WO2015082946A2 - Procedure for the remote management of secure elements and communication device for carrying out such procedure - Google Patents

Procedure for the remote management of secure elements and communication device for carrying out such procedure Download PDF

Info

Publication number
WO2015082946A2
WO2015082946A2 PCT/HU2014/000119 HU2014000119W WO2015082946A2 WO 2015082946 A2 WO2015082946 A2 WO 2015082946A2 HU 2014000119 W HU2014000119 W HU 2014000119W WO 2015082946 A2 WO2015082946 A2 WO 2015082946A2
Authority
WO
WIPO (PCT)
Prior art keywords
secure element
remote
communication device
communication
back office
Prior art date
Application number
PCT/HU2014/000119
Other languages
French (fr)
Other versions
WO2015082946A3 (en
Inventor
András VILMOS
Original Assignee
Vilmos András
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to HU1300708 priority Critical
Priority to HUP1300708 priority
Application filed by Vilmos András filed Critical Vilmos András
Publication of WO2015082946A2 publication Critical patent/WO2015082946A2/en
Publication of WO2015082946A3 publication Critical patent/WO2015082946A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network-specific arrangements or communication protocols supporting networked applications
    • H04L67/12Network-specific arrangements or communication protocols supporting networked applications adapted for proprietary or special purpose networking environments, e.g. medical networks, sensor networks, networks in a car or remote metering networks
    • H04L67/125Network-specific arrangements or communication protocols supporting networked applications adapted for proprietary or special purpose networking environments, e.g. medical networks, sensor networks, networks in a car or remote metering networks involving the control of end-device applications over a network
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/353Payments by additional cards plugged into M-devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance or administration or management of packet switching networks
    • H04L41/28Security in network management, e.g. restricting network management access
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B5/00Near-field transmission systems, e.g. inductive loop type
    • H04B5/0056Near-field transmission systems, e.g. inductive loop type for use in interrogation, identification or read/write systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies

Abstract

The invention relates to a procedure for the remote management of an external secure element characterized by: - providing a communication device (10) having an NFC antenna (15) and having a communication network interface (16) for connecting to a remote back office server (30) configured to perform remote secure element management activities, - detecting the external secure element (20) by the NFC antenna (15) of the communication device (10), - establishing data communication with the remote back office server (30) over a communication network (70) using the communication network interface (16), - using the communication device (10) as a proxy to establish an end-to-end secure communication channel (40) between the secure element (20) and the remote back office server (30) in order to allow the back office server (30) to perform remote secure element management activities, and - using the NFC antenna (15) of the communication device (10) to communicate with the secure element (20). The invention further relates to a communication device configured to perform the inventive procedure.

Description

Procedure for the remote management of secure elements and communication device for carrying out such procedure

The present invention relates to the procedure of the remote management of smart cards or other external secure elements using the NFC antenna of a mobile communication device.

The present invention further relates to a communication device configured to assist the remote management of external secure elements.

There are more and more mobile handsets appearing on the market with a new built in proximity interface, called NFC (Near Field Communication). Practically all handset manufacturers, except Apple, has one or multiple NFC enabled handsets, including such bestselling models like the Galaxy family from Samsung and the Xperia line from Sony.

NFC is a short-range wireless technology jointly developed by Philips and Sony in 2002. Specific to the technology is its touch and communicate feature which makes it adequate for diverse customer services where convenience is of utmost importance. NFC works by magnetic field induction: it operates within the globally available and unlicensed RF band of 13.56 MHz. In 2004 NFC was approved as an ISO/TEC standard (ISO/IEC 18092:2004). It was approved as an ECMA (European association for standardizing information and communication systems) and ETSI (European Telecommunications Standards Institute) standard earlier on (ECMA-340, ETSI 102.190). All these standards define the Near Field Communication Interface and Protocol- 1 (NFCIP-1), which specify the modulation schemes, coding, transfer speeds and frame format of the RF interface of NFC devices, as well as initialization schemes and conditions required for data collision-control during initialization.

