WO2013098117A1 - A method to manage contactless communication in a user device - Google Patents
A method to manage contactless communication in a user device Download PDFInfo
- Publication number
- WO2013098117A1 WO2013098117A1 PCT/EP2012/075897 EP2012075897W WO2013098117A1 WO 2013098117 A1 WO2013098117 A1 WO 2013098117A1 EP 2012075897 W EP2012075897 W EP 2012075897W WO 2013098117 A1 WO2013098117 A1 WO 2013098117A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- service provider
- mifare
- repository
- memory
- user device
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/60—Subscription-based services using application servers or record carriers, e.g. SIM application toolkits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
- G06F12/145—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being virtual, e.g. for virtual blocks or segments before a translation mechanism
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/086—Access security using security domains
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/40—Security arrangements using identity modules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
Definitions
- the present invention generally relates to a method to manage contactless communication in a user device, said contactless communication performed by an applet of a service provider, said applet installed in a user device and said applet accessing to a memory of said user device in order to perform said contactless communication, and more particularly to a method that comprises giving access to a plurality of applets of said user device to said memory by means of a service manager entity, said plurality of applets being installed in said user device and storing information of services providers of said plurality of applets in an isolated way using Universal Integrated Circuit Card security of said user device, each of said a plurality of applets having a different security domain wherein said information is stored.
- Calypso is a smartcard contactless proprietary technology widely used in transports on some countries.
- MiFare is a widely deployed and most extended proprietary technology (owned by NXP, previously Philips) for contactless communications. Its lower layers are based on ISO 14443 [2] but has proprietary memory organization and commands, as well as security authentication and encryption.
- MiFare Protocol is a proprietary protocol that uses (in some modes) hardware based stream-cipher for very fast processing. Due to the overall encryption of the full communication and the strong timing requirements, the MiFare messages have to be tunneled through the Contactless Frontend (CLF) using the Contactless Transmission Mode (CLT-Mode) on the Link-Layer specified in [3].
- CLF Contactless Frontend
- CLT-Mode Contactless Transmission Mode
- MiFare In order to be able to work in these systems the CLF needs to work on CLT mode and the Universal Integrated Circuit Card (UICC) will have to emulate a MiFare memory.
- UICC Universal Integrated Circuit Card
- MiFare Classic it is a memory card with some access security. This memory must be implemented in the card. An external reader will then be able to access it through the CLF and CLT as if it were any other MiFare card.
- the UICC must also implement a way for applications stored in the card to use and manage this memory (SmartCard Web Server User Interface, or any other application that makes use of the data in the MiFare memory).
- a known Application Programming Interface (API) must be used for this matter.
- the UICC will present a central entity to manage the MiFare memory specially in avoiding collisions in the use of MiFare sectors and their access keys.
- - MiFare DESFire is similar to the existing smartcard structures. It also supports most commands according to ISO 7816 [4]. The card must implement an emulation of this system.
- MiFare4Mobile (or M4M) is a technology that provides an end to end solution for delivering MiFare applications to the Near Field Communication (NFC) mobile phone including management of application lifecycle, content modification and display of information in the Service User Interface (Ul).
- NFC Near Field Communication
- NXP described an API for the communication with the Ul as well as with the Over-The-Air (OTA) platform, as it will be shown in Figure 1.
- OTA Over-The-Air
- MiFare4Mobile Service Manager managing MiFare applications and related data. It acts as a sort of JavaCard/GP (GlobalPlatform) card manager for MiFare applications.
- JavaCard/GP GlobalPlatform
- This API specification is divided into two: - Trusted Service Manager (TSM) API, which includes all the commands to install applications.
- TSM Trusted Service Manager
- the format of the commands is similar to those of GP's specification but is actually outside GP and does not include Security Domains (SD).
- the commands are: INSTALL, ACTIVATE, DELETE, GETDATA and STORE DATA (for application management), INITIALIZE UPDATE and EXTERNAL AUTHENTICATE (for SCP02 security channels) and PUTKEY and PUTMIFAREKEYS (for MiFare security management).
- - Wallet API including commands to get MiFare information from the Wallet: ACTIVATE, RETRIEVE DATA and VERIFY PIN and CHANGE PIN.
