Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Procedure for the preparation and performing of a post issuance process on a secure element

a post-issuance process and secure element technology, applied in the field of post-issuance process preparation and performance of secure element, can solve the problems of card capacity, affecting the service provider, application and user experience, and causing the use of certain storage parts

Inactive Publication Date: 2010-10-28
VILMOS ANDRAS +1
View PDF2 Cites 32 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0008]The objective of the present invention avoids the unfavorable pre-installation practice during the traditional issuance process of the secure elements, and to enable dynamic post issuance operations (procedures), even between previously unknown parties in an ad-hoc manner, utilizing the potential provided by mobile or stationary (terminal) communication devices. Such post issuance operations are understood to comprise creation of new security domains (uniquely accessible storage areas), loading and installation of applications as well as other types of management functions, such as personalization and activation of the applications loaded on the secure element.
[0010]The inventors have also realized that with the unique utilization of suitably selected data elements stored on the secure element and by creating data packets therefrom and forwarding the data packets by the communication device in accordance with the procedure of the invention it is possible to effect the post issuance operations on a secure element over the air, i.e. via a remote communication connection in such a way that even previously unknown parties—secure element controllers, and service providers—can start working together to realize the post issuance procedure on the user's secure element and can load remotely the required application onto the secure element.
[0033]The objective was further more to elaborate a procedure for the service providers which ensures that the information received from the communication device that is connected to the secure element can be used to initiate communication with the controlling party of the secure element and the establishment of the new security domain, or the loading of the application can be requested in an ad hoc manner in a quasi real time procedure. One of the most important advantages of the procedures according to the invention is to provide a possibility to subsequently reconfigure the application portfolio stored on the secure element remotely and even repeatedly whereby even independent security domains (storage areas) may be created and applications may be loaded in such a way that the required data exchange between partners that are unknown to one another becomes possible in a simple automated manner.
[0034]An advantage deriving from this is that an entire secure element becomes usable by completely independent content service providers, and the information content—even without the direct physical connection between the participants—is in all cases downloadable to a security domain that is uniquely accessible, i.e. inaccessible to other parties. Thus the use of the secure element can be optimized allowing the user to access and use several different applications even new applications available only after the original issuance of the secure element and applications can also be stored on the secure element even temporarily for a limited period of time, only as long as they are needed.
[0035]It is important to see that post issuance personalization of a secure element has already been possible even prior the present invention based on various Global Platform specifications. But all these specifications are missing the points of how to initiate the post issuance procedure between previously unknown parties in such a way that can lead to a convenient, automated procedure. The present invention solves this problem, because it identifies certain data elements to be placed on the secure element, and a communication device to collect and communicate this information and a processing methodology of the communicated information which combined makes it possible to establish the initial communication between even previously unknown parties, a secure element issuer and a service provider, that can lead to the successful realization of a fully automated post issuance procedure on a secure element attached to a communication device.

Problems solved by technology

This circumstance is disadvantageous for both the service providers wishing to offer new services via new applications and for the users of the communication devices.
This practice may cause much of the card capacity, and certain storage part areas to be unused, as at the time of production, or before the issuance of the secure element it is not possible to know the real commercial demands relating to the existing and future services.
Hence, some unnecessary applications may be pre-loaded and pre-installed on the card, while other services that would actually be required by the users may be left out.
Because the exclusive memory area is managed locally and there is no external controlling / managing party, the exclusive memory area is more prone to tampering, which renders it unsuitable for use in combination with services where high security is required.
Also if the storage capacity management is performed off-line without the involvement of the secure element issuer / owner there is no possibility for the commercialization of the available storage space, the financial incentives are missing.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Procedure for the preparation and performing of a post issuance process on a secure element
  • Procedure for the preparation and performing of a post issuance process on a secure element
  • Procedure for the preparation and performing of a post issuance process on a secure element

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0055]In this embodiment of the procedure according to the invention the goal was to create a security domain 22 in a secure element 20 of a communication device 20 in order to receive information content (e.g. a ticketing application). The steps of the procedure are schematically illustrated in FIG. 3.

[0056]An initial data packet 40 was created in Step 131 (FIG. 3) by the data collecting application installed on the communication device 10. The data packet 40 included the SE data 41 which contained information suitable for the identification of the secure element 20 (e.g. the serial number of the secure element 20) and direct contact information of the SE controlling party 50 (e.g. the secure element issuer). The supplementary data 42 of the data packet 40 contained identification data of the communication device 10 (e.g. type of the device) for identifying the technical capacity of the device 10. The supplementary data 42 preferably includes information identifying the request of ...

example 2

[0062]In this embodiment of the procedure according to the invention, as opposed to that presented in the previous example, the contact details of the SE controlling party 50 was determined first by the service provider 30 in Step 133 on the basis of the indirect contact data stored in the secure storage part unit 20 located in the user 8 mobile handset communication device 10.

[0063]In order to acquire this data, from the indirect contact information placed in the secure element 20 a determined section of a database was reached from which the direct contact details of the SE issuer appearing as the SE controlling party 50 of the given secure element 20 were acquired. In the possession of this information a position request data packet 60 was created from the SE data 41 suitable for identifying the secure element 20 and from the supplementary data 42 identifying technical properties of the communication device 10, furthermore, from the details of the service provider 30 wishing to in...

example 3

[0065]The present embodiment of the inventive procedure (illustrated in FIG. 3 as well) differs from the embodiment described in Example 1 in that the post issuance process involves loading uniquely accessible data content (application) onto the secure element 20, instead of creating a uniquely accessible security domain 22.

[0066]The procedure is very similar, in Step 131 an initial data packet 40 is created at the communication device, which is sent to the service provider 30 in Step 132. In Step 133 the service provider 30 processes the initial data packet 40, determines the SE controlling party 50 (either from direct or indirect contact information included in the initial data packet) and creates a position request data packet 60, which comprises certain required data obtained from the initial data packet 40 and information relating to the data content to be loaded on the secure element 20.

[0067]The service provider 30 sends the position request data packet 60 to the SE controlli...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A method for enabling post issuance operation on a secure element connectable to a communication device is disclosed. The method allows an SE controlling party to perform remotely operations such as creation of new security domains for an external party, loading, and installation of applications of an external party and management functions including personalization and activation of applications loaded on the SE for an external party. The method includes the steps of:collecting data stored on the SE suitable for identification of the SE and data for contacting the SE controlling party;creating an initial data packet from the collected data,sending the data packet to a party which can be the external party, an agent of the external party, the SE controlling party, an agent of the SE controlling party.A communication device and a software application for implementing the method are also disclosed.

Description

CROSS REFERENCE TO RELATED APPLICATION[0001]This application is a continuation-in-part of PCT / HU2008 / 000114 filed on 6 Oct. 2008 and claims priority of Hungarian Patent Application No. P0700685 filed on 20 Oct. 2007.FIELD OF INVENTION[0002]The present invention relates to a method for enabling post issuance operation on a secure element (SE) connectable to a communication device by a party controlling the SE. In a first aspect of the invention the method is performed by the communication device or a software application running on the communication device. In a second aspect the method is performed by an external party such as a service provider.[0003]The invention further relates to a communication device which is connectable to a secure element and a software application that can be installed on such a communication device.[0004]In the context of the present invention the terms “secure element” or “SE” mean a secure storage part-unit, such as a chip card, e.g. the SIM cards used i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/24
CPCG06F12/1416G06F12/1408H04L63/20H04L63/04H04L63/123
Inventor VILMOS, ANDRASPARKANYI, PETER
Owner VILMOS ANDRAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com