NFC is also compatible with today's field proven contactless infrastructure, with Mifare® and FeliCa™ smart cards and in general, with contactless smart cards standardized in ISO/IEC 14443. Communication between the application on the secure element and the contactless reader (via the NFC chip) is based on two standards: ISO/IEC 7816 and ISO/IEC 14443. ISO/IEC 14443 helps the reader and NFC chip establish the device parameters for NFC communication. The NFC chip and the contactless reader exchange data using an application protocol data unit (APDU). The structure of an APDU is defined by ISO/IEC 7816-4.

The NFC operating distance is up to 10 cm although strongly implementation dependent: typically antenna diameter is comparable to communication distance.

NFC devices can operate in three different modes: in Reader/Writer mode, the NFC device is capable of reading and writing RFID tags. This operating mode supports the reading of smart product tags, RFID cards or so called Smart Posters as well as the writing of content on to these mediums; (This function of NFC is the basis of the current invention.)

in Card Emulation mode, the NFC device itself acts as an ISO 14443 contactless card to an external reader. This feature enables, for example, contactless payments, e-ticketing and access control.

in Peer-to-Peer mode, two active NFC devices can exchange data. For example, it is possible to share Bluetooth or WiFi link set up parameters, and exchange data such as virtual business cards or digital photos;

The Near Field Communication Interface and Protocol-2 (NFCIP-2) Standard (ISO/IEC 21481 :2005 and ECMA 352) specifies the mechanism to detect and select one communication mode out of three possible communication modes typical of NFC.

Due to its backward compatibility NFC technology is interoperable with current smart card based infrastructures, like banking card operations, transport card services, access card based entry systems, etc.

The appearance of NFC in mobile handsets opened new prospects for many proximity services. The combination of the NFC antenna with a secure chip, called Secure Element, created the right technical environment for the establishment of multi-application smart card services, where a single chip may contain several service cardlets and their contents side by side. Using the remote mobile communication capability of the mobile handset, its display and keyboard (virtual or physical) multiple service applications may be loaded into the secure element remotely over the air, which then may be used for proximity transactions using the NFC antenna of the mobile phone. The applications and the content on the chips may also be dynamically managed in the phones which provide unparalleled user experience and convenience. In the future users do not need to carry any longer multiple cards, coins, IDs, etc. in their wallets but may keep all such credentials in their phones, which they usually always carry anyway.

This concept of multiple applications on the chip in the phone is although a technical reality it is very difficult to implement in real commercial environments. There are too many players involved with too diverse technical and business motivations. It also comes with difficult integration challenges and logistical problems.

The phones are used by the consumers who wish to select the services they would like to use. The chip in the phones are controlled either by the mobile network operators (if the chip used is the SIM card), or by the handset manufacturers in case of the embedded secure element, which is an integral part of the mobile device. There also exists a third form factor the so called smart micro SD card, but this solution is still immature having quite some technical limitations, interoperability problems with the handsets.

The underlying conclusion is that although the technology exists, the secure element is potentially available in the NFC phones, its management is presently so complex, requires the involvement of so many partners and so many details need to be agreed up front before the operation may start that it is practically impossible to establish a functioning service. The remote provisioning and management of multiple applications on the secure element in the mobile phones is still rather a futuristic concept than a technical and commercial reality.

The inventor has recognized the limitations of the prevailing solutions and also understands the potential that the new mobile NFC technology may provide also in relationship with the traditional smart card based systems due to its technical compatibility and interoperation with these services.

The above problems are overcome by a procedure according to claim 1 and claim 9 and a communication device according to claim 7.

The invention relates to a technical solution which uses the NFC antenna of the mobile handset as an interface to remotely (over the internet - using mobile data channels, Wifi or other communication links), dynamically manage traditional physical (plastic) chip cards. In addition the solution can even potentially turn these cards into multi-application secure elements just as if they were used within the mobile phone. With the inventive approach the invention overcomes the problem of complexity caused by the control issues over the internal secure elements in the mobile handsets which results in complex and complicated information and key exchange procedures and focuses entirely on the technical implementation of the application and content (life-cycle and in-life) management procedures.

With the present invention any service provider having issued a plastic smart card - banks, transport operators, facility managers - may manage their traditional cards just as if they have moved these credentials into the mobile handset but without the technical and business complexity such a move would entail.

