Memory device with secure boot updates and self recovery
US-2024406008-A1 · Dec 5, 2024 · US
Over-the-air-provisioning of application library
US9753719B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9753719-B2 |
| Application number | US-201514982923-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 29, 2015 |
| Priority date | Dec 29, 2014 |
| Publication date | Sep 5, 2017 |
| Grant date | Sep 5, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques for updating an application installed on a communication device may include determining that an update for a private portion of the application is available at a server, sending a request for the update to the server, receiving an updated version of the private portion from the server, and installing the updated version of the private portion on the portable communication device without updating the public portion.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for updating a mobile application installed on a portable communication device, wherein the mobile application includes a public portion and a private portion, the method comprising: determining, by the mobile application, that an update for the private portion is available at a server; sending a request for the update to the server, the request including a current private portion identifier associated with a current version of the private portion installed on the portable communication device, wherein the current private portion identifier and a current transport key are embedded in the current version of the private portion installed on the portable communication device; receiving an updated version of the private portion from the server that is encrypted using the current transport key; decrypting the updated version of the private portion using the current transport key embedded in the current version of the private portion installed on the portable communication device, wherein an updated transport key and an updated private portion identifier are embedded in the updated version of the private portion, and wherein the updated private portion identifier is associated with the updated version of the private portion; installing the updated version of the private portion on the portable communication device without updating the public portion; subsequent to installing the updated private portion: sending a request to the server for sensitive data, the request including the updated private portion identifier associated with the updated version of the private portion; receiving the sensitive data encrypted using the updated transport key embedded in the updated version of the private portion; and decrypting the sensitive data using the updated transport key, wherein decrypting the sensitive data using the updated transport key comprises: generating a derived key using the updated transport key and a key derivation seed received from the server; and decrypting the sensitive data with the derived key. 2. The method of claim 1 , wherein the sensitive data is received in a message that includes a header and a payload containing the sensitive data, and decrypting the sensitive data using the updated transport key comprises: generating a one-time key by encrypting the header with the updated transport key; and decrypting the sensitive data with the one-time key. 3. The method of claim 1 , wherein determining, by the mobile application, that an update for the private portion is available at the server comprises: receiving, by the mobile application, a message notifying that the update for the private portion is available. 4. The method of claim 1 , wherein the current version of the private portion is obfuscated using a first obfuscation seed, and the updated version of the private portion is obfuscated using a second obfuscation seed that is different than the first obfuscation seed. 5. The method of claim 1 , wherein the public portion is written in a first programming language, and the private portion is written in a second programming language that is different than the first programming language. 6. A portable communication device comprising: a processor; and a memory coupled to the processor, the memory storing instructions, which when executed by the processor, cause the portable communication device to perform operations including: determining that an update for a private portion of a mobile application installed on the portable communication device is available at a server; sending a request for the update to the server, the request including a current private portion identifier associated with a current version of the private portion installed on the portable communication device, wherein the current private portion identifier and a current transport key are embedded in the current version of the private portion installed on the portable communication device; receiving an updated version of the private portion from the server that is encrypted using the current transport key; decrypting the updated version of the private portion using the current transport key embedded in the current version of the private portion installed on the portable communication device, wherein an updated transport key and an updated private portion identifier are embedded in the updated version of the private portion, and wherein the updated private portion identifier is associated with the updated version of the private portion; installing the updated version of the private portion without updating a public portion of the mobile application; subsequent to installing the updated private portion: sending a request to the server for sensitive data, the request including the updated private portion identifier associated with the updated version of the private portion; receiving the sensitive data encrypted using the updated transport key embedded in the updated version of the private portion; and decrypting the sensitive data using the updated transport key, wherein decrypting the sensitive data using the updated transport key comprises: generating a derived key using the updated transport key and a key derivation seed received from the server; and decrypting the sensitive data with the derived key. 7. The portable communication device of claim 6 , wherein the sensitive data is received in a message that includes a header and a payload containing the sensitive data, and wherein the operation of decrypting the sensitive data using the updated transport key comprises: generating a one-time key by encrypting the header with the updated transport key; and decrypting the sensitive data with the one-time key. 8. The portable communication device of claim 6 , wherein the operation of determining that an update for the private portion is available at the server comprises: contacting the server to verify whether the mobile application is up-to-date. 9. The portable communication device of claim 6 , wherein the operation of determining that an update for the private portion is available at the server comprises: receiving a message notifying that the update for the private portion is available. 10. The portable communication device of claim 6 , wherein the current version of the private portion is obfuscated using a first obfuscation seed, and the updated version of the private portion is obfuscated using a second obfuscation seed that is different than the first obfuscation seed. 11. The portable communication device of claim 6 , wherein the public portion is written in a first programming language, and the private portion is written in a second programming language that is different than the first programming language. 12. The portable communication device of claim 6 , wherein the sensitive data includes a token, and wherein the operations further include: using, by the mobile application, the token to conduct a transaction. 13. A server for providing an update to a mobile application installed on a portable communication device, wherein the mobile application includes a public portion and a private portion, the server comprising: a processor; and a memory coupled to the processor, the memory storing instructions, which when executed by the processor, cause the server to perform operations including: receiving a request for an update to the private portion of the mobile application from the portable communication device, the request including a current private portion identifier associated with a current version of the private portion installed on the portable communication device, wherein the current private por
Assignees
Inventors
Classifications
- G06F8/65Primary
Updates (security arrangements therefor G06F21/57) · CPC title
Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII] · CPC title
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
Detection or prevention of fraud · CPC title
Subscription-based services using application servers or record carriers, e.g. SIM application toolkits · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9753719B2 cover?
- Techniques for updating an application installed on a communication device may include determining that an update for a private portion of the application is available at a server, sending a request for the update to the server, receiving an updated version of the private portion from the server, and installing the updated version of the private portion on the portable communication device with…
- Who is the assignee on this patent?
- Visa Int Service Ass
- What technology area does this patent fall under?
- Primary CPC classification G06F8/65. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Sep 05 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).