公开(公告)号：US20200186367A1

公开(公告)日：2020-06-11

申请号：US16708310

申请日：2019-12-09

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Ahmer A. KHAN

IPC: H04L9/32 ,  H04L9/08 ,  G06F21/35 ,  G06F21/33 ,  H04L29/06 ,  H04L29/08 ,  H04W4/80

Abstract: A device for wireless terminal authentication may include at least one processor configured to receive, from a wireless terminal device, a request for user information, the request comprising a certificate corresponding to the wireless terminal device. The at least one processor may be further configured to verify the certificate based at least in part on a public key stored on the electronic device. The at least one processor may be further configured to, when the certificate is verified, determine whether the certificate indicates that the wireless terminal device is authorized to receive the requested user information. The at least one processor may be further configured to transmit, to the wireless terminal device, the requested user information when the certificate indicates that the wireless terminal device is authorized to receive the requested user information.

公开(公告)号：US20160358157A1

公开(公告)日：2016-12-08

申请号：US15243041

申请日：2016-08-22

Applicant: Apple Inc.

Inventor： Ahmer A. KHAN ,  Zachary A. ROSEN ,  Joakim LINDE

IPC: G06Q20/32 ,  G06Q20/10

CPC classification number: G06Q20/325 ,  G06Q20/0453 ,  G06Q20/10 ,  G06Q20/20 ,  G06Q20/322 ,  G06Q20/3227 ,  G06Q20/3278 ,  G06Q20/36 ,  G06Q20/3821 ,  G06Q20/385 ,  G06Q20/425

Abstract: To facilitate conducting a secure transaction via wireless communication between a portable electronic device (such as a smartphone) and another electronic device (such as a point-of-sale terminal), the portable electronic device may, after a final command is received from the other electronic device, determine a unique transaction identifier for the secure transaction. In particular, the final command may be specific to an applet, stored in a secure element in the portable electronic device, which conducts the secure transaction. The secure element may generate the unique transaction identifier based on financial-account information associated with the applet, which is communicated to the other electronic device. Next, the secure element may provide, to a processor in the portable electronic device, an end message for the secure transaction with the unique transaction identifier.

Abstract translation: 为了便于通过便携式电子设备（例如智能电话）和另一电子设备（例如，销售点终端）之间的无线通信进行安全交易，便携式电子设备可以在从 其他电子设备，确定安全事务的唯一事务标识符。 特别地，最终命令可以特定于存储在便携式电子设备中的安全元件中的applet，其执行安全交易。 安全元件可以基于与小应用程序相关联的财务帐户信息生成唯一的事务标识符，该信息通信给另一个电子设备。 接下来，安全元件可以向便携式电子设备中的处理器提供具有唯一事务标识符的安全事务的结束消息。

公开(公告)号：US20160028702A1

公开(公告)日：2016-01-28

申请号：US14872024

申请日：2015-09-30

Applicant: Apple Inc.

Inventor： Ahmer A. KHAN

IPC: H04L29/06 ,  H04W12/04

CPC classification number: H04L63/062 ,  G06F21/72 ,  G06Q20/3229 ,  G06Q20/3829 ,  H04L9/0877 ,  H04L9/0891 ,  H04L9/3234 ,  H04W12/04

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for key management for Issuer Security Domain (ISD) using GlobalPlatform Specifications. A client receives from a server an authorization to update a first ISD keyset. The client encrypts, via a client-side secure element, a second ISD keyset with a server public key. The client sends the encrypted second ISD keyset to the server for updating the first ISD keyset with the encrypted second ISD keyset. Prior to updating, the client generates the first ISD keyset at a vendor and sends the first ISD keyset to the client-side secure element and sends the first ISD keyset encrypted with the server public key to the server. The disclosed method allows for updating of an ISD keyset of which only the client-side secure element and a server have knowledge.

公开(公告)号：US20140019367A1

公开(公告)日：2014-01-16

申请号：US13631838

申请日：2012-09-28

Applicant: APPLE INC.

Inventor： Ahmer A. KHAN ,  Brian J. Tucker ,  David T. Haggerty ,  Scott M. Herz

IPC: G06Q30/06 ,  H04L9/32 ,  H04L9/28

CPC classification number: G06Q30/06 ,  G06Q20/204 ,  G06Q20/322 ,  G06Q20/3227 ,  G06Q20/3278 ,  G06Q20/3829 ,  G06Q20/425 ,  G06Q30/02

Abstract: A commercial transaction method is disclosed. The method first establishes a secure link over a first air interface by a purchasing device. This secure link is between the purchasing device and a point of sale device. The method further identifies a second air interface, which is different from the first air interface, and the second air interface is used to conduct a secure commercial transaction.

Abstract translation: 公开了商业交易方法。 该方法首先通过购买设备在第一空中接口上建立安全链路。 此安全链接位于采购设备和销售点设备之间。 该方法还识别与第一空中接口不同的第二空中接口，并且第二空中接口用于进行安全商业交易。

公开(公告)号：US20240265383A1

公开(公告)日：2024-08-08

申请号：US18615993

申请日：2024-03-25

Applicant: Apple Inc.

