Abstract: The invention is a system comprising a host device and a secure element including a plurality of virtual profiles and an execution component configured to run simultaneously several of said virtual profiles. The system comprises a discovery agent configured to provide a subset of the plurality of virtual profiles, configuration data for each virtual profile of said subset and capability data reflecting the maximum of logical channels handled by the host device. The system comprises an allocating agent configured to cooperate with the discovery agent to allocate a range of logical channels to each virtual profile of the subset based on the capability data and to determine in each of the ranges a main logical channel which remains permanently available when the virtual profile to which the range is allocated has been booted.

Abstract: A system, method and computer-readable storage medium with instructions for protecting an electronic device against fault attack. The technology includes operating the electronic device to determine two half-size exponents, dp and dq, from the exponent d; to split the base m into two sub-bases mp and mq determined from the base m; and to iteratively compute a decryption result S by repeatedly multiplying an accumulator A by m, mp, mq or 1 depending on the values of the i-th bit of dp and dq for each iteration I?. Other systems and methods are disclosed.

Abstract: The invention relates to a virtual machine. The virtual machine is set to recognize, in addition to a set of conventional bytecodes, at least one secure bytecode functionally equivalent to one of the conventional bytecodes. It is set to process secure bytecodes with increased security, while it is set to process conventional bytecodes with increased speed. The invention also relates to a computing device comprising such a virtual machine, to a procedure for generating bytecode executable by such a virtual machine, and to an applet development tool comprising such procedure.

Abstract: The invention is a method for managing a response from an application embedded in a secure token acting as an UICC, in response to a command requesting opening a proactive session. The command is sent by an applicative server to the secure token via an OTA server providing a security layer. The method comprises the steps of sending another command from the applicative server to the secure token using the security layer provided by the OTA server, and in response to this second command, the secure token send the response of the first command to the applicative server using the security layer provided by the OTA server.

Abstract: A system, method and computer-readable storage medium with instructions for operating a processor of an electronic device to protect against unauthorized manipulation of the code pointer by maintaining and updating a code pointer complement against which the code pointer may be verified. Other systems and methods are disclosed.

Abstract: A method, corresponding client, server and system for communicating between a server and a client. The server and the client access at least one session extension key and/or a key associated with the session extension key, as an associated key. The server authorizes to extend an open communication session with the client until an expiration time only if the client sends to the server authentication data allowing the server to authenticate at least the client on a basis of the session extension key. The expiration time is a time at which the communication session is open completed by a predetermined extension time period.

Abstract: The present invention discloses a communication method for machine-type-communication (MTC) between a MTC server and MTC equipments, which comprises: the MTC server broadcasts a target content related to an application, receives availability information related to the target content from candidate MTC equipments which satisfy the target content, selects any one or more MTC equipments from the candidate MTC equipments based on the availability information, establishes a session connection with each of the selected MTC equipments, and receives content uploaded by the selected MTC equipments. The invention furthermore discloses a communication method for MTC between the MTC equipments and the MTC server, and discloses the corresponding MTC server and the MTC equipment.

Abstract: The invention is a method for managing profiles in a secure element that has several profiles comprising files organized in respective logical tree structures comprising respective root files. The root files have identifiers whose values are different from 0x3F00 and the method comprises the step of enabling browsing of the logical tree structure comprising a targeted root file in response to the receipt of a Select file command aiming at selecting said targeted root file.

Abstract: In one embodiment, the method includes encrypting, at a device, data with a first key, and forming a message that includes a device identifier and the encrypted data. The device identifier identifies the device. A signaling message is formed that includes a class identifier, the message and an action code. The class identifier identifies a group of devices to which one or more devices belong. The action code indicates the type of data, and may be part of the message. The signaling message is sent to a network, for example, a wireless network. The wireless network identifies and routes the message portion of the signaling message based on the class identifier. And, using the class identifier and perhaps a device identifier, the wireless network may signal the device to change an operating parameter.

Abstract: The present invention relates to a method to manage subscriptions in a provisioning server (PS) able to communicate with a Hardware Security Module (HSM) having an HSM key (K). Said method being such that the HSM comprising a load and a reload function, the secure device key ((Ke1)K) and the storage key ((Ks)K) as encrypted and stored are provided (S1) to one of said functions, said functions outputting, the storage key ((Ks)Ke1)K) encrypted using the provided secure device (SE1) key (Ke1) and the HSM key K, and an APDU_putkey command ((APDU_PUTKEY((Ke1))Ke1), encrypted using the provided secure device (SE1) key (Ke1), to put the retrieved storage key ((Ks)Ke1) also encrypted using the provided secure device key (Ke1), the storage key as previously stored ((Ks)K) is overwritten (S6) with the storage key (((Ks)Ke1)k) encrypted using the secure device key (Ke1) and the HSM key (K) returned by the function.

