[go: up one dir, main page]

WO2017012086A1 - Secure element based data management - Google Patents

Secure element based data management Download PDF

Info

Publication number
WO2017012086A1
WO2017012086A1 PCT/CN2015/084761 CN2015084761W WO2017012086A1 WO 2017012086 A1 WO2017012086 A1 WO 2017012086A1 CN 2015084761 W CN2015084761 W CN 2015084761W WO 2017012086 A1 WO2017012086 A1 WO 2017012086A1
Authority
WO
WIPO (PCT)
Prior art keywords
pin
service
data
external device
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2015/084761
Other languages
French (fr)
Inventor
Jianhui Li
Yuntao SUN
Jianliang LIU
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hewlett Packard Development Co LP
Original Assignee
Hewlett Packard Development Co LP
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hewlett Packard Development Co LP filed Critical Hewlett Packard Development Co LP
Priority to PCT/CN2015/084761 priority Critical patent/WO2017012086A1/en
Publication of WO2017012086A1 publication Critical patent/WO2017012086A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0207Discounts or incentives, e.g. coupons or rebates

Definitions

  • FIG. 1 illustrates a diagram of a data structure of a data manager in a form of Secure Element in accordance with various examples of the present disclosure.
  • FIG. 2 illustrates a schematic diagram of communication between the data manager and external devices in accordance with various examples of the present disclosure.
  • FIG. 3A illustrates a protocol diagram of communication in terms of services with high security demand between the data manager and external devices in accordance with various examples of the present disclosure.
  • FIG. 3B illustrates a protocol diagram of communication in terms of services with low security demand between the data manager and external devices in accordance with various examples of the present disclosure.
  • FIG. 4 illustrates a flowchart of a method for Secure Element based data management in accordance with various examples of the present disclosure.
  • FIG. 5 illustrates a flowchart of another method for Secure Element based data management in accordance with various examples of the present disclosure.
  • FIG. 6 illustrates a block diagram of a Secure Element based data management system in accordance with various examples of the present disclosure.
  • FIG. 7 illustrates a diagram of a computer system for implementing various examples of the present disclosure.
  • a typical technique employs Quick Response (QR) codes in combination with online IDs, requiring multiple applications and presenting a high error rate and a slow response.
  • QR Quick Response
  • Another typical technique utilizes NFC plus logic encryption cards, but needs a physical card and a fixed data structure.
  • the present disclosure provides a method and system for a highly secure and flexible all-in-one card for shops of the retail industry.
  • a java card application is installed into an embedded Secure Element (SE) of the device, which in one example may be a mobile device, e.g., a mobile phone.
  • SE embedded Secure Element
  • the Secure Element may accommodate different types of loyalty cards, electronic tickets (e-tickets) or electronic coupons (e-coupons) , etc. Therefore, data from all of the shops may be stored and managed together at the Secure Element.
  • FIG. 1 a data structure of a data manager 100 in a form of Secure Element in accordance with various examples of the present disclosure is depicted.
  • the data manager 100 in accordance with the present disclosure may be implemented in a Secure Element.
  • the data manager may store and manage various types of data.
  • the data manager may store and manage data of services with high security demand to which the customer is more sensitive or pays more attention, e.g., shop loyalty card data, electronic cash balance data, member point data, etc.
  • the data manager may store and manage data of services with low security demand to which the customer is less sensitive or pays less attention, e.g., e-ticket data, e-coupon data, spending history data, etc.
  • the data manager may store and manage both of the data of the services with high security demand and the data of the services with low security demand.
  • the data manager 100 may store personal information 101 of the customer, a plurality of loyalty cards 102-1 to 102-N respectively for shops 1 to N, a plurality of keys 103-1 to 103-N for the loyalty cards 102-1 to 102-N, a plurality of PIN (Personal Identification Number) codes 104-1 to 104-N, a plurality of e-tickets 105-1 to 105-M, a plurality of e-coupons 106-1 to 106-L, a plurality of first electronic signatures 107-1 to 107-M for the e-tickets 105-1 to 105-M, a plurality of second electronic signatures 107-1′ to 107-L′ for the e-coupons 106-1 to 106-L, a plurality of electronic cash balances 108-1 to 108-N for the loyalty cards 102-1 to 102-N, a plurality of member points 109-1 to 109-N for the loyalty cards 102-1 to 102-N, a plurality of member
  • the Secure Element (not shown in FIG. 1) comprising the data manager 100 manages all of the loyalty cards 102-1 to 102-N, the e-tickets 105-1 to 105-M, the e-coupons 106-1 to 106-L, etc., for the customer.
  • One shop e.g, a shop 1
  • customer data issued by itself, e.g., the loyalty card 102-1, the electronic cash balance 108-1, the member point 109-1, etc.
  • the high security of the data structure of the data manager 100 can prevent the personal information 101 of the customer from being accessed by unauthorized users.
  • the data of the services with high security demand for different sources may be separated by highly secure firewalls.
  • the data of the loyalty card 102-1 from the shop 1 may be separated from the data of the loyalty card 102-2 from the shop 2 by a highly secure firewall
  • the data of the loyalty card 102-2 from the shop 2 may be separated from the data of the loyalty card 102-3 from the shop 3 by a highly secure firewall, ... , and so on.
  • the data of the electronic cash balance for one shop may be separated from that for another shop by a highly secure firewall.
  • the data of the member point for one shop may be separated from that for another shop by a highly secure firewall.
  • the data of the services with high security demand may be encrypted by using a unique key and authenticated by using a unique PIN code.
  • the data of the loyalty card 102-1 may be encrypted with the key 103-1 and authenticated with the PIN code 104-1
  • the data of the loyalty card 102-2 may be encrypted with the key 103-2 and authenticated with the PIN code 104-2
  • the data of the loyalty card 102-N may be encrypted with the key 103-N and authenticated with the PIN code 104-N.
  • data of a particular electronic cash balance may be encrypted with a unique key and authenticated with a unique PIN code.
  • data of a particular member point may be encrypted with a unique key and authenticated with a unique PIN code.
  • the data of the services with low security demand may be protected using electronic signatures and PIN codes.
  • the data of the e-coupon 106-1 may be protected using the electronic signature 107-1′ and the PIN code 104-1′, ...
  • the data of the e-coupon 106-L may be protected using the electronic signature 107-L′ and the PIN code 104-L′.
  • the data of the e-ticket 105-1 may be protected using the electronic signature 107-1 and the PIN code 104-1′′, ...
  • the data of the e-ticket 105-M may be protected using the electronic signature 107-M and the PIN code 104-M′′.
  • data for different services may be integrated with each other without a need for too many applications to be installed in the mobile device of the customer and without any decrease in the security of the services.
  • FIG. 2 a schematic diagram of communication between the data manager and external devices in accordance with various examples of the present disclosure is depicted.
  • the data manager 100 shown in FIG. 1 is included in a Secure Element 201.
  • a mobile device 200 comprises the Secure Element 201, an NFC controller 202, an antenna 203 and a mobile device application 204.
  • the mobile device 200 may communicate with a shop application 211 via an NFC reader/writer 220.
  • the mobile device 200 may communicate with a cloud server 230 for purchase or transaction, e.g., exchange of the e-tickets or the e-coupons, in addition to the above-mentioned interactions.
  • the mobile device 200 may access the cloud server 230 using the mobile device application 204, and the shop 1 may access the cloud server 230 using the shop application 211, e.g., in a WiFi (Wireless Fidelity) , 3G (The 3 rd Generation) , 4G (The 4 th Generation) or https environment.
  • both of the accesses may be performed by using TLS (Transport Layer Security) /SSL (Secure Sockets Layer) .
  • mutual authentication may be employed during the accesses.
  • the mutual authentication may be based on symmetric encryption and a hash function.
  • the symmetric encryption approach is AES (Advanced Encryption Standard) and the hash function is SHA256 (Secure Hash Algorithm 256) .
  • an authentication key used in the mutual authentication between the mobile device 200 and the shop 1 may be unique since it is generated from a shop key for the shop 1 and the personal information contained in the data manager 100.
