WO2013098117A1 - A method to manage contactless communication in a user device - Google Patents

A method to manage contactless communication in a user device Download PDF

Info

Publication number
WO2013098117A1
WO2013098117A1 PCT/EP2012/075897 EP2012075897W WO2013098117A1 WO 2013098117 A1 WO2013098117 A1 WO 2013098117A1 EP 2012075897 W EP2012075897 W EP 2012075897W WO 2013098117 A1 WO2013098117 A1 WO 2013098117A1
Authority
WO
WIPO (PCT)
Prior art keywords
service provider
mifare
repository
memory
user device
Prior art date
Application number
PCT/EP2012/075897
Other languages
French (fr)
Inventor
Fernando Rodriguez Sela
Jesús ROSA
Ignacio Barandalla Torregrosa
Original Assignee
Telefonica, S.A.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonica, S.A. filed Critical Telefonica, S.A.
Publication of WO2013098117A1 publication Critical patent/WO2013098117A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/60Subscription-based services using application servers or record carriers, e.g. SIM application toolkits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/145Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being virtual, e.g. for virtual blocks or segments before a translation mechanism
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/086Access security using security domains
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication

Definitions

  • the present invention generally relates to a method to manage contactless communication in a user device, said contactless communication performed by an applet of a service provider, said applet installed in a user device and said applet accessing to a memory of said user device in order to perform said contactless communication, and more particularly to a method that comprises giving access to a plurality of applets of said user device to said memory by means of a service manager entity, said plurality of applets being installed in said user device and storing information of services providers of said plurality of applets in an isolated way using Universal Integrated Circuit Card security of said user device, each of said a plurality of applets having a different security domain wherein said information is stored.
  • Calypso is a smartcard contactless proprietary technology widely used in transports on some countries.
  • MiFare is a widely deployed and most extended proprietary technology (owned by NXP, previously Philips) for contactless communications. Its lower layers are based on ISO 14443 [2] but has proprietary memory organization and commands, as well as security authentication and encryption.
  • MiFare Protocol is a proprietary protocol that uses (in some modes) hardware based stream-cipher for very fast processing. Due to the overall encryption of the full communication and the strong timing requirements, the MiFare messages have to be tunneled through the Contactless Frontend (CLF) using the Contactless Transmission Mode (CLT-Mode) on the Link-Layer specified in [3].
  • CLF Contactless Frontend
  • CLT-Mode Contactless Transmission Mode
  • MiFare In order to be able to work in these systems the CLF needs to work on CLT mode and the Universal Integrated Circuit Card (UICC) will have to emulate a MiFare memory.
  • UICC Universal Integrated Circuit Card
  • MiFare Classic it is a memory card with some access security. This memory must be implemented in the card. An external reader will then be able to access it through the CLF and CLT as if it were any other MiFare card.
  • the UICC must also implement a way for applications stored in the card to use and manage this memory (SmartCard Web Server User Interface, or any other application that makes use of the data in the MiFare memory).
  • a known Application Programming Interface (API) must be used for this matter.
  • the UICC will present a central entity to manage the MiFare memory specially in avoiding collisions in the use of MiFare sectors and their access keys.
  • - MiFare DESFire is similar to the existing smartcard structures. It also supports most commands according to ISO 7816 [4]. The card must implement an emulation of this system.
  • MiFare4Mobile (or M4M) is a technology that provides an end to end solution for delivering MiFare applications to the Near Field Communication (NFC) mobile phone including management of application lifecycle, content modification and display of information in the Service User Interface (Ul).
  • NFC Near Field Communication
  • NXP described an API for the communication with the Ul as well as with the Over-The-Air (OTA) platform, as it will be shown in Figure 1.
  • OTA Over-The-Air
  • MiFare4Mobile Service Manager managing MiFare applications and related data. It acts as a sort of JavaCard/GP (GlobalPlatform) card manager for MiFare applications.
  • JavaCard/GP GlobalPlatform
  • This API specification is divided into two: - Trusted Service Manager (TSM) API, which includes all the commands to install applications.
  • TSM Trusted Service Manager
