI 700 may include a list of a plurality of programs supporting the requested payment service. For example, multiple programs may be applications and/or applets associated with the same USSID. For example, the list of programs may include first program information 710, second program information 720, and third program information 730. For example, the first program information 710 may include descriptive information about the first program (e.g., first program name and/or first program-related image (e.g., banner)) and selection UI 711. there is. At reference number 701, the first program may be the currently selected program for the payment service. For example, the selection UI 711 may indicate that the first program is the currently selected program for the payment service. For example, the user can change the program to be used for the payment service by inputting the second program information 720 or the third program information 730.

According to various embodiments, at reference numeral 701, the first UI 700 may include additional information 740. For example, the additional information 740 may include ranging information 741.

Referring back to FIG. 6 , according to various embodiments, in operation 615, the electronic device 101 may determine whether a selection input is received. For example, the electronic device 101 may determine whether a selection input for one of a plurality of programs included in the first UI 700 is received.

Referring again to reference number 701 in FIG. 7, according to one embodiment, when an input for the OK button 780 is received, the electronic device 101 selects a selected program (e.g., the first program). It can be decided that For example, when an input for one of the plurality of program information 710, 720, and/or 730 is received, the electronic device 101 displays the OK button 780 and/or the cancel button 790 in the first UI. It can be set to display at (700).

According to one embodiment, when the electronic device 101 receives a designated input (e.g., touch input, hold input for more than a designated time) for one of the displayed program information 710, 720, and 730, the electronic device 101 generates a device associated with the designated input. It may be determined that selection input for the program has been received. For example, the electronic device 101 may omit the OK button 780 and/or the cancel button 790 from the first UI 700.

According to one embodiment, when a user input for the cancel button 790 is received, the electronic device 101 may determine that reception of the selection input has failed. According to one embodiment, the electronic device 101 may determine that reception of the selection input has failed when the input is not received within a specified time after output of the first UI 700. According to one embodiment, if a designated input (e.g., input to the power button or input to the cancel button) is received after outputting the first UI 700, the electronic device 101 may determine that reception of the selection input has failed. there is. If no selection input is received, the electronic device 101 may terminate the current session for the payment service.

According to various embodiments, at reference numeral 702, the first UI 700 may include additional information 740. For example, the additional information 740 includes ranging information 741 and a MAC payload information element included in the first UWB signal (e.g., USS information element 402 or 403 or MPX IE including USS information element) It may include payment-related information 743 based on the additional information.

Referring to reference number 701, according to one embodiment, the first UI 700 may also include information about a program whose permission status is “disapproved.” For example, the permission status of the third program information 730 may be “disapproved.” If a duplicate USSID exists, the electronic device 101 may also include information about the program in the “disapproved” status in the first UI 700. For example, the selection UI 731 of the third program information 730 in a disapproved state may indicate that the third program is currently unselectable. For example, when an input for a program in a “disapproved” state is received, the electronic device 101 may provide a UI for changing the permission state of the program. As another example, the electronic device 101 may ignore input to a program that is in a “disapproved” state.

According to one embodiment, information about a program in a “disapproved” state may have different display properties from information about a program in an “approved” or “undecided” state. For example, the electronic device 101 may display display properties of the third program information 730 differently from those of the first program information 710 and the second program information 720. For example, display properties may include type of display information, amount of display information, color, hue, luminance, contrast, and/or display position.

The form of the first UI 700 in FIG. 7 is illustrative, and the embodiments of this document are not limited thereto. For example, information about a program in a “disapproved” state (e.g., third program information 730) may not be displayed on the first UI 700.

Referring again to FIG. 6 , according to various embodiments, in operation 615, the electronic device 101 may determine whether a selection input for one program among programs having a plurality of duplicate USSIDs is received. For example, when a selection input is not received (e.g., when an input to the reject button 790 of the first UI is received), the electronic device 101 terminates the session for the authentication process and payment service. You can. For another example, the electronic device 101 may perform operation 635 when a selection input is received in operation 615. For example, when a selection input is received, the electronic device 101 may determine that authentication for the selected program has been successfully performed and execute the selected program (eg, operation 635). For example, when the electronic device 101 receives a selection input for one of the plurality of programs included in the first UI 700, the electronic device 101 changes the permission information of the selected program to “Allow this session only” and You can run the program. In this case, the first UI 700 can be used as a UI to simultaneously select and authenticate duplicate programs.

According to various embodiments, in operation 620, the electronic device 101 may determine whether a program permitted for the USSID included in the first UWB signal exists. For example, if there is a program registered for the corresponding USSID in the routing table, the electronic device 101 can determine whether the program is permitted for the UWB security service using the permission information of the registered program. For example, if the permission of the program is not granted (e.g., if the permission status is “disapproved”), the electronic device 101 may terminate the authentication procedure and session. According to one embodiment, the electronic device 101 may perform operation 625 when the permission status of the program of the electronic device 101 associated with the USSID is “undetermined,” “allowed,” or “always allowed.”

According to various embodiments, in operation 625, the electronic device 101 may provide a second UI.

Figure 8 shows a second UI 800 according to various embodiments.

Referring to FIG. 8, according to various embodiments, the second UI 800 may include payment information 840 and payment program information 810, a payment acceptance button 880, and a payment rejection button 890. You can. For example, the payment information 840 includes the name 841 of the program to currently perform payment, the distance information 843 between the electronic device 101 and the external electronic device 501, and the MAC payload of the first UWB signal. It may include additional information (e.g., payment amount information, business name, and/or payment item information) 845 included in the information element (e.g., USS information element). For example, the payment program information 810 may include an image (eg, banner) related to the payment program.

According to one embodiment, when an input to the payment acceptance button 880 is received, the electronic device 101 may consider that payment for the currently ongoing session has been permitted by the user. In this case, the electronic device 101 may change the permission information in the routing table for the program used for payment (e.g., A PAY) from “Undecided” to “Allowed only in this session.”

