Abstract: A subscriber identity module (eUICC), comprises profiles for the utilization of a mobile terminal that include at least a first profile and at least a second profile, of which the second profile (Pr1, Pr2) is devised as an active profile. The first profile is designed as a root profile (PrR) which in a normal state of the subscriber identity module is in an inactive state, and which is devised to be activated in response to an authentication command (AUTHENTICATE) received at the subscriber identity module. The authentication command is specially parameterized for the root profile (PrR) with a specific root value of the network parameter (P2) to be activated during a change-over period. The initially active second profile (Pr1, Pr2) is deactivated during the change-over period. After the end of the change-over period, the first profile (PrR) is again deactivated and the second profile (Pr1, Pr2) is again activated.

Abstract: A method is provided for carrying out a cryptographically secured authentication which complies with the Universal Authentication Framework (UAF) of the FIDO Alliance. It is thus possible to employ an existing infrastructure of the FIDO Alliance and the method can be embedded into the infrastructure using standard interfaces.

Abstract: A multilayer, co-extruded foil stack has a layer of a layer having Tritan® and a layer arranged within the foil stack with a layer having polycarbonate. A card-shaped data carrier has at least the multilayer foil stack.

Abstract: The present invention is directed at a method for manufacturing a card-shaped data carrier, in which a material from nature, for example wood, is installed in a particularly advantageous manner. The invention is further directed at a correspondingly adapted apparatus for manufacturing the card-shaped data carrier as well as at the data carrier itself. Further, a computer program product is proposed, having control commands that implement the method and/or operate the proposed apparatus.

Abstract: A method for changing a geometry of an edge of a portable data carrier, wherein the geometry of the edge is changed in order to work on the edge and the outer side of the data carrier proceeding from a common side, without a spatial location of the data carrier being changed.

Abstract: A processor device with a white-box masked implementation of the cryptographic algorithm AES implemented thereon, which comprises a SubBytes transformation. The white-box masked implementation is hardened in that white-box round input values x? are supplied at the round input of rounds instead of the round input values x, said white-box round input values being formed from a concatenation of: (i) the round input values x that are masked by means of the invertible masking mapping A and (ii) obfuscation values y that are likewise masked with the invertible masking mapping A; wherein from the white-box round input values x? only the (i) round input values x are fed to the SubBytes transformation T, and (ii) the masked obfuscation values y are not.

Abstract: A method for manufacturing a chip card is provided by electroconductive connecting of a chip module to a chip-card body having at least one electrical contact area. The method includes adhesively connecting the chip module to the chip-card body by a thermoplastic, electroconductive elastomeric material such that the chip module is conductively connected to at least one electrical contact area of the chip-card body.

Abstract: A method for protection against a relay attack on a system is composed of at least a first and a second communication device. Data are transmitted wirelessly between the first and the second communication device. The first communication device ascertains a first spectrum of all wirelessly transmitted signals to be received at the location of the first communication device within a frequency band. The second communication device likewise ascertains a second spectrum of all wirelessly transmitted signals to be received at the location of the second communication device within the frequency band. The frequency band is limited by a minimum and a maximum frequency. The second communication device transmits the second spectrum to the first communication device. The first communication device compares the first spectrum with the second spectrum in order to ascertain whether the second communication device is located at the location of the first communication device.

Abstract: A method and a system for subscription management in a security element for a mobile end device, wherein one subscription profile is associated with one subscription. For a subscription profile, an access to functionalities of the security element is subscription-profile-specifically restricted.

Abstract: A chip set for a terminal comprises at least one secure processor, in which a one-time programmable memory is integrated. At least one terminal serial number of the terminal is stored in the chip set. Information for securing the terminal serial number against tampering is stored in the one-time programmable memory.

Abstract: A system for registering an MSISDN with a device hosting the UICC and in which the UICC is or can be operated includes a UICC provisioning server operated by an UICC different from the MNO. A Local Profile Assistant LPA is installed within the device or the UICC, and enables establishment of secured data sessions between the UICC and the UICC provisioning server. A modem is installed within the device or UICC. The modem enables communication of the device within a mobile network operator MNO mobile network. An MSISDN retrieval logic is associated with the LPA. A logic is constructed to perform a retrieval sequence with the foregoing components and data.

