TREA

Providing secure access to smart card applications

Follow

Information

  • Patent Grant
  • 9883381
  • Patent Number
    9,883,381
  • Date Filed
    Tuesday, October 2, 2007
    16 years ago
  • Date Issued
    Tuesday, January 30, 2018
    6 years ago
Information
Abstract
A method is provided for secure access to a smart card application. An alert is received related to a mobile device having the smart card application. Access by the mobile device to the smart card application is restricted responsive to receiving the alert.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS

None.


STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT

Not applicable.


REFERENCE TO A MICROFICHE APPENDIX

Not applicable.


BACKGROUND

Transaction devices are portable items that store data, such as credit cards, debit cards, gift cards, access cards, and cards for various prepaid services or goods. Magnetically encoded transaction devices typically store data in a magnetic strip. “Smart cards” are transaction devices that store data in nonvolatile memory, and typically contain data processing circuitry that offers some degree of computing capacity.


A smart card may be a “proximity read” transit card, which may communicate with a card reader without physically contacting the card reader. Communication between a proximity read smart card and various types of card readers may occur via a radio frequency signal, optical signal, wireless internet connection, or other communication method known in the art or hereafter developed. As an owner or a user of a smart card passes through a fare gate, a card reader may cause value to be automatically deducted from value stored on the smart card.


A mobile device, such as a mobile phone, may include a smart card. Thus, if a card reader is present at a location where commercial transactions occur or where proximity read smart cards are used, the smart card in the mobile device may make payments, provide access to restricted areas, and perform other functions or transactions typically performed by smart cards. A mobile device may implement the functionality of multiple smart cards by containing a super-smart card, a smart card that emulates or enables multiple smart cards by containing multiple smart card applications. A smart card application is the software, hardware, or combination of both that provides the capability of a smart card. Multiple smart card applications on a smart card enable the smart card to emulate multiple smart cards. A smart card application provider may issue both a smart card application for a mobile device and a physical smart card. However, if the owner of a mobile device containing a smart card application loses the mobile device or has the mobile device stolen, whoever has the mobile device can use the smart card application to make unauthorized purchases or gain unauthorized access to restricted areas.


SUMMARY

The present disclosure provides systems and methods for providing secure access to a smart card application. In some embodiments, an alert is received related to a mobile device having the smart card application. Access by the mobile device to the smart card application is restricted responsive to receiving the alert.


In some embodiments, the system includes a server and a component on the mobile device to restrict access to a smart card application on the mobile device. The server receives an alert related to the smart card application on the mobile device from a smart card application provider. The server promotes restricting access to the smart card application, via the component.


In some embodiments, a determination is made whether a mobile device that includes a smart card application is out of communication with a server during a period of time. Access to the smart card application is restricted in response to a determination that the mobile device is out of communication with the server during the period of time.


These and other features will be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings and claims.





BRIEF DESCRIPTION OF THE DRAWINGS

For a more complete understanding of this disclosure, reference is now made to the following brief description, taken in connection with the accompanying drawings and detailed description, wherein like reference numerals represent like parts.



FIG. 1 shows a block diagram of a system for a providing secure access to smart card applications according to some embodiments of the present disclosure.



FIG. 2 shows a flowchart of a method for providing secure access to smart card applications according to some embodiments of the present disclosure.



FIG. 3 shows a flowchart of another method for providing secure access to smart card applications according to some embodiments of the present disclosure.



FIG. 4 shows an illustrative wireless communications system.



FIG. 5 shows a block diagram of an illustrative mobile device.



FIG. 6 shows a block diagram of an illustrative software configuration for a mobile device according to some embodiments of the present disclosure.



FIG. 7 illustrates an exemplary general purpose computer system suitable for implementing the several embodiments of the disclosure.





DETAILED DESCRIPTION

It should be understood at the outset that although an illustrative implementation of one or more embodiments are provided below, the disclosed systems and/or methods may be implemented using any number of techniques, whether currently known or in existence. The disclosure should in no way be limited to the illustrative implementations, drawings, and techniques illustrated below, including the exemplary designs and implementations illustrated and described herein, but may be modified within the scope of the appended claims along with their full scope of equivalents.


In some embodiments of the present disclosure, a mobile device's owner can use a computer or a telephone to submit an alert for a mobile device that contains a smart card application. The alert can report the mobile device as lost or stolen. As a result of receiving this alert, access to the smart card application is restricted. The access can be restricted by requiring a personal identification number (PIN) to access the smart card application, transferring digital cash from the smart card application, suspending the smart card application until an update of the mobile device's status is received, or deletion of the smart card application. After access to the smart card application is restricted, the mobile device can be deactivated.


In some embodiments of the present disclosure, the system includes both a server and a mobile device that includes the smart card application. The server receives an alert for the smart card application from a smart card application provider that may have received the alert from the mobile device user. The smart card application provider may also submit an alert that identifies fraudulent activity using the smart card application, or fraudulent activity with the corresponding user's account, such as after the corresponding plastic card in a leather wallet has been stolen. The server restricts access to the smart card application, and conveys the alert to another smart card application provider based on a record of the mobile device's smart card applications. Therefore, when the mobile device owner alerts only one smart card application provider about a missing mobile device, the alert is conveyed to the server for the mobile device. The server can restrict access to the smart card applications and forward the alert to all of the other smart card application providers for the mobile device even if the mobile device owner cannot immediately remember the other smart card application providers.


In other embodiments of the present disclosure, a determination is made whether a mobile device that includes a smart card application is out of communication with a server during a period of time. A mobile device thief may disable the mobile device's communications to prevent a server from restricting access to the smart card application after the mobile device is reported as missing. If the mobile device cannot communicate with the server during the specified period of time, such as an hour, access to the smart card application is restricted. The restriction may require the entry of a PIN selected by the mobile device owner to access the smart card application, a PIN that a mobile device thief is unlikely to know. This restriction can benefit the mobile device's owner by preventing fraudulent activity before the owner has time to report the theft to the smart card application provider, or even before the owner realizes that the mobile device has been stolen.



FIG. 1 shows a block diagram of a system for providing secure access to smart card applications according to an embodiment of the present disclosure. A mobile device 100 may include a secure element 102, which may include a smart card manager 104. The secure element 102 may be a smart card, a security information management (SIM) component, or other type of security device. The smart card manager 104 may activate, deactivate, and assist a mobile device owner or user in managing smart card applications for a transaction, such as a first smart card application 106, a second smart card application 108, a third smart card application 110, and a transit card application 112 on the secure element 102. The transit card application 112 is a smart card application that can include digital cash. If the mobile device 100 that includes the transit card application 112 is lost or stolen, access to the digital cash on the transit card application 112 is lost for the mobile device owner. Therefore, the result of losing any mobile device 100 that includes digital cash can be similar to losing physical cash. Embodiments of the present disclosure may transfer digital cash from the transit card application 112 and similar applications if the mobile device 100 is reported as lost or stolen. The smart card applications 106-110 can be either a loyalty card, an identification card, a credit card, a security card, a debit card, a bank account card, or a cash card. While four smart card applications are shown in FIG. 1, other numbers are also contemplated.


The mobile device 100 may include a radio frequency (RF) transaction component 114 to enable the secure element 102 to communicate with a vendor device by radio frequency, optical, infra-red, wired, magnetic “contact reader,” or other known or hereafter developed communications. The vendor device may be point of sale, security, or any other vendor transaction device, such as a reader 116. The security for the secure element 102 may be enabled by hardware or software components on the mobile device 100, as part of the secure element 102, or combinations of both.