- the present invention provides a method to manage contactless communication in a user device, said contactless communication performed by an applet of a service provider, said applet installed in a user device and said applet accessing to a memory of said user device in order to perform said contactless communication.
- the method of the invention in a characteristic manner it comprises: - giving access to a plurality of applets of said user device to said memory by means of a service manager entity, said plurality of applets being installed in said user device; and
- Figure 1 shows current MiFare5Mobile NXP structure.
- Figure 2 shows the proposed Telco MiFare Mobile Management structure, according to an embodiment of the present invention.
- Figure 3 shows and advanced versions of the proposed Telco MiFare Mobile Management structure, according to an embodiment of the present invention.
- FIG 4 shows in details the components and interfaces of the "Telco MiFare Mobile Management” (T3M) structure, according to an embodiment of the present invention.
- Figure 5 shows the flow diagram for service provider swapping, according to an embodiment of the present invention.
- Figure 6 shows the flow diagram for service provider tag reading, according to an embodiment of the present invention.
- T3M Telco MiFare Mobile Management
- MNO Mobile Network Operator
- the T3M uses the UICC (SIM) security to store the contactless application (like MiFare or Calypso) information of a SP in an isolated way.
- SIM UICC
- T3M has multi-TSM support and all SP information is managed by the SP applet so no security keys flows through the Service Manager.
- T3M structure has been created in order to be able to deploy MiFare services when no current standard is available. This structure could be used as the selected one for standardization and wide adoption.
- the main objectives when defining the T3M structure are:
- NXP defined a multi-application solution for the MiFare cards using the MiFare Application Directory (MAD) directory. These solutions are limited to one MiFare memory and all Service Providers should share the same memory area. The proposed solution allows each SP to define its own memory structure as well as MAD applications are also supported.
- MAD MiFare Application Directory
- a more advanced version can add support for DESFire, Calypso and Classic 7 and 4 bytes UID, as shown in Figure 3.
- the main components in the T3M solution are:
- MiFare4Mobile Wallet API i.e.: activate/deactivate application puts MiFare SP data in the MiFare emulation, read/write data of a given application, get a list of available MiFare applications.
- It can interface with the OTA management platform for MiFare specific data update commands following M4M TSM API. However most management of the applets can be done directly via the GP platform.
- the SP MiFare keys can be produced dynamically inside the applet or personalized using remote GP procedures or contactless APDU commands.
- T3M MiFare SP applet There will be a generic T3M MiFare SP applet in order to provide security when there is no application selected.
- This implementation of a MiFare application environment fulfils the requirements set before providing SP security independence (according to GP), multi- application, remote access and a User Interface API.
- Each service provider's information resides into an isolated security domain inside the UICC.
- Each service provider manages their information without needing a parent cardlet to manage the memory.
- the MiFare memory is protected when no other Mifare application is active.
- Part 1 Physical and data link layer characteristics v 7.8.0 (2010-04)
Abstract
In the method of the invention said contactless communication is performed by an applet of a service provider, said applet is installed in a user device and said applet accesses to a memory of said user device in order to perform said contactless communication. It is characterised in that it comprises: giving access to a plurality of applets of said user device to said memory by means of a service manager entity, said plurality of applets being installed in said user device; and storing information of services providers of said plurality of applets in an isolated way using Universal Integrated Circuit Card security of said user device, each of said a plurality of applets having a different security domain wherein said information is stored.
Description
A method to manage contactless communication in a user device
Field of the art
The present invention generally relates to a method to manage contactless communication in a user device, said contactless communication performed by an applet of a service provider, said applet installed in a user device and said applet accessing to a memory of said user device in order to perform said contactless communication, and more particularly to a method that comprises giving access to a plurality of applets of said user device to said memory by means of a service manager entity, said plurality of applets being installed in said user device and storing information of services providers of said plurality of applets in an isolated way using Universal Integrated Circuit Card security of said user device, each of said a plurality of applets having a different security domain wherein said information is stored.
Prior State of the Art
Calypso is a smartcard contactless proprietary technology widely used in transports on some countries.
MiFare is a widely deployed and most extended proprietary technology (owned by NXP, previously Philips) for contactless communications. Its lower layers are based on ISO 14443 [2] but has proprietary memory organization and commands, as well as security authentication and encryption.
