公开(公告)号：WO2018057997A3

公开(公告)日：2018-03-29

申请号：PCT/US2017/053107

申请日：2017-09-22

Applicant: APPLE INC.

Inventor： SIBERT, Herve ,  ELRAD, Oren M. ,  HAUCK, Jerrold V. ,  TACKIN, Onur E. ,  ROSEN, Zachary A. ,  LERCH, Matthias

IPC: G06F21/31 ,  G06Q20/32 ,  G06F21/32 ,  H04W12/06

Abstract: Techniques are disclosed relating to secure data storage. In various embodiments, a mobile device includes a wireless interface, a secure element, and a secure circuit. The secure element is configured to store confidential information associated with a plurality of users and to receive a request to communicate the confidential information associated with a particular one of the plurality of users. The secure element is further configured to communicate, via the wireless interface, the confidential information associated with the particular user in response to an authentication of the particular user. The secure circuit is configured to perform the authentication of the particular user. In some embodiments, the mobile device also includes a biosensor configured to collect biometric information from a user of the mobile device. In such an embodiment, the secure circuit is configured to store biometric information collected from the plurality of users by the biosensor.

Abstract translation: 公开了涉及安全数据存储的技术。 在各种实施例中，移动设备包括无线接口，安全元件和安全电路。 安全元件被配置为存储与多个用户相关联的机密信息并且接收传送与多个用户中的特定一个用户相关联的机密信息的请求。 安全元件还被配置为响应于特定用户的认证，经由无线接口传送与特定用户相关联的机密信息。 安全电路被配置为执行特定用户的认证。 在一些实施例中，移动设备还包括被配置成从移动设备的用户收集生物测定信息的生物传感器。 在这样的实施例中，安全电路被配置为存储由生物传感器从多个用户收集的生物信息。

公开(公告)号：WO2019241047A1

公开(公告)日：2019-12-19

申请号：PCT/US2019/035937

申请日：2019-06-07

Applicant: APPLE INC.

Inventor： GALDO, Florian ,  MARTIN, Stephanie R. ,  SIERRA, Yannick L. ,  KRSTIC, Ivan ,  VOLKERT, Christopher A. ,  ABDULRAHIMAN, Najeeb M. ,  LERCH, Matthias ,  TACKIN, Onur E. ,  BROGLE, Kyle C.

IPC: H04L29/06 ,  G06F21/33 ,  H04L9/32 ,  H04W12/08 ,  H04W4/40 ,  H04W12/04 ,  B60R25/24 ,  G07C9/00 ,  B60R25/20

Abstract: Techniques are disclosed relating to sharing access to electronically-secured property. In some embodiments, a first computing device having a first secure element receives, from a second computing device associated with an owner of the electronically-secured property, an indication that the second computing device has transmitted a token to server computing system, the token permitting a user of the first computing device access to the electronically-secured property. Based on the received indication, the first computing device sends a request for the transmitted token to the server computing system and, in response to receiving the requested token, securely stores the received token in the first secure element of the first computing device. The first computing device subsequently transmits the stored token from the first secure element of the first device to the electronically-secured property to obtain access to the electronically-secured property based on the token.

公开(公告)号：WO2018057997A2

公开(公告)日：2018-03-29

申请号：PCT/US2017/053107

申请日：2017-09-22

Applicant: APPLE INC.

Inventor： SIBERT, Herve ,  ELRAD, Oren M. ,  HAUCK, Jerrold V. ,  TACKIN, Onur E. ,  ROSEN, Zachary A. ,  LERCH, Matthias

IPC: G06F21/31 ,  G06Q20/32 ,  G06F21/32 ,  H04W12/06

Abstract: Techniques are disclosed relating to secure data storage. In various embodiments, a mobile device includes a wireless interface, a secure element, and a secure circuit. The secure element is configured to store confidential information associated with a plurality of users and to receive a request to communicate the confidential information associated with a particular one of the plurality of users. The secure element is further configured to communicate, via the wireless interface, the confidential information associated with the particular user in response to an authentication of the particular user. The secure circuit is configured to perform the authentication of the particular user. In some embodiments, the mobile device also includes a biosensor configured to collect biometric information from a user of the mobile device. In such an embodiment, the secure circuit is configured to store biometric information collected from the plurality of users by the biosensor.

公开(公告)号：WO2018048730A1

公开(公告)日：2018-03-15

申请号：PCT/US2017/049788

申请日：2017-08-31

Applicant: APPLE INC.

Inventor： ABDULRAHIMAN, Najeeb M. ,  LERCH, Matthias ,  DICKER, George R. ,  ELRAD, Oren ,  STEELE, Glen W. ,  AHN, Charles T. ,  TACKIN, Onur E. ,  SCOTT, Gordon Y.

IPC: G06Q20/40 ,  G06Q20/36 ,  G06Q20/32 ,  G06Q20/34

Abstract: A device implementing an express credential transaction system includes at least one processor configured to receive an indication that a payment applet for a service provider has been provisioned on a secure element of the device with a first attribute indicating that the payment applet can be utilized for a transaction without authentication associated with the transaction. The processor is configured to set the first attribute of the payment applet to indicate that authentication is required to utilize the payment applet when another payment applet for the service provider provisioned on the secure element of the device has an attribute that indicates the other payment applet can be utilized for the transaction without user authentication. The at least one processor is configured to control whether the user authentication is requested when utilizing the payment applet or the other payment applet, respectively, in transactions.

