法国专利FR3018972A1 SECURE NFC ROUTING

专利PDF首页>>法国专利

专利附录

专利说明

权利要求

类似技术

同族专利

引用文献

法律状态

优先权

专利摘要:
A method comprising: receiving by a processing device (206) of an NFC device a request, initiated by a first application (402A) loaded into a memory of the NFC device, for modifying one or more parameters of a NFC routing table (218) of an NFC router (202) of the NFC device, the NFC routing table including parameters indicating the devices to which NFC messages are to be routed; retrieve by the processing device a first identifier associated with the application; transmitting by the processing device the first identifier to the NFC router; and verify by the NFC router, based on the first identifier, whether the application is allowed or not to modify the routing table.
公开号:FR3018972A1
申请号:FR1452225
申请日:2014-03-18
公开日:2015-09-25
发明作者:Nieuwenhuyze Olivier Van；Christophe Henri Ricard
申请人:Proton World International NV；STMicroelectronics Rousset SAS；
IPC主号:

专利说明:

[0001] The present description relates to the field of NFC communications, and in particular a method and a device for a secure modification of NFC routing parameters. BACKGROUND Mobile telephones and other types of mobile devices are increasingly equipped with near field communication NFC interfaces, which enable them to perform electromagnetic transponder functions in addition to their other functions. In particular, such devices are capable of emulating the functions of an electromagnetic transponder, which could be of the contactless card type, or of the non-contact reader type. Such a feature improves for example the mobile device, allowing it to be used for various applications, for example as an electronic wallet for making payments to access transport network services. To emulate the operation of a contactless card, the mobile device is generally equipped with a contactless front-end integrated circuit (CLF), also called an NFC router. This NEC router is equipped with a front-end radiofrequency transceiver (RF) coupled to a short-range antenna to emulate the communication capabilities of an electromagnetic transponder. In some applications, a secure element (SE) or an integrated secure element (eSE), which is either integrated in the mobile device is included in a microcircuit of the subscriber identification module (SIM), the universal SIM (USIM) or laSD micro-secure digital element), can be used to provide authentication. The NEC router includes an NEC routing table, which indicates to which hardware device the NFC messages received by the NEC router are to be routed. For example, certain NEC messages, such as those concerning certain types of electronic payments, must be routed to a secure element of the mobile device. To take a specific example, a VISA application may be running in communication with a secure element of a USIM. Other types of NEC messages must be routed to the host processor of the mobile device. For example, a MasterCard application may be running in HCE (Card Emulation by Host) mode, in other words, in the host device environment the names "VISA" and " MasterCard "may be trademarks). Given the sensitive information that can pass through the NEC router, the NEC routing table must be secured against unauthorized changes. However, existing solutions are inefficient in some application environments, and therefore a robust protection mechanism is needed in the art. SUMMARY An object of embodiments of the present disclosure is to at least partially meet one or more needs of the prior art. In one aspect, there is provided a method comprising: receiving by a processing device of an NEC device a request, initiated by a first application loaded into a memory of the NEC device, to modify one or more parameters. an NEC routing table of an NEC router of the NFC device, the NEC routing table including parameters indicating the devices to which NEC messages are to be routed; recovering by the processing device a first identifier associated with the application; transmitting by the processing device the first identifier to the NFC router; and verify by the NEC router, based on the first identifier, whether the application is allowed to modify the routing table. According to one embodiment, the first identifier is a digital signature of the application. According to one embodiment, checking whether or not the application is authorized to modify the routing table comprises access by the NEC router to a list of application identifiers authorized to modify the routing table, and a check that the first identifier is on the list. According to one embodiment, the method comprises modifying the list of identifiers during a software update of the NEC device. According to one embodiment, the method comprises a modification of the list of identifiers during a secure update performed by a secure element of the NEC device. In one embodiment, the processing device communicates with the NEC router using a first message format, and transmits the first identifier to the NEC router using a second message format different from the first message format. According to one embodiment, the first message format uses a first header and the second message format uses a second header different from the first header. According to one embodiment, the processing device comprises a communications driver adapted to communicate with the NEC router, the communications driver communicating with the NEC router using a first transmission protocol, and transmitting the first identifier to the NFC