Patents by Inventor Jean-Marc Padova
Jean-Marc Padova has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11943624Abstract: Embodiments described herein relate to eligibility checking for transfer of one or more electronic subscriber identity modules (eSIMs) between two mobile wireless devices. Eligibility to transfer an eSIM to an eUICC of a target device can depend on whether the eUICC of the target device satisfies certain security requirements for the eSIMs to be transferred. The mobile wireless devices can obtain a transfer eligibility result based on communication with one or more network-based servers that can determine compatibility for eSIM transfer.Type: GrantFiled: September 23, 2022Date of Patent: March 26, 2024Assignee: Apple Inc.Inventors: Jean-Marc Padova, Xiangying Yang
-
Patent number: 11736273Abstract: Embodiments described herein relate to credential wrapping for secure transfer of electronic SIMs (eSIMs) between wireless devices. Transfer of an eSIM from a source device to a target device includes re-encryption of sensitive eSIM data, e.g., eSIM encryption keys, financial transaction credentials, transit authority credentials, and the like, using new encryption keys that include ephemeral elements applicable to a single, particular transfer session between the source device and the target device. The sensitive eSIM data encrypted with a symmetric key (Ks) is re-wrapped with a new header that includes a version of Ks encrypted with a new key encryption key (KEK) and information to derive KEK by the target device. The re-encrypted sensitive SIM data is formatted with additional eSIM data into a new bound profile package (BPP) to transfer the eSIM from the source device to the target device.Type: GrantFiled: August 16, 2022Date of Patent: August 22, 2023Assignee: Apple Inc.Inventors: Xiangying Yang, Jean-Marc Padova
-
Patent number: 11736948Abstract: Embodiments described herein relate to eligibility checking for transfer of one or more electronic subscriber identity modules (eSIMs) between two mobile wireless devices. Eligibility to transfer an eSIM to an eUICC of a target device can depend on whether the eUICC of the target device satisfies certain security requirements for the eSIMs to be transferred. The mobile wireless devices can obtain a transfer eligibility result based on communication with one or more network-based servers that can determine compatibility for eSIM transfer.Type: GrantFiled: January 12, 2021Date of Patent: August 22, 2023Assignee: Apple Inc.Inventors: Jean-Marc Padova, Xiangying Yang
-
Publication number: 20230171585Abstract: Systems and methods for facilitating transfer of an eSIM subscription from a source device to a target device. In one embodiment, a source device includes a transceiver and a processor system. The processor system includes an eUICC configured to store an eSIM associated with an eSIM subscription. The processor system is configured to transmit, via the transceiver and to an eSIM subscription manager server, a request for an eSIM subscription transfer activation code; receive, via the transceiver and at least partly in response to the request, a server nonce; generate a signed payload using the server nonce and source device information; transmit, via the transceiver and to the eSIM subscription manager server, the signed payload; receive, via the transceiver and in response to transmitting the signed payload, the eSIM subscription transfer activation code; and provide the eSIM subscription transfer activation code to the target device or a user thereof.Type: ApplicationFiled: November 30, 2022Publication date: June 1, 2023Inventors: Jean-Marc Padova, Hyewon Lee, Li Li, Raj S. Chaugule, Xiangying Yang
-
Publication number: 20230020828Abstract: This application describes a phased approach to provision eSIM profiles to a wireless device. Credentials are preloaded to an eUICC during manufacture of the eUICC and used subsequently to load eSIM profiles to the eUICC without requiring an active, real-time connection to an MNO provisioning server. Multiple bound profile packages (BPPs) can be pre-generated and encrypted by MNO provisioning servers for an eUICC and transferred to a BPP aggregator server before assembly of the eUICC in a respective wireless device. A local provisioning server in a manufacturing facility mutually authenticates and connects to the BPP aggregator server to download and store one or more of the encrypted BPPs for later installation on the eUICC. The local provisioning server subsequently mutually authenticates and connects to the eUICC to load at least one of the one or more pre-generated, encrypted BPPs to the eUICC during assembly and/or testing of the wireless device.Type: ApplicationFiled: September 23, 2022Publication date: January 19, 2023Inventors: Li LI, Jean-Marc PADOVA, Najeeb M. ABDULRAHIMAN
-
