Abstract: A method for loading a profile for a mobile radio subscription from a data preparation server into a subscriber identity module, comprises the steps: (a) providing a profile at the data preparation server; (b) generating a single executable program code module of the profile provided according to (a), which program code module is arranged such that by executing the executable program code module the profile is installed in the subscriber identity module; (c?) loading the single executable program code module into the subscriber identity module. A method for installing a profile in the subscriber identity module, comprises the steps: (d) sending an APDU command from the data preparation server to the subscriber identity module; (e) in reaction to a reception of the APDU command at the subscriber identity module, executing the executable program code module and by executing installing the profile in the subscriber identity module.

Abstract: A loading package is adapted for loading a profile for a subscription into a subscriber identity module. A loading sequence through the implementation of which in the subscriber identity module the profile is set up in the subscriber identity module. A profile loading counter sequence is generated on the basis of a counter reading of a profile loading counter maintained at a data preparation server; is adapted to load into the subscriber identity module a profile loading counter with the generated counter reading; and is loaded into the subscriber identity module before the loading sequence. The profile loading counter sequence is further adapted if no implemented profile loading counter is present in the subscriber identity module, to implement the profile-loading counter in the subscriber identity module with a counter reading which determines an admissible number of times which the loading package may be loaded into the subscriber identity module.

Abstract: The invention creates a data carrier, in particular chip card, in particular smart card, having a device for generating one-time passwords and having a display for displaying generated one-time passwords. Preferably the data carrier is a Eurocheque card or credit card with the integrated function of an electronic purse (cash card function) and the generated one-time password is a transaction number (TAN) for acknowledging a secure electronic payment transaction.

Abstract: A method for producing an output bit stream for a first signal of a first carrier frequency by a security module involves the security module receiving an input signal comprising the first signal and a second signal of a second carrier frequency. A mixed signal is formed which has the first signal at the first carrier frequency, the second signal at the second carrier frequency, and a mixed product at an intermediate frequency. The mixed product is demodulated by a second nonlinear component to output a second baseband signal for generating a second bit stream relating to the first signal in the mixed product. The output logic produces the output bit stream for the first signal, and selects either the first bit stream or the second bit stream as the output bit stream for the first signal.

Abstract: A method for carrying out a transaction between a portable data carrier, such as a chip card, and a terminal is described. An information item (TID) about the terminal is transferred to the portable data carrier upon the transmission of transaction data by a communication between the portable data carrier and the terminal. As a result, the portable data carrier obtains from the information item a locational position (ZID, WID, GID) of the terminal. Further, there is ascertained a locational position (OP) of the portable data carrier to which the portable data carrier has access. Finally, the portable data carrier compares the locational position (ZID, WID, GID) of the terminal with its locational position (OP), and initiates a measure for protecting the transaction in case a deviation between the two locational positions (ZID, WID, GID; OP) exceeds a predetermined threshold.

Abstract: A method for managing subscriptions on a security element for a mobile end device comprises the following steps: for each subscription of a plurality of subscriptions a quality of service is determined. On the basis of the qualities of service determined for the individual subscriptions a subscription is selected. The selected subscription is subsequently employed for a data communication of the end device with a corresponding communication partner. The method is wherein the managing of the subscriptions is controlled at least partly by an external subscription management device which is distinct from the security element and the end device.

Abstract: The invention creates a method for the contactless readout of an electronic identification document by means of a terminal, wherein in a data reading step encrypted identification data from a data memory are transmitted to the terminal, and in a key reading step the data key with which the identification data can be decrypted is transmitted to the terminal, and in the terminal the identification data are decrypted with the data key. The data reading step is carried out employing a long-range radio connection, and the key reading step is carried out employing a short-range radio connection.

Abstract: A method for authorizing a transaction has the following steps: inputting transaction data on a first mobile device, transmitting the transaction data from the first device to a background system by means of a first over-the-air interface, transmitting in encrypted manner at least a password to a second mobile device through the intermediary of the first mobile device, and authorizing the transaction by inputting the password displayed on the second device on the first device.

Abstract: A method is provided for installing a security-relevant portion of an application made available by an application provider in a security element of a terminal. The terminal requests the application from the application provider and receives the application. Subsequently, the received security-relevant portion of the application is transmitted to a trustworthy instance administrating the security element. The trustworthy instance subsequently installs the security-relevant portion of the application in the security element.

Abstract: A method for operating a security element, preferably in the form of a chip card, having a processor, and a memory. stores an operating system comprising an operating-system kernel and at least one additional operating-system module for supplying optional operating-system functionalities, and at least one access permission associated with the operating-system module and determining whether the operating-system module can be accessed during operation of the security element. The method comprises the step of changing the access permission for the operating-system module for supplying optional operating-system functionalities in reaction to the receiving of a message from a server. The message from the server may be an OTA message sent from the server to the security element via a mobile radio network.

