公开(公告)号：US20210295282A1

公开(公告)日：2021-09-23

申请号：US17341711

申请日：2021-06-08

Applicant: Apple Inc.

Inventor： George R. DICKER ,  Christopher B. SHARP ,  Ahmer A. KHAN ,  Yousuf H. VAID ,  Glen W. STEELE ,  Christopher D. ADAMS ,  David T. HAGGERTY

IPC: G06Q20/04 ,  G06Q20/32 ,  G06Q20/38

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device. The electronic device may also associate receipt information, which is subsequently received from a third party (such as the payment network), with the financial transaction by comparing the determined unique transaction identifier to the computed unique transaction identifier.

公开(公告)号：US20190387402A1

公开(公告)日：2019-12-19

申请号：US16557770

申请日：2019-08-30

Applicant: Apple Inc.

Inventor： Li LI ,  Xiangying YANG ,  Jerrold Von HAUCK ,  Christopher B. SHARP ,  Yousuf H. VAID ,  Arun G. MATHIAS ,  David T. HAGGERTY ,  Najeeb M. ABDULRAHIMAN

IPC: H04W12/06 ,  H04L12/24 ,  H04L29/06

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.

公开(公告)号：US20190246265A1

公开(公告)日：2019-08-08

申请号：US16267160

申请日：2019-02-04

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL ,  David T. HAGGERTY

IPC: H04W8/20 ,  H04W12/00

CPC classification number: H04W8/205 ,  H04W12/0023 ,  H04W12/00403

Abstract: Methods and apparatus for managing multiple user access control entities or clients. For example, in one embodiment, a “wallet” of electronic subscriber identity modules (eSIMs) may be stored and used at a user device and/or distributed to other devices for use thereon. In another embodiment, a networked server may store and distribute eSIM to a plurality of user devices in communication therewith. A database of available eSIM is maintained at the wallet entity and/or at the network which enables request for a particular eSIM to be processed and various rules for the distribution thereof to be implemented. Security precautions are implemented to protect both user and network carrier specific data as the data is transmitted between networked entities. Solutions for eSIM backup and restoration are also described.

公开(公告)号：US20190166483A1

公开(公告)日：2019-05-30

申请号：US16244035

申请日：2019-01-09

Applicant: Apple Inc.

Inventor： Li LI ,  Clark P. MUELLER ,  Avinash NARASIMHAN ,  Arun G. MATHIAS ,  Najeeb M. ABDULRAHIMAN ,  David T. HAGGERTY

IPC: H04W8/18 ,  H04W4/50 ,  H04W12/10 ,  H04L29/06 ,  H04W4/60 ,  G06F21/72 ,  G06F21/57

CPC classification number: H04W8/183 ,  G06F21/575 ,  G06F21/72 ,  H04L63/123 ,  H04W4/50 ,  H04W4/60 ,  H04W8/245 ,  H04W12/10

Abstract: Representative embodiments described herein set forth techniques for provisioning bootstrap electronic Subscriber Identity Modules (eSIMs) to mobile devices. According to some embodiments, a mobile device can be configured to issue, to an eSIM selection server, a bootstrap eSIM request that includes (i) metadata associated with the mobile device, and (ii) metadata associated with an electronic Universal Integrated Circuit Card (eUICC) included in the mobile device. In turn, the eSIM selection server selects and binds a particular bootstrap eSIM to the mobile device, and provides information to the mobile device that enables the mobile device to obtain the particular bootstrap eSIM from one or more eSIM servers. When the mobile device obtains the particular bootstrap eSIM, the mobile device can interface with a mobile network operator (MNO) and obtain a complete eSIM that enables the mobile device to access services provided by the MNO.

公开(公告)号：US20180069581A1

公开(公告)日：2018-03-08

申请号：US15807516

申请日：2017-11-08

Applicant: Apple Inc.

