Abstract: The present invention provides a method and a device to convert a time varying optical pattern emitted by a display into a digital data signal. More specifically the invention allows a handheld security token to convert a time-varying light intensity pattern emitted by a source such as a computer screen into a digital signal including a sequence of coded data symbols. The invention is based on the insight that the intensity of light emitted by regions of said source can be easily sampled by a simple low-cost processor if appropriate A/D conversion hardware converts the incident light into an electrical signal which is time varying, whereby the base frequency of this electrical signal is a function of the light intensity. Intensity levels used for channel coding and symbol clock can be recovered from the signal by the receiver.

Abstract: An electronic power supply circuit for battery-powered hardware devices is disclosed which can be electronically switched to supply any of at least two predetermined voltages wherein the batteries are switched in parallel or in series depending on the desired voltage. Also disclosed is an electronic apparatus comprising the electronic power supply circuit, which in some modes of operation uses the highest of the two predetermined voltages and which in other modes of operation can function with the lower of two predetermined voltages, and includes control logic that switches the electronic power supply circuit to supply said higher voltage when the apparatus in a mode in which it uses this higher voltage and that switches said electronic power supply circuit to supply said lower voltage at least during some of the modes in which the apparatus can function with the lower voltage.

Abstract: Strong authentication tokens for generating dynamic security values having an acoustical input interface for acoustically receiving input data are disclosed. The tokens may also include an optical interface for receiving input data and may have a selection mechanism to select either the acoustical or the optical input interface to receive data. A communication interface may be provided to communicate with a removable security device such as a smart card and the token may be adapted to generate dynamic security values in cooperation with the removable security device. The acoustic signal received by the token may be modulated using a frequency shift keying modulation scheme using a plurality of coding frequencies to code the acoustical signal where each coding frequency may be an integer multiple of a common base frequency.

Abstract: Methods and apparatus for encoding and decoding data transmitted acoustically and/or optically to strong authentication tokens to generate dynamic security values are disclosed. The tokens may also include a selection mechanism to select either an acoustical or an optical input interface to receive data. A communication interface may be provided to communicate with a removable security device such as a smart card and the token may be adapted to generate dynamic security values in cooperation with the removable security device.

Abstract: The present patent application discloses a USB token that advantageously mimics a human interface device such as a keyboard in interacting with a host computer, thus removing the need for pre-installation of a dedicated device driver. This is accomplished by requiring the host computer to direct the input of the attached human interface devices of the keyboard type, including the USB token, exclusively to the program interacting with the USB token, by using cryptographic algorithms based on a shared secret, which require less data to be transferred than PKI-based algorithms, and by employing an efficient encoding scheme that minimizes the time needed to exchange information with the USB token, and minimizes the probability of generating ambiguity with input that might legitimately be generated by other attached human interface devices.

Abstract: The invention relates to modulation and demodulation circuits, such as envelope detectors used to demodulate amplitude-modulated (AM) signals. By coupling an analog circuit to a port of a digital component, a compact envelope detector can be obtained, which achieves demodulation of AM signals for direct coupling into a digital input port. Accordingly, a compact envelope detector may be used in the data receiving part of a sealed device requiring post-manufacturing data transfer, in combination with additional components that provide electromagnetic coupling, such as inductive, capacitive, or radiative. An example of such a device is a credit card sized authentication token.

Abstract: The invention relates to the field of modulation and demodulation circuits, such as envelope detectors used to demodulate amplitude-modulated (AM) signals. By coupling an analog circuit to a port of a digital component, an envelope detector can be obtained, which achieves demodulation of AM signals for direct coupling into a digital input port. Accordingly, an envelope detector may be used in the data receiving part of a sealed device requiring post-manufacturing data transfer, in combination with additional components that provide electromagnetic coupling, such as inductive coupling, capacitive coupling, or radiative coupling. An example of such a device is a credit card sized authentication token.

Abstract: The invention relates to a method to efficiently transmit a digital message over a unidirectional optical link, such as the link between a computer screen and a security token equipped with photosensitive elements. It is an object of this invention to provide a source coding scheme that is optimized for transmissions of alphanumerical data containing frequent occurrences of numerals and less frequent occurrences of non-numerical data. This is achieved by using a modified Huffman code for source coding, consisting of a nibble-based prefix-free binary code. The output of the coder is efficiently mapped onto a 6B4T channel code, wherein unused ternary codewords can be used to signal data-link layer events. This efficient signalling of data-link layer events, in turn, allows for a synchronization scheme based on repeated transmissions of a finite-length message, combined with an out-of-band clock signal.

