公开(公告)号：US20230008793A1

公开(公告)日：2023-01-12

申请号：US17876507

申请日：2022-07-28

Applicant: Apple Inc.

Inventor： Matthew C. BYINGTON ,  Christopher SHARP ,  Yousuf H. VAID

IPC: G06Q10/08 ,  G06Q20/32 ,  G06Q20/38 ,  H04L9/08

Abstract: Systems, methods, and computer-readable media for managing secure transactions between electronic devices and service providers. In one embodiment, an administration entity system may receive device order data from an electronic device, wherein the received device order data is indicative of an order for an item of value of a service provider system to be stored on the electronic device, transmit administration order data to the service provider system based on the received device order data, wherein the administration order data is indicative of the order for the item of value, receive service provider fulfillment data from the service provider system based on the transmitted administration order data, wherein the service provider fulfillment data includes the item of value, and transmit administration fulfillment data to the electronic device based on the received service provider fulfillment data, wherein the administration fulfillment data includes the item of value.

公开(公告)号：US20220222636A1

公开(公告)日：2022-07-14

申请号：US17707924

申请日：2022-03-29

Applicant: Apple Inc.

Inventor： Matthew C. BYINGTON ,  Yousuf H. VAID ,  Jenna YI ,  Christopher SHARP ,  Richard William Thomas HEARD

IPC: G06Q20/10 ,  G06Q20/38 ,  G06Q20/40

Abstract: A device implementing a user configurable direct transfer system may include at least one processor configured to receive, from an electronic device associated with a user account, a request to establish a type of transfer between a first account associated with an entity and a second account associated with the user account, the request including an entity identifier and a transfer type identifier. The at least one processor may be further configured to generate a transfer alias that is stored in association with the entity identifier, a second account identifier, and the transfer type identifier, and provide the transfer alias to the electronic device and a server associated with the entity to facilitate the type of transfer between the first account associated with the entity and the second account associated with the user account.

公开(公告)号：US20250111378A1

公开(公告)日：2025-04-03

申请号：US18783397

申请日：2024-07-24

Applicant: Apple Inc.

Inventor： Rohit SURESH ,  Abde N. FARUQUI ,  Caroline TEICHER ,  Frank A. VAN DEN BERG ,  Rahul SARNA ,  Richard W. HEARD ,  Shashidhar SHENOY ,  Yousuf H. VAID

IPC: G06Q20/40

Abstract: An electronic device may provide a credential to another electronic device. The credential may allow the other electronic device to perform a transaction. In some instances, the electronic devices may be in proximity to each other, and the proximity may be used to authorize use of the credential on the other device. Further, a user of the electronic device that provides the credential may set one or more conditions on the use of credential by the other device.

公开(公告)号：US20250111368A1

公开(公告)日：2025-04-03

申请号：US18783399

申请日：2024-07-24

Applicant: Apple Inc.

Inventor： Rohit SURESH ,  Abde N. FARUQUI ,  Caroline TEICHER ,  Frank A. VAN DEN BERG ,  Rahul SARNA ,  Richard W. HEARD ,  Shashidhar SHENOY ,  Yousuf H. VAID

IPC: G06Q20/40

Abstract: An electronic device may provide a credential to another electronic device. The credential may allow the other electronic device to perform a transaction. In some instances, the electronic devices may be in proximity to each other, and the proximity may be used to authorize use of the credential on the other device. Further, a user of the electronic device that provides the credential may set one or more conditions on the use of credential by the other device.

公开(公告)号：US20160063260A1

公开(公告)日：2016-03-03

申请号：US14815391

申请日：2015-07-31

Applicant: Apple Inc.

Inventor： Christopher B. SHARP ,  Yousuf H. VAID ,  Li LI ,  Jerrold Von HAUCK ,  Arun G. MATHIAS ,  Xiangying YANG ,  Kevin P. McLAUGHLIN

IPC: G06F21/60 ,  H04W12/08 ,  H04L29/06

CPC classification number: G06F21/604 ,  H04L63/102 ,  H04L63/105 ,  H04L63/20 ,  H04W12/08

Abstract: A policy-based framework is described. This policy-based framework may be used to specify the privileges for logical entities to perform operations associated with an access-control element (such as an electronic Subscriber Identity Module) located within a secure element in an electronic device. Note that different logical entities may have different privileges for different operations associated with the same or different access-control elements. Moreover, the policy-based framework may specify types of credentials that are used by the logical entities during authentication, so that different types of credentials may be used for different operations and/or by different logical entities. Furthermore, the policy-based framework may specify the security protocols and security levels that are used by the logical entities during authentication, so that different security protocols and security levels may be used for different operations and/or by different logical entities.

Abstract translation: 描述了基于策略的框架。 该基于策略的框架可以用于指定逻辑实体执行与位于电子设备中的安全元件内的访问控制元素（例如电子订户身份模块）相关联的操作的权限。 注意，对于与相同或不同的访问控制元素相关联的不同操作，不同的逻辑实体可以具有不同的权限。 此外，基于策略的框架可以指定在认证期间由逻辑实体使用的凭证的类型，使得不同类型的凭证可以用于不同的操作和/或由不同的逻辑实体使用。 此外，基于策略的框架可以指定在认证期间由逻辑实体使用的安全协议和安全级别，使得不同的安全协议和安全级别可以用于不同的操作和/或不同的逻辑实体。

公开(公告)号：US20250053637A1

公开(公告)日：2025-02-13

申请号：US18932415

申请日：2024-10-30

Applicant: Apple Inc.