  • the AES approach and the SHA256 approach are utilized to prevent data falsification in subsequent communication performed after the mutual authentication.
  • FIG. 3A a protocol diagram of communication in terms of the services with high security demand between the data manager 100 and an external device 300 in accordance with various examples of the present disclosure is depicted.
  • the external device 300 transmits a request for a transaction to the data manager 100.
  • the external device 300 may be the NFC reader/writer 220 shown in FIG. 2.
  • the external device 300 may be a device for communication between the cloud server 230 and the mobile device 200 shown in FIG. 2.
  • the mutual authentication as described above is performed between the data manager 100 and the external device 300 to confirm that establishment between them is reliable.
  • the data manager 100 transmits a feedback message for receipt of the request for transaction, and the external device 300 confirms the feedback result and obtains a key for one of the shops.
  • the external device 300 generates a random number R1, encrypts R1 as R1E based on the key using a first encryption approach, generates a first message authentication code (MAC) based on the key and R1E using a second encryption approach, and transmits R1E and the first MAC to the data manager 100.
  • R1E random number
  • MAC message authentication code
  • the data manager 100 performs the following operations: obtaining the key for the shop; confirming the first MAC; decrypting R1E as R1ED based on the key using a first decryption approach corresponding to the first encryption approach; re-encrypting R1ED as R1EDE based on the key using the first encryption approach; generating a random number R2; encrypting R2 as R2E based on the key using the first encryption approach; generating a second MAC based on the key, R2E and R1EDE using the second encryption approach; and transmitting R1EDE, R2E and the second MAC to the external device 300.
  • the external device 300 After receiving R1EDE, R2E and the second MAC, the external device 300 performs the following operations: confirming the second MAC; decrypting R1EDE as R1EDED based on the key using the first decryption approach; determining whether R1EDED equals to R1; if so, decrypting R2E as R2ED based on the key using the first decryption approach; encrypting R2ED as R2EDE based on the key using the first encryption approach; generating a third MAC based on the key and R2EDE using the second encryption approach; and transmitting R2EDE and the third MAC to the data manager 100.
  • the data manager 100 confirms the third MAC, decrypts R2EDE as R2EDED based on the key using the first decryption approach and determines whether R2EDED equals to R2. If so, the process proceeds to 303.
  • the first encryption approach may be AES and the second encryption approach may be SHA256 using the message authentication code (MAC) .
  • MAC message authentication code
  • the data manager 100 transmits a request for a PIN input for one of the shops.
  • the shop 1 is taken as an example herein.
  • the external device 300 obtains a PIN input from a customer, encrypts the PIN input as an encrypted PIN code using a temporary communication key, which may be referred to as a transaction code, obtained in the mutual authentication process, and generates a PIN related message authentication code (MAC) based on the transaction code and the encrypted PIN code.
  • MAC PIN related message authentication code
  • the transaction code is used to prevent interception by a malicious user.
  • the external device 300 transmits the encrypted PIN code and the PIN related MAC to the data manager 100.
  • the encryption of the PIN input may be performed using a first encryption approach and the generation of the PIN related MAC may be performed based on a second encryption approach.
  • the data manager 100 Upon receipt of the encrypted PIN code and the PIN related MAC, at 306, the data manager 100 confirms the PIN related MAC, decrypts the encrypted PIN code and verifies the decrypted PIN code using a PIN code initially stored in the data manager 100 for the shop 1, i.e., the PIN code 104-1 shown in FIG. 1. At 307, the data manager 100 transmits a verification result to the external device 300.
  • the decryption of the encrypted PIN code may be performed based on a first decryption approach corresponding to the first encryption approach.
  • cryptograph communication is performed with regard to the transaction for the shop 1 between the data manager 100 and the external device 300 to prevent data falsification.
  • the cryptograph communication may be performed using both the first encryption approach and the second encryption approach.
  • FIG. 3B a protocol diagram of communication in terms of the services with low security demand between the data manager 100 and the external device 300 in accordance with various examples of the present disclosure is depicted.
  • the external device 300 may be the NFC reader/writer 220 shown in FIG. 2.
  • the external device 300 may be a device for communication between the cloud server 230 and the mobile device 200 shown in FIG. 2.
  • the external device 300 may request reading of the data for the services; the data manager 100 may obtain a list of the services, e.g., the plurality of e-tickets 105-1 to 105-M or the plurality of e-coupons 106-1 to 106-L shown in FIG. 1, and transmit the list to the external device 300; the external device 300 may select one service from the list, e.g., e.g., the e-ticket 105-1 or the e-coupon 106-1 shown in FIG. 1, and transmit a request to read data for the selected service to the data manager 100; the data manager 100 may obtain the data for the selected service and transmit it to the external device 300.
  • the data manager 100 may obtain a list of the services, e.g., the plurality of e-tickets 105-1 to 105-M or the plurality of e-coupons 106-1 to 106-L shown in FIG. 1, and transmit the list to the external device 300; the external device 300 may select one service from the list,
  • the data for the services may contain electronic signatures, e.g., the electronic signatures 107-1 to 107-M or 107-1′ to 107-L′.
  • the external device 300 confirms a signature of the data using a public key certificate for the selected service (e.g., the e-ticket 105-1 or the e-coupon 106-1) , wherein the signature is made by a shop associated with the selected service.
  • a public key certificate for the selected service e.g., the e-ticket 105-1 or the e-coupon 106-1
  • the external device 300 requests a transaction for the selected one of the services.
  • the data manager 100 transmits a request for a PIN input for the service.
  • the external device 300 obtains a PIN input from a customer, and generates a PIN digest based on the PIN input.
  • the external device 300 transmits the PIN digest to the data manager 100.
  • the generation of the MAC may be performed based on SHA256.
  • the data manager 100 Upon receipt of the PIN digest, at 307′, the data manager 100 verifies the PIN digest using a PIN code initially stored for the service, i.e., the PIN code 104-1′′ or the PIN code 104-1′ shown in FIG. 1. At 308′, the data manager 100 transmits a verification result to the external device 300 for confirmation. After the confirmation by the external device 300, the communication process ends.
  • a PIN code initially stored for the service i.e., the PIN code 104-1′′ or the PIN code 104-1′ shown in FIG. 1.
  • the verification of the PIN digest may be performed by comparing the PIN digest with the PIN code initially stored in the data manager 100 for the service.
  • FIG. 4 a flowchart of a method 400 for Secure Element based data management in accordance with various examples of the present disclosure is depicted.
  • the method 400 begins with block 410 in which a data manager receives a request for a transaction that utilizes one of a plurality of services stored in the data manager from an external device.
  • the services may include the above services with high security demand such as loyalty cards, member points, electronic cash balances, etc.
  • the data manager performs the mutual authentication described above with the external device.
  • the data manager requests a PIN input for the one service from the external device.
  • the data manager receives PIN data generated at the external device based on the PIN input for the one service.
  • the data manager verifies the PIN data using a PIN code initially stored in the data manager for the one service and feeds a verification result back to the external device, wherein the PIN code for the one service is stored in the data manager in parallel with PIN codes for all other stored services.
  • the data manager conducts the transaction for the one service with the external device. In an example, if the verification is negative, the method 400 ends.
  • the external device may be the NFC reader/writer 220 shown in FIG. 2.
  • the external device may be a device for communication between the cloud server 230 and the mobile device 200 shown in FIG. 2.
  • the received PIN data may comprise an encrypted PIN code encrypted based on the PIN input using a first encryption approach and a message authentication code (MAC) generated based on the encrypted PIN input using a second encryption approach.
  • the first encryption approach may be AES and the second encryption approach may be SHA256 with the MAC.