According to one embodiment, when an input to the payment refusal button 890 is received, the electronic device 101 may terminate the payment service session currently in progress. In this case, for example, the electronic device 101 may maintain permission information in the routing table for a program used for payment (e.g., A PAY) as “undetermined.”

According to various embodiments, in operation 630, the electronic device 101 may determine whether an acceptance input for a payment service is received. For example, when an input for the payment permission button 880 on the second UI 800 of FIG. 8 is received, the electronic device 101 may determine that an input for the payment service permission has been received. For another example, when an input to the payment rejection button 890 of the second UI 800 of FIG. 8 is received, the electronic device 101 may determine that an input to allow the payment service has not been received.

According to various embodiments, in operation 635, the electronic device 101 may execute a program related to a payment service when a permission input is received.

According to various embodiments, in operation 640, if the USSID is not registered, the electronic device 101 may provide the third UI 900 of FIG. 9.

FIG. 9 illustrates a third UI 900 according to various embodiments.

Referring to FIG. 9, when the USSID is not registered, the electronic device 101 may provide the third UI 900. For example, the electronic device 101 may process an unregistered USSID as a service related to payment. According to various embodiments, the third UI 900 may include payment information 940, program information 910, an allow button 980, and a reject button 990. For example, the payment information 940 includes information 941 indicating that the requested UWB security service is an unregistered service, distance information 943 between the electronic device 101 and the external electronic device 501, and first It may include additional information (e.g., payment amount information, business name, and/or payment item information) included in the MAC payload information element (e.g., USS information element) of the UWB signal. For example, the program information 910 may include an image indicating that the UWB security service currently requesting payment is an unregistered service.

Referring again to FIG. 6 , in operation 645, the electronic device 101 may determine whether an allowable input for the third UI 900 is received. Referring to FIG. 9 , according to one embodiment, when an input to the allow button 980 is received, the electronic device 101 may consider that the UWB security service currently in progress has been permitted by the user. In this case, the electronic device 101 may add the corresponding USSID to the routing table and set the permission information to “allowed only for this session.”

According to one embodiment, when an input to the reject button 990 is received, the electronic device 101 may terminate the currently ongoing session. In this case, for example, the electronic device 101 may add the USSID to the routing table and set the permission information associated with the USSID to “disapproved.”

According to various embodiments, when a permission input is received in operation 645 of FIG. 6, the electronic device 101 may consider the corresponding UWB security service to be a service related to payment and determine whether a plurality of programs related to payment exist. There is (e.g. operation 605).

For example, referring again to FIG. 5 , if the authentication procedure is successfully performed, the UWB communication circuit 391 may transmit information received through the first UWB signal to the secure element 340 in operation 535. According to one embodiment, the security element 340 executes a designated program (e.g., a payment application) based on the transmitted information and performs payment authentication (e.g., biometric authentication or password input) according to the payment procedure of the payment application. It can be done. Although the authentication procedure of the payment application is omitted, a person skilled in the art will understand that authentication is performed according to the authentication procedure of a typical payment application. For example, if payment authentication is successful, the secure element 340 may transmit response information to the UWB communication circuit 391 in operation 540.

According to various embodiments, at operation 545, the UWB communication circuit 391 may transmit a second UWB signal including response information. For example, the second UWB signal may be a UWB signal that includes response information as a USS information element of the MAC payload information element.

According to various embodiments, if the authentication process in operation 530 fails, the electronic device 101 may terminate the session. For example, UWB communication circuitry 391 may not forward received information to the secure element (e.g., operation 535). In this case, the electronic device 101 may ignore the first UWB signal received from the external electronic device 501.

According to various embodiments, the session may be terminated in operation 550 as payment between the electronic device 101 and the external electronic device 501 is terminated. In this case, for example, at operation 555, the UWB communication circuit 391 may update the routing table. For example, the electronic device 101 may update the permission status of the payment application, which is set to “only allow this session” according to the authentication procedure 530, to “undetermined” after the session ends. By updating the permission status to “undetermined” after payment is completed, the electronic device 101 can provide a notification to the user for each payment to inquire whether the payment is permitted.

2. Others

According to one embodiment, the external electronic device 501 may be a device for services other than payment (eg, a device supporting keyless entry). For example, the UWB transaction of FIG. 5 may illustrate the signal flow for UWB security services for keyless entry. Hereinafter, duplicate content described in relation to the payment service may be omitted for convenience of explanation.

According to various embodiments, in operation 505, the electronic device 101 and the external electronic device 501 may initiate a session.

According to various embodiments, in operation 510, the external electronic device 501 and the electronic device 101 may perform ranging.

According to various embodiments, in operation 515, the external electronic device 501 may determine whether the electronic device 101 is within a specified distance.

According to various embodiments, in operation 520, the external electronic device 501 may transmit a first UWB signal. For example, the first UWB signal may include information associated with keyless entry. For example, information associated with keyless entry may be included in a MAC payload information element (e.g., USS information element 402 or 403 or MPX IE containing USS information element). For example, information associated with keyless entry may include a UWB Security Service Identifier (USSID). For example, information related to keyless entry may include keyless entry target information (eg, vehicle model name). According to one embodiment, the MAC payload of the first UWB signal may include information indicating a proximity vehicle key system environment (PVKSE).

According to various embodiments, at operation 525, UWB communication circuitry 391 may determine whether the UWB transaction requested by the first UWB signal is a permitted request. According to one embodiment, UWB communication circuitry 391 may use a routing table (e.g., mapping information) to determine whether a UWB transaction is a permitted request. For example, UWB communication circuitry 391 may determine whether the requested UWB transaction is a permitted request based on the permission status of the USSID of the received first UWB signal. The UWB communication circuit 391 can check permission information specified for the USSID stored in the routing table. For example, if the permission status for the requested service is “allowed” or “always allowed,” the UWB communication circuit 391 may provide a notification according to operation 527.

According to various embodiments, in operation 527, the electronic device 101 may provide the user with a notification about a UWB transaction for a program (eg, an application and/or applet) set for the requested service. For example, the electronic device 101 may provide a notification according to a notification method set for a program. For example, notification methods may include vibration, ring, pop-up, and/or off.