The invention will also enable the service providers to use their plastic cards - even those ones which have been issued already - for multiple purposes and to share it with other operators and service providers. The present invention is clearly less future oriented than the fully mobile based implementation where the secure element is placed inside the mobile phone, but due to its simplicity and full compatibility with existing infrastructures and business practices it has real commercial and technical benefits. And it could work already today.

The invention is based on the recognition that external secure elements may just as simply be managed by the mobile handset as the secure element placed or integrated into the device itself.

For both the existing solution and the present invention the remote communication technology - i.e. communication between the mobile device and the remote back office architecture - may be the same. Also some other capabilities of the mobile phone, like memory, storage, display, keyboard may be used identically, with applications running on the mobile handset having graphical user interfaces and menus. The substantial difference lies in the communication with the secure element. Whereas in case of mobile NFC services with internal secure elements a contact interface is used between the device and the chip (i.e. direct physical connection is established between the device and the secure element), in contrast thereto in case when the secure element to be managed is an external card this communication is performed between the contactless interface of the smart card and the NFC antenna of the mobile handset using the proximity communication protocol, ISO 14443. The secure element not being permanently attached to the NFC capable mobile communication device presents technical challenges which are solved by the present invention, and consequently a secure environment and seamless procedure may be established for the remote management of external secure elements using the NFC antenna of mobile communication devices.

The inventor realized that it is possible to establish the same high level end-to-end security between the external secure element and the remote back office using the phone with its mobile application(s) as a proxy and its antenna as the communication interface which security level is otherwise achieved and mandated in case of internal chips. The speed of communication is also comparable making the new concept commercially viable also from this perspective.

In the following the set of equipment used for the procedure according to the invention is presented in more details on the basis of exemplary embodiments and drawings.

Figure 1 is a schematic block diagram of a communication device according to the invention and a secure element.

Figure 2 is a schematic block diagram of a remote back office server connectable with the communication device over a communication network.

Figure 3 is a schematic block diagram illustrating the secure communication channel established between the secure element and the back office server using the communication device with its mobile application as a proxy.

Fig. 4 is a flow diagram illustrating the procedure according to the invention.

Figure 1 schematically depicts a communication device 10 according to the invention and an exemplary secure element 20. In the present embodiment the mobile communication device 10 is a smart phone having an NFC antenna 15, but it may be any other type of mobile communication device, like a tablet, or notebook, that is equipped with an NFC antenna 15. The communication device 10 may be connected by a communication network 70 (see Figs. 2 and 3) to a back office server 30 controlling the secure element management procedures, including content, application and other card management procedures. The communication network 70 can be any kind of network suitable for data transmission, e.g. Internet, GSM network, LAN or WLAN, etc. over which the communication may follow any suitable communication technology including but not limited to 4G, 3G, WiFi, WIMAX, etc.

The mobile telephone serving as the communication device 10 comprises a central unit 11 (baseband or application processor), which controls the operation of the communication device 10, its memory storage 12, display 13, virtual/physical keyboard 14, NFC antenna 15 and communication network interfaces 16 (different mobile and other antennas). It may also have a SIM card 18, but it plays no dedicated role in the present invention as remote communication with the mobile communication device 10 may also be realized using Wifi or other technologies. The memory storage 12 may store one or more applications 17 which may be managed by the user of the communication device 10 in order to facilitate the remote secure element management operation. The application 17 running on the mobile communication device 10 may request the NFC antenna 15 of the mobile communication device 10, to identify an external secure element 20, and inform the application 17 about the presence of the secure element 20. Having received the necessary information about the presence of an external secure element 20 the application 17 may send this information - in the form of a service request - by initiating data communication over the communication network 70 to the back office server 30 controlling the secure element management procedures. This open channel can be used all through the secure element management activity, and may provide the physical connection between the mobile communication device 10 and the remote back office server 30 over which a secure communication channel 40 may be established between the secure element 20 and the back office server 30, using the NFC antenna 15 of the communication device 10 to communicate with the external secure element 20. The application 17 may also terminate the operation when the secure element management activity has been completed or aborted. These functions may be performed by one or multiple applications 17working together.

