Abstract: A device implementing a system for authenticating an identity document includes at least one processor configured to receive, from a service provider, a request associated with verifying an integrity of an identity document, and capture, responsive to receiving the request, image data of the identity document. The at least one processor is further configured to generate a representation based on the image data, the representation comprising form factor data of the identity document, and compare the representation with a prior representation of the identity document, the prior representation comprising prior form factor data of the identity document. The at least one processor is further configured to provide, to the service provider, a response to the request based on comparing the representation with the prior representation.

Abstract: A method for signing up a user to a service for controlling at least one functionality in a vehicle (10) by means of a user terminal (20) comprises the following steps: —communicating a user identifier and an identifier associated with the vehicle (10) to a server (50); —having the server (50) authenticate an electronics unit (11) of the vehicle (10); —in the event of successful authentication, registering the user identifier and the identifier associated with the vehicle (10) in association with one another in the server (50).

Abstract: A device implementing a system for authenticating an identity document includes at least one processor configured to receive, from a service provider, a request associated with verifying an integrity of an identity document, and capture, responsive to receiving the request, image data of the identity document. The at least one processor is further configured to generate a representation based on the image data, the representation comprising form factor data of the identity document, and compare the representation with a prior representation of the identity document, the prior representation comprising prior form factor data of the identity document. The at least one processor is further configured to provide, to the service provider, a response to the request based on comparing the representation with the prior representation.

Abstract: The invention relates to an electronics unit (11) to be fit in a vehicle (10) and designed to control a functionality of the vehicle (10) upon receipt of a request from a user terminal (20), characterized in that same comprises:—a memory unit designed to store a counter and data representing a duration;—means for periodically modifying the value of the counter, the period of time being equal to said duration;—control means for controlling said functionality only when the counter is within a given range of values. Also disclosed are a method carried out in an electronics unit of said type, a method for sharing a time frame between a server and an electronics unit, and a method for synchronizing a server and an electronics unit.

Abstract: A method for verifying identity of a user of a communicating terminal, including: a preliminary operation including: communicating a first piece of identity data of a user to at least one server, generating a second piece of identity data of the user from the server, the second piece of data defining a derived identity of the user, and storing the second piece of identity data in a secure memory of the terminal; an operation for identity verification, including: transmitting a token for encryption from the server to the terminal, using the second piece of data at the terminal at least to generate an encryption of the token, the encrypted token being transmitted to the server and verified by the server, and in a case of positive verification of the encrypted token by the server, the server validates the identity verification of the user of the terminal.

Abstract: A method for generating a public identity for authenticating an individual carrying an identification object, the method including: entering an initial biometric datum of the individual; generating a first key from the biometric datum; generating a second key derived from a datum generated by a security component of the object; generating an initial encryption key combining the first key and the second key; communicating with a server a first identity of the individual in connection with the initial encryption key; generating by the server a public identity by encrypting the first identity using the initial encryption key, the public identity being stored by the server in connection with the initial encryption key. The public identity is not significant, but is secured by a strong connection between the object and biometry of the individual.

Abstract: A method for signing up a user to a service for controlling at least one functionality in a vehicle (10) by means of a user terminal (20) comprises the following steps: —communicating a user identifier and an identifier associated with the vehicle (10) to a server (50); —having the server (50) authenticate an electronics unit (11) of the vehicle (10); —in the event of successful authentication, registering the user identifier and the identifier associated with the vehicle (10) in association with one another in the server (50).

Abstract: The invention relates to an electronics unit (11) to be fit in a vehicle (10) and designed to control a functionality of the vehicle (10) upon receipt of a request from a user terminal (20), characterized in that same comprises:—a memory unit designed to store a counter and data representing a duration;—means for periodically modifying the value of the counter, the period of time being equal to said duration;—control means for controlling said functionality only when the counter is within a given range of values. Also disclosed are a method carried out in an electronics unit of said type, a method for sharing a time frame between a server and an electronics unit, and a method for synchronizing a server and an electronics unit.

Abstract: Ensuring the security of a data transmission by verifying an identity of a user, comprising: a prior step of enrolling a terminal of the user, comprising: an association of a authentic identity data item of the user and a data item of a terminal available to the user and communicating via a network, the association being stored with data for contacting the terminal via the network, and a determination of an identity derived from at least said information, stored in the memory of the terminal, in correspondence with a data item specific to the user, for the purposes of a later strong authentication based on both the data item specific to the user and on the derived identity, as well as a current step of verifying the user identity.

Abstract: Ensuring the security of a data transmission by verifying an identity of a user, comprising: a prior step of enrolling a terminal of the user, comprising: an association of a authentic identity data item of the user and a data item of a terminal available to the user and communicating via a network, the association being stored with data for contacting the terminal via the network, and a determination of an identity derived from at least said information, stored in the memory of the terminal, in correspondence with a data item specific to the user, for the purposes of a later strong authentication based on both the data item specific to the user and on the derived identity, as well as a current step of verifying the user identity.