  • the block 450 may proceed by confirming the MAC and decrypting the encrypted PIN code using a first decryption approach corresponding to the first encryption approach.
  • the verification result in the block 450 may be positive.
  • the block 460 may proceed by performing cryptograph communication with the external device based on the first and second encryption approaches to prevent data falsification.
  • the PIN code for the one service may be separated from the PIN codes for all other stored services by highly secure firewalls in the data manager.
  • the data manager may perform the mutual authentication with the external device based on random numbers R1, R2, the first encryption approach and the second encryption approach.
  • the generation of the encrypted PIN code may be further based on the random numbers R1 and R2, and the generation of the MAC may be further based on a transaction code which is obtained in the mutual authentication and used to prevent interception by a malicious user.
  • FIG. 5 a flowchart of another method 500 for Secure Element based data management in accordance with various examples of the present disclosure is depicted.
  • the method 500 begins with block 510 in which a data manager obtains a list of services stored in the data manager and transmits the list to an external device.
  • the list of services may comprise the above services with low security demand.
  • the data manager receives a request for a transaction that utilizes one service selected from the list, which is transmitted from the external device after confirmation of signature of data for the selected service.
  • the data manager requests a PIN input for the selected service from the external device.
  • the data manager receives PIN data that is generated at the external device based on the PIN input for the one service.
  • the data manager verifies the PIN data using a PIN code initially stored in the data manager for the one service and feeds a verification result back to the external device, wherein the PIN code for the one service is stored in the data manager in parallel with PIN codes for all other stored services.
  • the external device may be the NFC reader/writer 220 shown in FIG. 2.
  • the external device may be a device for communication between the cloud server 230 and the mobile device 200 shown in FIG. 2.
  • the received PIN data may comprise an encrypted PIN code encrypted based on the PIN input.
  • the block 550 may proceed by comparing the encrypted PIN code with the PIN code initially stored for the one service.
  • the verification result from the block 550 may be positive.
  • the data manager conducts further transactions for the one service with the external device.
  • FIG. 6 a block diagram of a Secure Element based data management system 600 in accordance with various examples of the present disclosure is depicted.
  • the Secure Element based data management system 600 may comprise a storage module 601, a detection module 602, a communication module 603, a verification module 604 and a transaction module 605.
  • the storage module 601 stores a plurality of services and stores a plurality of PIN codes in parallel respectively for the plurality of services.
  • the plurality of services may include the loyalty cards 102-1 to 102-N, the electronic cash balances 108-1 to 108-N, the member points 109-1 to 109-N, the e-tickets 105-1 to 105-M, the e-coupons 106-1 to 106-L, etc.
  • the plurality of PIN codes may include the PIN codes 104-1 to 104-N, the PIN codes 104-1′ to 104-L′, the PIN codes 104-1′′ to 104-M′′, etc.
  • the detection module 602 detects whether a request for a transaction that utilizes one of the plurality of services stored in the storage module 601 arrives from an external device. Furthermore, the detection module 602 automatically determines whether the one service involved in the transaction is a first type of service (e.g., the service with high security demand) or a second type of service (e.g., the service with low security demand) .
  • a first type of service e.g., the service with high security demand
  • a second type of service e.g., the service with low security demand
  • the communication module 603 transmits a request to the external device for a PIN input for the one service after detection by the detection module 602 of the arrival of the request for the transaction that utilizes one of the plurality of services.
  • the communication module 603 also receives PIN data generated at the external device based on the PIN input for the one service.
  • the verification module 604 verifies the PIN data to be received by the communication module 603 using a PIN code initially stored in the storage module 601 for the one service and feeds a verification result back to the external device.
  • the transaction module 605 conducts the transaction for the one service with the external device.
  • the external device may be the NFC reader/writer 220 shown in FIG. 2.
  • the external device may be a device for communication between the cloud server 230 and the mobile device 200 shown in FIG. 2.
  • the communication module 603 performs the mutual authentication described above with the external device before it transmits the request for the PIN input for the one service.
  • the received PIN data may comprise an encrypted PIN code encrypted based on the PIN input using a first encryption approach and a message authentication code (MAC) generated based on the encrypted PIN input using a second encryption approach.
  • the first encryption approach may be AES and the second encryption approach may be SHA256 with the MAC.
  • the verification module 604 may perform the verification by confirming the MAC and decrypting the encrypted PIN code using a first decryption approach corresponding to the first encryption approach.
  • the verification result produced by the verification module 604 may be positive.
  • the transaction module 605 may further perform cryptograph communication with the external device based on the first and second encryption approaches in response to a positive verification result from the verification module 604 to prevent data falsification.
  • the PIN code for the one service may be separated from PIN codes for all other stored services by highly secure firewalls in the storage module 601.
  • the communication module 603 may perform the mutual authentication with the external device based on random numbers R1, R2, the first encryption approach and the second encryption approach, before transmitting the request for the PIN input for the one service to the external device.
  • the generation of the encrypted PIN code may be further based on the random numbers R1 and R2, and the generation of the MAC may be further based on a transaction code obtained in the mutual authentication and used to prevent malicious interception.
  • the received PIN data may comprise an encrypted PIN code encrypted based on the PIN input.
  • the verification module 604 may perform the verification by comparing the encrypted PIN code with the PIN code initially stored in the storage module 601 for the one service. In a yet further example, when the encrypted PIN code matches the PIN code initially stored in the storage module 601 for the one service, the verification result produced by the verification module 604 may be positive.
  • the detection module 602 determines that the one service to be utilized in the transaction is the service with low security demand, the data for the services may contain electronic signatures.
  • the computer system 700 includes a processor (s) CPU 701, an associated memory 702 (e.g., random access memory (RAM) , cache memory, flash memory, etc. ) , a storage device 703 (e.g., a hard disk, an optical drive such as a compact disk drive or digital video disk (DVD) drive, a flash memory stick, etc. ) , I/O devices 704 such as a keyboard, a mouse, a microphone (not shown) or a monitor, and a network interface 705, which is coupled to each other via a bus 706.
  • a processor s
  • memory 702 e.g., random access memory (RAM) , cache memory, flash memory, etc.
  • storage device 703 e.g., a hard disk, an optical drive such as a compact disk drive or digital video disk (DVD) drive, a flash memory stick, etc.
  • I/O devices 704 such as a keyboard, a mouse, a microphone (not shown) or a monitor
  • the memory 702 includes, among others, a data management module 707 storing machine readable instructions, which, when executed by the processor 701, cause the processor 701 to perform the following operations.
  • the operations include performing the method 400 as explained with respect to FIG. 4 or the method 500 as explained with respect to FIG. 5.
  • the data management system 600 as shown in FIG. 6 may be implemented as the data management module 707.
  • Another example of the data management module 707 includes instructions that cause the processor 701 to implement the data management system 600 as shown in FIG. 6 and the method 400 as illustrated in FIG. 4 or the method 500 as illustrated in FIG. 5.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Development Economics (AREA)
  • Strategic Management (AREA)
  • Finance (AREA)
  • Game Theory and Decision Science (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Cash Registers Or Receiving Machines (AREA)