Given the fact that most contactless systems that exist today are based on this technology its emulation within the SIM+mobile handset environment became a strong requirement for wide adoption.
MiFare Protocol is a proprietary protocol that uses (in some modes) hardware based stream-cipher for very fast processing. Due to the overall encryption of the full communication and the strong timing requirements, the MiFare messages have to be tunneled through the Contactless Frontend (CLF) using the Contactless Transmission Mode (CLT-Mode) on the Link-Layer specified in [3].
In order to be able to work in these systems the CLF needs to work on CLT mode and the Universal Integrated Circuit Card (UICC) will have to emulate a MiFare memory. There are different cases of MiFare:
- MiFare Classic: it is a memory card with some access security. This memory must be implemented in the card. An external reader will then be able to access it through the CLF and CLT as if it were any other MiFare card.
- The UICC must also implement a way for applications stored in the card to use and manage this memory (SmartCard Web Server User Interface, or any other application that makes use of the data in the MiFare memory). A known Application Programming Interface (API) must be used for this matter. The UICC will present a central entity to manage the MiFare memory specially in avoiding collisions in the use of MiFare sectors and their access keys.
- MiFare DESFire: is similar to the existing smartcard structures. It also supports most commands according to ISO 7816 [4]. The card must implement an emulation of this system.
MiFare4Mobile (or M4M) is a technology that provides an end to end solution for delivering MiFare applications to the Near Field Communication (NFC) mobile phone including management of application lifecycle, content modification and display of information in the Service User Interface (Ul).
Nowadays, the only M4M implementation has been made by Gemalto.
NXP described an API for the communication with the Ul as well as with the Over-The-Air (OTA) platform, as it will be shown in Figure 1.
The main components of the structure presented are:
- MiFare4Mobile Service Manager, managing MiFare applications and related data. It acts as a sort of JavaCard/GP (GlobalPlatform) card manager for MiFare applications.
- User Interface or "Wallet", as the graphical user interface for the Service Manager
- Proxy application, establishing the connection between backend system and the M4M Service manager. It will relay the relevant M4M commands from the back-end platform to the Service Manager.
It must be noted that the specification does not cover the implementation of these elements but only the interface between them (the APIs mentioned before: Remote management MiFare API and Ul MiFare API). This leaves the implementation open and undefined including the way in which the SP must work to provide an applications etc.
This API specification is divided into two:
- Trusted Service Manager (TSM) API, which includes all the commands to install applications. The format of the commands is similar to those of GP's specification but is actually outside GP and does not include Security Domains (SD). The commands are: INSTALL, ACTIVATE, DELETE, GETDATA and STORE DATA (for application management), INITIALIZE UPDATE and EXTERNAL AUTHENTICATE (for SCP02 security channels) and PUTKEY and PUTMIFAREKEYS (for MiFare security management).
- Wallet API, including commands to get MiFare information from the Wallet: ACTIVATE, RETRIEVE DATA and VERIFY PIN and CHANGE PIN.
However both M4M specification and Gemalto's implementation of the Service
Manager poses the threat of giving too much power to one TSM, as Gemalto proposes a closed structure in which it is only through Gemalto's platform that we can access MiFare applications. They will control what is installed, and will control the security keys. Moreover M4M does not support MiFare DESFire.
The existing solutions don't cover some important topics:
Privacy and security
- All Service Provider (SP) information passes through the Service Manager
- All SP configuration information is into the same security domain
No MultiTSM support
- Only 1 TSM is supported
- All SP shall use the same TSM
Description of the Invention
It is necessary to offer an alternative to the state of the art which covers the gaps found therein, particularly related to the lack of proposals which really provide a multi Security Domain environment in which it is possible to provide independence to the service providers and to the Mobile Network Operator themselves.
To that end, the present invention provides a method to manage contactless communication in a user device, said contactless communication performed by an applet of a service provider, said applet installed in a user device and said applet accessing to a memory of said user device in order to perform said contactless communication.
On the contrary to the known proposals, the method of the invention, in a characteristic manner it comprises:
- giving access to a plurality of applets of said user device to said memory by means of a service manager entity, said plurality of applets being installed in said user device; and
- storing information of services providers of said plurality of applets in an isolated way using Universal Integrated Circuit Card security of said user device, each of said a plurality of applets having a different security domain wherein said information is stored.