The ISO/IEC 7816 and ISO/IEC 7810 series of standards for contact smart cards define: the physical shape, the positions and shapes of the electrical connectors, the electrical characteristics, the communications protocols, the format of the commands sent to the card and the responses returned by the card, robustness of the card, and the functionality. The standard for contactless smart card communications is ISO/IEC 14443, dated 2001. An alternative standard for contactless smart cards is ISO 15693, which allows communications at distances up to 50 cm. However, systems applying other standards may be used and are within the spirit and scope of the present disclosure.


The mobile device 100 contains a card controller 118 and an electronic wallet 120. The card controller 118 may enable the electronic wallet 120 to communicate with the smart card manager 104 on the secure element 102. The card controller 118 is responsible for accessing the hardware registers of the smart card manager 104 and often includes an interrupt handler to service interrupts generated by the smart card manager 104. The electronic wallet 120 is an application that, in addition to providing the mobile device user with information regarding smart card applications 106-112, may enable the user to access and select smart card applications on the secure element 102 for use in carrying out transactions. The electronic wallet 120 contains or has access to a set of context-based rules 122. The electronic wallet 120 may process the rules 122 and context information to determine which of the smart card applications 106-112 are appropriate for a transaction.


The mobile device 100 may also include a user interface 124, which enables an owner or user of the mobile device 100 to enter input to and receive output from the mobile device 100. The mobile device 100 may also communicate with a server 126 for mobile device communication. The server 126 may activate, deactivate, and assist an owner in managing smart card applications. The server 126 can operate automatically, function with human intervention as part of a customer service system, or any combination thereof. The mobile device 100, the user interface 124, and the server 126 are described in more detail below in reference to FIGS. 4 to 7.


The mobile device owner may use either a computer 128 or a telephone 130 to send an alert to the server 126, to alert the server 126 when the mobile device 100 has been lost or stolen. The server 126 can forward the alert to a computer 132 associated with a smart card application provider and a computer 134 associated with a transit card application provider. The computer 132 and the computer 134 can each operate automatically, function with human intervention as parts of customer service systems, or any combination thereof. Alternatively, the mobile device owner can send the alert to both the computers 132 and 134. Furthermore, the computer 132 for the smart card application provider can forward an alert from the mobile device owner to the server 126, where the alert specifies either a missing mobile device 100 containing at least one smart card application or fraudulent activity using the smart card application. The server 126 can forward the alert from the computer 132 to the computer 134 for the transit card application provider, which can instruct the reader 116 to not use or authorize the smart card application transaction.



FIG. 2 is a flowchart illustrating an embodiment of providing secure access to smart card applications according to an embodiment of the present disclosure. A mobile device owner may use the method to provide secure access to smart card applications.


In box 202, the server receives an alert related to a mobile device that contains a smart card application. For example, the owner for the mobile device 100 containing the smart card applications 106-112 submits an alert to the server 126. The mobile device owner can submit the alert via the computer 128 or the telephone 130. Alternatively, the server 126 can receive the alert from the computer 132 for the smart card application provider if the mobile device owner has already sent the alert to the computer 132. Additionally, the computer 132 can submit the alert to the server 126 if the computer 132 detects fraudulent activity using any of the smart card applications 106-112.


In box 204, the server restricts access to the smart card application. For example, the server 126 can communicate with the mobile device 100 over the air to restrict access to the smart card applications 106-112 in a variety of ways. The server 126 can instruct the mobile device 100 to require access enabling information, such as entry of a PIN, to access the smart card applications 106-112.


The server 126 can also transfer any digital cash from the smart card applications 106-112 back to the server 126 for future use by the mobile device owner. For example, the server 126 can transfer or otherwise adjust or credit $50.00 from the transit card application 112 back to the server 126, such that the loss of the mobile device 100 does not result in a loss of the $50.00 in digital cash on the transit card application 112 for the mobile device owner.


The server 126 can instruct the mobile device 100 to suspend use of the smart card applications 106-112 until receipt of an update. For example, because the mobile device owner believes that he left his mobile device 100 at a friend's house, the mobile device owner does not want to delete the smart card applications 106-112 from the mobile device 100. If the mobile device owner finds his mobile device 100 at his friend's home, the mobile device owner does not want to contact all of the smart card application providers and participate in the lengthy re-provisioning process that would be required after deleting the smart card applications 106-112 from the mobile device 100. If the mobile device owner subsequently sends an update to the server 126 specifying that the mobile device 100 has been located, the server 126 can lift the suspension on the use of the smart card applications 106-112. If the mobile device owner subsequently sends an update to the server 126 specifying that the mobile device 100 was not located, the server 126 can keep the smart card applications 106-112 in indefinite suspension, or restrict access to the smart card applications 106-112 in any other way that is chosen by the owner.


The server 126 can have the option of suspending the use of only the smart card applications 106-112 that are not protected by a requirement for access enabling information, such as entry of a PIN. The mobile device owner may have selected to protect major credit cards by requiring a PIN to prevent expensive purchases if the mobile device 100 is lost or stolen. However, the mobile device owner may have also selected to not protect the transit card application 112 with a PIN requirement because the mobile device owner wants to quickly access a subway system without having to stop and enter a PIN. Additionally, the mobile device owner may have also selected to not protect the third smart card application 110 with a PIN requirement because the mobile device user wants to conveniently purchase coffee at a coffee shop with the third smart card application 110, which has a maximum value of only $25.00.


The server 126 can instruct the mobile device 100 to delete the smart card applications 106-112. For example, if the mobile device owner knows that the mobile device 100 is stolen, the mobile device owner can select to delete the smart card applications 106-112 because of the small possibility of recovering the stolen mobile device 100. The mobile device owner may have already selected the option of deleting only the smart card applications 106-112 that are not protected by a requirement for access enabling information such as a PIN.


In box 206, the server deactivates the mobile device. For example, the server 126 deactivates the mobile device 100 after transferring digital cash from the transit card application 112, requiring a PIN to access the first smart card application 106, suspending the second smart card application 108, and deleting the third smart card application 110. As illustrated by this example, the mobile device owner can specify different access restrictions for each of the smart card applications 106-112.


In box 208, the server conveys the alert and a mobile device identifier to a smart card application provider based on a record of smart card applications for the mobile device. For example, the server 126 conveys the alert and a mobile device identifier to the computer 132 for a smart card application provider based on a record of the mobile device's 100 smart card applications. The server 126 may not have all of the account information for each smart card application, but providing the unique mobile device identifier may be sufficient for the smart card application provider to identify the relevant smart card application information for the mobile device owner. The alert may have been initially provided to the server 126 by the mobile device owner or by another smart card application provider, who may have been alerted by the mobile device owner.


The server 126 can convey the alert and the mobile device identifier only for the smart card applications 106-112 that are not protected by access enabling information. For example, the mobile device owner selects a PIN access requirement to protect the first smart card application 106 that can enable expensive purchases, but chooses not to protect the smart card applications 108-112 with a PIN requirement for convenience and because the smart card applications 108-112 are not capable of enabling expensive purchases.


The conveyed alert can request the computer 132 for the smart card provider or the computer 134 for the transit card application provider to instruct the card reader 116 to deny access for the smart card applications 106-112. For example, the mobile device owner may be concerned that the thief that stole the mobile device 100 has disabled communications for the mobile device 100. If the mobile device's 100 communications are disabled, the server 126 may not be able to communicate with the mobile device 100 to instruct the mobile device 100 to transfer digital cash or to protect, suspend, or delete the smart card applications 106-112. However, the alert can instruct the reader 116 to deny access for the smart card applications 106-112.


