Abstract: System and method for providing and using expanded memory resources secure application environment is disclosed. An embodiment comprises a system and method for providing secure application functionality comprising receiving a request for a secure operation; determining if required application code for the secure operation is present in an application fragment store; sequentially loading a plurality of fragments of the required application code from an external memory, if the required application code is not present in the application fragment store; sequentially executing the plurality of fragments of the required application code; and sending a reply to the request for the secure operation. The system and method may further comprise decrypting each of the plurality of fragments of the required application code using a secure key prior to execution of the fragment and verifying the integrity of the code fragment.

Abstract: Embodiments relate to systems, methods and devices for asymmetric cryptographic authentication. In an embodiment, a system includes an accessory comprising an authentication chip, the authentication chip comprising a public authentication key, a private authentication key and data signed by a private verification key; and a device comprising a public verification key forming a verification key pair with the private verification key, the device configured to read the data and public authentication key from the authentication chip, verify the data and the public authentication key using the public verification key, and authenticate the accessory for use with the device using the public authentication key if verified.

Abstract: System and method for providing and using expanded memory resources secure application environment is disclosed. An embodiment comprises a system and method for providing secure application functionality comprising receiving a request for a secure operation; determining if required application code for the secure operation is present in an application fragment store; sequentially loading a plurality of fragments of the required application code from an external memory, if the required application code is not present in the application fragment store; sequentially executing the plurality of fragments of the required application code; and sending a reply to the request for the secure operation. The system and method may further comprise decrypting each of the plurality of fragments of the required application code using a secure key prior to execution of the fragment and verifying the integrity of the code fragment.

Abstract: An identification information transmission pathway is separated from a system side to be performed by a mobile authorization means of an owner of a security module in a wireless way. To this end, the security module comprises two interfaces, i.e. one for a communication with a terminal and a further one for wirelessly communicating with the mobile authorization means. The mobile authorization means supplies identification information to the security module for an authentication examination at its part, either stored in the authorization means in a memory or otherwise generated there, like e.g. via biometric sensors, via a keyboard or the like. The security module, performing the examination of the identification information, like e.g. preferably via a zero knowledge method or a zero knowledge protocol, respectively, only then indicates a request for an action at the terminal, like e.g. of a money transfer, when the examination is successful.

Abstract: An identification information transmission pathway is separated from a system side to be performed by a mobile authorization means of an owner of a security module in a wireless way. To this end, the security module comprises two interfaces, i.e. one for a communication with a terminal and a further one for wirelessly communicating with the mobile authorization means. The mobile authorization means supplies identification information to the security module for an authentication examination at its part, either stored in the authorization means in a memory or otherwise generated there, like e.g. via biometric sensors, via a keyboard or the like. The security module, performing the examination of the identification information, like e.g. preferably via a zero knowledge method or a zero knowledge protocol, respectively, only then indicates a request for an action at the terminal, like e.g. of a money transfer, when the examination is successful.