Referring to FIG. 10, according to one embodiment, the electronic device 101 displays a notification UI 1000 as a notification about a UWB transaction on at least a portion of the display (e.g., display device 160) of the electronic device 101. It can be displayed. For example, when the notification method is set to pop-up or to an option other than “off”, the electronic device 101 may display the notification UI 1000. For example, the notification UI 1000 may include notification information 1040, related program information 1010, OK button 1080, and settings change button 1090. For example, the notification information 1040 includes the name 1041 of the program that currently wants to perform a UWB transaction, distance information 1043 between the electronic device 101 and the external electronic device 501, and MAC of the first UWB signal. It may include additional information (e.g., reader information) included in the payload information element (e.g., USS information element). For example, associated program information 1010 may include an image (eg, banner) associated with a program associated with a UWB transaction.

According to one embodiment, the electronic device 101 may end display of the notification UI 1000 when a specified time elapses after displaying the notification UI 1000 or when an input to the OK button 1080 is received.

For example, if the permission status for the requested service is “allowed” or “always allowed,” referring again to FIG. 5, the UWB communication circuit 391 performs operation 535 to transmit the received signal through the first UWB signal. Information may be transmitted to the secure element 340.

According to one embodiment, the permission status for the requested UWB security service may be “undetermined” or the USSID of the requested UWB security service may not be registered in the routing table of the electronic device 101. In this case, the UWB communication circuit 391 may determine that the requested UWB security service is an unauthorized request and perform the authentication procedure 530. For example, the UWB communication circuit 391 may provide ranging information (e.g., distance information between the electronic device 101 and the external electronic device 501) and a MAC payload information element (e.g., USS information element) of the first UWB signal. The authentication procedure can be performed by transmitting the information of ) to the processor 320.

11 shows a flow diagram 1100 of an authentication method according to various embodiments. With reference to FIG. 11, authentication procedures according to various embodiments may be described. Below, the authentication procedure for UWB transactions other than payment services can be described. Due to differences in UI, the authentication process is divided into FIGS. 6 and 11 for payment and other services, but the authentication procedure for payment service and the authentication procedure for other services may be substantially the same. The two authentication procedures may be substantially the same except for differences in UI. Unless otherwise stated, the description of the authentication procedure described above with respect to FIG. 6 may also be applied to the authentication procedure of FIG. 11 .

According to various embodiments, in operation 1102, the electronic device 101 (e.g., UWB communication circuit 381) may determine whether the USSID of the received first UWB signal is a USSID registered in the routing table.

According to various embodiments, in operation 1105, if the USSID of the received first UWB signal is a USSID registered in the routing table of the electronic device 101, the electronic device 101 (e.g., the UWB communication circuit 391) Can determine whether a plurality of programs corresponding to the USSID of the received first UWB signal exist.

According to various embodiments, when a duplicate USSID exists, in operation 1110, the electronic device 101 may provide a fourth UI. For example, the fourth UI may be a UI for selecting one program (eg, an application or an applet) among a plurality of programs related to a UWB transaction.

FIG. 12 illustrates a fourth UI 1200 according to various embodiments. Referring to FIG. 12 , various embodiments of the fourth UI 1200 are shown. For example, the electronic device 101 may display the fourth UI 1200 on at least a partial area of the display (eg, the display device 160 of FIG. 1) of the electronic device 101.

According to various embodiments, at reference numeral 1201, the fourth UI 1200 may include a list of a plurality of programs supporting the requested UWB transaction. For example, the list of programs may include first program information 1210, second program information 1220, and third program information 1230. For example, the first program information 1210 may include descriptive information about the first program (e.g., first program name and/or first program-related image (e.g., banner)) and selection UI 1211. there is. At reference number 1201, the first program may be the currently selected program for the corresponding UWB transaction. For example, the selection UI 1211 may indicate that the first program is the program selected for the UWB transaction. For example, the user can change the program selection for the current UWB transaction by inputting the second program information 1220.

According to various embodiments, the fourth UI 1200 may include additional information 1240. For example, the additional information 1240 may include ranging information 1241.

According to various embodiments, at reference number 1202, the fourth UI 1200 may include additional information 1240. For example, the additional information 1240 is information of the external electronic device 501 based on the ranging information 1241 and the additional information of the MAC payload information element (e.g., USS information element) included in the first UWB signal ( 1243).

Referring again to FIG. 11 , in operation 1115, the electronic device 101 may determine whether an allowable input for the fourth UI 1200 is received after the fourth UI 1200 is provided. According to one embodiment, the electronic device 101 may determine whether to receive an allowable input based on a designated input for the fourth UI 1200.

Referring to FIG. 7, according to one embodiment, after selecting one of the programs (e.g., first to third programs), the electronic device 101 allows input for the selected program when a designated user input is received. It can be determined that it has been received. For example, the electronic device 101 presses the first button 1270 in a state where one of the plurality of program information 1210, 1220, or 1230 is selected (e.g., a state indicating that one selection UI is selected). Alternatively, when an input to the second button 1280 is received, it may be determined that an allowable input for the selected program has been received. For example, when an input to the first button 1270 is received, the electronic device 101 sets the permission information of the currently selected program in the routing table to “always allow” and executes the selected program (e.g. : operation 1135). For another example, when an input to the second button 1280 is received, the electronic device 101 may set the permission information of the currently selected program to “undetermined” and execute the selected program.

According to one embodiment, when a designated input (e.g., a hold input for more than a designated time) for one of the displayed program information 1210, 1220, and 1230 is received, the electronic device 101 controls the program associated with the designated input. It may be determined that acceptable input has been received. For example, the electronic device 101 may omit the first button 1270, the second button 1280, and/or the third button 1290 from the fourth UI 1200.