Publication number: 20230013030Abstract: Embodiments described herein relate to eligibility checking for transfer of one or more electronic subscriber identity modules (eSIMs) between two mobile wireless devices. Eligibility to transfer an eSIM to an eUICC of a target device can depend on whether the eUICC of the target device satisfies certain security requirements for the eSIMs to be transferred. The mobile wireless devices can obtain a transfer eligibility result based on communication with one or more network-based servers that can determine compatibility for eSIM transfer.Type: ApplicationFiled: September 23, 2022Publication date: January 19, 2023Inventors: Jean-Marc PADOVA, Xiangying YANG
-
Publication number: 20220399993Abstract: Embodiments described herein relate to credential wrapping for secure transfer of electronic SIMs (eSIMs) between wireless devices. Transfer of an eSIM from a source device to a target device includes re-encryption of sensitive eSIM data, e.g., eSIM encryption keys, financial transaction credentials, transit authority credentials, and the like, using new encryption keys that include ephemeral elements applicable to a single, particular transfer session between the source device and the target device. The sensitive eSIM data encrypted with a symmetric key (Ks) is re-wrapped with a new header that includes a version of Ks encrypted with a new key encryption key (KEK) and information to derive KEK by the target device. The re-encrypted sensitive SIM data is formatted with additional eSIM data into a new bound profile package (BPP) to transfer the eSIM from the source device to the target device.Type: ApplicationFiled: August 16, 2022Publication date: December 15, 2022Inventors: Xiangying YANG, Jean-Marc PADOVA
-
Patent number: 11516003Abstract: Embodiments described herein relate to credential wrapping for secure transfer of electronic SIMs (eSIMs) between wireless devices. Transfer of an eSIM from a source device to a target device includes re-encryption of sensitive eSIM data, e.g., eSIM encryption keys, financial transaction credentials, transit authority credentials, and the like, using new encryption keys that include ephemeral elements applicable to a single, particular transfer session between the source device and the target device. The sensitive eSIM data encrypted with a symmetric key (Ks) is re-wrapped with a new header that includes a version of Ks encrypted with a new key encryption key (KEK) and information to derive KEK by the target device. The re-encrypted sensitive SIM data is formatted with additional eSIM data into a new bound profile package (BPP) to transfer the eSIM from the source device to the target device.Type: GrantFiled: March 24, 2021Date of Patent: November 29, 2022Assignee: Apple Inc.Inventors: Xiangying Yang, Jean-Marc Padova
-
Publication number: 20220360978Abstract: This application describes a phased approach to provision eSIM profiles to a wireless device. Credentials are preloaded to an eUICC during manufacture of the eUICC and used subsequently to load eSIM profiles to the eUICC without requiring an active, real-time connection to an MNO provisioning server. Multiple bound profile packages (BPPs) can be pre-generated and encrypted by MNO provisioning servers for an eUICC and transferred to a BPP aggregator server before assembly of the eUICC in a respective wireless device. A local provisioning server in a manufacturing facility mutually authenticates and connects to the BPP aggregator server to download and store one or more of the encrypted BPPs for later installation on the eUICC. The local provisioning server subsequently mutually authenticates and connects to the eUICC to load at least one of the one or more pre-generated, encrypted BPPs to the eUICC during assembly and/or testing of the wireless device.Type: ApplicationFiled: May 9, 2022Publication date: November 10, 2022Inventors: Li LI, Jean-Marc PADOVA, Najeeb M. ABDULRAHIMAN
-
Publication number: 20220329372Abstract: Techniques for managing logical channel communication for multiple electronic subscriber identity module (eSIM) profiles installed on an embedded universal integrated circuit card (eUICC), including mapping of logical channel identifier values between different logical channel labeling schemes are described herein. In a first scheme, logical channels are identified using logical channel values alone. In a second scheme, logical channels are identified using a combination of eSIM port value and channel values. An interpreter in the eUICC and/or in processing circuitry external to the eUICC can map between the logical channel labeling schemes to allow internal state machines in the eUICC and/or the processing circuitry to use the first scheme for identifying logical channels.Type: ApplicationFiled: April 7, 2022Publication date: October 13, 2022Inventors: Hyewon LEE, Jean-Marc PADOVA, Li LI, Xiangying YANG
-