Other embodiments of the method of the first aspect of the invention are described according to appended claims 2 to 14 and in a subsequent section related to the detailed description of several embodiments.
Brief Description of the Drawings
The previous and other advantages and features will be more fully understood from the following detailed description of embodiments, with reference to the attached drawings (some of which have already been described in the Prior State of the Art section), which must be considered in an illustrative and non-limiting manner, in which:
Figure 1 shows current MiFare5Mobile NXP structure.
Figure 2 shows the proposed Telco MiFare Mobile Management structure, according to an embodiment of the present invention.
Figure 3 shows and advanced versions of the proposed Telco MiFare Mobile Management structure, according to an embodiment of the present invention.
Figure 4 shows in details the components and interfaces of the "Telco MiFare Mobile Management" (T3M) structure, according to an embodiment of the present invention.
Figure 5 shows the flow diagram for service provider swapping, according to an embodiment of the present invention.
Figure 6 shows the flow diagram for service provider tag reading, according to an embodiment of the present invention.
Detailed Description of Several Embodiments
The "Telco MiFare Mobile Management" (T3M) has been designed as a solution to manage all MiFare and Calypso flavors on a mobile handset.
This solution was designed to be more Mobile Network Operator (MNO) friendly and also to be a very secure solution so a trusted environment for the Service Provider has been defined.
The T3M uses the UICC (SIM) security to store the contactless application (like MiFare or Calypso) information of a SP in an isolated way.
T3M has multi-TSM support and all SP information is managed by the SP applet so no security keys flows through the Service Manager.
A generic scheme is shown in Figure 2.
A specific T3M structure has been created in order to be able to deploy MiFare services when no current standard is available. This structure could be used as the selected one for standardization and wide adoption.
The main objectives when defining the T3M structure are:
- Multiapplication support: NXP defined a multi-application solution for the MiFare cards using the MiFare Application Directory (MAD) directory. These solutions are limited to one MiFare memory and all Service Providers should share the same memory area. The proposed solution allows each SP to define its own memory structure as well as MAD applications are also supported.
- Service Provider privacy: In the current implementations all SP must store their codecs in the same Security Domain and only one applet access to the SP private data in the MiFare memory. The proposed solution isolates each SP in its own SD and also the Service Manager acts only as a director giving the access to the shared resource (MiFare memory) to each service provider applet.
- OTA Management: For the T3M solution, the OTA management was mandatory and fullfills the GP and M4M specifications.
A more advanced version can add support for DESFire, Calypso and Classic 7 and 4 bytes UID, as shown in Figure 3.
The main components in the T3M solution are:
1. T3M Service Manager
- Orchestrates MiFare application management and provides security.
- Interfaces with the wallet through a proprietary API and through a
MiFare4Mobile Wallet API (i.e.: activate/deactivate application puts MiFare SP data in the MiFare emulation, read/write data of a given application, get a list of available MiFare applications).
- It can interface with the OTA management platform for MiFare specific data update commands following M4M TSM API. However most management of the applets can be done directly via the GP platform.
- It does NOT hold or transport at any point any SP data or keys.
2. T3M Service Provider
- Holds the SP MiFare keys. They can be produced dynamically inside the applet or personalized using remote GP procedures or contactless APDU commands.
- Its instantiated in a SP specific GP SD for secure management and personalization.
- Its load and installation can be done through the usual GP channel.
- Holds a memory map of the MiFare application that will be loaded inside the MiFare memory emulation when the application is activated and the SP applet is commanded to do so by the Service Manager. The load is done directly by the SP applet, thus no information goes through the Service Manager. It uses javacardx.external to do so.
- Defines a set of tags with data that can be accessed by the Service Ul.
- There will be a generic T3M MiFare SP applet in order to provide security when there is no application selected.
This implementation of a MiFare application environment fulfils the requirements set before providing SP security independence (according to GP), multi- application, remote access and a User Interface API.
Advantages of the invention
- More privacy: Each service provider's information resides into an isolated security domain inside the UICC.
- More secure: Each service provider manages their information without needing a parent cardlet to manage the memory.
