Abstract: A system, method and computer-readable storage medium for decrypting a code c using a modified Extended Euclidean Algorithm (EEA) having an iteration loop independent of the Hamming weight of inputs to the EEA and performing a fixed number of operations regardless of the inputs to the EEA thereby protecting a cryptographic device performing the decryption from side-channel attacks.

Abstract: A method for protecting data on a mass storage device. The device has a security module and a data storage area configured to be switched between a protected state, in which accessing the data storage area is forbidden and an unprotected state, in which accessing the data storage area is authorized. Switching the data storage area from the protected state to the unprotected state by sending a request to a remote server, receiving a one-time password on a communication device, in response to the sent request, providing the received one-time password to the security module, authorizing access to the data storage area by the security module, once the provided one-time password is deemed valid by the security module.

Abstract: A secure element equips a device usable by N image owners, and comprises a first non-volatile memory divided into N parts storing image owner data, a second non-volatile memory storing a primary boot loader, a third non-volatile memory divided into N parts storing image owner session private data, a first random access memory divided into N parts associated to the N first non-volatile memory parts, a second random access memory for temporarily storing image owner data during an access session, and a controller activated by the primary boot loader when the device starts an access session, and then controlling accesses to the non-volatile memories and random access memories according to rules, and erasing the second random access memory each time the device starts an access session.

Abstract: The invention relates to a method for creating a multi-component device, including the following steps, creating a module having a multilayer structure comprising electrical/electronic components arranged on at least one substrate in stacked layers, the components each having a main surface exposed to the outside, wherein the components are arranged such that the respective main surfaces thereof are oriented in mutually opposite directions. The invention also relates to the corresponding device.

Abstract: A device comprises a memory. The memory stores data relating to at least one service profile template. The service profile template includes executable data. A server sends to the device a first message including a request for creating or modifying at least one service profile based upon a service profile template. The device executes the executable data. The device creates or modifies a memory area. The memory area is associated with a service profile by using the service profile template. The device sends to the server at least one second message including a request for loading into the device data relating to at least one service profile. The server sends to the device at least one third message including data relating to at least one service profile. And the device stores within the created or modified memory area the data relating to at least one service profile.

Abstract: (EN) The invention relates to a portable electronic device (SC, TK) comprising electric input means (VCC, GND, ANT) for receiving electric power from an external power supply. The portable electronic device (SC, TK) comprises an application, the application being set to be triggered when power is supplied to said electric input means (VCC, GND, ANT), and to not communicate with entities external to the portable electronic device (SC, TK), or to only notify such entities of an event. The application is further set to configure the portable electronic device (SC, TK), and to be successfully executable at most once. The invention also relate to a manufacturing equipment (M) for configuring a portable electronic device (SC, TK) and to a method for configuring a portable electronic device (SC, TK).

Abstract: The invention is a method of transferring user data from a first instance of a package to a second instance of another package corresponding to an upgraded version. The first instance stores the user data in its own storage format. The two instances are embedded in a secure element. The method comprises the steps of: establishing a direct channel within the portable secure device between the two instances, the first instance gets in a locked state where it refuses any service requests except the communication with the second instance, prepares a pack by formatting the user data in a transport format, and automatically sends the pack to the second instance through the direct channel, the second instance retrieves the user data from the pack and stores the user data in another storage format.

Abstract: The invention relates to a method for accessing an Internet protocol Multimedia Subsystem type subsystem, said subsystem. According to the invention, a device is firstly connected to a mobile communication network, as a visited network, said first network. The method comprises the following steps. The first network sends to the device a first message comprising current location data relating to a location where the device is currently present. The device analyzes whether at least one roaming rule associated with the current location data is or is not stored within the device. The at least one roaming rule includes, each, at least one parameter for accessing the subsystem. And if the device does store the at least one roaming rule associated with the current location data, then the device sends to the subsystem a second message including a request for connecting to the subsystem. The invention also pertains to a corresponding device.

Abstract: The invention is a method for restoring to a factory state a secure element which is embedded in a first device and which comprises a set of data. The method comprises the steps of: classifying data of the set in three independent categories, retrieving from a second device a first entity configured to provide factory value of data of the first category, restoring all current data of the first category (C1) by factory value, retrieving from a third device a second entity configured to provide factory value of data of the second category, restoring factory value of data of the second category.