Figure 1 also shows an exemplary external secure element 20 which can be managed remotely using the NFC antenna 15 of the mobile communication device 10. The secure element 20, a contactless smart card in the present example, has a microchip 21 and an antenna 22. The microchip contains a microcontroller 23, and internal memory 24 having at least one security domain 24a (called Issuer Security Domain - ISD), but may have more security domains (called Supplementary Security Domain - SSD) and their numbers may be dynamically modified, i.e. new security domains 24a may be created and existing security domains 24a deleted.

The back office secure element management server 30 may comprise a key management module 31 which is used to assure the security of the secure element management transactions between the back office server 30 controlling the secure element management procedures and the external secure element 20 through the mobile communication device 10 and using the NFC antenna 15 of the communication device 10 to communicate with the secure element 20. The back office server 30 controlling the secure element management procedures 30 preferably comprises a communication management module 36 for the facilitation of the remote communication with the mobile communication device 10 and may further contain a card management module 32, application management module 33, content management module 34, loader module 35 and other functional modules to facilitate the remote secure element management activities. The back office server 30 may also have several external communication interfaces 37 for performing secure element management operations on behalf of other parties.

Figure 3 schematically illustrates the establishment of the secure communication channel 40 between the secure element 20 and the back office server 30 in the course of which the communication device 10 with its application 17 is used as a proxy. Figure 4 illustrates the procedural steps performed by the interacting entities. The interactions and technology used during the procedure of remote management of a JAVA card as a secure element 20 are as follows.

• In Step 1 the mobile application 17 running on the communication device 10 notifies the NFC antenna 15 (NFC reader) that it is waiting for a JAVA card, which is the secure element 20 that is to be managed remotely.

• In Step 2 The NFC antenna 15 notifies the application 17 upon detection of a JAVA card 20 which notification contains a channel (queue) tag, which facilitates communication with the card 20.

• In Step 3 the mobile application 17 connects to the back office server 30 and notifies it about the presence of the card 20 and if necessary also transmits details about the user of the secure element 20, or an application or content to be loaded into the secure element 20. • In Step 4 the back office server 30 issues a RESET command to the card 20 using the open data channel to the communication device 10 and the communication device's 10 NFC antenna 15.

• In Step 5 the RESET command is answered by the ATR (Answer to Reset) which contains some basic information about the card 20 and The ATR is forwarded back to the back office server 30 over the open data channel.

• In Step 6, Based on the ATR information, a GET DATA command is issued by the back office server 30 to discover details of the card 20.

• In Step 7 a response to the command is sent back, which is then processed in the back office server 30. (It is also possible that the card detection and discovery process, which does not need any type of authentication is performed by the mobile phone application 17 and the result of this communication is transmitted to the back office server 30 together with the information specifying the business requirements.)

• Having identified details of the secure element, in Step 8 a SELECT command is issued by the back office server 30 which queries the card 20 for a specific AID (Application ID) - this AID is either the AID of the ISD or that of a specific application.

• In Step 9 response to the SELECT command is sent back to the back office server 30.

• Having discovered the requested AID on the external secure element 20 the remote back office server 30 may proceed with the intended secure element management transaction (loading content, or loading an application, etc. ) either on its own - if it already possesses the necessary security keys - or in cooperation with the issuer of the secure element 20. The interaction starts with opening an end-to-end secure communication channel 40 in Step 10 between the external secure element 20 and the back office server 30 using the NFC antenna 15 of the communication device 10 to communicate with the secure element 20. Based on the type of secure element management activity to be carried out secure channel protocol may need to be used. A suitable protocol is the Secure Channel Protocol specified by Global Platform.

• Once the secure communication channel 40 has been established in Step 1 1, all conditions are set to perform the remote secure element management transactions in Step 12. Possible remote secure element management activities comprise application life-cycle management transactions including but not limited to loading, installation, instantiation, personalization, activation, blocking, unblocking and deletion of an application, optionally with the establishment or deletion of dedicated security domain 24a if necessary. The remote secure element management activities may also comprise application in-life management transactions including, but not limited to loading and deletion of content, top-up, renewal and counter reset.

In the following the procedures according to the invention are presented in more details through examples.