Abstract

The present disclosure provides a method for Secure Element based all-in-one data management. A request for a transaction that utilizes one of a plurality of services stored in a data manager is received at the data manager from an external device. Mutual authentication is performed with the external device. A personal identification number (PIN) input for the one service is requested from the external device. PIN data generated at the external device based on the PIN input for the one service is received. Then, the PIN data is verified using a PIN code initially stored for the one service and a verification result is fed back to the external device, wherein the PIN code for the one service is stored in the data manager in parallel with PIN codes for all other stored services. The transaction for the one service is conducted with the external device in response to a positive verification result.

Description

SECURE ELEMENT BASED DATA MANAGEMENT BACKGROUND
Membership marketing has become a common way for most shops in retail business to keep loyalty of their customers. Many types of tickets or coupons are issued to attract customers. Many shops nowadays provide electronic member cards and coupons to customers via a large number of smart phone applications that need to be installed by the customers.
BRIEF DESCRIPTION OF THE DRAWINGS
The examples of the present application may be more fully appreciated in connection with the following detailed description taken in conjunction with the accompanying drawings, in which like reference characters refer to like parts throughout and in which:
FIG. 1 illustrates a diagram of a data structure of a data manager in a form of Secure Element in accordance with various examples of the present disclosure.
FIG. 2 illustrates a schematic diagram of communication between the data manager and external devices in accordance with various examples of the present disclosure.
FIG. 3A illustrates a protocol diagram of communication in terms of services with high security demand between the data manager and external devices in accordance with various examples of the present disclosure.
FIG. 3B illustrates a protocol diagram of communication in terms of services with low security demand between the data manager and external devices in accordance with various examples of the present disclosure.
FIG. 4 illustrates a flowchart of a method for Secure Element based data management in accordance with various examples of the present disclosure.
FIG. 5 illustrates a flowchart of another method for Secure Element based data management in accordance with various examples of the present disclosure.
FIG. 6 illustrates a block diagram of a Secure Element based data management system in accordance with various examples of the present disclosure.
FIG. 7 illustrates a diagram of a computer system for implementing various examples of the present disclosure.
DETAILED DESCRIPTION
In the following detailed description of examples of the disclosure, numerous specific details are set forth in order to provide a more thorough understanding of the disclosure. However, the disclosure may be practiced without these specific details. In other instances, well-known features have not been described in detail to avoid unnecessarily complicating the description.
Customers usually care about security of their personal information and attempt to prevent the personal information in the cards and the coupons from being leaked or utilized illegally. Moreover, shops often endeavor to inhibit data of the customers from being tampered and offer authenticity of the electronic tickets and coupons. Many technologies have been emerging in order to improve experience of the customers and remove anxiety of the shops. A typical technique employs Quick Response (QR) codes in combination with online IDs, requiring multiple applications and presenting a high error rate and a slow response. Another typical technique utilizes NFC plus logic encryption cards, but needs a physical card and a fixed data structure.
The present disclosure provides a method and system for a highly secure and flexible all-in-one card for shops of the retail industry. A java card application is installed into an embedded Secure Element (SE) of the device, which in one example may be a mobile device, e.g., a mobile phone. The Secure Element may accommodate different types of loyalty cards, electronic tickets (e-tickets) or electronic coupons (e-coupons) , etc. Therefore, data from all of the shops may be stored and managed together at the Secure Element.
Referring now to FIG. 1, a data structure of a data manager 100 in a form of Secure Element in accordance with various examples of the present disclosure is depicted.
The data manager 100 in accordance with the present disclosure may be implemented in a Secure Element. The data manager may store and manage various types of data. In an example, the data manager may store and manage data of services with high security demand to which the customer is more sensitive or pays more attention, e.g., shop loyalty card data, electronic cash balance data, member point data, etc. In another example, the data manager may store and manage data of services with low security demand to which the customer is less sensitive or pays less attention, e.g., e-ticket data, e-coupon data, spending history data, etc. In yet another example, the data manager may store and manage both of the data of the services with high security demand and the data of the services with low security demand.
In an example, as shown in FIG. 1, the data manager 100 may store personal information 101 of the customer, a plurality of loyalty cards 102-1 to 102-N respectively for shops 1 to N, a plurality of keys 103-1 to 103-N for the loyalty cards 102-1 to 102-N, a plurality of PIN (Personal Identification Number) codes 104-1 to 104-N, a plurality of e-tickets 105-1 to 105-M, a plurality of e-coupons 106-1 to 106-L, a plurality of first electronic signatures 107-1 to 107-M for the e-tickets 105-1 to 105-M, a plurality of second electronic signatures 107-1′ to 107-L′ for the e-coupons 106-1 to 106-L, a plurality of electronic cash balances 108-1 to 108-N for the loyalty cards 102-1 to 102-N, a plurality of member points 109-1 to 109-N for the loyalty cards 102-1 to 102-N, and so on.
The Secure Element (not shown in FIG. 1) comprising the data manager 100 manages all of the loyalty cards 102-1 to 102-N, the e-tickets 105-1 to 105-M, the e-coupons 106-1 to 106-L, etc., for the customer. One shop, e.g, a shop 1, can only access customer data issued by itself, e.g., the loyalty card 102-1, the electronic cash balance 108-1, the member point 109-1, etc. The high security of the data structure of the data manager 100  can prevent the personal information 101 of the customer from being accessed by unauthorized users.
The data of the services with high security demand for different sources may be separated by highly secure firewalls. In an example, the data of the loyalty card 102-1 from the shop 1 may be separated from the data of the loyalty card 102-2 from the shop 2 by a highly secure firewall, the data of the loyalty card 102-2 from the shop 2 may be separated from the data of the loyalty card 102-3 from the shop 3 by a highly secure firewall, ... , and so on. In another example, the data of the electronic cash balance for one shop may be separated from that for another shop by a highly secure firewall. In still another example, the data of the member point for one shop may be separated from that for another shop by a highly secure firewall.
The data of the services with high security demand may be encrypted by using a unique key and authenticated by using a unique PIN code. In an example, the data of the loyalty card 102-1 may be encrypted with the key 103-1 and authenticated with the PIN code 104-1, the data of the loyalty card 102-2 may be encrypted with the key 103-2 and authenticated with the PIN code 104-2, ... , the data of the loyalty card 102-N may be encrypted with the key 103-N and authenticated with the PIN code 104-N. In another example, data of a particular electronic cash balance may be encrypted with a unique key and authenticated with a unique PIN code. In still another example, data of a particular member point may be encrypted with a unique key and authenticated with a unique PIN code.