  • the format of the commands is similar to those of GP's specification but is actually outside GP and does not include Security Domains (SD).
  • the commands are: INSTALL, ACTIVATE, DELETE, GETDATA and STORE DATA (for application management), INITIALIZE UPDATE and EXTERNAL AUTHENTICATE (for SCP02 security channels) and PUTKEY and PUTMIFAREKEYS (for MiFare security management).
  • - Wallet API including commands to get MiFare information from the Wallet: ACTIVATE, RETRIEVE DATA and VERIFY PIN and CHANGE PIN.
  • the present invention provides a method to manage contactless communication in a user device, said contactless communication performed by an applet of a service provider, said applet installed in a user device and said applet accessing to a memory of said user device in order to perform said contactless communication.
  • the method of the invention in a characteristic manner it comprises: - giving access to a plurality of applets of said user device to said memory by means of a service manager entity, said plurality of applets being installed in said user device; and
  • Figure 1 shows current MiFare5Mobile NXP structure.
  • Figure 2 shows the proposed Telco MiFare Mobile Management structure, according to an embodiment of the present invention.
  • Figure 3 shows and advanced versions of the proposed Telco MiFare Mobile Management structure, according to an embodiment of the present invention.
  • FIG 4 shows in details the components and interfaces of the "Telco MiFare Mobile Management” (T3M) structure, according to an embodiment of the present invention.
  • Figure 5 shows the flow diagram for service provider swapping, according to an embodiment of the present invention.
  • Figure 6 shows the flow diagram for service provider tag reading, according to an embodiment of the present invention.
  • T3M Telco MiFare Mobile Management
  • MNO Mobile Network Operator
  • the T3M uses the UICC (SIM) security to store the contactless application (like MiFare or Calypso) information of a SP in an isolated way.
  • SIM UICC
  • T3M has multi-TSM support and all SP information is managed by the SP applet so no security keys flows through the Service Manager.
  • T3M structure has been created in order to be able to deploy MiFare services when no current standard is available. This structure could be used as the selected one for standardization and wide adoption.
  • the main objectives when defining the T3M structure are:
  • NXP defined a multi-application solution for the MiFare cards using the MiFare Application Directory (MAD) directory. These solutions are limited to one MiFare memory and all Service Providers should share the same memory area. The proposed solution allows each SP to define its own memory structure as well as MAD applications are also supported.
  • MAD MiFare Application Directory
  • a more advanced version can add support for DESFire, Calypso and Classic 7 and 4 bytes UID, as shown in Figure 3.
  • the main components in the T3M solution are:
  • MiFare4Mobile Wallet API i.e.: activate/deactivate application puts MiFare SP data in the MiFare emulation, read/write data of a given application, get a list of available MiFare applications.
  • It can interface with the OTA management platform for MiFare specific data update commands following M4M TSM API. However most management of the applets can be done directly via the GP platform.
  • the SP MiFare keys can be produced dynamically inside the applet or personalized using remote GP procedures or contactless APDU commands.
  • T3M MiFare SP applet There will be a generic T3M MiFare SP applet in order to provide security when there is no application selected.
  • This implementation of a MiFare application environment fulfils the requirements set before providing SP security independence (according to GP), multi- application, remote access and a User Interface API.
  • Each service provider's information resides into an isolated security domain inside the UICC.
  • Each service provider manages their information without needing a parent cardlet to manage the memory.
  • the MiFare memory is protected when no other Mifare application is active.
  • Part 1 Physical and data link layer characteristics v 7.8.0 (2010-04)

Abstract

In the method of the invention said contactless communication is performed by an applet of a service provider, said applet is installed in a user device and said applet accesses to a memory of said user device in order to perform said contactless communication. It is characterised in that it comprises: giving access to a plurality of applets of said user device to said memory by means of a service manager entity, said plurality of applets being installed in said user device; and storing information of services providers of said plurality of applets in an isolated way using Universal Integrated Circuit Card security of said user device, each of said a plurality of applets having a different security domain wherein said information is stored.