- The MiFare memory is protected when no other Mifare application is active.
- Multi TSM support.
A person skilled in the art could introduce changes and modifications in the embodiments described without departing from the scope of the invention as it is defined in the attached claims.
ACRONYMS
API Application Programming Language
CLF Contactless Frontend
CLT Contactless Transmission
GP Global Platform
M4M MiFare for Mobile
MNO Mobile Network Operator
NFC Near Field Communication
OTA Over The Air
SP Service Provider
T3M Telco Mifare Mobile Management
TSM Trusted Service Management
Ul User Interface
UICC Universal Integrated Circuit Card
UI D User Identifier
REFERENCES
[1] NXP MI FARE4Mobile Interface Specification V1.01
[2] ISO/IEC 14443-1 , ISO/IEC 14443-2, ISO/IEC 14443-3, ISO/IEC 14443-4
[3] ETSI TS 102 613 Smart Cards; UICC - Contactless Front-end (CLF) Interface;
Part 1 : Physical and data link layer characteristics v 7.8.0 (2010-04)
[4] ISO/IEC 7816
Claims
'\ .- A method to manage contactless communication in a user device, said contactless communication performed by an applet of a service provider, said applet installed in a user device and said applet accessing to a memory of said user device in order to perform said contactless communication, characterised in that it comprises:
- giving access to a plurality of applets of said user device to said memory by means of a service manager entity, said plurality of applets being installed in said user device; and
- storing information of services providers of said plurality of applets in an isolated way using Universal Integrated Circuit Card security of said user device, each of said a plurality of applets having a different security domain wherein said information is stored.
2. - A method as per claim 1 , wherein said contactless communication is carried out by means of MiFare technology and said memory is a MiFare memory.
3. - A method as per claim 2, comprising allowing each service provider of said one or more applets to define its own memory structure or using MiFare Application Directory structures.
4. - A method as per claim 2 or 3, comprising providing, said service manager entity, an interface with a wallet of said user device through a proprietary Application
Programming Interface, or API, and through a MiFrae4Mobile Wallet API, said wallet being a graphical user interface of said user device.
5. - A method as per claim 4, comprising providing, said service manager entity, an interface with an On The Air, or OTA, platform for MiFare specific data update commands using a MiFare4Mobile Trusted Service Management API.
6. - A method as per any of previous claims 2 to 5, comprising instantiating a service provider repository in a service provider specific global platform, or GP, security domain for secure management and personalization.
7. - A method as per claim 6, comprising loading and installing said service provider repository through a GP channel.
8. - A method as per claim 7, comprising, said service provider repository:
- holding service providers MiFare keys; and/or
- holding a memory map of a MiFare application that will be loaded in said MiFare memory when said MiFare application is activated and said service manager entity commands it to the applet associated to said MiFare application, wherein said load is done directly by said applet with no information going through said service manager entity.
9.- A method as per claim 8, comprising performing said load by means of a javacardx.external.
10.- A method as per claim 8 or 9, comprising generating said MiFare keys dynamically inside an applet, using remote GP procedures or using contactless Application Protocol Data Unit commands.
1 1 . - A method as per any of previous claims 6 to 10, comprising defining a generic service provider repository in order to provide security when none MiFare application is selected.
12. - A method as per any of previous claims 6 to 1 1 , comprising performing a service provider swapping by performing the next steps:
- sending, said service manager entity, an unload message to the repository service provider of current active service provider;
- sending, said repository service provider of current active service provider, a read sector data message to said MiFare memory;
- storing, said repository service provider of current active service provider, a sector data received from said MiFare memory in a database;
- sending, said repository service provider of current active service provider, a remove sector data message to said MiFare memory and a set transport keys message;
- sending, said service manager entity, a load message to a repository service provider of a different service provider;
- reading, said repository service provider of a different service provider, a data sector from a database;
- sending, said repository service provider of a different service provider, a write sector data message to said MiFare memory; and
- performing a set active service provider instruction in said service manager entity.
13.- A method as per any of previous claims 6 to 1 1 , comprising performing a service provider tag reading by performing the next steps:
- sending, said service manager entity a get tag message to a repository service provider;
- performing a get sector and block instruction in said repository service provider; - sending, said repository service provider, a read data to said MiFare memory; and
- sending, said repository service provider, data received from said MiFare memory to said service manager entity.
