US20120171992A1 - System and method for secure containment of sensitive financial information stored in a mobile communication terminal - Google Patents

System and method for secure containment of sensitive financial information stored in a mobile communication terminal Download PDF

Info

Publication number
US20120171992A1
US20120171992A1 US13310063 US201113310063A US2012171992A1 US 20120171992 A1 US20120171992 A1 US 20120171992A1 US 13310063 US13310063 US 13310063 US 201113310063 A US201113310063 A US 201113310063A US 2012171992 A1 US2012171992 A1 US 2012171992A1
Authority
US
Grant status
Application
Patent type
Prior art keywords
mobile
information
se
application
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US13310063
Inventor
Kido CHEONG
Hyungjoon HONG
Hyunjin Kim
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
MOZIDO CORFIRE - KOREA Ltd
Original Assignee
SK C&C Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/88Detecting or preventing theft or loss
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3227Use of a security embedded in M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/354Card activation or deactivation
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/355Personalisation of cards for use
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices using electronic wallets or electronic money safes with the personal data files for a user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/067Network architectures or network communication protocols for network security for supporting key management in a packet data network using one-time keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
    • H04W12/04Key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/50Service provisioning or reconfiguring
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication

Abstract

A method for securing information over-the-air (OTA) in a non-Universal Integrated Circuit Card (UICC) type secure element (SE) of a mobile terminal including receiving a request to initialize an OTA proxy of a mobile terminal, initializing the OTA proxy, receiving a request to secure information, and securing, using the OTA proxy, the requested information in the non-UICC type SE. A method for reconstructing a mobile wallet application including receiving a request to reconstruct the mobile wallet application for a user; transmitting stored mobile wallet application information associated with the user to the mobile terminal; receiving mobile terminal information and SE information; and transmitting a stored application associated with the mobile wallet application information to the mobile terminal. A mobile terminal to secure information OTA in a non-UICC type SE including an OTA proxy to receive a securing command from a TSM, and a non-UICC SE.

