WO2012091350A3 - System and method for secure containment of sensitive financial information stored in a mobile communication terminal - Google Patents

System and method for secure containment of sensitive financial information stored in a mobile communication terminal Download PDF

Info

Publication number
WO2012091350A3
WO2012091350A3 PCT/KR2011/009867 KR2011009867W WO2012091350A3 WO 2012091350 A3 WO2012091350 A3 WO 2012091350A3 KR 2011009867 W KR2011009867 W KR 2011009867W WO 2012091350 A3 WO2012091350 A3 WO 2012091350A3
Authority
WO
WIPO (PCT)
Prior art keywords
information
mobile terminal
ota
uicc
wallet application
Prior art date
Application number
PCT/KR2011/009867
Other languages
French (fr)
Other versions
WO2012091350A2 (en
Inventor
Ki Do CHEONG
Hyung Joon HONG
Hyun Jin Kim
Original Assignee
Sk C&C Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US13/310,063 external-priority patent/US20120171992A1/en
Application filed by Sk C&C Co., Ltd. filed Critical Sk C&C Co., Ltd.
Priority to SG2013042973A priority Critical patent/SG190986A1/en
Priority to KR1020137019430A priority patent/KR101514753B1/en
Priority to AU2011350196A priority patent/AU2011350196A1/en
Priority to EP11852733.2A priority patent/EP2659694A4/en
Priority to CN201180061627.2A priority patent/CN103270782B/en
Publication of WO2012091350A2 publication Critical patent/WO2012091350A2/en
Publication of WO2012091350A3 publication Critical patent/WO2012091350A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3227Aspects of commerce using mobile devices [M-devices] using secure elements embedded in M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/88Detecting or preventing theft or loss
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/325Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/355Personalisation of cards for use
    • G06Q20/3552Downloading or loading of personalisation data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/357Cards having a plurality of specified features
    • G06Q20/3574Multiple applications on card
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3672Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes initialising or reloading thereof
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2143Clearing memory, e.g. to prevent the data from being stolen

Abstract

A method for securing information over-the-air (OTA) in a non- Universal Integrated Circuit Card (UICC) type secure element (SE) of a mobile terminal including receiving a request to initialize an OTA proxy of a mobile terminal, initializing the OTA proxy, receiving a request to secure information, and securing, using the OTA proxy, the requested information in the non-UICC type SE. A method for reconstructing a mobile wallet application including receiving a request to reconstruct the mobile wallet application for a user; transmitting stored mobile wallet application information associated with the user to the mobile terminal; receiving mobile terminal information and SE information; and transmitting a stored application associated with the mobile wallet application information to the mobile terminal. A mobile terminal to secure information OTA in a non-UICC type SE including an OTA proxy to receive a securing command from a TSM, and a non-UICC SE.
PCT/KR2011/009867 2010-12-30 2011-12-20 System and method for secure containment of sensitive financial information stored in a mobile communication terminal WO2012091350A2 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
SG2013042973A SG190986A1 (en) 2010-12-30 2011-12-20 System and method for secure containment of sensitive financial information stored in a mobile communication terminal
KR1020137019430A KR101514753B1 (en) 2010-12-30 2011-12-20 System and method for secure containment of sensitive financial information stored in a mobile communication terminal
AU2011350196A AU2011350196A1 (en) 2010-12-30 2011-12-20 System and method for secure containment of sensitive financial information stored in a mobile communication terminal
EP11852733.2A EP2659694A4 (en) 2010-12-30 2011-12-20 System and method for secure containment of sensitive financial information stored in a mobile communication terminal
CN201180061627.2A CN103270782B (en) 2010-12-30 2011-12-20 System and method for the safety container of storage sensitive financial information in mobile communication terminals

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201061428852P 2010-12-30 2010-12-30
US61/428,852 2010-12-30
US13/310,063 2011-12-02
US13/310,063 US20120171992A1 (en) 2010-12-30 2011-12-02 System and method for secure containment of sensitive financial information stored in a mobile communication terminal

Publications (2)

Publication Number Publication Date
WO2012091350A2 WO2012091350A2 (en) 2012-07-05
WO2012091350A3 true WO2012091350A3 (en) 2012-08-23

Family

ID=46383644

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2011/009867 WO2012091350A2 (en) 2010-12-30 2011-12-20 System and method for secure containment of sensitive financial information stored in a mobile communication terminal

Country Status (6)

Country Link
EP (1) EP2659694A4 (en)
KR (1) KR101514753B1 (en)
CN (1) CN103270782B (en)
AU (1) AU2011350196A1 (en)
SG (1) SG190986A1 (en)
WO (1) WO2012091350A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106874805A (en) * 2017-01-16 2017-06-20 北京奇虎科技有限公司 A kind of data guard method, device and mobile terminal

