KR20130061625A - Systems and methods for providing nfc secure appllcation support in battery on and battery off modes - Google Patents

Abstract

Systems and methods are provided for providing secure application support for NFC devices in both battery on and battery off modes. A first application that requires an available host battery supply and a second application that does not require an available host battery supply are loaded on the mobile device. When the second application is activated, the reader requests user input on the POS device. The first application is activated when the host battery supply is available, and the second application is activated when the host battery supply is not available at all.

Description

SYSTEMS AND METHODS FOR PROVIDING NFC SECURE APPLlCATION SUPPORT IN BATTERY ON AND BATTERY OFF MODES

Cross reference to related applications

This application claims the benefit of US Provisional Patent Application 61 / 565,810, filed December 1, 2011, which is incorporated herein by reference in its entirety.

TECHNICAL FIELD The present invention relates to communications, and more particularly, to near field communications (NFC).

Some NFC device applications require relatively high power to run. For example, some NFC device applications require interaction with a host device. If the host device does not have enough battery power to operate, these NFC device applications may not be able to perform the required tasks because the host device functionality is not available. For example, some NFC device applications may require user input from the host mobile device (eg, user input from a keyboard or number pad on the host mobile device). Other NFC device applications do not require relatively high power to run and can be supported using harvested energy. These applications can perform the required tasks without requiring the host device to be powered up.

Some financial applications require entry of a personal identification number (PIN). The certification requirements for supporting contactless financial applications within mobile devices are credited because no PIN can be entered into the mobile device because no power is supplied to the mobile device host when no host power is available. It is noted that financial applications such as card transactions cannot be supported.

However, some NFC device applications may receive data from a PIN entered at a point of sale. As such, these applications do not require host power. There is a need for systems and methods for providing secure application support to NFC devices in both battery on and battery off modes.

Therefore, it is an object of the present invention to provide a system and method for providing NFC secure application support in battery on and battery off modes.

According to one aspect, a power harvesting module;

A memory for storing a list of application identifiers (AIDs); And

A controller, the controller

Receive a request for an AID from a reader device corresponding to an application that requires input of a personal identification number (PIN),

Access a list of AIDs,

Select an AID in the list of AIDs to be sent to the reader device based on the power mode of the NFC device,

A near field communication (NFC) device is provided that is configured to send an AID to a reader device.

Preferably, the controller

Select the first AID if the NFC device is operating in full power mode;

The NFC device is further configured to select a second AID if the NFC device is operating in a battery off mode.

Preferably, the controller

Select a first AID if the host device coupled to the NFC device has sufficient power to allow a personal identification number (PIN) to be entered on the host device;

The host device is further configured to select a second AID if the host device does not have sufficient power to allow a PIN to be entered on the host device.

Preferably, the controller

If the NFC device is operating in full power mode, select a first AID corresponding to a first financial application that interacts with a host device coupled to the NFC device to request entry of a personal identification number (PIN) on the host device. To;

If the NFC device is operating in a battery off mode, it is further configured to select a second AID corresponding to a second financial application that emulates a contactless credit card.

Preferably, the second financial application provides credit card information to a point of sale device.

Preferably, the controller is further configured to receive a personal identification number (PIN) for execution of the application corresponding to the transmitted AID.

Preferably, the list of AIDs is an AID table.

Preferably, the AID table indicates the location of the application corresponding to the AID in a secure memory coupled to the NFC device.

Preferably, the controller is further configured to select an entry in the AID table based on the power mode of the NFC device.

Preferably, the controller

Access information in the AID table indicating which applications are configured for execution in battery off mode,

If the NFC device is operating in full power mode, based on the accessed information, select the first AID in the AID table,

If the NFC device is operating in a battery off mode, it is further configured to select a second AID in the AID table based on the accessed information.

Advantageously, the controller is further configured to access a battery off enabled flag entry in each entry of said AID table to access information indicating which applications are configured for execution in battery off mode. do.

Preferably, the controller

Access information in the AID table indicating which applications have been activated for execution in battery off mode,

If the NFC device is operating in full power mode, select all AIDs in the AID table corresponding to applications that are not active for execution in battery off mode, based on the accessed information,

If the NFC device is operating in battery off mode, select all AIDs in the AID table corresponding to the applications enabled for execution in battery off mode, based on the accessed information,

It is further configured to send all entries in the AID table corresponding to the selected AIDs to the reader device.

According to one aspect, the communication device is

battery; And

Including an NFC device, NFC device,

Check the power level of the battery to determine the power mode of the NFC device,

Receive a request for an application identifier (AID) from a reader device,

Access a list of AIDs,

If the NFC device is operating in full power mode, select the first AID in the list of AIDs corresponding to the first financial application,

If the NFC device is operating in battery off mode, select the second AID in the list of AIDs corresponding to the second financial application,

And transmit the selected AID to the reader device.

Preferably, the first financial application interacts with the communication device to request entry of a personal identification number (PIN) on the communication device, and the second financial application emulates a contactless credit card.

Preferably, the first financial application interacts with the communication device to request entry of a personal identification number (PIN) on the communication device, and the second financial application processes transactions that do not require entry of a PIN.

Preferably, the NFC device is further configured to receive a personal identification number (PIN) for execution of the first financial application or the second financial application.

Preferably, the list of AIDs is an AID table and the NFC device is

Access information in the AID table indicating which applications are configured for execution in battery off mode,

Based on the accessed information, it is further configured to select the first AID or the second AID.

According to one aspect, the method is

Receiving from the reader device a request for an application identifier (AID) corresponding to an application requesting user input;

Determining a power mode of the NFC device;

In response to determining that the NFC device is operating in a full power mode, sending a first message to the reader device indicating the availability of applications requiring user input on a host device coupled to the NFC device; And

In response to determining that the NFC device is operating in a battery off mode, sending a second message to the reader device indicating the availability of applications that do not require user input on the host device.

Preferably, the first message indicates the availability of applications that require user input on the host device, and the second message indicates the availability of applications that do not require user input on the host device.

