Abstract: The present invention relates to a data carrier, especially a security document, such as an identification card, e.g. a passport or a driving license, a credit card and a bank card, the data carrier comprising authentication data comprising personalized data, and as a security feature, an array of lenticular elements being arranged to provide only from predetermined angles of view an image of at least a piece of authentication data of said authentication data. In or to make the data carrier impossible or at least very difficult to copy and forge, the array of lenticular elements is provided with a complex structure providing a further security feature.

Abstract: The invention relates to a method of reading RF transponders disposed in one and the same magnetic interrogation field, in which a magnetic coupling of the transponders is ensured with a passive resonant circuit during reading. The method is distinguished in that the passive antenna of the resonant circuit is associated with at least one transponder antenna, and the passive resonant circuit is tuned in such a way that the resonant frequency resulting from the association corresponds to one of the frequencies of the emission side bands of the transponder to be read. The invention also relates to the system corresponding to the method, a transponder structure and an object containing the transponder, in particular a travel document.

Abstract: The present invention relates to a method to authenticate two devices to establish a secure channel, one belonging to a first group of devices, the second belonging to a second group of devices, in a non-traceable manner without the need to share a secret, each group being authenticated by an authority that stores a group secret key into the devices under its authority. The method uses a set of authentication tokens, one for each of the other groups with which the device is intended to communicate, said authentication token comprising at least a random number and a cipher of at least this random number by the secret key of each of these other groups, said authentication tokens being further renewed at each communication with a device from another group.

Abstract: The present invention relates to a method (100) for personalizing a document, said document comprising a support comprising printed patterns (201, 202), wherein said method (100) comprises generating at least a laser pulse on said support for carbonizing at least a printed pattern.

Abstract: The invention relates to a method for carrying out an electronic transaction between a main communication apparatus and a transaction terminal, wherein a smart portable accessory is provided, which has a different format from a standardized chip card format and is capable of relaying the transaction or of representing said main apparatus relative to a transaction terminal; and the transaction is carried out by only presenting said accessory, instead of the main apparatus, to the transaction terminal. The invention also relates to the corresponding system.

Abstract: The invention is a method for authenticating a device which comprises a chip and a body carrying the chip. The body comprises a graphical security feature. The method comprises the steps of: running a first physical unclonable function for generating a first response representative of the chip, extracting a first reference from the graphical security feature, authenticating the device by checking that said first response and first reference are linked by a preset mathematical function. The extracting step and the authenticating step are carried out by a machine distinct from the device.

Abstract: The present invention relates to cryptographic method that are resistant to fault injection attacks, to protect the confidentiality and the integrity of secret keys. For that, the invention describes a method to protect a key hardware register against fault attack, this register being inside an hardware block cipher BC embedded inside an electronic component, said component containing stored inside a memory area a cryptographic key K, characterized in that it comprises following steps: A.) loading the key Kram inside said register; B.) computing a value X such as K=BC(K,X); C.) after at least one sensitive operation, computing a value V such as V=BC(K,X); D.) matching the value V with the key Kram value stored in the memory area; E.) if the matching is not ok detecting that a fault occurs.

Abstract: A first device stores a subscription manager and at least two subscriptions. A first subscription is active and a second subscription is non-active. A second device sends a request for switching to the second subscription. The subscription manager sets a first variable relating to a next active subscription to the second subscription. The subscription manager sends to the first device a message requesting the first device to re-launch an execution of the subscription manager and to read data. The first device sends to the subscription manager a message including a command for re-launching an execution of the subscription manager. The subscription manager de-activates, based upon the first variable value, the first subscription. The subscription manager activates, based upon the first variable value, the second subscription, and sends to the first device operating system data relating to the second subscription, as a current active subscription.

Abstract: A radio-frequency communication device includes connection means electrically connecting an integrated circuit component, or intended for this purpose; and selection means for selecting an electromagnetic current power supply for the component. The device includes an alternative power supply source for powering the component during the reception of an electromagnetic field as soon as the electromagnetic power supply current received by the component is insufficient.

Abstract: The invention proposes several improvements related to the management of secure elements, like UICCs embedding Sim applications, these secure elements being installed, fixedly or not, in terminals, like for example mobile phones. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.

Abstract: The present invention relates to a method for downloading a subscription from an operator to a UICC embedded in a terminal. The method includes transmitting from the terminal, to a platform, an identifier and a request for downloading the subscription; verifying in the platform that the terminal is authorized to download the subscription by verifying the rights of the terminal in accordance with its identifier; and downloading the subscription to the UICC if the rights are confirmed and, otherwise, refusing to download the subscription.