Example 1 :

A hotel guest having a loyalty card in the form of a chip card (JAVA card) from a hotel is making a reservation on the hotel's web site. In contrast to ordinary bookings in this example the guest is not only allowed to define the arrival and check out dates of his stay and the preferred room type, but may also select the specific room, where he wishes to stay. When the reservation is completed and payment is made details of the reservation are sent to his mobile phone 10, which is a smart phone, for example a Samsung Galaxy S3 with NFC capability. In the mobile phone 10 there is an application 17 present which has been downloaded from Google Play and which serves to receive the details of the booking. As the reservation is already paid and confirmed and the details not only contain the dates of the stay but also the designated room number, the guest may go ahead and prepare his own key before arrival to the hotel. By being able to acquire the room key in advance the guest avoids waiting for the check-in upon arrival. The guest does not need to do anything else but start the hotel application 17 in the phone, select the "Activate key" command and when prompted move the loyalty card 20 of the hotel to the NFC antenna 15 of the mobile phone 10. When the command was initiated the application 17 running on the mobile phone 10 requested the NFC antenna 15 to report when a smart card 10 is present. The antenna 15 recognizes the card 20 in its proximity and notifies the application 17 that there is a card 20 present which can be communicated with. The mobile application 17 opens a data channel to the reservation back office server 30 of the hotel, requests preparation of the room key and transmits information identifying the specific booking of the guest. The reservation back office server 30, using the already open data channel to the mobile handset starts communication with the external loyalty card 20 which is still within reach of the NFC antenna 15. Initially, the server 30 identifies the secure element 20, looks for the necessary application on the microchip 21, establishes a secure communication channel 40 to the card 20 using the Secure Channel Protocol as described by the Global Platform specification. The secure communication channel 40 goes from the reservation back office server 30 through the open data channel to the mobile phone 10, uses the mobile application 17 as a proxy, and continues from the phone 10 through the NFC antenna 15 to the external secure element 20, which is the loyalty card in the present example. When the secure communication channel 40 is established the loader module 35 of the reservation back office server 30 sends down to the secure element 20 the APDU commands, as specified by the ISO 18092 standard, using the Global Platform confidential card content management commands, which contain the entry key information for accessing the room of the guest. When the loading of the key has been successfully completed which may take between 10 to 20 seconds the guest is informed that he may remove the plastic chip card 20 from the antenna 15 and is ready to use the key upon his arrival to the hotel. When the guest arrives he has nothing else to do just proceed directly to his selected room, touch his loyalty (now also key) card 20 to the lock and the door will open.

When the guest leaves the hotel - checks out - and does not need the room key anymore, he simply starts the mobile application 17, selects the delete key command, and when prompted to present his card 20 to the phone's 10 antenna 15 the expired content will be removed from the microchip 21.

Example 2:

There are numerous co-branded cards in circulation which let users like airline passengers earn mileages with their purchases or bank customers gain benefits with their spending at specific stores; but beyond these benefits the existing cards lack real interoperability, they fail to demonstrate the real cooperation of the companies involved.

With the present invention it is possible for a bank - with its millions of chip cards 20 issued - or a department store or any other card issuer to host its co-branded partner(s) on its own card 20, to establish dual or even multiple services on a single plastic smart card 20 with a contactless microchip 21.

According to the present example the customer of a bank has a contactless credit card 20. When she receives the new card she finds a leaflet inserted in the mail explaining that the bank provides the opportunity to load a frequent flyer card onto the same bank card 20 from a specific airline. The customer being a frequent flyer of the specific airline and being fed up with the many different plastics in her purse decides to use this offer. She proceeds as the leaflet describes and downloads the mobile application 17 of the airline from Google Play onto her mobile phone 10. After registering and signing-in, she selects the "Load card" command. The mobile application 17 requests her to present her bank card 20 to the NFC antenna 15 of her phone 10. From this point on she only has to wait about 30 seconds while the mobile application 17 connects to the airline back office server 30, sends her frequent flyer details, the back office server 30 then connects to the card 20 that is still active with the antenna 15 of her mobile phone 10, establishes a secure channel 40, and loads its own application into a dedicated security domain 24a within the internal memory 24 of the microchip 21 on the card 20 which security domain 24a has already been prepared for the airline and for which it also has the necessary keys and loading credentials. After the new airline loyalty application has been personalized and activated the customer is advised that the transaction has been completed successfully, may remove the card 20 from the antenna 15, and now she has a dual purpose card 20, good for banking and enjoying diverse loyalty benefits.