Way,

Accessing information in an AID table indicating which applications have been configured for execution in a battery off mode;

If the NFC device is operating in full power mode, selecting all AIDs in the AID table corresponding to applications that are not active for execution in battery off mode, based on the accessed information;

If the NFC device is operating in a battery off mode, selecting all AIDs in the AID table corresponding to the applications enabled for execution in the battery off mode, based on the accessed information; And

The method may further include transmitting all entries in the AID table corresponding to the selected AIDs to the reader device.

According to the present invention, since multiple applications can check flags in the AID table to determine which applications require battery support, multiple SEs need to be powered to determine if the applications stored in the SEs require power. There is no advantage.

Accordingly, the inclusion of this flag in the AID table has the advantage of saving power and enabling the NFC device to operate more efficiently.

The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate embodiments of the invention and, together with the general description given above and the description of the examples given below, serve to explain the principles of the invention.
1 is a block diagram of an NFC environment.
2 is a block diagram of a multi-device NFC environment.
3 is a block diagram of an NFC device.
4A is a block diagram illustrating the integration of an NFC device into an electronic host communication device having a shared memory in accordance with embodiments of the present invention.
FIG. 4B illustrates the integration of separate nonvolatile (NV) memory within the block diagram of FIG. 4A.
4C illustrates an implementation of an additional separate NV memory within the block diagram of FIG. 4A.
5 is a flowchart of a method for providing secure application support for NFC devices in both battery on and battery off modes in accordance with an embodiment of the present invention.
6 is a flowchart of another method of providing secure application support for NFC devices in both battery on and battery off modes in accordance with an embodiment of the present invention.
7A is a block diagram of an AID table according to an embodiment of the invention.
7B is a block diagram of an AID table including battery off activation flags according to an embodiment of the invention.
8 is a flowchart of a method for providing secure application support for NFC devices in both battery on and battery off modes in accordance with an embodiment of the invention.
The features and advantages of the present invention will become more apparent from the following detailed description when the same reference numerals are taken in conjunction with the drawings in which corresponding elements are shown. In the drawings, like reference numerals generally denote the same or functionally similar and / or structurally similar elements. The first appearing figure is indicated by the number (s) at the far left of the corresponding reference numeral.

In the following description, numerous specific details are set forth in order to provide a thorough understanding of the invention. However, it will be apparent to those skilled in the art that the invention, including structures, systems, and methods, may be practiced without these specific details. The description and representations herein are the general means used by those skilled in the art to most effectively convey the substance of their work to others skilled in the art. In other instances, well-known methods, procedures, components, and circuits have not been described in detail to avoid unnecessarily obscuring aspects of the invention.

References in the specification to “one embodiment”, “an embodiment”, “an embodiment as an example”, and the like, although the described embodiments may include special features, structures, or characteristics, all embodiments are not necessarily special features, structures, or characteristics. It does not include that. Moreover, such phrases are not necessarily referring to the same embodiment. In addition, when particular features, structures, or features are described in connection with the embodiments, it is within the knowledge of those skilled in the art to affect these features, structures, or properties with respect to other embodiments, whether or not explicitly described.

1. Overview

Embodiments of the present invention provide systems and methods for secure application support for NFC devices in both battery on and battery off modes. Both applications that require an available host battery supply and applications that do not require an available host battery supply are loaded onto the secure element (SE) of the host mobile device. One of the two applications is selected based on the power mode of the NFC device.

For example, in the case of a credit card application, (1) a mobile device banking application that interacts with a mobile device host to request a PIN entry on the host; And (2) two applications, a contactless smart card banking application that emulates a contactless credit card. The first application is activated when the host battery supply is available (ie, when the NFC device is operating in full power mode), and the second application is activated when the host battery supply is not available (ie, when the NFC device is in battery off mode). Is activated when running on.

2. NFC Systems and Environments

2.1 NFC Environments

1 illustrates a block diagram of an NFC environment in accordance with an embodiment of the present invention. NFC environment 100 provides wireless communication of information, such as one or more commands and / or data, between first NFC device 102 and second NFC device 104 that are sufficiently close to each other. The first NFC device 102 and / or the second NFC device 104 can be implemented as a standalone or separate device, such as a mobile phone, or in some instances provide another electrical device or host device, such as a mobile phone. , Other computing devices such as portable computing devices, laptops, tablet computers, or desktop computers, computer peripherals such as printers, portable audio and / or video players, payment systems, parking ticketing systems, such as bus ticketing systems, train ticketing systems, or In an entry ticketing system, or ticket reading system, mounted in a toy, game, poster, packaging, advertisement, product inventory check system and / or any other suitable electronic device that will be apparent to those skilled in the art within the spirit and scope of the present invention. Can be combined with them. In this specification, when mounted in or coupled to another electrical or host device, this type of NFC device may be referred to as an NFC capable device.

The first NFC device 102 generates a magnetic field and probes a magnetic field for the second NFC device 104. The first NFC device 102 and the second NFC device 104 may be implemented using a type A standard, a type B standard, a Type F (FeliCa) standard, and / or a vicinity standard. . The Type A and Type B standards, published November 18, 2010 NFC Forum: NFC Activity Guide: technical documentation, NFC Forum ^TM Activity 1.0 NFCForum-TS-Activity-1.0 , ( after the "NFC Activity Guide (NFC Activity Specification ) ")" And / or ISO / IEC 14443-3, as defined in "Identity Cards-Contactless Integrated Circuit (s) Cards-Proximity Cards-Part 3: Initialization and Collision Avoidance" published June 11, 1999 Which is hereby incorporated by reference in its entirety The Type F standard is further defined in the NFC Activity Specification, which is published in ISO / IEC 15693-3: 2009, 6 April 2009. It is further defined in "Identification Cards-Contactless Integrated Circuit (s) Cards-Versity Cards-Part 3: Collision Avoidance and Transmission Protocol (hereafter" Vicinity Specification ")".