According to one embodiment, when a user input for the third button 1290 is received, the electronic device 101 may determine that reception of the allowable input has failed. According to one embodiment, the electronic device 101 may determine that reception of allowable input has failed when no input is received within a specified time after output of the fourth UI 1200. According to one embodiment, if a designated input (e.g., input to the power button or input to the cancel button) is received after outputting the fourth UI 1200, the electronic device 101 may determine that reception of the allowable input has failed. there is. If the permission input is not received, the electronic device 101 may terminate the current session for the UWB security service.

According to various embodiments, in operation 1120, the electronic device 101 may determine whether a program permitted for the USSID included in the first UWB signal exists. For example, the electronic device 101 may use permission information of a program associated with a USSID in the routing table to determine whether the program is permitted for the UWB security service. For example, if the permission of the program is not granted (e.g., if the permission status is “disapproved”), the electronic device 101 may terminate the authentication procedure and session. According to one embodiment, the electronic device 101 may perform operation 1125 when the permission status of the program of the electronic device 101 associated with the USSID is “undetermined” or “allowed.”

According to various embodiments, in operation 1125, if a program permitted for the corresponding USSID (e.g., a program whose permission status is “undetermined” or “allowed”) exists, the fifth UI may be provided.

FIG. 13 illustrates a fifth UI 1300 according to various embodiments.

Referring to FIG. 13 , according to various embodiments, at reference number 1301, the fifth UI 1300 may include an interface for changing the permission status for the selected program. For example, the fifth UI 1300 may include permission change information 1340, permission change program information 1330, and permission selection UI 1350. For example, a user can select permissions for a program through input into the permission selection UI 1350. For example, after selecting a permission, the user may input the OK button 1380 to store the selected permission information in the routing table of the electronic device 101. When an input to the cancel button 1390 is received, the electronic device 101 may not change permission information for the corresponding program.

According to one embodiment, the fifth UI 1300 may not include the OK button 1380 and/or the cancel button 1390. For example, the electronic device 101 may determine that an allow input is received when an input for ALLOW or ASK ME in the selection UI 1350 is received. For another example, when an input for NOT ALLOWED in the selection UI 1350 is received, the electronic device 101 may determine that an allow input has not been received.

According to various embodiments, at reference number 1302, the fifth UI 1300 may further include a pop-up message including a notification method selection UI 1360 for selecting a notification method for a specific program. For example, the notification method selection UI 1360 may be provided when an input to the OK button 1380 of reference number 1301 is received. The selection UI 1360 is illustrative and may be omitted.

According to various embodiments, the fifth UI 1300 of FIG. 13 is configured to input input to the settings change button 1090 of FIG. 10, permission information (e.g., 1213, 1223, and/or 1233) of FIG. 12, or notification information. (e.g., 1210, 1220, and/or 1230) may be provided to the user based on the input.

Referring back to FIG. 11 , according to various embodiments, at operation 1130, electronic device 101 may determine whether an acceptance input for a UWB transaction is received. For example, if the permission of the program is set to “ALLOW” or “ASK ME” based on the input to the fifth UI 1200 of FIG. 12, the electronic device 101 may determine that an allowable input has been received. there is. For another example, if the permission of the program is set to “NOT ALLOWED” based on the input to the fifth UI 1200 of FIG. 12, the electronic device 101 determines that no permission input for the UWB transaction has been received. You can decide.

According to various embodiments, in operation 1135, the electronic device 101 may execute a program associated with a UWB transaction when a permission input is received.

According to various embodiments, in operation 1140, if the USSID is not registered, the electronic device 101 may provide the sixth UI 1800 of FIG. 18.

FIG. 18 illustrates a sixth UI 1800 according to various embodiments.

Referring to FIG. 18, when the USSID is not registered, the electronic device 101 may provide the sixth UI 1800. According to various embodiments, the sixth UI 1800 may include transaction information 1840, program information 1810, an allow button 1880, and a reject button 1890. For example, the transaction information 1840 includes information 1841 indicating that the requested UWB security service is an unregistered service, distance information 1845 between the electronic device 101 and the external electronic device 501, and first It may include additional information 1843 included in the MAC payload information element (e.g., USS information element) of the UWB signal. For example, the program information 1810 may include an image indicating that the UWB security service currently requesting a transaction is an unregistered service.

Referring again to FIG. 11 , in operation 1145, the electronic device 101 may determine whether an allowable input for the sixth UI 1800 is received. Referring to FIG. 18, according to one embodiment, when an input to the allow button 1880 is received, the electronic device 101 may consider that the UWB security service currently in progress has been permitted by the user. In this case, the electronic device 101 may add the corresponding USSID to the routing table and set the permission information to “allowed only for this session.”

According to one embodiment, when an input to the reject button 1890 is received, the electronic device 101 may terminate the currently ongoing session. In this case, for example, the electronic device 101 may add the USSID to the routing table and set the permission information associated with the USSID to “disapproved.”

According to various embodiments, when a permission input is received in operation 1145 of FIG. 11, the electronic device 101 may determine whether a plurality of programs exist (eg, operation 605). In this case, the electronic device 101 may provide a fourth UI including all programs that support UWB transactions (e.g., programs excluding programs related to payment).

For example, referring again to FIG. 5 , when an allowable input is received, the UWB communication circuit 391 may transmit information received through the first UWB signal to the secure element 340 in accordance with operation 535 . According to one embodiment, the secure element 340 executes a designated program based on the transmitted information, and the program may generate response information using the received information. For example, secure element 340 may transmit the generated response information to UWB communication circuitry 391.

According to various embodiments, at operation 545, the UWB communication circuit 391 may transmit a second UWB signal including response information. For example, the second UWB signal may be a UWB signal that includes response information as a MAC payload information element (eg, USS information element) of the MAC payload information element.

According to various embodiments, the session may be terminated in operation 550 as payment between the electronic device 101 and the external electronic device 501 is terminated. According to one embodiment, operation 555 may be omitted.

Figure 14 is a flowchart 1400 of a UWB signal transmission method according to various embodiments. In the embodiment of FIG. 14 , the electronic device may correspond to the external electronic device 501 of FIG. 5 and the external electronic device may correspond to the electronic device 101 of FIG. 5 .

