Abstract: In order to facilitate conducting a financial transaction via wireless communication between an electronic device (such as a smartphone) and another electronic device (such as another smartphone), a secure element in the electronic device may generate, using an encryption key associated with the secure element, a signed blob based on a transaction amount and a merchant identifier. Then, the electronic device communicates connection information between the electronic device and the other electronic device. Moreover, the electronic device may establish a connection between the electronic device and the other electronic device based on the connection information, and may concurrently provide the signed blob to the other electronic device. After receiving a signed transaction blob from the other electronic device using the connection (which includes information needed to conduct the financial transaction), the electronic device provides the information to a server to conduct the financial transaction.

Abstract: Methods and apparatus for the deployment of financial instruments and other assets are disclosed. In one embodiment, a security software protocol is disclosed that guarantees that the asset is always securely encrypted, that one and only one copy of an asset exists, and the asset is delivered to an authenticated and/or authorized customer. Additionally, exemplary embodiments of provisioning systems are disclosed that are capable of, among other things, handling large bursts of traffic (such as can occur on a so-called “launch day” of a device).

Abstract: Disclosed is system and method for mixed reality world that incorporates a holographic button (e.g., a 3D object) that can be downloaded from the website of a provider of a good, data content, or a service (item). The holographic button enables a user in the mixed reality world to order the item by interacting with the holographic button. The user in the mixed reality world can place the holographic button relative to a relevant real-world object. Whenever the user interacts with the real-world object through their mixed reality world (i.e., virtual interaction with the real-world object), the holographic button can appear with that real-word object, allowing the user to order the item associated with the holographic button.

Abstract: Systems, methods, and computer-readable media for provisioning multiple credentials of a multi-scheme card on an electronic device for selective use in a secure transaction are provided.

Abstract: Systems and methods for validating and applying modifications to a policy control function (PCF) of a station. The methods include generating a PCF package including a modification to a PCF, and determining whether the PCF package is to be transmitted to the station by a first or second entity. The methods further include when the PCF package is to be transmitted by the first entity, including a first signature of the first entity in a deliverer field of the PCF package, and when the PCF package is to be transmitted by the second entity, including the first signature in an owner field and a second signature of the second entity in the deliverer field. The methods further include receiving the PCF package from the first or second entity, determining whether the PCF package is valid, and applying the modification to the PCF when it is determined the PCF package is valid.

Abstract: Systems, methods, and computer-readable media for logging secure element updates of an electronic device are provided. In one example embodiment, a method, at a secure element including a previously-installed secure element asset, includes, inter alia, receiving an update package, uninstalling the previously-installed secure element asset based on the received update package, installing a new secure element asset based on the received update package, and updating at least one of a counter on the secure element and a log on the secure element based on the installation of the new secure element asset. Additional embodiments are also provided.

Abstract: In order to facilitate conducting a financial transaction via wireless communication between an electronic device (such as a smartphone) and another electronic device (such as another smartphone), a secure element in the electronic device may generate, using an encryption key associated with the secure element, a signed blob based on a transaction amount and a merchant identifier. Then, the electronic device communicates connection information between the electronic device and the other electronic device. Moreover, the electronic device may establish a connection between the electronic device and the other electronic device based on the connection information, and may concurrently provide the signed blob to the other electronic device. After receiving a signed transaction blob from the other electronic device using the connection (which includes information needed to conduct the financial transaction), the electronic device provides the information to a server to conduct the financial transaction.

Abstract: Disclosed is system and method for mixed reality world that incorporates a holographic button (e.g., a 3D object) that can be downloaded from the website of a provider of a good, data content, or a service (item). The holographic button enables a user in the mixed reality world to order the item by interacting with the holographic button. The user in the mixed reality world can place the holographic button relative to a relevant real-world object. Whenever the user interacts with the real-world object through their mixed reality world (i.e., virtual interaction with the real-world object), the holographic button can appear with that real-word object, allowing the user to order the item associated with the holographic button.

Abstract: In order to facilitate conducting a financial transaction via wireless communication between an electronic device (such as a smartphone) and another electronic device (such as another smartphone), a secure element in the electronic device may generate, using an encryption key associated with the secure element, a signed blob based on a transaction amount and a merchant identifier. Then, the electronic device communicates connection information between the electronic device and the other electronic device. Moreover, the electronic device may establish a connection between the electronic device and the other electronic device based on the connection information, and may concurrently provide the signed blob to the other electronic device. After receiving a signed transaction blob from the other electronic device using the connection (which includes information needed to conduct the financial transaction), the electronic device provides the information to a server to conduct the financial transaction.

Abstract: Disclosed herein is a technique for managing one or more electronic Subscriber Identity Modules (eSIMs) on an embedded UICC (eUICC). In particular, the technique involves leveraging the GlobalPlatform™ Specification and/or other telecommunication standards to support the eSIMs on the eUICC. Each eUICC can include an Issuer Security Domain (ISD) owned by a device manufacturer and an eSIM manager that manages the plurality of eSIMs on the eUICC. Notably, binaries of one or more applications shared between different eSIMs can be standardized and stored in a manner that enables each eSIM to utilize the one or more applications (via the eSIM manager) without needing to individually store the binaries. Using this approach, the overall size and complexity of each eSIM can be reduced, which can increase the amount of available memory within the eUICC as well as the overall performance of the eUICC.