Abstract: The invention is a method for managing a secure element that comprises an operating system and a software application including an executable part which is tied to the operating system through a plurality of links. The method comprises the following steps: on receipt of an un-map command, recording in a memory area of the secure element a description of said links using an intermediate language, replacing the operating system by a new operating system by keeping said memory area unchanged, on receipt of a re-map command by the secure element, restoring a new set of links between the executable part and the new operating system by using the description.

Abstract: The invention provides a solution to accessing for a geographical location information-based service in a server of a machine type communication based communication system, where firstly a server broadcasts or multicasts a content request message, the content request message comprising information on requested content and information on a target geographical location; then the server receives a response message from at least one user equipment, the response message indicating that the at least one user equipment possesses the requested content and the at least one user equipment being located within the target geographical location; and finally the server acquires the requested content from the at least one user equipment.

Abstract: The invention relates to a system for managing multiple subscriptions in a UICC, this system comprising a central server able to manage subscriptions stored on a UICC comprised in a mobile terminal in the field, at the request of a subscriber of one of these subscriptions.

Abstract: The invention relates to a method of personalizing a security element cooperating with an apparatus. This personalization includes downloading data, which is related to a subscription to a network of a mobile radiotelephony operator, in the security element. The method further includes: (i) connecting the apparatus to a card reader; (ii) reading from the card operator data corresponding to at least one subscription to a network of a mobile radiotelephony operator; (iii) transmitting the operator data from the reader to an operator network; (iv) transmitting from the operator network to a subscription manager a request for transferring data related to the subscription to the mobile radiotelephony operator network; and (v) transmitting, from the manager to the security element, the data related to the subscription to the mobile radiotelephony operator network.

Abstract: A process is designed to configure a smart card (CP) comprising a microchip (PE) capable of participating in at least two applications, a magnetic stripe (PM) capable of storing information, action means (MA) capable of acting on the magnetic stripe (PM) to modify certain stored information, a control circuit (MC) capable of controlling the microchip (PE) and the action means (MA), and selection means (MS) capable of allowing the selection of an application. This process comprises a step wherein, if one of the applications is selected, a dedicated piece of information that is representative of that selected application is stored in a location accessible to the control circuit (MC), so that if the microchip (PE) is woken up, the microchip (PE) automatically retrieves the dedicated information in order to activate the selected application represented by it.

Abstract: This invention concerns the implementation of end-to-end security for the communication between objects in the domain of the Internet of Things (or Internet of Objects). The purpose of the patent is dealing with the setup of secure authorized information channel between data source (M2M device) and data consumers (consumer entity). According to the present invention, the access to a M2M device by a consumer entity (consumer application) is controlled by a M2M authorization server. The M2M authorization server is the entity in charge of managing access rights for the M2M device and makes the decision regarding the access to the resource by the consumer entity (consumer application). The M2M server is an entity that enforces the decision and enables the access to the M2M device.

Abstract: An apparatus and method for manipulating images is disclosed. In one embodiment according to the invention, a method for manipulating images comprises: displaying for manipulation at a browser-based user interface a graphical representation of at least a portion of an image held at a remote image store; providing an internet communications link coupling the user interface to a remote image processor; transferring information about manipulations applied to the graphical representation between the user interface and the remote image processor; and causing the remote image processor to access the remote image store and apply, to at least a portion of the image held in the store, manipulations emulating those applied to the graphical representation. In another embodiment according to the invention, there is disclosed a method for applying a personalized image to a financial account access means corresponding to a financial account of a customer.

Abstract: The invention is a method for managing access to a service wherein the method comprises the following steps: a client application sends to an application server a request to access the service by using credentials and a first anti-clone code, the application server performs a verification of the credentials and said first anti-clone code, the application server sends a second anti-clone code to the client application and deactivates said first anti-clone code only in case of successful verification, said second anti-clone code being required for the next attempt to access the service.

Abstract: A method for producing a radiofrequency device having a first antenna circuit connected to a radiofrequency chip and a second antenna circuit associated with, or coupled to, the first circuit, the method including the following steps: formation of the first antenna circuit in the form of a conductive wire deposited in a guided manner on a first substrate; and formation of the second antenna circuit in the form of a conductive wire deposited on the same first substrate in a guided manner and at a calibrated distance from the first antenna circuit.