When establishing communication with the second NFC device 104, the first NFC device 102 modulates the information corresponding to the first carrier wave and provides a first information communication 152. The first magnetic field is generated by providing modulated information communication with a first antenna of the first NFC device. Once the information is sent to the second NFC device 104, the first NFC device 102 sends the first carrier wave without its corresponding information to continue providing the first information communication 152. Continue to apply. The first NFC device 102 connects to the second NFC device 104 to allow the first information communication 152 to be inductively connected to a second antenna of the second NFC device 104. Close enough.

The second NFC device 104 derives and harvests power from the first information communication 152 to recover, process, and / or provide a response to the information. The second NFC device 104 demodulates the first information communication 152 to recover and / or process the information. The second NFC device 104 may respond to the information by applying the corresponding information to the first carrier wave inductively coupled to the second antenna to provide the second modulated information communication 154. Can be.

Further operations of the first NFC device 102 and / or the second NFC device 104 are described in "Information Technology-Between Systems" published in International Standard ISO / IEC 18092: 2004 (E), April 1, 2004. Telephony and Information Exchange-Near Field Communication-Interface and Protocol (NFCIP-1), "Information Technology-Telephony and Information Exchange Between Systems-Near Field Communication-Interfaces and Protocols", published January 15, 2005 -2 (NFCIP-2) ".

2 illustrates a typical multi-device environment. The NFC environment 200 may include one or more commands and / or data between the first NFC device 202 and the plurality of second NFC devices 204.1 to 204.N sufficiently close to the first NFC device 202. Provides wireless communication of the same information. As noted above with respect to FIG. 1, the first NFC device 202 and / or the second NFC devices 204.1-204.N may be implemented independently or as separate devices or other electrical devices. Or integrated into or connected to host devices. In FIG. 2, each of the second NFC devices 204.1-204.N has a single identity associated therein, such as a ticket, credit card, identity card, and the like. Such devices 204.1-204.N may be a plurality of NFC devices such as smart cards, tokens, and / or mobile computing devices that store in a wallet, wallet, or similar portable item. There is a limit to the number of second NFC devices 204.1 to 204.N that may be possible to respond to the first NFC device 202 corresponding to substantial limitations such as space or power available from a reader field. There is no

In such an environment, when the first NFC device 202 polls for the second NFC device 204.1-204.N, each second NFC device 204.1-204.N will have it connected to the first. The NFC device 202 responds with a type of NFC device that it has polled. Examples of the polling procedure are described in the NFC Activity Manual and November 17, 2010, "NFC Forum: NFC Digital Protocol: Technical Manual, NFC Forum ^TM Digital 1.0 NFC Forum-TS-Digital Protocol-1.0," (hereinafter " NFC digital protocol ", which is incorporated herein by reference in its entirety. The typical polling procedure considers a number of standards, including the Type A standard, the Type B standard, and the Type F standard.

Typically, there is some possibility that each second NFC device 204.1-204.N will respond at a different time; Otherwise, a collision occurs. The NFC Activity Manual and / or the ISO / IEC 14443-3 and / or Versity Manual provide for collision avoidance in such situations. Since each second NFC device 204.1-204.N only has one identifier associated with it, it determines how to respond and responds to the poll of the first NFC device 202 when the identifier matches. There is no difficulty. It is also possible to emulate multiple identifiers in a single NFC device. Such an NFC device is a multi-identifier device because it emulates multiple identifiers.

2.2 NFC devices

3 is a block diagram of an NFC device that may be used in accordance with an embodiment of the invention. NFC device 300 is in a polling mode of operation to provide polling examples, in response to polling commands from a second NFC-enabled device such as NFC device 102 or NFC device 104, Or configurable to operate in a tag mode of operation. NFC device 300 may represent an NFC tag or NFC communicator. An NFC reader is a type of NFC device that can operate in initiator mode to initiate communication with another NFC-enabled device. An NFC tag is a type of NFC device that can operate in target mode to respond to initiation of communication by another NFC-enabled device. An NFC communicator is a type of NFC device that can operate in initiator or target mode and can switch between these two modes.

NFC device 300 may represent a standalone or separate device or may represent an NFC enabled device. Since the second NFC-enabled device may be configured substantially similar to the NFC device 300, the following description focuses on describing the NFC device 300. NFC device 300 may have a plurality of identifiers, such as tickets, credit cards, identification, and the like associated with it. NFC device 300 includes an antenna module 302, a demodulator module 304, a controller module 306, a power harvesting module 308, and a memory module 310. NFC device 300 may represent an embodiment of NFC device 104.

Antenna module 302 inductively receives communication signal 350 from the second NFC-enabled device and provides recovered communication signal 354. Typically, the received communication signal 350 includes a polling command modulated by a second NFC enabled device.

Demodulator module 304 demodulates demodulated communication signal 354 using any suitable analog or digital modulation technique to provide recovered command 356. The restored command 356 may be a polling command. Suitable analog or digital modulation techniques include amplitude modulation (AM), frequency modulation (FM), phase modulation (PM), phase shift modulation (PSK), frequency shift modulation (FSK), amplitude shift modulation (ASK), quadrature amplitude modulation ( QAM) and / or any other suitable modulation technique that will be apparent to those skilled in the art.

When demodulator module 304 is in the Type A tag field, it detects polling commands based on 100% ASK modulation. The voltage amplitude drops substantially to zero, so the demodulator module 304 functions as a gap detector for Type A tags. In this situation, any modulation based on another modulation scheme that does not fall below the threshold required for Type A tags may be given a digital value of one. When the amplitude has fallen low enough, the demodulator module 304 gives a digital value of zero according to the modified Miller coding scheme.

When demodulator module 304 is in a type B tag field, it detects polling commands based on 10% ASK modulation. Demodulator module 304 has a voltage threshold at 90% of the total modulation amplitude. If the modulation of the polling command is reduced below this threshold, demodulator module 304 gives a digital value of zero in accordance with the NRZ-L encoding scheme. In this situation, any modulation based on another protocol may fall below the threshold required for type B tags and thus a digital value of zero may be given. Any modulation that stays above this threshold will be given a digital value of one.