router by using a second transmission protocol different from the first transmission protocol. According to one embodiment, the second transmission protocol is different from the first transmission protocol in that it comprises a transmission rule that can not be duplicated by the processing device. According to one embodiment, the first transmission protocol ensures a stopping condition between consecutive messages, and the second transmission protocol comprises the transmission of two Consecutive messages without any stopping condition between them. In another aspect, there is provided an NFC device comprising: a processing device; and an NFC router comprising one or more memories storing an NFC routing table and a list of identifiers of one or more applications allowed to modify the NFC routing table, the NFC router being adapted to: receive a first identifier of a first application loaded into a memory of the processing device and wishing to modify one or more parameters of the NFC routing table; and verify, based on the first identifier, whether or not the first application is allowed to modify the routing table. According to one embodiment, the first identifier 25 is a digital signature of the application. BRIEF DESCRIPTION OF THE DRAWINGS The above-mentioned and other features and advantages will be apparent from the following detailed description of embodiments, given by way of illustration and not limitation, with reference to the accompanying drawings in which: FIG. 1 schematically illustrates an NFC device capable of NFC communications according to an exemplary embodiment of the present description; FIG. 2 diagrammatically illustrates the NFC device of FIG. 1 in more detail according to an exemplary embodiment of the present description; FIG. 3 diagrammatically represents a routing table of an NFC router according to an exemplary embodiment of the present description; FIG. 4 schematically represents components of an NFC device according to an exemplary embodiment of the present description; FIG. 5 is a flowchart illustrating operations in the method of updating a parameter of an NFC routing table according to an example embodiment of the present description; Figure 6 illustrates an NFC interface of Figure 4 in more detail according to an exemplary embodiment; FIG. 7 is a diagram showing interactions between an application of the NFC device and an NFC router according to an example embodiment of the present description; and FIG. 8 is a timing chart showing signals of a communication protocol with an NFC router according to an exemplary embodiment of the present disclosure. DETAILED DESCRIPTION FIG. 1 schematically illustrates an NFC device 102 which is a device capable of NFC communications. For example, the device 102 is a mobile device such as a mobile phone, a smartphone, a tablet computer, a digital media player or the like, equipped with NFC circuits (not shown in FIG. 1). On the left side of. 1, the NFC device 102 is shown in connection with a reader 104, including an NFC transponder 106. For example, the reader 104 is disposed at an entrance barrier of a restricted area, as a transport network or the like. Alternatively, the reader 104 may be located at a point of sale in a shop or restaurant. When used with such a reader, the NEC circuit of the NEC device 102 operates for example in a tag emulation mode. On the right side of FIG. 1, the NEC device 102 is shown in communication with another NEC device 108 via an NEC interface. For example, like the device 102, the NEC device 1081 is a device capable of NEC communications that could be a mobile device such as a mobile phone, a smartphone, a tablet computer, a digital media player or the like, equipped with NEC circuits . During a communication with another NEC device, the NEC circuit of the NEC device 102 operates for example in a peer-to-peer mode, and communications are initiated by one or the other of the NEC devices. Figure 2 schematically illustrates the NEC device 102 in more detail according to an exemplary embodiment. As illustrated, the device 102 includes, for example, an NEC router (NFC ROUTER) 202, also known in the art as a contactless front end (CLF). The NEC router 202 is coupled to an NFC antenna 204, and together the router and the antenna 204 provide a circuit behavior of an NEC transponder. The NEC router 202 is also by NEC to emulate the example coupled to a host processing device (P) 206 of the NEC device 102. The device 206 comprises for example one or more processors under the control of instructions stored in a memory. instructions (MEM INSTR) 208. The instruction memory 208 is for example a flash memory, and stores one or more applications (not shown in Figure 1) that have been loaded on the device. The NEC router 202 is also for example coupled to other devices, among which a secure element (SE) and a circuit USIM (universal subscriber identification module) 212 are illustrated. The secure element 210 is for example an integrated SE (eSE), and the USIM 212 circuit is for example coupled to the NEC router via a SWP (single-wire protocol) link, and is further coupled to the host processing device 206. The host processing device 206 is for example coupled to one or more antennas 214, which for example allow switching in a cellular network and / or wireless communications according to other standards such as Wifi standards, Bluetooth, etc. The NFC router 202 comprises for example one or more memories storing an NFC routing table 218 and a list of application identifiers authorized to modify the NFC routing table. The NEC routing table 218 defines rules for the processing of NEC messages received by the NEC router 202. In particular, the messages can be considered as intended for either the processing device 206 or one of the secure elements 210. 