公开(公告)号：US20140349705A1

公开(公告)日：2014-11-27

申请号：US14288212

申请日：2014-05-27

Applicant: Apple Inc.

Inventor： David T. HAGGERTY ,  Jerrold Von HAUCK ,  Stephan V. SCHELL ,  Arun G. MATHIAS

IPC: H04W88/06

CPC classification number: H04W88/06 ,  G06Q30/06 ,  H04L67/34 ,  H04W4/50 ,  H04W8/183

Abstract: Apparatus and methods for distributing electronic access client modules for use with electronic devices. In one embodiment, the access client modules are virtual subscriber identity modules (VSIMs) that can be downloaded from online services for use with cellular-equipped devices such as smartphones. The online services may include a point of sale (POS) system that sells electronic devices to users. A broker may be used to facilitate the selection of a virtual subscriber identity module. A provisioning service may also be used to provision the selected VSIM.

Abstract translation: 用于分发用于电子设备的电子访问客户端模块的装置和方法。 在一个实施例中，接入客户端模块是虚拟订户身份模块（VSIM），其可以从在线服务下载，以便与配备蜂窝的设备如智能电话一起使用。 在线服务可以包括向用户销售电子设备的销售点（POS）系统。 可以使用代理来促进对虚拟订户身份模块的选择。 还可以使用供应服务来配置所选择的VSIM。

公开(公告)号：US20140099925A1

公开(公告)日：2014-04-10

申请号：US14049185

申请日：2013-10-08

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL ,  Arun G. MATHIAS ,  Jerrold VON HAUCK ,  David T. HAGGERTY ,  Kevin McLAUGHLIN ,  Ben-Heng JUANG ,  Li LI

IPC: H04W12/06

CPC classification number: H04W12/06 ,  G06F21/45 ,  G06F21/57 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/123 ,  H04L63/20 ,  H04L67/34 ,  H04W4/50 ,  H04W4/60 ,  H04W8/205 ,  H04W12/04 ,  H04W12/08

Abstract: Methods and apparatus enabling programming of electronic identification information of a wireless apparatus. In one embodiment, a previously purchased or deployed wireless apparatus is activated by a cellular network. The wireless apparatus connects to the cellular network using an access module to download operating system components and/or access control client components. The described methods and apparatus enable updates, additions and replacement of various components including Electronic Subscriber Identity Module (eSIM) data, OS components. One exemplary implementation of the invention utilizes a trusted key exchange between the device and the cellular network to maintain security.

Abstract translation: 能够对无线装置的电子识别信息进行编程的方法和装置。 在一个实施例中，先前购买或部署的无线设备由蜂窝网络激活。 无线设备使用访问模块连接到蜂窝网络，以下载操作系统组件和/或访问控制客户端组件。 所描述的方法和装置能够更新，添加和替换各种组件，包括电子订户身份模块（eSIM）数据，OS组件。 本发明的一个示例性实施方式利用设备和蜂窝网络之间的可信密钥交换来维护安全性。

公开(公告)号：US20190246265A1

公开(公告)日：2019-08-08

申请号：US16267160

申请日：2019-02-04

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL ,  David T. HAGGERTY

IPC: H04W8/20 ,  H04W12/00

CPC classification number: H04W8/205 ,  H04W12/0023 ,  H04W12/00403

Abstract: Methods and apparatus for managing multiple user access control entities or clients. For example, in one embodiment, a “wallet” of electronic subscriber identity modules (eSIMs) may be stored and used at a user device and/or distributed to other devices for use thereon. In another embodiment, a networked server may store and distribute eSIM to a plurality of user devices in communication therewith. A database of available eSIM is maintained at the wallet entity and/or at the network which enables request for a particular eSIM to be processed and various rules for the distribution thereof to be implemented. Security precautions are implemented to protect both user and network carrier specific data as the data is transmitted between networked entities. Solutions for eSIM backup and restoration are also described.

公开(公告)号：US20170223535A1

公开(公告)日：2017-08-03

申请号：US15492980

申请日：2017-04-20

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL ,  David T. HAGGERTY

IPC: H04W12/06 ,  H04W8/18 ,  H04W36/14 ,  H04L29/06

CPC classification number: H04W12/06 ,  H04L63/0853 ,  H04L63/0876 ,  H04M15/77 ,  H04M15/771 ,  H04W8/183 ,  H04W8/20 ,  H04W12/00405 ,  H04W36/14

Abstract: Methods and apparatus that allow a device to migrate wireless service across multiple wireless networks. In one exemplary embodiment, the present invention enables storing and switching between multiple Electronic Subscriber Identity Modules (eSIM), where each eSIM is specific to a different carrier network. By loading the appropriate eSIM, the user device can authenticate itself with the selected carrier, rather than roaming. During roaming operation, the user equipment can load one or more of the previously stored eSIMs. Selection of the eSIM can be done manually by the user or can be driven by the user equipment based on desired context; for example, based on carrier signal strength, cost-effectiveness, etc. Support for multiple radio technologies also allows universal connectivity for wireless devices, even spanning previously incompatible technologies such as GSM (Global Standard for Mobile Communications), CDMA (Code Division Multiple Access), etc.