Inventor： Avinash NARASIMHAN ,  Hemant PURSWANI ,  Clark P. MUELLER ,  David T. HAGGERTY ,  Li LI ,  Arun G. MATHIAS ,  Najeeb M. ABDULRAHIMAN

IPC: H04B1/3816 ,  H04W4/24 ,  H04L12/24

CPC classification number: H04W4/24 ,  H04L12/1407 ,  H04M15/66 ,  H04M15/80 ,  H04M17/02 ,  H04M17/023 ,  H04M17/026 ,  H04M17/103

Abstract: Methods, devices, and servers for as-needed update of a trusted list are provided herein. An electronic subscriber identity module (eSIM) server receives a request for an eSIM of a particular type from a wireless device. The eSIM server evaluates the particular type and requests an eSIM of the particular type from a second eSIM server, which is not initially trusted by a secure element (SE) of the wireless device. The eSIM server sends a policy update to the wireless device. The wireless device passes the policy update to the SE, for example, a universal integrated circuit card (UICC). The UICC updates the trusted list with an identity of the second eSIM server. When the wireless device downloads a bound profile package (BPP) containing an eSIM from the second eSIM server, the UICC validates the BPP based on the updated trusted list. The eSIM is then installed on the UICC.

公开(公告)号：US20170223535A1

公开(公告)日：2017-08-03

申请号：US15492980

申请日：2017-04-20

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL ,  David T. HAGGERTY

IPC: H04W12/06 ,  H04W8/18 ,  H04W36/14 ,  H04L29/06

CPC classification number: H04W12/06 ,  H04L63/0853 ,  H04L63/0876 ,  H04M15/77 ,  H04M15/771 ,  H04W8/183 ,  H04W8/20 ,  H04W12/00405 ,  H04W36/14

Abstract: Methods and apparatus that allow a device to migrate wireless service across multiple wireless networks. In one exemplary embodiment, the present invention enables storing and switching between multiple Electronic Subscriber Identity Modules (eSIM), where each eSIM is specific to a different carrier network. By loading the appropriate eSIM, the user device can authenticate itself with the selected carrier, rather than roaming. During roaming operation, the user equipment can load one or more of the previously stored eSIMs. Selection of the eSIM can be done manually by the user or can be driven by the user equipment based on desired context; for example, based on carrier signal strength, cost-effectiveness, etc. Support for multiple radio technologies also allows universal connectivity for wireless devices, even spanning previously incompatible technologies such as GSM (Global Standard for Mobile Communications), CDMA (Code Division Multiple Access), etc.

公开(公告)号：US20170006473A1

公开(公告)日：2017-01-05

申请号：US15263306

申请日：2016-09-12

Applicant: Apple Inc.

Inventor： Jerrold Von HAUCK ,  David T. HAGGERTY

IPC: H04W12/08 ,  H04W8/18 ,  H04W12/04 ,  H04L9/32 ,  H04W12/06

CPC classification number: H04W12/08 ,  H04L9/3228 ,  H04L9/3247 ,  H04L63/061 ,  H04L63/0869 ,  H04L2209/80 ,  H04W4/60 ,  H04W8/183 ,  H04W8/245 ,  H04W12/04 ,  H04W12/06 ,  H04W12/12

Abstract: Apparatus and methods for controlling the distribution of electronic access clients to a device. In one embodiment, a virtualized Universal Integrated Circuit Card (UICC) can only load an access client such as an electronic Subscriber Identity Module (eSIM) according to an activation ticket. The activation ticket ensures that the virtualized UICC can only receive eSIMs from specific carriers (“carrier locking”). Unlike prior art methods which enforce carrier locking on a software application launched from a software chain of trust (which can be compromised), the present invention advantageously enforces carrier locking with the secure UICC hardware which has, for example, a secure code base.

Abstract translation: 用于控制电子访问客户端到设备的分发的装置和方法。 在一个实施例中，虚拟化通用集成电路卡（UICC）只能根据激活票加载诸如电子订户身份模块（eSIM）的访问客户端。 激活票确保虚拟化UICC只能从特定运营商接收eSIM（“运营商锁定”）。 不同于在从软件信任链（其可能受到损害）启动的软件应用上实施载体锁定的现有技术方法，本发明有利地利用具有例如安全代码库的安全UICC硬件实施载波锁定。

公开(公告)号：US20160277930A1

公开(公告)日：2016-09-22

申请号：US15076527

申请日：2016-03-21

Applicant: Apple Inc.

