公开(公告)号：US20150348008A1

公开(公告)日：2015-12-03

申请号：US14475384

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Ahmer A. Khan

IPC: G06Q20/32 ,  G06Q20/38

CPC classification number: G06Q20/3227 ,  G06Q20/322 ,  G06Q20/382

Abstract: A system for provisioning credentials onto an electronic device is provided. The user device may include a secure element and a corresponding trusted processor. A contactless registry service (CRS) applet running on the secure element may be used to manage the activation of one or more associated payment applets during a mobile payment transaction. The CRS applet may include at least a user input received flag and an authorization received flag. The user input received flag may be asserted in response to detecting a required user input for initiating payment. The authorization received flag may be asserted when the trusted processor sends an activation request to the secure element. A payment applet should only be activated when at least one of the user input received flag and the authorization received flag has been asserted.

Abstract translation: 提供了一种用于将凭证提供到电子设备上的系统。 用户设备可以包括安全元件和相应的可信处理器。 可以使用在安全元件上运行的非接触注册服务（CRS）小应用程序在移动支付交易期间管理一个或多个相关联的支付小应用程序的激活。 CRS小应用程序可以至少包括用户输入接收标志和授权接收标志。 响应于检测到用于启动支付的所需用户输入，可以断言用户输入接收标志。 当可信处理器向安全元件发送激活请求时，可以断言授权接收标志。 只有当用户输入接收标志和授权接收标志中的至少一个已经被断言时才应激活支付小应用程序。

公开(公告)号：US20150326545A1

公开(公告)日：2015-11-12

申请号：US14475241

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Ahmer A. Khan

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  G06Q20/351 ,  G06Q20/3829 ,  H04L63/0457 ,  H04L63/061 ,  H04L63/18

Abstract: Systems, methods, and computer-readable media for securely rotating keys for an issuer security domain of an electronic device are provided. In one example embodiment, an electronic device may include a communications component that receives encrypted issuer data from a commercial entity subsystem. The electronic device may also include a secure element that, inter alia, decrypts the encrypted issuer data with a first key that is stored in an issuer security domain of the secure element and stores a second key in the issuer security domain based on the decrypted issuer data. Additional embodiments are also provided.

Abstract translation: 提供了用于安全地旋转电子设备的发行者安全域的密钥的系统，方法和计算机可读介质。 在一个示例实施例中，电子设备可以包括从商业实体子系统接收加密的发行者数据的通信组件。 电子设备还可以包括一个安全元件，其特别是利用存储在安全元件的发行者安全域中的第一密钥对加密的发行者数据进行解密，并且基于解密的发行者将第二密钥存储在发行者安全域中 数据。 还提供了另外的实施例。

公开(公告)号：US20150193764A1

公开(公告)日：2015-07-09

申请号：US14474773

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： David T. Haggerty ,  George R. Dicker ,  Ahmer A. Khan ,  Christopher B. Sharp ,  Timothy S. Hurley ,  Vineet Chadha

IPC: G06Q20/32 ,  H04W8/22 ,  G06Q20/40

CPC classification number: G06Q20/3226 ,  G06Q20/322 ,  G06Q20/40 ,  G06Q20/4014 ,  H04W8/22

Abstract: If a user loses an electronic device that has the capability to conduct financial transactions, the user may report that the electronic device is lost using a lost-device software application to a management electronic device associated with a provider of the electronic device. In response to receiving this information, a disabling command is sent to a payment network associated with the financial account of the user to temporarily disable use of the electronic device to conduct the financial transactions. In particular, the electronic device may include a secure element that stores a payment applet for a financial account, and the disabling command may disable a mapping from a virtual identifier for the financial account to a financial primary account number. Subsequently, if the user finds the electronic device, the user may re-enable the capability (and, thus, the mapping) by providing authentication information to the electronic device.