The alert can also initiate a request to re-provision the smart card application 106-112 to another mobile device 100. For example, when the mobile device owner has purchased or leased a replacement mobile device 100 for the stolen mobile device 100, the mobile device owner can submit an alert that requests for the server 126 to re-provision the smart card applications 106-112 to the replacement mobile device 100.


In box 210, the server optionally requires access enabling information for approving purchases over a specified amount by the smart card application. For example, the server 126 requires the entry of a PIN for approving purchases over a thousand dollars by the first smart card application 106. The mobile device owner may also use this option to prevent unauthorized expenses over a certain amount, such as for example if the mobile device owner loans his mobile device 100 to a child or friend, but has authorized an inexpensive purchase.


In box 212, the server optionally re-provisions the smart card application to another mobile device. For example, the server 126 re-provisions the smart card applications 106-112 to a replacement mobile device 100 as requested by the mobile device owner.



FIG. 3 is a flowchart illustrating an embodiment of providing secure access to smart card applications according to an embodiment of the present disclosure. The mobile device 100 may use the method to provide secure access to the smart card applications 106-112 when the mobile device 100 is not reported as missing, but may be out of communication.


In box 302, the mobile device including the smart card application determines whether the mobile device is out of communication with a server during a period of time. For example, the mobile device 100 containing the smart card applications 106-112 determines whether the mobile device 100 is out of communication with the server 126 for an hour. This may be useful in an instance, for example, when a mobile device thief has disabled communications between the mobile device 100 and the server 126 to prevent the server 126 from instructing the mobile device 100 to restrict access to the smart card applications 106-112. For example, if the current user of the mobile device 100 selects airplane mode, the mobile device 100 is not able to communicate with the server 126, but the smart applications 106-112 can still be used for transactions. If the mobile device 100 is out of communication with the server 126 during the specified period of time, the method continues to box 304. If the mobile device 100 can communicate with the server 126 during the specified period of time, the method returns to box 302 to continue periodic checking. When the mobile device 100 is out of communication with the server 126, the mobile device 100 may have disabled or suspended communication with the server 126.


In box 304, the mobile device comprising the smart card application restricts access to the smart card application in response to a determination that the mobile device is not communicating or responding to the server during a period of time. The restriction in access to the smart card applications 106-112 can be accomplished through any of the restrictions listed above in the description of box 204. For example, in response to a determination that the mobile device 100 does not communicate with the server 126 for one hour, the mobile device 100 requires the entry of a PIN previously selected by the mobile device owner to access the smart card applications 106-112.


The mobile device 100 may be out of communication with the server 126 for the specified period of time, such as when the mobile device owner is in a shopping mall. The mobile device 100 may still access the smart card applications 106-112 to make a purchase at the mall, provided that the mobile device owner meets the restricted access requirements, such as entering a PIN. This communication requirement maintains convenience of smart car application use for the mobile device owner, but with a protection against mobile device thieves. A mobile device thief may put the mobile device 100 in airplane mode in an attempt to prevent the server 126 from restricting access to the mobile device 100 based on the mobile device owner reporting the mobile device 100 as stolen. Although the mobile device 100 may not be out of communication with the server 126 for the normally specified period of time yet, the mobile device 100 may act immediately to restrict access to the smart card applications 106-112 when the mobile device 100 is in airplane mode. If the mobile device 100 is in airplane mode, the mobile device user is required to meet the restriction access requirements, such as entering a PIN, to access the smart card applications 106-112 to make a purchase, for example, while on an airplane.



FIG. 4 shows a wireless communications system which provides the context for the systems and methods of the present disclosure. The wireless communication system includes the mobile device 100. Though illustrated as a mobile phone, the mobile device 100 may take various forms including a personal digital assistant (PDA), a mobile computer, a digital camera, a digital music player, and an electronic key fob for keyless entry. Many suitable mobile devices combine some or all of these functions.


The mobile device 100 includes a display 402 and a touch-sensitive surface or keys 404 with which to interact with a user. The user interface 124 can include the display 402 and the keys 404. The mobile device 100 may present options for the user to select, controls for the user to actuate, and/or cursors or other indicators for the user to direct. The mobile device 100 may further accept data entry from the user, including numbers to dial or various parameter values for configuring the operation of the mobile device 100. The mobile device 100 may further execute one or more software or firmware applications in response to user commands. These applications may configure the mobile device 100 to perform various customized functions in response to user interaction.


The mobile device 100 may communicate through either a first cell tower 406 or a second cell tower 408 and through a wired or wireless network 410 to access information on various servers, such as the server 126. The server 126 may interact with a payment source server 412 through the wired network 410. While two servers are shown in FIG. 4, other servers could be present. The server 126 may act as a gateway to the payment source server 412, which may include information needed by the electronic wallet 120 to access smart card applications on the secure element 102. The payment source server 412 may interact with the server 126, which may communicate with the mobile device 100 through the wired network 410 and either the first cell tower 406 or the second cell tower 408 by a standard wireless telephony protocol (such as code division multiple access), a wireless internet connection, or some other means of wireless communication. The mobile device 100 may also communicate through the reader 116 for a transaction via either a contact communication or a contact-less communication. Additionally, the mobile device 100 may communicate with a global positioning satellite 414 to determine the location of the mobile device 100.


In some embodiments of the present disclosure, the mobile device 100 can execute a location fix technology to generate a location fix and use the location of the mobile device 100 as described in FIG. 4. For example, the mobile device 100 can execute a global positioning system (GPS) technology, a forward link triangulation technology, or a hybrid location fix technology to determine the location of the mobile device 100.


Global positioning system satellites transmit signals that are received by the mobile device 100. The mobile device 100 determines its position based on the different signals received from different satellites. The location accuracy is environment driven and dependant on the type of equipment used. The global positioning system technology is owned and operated by the U.S. Department of Defense, but is available for general use around the world.


Furthermore, the mobile device 100 can use forward link triangulation technology to determine its position based on the different radio frequency signals received from different cell towers, such as the first cell tower 406 and the second cell tower 408. In radio communications, a forward link is the link from a fixed location, such as the cell tower 406, to the mobile device 100. If the link includes a communications relay satellite, the forward link will consist of both an uplink from a base station to the satellite and a downlink from the satellite to the mobile device 100. Each serving cell tower broadcasts a system parameters information message to the mobile device 100. This message includes the longitude and the latitude of the serving cell tower. The radius covered by serving cell towers vary greatly, from hundreds of meters in dense urban areas to 20 miles or more in rural environments.


The forward link triangulation technology fixes the location of the mobile device 100 based on measurements taken of time and distance signals from nearby cell towers. The mobile device 100 reports the time and distance measurements to the network 410, then the network 410 triangulates a location fix of the mobile device 100, and reports the location fix back to mobile device 100. In general, more than three surrounding cell towers are preferred to triangulate an optimal location fix.


The mobile device 100 can use a hybrid technology to fix the location of the mobile device 100 based on a combination of other location fix technologies. For example, if the mobile device 100 is indoors, but close to a window, the global positioning system technology in combination with a cell tower location technology can calculate the location fix for the mobile device 100. When the mobile device 100 is indoors, the mobile device 100 may receive signals from an insufficient number of satellites to determine the position of the mobile device 100. However, the hybrid technology can combine the signals from the insufficient number of satellites with the cell tower location identified by the channel length modulation (CLM) to calculate a hybrid location fix for the mobile device 100.



