公开(公告)号：US20210160081A1

公开(公告)日：2021-05-27

申请号：US17033564

申请日：2020-09-25

Applicant: Apple Inc.

Inventor： Martijn T. Haring ,  Ahmer A. Khan ,  Xiangying Yang

IPC: H04L9/32 ,  H04L9/14 ,  H04L9/30

Abstract: Techniques are disclosed relating to authenticating a user with a mobile device. In various embodiments, a mobile device receives a request to provision the mobile device with identification information from an identification document issued by an authority to a user for establishing an identity of the user. In response to the received request, the mobile device issues a request for verification information signed by the authority and usable to verify the identification information. The issued request identifies multiple public keys of the mobile device, each having a respective corresponding private key for generating a signature usable to verify the identification information. The mobile device receives and stores the signed verification information, the signed verification information including the plurality of public keys. In some embodiments, the mobile device receives a request provide, at least, a portion of the identification information and selects one of the private keys to generate a signature.

公开(公告)号：US10861090B2

公开(公告)日：2020-12-08

申请号：US14475273

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： David T. Haggerty ,  George R. Dicker ,  Joakim Linde ,  Ahmer A. Khan ,  Timothy S. Hurley

IPC: G06Q20/32 ,  G06Q20/34 ,  G06Q40/02 ,  G06Q20/42 ,  H04L9/32 ,  G06F21/42

Abstract: Systems, methods, and computer-readable media for provisioning credentials on an electronic device are provided. In one example embodiment, a secure platform system may be in communication with an electronic device and a financial institution subsystem. The secure platform system may be configured to, inter alia, detect a selection of a particular commerce credential, access communication mechanism data indicative of at least one communication mechanism of the device, where the at least one mechanism is configured to receive a communication on the device, transmit information to the financial subsystem, where the information includes the mechanism data and the selection of the particular commerce credential, and instruct the financial subsystem to provision the particular commerce credential in a disabled state on the device and communicate credential enablement data to the device using a particular communication mechanism of the at least one communication mechanism indicated by the communication mechanism data.

公开(公告)号：US10546293B2

公开(公告)日：2020-01-28

申请号：US14475375

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Jerrold V. Hauck ,  George R. Dicker ,  Jeffrey C. Lee ,  Mitchell D Adler ,  Wade Benson

IPC: G06Q20/38 ,  G06Q20/32

Abstract: A system for provisioning credentials onto an electronic device is provided. The system may include a payment network subsystem, a service provider subsystem, and one or more user devices that can be used to perform mobile transactions at a merchant terminal. The user device may communicate with the service provider subsystem in order to obtained commerce credentials from the payment network subsystem. The user device may include a secure element and a corresponding trusted processor. The trusted processor may generate a random authorization number and inject that number into the secure element. Mobile payments should only be completed if the random authorization number on the secure element matches the random authorization number at the trusted processor. The trusted processor may be configured to efface the previous random authorization number and generate a new random authorization number when detecting a potential change in ownership at the user device.

公开(公告)号：US20190289542A1

公开(公告)日：2019-09-19

申请号：US16279612

申请日：2019-02-19

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Joakim Linde ,  Joseph Hakim ,  Zachary A. Rosen

IPC: H04W52/02 ,  H04W12/06 ,  G06F21/35 ,  G06F21/60 ,  G06F1/3234 ,  H04B5/02 ,  G06Q20/32

Abstract: Systems, methods, and computer-readable media for managing near field communications during a low power management mode of an electronic device are provided that may make credentials of a near field communication (“NFC”) component appropriately secure and appropriately accessible while also limiting the power consumption of the NFC component and of other components of the electronic device.

公开(公告)号：US10346848B2

公开(公告)日：2019-07-09

申请号：US15175723

申请日：2016-06-07

Applicant: Apple Inc.