212. FIG. 3 represents an example of the routing table 218 of the NEC router 202 according to an exemplary embodiment. This table is for example implemented in the form of a correspondence table (LUT). Table 218 comprises five parameter columns representing table entries that include: an RF (RF) technology column indicating the NEC RF technology of the communication; an index column (INDEX), a pattern column (PATTERN) and a mask column (MASK) indicating conditions relating to part of the input message, where the index indicates the multiplet of the message to be taken into account, the pattern defines some bit patterns of the payload and the mask indicates the bits to be taken into account; and a supply field (PWR) indicating whether the device is on, off, or if its battery is out of service. The right column in Figure 3 includes a parameter (TARGET), for each row of the table, which indicates to which target device the corresponding message is to be routed. In the example of FIG. 3, the index is at "1" for each row, which indicates for example that a first byte B13242 - 13 - ZV2-1007 8 of the message payload must be taken into account. account. In the first row 302 of the table, the pattern field is the hexadecimal pattern "OOFFFF", the mask is, equal to "FFFEFF", which means that the complete pattern must be taken into account, and the target is the device host (DH), in other words the processing device 206. 1In a second row 304 of the table, the pattern field is a hexadecimal pattern "00G001", the mask is "0000FF", which means that only the last two hexadecimal values must be taken into account, and the target is the secure element 210. In the third row 306 of the table, the pattern field is the hexadecimal pattern "000002", the mask is equal at "0000FF", which again means that only the last two hexadecimal values must be taken into account, and the target is USIM 212. Figure 3 is just one example of a NEC routing table based on a pattern recognition. The embodiments described herein can be applied to a wide range of different routing tables, in which the routing is defined by one or more of the following: the RF technology used for the NEC message; the RF protocol used for the NEC message; recognition of a pattern in the NFC message; a selection command, for example according to IS07816 based on an AID value (application identifier). An unauthorized modification of the routing table 218 could for example cause the routing of sensitive messages for the secure element 210 or the USIM 212 to the host processing device which would lead to a potential security breach, or Denial of Service (DoS), which users generally find very unsatisfactory. FIG. 4 schematically represents elements of the NEC device 102 for performing NEC functions. The NEC device 102 stores, for example, in its instruction memory 208 three applications (APPs) 402A, 402B and 402C which include NFC functionality. Such an application, which runs for example in the Java environment using a JVM (Virtual Java Machine), is called in some Wallet environments. For example, the 402A, 402B, and 4020 applications involve NFC card emulation functions to emulate a payment card or security badge, card reader functions to read an NFC tag, and / or post features. stationary for communications with another NFC device. The applications 402A, 4023 and 402C are coupled to the processing device 206, which comprises for example the following functional elements for interfacing with the NFC router 202: an application interface (APPLICATION INTERFACE) 404, an NFC interface (NFC INTERFACE ) 406, a communications protocol module (COMMS PROTOCOL) 408 and a communications driver (COMMS DRIVER) 410 coupled to the NFC router 202. The application interface 404 corresponds, for example, to a software frame which is familiar with the various applications stored in the device, and allows these applications to be called. The communication protocol module 408 applies a protocol for exchanges with the NFC router 202, and the communication driver 410 applies a transmission protocol for transmitting NFC frames on the physical link to the NFC router 202. In some embodiments driver 410 uses the I2C interface. The NFC interface 406 for example provides an interface between the applications and the modules 408 and 410 responsible for communication with the NFC router 202. Some protection against unauthorized modifications of the routing table 218 can be implemented by the user. NFC 406 interface, which may prevent some applications from making such a change. However, in some cases it may be possible to bypass the NFC interface 406. For example, as shown by a dashed arrow 412 in FIG. 4, malicious software may cause the switch to a debug mode through of the application 402A, so that this application can communicate directly with the communication protocol module 408, bypassing the NEC interface 406. Therefore, according to the embodiment described here, the list 220 of authorized applications stored by the NEC router 202 provides an alternative or additional protection mechanism, as will now be described in more detail with reference to FIG. 5. FIG. 5 is a flowchart showing operations in a method for preventing