FIG. 5 shows a block diagram of the mobile device 100. The mobile device 100 includes a digital signal processor (DSP) 502 and a memory 504. As shown, the mobile device 100 may further include an antenna and front end unit 506, a radio frequency (RF) transceiver 508, an analog baseband processing unit 510, a microphone 512, an earpiece speaker 514, a headset port 516, an input/output interface 518, a removable memory card 520, a universal serial bus (USB) port 522, an infrared port 524, a keypad 526, a liquid crystal display (LCD) with a touch sensitive surface 528, a touch screen/LCD controller 530, a global positioning system sensor 532, the secure element 102, the smart card manager 104 for the secure element 102, and the RF transaction component 114.


The DSP 502 or some other form of controller or central processing unit operates to control the various components of the mobile device 100 in accordance with embedded software or firmware stored in the memory 504. In addition to the embedded software or firmware, the DSP 502 may execute other applications stored in the memory 504 or made available via information carrier media such as portable data storage media like the removable memory card 520 or via wired or wireless network communications. The application software may comprise a compiled set of machine-readable instructions that configure the DSP 502 to provide the desired functionality, or the application software may be high-level software instructions to be processed by an interpreter or compiler to indirectly configure the DSP 502 to execute the methods described above for providing secure access to smart card applications.


The antenna and front end unit 506 may be provided to convert between wireless signals and electrical signals, enabling the mobile device 100 to send and receive information from a cellular network or some other available wireless communications network. The RF transceiver 508 may provide frequency shifting, e.g., converting received RF signals to baseband and converting baseband transmit signals to RF. The analog baseband processing unit 510 may provide channel equalization and signal demodulation to extract information from received signals, and may code and modulate information to create transmit signals, and may provide filtering for signals. To that end, the analog baseband processing unit 510 may have ports for connecting to the built-in microphone 512 and the earpiece speaker 514 that enable the mobile device 100 to be used as a cell phone.


The DSP 502 may send and receive digital communications with a wireless network via the analog baseband processing unit 510. The input/output interface 518 interconnects the DSP 502 and various memories and interfaces. The memory 504 and the removable memory card 520 may provide software and data to configure the operation of the DSP 502. Among the interfaces may be the USB port 522 and the infrared port 524. The infrared port 524 and other optional ports such as a Bluetooth interface or an IEEE 802.11 compliant wireless interface may enable the mobile device 100 to function as a smart card, communicating wirelessly with other nearby mobile devices 100 and/or wireless base stations. In some contemplated systems, the mobile device 100 is able to wirelessly exchange information at a point-of-sale when placed near a suitable transceiver, such as the reader 116.


The keypad 526 couples to the DSP 502 via the I/O interface 518 to provide one mechanism for the user to make selections, enter information, and otherwise provide input to the mobile device 100. Another input mechanism may be the touch screen display 528, which may also display text and/or graphics to the user. The display controller 530 couples the DSP 502 to the touch screen display 528. The GPS sensor 532 is coupled to the DSP 502 to decode global positioning system signals, thereby enabling the mobile device 100 to determine its position. Alternatively, GPS processing may be provided by a dedicated GPS chip or processor. Various other peripherals may also be included to provide additional functions, e.g., radio and television reception.



FIG. 6 illustrates a software environment 602 that may be implemented by the DSP 502. The DSP 502 executes operating system software 604 that provides a platform from which the rest of the software operates. The operating system generally provides processing resource management support. The operating system software 604 provides drivers for the mobile device hardware with standardized interfaces that are accessible to application software. The operating system software 604 may transfer control between applications running on the mobile device 100. Also shown in FIG. 6 are the card controller 118, JAVA applets 606, and the electronic wallet 120. The JAVA applets 606 may configure the mobile device 100 to browse the web, play music, play games, and provide utilities and other functionality.


The card controller 118 is a component that may be implemented as a hardware, firmware, or software device driver. Device drivers often form part of the lowest level of the operating system with which they are linked. Some systems have loadable device drivers which can be installed from files after the operating system is running. The electronic wallet 120 may obtain user input from the keys 404, the keypad 526 or the liquid crystal display (LCD) with a touch sensitive surface 528 through the touch screen/LCD controller 530, and may present output to a mobile device user through the display 402.


The system described above may be implemented on any general-purpose computer with sufficient processing power, memory resources, and network throughput capability to handle the necessary workload placed upon it. FIG. 7 illustrates a typical, general-purpose computer system, such as the server 126, suitable for implementing one or more embodiments disclosed herein. The computer system 780 includes a processor 782 (which may be referred to as a central processor unit or CPU) that is in communication with memory devices including secondary storage 784, read only memory (ROM) 786, random access memory (RAM) 788, input/output (I/O) devices 790, and network connectivity devices 792. The processor may be implemented as one or more CPU chips.


The secondary storage 784 is typically comprised of one or more disk drives or tape drives and is used for non-volatile storage of data and as an over-flow data storage device if RAM 788 is not large enough to hold all working data. Secondary storage 784 may be used to store programs which are loaded into RAM 788 when such programs are selected for execution. The ROM 786 is used to store instructions and perhaps data which are read during program execution. ROM 786 is a non-volatile memory device which typically has a small memory capacity relative to the larger memory capacity of secondary storage. The RAM 788 is used to store volatile data and perhaps to store instructions. Access to both ROM 786 and RAM 788 is typically faster than to secondary storage 784.


I/O devices 790 may include printers, video monitors, liquid crystal displays (LCDs), touch screen displays, keyboards, keypads, switches, dials, mice, track balls, voice recognizers, card readers, paper tape readers, or other well-known input devices. The network connectivity devices 792 may take the form of modems, modem banks, ethernet cards, universal serial bus (USB) interface cards, serial interfaces, token ring cards, fiber distributed data interface (FDDI) cards, wireless local area network (WLAN) cards, radio transceiver cards such as code division multiple access (CDMA) and/or global system for mobile communications (GSM) radio transceiver cards, and other well-known network devices. These network connectivity devices 792 may enable the processor 782 to communicate with an Internet or one or more intranets. With such a network connection, it is contemplated that the processor 782 might receive information from the network, or might output information to the network in the course of performing the above-described method steps. Such information, which is often represented as a sequence of instructions to be executed using processor 782, may be received from and outputted to the network, for example, in the form of a computer data signal embodied in a carrier wave


Such information, which may include data or instructions to be executed using processor 782 for example, may be received from and outputted to the network, for example, in the form of a computer data baseband signal or signal embodied in a carrier wave. The baseband signal or signal embodied in the carrier wave generated by the network connectivity devices 792 may propagate in or on the surface of electrical conductors, in coaxial cables, in waveguides, in optical media, for example optical fiber, or in the air or free space. The information contained in the baseband signal or signal embedded in the carrier wave may be ordered according to different sequences, as may be desirable for either processing or generating the information or transmitting or receiving the information. The baseband signal or signal embedded in the carrier wave, or other types of signals currently used or hereafter developed, referred to herein as the transmission medium, may be generated according to several methods well known to one skilled in the art.


The processor 782 executes instructions, codes, computer programs, scripts which it accesses from hard disk, floppy disk, optical disk (these various disk based systems may all be considered secondary storage 784), ROM 786, RAM 788, or the network connectivity devices 792.


While several embodiments have been provided in the present disclosure, it should be understood that the disclosed systems and methods may be embodied in many other specific forms without departing from the spirit or scope of the present disclosure. The present examples are to be considered as illustrative and not restrictive, and the intention is not to be limited to the details given herein. For example, the various elements or components may be combined or integrated in another system or certain features may be omitted, or not implemented.