14.- A method as per any of previous claims 6 to 14, comprising adding support to said service provider repository for DESFire, Calypso and Classic 7 and 4 bytes User Identifier.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
ESP201132110 | 2011-12-27 | ||
ES201132110A ES2409807B1 (en) | 2011-12-27 | 2011-12-27 | METHOD FOR MANAGING COMMUNICATION WITHOUT CONTACT IN A USER DEVICE |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2013098117A1 true WO2013098117A1 (en) | 2013-07-04 |
Family
ID=47559390
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2012/075897 WO2013098117A1 (en) | 2011-12-27 | 2012-12-18 | A method to manage contactless communication in a user device |
Country Status (2)
Country | Link |
---|---|
ES (1) | ES2409807B1 (en) |
WO (1) | WO2013098117A1 (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9713006B2 (en) | 2014-05-01 | 2017-07-18 | At&T Intellectual Property I, Lp | Apparatus and method for managing security domains for a universal integrated circuit card |
US9942227B2 (en) | 2013-11-01 | 2018-04-10 | At&T Intellectual Property I, L.P. | Apparatus and method for secure over the air programming of a communication device |
US10091655B2 (en) | 2013-09-11 | 2018-10-02 | At&T Intellectual Property I, L.P. | System and methods for UICC-based secure communication |
US10122534B2 (en) | 2013-10-04 | 2018-11-06 | At&T Intellectual Property I, L.P. | Apparatus and method for managing use of secure tokens |
US10200367B2 (en) | 2013-11-01 | 2019-02-05 | At&T Intellectual Property I, L.P. | Apparatus and method for secure provisioning of a communication device |
US10375085B2 (en) | 2013-10-28 | 2019-08-06 | At&T Intellectual Property I, L.P. | Apparatus and method for securely managing the accessibility to content and applications |
US10681534B2 (en) | 2012-11-16 | 2020-06-09 | At&T Intellectual Property I, L.P. | Methods for provisioning universal integrated circuit cards |
US10778670B2 (en) | 2013-10-23 | 2020-09-15 | At&T Intellectual Property I, L.P. | Apparatus and method for secure authentication of a communication device |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2010001046A2 (en) * | 2008-07-01 | 2010-01-07 | France Telecom | Method of installing a management application and method of managing data of applications of a memory area contained on a security module associated with a mobile terminal, associated security module, mobile terminal and server |
US20100205432A1 (en) * | 2007-09-27 | 2010-08-12 | Nxp B.V. | Method, system, trusted service manager, service provider and memory element for managing access rights for trusted applications |
-
2011
- 2011-12-27 ES ES201132110A patent/ES2409807B1/en not_active Withdrawn - After Issue
-
2012
- 2012-12-18 WO PCT/EP2012/075897 patent/WO2013098117A1/en active Application Filing
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100205432A1 (en) * | 2007-09-27 | 2010-08-12 | Nxp B.V. | Method, system, trusted service manager, service provider and memory element for managing access rights for trusted applications |
WO2010001046A2 (en) * | 2008-07-01 | 2010-01-07 | France Telecom | Method of installing a management application and method of managing data of applications of a memory area contained on a security module associated with a mobile terminal, associated security module, mobile terminal and server |
Non-Patent Citations (2)
Title |
---|
"Form to request the Mifare4Mobile specifications V1.01", 28 May 2013 (2013-05-28), XP055064447, Retrieved from the Internet <URL:http://mifare4mobile.org/downloads/specifications_m4m/specifications-v101/> [retrieved on 20130528] * |
"TS 102 613 Smart Cards; UICC - Contactless Front-end (CLF) Interface", PART 1: PHYSICAL AND DATA LINK LAYER CHARACTERISTICS, April 2010 (2010-04-01) |
Cited By (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10681534B2 (en) | 2012-11-16 | 2020-06-09 | At&T Intellectual Property I, L.P. | Methods for provisioning universal integrated circuit cards |
US10834576B2 (en) | 2012-11-16 | 2020-11-10 | At&T Intellectual Property I, L.P. | Methods for provisioning universal integrated circuit cards |
US11368844B2 (en) | 2013-09-11 | 2022-06-21 | At&T Intellectual Property I, L.P. | System and methods for UICC-based secure communication |