Abstract translation: 实施快递凭证交易系统的设备包括至少一个处理器，该至少一个处理器被配置为接收用于服务提供商的支付小应用程序已经在该设备的安全元件上被供应有第一属性的指示，该第一属性指示 支付小应用程序可用于没有与交易相关的认证的交易。 处理器被配置为设置支付小应用程序的第一属性以指示当设备的安全元件上提供的用于服务提供者的另一支付小应用程序具有指示其他支付小应用程序可以具有的属性时需要认证以利用支付小应用程序 在没有用户认证的情况下用于交易。 该至少一个处理器被配置为控制在交易中分别利用支付小应用程序或其他支付小应用程序时请求用户认证。

公开(公告)号：WO2018160863A1

公开(公告)日：2018-09-07

申请号：PCT/US2018/020494

申请日：2018-03-01

Applicant: APPLE INC.

Inventor： MATHIAS, Arun G. ,  GALDO, Florian ,  LERCH, Matthias ,  ABDULRAHIMAN, Najeeb M. ,  TACKIN, Onur E. ,  SIERRA, Yannick

IPC: H04L9/08 ,  H04L9/00 ,  H04L9/32

Abstract: Techniques are disclosed relating to electronic security, e.g., for authenticating a mobile electronic device to allow access to system functionality (e.g., physical access to the system, starting an engine/motor, etc.). In some embodiments, a system and mobile device exchange public keys of public key pairs during a pairing process. In some embodiments, an asymmetric transaction process includes generating a shared secret using a key derivation function over a key established using a secure key exchange (e.g., elliptic curve Diffie-Hellman), and verifying a signature of the system before transmitting any information identifying the mobile device. In various embodiments, disclosed techniques may increase transaction security and privacy of identifying information.

公开(公告)号：EP3570621A3

公开(公告)日：2019-12-25

申请号：EP19177637.6

申请日：2019-05-31

Applicant: Apple Inc.

Inventor： LERCH, Matthias ,  KHAN, Ahmer A. ,  ELRAD, Oren M. ,  RAKOTOMALALA, Franck

IPC: H04W74/06

Abstract: A device implementing a scalable wireless transaction system includes at least one processor configured to receive, from a wireless transaction system server, a list of wireless transaction group identifiers, and an indication of at least one applet associated with each of the wireless transaction group identifiers. The at least one processor is further configured to receive, from a wireless transaction device, a polling frame that includes one of the wireless transaction device group identifiers. The at least one processor is further configured to select an applet provisioned on a device secure element that is assigned to the wireless transaction group identifier, the assigning being based at least in part on the received list. The at least one processor is further configured to utilize the selected applet to perform a wireless transaction with the wireless transaction device.

公开(公告)号：EP4075365A1

公开(公告)日：2022-10-19

申请号：EP22177852.5

申请日：2017-08-31

Applicant: Apple Inc.

Inventor： ABDULRAHIMAN, Najeeb M. ,  LERCH, Matthias ,  DICKER, George R. ,  ELRAD, Oren ,  STEELE, Glen W. ,  AHN, Charles T. ,  TACKIN, Onur E. ,  SCOTT, Gordon Y.

IPC: G06Q20/40 ,  G06Q20/36 ,  G06Q20/32 ,  G06Q20/34

Abstract: A device implementing an express credential transaction system includes at least one processor configured to receive an indication that a payment applet for a service provider has been provisioned on a secure element of the device with a first attribute indicating that the payment applet can be utilized for a transaction without authentication associated with the transaction. The processor is configured to set the first attribute of the payment applet to indicate that authentication is required to utilize the payment applet when another payment applet for the service provider provisioned on the secure element of the device has an attribute that indicates the other payment applet can be utilized for the transaction without user authentication. The at least one processor is configured to control whether the user authentication is requested when utilizing the payment applet or the other payment applet, respectively, in transactions.

公开(公告)号：EP3629544A1

公开(公告)日：2020-04-01

申请号：EP19199467.2

申请日：2019-09-25

Applicant: Apple Inc.

Inventor： LERCH, Matthias ,  GALDO, Florian

IPC: H04L29/06 ,  H04L9/08

Abstract: A device implementing a digital credential revocation system includes at least one processor configured to maintain a valid digital credential list, a revocation list, and a synchronization counter value. The at least one processor is configured to transmit a request to synchronize the valid digital credential list with an electronic device, the request including the valid digital credential list and the revocation list. The at least one processor is further configured to, in response to receipt of an updated valid digital credential list from the electronic device: clear the revocation list, replace the valid digital credential list with the updated valid digital credential list, and increment the synchronization counter value, and fulfill a received credential maintenance request when the received credential maintenance request comprises an other synchronization counter value that is greater than or equal to the incremented synchronization counter value, otherwise deny the received credential maintenance request.

公开(公告)号：EP3590225B1

公开(公告)日：2020-08-12

申请号：EP18710738.8

申请日：2018-03-01

Applicant: Apple Inc.

Inventor： MATHIAS, Arun G. ,  GALDO, Florian ,  LERCH, Matthias ,  ABDULRAHIMAN, Najeeb M. ,  TACKIN, Onur E. ,  SIERRA, Yannick

IPC: H04L9/08 ,  H04L9/00 ,  H04L9/32

公开(公告)号：EP3516567A2

公开(公告)日：2019-07-31

申请号：EP17780598.3

申请日：2017-09-22

Applicant: Apple Inc.

Inventor： SIBERT, Herve ,  ELRAD, Oren M. ,  HAUCK, Jerrold V. ,  TACKIN, Onur E. ,  ROSEN, Zachary A. ,  LERCH, Matthias

IPC: G06F21/31 ,  G06Q20/32 ,  G06F21/32 ,  H04W12/06