Abstract: The invention relates to a vehicle (1) comprising: a multiplexed communication bus (2); an engine control unit (4) connected to the communication bus (2); a secure element (6) hosted in the vehicle and configured to communicate through the communication bus, the secure element securely storing (64) security data related to the vehicle.

Abstract: A pairing device for establishing a secure wireless communication path between a first device having a first body-coupling communication interface and a second device having a screen.

Abstract: A method for establishing a first secured communication channel between an administrative agent in a device and a distant server, the device comprising a secure element communicating with the administrative agent, the secure element being administrated through the administrative agent by the distant server, the administrative agent being administrated by a third party server through a second secured communication channel, the distant server and the third party server being connected through a third secured channel. The third party server requests, from the distant server, an operation on the secure element and a one-time PSK. The distant server sends, to the third party server, the one-time PSK. The third party server sends, to the administrative agent, a triggering message including the one-time PSK. A TLS-PSK handshake is performed between the administrative agent and the distant server with the one-time PSK to establish the first secured communication channel.

Abstract: A device according to claim 6, characterised in that the interrupting zone is positioned outside the switch zone in which two wires (54, 56) of a circuit are so arranged as to cooperate with the switch are positioned.

Abstract: Method of producing a device comprising at least two distinct components that are interconnected by interconnecting wires, and device thereby obtained. The invention relates to a method of producing a device having at least two distinct components which are interconnected on a substrate by at least one interconnecting wire. The method includes the following steps: creating the interconnecting wire by depositing individual wires on the substrate in a predefined interconnecting pattern, the wire comprising at least one terminal connection portion which is exposed on the substrate, bringing at least one contact of a component to face the terminal portion and connecting the contact to this terminal portion. The invention also relates to the device thereby obtained and to a multi-component product comprising same.

Abstract: The present invention relates to a data carrier, especially a security document, such as an identification card, comprising authentication data comprising personalized data, the data carrier comprising a first side and a second side opposite to the first side and at least one recording layer provided with at least a first piece of authentication data of said authentication data, an array of lenticular elements being arranged at the first side of the data carrier to provide from a first predetermined angle of view an image of said at least first piece of authentication data. In order that the data carrier according to the invention shall not suffer from greyness and in order to make the data carrier esthetically appealing and manufacture it at low costs, the recording layer is a non-doped transparent PVC layer comprising said at least first piece of authentication data.

Abstract: The invention proposes a method for exporting data of a Javacard application stored in a UICC to a host, the method consisting in: transmitting a transfer order to the application through a Javacard API; formatting the data in a pack, wherein the formatting is realized by the application; exporting the pack to the host.

Abstract: The invention relates to a method for producing an electronic device including at least one electronic component in a substrate body, said method including at least one step of transferring said electronic component to a surface of a removable dielectric substrate, of delivering a protective resin on said electronic component, and of transferring, onto the protective resin, a reinforcement disc having a main front surface with a peripheral contour, wherein the protective resin extends up to the peripheral contour of the disc in order to form, together with the disc, the peripheral side contours and the final layer of the substrate body of the device.

Abstract: The invention is a method for managing communication between a secure element and a device. The secure element comprises a physical communication interface and first and second virtual profiles. It is configured to exchange data targeting the virtual profiles with the device through the physical communication interface. The method comprises the steps of: running simultaneously said first and second virtual profiles, demultiplex incoming data received through the physical communication interface and multiplex outgoing data sent through the physical communication interface, resetting one of said virtual profiles individually without affecting the other virtual profiles in response to receiving a specific signal sent by the device through the physical communication interface.

Abstract: The present invention relates to a method to build a non-alterable structure and to such a non-alterable structure including data relative to a set of cryptographic material generated randomly or derived from a secret key linked to a business use, the non-alterable structure being intended to be transferred from a first entity to a second entity, the entities sharing at least an encryption/decryption key and a signature key, the structure comprising at least business data relative to the intended use of cryptographic material, an encrypted protection key encrypted with the encryption key, an encrypted set of cryptographic material encrypted with the protection key, a signature of the set of cryptographic material, the protection key and the data relative to the intended use of cryptographic material signed with the signature key.