Abstract: A system includes a first computer system (FCS) configured to receive an authentication request of a user with respect to the first authentication system (FAS), and communicate an unsuccessful authentication attempt. In response, a bridge computer system (BCS), is configured to request a user ID and receive at least the user ID; identify an address of a second computer system (SCS) based on the user ID; and initiate the second authentication system (SAS) using the address. The SCS, if the user has been successfully authenticated with respect to the SAS, is configured to communicate successful authentication to the BCS; and in response, the BCS is configured to send the FAS a confirmation message, and the FCS is configured to treat the user as authenticated.

Abstract: In order to increase the security of value or security documents 100, a multi-luminescent security element 400 is provided which contains at least one first luminescence means 510 and at least one second luminescence means 520. The first luminescence means 510 can be excited under first excitation conditions Sp-1 for the purpose of luminescence, and the second luminescence means 520 can be excited under second excitation conditions Sp-2 for the purpose of luminescence, said second excitation conditions Sp-2 differing from the first excitation conditions Sp-1. The multi-luminescent security element 400 is additionally equipped with at least one absorber means 600 which prevents an excitation of the at least one first luminescence means 510 under the second excitation conditions Sp-2 for the purpose of luminescence.

Abstract: A method for providing and checking the validity of a virtual document on a first computer system is disclosed. The virtual document is provided by means of a mobile second computer system for a first computer system. The method includes receiving a password-protected storage address of a first database at which the virtual document can be read, reading the virtual document, displaying the virtual document on a display of the first computer system, receiving a unique second identifier of the mobile second computer system, calculating a third identifier using the received second identifier and a hash value of the virtual document, identifying the database entry of the second database in which a first identifier of a first pairing consisting of the mobile second computer system and the first virtual document is stored, comparing the calculated third identifier with the first identifier stored in the identifier database entry.

Abstract: A method for issuing a virtual document by a first computer system of an issuer, includes creating the virtual document; calculating a hash value of the virtual document; sending a signed entry request including the hash value to a blockchain server; receiving the signed entry request by the blockchain server; and executing, by the blockchain server, program instructions of a program module identified by the signed entry request, wherein the execution of the program instructions includes checking the signature of the entry request, using a public cryptographic key of the issuer registered in the blockchain, and, if the signature is valid, generating an additional block of the blockchain for the issue of the virtual document, wherein the generated block includes an entry associated with the program module and including the first hash value.

Abstract: The method includes creating a signed output instruction for outputting a vehicle certificate, having a data record characterising the vehicle, using the blockchain, in the case of a valid signature, receiving the vehicle certificate, outputting the vehicle certificate, wherein the output vehicle certificate includes a machine-readable code, wherein the machine-readable code includes a private cryptographic key of an asymmetric key pair, wherein a public cryptographic key of the asymmetric key pair is identified in the blockchain as a check value for checking a signature of a read request for reading vehicle data of the vehicle certificate from the blockchain.

Abstract: An ID token includes a sensor, a communication interface, and a first microcontroller. The ID token includes a protected second microcontroller having at least one microcontroller communication interface, which is arranged in a holder of the ID token, wherein the microcontroller communication interface provides a data input and a data output. The first microcontroller is configured as a proxy for switching between the sensing of the measurement data by the sensor and forwarding of the sensed measurement data from the sensor to the first application of the protected second microcontroller by the microcontroller communication interface thereof on the one hand and forwarding of notifications for establishing a connection between the second application and the reading device and/or forwarding of APDUs by the connection between the second application and the reading device on the other hand.

Abstract: A method for integrating a hologram into the body of a security document that has a laminated body. The method includes: providing a holographic film having a backing substrate layer and a photo layer; providing additional substrate layers; carrying out a laminating process in order to form the laminated body, the holographic film together with the additional substrate layers being collated to form a substrate layer stack and being combined, together with the additional substrate layers, in a high-pressure, high-temperature laminating method to form the laminated body. There is also described a corresponding security document body.

Abstract: The invention relates to a method for cryptographically secure storing a file (101) using a web application executed by a web browser (106) on a user computer system (104, 162, 168) of a user (102, 160). The method comprises: encrypting the file (101) on the user computer system (104, 162, 168) by the web application, providing a distribution plan by the web application, fragmenting the encrypted file (101) on the user computer system (104, 162, 168) by the web application into a plurality of file fragments (F1-F4) according to the distribution plan, sending the resulting file fragments (F1-F4) by the web application over the network (178) to the storage services identified by the distribution plan (SD1-SD6).

Abstract: Method for generating a digital signature for a digital content using a computer and trustworthy signature hardware connected thereto for data exchange, includes generating a message digest from the digital content by an application executed on the computer; generating descriptive data relating to the electronic digital signature; transmitting the message digest and the descriptive data to the trustworthy signature hardware; outputting the descriptive data at an output device of the trustworthy signature hardware; carrying out a user interaction as precondition for the continuation of the method; generating signature data from the message digest and the descriptive data by the trustworthy signature hardware; and transmitting the signature data from the trustworthy signature hardware to the computer and in particular the application.

Abstract: The invention relates to a method for the tamper-proof storing of data in a bidirectionally linked blockchain structure. The method comprises the steps of creating an additional block Bi to extend the blockchain structure which comprises the data to be stored as payload data creating a bidirectional linking of the additional block Bi to a predefined number of preceding blocks, wherein creating the bidirectional linking comprises performing a backward linking of the additional block to the predefined number of preceding blocks and performing a forward linking of the predefined number of preceding blocks to the additional block.

