Abstract: The invention relates to an electronic module comprising a dielectric support film having a first side, conductor paths that are printed on said first side, and a semiconductor component which connects the conductor paths by means of electrical connections. The electronic module of the invention is characterized in that each electrical connection includes a lead wire that connects a contact of the semiconductor component to each path directly or via an island or an interconnection pad.

Abstract: The present invention relates to a method to independently complete the personalization of a token based on a secure hardware having the ability to store at least a secret and produced by a production entity, this completion of the personalization being performed at a business entity level with a business secret, comprising a preliminary personalization step wherein personalization data is stored in the token by the production entity, said token being associated with a unique sensitive credential recoverable from said personalization data using an external information, said external information being shared by a batch of tokens.

Abstract: To a method for accessing a service, at least one first user device executes a first application that communicates with a second user device application. The first user device sends to a remote server data relating to the first application execution, as a first user device report. The data relating to the first application execution includes information relating to either an incoming event or an outgoing event and at least one attribute relating to the first application execution. The remote server determines, based upon at least the first user device report, a trust level relating to the first user device. A third user device sends to the remote server a request for getting a trust level relating to the first user device. The remote server sends to the third user device, as a request response, the trust level relating to the first user device.

Abstract: To place an insert cut out of film with no gaps in a cavity formed in a foil, after placing the foil on a supporting substrate, the cavity is punched into the foil by means of a tubular cutting punch comprising an inner pusher with a cutting edge in the required shaped of the cavity and the insert, so that the edge goes through the thickness of the foil and cuts a slug out of it; the punch is lifted with the slug held inside the punch, without moving the foil, the film is brought between the foil and the edge of the punch, the punch is lowered once again so as to cut the insert out of the film and then push the insert cut in that way in the cavity with a pusher, and the punch and the pusher are removed, with the insert held in place in the cavity.

Abstract: The invention relates to a payment device 100 comprising a secure integrated circuit SE with a dual interface. A connector 110 is connected to the contact type interface in order to communicate with an external reader. An antenna 140 is connected to the contactless interface. The device also comprises a reader circuit 120, 130, 150 compatible with the secure integrated circuit SE, wherein the reader circuit is connected in parallel to the connector 110. An independent battery BAT is used to power the reader circuit. A power switching circuit 160 connected to a communication field detection circuit 170, wherein said power switching circuit is capable of powering the reader circuit after a communication field is detected.

Abstract: The present invention relates to a method for updating a firmware on a device, from a current version to a new version, said firmware being split into: —a core part, —an extended part comprising a plurality of entry points callable by the core part, said method comprising: —inhibiting the entry points between the core part of the current version, called current core part, and the extended part of the current version, called current extended part; —erasing the current extended part; —downloading the core part of the new version, called new core part; —erasing the current core part; —downloading—the extended part of the new version, called new extended part; —activating the entry points between the new core part and the new extended part.

Abstract: A method for manufacturing a personalizable portable electronic device having a reprogrammable non-volatile memory for storage of application programs and libraries as well as a corresponding portable electronic device and personalization system. The method includes a step of storing a plurality of compressed application code libraries in the non-volatile memory a step of determining which application code libraries are not required for applications used on the personalizable portable electronic device, a step of deleting from the non-volatile memory any compressed application code libraries determined to not be required for applications used on the personalizable portable electronic device, and a step of decompressing an application code library required by an application used on the personalizable portable electronic device. Other systems and methods are disclosed.

Abstract: The invention is a method of managing communication between a host device and a secure element comprising two virtual profiles. The method comprises the steps of: running simultaneously both virtual profiles in the secure element, generating an incoming data from the host device by multiplexing a first command targeting one virtual profile and another command targeting the other virtual profile and sending the incoming data to the secure element, demultiplexing both commands at the secure element side and sending each command to the targeted virtual profile, getting response messages generated by both virtual profiles by executing said commands, generating an outgoing data by multiplexing the response messages and sending this outgoing data to the host device, and demultiplexing the response messages at the host device side.

Abstract: This invention relates to a method used by an authorized user for the verification of a document having electronic verification means, The method comprises the various steps consisting in:—reading, with electronic reading equipment with which the authorized user is equipped, of information stored in the electronic verification means of the verified document;—transferring verification information, established on the basis of the information saved in the electronic verification means, from the electronic reading equipment to a viewing device of the authorized user, which viewing device is positioned, in normal conditions of use, in front of the eyes of the authorized user, the said viewing device being transparent to allow the said authorized user to see through it.