Publication number: 20220295276Abstract: This application sets forth techniques for authenticating a mobile device with a cellular wireless network without electronic Subscriber Identity Module (eSIM) credentials by using an Extensible Authentication Protocol Transport Layer Security (EAP-TLS) procedure. The mobile device authenticates with an Authentication Server Function (AUSF) of the cellular wireless network using an embedded Universal Integrated Circuit Card (eUICC) certificate. Processing circuitry of the mobile wireless device external to the eUICC implements the EAP-TLS procedure and authenticates validity of the AUSF. In some embodiments, the eUICC provides key generation and storage for a session key for communication between the mobile device and the cellular wireless network.Type: ApplicationFiled: August 18, 2019Publication date: September 15, 2022Inventors: Xiangying YANG, Jean-Marc PADOVA, Li LI, Shu GUO
-
Publication number: 20210314148Abstract: Embodiments described herein relate to credential wrapping for secure transfer of electronic SIMs (eSIMs) between wireless devices. Transfer of an eSIM from a source device to a target device includes re-encryption of sensitive eSIM data, e.g., eSIM encryption keys, financial transaction credentials, transit authority credentials, and the like, using new encryption keys that include ephemeral elements applicable to a single, particular transfer session between the source device and the target device. The sensitive eSIM data encrypted with a symmetric key (Ks) is re-wrapped with a new header that includes a version of Ks encrypted with a new key encryption key (KEK) and information to derive KEK by the target device. The re-encrypted sensitive SIM data is formatted with additional eSIM data into a new bound profile package (BPP) to transfer the eSIM from the source device to the target device.Type: ApplicationFiled: March 24, 2021Publication date: October 7, 2021Inventors: Xiangying YANG, Jean-Marc PADOVA
-
Patent number: 11102017Abstract: Duplicate processing of events registered at a root server is avoided. An electronic subscriber identity module (eSIM) server pushes, to a root server, data in the form of notification data portions indicating that commands or events need to be processed by a device. The device includes an embedded universal integrated circuit card (eUICC). The device pulls a notification list from the root server. The notification list includes one or more notification data portions. The device checks a given notification data portion to see if it represents a duplicate before communicating with the eSIM server to perform further processing related to the event. The device bases the check for duplication on an event history and/or on a hash value where the hash value is based on one or more eSIMs installed in the eUICC. The device is able to prioritize notification data portions before processing them.Type: GrantFiled: April 6, 2020Date of Patent: August 24, 2021Assignee: Apple Inc.Inventors: Xiangying Yang, Li Li, Avinash Narasimhan, Jean-Marc Padova
-
Publication number: 20210219142Abstract: Embodiments described herein relate to eligibility checking for transfer of one or more electronic subscriber identity modules (eSIMs) between two mobile wireless devices. Eligibility to transfer an eSIM to an eUICC of a target device can depend on whether the eUICC of the target device satisfies certain security requirements for the eSIMs to be transferred. The mobile wireless devices can obtain a transfer eligibility result based on communication with one or more network-based servers that can determine compatibility for eSIM transfer.Type: ApplicationFiled: January 12, 2021Publication date: July 15, 2021Inventors: Jean-Marc PADOVA, Xiangying YANG
-
Patent number: 10985926Abstract: Embodiments provided herein identify a certificate issuer (CI) to be relied on as a trusted third party by an electronic subscriber identity module (eSIM) server in remote SIM provisioning (RSP) transactions with an embedded universal integrated circuit card (eUICC). In an RSP ecosystem, multiple CIs may exist. Parties rely on public key infrastructure (PKI) techniques for establishment of trust. Trust may be established based on a trusted third party such as a CI. Parties need to agree on the CI in order for some PKI techniques to be useful. Embodiments provided herein describe approaches for an eUICC and an eSIM server to arrive at an agreed-on CI. Candidate or negotiated CIs may be indicated on a public key identifier (PKID) list. A PKID list is distributed, in some embodiments, by means of a discovery server, via an activation code (AC) and/or during the establishment of a profile provisioning session.Type: GrantFiled: August 30, 2018Date of Patent: April 20, 2021Assignee: Apple Inc.Inventors: Xiangying Yang, Avinash Narasimhan, Li Li, David I. Ahn, Jean-Marc Padova, Clark P. Mueller, David T. Haggerty
-