公开(公告)号：US20160227409A1

公开(公告)日：2016-08-04

申请号：US15099444

申请日：2016-04-14

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL ,  Arun G. MATHIAS ,  Jerrold Von HAUCK ,  David T. HAGGERTY ,  Kevin McLAUGHLIN ,  Ben-Heng JUANG ,  Li LI

IPC: H04W12/06 ,  H04W4/00 ,  H04L29/06 ,  H04W12/04

CPC classification number: H04W12/06 ,  G06F21/45 ,  G06F21/57 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/123 ,  H04L63/20 ,  H04L67/34 ,  H04W4/50 ,  H04W4/60 ,  H04W8/205 ,  H04W12/04 ,  H04W12/08

Abstract: Methods and apparatus enabling programming of electronic identification information of a wireless apparatus. In one embodiment, a previously purchased or deployed wireless apparatus is activated by a cellular network. The wireless apparatus connects to the cellular network using an access module to download operating system components and/or access control client components. The described methods and apparatus enable updates, additions and replacement of various components including Electronic Subscriber Identity Module (eSIM) data, OS components. One exemplary implementation of the invention utilizes a trusted key exchange between the device and the cellular network to maintain security.

公开(公告)号：US20160154956A1

公开(公告)日：2016-06-02

申请号：US15017436

申请日：2016-02-05

Applicant: Apple Inc.

Inventor： Anthony M. FADELL ,  Andrew Bert HODGE ,  Stephan V. SCHELL ,  Ruben CABALLERO ,  Jesse Lee DOROGUSKER ,  Stephen Paul ZADESKY ,  Emery SANFORD

IPC: G06F21/36 ,  G06F3/041 ,  G06F3/0488 ,  G06K9/00 ,  G06F3/0481

CPC classification number: G06F21/32 ,  G06F3/0412 ,  G06F3/0416 ,  G06F3/04817 ,  G06F3/0488 ,  G06F3/04883 ,  G06F21/316 ,  G06F21/36 ,  G06K9/00013 ,  G06K9/0002 ,  G06K9/00033 ,  G06K9/00087 ,  G06K9/00248 ,  G06K9/00255 ,  G06K9/00912 ,  G06K9/3241 ,  H04L9/3231 ,  H04L63/08 ,  H04L63/0861 ,  H04L63/104 ,  H04W12/06 ,  H04W88/02

Abstract: This invention is directed to an electronic device with an embedded authentication system for restricting access to device resources. The authentication system may include one or more sensors operative to detect biometric information of a user. The sensors may be positioned in the device such that the sensors may detect appropriate biometric information as the user operates the device, without requiring the user to perform a step for providing the biometric information (e.g., embedding a fingerprint sensor in an input mechanism instead of providing a fingerprint sensor in a separate part of the device housing). In some embodiments, the authentication system may be operative to detect a visual or temporal pattern of inputs to authenticate a user. In response to authenticating, a user may access restricted files, applications (e.g., applications purchased by the user), or settings (e.g., application settings such as contacts or saved game profile).

公开(公告)号：US20160026329A1

公开(公告)日：2016-01-28

申请号：US14873023

申请日：2015-10-01

Applicant: Apple Inc.

Inventor： Anthony M. FADELL ,  Andrew Bert HODGE ,  Stephan V. SCHELL ,  Ruben CABALLERO ,  Jesse Lee DOROGUSKAR ,  Stephen Paul ZADESKY ,  Emery SANFORD

IPC: G06F3/041 ,  G06K9/00 ,  G06F21/32

CPC classification number: G06F21/32 ,  G06F3/0412 ,  G06F3/0416 ,  G06F3/04817 ,  G06F3/0488 ,  G06F3/04883 ,  G06F21/316 ,  G06F21/36 ,  G06K9/00013 ,  G06K9/0002 ,  G06K9/00033 ,  G06K9/00087 ,  G06K9/00248 ,  G06K9/00255 ,  G06K9/00912 ,  G06K9/3241 ,  H04L9/3231 ,  H04L63/08 ,  H04L63/0861 ,  H04L63/104 ,  H04W12/06 ,  H04W88/02

