公开(公告)号：WO2018057997A2

公开(公告)日：2018-03-29

申请号：PCT/US2017/053107

申请日：2017-09-22

Applicant: APPLE INC.

Inventor： SIBERT, Herve ,  ELRAD, Oren M. ,  HAUCK, Jerrold V. ,  TACKIN, Onur E. ,  ROSEN, Zachary A. ,  LERCH, Matthias

IPC: G06F21/31 ,  G06Q20/32 ,  G06F21/32 ,  H04W12/06

Abstract: Techniques are disclosed relating to secure data storage. In various embodiments, a mobile device includes a wireless interface, a secure element, and a secure circuit. The secure element is configured to store confidential information associated with a plurality of users and to receive a request to communicate the confidential information associated with a particular one of the plurality of users. The secure element is further configured to communicate, via the wireless interface, the confidential information associated with the particular user in response to an authentication of the particular user. The secure circuit is configured to perform the authentication of the particular user. In some embodiments, the mobile device also includes a biosensor configured to collect biometric information from a user of the mobile device. In such an embodiment, the secure circuit is configured to store biometric information collected from the plurality of users by the biosensor.

公开(公告)号：WO2017120011A1

公开(公告)日：2017-07-13

申请号：PCT/US2016/067007

申请日：2016-12-15

Applicant: APPLE INC.

Inventor： SCHAAP, Tristan F. ,  SAUERWALD, Conrad ,  MARCINIAK, Craig A. ,  HAUCK, Jerrold V. ,  PAPILION, Zachary F. ,  LEE, Jeffrey

IPC: H04W12/04 ,  H04W12/06 ,  G06F9/445

CPC classification number: H04L9/3252 ,  G06F8/654 ,  H04L9/0643 ,  H04L9/0866 ,  H04L9/14 ,  H04L9/3066 ,  H04L63/061 ,  H04L63/083 ,  H04L63/0861 ,  H04L63/0869 ,  H04L67/34 ,  H04L2209/80 ,  H04W4/80 ,  H04W12/04 ,  H04W12/06 ,  H04W76/14

Abstract: Techniques are disclosed relating to the secure communication of devices. In one embodiment, a first device is configured to perform a pairing operation with a second device to establish a secure communication link between the first device and the second device. The pairing operation includes receiving firmware from the second device to be executed by the first device during communication over the secure communication link, and in response to a successful verification of the firmware, establishing a shared encryption key to be used by the first and second devices during the communication. In some embodiments, the pairing operation includes receiving a digital signature created from a hash value of the firmware and a public key of the second device, and verifying the firmware by extracting the hash value from the digital signature and comparing the extracted hash value with a hash value of the received firmware.

Abstract translation: 公开了涉及设备的安全通信的技术。 在一个实施例中，第一设备被配置为执行与第二设备的配对操作以建立第一设备和第二设备之间的安全通信链路。 该配对操作包括：在通过安全通信链路进行通信期间从第二设备接收要由第一设备执行的固件，并且响应于固件的成功验证，建立要由第一和第二设备使用的共享加密密钥 在沟通过程中。 在一些实施例中，配对操作包括接收根据固件的散列值和第二设备的公钥来创建的数字签名，并且通过从数字签名中提取散列值并且将提取的散列值与 接收到的固件的哈希值。

公开(公告)号：EP4284046A3

公开(公告)日：2024-01-17

申请号：EP23202648.4

申请日：2017-06-02

Applicant: Apple Inc.

Inventor： BENSON, Wade ,  KROCHMAL, Marc J. ,  LEDWITH, Alexander R. ,  IAROCCI, John ,  HAUCK, Jerrold V. ,  BROUWER, Michael ,  ADLER, Mitchell D. ,  SIERRA, Yannick L.

IPC: H04W8/00 ,  H04W12/086 ,  H04W12/06 ,  H04W12/0431 ,  H04W12/041 ,  H04L9/40

Abstract: There is provided a method comprising announcing, by a proxy device (830), an availability of a trusted device (520); in response to the announced availability, receiving, by the proxy device (830), a first request (850) from a target device (510); and upon receiving the first request from the target device (510), sending, by the proxy device (830), a second request to the trusted device (520), wherein the second request (855) comprises a request for the trusted device (520) to announce its availability directly to the target device (510) from which the first request was received, and the trusted device (520) establishes a communication connection with the target device (510) based on the second request.