Clearly various modifications of the above described embodiments will be apparent to a person skilled in the art without departing from the scope of protection determined by the attached claims.

Claims

1. Procedure for the remote management of an external secure element characterized by
- providing a communication device (10) having an NFC antenna (15) and having a communication network interface (16) for connecting to a remote back office server (30) configured to perform remote secure element management activities,
- detecting the external secure element (20) by the NFC antenna (15) of the communication device (10),
- establishing data communication with the remote back office server (30) over a communication network (70) using the communication network interface (16),
- using the communication device (10) as a proxy to establish an end-to-end secure communication channel (40) between the secure element (20) and the remote back office server (30) in order to allow the back office server (30) to perform remote secure element management activities, and
- using the NFC antenna (15) of the communication device (10) to communicate with the secure element (20).
2. The procedure according to claim 1, characterised by providing one or more applications (17) on the communication device (10) for:
- receiving a notification about the detection of the presence of the external secure element,
- establishing the data communication with the remote back office server (30) over the communication network (70) using the communication network interface (16),
- using the application (17) as the proxy to establish an end-to-end secure communication channel (40) between the external secure element (20) and the remote back office server (30) through the NFC antenna 15 of the communication device (10).
3. The procedure according to claim 2, characterised by providing the application(s) (17) as part of an operating system of the communication device (10).
4. The procedure according to any of claims 1 to 3, characterised by that the remote secure element management activities comprise application life-cycle management transactions including but not limited to loading, installation, instantiation, personalization, activation, blocking, unblocking and deletion of an application, optionally with the establishment or deletion of one or more dedicated security domains (24a) if necessary.
5. The procedure according to any of claims 1 to 3, characterised by that the remote secure element management activities comprise application in-life management transactions including, but not limited to loading and deletion of content, top-up, renewal and counter reset.
6. The procedure according to any of claims 1 to 5, characterised by performing secure communication over the secure communication channel (40) established by using the Secure Channel Protocol specified by Global Platform.
7. Communication device having an NFC antenna (15) and having a communication network interface (16) for connecting to a remote back office server (30) configured to perform remote secure element management activities, characterised by comprising one or more applications (17) being configured to:
- detect the external secure element (20) by the NFC antenna (15) of the communication device (10),
- establish data communication with the remote back office server (30) over a communication network (70) using the communication network interface (16),
- act as a proxy for establishing an end-to-end secure communication channel (40) between the secure element (20) and the remote back office server (30) in order to allow the back office server (30) to perform remote secure element management activities, and
- use the NFC antenna (15) of the communication device (10) to communicate with the secure element (20).
8. The communication device (10) according to claim 7, characterised by that the one or more applications (17) are part of the operating system of the communication device (10).
9. Procedure for the remote management of an external secure element characterized by - providing a back office server (30) that is connectable to a remote communication device (10) having an NFC antenna (15) over a communication network (70),
- establishing data communication with the remote communication device (10) over the communication network (70),
- using the communication device (10) as a proxy to establish an end-to-end secure communication channel (40) between the secure element (20) and the back office server (30), wherein the NFC antenna (15) of the communication device (10) is used to communicate with the secure element (20),
- sending APDU commands to the secure element (20) by the back office server (30) over the secure communication channel (40) in order to perform remote secure element management activities.
PCT/HU2014/000119 2013-12-07 2014-12-04 Procedure for the remote management of secure elements and communication device for carrying out such procedure WO2015082946A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
HU1300708 2013-12-07
HUP1300708 2013-12-07

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
HU1600563A HU1600563A2 (en) 2013-12-07 2014-12-04 Procedure for the remote management of secure elements and communication device for carrying out such procedure

Publications (2)

Publication Number Publication Date
WO2015082946A2 true WO2015082946A2 (en) 2015-06-11
WO2015082946A3 WO2015082946A3 (en) 2015-07-30

Family

ID=53274231

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/HU2014/000119 WO2015082946A2 (en) 2013-12-07 2014-12-04 Procedure for the remote management of secure elements and communication device for carrying out such procedure