Abstract: A security object has a document body. A lens array is formed on a top side and first information is stored in the document body. The optical detectability of the first information through the lens array is dependent on a detection direction. The document body has a top view section, in which the document body has a material layer that is translucent or opaque, and adjacent thereto a window section, in which the document body is formed of a material transparent in volume between a top side and a bottom side. The lens array extends over part of the window section and over part of the top view section and spans a section boundary between the sections. The first information also is formed partially in the top view section and partially in the window section and, in the window section, laser-marked, static second information is stored in the document body.

Abstract: A method for generating an electronic signature of a user for an electronic document including establishing a secure Internet session between a telecommunication terminal of a user and a signature server computer system; receiving a code from the signature server computer system via a separate and/or separately secured side channel by the telecommunication terminal; transmitting a combination of code and authentication information of the user via the secure Internet session to the signature server computer system; checking the validity of the combination of code and authentication information by the signature server computer system; and generating the electronic signature of the user by a high-security module of the signature server computer system, wherein the private key of the user for generating the electronic signature is stored in the high-security module.

Abstract: A method for storing data in a tamper-proof manner in a data block structure. The method includes, for a group of data blocks, determining functions, which are assigned to the data blocks of the group and dependent on the data stored in the corresponding data block; creating a combination of all functions assigned to the data blocks of the group; and determining a combination-dependent coefficient for each function of the combination, so that the combination meets a predefined condition; and for each data block of the group, determining a control group of data blocks of the group assigned to the corresponding data block; and storing the coefficient that was determined for the function of the corresponding data block in all data blocks of the control group.

Abstract: A system includes a first computer system (FCS) configured to receive an authentication request of a user with respect to the first authentication system (FAS), and communicate an unsuccessful authentication attempt. In response, a bridge computer system (BCS), is configured to request a user ID and receive at least the user ID; identify an address of a second computer system (SCS) based on of the user ID; and initiate the second authentication system (SAS) using the address. The SCS, if the user has been successfully authenticated with respect to the SAS, is configured to communicate successful authentication to the BCS; and in response, the BCS is configured to send the FAS a confirmation message, and the FCS is configured to treat the user as authenticated.

Abstract: In one embodiment the method includes providing a bidirectionally linked blockchain structure; generating an additional block for expanding the blockchain structure, which includes the data to be stored and is intended to be linked bidirectionally to the last block of the blockchain structure, the last block of the blockchain structure including stored data; and calculating a first block-dependent linking function for bidirectionally linking the last block to the additional block. The calculation of the linking function including calculating a combined block-dependent check value of the last block and of the additional block, using the data stored in the last block and the data to be stored in the additional block; and associating the combined check value with a block-independent, linking process-specific function. The method further includes adding the first block-dependent linking function to the last block and to the additional block.

Abstract: The invention relates to a method for making a structure with at least a first polymer layer and a second polymer layer, each made from a polycarbonate polymer based on bisphenol A, and in between the first polymer layer and the second polymer layer an intermediate layer being arranged, comprising the following steps: a) the intermediate layer is applied at least on a partial region of the first polymer layer, b) optionally the intermediate layer is dried, c) the first polymer layer is coated on the side, on which the intermediate layer is arranged, with a liquid preparation comprising a solvent or a mixture of solvents and a polycarbonate derivative based on a geminally disubstituted dihydroxydiphenyl cycloalkane, the preparation covering the intermediate layer, d) optionally a drying step is made after step c), e) after step c) or step d), the second polymer layer is placed on the first polymer layer, covering the intermediate layer, f) the first polymer layer and the second polymer layer are laminated with

Abstract: The disclosure relates to a method for providing an access code on a portable device, which comprises a user interface and is set up for a wireless data communication, in which reference data for an authentication are stored in a central data processing system, wherein the reference data comprise personal data containing biometric reference data for a user of the portable device and a device identifier for the portable device, in response to a detected event, an authentication process is executed, in which the user is authenticated, wherein to authenticate the user, in the central data processing system and/or in the portable device, the reference data and authentication data are evaluated, which comprise personal authentication data for the user, including biometric authentication data, and an authentication device identifier for the portable device, and in response to a successful authentication, an access code is provided in the portable.

Abstract: The mechanically stable value or security document 2000 according to the invention comprising an electric circuit 1270 is characterised by the following features: the document is formed of at least three document layers which are arranged in a stack 1700 and which are connected together face-to-face by a joining method, wherein a first document layer is formed by a circuit carrier layer 1200 which supports the electric circuit 1270, at least one second document layer is formed in each case by a compensation layer 1100 which has at least one opening 1120 and/or recess, and at least one third document layer is formed in each case by an outer cover layer 1300. The first 1200, the at least one second 1100, and the at least one third document layer 1300 are formed from a fibre composite material.

Abstract: The disclosure relates to a method for authenticating a user to a machine: generating a challenge by the machine, generating a first pattern, in which the challenge is coded, by the machine, displaying the first pattern on a display device of the machine, optically recording the first pattern by a user device, decoding the first pattern to receive the challenge by the user device, generating a response to the challenge by the user device, generating a second pattern, in which the response is coded, by the user device, displaying the second pattern on a display device of the user device, optically recording the second pattern by the machine, decoding the second pattern to receive the response by the machine, checking the correctness of the response by the machine, and, on the condition that the response is correct, fulfilling a function by the machine.

Abstract: The invention relates to a method for authenticating (400) a current user of a mobile, portable communication system (100) with respect to a server (150) by means of a behavior-based authentication. The server (150) comprising a first interface and a second interface. The first interface is configured to communicate with at least one activatable device (152), and the second interface is configured to communicate with a mobile, portable communication system (100). The method for authentication comprises: receiving at least one classification result (600) by the server (150) from the mobile, portable communication system (100); evaluating the at least one classification result (600) by the server according to a predefined examination criterion (800); and activating the device (152) by the server (150) by means of a control signal.