Traditionally, payment and/or ticketing applications have been residing on a secure chip embedded onto a credit card size plastic smartcard.
More recently, when contactless payment/ticketing have become more common, one has begun to install secure chips containing payment instruments and/or public transportation tickets into mobile phones. In one implementation a mobile device comprises a smartcard module and a near field communication module, which may be a radio frequency identification (RFID) module. The smartcard module is a secure element which contains the required secure element application, e.g. the payment/ticketing application. The secure element application may be started by a user or automatically based on the context and/or location of the mobile device. For example, if the mobile device is located in the area of a point of sales terminal, the secure element application can automatically start. The near field communication module will be activated and subsequently a contactless payment transaction can be carried out.
Now that secure elements containing secure element applications are installed into mobile phones this enables a convenient feature, namely a possibility to enable a user interface for providing a user of the phone with means to observe and control various applications stored in the secure element. The user interface of the mobile device can be used as a user interface for the secure element. Typically, this requires two applications: a first application (the secure element application) installed in the secure element to provide the security critical functionality, and a second application (user interface application) installed into the mobile phone to provide the user interface and to control the first application in case an appropriate security level is provided. Having two distinct applications to provide the total functionality introduces a risk of those two getting out of sync thereby destroying proper operation.
In other words, whenever a situation arises in which the mobile device for some reason does not have the required counterpart application (user interface application) the user interface functionality will be disabled. This may occur, e.g., when the secure element is changed from one mobile device to another (if the latter does not contain the required application) or when the software of the phone is being updated.