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101460179B1 (en) 2012-11-28 2014-11-10 에스케이씨앤씨 주식회사 Method for Temporary Payment Card Set-up and Mobile Device using the same
CN105493117A (en) * 2013-06-17 2016-04-13 谷歌公司 Systems, methods, and computer program products for processing a request relating to a mobile communication device
KR20150049119A (en) * 2013-10-29 2015-05-08 모지도코화이어코리아 유한회사 Method and System for OTP Generation Means Issuance
US10861090B2 (en) 2013-11-27 2020-12-08 Apple Inc. Provisioning of credentials on an electronic device using passwords communicated over verified channels
US10546293B2 (en) 2014-05-29 2020-01-28 Apple Inc. Apparatuses and methods for using a random authorization number to provide enhanced security for a secure element
US9424568B2 (en) 2014-05-29 2016-08-23 Apple Inc. Financial-transaction notifications
KR102226411B1 (en) * 2014-09-01 2021-03-12 삼성전자주식회사 Electronic device and method for managing reenrollment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7395049B2 (en) * 2003-03-03 2008-07-01 Nokia Corporation Security element commanding method and mobile terminal
US20080215875A1 (en) * 2004-09-30 2008-09-04 Stephen Anthony Fischer Method and apparatus for establishing safe processor operating points

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007092573A2 (en) * 2006-02-07 2007-08-16 Cisco Technology, Inc. Methods and systems for providing telephony services and enforcing policies in a communication network
EP2213076B1 (en) * 2007-10-15 2017-07-12 Nxp B.V. Method and service provider for managing expired or consumed applications being stored in mobile communication devices
HU230695B1 (en) * 2007-10-20 2017-09-28 Andrá Vilmos Method of preparing storing and method of storing single user access information into safe storage unit of a communication device
CN102047634A (en) 2008-03-31 2011-05-04 法国电信公司 Method of access and of transferring data related to an application installed on a security module associated with a mobile terminal, associated security module, management server and system
WO2009141805A2 (en) 2008-05-22 2009-11-26 Nxp B.V. Methods, systems and arrangements for wireless communication with near-field communication terminals
US8725122B2 (en) * 2009-05-13 2014-05-13 First Data Corporation Systems and methods for providing trusted service management services

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7395049B2 (en) * 2003-03-03 2008-07-01 Nokia Corporation Security element commanding method and mobile terminal
US20080215875A1 (en) * 2004-09-30 2008-09-04 Stephen Anthony Fischer Method and apparatus for establishing safe processor operating points

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2659694A4 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106874805A (en) * 2017-01-16 2017-06-20 北京奇虎科技有限公司 A kind of data guard method, device and mobile terminal

Also Published As

Publication number Publication date
KR20130108442A (en) 2013-10-02
AU2011350196A1 (en) 2013-06-20
CN103270782B (en) 2016-10-12
EP2659694A4 (en) 2017-08-02
WO2012091350A2 (en) 2012-07-05
SG190986A1 (en) 2013-07-31
EP2659694A2 (en) 2013-11-06
CN103270782A (en) 2013-08-28
KR101514753B1 (en) 2015-04-24

Similar Documents

Publication Publication Date Title
WO2012091350A3 (en) System and method for secure containment of sensitive financial information stored in a mobile communication terminal
CN103503036B (en) Method for exporting and inputting Javacard application data
US20140172700A1 (en) Digital wallet device for virtual wallet
WO2008144671A3 (en) Data brokerage system for mobile marketing
WO2014089161A3 (en) Dynamic geofence based on members within
WO2010144479A3 (en) Virtual sim card for mobile devices
WO2009141764A3 (en) Nfc mobile communication device and nfc reader
WO2006044542A3 (en) System and method for remotely initializing a rf transaction
WO2012125477A3 (en) System and device for facilitating a transaction by consolidating sim, personal token, and associated applications for electronic wallet transactions
MX2013000279A (en) System for secure payment over a wireless communication network.
WO2011119389A3 (en) Cardless atm transaction method and system
HUE030611T2 (en) Smartcard performance enhancement circuits and systems
WO2010005170A3 (en) Personalized service system based on smart car and method thereof, and smart card applied to the same
WO2011122813A3 (en) Method and device for performing communication in a wireless communication system
CN105071824A (en) Intelligent wearable device and data transmission method
JP6449268B2 (en) Wireless protocol message conversion device and method of using the same
US20140019322A1 (en) Mobile banking systems and related methods
WO2009083679A3 (en) Method of reading an electronic tag by a terminal
CN103368659A (en) Data sending method and device and data receiving method and device
US20130273846A1 (en) Communication system
Saminger et al. An NFC ticketing system with a new approach of an inverse reader mode
EA200870359A1 (en) METHOD AND DEVICE FOR COMMUNICATION UNDER THE EARTH BETWEEN A MULTIPLE OF MOBILE STATIONS AND A STATIONARY NETWORK
ES2670439T3 (en) Method for exchanging data between a secure element and a terminal, secure element, and terminal
CN103580726B (en) User identification card, Bluetooth device and method for accessing user identification card
CN204291001U (en) There is the near field communication tag of encipherment protection and applicable near-field communication control system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11852733

Country of ref document: EP

Kind code of ref document: A2

WWE Wipo information: entry into national phase

Ref document number: 2011852733

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2011350196

Country of ref document: AU

Date of ref document: 20111220

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 20137019430

Country of ref document: KR

Kind code of ref document: A