Description

A method to manage contactless communication in a user device
Field of the art
The present invention generally relates to a method to manage contactless communication in a user device, said contactless communication performed by an applet of a service provider, said applet installed in a user device and said applet accessing to a memory of said user device in order to perform said contactless communication, and more particularly to a method that comprises giving access to a plurality of applets of said user device to said memory by means of a service manager entity, said plurality of applets being installed in said user device and storing information of services providers of said plurality of applets in an isolated way using Universal Integrated Circuit Card security of said user device, each of said a plurality of applets having a different security domain wherein said information is stored.
Prior State of the Art
Calypso is a smartcard contactless proprietary technology widely used in transports on some countries.
MiFare is a widely deployed and most extended proprietary technology (owned by NXP, previously Philips) for contactless communications. Its lower layers are based on ISO 14443 [2] but has proprietary memory organization and commands, as well as security authentication and encryption.
Given the fact that most contactless systems that exist today are based on this technology its emulation within the SIM+mobile handset environment became a strong requirement for wide adoption.
MiFare Protocol is a proprietary protocol that uses (in some modes) hardware based stream-cipher for very fast processing. Due to the overall encryption of the full communication and the strong timing requirements, the MiFare messages have to be tunneled through the Contactless Frontend (CLF) using the Contactless Transmission Mode (CLT-Mode) on the Link-Layer specified in [3].
In order to be able to work in these systems the CLF needs to work on CLT mode and the Universal Integrated Circuit Card (UICC) will have to emulate a MiFare memory. There are different cases of MiFare: - MiFare Classic: it is a memory card with some access security. This memory must be implemented in the card. An external reader will then be able to access it through the CLF and CLT as if it were any other MiFare card.
- The UICC must also implement a way for applications stored in the card to use and manage this memory (SmartCard Web Server User Interface, or any other application that makes use of the data in the MiFare memory). A known Application Programming Interface (API) must be used for this matter. The UICC will present a central entity to manage the MiFare memory specially in avoiding collisions in the use of MiFare sectors and their access keys.
- MiFare DESFire: is similar to the existing smartcard structures. It also supports most commands according to ISO 7816 [4]. The card must implement an emulation of this system.
MiFare4Mobile (or M4M) is a technology that provides an end to end solution for delivering MiFare applications to the Near Field Communication (NFC) mobile phone including management of application lifecycle, content modification and display of information in the Service User Interface (Ul).
Nowadays, the only M4M implementation has been made by Gemalto.
NXP described an API for the communication with the Ul as well as with the Over-The-Air (OTA) platform, as it will be shown in Figure 1.
The main components of the structure presented are:
- MiFare4Mobile Service Manager, managing MiFare applications and related data. It acts as a sort of JavaCard/GP (GlobalPlatform) card manager for MiFare applications.
- User Interface or "Wallet", as the graphical user interface for the Service Manager
- Proxy application, establishing the connection between backend system and the M4M Service manager. It will relay the relevant M4M commands from the back-end platform to the Service Manager.
It must be noted that the specification does not cover the implementation of these elements but only the interface between them (the APIs mentioned before: Remote management MiFare API and Ul MiFare API). This leaves the implementation open and undefined including the way in which the SP must work to provide an applications etc.
This API specification is divided into two: - Trusted Service Manager (TSM) API, which includes all the commands to install applications. The format of the commands is similar to those of GP's specification but is actually outside GP and does not include Security Domains (SD). The commands are: INSTALL, ACTIVATE, DELETE, GETDATA and STORE DATA (for application management), INITIALIZE UPDATE and EXTERNAL AUTHENTICATE (for SCP02 security channels) and PUTKEY and PUTMIFAREKEYS (for MiFare security management).
- Wallet API, including commands to get MiFare information from the Wallet: ACTIVATE, RETRIEVE DATA and VERIFY PIN and CHANGE PIN.
However both M4M specification and Gemalto's implementation of the Service
Manager poses the threat of giving too much power to one TSM, as Gemalto proposes a closed structure in which it is only through Gemalto's platform that we can access MiFare applications. They will control what is installed, and will control the security keys. Moreover M4M does not support MiFare DESFire.
The existing solutions don't cover some important topics:
Privacy and security
- All Service Provider (SP) information passes through the Service Manager
- All SP configuration information is into the same security domain
No MultiTSM support
- Only 1 TSM is supported
- All SP shall use the same TSM
Description of the Invention
It is necessary to offer an alternative to the state of the art which covers the gaps found therein, particularly related to the lack of proposals which really provide a multi Security Domain environment in which it is possible to provide independence to the service providers and to the Mobile Network Operator themselves.
To that end, the present invention provides a method to manage contactless communication in a user device, said contactless communication performed by an applet of a service provider, said applet installed in a user device and said applet accessing to a memory of said user device in order to perform said contactless communication.
On the contrary to the known proposals, the method of the invention, in a characteristic manner it comprises: - giving access to a plurality of applets of said user device to said memory by means of a service manager entity, said plurality of applets being installed in said user device; and