Also, techniques, systems, subsystems and methods described and illustrated in the various embodiments as discrete or separate may be combined or integrated with other systems, modules, techniques, or methods without departing from the scope of the present disclosure. Other items shown or discussed as coupled or directly coupled or communicating with each other may be indirectly coupled or communicating through some interface, device, or intermediate component whether electrically, mechanically, or otherwise. Other examples of changes, substitutions, and alterations are ascertainable by one skilled in the art and could be made without departing from the spirit and scope disclosed herein.

Claims
  • 1. A system for providing secure access to a smart card application, comprising: a mobile device comprising a component that, upon execution of at least one processor: determines that the mobile device is in airplane mode or has been out of communication with a communication service provider for a pre-defined period of time,in response to the determination by the mobile device, restricts access to the smart card application stored in a non-transitory memory on the mobile device based on initiation, by the mobile device, of an access restriction specific to the smart card application wherein the smart card application is activated and provisioned with a smart card application provider prior to initiation of the access restriction; anda server that, upon execution by at least one processor of the server, receives an alert related to the smart card application on the mobile device from the smart card application provider, wherein the smart card application provider receives a notification that the mobile device is lost or stolen prior to the server receiving the alert,responsive to reception of the alert from the smart card provider, conveys the alert to another smart card application provider based on a record of smart card applications stored in the non-transitory memory of the mobile device, andinitiates the access restriction targeting the smart card application via the component in response to receiving the alert, wherein access is restricted specifically to the smart card application by the access restriction that requires input of access enabling information into the mobile device to access the smart card application from the mobile device, and wherein the access restriction does not require re-provisioning the smart card application.
  • 2. The system of claim 1, wherein the component configures a user interface of the mobile device based on the access restriction targeting the smart card application, the smart card application associated with at least one of a loyalty card, an identification card, a credit card, a security card, a debit card, a bank account card, or a cash card.
  • 3. The system of claim 1, wherein the mobile device further comprises a plurality of smart card applications stored in the non-transitory memory of the mobile device, wherein the server initiates restricting access to the plurality of smart card applications via the component in response to receiving a second alert associated with another smart card application of the plurality of smart card applications, and wherein restricting access to the plurality of smart card applications further comprises applying a different access restriction to at least one of the plurality of smart card applications.
  • 4. The system of claim 1, wherein the alert specifies at least one of a missing mobile device or fraudulent activity from the mobile device using the smart card application.
  • 5. The system of claim 1, wherein the mobile device further comprises a hardware component that configures a user interface of the mobile device, and wherein the server further instructs the mobile device during a period of communication between the server and the mobile device to restrict access to the smart card application from the mobile device responsive to the mobile device determining that the mobile device has been out of communication with the server subsequent to a pre-defined period of time or being put into airplane mode.
  • 6. A method for providing secure access to a smart card application stored in a non-transitory memory of a mobile device, comprising: determining by the mobile device, that the mobile device is in airplane mode or has been out of communication with a communication service provider for a pre-defined period of time;in response to the determination by the mobile device, restricting, by the mobile device based on initiation, by the mobile device, of an access restriction specific to the smart card application wherein the smart card application is activated and provisioned by the mobile device with a smart card application provider prior to initiation of the access restriction;receiving, by a server, an alert related to the smart card application on the mobile device from the smart card application provider, wherein the smart card application provider receives a notification that the mobile device is lost or stolen prior to the server receiving the alert;conveying the alert to another smart card application provider based on a record of smart card applications stored in the non-transitory memory of the mobile device in response to reception of the alert from the smart card provider; andinitiating the access restriction targeting the smart card application via the component in response to receiving the alert, wherein access is restricted specifically to the smart card application by the access restriction that requires input of access enabling information into the mobile device to access the smart card application from the mobile device, and wherein the access restriction does not require re-provisioning the smart card application.
  • 7. The method of claim 6, further comprising configuring, by the mobile device, a user interface of the mobile device based on the access restriction targeting the smart card application, the smart card application associated with at least one of a loyalty card, an identification card, a credit card, a security card, a debit card, a bank account card, or a cash card.
