Field
The described embodiments relate generally to wireless communications, wireless electronic devices, and more specifically techniques for preventing secure-element-identifier spoofing by using a digital signature while communicating with the secure-element identifier.
Related Art
Many modern electronic devices include a networking subsystem that is used to wirelessly communicate with other electronic devices. For example, these electronic devices can include a networking subsystem with a cellular network interface (UMTS, LTE, etc.), a wireless local area network interface (e.g., a wireless network such as described in the Institute of Electrical and Electronics Engineers (IEEE) 802.11 standard or Bluetooth™ from the Bluetooth Special Interests Group of Kirkland, Wash.), and/or another type of wireless interface (such as a near-field-communication interface).
There is presently increasing interest in using electronic devices to conduct financial transactions. However, because of the sensitivity of such financial transactions, it is advantageous to incorporate a secure element into an electronic device to facilitate financial transactions by providing: security, confidentiality, and one or more application environments. For example, the secure element may include one or more applets or applications (such as a payment applet associated with a credit card) that execute in an environment of the secure element. These applets may allow the secure element to conduct a financial transaction with another electronic device, such as a point-of-sale terminal.
Moreover, the applets or the applications may be updated as needed. These updating operations may be conducted by a remote trusted services manager (which is sometimes referred to as a ‘hardware security manager’), such as a server that loads content onto the secure element. In order to maintain the security of the secure element, the trusted services manager may request a secure-element identifier from the secure element to ensure that it is safe to provide an update for an applet or an application on the secure element).
However, if a malicious third party intercepts the secure-element identifier when the secure element communicates it to the trusted services manager, then the intercepted secure-element identifier could be subsequently provided by the malicious third party to the trusted services manager. (This is sometimes referred to as a ‘replay’ attack.) In this case, the trusted services manager could be tricked into providing an update for an applet (with sensitive financial information) to the malicious third party instead of the secure element, which undermines the security of the entire system.
Thus, in spite of the considerable effort already devoted to the development of technology to support wireless financial transactions, further improvements are desirable.