- storing information of services providers of said plurality of applets in an isolated way using Universal Integrated Circuit Card security of said user device, each of said a plurality of applets having a different security domain wherein said information is stored.
Other embodiments of the method of the first aspect of the invention are described according to appended claims 2 to 14 and in a subsequent section related to the detailed description of several embodiments.
Brief Description of the Drawings
The previous and other advantages and features will be more fully understood from the following detailed description of embodiments, with reference to the attached drawings (some of which have already been described in the Prior State of the Art section), which must be considered in an illustrative and non-limiting manner, in which:
Figure 1 shows current MiFare5Mobile NXP structure.
Figure 2 shows the proposed Telco MiFare Mobile Management structure, according to an embodiment of the present invention.
Figure 3 shows and advanced versions of the proposed Telco MiFare Mobile Management structure, according to an embodiment of the present invention.
Figure 4 shows in details the components and interfaces of the "Telco MiFare Mobile Management" (T3M) structure, according to an embodiment of the present invention.
Figure 5 shows the flow diagram for service provider swapping, according to an embodiment of the present invention.
Figure 6 shows the flow diagram for service provider tag reading, according to an embodiment of the present invention.
Detailed Description of Several Embodiments
The "Telco MiFare Mobile Management" (T3M) has been designed as a solution to manage all MiFare and Calypso flavors on a mobile handset. This solution was designed to be more Mobile Network Operator (MNO) friendly and also to be a very secure solution so a trusted environment for the Service Provider has been defined.
The T3M uses the UICC (SIM) security to store the contactless application (like MiFare or Calypso) information of a SP in an isolated way.
T3M has multi-TSM support and all SP information is managed by the SP applet so no security keys flows through the Service Manager.
A generic scheme is shown in Figure 2.
A specific T3M structure has been created in order to be able to deploy MiFare services when no current standard is available. This structure could be used as the selected one for standardization and wide adoption.
The main objectives when defining the T3M structure are:
- Multiapplication support: NXP defined a multi-application solution for the MiFare cards using the MiFare Application Directory (MAD) directory. These solutions are limited to one MiFare memory and all Service Providers should share the same memory area. The proposed solution allows each SP to define its own memory structure as well as MAD applications are also supported.
- Service Provider privacy: In the current implementations all SP must store their codecs in the same Security Domain and only one applet access to the SP private data in the MiFare memory. The proposed solution isolates each SP in its own SD and also the Service Manager acts only as a director giving the access to the shared resource (MiFare memory) to each service provider applet.
- OTA Management: For the T3M solution, the OTA management was mandatory and fullfills the GP and M4M specifications.
A more advanced version can add support for DESFire, Calypso and Classic 7 and 4 bytes UID, as shown in Figure 3.
The main components in the T3M solution are:
1. T3M Service Manager
- Orchestrates MiFare application management and provides security.
- Interfaces with the wallet through a proprietary API and through a
MiFare4Mobile Wallet API (i.e.: activate/deactivate application puts MiFare SP data in the MiFare emulation, read/write data of a given application, get a list of available MiFare applications). - It can interface with the OTA management platform for MiFare specific data update commands following M4M TSM API. However most management of the applets can be done directly via the GP platform.
- It does NOT hold or transport at any point any SP data or keys.
2. T3M Service Provider
- Holds the SP MiFare keys. They can be produced dynamically inside the applet or personalized using remote GP procedures or contactless APDU commands.
- Its instantiated in a SP specific GP SD for secure management and personalization.
- Its load and installation can be done through the usual GP channel.
- Holds a memory map of the MiFare application that will be loaded inside the MiFare memory emulation when the application is activated and the SP applet is commanded to do so by the Service Manager. The load is done directly by the SP applet, thus no information goes through the Service Manager. It uses javacardx.external to do so.
- Defines a set of tags with data that can be accessed by the Service Ul.
- There will be a generic T3M MiFare SP applet in order to provide security when there is no application selected.
This implementation of a MiFare application environment fulfils the requirements set before providing SP security independence (according to GP), multi- application, remote access and a User Interface API.
Advantages of the invention
- More privacy: Each service provider's information resides into an isolated security domain inside the UICC.
- More secure: Each service provider manages their information without needing a parent cardlet to manage the memory.
- The MiFare memory is protected when no other Mifare application is active.
- Multi TSM support.
A person skilled in the art could introduce changes and modifications in the embodiments described without departing from the scope of the invention as it is defined in the attached claims. ACRONYMS
API Application Programming Language
CLF Contactless Frontend
CLT Contactless Transmission
GP Global Platform
M4M MiFare for Mobile
MNO Mobile Network Operator
NFC Near Field Communication
OTA Over The Air
SP Service Provider
T3M Telco Mifare Mobile Management
TSM Trusted Service Management
Ul User Interface
UICC Universal Integrated Circuit Card
UI D User Identifier
REFERENCES
[1] NXP MI FARE4Mobile Interface Specification V1.01
[2] ISO/IEC 14443-1 , ISO/IEC 14443-2, ISO/IEC 14443-3, ISO/IEC 14443-4
[3] ETSI TS 102 613 Smart Cards; UICC - Contactless Front-end (CLF) Interface;
Part 1 : Physical and data link layer characteristics v 7.8.0 (2010-04)
[4] ISO/IEC 7816

