公开(公告)号：WO2015073264A1

公开(公告)日：2015-05-21

申请号：PCT/US2014/063944

申请日：2014-11-04

Applicant: APPLE INC.

Inventor： VAID, Yousuf H. ,  DICKER, George R. ,  KHAN, Ahmer A. ,  SHARP, Christopher B. ,  STEELE, Glen W. ,  ADAMS, Christopher D. ,  HAGGERTY, David T.

IPC: G06Q20/02 ,  G06Q20/04 ,  G06Q20/32

CPC classification number: G06Q20/3278 ,  G06Q20/02 ,  G06Q20/0453 ,  G06Q20/10 ,  G06Q20/327

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, a secure element in the electronic device receives, from a third party, a notification associated with a financial transaction. This third party may be independent of a counterparty in the financial transaction, such as: a provider of the electronic device or a payment network that processes payment for the financial transaction. In response to the notification, the secure element requests, from the third party, receipt information associated with the financial transaction, and then receives the receipt information from the third party. This receipt information may include a first-level information, such as payment status. Alternatively or additionally, the receipt information may include a second-level information, such as an itemized list of purchased items, links to information and/or discounts.

Abstract translation: 为了通过电子设备和另一电子设备之间的无线通信进行金融交易，电子设备中的安全元件从第三方接收与金融交易相关联的通知。 该第三方可能独立于金融交易中的交易对手，例如：电子设备的提供商或处理金融交易支付的支付网络。 响应于通知，安全元件从第三方请求与金融交易相关联的收据信息，然后从第三方接收收据信息。 该收据信息可以包括诸如付款状态的第一级信息。 或者或另外，收据信息可以包括第二级信息，诸如所购项目的逐项列表，到信息和/或折扣的链接。

公开(公告)号：WO2022260851A2

公开(公告)日：2022-12-15

申请号：PCT/US2022/030567

申请日：2022-05-23

Applicant: APPLE INC.

Inventor： VILLANUEVA GAVIOLA, Haya Iris ,  ALLEN, Antonio A. ,  CHUNG, Ho Cheung ,  DESHPANDE, Mayura D. ,  FASOLI, Gianpaolo ,  GANESH, Vinay ,  GRAFF, Irene M. ,  HARING, Martijn Theo ,  KHAN, Ahmer A. ,  MILLER, Thomas John ,  RAKOTOMALALA, Franck Farian ,  SCOTT, Gordon ,  SHARP, Christopher ,  SILVER, David W. ,  WOOD, Policarpo Bonilla, Jr. ,  YANG, Ka

IPC: G06V40/16 ,  G06V40/40 ,  G06F21/00 ,  G06F21/44 ,  G06V40/45

Abstract: The present disclosure generally relates to digital identification credential user interfaces.

公开(公告)号：WO2015102790A1

公开(公告)日：2015-07-09

申请号：PCT/US2014/068100

申请日：2014-12-02

Applicant: APPLE INC.

Inventor： KHAN, Ahmer A. ,  HURLEY, Timothy S.

IPC: G06Q20/32

CPC classification number: G06Q20/32 ,  G06Q20/223 ,  G06Q20/3226 ,  G06Q20/3278 ,  G06Q20/3821

Abstract: Using electronic devices (such as cellular telephones) that communicate wirelessly, two individuals can make person-to-person payments. In particular, an individual using an electronic device may identify another proximate electronic device of a counterparty in a financial transaction, and may provide an encrypted payment packet to the other electronic device that includes: a financial credential for a financial account of the individual, a payment amount, and a payment sign. When the other electronic device receives the encrypted payment applet, the counterparty may accept the payment in the financial transaction specified by the encrypted payment packet. Then, the other electronic device may provide the encrypted payment packet and another encrypted payment packet (with a financial credential for a financial account of the counterparty, the payment amount and the opposite payment sign) to a third party that completes the financial transaction.

Abstract translation: 使用无线通信的电子设备（如蜂窝电话），两个人可以进行个人对人的付款。 特别地，使用电子设备的个人可以识别金融交易中对方方的另一邻近的电子设备，并且可以向另一电子设备提供加密的支付分组，其包括：用于个人的金融账户的财务凭证， 付款金额和付款标志。 当另一电子设备接收到加密的支付小程序时，对方可以接受由加密的支付分组指定的金融交易中的支付。 然后，另一个电子设备可以向完成金融交易的第三方提供加密的支付分组和另一个加密的支付分组（具有对方方的金融账户的财务凭证，支付金额和相反的支付符号）。

公开(公告)号：EP3069308A1

公开(公告)日：2016-09-21

申请号：EP14799311.7

申请日：2014-11-04

Applicant: Apple Inc.

Inventor： DICKER, George R. ,  SHARP, Christopher B. ,  KHAN, Ahmer A. ,  VAID, Yousuf H. ,  STEELE, Glen W. ,  ADAMS, Christopher D. ,  HAGGERTY, David T.