Country Status (2)

Country Link
HU (1) HU1600563A2 (en)
WO (1) WO2015082946A2 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010128442A2 (en) * 2009-05-03 2010-11-11 Logomotion, S.R.O. A payment terminal using a mobile communication device, such as a mobile phone; a method of direct debit payment transaction
US20120124659A1 (en) * 2010-11-17 2012-05-17 Michael Craft System and Method for Providing Diverse Secure Data Communication Permissions to Trusted Applications on a Portable Communication Device
US20130024280A1 (en) * 2005-12-31 2013-01-24 Blaze Mobile, Inc. Nfc transactions using a user id embedded within secure element for processing at remote server
WO2013033612A1 (en) * 2011-08-31 2013-03-07 Activldentity Mobile credential revocation
WO2013088180A1 (en) * 2011-12-14 2013-06-20 Budapesti Műszaki és Gazdaságtudományi Egyetem Method and internet terminal for remotely performing operations on a secure element connected to a communication device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130024280A1 (en) * 2005-12-31 2013-01-24 Blaze Mobile, Inc. Nfc transactions using a user id embedded within secure element for processing at remote server
WO2010128442A2 (en) * 2009-05-03 2010-11-11 Logomotion, S.R.O. A payment terminal using a mobile communication device, such as a mobile phone; a method of direct debit payment transaction
US20120124659A1 (en) * 2010-11-17 2012-05-17 Michael Craft System and Method for Providing Diverse Secure Data Communication Permissions to Trusted Applications on a Portable Communication Device
WO2013033612A1 (en) * 2011-08-31 2013-03-07 Activldentity Mobile credential revocation
WO2013088180A1 (en) * 2011-12-14 2013-06-20 Budapesti Műszaki és Gazdaságtudományi Egyetem Method and internet terminal for remotely performing operations on a secure element connected to a communication device

Also Published As

Publication number Publication date
WO2015082946A3 (en) 2015-07-30
HU1600563A2 (en) 2016-12-28

Similar Documents

Publication Publication Date Title
US7707113B1 (en) Method and system for setting levels of electronic wallet security
US9183491B2 (en) System and method for providing contactless payment with a near field communications attachment
US9898728B2 (en) System and method for one-time payment authorization in a portable communication device
US9195983B2 (en) System and method for a secure cardholder load and storage device
CN102047223B (en) Method and apparatus for automatic near field communication application selection in an electronic device
Coskun et al. Near field communication (NFC): From theory to practice
AU2008298677B2 (en) Wirelessly executing financial transactions
US9854383B2 (en) Method and system for managing multiple applications in near field communication
JP4945718B2 (en) Dynamic process specified for the contacts of the subscriber smart card within the mobile terminal
US20080167017A1 (en) Mobile payment management
US20120174189A1 (en) System and method for managing ota provisioning applications through use of profiles and data preparation
EP2421216B1 (en) Enhanced near field communication terminal, smart card and communication method thereof
JP4819942B2 (en) Data communication in an electronic device
US20120310760A1 (en) Mobile device automatic card account selection for a transaction
AU2013266229B2 (en) Systems, methods, and computer program products for providing a contactless protocol
US20120123868A1 (en) System and Method for Physical-World Based Dynamic Contactless Data Emulation in a Portable Communication Device
US8818867B2 (en) Security token for mobile near field communication transactions
RU2489813C2 (en) Method and apparatus for automatic application selection in electronic device using multiple discovery managers
AU2007249461B2 (en) System and method for activating telephone-based payment instrument
JP5744327B2 (en) Application parameters configuring the mobile terminal, associated devices and systems
US10223743B2 (en) Communication system providing near field communication (NFC) transaction features and related methods
EP2556596B1 (en) Systems, methods, and computer readable media for performing multiple transactions through a single near field communication (nfc) tap
CN101904117B (en) Coupling a plurality of switching between modes
US8712325B2 (en) Device, system, and method for logging near field communications tag interactions
EP2852070A1 (en) Wireless communication device for providing at least one near field communication service

Legal Events

Date Code Title Description
NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14867727

Country of ref document: EP

Kind code of ref document: A2