According to various embodiments, in operation 1405, an electronic device (eg, the external electronic device 501 of FIG. 5) may discover an external electronic device (eg, the electronic device 101 of FIG. 5). For example, an electronic device may discover an external electronic device using short-range wireless communication (e.g., Bluetooth, Bluetooth low energy, Wi-Fi, and/or NAN) with the external electronic device. For example, an electronic device can discover an external electronic device by receiving a signal based on short-range wireless communication from the external electronic device. According to one embodiment, when the electronic device discovers an external electronic device based on a first communication protocol (e.g., Bluetooth, Bluetooth Low Energy, Wi-Fi, and/or NAN), a communication module associated with a second communication protocol (e.g., UWB communication) can be activated.

According to various embodiments, in operation 1410, the electronic device may perform ranging with an external electronic device using a UWB signal. For example, the electronic device can measure the distance between the external electronic device and the electronic device by transmitting a UWB signal and receiving a UWB signal including time information (eg, a time stamp) from the external electronic device.

In operation 1415, the electronic device may determine whether the external electronic device is located within a specified distance from the electronic device based on the range. In one embodiment, if the external electronic device is not located within the specified distance, in operation 1410, the electronic device may continue to perform ranging. In one embodiment, when an external electronic device is located within a specified distance, in operation 1420, the electronic device may transmit a first UWB signal including specified information. For example, the first UWB signal may include specified information. For example, the specified information may include information of a UWB transaction. For example, the specified information may be included in the MAC information element of the first UWB signal. For example, the specified information may refer to USS information element 402 or 403 or information included in an MPX IE that includes a USS information element.

Figure 15 is a flowchart 1500 of a UWB signal transmission method according to various embodiments.

According to various embodiments, in operation 1505, an electronic device (eg, the electronic device 101 of FIG. 5) may discover an external electronic device (eg, the external electronic device 501 of FIG. 5). For example, the electronic device 101 may discover the external electronic device 501 using short-range wireless communication (e.g., Bluetooth, Bluetooth low energy, Wi-Fi, and/or NAN). For example, the electronic device 101 may discover an external electronic device by receiving a signal based on short-range wireless communication from the external electronic device 501.

According to various embodiments, in operation 1510, the electronic device 101 (e.g., the UWB communication circuit 391 of FIG. 3) may perform ranging with an external electronic device using a UWB signal. For example, the electronic device 101 may receive a UWB signal and transmit a UWB signal including time information (eg, a time stamp) to the external electronic device 501.

According to various embodiments, in operation 1515, the electronic device 101 may receive a first UWB signal from the external electronic device 501. For example, the first UWB signal may include specified information. For example, the specified information may include information of a UWB transaction. For example, the specified information may be included in the MAC information element of the first UWB signal. For example, the specified information may refer to USS information element 402 or 403 or information included in an MPX IE that includes a USS information element.

According to various embodiments, in operation 1520, the electronic device 101 may determine whether the first UWB signal includes specified information. For example, electronic device 101 may determine whether an information element of the MAC payload of the first UWB signal includes an identifier for a specified UWB transaction. For example, the electronic device 101 may determine whether the MAC payload information element of the first UWB signal includes a USSID. According to one embodiment, the electronic device 101 uses the USSID and mapping information (e.g., routing table) of the electronic device 101 to identify an identifier for a UWB transaction in which the information element of the MAC payload of the first UWB signal is specified. You can decide whether to include it or not. For example, the electronic device 101 may determine whether the USSID included in the received MAC payload information element is a USSID registered in the mapping information of the electronic device 101. For example, the mapping information may include information about the mapping relationship between the USSID and programs of the electronic device 101.

According to various embodiments, in operation 1525, when the first UWB signal includes specified information, the electronic device 101 may transmit the specified information to the SE (eg, secure element 340). For example, the electronic device 101 may transmit the USSID and ranging information of designated information (e.g., distance information between the electronic device 101 and the external electronic device 501) to the SE. For example, the electronic device 101 may perform the authentication procedure described above with respect to FIG. 5 (e.g., operation 530) by transmitting designated information to the SE.

According to various embodiments, in operation 1530, the electronic device 101 may transmit a second UWB signal including a response received from the SE. For example, the second UWB signal may include response information for the requested UWB transaction. For example, the SE may transmit response information to the UWB communication circuit if the authentication procedure is successfully performed using the received designated information. The UWB communication circuit may transmit a second UWB signal containing the received response information.

According to various embodiments, in operation 1535, when the first UWB signal does not include specified information, the electronic device 101 may transmit the specified information to a processor (eg, processor 320 of FIG. 3). In operation 1540, the electronic device 101 may transmit a third UWB signal including the response received from the processor. For example, the third UWB signal may include response information processed by a processor independent from the SE (eg, processor 320 of FIG. 3) or the OS of the electronic device 101. For example, when the first UWB signal does not include specified information, the electronic device 101 may determine that the first UWB signal is a service unrelated to a security service through UWB communication.

Figure 16 shows a settings UI 1600 according to various embodiments.

As described above with reference to FIGS. 7 and 12, multiple programs may be stored in the routing table for the same USSID. According to various embodiments, the electronic device 101 may provide a setting UI 1600 for setting at least one program to be used for each UWB security service. For example, the electronic device 101 may be activated when a program associated with a specific USSID is installed on the electronic device 101, when a user input related to execution of the settings UI 1600 is received, or when a UWB signal including the USSID is received. When received (e.g., when there is no program specified for the USSID), a settings UI 1600 may be provided. In Figure 16, the embodiment is explained focusing on the payment service, but the settings UI may also be provided for other services in a similar manner.

According to various embodiments, at reference number 1601, the settings UI 1600 may include a plurality of program information related to a payment service. For example, the settings UI 1600 may include first program information 1610, second program information 1620, and/or third program information 1630 related to a payment service. For example, the selection UI 1611 of the first program information 1610 may indicate that the program selected for the current payment service is the first program.