The data of the services with low security demand may be protected using electronic signatures and PIN codes. In an example, the data of the e-coupon 106-1 may be protected using the electronic signature 107-1′ and the PIN code 104-1′, ... , the data of the e-coupon 106-L may be protected using the electronic signature 107-L′ and the PIN code 104-L′. In another example, the data of the e-ticket 105-1 may be protected using the electronic signature 107-1 and the PIN code 104-1″, ... , the data of the e-ticket 105-M may be protected using the electronic signature 107-M and  the PIN code 104-M″.
In such a structure of the data manager 100, data for different services may be companied with each other without a need for too many applications to be installed in the mobile device of the customer and without any decrease in the security of the services.
Referring now to FIG. 2, a schematic diagram of communication between the data manager and external devices in accordance with various examples of the present disclosure is depicted.
The data manager 100 shown in FIG. 1 is included in a Secure Element 201. As shown in FIG. 2, a mobile device 200 comprises the Secure Element 201, an NFC controller 202, an antenna 203 and a mobile device application 204. In an example, when the customer would like to interact with a shop (e.g., the shop 1 as shown in FIG. 2) , e.g., purchasing with the loyalty card 102-1 in the data manager 100, increasing or deducting member points 109-1 in the data manager 100, inquiring the electronic cash balance 108-1 in the data manager 100, etc., the mobile device 200 may communicate with a shop application 211 via an NFC reader/writer 220. Alternatively, the mobile device 200 may communicate with a cloud server 230 for purchase or transaction, e.g., exchange of the e-tickets or the e-coupons, in addition to the above-mentioned interactions. As shown in FIG. 2, the mobile device 200 may access the cloud server 230 using the mobile device application 204, and the shop 1 may access the cloud server 230 using the shop application 211, e.g., in a WiFi (Wireless Fidelity) , 3G (The 3rd Generation) , 4G (The 4th Generation) or https environment. In an example, both of the accesses may be performed by using TLS (Transport Layer Security) /SSL (Secure Sockets Layer) .
In an example, mutual authentication may be employed during the accesses. In an example, the mutual authentication may be based on symmetric encryption and a hash function. In an example, the symmetric encryption approach is AES (Advanced Encryption Standard) and the hash function is SHA256 (Secure Hash Algorithm 256) . In an example, an authentication key used in the mutual authentication between the mobile  device 200 and the shop 1 may be unique since it is generated from a shop key for the shop 1 and the personal information contained in the data manager 100. In an example, the AES approach and the SHA256 approach are utilized to prevent data falsification in subsequent communication performed after the mutual authentication.
Referring now to FIG. 3A, a protocol diagram of communication in terms of the services with high security demand between the data manager 100 and an external device 300 in accordance with various examples of the present disclosure is depicted.
At 301, the external device 300 transmits a request for a transaction to the data manager 100. In an example, the external device 300 may be the NFC reader/writer 220 shown in FIG. 2. In another example, the external device 300 may be a device for communication between the cloud server 230 and the mobile device 200 shown in FIG. 2.
At 302, the mutual authentication as described above is performed between the data manager 100 and the external device 300 to confirm that establishment between them is reliable.
In the mutual authentication process, the data manager 100 transmits a feedback message for receipt of the request for transaction, and the external device 300 confirms the feedback result and obtains a key for one of the shops.
Then, the external device 300 generates a random number R1, encrypts R1 as R1E based on the key using a first encryption approach, generates a first message authentication code (MAC) based on the key and R1E using a second encryption approach, and transmits R1E and the first MAC to the data manager 100.
Next, the data manager 100 performs the following operations: obtaining the key for the shop; confirming the first MAC; decrypting R1E as R1ED based on the key using a first decryption approach corresponding to the first encryption approach; re-encrypting R1ED as R1EDE based on the key using the first encryption approach; generating a random number R2; encrypting R2 as R2E based on the key using the first encryption  approach; generating a second MAC based on the key, R2E and R1EDE using the second encryption approach; and transmitting R1EDE, R2E and the second MAC to the external device 300.
After receiving R1EDE, R2E and the second MAC, the external device 300 performs the following operations: confirming the second MAC; decrypting R1EDE as R1EDED based on the key using the first decryption approach; determining whether R1EDED equals to R1; if so, decrypting R2E as R2ED based on the key using the first decryption approach; encrypting R2ED as R2EDE based on the key using the first encryption approach; generating a third MAC based on the key and R2EDE using the second encryption approach; and transmitting R2EDE and the third MAC to the data manager 100.
Finally, the data manager 100 confirms the third MAC, decrypts R2EDE as R2EDED based on the key using the first decryption approach and determines whether R2EDED equals to R2. If so, the process proceeds to 303.
In an example, the first encryption approach may be AES and the second encryption approach may be SHA256 using the message authentication code (MAC) .
At 303, the data manager 100 transmits a request for a PIN input for one of the shops. The shop 1 is taken as an example herein. After receipt of the request, at 304, the external device 300 obtains a PIN input from a customer, encrypts the PIN input as an encrypted PIN code using a temporary communication key, which may be referred to as a transaction code, obtained in the mutual authentication process, and generates a PIN related message authentication code (MAC) based on the transaction code and the encrypted PIN code. The transaction code is used to prevent interception by a malicious user. At 305, the external device 300 transmits the encrypted PIN code and the PIN related MAC to the data manager 100.
In an example, the encryption of the PIN input may be performed using a first encryption approach and the generation of the PIN related MAC may be performed based on a second encryption approach.
Upon receipt of the encrypted PIN code and the PIN related MAC, at 306, the data manager 100 confirms the PIN related MAC, decrypts the encrypted PIN code and verifies the decrypted PIN code using a PIN code initially stored in the data manager 100 for the shop 1, i.e., the PIN code 104-1 shown in FIG. 1. At 307, the data manager 100 transmits a verification result to the external device 300.
In an example, the decryption of the encrypted PIN code may be performed based on a first decryption approach corresponding to the first encryption approach.
At 308, cryptograph communication is performed with regard to the transaction for the shop 1 between the data manager 100 and the external device 300 to prevent data falsification. In an example, the cryptograph communication may be performed using both the first encryption approach and the second encryption approach.