Claims

Claims
'\ .- A method to manage contactless communication in a user device, said contactless communication performed by an applet of a service provider, said applet installed in a user device and said applet accessing to a memory of said user device in order to perform said contactless communication, characterised in that it comprises:
- giving access to a plurality of applets of said user device to said memory by means of a service manager entity, said plurality of applets being installed in said user device; and
- storing information of services providers of said plurality of applets in an isolated way using Universal Integrated Circuit Card security of said user device, each of said a plurality of applets having a different security domain wherein said information is stored.
2. - A method as per claim 1 , wherein said contactless communication is carried out by means of MiFare technology and said memory is a MiFare memory.
3. - A method as per claim 2, comprising allowing each service provider of said one or more applets to define its own memory structure or using MiFare Application Directory structures.
4. - A method as per claim 2 or 3, comprising providing, said service manager entity, an interface with a wallet of said user device through a proprietary Application
Programming Interface, or API, and through a MiFrae4Mobile Wallet API, said wallet being a graphical user interface of said user device.
5. - A method as per claim 4, comprising providing, said service manager entity, an interface with an On The Air, or OTA, platform for MiFare specific data update commands using a MiFare4Mobile Trusted Service Management API.
6. - A method as per any of previous claims 2 to 5, comprising instantiating a service provider repository in a service provider specific global platform, or GP, security domain for secure management and personalization.
7. - A method as per claim 6, comprising loading and installing said service provider repository through a GP channel.
8. - A method as per claim 7, comprising, said service provider repository:
- holding service providers MiFare keys; and/or
- holding a memory map of a MiFare application that will be loaded in said MiFare memory when said MiFare application is activated and said service manager entity commands it to the applet associated to said MiFare application, wherein said load is done directly by said applet with no information going through said service manager entity.
9.- A method as per claim 8, comprising performing said load by means of a javacardx.external.
10.- A method as per claim 8 or 9, comprising generating said MiFare keys dynamically inside an applet, using remote GP procedures or using contactless Application Protocol Data Unit commands.
1 1 . - A method as per any of previous claims 6 to 10, comprising defining a generic service provider repository in order to provide security when none MiFare application is selected.
12. - A method as per any of previous claims 6 to 1 1 , comprising performing a service provider swapping by performing the next steps:
- sending, said service manager entity, an unload message to the repository service provider of current active service provider;
- sending, said repository service provider of current active service provider, a read sector data message to said MiFare memory;
- storing, said repository service provider of current active service provider, a sector data received from said MiFare memory in a database;
- sending, said repository service provider of current active service provider, a remove sector data message to said MiFare memory and a set transport keys message;
- sending, said service manager entity, a load message to a repository service provider of a different service provider;
- reading, said repository service provider of a different service provider, a data sector from a database;
- sending, said repository service provider of a different service provider, a write sector data message to said MiFare memory; and
- performing a set active service provider instruction in said service manager entity.
13.- A method as per any of previous claims 6 to 1 1 , comprising performing a service provider tag reading by performing the next steps:
- sending, said service manager entity a get tag message to a repository service provider;
- performing a get sector and block instruction in said repository service provider; - sending, said repository service provider, a read data to said MiFare memory; and
- sending, said repository service provider, data received from said MiFare memory to said service manager entity.
14.- A method as per any of previous claims 6 to 14, comprising adding support to said service provider repository for DESFire, Calypso and Classic 7 and 4 bytes User Identifier.
PCT/EP2012/075897 2011-12-27 2012-12-18 A method to manage contactless communication in a user device WO2013098117A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ESP201132110 2011-12-27
ES201132110A ES2409807B1 (en) 2011-12-27 2011-12-27 METHOD FOR MANAGING COMMUNICATION WITHOUT CONTACT IN A USER DEVICE