Inventor： Mehdi Ziat ,  Vamshi Krishna Aileni ,  Yousuf H. Vaid ,  Ahmer A. Khan ,  George R. Dicker ,  Christopher Sharp ,  Zachary A. Rosen

IPC: H04L29/06 ,  G06F17/30 ,  G06F15/16 ,  G06F7/04 ,  G06Q20/40 ,  G06Q20/38 ,  G06Q20/32 ,  G06Q20/22 ,  G06Q20/34 ,  G06Q20/36

Abstract: Systems, methods, and computer-readable media for provisioning multiple credentials of a multi-scheme card on an electronic device for selective use in a secure transaction are provided.

公开(公告)号：US09864984B2

公开(公告)日：2018-01-09

申请号：US15080130

申请日：2016-03-24

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Gregory B. Novick ,  Jerrold V. Hauck ,  Saket R. Vora ,  Yehonatan Perez

IPC: G06K5/00 ,  G06Q20/32 ,  G06Q20/38 ,  G06Q20/34 ,  G06Q20/40 ,  G06Q20/36

CPC classification number: G06Q20/3227 ,  G06Q20/32 ,  G06Q20/3278 ,  G06Q20/352 ,  G06Q20/353 ,  G06Q20/367 ,  G06Q20/382 ,  G06Q20/4018 ,  G06Q20/4097 ,  G06Q20/40975

Abstract: Methods for operating a portable electronic device to conduct a mobile payment transaction at a merchant terminal are provided. The electronic device may verify that the current user of the device is indeed the authorized owner by requiring the current user to enter a passcode. If the user is able to provide the correct passcode, the device is only partly ready to conduct a mobile payment. In order for the user to fully activate the payment function, the user may have to supply a predetermined payment activation input such as a double button press that notifies the device that the user intends to perform a financial transaction in the immediate future. The device may subsequently activate a payment applet for a predetermined period of time during which the user may hold the device within a field of the merchant terminal to complete a near field communications based mobile payment transaction.

公开(公告)号：US20170011395A1

公开(公告)日：2017-01-12

申请号：US15274841

申请日：2016-09-23

Applicant: Apple Inc.

Inventor： Manoj K. Thulaseedharan Pillai ,  Ahmer A. Khan ,  Thomas Elliott ,  Timothy S. Hurley ,  Jennifer J. Bailey ,  David E. Brudnicki

IPC: G06Q20/38 ,  G06Q20/32 ,  H04L9/08

CPC classification number: G06Q20/3829 ,  G06Q20/12 ,  G06Q20/3227 ,  G06Q20/325 ,  G06Q20/3278 ,  G06Q20/382 ,  G06Q20/3823 ,  G06Q20/40 ,  G06Q2220/00 ,  H04L9/0861 ,  H04L2209/24

Abstract: Systems, methods, and computer-readable media for communicating electronic device secure element data over multiple paths for online payments are provided. In one example embodiment, a method includes, inter alia, at a commercial entity subsystem, receiving, from an electronic device, device transaction data that includes credential data indicative of a payment credential on the electronic device for funding a transaction with a merchant subsystem, accessing a transaction identifier, deriving a transaction key based on transaction key data that includes the accessed transaction identifier, transmitting, to one of the merchant subsystem and the electronic device, merchant payment data that includes a first portion of the credential data and the accessed transaction identifier, and sharing, with a financial institution subsystem using the transaction key, commercial payment data that includes a second portion of the credential data that is different than the first portion of the credential data. Additional embodiments are also provided.

Abstract translation: 提供了用于在多个路径上传送电子设备安全元件数据以用于在线支付的系统，方法和计算机可读介质。 在一个示例实施例中，一种方法尤其包括在商业实体子系统处，从电子设备接收设备交易数据，该交易数据包括在电子设备上指示支付凭证的凭证数据，用于资助与商家子系统的交易， 访问交易标识符，基于包括所访问的交易标识符的交易密钥数据导出交易密钥，向所述商家子系统和所述电子设备之一发送包括所述证书数据的第一部分和所访问的交易的商家支付数据 标识符和共享，与使用交易密钥的金融机构子系统相结合，商业支付数据包括不同于证书数据的第一部分的证书数据的第二部分。 还提供了另外的实施例。

公开(公告)号：US20160358172A1

公开(公告)日：2016-12-08

申请号：US15175723

申请日：2016-06-07

Applicant: Apple Inc.