Publication number: 20200304327Abstract: Duplicate processing of events registered at a root server is avoided. An electronic subscriber identity module (eSIM) server pushes, to a root server, data in the form of notification data portions indicating that commands or events need to be processed by a device. The device includes an embedded universal integrated circuit card (eUICC). The device pulls a notification list from the root server. The notification list includes one or more notification data portions. The device checks a given notification data portion to see if it represents a duplicate before communicating with the eSIM server to perform further processing related to the event. The device bases the check for duplication on an event history and/or on a hash value where the hash value is based on one or more eSIMs installed in the eUICC. The device is able to prioritize notification data portions before processing them.Type: ApplicationFiled: April 6, 2020Publication date: September 24, 2020Inventors: Xiangying YANG, Li LI, Avinash NARASIMHAN, Jean-Marc PADOVA
-
Patent number: 10645573Abstract: Methods, systems, and computer-readable medium for providing telecommunications carrier configuration at activation of a mobile device. In one implementation, a method is provided. The method includes receiving a request for activation of a mobile device, and during activation of the mobile device, determining for the mobile device a telecommunications carrier from a number of telecommunications carriers, and identifying information associated with the determined telecommunications carrier for configuring the mobile device.Type: GrantFiled: August 23, 2016Date of Patent: May 5, 2020Assignee: Apple Inc.Inventors: David Fleischman, Patrick Coffman, Jeremy Wyld, Gregory N. Christie, Jerrold Von Hauck, Audra Men-jhi Liu, Sebastien Sahuc, Muralidhar S. Vempaty, Shruti Chugh, Ashutosh Chaubey, Dallas De Atley, Jean-Marc Padova, Heath Culp, Bruno Posokhow, Brian Cassidy, John N. Lehner
-
Patent number: 10615990Abstract: Duplicate processing of events registered at a root server is avoided. An electronic subscriber identity module (eSIM) server pushes, to a root server, data in the form of notification data portions indicating that commands or events need to be processed by a device. The device includes an embedded universal integrated circuit card (eUICC). The device pulls a notification list from the root server. The notification list includes one or more notification data portions. The device checks a given notification data portion to see if it represents a duplicate before communicating with the eSIM server to perform further processing related to the event. The device bases the check for duplication on an event history and/or on a hash value where the hash value is based on one or more eSIMs installed in the eUICC. The device is able to prioritize notification data portions before processing them.Type: GrantFiled: May 22, 2017Date of Patent: April 7, 2020Assignee: Apple Inc.Inventors: Xiangying Yang, Li Li, Avinash Narasimhan, Jean-Marc Padova
-
Patent number: 10574465Abstract: Embodiments provided herein determine if an electronic subscriber identity module (eSIM) associated with a requested service can be installed in a secure element (SE) housed in a wireless device. Before requesting deployment of an eSIM suitable for the requested service from an eSIM delivery server, a carrier server asks that an original equipment manufacturer (OEM) server validate that an eSIM corresponding to a customer request should be deployed. The OEM server obtains information about the wireless device and information about the SE. When the carrier server requests validation, the OEM server evaluates the wireless device information and/or the SE information. If the OEM server indicates that deployment of the eSIM should proceed, the OEM server also indicates the eSIM type that is compatible with the wireless device and with the SE housed in the device.Type: GrantFiled: May 17, 2017Date of Patent: February 25, 2020Assignee: Apple Inc.Inventors: Li Li, Clark P. Mueller, Avinash Narasimhan, Arun G. Mathias, David T. Haggerty, Najeeb M. Abdulrahiman, Jean-Marc Padova
-
Patent number: 10470038Abstract: Methods, systems, and computer-readable medium for providing telecommunications carrier configuration at activation of a mobile device. In one implementation, a method is provided. The method includes receiving a request for activation of a mobile device, and during activation of the mobile device, determining for the mobile device a telecommunications carrier from a number of telecommunications carriers, and identifying information associated with the determined telecommunications carrier for configuring the mobile device.Type: GrantFiled: August 23, 2016Date of Patent: November 5, 2019Assignee: Apple Inc.Inventors: David Fleischman, Patrick Coffman, Jeremy Wyld, Gregory N. Christie, Jerrold Von Hauck, Audra Men-jhi Liu, Sebastien Sahuc, Muralidhar S. Vempaty, Shruti Chugh, Ashutosh Chaubey, Dallas De Atley, Jean-Marc Padova, Heath Culp, Bruno Posokhow, Brian Cassidy, John N. Lehner