Publications (1)

Publication Number Publication Date
WO2013098117A1 true WO2013098117A1 (en) 2013-07-04

Family

ID=47559390

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2012/075897 WO2013098117A1 (en) 2011-12-27 2012-12-18 A method to manage contactless communication in a user device

Country Status (2)

Country Link
ES (1) ES2409807B1 (en)
WO (1) WO2013098117A1 (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9713006B2 (en) 2014-05-01 2017-07-18 At&T Intellectual Property I, Lp Apparatus and method for managing security domains for a universal integrated circuit card
US9942227B2 (en) 2013-11-01 2018-04-10 At&T Intellectual Property I, L.P. Apparatus and method for secure over the air programming of a communication device
US10091655B2 (en) 2013-09-11 2018-10-02 At&T Intellectual Property I, L.P. System and methods for UICC-based secure communication
US10122534B2 (en) 2013-10-04 2018-11-06 At&T Intellectual Property I, L.P. Apparatus and method for managing use of secure tokens
US10200367B2 (en) 2013-11-01 2019-02-05 At&T Intellectual Property I, L.P. Apparatus and method for secure provisioning of a communication device
US10375085B2 (en) 2013-10-28 2019-08-06 At&T Intellectual Property I, L.P. Apparatus and method for securely managing the accessibility to content and applications
US10681534B2 (en) 2012-11-16 2020-06-09 At&T Intellectual Property I, L.P. Methods for provisioning universal integrated circuit cards
US10778670B2 (en) 2013-10-23 2020-09-15 At&T Intellectual Property I, L.P. Apparatus and method for secure authentication of a communication device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010001046A2 (en) * 2008-07-01 2010-01-07 France Telecom Method of installing a management application and method of managing data of applications of a memory area contained on a security module associated with a mobile terminal, associated security module, mobile terminal and server
US20100205432A1 (en) * 2007-09-27 2010-08-12 Nxp B.V. Method, system, trusted service manager, service provider and memory element for managing access rights for trusted applications

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100205432A1 (en) * 2007-09-27 2010-08-12 Nxp B.V. Method, system, trusted service manager, service provider and memory element for managing access rights for trusted applications
WO2010001046A2 (en) * 2008-07-01 2010-01-07 France Telecom Method of installing a management application and method of managing data of applications of a memory area contained on a security module associated with a mobile terminal, associated security module, mobile terminal and server

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"Form to request the Mifare4Mobile specifications V1.01", 28 May 2013 (2013-05-28), XP055064447, Retrieved from the Internet <URL:http://mifare4mobile.org/downloads/specifications_m4m/specifications-v101/> [retrieved on 20130528] *
"TS 102 613 Smart Cards; UICC - Contactless Front-end (CLF) Interface", PART 1: PHYSICAL AND DATA LINK LAYER CHARACTERISTICS, April 2010 (2010-04-01)