Referring now to FIG. 3B, a protocol diagram of communication in terms of the services with low security demand between the data manager 100 and the external device 300 in accordance with various examples of the present disclosure is depicted.
At 301′, communication is performed between the external device 300 and the data manager 100, regarding reading of data for the services from the data manager 100, e.g., the e-tickets or the e-coupons shown in FIG. 1. In an example, the external device 300 may be the NFC reader/writer 220 shown in FIG. 2. In another example, the external device 300 may be a device for communication between the cloud server 230 and the mobile device 200 shown in FIG. 2.
In an example, the external device 300 may request reading of the data for the services; the data manager 100 may obtain a list of the services, e.g., the plurality of e-tickets 105-1 to 105-M or the plurality of e-coupons 106-1 to 106-L shown in FIG. 1, and transmit the list to the external device 300; the external device 300 may select one service from the list, e.g., e.g., the e-ticket 105-1 or the e-coupon 106-1 shown in FIG. 1, and transmit a request to read data for the selected service to the data manager 100; the  data manager 100 may obtain the data for the selected service and transmit it to the external device 300.
In an example, the data for the services may contain electronic signatures, e.g., the electronic signatures 107-1 to 107-M or 107-1′ to 107-L′.
At 302′, the external device 300 confirms a signature of the data using a public key certificate for the selected service (e.g., the e-ticket 105-1 or the e-coupon 106-1) , wherein the signature is made by a shop associated with the selected service.
At 303′, the external device 300 requests a transaction for the selected one of the services. At 304′, the data manager 100 transmits a request for a PIN input for the service. After receipt of the request, at 305′, the external device 300 obtains a PIN input from a customer, and generates a PIN digest based on the PIN input. At 306′, the external device 300 transmits the PIN digest to the data manager 100.
In an example, the generation of the MAC may be performed based on SHA256.
Upon receipt of the PIN digest, at 307′, the data manager 100 verifies the PIN digest using a PIN code initially stored for the service, i.e., the PIN code 104-1″ or the PIN code 104-1′ shown in FIG. 1. At 308′, the data manager 100 transmits a verification result to the external device 300 for confirmation. After the confirmation by the external device 300, the communication process ends.
In an example, the verification of the PIN digest may be performed by comparing the PIN digest with the PIN code initially stored in the data manager 100 for the service.
Referring now to FIG. 4, a flowchart of a method 400 for Secure Element based data management in accordance with various examples of the present disclosure is depicted.
The method 400 begins with block 410 in which a data manager receives a request for a transaction that utilizes one of a plurality of services stored in the data manager from an external device. The services  may include the above services with high security demand such as loyalty cards, member points, electronic cash balances, etc. In block 420, the data manager performs the mutual authentication described above with the external device. In block 430, the data manager requests a PIN input for the one service from the external device. In block 440, the data manager receives PIN data generated at the external device based on the PIN input for the one service. In block 450, the data manager verifies the PIN data using a PIN code initially stored in the data manager for the one service and feeds a verification result back to the external device, wherein the PIN code for the one service is stored in the data manager in parallel with PIN codes for all other stored services. In block 460, if the verification result is positive, the data manager conducts the transaction for the one service with the external device. In an example, if the verification is negative, the method 400 ends.
In an example, the external device may be the NFC reader/writer 220 shown in FIG. 2. In another example, the external device may be a device for communication between the cloud server 230 and the mobile device 200 shown in FIG. 2.
In an example, the received PIN data may comprise an encrypted PIN code encrypted based on the PIN input using a first encryption approach and a message authentication code (MAC) generated based on the encrypted PIN input using a second encryption approach. In a further example, the first encryption approach may be AES and the second encryption approach may be SHA256 with the MAC. In a yet further example, the block 450 may proceed by confirming the MAC and decrypting the encrypted PIN code using a first decryption approach corresponding to the first encryption approach. In a still further example, when the decrypted PIN code matches the PIN code initially stored for the one service, the verification result in the block 450 may be positive.
In an example, the block 460 may proceed by performing cryptograph communication with the external device based on the first and second encryption approaches to prevent data falsification.
In an example, the PIN code for the one service may be separated from the PIN codes for all other stored services by highly secure firewalls in the data manager.
In an example, the data manager may perform the mutual authentication with the external device based on random numbers R1, R2, the first encryption approach and the second encryption approach. In a further example, the generation of the encrypted PIN code may be further based on the random numbers R1 and R2, and the generation of the MAC may be further based on a transaction code which is obtained in the mutual authentication and used to prevent interception by a malicious user.
Referring now to FIG. 5, a flowchart of another method 500 for Secure Element based data management in accordance with various examples of the present disclosure is depicted.
The method 500 begins with block 510 in which a data manager obtains a list of services stored in the data manager and transmits the list to an external device. The list of services may comprise the above services with low security demand. At block 520, the data manager receives a request for a transaction that utilizes one service selected from the list, which is transmitted from the external device after confirmation of signature of data for the selected service. At block 530, the data manager requests a PIN input for the selected service from the external device. At block 540, the data manager receives PIN data that is generated at the external device based on the PIN input for the one service. At block 550, the data manager verifies the PIN data using a PIN code initially stored in the data manager for the one service and feeds a verification result back to the external device, wherein the PIN code for the one service is stored in the data manager in parallel with PIN codes for all other stored services.
In an example, the external device may be the NFC reader/writer 220 shown in FIG. 2. In another example, the external device may be a device for communication between the cloud server 230 and the mobile device 200 shown in FIG. 2.
In an example, the received PIN data may comprise an encrypted PIN  code encrypted based on the PIN input. In a further example, the block 550 may proceed by comparing the encrypted PIN code with the PIN code initially stored for the one service. In a yet further example, when the encrypted PIN code matches the PIN code initially stored for the one service, the verification result from the block 550 may be positive. In a still further example, if the verification result is positive, the data manager conducts further transactions for the one service with the external device.
Referring now to FIG. 6, a block diagram of a Secure Element based data management system 600 in accordance with various examples of the present disclosure is depicted.