Abstract: A card body for a data carrier comprises at least a first and a second foil. The first foil comprises a first light-conducting areal region of a light-conducting material and a first opaque areal region of an opaque material adjoining the first light-conducting areal region. The second foil comprises a second light-conducting areal region of a light-conducting material adjacent to a second opaque areal region. The first and second foils are arranged lying one above the other areally. The first and second foils are aligned such that the first and second light-conducting areal regions form an overlap region. The card body comprises a first cover foil configured to be opaque and arranged above the first foil. The transition from the first and second light-conducting areal regions to the first and second opaque areal regions has light-scattering particles.

Abstract: A method for producing a portable data carrier includes a spatial structure printed on a first foil. Electroconductive lines are applied first, and components are subsequently inserted in the structure, wherein the structure corresponds to the dimensions or the shape and size of the inserted components. The components are electroconductively connected to the lines therein. A cover is printed over the components. A second foil can be applied to the cover, wherein a design print can be applied to both foils. A gap can be incorporated in the structure and the foils, in order to insert a chip module.

Abstract: A method is provided for activating a subscription on a security element which is part of a mobile end device, and is insertable or permanently installed therein. The method comprises the following steps: receiving a request from the security element by a mobile radio system to communicate over a mobile radio network of the mobile radio system; establishing the position of the mobile end device; and checking by the mobile radio system whether the established position of the mobile end device falls within a predefined range of allowed positions, wherein the subscription on the security element is activated and thereby the security element enabled to communicate over the mobile radio network if the established position of the mobile end device falls within the predefined range of allowed positions.

Abstract: (EN) The invention relates to an optically variable security element (20) for securing data carriers, having a flip image comprising first and second identifiers (24, 26) which can be detected from different first and second viewing directions (40, 42). According to the invention, the first and second identifiers (24, 26) of the flip image are present in an optically variable recording layer (30), which has a reflective layer (52) produced by a vacuum deposition process, and the security element (20) contains a viewing element screen (32) which is spaced apart from the recording layer (30) and which, when viewed from the first or second viewing direction (40, 42), reveals the first or second identifiers (24, 26), respectively.

Abstract: An IC module for installation in a portable data carrier and for electrical connection with an electronic device located in the data carrier supports at least two different connection technologies. It carries for this purpose contacting elements having a first set of contacting pads for a first connection technology and a second set of contacting solder areas for a second connection technology. A contacting pad of the first set of contacting pads in each case is connected electroconductively to a contacting pad of the second set of contacting pads. The connection can preferably be electively effected by a pressure-form technology or by means of connection wires as a soldered connection.

Abstract: A method for transmitting information from a first security module to a second security module involves a system comprising the first and the second security modules. An anti-collision phase comprises a sequence of anti-collision queries, and a communication phase follows the anti-collision phase. The first security module transmits the information to be transmitted to the second security module in the anti-collision phase by sending responses of the first security module to the sequence of anti-collision queries, with the information to be transmitted being encoded in the responses of the first security module. The second security module decodes the information to be transmitted from the sequence of the received anti-collision queries. Furthermore, the invention discloses a first and a second security module, in particular for transmitting information.

Abstract: A method and a system are provided for providing a subscription profile on a mobile terminal for communication via a mobile communication network. The method comprises the following steps: the logging in of a first mobile terminal with a first subscription profile to a mobile communication network; the downloading of a second subscription profile to the first mobile terminal via the mobile communication network; and the forwarding of the second subscription profile from the first mobile terminal to a second mobile terminal via a communication channel.

Abstract: A method for supplying visually encoded image data for displaying through a mobile end device includes supplying a datum. A device type of the end device is ascertained on the basis of a user identity which is assigned to a security element integrated into the end device. On the basis of the device type of the end device, the device properties of the end device are ascertained which influence a displaying of visually encoded image data on the end device. On the basis of the ascertained device properties, an image data representation information item is generated for generating visually encoded image data for the end device in device-specific fashion. Finally, the visually encoded image data are generated based on the image data representation information item in device-specific fashion for representing the datum on the end device.

Abstract: A method for operating a security element which is part of a mobile end device, and a security element, have functionality depending on a set of operating parameters that is deposited on the security element. The method comprises the following steps: operating the security element with the set of operating parameters that is deposited on the security element; collecting data about the use of the security element and/or of the mobile end device; selecting a use profile on the basis of the collected data, with the use profile being assigned a set of operating parameters that is matched thereto; and operating the security element with the set of operating parameters that is matched to the selected use profile.

Abstract: A security element of a mobile device comprises a service-provider network subscription associated with a service provider. The security element is arranged such that the service-provider subscription is employable parallel to a user network subscription installed on the security element. A service associated with the service provider thus becomes utilizable on the basis of the service-provider subscription, independently of a user subscription that might be present on the same security element.