According to various embodiments, a user may wish to use multiple programs for payment services. In this case, the user sets a plurality of programs for the payment service, and uses one of the plurality of programs set for the payment service (e.g., the first UI 700 in FIG. 7 or the fourth UI 1200 in FIG. 12). ) You can select one and perform the payment service using the selected program. For example, the user may want to set “B PAY” as a program related to the payment service in addition to “A PAY”. In this case, the user can input the second program information 1620.

According to various embodiments, at reference numeral 1602, the electronic device 101 may provide a pop-up image 1650 on the settings UI 1600 when an input for the second program information 1620 is received. For example, at reference number 1601, when a user input for the second program information 1620 is received, the electronic device 101 displays a pop-up image 1650 inquiring whether to add the second program as a program for the payment service. ) can be provided.

According to one embodiment, when a user input for the OK button 1651 of the pop-up image 1650 is received, the electronic device 101 may add a second program as a program related to the payment service. In this case, at reference number 1603, the selection UI 1621 of the second program information 1620 may indicate that the second program is set as a program related to the payment service.

According to various embodiments, the pop-up image 1650 of reference number 1602 may be omitted. For example, when the electronic device 101 receives an input for the second program information 1620 of reference number 1601, the electronic device 101 may change the state of the selection UI 1651 to the selection UI 1621 of reference number 1603.

Figure 17 shows a settings UI 1700 according to various embodiments.

According to various embodiments, the settings 1700 may include notification settings and permission status information for each program. For example, the permission information 1713 of the first program information 1710 may correspond to “allow” (e.g., always allow) and the notification method 1715 may correspond to “ON”. For example, the permission information 1723 of the second program information 1720 may correspond to “ASK ME” (e.g., “undecided”) and the notification method 1725 may correspond to “ON”. For example, the permission information 1733 of the third program information 1730 may correspond to “NOT ALLOWED” (e.g., “disapproved”) and the notification method 1735 may correspond to “off”.

According to one embodiment, when an input for permission information (e.g., permission information 1713) is received, the electronic device 101 provides a separate menu (e.g., drop-down menu or pop-up menu) for changing permission information. And, permission information (e.g., permission information 1713) can be changed based on user input for a separate menu. For example, a separate menu may include “ALLOW”, “ASK ME”, and “NOT ALLOWED” as selectable options.

According to one embodiment, when an input for a notification method (e.g., notification method 1710) is received, the electronic device 101 provides a separate menu (e.g., a drop-down menu or pop-up menu) for changing the notification method. And, the status of the notification method (e.g., notification method 1710) can be changed based on user input to a separate menu. As another example, when an input for a notification method (e.g., notification method 1710) is received, the electronic device 101 may change the state of the notification method (e.g., notification method 1715) based on the user input. .

According to one embodiment, the electronic device 101 may provide a separate UI when an input for permission information is received. For example, the electronic device 101 may provide a UI similar to that of reference number 1301 in FIG. 13 . According to one embodiment, when an input for a notification method is received, the electronic device 101 may provide a separate UI. For example, the electronic device 101 may provide a UI similar to that of reference number 1302 in FIG. 13 .

The selection UI 1700 described above with reference to FIG. 17 is illustrative, and the embodiments of this document are not limited thereto.

According to various embodiments, an electronic device (e.g., the electronic device 101 of FIG. 3) may use a communication circuit (e.g., the communication circuit 390 of FIG. 3) configured to perform short-range wireless communication, or an ultra-wideband (UWB) device. ) UWB communication circuit set to perform communication (e.g., UWB communication circuit 391 in FIG. 3), a security element set to provide an execution environment isolated from the operating system (OS) of the electronic device (e.g., FIG. It may include a secure element 340 of 3), and a processor (eg, processor 320 of FIG. 3) operatively connected to the communication circuit, the UWB communication circuit, and the secure element. According to one embodiment, the UWB communication circuit performs ranging with an external electronic device (e.g., the external electronic device 501 in FIG. 5) and receives a MAC header (e.g., the external electronic device 501 in FIG. 4) from the external electronic device. Receive a first UWB signal including a header) and a MAC payload (e.g., the payload of FIG. 4), and receive a medium access control (MAC) payload information element included in the MAC payload (the payload of FIG. 4). It may be configured to determine whether to transmit information included in the MAC payload information element to the security element based at least on the information element 460.

According to one embodiment, the UWB communication circuit uses an identifier included in the MAC payload information element and an upper layer (e.g., upper layer 303 in FIG. 3) of the MAC layer (e.g., MAC layer 302 in FIG. 3). ) is set to determine whether to deliver the MAC payload information element to the security element using mapping information stored in , and the mapping information includes permission information for access to the security element set for the identifier ( Examples: Accept, Disapprove, or Indecision).

According to one embodiment, the MAC payload information element (e.g., USS information element 402 or 403 or MPX IE containing a USS information element) is the identifier (e.g., USS information element 402 or 403) associated with a UWB transaction over UWB communication. USSID) information may be included. For example, the MAC payload information element may include near filed communication (NFC) protocol information associated with the UWB transaction (e.g., technical 451 and/or protocol 452 of the first USS information element 402 or the second USS It may further include a payload type (498) of the information element (403).

According to one embodiment, the electronic device may further include a display (eg, the display device 160 of FIG. 1). For example, when the first UWB signal is received, the UWB communication circuit uses the processor to create a UI (user interface) (e.g., the first UI 700 in FIG. 7, FIG. Displaying the second UI (800) in Figure 8, the third UI (900) in Figure 9, the fourth UI (1200) in Figure 12, and/or the fifth UI (1300) in Figure 13) on the display, and When a user input allowing the UWB transaction is received through the UI, the MAC payload information element may be set to be transmitted to the secure element.

For example, when a user input allowing the UWB transaction is received through the UI, the UWB communication circuit transmits the MAC payload information element and the distance information between the electronic device and the external electronic device to the security element. It can be set to do so. For example, the distance information is obtained through the ranging, and the UI may include information about a program associated with the distance information and an identifier associated with the UWB transaction.

