Abstract: A method relates to a terminal for managing electronic coin datasets and to a corresponding terminal. The electronic coin datasets are output by a central issuer entity, wherein each electronic coin dataset has a test value, and the test value is incremented when the electronic coin dataset is directly transmitted between two terminals or the test value is invariant in the event of an action carried out by terminals on the electronic coin dataset. In the method, it is determined whether the electronic coin dataset is displayed by the terminal in the payment system or whether the electronic coin dataset is returned to the central issuer entity. A method in a payment system is provided for managing electronic coin datasets, to a corresponding payment system, and to a monitoring entity.

Abstract: A device for directly transmitting electronic coin data records to another device includes accessing data storage, such that an electronic coin data record is stored in the data storage; an interface at least for outputting the at least one electronic coin data record to the other device; and a computing unit configured to mask the electronic coin data record in the device by applying a homomorphic encryption function to the electronic coin data record to obtain a masked electronic coin data record for registering the masked electronic coin data record at a monitoring entity; and to output the electronic coin data record using the interface. A payment system has a monitoring layer including a database in which masked electronic coin data records are stored; and a direct transaction layer including at least two devices in which the method can be carried out.

Abstract: The invention relates to a method for directly transmitting electronic coin datasets between terminals, wherein a first terminal has at least one electronic coin dataset, and the at least one electronic coin dataset has a monetary value and a concealment value. The method has the steps of: determining a masking mode from at least two masking modes, a first masking mode consisting of: masking the electronic coin dataset, preferably in the first terminal, by applying a one-way function to the first coin dataset in order to obtain a completely masked electronic coin dataset; and registering a masked electronic coin dataset in a monitoring entity. The invention additionally relates to a payment system with a monitoring layer using a database, which is controlled in a decentralized manner and in which masked electronic coin datasets are stored, and a direct transaction layer, which uses at least two terminals and in which the method can be carried out.

Abstract: The invention relates to a payment system and a method for directly transmitting electronic coin datasets between terminals, wherein a monitoring entity registers anonymous masked electronic coin datasets. The method has the following steps in a first terminal; receiving an electronic coin dataset, said at least one electronic coin dataset having a monetary value and a concealment value; masking a modified electronic coin dataset or the received electronic coin dataset by applying a one-way function to the electronic coin dataset in order to obtain a masked electronic coin dataset; linking the masked electronic coin dataset to a pseudonym in order to obtain a pseudonymized masked electronic coin dataset, and transmitting the pseudonymized masked electronic coin dataset to the monitoring entity.

Abstract: A method is provided for directly transmitting electronic coin datasets between terminals in order to make a payment in a payment system. A first terminal has at least one electronic coin dataset, and the at least one electronic coin dataset has a monetary value and a concealment value as coin data set elements. The method has the steps of: masking a first coin dataset element of the electronic coin dataset to the first coin dataset element of the electronic coin dataset, to obtain a masked electronic coin dataset element; adding a second coin dataset element of the electronic coin dataset to the semi-masked electronic coin dataset, in order to obtain a semi-masked electronic coin dataset; and transmitting the semi-masked electronic coin dataset to a monitoring entity in order to register the electronic coin dataset.

Abstract: A method relates to a terminal for managing electronic coin datasets and to a corresponding terminal. The electronic coin datasets are output by a central issuer entity, wherein each electronic coin dataset has a test value, and the test value is incremented when the electronic coin dataset is directly transmitted between two terminals or the test value is invariant in the event of an action carried out by terminals on the electronic coin dataset. In the method, it is determined whether the electronic coin dataset is displayed by the terminal in the payment system or whether the electronic coin dataset is returned to the central issuer entity. A method in a payment system is provided for managing electronic coin datasets, to a corresponding payment system, and to a monitoring entity.

Abstract: A method for directly transmitting an electronic coin data record between first and second terminals, with the following steps carried out by the second terminal: receiving the electronic coin data record from the first terminal, wherein the at least one electronic coin data record includes a monetary amount and a concealment amount; generating a modified electronic coin data record using the received electronic coin data record; masking the modified electronic coin record by applying a homomorphic one-way function to the modified electronic coin record in order to obtain a masked modified electronic coin record; sending a registration request for the masked modified electronic coin data record to a monitoring entity. A currency system and a payment system includes a decentrally controlled database in which masked electronic coin data records are stored; and a direct transaction layer including at least two terminals in which the method can be carried out.