unauthorized modification of the NFC routing table 218 according to an exemplary embodiment. It is assumed that the application 402A of FIG .4 has made a request to modify one or more parameters of the routing table 218. In a first operation 502, the request to modify the routing table of the NEC router is received by the The communication protocol module 408 of the processing device 206. This request is for example received via the NEC interface 406 of the processing device 206. In a variant, as has been described previously, in the case of the presence of software On the device, the NEC 406 interface may be bypassed, the request being received by the communication protocol module 408 directly from the application. In a next operation 504, an identifier of the application is retrieved by the communication protocol module 408. For example, the module 408 requests the NEC 406 interface a signature of the application that initiated the request. Such a signature is for example unique for the application, and is assigned to the application by the operating system vendor or the manufacturer of the NEC device 102 to allow it to be installed on the device. In a subsequent operation 506, the identifier is transmitted to the NEC router 202, via the communication driver 410, as a verification request. Furthermore, as will be described in more detail hereinafter, in some embodiments this request may be further secured by adapting the message transmission protocol, so that the router NEC 202 may verify that the verification request is indeed from the communication protocol module 408. In a subsequent operation 508, the NEC router 202 checks, based on the identifier, whether the application is authorized to modify the communication table. Routing 218. As previously mentioned, the NEC router 202 stores for example in a memory a list 220 of the signatures of all authorized applications. This list may for example only be modified during a secure session, for example a software update provided by a software provider of the NEC device. In particular, if an application developer wants his application to be allowed to modify the routing table, he will for example ask that the device manufacturer or the operating system provider add the signature of his application to the list. 220 of authorized applications. This change can then be made during a subsequent software update, which is performed during a secure session, for example protected using a MAC (message authentication code). In addition, in some embodiments the list may in addition or instead be modified during a secure update performed by a secure element of the NEC device, for example during a secure administration session. If the signature of the application is on the list of authorized application identifiers, the router NEC 202 allows for example the modification of the routing table, whereas if the signature is not on the list, the router NEC For example, 202 informs the communication protocol 408 of the negative response, and the change request is denied. FIG. 6 illustrates in more detail elements of the NEC interface 406 according to an exemplary embodiment in which the device NEC uses an operating system Android, which B13,242 -13-ZV2-1007 12 is for example Android KitKat ( the names "Android" and "Android KitKat" may be trademarks). The interface 406 comprises, for example, an NFC service module 602, comprising a public submodule (PUBLIC) 604, which supports NFC functionalities available for all the applications, including routing mechanisms, a sub-module. -module "NFC EXTRAS" 606, which supports features associated with secure elements providing restricted access, and a proprietary sub-module (PROPRIETARY) 608. The routing mechanisms are not for example protected by the security associated with the NFC EXTRAS 606 sub-module, which leads to a potential weakness that could allow unauthorized modification of the routing table. The NEC service module 602 communicates with a JNI (Native Java Interface), which provides an interface between the application interface 404 and the Native World (Native World), in other words, the cores interpreted directly by the user. 206. The JNI 610 in turn communicates with an NEC core stack (NEC CORS STACK) 612, which manages NFC operations. FIG. 7 illustrates an example of communications between the application (APP) 402A requesting to modify a parameter of the routing table, and the NEC router (NEC R) 202, via the service module NEC (NEC SERVICE) 602, JNI 610 and communication interface 408 in the case where it is an HAL interface (hardware abstraction layer). The application 402A initiates the process by querying the NEC service module 602 to update a routing parameter. The request is forwarded by the module 602, along with the application PID (process identifier), to the JNI 610. The PID process identifier for example accompanies the request from the application 402A and indicates which application has performed the request. The JNI then initiates a name check (PID CHECK) to be performed by the HAL 408. This name check is passed to the HAL 408 by B13242 - 13 - ZV2-1007 13 intermediate of the NFC 612 core stack (no. represented in FIG. 7). Alternatively, as shown by a dashed arrow in FIG. 7, under certain circumstances, for example in the case of presence of malicious software on the NFC device, a name verification request could be transmitted by the application 402A directly. to HAL 408, bypassing the NFC 602 service module and the JNI 610. The HAL 408 