  • 8. The method of claim 6, wherein the mobile device comprises a plurality of smart card applications stored in the non-transitory memory of the mobile device, wherein the method further comprises restricting, by the server, access to the plurality of smart card applications via the mobile device in response to receiving a second alert associated with another smart card application of the plurality of smart card applications, and wherein restricting access to the plurality of smart card applications further comprises applying a different access restriction to at least one of the plurality of smart card applications.
  • 9. The method of claim 6, wherein the alert specifies at least one of a missing mobile device or fraudulent activity from the mobile device using the smart card application.
  • 10. The method of claim 6, wherein the mobile device comprises a hardware component that configures a user interface of the mobile device, and wherein the method further comprises instructing, by the server, the mobile device during a period of communication between the server and the mobile device to restrict access to the smart card application from the mobile device responsive to the mobile device determining that the mobile device has been out of communication with the server subsequent to a pre-defined period of time or being put into airplane mode.
US Referenced Citations (231)
Number Name Date Kind
5276311 Hennige Jan 1994 A
5453601 Rosen Sep 1995 A
5496966 Hightower et al. Mar 1996 A
5530232 Taylor Jun 1996 A
5590038 Pitroda Dec 1996 A
5923884 Peyret et al. Jul 1999 A
5989720 Taniyama Nov 1999 A
6000608 Dort Dec 1999 A
6012634 Borgan et al. Jan 2000 A
6014286 Baradley et al. Feb 2000 A
6122625 Rosen Sep 2000 A
6142369 Jonstromer Nov 2000 A
6199161 Ahvenainen Mar 2001 B1
6250557 Forslund et al. Jun 2001 B1
6290127 Schilling Sep 2001 B1
6298442 Kocher et al. Oct 2001 B1
6314409 Schneck et al. Nov 2001 B2
6360954 Bernardo Mar 2002 B1
6390374 Carper et al. May 2002 B1
6405181 Lent et al. Jun 2002 B2
6446049 Janning et al. Sep 2002 B1
6466777 Urita Oct 2002 B1
6490601 Markus et al. Dec 2002 B1
6584326 Boydston et al. Jun 2003 B1
6591098 Shieh et al. Jul 2003 B1
6631849 Blossom Oct 2003 B2
6655587 Andrews et al. Dec 2003 B2
6679423 Ijichi et al. Jan 2004 B2
6732919 Macklin et al. May 2004 B2
6755342 Jordan, Jr. Jun 2004 B1
6782251 Kagay, Jr. Aug 2004 B2
6810521 Gelgon et al. Oct 2004 B1
6817521 Matada Nov 2004 B1
6824064 Guthery et al. Nov 2004 B2
6879965 Fung et al. Apr 2005 B2
6880085 Balczewski et al. Apr 2005 B1
6880761 Ritter et al. Apr 2005 B1
6886741 Salveson May 2005 B1
6896183 Takano May 2005 B2
6938821 Gangi Sep 2005 B2
7043230 Geddes et al. May 2006 B1
7117485 Wilkinson et al. Oct 2006 B2
7142840 Geddes et al. Nov 2006 B1
7146159 Zhu Dec 2006 B1
7194438 Sovio et al. Mar 2007 B2
7233785 Yamagishi et al. Jun 2007 B2
7260390 Skinner et al. Aug 2007 B1
7269256 Rosen Sep 2007 B2
7275095 Lebouill Sep 2007 B1
7275105 Bloch et al. Sep 2007 B2
7343351 Bishop et al. Mar 2008 B1
7376839 Carta et al. May 2008 B2
7413113 Zhu Aug 2008 B1
7434723 White et al. Oct 2008 B1
7475044 Kawai et al. Jan 2009 B1
7494058 Bonalle et al. Feb 2009 B2
7494067 Zhu Feb 2009 B1
7533063 Kianian May 2009 B2
7546266 Beirne et al. Jun 2009 B2
7546956 Adams et al. Jun 2009 B2
7562818 Bierbaum et al. Jul 2009 B1
7567795 Champion et al. Jul 2009 B1
7568631 Gibbs et al. Aug 2009 B2
7575177 Killian et al. Aug 2009 B2
7637425 Mock et al. Dec 2009 B2
7644039 Magee et al. Jan 2010 B1
7644859 Zhu Jan 2010 B1
7707113 DiMartino et al. Apr 2010 B1
7729948 Gailloux et al. Jun 2010 B1
7748636 Finn Jul 2010 B2
7819307 Lyons et al. Oct 2010 B2
7822688 Labrou et al. Oct 2010 B2
7853782 Geddes Dec 2010 B1
7926713 Yamada et al. Apr 2011 B2
7926714 Zhu Apr 2011 B1
7974926 Ohmori et al. Jul 2011 B2
7980476 D'Albore Jul 2011 B2
7988060 Killian et al. Aug 2011 B2
7996324 Bishop et al. Aug 2011 B2
8055184 DiMartino et al. Nov 2011 B1
8060449 Zhu Nov 2011 B1
8107953 Zimmerman et al. Jan 2012 B2
8123128 Zhu Feb 2012 B1
8126806 DiMartino et al. Feb 2012 B1
8165961 DiMartino et al. Apr 2012 B1
8200582 Zhu Jun 2012 B1
8244169 DiMartino et al. Aug 2012 B1
8249654 Zhu Aug 2012 B1
8249935 DiMartino et al. Aug 2012 B1
8250662 Zhu Aug 2012 B1
8285329 Zhu Oct 2012 B1
8290433 Fisher et al. Oct 2012 B2
8332272 Fisher Dec 2012 B2
8352323 Fisher Jan 2013 B2
8359070 Zhu Jan 2013 B1
8401904 Simakov et al. Mar 2013 B1
8468095 DiMartino et al. Jun 2013 B1
8566168 Bierbaum et al. Oct 2013 B1
8577731 Cope et al. Nov 2013 B1
8594563 Waters et al. Nov 2013 B2
8655310 Katzer et al. Feb 2014 B1
8719102 DiMartino et al. May 2014 B1
8768845 Persson et al. Jul 2014 B1
8862181 Cope et al. Oct 2014 B1
8909139 Aldana et al. Dec 2014 B2
8983374 Wiley Mar 2015 B2
9420403 Annan et al. Aug 2016 B1
9818104 Katzer et al. Nov 2017 B1
20010005184 Tsuno et al. Jun 2001 A1
20010013551 Ramachandran Aug 2001 A1
20020006806 Kinnunen et al. Jan 2002 A1
20020011519 Shults, III Jan 2002 A1
20020016838 Geluc et al. Feb 2002 A1
20020018016 Radonic Feb 2002 A1
20020038258 Inoue et al. Mar 2002 A1
20020052193 Chetty May 2002 A1
20020052754 Joyce et al. May 2002 A1
20020062284 Kawan May 2002 A1
20020088852 Ohta et al. Jul 2002 A1
20020123971 Maritzen et al. Sep 2002 A1
20020128982 Gefwert et al. Sep 2002 A1
20020136199 Hartmaier Sep 2002 A1
20020147913 Lun Yip Oct 2002 A1
20020195487 Hosogoe Dec 2002 A1
20030009382 D'Arbeloff et al. Jan 2003 A1
20030028481 Flitcroft et al. Feb 2003 A1
20030032409 Hutcheson et al. Feb 2003 A1
20030045328 Natsuno Mar 2003 A1
20030070080 Rosen Apr 2003 A1
20030083933 McAlear May 2003 A1
20030125054 Garcia Jul 2003 A1
20030126094 Fisher et al. Jul 2003 A1
20030149900 Glassman et al. Aug 2003 A1
20030161503 Kramer Aug 2003 A1
20030211862 Hutchison, IV et al. Nov 2003 A1
20030220876 Burger et al. Nov 2003 A1
20030233320 Connor, Jr. Dec 2003 A1
20040010462 Moon et al. Jan 2004 A1
20040044622 Blott et al. Mar 2004 A1
20040093265 Ramchandani et al. May 2004 A1
20040103063 Takayama et al. May 2004 A1
20040122685 Bunce Jun 2004 A1
20040122771 Celi, Jr. et al. Jun 2004 A1
20040139024 So Jul 2004 A1
20040159700 Khan et al. Aug 2004 A1
20040166839 Okkonen et al. Aug 2004 A1
20040192303 Puthenkulam Sep 2004 A1
20040198333 Zanaty Oct 2004 A1
20040203601 Morriss et al. Oct 2004 A1
20040204070 August et al. Oct 2004 A1
20040218741 Welton Nov 2004 A1
