公开(公告)号：US20210067201A1

公开(公告)日：2021-03-04

申请号：US16958491

申请日：2017-12-29

Applicant: Huawei Technologies Co., Ltd.

Inventor： Sishan Wang ,  Xinmiao Chang ,  Xiaona Zhao ,  Jingqing Mei ,  Chen Dong

IPC: H04B5/00 ,  H04W4/80 ,  G06Q20/32 ,  G06Q20/34 ,  G06K7/10 ,  G01S17/04

Abstract: An emulated card selection method is implemented on a mobile device having a near field communication (NFC) NFC function. A first emulated card and a second emulated card are configured on the mobile device. When detecting an NFC radio frequency field, the mobile device detects whether there is fingerprint input. The mobile device selects the first emulated card if there is the fingerprint input. The mobile device selects the second emulated card if there is no fingerprint input. The mobile device performs NFC interaction with the NFC card reader based on the selected first emulated card or second emulated card. The mobile device can automatically select an emulated card in different emulated cards based on a card swiping status when a user uses an NFC emulated card.

公开(公告)号：US12010250B2

公开(公告)日：2024-06-11

申请号：US17290497

申请日：2019-10-23

Applicant: Huawei Technologies Co., Ltd.

Inventor： Sishan Wang ,  Xiaona Zhao ,  Xinmiao Chang

IPC: H04L9/32

CPC classification number: H04L9/3268 ,  H04L9/3242 ,  H04L9/3247 ,  H04L2209/80

Abstract: A capability enabling method and apparatus. A secure element (SE) establishes, with a trusted execution environment (TEE), a session for communication. The SE sends, to the TEE, an obtaining instruction to obtain a security certificate of the TEE. After receiving the obtaining instruction, the TEE generates the security certificate based on attribute information of the TEE, and sends the generated security certificate to the SE. After the SE receives the security certificate, the SE determines, based on the security certificate and a preset security policy, that the TEE is in a secure state. After the SE determines that the TEE is in the secure state, the SE enables a first capability for a third-party service in the SE based on a second capability of the TEE.

公开(公告)号：US11334862B2

公开(公告)日：2022-05-17

申请号：US16650720

申请日：2017-11-30

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Sishan Wang ,  Xiaona Zhao

IPC: G06Q20/20 ,  H04W4/80 ,  G06F21/62 ,  G06K7/10 ,  G06Q20/34 ,  G06Q20/40

Abstract: In this application, a terminal transaction method and a terminal are provided and used to resolve a problem existing in the prior art that an NFC application does not match a type of a POS, and there is relatively poor user experience. The method includes: establishing, by a terminal, a near field communication NFC radio frequency connection to a point of sale POS, and starting up a first transaction; and selecting, by the terminal, a first NFC application corresponding to the POS, and performing the first transaction when a use condition of the first NFC application is already satisfied.

公开(公告)号：US11736292B2

公开(公告)日：2023-08-22

申请号：US16758095

申请日：2017-10-23

Applicant: Huawei Technologies Co., Ltd.

Inventor： Sishan Wang ,  Jingqing Mei

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/08 ,  H04L9/40

CPC classification number: H04L9/3213 ,  H04L9/0861 ,  H04L9/0891 ,  H04L63/0876 ,  H04L63/102 ,  H04L63/108

Abstract: Embodiments of this application relate to an access token management method. The method includes: obtaining, by a server, an access token and login information of an authorized account corresponding to the access token in a terminal, where the access token is a credential used for accessing a protected resource in the server, and the authorized account is an account that logs in to a resource authorization application on the terminal when the resource authorization application authorizes the access token; and when the login information indicates that the authorized account is in a non-login state, performing, by the server, invalidation processing on the access token.

公开(公告)号：US20220203933A1

公开(公告)日：2022-06-30

申请号：US17605110

申请日：2020-04-17

Applicant: Huawei Technologies Co., Ltd.

Inventor： Sishan Wang

IPC: B60R25/24 ,  H04L9/08 ,  H04L9/32 ,  G07C9/00

Abstract: A method for authenticating an identity of a digital key, a terminal, and a medium, where before a second terminal enters a preset operating state from a non-preset operating state, identity authentication is first performed on a user using an identity authentication system of the second terminal, and obtained identity authentication information is stored in a secure element of the second terminal. Then, when a digital key in the second terminal is to be used, the identity authentication information stored in the secure element of the second terminal is sent to a first terminal, and the first terminal may perform verification based on the identity authentication information to determine whether the user using the digital key in the second terminal is an authorized holder of the second terminal.

公开(公告)号：US11552807B2

公开(公告)日：2023-01-10

申请号：US16648126

申请日：2017-09-18

Applicant: Huawei Technologies Co., Ltd.

