Field
The present invention relates generally to systems, methods, and computer program products for securely managing data on a secure element.
Related Art
Applications stored and functioning on mobile devices are increasingly being used to conduct secure communications which require the transmission of highly critical data. Such applications include mobile wallet applications, which may be used to perform contactless transactions. Contactless transactions may be financial (e.g., payments, commerce) or non-financial (e.g., venue admissions, transit ticketing). These secure communications, including contactless transactions, typically involve the exchange of critical data between mobile devices and other systems such as reader terminals using, for example, near field communication (NFC) technology.
Mobile devices include, or have stored on the mobile device memory, applications used to initiate contactless transactions, as well as those applications' corresponding non-critical data. On the other hand, the applications' critical data (e.g., personal data, security keys, passcodes, identifiers) is stored in a secure element (SE) associated with the mobile device. Secure elements are highly tamper resistant components which securely store data in accordance with specific security requirements. Because of their specialized security mechanisms, secure element storage is more costly than typical memory (e.g., mobile device memory) and thus, storage on secure elements is often exclusively limited to critical data.
Critical data is managed by corresponding applets on the secure element which control, for example, how the data is stored, when the data can be distributed, and which devices, applets and applications can access (e.g., read, write) the data. The applets which manage critical data on secure elements may need, or choose to be, altered or deleted, for example, to update out-of-date or unsupported applet versions or to repair corrupted applet versions. Such alteration or deletion of applets that manage critical data may cause those applets' corresponding critical data to be deleted or be left unmanaged on the secure element during periods in which those managing applets are not yet installed, updated or activated. Deletion of critical data may result in the need for that critical data to be requested and acquired from its source, or worse, that critical data may be lost.
Given the foregoing, it would be beneficial to store critical data on secure elements in a manner which allows for managing applets to be altered (e.g., updated, deleted) without resulting in data loss or minimization of the security of the critical data.
One technical challenge involves securely storing critical data during time periods when managing applets are not fully active (e.g., pending update). Another technical challenge involves managing applets receiving the most up-to-date critical data when those managing applets become fully active (e.g., post-update).