Abstract: A device comprises a chip storing a first subscription relating to the first mobile network operator in a home country. The chip stores a second subscription relating to a second mobile network operator and associated with a preferred communication technology. The chip receives location information and analyses whether an extended cell identity value is present within the location information. The chip detects, based upon the analysis, a currently available communication technology relating to a second mobile network. The chip compares the currently available communication technology to at least one preferred communication technology. If the currently available communication technology matches at least one preferred communication technology, then the chip switches to a second subscription associated with the preferred communication technology. The chip sends to the device at least one identifier relating to the second subscription related to the second mobile network.

Abstract: A radio device, comprising an application scheduling unit configured to initiate a transmission of application output data in communication with a radio access network in accordance with a predetermined application transmission schedule determining at least one allowed time, which is a time span or a point in time, for the communication of the application output data. The allowed time depends on a parameter value of a set of at least one parameter that is allocated to the radio device and that is suitable for distinguishing the radio device from at least one other radio device of a group of radio devices to which the radio device belongs. A communication unit is configured to transmit the application output data in communication with the radio access network in the form of radio signals and at a time that is in accordance with the predetermined transmission schedule.

Abstract: In a method for accessing a service, a device receives data. The device gets, based upon the received data, transaction data. The device signs the transaction data by using a private key relating to a transaction processing, a signature operation result being a transaction signature. The device generates a transaction analysis result. The device stores the transaction data and the transaction signature. The device analyses whether the transaction analysis result is or is not a transaction authorization. Only if the transaction analysis result is a transaction authorization, the device gets, based upon the received data, service data. The device sends to a first external entity the service data. The device sends the transaction data and the transaction signature to either the first external entity or a second external entity.

Abstract: The invention is a method for managing communication between a secure element and a device. The secure element comprises a physical communication interface and first and second virtual profiles. It is configured to exchange data targeting the virtual profiles with the device through the physical communication interface. The method comprises the steps of: running simultaneously said first and second virtual profiles, demultiplex incoming data received through the physical communication interface and multiplex outgoing data sent through the physical communication interface, resetting one of said virtual profiles individually without affecting the other virtual profiles in response to receiving a specific signal sent by the device through the physical communication interface.

Abstract: The invention is a method of managing communication between a host device and a secure element comprising two virtual profiles. The method comprises the steps of: running simultaneously both virtual profiles in the secure element, generating an incoming data from the host device by multiplexing a first command targeting one virtual profile and another command targeting the other virtual profile and sending the incoming data to the secure element, demultiplexing both commands at the secure element side and sending each command to the targeted virtual profile, getting response messages generated by both virtual profiles by executing said commands, generating an outgoing data by multiplexing the response messages and sending this outgoing data to the host device, and demultiplexing the response messages at the host device side.

Abstract: A roaming device sends, through a visited network and a proxy network, to a home network, an identifier for a first subscription. The home network sends, through the proxy network, to the visited network, data relating to the first subscription. The proxy network sends to the home network a first temporary address. The visited network sends to the proxy network a second temporary address. The device activates a second subscription. The device sends, through the visited network and the proxy network, to the roaming provider network, an identifier for the second subscription. The roaming provider network sends, through the proxy network, to the visited network, data relating to the second subscription. The proxy network registers the first subscription identifier, the second subscription identifier, the first temporary address and the second temporary address. The proxy network sends to the roaming provider network the first temporary address.

Abstract: A security document (1, 1?), comprising: a base layer (10, 10?) having a through hole (15, 15?) extending from a first side of the base layer (10, 10?) to a second side of the base layer (10, 10?); a first cover layer (11, 11?) attached on the first side of the base layer (10, 10?); a second cover layer (12, 12?) attached on the second side of the base layer (10, 10?); and an electronic module (4, 4?) arranged in said through hole (15, 15?). The security document (1, 1?) further comprises a first patch (21, 21?) attached to the security document (1, 1?) by hot stamping and located between the base layer (10, 10?) and the first cover layer (11, 11?), the first patch (21, 21?) surrounding the through hole (15, 15?) and covering a perimeter area around the through hole (15, 15?) on the first side of the base layer (10, 10?), thereby preventing attachment of the base layer (10, 10?) to the first cover layer (11, 11?) in the region of the perimeter area.

Abstract: The invention relates to a method for producing a module having an electronic chip including metallisations which are accessible from a first side of the metallisations and an integrated circuit chip which is arranged on the second side of the metallisations, opposite the first side. The method comprises the step of forming electrical interconnection elements which are separate from the metallisations, directly connecting the chip, and are arranged on the second side of the metallisations. The invention also relates to a module corresponding to the method and to a device comprising said module.

Abstract: The card comprises a first translucent or transparent substrate layer, preferably in PVC, and a second substrate layer, and a cracked layer of ink between the two substrate layers so as to allow the second substrate layer to show through the cracks of the layer of ink. The cracked layer of printing ink comprises mirror-effect ink, that reflects light through the first translucent or transparent substrate layer. The cracking of the layer of ink is achieved when the card is manufactured by laminating it.