When demodulator module 304 is in the Type F tag field, polling based on a Manchester coding scheme that uses a modulation threshold between that used for Type A and that used for Type B tags. Detect commands If the modulation of the polling command is reduced below this threshold, a digital value of zero will be given. Any modulation that stays above this threshold will be given a digital value of one.

As can be seen from above, a type A tag assigns a digital value of zero to any modulation based on type B or type F tags since the modulation amplitude will not fall below the threshold required for 100% ASK modulation. I will not. Accordingly, the demodulator module 304 in the type A tag will not detect the polling command sent to detect the type B or type F tag.

When demodulator module 304 is in the Versity Standard Tag field, it detects polling commands based on 10% or 100% ASK modulation, depending on the selection of modulation by the reader. When using 100% ASK modulation, the demodulator module 304 acts as a gap detector for the Versity standard tags since the voltage amplitude drops substantially to zero. In this situation, any modulation based on another modulation scheme that does not fall below the threshold required for the Versity Standard tags may be given a digital value of one. When the amplitude drops sufficiently, the demodulator module 304 gives a digital value of zero in accordance with the pulse position modulation.

When using 10% ASK modulation using the Versity standard, demodulator module 304 has a voltage threshold at 90% of the total modulation amplitude. If the modulation of the polling command decreases below this threshold, demodulator module 304 gives a digital value of zero in accordance with the pulse position modulation encoding technique. In this situation, any modulation based on another protocol may fall below the threshold required for Versity standard tags, so a digital value of zero will be given. Any modulation that stays above the threshold will be given a digital value of one.

With other aspects of the NFC device 300, the controller module 306 controls the overall operation and / or configuration of the NFC device 300. The controller module 306 sends a list search command 362 to the memory module 310 when the NFC device 300 supports a plurality of identifiers. The control module 306 receives the list search response 364 with a first identifier that matches the polling command feature (s). The controller module 306 then provides a response 358 to the restored command 356, which includes a list search response 364 when responding to the polling command.

Typically, the second NFC enabled device inductively couples the carrier on the antenna module 302 as a received communication signal 350 after sending a polling command to the NFC device 300. The controller module 306 modulates this carrier according to the response 358 to provide the transmitted communication signal 360. For example, the impedance of antenna module 302 is varied based on response 358 to vary the load of NFC device 300 seen by the second NFC-enabled device.

The power harvesting module 308 may collect power for the NFC device 300 from the restored communication signal 354. Power harvesting module 308 for powering other modules of NFC device 300, such as antenna module 302, demodulator module 304, controller module 306, and / or memory module 310. Power combinations from are not shown in FIG. 3. Alternatively or additionally, a battery may be provided.

The memory module 310 stores a list of a plurality of identifiers associated with the NFC device 300. When the received communication signal 350 is a polling command modulated from a second NFC-enabled device, the memory module 310 issues a list search command 362 to retrieve a list of a plurality of identifiers associated with the NFC device 300. Receive. Once it is found that matches the characteristics of the polling command, the memory module 310 returns the corresponding identifier as a list search response 364. For example, such a match may be referred to as a first match, and may indicate a first identifier that matches characteristics of a polling command among a plurality of identifiers.

2.3 Integrating NFC Devices into Host Devices

NFC devices (such as NFC device 300) may be integrated into a host communication device (eg, a host mobile phone). 4A is a block diagram illustrating the incorporation of an NFC device 300 into an electronic host communication device 400 having a shared memory 404 in accordance with embodiments of the invention. In an embodiment, the electronic communication device 400 includes an NFC device 300, a memory 404, a security component 408, a WI-FI component 410, a telephone component 412, a Bluetooth component 414. ), A battery 416, a host processor 418, and a bus 420 used to power a communication device. It should be noted that the components 412, 418, 410, 408, 414 are optional and are provided to illustrate the components that may be mounted within the host communication device. Further, according to embodiments of the present invention, one, some, or some, or all of the components 412, 418, 410, 408, and 414 may be mounted or not mounted at all in the host communication device 400. You should know

In accordance with embodiments of the present invention, host communication device 400 is not limited to, but is not limited to, mobile phones, portable computing devices, and other computing devices such as personal computers, laptops, desktop computers, printers. Computer peripherals, such as portable audio and / or video players, payment systems, such as parking ticket systems, bus ticketing systems, train ticketing systems, or ticket issuing systems such as admission ticketing systems. Electronic communication devices.

In an embodiment, the NFC devices and / or NFC controllers are designed to include secure element (s) using secure external memory. In an embodiment, this external secure memory is provided by a host mobile device (eg, memory 404). In another embodiment, this external secure memory is provided by a dedicated additional nonvolatile memory chip, such as flash or EE memory. Using this external memory allows NFC devices and / or NFC controllers to be manufactured using 40nm process technology, which does not necessarily support nonvolatile memory.

However, using external memory has several disadvantages. For example, when the host device (eg, the electronic communication device 400) is operating in a battery off mode (low battery mode), the NFC device 300 supplies power to the host device as well as the NFC device circuit. It may not be possible to collect enough energy (eg, using the power harvesting module 308). This is especially true if the NFC device uses a small antenna (eg, antenna module 302).

One solution to this problem is to use a separate nonvolatile memory that is not shared by the host device. 4B illustrates the integration of this separate nonvolatile (NV) memory 422. As discussed above, the separate NV memory 422 may be flash or EE memory, and in embodiments, the separate NV memory 422 is a secure memory. For example, data stored in a separate NV memory 422 is encrypted for protection while in a non-secure device (eg, host communication device 400). Accordingly, the NFC device 300 uses the power harvesting module 308 to collect energy and power all other components of the host communication device 400 without the need for a separate NV memory 422. Memory can be accessed from Although one separate NV memory 422 is shown in FIG. 4B, it will be appreciated that embodiments of the present invention include a plurality of separate NV memories. For example, FIG. 4C illustrates an implementation of a separate NV memory 424 in addition to the host communication device 400.

