Provided is an information processing apparatus including an access control unit configured to control access from an application to a common file system accessible from a plurality of applications. The access control unit in a case where contact communication is performed with respect to an external processor, controls access by using first identification information for specifying an application, the first identification information being associated with each of the plurality of applications, and in a case where contactless communication is performed via a contactless communication device capable of performing contactless communication with an external device, controls access by using second identification information for specifying an application related to contactless communication, the second identification information being associated with at least one application among the plurality of applications.

A user device configured to connect to a mobile telephony network and associated with an identification number in the mobile telephony network. The user device selects a method of paying for the shopping basket on a first page of the merchant server; upon selection, the user device sends a payment request to a payment validation module, which is enriched with identification data of the user device; the user device receives a local authentication request message from the payment validation module over the mobile telephony network; on receiving the local authentication request message, the user device triggers execution of an operation of locally authenticating a user of the user device; the user device sends a local authentication response message to the payment validation module; and the user device is redirected by the payment validation module to a second page of the merchant server giving the result of the payment transaction.

A mobile payment apparatus includes a communication unit configured to exchange payment information with a communication peer end using a radio link, a memory configured to store mobile payment software, a SE, including a first storage module and a processor, and at least one CPU configured to execute general operating system software. The processor is configured to load the mobile payment software from the memory to the first storage module and exchange the payment information with the communication unit under action of the mobile payment software. The first storage module is configured to provide memory space for executing the mobile payment software for the processor. The SE and the at least one CPU are located in a first semiconductor chip.

A method for implementing a transaction from a mobile terminal, which includes a data-processing module and a security element on which a plurality of transaction modules are stored. Each transaction module is associated with an electronic card and suitable for authorizing a transaction on behalf of the electronic card when activated upon presentation of an associated confidential code. The method includes the security element: (a) receiving a transaction request targeting one transaction module of the plurality of transaction modules; (b) receiving, by an authentication module also stored on the security element, a unique valid authentication code obtained via an interface of the terminal, the authentication module storing the confidential codes associated with each of the transaction modules, and being itself capable of being activated upon presenting the authentication code; (c) activating the targeted transaction module by the authentication module, and transmitting a transaction authorization in response to the transaction request.

The present invention concerns the field of the emulation of contactless payment cards and more particularly the routing of the contactless communication within a device comprising several contactless payment card emulation circuits. The invention proposes a method for routing messages within an NFC controller. This controller has a table of the various applications hosted by the various secure elements. When the controller receives a request for the list of applications contained in the virtual payment card, it intercepts this request and responds with the list of the various applications accessible on the various secure elements. When a request aimed at selecting an application is received, the controller stores the secure element concerned and redirects all the messages to this element as long as it does not receive any new selection request.

According to an embodiment, there is provided a method for authorizing use of an application on a device. The method includes: identifying a plurality of device identifiers of the device; determining authorization information based on predetermined one or more of the plurality of device identifiers; and determining authorization for use of the application on the device in response to the authorization information.

The present invention relates to an electronic payment means activating method and an activating server thereof. In the electronic payment means activating method, a usage approval of the inactive electronic payment means is requested by using first identification information of the inactive electronic payment means and personal user information of the user terminal, the first identification information is authenticated to determine usage approval of the active electronic payment means, a class of a user is detected by using the personal user information, a first parameter value corresponding to the detected class of the user and a usage approval message are provided to the user terminal, the first parameter value is established in the user terminal, the electronic payment means is activated, and a fare according to the first parameter value is paid by the electronic payment means.

An electronic device may attempt to provision an unprovisioned credential, such as a payment instrument, by providing a message with information specifying the unprovisioned credential to a first computer. This first computer may be associated with a first region in which: a first provisioned credential of a user is supported, the user has registered, and the user can conduct transactions based on the first provisioned credential. However, the unprovisioned credential may be supported in or otherwise associated with a second region. Consequently, the electronic device may receive, from the first computer, redirect information that specifies a second computer associated with the second region. In response, the electronic device can provide the message to the second computer. Further, the electronic device can communicate provisioning information for the unprovisioned credential with the second computer, so the credential can be provisioned.

The invention in particular relates to the execution control of protected internal functions and applications embedded in a mobile terminal microcircuit card. The control of a protected internal function is directly carried out in the microcircuit card. After having detected (400) a command for placing the card on standby, on the basis of an item of information received from a mobile terminal into which is connected the card, at least one indication relative to the execution of the protected internal function is analyzed (415). If the protected internal function is liable to be affected by the execution of the command for placing on standby, the execution of the command for placing on standby is deferred (410).

Systems, methods, and computer program products are provided for managing data re-installation including service re-installation. A re-installation procedure re-installs and optionally activates data at least partially installed on a secure element without intervention middleware to repair a personalization procedure failure. Thus, personalization data on a secure element (SE) may be comprehensively managed by interfacing between one of a plurality of service provider (SP) trusted service managers (TSM) and a central trusted service manager (central TSM). The processing time required to manage the re-installation procedure is minimized.