公开(公告)号：EP3400730A1

公开(公告)日：2018-11-14

申请号：EP16822351.9

申请日：2016-12-15

Applicant: Apple Inc.

Inventor： SCHAAP, Tristan F. ,  SAUERWALD, Conrad ,  MARCINIAK, Craig A. ,  HAUCK, Jerrold V. ,  PAPILION, Zachary F. ,  LEE, Jeffrey

IPC: H04W12/04 ,  H04W12/06 ,  G06F9/445

CPC classification number: H04L9/3252 ,  G06F8/654 ,  H04L9/0643 ,  H04L9/0866 ,  H04L9/14 ,  H04L9/3066 ,  H04L63/061 ,  H04L63/083 ,  H04L63/0861 ,  H04L63/0869 ,  H04L67/34 ,  H04L2209/80 ,  H04W4/80 ,  H04W12/04 ,  H04W12/06 ,  H04W76/14

Abstract: Techniques are disclosed relating to the secure communication of devices. In one embodiment, a first device is configured to perform a pairing operation with a second device to establish a secure communication link between the first device and the second device. The pairing operation includes receiving firmware from the second device to be executed by the first device during communication over the secure communication link, and in response to a successful verification of the firmware, establishing a shared encryption key to be used by the first and second devices during the communication. In some embodiments, the pairing operation includes receiving a digital signature created from a hash value of the firmware and a public key of the second device, and verifying the firmware by extracting the hash value from the digital signature and comparing the extracted hash value with a hash value of the received firmware.

公开(公告)号：EP3516567A2

公开(公告)日：2019-07-31

申请号：EP17780598.3

申请日：2017-09-22

Applicant: Apple Inc.

Inventor： SIBERT, Herve ,  ELRAD, Oren M. ,  HAUCK, Jerrold V. ,  TACKIN, Onur E. ,  ROSEN, Zachary A. ,  LERCH, Matthias

IPC: G06F21/31 ,  G06Q20/32 ,  G06F21/32 ,  H04W12/06

公开(公告)号：EP3417663A2

公开(公告)日：2018-12-26

申请号：EP17733582.5

申请日：2017-04-14

Applicant: Apple Inc.

Inventor： HAUCK, Jerrold V. ,  MARQUEZ, Alejandro J. ,  PAASKE, Timothy R. ,  SEN, Indranil S. ,  SIBERT, Herve ,  SIERRA, Yannick L. ,  THIARA, Raman S.

IPC: H04W64/00 ,  H04W12/02

CPC classification number: H04W64/00 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06

Abstract: A secure ranging system can use a secure processing system to deliver one or more ranging keys to a ranging radio on a device, and the ranging radio can derive locally at the system ranging codes based on the ranging keys. A deterministic random number generator can derive the ranging codes using the ranging key and one or more session parameters, and each device (e.g. a cellular telephone and another device) can independently derive the ranging codes and derive them contemporaneously with their use in ranging operations.

公开(公告)号：EP4284046A2

公开(公告)日：2023-11-29

申请号：EP23202648.4

申请日：2017-06-02

Applicant: Apple Inc.

Inventor： BENSON, Wade ,  KROCHMAL, Marc J. ,  LEDWITH, Alexander R. ,  IAROCCI, John ,  HAUCK, Jerrold V. ,  BROUWER, Michael ,  ADLER, Mitchell D. ,  SIERRA, Yannick L.

IPC: H04W12/086

Abstract: There is provided a method comprising announcing, by a proxy device (830), an availability of a trusted device (520); in response to the announced availability, receiving, by the proxy device (830), a first request (850) from a target device (510); and upon receiving the first request from the target device (510), sending, by the proxy device (830), a second request to the trusted device (520), wherein the second request (855) comprises a request for the trusted device (520) to announce its availability directly to the target device (510) from which the first request was received, and the trusted device (520) establishes a communication connection with the target device (510) based on the second request.

公开(公告)号：EP3149682A1

公开(公告)日：2017-04-05

申请号：EP15725203.2

申请日：2015-05-15

Applicant: Apple Inc.