Inventor： Manoj K. Thulaseedharan PILLAI ,  Ahmer A. KHAN ,  Thomas ELLIOTT ,  Timothy S. HURLEY ,  Jennifer J. BAILEY ,  David E. BRUDNICKI

IPC: G06Q20/38 ,  G06F21/45 ,  G06Q20/10 ,  G06Q20/12 ,  G06Q20/32 ,  G06Q20/40 ,  H04W12/069

CPC classification number: G06Q20/3829 ,  G06F21/45 ,  G06Q20/102 ,  G06Q20/12 ,  G06Q20/3226 ,  G06Q20/3227 ,  G06Q20/325 ,  G06Q20/3278 ,  G06Q20/382 ,  G06Q20/3823 ,  G06Q20/40 ,  G06Q20/4016 ,  H04W12/069 ,  G06Q2220/00

Abstract: Systems, methods, and computer-readable media for communicating electronic device secure element data over multiple paths for online payments are provided. In one example embodiment, a method includes, inter alia, at a commercial entity subsystem, receiving, from an electronic device, device transaction data that includes credential data indicative of a payment credential on the electronic device for funding a transaction with a merchant subsystem, accessing a transaction identifier, deriving a transaction key based on transaction key data that includes the accessed transaction identifier, transmitting, to one of the merchant subsystem and the electronic device, merchant payment data that includes a first portion of the credential data and the accessed transaction identifier, and sharing, with a financial institution subsystem using the transaction key, commercial payment data that includes a second portion of the credential data that is different than the first portion of the credential data. Additional embodiments are also provided.

公开(公告)号：US20230127816A1

公开(公告)日：2023-04-27

申请号：US18088515

申请日：2022-12-23

Applicant: Apple Inc.

Inventor： Ahmer A. KHAN ,  Joakim LINDE ,  Joseph HAKIM ,  Zachary A. ROSEN

IPC: G06Q20/32 ,  H04W52/02 ,  G07F7/08 ,  G06Q20/36

Abstract: Systems, methods, and computer-readable media for managing near field communications during a low power management mode of an electronic device are provided that may make credentials of a near field communication (“NFC”) component appropriately secure and appropriately accessible while also limiting the power consumption of the NFC component and of other components of the electronic device.

公开(公告)号：US20220101301A1

公开(公告)日：2022-03-31

申请号：US17549847

申请日：2021-12-13

Applicant: Apple Inc.

Inventor： Matthias LERCH ,  Ahmer A. KHAN ,  Oren M. ELRAD ,  Franck RAKOTOMALALA

IPC: G06Q20/32 ,  H04L29/06

Abstract: A device implementing a scalable wireless transaction system includes at least one processor configured to receive, from a wireless transaction system server, a list of wireless transaction group identifiers, and an indication of at least one applet associated with each of the wireless transaction group identifiers. The at least one processor is further configured to receive, from a wireless transaction device, a polling frame that includes one of the wireless transaction device group identifiers. The at least one processor is further configured to select an applet provisioned on a device secure element that is assigned to the wireless transaction group identifier, the assigning being based at least in part on the received list. The at least one processor is further configured to utilize the selected applet to perform a wireless transaction with the wireless transaction device.

公开(公告)号：US20210295282A1

公开(公告)日：2021-09-23

申请号：US17341711

申请日：2021-06-08

Applicant: Apple Inc.

Inventor： George R. DICKER ,  Christopher B. SHARP ,  Ahmer A. KHAN ,  Yousuf H. VAID ,  Glen W. STEELE ,  Christopher D. ADAMS ,  David T. HAGGERTY

IPC: G06Q20/04 ,  G06Q20/32 ,  G06Q20/38

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device. The electronic device may also associate receipt information, which is subsequently received from a third party (such as the payment network), with the financial transaction by comparing the determined unique transaction identifier to the computed unique transaction identifier.

公开(公告)号：US20210026436A1

公开(公告)日：2021-01-28

申请号：US17067599

申请日：2020-10-09

Applicant: Apple Inc.

Inventor： Ahmer A. KHAN ,  Joakim LINDE ,  Joseph HAKIM ,  Zachary A. ROSEN

IPC: G06F1/3234 ,  G06Q20/32 ,  G06F21/35 ,  G06F21/60 ,  H04W52/02 ,  H04W12/06 ,  H04B5/02

Abstract: Systems, methods, and computer-readable media for managing near field communications during a low power management mode of an electronic device are provided that may make credentials of a near field communication (“NFC”) component appropriately secure and appropriately accessible while also limiting the power consumption of the NFC component and of other components of the electronic device.

公开(公告)号：US20200320188A1

公开(公告)日：2020-10-08

申请号：US16840200

申请日：2020-04-03

Applicant: Apple Inc.

Inventor： Irene M. GRAFF ,  Ahmer A. KHAN ,  Christopher SHARP ,  Libor SYKORA ,  Lucia E. BALLARD ,  Rupamay SAHA

IPC: G06F21/45 ,  H04L29/06 ,  H04W12/06

Abstract: A device for controlled identity credential release may include at least one processor configured to receive a request to release an identity credential of a user, the identity credential being stored on the device. The at least one processor may be further configured to authenticate the user associated with the identity credential. The at least one processor may be further configured to, responsive to the authentication, provide at least a portion of the identity credential, such as for display and/or to a terminal device over a direct wireless connection. The at least one processor may be further configured to cause the electronic device to enter a locked state and/or to remain in a locked state, responsive to providing the at least the portion of the identity credential.