Abstract: This invention is directed to an electronic device with an embedded authentication system for restricting access to device resources. The authentication system may include one or more sensors operative to detect biometric information of a user. The sensors may be positioned in the device such that the sensors may detect appropriate biometric information as the user operates the device, without requiring the user to perform a step for providing the biometric information (e.g., embedding a fingerprint sensor in an input mechanism instead of providing a fingerprint sensor in a separate part of the device housing). In some embodiments, the authentication system may be operative to detect a visual or temporal pattern of inputs to authenticate a user. In response to authenticating, a user may access restricted files, applications (e.g., applications purchased by the user), or settings (e.g., application settings such as contacts or saved game profile).

公开(公告)号：US20150099560A1

公开(公告)日：2015-04-09

申请号：US14571146

申请日：2014-12-15

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL

IPC: H04W88/06

CPC classification number: H04W88/06 ,  H04L63/0853 ,  H04L63/18 ,  H04W12/06

Abstract: Methods and apparatus for recovering access data from a malfunctioning device. In one embodiment, trained service personnel are provided a specialized apparatus for retrieving access data from a malfunctioning device. For example, in the instance the device comprises a cellular device having an unrecoverable hardware failure, trained service personnel can connect to the secure element and retrieve the one or more electronic Subscriber Identity Modules (eSIMs) stored thereon. The eSIMs are then “reclaimed” and reprogrammed/distributed to a new device. In one implementation, security and integrity measures are taken to protect and control distribution of sensitive access data.

Abstract translation: 从故障设备恢复访问数据的方法和设备。 在一个实施例中，经过训练的服务人员提供了用于从故障设备检索访问数据的专用设备。 例如，在这种情况下，设备包括具有不可恢复的硬件故障的蜂窝设备，经过训练的服务人员可以连接到安全元件并检索存储在其上的一个或多个电子用户识别模块（eSIM）。 然后将eSIMs“回收”并重新编程/分发到新设备。 在一个实现中，采取安全和完整性措施来保护和控制敏感访问数据的分发。

公开(公告)号：US20190327609A1

公开(公告)日：2019-10-24

申请号：US16443473

申请日：2019-06-17

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL ,  David T. HAGGERTY

IPC: H04W8/26 ,  H04W12/00 ,  H04W4/50 ,  H04W4/60

Abstract: Methods and apparatus for activating a purchased or previously deployed device by a subscriber. In one embodiment, activation includes authenticating the device to a service provider or carrier, and providing the device with data necessary for enabling the service to the device. In one variant, a user device is activated at a retail store, with the assistance of a carrier representative. In another variant, user equipment is activated via a communications network without the assistance of a representative. In yet another variant, the user equipment is activated via the Internet without the assistance of a representative. The provision of access data includes pre-assigning eSIM from a population of unassigned eSIMs to certain devices for various carrier networks. Alternatively, the eSIM may be assigned on an as-needed basis. Unassigned and/or unused eSIMs can be released (or sold back to the vendor) and/or reused. Solutions for eSIM backup and restoration are also described.

公开(公告)号：US20180249332A1

公开(公告)日：2018-08-30

申请号：US15873856

申请日：2018-01-17

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL ,  Arun G. MATHIAS ,  Jerrold Von HAUCK ,  David T. HAGGERTY ,  Kevin McLAUGHLIN ,  Ben-Heng JUANG ,  Li LI

IPC: H04W12/06 ,  H04W12/08 ,  H04W12/04 ,  H04W8/20 ,  H04L29/06 ,  H04W4/50 ,  G06F21/57 ,  G06F21/45 ,  H04W4/60 ,  H04L29/08

CPC classification number: H04W12/06 ,  G06F21/45 ,  G06F21/57 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/123 ,  H04L63/20 ,  H04L67/34 ,  H04W4/50 ,  H04W4/60 ,  H04W8/205 ,  H04W12/04 ,  H04W12/08

Abstract: Methods and apparatus enabling programming of electronic identification information of a wireless apparatus. In one embodiment, a previously purchased or deployed wireless apparatus is activated by a cellular network. The wireless apparatus connects to the cellular network using an access module to download operating system components and/or access control client components. The described methods and apparatus enable updates, additions and replacement of various components including Electronic Subscriber Identity Module (eSIM) data, OS components. One exemplary implementation of the invention utilizes a trusted key exchange between the device and the cellular network to maintain security.