US10091655B2 (en) | 2013-09-11 | 2018-10-02 | At&T Intellectual Property I, L.P. | System and methods for UICC-based secure communication |
US10735958B2 (en) | 2013-09-11 | 2020-08-04 | At&T Intellectual Property I, L.P. | System and methods for UICC-based secure communication |
US10122534B2 (en) | 2013-10-04 | 2018-11-06 | At&T Intellectual Property I, L.P. | Apparatus and method for managing use of secure tokens |
US10778670B2 (en) | 2013-10-23 | 2020-09-15 | At&T Intellectual Property I, L.P. | Apparatus and method for secure authentication of a communication device |
US10375085B2 (en) | 2013-10-28 | 2019-08-06 | At&T Intellectual Property I, L.P. | Apparatus and method for securely managing the accessibility to content and applications |
US11005855B2 (en) | 2013-10-28 | 2021-05-11 | At&T Intellectual Property I, L.P. | Apparatus and method for securely managing the accessibility to content and applications |
US11477211B2 (en) | 2013-10-28 | 2022-10-18 | At&T Intellectual Property I, L.P. | Apparatus and method for securely managing the accessibility to content and applications |
US10567553B2 (en) | 2013-11-01 | 2020-02-18 | At&T Intellectual Property I, L.P. | Apparatus and method for secure over the air programming of a communication device |
US10701072B2 (en) | 2013-11-01 | 2020-06-30 | At&T Intellectual Property I, L.P. | Apparatus and method for secure provisioning of a communication device |
US10200367B2 (en) | 2013-11-01 | 2019-02-05 | At&T Intellectual Property I, L.P. | Apparatus and method for secure provisioning of a communication device |
US9942227B2 (en) | 2013-11-01 | 2018-04-10 | At&T Intellectual Property I, L.P. | Apparatus and method for secure over the air programming of a communication device |
US10476859B2 (en) | 2014-05-01 | 2019-11-12 | At&T Intellectual Property I, L.P. | Apparatus and method for managing security domains for a universal integrated circuit card |
US9713006B2 (en) | 2014-05-01 | 2017-07-18 | At&T Intellectual Property I, Lp | Apparatus and method for managing security domains for a universal integrated circuit card |
US9967247B2 (en) | 2014-05-01 | 2018-05-08 | At&T Intellectual Property I, L.P. | Apparatus and method for managing security domains for a universal integrated circuit card |
Also Published As
Publication number | Publication date |
---|---|
ES2409807A2 (en) | 2013-06-27 |
ES2409807B1 (en) | 2014-04-30 |
ES2409807R1 (en) | 2013-10-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8391837B2 (en) | Method, system and trusted service manager for securely transmitting an application to a mobile phone | |
EP3439342B1 (en) | Method for changing mno in embedded sim on basis of special privilege, and embedded sim and recording medium therefor | |
EP2195794B1 (en) | Trusted service manager managing reports of lost or stolen mobile communication devices | |
EP2255340B1 (en) | Method and devices for installing and retrieving linked mifare applications | |
WO2013098117A1 (en) | A method to manage contactless communication in a user device | |
US20130109307A1 (en) | System and method for presentation of multiple nfc credentials during a single nfc transaction | |
KR101979162B1 (en) | Method for Managing Key of Embedded SIM, Embedded SIM and recording medium for the same | |
EP2048594A1 (en) | Method for communication, communication device and secure processor | |
EP2218244A2 (en) | Sharing or reselling nfc applications among mobile communication devices | |
WO2009147548A2 (en) | Method for storing nfc applications in a secure memory device | |
EP2048591B1 (en) | Method for communication, communication device and secure processor | |
EP2174481B1 (en) | Method, server and mobile communication device for managing unique memory device identifications | |
KR20090051823A (en) | Method for managing m-commerce information using multiple security domain structure | |
KR101040577B1 (en) | Method and System for issuing of Mobile Application |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 12815660 Country of ref document: EP Kind code of ref document: A1 |
|
DPE1 | Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101) | ||
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 12815660 Country of ref document: EP Kind code of ref document: A1 |