Inventor： KHAN, Ahmer A. ,  NOVICK, Gregory B. ,  HAUCK, Jerrold V. ,  VORA, Saket R. ,  PEREZ, Yehonatan

IPC: G06Q20/32 ,  G06Q20/34 ,  G06Q20/40 ,  G06Q20/36 ,  H04W52/00

CPC classification number: G06Q20/3227 ,  G06Q20/32 ,  G06Q20/3278 ,  G06Q20/352 ,  G06Q20/353 ,  G06Q20/367 ,  G06Q20/382 ,  G06Q20/4018 ,  G06Q20/4097 ,  G06Q20/40975

Abstract: Methods for operating a portable electronic device to conduct a mobile payment transaction at a merchant terminal are provided. The electronic device may verify that the current user of the device is indeed the authorized owner by requiring the current user to enter a passcode. If the user is able to provide the correct passcode, the device is only partly ready to conduct a mobile payment. In order for the user to fully activate the payment function, the user may have to supply a predetermined payment activation input such as a double button press that notifies the device that the user intends to perform a financial transaction in the immediate future. The device may subsequently activate a payment applet for a predetermined period of time during which the user may hold the device within a field of the merchant terminal to complete a near field communications based mobile payment transaction.

Abstract translation: 是提供一种用于操作便携式电子装置在商家终端进行移动支付交易的方法。 该电子设备可以验证设备的DASS模具currentuser确实通过要求当前用户输入密码的授权的拥有者。 如果用户能够提供正确的密码，设备只是部分准备进行移动支付。 为了充分激活支付功能的用户，用户可能必须提供预定给付激活输入：如双按下按钮没有通知设备所做的用户意图在不久的将来进行金融交易。 该设备可以随后激活支付Java应用程序的时间这期间，用户可容纳商户终端的一个领域内的设备来完成一个基于近场通信移动支付交易的预定时间。

公开(公告)号：EP3072047A1

公开(公告)日：2016-09-28

申请号：EP14816001.3

申请日：2014-11-21

Applicant: Apple Inc.

Inventor： ZIAT, Mehdi ,  SHARP, Christopher ,  MCLAUGHLIN, Kevin P. ,  LI, Li ,  HAUCK, Jerrold V. ,  VAID, Yousuf H.

IPC: G06F9/445 ,  G06F15/177 ,  G06F9/50

CPC classification number: H04W8/22 ,  G06F9/44505 ,  G06F9/5011

Abstract: ABSTRACT Systems and methods for validating and applying modifications to a policy control function (PCF) of a station. The methods include generating a PCF package including a modification to a PCF, and determining whether the PCF package is to be transmitted to the station by a first or second entity. The methods further include when the PCF package is to be transmitted by the first entity, including a first signature of the first entity in a deliverer field of the PCF package, and when the PCF package is to be transmitted by the second entity, including the first signature in an owner field and a second signature of the second entity in the deliverer field. The methods further include receiving the PCF package from the first or second entity, determining whether the PCF package is valid, and applying the modification when it is determined the PCF package is valid.

公开(公告)号：EP2923478A1

公开(公告)日：2015-09-30

申请号：EP13802185.2

申请日：2013-11-20

Applicant: Apple Inc.

Inventor： SHARP, Christopher B. ,  VAID, Yousuf H. ,  LI, Li ,  HAUCK, Jerrold V. ,  MATHIAS, Arun G. ,  YANG, Xiangying ,  MCLAUGHLIN, Kevin P.

IPC: H04L29/06 ,  H04W12/08

CPC classification number: G06F21/604 ,  H04L63/102 ,  H04L63/105 ,  H04L63/20 ,  H04W12/08 ,  H04W12/0806

Abstract: A policy-based framework is described. This policy-based framework may be used to specify the privileges for logical entities to perform operations associated with an access-control element (such as an electronic Subscriber Identity Module) located within a secure element in an electronic device. Note that different logical entities may have different privileges for different operations associated with the same or different access-control elements. Moreover, the policy-based framework may specify types of credentials that are used by the logical entities during authentication, so that different types of credentials may be used for different operations and/or by different logical entities. Furthermore, the policy-based framework may specify the security protocols and security levels that are used by the logical entities during authentication, so that different security protocols and security levels may be used for different operations and/or by different logical entities.