Search

EP-4738159-A1 - SECURE ELEMENT AND METHOD OF OPERATING THE SAME

EP4738159A1EP 4738159 A1EP4738159 A1EP 4738159A1EP-4738159-A1

Abstract

In accordance with a first aspect of the present disclosure, a secure element is provided, comprising: a first physical communication interface; a second physical communication interface; a processing unit configured to perform a first authentication process with a first user through the first physical communication interface and to perform a second authentication process with a second user through the second physical communication interface. In accordance with further aspects of the present disclosure, a corresponding method of operating a secure element is conceived, and a corresponding computer program is provided.

Inventors

  • Kramer, Torsten Joachim

Assignees

  • NXP B.V.

Dates

Publication Date
20260506
Application Date
20241105

Claims (15)

  1. A secure element, comprising: a first physical communication interface; a second physical communication interface; a processing unit configured to perform a first authentication process with a first user through the first physical communication interface and to perform a second authentication process with a second user through the second physical communication interface.
  2. The secure element of claim 1, wherein the second physical communication interface is a wireless interface.
  3. The secure element of claim 1 or 2, wherein the second physical communication interface is a short range communication interface.
  4. The secure element of claim 3, wherein the short range communication interface is a near field communication, NFC, communication interface or an ultra-wideband, UWB, communication interface.
  5. The secure element of any preceding claim, being implemented as a single integrated circuit.
  6. The secure element of any preceding claim, wherein the processing unit is configured to allow access to a predefined set of protected data and/or protected functions upon or after successful authentication results output by both the first authentication process and the second authentication process.
  7. The secure element of any preceding claim, wherein the processing unit is configured to perform the first authentication process and the second authentication process during a single authentication session.
  8. The secure element of claim 7, wherein the single authentication session is a session during which no power cycle or chip reset is performed by the secure element.
  9. The secure element of any preceding claim, wherein the processing unit is implemented as firmware.
  10. The secure element of any preceding claim, wherein the first authentication process uses one or more first authentication parameters, wherein the second authentication process uses one or more second authentication parameters, and wherein the first authentication parameters are different from the second authentication parameters.
  11. An electronic device comprising the secure element of any preceding claim.
  12. A method of operating a secure element, comprising: communicating, by a processing unit included in the secure element, with a first user through a first physical communication interface included in the secure element; communicating, by the processing unit, with a second user through a second physical communication interface included in the secure element; performing, by the processing unit, a first authentication process with the first user through the first physical communication interface and a second authentication process with the second user through the second physical communication interface.
  13. The method of claim 12, wherein the processing unit allows access to a predefined set of protected data and/or protected functions upon or after successful authentication results obtained from both the first authentication process and the second authentication process.
  14. The method of claim 12 or 13, wherein the processing unit performs the first authentication process and the second authentication process during a single authentication session.
  15. A computer program comprising executable instructions which, when executed by a processing unit included in a secure element, cause said processing unit to: communicate with a first user through a first physical communication interface included in the secure element; communicate with a second user through a second physical communication interface included in the secure element; perform a first authentication process with the first user through the first physical communication interface and a second authentication process with the second user through the second physical communication interface.

Description

TECHNICAL FIELD The present disclosure relates to a secure element. Furthermore, the present disclosure relates to a corresponding method of operating a secure element, and to a corresponding computer program. BACKGROUND Many electronic devices, such as mobile phones and tablets, may contain data and functions that should be protected. For example, electronic commerce depends upon secure operation of many devices, used in smart homes, communication applications or used as smart gadgets or mobile phones. In such a case, it is important that that the maintenance of such devices (e.g., the firmware update) is operated in a secure manner, so that no third party (e.g., a hacker) is able to attack the secure communication and operation of such devices. SUMMARY In accordance with a first aspect of the present disclosure, a secure element is provided, comprising: a first physical communication interface; a second physical communication interface; a processing unit configured to perform a first authentication process with a first user through the first physical communication interface and to perform a second authentication process with a second user through the second physical communication interface. In one or more embodiments, the second physical communication interface is a wireless interface. In one or more embodiments, the second physical communication interface is a short range communication interface. In one or more embodiments, the short range communication interface is a near field communication (NFC) communication interface or an ultra-wideband (UWB) communication interface. In one or more embodiments, the secure element is implemented as a single integrated circuit. In one or more embodiments, the processing unit is configured to allow access to a predefined set of protected data and/or protected functions upon or after successful authentication results output by both the first authentication process and the second authentication process. In one or more embodiments, the processing unit is configured to perform the first authentication process and the second authentication process during a single authentication session. In one or more embodiments, the single authentication session is a session during which no power cycle or chip reset is performed by the secure element. In one or more embodiments, the processing unit is implemented as firmware. In one or more embodiments, the first authentication process uses one or more first authentication parameters, the second authentication process uses one or more second authentication parameters, and the first authentication parameters are different from the second authentication parameters. In one or more embodiments, an electronic device comprises a secure element of the kind set forth. In accordance with a second aspect of the present disclosure, a method of operating a secure element is conceived, comprising: communicating, by a processing unit included in the secure element, with a first user through a first physical communication interface included in the secure element; communicating, by the processing unit, with a second user through a second physical communication interface included in the secure element; performing, by the processing unit, a first authentication process with the first user through the first physical communication interface and a second authentication process with the second user through the second physical communication interface. In one or more embodiments, the processing unit allows access to a predefined set of protected data and/or protected functions upon or after successful authentication results obtained from both the first authentication process and the second authentication process. In one or more embodiments, the processing unit performs the first authentication process and the second authentication process during a single authentication session. In accordance with a third aspect of the present disclosure, a computer program is provided, comprising executable instructions which, when executed by a processing unit included in a secure element, cause said processing unit to: communicate with a first user through a first physical communication interface included in the secure element; communicate with a second user through a second physical communication interface included in the secure element; perform a first authentication process with the first user through the first physical communication interface and a second authentication process with the second user through the second physical communication interface. DESCRIPTION OF DRAWINGS Embodiments will be described in more detail with reference to the appended drawings. Fig. 1 shows an example of an electronic device.Fig. 2 shows an illustrative embodiment of a secure element.Fig. 3 shows an illustrative embodiment of a method of operating a secure element.Fig. 4 shows an illustrative embodiment of an electronic device.Fig. 5 shows an illustrative embodiment of a secure element. DESC