Abstract: The present invention provides a method for establishing a secure communication channel between a client (C) and a remote server (S), said client (C) and remote server (S) exchanging data through an intermediate entity (G), said client (C) having a long-term key pair (skc,pkc), said remote server generating an ephemeral key (sks,pks), the method comprising a mutual authentication step wherein the client (C) sends a public key (pkc) of said long-term key pair (skc, pkc) and the proof that said public key (pkc) is valid to the server (S), and wherein the remote server (S) sends the public key (pks) of said ephemeral key pair (sks,pks) to the client (C). The client (C) generates an ephemeral key pair (skCc,pkCc) and sends the public key (pKcc) of said ephemeral key pair (skcc,pkcc) to the server (S) so as to generate a secret common to the client (C) and to the remote server (S) for opening the secure communication channel.

Abstract: Method of detecting a jamming transmitter, affecting a communication user equipment, wherein said communication user equipment is adapted for communication with a component of a cellular code division multiple access based radio network having a number of user equipments and a number of base node stations, providing the user equipment in a connected mode of a communication radiolink with the component of the radio network wherein in the connected mode of said user equipment jamming detection steps are provided.

Abstract: A method for managing a subscriber device includes a first detection step in which a first device detects a first status relating to a presence of a subscriber device under a radio coverage of a home mobile network. In the first detection step, the first device intercepts a message for requesting whether the subscriber device has or has not been stolen, as request message, the request message originating from a Mobile Switching Center relating to the home mobile network and being addressed to an Equipment Identity Register relating to the home mobile network. A corresponding first device is also disclosed.

Abstract: The invention relates to a method 20 for signing data. According to the invention, the method comprises the following steps. A device generates a first cryptogram by using a predetermined payment transaction key, a predetermined algorithm and data relating to data to be signed, as input to the algorithm. The data to be signed being different from payment transaction data. The device sends, without going through any payment transaction channel, to a first server a first message including a request for validating a signature relating to the data to be signed accompanied with the first cryptogram and the data relating to the data to be signed. The first or a second server generates a second cryptogram by using the predetermined payment transaction key, the predetermined algorithm and the data relating to the data to be signed, as input to the algorithm. The first or the second server compares the second cryptogram to the first cryptogram.

Abstract: This invention concerns the implementation of end-to-end security for the communication between objects in the domain of the Internet of Things (or Internet of Objects). The purpose of the patent is dealing with the setup of secure authorized information channel between data source (M2M device) and data consumers (consumer entity). According to the present invention, the access to a M2M device by a consumer entity (consumer application) is controlled by a M2M authorization server. The M2M authorization server is the entity in charge of managing access rights for the M2M device and makes the decision regarding the access to the resource by the consumer entity (consumer application). The M2M server is an entity that enforces the decision and enables the access to the M2M device.

Abstract: The invention relates to an electronic module comprising a dielectric support film having a first side, conductor paths that are printed on said first side, and a semiconductor component which connects the conductor paths by means of electrical connections. The electronic module of the invention is characterized in that each electrical connection includes a lead wire that connects a contact of the semiconductor component to each path directly or via an island or an interconnection pad.

Abstract: The present invention relates to a method to independently complete the personalization of a token based on a secure hardware having the ability to store at least a secret and produced by a production entity, this completion of the personalization being performed at a business entity level with a business secret, comprising a preliminary personalization step wherein personalization data is stored in the token by the production entity, said token being associated with a unique sensitive credential recoverable from said personalization data using an external information, said external information being shared by a batch of tokens.

Abstract: To a method for accessing a service, at least one first user device executes a first application that communicates with a second user device application. The first user device sends to a remote server data relating to the first application execution, as a first user device report. The data relating to the first application execution includes information relating to either an incoming event or an outgoing event and at least one attribute relating to the first application execution. The remote server determines, based upon at least the first user device report, a trust level relating to the first user device. A third user device sends to the remote server a request for getting a trust level relating to the first user device. The remote server sends to the third user device, as a request response, the trust level relating to the first user device.

Abstract: The invention relates to a magnetic field transformation device comprising a battery, a processing unit, an antenna coupled with the processing unit and capable of exchanging data according to the standard ISO14443, a coil coupled with the processing unit and capable of radiating a low-frequency electromagnetic field corresponding to a succession of bits emulating the passing of a magnetic stripe.