receives the request and retrieves from the NFC 602 service module an application identifier (APP ID) associated with the application. For example, the application identifier is the digital signature of the application. The HAL 408 then transmits the application identifier to the NFC router 202 via the communications driver 410 (not shown in FIG. 7). The NFC router 202 checks whether the application identifier corresponds to an authorized application (CHECK APP ID), and returns the result (RESULT) to the HAL 408. The result is transferred by the HAL 408 to the JNI 610. In case the result is positive, for example where the APP ID application identifier was on a list of allowed applications, the JNI 610 then sends the update request of the routing table (REQ UPDATE) to the HAL 408 which in turn transmits this request to the NFC router 202. The NFC router 202, for example, verifies that the application identifier has been verified in connection with this request and then processes the request and updates the parameter of the routing as shown in the query. A confirmation signal (RESULT OK) is for example transmitted by the NFC router 202 to the HAL 408, which is in turn transferred by the HAL 408, the JNI 610 and the NFC service module 602 to the application 402A. Otherwise, in the case where the result provided by the NFC router and received by the JNI 610 is negative, i.e. where the application is not allowed to modify the routing table, the JNI 610 sends for example a failure message (RESULT KO) to the NEC 602 service module B13242 - 13-ZV2-1007 which in turn transfers this result to the application 402. As previously mentioned, the request for the verification of the application identifier, which in Figure 7 is transmitted by the HAL 408 to the NEC router, for example uses a single protocol, separate from the normal protocol used for messages between the communication protocol module 408 and the router NFC 202. This ensures, for example, additional verification that module 408 has not been bypassed. For example, the NEC frame of a standard message has the following elements: - MT + GID / Conn ID, which represents the type of message, the group identifier and / or the connection identifier targeted by the message; 15 - OID / RFU, (Object / Reserved Identifier for Future Use), which represents additional information regarding the type of message and / or connection concerned; - LEN, which represents the length of the message; and a payload containing the data to be carried by the message. According to the embodiments described here, this standard NFC frame is for example updated to include one of two additional headers, a first additional header being used for standard messages, and another different additional header being used. for verification requests of an application identifier. For example, the additional header used for a normal frame is "0x01", while the additional header used for an identifier check is "0x02". In addition to or instead, the communications protocol module 408 causes the communications driver 410 to modify its transmission protocol-protocol in the case of a request to verify an application identifier. In this case, the driver 410 retrieves, for example, the application identifier from the NEC service module 602, in addition or instead of the HL 408. The modification of the transmission protocol involves for example the application of a new transmission rule that can not be duplicated by any higher layer application. In addition, the NFC router is for example the only device capable of interpreting and processing messages transmitted according to this new transmission rule. In one example, the communications driver 410 applies the I20 transmission protocol, and the request is transmitted on two consecutive frames that are not separated by a stopping condition, as will now be described in more detail with reference to FIG. FIG. 8 is a timing diagram showing an example of some of the signals on a SOL clock line and an SDA data line between the driver 410 and the NFC router 202 according to the I20 protocol in the case of a standard communication. 800, and in the case of a communication 801 requesting verification of an application identifier. For the standard communication 800, two consecutive trams 802, 804 are separated by a stopping condition 806, which corresponds for example to a rising edge on the data line SDA while the clock line SOL is in the state. high. For 801 communication requesting verification of an application identifier, the stopping condition between frames 802 and 804 is suppressed. It will be noted that such a modification of the protocol will not impact other slaves present on the line, since this will be transparent for them, and the target slave, that is to say the NEC router, is for example adapted to handle frames modified in this way. An advantage of the embodiments described herein is to provide a robust protection mechanism against unauthorized changes to the NFC routing table of an NFC router. With the description thus made of at least one illustrative embodiment, various alterations, modifications and improvements will readily occur to those skilled in the art.
[0002] For example, although detailed embodiments have been described in connection with the Android operating system, it will be clear to those skilled in the art that the teachings given herein could be applied. to other NFC device operating systems, such as the iOS system (the name "i0S" may be a registered trademark).

