Abstract: The invention relates to a method for authenticating to a mobile network. According to the invention, the method comprises the following steps. A device activates only a first temporary subscription identifier. The device sends to a first server the first temporary subscription identifier and first data. The first server sends to the device a first result message including an authentication failure based upon the first data. The device activates only a second temporary subscription identifier. The device sends to the first server the second temporary subscription identifier and second data. And the first server sends to the device a second result message including an authentication success based upon the associated first and second temporary subscription identifiers and the second data. The invention also relates to corresponding device and system and a server for authenticating devices to a mobile network.

Abstract: The invention concerns a method for managing content on a secure element connected to an equipment, this content being managed on the secure element from a distant administrative platform. According to the invention, the method consists in: establishing, at the level of the administrative platform a secure channel between the equipment and the administrative platform, thanks to session keys generated by the secure element and transmitted to the equipment; transmitting to the administrative platform a request to manage content of the secure element; and verifying at the level of the administrative platform that this request originates from the same secure element that has generated the session keys and, if positive, authorizing the management and, if negative, forbid this management.

Abstract: The invention relates to a method for authenticating to a mobile network. According to the invention, the method comprises the following steps. A device activates only a first temporary subscription identifier. The device sends to a first server the first temporary subscription identifier and first data. The first server sends to the device a first result message including an authentication failure based upon the first data. The device activates only a second temporary subscription identifier. The device sends to the first server the second temporary subscription identifier and second data. And the first server sends to the device a second result message including an authentication success based upon the associated first and second temporary subscription identifiers and the second data. The invention also relates to corresponding device and system and a server for authenticating devices to a mobile network.

Abstract: The invention relates to a system for managing multiple subscriptions in a UICC, this system comprising a central server able to manage subscriptions stored on a UICC comprised in a mobile terminal in the field, at the request of a subscriber of one of these subscriptions.

Abstract: The invention proposes several improvements related to the management of secure elements, like UICCs embedding Sim applications, these secure elements being installed, fixedly or not, in terminals, like for example mobile phones. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.

Abstract: A remote server is connected to at least one energy box, each energy box being connected to at least one energy consuming device, and each energy box being connected to a metering device. The remote server sends to the energy box a transaction demand. The energy box sends to at least one energy consuming device an energy consumption reduction request. The metering device measures energy consumption of the energy consuming device. The metering device sends to the energy box the measured energy consumption. The energy box verifies whether the demanded transaction has been carried out based upon at least one test, the test depending on at least one measured energy consumption. If the demanded transaction has been carried out, the energy box sends to a remote server a transaction response.

Abstract: The invention proposes several improvements related to the management of secure elements, like UICCs embedding Sim applications, these secure elements being installed, fixedly or not, in terminals, like for example mobile phones. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.

Abstract: The present invention relates to a method for downloading a subscription from an operator to a UICC embedded in a terminal. The method includes transmitting from the terminal, to a platform, an identifier and a request for downloading the subscription; verifying in the platform that the terminal is authorized to download the subscription by verifying the rights of the terminal in accordance with its identifier; and downloading the subscription to the UICC if the rights are confirmed and, otherwise, refusing to download the subscription.

Abstract: The invention proposes several improvements related to the management of secure elements, like UICCs embedding Sim applications, these secure elements being installed, fixedly or not, in terminals, like for example mobile phones. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.

Abstract: The invention relates to a method for personalizing an electronic device using an encryption device adaptable to standard certified apparatuses. The encryption device makes it possible to ensure the confidentiality of the transfer of a secret code from the user to a possible personalization server.

Abstract: The invention proposes several improvements related to the management of secure elements, like UICCs embedding Sim applications, these secure elements being installed, fixedly or not, in terminals, like for example mobile phones. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.

Abstract: A remote server is connected to at least one energy box, each energy box being connected to at least one energy consuming device, and each energy box being connected to a metering device. The remote server sends to the energy box a transaction demand. The energy box sends to at least one energy consuming device an energy consumption reduction request. The metering device measures energy consumption of the energy consuming device. The metering device sends to the energy box the measured energy consumption. The energy box verifies whether the demanded transaction has been carried out based upon at least one test, the test depending on at least one measured energy consumption. If the demanded transaction has been carried out, the energy box sends to a remote server a transaction response.

Abstract: The invention relates to a security token comprising a communication interface adapted to communicate with a host computer; a security module, comprising encryption based security features; and a non volatile memory storing at least an application to be uploaded and executed in a host computer. The application makes use of the security features when executed in a host computer in communication with the communication interface. The security token is adapted to modify the content of the application as uploaded or its execution parameters at successive connections of the security token to a host computer.

Abstract: The present invention relates to a method for establishing secure history and audit of an integrated circuit card comprising an audit register, for property hand-over, which includes the following steps: storing in the audit register of said integrated circuit card remote actions performed on said integrated circuit card; computing a hash function of the content of said audit register of said integrated circuit card and remote actions content, and storing the result of said hash function in said audit register of said integrated circuit card; storing on a remote server an audit log of remote actions performed on said integrated circuit card; and verifying the integrity of said audit log stored on said remote server by comparing the content of said audit register of said integrated circuit card and the result of a computed hash function of said audit log.

Abstract: The invention relates to a system for managing multiple subscriptions in a UICC, this system comprising a central server able to manage subscriptions stored on a UICC comprised in a mobile terminal in the field, at the request of a subscriber of one of these subscriptions.

Abstract: A method for executing an application compiled in intermediate code on a portable digital appliance equipped with a virtual executing machine for interpreting the intermediate code. The method includes a step of applying a secure execution mode wherein the interpretation of the intermediate code by the virtual machine includes the following steps: for each item of data the code handled for execution of an arithmetic and/or logical operation defined by the code, generating control data, related to the data of the code via a predetermined function; in parallel with the execution of the operation, executing a control operation related to the operation defined by the code via the predetermined function, and acting on the control data.

Abstract: The present invention relates to a method for downloading a subscription from an operator to a UICC embedded in a terminal. The method includes transmitting from the terminal, to a platform, an identifier and a request for downloading the subscription; verifying in the platform that the terminal is authorized to download the subscription by verifying the rights of the terminal in accordance with its identifier; and downloading the subscription to the UICC if the rights are confirmed and, otherwise, refusing to download the subscription.

Abstract: The invention concerns a method for managing content on a secure element connected to an equipment, this content being managed on the secure element from a distant administrative platform. According to the invention, the method consists in: establishing, at the level of the administrative platform a secure channel between the equipment and the administrative platform, thanks to session keys generated by the secure element and transmitted to the equipment; transmitting to the administrative platform a request to manage content of the secure element; and verifying at the level of the administrative platform that this request originates from the same secure element that has generated the session keys and, if positive, authorizing the management and, if negative, forbid this management.

Abstract: A method for preventing secret code manipulation in a data processing device, such as a smart card, to which a presented code is applied. Prior to implementation of a code transforming function in the processing device, the secret code is transformed into a transformed secret code in the card. For each use of the card, the presented code is transformed into a transformed presented code in accordance with the implemented transformation function. A comparison of the transformed secret code with the transformed secret code in the card is then performed.

Abstract: The invention relates to a method for personalizing an electronic device using an encryption device adaptable to standard certified apparatuses. The encryption device makes it possible to ensure the confidentiality of the transfer of a secret code from the user to a possible personalization server.