Description

    CROSS REFERENCE TO RELATED APPLICATION
  • [0001]
    This application claims priority from and the benefit under 35 U.S.C. §119(a) of U.S. Provisional Patent Application No. 61/428,852, filed on Dec. 30, 2010, which is incorporated by reference for all purposes as if fully set forth herein. Also, the present application is related to co-pending U.S. Provisional Patent Application Nos. 61/428,846, 61/428,851 and 61/428,853, all of which have been filed on Dec. 30, 2010. Applicants hereby incorporate by reference the above-mentioned co-pending provisional applications, which are not admitted to be prior art with respect to the present invention by their mention here or in the background section that follows.
  • BACKGROUND OF THE INVENTION
  • [0002]
    1. Field
  • [0003]
    The following description relates to securing of sensitive data in a mobile terminal.
  • [0004]
    2. Discussion of the Background
  • [0005]
    With the recent advancement in the mobile technology field, the size and weight of mobile terminals became dramatically reduced, thus increasing their portability and accelerating the tendency for a user to carry the mobile terminal at all times. As mobile terminals (e.g. mobile telephones and other mobile devices) are becoming more widely used, mobile terminals have steadily evolved from a mere mobile terminal with communicative functions to a terminal that incorporates various advanced functions, such as electronic mail, computer office application functions, video telephony, and more recently, mobile payment functionalities. While integrating various consumer friendly utilities into the mobile terminal may provide convenience to its user, it also raises security concerns with regard to these mobile terminals.
  • [0006]
    Security concerns associated with the greater usability of mobile terminals may be elevated by improper usage associated with misplacing, loss, theft of these mobile terminals, as well as other mishaps that may be incurred. In order to alleviate these security concerns, various techniques have been proposed for remotely locking mobile terminals to disable their functions, when mobile terminals are misplaced or stolen. With these techniques, if a mobile terminal is to be locked during a normal operating state, its functions can be disabled, thus making it possible to reduce improper usage or the theft of private information stored in the mobile terminal.
  • [0007]
    However, with the advancement of technology, the thieving population has evolved in their intelligence as well. The more educated thieves may easily break into the remotely locked mobile terminals by “jail-breaking” to retrieve sensitive information. Thus, it is no longer enough to merely lock an apparatus or application from usage, more must be done to prevent misappropriation of sensitive data stored within the mobile terminals.
  • [0008]
    Further, with the introduction of a removable secure element (SE), further complication in the security realm has been provided. As many of these SEs, which store sensitive information, may be removed before they can be locked, a simple locking security feature on these devices may not be sufficient.
  • [0009]
    A method of data deletion may be used to provide reliable security. However, currently, the remote data deletion in the SE is limited to SEs conforming to industry standard Short Messaging Service-Point to Point (SMS-PP) protocol or Bearer Independent Protocol (BIP) (i.e. Universal Integrated Circuit Card (UICC) type SEs). In the event the device owner has a SE that does not allow access via the industry standard protocols, such as micro (secure digital) SD cards or embedded SEs (i.e. non-UICC type SEs), remote data deletion in the SE may not feasible.
  • [0010]
    Lastly, even if sensitive stored data has been able to be deleted, there is no easy way to replace the lost data upon recovering/replacing the lost mobile terminal. Thus, even if the mobile terminal storing sensitive information is lost and then replaced, the mobile terminal must be reinstalled with all of the applications and stored data from scratch.
  • SUMMARY
  • [0011]
    Exemplary embodiments of the present invention provide a method for securing information stored in a non-Universal Integrated Circuit Card (UICC) type secure element (SE) over-the-air (OTA). Exemplary embodiments of the present invention also provide a method for authenticating a mobile terminal with a Trusted Service Manager (TSM) and reconstructing a mobile wallet application.
  • [0012]
    Additional features of the invention will be set forth in the description which follows, and in part will be apparent from the description, or may be learned by practice of the invention.
  • [0013]
    Exemplary embodiments of the present invention provide a method for securing information OTA in a non-UICC type SE of a mobile terminal including receiving a request to initialize an OTA proxy of a mobile terminal, initializing the OTA proxy, receiving a request to secure information stored in the SE, and securing, using the OTA proxy, the information stored in the non-UICC type SE.
  • [0014]
    Exemplary embodiments of the present invention provide a method for authenticating a mobile terminal including receiving mobile terminal information and SE information from the mobile terminal; comparing the received information with stored mobile terminal information and SE information; and transmitting a command based on the comparison result.
  • [0015]
    Exemplary embodiments of the present invention provide a method for reconstructing a mobile wallet application of a mobile terminal including receiving a request to reconstruct the mobile wallet application of a user; transmitting stored mobile wallet application information associated with the user to the mobile terminal; receiving mobile terminal information and SE information; and transmitting a stored application associated with the mobile wallet application information to the mobile terminal.
  • [0016]
    Exemplary embodiments of the present invention provide a mobile terminal to secure information over-the-air (OTA) in a non-UICC type SE including an OTA proxy configured to connect to a TSM, and to receive a securing command from the TSM; and a non-UICC type SE.
  • [0017]
    It is to be understood that both foregoing general descriptions and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention as claimed. Other features and aspects will be apparent from the following detailed description, the drawings, and the claims.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • [0018]
    The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention, and together with the description serve to explain the principles of the invention.
  • [0019]
    FIG. 1 is a system diagram of a trusted service manager (TSM) ecosystem according to an exemplary embodiment of the present invention.
  • [0020]
    FIG. 2 is a system diagram illustrating a method for deleting sensitive credit card credentials and related mobile wallet information from the secure element (SE) and the mobile wallet application according to an exemplary embodiment of the present invention.
  • [0021]
    FIG. 3 is a system diagram illustrating a method for synchronizing mobile wallet application to authenticate the mobile terminal and SE accessing the wallet management system according to an exemplary embodiment of the present invention.
  • [0022]
    FIG. 4 is a system diagram illustrating a method for reconstructing the financial information credentials and related mobile wallet application through a push method according to an exemplary embodiment of the present invention.
  • [0023]
    FIG. 5 is a system diagram illustrating a method for reconstructing financial information credentials and related mobile wallet application through a pull method according to an exemplary embodiment of the present invention.
  • DETAILED DESCRIPTION OF THE ILLUSTRATED EMBODIMENTS
  • [0024]
    The invention is described more fully hereinafter with references to the accompanying drawings, in which exemplary embodiments of the invention are shown. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these exemplary embodiments are provided so that this disclosure is thorough, and will fully convey the scope of the invention to those skilled in the art. It will be understood that for the purposes of this disclosure, “at least one of each” will be interpreted to mean any combination the enumerated elements following the respective language, including combination of multiples of the enumerated elements. For example, “at least one of X, Y, and Z” will be construed to mean X only, Y only, Z only, or any combination of two or more items X, Y, and Z (e.g. XYZ, XZ, and YZ). Throughout the drawings and the detailed description, unless otherwise described, the same drawing reference numerals are understood to refer to the same elements, features, and structures. The relative size and depiction of these elements may be exaggerated for clarity, illustration, and convenience.
  • [0025]
    FIG. 1 is a system diagram of a trusted service manager (TSM) ecosystem according to an exemplary embodiment of the present invention.
  • [0026]
    As shown in FIG. 1, an example system employing TSM technology with over-the-air (OTA) proxy provisioning includes a TSM 10; mobile terminal 11; network 15; third party messaging platform 16; financial institution 18; mobile network operator (MNO) 19; handset manufacturer 20; and a card manufacturer 21. Before TSM 10 may be fully utilized by the user and its participants, service providers (SP) such as identified in 18-21 may go through a pre-registration process. In an example, the network 15 may refer to a cellular network, which may include one or more base stations to enable mobile terminal 11 to communicate with other mobile terminals or third party entities. In addition, network 15 may also include any other type of suitable communication network, such as the Internet, traditional wired telephone lines, and other suitable network technologies.
  • [0027]
    The handset manufacturers 20 may include embedded secure element (SE) producers, and card manufacturers 21 may include producers of micro secure digital (SD) SE (i.e. non-Universal Integrated Circuit Card (UICC) SEs). As different SE manufacturer may provide for OTA keys that are different from the OTA keys provided for traditional UICC SE devices, handset manufacturers 20 and card manufacturers 21 may provide their OTA keys to TSM 10 in the pre-registration process mentioned above for future processing. Alternatively, the handset manufacturers 20 and card manufacturers 21 may provide their respective OTA keys upon request without going through the pre-registration process. A more detailed explanation of the pre-registration process is provided in the co-pending application 61/428,853.
  • [0028]
    In an example, OTA proxy may be initialized or configured to be connected with TSM 10 during usage of a mobile wallet application to conserve technical resources. As such, OTA proxy will be in a sleep mode as a default until it is awaken for its utility. To provide for an awakening mechanism, a third party messaging platform 16 (e.g. Cloud to Device Messaging (C2DM)) may be utilized to wake the OTA proxy, which in turn will connect with the TSM 10 for usage. If the TSM 10 sends a message to a third party messaging platform 16 with the wake-up command and identifying information, the third party messaging platform 16 in turn sends a is message to the identified mobile terminal 11 to wake up OTA proxy residing within the mobile terminal 11. Once awake, OTA proxy will connect to the TSM 10 for provisioning or other utility. Alternatively, if desired, OTA proxy may be connected at higher frequencies or continuously to avoid the wake-up process described above.
  • [0029]
    If mobile terminal 11 is equipped with a Near Field Communication (NFC)-enabled chip and provisioned with contactless card applets that may use NFC technology, the owner of the mobile terminal 11 may make a purchase at the NFC enabled Point-of-Sale (POS) merchant by waving the mobile terminal 11 at the corresponding POS device. Subsequently, once a purchase is made with the mobile terminal 11, the acquirer network 23 and payment processor 22 may work together to ensure the payment gets updated at the financial institution 18. This end user application, however, does not involve the described TSM ecosystem and is illustrated to provide a description of a complete ecosystem.
  • [0030]
    A method for deleting of sensitive information, such as credit card credentials, from the SE of the mobile terminal is described below in reference to FIG. 2. While only the method for deletion is described in this exemplary figure, it will be understood other methods for securing sensitive information may be used, such as locking access to information stored in the SE.
  • [0031]
    FIG. 2 is a system diagram illustrating a method for deleting sensitive credit card credentials from the SE. For purposes of the present disclosure, although not illustrated in FIGS. 2-5, it will be understood that any communication that is conducted between the external parties or service providers (18-21), TSM 10, and the mobile terminal 11 is provided through Network 15 as shown in FIG. 1 or other suitable methods. Further, it will be understood that the sensitive information is not limited to credit card information, and the reference to credit card information is used merely as an example for the purposes of this disclosure.
  • [0032]
    As shown in FIG. 2, in step 201, Service Provider (SP), such as Financial Institution 18, makes a request with the identifying information, such as a Mobile Subscriber Integrated Services Digital Network (MSISDN) to delete its credentials (e.g. credit card number, expiration date, security code, personal identification number (PIN)) from the stolen/lost mobile terminal 11. In an example, such a request may be initiated by the owner of the mobile terminal 11 or the individual SP. The request may be specific to the credit card information belonging to a specific SP or it may be to delete the all of credit card information residing in the SE, if not all of the sensitive information stored within the SE. While the request may typically be limited to only the credit card information belonging to the requesting SP, if an agreement is met by various financial institutions, credit card information of other agreeing SPs may be also deleted.
  • [0033]
    Likewise in step 201, the request sent by the SP may be to lock the entire SE containing credit card credentials, or to lock just the respective secure domain within the SE, which stores the respective credit card information. The request for locking or deleting specific security domain or SE may be specified by the SPs or may be catered to meet other business rules/requirements. In addition, while not illustrated in the provided figure, the request to secure the information stored in the SE may be initiated by the mobile terminal 11 owner contacting the TSM 10 directly. Also, the request in step 201 may be initiated by SP by its own volition or in response to a request by the owner of the mobile terminal 11.
  • [0034]
    In step 202, the TSM 10 receives the request from SP and updates the respective mobile terminal account to “delete” status within its database. In addition, TSM 10 conducts an internal query to verify whether the mobile terminal 11 in question has a mobile wallet application 31 installed, such as a SK C&C mobile wallet application 31. In an example, if the TSM 10 determines that a SK C&C mobile wallet application 31 is installed in the respective lost/stolen mobile terminal 11, TSM 10 modifies the request to delete related contactless applets, Wallet Management Application (WMA) 21 credit card credentials residing within the SE (wallet management applets), and the widgets residing within the SK C&C mobile wallet application 31.
  • [0035]
    In addition, TSM 10 makes a determination on the type of SE equipped on the lost/stolen mobile terminal 11. As Micro SD's and Embedded SEs (i.e. non-UICC type SEs) cannot support conventional Subscriber Identity Module Application Toolkit (SAT)/Universal Subscriber Identity Module Application Toolkit (USAT)/Card Application Toolkit (CAT) framework, the deletion command composed by TSM 10 may go through OTA proxy in order to make any deletion of the information stored in the non-UICC type SEs, such as microSDs or embedded SEs. However, OTA proxy may also support SEs supported by traditional SAT/USAT/CAT framework as well, such as UICC, Services Identity Module (SIM), or Universal Subscriber Identity Module (USIM) (herein referred collectively as UICC). A more detailed explanation on the OTA proxy may be found in the co-pending application 61/428,851.
  • [0036]
    Once TSM 10 completes modifying the user account status, a push request is made to mobile push server, such as a Cloud to Device Messaging (C2DM) platform, in step 203.
  • [0037]
    In step 204, the mobile push server pushes the message to wake up the OTA proxy residing in the lost/stolen mobile terminal 11.
  • [0038]
    In step 205, the OTA proxy retrieves mobile terminal 11 and associated SE specific information such as MSISDN and Card Image Number (CIN) and sends them to TSM 10. In an example, SE information may also include Card Reference Number (CRN), Card is Production Life Cycle (CPLC), and Card Serial Number (CSN).
  • [0039]