3. Provides application support in battery on and battery off modes

Some NFC device applications require relatively high power to run. For example, some NFC device applications require interaction with a host device. If the host device does not have enough battery power to operate, these NFC device applications may not be able to perform the required tasks because the host device functionality is not available. For example, some NFC device applications may require user input from the host mobile device (eg, user input from a keyboard or number pad on the host mobile device). Other NFC device applications do not require relatively high power to run and can be supported using collected energy. These applications may perform the required tasks without powering the host device.

For example, some financial applications require the entry of a PIN. Credentials for supporting contactless financial applications on mobile devices require that the mobile device host is not powered when the host power is not available at all (ie, when the NFC device is operating in battery off mode) and the PIN is Specifies that financial applications such as credit card transactions cannot be supported because they cannot be entered in. However, some NFC device applications may receive data from a PIN entered at a point of sale. Accordingly, if the NFC device financial application can receive data from the PIN entered at the POS device and can run the financial application using the collected power, the financial application can run in battery off mode.

For example, contactless smart card banking applications can emulate a contactless credit card without requiring full battery power. Accordingly, the contactless smart card emulation function may be supported by the NFC device in the battery off mode or the low battery mode since the NFC device sending the contactless smart card information does not need to be supported by the host battery power. Also, in some cases, encryption of the secure memory block can be protected by OTP (once programmable) memory in the security controller (used to count on every change of secure memory), this type of memory being associated with If the NV memory needs to be modified, it can require a large amount of energy to program.

In another example, a ticketing application (eg, a bus, train, aircraft ticketing application, or application for an amusement park that manages a user's tickets for rides) may have entered user input (eg, entering a PIN or being prompted). Authorization from the user may be required by selecting "yes" or "no" from the keypad. If the host device is not powered, applications that require user input on the host device may not be able to run, but applications that interact with an external device (eg, a POS device) collect enough energy to run. You may.

In order to be able to use applications requiring user input regardless of the power state of the host device, two (or more) different versions of the application type (e.g., two financial applications, two ticketing applications) , Etc.) can be loaded into memory that can be accessed by the NFC device (eg, in a separate NV memory 322). One version of the application may receive data input on the host device and the other version of the application may receive input from an external device (such as a POS device). Versions of an application that do not require the host device to be powered may run when the NFC device is operating in a battery off mode (or low battery mode). In an embodiment, two applications may share resources such as EE memory, keys, and the like.

Some applications (eg, financial applications) require access to secure memory (eg, separate NV memory 322). Even if the host device does not have enough power to accept user input, the NFC device can collect enough energy to power this secure memory for the application to run. Accordingly, embodiments of the present invention allow NFC devices to provide secure application support even when the NFC device is operating in a battery off mode.

In an embodiment of the invention, NFC controller 306 recognizes the power mode in which NFC device 300 is operating. For example, the controller 306 can know whether the NFC device 300 is operating in a full power mode, a low power mode, or a battery off mode. The controller 306 may detect that the NFC device has been switched to a new power mode during the operation or non-operation of the NFC device (e.g., the European Telecommunications Standards Institute (ETSI) specification TS 102613, which is incorporated herein by reference in its entirety. Depending on the). The controller 306 can use this power mode information to determine which applications to include when the reader requests a list of available applications.

Although embodiments of the present invention have been described above in connection with financial applications and ticketing applications, it should be understood that these applications are provided by way of example and not limitation. Those skilled in the art will appreciate that embodiments of the present invention may be applied to any type of application having different versions for operating in full power mode or battery mode.

3.1 Security Application Support Using One Security Element

As discussed above, various application types may be stored on the host device, including financial applications, ticketing applications, and the like. In one embodiment, two versions of the application type may be loaded on the host mobile device, and one of the two versions of the application may be selected based on the power mode of the NFC device. For example, a secure element (e.g., separate NV memory 422 or 424) on a mobile device (e.g., host device 400) includes two versions of a credit card application (1) on the host. A mobile device banking application that interacts with the mobile device host to request a PIN entry, and (2) a contactless smart card banking application that emulates a contactless credit card can be loaded. The first application may be activated when the entire host battery supply is available, and the second application may be activated when the host battery supply is not available at all (or in an embodiment, when a low host battery supply is available). The second application does not require host power because the reader requests a PIN input on the POS device when the second application is activated.

When the reader requests a list of available applications, the secure element may respond with applications related to the current power mode (ie, smart card emulation applications for battery off mode and mobile device applications for battery on mode). have. For example, in an embodiment, NV memory 422 is secure memory and two financial applications, comprising: (1) a first financial application that interacts with a mobile device host to request a PIN entry on the host; And (2) a second financial application that emulates a contactless credit card. The controller 306 detects whether the NFC device 300 operates in full power mode or battery off mode. When the controller 306 receives a request for a list of available applications from the reader, the controller indicates that either the first financial application or the second financial application is available, depending on the battery mode of the NFC device 300.

Embodiments of the invention may also provide safeguards when activating applications that do not require user input in a battery off mode. For example, some relatively inexpensive transactions do not require a PIN entry. In order to prevent widespread use of lost or stolen mobile devices, embodiments of the present invention may permit a limited number of these transactions when the NFC device is operating in a battery off mode. In an embodiment, the number of low cost transactions allowed may be stored in memory to manage how many low price transactions have been performed. This number may be incremented or decremented each time low price transactions are executed. In an embodiment, the number of allowed transactions may be reset again once the predetermined event has occurred (eg, once the PIN has been entered using a function on the mobile device). In an embodiment, the user can set a cost threshold to determine which transactions will be supported in the battery off mode. For example, an NFC device may be initially configured to activate only transactions less than $ 20 in battery off mode, but the user may decide to raise this cost threshold by $ 40. Further, in an embodiment, the user may set the number of allowed battery off transactions before the NFC device prevents the use of these transactions in the battery off mode. For example, an NFC device may initially be configured to allow five transactions in battery off mode before requiring user authentication (eg, via password entry on the host device), but the user may This number of allowed transactions can be increased to 10 allowed transactions.