20040260647 Blinn et al. Dec 2004 A1
20050186989 Cocita Aug 2005 A1
20050216424 Gandre et al. Sep 2005 A1
20050234778 Sperduti et al. Oct 2005 A1
20050278192 Cantini et al. Dec 2005 A1
20060073808 Buchert Apr 2006 A1
20060085847 Ikeuchi et al. Apr 2006 A1
20060136334 Atkinson et al. Jun 2006 A1
20060164318 Lastinger et al. Jul 2006 A1
20060165060 Dua Jul 2006 A1
20060167823 York et al. Jul 2006 A1
20060191995 Stewart et al. Aug 2006 A1
20060211408 Yamagishi et al. Sep 2006 A1
20060214005 Agami et al. Sep 2006 A1
20060218635 Kramer et al. Sep 2006 A1
20060237528 Bishop et al. Oct 2006 A1
20060261949 Kim et al. Nov 2006 A1
20070010213 Dewan Jan 2007 A1
20070011461 Jeng Jan 2007 A1
20070055785 Stevens Mar 2007 A1
20070060200 Boris et al. Mar 2007 A1
20070080215 Ramachandran et al. Apr 2007 A1
20070095892 Lyons et al. May 2007 A1
20070125840 Law et al. Jun 2007 A1
20070145152 Jogand-Coulomb et al. Jun 2007 A1
20070155362 Davis Jul 2007 A1
20070169043 Violleau et al. Jul 2007 A1
20070169183 Kipnis et al. Jul 2007 A1
20070197261 Humbel Aug 2007 A1
20070198410 Labgold et al. Aug 2007 A1
20070223685 Boubion et al. Sep 2007 A1
20070233615 Tumminaro Oct 2007 A1
20070234427 Gardner et al. Oct 2007 A1
20070244811 Tumminaro Oct 2007 A1
20070248232 Driscoll et al. Oct 2007 A1
20070250599 Takayama et al. Oct 2007 A1
20070255620 Tumminaro et al. Nov 2007 A1
20070255652 Tumminaro et al. Nov 2007 A1
20070278290 Messerges et al. Dec 2007 A1
20070281664 Kaneko et al. Dec 2007 A1
20070291995 Rivera Dec 2007 A1
20080059379 Ramaci et al. Mar 2008 A1
20080067240 Nakano et al. Mar 2008 A1
20080078831 Johnson et al. Apr 2008 A1
20080116264 Hammad et al. May 2008 A1
20080121687 Buhot May 2008 A1
20080126260 Cox et al. May 2008 A1
20080165006 Phillips Jul 2008 A1
20080201212 Hammad et al. Aug 2008 A1
20080238610 Rosenberg Oct 2008 A1
20080297306 Huajun et al. Dec 2008 A1
20080315989 Mirkazemi-Moud et al. Dec 2008 A1
20090018964 Liu et al. Jan 2009 A1
20090046858 Iyer et al. Feb 2009 A1
20090050689 Sako et al. Feb 2009 A1
20090055278 Nemani Feb 2009 A1
20090078761 Sines Mar 2009 A1
20090097531 Franceschini et al. Apr 2009 A1
20090112765 Skowronek Apr 2009 A1
20090182634 Park et al. Jul 2009 A1
20090253409 Slavov et al. Oct 2009 A1
20090270174 Kelly et al. Oct 2009 A1
20090313689 Nyström et al. Dec 2009 A1
20090327292 Janssen et al. Dec 2009 A1
20100030651 Matotek et al. Feb 2010 A1
20100094752 Heath Apr 2010 A1
20100133337 Van Rensburg Jun 2010 A1
20100185545 Royyuru et al. Jul 2010 A1
20110006112 Mueller Jan 2011 A1
20110053560 Jain et al. Mar 2011 A1
20110165836 Dixon et al. Jul 2011 A1
20110184867 Varadarajan Jul 2011 A1
20110225655 Niemela et al. Sep 2011 A1
20110237296 Coppinger Sep 2011 A1
20110251892 Laracey Oct 2011 A1
20120108296 Coppinger May 2012 A1
20120123935 Brudnicki et al. May 2012 A1
20120203701 Ayuso de Paul Aug 2012 A1
20130159186 Brudnicki et al. Jun 2013 A1
20130305333 Katzer et al. Nov 2013 A1
Non-Patent Literature Citations (110)
Entry
Office Action dated May 24, 2011, U.S. Appl. No. 12/348,371.
Notice of Allowance dated Sep. 9, 2011, U.S. Appl. No. 12/348,371.
Supplemental Notice of Allowance dated Oct. 6, 2011, U.S. Appl. No. 12/348,371.
FAIPP Pre-Interview Communication dated Feb. 21, 2012, U.S. Appl. No. 13/270,205.
Notice of Allowance dated Apr. 9, 2012, U.S. Appl. No. 13/270,205.
Office Action—Restriction dated Mar. 14, 2011, U.S. Appl. No. 12/371,901.
Office Action dated Apr. 14, 2011, U.S. Appl. No. 12/371,901.
Final Office Action dated Oct. 14, 2011, U.S. Appl. No. 12/371,901.
Advisory Action dated Feb. 9, 2012, U.S. Appl. No. 12/371,901.
Notice of Allowance dated Feb. 28, 2014, U.S. Appl. No. 12/371,901.
Office Action dated Oct. 12, 2006; U.S. Appl. No. 10/901,630, filed Jul. 28, 2004.
Office Action dated Apr. 5, 2007; U.S. Appl. No. 10/901,630, filed Jul. 28, 2004.
Office Action dated Oct. 9, 2007; U.S. Appl. No. 10/901,630, filed Jul. 28, 2007.
Notice of Allowance dated Apr. 8, 2008; U.S. Appl. No. 10/901,630, filed Jul. 28, 2004.
Office Action dated Apr. 16, 2009; U.S. Appl. No. 12/172,813, filed Jul. 14, 2008.
Notice of Allowance dated Sep. 9, 2009; U.S. Appl. No. 12/172,813, filed Jul. 14, 2008.
Office Action dated Aug. 20, 2010; U.S. Appl. No. 12/631,372, filed Dec. 4, 2009.
Notice of Allowance dated Dec. 14, 2010; U.S. Appl. No. 12/631,372, filed Dec. 4, 2009.
Office Action dated Jul. 7, 2011; U.S. Appl. No. 13/045,306.
Notice of Allowance dated Oct. 27, 2011; U.S. Appl. No. 13/045,306, filed Mar. 10, 2010.
Office Action dated Oct. 6, 2009, U.S. Appl. No. 11/695,344.
Final Office Action dated Apr. 13, 2010, U.S. Appl. No. 11/695,344.
Office Action dated Dec. 14, 2010, U.S. Appl. No. 11/695,344.
Office Action dated May 24, 2011, U.S. Appl. No. 11/695,344.
Final Office Action dated Nov. 8, 2011, U.S. Appl. No. 11/695,344.
Office Action dated Jan. 24, 2012, U.S. Appl. No. 11/695,344.
Notice of Allowance dated May 29, 2012, U.S. Appl. No. 11/695,344.
Office Action dated Jul. 9, 2010, U.S. Appl. No. 11/863,228.
Final Office Action dated Nov. 24, 2010, U.S. Appl. No. 11/863,228.
Office Action dated Mar. 14, 2011, U.S. Appl. No. 11/863,228.
Final Office Action dated Jul. 21, 2011; U.S. Appl. No. 11/863,228.
Notice of Allowance dated Apr. 10, 2012; U.S. Appl. No. 11/863,228.
Notice of Allowance dated Sep. 13, 2012, U.S. Appl. No. 13/542,632.
Baker, D., “Real-Time Provisioning of SIM cards: A Boon to GSM Operators”, Apr. 13, 2011. http://www.billingworld.com/blogs/baker/2011/04/real-time-provisioning-of-sim-cards-a-boon-to-gsm.aspx.
BlackBerry Enterprise Server for Microsoft Exchange, Version 4.0—Handheld Management Guide, Last Modified Aug. 18, 2006, Research in Motion Limited, Canada.
BlackBerry Enterprise Server for Microsoft Exchange, Version 4.0—Administration Guide, Last Modified Nov. 10, 2006, Research in Motion Limited, Canada.
Derfler, Frank J., et al., “How Networks Work,” Sep. 2000, Que Corporation, A Division of MacMillan Computer Publishing, USA.
Anonymous, “Sourcebook '96,” Progressive Grocer Sourcebook '96 Supplement, Dec. 1995, pp. Cover-48, Maclean-Hunter Media Inc.
Office Action dated Jun. 17, 2009, U.S. Appl. No. 11/949,759, filed Dec. 3, 2007.
Office Action dated Nov. 13, 2009, U.S. Appl. No. 11/949,759, filed Dec. 3, 2007.
Office Action dated May 25, 2010, U.S. Appl. No. 11/949,759, filed Dec. 3, 2007.
