Abstract: A method for routing at least one message, this method being implementation-dependent on a trusted operating system of an electronic device comprising an electronic assembly on which the trusted operating system and a Rich-OS operating system are executed. The method may include operations for consulting a trusted memory of a terminal, which may be called a first memory, and when the first memory contains a message, determining the operating system targeted by the message from among at least the Rich-OS operating system and the trusted operating system. And when the message targets the Rich-OS system, transferring the message from the first memory to a memory accessible to the Rich-OS system, which may be called a second memory.
Abstract: A microcircuit module for a smart card includes a generally rectangular carrier film (101) provided with eight contact pads on a first face thereof and with an electronic component on a second face, the electronic component being equipped with connection terminals to which the contact pads are connected via the carrier film. The eight contact pads are disposed in two parallel series of three contact pads (C1, C2, C3, C5, C6, C7), with two other contact pads (C?4, C?8) being disposed therebetween and each being positioned close to the contact pads from the ends of each of the series. The contact pads each measure at least 1.7 mm×2 mm. The contact pads of the two parallel series comply with ISO standard 7816 and the eight contact pads border each of the sides of the carrier film.
Abstract: A system for biometrically authenticating a user includes: elements for obtaining image data that are representative of at least one user-associated biometric feature and at least one user-associated identifier, elements for extracting the at least one biometric feature in the image data, elements for extracting the at least one identifier in the image data, elements for performing a search for a reference biometric feature associated with the at least one identifier, elements for comparing the extracted biometric feature with the reference biometric feature, and elements for authenticating the user in accordance with a result of the comparison.
Abstract: A microcircuit card body-based device with first and second electronic labels, the labels having respective first and second near-field electronic communications elements suitable for being activated by applying a magnetic field. The first and second labels also have respective first and second magnetic shielding elements placed, respectively, between a first face of the card body-based device and the first communications element and between a second face of the card body-based device and the second communications element in such a manner that applying the magnetic field to one of the faces of the body activates only one of the first and second communications elements.
Abstract: A method for making secure execution of a computer program includes the following steps: stacking a predetermined value in a pile of instructions of the program; and stack popping the pile, the stack popping step being adapted, as the case may be, to enable detection of an anomalous execution.
Type:
Grant
Filed:
July 6, 2004
Date of Patent:
April 22, 2014
Assignee:
Oberthur Technologies
Inventors:
Jean-Bernard Fischer, Hugues Thiebeauld De La Crouee
Abstract: The invention concerns an electronic entity comprising an electronic circuit and an antenna one part of which at least forms a conductive circuit connected to two ends of the electronic circuit. The projection of the circuit formed by the antenna and the electronic circuit in a plane which is substantially parallel thereto, forms an intersection-free line and the antenna includes a winding which extends over strictly more than one turn.
Abstract: A portable computer terminal having an operating system configured to switch from a first state to a second state in response to a first command from a user and to switch from the second state to the first state in response to a second command from the user, the second command including inputting an identification code of the user, the operating system being capable, in the first state, of causing execution in interactive manner of an application selected from a set of applications, the operating system being capable, in a second state, of causing execution in interactive manner of an application of said set of applications in compliance with an access condition, wherein the access condition is determined as a function of said first command.
Abstract: A support that includes a detachable element which has one border, of which at least a portion is attached to the support, with the border portions attached to the support all being so attached by weakened attachment seams, where the support also includes at least two lines of weakness that allow the support to be separated into at least two portions connected by a weakened attachment seam to the detachable element, with each of the lines of weakness being such that, when the support is bent along this line of weakness until it breaks, none of the weakened attachment seams breaks totally. Also disclosed is a method for the detachment of such a detachable element as well as a method for the manufacture of such a support.
Abstract: A data processing method, whereby an element is subjected to a first operation with a given operand. The method includes a step of updating by a second operation a first variable (B; a0; S?p, S?q) or a second variable (A; a1; Sp, Sq), depending on whether a corresponding bit of the operand=0 or 1; and a step of testing a relationship between a first value (B; a0; S?) derived from the first variable and a second value (A; a1; S) derived from the second variable. A related device is also disclosed.
Type:
Grant
Filed:
March 27, 2006
Date of Patent:
March 25, 2014
Assignee:
Oberthur Technologies
Inventors:
Arnaud Boscher, Christophe Giraud, Robert Naciri
Abstract: A method of protecting a secure USB key comprising: a step of obtaining at least one parameter concerning the use of a function that can be executed on said key; a step of detecting at least one blocking condition that depends on said parameter, and where appropriate, a first check step suitable for preventing the execution of said function; a step of detecting at least one determined event independent of said function; and a second check step suitable for authorizing the execution of said first check step only in the event of said determined event being detected, said second check step being active even when said blocking condition is not satisfied.
Abstract: A method of testing security of an electronic device against a combination of a side-channel attack and a fault-injection attack implemented during a method of cryptographic processing that includes: delivering a message signature based on a secret parameter and implementing a recombination of at least two intermediate values according to the Chinese remainder theorem; and verifying the signature on the basis of at least one public exponent. The method of testing includes: transmitting a plurality of messages to be signed by said electronic device; disturbing each message, including modifying the message by inserting an identical error for each message, before executing a step of determining one of the intermediate values; and analyzing physical measurements, obtained during the step of verifying the signature as a function of the message to be signed, the identical error for each message, and an assumption of a value of part of the secret parameter.