As another example, a building authorization NFC device application may be configured to interact with a reader to authorize a user to enter a building. The full power version of this application may require user input (eg biometric scan, voice recognition, or PIN) on the host device (eg mobile phone). The battery off version of the application can emulate a contactless card (which may or may not receive user input from an external device). In some cases, the full power version includes additional security measures, so this may be desirable. However, the battery off version may be useful in emergency situations if no host power is available. In an embodiment of the present invention, the NFC device may cause the battery off version of the application to be used a limited number of times (eg, by storing a counter in memory). Once this counter has reached a predetermined threshold, the NFC device may prevent the battery off version from being used until an event occurs (eg, until the user enters a password into the host device).

Although embodiments of the present invention have been described above in connection with financial applications and building permit applications, it should be understood that these applications are provided by way of example and not limitation. Those skilled in the art will appreciate that embodiments of the present invention may be applied to any type of application having different versions for operation in full power mode or battery mode.

5 is a flowchart of a method for providing secure application support for NFC devices in both battery on and battery off modes in accordance with an embodiment of the present invention. In step 500, a request for a list of available applications is received from a reader. At step 502, the power mode of the NFC device (eg, NFC device 300) is determined. For example, the controller 306 can determine whether the NFC device 300 is operating in full power or battery off mode. The controller 306 can either determine that any one or more applications that do not require host user input are available (step 504) or that one or more banking applications that require user input are available depending on the power mode of the NFC device ( Step 506) responds to the reader. For example, the controller 306 may be an application that requires host user input if the NFC device is operating in full power mode (ie, if the host device has enough power to allow a PIN input on the host device). May respond to the reader with an application identifier (AID) of. The controller 306 does not require host user input if the NFC device is operating in battery off or low battery mode (ie, if the host device does not have enough power to allow a PIN input on the host device). The application may respond to the reader with the application identifier (AID) of the application.

6 is a flowchart of another method of providing secure application support for NFC devices in both battery on and battery off modes in accordance with an embodiment of the present invention. In step 600, a request to run an application from a reader is received (eg, by the controller 306). In step 602, the controller 306 determines the power mode of the NFC device. In step 604, an application that does not require user input is run if the NFC device is operating in battery off mode. For example, if controller 306 determines that NFC device 300 is operating in battery off mode, controller 306 accesses secure memory 310 and selects an application that emulates a contactless credit card. Run this application. If NFC device 300 is not operating in battery off mode, controller 306 executes an application that requires user input on the host at step 606. For example, if the controller 306 determines that the NFC device 300 is operating in full power mode, the controller 306 accesses the secure memory 310 and the NFC device 300 (for user input) ( For example, select a mobile device application that uses the function on a host device that implements a mobile phone) and run the application.

Note that “full power mode” as described herein indicates that sufficient host power is available to handle all NFC applications. "Full power mode" as described herein does not necessarily require the host device's battery to be fully charged. Although the full power mode and the battery off mode have been discussed above, one or more low power modes may be implemented in accordance with an embodiment of the present invention and the controller 306 allows the NFC device 300 to operate in any of these low power modes. You will know if you can.

In addition, "battery off mode" as described herein does not have sufficient power to allow the host device to make user input (eg, input of a PIN) on the host device. It will be understood to indicate. That is, if the host device has some power but not enough power to allow user input on the host device, the controller 306 only displays the availability of applications that do not require user input on the host. (E.g., step 504 in FIG. 5) Activate applications that do not require user input on the host in accordance with embodiments of the present invention (e.g., step 604 in FIG. 6).

3.2 AID Tables

NFC devices communicate using command-response pairs. The applications can be selected implicitly or explicitly. In either case, the instructions for accessing the application include an application identifier (AID). In an embodiment, each NFC device includes a list of supported applications and optionally associated data elements (eg, an AID table). This AID table may be stored, for example, in the OTP memory, electrically erasable programmable read only memory (EEPROM), or flash memory of the NFC device. The list of AIDs in the AID table may be sent to the reader when the reader requests it. The reader may then issue a command to run an application corresponding to one of the transmitted AIDs.

The AID table is used by the NFC controller once the NFC application enters a trading mode (eg, ISO 14443 level 4 trading mode). At this point, the reader requests a list of available applications. The NFC controller sends available application IDs to the reader, but withholds applications that have been flagged as requiring host power if the controller is in low power or battery off mode.

For example, this list of applications is described in "International Standard 1SO / IEC 7816-4," Identification cards -Integrated circuit cards -Part 4: Organization, "published January 15, 2005, which is incorporated herein by reference in its entirety. security and commands for interchange ", which may be stored in a directory file, such as" EF.DIR. "The EF.DIR directory file contains a set of application identifiers and selects applications. Determine which instructions are to be performed, but it should be appreciated that embodiments of the present invention may be applied to any table comprising a list of applications and / or application identifiers.

In an embodiment, once the host communication device (eg, host device 400) is powered on, the communication device polls all secure elements (eg, security devices and / or secure memories) and Update the AID routing table with information about the status of any particular application. If multiple secure elements (e.g., multiple secure memories) are in the host device, then as described by ISO 7816, which includes the entirety of the Extended Application Identifier (AID) table (e.g., incorporated herein by reference in its entirety). Same) can be used. The AID table is compiled by the host by reading the AID lists from all available secure elements and compiling the master NFC controller AID list. If there are a plurality of SEs, the controller 306 may determine which SEs to power based on an identifier (eg, identifier 703) in the AID table that indicates the location of the application.

FIG. 7A illustrates an extended AID table including a list of AIDs 702, a location in memory 703 of the corresponding application, and (optionally) instructions 704 for executing the application 402. It is a block diagram. For example, in an embodiment, location “MEM1” may correspond to NV memory 422 and location “MEM2” may correspond to NV memory 424.