Abstract: A method for authorizing a transaction reading out a first code and a second code by means of a first mobile device. The second code contains information items for decrypting the first code. From the read-out codes a first signature confirming the transaction vis-à-vis the system is generated, which is transmitted to the system. Subsequently, an authorization of the transaction is effected.

Abstract: A method for reading an identity document, a readout terminal and a readout system, which simplifies the multiple reading of identity documents. According to the method, an authentication key and an information item are stored in hidden fashion in the chip of the identity document.

Abstract: The present invention is directed to a method for supplying an optical security element in a value document, as well as to an accordingly devised apparatus for adjusting an optical security element as well as to the value document per se. According to the invention a method is proposed which makes it possible to supply a known optical security element in an especially simple technical way, without a vapor deposition of embossed structures being necessary in this connection. Further the present invention is directed to a computer program product having control commands, which executes the method or operates the proposed apparatus.

Abstract: A method for the initial operation and personalization of a subscriber identity module in a mobile radio network, prior to its first initial operation in the mobile radio network, the subscriber identity module does not yet include an individual secret key and is being equipped with an individual, unique parameter data set only after its first initial operation in the mobile radio network. A mobile radio server takes on, from the subscriber identity module, an authentication message formed with a preliminary parameter data set comprising an individual, unique subscriber identification and a non-individual, non-unique preliminary secret key, and sends, after a verification, in response thereto an individual, unique final secret key to the subscriber identity module for programming into the subscriber identity module. The preliminary parameter data set is introduced into the subscriber identity module selectively during production or by an initializing step based on an initial parameter data set.

Abstract: A method for the communicating of a subscriber identity module, implemented or implementable in an end device, in which at least one profile is adapted for the utilization of the mobile end device in a mobile communication network, vis-à-vis a server, in which method a message from the subscriber identity module is sent to the server. Before the sending of the message, a step of the establishing of a technology is carried out in the subscriber identity module in which there is established, which technology the profile corresponds to, and the sending is carried out compliant with the technology. The communicating can involve the notifying of a profile change effected in the subscriber identity module.

Abstract: A method for providing a personal identification code of a security module, includes a personal identification code assigned to the security module and a server is provided which a user of the security module can access after an authentication. In the method, triggered by a request from the user at the server, an authentication code is transmitted to a terminal of the user by means of a first message. An authentication code input by the user is received at the server, whereupon it is verified whether the input authentication code matches the authentication code transmitted to the terminal, wherein, in the case of a match, the personal identification code is transmitted to the terminal of the user by means of a second message.

Abstract: A method for securing a transaction in a reputation system includes the following steps: authenticating a user vis-à-vis an end device by means of an electronic proof of identity for releasing authentication data for the digital identity that are stored on the end device, and authenticating the digital pseudonym assigned to the user vis-à-vis the reputation system by means of the end device while employing the stored authentication data pertaining to the digital pseudonym. The electronic proof of identity can be present as an electronic identity card in the form of a portable data carrier.

Abstract: A composite film material usable in a data carrier card body includes a first outer plastic layer, an inner plastic layer and a second outer plastic layer, all the layers together forming a co-extruded composite. The plastic material of the first outer layer is a polyethylene terephthalate glycol copolymer (PETG) or contains a PETG, the plastic material of the inner layer is a thermoplastic copolyester elastomer (TPC) or contains a TPC, and the plastic material of the second outer layer is a PETG or contains a PETG.

Abstract: A method for manufacturing a portable data carrier by means of a continuous manufacturing method, comprises the steps: providing at least one foil as a rolled good, unrolling at least one first foil, with at least a first foil being coated at least partly with an adhesive on at least one side, with at least the first foil being scored on at least one side along at least one creasing edge, with at least the first foil being folded up in precise fit along at least one creasing edge and bonded, with the foil being folded up in the direction of the side which is coated with adhesive, with the side coated with adhesive being arranged on the opposite side of the foil which has at least one scored creasing edge along which it is folded.