Inventor： Li LI ,  Xiangying YANG ,  Jerrold Von HAUCK ,  Christopher B. SHARP ,  Yousuf H. VAID ,  Arun G. MATHIAS ,  David T. HAGGERTY ,  Najeeb M. ABDULRAHIMAN

IPC: H04W12/06 ,  H04L29/06

CPC classification number: H04W12/06 ,  H04L41/28 ,  H04L63/083 ,  H04L63/0838 ,  H04L63/0853

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.

Abstract translation: 公开了用于移动设备中包括的eUICC的eSIM的管理操作的用户认证和人为意图验证的方法和装置。 eSIM和/或eUICC固件的某些管理操作（例如导入，修改和/或导出）可能需要在由移动设备执行或完成执行管理操作之前的用户认证和/或人为意图验证。 移动设备的用户提供在eUICC上（或之后）安装时将外部用户帐户链接到eSIM的信息。 可以使用诸如用户名和密码的用户凭证和/或从其生成的信息来用外部服务器认证用户。 响应成功的用户认证，执行管理操作。 人员意图验证还可以与用户认证一起执行，以防止恶意软件干扰移动设备的eSIM和/或eUICC功能。

公开(公告)号：US20160227409A1

公开(公告)日：2016-08-04

申请号：US15099444

申请日：2016-04-14

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL ,  Arun G. MATHIAS ,  Jerrold Von HAUCK ,  David T. HAGGERTY ,  Kevin McLAUGHLIN ,  Ben-Heng JUANG ,  Li LI

IPC: H04W12/06 ,  H04W4/00 ,  H04L29/06 ,  H04W12/04

CPC classification number: H04W12/06 ,  G06F21/45 ,  G06F21/57 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/123 ,  H04L63/20 ,  H04L67/34 ,  H04W4/50 ,  H04W4/60 ,  H04W8/205 ,  H04W12/04 ,  H04W12/08

Abstract: Methods and apparatus enabling programming of electronic identification information of a wireless apparatus. In one embodiment, a previously purchased or deployed wireless apparatus is activated by a cellular network. The wireless apparatus connects to the cellular network using an access module to download operating system components and/or access control client components. The described methods and apparatus enable updates, additions and replacement of various components including Electronic Subscriber Identity Module (eSIM) data, OS components. One exemplary implementation of the invention utilizes a trusted key exchange between the device and the cellular network to maintain security.

公开(公告)号：US20160226877A1

公开(公告)日：2016-08-04

申请号：US14995154

申请日：2016-01-13

Applicant: Apple Inc.

Inventor： David T. HAGGERTY ,  Jerrold Von HAUCK ,  Ben-Heng JUANG ,  Li Li ,  Arun G. MATHIAS ,  Kevin McLAUGHLIN ,  Avinash NARASIMHAN ,  Christopher SHARP ,  Yousuf H. Vaid ,  Xiangying YANG

IPC: H04L29/06 ,  H04W8/18

CPC classification number: H04L63/10 ,  H04L63/06 ,  H04L63/0823 ,  H04L63/0853 ,  H04L63/205 ,  H04W8/18 ,  H04W8/183 ,  H04W8/20 ,  H04W12/06

Abstract: Methods and apparatus for large scale distribution of electronic access control clients. In one aspect, a tiered security software protocol is disclosed. In one exemplary embodiment, a server electronic Universal Integrated Circuit Card (eUICC) and client eUICC software comprise a so-called “stack” of software layers. Each software layer is responsible for a set of hierarchical functions which are negotiated with its corresponding peer software layer. The tiered security software protocol is configured for large scale distribution of electronic Subscriber Identity Modules (eSIMs).

Abstract translation: 电子门禁客户大规模分销的方法和装置。 一方面，公开了一种分层的安全软件协议。 在一个示例性实施例中，服务器电子通用集成电路卡（eUICC）和客户端eUICC软件包括软件层的所谓“堆叠”。 每个软件层负责与其相应的对等软件层协商的一组分层功能。 分层安全软件协议配置为大规模分发电子订户身份模块（eSIM）。