权利要求:
Claims (12)
[0001]
REVENDICATIONS1. A method comprising: receiving by a processing device (206) an NFC device (102) a request, initiated by a first application 402A) loaded into a memory (208) of the NFC device, for changing one or more parameters of a NFC routing table (218) of an NFC router (202) of the NFC device, the NFC routing table including parameters indicating the devices (206, 210, 212) to which NFC messages are to be routed; retrieve by the processing device a first identifier associated with the application; transmitting by the processing device the first identifier to the NFC router; and verify by the NFC router, based on the first identifier, whether or not the application is allowed to modify the routing table.
[0002]
The method of claim 1, wherein the first identifier is a digital signature of the application.
[0003]
The method of claim 1 or 2, wherein verifying whether or not the application is allowed to modify the routing table includes access by the NFC router to a list (220) of authorized application identifiers. to modify the routing table, and a check that the first identifier is on the list.
[0004]
The method of claim 3 comprising modifying the list of identifiers during a software update of the NFC device.
[0005]
5. The method of claim 4 comprising modifying the list of identifiers during a secure update performed by a secure element of the NEC device.
[0006]
The method of any one of claims 1 to 5, wherein the processing device communicates with the NFC router using a first message format, and transMtB132A2 - 13 - ZV2-1007 18 the first identifier to the NFC router using a second message format different from the first message format. -
[0007]
The method of claim 6, wherein the first message format uses a first header, and the second message format uses a second header different from the first header.
[0008]
The method of any one of claims 1 to 7, wherein the processing device comprises a communications driver (410) adapted to communicate with the NEC router, and wherein the communications driver communicates with the NFC router by using a first transmission protocol, and transmits the first identifier to the NFC router using a second transmission protocol different from the first transmission protocol. 15
[0009]
The method of claim 8, wherein the second transmission protocol is different from the first transmission protocol in that it comprises a transmission rule that can not be duplicated by the processing device. 20
[0010]
The method of claim 8 or 9, wherein the first transmission protocol provides a stopping condition between consecutive messages, and the second transmission protocol comprises transmitting two consecutive messages without any stopping condition therebetween. 25
[0011]
An NFC device comprising: a processing device (206); and an NFC router (202) comprising one or more memories (218, 220) storing an NFC routing table and a list of identifiers of one or more applications. 30 allowed to modify the NFC routing table, the NFC router being adapted to: receive a first identifier of a first application loaded into a memory (20R) of the processing device and wishing to modify one or more parameters of the routing table NFC; andB13242 - 13-ZV2-1007 19 on the basis of the first identifier, whether the first application is allowed or not to modify the routing table.
[0012]
The NFC device of claim 11, wherein the first identifier is a digital signature of the application.