Abstract: The present invention concerns a secure document comprising at least a personalized rainbow color micro-text with a text height inferior or equal to 300 ?m. The invention also concerns the method of production of said secure document. The present invention also concerns a method of production of a secure document comprising at least a personalized rainbow color micro-text with a text height inferior or equal to 300 ?m, said method comprising at least the following steps:—printing a rainbow color pattern on a predefined area of the secure document,—laser marking on the rainbow pattern of the predefined area, in order to form the personalized rainbow color micro-text on said predefined area. The laser marking can be laser blackening, laser whitening or a laser color change.

Abstract: The invention relates to a method for loading at least one native code on at least one target secure element comprising a java card virtual machine, said method comprising the following steps: providing a modified CAP file composed of at least one custom CAP component comprising a native code; extracting said native code from the custom CAP component; installing said native code in the target secure.

Abstract: The present invention relates to a method to protect, in a secured container using an encryption key, a set of mixed sensitive and public data to be transferred to an entity. The method includes the steps of: generating a random key, ciphering the set of mixed sensitive and public data using said random key to obtain a ciphered set of data, generating an initialization value, and defining configuration information for the secured container. The initialization value, the configuration information and random key form a preamble. The preamble and the ciphered set of data are encrypted. The initialization value renders the resulting encrypted data variable from a secured container to another even in case of repetitive configuration information in the preamble.

Abstract: The present invention concerns the implementation of end-to-end security for the communication between a low cost card reader and the remote server. The purpose of the present invention is the establishment of a secure channel between the card reader and the remote server through an un-trusted communication device (e.g. a smart phone or a tablet) that is intrinsically resistant to some basic differential side-channel analysis in a context where there is no secure random number generator and no source of entropy in the card reader, while providing the following characteristics:—Mutual authentication between the card reader and the server—Secure channel based on session keys such that the keys of the secure channel related to a past transaction cannot be re-played, or the session keys of a future transaction cannot be pre-computed by the card reader and later re-use by the card reader in a legitimate transaction.

Abstract: The invention proposes several improvements related to the management of secure elements, like UICCs embedding Sim applications, these secure elements being installed, fixedly or not, in terminals, like for example mobile phones. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.

Abstract: The invention relates to a method for a client device (2) to access to remote secure data on a remote secure device (1), said secure data being associated to a remote service, characterized in that it comprises creating a secure peer to peer channel (3) between a client application (21) of a client device and said remote secure device so as the client device and the remote secure device exchange data (4) securely and bidirectionally.

Abstract: The invention proposes an off-line divisible e-cash scheme where a user can withdraw a divisible coin of monetary value nL (n being for example equal to 2) that he can parceled and spend anonymously and unlinkably. The invention allows to protect the anonymity of honest users and to revoke anonymity only in case of cheat for protocols based on a tree structure without using a trusted third party.

Abstract: A device (CD) is intended for controlling authenticity of a code received with a message by an electronic device (ED2) and resulting from application to this message of a bijective algorithm with at least one predetermined key. This device (CD) has i) a first computation means (CM1) arranged for applying partly this bijective algorithm with this predetermined key, from a starting step to a chosen intermediate step, to the received message, in order to get a first result, ii) a second computation means (CM2) arranged for applying partly in a reverse manner the bijective algorithm with the predetermined key, from an ending step to this chosen intermediate step, to the received code while using the received message, in order to get a second result, and iii) a comparison means (CM3) arranged for comparing these first and second results and for outputting an information representative of the authenticity of the received code when the first and second results are identical.

Abstract: Automated secure registration techniques for communication devices are provided which address the problem of allowing multiple clients to gain access to one system, and thus provide a solution to the “reverse single sign-on” problem. For example, a method for registering a group of two or more communication devices in a communication network comprises the following steps. A group challenge message is sent from a network device to the group of two or more communication devices. The network device receives one or more response messages to the group challenge respectively from one or more of the group of two or more communication devices, wherein the response message from each of the responding communication devices in the group comprises a group credential corresponding to the group.

Abstract: To access a service, each user device stores one first key. The user device is connected to a first server. A terminal sends to a second server a connection request. The second server responds with first data relating to a transaction identifier and an associated challenge. The terminal determines a first result depending upon the first data and the first key. The terminal sends to the first server the first result and user device data. The first server identifies a user device based upon the user device data and sends to the device the first result. The device determines the challenge and the transaction identifier based upon the first result and the first key and sends to the second server the challenge and the transaction identifier. The second server verifies whether the data received from the device matches the first data and, if so, authorizes the terminal to connect.

Abstract: The invention relates to the technical field of smart cards with displays. Such a card comprises, embedded in a transparent core, a multi-component module supporting the display. The card comprises: at least one layer of ink printed on the surface of the transparent core, except in a zone facing the display, said at least one layer being opaque in at least one region; and a transparent film covering the at least one ink layer. The card is characterized in that the at least one layer is formed by a first opaque ink layer printed on the surface of the transparent core, except in a zone facing the display and a second ink layer forming a graphic design allowing customization printed on the first ink layer.