    Further, although not illustrated, once TSM 10 receives mobile equipment and SE information, TSM 10 checks the status of SE. As processing of stored SE may be based on its status, analysis of SE status and corresponding processes may be conducted prior to accessing the information stored in the SE. More specifically, based on the SE status, some preparation steps may be executed to secure the SE for processing commands received through the OTA proxy. In an example, SE equipped in the mobile terminal 11 may have any of the 3 statuses: operating system (OS) native, initialized, and secured. If the status of the SE is determined to be “secured” no further preparation steps may be executed. The “secured” state for the SE may refer to an intended operating card life cycle state in post issuance. On the other hand, if the status of the SE is determined to be “initialized” then TSM 10 may provide a final issuer master key to secure the SE. The “initialized” state for the SE may refer to an administrative card production state. Lastly, if the status of the SE is determined to be “OS native”, then pre-personalization process may be conducted, which may include providing an initial issuer master key and a final issuer master key to the SE. The “OS native” state for the SE may refer to a status that SE is not initialized by manufacturer's initialization method.
  • [0040]
    After status of the SE has been determined, an analysis of SE type may be performed to determine the type of protocol that should run within OTA proxy in order to provision into the identified SE. If the SE is a UICC type or an embedded type, SE may be accessed to modify the information stored in the SE. Alternatively, if the SE is a Micro SD type, additional process specific protocol may be executed to access or to modify the information stored in the SE. Since a person ordinarily skilled in the art understands what type of protocols may be used to access the Micro SD type, discussion thereof is omitted herein.
  • [0041]
    In step 206, TSM 10 processes the provided information along with the “delete” command and converts them into Application Protocol Data Unit (APDU) commands and sends the converted APDU commands to the OTA proxy.
  • [0042]
    In step 207, OTA proxy relays the received APDU commands to the SE where credit card credentials may reside. Credit card credentials may reside as contactless card applets as well as within a wallet management applet (WMA) 21. Please refer to the co-related application No. 61/428,846 for further details on how a corresponding WMA 21 is created.
  • [0043]
    Once the “delete” command has been processed successfully, results are sent to the OTA proxy in step 208.
  • [0044]
    In step 209, OTA proxy relays the result back to the TSM 10. TSM 10 in turn sends a notification to the SP of the outcome of its request in step 210.
  • [0045]
    The “delete” functionality disclosed in FIG. 2 may be provided if the mobile terminal 11 is powered on and has reception to a network.
  • [0046]
    In FIG. 3, a system diagram is provided for synchronizing the mobile wallet application 31 residing within the mobile terminal 11.
  • [0047]
    In step 301, multiple external parties or SPs may request changes to be made to user's mobile wallet application 31 configuration using the TSM/Wallet Management System (WMS), which may store the master configuration of the user's mobile wallet application 31. For the purposes of this disclosure, the external parties or SPs may include, without limitation, Financial Institutions 18, Mobile Network Operator (MNO) 19, Handset Manufacturer 20, and Card manufacturer 21 (collectively referred to as “service providers” or “SPs”). As the mobile wallet application 31 may not always be on, the TSM/WMS may serve as a central repository to allow various external parties to make change requests without regard to user's login status to the mobile wallet application 31. For example, the respective external parties or SPs may request additional contactless cards to be provisioned to the user's mobile wallet application 31 on their own time without regard to the user's status.
  • [0048]
    Similarly, TSM 10 itself may automatically recognize that the expiration date of a contactless card applet stored in the SE is approaching based on its own internal records and prompt the user to renew the contactless card applet information. In an example, the user of the mobile terminal 11 may be prompted by the mobile wallet application 31 or other suitable methods, such as emails, texts, and voicemails. User may be prompted by the TSM 10 by other methods as well, such as texts, emails, voicemails or other suitable methods of providing notification. In response to the prompt, the user of the mobile terminal 11 may re-provision the respective contactless card applet through the TSM 10 system or by contacting the SP responsible for the soon to be expired contactless card applet.
  • [0049]
    Subsequently, in step 302, when the user logs into the mobile wallet application 31 on the mobile terminal 11, the OTA proxy residing within the mobile wallet application 31 will retrieve specific mobile terminal 11 information and SE specific information (e.g. MSISDN, International Mobile Equipment Identity (IMEI)/Mobile Equipment Identifier (MEID), CIN/Integrated Circuit Card Identification (ICCID)) and send them to TSM 10 for analysis.
  • [0050]
    In step 303, TSM 10 upon receipt of the provided information, conducts an internal verification of the provided information by OTA proxy with the stored information.
  • [0051]
    If it is found that the provided handset information or the SE information conflicts with the registered information, the TSM 10 logs the event and may order the mobile wallet application 31 to lock or delete sensitive information until further verification or clarification can be provided in step 304. Sensitive information may include account specific information related to financial institution 18 that may be stored in the SE, such as credit card numbers, expiration date, personal identification number, and other related information. Further, sensitive information may also include user security information or other private information stored in the SE.
  • [0052]
    In an example, a thief may steal a removable SE, such as a micro SD, from a mobile terminal 11 and use it on a different mobile terminal before the user even realizes the SE is missing from his or her mobile terminal 11. By cross referencing the registered SE with the registered mobile terminal identification, TSM 10 will recognize whether the registered SE is being equipped on different non-registered mobile terminal 11. Further, it should be noted that TSM 10 may handle recognition of inconsistent devices in a different manner than described in step 304. TSM 10 may handle such an event according to the business rules provided by the parties involved, such as opting to prompt the user for a password, security key, or other verification methods.
  • [0053]
    Additional or different directions may be provided by the consumers or SPs in handling such event according to their business rules.
  • [0054]
    This synchronization check may also be conducted when a request is made to provision another contactless card applet 23 or whenever OTA proxy is requested to connect with the TSM 10 or equivalent system.
  • [0055]
    FIG. 4 illustrates an exemplary system diagram of a push system for reconstructing mobile wallet application 31. Once the user has found or replaced the mobile terminal, which may no longer contain all of the previous the user's financial credentials, the user of the device may contact one of the SPs or TSM 10 to reconstruct its mobile wallet application 31 and all of the previously stored contents therein. For the purposes of the present disclosure, mobile wallet application 31 may include the widgets residing within the mobile wallet application 31, contactless card Applet 23 and associated WMA 21 stored in the SE, and an optional OTA proxy. However, a mobile wallet application 31 may include less than all of the elements described herein or more than the elements described herein.
  • [0056]
    In step 401, the user of the mobile terminal 11 contacts SP notifying procurement of a new mobile terminal 11. SP may conduct its own authentication to verify the correct user of the mobile terminal 11. Similarly, the user may also notify MNO 19 or TSM 10 directly as well.
  • [0057]
    Once SP has authenticated the user, SP sends a request to TSM 10 to re-provision the user's new mobile terminal 11 with the SP's contactless application and related credentials in step 402.
  • [0058]
    In step 403, TSM 10 performs an internal check to verify whether the user has any other SP accounts that it had provisioned prior to losing his or her phone. If there are other SP accounts held by the user, a request is made to the respective SPs for its provisioning information.
  • [0059]
    Once SPs receive requests for provisioning information, internal authentication and validation check may be conducted and the necessary information sent to TSM 10 for processing in step 404.
  • [0060]
    In step 405, another internal check is conducted to verify what mobile wallet application 31 the user previously had in his or her mobile terminal 11. The mobile wallet application 31 may include various types, such as a SK C&C mobile wallet application 31 or other mobile wallet applications offered by different manufacturers.
  • [0061]
    In an example, if it is found that the mobile wallet application 31 was previously installed, then the system will retrieve the same version and user preference settings associated with the mobile wallet application 31 to transmit to the user in step 406. The respective mobile wallet application 31 along with its configured user preferences may be sent to the user mobile terminal 11 through a mobile push server prior to moving to step 407. For the purposes of this disclosure, it is assumed the mobile wallet application 31 includes a corresponding OTA proxy, which may be installed by the mobile terminal 11 upon receipt of the application or by a separate process.
  • [0062]
    In step 407, TSM 10 sends a push message to wake up OTA proxy to a mobile push server, such as a C2DM system. In an example, the mobile wallet application 31 may be sent prior to OTA proxy, at the same time as the mobile wallet application 31, or before the mobile wallet application 31.
  • [0063]
    Subsequently, the mobile push server relays the received wake up command to OTA Proxy in step 408.
  • [0064]
    In step 409, the OTA proxy retrieves mobile terminal 11 and SE specific information such as MSISDN and CIN and sends it to TSM 10.
  • [0065]
    Once TSM 10 receives the information sent by OTA Proxy, TSM 10 processes the information along with the provisioning commands and converts them into APDU commands to send over to OTA proxy in step 410. In an example, the provisioning commands may include specific instructions, such as install or delete specific information or application, and account specific information for a contactless card applet, which may be provided by the Financial Institution 18. Also, when account specific information is received for the contactless card applet or other sensitive information, such information may be duplicated to be provisioned into the WMA 21. In addition, a version of the associated widget for the mobile wallet application 31 of the mobile terminal 11 is also obtained by the TSM 10 to be provisioned directly into the wallet application 31.
  • [0066]
    Next, in step 411, OTA proxy relays the received APDU commands to the SE where credit card credentials, contactless applets, may be provisioned. If the user was a previous user of a mobile wallet application 31, APDU commands will be relayed to provision account information corresponding to the contactless applets to be installed within the WMA 21, which is also located within the SE. In addition, corresponding widget application will be installed in the mobile wallet application 31 to provide a graphic display of the installed account.
  • [0067]
    Once the provisioning command has been successfully processed, results are sent back to the OTA proxy in step 412.
  • [0068]
    Subsequently, OTA Proxy relays the results back to the TSM 10 in step 413 and the TSM 10 updates its system with the results of the request.
  • [0069]
    Notification of the outcome of the SP provisioning request is sent to the respective SP(s) in step 414.
  • [0070]
    Similarly to FIG. 4, the user's mobile wallet application 31 may be reconstructed through a pull mechanism, which may be initiated by the mobile terminal 11 owner as illustrated in FIG. 5.
  • [0071]
    In step 501, the owner of the mobile terminal 11 attempts to reinstall the mobile wallet application 31 from the mobile terminal 11 and a request is made from the new or replaced mobile terminal 11. A command request is sent along with mobile identification information to TSM 10.
  • [0072]
    TSM 10 receives the request with its related identification information, and in step 502, an authentication process takes place to verify the user. The requesting user may be verified through a password, security question, social security number, or through other suitable verification methods. Once the user has been correctly identified, a check is conducted for an existing account. If it is found that a mobile wallet application 31 was previously installed, then the system will retrieve the same version and user preference settings related to the mobile wallet application 31 and send to the user in step 503 for downloading. The respective mobile wallet application 31 along with its configured user preferences may be sent to the user mobile terminal 11 through a mobile push server.
  • [0073]
    In an example, if it is determined that the requesting user did not have a mobile wallet application 31 previously, a new account is created in the TSM 10 and a mobile wallet application 31 may be sent to the mobile terminal 11 through a mobile push server. For the purposes of this disclosure, it is assumed the mobile wallet application 31 includes a corresponding OTA proxy, which may be installed by the mobile terminal 11 upon receipt of the application or by a separate process.
  • [0074]
    Next, in step 504, TSM 10 checks the requesting user account for related SP account information. If one or more SP accounts are associated with the requesting user's account, notification may be sent to each SP, requesting provisioning information to be sent to the requesting user. While steps 503 and 504 were configured as separate steps, steps 503 and 504 may be conducted in conjunction or in a reverse order as well. For example, the present disclosure provides for a mobile wallet application 31 and widgets related to the SP separately. However, it may also possible to gather all of the necessary widgets and the mobile wallet application 31 from the SP, so that the TSM 10 can relay both the widgets and the mobile wallet application 31 simultaneously to the user. Alternatively, if TSM 10 is allowed to store account specific information, the mobile wallet application 31 and the widgets may be provided by the TSM 10 without making additional requests to the SPs.
  • [0075]
    Once SPs receive requests for provisioning information, internal authentication and validation check may be conducted and the necessary information sent to TSM 10 for processing in step 505.
  • [0076]
    In step 506, TSM 10 sends a push message to wake up OTA proxy to the mobile push server, such as a C2DM system. While it is illustrated that mobile wallet application 31 is sent prior to OTA proxy, it should be noted that OTA proxy may be sent at the same time as the mobile wallet application 31, or before the mobile wallet application 31 as well.
  • [0077]
    Subsequently, the mobile push server relays the received wake up command to OTA Proxy in step 507.
  • [0078]
    In step 508, the OTA proxy gathers mobile terminal 11 specific information such as MSISDN and CIN along with the provisioning commands and sends it to TSM 10. In an example, the provisioning commands may include specific instructions, such as install or delete specific information or application, and account specific information for a contactless card applet, which may be provided by the Financial Institution 18. Other sensitive information such as a key to the SE may be provided either by the other SPs or the TSM 10. Sensitive information may be provided by the SPs in real-time using the TSM 10 as an intermediary or in advance for storage in the TSM 10.
  • [0079]
    Once TSM 10 receives the information sent by OTA Proxy, TSM 10 processes the information along with the provisioning commands and converts them into APDU commands and sends them to OTA proxy in step 509. Also, if provisioning commands including account specific information of the contactless card applet is received, such information may be duplicated to be provisioned into the WMA 21. In addition, a version of the associated widget for the wallet application 31 is also obtained by the TSM 10 to be provisioned directly into the mobile wallet application 31.
  • [0080]
    Next, in step 510, OTA proxy relays the received APDU commands to the SE where credit card credentials, contactless applets, may be provisioned. If the user was a previous mobile wallet application 31 user, APDU commands may be relayed to provision account information corresponding to the contactless applets to be installed within the WMA 21, which is also located within the SE. In addition, corresponding widget application may be installed in the mobile wallet application 31 to provide a graphic display of the installed account.
  • [0081]
    Once the provisioning command has been successfully processed, results are sent back to the OTA proxy in step 511.
  • [0082]
    Subsequently, OTA Proxy relays the result back to the TSM 10 in step 512 and the TSM 10 will update its system with the result of the request.
  • [0083]
    Notification of the outcome of the SP provisioning request will be sent to the respective SP(s) in step 513.
  • [0084]
    It will be apparent to those skilled in the art that various modifications and variation can be made in the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention cover the modifications and variations of this invention provided they come within the scope of the appended claims and their equivalents.