For example, the MAC payload information element may further include additional information (e.g., price, model name, product name, and/or trade name) associated with the UWB transaction, and the UI may further include the additional information.

According to one embodiment, when the MAC payload information element is received, the security element executes a program corresponding to the identifier of the MAC payload information element, and performs user authentication (e.g., fingerprint authentication, iris authentication) through the program. authentication, face ID authentication, and/or password authentication).

According to one embodiment, when the user authentication is successfully performed, the secure element transmits response information for the MAC payload information element to the UWB communication circuit, and the UWB communication circuit transmits response information including the response information. 2 Can be set to transmit UWB signals to the external electronic device.

According to one embodiment, when the processor discovers the external electronic device based on Bluetooth low energy, Bluetooth, NAN (neighbor awareness networking), or Wi-Fi communication using the communication circuit, it activates the UWB communication circuit to It can be set to perform a jing.

According to one embodiment, the UWB communication circuit provides a UI for selecting a program to be used for the UWB transaction using the processor when the first UWB signal is received and a plurality of programs corresponding to the identifier exist. (user interface) (e.g., the first UI 700 in FIG. 7 or the fourth UI 1200 in FIG. 12) may be set to be displayed on the display.

According to various embodiments, an electronic device (e.g., the external electronic device 501 of FIG. 5) may use a communication circuit (e.g., the communication circuit 390 of FIG. 3) configured to perform short-range wireless communication, and a UWB (ultra-wireless device). a UWB communication circuit configured to perform wideband communication (e.g., the UWB communication circuit 391 in FIG. 3), and a processor operatively connected to the communication circuit and the UWB communication circuit (e.g., the processor in FIG. 3) 320)) may be included. For example, the UWB communication circuit performs ranging with an external electronic device (e.g., the electronic device 101 of FIG. 5) using a UWB signal, and based on the ranging, the external electronic device Determines whether the external electronic device is located within a specified distance from the electronic device, and if the external electronic device is located within the specified distance, includes a medium access control (MAC) payload information element designated for requesting a UWB transaction to the external electronic device. It may be set to transmit the first UWB signal.

For example, the MAC payload information element may include identifier information associated with the UWB transaction. The MAC payload information element may further include near field communication (NFC) protocol information associated with the UWB transaction.

For example, when the processor discovers the external electronic device based on low-power Bluetooth, Bluetooth, NAN (neighbor awareness networking), or Wi-Fi communication using the communication circuit, the processor activates the UWB communication circuit and activates the UWB communication circuit. It can be set to perform the ranging.

For example, the electronic device may be a point of sales (POS) terminal or an electronic device that supports keyless entry (e.g., vehicle 203, laptop 204, or gate 205 in FIG. 2). It can be.

According to various embodiments, an ultra-wideband (UWB) transaction method of an electronic device (e.g., the electronic device 101 of FIG. 3) performs ranging with an external electronic device using a UWB signal. An operation of receiving a first UWB signal including a MAC header and a MAC payload from the external electronic device based on the ranging, and a medium access control (MAC) payload information element included in the MAC payload. It may include an operation of transmitting information included in the MAC payload information element to a processor of the electronic device or a security element of the electronic device that is isolated from the processor, based at least on .

According to one embodiment, an ultra-wideband (UWB) transaction method uses an identifier included in the MAC payload information element and mapping information stored in an upper layer of the MAC layer to connect the MAC payload information element to the security element. It further includes an operation of determining whether to transmit, and the mapping information may include permission information for access to the security element set for the identifier.

According to one embodiment, the MAC payload information element may include the identifier associated with a UWB transaction through UWB communication and near filed communication (NFC) protocol information associated with the UWB transaction.

According to one embodiment, the ultra-wideband (UWB) transaction method includes, when the first UWB signal is received, displaying a user interface (UI) on the display of the electronic device to inquire whether the UWB transaction is allowed. , and may further include transmitting the MAC payload information element to the secure element when a user input allowing the UWB transaction is received through the UI.

According to one embodiment, the UWB (ultra-wideband) transaction method generates the MAC payload information element and distance information between the electronic device and the external electronic device when a user input allowing the UWB transaction is received through the UI. It may further include an operation of transmitting information to the secure element. The distance information is obtained through the ranging, and the UI may include information about a program associated with the distance information and an identifier associated with the UWB transaction.

According to one embodiment, the MAC payload information element may further include additional information related to the UWB transaction, and the UI may further include the additional information.

Electronic devices according to various embodiments disclosed in this document may be of various types. Electronic devices may include, for example, portable communication devices (e.g., smartphones), computer devices, portable multimedia devices, portable medical devices, cameras, wearable devices, or home appliances. Electronic devices according to embodiments of this document are not limited to the above-described devices.

The various embodiments of this document and the terms used herein are not intended to limit the technical features described in this document to specific embodiments, and should be understood to include various changes, equivalents, or replacements of the embodiments. In connection with the description of the drawings, similar reference numbers may be used for similar or related components. The singular form of a noun corresponding to an item may include one or more of the above items, unless the relevant context clearly indicates otherwise. In this document, “A or B”, “at least one of A and B”, “at least one of A or B”, “A, B or C”, “at least one of A, B and C” and “A, Each of the phrases such as “at least one of B, or C” may include all possible combinations of the items listed together in the corresponding phrase. Terms such as "first", "second", or "first" or "second" may be used simply to distinguish one component from another, and to refer to that component in other respects (e.g., importance or order) is not limited. One (e.g., first) component is said to be “coupled” or “connected” to another (e.g., second) component, with or without the terms “functionally” or “communicatively.” When mentioned, it means that any of the components can be connected to the other components directly (e.g. wired), wirelessly, or through a third component.

The term “module” used in this document may include a unit implemented in hardware, software, or firmware, and may be used interchangeably with terms such as logic, logic block, component, or circuit, for example. A module may be an integrated part or a minimum unit of the parts or a part thereof that performs one or more functions. For example, according to one embodiment, the module may be implemented in the form of an application-specific integrated circuit (ASIC).