IPC: G06Q20/02 ,  G06Q20/04 ,  G06Q20/32 ,  G06Q20/38

CPC classification number: G06Q20/382 ,  G06Q20/02 ,  G06Q20/0453 ,  G06Q20/327 ,  G06Q20/3827 ,  G06Q20/385

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device. The electronic device may also associate receipt information, which is subsequently received from a third party (such as the payment network), with the financial transaction by comparing the determined unique transaction identifier to the computed unique transaction identifier.

公开(公告)号：WO2021071814A1

公开(公告)日：2021-04-15

申请号：PCT/US2020/054363

申请日：2020-10-06

Applicant: APPLE INC.

Inventor： YANG, Xiangying ,  KHAN, Ahmer A. ,  HARING, Martijn T.

IPC: G06F21/30 ,  H04L9/32 ,  H04L29/06 ,  H04W12/06

Abstract: Techniques are disclosed relating to authenticating a user with a mobile device. In some embodiments, a computing device stores a first signed attestation indicating an ability of the computing device to securely perform a user authentication. The computing device receives a request to store credential information of an identification document issued by an issuing authority to a user for establishing an identity of the user. In response to the request, the computing device sends, to the issuing authority, a request to store the credential information, the sent request including the first signed attestation to indicate an ability to perform a user authentication prior to permitting access to the credential information. In response to an approval of the sent request based on the first signed attestation, the computing device stores the credential information in a secure element of the computing device.

公开(公告)号：WO2015102944A1

公开(公告)日：2015-07-09

申请号：PCT/US2014/071481

申请日：2014-12-19

Applicant: APPLE INC.

Inventor： KHAN, Ahmer A. ,  LINDE, Joakim ,  ZIAT, Mehdi

IPC: G06F21/51 ,  H04W4/00 ,  G06F9/445

CPC classification number: G06F8/65 ,  G06F21/57 ,  H04L9/3247 ,  H04L67/06 ,  H04L67/306 ,  H04L67/34 ,  H04L67/42 ,  H04W4/60 ,  H04W12/06

Abstract: An electronic device (such as a cellular telephone) automatically installs and personalizes updates to an applet on a secure element in the electronic device. In particular, when a digitally signed update package containing the update is received from an updating device (such as a server), the secure element identifies any previous versions of the applet installed on the secure element. If there are any previously installed versions, the secure element verifies the digital signature of the update package using an encryption key associated with a vendor of the secure element. Then, the secure element uninstalls the previous versions of the applet and exports the associated user data. Next, the secure element installs the update to the applet, and personalizes the new version of the applet using the user data.

Abstract translation: 电子设备（例如蜂窝电话）在电子设备中的安全元件上自动安装并个性化对小应用程序的更新。 特别地，当从更新设备（例如服务器）接收到包含更新的数字签名的更新包时，安全元件识别安装在安全元件上的小应用程序的任何先前版本。 如果有任何先前安装的版本，则安全元件使用与安全元件的供应商相关联的加密密钥验证更新包的数字签名。 然后，安全元素会卸载以前版本的applet并导出关联的用户数据。 接下来，安全元件将更新安装到小程序，并使用用户数据个性化新版本的小应用程序。

公开(公告)号：WO2015073263A1

公开(公告)日：2015-05-21

申请号：PCT/US2014/063939

申请日：2014-11-04

Applicant: APPLE INC.

Inventor： DICKER, George R. ,  SHARP, Christopher B. ,  KHAN, Ahmer A. ,  VAID, Yousuf H. ,  STEELE, Glen W. ,  ADAMS, Christopher D. ,  HAGGERTY, David T.

IPC: G06Q20/02 ,  G06Q20/04 ,  G06Q20/32 ,  G06Q20/38

CPC classification number: G06Q20/382 ,  G06Q20/02 ,  G06Q20/0453 ,  G06Q20/327 ,  G06Q20/3827 ,  G06Q20/385

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device. The electronic device may also associate receipt information, which is subsequently received from a third party (such as the payment network), with the financial transaction by comparing the determined unique transaction identifier to the computed unique transaction identifier.

Abstract translation: 为了通过电子设备和另一电子设备之间的无线通信进行金融交易，电子设备基于传送到另一电子设备的金融账户信息确定用于金融交易的唯一交易标识符。 财务账户信息指定用于支付金融交易的金融账户。 此外，唯一交易标识符可能能够由与金融交易相关联的一个或多个其他实体（诸如金融交易中的交易对手或处理金融交易支付的支付网络）独立计算， 由便携式电子设备传送的帐户信息。 电子设备还可以将随后从第三方（例如支付网络）接收到的接收信息与金融交易相关联，通过将确定的唯一交易标识符与所计算的唯一交易标识符进行比较。

公开(公告)号：WO2015102943A1

公开(公告)日：2015-07-09

申请号：PCT/US2014/071477

申请日：2014-12-19

Applicant: APPLE INC.

