Radio communication in the near field, otherwise known as NF communication or simply NFC, makes it possible for a network device, such as a mobile device, to communicate with other devices in a peer-to-peer model. It is the limitation of NFC to communication over a short range of distances that makes NFC particularly useful in communications requiring a higher degree of security. Some examples of communications requiring a higher degree of security may include those involving a credit card transaction or gaining entry by a person to a secured facility.
One emerging use of NFC in the mobile phone communications field of use is in the area of financial transactions. Conventionally, many financial transactions are credit or debit card based. Cards are swiped through card readers which are typically hard wired or wirelessly connected to a server controlled by a trusted service manager (TSM) or a payment company, which may audit each credit card transaction for approval. The process is typically initiated at the point of sale by the swiping of the card through the card reader. The card reader typically captures the credit card data embedded in the card, as part of the “reading” operation, and formats the data for transmission typically to a server of a lending institution where the credit card data may be deciphered to determine the identity of the purchaser, the associated account of the lender from which the funds are to be drawn, the availability of funds for the purchase, etc. If the transaction is approved, the purchaser's account will be debited and the creditor's account credited all in accordance with the terms of the credit card agreement between the purchaser, the lender, and the merchant. Another example of a card based transaction is the withdrawal of money from an automatic teller machine. In this case, the ATM machine may read the card and format the data for use in the subsequent processes that are typically required for approval and payment by a TSM or a payment company.
By providing a mobile phone with an NFC radio, the mobile phone may be made so secure as to take the place of the credit card in providing the user identity and account information in the foregoing financial transaction in systems that are equipped with an NFC receiver. In addition to the foregoing or other kinds of financial transactions, a mobile phone that is provided with NFC communication capabilities may be particularly useful in any peer to peer application involving secure messaging.
To make these secure messages even more secure, the mobile phone may be further provided with a secure element (SE) in which may be embedded the sensitive information about the user. In a financial transaction, the SE may effectively serve as a “wallet” inside the phone and each sector of account specific information of the user inside that wallet may effectively serve as a separate credit card in that wallet. By selective use of these “virtual credit cards”, a user can provide a trusted service manager (TSM) or a payment company with secure messages containing the information necessary to approve and enable the transaction; much as a user does conventionally using credit cards.
Hence, NFC as used with mobile communications devices, provides some key advantages. For example, NFC may provide (in effect) several credit or debit cards in a single device's SE. NFC may enable non-contact use of a selected card when checking out, through the NFC radio link. NFC may provide a communications link between the SE (secure element) in the mobile device and the card issuer or TSM (trusted service manager) managing the card. A message from the TSM or card issuer sent to the SE may be used to modify or edit the card in the SE. This link, used from time to time, enables the card issuer to quickly change the “card” when it has been compromised. With a physical card, the user would have to wait for physical delivery of the replacement card. NFC may also be used to modify or edit the “card”.
The NFC specifications permit the SE to be implemented within the SIM card, or within the mobile device (i.e. not within the SIM card.
Most cellular service providers implement the SE with the SIM card that they provide to their cellular subscribers. The SIM card itself is a secure device, under the control of the cellular service provider. In this case, the communications link between the card issuer or TSM and the SE will be carried between the cellular carrier's Mobile Service Center (MSC) and the SIM over the cellular channels normally used by the cellular carrier for communications with the SIM card. The address of the SIM card is the IMSI, international mobile subscriber identity; this identity would be in the card issuer's or TSM's data base. The data, once received by the SE, would have the identity of the particular “card” that it is addressed to.
Where the application requiring secure messaging involves the security of a building, the SE may effectively serve as a “virtual” badge or card or other device worn or carried by a person with the SE embedded data serving as the data that is conventionally embedded in a physical badge or card or other worn device used by a person to gain entry into a building. In these and other applications, the NFC broadcasting of SE embedded sensitive information that enables more secure messaging.
There is a need for making NFC or other broadcasted messages involving SE embedded data that are transmitted over a network even more secure. This disclosure addresses that need.