Claims (33)

  1. 1. A method for securing information in a non-Universal Integrated Circuit Card (UICC) type secure element (SE) of a mobile terminal, comprising:
    receiving a request to initialize an over-the-air (OTA) proxy of a mobile terminal;
    initializing the OTA proxy;
    receiving a request to secure information stored in the SE; and
    securing, using the OTA proxy, the information stored in the SE, wherein the SE is a non-UICC type SE.
  2. 2. The method of claim 1, further comprising:
    requesting installation of the OTA proxy;
    receiving OTA proxy installation information; and
    installing the OTA proxy in the mobile terminal.
  3. 3. The method of claim 2, wherein OTA proxy installation information is received from a Trusted Service Manager (TSM).
  4. 4. The method of claim 3, wherein initializing the OTA proxy comprises:
    waking the OTA proxy; and
    transmitting mobile terminal information and SE information to the TSM,
    wherein the SE information comprises an SE status and an SE type.
  5. 5. The method of claim 1, wherein the request to secure information comprises an Application Protocol Data Unit (APDU) command.
  6. 6. The method of claim 5, wherein securing the requested information in the non-UICC type SE comprises executing the APDU command for securing the requested information, wherein the non-UICC type SE comprises a Micro Secure Digital (SD), an Embedded SE, or a SE that does not support either a Short Message Service Point to Point (SMS-PP) protocol or a Bearer Independent Protocol (BIP).
  7. 7. The method of claim 1, wherein securing the requested information in the SE comprises deleting information stored in the non-UICC type SE.
  8. 8. The method of claim 1, wherein securing the requested information in the SE comprises locking access to information stored in the non-UICC type SE.
  9. 9. The method of claim 1, wherein the request to initialize the OTA proxy is received from a push server.
  10. 10. The method of claim 1, further comprising preparing the SE for securing information before securing the requested information, wherein preparing the SE comprises:
    retrieving mobile terminal information and SE information, wherein the SE information comprises an SE status and an SE type;
    receiving a key based on the SE status; and
    using the key to access the SE.
  11. 11. The method of claim 10, wherein the mobile terminal information comprises at least one of International Mobile Equipment Identity (IMEI), Mobile Equipment Identifier (MEID), and Mobile Subscriber Integrated Services Digital Network Number (MSISDN).
  12. 12. The method of claim 10, wherein the key comprises at least one of an initial issuer master key and a final issuer master key.
  13. 13. The method of claim 12, wherein securing the information stored in the SE comprises providing at least one of the initial issuer master key and the final issuer master key to the SE in response to a determination that the SE status is Operating System (OS) native.
  14. 14. The method of claim 12, wherein securing the information stored in the SE comprises providing the final issuer master key to the SE in response to a determination that SE status is initialized.
  15. 15. The method of claim 10, wherein using the key to access the SE further comprises processing a protocol for enabling provisioning of the SE, the SE type being a Micro Secure Digital (SD) type.
  16. 16. A method for authenticating a mobile terminal, comprising:
    receiving mobile terminal information and secure element (SE) information from the mobile terminal;
    comparing the received information with stored mobile terminal information and SE information; and
    transmitting a command based on the comparison result.
  17. 17. The method of claim 16, wherein the mobile terminal information comprises at least one of International Mobile Equipment Identity (IMEI), Mobile Equipment Identifier (MEID), and Mobile Subscriber Integrated Services Digital Network Number (MSISDN).
  18. 18. The method of claim 16, wherein the SE information comprises at least one of Card Image Number (CIN), Card Reference Number (CRN), Card Production Life Cycle (CPLC), and Card Serial Number (CSN).
  19. 19. The method of claim 16, wherein transmitting a command based on the comparison result comprises transmitting a command to delete information stored in the SE of the mobile terminal, in response to the received information being different from the stored information.
  20. 20. The method of claim 19, wherein the SE is a non-Universal Integrated Circuit Card (UICC) type SE.
  21. 21. The method of claim 16, wherein transmitting a command based on the comparison result comprises transmitting a command to lock access to the information stored in the SE of the mobile terminal, in response to the received information being different from the stored information.
  22. 22. The method of claim 21, wherein the SE is non-UICC type SE.
  23. 23. A method for reconstructing a mobile wallet application of a mobile terminal, comprising:
    receiving a request to reconstruct the mobile wallet application of a user;
    transmitting stored mobile wallet application information associated with the user to the mobile terminal;
    receiving mobile terminal information and secure element (SE) information; and
    transmitting a stored application associated with the mobile wallet application information to the mobile terminal.
  24. 24. The method of claim 23, wherein transmitting stored mobile wallet application information associated with the user to the mobile terminal comprises transmitting an over-the-air (OTA) proxy application associated with the user.
  25. 25. The method of claim 23, wherein transmitting stored mobile wallet application information associated with the user to the mobile terminal comprises transmitting an OTA proxy application associated with the mobile wallet application information.
  26. 26. The method of claim 23, wherein receiving a request to reconstruct the mobile wallet application comprises receiving identifying information associated with the user.
  27. 27. The method of claim 23, wherein the stored application information associated with the mobile wallet application comprises at least one of a contactless card applet, a wallet management applet, and a widget application for interfacing the user.
  28. 28. A mobile terminal to secure information over-the-air (OTA) in a non-Universal Integrated Circuit Card (UICC) type secure element (SE), comprising:
    an OTA proxy configured to connect to a Trusted Service Manager (TSM), and to receive a securing command from the TSM; and
    a non-UICC type SE.
  29. 29. The mobile terminal of claim 28, wherein the securing command is a command to delete information stored in the non-UICC type SE or to lock access to information stored in the non-UICC type SE.
  30. 30. The mobile terminal of claim 28, wherein the OTA proxy is configured to transmit mobile terminal information and SE information to the TSM, wherein the SE information comprises an SE status and an SE type.
  31. 31. The mobile terminal of claim 30, wherein the OTA proxy is further configured to receive a key from the TSM to access the SE based on the SE information sent to the TSM, wherein the key comprises at least one of an initial issuer master key and a final issuer master key.
  32. 32. The mobile terminal of claim 30, wherein the OTA proxy is further configured to receive a protocol to prepare the SE to be provisioned, the SE type being a Micro Secure Digital (SD) type.
  33. 33. The mobile terminal of claim 28, wherein the non-UICC type SE comprises:
    a contactless card applet; and
    a wallet management applet corresponding to the contactless card applet, wherein the wallet management applet comprises at least one of an account number associated with the contactless card applet, an expiration date, and a security code.
US13310063 2010-12-30 2011-12-02 System and method for secure containment of sensitive financial information stored in a mobile communication terminal Abandoned US20120171992A1 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
US201061428853 true 2010-12-30 2010-12-30
US201061428852 true 2010-12-30 2010-12-30
US201061428851 true 2010-12-30 2010-12-30
US201061428846 true 2010-12-30 2010-12-30
US13310063 US20120171992A1 (en) 2010-12-30 2011-12-02 System and method for secure containment of sensitive financial information stored in a mobile communication terminal