Inventor： HAGGERTY, David T. ,  DICKER, George R. ,  KHAN, Ahmer A. ,  SHARP, Christopher B. ,  HURLEY, Timothy S. ,  CHADHA, Vineet

IPC: G06Q20/32 ,  G06Q20/40

CPC classification number: G06Q20/3226 ,  G06Q20/322 ,  G06Q20/40 ,  G06Q20/4014 ,  H04W8/22

Abstract: If a user loses an electronic device that has the capability to conduct financial transactions, the user may report that the electronic device is lost using a lost-device software application to a management electronic device associated with a provider of the electronic device. In response to receiving this information, a disabling command is sent to a payment network associated with the financial account of the user to temporarily disable use of the electronic device to conduct the financial transactions. In particular, the electronic device may include a secure element that stores a payment applet for a financial account, and the disabling command may disable a mapping from a virtual identifier for the financial account to a financial primary account number. Subsequently, if the user finds the electronic device, the user may re-enable the capability (and, thus, the mapping) by providing authentication information to the electronic device.

Abstract translation: 如果用户丢失了具有进行金融交易能力的电子设备，则用户可以使用丢失的设备软件应用向与电子设备的提供商相关联的管理电子设备报告电子设备丢失。 响应于接收到该信息，禁用命令被发送到与用户的财务帐户相关联的支付网络，以暂时禁止使用电子设备进行金融交易。 特别地，电子设备可以包括存储用于金融帐户的支付小应用程序的安全元件，并且禁用命令可以禁用从财务帐户的虚拟标识符到财务主帐号的映射。 随后，如果用户发现电子设备，则用户可以通过向电子设备提供认证信息来重新启用能力（并且因此映射）。

公开(公告)号：WO2014124108A1

公开(公告)日：2014-08-14

申请号：PCT/US2014/015050

申请日：2014-02-06

Applicant: APPLE INC.

Inventor： HAGGERTY, David T. ,  KHAN, Ahmer A. ,  SHARP, Christopher ,  HAUCK, Jerrold Von ,  LINDE, Joakim ,  MCLAUGHLIN, Kevin P. ,  ZIAT, Mehdi ,  VAID, Yousuf H.

IPC: G06Q20/40

CPC classification number: G06Q20/36 ,  G06Q20/1235 ,  G06Q20/3227 ,  G06Q20/3552 ,  G06Q20/382

Abstract: Methods and apparatus for the deployment of financial instruments and other assets are disclosed. In one embodiment, a security software protocol is disclosed that guarantees that the asset is always securely encrypted, that one and only one copy of an asset exists, and the asset is delivered to an authenticated and/or authorized customer. Additionally, exemplary embodiments of provisioning systems are disclosed that are capable of, among other things, handling large bursts of traffic (such as can occur on a so-called "launch day" of a device).

Abstract translation: 披露部署金融工具和其他资产的方法和手段。 在一个实施例中，公开了一种安全软件协议，其保证资产始终被安全地加密，存在资产的一个且仅一个副本，并且该资产被传递给认证的和/或授权的客户。 此外，公开了供应系统的示例性实施例，其能够处理大量业务突发（例如可能发生在设备的所谓“启动日”）。

公开(公告)号：WO2013095747A1

公开(公告)日：2013-06-27

申请号：PCT/US2012/058123

申请日：2012-09-28

Applicant: APPLE INC.

Inventor： KHAN, Ahmer A.

IPC: H04L9/08 ,  H04L9/32

CPC classification number: H04L63/062 ,  G06F21/72 ,  G06Q20/3229 ,  G06Q20/3829 ,  H04L9/0877 ,  H04L9/0891 ,  H04L9/3234 ,  H04W12/04

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for key management for Issuer Security Domain (ISD) using GlobalPlatform Specifications. A client receives from a server an authorization to update a first ISD keyset. The client encrypts, via a client-side secure element, a second ISD keyset with a server public key. The client sends the encrypted second ISD keyset to the server for updating the first ISD keyset with the encrypted second ISD keyset. Prior to updating, the client generates the first ISD keyset at a vendor and sends the first ISD keyset to the client-side secure element and sends the first ISD keyset encrypted with the server public key to the server. The disclosed method allows for updating of an ISD keyset of which only the client-side secure element and a server have knowledge.

Abstract translation: 本文公开了使用GlobalPlatform规范的发行商安全域（ISD）的密钥管理的系统，方法和非暂时的计算机可读存储介质。 客户端从服务器接收更新第一个ISD密钥集的授权。 客户端通过客户端安全元素加密具有服务器公钥的第二ISD密钥集。 客户机将加密的第二ISD密钥集发送到服务器，用于用加密的第二ISD密钥集来更新第一ISD密钥集。 在更新之前，客户端在供应商处生成第一个ISD密钥集，并将第一个ISD密钥集发送到客户端安全元素，并将用服务器公钥加密的第一个ISD密钥集发送到服务器。 所公开的方法允许更新只有客户端安全元件和服务器具有知识的ISD密钥集。