Browse Prior Art Database

Method and System for Authorizing Payments Between Applications Executing in the NFC Trusted Execution Environment Disclosure Number: IPCOM000235561D
Publication Date: 2014-Mar-10

Publishing Venue

The Prior Art Database


The article describes a method for improving participation of Near Field Communication (NFC) Trusted Execution Environment (TEE) based applications in secure e-commerce. The article describes a method for allowing TEE based applications to use each others application balance so that transactions can occur for an application, even if the user has insufficient application balance. The article describes an implementation using the OAuth protocol.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 37% of the total text.

Page 01 of 12

Method and System for Authorizing Payments Between Applications Executing in the NFC Trusted Execution Environment

Near Field Communication (NFC) [1] enabled mobile devices have the capabilities for allowing secure e-commerce. The core capability that allows secure e-commerce is the NFC Trusted Execution Environment (TEE) [2]. The TEE typically is running in the Secure Element (SE) on the mobile Subscriber Identity Module (SIM), although it may run in a SD card or similar. The TEE provides security controls to allow applications to run in an environment that is highly trusted. This is shown in Figure 1. In addition to the application, often data is securely stored. For example, a transport application may store a balance that can be used for paying for public transport. The advancement of this TEE is crucial for mobile wallets and NFC payment implementations.


Page 02 of 12


Page 03 of 12

Figure 1: Secure Element with Trusted Execution Environment

The secure protocol that allows applications and data to be loaded and updated to the NFC mobile phone TEE is well known and described in the Global Platform Standards [3]. This protocol is assumed to be in place, and outside the scope of this design. The assumption is that only an authentic application can be delivered to the TEE.

NFC also provides the technology for short range secure communication. That is, it provides an additional interface for the phone, so that it can communicate securely with an NFC reader. Typically the phone is brought next to an NFC reader (within 10 cms), which initiates execution of an application within the TEE. This is shown in Figure 2. The NFC reader is usually placed at a convenient location for the user, so that they can identify it (using the NFC trademarked symbol as shown), and bring their NFC enabled phone within range of it. An example is at the movie cinema. A movie poster may contain an NFC reader, such that it will launch a movie application on the user's NFC phone, when the user brings their phone up to the poster. This may allow the user to purchase a movie ticket on the spot.


Page 04 of 12


Page 05 of 12

One limitation of NFC TEE applications for e-commerce, is that the method for updating an application balance is not always convenient. Typically a user will need to go to a web site, or a special terminal in limited places, to update their balance. Taking the movie cinema scenario further. The user will need to go to the movie company web site, provide their credit card details, and then update their balance. This will then get communicated to the NFC TEE on the user's mobile. It is certainly not a convenient process for updating
their balance at the time of purchase. This may discourage the user from making a purchase.

To provide a seamless experience for the user using a NFC TEE application, the requirement is for a method for giving the user an alternative option for paying for the service at the point of sale. The proposed solutio...