Abstract: In a method and arrangement for variable generation of cryptographic securities of communications in a host device, for cryptographic security of a communication for a first purpose a first signature is used and for cryptographic security of a communication for a second purpose a second signature is used, the signatures being differentiated from each other by the type of their generation. A cryptologic module has a number of logic circuits and a changeover switch and is arranged externally of the postal security device and is connected at its output with an information input of the postal security device that has a logic circuit that applies a digital signal algorithm to the output signal supplied by the output in order to generate a signature.

Abstract: In a method and an arrangement for provision of at least one secured service via a security module of a franking machine for at least one procedure for data processing that is executed in a data processing device that can be connected with the franking machine, the procedure requests a secured first service from the security module in a request step; and the security module provides the first service in a provision step subsequent to the request step.

Abstract: In a method for real-time registration having high protection against tampering by means of a security module, an encrypted initial security value for translog file analyzers is made available an unencrypted real-time message is secured by appending an authentication code that the security module generates by inserting a current security value into an algorithm for authentication code for each real-time message that is likewise employed by each translog file analyzer. The first security value is formed according to a first mathematical function known to the translog file analyzer that allows a derivation of following security values. The authentication code is formed according to a second mathematical function known to the translog analyzer that is applied to the real-time message and to the current security value and that serves for the verification of the real-time message.

Abstract: In a test automation method and test system for a user end apparatus that can be communicatively connected with a test automation apparatus, at least one data processing unit and a non-volatile memory for storage of a test workflow program as well as a first external interface and a second external interface are provided. The user end apparatus has at least one control unit, a non-volatile memory and an external interface. The user end apparatus is protected by a security housing and has an external interface that can be placed in communication with the special second external interface of the test automation apparatus. By loading release software, the user end apparatus is programmed to generate test output signals and to supply these to the external interface.

Abstract: In a method for exchange of first cryptography data (such as a cryptographic key or a cryptographic certificate) associated with a first data processing device, the current cryptography data are stored in a memory of the first data processing device, with which a current expiration criterion is associated. The stored cryptography data are exchanged for new cryptography data in an exchange step; wherein a communication with a remote second data processing device ensues and the exchange step is implemented at the latest upon fulfillment of the current exchange criterion. The fulfillment of the exchange criterion associated with the current cryptography data and/or the data processing device is monitored in a second data processing device and the second data processing device initiates the exchange step upon fulfillment of the exchange criterion.

Abstract: In a method for compensation of the first postage value of an unusable printed franking imprint billed in a billing module of a franking arrangement, the occurrence of the unusable franking imprint is detected as a first error event, error information associated with the error event is stored, and information derived from the error information is transmitted to a reimbursement entity for initiation of the reimbursement of the postage value. The error amount information associated with the error event is increased by the postage value and the error amount information is transmitted to the reimbursement entity for initiation of the reimbursement of the postage value.

Abstract: In a method and a data center for implementation of at least a first transaction between a first data processing unit, in particular a franking machine, and a remote first data center, the first transaction is implemented in an implementation step via a communication connection between the first data processing unit and the first data center. In a specification step preceding the implementation step, a first item of transaction control information associated with the first data processing unit is provided by a first source, and; the first transaction is implemented in the implementation step dependent on the first item of transaction control information. In a specification step preceding the implementation step, a second item of transaction control information associated with the first data processing unit is provided by a second source. The first transaction is implemented in the implementation step dependent on the second item of transaction control information.

Abstract: In a method and arrangement for controlling the use of a service provided by the postal system for tracking and monitoring of postal shipments a service task is initiated as a result of a user input and transported postal shipments are tracked and postal shipment transport tracking information is processed (PTI) in a service device, and signaling conditions are preset, data sets with the signaling conditions are generated and stored in connection with a franking of mail pieces and an associated postal shipment identification is applied to the mail piece at a first location, mailing and PTI provision take place at a third location automatic PTI recall occurs from a third location and storage of the PTI occurs at a second location, data processing of the PTI takes place at the second location and a transfer of data back to the user proceeds from the second location, and the user is notified by signaling the presence of the PTI dependent on the pre-set signaling conditions.