3.3 Application Support with Multiple Security Elements

Embodiments of the present invention provide for the addition of a battery off activation flag in the AID selection table to indicate applications that may be executed when host power is not available. Since the controller can check the flags in the AID table to determine which applications require battery support, multiple SEs do not need to be powered to determine if the applications stored in the SEs require power. Accordingly, including this flag in the AID table can save power and allow the NFC device to operate more efficiently. The AID table can be updated when additional security applications are added to the system.

FIG. 7B shows the "Battery Off Mode Enabled" columns added to the table of FIG. 4A. It should be understood that the AIDs and instructions shown in FIGS. 4A and 4B are examples and are intended to illustrate embodiments of the present invention. According to an embodiment of the invention, if the NFC device is running in a battery off mode (or in some embodiments, a low battery mode), the NFC device may refer to the AID referenced in the command prior to executing the instructions 704. Check 702 for corresponding battery off activation flag 406. In an embodiment, the battery off activation flag 706 set to "1" indicates that the application will be activated during battery off or low battery mode. However, those skilled in the art will appreciate that the battery off activation flag 706 may be set to "1" to indicate that the application should be deactivated during battery off or low battery mode.

In an embodiment, the AIDs with the battery off activation flag set to "0" (ie, unless the battery-off mode is activated for the application) are not sent to the reader when the reader requests a list of available applications. Accordingly, in this embodiment, when the NFC device operating in the tag operation mode is operating in the battery off mode, the reader sends only a list of applications with the battery off activation flag with the tag set to "1" to the reader. Applications with higher power requirements (e.g., applications requiring a PIN input on the host device) cannot be requested to run, therefore the reader may not be able to request applications with a battery off activation flag set to "0". In another embodiment, the full list of AIDs is sent to the reader along with a corresponding battery off activation flag so that the reader knows that some applications will not run on request. In the full list of AIDs, the battery off activation flag The NFC device, which is sent to the reader without any operation and is operating in the tag operation mode, ignores requests to run applications with the battery off activation flag set to "0".

For example, application 708 has a battery off activation flag set to "1". In an embodiment, this flag indicates that the application 708 can run in battery off mode. For example, application 708 can be a financial application that does not require a PIN entry on the host device. On the other hand, applications 709 and 710 have battery off activation flags set to "0" to indicate that applications 709 and 710 cannot run in battery off mode. For example, the applications 709 and 710 may be applications requiring a PIN input on the host device. Thus, in an embodiment, during the battery off mode, only AID 708 is sent to the reader requesting a list of available applications. If the application associated with AID 708 is executed, only the MEM2 (eg, NV memory 424 in the embodiment) is powered so that the application can run.

Note that some application types may be executed regardless of whether or not host battery power is available. Some shipping ticket applications may never require user input. For example, a transportation ticket application can be configured to send information to the reader without having to prompt the user for user input. In this case, it is not necessary to load two versions of the application (one for full power mode and one for battery off mode) to the host device. Rather, one version of the application can be loaded into the host device and the battery off mode activation flag 706 for the application can be set to "1". Since the application does not require host battery power, the availability of the application in the list of AIDs can always be known to the reader when the reader requests the list of available applications.

For example, in an embodiment, the application 711 is a transportation ticketing application that does not even require host power. When the reader requests a list of applications, the application 711 is sent to the reader in the AID list regardless of whether the NFC device is operating in full power mode or battery off mode (or low battery mode). Alternatively, in embodiments, other flags may be used to indicate applications that may be executed regardless of whether host power is available. For example, in an embodiment, the battery off mode activation flag 706 may be an integer, and the value of "2" to indicate that multiple versions of the application are not present and may be executed regardless of whether host power is available. The battery off mode activation flag may be assigned to the application 711.

Also, some applications that require user input can never run in battery off mode. For example, some financial applications may not be configured to accept user input from a remote device because of security concerns. These financial applications may require the user to always enter a PIN on the host device. In this case, two different versions of the financial application are not loaded on the host device. Rather, a single version of the application can be loaded on the host device and the battery off mode activation flag 706 for the application can be set to zero. If the battery off mode activation flag 706 for the application is set to 0, then the AID for the application will not be sent to the reader if the host device is operating in battery off mode.

If additional secure elements are added to the host device, the AID table of FIG. 7B can be updated to include these elements. For example, if a third NV memory is added to the host device 400, the AID table of FIG. 7B can be used to identify applications stored in AIDS 702, location fields 703, instructions 704, and “MEM3”. It may be updated to include battery off activation flags 706.

8 is a flowchart of a method for providing secure application support for NFC devices in both battery on and battery off modes in accordance with an embodiment of the invention. In step 800, a request for a list of available applications is received from a reader. At step 802, the power mode of the NFC device (eg, NFC device 300) is determined. For example, the controller 306 can determine whether the NFC device 300 operates in full power or battery off mode. The controller 306 accesses an AID table (eg, an AID table stored in the memory module 310) that includes fields 703 for locations in the secure memory of all available applications, and accesses the power mode of the host. Thus responding to the leader by sending portions of the AID table with the battery off activation flag set to 1 (step 804) or the battery off activation flag set to 0 (step 804).

For example, the controller 306 can access the AID table of FIG. 7B if a request for available applications is received from the reader. If no host power is available, the controller 306 returns an AID table to the reader with rows 711 and 708 (ie, rows containing information for applications available for execution in battery off mode). If full power is available, the controller 306 may reply to the reader with an AID table with rows 709 and 710 (ie, row information for applications in FIG. 7B available for execution in full power mode).

In an embodiment, the controller 306 may execute applications that do not require host power when full host power is available, so if the full power is available, the entire AID table (eg, rows 710, 708, 709, 711), the AID table of FIG. 7B). In this case, when the reader receives a list of AIDs, the reader receives the user input from two different versions of the application (eg, the full power version of the application requiring user input on the host device and the external device). Receive a list of AIDs). If host power is available, the reader may want to select the full power version of the application. The reader can distinguish the full power version from the battery off version by checking the battery off activation flags in the transmitted AID table. In some cases, the reader may choose to choose a low power version of the application to save power.

