Patent Reveals Plans for using Apple Pay's Secure Element in a Future e-Passport App
Earlier today Patently Apple posted a patent report titled "Apple invents a new Approach to Touch ID by using Multiple Cameras under the Display to capture 3D Fingerprint Data." The report noted that although Apple had introduced Face ID with iPhone X last year and plans to extend that biometric feature to more iPhones and perhaps even a top end iPad, Apple may decide to use under the display Touch ID for other iPhone models, iDevices or Macs. This would provide users and developers with a choice of biometrics in the future.
The timing of that patent was just right as a second patent published today covers the possible introduction of the iPhone acting as your future e-Passport that clearly points to fingerprint ID as a part of such a system that also may include voice and facial recognition and other biometric measures.
Apple notes in their filing that various governments are now issuing various forms of identification that are capable of storing identification information that can be used to authenticate a user.
Traditional e-Passports contain a specialized chip but do not include biometrics as presented by the Canadian government for example. Click the image below to enlarge the image to help you better see where it points out that no biometrics are currently used in the ePassport.
For example, modern passports (called e-Passports) may include an electronic chip that stores a passport holder's name, date of birth, and other forms of information.
When a person is passing through customs, the person may present the passport to a customs officer, who places the passport on a reader to extract information stored in the passport. Upon verifying the information printed on the passport against the internally stored information, the officer may confirm the identity of the holder and allow the holder passage through customs.
The advantage to next-generation e-Passports is that they will contain various biometric measures. Fingerprinting is the most common biometric on smartphones and is likely to be the primary biometric for that reason alone.
Lastly before diving into today's patent filing, it's interesting to note that three of the inventors of this patent work as Apple Pay engineers. That makes sense since the biometrics information for e-Passports take advantage of the same "secure element" stored on iPhones today supporting Apple Pay.
Apple's patent FIG. 1 below is a block diagram illustrating one embodiment of system for authenticating a user with a mobile device; FIG. 2 is a block diagram illustrating one embodiment of the mobile device.
In various embodiments, the mobile device may receive authorization to store the identification information captured in an enrollment process with the authority that issued the identification document.
In some embodiments, this process may include the mobile device using the short-range communication interface to read information stored in circuitry included in the identification document--e.g., identification information stored in a radio-frequency identification (RFID) tag embedded in a passport.
Apple Pay's Secure Element used for Future e-Password App
Apple highlights the secure element in patent FIG. 1 which may issue a request to the authority for permission to store the identification information, the request specifying at least portion of the read information--e.g., a passport number. The authority may then validate the request and permit the secure element to store the information, which may be signed by the authority in order to ensure validity of the information. In some embodiments, the enrollment process also includes the secure element generating a public-key pair and issuing a certificate signing request (CSR) to the authority in order to receive a corresponding digital certificate and register the public-key pair with the authority.
In some embodiments, the CSR is signed by a trusted key, which is stored in the secure element during fabrication and may be a certified private key having its own certificate signed by a trusted authority attesting to the validity of the stored key. In various embodiments, once the certificate has been issued for the newly generated key pair, the private key of the pair may be used to generate digital signatures to authenticate a user in lieu of a private key stored in circuitry of the identification document.
In some embodiments, the mobile device may perform an authentication that includes the secure element confirming whether a holder of an identification document has an attribute satisfying some criterion without providing that attribute (or at least providing some information about that attribute without providing all information about that attribute).
For example, in one embodiment, a person may be attempting to purchase an item that requires the merchant to confirm whether an age of the person satisfies some threshold value. In such an embodiment, rather than having the user present the identification document (e.g., a driver license), the reader of the merchant may ask the secure element to confirm whether the user of the mobile device is old enough to purchase the item. Based on a stored date of birth and a successful authentication of the user (e.g., via a biosensor), the secure element may then answer in the affirmative or the negative (as opposed to actually communicating the user's age or date of birth). In doing so, the mobile device is able to protect a user's identification information, yet still adequately answer the merchant's inquiry.
Biometrics
In some embodiments, the biosensor #138 is used to authenticate a user of a mobile device. The biosensor corresponds to any suitable sensor configured to detect biometric data for a user of mobile device which includes a finger print sensor that captures fingerprint data from the user.
In some embodiments, other types of biometric data may be captured by sensor 260A such as voice recognition (identifying the particular user's voice), facial recognition; iris scanning, etc.
And lastly, while the ePassport is the main focus of this invention, Apple does note that it could also apply to future driving licenses, government issued ID, student ID and more.
Apple's patent application 20180225662 was filed back in March 2018. Considering that this is a patent application, the timing of such a product to market is unknown at this time.
Inventors
Some of the inventors listed on today's patent for a future e-Passport include:
Franck Rakotomalala: Mobile Payment Engineer (Apple Pay)
Ahmer Khan: Sr. Architect, Apple Pay
Matthias Lerch: Wireless Software Architect. He came to Apple via INSIDE Secure as a mobile payment solutions architect.
Herve Sibert: Security and Fraud Engineer who came to Apple via STMicroelectronics.
Oren Elrad: Senior Embedded Security Engineer
Patently Apple presents a detailed summary of patent applications and/or granted patents with associated graphics for journalistic news purposes as each such patent application is revealed by the U.S. Patent & Trade Office. Readers are cautioned that the full text of any patent application should be read in its entirety for full and accurate details. About Making Comments on our Site: Patently Apple reserves the right to post, dismiss or edit any comments. Those using abusive language or negative behavior will result in being blacklisted on Disqus.
Comments