Inventor： Benjamin D. CHESTER ,  Hubert GREICHE ,  Richard W. HEARD ,  Yousuf H. VAID ,  Gianpaolo FASOLI

IPC: G06F21/45 ,  G06Q20/36 ,  G06Q20/40 ,  G06Q30/018 ,  G06Q40/02 ,  H04L9/32 ,  H04L9/40

Abstract: Systems, methods, and computer-readable media for facilitating frictionless credential provisioning on a user computing device are provided. Special “frictionless tokens” (e.g., ownership tokens) may be generated for each existing credential in a user's digital wallet. Such tokens may be stored in a user's AE locker (e.g., iCloud keychain) and synchronized across the user's devices using any suitable security features (e.g., using any suitable secure enclave processor (“SEP”)-based encryption). Such a token, as may be stored in a device's SEP, may be configured only to be read on that physical device. In this manner, the user may no longer need provide further proof of ownership of a credential or be hassled by passing any other challenge, but, instead, the additional security may be achieved using the ownership token, which may use the user's AE or device passcode in association with the user's physical device (and its SEP).

公开(公告)号：US20200177450A1

公开(公告)日：2020-06-04

申请号：US16780621

申请日：2020-02-03

Applicant: Apple Inc.

Inventor： Li LI ,  Yousuf H. VAID ,  Christopher B. SHARP ,  Arun G. MATHIAS ,  David T. HAGGERTY ,  Jerrold Von HAUCK

IPC: H04L12/24 ,  H04W12/06 ,  H04W8/20 ,  H04L29/06 ,  H04W8/18 ,  H04B1/3827 ,  H04B1/3816

Abstract: Representative embodiments described herein set forth techniques for optimizing large-scale deliveries of electronic Subscriber Identity Modules (eSIMs) to mobile devices. Specifically, instead of generating and assigning eSIMs when mobile devices are being activated—which can require significant processing overhead—eSIMs are pre-generated with a basic set of information, and are later-assigned to the mobile devices when they are activated. This can provide considerable benefits over conventional approaches that involve generating and assigning eSIMs during mobile device activation, especially when new mobile devices (e.g., smartphones, tablets, etc.) are being launched and a large number of eSIM assignment requests are to be fulfilled in an efficient manner.

公开(公告)号：US20160345162A1

公开(公告)日：2016-11-24

申请号：US15157332

申请日：2016-05-17

Applicant: Apple Inc.

Inventor： Li LI ,  Yousuf H. VAID ,  Christopher B. SHARP ,  Arun G. MATHIAS ,  David T. HAGGERTY ,  Jerrold Von HAUCK

IPC: H04W8/18 ,  H04W12/06 ,  H04L12/24 ,  H04B1/3816 ,  H04B1/3827

Abstract: Representative embodiments described herein set forth techniques for optimizing large-scale deliveries of electronic Subscriber Identity Modules (eSIMs) to mobile devices. Specifically, instead of generating and assigning eSIMs when mobile devices are being activated—which can require significant processing overhead—eSIMs are pre-generated with a basic set of information, and are later-assigned to the mobile devices when they are activated. This can provide considerable benefits over conventional approaches that involve generating and assigning eSIMs during mobile device activation, especially when new mobile devices (e.g., smartphones, tablets, etc.) are being launched and a large number of eSIM assignment requests are to be fulfilled in an efficient manner.

Abstract translation: 本文描述的代表性实施例阐述了用于优化向移动设备大规模地递送电子订户身份模块（eSIM）的技术。 具体而言，代替在移动设备被激活时生成和分配eSIM，这可能需要很大的处理开销 - eSIM是用一组基本信息预先生成的，并且在激活时被分配给移动设备。 这可以提供相当于在移动设备激活期间生成和分配eSIM的传统方法的显着优点，特别是当新的移动设备（例如，智能电话，平板电脑等）正在启动并且大量的eSIM分配请求将被满足时 有效的方式。

公开(公告)号：US20180249333A1

公开(公告)日：2018-08-30

申请号：US15876875

申请日：2018-01-22

Applicant: Apple Inc.

Inventor： Li LI ,  Xiangying YANG ,  Jerrold Von HAUCK ,  Christopher B. SHARP ,  Yousuf H. VAID ,  Arun G. MATHIAS ,  David T. HAGGERTY ,  Najeeb M. ABDULRAHIMAN

IPC: H04W12/06 ,  H04L29/06 ,  H04L12/24

CPC classification number: H04W12/06 ,  H04L41/28 ,  H04L63/083 ,  H04L63/0838 ,  H04L63/0853 ,  H04W12/00514

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.

公开(公告)号：US20170278097A1

公开(公告)日：2017-09-28

申请号：US15482478

申请日：2017-04-07

Applicant: Apple Inc.

Inventor： David T. HAGGERTY ,  Ahmer A. KHAN ,  Christopher B. SHARP ,  Jerrold Von HAUCK ,  Joakim LINDE ,  Kevin P. MCLAUGHLIN ,  Mehdi ZIAT ,  Yousuf H. VAID

IPC: G06Q20/36 ,  G06Q20/38 ,  G06Q20/34 ,  G06Q20/12 ,  G06Q20/32

CPC classification number: G06Q20/36 ,  G06Q20/1235 ,  G06Q20/3227 ,  G06Q20/3552 ,  G06Q20/382

Abstract: Methods and apparatus for the deployment of financial instruments and other assets are disclosed. In one embodiment, a security software protocol is disclosed that guarantees that the asset is always securely encrypted, that one and only one copy of an asset exists, and the asset is delivered to an authenticated and/or authorized customer. Additionally, exemplary embodiments of provisioning systems are disclosed that are capable of, among other things, handling large bursts of traffic (such as can occur on a so-called “launch day” of a device).