The Secure Element based data management system 600 may comprise a storage module 601, a detection module 602, a communication module 603, a verification module 604 and a transaction module 605.
The storage module 601 stores a plurality of services and stores a plurality of PIN codes in parallel respectively for the plurality of services. In an example, the plurality of services may include the loyalty cards 102-1 to 102-N, the electronic cash balances 108-1 to 108-N, the member points 109-1 to 109-N, the e-tickets 105-1 to 105-M, the e-coupons 106-1 to 106-L, etc., and the plurality of PIN codes may include the PIN codes 104-1 to 104-N, the PIN codes 104-1′ to 104-L′, the PIN codes 104-1″ to 104-M″, etc.
The detection module 602 detects whether a request for a transaction that utilizes one of the plurality of services stored in the storage module 601 arrives from an external device. Furthermore, the detection module 602 automatically determines whether the one service involved in the transaction is a first type of service (e.g., the service with high security demand) or a second type of service (e.g., the service with low security demand) .
The communication module 603 transmits a request to the external device for a PIN input for the one service after detection by the detection module 602 of the arrival of the request for the transaction that utilizes one of the plurality of services. The communication module 603 also receives  PIN data generated at the external device based on the PIN input for the one service.
The verification module 604 verifies the PIN data to be received by the communication module 603 using a PIN code initially stored in the storage module 601 for the one service and feeds a verification result back to the external device.
The transaction module 605 conducts the transaction for the one service with the external device.
In an example, the external device may be the NFC reader/writer 220 shown in FIG. 2. In another example, the external device may be a device for communication between the cloud server 230 and the mobile device 200 shown in FIG. 2.
In an example, if the detection module 602 determines that the one service is the service with high security demand, the communication module 603 performs the mutual authentication described above with the external device before it transmits the request for the PIN input for the one service.
In an example, if the detection module 602 determines that the one service is the service with high security demand, the received PIN data may comprise an encrypted PIN code encrypted based on the PIN input using a first encryption approach and a message authentication code (MAC) generated based on the encrypted PIN input using a second encryption approach. In a further example, the first encryption approach may be AES and the second encryption approach may be SHA256 with the MAC. In a yet further example, the verification module 604 may perform the verification by confirming the MAC and decrypting the encrypted PIN code using a first decryption approach corresponding to the first encryption approach. In a still further example, when the decrypted PIN code matches the PIN code initially stored for the one service, the verification result produced by the verification module 604 may be positive.
In an example, if the detection module 602 determines that the one  service is the service with high security demand, the transaction module 605 may further perform cryptograph communication with the external device based on the first and second encryption approaches in response to a positive verification result from the verification module 604 to prevent data falsification.
In an example, if the one service to be utilized in the transaction is the service with high security demand, the PIN code for the one service may be separated from PIN codes for all other stored services by highly secure firewalls in the storage module 601.
In an example, if the one service to be utilized in the transaction is the service with high security demand, the communication module 603 may perform the mutual authentication with the external device based on random numbers R1, R2, the first encryption approach and the second encryption approach, before transmitting the request for the PIN input for the one service to the external device. In a further example, the generation of the encrypted PIN code may be further based on the random numbers R1 and R2, and the generation of the MAC may be further based on a transaction code obtained in the mutual authentication and used to prevent malicious interception.
In an example, if the detection module 602 determines that the one service to be utilized in the transaction is the service with low security demand, the received PIN data may comprise an encrypted PIN code encrypted based on the PIN input. In a further example, the verification module 604 may perform the verification by comparing the encrypted PIN code with the PIN code initially stored in the storage module 601 for the one service. In a yet further example, when the encrypted PIN code matches the PIN code initially stored in the storage module 601 for the one service, the verification result produced by the verification module 604 may be positive.
In an example, if the detection module 602 determines that the one service to be utilized in the transaction is the service with low security demand, the data for the services may contain electronic signatures.
Referring now to FIG. 7, a diagram of a computer system 700 for implementing various examples of the present disclosure is depicted. Examples of the present disclosure may be implemented on virtually any type of computer regardless of platforms being used. For example, as shown in FIG. 7, the computer system 700 includes a processor (s) CPU 701, an associated memory 702 (e.g., random access memory (RAM) , cache memory, flash memory, etc. ) , a storage device 703 (e.g., a hard disk, an optical drive such as a compact disk drive or digital video disk (DVD) drive, a flash memory stick, etc. ) , I/O devices 704 such as a keyboard, a mouse, a microphone (not shown) or a monitor, and a network interface 705, which is coupled to each other via a bus 706.
The memory 702 includes, among others, a data management module 707 storing machine readable instructions, which, when executed by the processor 701, cause the processor 701 to perform the following operations. In an example, the operations include performing the method 400 as explained with respect to FIG. 4 or the method 500 as explained with respect to FIG. 5. In another example, the data management system 600 as shown in FIG. 6 may be implemented as the data management module 707. Another example of the data management module 707 includes instructions that cause the processor 701 to implement the data management system 600 as shown in FIG. 6 and the method 400 as illustrated in FIG. 4 or the method 500 as illustrated in FIG. 5.
With the concept of the Secure Element based all-in-one data management described above, different types of applications can be incorporated together and stored separately from each other, and the customers do not have to carry many cards or install many applications while keeping the data sufficiently secure during the transaction. Based on an architecture of the Secure Element, the data can be prevented from cloned and tampered, multipurpose can be supported and space saving can be realized. Furthermore, multiple combinations of keys plus PIN codes or electronic signatures plus PIN codes improve the security of various types of data in the transaction between the customer and the services.
While the disclosure has been described with respect to a limited number of examples, those skilled in the art, having benefit of the present disclosure, will appreciate that other example embodiments can be devised without departing from the scope of the disclosure as disclosed herein. Accordingly, the scope of the disclosure should be limited only by the attached claims.