Final Office Action dated Sep. 10, 2010, U.S. Appl. No. 11/949,759, filed Dec. 3, 2007.
Office Action dated Feb. 15, 2011, U.S. Appl. No. 11/949,759, filed Dec. 3, 2007.
Final Office Action dated Aug. 5, 2011, U.S. Appl. No. 11/949,759, filed Dec. 3, 2007.
Notice of Allowance dated Oct. 17, 2011, U.S. Appl. No. 11/949,759, filed Dec. 3, 2007.
Restriction Requirement dated Aug. 6, 2012, U.S. Appl. No. 13/343,708, filed Jan. 4, 2012.
FAIPP Pre-Interview Communication dated Sep. 12, 2012, U.S. Appl. No. 13/343,708, filed Jan. 4, 2012.
FAIPP Office Action dated Nov. 15, 2012, U.S. Appl. No. 13/343,708, filed Jan. 4, 2012.
Notice of Allowance dated Feb. 11, 2013, U.S. Appl. No. 13/343,708, filed Jan. 4, 2012.
Office Action dated Feb. 11, 2013, U.S. Appl. No. 13/535,337, filed Jun. 27, 2012.
Final Office Action dated Jun. 3, 2013, U.S. Appl. No. 13/535,337, filed Jun. 27, 2012.
Advisory Action dated Jul. 30, 2013, U.S. Appl. No. 13/535,337, filed Jun. 27, 2012.
Notice of Allowance dated Dec. 19, 2013, U.S. Appl. No. 13/535,337, filed Jun. 27, 2012.
Pre-Interview Communication dated Nov. 15, 2011, U.S. Appl. No. 13/207,645, filed Aug. 11, 2011.
Notice of Allowance dated Apr. 2, 2012, U.S. Appl. No. 13/207,645, filed Aug. 11, 2011.
Office Action dated Feb. 17, 2009, U.S. Appl. No. 11/863,229, filed Sep. 27 2007.
Office Action dated Sep. 14, 2009, U.S. Appl. No. 11/863,229, filed Sep. 27, 2007.
Office Action dated Dec. 24, 2009, U.S. Appl. No. 11/863,229, filed Sep. 27, 2007.
Final Office Action dated Jun. 22, 2010, U.S. Appl. No. 11/863,229, filed Sep. 27, 2007.
Office Action dated Mar. 16, 2011, U.S. Appl. No. 11/863,229, filed Sep. 27, 2007.
Final Office Action dated Aug. 22, 2011, U.S. Appl. No. 11/863,229, filed Sep. 27, 2007.
Advisory Action dated Oct. 21, 2011, U.S. Appl. No. 11/863,229, filed Sep. 27, 2007.
Notice of Allowance dated Apr. 9, 2012, U.S. Appl. No. 11/863,229, filed Sep. 27, 2007.
Office Action dated Mar. 6, 2009, U.S. Appl. No. 11/863,632, filed Sep. 28, 2007.
Office Action dated May 6, 2009, U.S. Appl. No. 11/863,632, filed Sep. 28, 2007.
Notice of Allowance dated Dec. 1, 2009, U.S. Appl. No. 11/863,632.
Pre-Interview Communication dated Nov. 9, 2011, U.S. Appl. No. 12/702,270, filed Feb. 8, 2010.
Notice of Allowance dated Dec. 14, 2011, U.S. Appl. No. 12/702,270, filed Feb. 8, 2010.
Office Action dated Mar. 11, 2011, U.S. Appl. No. 12/022,903.
Notice of Allowance dated Jun. 21, 2011, U.S. Appl. No. 12/022,903.
Supplemental Notice of Allowance dated Sep. 13, 2011, U.S. Appl. No. 12/022,903.
Supplemental Notice of Allowance dated Sep. 28, 2011, U.S. Appl. No. 12/022,903.
Office Action dated Mar. 1, 2011, U.S. Appl. No. 12/099,771.
Office Action dated Aug. 3, 2011, U.S. Appl. No. 12/099,771.
Final Office Action dated Jan. 4, 2012, U.S. Appl. No. 12/099,771.
Office Action dated Aug. 21, 2012, U.S. Appl. No. 12/099,771.
Final Office Action dated Feb. 26, 2013, U.S. Appl. No. 12/099,771.
Notice of Allowance dated Oct. 2, 2013, U.S. Appl. No. 12/099,771.
Office Action dated Jan. 13, 2011, U.S. Appl. No. 12/348,377.
Final Office Action dated Jun. 20, 2011, U.S. Appl. No. 12/348,377.
Advisory Action dated Aug. 30, 2011, U.S. Appl. No. 12/348,377.
Notice of Allowance dated Jan. 5, 2012, U.S. Appl. No. 12/348,377.
Office Action—Restriction dated Mar. 16, 2011, U.S. Appl. No. 12/348,371.
Office Action dated Mar. 31, 2015, U.S. Appl. No. 13/363,369, filed Jan. 31, 2012.
FAIPP Pre-Interview Communication dated Mar. 13, 2015, U.S. Appl. No. 13/750,831, filed Jan. 25, 2013.
First Action Interview Office Action dated May 6, 2015, U.S. Appl. No. 13/750,831, filed Jan. 25, 2013.
Office Action dated Mar. 5, 2012; U.S. Appl. No. 13/250,611, filed Sep. 30, 2011.
Final Office Action dated Oct. 5, 2012, U.S. Appl. No. 13/250,611, filed Sep. 30, 2011.
Advisory Action dated Dec. 19, 2012, U.S. Appl. No. 13/250,611, filed Sep. 30, 2011.
Notice of Allowance dated Jun. 21, 2013, U.S. Appl. No. 13/250,611, filed Sep. 30, 2011.
FAIPP Pre-Interview Communication dated Nov. 20, 2012, U.S. Appl. No. 13/344,096, filed Jan. 5, 2012.
FAIPP Office Action dated Jan. 31, 2013, U.S. Appl. No. 13/344,096, filed Jan. 5, 2012.
Notice of Allowance dated Jun. 11, 2013, U.S. Appl. No. 13/344,096, filed Jan. 5, 2012.
FAIPP Pre-Interview dated Dec. 24, 2014, U.S. Appl. No. 13/363,369, filed Jan. 31, 2012.
FAIPP Pre-Interview Communication dated Mar. 20, 2014, U.S. Appl. No. 13/482,731, filed May 29, 2012.
Notice of Allowance dated May 27, 2014, U.S. Appl. No. 13/482,731, filed May 29, 2012.
Ching, Andrew T., et al., “Payment Card Rewards Programs and Consumer Payment Choice”, Journal of Banking & Finance, vol. 34, Issue 8, Aug. 2010, pp. 1773-1787, ISSN 0378-4266, http://dx.doi.org/10.1016/j.jbankfin.2010.03.015.
Zimmerman, Ann, “Check Out the Future of Shopping”, The Wall Street Journal, Business, May 18, 2011, http://online.wsj,com/article/SB10001424052748703421204576329253050634700.html.
Garry, Michael, Kroger Test Prepares for Mobile Future:, SN, Supermarket News, Jun. 13, 2011, http://supermarketnews.com/technology/kroger-test-prepares-mobile-future.
Jones, Sally, “Industry Trends in POS Hardware for Mobile Devices”, Aug. 31, 2011, http://pointofsale.com/20110831734/Mobile-POS-News/industry-trends-in-pos-hardware-for-mobile-devices.html.
Annan, Brandon C., et al., “Remote Deactivation of Near Field Communication Functionality,” U.S. Appl. No. 13/363,369, filed Jan. 31, 2012.
Katzer, Robin Dale, et al., “Secure Online Credit Card Transactions,” filed Jan. 25, 2013, U.S. Appl. No. 13/750,831.
Notice of Allowance dated Apr. 18, 2016, U.S. Appl. No. 13/363,369, filed Jan. 31, 2012.
Office Action dated Jun. 17, 2016, U.S. Appl. No. 13/750,831, filed Jan. 25, 2013.
Final Office Action dated Sep. 24, 2015, U.S. Appl. No. 13/750,831, filed Jan. 25, 2013.
Advisory Action dated Dec. 16, 2015, U.S. Appl. No. 13/750,831, filed Jan. 25, 2013.
Final Office Action dated Feb. 10, 2016, U.S. Appl. No. 13/363,369, filed Jan. 31, 2012.
Final Office Action dated Dec. 15, 2016, U.S. Appl. No. 13/750,831, filed Jan. 25, 2013.
Advisory Action dated Jan. 26, 2017, U.S. Appl. No. 13/750,831, filed Jan. 25, 2013.
Notice of Allowance dated Jul. 6, 2017, U.S. Appl. No. 13/750,831, filed Jan. 25, 2013.