4. Conclusion

It is to be understood that the detailed description, and not the summary, are intended to be used to interpret the claims. The summary section may begin as more than one but not all exemplary embodiments of the invention as contemplated by the inventor (s), and therefore are not intended to limit the invention and the appended claims in any way.

The present invention has been described above with the aid of functional blocks representing the implementation of specified functions and their relationships. The boundaries of these functional blocks have been arbitrarily defined within the specification for ease of explanation. Changeable boundaries can be defined as long as certain functions and their relationships are performed properly.

The foregoing description of specific embodiments provides sufficient general characteristics of the invention to enable those skilled in the art to apply their knowledge to readily modify and / or modify these specific embodiments for various applications without undue experimentation within the spirit and scope of the invention. Will reveal. Therefore, such adaptations and modifications are intended to be within the meaning and plurality of equivalents of the disclosed embodiments based on the teachings and guidance presented herein. It is to be understood that the phraseology and terminology herein is for the purpose of description and not of limitation, so that it is to be interpreted by those skilled in the art in accordance with the teachings herein.

The systems and methods above may be implemented as a computer program running on a machine, or as a computer program product, or as a real and / or non-transitory computer-readable medium having stored instructions. For example, the functions described herein may be implemented by computer program instructions executed by a computer processor or any of the hardware devices listed above. Computer program instructions cause the processor to perform the signal processing functions described herein. Computer program instructions (eg, software) may be stored on an actual, non-realistic computer usable medium, or on a computer program medium, or any storage medium that can be accessed by a computer or a processor. Such media include memory devices such as RAM or ROM, or other types of computer storage media such as computer disks or CD ROMs. Thus, any practical non-transitory computer storage medium having computer program code for causing a processor to perform the signal processing functions described herein is within the scope and spirit of the present invention.

While various embodiments of the invention have been described above, it should be understood that these are presented by way of example only and not limitation. It will be apparent to those skilled in the art that various changes in form and details may be made to the invention within the spirit and scope of the invention. Accordingly, the breadth and scope of the present invention should not be limited by any of the above-described exemplary embodiments, but should be defined only in accordance with the following claims and their equivalents.

Claims (15)

In a near field communication (NFC) device,
A power harvesting module;
A memory for storing a list of application identifiers (AIDs); And
And a controller, wherein the controller
Receive a request for an AID from a reader device corresponding to an application that requires entry of a personal identification number (PIN),
Access the list of AIDs,
Select an AID in the list of AIDs to be sent to the reader device based on the power mode of the NFC device,
And transmit the AID to the reader device. The method of claim 1, wherein the controller
Select a first AID if the NFC device is operating in a full power mode;
And select the second AID if the NFC device is operating in a battery off mode. The method of claim 1, wherein the controller
Select a first AID if the host device coupled to the NFC device has sufficient power to allow a personal identification number (PIN) to be entered on the host device;
And select a second AID if the host device does not have sufficient power to allow input of the PIN on the host device. The method of claim 1, wherein the controller
If the NFC device is operating in a full power mode, a first corresponding to a first financial application interacting with a host device coupled to the NFC device to request entry of a personal identification number (PIN) on the host device; Select an AID;
And if the NFC device is operating in a battery off mode, select the second AID corresponding to a second financial application that emulates a contactless credit card. The NFC device of claim 4 wherein the second financial application provides credit card information to a point of sale device. The NFC device of claim 1, wherein the controller is further configured to receive a personal identification number (PIN) for execution of an application corresponding to the transmitted AID. The NFC device of claim 1 wherein the list of AIDs is an AID table. The NFC device of claim 7 wherein the AID table indicates a location of an application corresponding to the AID in a secure memory coupled to the NFC device. 8. The NFC device of claim 7, wherein the controller is further configured to select an entry in the AID table based on the power mode of the NFC device. The method of claim 7, wherein the controller is
Access information in the AID table indicating which applications are configured for execution in battery off mode,
If the NFC device is operating in a full power mode, based on the accessed information, select a first AID in the AID table;
And if the NFC device is operating in the battery off mode, further configured to select a second AID in the AID table based on the accessed information. The method of claim 10, wherein the controller is further configured to access a battery off enabled flag entry in each entry of the AID table to access information indicating which applications are configured for execution in battery off mode. More configured, NFC device. The method of claim 7, wherein the controller is
Access information in the AID table indicating which applications have been activated for execution in battery off mode,
If the NFC device is operating in a full power mode, select all AIDs in the AID table corresponding to applications not activated for execution in the battery off mode, based on the accessed information,
If the NFC device is operating in the battery off mode, select all AIDs in the AID table corresponding to the applications activated for execution in the battery off mode, based on the accessed information,
And send all entries in the AID table corresponding to the selected AIDs to the reader device. battery; And
Including an NFC device, The NFC device,
Check the power level of the battery to determine the power mode of the NFC device,
Receive a request for an application identifier (AID) from a reader device,
Access a list of AIDs,
Select the first AID in the list of AIDs corresponding to the first financial application if the NFC device is operating in full power mode,
Select the second AID in the list of AIDs corresponding to the second financial application if the NFC device is operating in a battery off mode,
And transmit the selected AID to the reader device. The communication of claim 13, wherein the first financial application interacts with the communication device to request entry of a personal identification number (PIN) on the communication device, the second financial application emulating a contactless credit card. Device. Receiving from the reader a request for an application identifier (AID) corresponding to an application requesting user input;
Determining a power mode of the NFC device;
In response to determining that the NFC device is operating in a full power mode, sending a first message to the reader device indicating availability of applications requiring user input on a host device coupled to the NFC device; And
In response to determining that the NFC device is operating in a battery off mode, sending a second message to the reader device indicating availability of applications that do not require user input on the host device.

Images