Abstract: In one aspect, there is provided is a method for preventing congestion at radio access in a mobile or wireless communication system, said method comprising, in an embodiment, a step of: barring a Mobile Terminal from radio access, except if said Mobile Terminal belongs to a given one of different ranges into which Mobile Terminals are split, said given range being referred to as allowed range, said allowed range changing upon time.

Abstract: The invention relates, in particular, to a method for registering at least one public address in an IMS network including a terminal that interacts with a security element. According to the invention, the security element includes an application that invites the user of the terminal, upon the occurrence of an event, to enter a public address, selected by the user, via the man/machine interface of the terminal, the application transmitting the public address, accompanied by at least one identifier of the security element, to a remote network via the terminal such that the remote network associates the public address with the identifier.

Abstract: A method for detecting a jamming transmitter affecting a communication user equipment, operating in a cellular network supporting communication in a time-division manner, including at least one active base station, on which the user equipment is camping. In the method, the user equipment detects that at least one downlink radio channel from the active base station is not decodable, measures signal levels received on said downlink radio channel for a plurality of time units, analyzes said signal level measurements, and in case at least one time unit is detected with a signal level exceeding a predefined threshold, detects a jamming transmitter by verifying that, in a predefined amount of successive time units, the pattern of a first time unit with signal level exceeding the predefined threshold, directly followed by a second time unit with a signal level below the predefined threshold, is not detected.

Abstract: The invention relates to a secure element device comprising at least one processor, at least one communication interface, at least one memory RAM and NVM and at least one bus access controller, wherein the bus access controller defines at least a first area PBL, a second area SBL and a secure area MZ. The first area comprises a first loader program capable of loading a program package in the second area. The secure area comprises an authentication key capable of authenticating the program package loaded in the second area. After authentication of the program package loaded in the second area, the access right of the first loader program is changed in such a way that a program in the first area can no more access the second area.

Abstract: The present invention relates to a method (100) for personalizing a document, said document comprising a support comprising printed patterns (201, 202), wherein said method (100) comprises generating at least a laser pulse on said support for carbonizing at least a printed pattern.

Abstract: A system and method of operating a database system to protect personal identifiers from being revealed. The system and method obfuscates personal identifiers using a secret value, storing in a database records containing the obfuscated personal identifier, storing the secret value in a identifier translation device, receiving at a request preparer a record request identifying a requested record using a non-obfuscated personal identifier, and operating the request preparer to direct the identifier translation device to translate the non-obfuscated personal identifier into an obfuscated personal identifier using the secret value stored in the identifier translation device and using the obfuscated personal identifier in a query to the database.

Abstract: A method for managing access to a first server comprises intercepting a message including a connection request, for connecting to the first server. The message is sent at an initiative of a secure element, to the first server. A filtering rule, based upon a predetermined threshold relating to a rate or a number of connection requests, as a first filtering criterion, is accessed. The filtering rule comprises a second filtering criterion. A counter is modified for each intercepted message. The counter is compared to the predetermined threshold and, if the counter is equal to or greater than the predetermined threshold and the second filtering criterion is satisfied, a message including predefined output data is sent to the secure element. The output data controls or filters a session between the secure element and the first server.

Abstract: The invention concerns notably a method for detecting dynamically that secure elements are eligible to at least one OTA campaign for updating these secure elements, each secure element cooperating with a telecommunication terminal in a telecommunication network, this updating being realized by an OTA server. According to the invention, the method consists in: Detecting which secure elements have not polled the OTA server for a given time frame; Checking eligibility for these secure elements; Updating the secure elements that did not poll the OTA server for this given time frame and that are eligible to the OTA campaign by pushing messages to these secure elements.

Abstract: A method of detecting a jamming transmitter includes the steps of indicating that a communication user equipment is capable of communicating in a cellular code division multiple access based radio network; testing a match of a uniform synchronization signal sequence of a synchronization channel; detecting a power indicator indicative of an unbiased wide band power of a received radio signal strength and comparing the power indicator to a noise floor threshold; and indicating a jamming affection of the communication user equipment in the case where (i) the communication indication is on hold; and (ii) the uniform synchronization sequence of the synchronization channel is not matched in the test, and (iii) the power indicator exceeds the noise floor threshold.

Abstract: The present invention relates to a method to generate prime numbers on board a portable device, said method comprising the steps of, each time at least one prime number is requested: when available, retrieve results from previously performed derivation calculation or, if not, select a start point for derivation; process derivation calculation to converge towards a prime number; if a prime number is found, store it and restart derivation calculation from a new start point; stop the derivation calculation after a predetermined amount of time; store intermediate results to be used a next time a prime number will be requested; output a stored prime number.

Abstract: The present invention relates to a method, for a provider entity belonging to a provider group, to authenticate its belonging to an attribute provider group to a verification entity in a non-traceable manner without necessitating to share secret or large constants compromising privacy. Both entities comprise at least one attribute group arborescence, this attribute group arborescence being shared by the provider entity and the verification entity when the provider entity has the attribute. According to the invention, when a verification is triggered, the verification entity calculates a certificate from the attribute group arborescence, said certificate being calculated from the authentication tokens of the groups along the arborescence from the attribute verification group's token to the consumer group's token.