类似技术:

公开号 | 公开日 | 专利标题

EP2922269B1|2016-07-06|Secure NFC routing

JP2021512380A|2021-05-13|Asset management methods and equipment, as well as electronic devices

US11144540B2|2021-10-12|Asset management method and apparatus, and electronic device

JP2021511561A|2021-05-06|Asset management methods and equipment as well as electronic devices

EP2477431B1|2015-03-11|Protection of a security element coupled with an NFC circuit

EP2795551B1|2016-03-09|Method for routing within a mobile terminal emulating a contactless payment card

WO2017112381A1|2017-06-29|System, apparatus and method for transferring ownership of a smart delivery package

EP2612516B1|2015-10-07|Protection of a communication channel of a telecommunication device coupled to an nfc circuit against misrouting

EP2545721B1|2015-06-24|Protection against rerouting in an nfc circuit communication channel

EP2545722B1|2015-04-29|Detection of the rerouting of a communication channel of a telecommunication device connected to an nfc circuit

JP2013065340A|2013-04-11|Resource sharing protected by security between applications in independent execution environments in retrievable token such as smart card

FR3029324A1|2016-06-03|

US20210287204A1|2021-09-16|Near Field Communication NFC-Based Transaction Method and Device

EP2764481A1|2014-08-13|Method and system for executing a contactless transaction allowing multiple applications and multiple instances of the same application

US11250656B2|2022-02-15|Electronic apparatus and operating method thereof

Madlmayr et al.2014|Near field communication

Roland et al.2013|Comparison of the usability and security of NFC’s different operating modes in mobile devices

EP3123623A1|2017-02-01|Electronic device and communication method for nfc

US20200265418A1|2020-08-20|Electronic device and method for providing digital signature service of block chain using the same

EP3468143A1|2019-04-10|Rfid tag for securely accessing a service from an access terminal

EP3193295A1|2017-07-19|Monitoring of applications in a mobile terminal

EP2280380B1|2017-08-30|Method for customising an electronic entity, and electronic entity implementing this method

WO2018161519A1|2018-09-13|Payment method and terminal

FR3087917A1|2020-05-01|MULTI-CONFIGURATION SECURE ELEMENT AND ASSOCIATED METHOD

JP2006086824A|2006-03-30|Information medium and security system

同族专利:

公开号 | 公开日

FR3018972B1|2016-04-15|

EP2922269B1|2016-07-06|

CN104936129B|2018-11-16|

US9351164B2|2016-05-24|

US20150271677A1|2015-09-24|

CN104936129A|2015-09-23|

EP2922269A1|2015-09-23|

引用文献:

公开号 | 申请日 | 公开日 | 申请人 | 专利标题

US20100227553A1|2006-08-04|2010-09-09|Inside Contactless|Method of routing incoming application data in an nfc chipset, for identification of the application|

US20130059566A1|2010-03-09|2013-03-07|Proton World International N.V.|Protection against rerouting in an nfc circuit communication channel|

FR2969341A1|2010-12-20|2012-06-22|Proton World Int Nv|MANAGING COMMUNICATION CHANNELS IN A TELECOMMUNICATION DEVICE COUPLED TO AN NFC CIRCUIT|

FR2974208A1|2011-04-13|2012-10-19|Proton World Int Nv|ACCESS CONTROL MECHANISM FOR A SECURE ELEMENT COUPLED TO AN NFC CIRCUIT.|

CN101321073B|2007-06-04|2010-09-08|华为技术有限公司|Multicast business authorization control method and device|

US20100330904A1|2009-06-30|2010-12-30|Nokia Corporation|Method, apparatus, and computer program product for refreshing a configuration of a contactless frontend device|

FR2957440B1|2010-03-09|2012-08-17|Proton World Int Nv|PROTECTION OF A SECURITY MODULE IN A TELECOMMUNICATION DEVICE COUPLED TO AN NFC CIRCUIT|

FR2957439B1|2010-03-09|2012-03-30|Proton World Int Nv|PROTECTION OF A COMMUNICATION CHANNEL BETWEEN A SECURITY MODULE AND AN NFC CIRCUIT|

FR2964285B1|2010-08-31|2012-09-07|Proton World Int Nv|PROTECTING A COMMUNICATION CHANNEL OF A TELECOMMUNICATION DEVICE COUPLED TO AN NFC CIRCUIT AGAINST A BEHAVIOR|

JP5641323B2|2010-11-29|2014-12-17|ソニー株式会社|COMMUNICATION DEVICE, COMMUNICATION METHOD, AND PROGRAM|

FR2970617B1|2011-01-14|2013-01-25|St Microelectronics Rousset|PROTECTION OF A SAFETY ELEMENT COUPLED TO AN NFC CIRCUIT|