Abstract: The present invention defines a strong authentication token for generating different dynamic credentials for different application providers comprising an input interface providing an output representing an application provider indicator; a secret key storage for storing one or more secret keys; a variability source for providing a dynamic variable value; a key providing agent for providing an application provider specific key as a function of said application provider indicator using one or more keys stored in said secret key storage; a cryptographic agent for cryptographically combining said application provider specific key with said dynamic variable value using symmetric cryptography; a transformation agent coupled to said cryptographic agent for transforming an output of said cryptographic agent to produce a dynamic credential; and an output interface to output said dynamic credential.

Abstract: The present invention relates to the field of securing electronic transactions and more specifically to methods to indicate and verify the approval of the risk level of a transaction and to apparatuses for generating transaction risk level approval codes. In a method according to the invention transactions are classified into a limited number of categories. A user submitting a transaction to a server is requested to also generate and submit a dynamic transaction category approval code for the submitted transaction. On the server side a corresponding verification value is generated for the received transaction. In an alternative method according to the invention transactions are assigned one of a limited number of risk levels. A user submitting a transaction to a server is requested to also generate and submit a dynamic risk level approval code for the submitted transaction. On the server side a corresponding verification value is generated for the received transaction.

Abstract: The invention relates to the field of modulation and demodulation circuits, such as envelope detectors used to demodulate amplitude-modulated (AM) signals and amplitude-shift-keying (ASK) signals. By judiciously coupling an analog circuit comprising one resistor and two capacitors which are judiciously dimensioned to a port of a digital component, an extremely compact envelope detector can be obtained, which achieves demodulation of a binary ASK signal for direct coupling into a digital input port. Accordingly, a very compact envelope detector may advantageously be used in the data receiving part of a sealed device requiring post-manufacturing data transfer, in combination with additional components that provide electromagnetic coupling, such as inductive coupling, capacitive coupling, or radiative coupling. An example of such a device is a credit card sized authentication token, the electrical personalization of which happens after the production of the card-like housing.

Abstract: The invention relates to a method to efficiently transmit a digital message over a unidirectional optical link, such as the link between a computer screen and a security token equipped with photosensitive elements. It is an object of this invention to provide a source coding scheme that is optimized for transmissions of alphanumerical data containing frequent occurrences of numerals and less frequent occurrences of non-numerical data. This is achieved by using a modified Huffman code for source coding, consisting of a nibble-based prefix-free binary code. The output of the coder is efficiently mapped onto a 6B4T channel code, wherein unused ternary codewords can be used to signal data-link layer events. This efficient signalling of data-link layer events, in turn, allows for a synchronization scheme based on repeated transmissions of a finite-length message, combined with an out-of-band clock signal.

Abstract: The present invention provides a method and a device to convert a time varying optical pattern emitted by a display into a digital data signal. More specifically the invention allows a handheld security token to convert a time-varying light intensity pattern emitted by a source such as a computer screen into a digital signal including a sequence of coded data symbols. The invention is based on the insight that the intensity of light emitted by regions of said source can be easily sampled by a simple low-cost processor if appropriate A/D conversion hardware converts the incident light into an electrical signal which is time varying, whereby the base frequency of this electrical signal is a function of the light intensity. Intensity levels used for channel coding and symbol clock can be recovered from the signal by the receiver.

Abstract: The present patent application discloses a USB token that advantageously mimics a human interface device such as a keyboard in interacting with a host computer, thus removing the need for pre-installation of a dedicated device driver. This is accomplished by requiring the host computer to direct the input of the attached human interface devices of the keyboard type, including the USB token, exclusively to the program interacting with the USB token, by using cryptographic algorithms based on a shared secret, which require less data to be transferred than PKI-based algorithms, and by employing an efficient encoding scheme that minimizes the time needed to exchange information with the USB token, and minimizes the probability of generating ambiguity with input that might legitimately be generated by other attached human interface devices.