Type:
Application
Filed:
September 9, 2013
Publication date:
March 13, 2014
Applicant:
OBERTHUR TECHNOLOGIES
Inventors:
Guillaume Barbu, Alberto Batistello, Christophe Giraud, Soline Renner
Abstract: The invention relates to a method of initiating a conversation, the method comprising the following steps: obtaining (3030) a presentation content; then, once said content has been obtained, sending (3040) said content to a telecommunications terminal that is to be called; and a calling telecommunications terminal calling (3060) said telecommunications terminal that is to be called, the call (3060) including the calling terminal sending an identifier of the terminal that is to be called to a telephone switch; the method being characterized in that the step of obtaining and then sending the content are also performed by said calling telecommunications terminal.
Abstract: A method for creating a group signature of a message to be implemented by a member of a group in a system, the system including a trust authority, the group including at least the member provided with a secure portable electronic entity including storage elements and computing elements wherein are implanted a cryptographic algorithm. The method includes the following steps: generating via the computing elements a signature of the message using a private key common to the members of the group and integrating a data identifying the group member and a temporal data representing a temporal information of the member's membership to the group and of the date of the signature of the message, the private key common to the members of the group, the identifying data and the temporal data being stored in the storage elements.
Abstract: A secure element includes a boot program comprises instructions for the execution a startup step to determine if a non-volatile memory stores an active operating system, and, in the affirmative, to launch execution of the operating system, an authentication step of a updater device, as a function of first authentication data determined by a secure element and second authentication data received from the updater device, and, in response to the authentication step, a storage step of a new operating system received from the update, device in the non-volatile memory and an activation step of the new operating system, when said instructions are executed by a microprocessor.
Abstract: A management process for access to secure data includes: storing secure data associated with a first user and authentication data of said first user, managing access to the secure data of the first user, as a function of the authentication data of this first user. The process includes: storing, in the secure data of the first user, a heritage rule and a list of at least one second user and, for each second user of said list, an rule for access to secure data of the first user, storing authentication data for each second user of said list, and when the heritage rule is satisfied, managing access, by said at least one second user, to the secure data of the first user, as a function of the authentication data of the second user and of the rule for access of the second user.
Abstract: A method of packaging financial transaction instruments includes preparing a batch of cards, where each card is provided with a first piece of machine readable information, and where the cards in the batch are in an order. A batch of packaging blanks is prepared, where each packaging blank is provided with a second piece of machine readable information. Each packaging blank is provided with a third piece of machine readable information, which is recorded onto a magnetic stripe carried by the packaging blank. A card is picked from a first ordinal position in the batch of prepared cards. A packaging blank is picked from a position, corresponding to the first ordinal position, in the batch of prepared packaging blanks. The picked card in the picked packaging blank is enclosed if and only if a matching condition is verified between the first and second pieces of information is verified.
Abstract: The electronic device (10) comprising a microcircuit (18) module (20), a near-field communication antenna (36) electrically connected to the microcircuit (18) of the module (20), delimiting an antenna surface (S), and a body (12) incorporating the module (20). More precisely, the antenna (36) is arranged within the module (20) and the body (12) incorporates means (40) of amplifying the gain of the antenna (36) comprising an electrically conductive element (42) electrically isolated from the microcircuit (18) and the antenna (36), of an annular general shape arranged around an area (R) of the body (12) forming a volume generated by the projection of the antenna surface (S) along a direction (Z) substantially orthogonal to the surface (S).
Type:
Grant
Filed:
July 19, 2011
Date of Patent:
December 17, 2013
Assignee:
Oberthur Technologies
Inventors:
Loïc Le Garrec, Agnès Duval, François Launay
Abstract: A microcircuit card, includes an indicator (140), receiving elements for receiving an item of selection information for selecting an application and elements for commanding the indicator into a first configuration when the item of selection information designates a first application and into a second configuration, distinct from the first configuration, when the item of selection information designates a second application. A method implemented in such a card is also described.
Abstract: A method of transfer transferring a right to access a service from a device (2) of a lender (P) to a device (25) of a borrower (E), the method comprising: holding an access right to a service; obtaining authentication data associated with the borrower (E) or the borrower's device (25); duplicating said at least one access right (D1-D2); using a cryptographic key associated with the device (2) of the lender (P) to calculate a cryptogram containing authentication data and duplicated rights; and sending the cryptogram to the device (25) of the borrower (E). Correspondingly, the invention also provides a method of controlling access to such a service by a service provider, and also a method of managing a transfer of such access rights from the device (2) of the lender (P) to the service provider.
Abstract: A method for producing a number of chip cards includes a step for preparing a supporting film comprising a number of locations each of which constituting a card support and being provided with a cavity capable of receiving an integrated circuit, a step for processing this supporting film carried out, in part, by a multi-head tool, one of the heads of this tool being provided for carrying out an operation on a location of the film essentially at the same time as another head of this tool carries out the same operation on another location of this film, and a step for separating the locations after the processing step.