Various embodiments of the present document are one or more instructions stored in a storage medium (e.g., built-in memory 136 or external memory 138) that can be read by a machine (e.g., electronic device 101). It may be implemented as software (e.g., program 140) including these. For example, a processor (e.g., processor 120) of a device (e.g., electronic device 101) may call at least one command among one or more commands stored from a storage medium and execute it. This allows the device to be operated to perform at least one function according to the at least one instruction called. The one or more instructions may include code generated by a compiler or code that can be executed by an interpreter. Device-readable storage media may be provided in the form of non-transitory storage media. Here, 'non-transitory' only means that the storage medium is a tangible device and does not contain signals (e.g. electromagnetic waves). This term refers to cases where data is stored semi-permanently in the storage medium. There is no distinction between temporary storage cases.

According to one embodiment, methods according to various embodiments disclosed in this document may be included and provided in a computer program product. Computer program products are commodities and can be traded between sellers and buyers. The computer program product may be distributed in the form of a machine-readable storage medium (e.g. compact disc read only memory (CD-ROM)) or through an application store (e.g. Play StoreTM) or on two user devices (e.g. It can be distributed (e.g. downloaded or uploaded) directly between smartphones) or online. In the case of online distribution, at least a portion of the computer program product may be at least temporarily stored or temporarily created in a machine-readable storage medium, such as the memory of a manufacturer's server, an application store's server, or a relay server.

According to various embodiments, each component (eg, module or program) of the above-described components may include a single entity or a plurality of entities. According to various embodiments, one or more of the components or operations described above may be omitted, or one or more other components or operations may be added. Alternatively or additionally, multiple components (eg, modules or programs) may be integrated into a single component. In this case, the integrated component may perform one or more functions of each component of the plurality of components in the same or similar manner as those performed by the corresponding component of the plurality of components prior to the integration. . According to various embodiments, operations performed by a module, program, or other component may be executed sequentially, in parallel, iteratively, or heuristically, or one or more of the operations may be executed in a different order, or omitted. Alternatively, one or more other operations may be added.

Claims (20)

In electronic devices,
A UWB communication circuit configured to perform ultra-wideband (UWB) communication; and
Includes a processor,
The processor:
Perform ranging to identify the distance between an external electronic device and the electronic device using the UWB communication circuit,
Set to receive a UWB signal including a medium access control (MAC) header and a MAC payload from the external electronic device while the electronic device and the external electronic device are within a specified distance,
The MAC payload includes a multiplexed information element (MPX IE) including a transaction control field and an upper-layer frame fragment field,
The transaction control field includes a transfer type field and a transaction ID (identifier) field indicating a unique value for the transaction,
Wherein the upper-layer frame fragment field includes a UWB secure service identifier (USSID) that identifies at least one service associated with the transaction. According to claim 1,
The upper-layer frame fragment field includes a payload type field indicating the type of the USSID. According to claim 1,
The USSID includes an application identifier or a system code for the transaction. According to claim 1,
The upper-layer frame fragment field further includes an additional information field associated with the transaction. According to claim 1,
wherein the processor is configured to route at least a portion of the MPX IE to a secure data storage based on the USSID. According to claim 5,
The electronic device is configured to determine access to the secure data storage based on the USSID. In the method of the electronic device,
An operation of performing ranging to identify a distance between an external electronic device and the electronic device based on ultra-wideband (UWB) communication; and
While the electronic device and the external electronic device are within a specified distance, receiving a UWB signal including a medium access control (MAC) header and a MAC payload from the external electronic device,
The MAC payload includes a multiplexed information element (MPX IE) including a transaction control field and an upper-layer frame fragment field,
The transaction control field includes a transfer type field and a transaction ID (identifier) field indicating a unique value for the transaction,
The method of claim 1, wherein the upper-layer frame fragment field includes a UWB secure service identifier (USSID) that identifies at least one service associated with the transaction. According to claim 7,
The method of claim 1, wherein the upper-layer frame fragment field includes a payload type field indicating the type of the USSID. According to claim 7,
The method of claim 1, wherein the USSID includes an application identifier or system code for the transaction. According to claim 7,
The method of claim 1, wherein the upper-layer frame fragment field further includes an additional information field associated with the transaction. According to claim 7,
The method further comprising routing at least a portion of the MPX IE to a secure data storage based on the USSID. According to claim 11,
The method further comprising determining access to the secure data storage based on the USSID. In electronic devices,
Communications circuitry configured to perform short-range wireless communications;
A UWB communication circuit configured to perform ultra-wideband (UWB) communication; and
Includes a processor,
The processor:
Discovering an external electronic device using the communication circuit,
In response to discovery of the external electronic device, performing ranging to identify a distance between the external electronic device and the electronic device using the UWB communication circuit,
Set to receive a UWB signal including a medium access control (MAC) header and a MAC payload from the external electronic device while the electronic device and the external electronic device are within a specified distance,
The MAC payload includes a multiplexed information element (MPX IE) including a transaction control field and an upper-layer frame fragment field,
The transaction control field includes a transfer type field and a transaction ID (identifier) field indicating a unique value for the transaction,
Wherein the upper-layer frame fragment field includes a UWB secure service identifier (USSID) that identifies at least one service associated with the transaction. According to claim 13,
The processor is configured to discover the external electronic device based on Bluetooth low energy, Bluetooth, neighbor awareness networking (NAN), or Wi-Fi communication using the communication circuit. According to claim 14,
wherein the processor is configured to activate the UWB communication circuitry in response to discovery of the external electronic device. According to claim 13,
The upper-layer frame fragment field includes a payload type field indicating the type of the USSID. According to claim 13,
The USSID includes an application identifier or a system code for the transaction. According to claim 13,
The upper-layer frame fragment field further includes an additional information field associated with the transaction. According to claim 13,
wherein the processor is configured to route at least a portion of the MPX IE to a secure data storage based on the USSID. According to claim 19,
The electronic device is configured to determine access to the secure data storage based on the USSID.

Images