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10681534B2 (en) 2012-11-16 2020-06-09 At&T Intellectual Property I, L.P. Methods for provisioning universal integrated circuit cards
US10834576B2 (en) 2012-11-16 2020-11-10 At&T Intellectual Property I, L.P. Methods for provisioning universal integrated circuit cards
US11368844B2 (en) 2013-09-11 2022-06-21 At&T Intellectual Property I, L.P. System and methods for UICC-based secure communication
US10091655B2 (en) 2013-09-11 2018-10-02 At&T Intellectual Property I, L.P. System and methods for UICC-based secure communication
US10735958B2 (en) 2013-09-11 2020-08-04 At&T Intellectual Property I, L.P. System and methods for UICC-based secure communication
US10122534B2 (en) 2013-10-04 2018-11-06 At&T Intellectual Property I, L.P. Apparatus and method for managing use of secure tokens
US10778670B2 (en) 2013-10-23 2020-09-15 At&T Intellectual Property I, L.P. Apparatus and method for secure authentication of a communication device
US10375085B2 (en) 2013-10-28 2019-08-06 At&T Intellectual Property I, L.P. Apparatus and method for securely managing the accessibility to content and applications
US11005855B2 (en) 2013-10-28 2021-05-11 At&T Intellectual Property I, L.P. Apparatus and method for securely managing the accessibility to content and applications
US11477211B2 (en) 2013-10-28 2022-10-18 At&T Intellectual Property I, L.P. Apparatus and method for securely managing the accessibility to content and applications
US10567553B2 (en) 2013-11-01 2020-02-18 At&T Intellectual Property I, L.P. Apparatus and method for secure over the air programming of a communication device
US10701072B2 (en) 2013-11-01 2020-06-30 At&T Intellectual Property I, L.P. Apparatus and method for secure provisioning of a communication device
US10200367B2 (en) 2013-11-01 2019-02-05 At&T Intellectual Property I, L.P. Apparatus and method for secure provisioning of a communication device
US9942227B2 (en) 2013-11-01 2018-04-10 At&T Intellectual Property I, L.P. Apparatus and method for secure over the air programming of a communication device
US10476859B2 (en) 2014-05-01 2019-11-12 At&T Intellectual Property I, L.P. Apparatus and method for managing security domains for a universal integrated circuit card
US9713006B2 (en) 2014-05-01 2017-07-18 At&T Intellectual Property I, Lp Apparatus and method for managing security domains for a universal integrated circuit card
US9967247B2 (en) 2014-05-01 2018-05-08 At&T Intellectual Property I, L.P. Apparatus and method for managing security domains for a universal integrated circuit card

Also Published As

Publication number Publication date
ES2409807A2 (en) 2013-06-27
ES2409807B1 (en) 2014-04-30
ES2409807R1 (en) 2013-10-11

Similar Documents

Publication Publication Date Title
US8391837B2 (en) Method, system and trusted service manager for securely transmitting an application to a mobile phone
EP3439342B1 (en) Method for changing mno in embedded sim on basis of special privilege, and embedded sim and recording medium therefor
EP2195794B1 (en) Trusted service manager managing reports of lost or stolen mobile communication devices
EP2255340B1 (en) Method and devices for installing and retrieving linked mifare applications
WO2013098117A1 (en) A method to manage contactless communication in a user device
US20130109307A1 (en) System and method for presentation of multiple nfc credentials during a single nfc transaction
KR101979162B1 (en) Method for Managing Key of Embedded SIM, Embedded SIM and recording medium for the same
EP2048594A1 (en) Method for communication, communication device and secure processor
EP2218244A2 (en) Sharing or reselling nfc applications among mobile communication devices
WO2009147548A2 (en) Method for storing nfc applications in a secure memory device
EP2048591B1 (en) Method for communication, communication device and secure processor
EP2174481B1 (en) Method, server and mobile communication device for managing unique memory device identifications
KR20090051823A (en) Method for managing m-commerce information using multiple security domain structure
KR101040577B1 (en) Method and System for issuing of Mobile Application

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12815660

Country of ref document: EP

Kind code of ref document: A1

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12815660

Country of ref document: EP

Kind code of ref document: A1