Abstract translation: 如果用户丢失了具有进行金融交易能力的电子设备，则用户可以使用丢失的设备软件应用向与电子设备的提供商相关联的管理电子设备报告电子设备丢失。 响应于接收到该信息，禁用命令被发送到与用户的财务帐户相关联的支付网络，以暂时禁止使用电子设备进行金融交易。 特别地，电子设备可以包括存储用于金融帐户的支付小应用程序的安全元件，并且禁用命令可以禁用从财务帐户的虚拟标识符到财务主帐号的映射。 随后，如果用户发现电子设备，则用户可以通过向电子设备提供认证信息来重新启用能力（并且因此映射）。

公开(公告)号：US20150186887A1

公开(公告)日：2015-07-02

申请号：US14502135

申请日：2014-09-30

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Timothy S. Hurley

IPC: G06Q20/40 ,  G06Q20/22 ,  G06Q20/32 ,  G06Q20/38

CPC classification number: G06Q20/32 ,  G06Q20/223 ,  G06Q20/3226 ,  G06Q20/3278 ,  G06Q20/3821

Abstract: Using electronic devices (such as cellular telephones) that communicate wirelessly, two individuals can make person-to-person payments. In particular, an individual using an electronic device may identify another proximate electronic device of a counterparty in a financial transaction, and may provide an encrypted payment packet to the other electronic device that includes: a financial credential for a financial account of the individual, a payment amount, and a payment sign. When the other electronic device receives the encrypted payment applet, the counterparty may accept the payment in the financial transaction specified by the encrypted payment packet. Then, the other electronic device may provide the encrypted payment packet and another encrypted payment packet (with a financial credential for a financial account of the counterparty, the payment amount and the opposite payment sign) to a third party that completes the financial transaction.

Abstract translation: 使用无线通信的电子设备（如蜂窝电话），两个人可以进行个人对人的付款。 特别地，使用电子设备的个人可以识别金融交易中对方方的另一邻近的电子设备，并且可以向另一电子设备提供加密的支付分组，其包括：用于个人的金融账户的财务凭证， 付款金额和付款标志。 当另一电子设备接收到加密的支付小程序时，对方可以接受由加密的支付分组指定的金融交易中的支付。 然后，另一个电子设备可以向完成金融交易的第三方提供加密的支付分组和另一个加密的支付分组（具有对方方的金融账户的财务凭证，支付金额和相反的支付符号）。

公开(公告)号：US20150142665A1

公开(公告)日：2015-05-21

申请号：US14475128

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： George R. Dicker ,  Christopher B. Sharp ,  Ahmer A. Khan ,  Yousuf H. Vaid ,  Glen W. Steele ,  Christopher D. Adams ,  David T. Haggerty

IPC: G06Q20/38 ,  G06Q20/32

CPC classification number: G06Q20/0453 ,  G06Q20/322 ,  G06Q20/385

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device. The electronic device may also associate receipt information, which is subsequently received from a third party (such as the payment network), with the financial transaction by comparing the determined unique transaction identifier to the computed unique transaction identifier.

Abstract translation: 为了通过电子设备和另一电子设备之间的无线通信进行金融交易，电子设备基于传送到另一电子设备的金融账户信息确定用于金融交易的唯一交易标识符。 财务账户信息指定用于支付金融交易的金融账户。 此外，唯一交易标识符可能能够由与金融交易相关联的一个或多个其他实体（诸如金融交易中的交易对手或处理金融交易支付的支付网络）独立计算， 由便携式电子设备传送的帐户信息。 电子设备还可以将随后从第三方（例如支付网络）接收到的接收信息与金融交易相关联，通过将确定的唯一交易标识符与所计算的唯一交易标识符进行比较。

公开(公告)号：US20140222688A1

公开(公告)日：2014-08-07

申请号：US14174791

申请日：2014-02-06

Applicant: APPLE INC.

Inventor： David T. Haggerty ,  Ahmer A. Khan ,  Christopher B. Sharp ,  Jerrold Von Hauck ,  Joakim Linde ,  Kevin P. McLaughlin ,  Mehdi Ziat ,  Yousuf H. Vaid

IPC: G06Q20/36 ,  G06Q20/38

CPC classification number: G06Q20/36 ,  G06Q20/1235 ,  G06Q20/3227 ,  G06Q20/3552 ,  G06Q20/382

Abstract: Methods and apparatus for the deployment of financial instruments and other assets are disclosed. In one embodiment, a security software protocol is disclosed that guarantees that the asset is always securely encrypted, that one and only one copy of an asset exists, and the asset is delivered to an authenticated and/or authorized customer. Additionally, exemplary embodiments of provisioning systems are disclosed that are capable of, among other things, handling large bursts of traffic (such as can occur on a so-called “launch day” of a device).