FR2973901B1|2011-04-05|2013-04-19|Proton World Int Nv|TESTING THE RESISTANCE OF A SECURITY MODULE OF A TELECOMMUNICATION DEVICE COUPLED TO AN NFC CIRCUIT AGAINST COMMUNICATION CHANNEL MISMATCH ATTACKS|

WO2013133058A1|2012-03-07|2013-09-12|フェリカネットワークス株式会社|Communication device, control method, and program|

DE102012102383A1|2012-03-21|2013-09-26|Infineon Technologies Ag|Control method by means of forwarding for communication between electronic devices, and corresponding devices|

US20140058937A1|2012-08-24|2014-02-27|Jvl Ventures, Llc|Systems, methods, and computer program products for securing and managing applications on secure elements|

US9071971B2|2013-07-24|2015-06-30|Cellco Partnership|Adaptive and context based NFC access control filtering|JP5633336B2|2010-11-29|2014-12-03|ソニー株式会社|COMMUNICATION DEVICE AND COMMUNICATION METHOD, COMMUNICATION CONTROL DEVICE, COMMUNICATION CONTROL METHOD, AND PROGRAM|

WO2015184591A1|2014-06-03|2015-12-10|华为技术有限公司|Route setting method and terminal device|

US20160127857A1|2014-10-30|2016-05-05|Qualcomm Incorporated|Enhanced interoperability between host card emulation and a secure element|

US9948752B2|2015-02-02|2018-04-17|Stmicroelectronics International N.V.|Default data packet routing in a NFC device|

US9400888B1|2015-02-27|2016-07-26|Qualcomm Incorporated|Systems and methods for mitigating effects of an unresponsive secure element during link establishment|

AU2015390212B2|2015-04-10|2020-06-04|RazerPte. Ltd.|Mobile radio communication devices, communication devices, methods for controlling a mobile radio communication device, and methods for controlling a communication device|

CN108353335B|2015-10-30|2020-08-25|华为技术有限公司|Routing method, device, NFCC and DH|

US10057272B2|2015-12-15|2018-08-21|At&T Mobility Ii Llc|Universal subscriber identity recognition and data classification|

FR3046864B1|2016-01-18|2018-11-16|Proton World International N.V.|CONTROLLING APPLICATIONS IN A MOBILE TERMINAL|

CN107251069B|2016-01-28|2020-09-29|华为技术有限公司|Near field communication payment method and terminal|

CN105741106A|2016-01-29|2016-07-06|宇龙计算机通信科技有限公司|Selection method and device of NFCpayment way|

EP3425815A4|2016-03-28|2019-03-06|Huawei Technologies Co., Ltd.|Method for data frame routing processing, near field communication controller, and terminal|

CN107239469B|2016-03-29|2022-01-28|中兴通讯股份有限公司|Routing information query method and device|

CN107846238B|2016-09-18|2020-06-09|中兴通讯股份有限公司|Method and device for controlling NFCroute|

CN107911319B|2017-11-22|2021-05-11|中兴通讯股份有限公司|Routing method of multiple security modules, NFC controller and NFC equipment|

CN108764392B|2018-04-25|2020-07-17|阿里巴巴集团控股有限公司|Service processing method, device and equipment|

法律状态:
2015-03-19| PLFP| Fee payment|Year of fee payment: 2 |

2016-02-19| PLFP| Fee payment|Year of fee payment: 3 |

2016-04-01| CA| Change of address|Effective date: 20160301 |

2017-02-21| PLFP| Fee payment|Year of fee payment: 4 |

优先权:

申请号 | 申请日 | 专利标题

FR1452225A|FR3018972B1|2014-03-18|2014-03-18|SECURE NFC ROUTING|FR1452225A| FR3018972B1|2014-03-18|2014-03-18|SECURE NFC ROUTING|

EP15156426.7A| EP2922269B1|2014-03-18|2015-02-24|Secure NFC routing|

US14/633,913| US9351164B2|2014-03-18|2015-02-27|Secure NFC routing|

CN201510095533.7A| CN104936129B|2014-03-18|2015-03-03|Secure NFC routing|

[返回顶部]