Inventor： Guoqing Li ,  Xinmiao Chang ,  Jingqing Mei ,  Sishan Wang

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/08

Abstract: A method includes sending, by a trusted application (TA) entity, a certificate of the TA entity and a private key signature of the TA entity to a target security domain (SD). The certificate and the private key signature enable the target SD to perform trust verification via a server, obtaining, by the TA entity, a first key of the target SD when the trust verification of the TA entity succeeds, and establishing, by the TA entity, a trust relationship with the target SD.

公开(公告)号：US20210359867A1

公开(公告)日：2021-11-18

申请号：US17290497

申请日：2019-10-23

Applicant: Huawei Technologies Co., Ltd.

Inventor： Sishan Wang ,  Xiaona Zhao ,  Xinmiao Chang

IPC: H04L9/32

Abstract: A capability enabling method and apparatus are provided, to resolve a prior-art problem that security of executing a service by using a TEE +SE security architecture cannot be ensured. In this application, an SE establishes, with a TEE, a session used for communication. The SE sends, to the TEE by using the session, an obtaining instruction used to obtain a security certificate of the TEE. The TEE receives, by using the session, the obtaining instruction from the SE. After receiving the obtaining instruction, the TEE generates the security certificate based on attribute information of the TEE, and sends the generated security certificate to the SE by using the session. After the SE receives, by using the session, the security certificate sent by the TEE, the SE determines, based on the security certificate and a preset security policy, that the TEE is in a secure state. After the SE determines that the TEE is in the secure state, the SE enables a first capability for a third-party service in the SE, where the first capability is implemented based on a second capability of the TEE.

公开(公告)号：US20200336309A1

公开(公告)日：2020-10-22

申请号：US16758095

申请日：2017-10-23

Applicant: Huawei Technologies Co., Ltd.

Inventor： Sishan Wang ,  Jingqing Mei

IPC: H04L9/32 ,  H04L9/08 ,  H04L29/06

Abstract: Embodiments of this application relate to an access token management method, The method includes: obtaining, by a server, an access token and login information of an authorized account corresponding to the access token in a terminal, where the access token is a credential used for accessing a protected resource in the server, and the authorized account is an account that logs in to a resource authorization application on the terminal when the resource authorization application authorizes the access token; and when the login information indicates that the authorized account is in a non-login state, performing, by the server, invalidation processing on the access token.

公开(公告)号：US11979202B2

公开(公告)日：2024-05-07

申请号：US16958491

申请日：2017-12-29

Applicant: Huawei Technologies Co., Ltd.

Inventor： Sishan Wang ,  Xinmiao Chang ,  Xiaona Zhao ,  Jingqing Mei ,  Chen Dong

IPC: H04B5/00 ,  G01S17/04 ,  G06K7/10 ,  G06Q20/32 ,  G06Q20/34 ,  H04W4/80

CPC classification number: H04B5/0056 ,  G01S17/04 ,  G06K7/10297 ,  G06Q20/3278 ,  G06Q20/352 ,  H04W4/80 ,  G06Q20/326

Abstract: An emulated card selection method is implemented on a mobile device having a near field communication (NEC) NFC function. A first emulated card and a second emulated card are configured on the mobile device, When detecting an NFC radio frequency field, the mobile device detects whether there is fingerprint input. The mobile device selects the first emulated card if there is the fingerprint input. The mobile device selects the second emulated card if there is no fingerprint input. The mobile device performs NEC interaction with the NFC card reader based on the selected first emulated card or second emulated card. The mobile device can automatically select an emulated card in different emulated cards based on a card swiping status when a user uses an NEC emulated card.

公开(公告)号：US11709929B2

公开(公告)日：2023-07-25

申请号：US17290644

申请日：2019-10-23

Applicant: Huawei Technologies Co., Ltd.

Inventor： Sishan Wang ,  Xiaona Zhao ,  Xinmiao Chang

IPC: H04L29/06 ,  G06F21/53 ,  G06F3/0484 ,  G06F21/62 ,  G06T11/20

CPC classification number: G06F21/53 ,  G06F3/0484 ,  G06F21/62 ,  G06T11/20 ,  G06F2221/032

Abstract: An interaction method includes receiving a service request from a client application (CA) installed on a terminal and that runs in a rich execution environment (REE), determining a trusted user interface (TUI) identifier, sending a TUI call instruction carrying the TUI identifier to a trusted execution environment (TEE) to instruct to draw an image based on the TUI template or the TUI function component to call a TUI to display the drawn image, receiving response information from the TEE, and executing a corresponding service procedure based on the response information.