Claims (15)

  1. A method for Secure Element based all-in-one data management, comprising:
    receiving, at a data manager, from an external device a request for a transaction that utilizes one of a plurality of services stored in the data manager;
    performing mutual authentication with the external device;
    requesting from the external device a personal identification number (PIN) input for the one service;
    receiving PIN data generated at the external device based on the PIN input for the one service;
    verifying the PIN data using a PIN code initially stored for the one service and feeding a verification result back to the external device, the PIN code for the one service being stored in the data manager in parallel with PIN codes for all other stored services; and
    in response to a positive verification result, conducting the transaction for the one service with the external device.
  2. The method according to claim 1, wherein the received PIN data comprises an encrypted PIN code encrypted based on the PIN input using a first encryption approach and a message authentication code generated based on the encrypted PIN input using a second encryption approach.
  3. The method according to claim 2, wherein the step of verification further comprises confirming the message authentication code and decrypting the encrypted PIN code using a first decryption approach corresponding to the first encryption approach.
  4. The method according to claim 3, wherein the step of conducting the transaction further comprises performing cryptograph communication with the external device based on the first and second encryption approaches to prevent data falsification.
  5. The method according to claim 1, wherein the PIN code for the one service is separated from the PIN codes for all other stored services by  highly secure firewalls in the data manager.
  6. A method for Secure Element based all-in-one data management, comprising:
    obtaining, at a data manager, a list of services stored in the data manager and transmitting the list to an external device;
    receiving at the data manager a request for a transaction that utilizes one service selected from the list, the request being transmitted from the external device after confirming a signature of data for the one service;
    requesting from the external device a personal identification number (PIN) input for the one service;
    receiving PIN data generated at the external device based on the PIN input for the one service; and
    verifying the PIN data using a PIN code initially stored for the one service and feeding a verification result back to the external device, the PIN code for the one service being stored in the data manager in parallel with PIN codes for all other stored services.
  7. The method according to claim 6, wherein the received PIN data comprises an encrypted PIN code encrypted based on the PIN input.
  8. The method according to claim 7, wherein the step of verification further comprises comparing the encrypted PIN code with the PIN code initially stored for the one service.
  9. A Secure Element based all-in-one data management system, comprising:
    a storage module to store a plurality of services and to store a plurality of personal identification number (PIN) codes in parallel respectively for the plurality of services;
    a detection module to detect whether a request for a transaction that utilizes one of the plurality of services stored in the storage module arrives from an external device and to automatically determine whether the one service involved in the transaction is a first type of service or a second type of service;
    a communication module to transmit a reouest to the external device  for a PIN input for the one service and to receive PIN data generated at the external device based on the PIN input for the one service;
    a verification module to verify the PIN data using a PIN code initially stored in the storage module for the one service and to feed a verification result back to the external device; and
    a transaction module to conduct the transaction for the one service with the external device.
  10. The data management system according to claim 9, wherein if the detection module determines that the one service is the first type of service, the communication module performs mutual authentication with the external device before transmitting the request for the PIN input for the one service.
  11. The data management system according to claim 10, wherein the PIN data to be received by the communication module from the external device comprises an encrypted PIN code encrypted based on the PIN input using a first encryption approach and a message authentication code generated based on the encrypted PIN input using a second encryption approach.
  12. The data management system according to claim 11, wherein the verification module is further to verify the PIN data by confirming the message authentication code and decrypting the encrypted PIN code using a first decryption approach corresponding to the first encryption approach.
  13. The data management system according to claim 12, wherein the transaction module is further to, in response to a positive verification result from the verification module, perform cryptograph communication with the external device based on the first and second encryption approaches to prevent data falsification.
  14. The data management system according to claim 9, wherein if the detection module determines that the one service is the second type of service, the PIN data to be received by the communication module from the external device comprises an encrypted PIN code encrypted based on the PIN input.
  15. The data management system according to claim 14, wherein the verification module is further to verify the PIN data by comparing the encrypted PIN code with the PIN code initially stored in the storage module for the one service.
PCT/CN2015/084761 2015-07-22 2015-07-22 Secure element based data management Ceased WO2017012086A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2015/084761 WO2017012086A1 (en) 2015-07-22 2015-07-22 Secure element based data management

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2015/084761 WO2017012086A1 (en) 2015-07-22 2015-07-22 Secure element based data management

Publications (1)

Publication Number Publication Date
WO2017012086A1 true WO2017012086A1 (en) 2017-01-26

Family

ID=57833689

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/084761 Ceased WO2017012086A1 (en) 2015-07-22 2015-07-22 Secure element based data management

Country Status (1)

Country Link
WO (1) WO2017012086A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190172064A1 (en) * 2016-07-01 2019-06-06 American Express Travel Related Services Company, Inc. Systems and methods for validating transmissions over communication channels

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007143740A2 (en) * 2006-06-08 2007-12-13 Mastercard International Incorporated All-in-one proximity payment device with local authentication
WO2009038511A1 (en) * 2007-09-21 2009-03-26 Telefonaktiebolaget Lm Ericsson (Publ) All in one card
CN101572598A (en) * 2008-04-28 2009-11-04 国际商业机器公司 Method and device for reliable rapid integration

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007143740A2 (en) * 2006-06-08 2007-12-13 Mastercard International Incorporated All-in-one proximity payment device with local authentication
WO2009038511A1 (en) * 2007-09-21 2009-03-26 Telefonaktiebolaget Lm Ericsson (Publ) All in one card
CN101572598A (en) * 2008-04-28 2009-11-04 国际商业机器公司 Method and device for reliable rapid integration

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190172064A1 (en) * 2016-07-01 2019-06-06 American Express Travel Related Services Company, Inc. Systems and methods for validating transmissions over communication channels
US11151561B2 (en) * 2016-07-01 2021-10-19 American Express Travel Related Services Company, Inc. Systems and methods for validating transmissions over communication channels

Similar Documents

Publication Publication Date Title
US11876905B2 (en) System and method for generating trust tokens
US11611543B1 (en) Wireless peer to peer mobile wallet connections
US11240219B2 (en) Hybrid integration of software development kit with secure execution environment
CN112805736B (en) System and method for password authentication of contactless card
US11068608B2 (en) Mutual authentication of software layers
CN113545000B (en) Decentralized processing of delivery-time interactions
US11068883B2 (en) Apparatus and methods for secure element transactions and management of assets
AU2025263755A1 (en) One-tap payment using a contactless card
EP3132342B1 (en) Service authorization using auxiliary device
AU2016219306A1 (en) Peer forward authorization of digital requests
AU2025220823A1 (en) Systems and methods for cryptographic authentication of contactless cards
CN107925572A (en) Secure binding of software application to communication device
US9602328B2 (en) System, method and computer program product for secure peer-to-peer transactions
US10990982B2 (en) Authenticating a payment card
CN113169873B (en) System and method for password authentication of contactless cards
US9246677B2 (en) Method and system for secure data communication between a user device and a server
WO2017012086A1 (en) Secure element based data management
US20250182086A1 (en) Systems and methods for provisioning escrow and securing purchases
US20250112902A1 (en) Secure and privacy preserving message routing system
US20240338676A1 (en) Systems and methods for launching a mobile application or a browser extension responsive to satisfying predetermined conditions
JP2012138812A (en) Content management system and content management method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15898642

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15898642

Country of ref document: EP

Kind code of ref document: A1