Abstract: A method for generating a public identity for authenticating an individual carrying an identification object, the method including: entering an initial biometric datum of the individual; generating a first key from the biometric datum; generating a second key derived from a datum generated by a security component of the object; generating an initial encryption key combining the first key and the second key; communicating with a server a first identity of the individual in connection with the initial encryption key; generating by the server a public identity by encrypting the first identity using the initial encryption key, the public identity being stored by the server in connection with the initial encryption key. The public identity is not significant, but is secured by a strong connection between the object and biometry of the individual.

Abstract: A method for verifying identity of a user of a communicating terminal, including: a preliminary operation including: communicating a first piece of identity data of a user to at least one server, generating a second piece of identity data of the user from the server, the second piece of data defining a derived identity of the user, and storing the second piece of identity data in a secure memory of the terminal; an operation for identity verification, including: transmitting a token for encryption from the server to the terminal, using the second piece of data at the terminal at least to generate an encryption of the token, the encrypted token being transmitted to the server and verified by the server, and in a case of positive verification of the encrypted token by the server, the server validates the identity verification of the user of the terminal.

Abstract: The invention relates to a method for personalizing a secure processor in a NFC system to execute a secure application, comprising steps of obtaining by a server identification data of a user memorized in a secure storage medium, personalization data corresponding to the user identification data, and identification data of a NFC system of the user, comprising an encryption key of the secure processor, encrypting by the server personalization data using the encryption key, transmitting to the NFC system encrypted personalization data, receiving by the secure processor encrypted personalization data, deciphering personalization data, and memorizing in a secured way personalization data by the secure processor.

Abstract: A method for the secured loading of data into a first secured host processor of an NFC system comprising an NFC interface circuit for sending and receiving data, enabling a service to be accessed, the method comprising: generating a secret data, transmitting the secret data to the first host processor through a secured link, ciphering data to be loaded into the first host processor using a public key of the first host processor, and transmitting the ciphered data to the system for the first host processor which deciphers the data using a private key corresponding to the public key.

Abstract: A countermeasure method in an electronic component implementing an asymmetric private key encryption algorithm includes generating a protection parameter, calculating, using a primitive, an intermediate data from the protection parameter, dividing the binary representation of the private key into several binary blocks, transforming each binary block using the protection parameter and, for each transformed binary block, performing an intermediate calculation using the primitive, and calculating an output data by combining the intermediate data with the intermediate calculations.

Abstract: A countermeasure method in an electronic component implementing an asymmetric private key encryption algorithm includes generating a first output data, using a primitive, and a protection parameter, transforming, using the protection parameter, at least one element of a set consisting of the private key and an intermediate parameter obtained from the first output data, to respectively supply first and second operands, and generating, from an operation involving the first and second operands, a second output data.

Abstract: A method of protecting a microcircuit against attacks aimed at discovering secret data used on the execution, by the microcircuit, of an encryption algorithm includes generating at least one protection parameter for the secret data and modifying the execution of the encryption algorithm through that protection parameter. Generation of the at least one protection parameter includes defining a function generating, by successively applying to at least one secret parameter which is stored in memory, a sequence of values which can only be determined from that secret parameter and that function, and to generate the protection parameter in a reproducible way from at least one value in that sequence.

Abstract: The invention relates to a method for personalizing a secure processor in a NFC system to execute a secure application, comprising steps of obtaining by a server identification data of a user memorized in a secure storage medium, personalization data corresponding to the user identification data, and identification data of a NFC system of the user, comprising an encryption key of the secure processor, encrypting by the server personalization data using the encryption key, transmitting to the NFC system encrypted personalization data, receiving by the secure processor encrypted personalization data, deciphering personalization data, and memorizing in a secured way personalization data by the secure processor.

Abstract: A method for the secured loading of data into a first secured host processor of an NFC system comprising an NFC interface circuit for sending and receiving data, enabling a service to be accessed, the method comprising: generating a secret data, transmitting the secret data to the first host processor through a secured link, ciphering data to be loaded into the first host processor using a public key of the first host processor, and transmitting the ciphered data to the system for the first host processor which deciphers the data using a private key corresponding to the public key.

Abstract: A process and installation for automatic optimal location of a servicing operation on an integrated circuit. The accessible polygons are retrieved on the basis of topographic descriptive data and data representing the electrical circuit. For each step, different execution options are determined, each corresponding to each of the different accessible polygons, and a rating is calculated and assigned to each execution option as a function of the depth of each possible initial polygon with respect to the access surface, and of accessibility parameters of each possible initial polygon, and the optimal execution option to be used for executing each step of the servicing operation is determined automatically by a numerical optimization calculation using the ratings assigned to the different execution options of each step of the servicing operation.