Abstract: A device for directly transmitting electronic coin data records to another device includes accessing data storage, such that an electronic coin data record is stored in the data storage; an interface at least for outputting the at least one electronic coin data record to the other device; and a computing unit configured to mask the electronic coin data record in the device by applying a homomorphic encryption function to the electronic coin data record to obtain a masked electronic coin data record for registering the masked electronic coin data record at a monitoring entity; and to output the electronic coin data record using the interface. A payment system has a monitoring layer including a database in which masked electronic coin data records are stored; and a direct transaction layer including at least two devices in which the method can be carried out.

Abstract: A method for individualizing a portable data carrier, in particular a chip card includes an end device that supplies data for configuring and/or updating one or more functions of the portable data carrier. The data are transmitted by the end device to the portable data carrier via a communication connection between the end device and the portable data carrier. A configurating and/or updating of the function or functions of the portable data carrier is effectuated by means of the data transmitted to the portable data carrier.

Abstract: A portable data carrier, in particular a chip card, comprises one or several sensors which are respectively arranged for detecting via the capture of measurement values a laying open of a surface of the portable data carrier as a detection event. It further comprises one or several output means for outputting signals perceptible by a user. The data carrier according to the invention is wherein it is arranged for outputting a signal via the one or more output means upon satisfaction of a detection criterion, the detection criterion being satisfied when the detection event is detected by at least a part of the sensors.

Abstract: A method for individualizing a portable data carrier, in particular a chip card includes an end device that supplies data for configuring and/or updating one or more functions of the portable data carrier. The data are transmitted by the end device to the portable data carrier via a communication connection between the end device and the portable data carrier. A configurating and/or updating of the function or functions of the portable data carrier is effectuated by means of the data transmitted to the portable data carrier.

Abstract: A method for authorizing a transaction has the following steps: inputting transaction data on a first mobile device, transmitting the transaction data from the first device to a background system by means of a first over-the-air interface, transmitting in encrypted manner at least a password to a second mobile device through the intermediary of the first mobile device, and authorizing the transaction by inputting the password displayed on the second device on the first device.

Abstract: A security element of a mobile device comprises a service-provider network subscription associated with a service provider. The security element is arranged such that the service-provider subscription is employable parallel to a user network subscription installed on the security element. A service associated with the service provider thus becomes utilizable on the basis of the service-provider subscription, independently of a user subscription that might be present on the same security element.

Abstract: A security element of a mobile device comprises a service-provider network subscription associated with a service provider. The security element is arranged such that the service-provider subscription is employable parallel to a user network subscription installed on the security element. A service associated with the service provider thus becomes utilizable on the basis of the service-provider subscription, independently of a user subscription that might be present on the same security element.

Abstract: A method for authorizing a transaction has the following steps: inputting transaction data on a first mobile device, transmitting the transaction data from the first device to a background system by means of a first over-the-air interface, transmitting in encrypted manner at least a password to a second mobile device through the intermediary of the first mobile device, and authorizing the transaction by inputting the password displayed on the second device on the first device.

Abstract: A method and a system for secure transfer of an application from a server (S) into a reading device unit (2) with authentication of a user with a data carrier unit (1), the server (S) making available the application, wherein, between the data carrier unit (1) and the server (S), a first cryptographically secured channel (K1) is set up based on first cryptographic information (A), and between a security module (3) of the reading device unit (2) and the server (S) a second cryptographically secured channel (K2) is set up based on second cryptographic information (B). The application is transferred from the server to the reading device unit via the second cryptographically secured channel (K2).

Abstract: A method and a system for secure transfer of an application from a server (S) into a reading device unit (2) with authentication of a user with a data carrier unit (1), the server (S) making available the application, wherein, between the data carrier unit (1) and the server (S), a first cryptographically secured channel (K1) is set up based on first cryptographic information (A), and between a security module (3) of the reading device unit (2) and the server (S) a second cryptographically secured channel (K2) is set up based on second cryptographic information (B). The application is transferred from the server to the reading device unit via the second cryptographically secured channel (K2).

Abstract: The invention relates to a system with a first electronic device (2), a security module (1) and a second electronic device (9, 10, 14, 21). The security module (1) is firmly bound to the first electronic device (2) and has a security unit (3) for securely storing data and/or for executing cryptographic operations and a first interface (4) for communicating with the first electronic device (2). The system according to the invention is characterized in that the security module (1) has a second interface for the direct contactless communication with the second electronic device (9, 10, 14, 21).