An electronic wallet (hereinafter, simply referred to as a “wallet”) refers to a hardware and software module within a terminal device, in most cases a mobile terminal device, such as a mobile phone or a smart phone, consisting of two parts:                a security element (e.g. in the form of a SIM card/UICC or Java card integrated in the chip set of the terminal device), with Java applets thereon, which can be addressed by applications on the terminal device on the one hand side as well as via wireless radio communications (e.g. NFC) from acceptance points (i.e., card readers) in card emulation mode.        software for visualization, management and enabling of user interaction for Java card applications located on the security element.        
As a result, this architecture of the electronic wallet enables the mapping of real smart cards (for various application fields such as payment, loyalty card, coupons) to the terminal device, wherein the role of the chip of the actual card is taken over by the Java applets on the security element, for example, the UICC, and the role of the label (i.e. the inscription, design, logo and/or other designations) on the physical card is taken over by the wallet software on the terminal device, e.g. the mobile phone.
Here and in the following an “applet” is understood as an application configured for the execution on a security element. Instead of “applet” the synonymous term “cardlet” is also used in the following.
Furthermore, in the following an application configured to run under the operating system of the terminal device, is called an “app”.
If the electronic wallet is located on a mobile terminal device such as a mobile phone, the electronic wallet is also to be referred to as a “mobile wallet”.
The cards in the electronic wallet can then be used at appropriate points of acceptance like physical plastic cards; using wireless radio communication (e.g. short-range radio technique NFC) applets on the security element (such as UICC) can be addressed without any contact, for example at the supermarket checkout.
Thus, this technique enables the use of a security element (such as the UICC) as a multi-functional smart card, wherein the user benefits from the adequate level of safety for a smart card application: information cannot be read from the smart card, the smart card cannot be copied and its information are admitted for use only after entering a PIN where necessary.
For similar operations in the online world, however, other methods have been established. For example, payment transactions are performed by users reading their credit card information and entering it in web forms on web pages. The authentication of users at web pages is usually done by entering a user name and a password.
On mobile platforms (here and below, the term “platform” is to be understood as the operating system of a terminal device, “mobile platform” is to be understood as the operating system of a mobile terminal), again, it is common to connect one's payment card information once with an account of the mobile phone manufacturer, in order to pay for apps and other digital goods on the mobile terminal so that the acquisition of such goods may be invoiced in future, for example to a credit card. For the use of online services (such as the server-based storage of photos), it is common to provide an app that allows access to the centrally stored data from the mobile device. To this end the user name and password are stored to this app.
US 2009/0 234 751 A1 discloses an electronic wallet for a wireless mobile device, and a method of operating the electronic wallet. In an embodiment, the electronic wallet comprises wallet invocation means responsive to an external trigger originating externally from the wallet; user authentication means for authenticating the user of the electronic wallet upon invocation of the wallet by the external trigger; and means for returning card information stored in the wallet in dependence upon a form specified by the external trigger invoking the wallet. The external trigger may be a webpage accessed via an Internet web browser on the wireless mobile device, the webpage having a wallet trigger instruction embedded therein. The wallet trigger instruction may be an extension embedded into the header of the webpage accessed via the Internet web browser. The webpage may further include field ID tags mapping specific data fields in the wallet to form input fields provided in the webpage.
WO 2006/085 805 A1 is concerned with a method for performing electronic transactions in a network comprising a mobile subscriber terminal with a digital wallet and a browser, a server for the management of the transactions and a content provider. In the method, the subscriber selects a service and sends an order request to the content provider. As a reply, the content provider sends a transaction order form to the mobile subscriber. The subscriber then confirms the transaction and sends the transaction order form to the browser. The browser reads information needed for the transaction form from the digital wallet and fills in the order form with the read transaction data. The completed form is then sent to the server, which converts the completed form into a standardized transaction format. The content provider processes the completed order form and sends it to the content provider, who replies to the subscriber.
US 2012/0 123 868 A1 describes system for dynamically adjusting the wireless data emulation used by a portable communication device based on its geo-location. The system determines a geo-location of the portable communication device by transmitting the current geo-location data using a most appropriate channel to a server; receiving data regarding payment systems potentially co-located with the portable communication device; and configuring a payment system in the portable communication device with the data formats and other wireless point of sale data specific to payment system potentially co-located with the device.
US 2012/0 166 337 A1 shows a near field communication (NFC) terminal for performing secure payment that includes an NFC unit and a control unit. The NFC unit communicates with an external payment terminal and the payment unit transmits results obtained by processing transaction information and an electronic signature value of the transaction information to the payment terminal using the NFC unit. The payment terminal requests an external payment server to perform payment. An authentication certificate applet included in the payment unit generates the electronic signature of the transaction information. An electronic wallet applet included in the payment unit transmits the results obtained by processing the transaction information and the electronic signature value to the payment terminal.
US 2012/0 130 839 A1 describes techniques for managing modules or applications installed in the mobile device. To provide authentic and secure transactions with another device, each of the installed applications is provisioned with a server through data communication capability in a mobile device. A provisioned application is associated with the personalized security element of the mobile device and works with a set of keys that are generated in accordance with a key set from the personalized secure element. Further, management of controlling an installed application is described.
WO 2012/021 864 A2 shows a phone-based electronic wallet providing authenticated transactions across multiple channels of commerce. The electronic wallet may be used for point-of-sale payments, remote mobile payments and/or web-based payments, and may use authentication tools such as offline PINs, SecureCode PINs and/or online PINs.
Further state of the art is to be found in Erika Chin et al. “Analyzing inter-application communication in Android”, MOBISYS, 11, ACM, US, 28 Jun. 2011, pages 239-252, XP058004575, DOI: 10.1145/1999995.2000018 ISBN: 978-1-4503-0643-0.