Abstract: An arrangement for providing data in the context of security management for a franking system has a remote data center at which a list of data sets is stored the data sets containing security information as well as information regarding associated security policies, appertaining at least to security measures and the location of their storage in the franking system. A method for server-controlled security management of performable services in an electronic system includes the steps of receiving a request for a desired service, determining a security feature to be selected and generating a data set corresponding thereto, selecting a logical channel and transferring to data set via that channel establishing the service end, and waiting for receipt of a further service request or for the ending of the communication connection.

Abstract: In a method and a distribution system for the secure distribution of security modules, particularly for postage meter machines, for protecting against manipulation of security modules, only devices with security modules whose keys have not been comprised can be placed in operation by the customer under all circumstances, i.e. even when the cryptographic initialization at the production location has been comprehensively undermined. The generation and checking of markings, potentially in combination with certificates proceeds with a first marking of the shipping packaging of the security module ensuing at the manufacturing location after a first cryptographic initialization. The first marking is preferably a public key printed on a first label.

Abstract: In a method and arrangement for securely exchanging data between a first data processing unit and a second data processing unit, a secure communication channel is established between the first data processing unit and the second data processing unit in a communication configuration step, and a first message is transmitted from the second data processing unit to the first data processing unit via the secure communication channel in a data transmission step. During the data transmission step, the second data processing unit generates a second message by appending a predetermined annex to the first message and a third message by encrypting the second message using a secret key that is available only in the first data processing unit and in the second data processing unit and then transmits the third message to the first data processing unit.

Abstract: In a method and arrangement for exchanging data between a first processing unit, containing first status information about the first data processing unit, and a second data processing unit, containing second status information about the first data processing unit, data are exchanged between the first and second units during transactions that include a status-changing transaction, which can be of two different types. Upon a successful completion of the status-changing transaction, the first and second status information are revised so that they match. Upon an unsuccessful completion of the status-changing transaction, at least one of the first and second status information is set dependent on the type of the status-changing transaction.

Abstract: In a method and arrangement for variable generation of cryptographic securities of communications in a host device, for cryptographic security of a communication for a first purpose a first signature is used and for cryptographic security of a communication for a second purpose a second signature is used, the signatures being differentiated from each other by the type of their generation. A cryptologic module has a number of logic circuits and a changeover switch and is arranged externally of the postal security device and is connected at its output with an information input of the postal security device that has a logic circuit that applies a digital signal algorithm to the output signal supplied by the output in order to generate a signature.

Abstract: In a method for real-time registration having high protection against tampering by means of a security module, an encrypted initial security value for translog file analyzers is made available an unencrypted real-time message is secured by appending an authentication code that the security module generates by inserting a current security value into an algorithm for authentication code for each real-time message that is likewise employed by each translog file analyzer. The first security value is formed according to a first mathematical function known to the translog file analyzer that allows a derivation of following security values. The authentication code is formed according to a second mathematical function known to the translog analyzer that is applied to the real-time message and to the current security value and that serves for the verification of the real-time message.

Abstract: In a security module for a host device of an account management system, a host device for exchanging electronic goods, services, data and/or funds between host devices of an account management system as well as an account management system itself, in order to protect financial data and customer accounts at the highest level possible at the application layer, little use of organizational and administrative security measures is made, and technical and cryptographic security measures are built into the database and network systems that handle the account data.

Abstract: In a method and system and franking apparatus for franking postal matter and for inspection of the franking, postage fees are stored and debited in electronic form, and a fee stamp and a machine-readable date stamp containing encrypted data are applied to the postal matter. In order to satisfy high security demands to be met at a low cost, and to allow realization on a standard computer with a printer without additional hardware, an individual date stamp, distinguishable from the date stamps generated for other pieces of mail is generated for each piece of mail and is applied to the piece of mail. An inspection for multiple employment of postage fees and/or date stamps ensues on the basis of the date stamp. This inspection includes comparing a date stamp to be inspected to previously used date stamps stored in a data bank. Defrauders thus can be identified who, without paying, attempt to generate frankings or to multiply employ frankings, for example by copying.