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US13310063 US20120171992A1 (en) 2010-12-30 2011-12-02 System and method for secure containment of sensitive financial information stored in a mobile communication terminal
PCT/KR2011/009867 WO2012091350A3 (en) 2010-12-30 2011-12-20 System and method for secure containment of sensitive financial information stored in a mobile communication terminal
EP20110852733 EP2659694A4 (en) 2010-12-30 2011-12-20 System and method for secure containment of sensitive financial information stored in a mobile communication terminal
CN 201180061627 CN103270782B (en) 2010-12-30 2011-12-20 System and method for secure containers for sensitive financial information stored in the mobile communication terminal
KR20137019430A KR101514753B1 (en) 2010-12-30 2011-12-20 System and method for secure containment of sensitive financial information stored in a mobile communication terminal

Publications (1)

Publication Number Publication Date
US20120171992A1 true true US20120171992A1 (en) 2012-07-05

Family

ID=46381172

Family Applications (4)

Application Number Title Priority Date Filing Date
US13310063 Abandoned US20120171992A1 (en) 2010-12-30 2011-12-02 System and method for secure containment of sensitive financial information stored in a mobile communication terminal
US13310091 Active 2033-02-20 US8843125B2 (en) 2010-12-30 2011-12-02 System and method for managing mobile wallet and its related credentials
US13310308 Active 2033-04-06 US9191813B2 (en) 2010-12-30 2011-12-02 System and method for managing OTA provisioning applications through use of profiles and data preparation
US13310344 Active 2032-05-17 US9161218B2 (en) 2010-12-30 2011-12-02 System and method for provisioning over the air of confidential information on mobile communicative devices with non-UICC secure elements

Family Applications After (3)

Application Number Title Priority Date Filing Date
US13310091 Active 2033-02-20 US8843125B2 (en) 2010-12-30 2011-12-02 System and method for managing mobile wallet and its related credentials
US13310308 Active 2033-04-06 US9191813B2 (en) 2010-12-30 2011-12-02 System and method for managing OTA provisioning applications through use of profiles and data preparation
US13310344 Active 2032-05-17 US9161218B2 (en) 2010-12-30 2011-12-02 System and method for provisioning over the air of confidential information on mobile communicative devices with non-UICC secure elements

Country Status (1)

Country Link
US (4) US20120171992A1 (en)

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102917061A (en) * 2012-10-19 2013-02-06 北京奇虎科技有限公司 Resource synchronization method and system
US20130171929A1 (en) * 2011-12-28 2013-07-04 Research In Motion Limited Mobile communications device providing near field communication (nfc) card issuance features and related methods
WO2013097038A1 (en) * 2011-12-28 2013-07-04 Research In Motion Limited Mobile communications device providing near field communication (nfc) card issuance features and related methods
US20130173736A1 (en) * 2011-12-29 2013-07-04 the Province of Ontario, Canada) Communications system providing enhanced trusted service manager (tsm)verification features and related methods
US8538845B2 (en) 2011-06-03 2013-09-17 Mozido, Llc Monetary transaction system
US20140089261A1 (en) * 2012-09-25 2014-03-27 Selim Aissi System and Method for Maintaining Device State Coherency
JP2014123224A (en) * 2012-12-20 2014-07-03 Toppan Printing Co Ltd Terminal device and expiry date update method
CN103944907A (en) * 2014-04-25 2014-07-23 天地融科技股份有限公司 Data updating method and system
CN104038523A (en) * 2013-03-07 2014-09-10 联想(北京)有限公司 Method and device for storing information
US20140279566A1 (en) * 2013-03-15 2014-09-18 Samsung Electronics Co., Ltd. Secure mobile payment using media binding
WO2014189569A1 (en) * 2013-05-21 2014-11-27 Jvl Ventures, Llc Systems, methods, and computer program products for managing states
WO2014190445A3 (en) * 2013-05-29 2015-01-22 Kaba Ag Method for managing media for wireless communication
US20150223061A1 (en) * 2011-12-29 2015-08-06 Gemalto Sa Method for initiating an ota session
US20150319152A1 (en) * 2014-05-01 2015-11-05 At&T Intellectual Property I, Lp Apparatus and method for managing security domains for a universal integrated circuit card
US9208488B2 (en) 2011-11-21 2015-12-08 Mozido, Inc. Using a mobile wallet infrastructure to support multiple mobile wallet providers
US20150373535A1 (en) * 2014-06-24 2015-12-24 Huawei Technologies Co., Ltd. Method, Apparatus, and System for Managing Device
CN105227681A (en) * 2015-10-28 2016-01-06 北京知易普道技术有限责任公司 Pushing server and display terminal
US9479571B2 (en) 2012-09-18 2016-10-25 Google Inc. Systems, methods, and computer program products for interfacing multiple service provider trusted service managers and secure elements
US20160337290A1 (en) * 2014-01-10 2016-11-17 Huawei Technologies Co., Ltd. Message Push Method and Apparatus
EP3104635A1 (en) * 2015-06-09 2016-12-14 Deutsche Telekom AG Method for an improved installation of a secure-element-related service application in a secure element being located in a communication device, system and telecommunications network for an improved installation of a secure-element-related service application in a secure element being located in a communication device, program comprising a computer readable program code, and computer program product
US9544759B2 (en) 2011-11-01 2017-01-10 Google Inc. Systems, methods, and computer program products for managing states
EP3053081A4 (en) * 2013-09-30 2017-03-01 Google Inc Systems, methods, and computer program products for securely managing data on a secure element
US9652628B2 (en) 2011-11-01 2017-05-16 Google Inc. Systems, methods, and computer program products for interfacing multiple service provider trusted service managers and secure elements
WO2017160814A1 (en) * 2016-03-14 2017-09-21 Jpmorgan Chase Bank, N.A. Systems and methods for device authentication
EP3262583A4 (en) * 2015-02-27 2018-01-03 Samsung Electronics Co Ltd Method and device for controlling payment function
US9942227B2 (en) 2013-11-01 2018-04-10 At&T Intellectual Property I, L.P. Apparatus and method for secure over the air programming of a communication device