Inventor： Mehdi Ziat ,  Vamshi Krishna Aileni ,  Yousuf H. Vaid ,  Ahmer A. Khan ,  George R. Dicker ,  Christopher Sharp ,  Zachary A. Rosen

IPC: G06Q20/40 ,  G06Q20/22 ,  G06Q20/32 ,  H04L29/06 ,  G06Q20/38

CPC classification number: G06Q20/409 ,  G06Q20/227 ,  G06Q20/32 ,  G06Q20/3227 ,  G06Q20/3278 ,  G06Q20/357 ,  G06Q20/36 ,  G06Q20/3821 ,  G06Q20/385 ,  H04L63/062 ,  H04L2463/102

Abstract: Systems, methods, and computer-readable media for provisioning multiple credentials of a multi-scheme card on an electronic device for selective use in a secure transaction are provided.

Abstract translation: 提供了用于在电子设备上提供多方案卡的多个凭证以供安全交易中选择性使用的系统，方法和计算机可读介质。

公开(公告)号：US20160203467A1

公开(公告)日：2016-07-14

申请号：US15080130

申请日：2016-03-24

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Gregory B. Novick ,  Jerrold V. Hauck ,  Saket R. Vora ,  Yehonatan Perez

IPC: G06Q20/32 ,  G06Q20/38

CPC classification number: G06Q20/3227 ,  G06Q20/32 ,  G06Q20/3278 ,  G06Q20/352 ,  G06Q20/353 ,  G06Q20/367 ,  G06Q20/382 ,  G06Q20/4018 ,  G06Q20/4097 ,  G06Q20/40975

Abstract: Methods for operating a portable electronic device to conduct a mobile payment transaction at a merchant terminal are provided. The electronic device may verify that the current user of the device is indeed the authorized owner by requiring the current user to enter a passcode. If the user is able to provide the correct passcode, the device is only partly ready to conduct a mobile payment. In order for the user to fully activate the payment function, the user may have to supply a predetermined payment activation input such as a double button press that notifies the device that the user intends to perform a financial transaction in the immediate future. The device may subsequently activate a payment applet for a predetermined period of time during which the user may hold the device within a field of the merchant terminal to complete a near field communications based mobile payment transaction.

公开(公告)号：US09299072B2

公开(公告)日：2016-03-29

申请号：US14475263

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Ahmer A. Khan ,  Gregory B. Novick ,  Jerrold V. Hauck ,  Saket R. Vora ,  Yehonatan Perez

IPC: G06K5/00 ,  G06Q20/32 ,  G06Q20/38

CPC classification number: G06Q20/3227 ,  G06Q20/32 ,  G06Q20/3278 ,  G06Q20/352 ,  G06Q20/353 ,  G06Q20/367 ,  G06Q20/382 ,  G06Q20/4018 ,  G06Q20/4097 ,  G06Q20/40975

Abstract: Methods for operating a portable electronic device to conduct a mobile payment transaction at a merchant terminal are provided. The electronic device may verify that the current user of the device is indeed the authorized owner by requiring the current user to enter a passcode. If the user is able to provide the correct passcode, the device is only partly ready to conduct a mobile payment. In order for the user to fully activate the payment function, the user may have to supply a predetermined payment activation input such as a double button press that notifies the device that the user intends to perform a financial transaction in the immediate future. The device may subsequently activate a payment applet for a predetermined period of time during which the user may hold the device within a field of the merchant terminal to complete a near field communications based mobile payment transaction.

Abstract translation: 提供了用于操作便携式电子设备以在商务终端进行移动支付交易的方法。 电子设备可以通过要求当前用户输入密码来验证设备的当前用户确实是授权所有者。 如果用户能够提供正确的密码，则该设备仅部分准备进行移动支付。 为了使用户能够完全启动支付功能，用户可能必须提供预定的支付激活输入，例如双按钮按钮，以在不久的将来通知设备用户打算执行金融交易。 该设备随后可以在预定的时间段内激活支付小应用程序，在该预定时间段期间，用户可以将该设备保存在商家终端的字段内，以完成基于近场通信的移动支付交易。