Abstract translation: 披露部署金融工具和其他资产的方法和手段。 在一个实施例中，公开了一种安全软件协议，其保证资产始终被安全地加密，存在资产的仅一个和仅一个副本，并且该资产被传递给认证的和/或授权的客户。 此外，公开供应系统的示例性实施例，其能够处理大量业务突发（例如可能发生在设备的所谓“启动日”）。

公开(公告)号：US20240333512A1

公开(公告)日：2024-10-03

申请号：US18623263

申请日：2024-04-01

Applicant: Apple Inc.

Inventor： Vishnu Janardhanan ,  Ahmer A. Khan ,  Gianpaolo Fasoli ,  Dian Wen ,  Hicham Lozi

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3231 ,  H04L9/0825 ,  H04L9/3247

Abstract: Techniques are described for generating a verified data package. An example method includes receiving data including biographical information and an associated portrait. The method further includes causing a prompt for a user to capture a self-portrait photograph to be displayed based at least in part on receiving the data. The method further includes receiving the self-portrait photograph based at least in part on the displayed prompt. The method further includes causing data and the self-portrait photograph to be transmitted to a server. The method further includes receiving, from the server, a verified data package comprising the biographical information, the portrait, and an attestation that the self-portrait photograph and the portrait are the user.

公开(公告)号：US12086769B2

公开(公告)日：2024-09-10

申请号：US17341711

申请日：2021-06-08

Applicant: Apple Inc.

Inventor： George R. Dicker ,  Christopher B. Sharp ,  Ahmer A. Khan ,  Yousuf H. Vaid ,  Glen W. Steele ,  Christopher D. Adams ,  David T. Haggerty

IPC: G06Q20/38 ,  G06Q20/04 ,  G06Q20/32

CPC classification number: G06Q20/047 ,  G06Q20/322 ,  G06Q20/385

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device. The electronic device may also associate receipt information, which is subsequently received from a third party (such as the payment network), with the financial transaction by comparing the determined unique transaction identifier to the computed unique transaction identifier.

公开(公告)号：US12026705B2

公开(公告)日：2024-07-02

申请号：US16146706

申请日：2018-09-28

Applicant: Apple Inc.

Inventor： Ahmer A. Khan

IPC: G06Q20/32 ,  G06Q20/20 ,  G06Q20/38 ,  G06Q20/40

CPC classification number: G06Q20/3829 ,  G06Q20/20 ,  G06Q20/3227 ,  G06Q20/326 ,  G06Q20/3278 ,  G06Q20/40145

Abstract: In order to validate a user to facilitate conducting a high-valued financial transaction via wireless communication between an electronic device (such as a smartphone) and another electronic device (such as a point-of-sale terminal), the electronic device may authenticate the user prior to the onset of the high-valued financial transaction. In particular, a secure enclave processor in a processor may provide local validation information that is specific to the electronic device to a secure element in the electronic device when received local authentication information that is specific to the electronic device (such as a biometric identifier of the user) matches stored authentication information. Moreover, an authentication applet in the secure element may provide the local validation information to an activated payment applet in the secure element. This may enable the payment applet to conduct the high-valued financial transaction via wireless communication, such as near-field communication.

公开(公告)号：US11836242B2

公开(公告)日：2023-12-05

申请号：US16840200

申请日：2020-04-03

Applicant: Apple Inc.

Inventor： Irene M. Graff ,  Ahmer A. Khan ,  Christopher Sharp ,  Libor Sykora ,  Lucia E. Ballard ,  Rupamay Saha

IPC: G06F21/45 ,  H04L9/40 ,  H04W12/06

CPC classification number: G06F21/45 ,  H04L63/0861 ,  H04W12/068 ,  G06F2221/2149

Abstract: A device for controlled identity credential release may include at least one processor configured to receive a request to release an identity credential of a user, the identity credential being stored on the device. The at least one processor may be further configured to authenticate the user associated with the identity credential. The at least one processor may be further configured to, responsive to the authentication, provide at least a portion of the identity credential, such as for display and/or to a terminal device over a direct wireless connection. The at least one processor may be further configured to cause the electronic device to enter a locked state and/or to remain in a locked state, responsive to providing the at least the portion of the identity credential.