Families Citing this family (51)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130268437A1 (en) 2005-10-06 2013-10-10 C-Sam, Inc. Secure ecosystem infrastructure enabling multiple types of electronic wallets in an ecosystem of issuers, service providers, and acquires of instruments
CA2962648A1 (en) 2005-10-06 2007-04-19 Mastercard Mobile Transactions Solutions, Inc. Three-dimensional transaction authentication
US20140089185A1 (en) * 2005-10-06 2014-03-27 C-Sam, Inc. Isolating distinct service provider widgets within a wallet container
US20140279479A1 (en) * 2011-10-12 2014-09-18 C-Sam, Inc. Nfc paired bluetooth e-commerce
US20120317035A1 (en) * 2009-01-22 2012-12-13 First Data Corporation Processing transactions with an extended application id and dynamic cryptograms
US20100185545A1 (en) * 2009-01-22 2010-07-22 First Data Corporation Dynamic primary account number (pan) and unique key per card
EP2336986A1 (en) * 2009-12-17 2011-06-22 Gemalto SA Method of personalizing an application embedded in a secured electronic token
US9059980B2 (en) 2011-05-26 2015-06-16 First Data Corporation Systems and methods for authenticating mobile devices
US20130019195A1 (en) * 2011-07-12 2013-01-17 Oracle International Corporation Aggregating multiple information sources (dashboard4life)
CN104106276A (en) * 2011-10-12 2014-10-15 施萨姆公司 Multi-tiered secure mobile transactions enabling platform
US8918855B2 (en) * 2011-12-09 2014-12-23 Blackberry Limited Transaction provisioning for mobile wireless communications devices and related methods
EP2800022A4 (en) * 2011-12-30 2015-09-09 Mozido Corfire Korea Ltd System and method for controlling applet access
WO2013100636A1 (en) 2011-12-30 2013-07-04 에스케이씨앤씨 주식회사 Master tsm
US20130254028A1 (en) * 2012-03-22 2013-09-26 Corbuss Kurumsal Telekom Hizmetleri A.S. System and method for conducting mobile commerce
US8838174B2 (en) 2012-05-04 2014-09-16 Apple Inc. Device initiated card provisioning via bearer independent protocol
US9137656B2 (en) * 2012-06-27 2015-09-15 Rogers Communications Inc. System and method for remote provisioning of embedded universal integrated circuit cards
US8843398B2 (en) * 2012-07-23 2014-09-23 Wal-Mart Stores, Inc. Transferring digital receipt data to mobile devices
US8738454B2 (en) * 2012-07-23 2014-05-27 Wal-Mart Stores, Inc. Transferring digital receipt data to mobile devices
US9842333B2 (en) 2012-07-23 2017-12-12 Wal-Mart Stores, Inc. Transferring digital receipt data to mobile devices
DE102012016164A1 (en) * 2012-08-14 2014-02-20 Giesecke & Devrient Gmbh Security element and method of installation of data in the security element
JP2014072760A (en) * 2012-09-28 2014-04-21 Fujitsu Mobile Communications Ltd Control program, wireless terminal device, and control method
WO2014069871A1 (en) * 2012-10-29 2014-05-08 주식회사 케이티 Method of changing entity managing subscriber authentication module and device using same
US8959331B2 (en) 2012-11-19 2015-02-17 At&T Intellectual Property I, Lp Systems for provisioning universal integrated circuit cards
KR101436872B1 (en) * 2012-11-29 2014-09-02 에스케이씨앤씨 주식회사 Method and System for Information Management in Secure Element
US9594896B2 (en) * 2012-12-21 2017-03-14 Blackberry Limited Two factor authentication using near field communications
US9947001B2 (en) 2013-03-15 2018-04-17 Mastercard International Incorporated System and method for using multiple payment accounts using a single payment device
CN105103174A (en) * 2013-04-05 2015-11-25 维萨国际服务协会 Systems, methods and devices for transacting
US9052891B2 (en) 2013-05-14 2015-06-09 International Business Machines Corporation Declarative configuration and execution of card content management operations for trusted service manager
KR20140147487A (en) * 2013-06-20 2014-12-30 삼성전자주식회사 Method and apparatus for combining different kind of wallets on a mobile device
KR20150001875A (en) * 2013-06-26 2015-01-07 삼성전자주식회사 Method and apparatus for transmitting wallets between mobile devices
CN105359192A (en) * 2013-07-02 2016-02-24 诺基亚技术有限公司 Method and apparatus for mobile ticketing
US9036820B2 (en) 2013-09-11 2015-05-19 At&T Intellectual Property I, Lp System and methods for UICC-based secure communication
US9124573B2 (en) 2013-10-04 2015-09-01 At&T Intellectual Property I, Lp Apparatus and method for managing use of secure tokens
WO2015054206A1 (en) * 2013-10-10 2015-04-16 Jvl Ventures, Llc Systems, methods, and computer program products for managing communications
US9208300B2 (en) 2013-10-23 2015-12-08 At&T Intellectual Property I, Lp Apparatus and method for secure authentication of a communication device
US9240994B2 (en) 2013-10-28 2016-01-19 At&T Intellectual Property I, Lp Apparatus and method for securely managing the accessibility to content and applications
US9313660B2 (en) 2013-11-01 2016-04-12 At&T Intellectual Property I, Lp Apparatus and method for secure provisioning of a communication device
CN105934771A (en) 2013-11-19 2016-09-07 维萨国际服务协会 Automated account provisioning
US9525997B2 (en) 2013-11-25 2016-12-20 At&T Intellectual Property I, L.P. Method and apparatus for managing international mobile subscriber identity
US9384485B1 (en) * 2013-11-26 2016-07-05 American Express Travel Related Services Company, Inc. Systems and methods for rapidly provisioning functionality to one or more mobile communication devices
US9413759B2 (en) 2013-11-27 2016-08-09 At&T Intellectual Property I, Lp Apparatus and method for secure delivery of data from a communication device
US9825944B2 (en) 2014-01-24 2017-11-21 Microsoft Technology Licensing, Llc Secure cryptoprocessor for authorizing connected device requests
US9652770B1 (en) 2014-04-30 2017-05-16 Wells Fargo Bank, N.A. Mobile wallet using tokenized card systems and methods
EP3140795A4 (en) * 2014-05-07 2017-11-01 Visa Int Service Ass Enhanced data interface for contactless communications
CN105659662A (en) * 2014-09-29 2016-06-08 华为技术有限公司 Distribution method and apparatus
US20160124924A1 (en) * 2014-10-09 2016-05-05 Wrap Media, LLC Displaying a wrap package of cards within an overlay window embedded in an application or web page
US9509825B2 (en) * 2014-12-07 2016-11-29 Chon Hock LEOW System and method of secure personal identification
KR20160105261A (en) * 2015-02-27 2016-09-06 삼성전자주식회사 Method and apparatus for providing card service using electronic device
GB201509182D0 (en) * 2015-05-28 2015-07-15 Vodafone Ip Licensing Ltd Setting a password an a device
US9942747B2 (en) * 2015-08-07 2018-04-10 At&T Mobility Ii Llc Dynamic utilization of services by a temporary device
RU2651251C1 (en) * 2017-04-28 2018-04-18 АО "Лаборатория Касперского" Method of downloading filtering rules to mobile device

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080126145A1 (en) * 2006-07-06 2008-05-29 Firethorn Holdings, Llc Methods and Systems For Distribution of a Mobile Wallet for a Mobile Device
US20090124234A1 (en) * 2007-11-14 2009-05-14 Mobile Candy Dish, Inc. Method and system for securing transactions made through a mobile communication device
US20100275269A1 (en) * 2007-10-20 2010-10-28 Andras Vilmos Procedure for the preparation and performing of a post issuance process on a secure element
US20100291904A1 (en) * 2009-05-13 2010-11-18 First Data Corporation Systems and methods for providing trusted service management services
US20100323681A1 (en) * 2007-11-06 2010-12-23 Gemalto S/A Sharing or reselling nfc applications among mobile communication devices
US20120095852A1 (en) * 2010-10-15 2012-04-19 John Bauer Method and system for electronic wallet access
US20120108204A1 (en) * 2010-10-28 2012-05-03 Schell Stephan V Management systems for multiple access control entities
US8666366B2 (en) * 2007-06-22 2014-03-04 Apple Inc. Device activation and access
US8768845B1 (en) * 2009-02-16 2014-07-01 Sprint Communications Company L.P. Electronic wallet removal from mobile electronic devices