Abstract: An electronic device (such as a cellular telephone) automatically installs and optionally personalizes a purposed application (which is sometimes referred to as an ‘applet’) on a secure element in the electronic device (which is sometimes referred to as ‘applet creation’). In particular, when a digitally signed installation package containing the applet is received from an installing device (such as a server), the secure element verifies the digital signature of the installation package using an encryption key associated with a vendor of the secure element. Then, the secure element installs the applet. In addition, the secure element may optionally export user data from another applet installed on the secure element. Moreover, the secure element may personalize the installed applet using the user data from the other applet. In this way, the electronic device provides a scalable installation solution while allowing personalization from the other applet.

Abstract: An electronic device (such as a cellular telephone) automatically installs and personalizes updates to an applet on a secure element in the electronic device. In particular, when a digitally signed update package containing the update is received from an updating device (such as a server), the secure element identifies any previous versions of the applet installed on the secure element. If there are any previously installed versions, the secure element verifies the digital signature of the update package using an encryption key associated with a vendor of the secure element. Then, the secure element uninstalls the previous versions of the applet and exports the associated user data. Next, the secure element installs the update to the applet, and personalizes the new version of the applet using the user data.

Abstract: Systems and methods for validating and applying modifications to a policy control function (PCF) of a station. The methods include generating a PCF package including a modification to a POE, and determining whether the PCF package is to be transmitted to the station by a first or second entity. The methods further include when the PCF package is to be transmitted by the first entity, including a first signature of the first entity in a deliverer field of the PCF package, and when the PCF package is to be transmitted by the second entity, including the first signature in an owner field and a second signature of the second entity in the deliverer field. The methods further include receiving the PCF package from the first or second entity, determining whether the PCF package is valid, and applying the modification to the PCF when it is determined the PCF package is valid.

Abstract: Methods and apparatus for the deployment of financial instruments and other assets are disclosed. In one embodiment, a security software protocol is disclosed that guarantees that the asset is always securely encrypted, that one and only one copy of an asset exists, and the asset is delivered to an authenticated and/or authorized customer. Additionally, exemplary embodiments of provisioning systems are disclosed that are capable of, among other things, handling large bursts of traffic (such as can occur on a so-called “launch day” of a device).

Abstract: Systems and methods for validating and applying modifications to a policy control function (PCF) of a station. The methods include generating a PCF package including a modification to a PCF, and determining whether the PCF package is to be transmitted to the station by a first or second entity. The methods further include when the PCF package is to be transmitted by the first entity, including a first signature of the first entity in a deliverer field of the PCF package, and when the PCF package is to be transmitted by the second entity, including the first signature in an owner field and a second signature of the second entity in the deliverer field. The methods further include receiving the PCF package from the first or second entity, determining whether the PCF package is valid, and applying the modification to the PCF when it is determined the PCF package is valid.

Abstract: Methods and apparatus for the deployment of financial instruments and other assets are disclosed. In one embodiment, a security software protocol is disclosed that guarantees that the asset is always securely encrypted, that one and only one copy of an asset exists, and the asset is delivered to an authenticated and/or authorized customer. Additionally, exemplary embodiments of provisioning systems are disclosed that are capable of, among other things, handling large bursts of traffic (such as can occur on a so-called “launch day” of a device).

Abstract: Disclosed herein is a technique for managing one or more electronic Subscriber Identity Modules (eSIMs) on an embedded UICC (eUICC). In particular, the technique involves leveraging the GlobalPlatform™ Specification and/or other telecommunication standards to support the eSIMs on the eUICC. Each eUICC can include an Issuer Security Domain (ISD) owned by a device manufacturer and an eSIM manager that manages the plurality of eSIMs on the eUICC. Notably, binaries of one or more applications shared between different eSIMs can be standardized and stored in a manner that enables each eSIM to utilize the one or more applications (via the eSIM manager) without needing to individually store the binaries. Using this approach, the overall size and complexity of each eSIM can be reduced, which can increase the amount of available memory within the eUICC as well as the overall performance of the eUICC.

Abstract: An electronic device (such as a cellular telephone) automatically installs and personalizes updates to an applet on a secure element in the electronic device. In particular, when a digitally signed update package containing the update is received from an updating device (such as a server), the secure element identifies any previous versions of the applet installed on the secure element. If there are any previously installed versions, the secure element verifies the digital signature of the update package using an encryption key associated with a vendor of the secure element. Then, the secure element uninstalls the previous versions of the applet and exports the associated user data. Next, the secure element installs the update to the applet, and personalizes the new version of the applet using the user data.

Abstract: Disclosed herein is a technique for managing one or more electronic Subscriber Identity Modules (eSIMs) on an embedded UICC (eUICC). In particular, the technique involves leveraging the GlobalPlatform™ Specification and/or other telecommunication standards to support the eSIMs on the eUICC. Each eUICC can include an Issuer Security Domain (ISD) owned by a device manufacturer and an eSIM manager that manages the plurality of eSIMs on the eUICC. Notably, binaries of one or more applications shared between different eSIMs can be standardized and stored in a manner that enables each eSIM to utilize the one or more applications (via the eSIM manager) without needing to individually store the binaries. Using this approach, the overall size and complexity of each eSIM can be reduced, which can increase the amount of available memory within the eUICC as well as the overall performance of the eUICC.

Abstract: Systems, methods, and computer-readable media for provisioning multiple credentials of a multi-scheme card on an electronic device for selective use in a secure transaction are provided.