System and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card

Assignee

• Visa International Service Association · US

Inventors

• Alfred Chan · Daly City, US
• Marc Kekicheff · Foster City, US
• Joel M. Weise · Burlingame, US
• David Wentker · San Francisco, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2153
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A system and method allow card issuers to securely add applications during the lifetime of the card after the card has already been issued (post issuance). Loading of an application and/or objects from an application server via a card acceptance device (and its supporting system infrastructure delivery mechanism) onto a card post issuance is performed in a secure and confidential manner. A smart card includes a card domain application that manages the card. Any number of security domain applications on the card provide security for loaded applications by managing keys; each application is associated with a security domain. Each of the card domain and security domains has a command interface for off-card communication, and an API for internal card use. The card life cycle includes the states of masked, initialized, load secured and blocked. An application life cycle includes the states of not available, loaded, installed, registered, personalized, activated and blocked. An application can block the card.