Family Cites Families (64)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5221838A (en) 1990-12-24 1993-06-22 Motorola, Inc. Electronic wallet
US6157859A (en) * 1996-05-16 2000-12-05 Sulzer Intermedics, Inc. Upgradable implantable medical device with post-shock pacing and redraw functions
US6148405A (en) 1997-11-10 2000-11-14 Phone.Com, Inc. Method and system for secure lightweight transactions in wireless data networks
JP4176181B2 (en) 1998-03-13 2008-11-05 富士通株式会社 Electronic wallet management system, terminal device, and an electronic wallet management program and computer readable recording medium
US6199762B1 (en) 1998-05-06 2001-03-13 American Express Travel Related Services Co., Inc. Methods and apparatus for dynamic smartcard synchronization and personalization
US6487403B2 (en) 1999-08-19 2002-11-26 Verizon Laboratories Inc. Wireless universal provisioning device
WO2001017296A1 (en) * 1999-08-27 2001-03-08 Telefonaktiebolaget Lm Ericsson (Publ) Arrangement for effecting secure transactions in a communication device
US7233926B2 (en) 2000-03-07 2007-06-19 Thomson Licensing Electronic wallet system with secure inter-purses operations
US6961858B2 (en) 2000-06-16 2005-11-01 Entriq, Inc. Method and system to secure content for distribution via a network
US7155411B1 (en) 2000-09-28 2006-12-26 Microsoft Corporation Integrating payment accounts and an electronic wallet
US7065341B2 (en) 2000-11-16 2006-06-20 Telefonaktiebolaget Lm Ericsson (Publ) User authentication apparatus, controlling method thereof, and network system
US6950939B2 (en) 2000-12-08 2005-09-27 Sony Corporation Personal transaction device with secure storage on a removable memory device
US20140089185A1 (en) * 2005-10-06 2014-03-27 C-Sam, Inc. Isolating distinct service provider widgets within a wallet container
US7236742B2 (en) 2001-06-18 2007-06-26 Brigham Young University System and method for wireless data transfer for a mobile unit
US6976241B2 (en) * 2001-11-14 2005-12-13 Intel Corporation Cross platform administrative framework
US7149545B2 (en) 2002-05-30 2006-12-12 Nokia Corporation Method and apparatus for facilitating over-the-air activation of pre-programmed memory devices
CN1675879A (en) * 2002-06-07 2005-09-28 索尼株式会社 Data processing system, data processing device, data processing method, and computer program
US7822688B2 (en) 2002-08-08 2010-10-26 Fujitsu Limited Wireless wallet
US7426057B2 (en) * 2003-02-19 2008-09-16 Canon Kabushiki Kaisha Document processing method
GB2398707B (en) 2003-02-21 2005-03-30 Schlumberger Holdings Authentication method for enabling a user of a mobile station to access to private data or services
WO2004098219A1 (en) 2003-04-29 2004-11-11 Sony Ericsson Mobile Communications Ab Mobile apparatus with remote lock and control function
WO2004105359A3 (en) 2003-05-19 2005-06-02 Einar Rosenberg An apparatus and method for increased security of wireless transactions
CN1823494B (en) * 2003-07-14 2011-11-16 纳格拉影像股份有限公司 Method for securing an electronic certificate
US20050071419A1 (en) * 2003-09-26 2005-03-31 Lewontin Stephen Paul System, apparatus, and method for providing Web services using wireless push
CN1906629A (en) * 2003-11-26 2007-01-31 支付点公司 Secure payment system
US7146159B1 (en) 2003-12-23 2006-12-05 Sprint Communications Company L.P. Over-the-air card provisioning system and method
CA2495949A1 (en) 2004-02-05 2005-08-05 Simon Law Secure wireless authorization system
WO2006032993A3 (en) 2004-09-23 2006-06-22 Axalto Sa System and method for communication with universal integrated circuit cards in mobile devices using internet protocols.
US7490775B2 (en) 2004-12-30 2009-02-17 Aol Llc, A Deleware Limited Liability Company Intelligent identification of multimedia content for synchronization
US7628322B2 (en) 2005-03-07 2009-12-08 Nokia Corporation Methods, system and mobile device capable of enabling credit card personalization using a wireless network
JP2006261990A (en) 2005-03-16 2006-09-28 Fujitsu Ltd Mobile terminal and remote lock program
CN100583118C (en) * 2005-10-13 2010-01-20 株式会社Ntt都科摩 Mobile terminal, access control management device, and access control management method
US7819307B2 (en) 2005-10-27 2010-10-26 Hewlett-Packard Development Company, L.P. Method and system for managing monetary value on a mobile device
US7689205B2 (en) 2005-12-23 2010-03-30 Morgan Stanley Systems and methods for configuration of mobile computing devices
US20070150246A1 (en) * 2005-12-28 2007-06-28 Microsoft Corporation Context-Supported Structures in a Modeling Language
US8467766B2 (en) 2006-07-06 2013-06-18 Qualcomm Incorporated Methods and systems for managing payment sources in a mobile environment
US9911114B2 (en) 2006-07-06 2018-03-06 Qualcomm Incorporated Methods and systems for making a payment via a stored value card in a mobile environment
US7711392B2 (en) 2006-07-14 2010-05-04 Research In Motion Limited System and method to provision a mobile device
US7822439B2 (en) 2006-08-14 2010-10-26 Sandisk Il Ltd. System for sharing credentials
US7708194B2 (en) 2006-08-23 2010-05-04 Verizon Patent And Licensing Inc. Virtual wallet
US7469151B2 (en) 2006-09-01 2008-12-23 Vivotech, Inc. Methods, systems and computer program products for over the air (OTA) provisioning of soft cards on devices with wireless communications capabilities
EP2080387A4 (en) * 2006-10-17 2011-05-25 Avega Systems Pty Ltd Configuring and connecting to a media wireless network
US20080134165A1 (en) * 2006-12-01 2008-06-05 Lori Anderson Methods and apparatus for software provisioning of a network device
US7527208B2 (en) 2006-12-04 2009-05-05 Visa U.S.A. Inc. Bank issued contactless payment card used in transit fare collection
US20080208742A1 (en) 2007-02-22 2008-08-28 First Data Corporation Provisioning of a device for mobile commerce
US7840687B2 (en) * 2007-07-11 2010-11-23 Intel Corporation Generic bootstrapping protocol (GBP)
WO2009016540A3 (en) 2007-08-01 2009-04-30 Nxp Bv Mobile communication device and method for disabling applications
EP2043016A1 (en) * 2007-09-27 2009-04-01 Nxp B.V. Method, system, trusted service manager, service provider and memory element for managing access rights for trusted applications
US7707113B1 (en) 2007-09-28 2010-04-27 Sprint Communications Company L.P. Method and system for setting levels of electronic wallet security
US7822840B2 (en) * 2007-10-23 2010-10-26 International Business Machines Corporation Method and apparatus for dynamic web service client application update
US7689508B2 (en) 2007-11-20 2010-03-30 Wells Fargo Bank N.A. Mobile device credit account
US9113338B2 (en) 2007-12-07 2015-08-18 Orange Method of controlling applications installed on a security module associated with a mobile terminal, and an associated security module, mobile terminal, and server
US8312270B1 (en) * 2007-12-17 2012-11-13 Trend Micro, Inc. DHCP-based security policy enforcement system
US20090307140A1 (en) 2008-06-06 2009-12-10 Upendra Mardikar Mobile device over-the-air (ota) registration and point-of-sale (pos) payment
US8504032B2 (en) * 2008-06-12 2013-08-06 At&T Intellectual Property I, L.P. Femtocell service registration, activation, and provisioning
US20100211507A1 (en) 2008-09-22 2010-08-19 Christian Aabye Over the air update of payment transaction data stored in secure memory
US8725574B2 (en) 2008-11-17 2014-05-13 Mastercard International Incorporated Methods and systems for payment account issuance over a mobile network
US20100125495A1 (en) 2008-11-17 2010-05-20 Smith Steven M System and method of providing a mobile wallet at a mobile telephone
US8615466B2 (en) 2008-11-24 2013-12-24 Mfoundry Method and system for downloading information into a secure element of an electronic device
US20100211499A1 (en) * 2009-02-13 2010-08-19 Bank Of America Corporation Systems, methods and computer program products for optimizing routing of financial payments
US20100306076A1 (en) 2009-05-29 2010-12-02 Ebay Inc. Trusted Integrity Manager (TIM)
US9734496B2 (en) 2009-05-29 2017-08-15 Paypal, Inc. Trusted remote attestation agent (TRAA)
US20110078081A1 (en) 2009-09-30 2011-03-31 Kiushan Pirzadeh Mobile payment application architecture
US9419956B2 (en) * 2010-03-22 2016-08-16 Bank Of America Corporation Systems and methods for authenticating a user for accessing account information using a web-enabled device

