In the last decade the technical field of smart cards has gained a lot of importance. Smart cards can provide identification, authentication, data storage and application processing functions in many different application areas.
The benefits of smart cards depend on the volume of information and applications that are programmed for use on the cards. A single contact bound or contactless smart card can be programmed with multiple banking credentials, medical entitlement data, driver's license or public transport entitlement data, loyalty programs and club memberships, for example. Multi-factor and proximity authentication can be embedded into smart cards in order to increase the security of the services offered by the cards. For example, a smart card can be programmed to allow a contactless transaction only if it is within the range of another device, such as a uniquely paired mobile phone. This can significantly increase the security of the smart cards.
A more recent development is the concept of so-called Virtual Cards. For example, the applicant has marketed the Mifare Plus technology which features a so-called Virtual Card architecture. Basically, the Virtual Card architecture enables the configuration of a secure element, or a physical smart card, in accordance with a license that grants a right to use a particular set of resources offered by the smart card. In other words, the license specifies which set or subset of functions of the smart card can be used. Thus, the license can be used to configure the resources of the smart card. A Virtual Card is defined as a smart card on which specific licensed functionality has been enabled.
A secure element is typically sold through a distribution chain in which several parties are involved. For example, a secure element is made by a chip manufacturer who is also a licensor. The secure element is put on the market by the licensor. The secure element is arranged to comprise multiple Virtual Cards of the kind set forth. The Virtual Cards are managed by another party, such as a Trusted Service Manager (TSM), who acts as a licensee. Conventionally, one or more Trusted Service Managers receive keys for the Virtual Cards that need to be created on the secure element. Typically, a plurality of keys is needed to manage the creation of Virtual Cards on the secure element or, in other words, to configure the resources of the secure element after it has been put on the market.