Earlier this month the US Patent & Trademark Office published a patent application from Google that reveals a new Google Wallet NFC feature coming to future Android smartphones. Google's invention specifically relates to systems and methods that will enable future Android smartphone users to have the choice of changing or deleting payment providers as they see fit rather than the smartphone OEM locking you into a particular payment provider such as Visa. Considering that a new wave of Android smartphones will be incorporating fingerprint sensors as an added Google Wallet security feature in 2014, Google's latest patent pending idea is timely.
Google's Patent Background
The current Near Field Communication ("NFC") eco-system relies on a piece of hardware commonly referred to as a "secure element" installed on communication devices to provide a secure operating environment for financial transactions, transit ticketing, physical security access, and other functions. A secure element generally includes its own operating environment with a tamper-proof microprocessor, memory, and operating system. A Trusted Service Manager (TSM), among other things, installs, provisions, and personalizes the secure element. The secure element has one or more keys that are typically installed at manufacture time. A corresponding key is shared by the TSM so that the TSM can establish a cryptographically secure channel to the secure element for installation, provisioning, and personalization of the secure element while the device having the secure element is in the possession of an end user. In this way, the secure element can remain secure even if the host CPU in the device has been compromised.
The problem with current NFC systems is that there is a tight coupling between the secure element and the TSM. For current deployments, only one TSM has access to the keys of a particular secure element. Therefore, the end user can choose to provision secure element features that are supplied by the one TSM only. The manufacturer of the device typically chooses this TSM. For example, a smart phone manufacturer may select the TSM for smart phones under guidance from a Mobile Network Operator ("MNO"), such as Sprint or Verizon that purchases the smart phone rather than the end user. Thus, the TSM features available to the end user may not be in the end user's interest. As an example, the MNO may have a business relationship with one payment provider, such as MasterCard or Bank of America, only. That TSM may allow the secure element to be provisioned with payment instructions from the one payment provider only. Thus, the end user would not be able to access services from other payment providers, such as VISA.
In addition to not being able to change TSM pairings to keys in the secure element, the end user is not able to clear their private data and keys from the secure element. This may be desirable when selling, transferring, returning, or exchanging devices. The end user may wish to remove their information for privacy and security as well as preparing the device to allow the new user to select their own secure services to run on the device.
Google's patent generally relates to methods and systems that will be able to support an end user with an Android smartphone to reset a secure element associated with the communication device.
The reset process may include clearing the secure element, associated memories, and storage devices of any user specific or personalized information associated with the user. The reset process may also include removing or resetting keys or other identifiers within the secure element that associate the mobile device with a particular secure service provider.
According to various aspects of Google's patent pending invention, a computer-implemented method for resetting a secure element within a network device may include receiving an encrypted reset request message at the secure element, decrypting the encrypted reset request message using a communication key, verifying authorization for the reset request message, and atomically clearing parameters associated with the secure element.
End user Controls for Deleting or Resetting NFC Security Features on Android Smartphones
Google's patent FIG. 5 note below depicts an operating environment for a secure end user device in accordance with certain exemplary embodiments.
In certain exemplary embodiments, the secure service providers bypass the host CPU and the NFC controller when communicating with the secure element (# 111 of FIG. 5). For example, in certain Universal Integrated Circuit Card/SIM secure elements, the secure service providers, noted as #160 in FIG. 5, communicate with the secure element #111 via a radio CPU (not shown) installed on the end user device. Thus, the involvement of the NFC controller (#112) and the host CPU (#114) may be optional during the provisioning of applications on the secure element in certain exemplary embodiments. In certain exemplary embodiments, the host CPU and the radio CPU interact with one another to coordinate access controls to the secure element.
The user of the end user device may wish to delete or reset security features associated with the secure element such as card keys, noted as #120A in FIG. 5. For example, the user may wish to dissociate the end user device from the secure service provider so that they can securely transfer the end user device to another user.
Similarly, the user may wish to dissociate the end user device from one secure service provider to allow associating with another provider. For example, if the user wishes to change the financial institution associated with NFC payments or fund transfers made with the end user device. The SE ID Module, noted as #190 of FIG. 5 can support a secure deletion or reset process for the secure element.
Google's patent FIG. 8 noted above is a block flow diagram depicting a method for resetting a secure element in accordance with certain exemplary embodiments.
Google filed their patent application under serial number 868041 in Q2 2013 which was only six months ago. Considering that this is a patent application, the timing of such a product to market is unknown at this time.
A Note for Tech Sites covering our Report: We ask tech sites covering our report to kindly limit the use of our graphics to one image. Thanking you in advance for your cooperation.
Patent Bolt presents a detailed summary of patent applications with associated graphics for journalistic news purposes as each such patent application is revealed by the U.S. Patent & Trade Office. Readers are cautioned that the full text of any patent application should be read in its entirety for full and accurate details. Revelations found in patent applications shouldn't be interpreted as rumor or fast-tracked according to rumor timetables. About Comments: Patent Bolt reserves the right to post, dismiss or edit comments.