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080126145A1 (en) * 2006-07-06 2008-05-29 Firethorn Holdings, Llc Methods and Systems For Distribution of a Mobile Wallet for a Mobile Device
US8666366B2 (en) * 2007-06-22 2014-03-04 Apple Inc. Device activation and access
US20100275269A1 (en) * 2007-10-20 2010-10-28 Andras Vilmos Procedure for the preparation and performing of a post issuance process on a secure element
US20100323681A1 (en) * 2007-11-06 2010-12-23 Gemalto S/A Sharing or reselling nfc applications among mobile communication devices
US20090124234A1 (en) * 2007-11-14 2009-05-14 Mobile Candy Dish, Inc. Method and system for securing transactions made through a mobile communication device
US8768845B1 (en) * 2009-02-16 2014-07-01 Sprint Communications Company L.P. Electronic wallet removal from mobile electronic devices
US20100291904A1 (en) * 2009-05-13 2010-11-18 First Data Corporation Systems and methods for providing trusted service management services
US20120095852A1 (en) * 2010-10-15 2012-04-19 John Bauer Method and system for electronic wallet access
US20120108204A1 (en) * 2010-10-28 2012-05-03 Schell Stephan V Management systems for multiple access control entities

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Calypso Networks Association WG1, Calypso Specification, 01/28/2009 *

Cited By (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9892386B2 (en) 2011-06-03 2018-02-13 Mozido, Inc. Monetary transaction system
US8538845B2 (en) 2011-06-03 2013-09-17 Mozido, Llc Monetary transaction system
US9652628B2 (en) 2011-11-01 2017-05-16 Google Inc. Systems, methods, and computer program products for interfacing multiple service provider trusted service managers and secure elements
US9544759B2 (en) 2011-11-01 2017-01-10 Google Inc. Systems, methods, and computer program products for managing states
US9928382B2 (en) 2011-11-01 2018-03-27 Google Llc Systems, methods, and computer program products for managing secure elements
US9208488B2 (en) 2011-11-21 2015-12-08 Mozido, Inc. Using a mobile wallet infrastructure to support multiple mobile wallet providers
WO2013097038A1 (en) * 2011-12-28 2013-07-04 Research In Motion Limited Mobile communications device providing near field communication (nfc) card issuance features and related methods
US20130171929A1 (en) * 2011-12-28 2013-07-04 Research In Motion Limited Mobile communications device providing near field communication (nfc) card issuance features and related methods
US9154903B2 (en) * 2011-12-28 2015-10-06 Blackberry Limited Mobile communications device providing near field communication (NFC) card issuance features and related methods
US20130173736A1 (en) * 2011-12-29 2013-07-04 the Province of Ontario, Canada) Communications system providing enhanced trusted service manager (tsm)verification features and related methods
US9402180B2 (en) * 2011-12-29 2016-07-26 Gemalto Sa Method for initiating an OTA session
US9077769B2 (en) * 2011-12-29 2015-07-07 Blackberry Limited Communications system providing enhanced trusted service manager (TSM) verification features and related methods
US20150223061A1 (en) * 2011-12-29 2015-08-06 Gemalto Sa Method for initiating an ota session
US9479571B2 (en) 2012-09-18 2016-10-25 Google Inc. Systems, methods, and computer program products for interfacing multiple service provider trusted service managers and secure elements
US9633098B2 (en) * 2012-09-25 2017-04-25 Visa International Service Association System and method for maintaining device state coherency
US20140089261A1 (en) * 2012-09-25 2014-03-27 Selim Aissi System and Method for Maintaining Device State Coherency
CN102917061A (en) * 2012-10-19 2013-02-06 北京奇虎科技有限公司 Resource synchronization method and system
JP2014123224A (en) * 2012-12-20 2014-07-03 Toppan Printing Co Ltd Terminal device and expiry date update method
CN104038523A (en) * 2013-03-07 2014-09-10 联想(北京)有限公司 Method and device for storing information
US20140279566A1 (en) * 2013-03-15 2014-09-18 Samsung Electronics Co., Ltd. Secure mobile payment using media binding
WO2014189569A1 (en) * 2013-05-21 2014-11-27 Jvl Ventures, Llc Systems, methods, and computer program products for managing states
WO2014190445A3 (en) * 2013-05-29 2015-01-22 Kaba Ag Method for managing media for wireless communication
EP3053081A4 (en) * 2013-09-30 2017-03-01 Google Inc Systems, methods, and computer program products for securely managing data on a secure element
US9942227B2 (en) 2013-11-01 2018-04-10 At&T Intellectual Property I, L.P. Apparatus and method for secure over the air programming of a communication device
US20160337290A1 (en) * 2014-01-10 2016-11-17 Huawei Technologies Co., Ltd. Message Push Method and Apparatus
CN103944907A (en) * 2014-04-25 2014-07-23 天地融科技股份有限公司 Data updating method and system
US20150319152A1 (en) * 2014-05-01 2015-11-05 At&T Intellectual Property I, Lp Apparatus and method for managing security domains for a universal integrated circuit card
US9713006B2 (en) * 2014-05-01 2017-07-18 At&T Intellectual Property I, Lp Apparatus and method for managing security domains for a universal integrated circuit card
US9967247B2 (en) * 2014-05-01 2018-05-08 At&T Intellectual Property I, L.P. Apparatus and method for managing security domains for a universal integrated circuit card
US20150373535A1 (en) * 2014-06-24 2015-12-24 Huawei Technologies Co., Ltd. Method, Apparatus, and System for Managing Device
EP3262583A4 (en) * 2015-02-27 2018-01-03 Samsung Electronics Co Ltd Method and device for controlling payment function
EP3104635A1 (en) * 2015-06-09 2016-12-14 Deutsche Telekom AG Method for an improved installation of a secure-element-related service application in a secure element being located in a communication device, system and telecommunications network for an improved installation of a secure-element-related service application in a secure element being located in a communication device, program comprising a computer readable program code, and computer program product
CN105227681A (en) * 2015-10-28 2016-01-06 北京知易普道技术有限责任公司 Pushing server and display terminal
WO2017160814A1 (en) * 2016-03-14 2017-09-21 Jpmorgan Chase Bank, N.A. Systems and methods for device authentication

Also Published As

Publication number Publication date Type
US20120172089A1 (en) 2012-07-05 application
US9161218B2 (en) 2015-10-13 grant
US20120174189A1 (en) 2012-07-05 application
US8843125B2 (en) 2014-09-23 grant
US20120172026A1 (en) 2012-07-05 application
US9191813B2 (en) 2015-11-17 grant

Similar Documents

Publication Publication Date Title
US20130227646A1 (en) Methods and apparatus for large scale distribution of electronic access clients
US20130173736A1 (en) Communications system providing enhanced trusted service manager (tsm)verification features and related methods
US8126506B2 (en) System and method for securely managing data stored on mobile devices, such as enterprise mobility data
US20140140507A1 (en) Method for changing mno in embedded sim on basis of dynamic key generation and embedded sim and recording medium therefor
US20120252411A1 (en) Continuous voice authentication for a mobile device
US20120300938A1 (en) Systems and Methods for Authenticating Mobile Devices
US20140256251A1 (en) Secure nfc data authentication
US20120130839A1 (en) Mobile devices for commerce over unsecured networks
US20140134981A1 (en) Method for changing mno in embedded sim on basis of special privilege, and embedded sim and recording medium therefor
US20120130838A1 (en) Method and apparatus for personalizing secure elements in mobile devices
US20120129452A1 (en) Method and apparatus for provisioning applications in mobile devices
US20130166456A1 (en) System and Method for Remote Payment Based on Mobile Terminal
US20090307142A1 (en) Trusted service manager (tsm) architectures and methods
US20130151400A1 (en) Integrated mobile trusted service manager
US20090204815A1 (en) System and method for wireless device based user authentication
US20130041831A1 (en) Secure and shareable payment system using trusted personal device
US20130152185A1 (en) Transaction provisioning for mobile wireless communications devices and related methods
US20120123868A1 (en) System and Method for Physical-World Based Dynamic Contactless Data Emulation in a Portable Communication Device
US20120196569A1 (en) Subscriber Identity Module Provisioning
US20130221094A1 (en) Method and System for Providing Identity, Authentication, and Access Services
US20120159612A1 (en) System for Storing One or More Passwords in a Secure Element
US20120172026A1 (en) System and method for managing mobile wallet and its related credentials
WO2012091349A2 (en) System and method for managing mobile wallet and its related credentials
US20130171967A1 (en) Providing Secure Execution of Mobile Device Workflows
US20120266220A1 (en) System and Method for Controlling Access to a Third-Party Application with Passwords Stored in a Secure Element

Legal Events

Date Code Title Description
AS Assignment

Owner name: SK C&C, KOREA, REPUBLIC OF

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:CHEONG, KIDO;HONG, HYUNGJOON;KIM, HYUNJIN;REEL/FRAME:027427/0644

Effective date: 20111201

AS Assignment

Owner name: MOZIDO CORFIRE - KOREA, LTD., KOREA, REPUBLIC OF

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SK C&C CO., LTD.;REEL/FRAME:035404/0851

Effective date: 20141217