Abstract: The invention relates to a system on a chip comprising a secure element comprising a processing unit that is configured to send instructions to a rewritable non-volatile memory external to the system on a chip and connected thereto, the secure element further comprising a secure non-volatile memory and a secure volatile memory, wherein the processing unit of the system on a chip is configured to control: the storage, in the rewritable non-volatile memory of at least one object having a current version, and of a dedicated directory associating an identifier of each object with an identifier of the current version of this object, the dedicated directory further comprising an identifier of its own current version; and the storage, in the non-volatile memory of the secure element, of the identifier of the current version of the dedicated directory

Abstract: The disclosure proposes a method in a first device comprising a transaction history and a generation counter, this device processing transactions with a second device. During a current transaction: receipt of data comprising a public key of the second device, a second generation counter and an identifier of the current transaction; verification that the first and second generation counters coincide; verification that the history comprises an input associated with the public key; approval of the current transaction if the transaction identifier satisfies a condition indicating the uniqueness of the current transaction; storage in the history of a new input with the public key; and update of an account balance to pay a credit to an account. The method also comprises: detection of a risk of saturation of the memory of the first device; update of the first generation counter and eviction of the memory.

Abstract: An eUICC card comprising an initial runtime environment, subscriber profiles, associated adapters, and an adaptive routine configured to apply these adapters. An adapter enables the initial runtime environment to be adapted to the specificities of the corresponding profile when the latter is enabled. To enable dynamic adaptation of the runtime environment to the profiles used, the eUICC card further comprises inverse adapters associated with the profiles. The inverse adapter of the active profile makes it possible to restore the initial runtime environment upon disabling or deleting this profile. The adaptation can consist of modifying a Java class of the Java Card runtime environment of the eUICC, to the specificities of a profile.

Abstract: Method for verifying data generated by an electronic device included in equipment, the electronic device including a computing unit, a one-time programmable memory and a volatile memory, the equipment including a rewritable non-volatile memory and a communication bus enabling the electronic device to store data in the rewritable non-volatile memory. The method includes: creating a secured channel by encryption between the equipment and a server; obtaining an authentication key from the server; loading data and a message authentication code from the rewritable non-volatile memory to the volatile memory, the message authentication code obtained by the electronic device from the authentication key and said data prior to the storage of said data and message authentication code in the rewritable non-volatile memory, the electronic device not having kept the authentication key following the obtaining of the message authentication code; verifying said data using the secret key and the message authentication code.

Abstract: A secure element and method for backup of data stored in a non-volatile memory of the secure element. The method for backup of data includes de-fragmenting an area of the non-volatile memory so as to form, in the area, an occupied region and a free region. The method further includes compressing the portion of data contained in the occupied region, after de-fragmentation, and compressing the contents of the free region using a compression algorithm that is different from the one used for compressing the portion of data contained in the occupied region. In one embodiment, the occupied region is compressed using a dictionary, and the free region is compressed by applying run-length encoding (RLE). The method also includes generating a backup image containing the compressed portion of data and the compressed contents of the free region, and writing the backup image into the nonvolatile memory. The area may contain objects to be handled by a program coded in an object language.

Abstract: Applets (AA1, AB1) are developed in object-oriented language and compiled in bytecode. A software firewall of an operating system installed in an electronic component of the iUICC type or on an electronic card of the eUICC type checks execution thereof. The operating system comprises an interpreter interpreting and executing the bytecode of the applets (AA1, AB1), each applet (AA1, AB1) being associated with a single context (CA1, CB1, JB), each context (CA1, CB1, JB) being associated with one or more applets. In addition, each context (CA1, CB1, JB) is associated with a single use profile (PA, PB) among a plurality of use profiles, and each use profile (PA, PB) is associated with one or more contexts (CA1, CB1, JB).

Abstract: Method for verifying data generated by an electronic device included in equipment, the electronic device including a computing unit, a one-time programmable memory and a volatile memory, the equipment including a rewritable non-volatile memory and a communication bus enabling the electronic device to store data in the rewritable non-volatile memory. The method includes: creating a secured channel by encryption between the equipment and a server; obtaining an authentication key from the server; loading data and a message authentication code from the rewritable non-volatile memory to the volatile memory, the message authentication code obtained by the electronic device from the authentication key and said data prior to the storage of said data and message authentication code in the rewritable non-volatile memory, the electronic device not having kept the authentication key following the obtaining of the message authentication code; verifying said data using the secret key and the message authentication code.

Abstract: The present invention notably relates to a method for saving data stored in memory in a non-volatile memory (2) of a secure element (1), the method being characterized by steps for generating a backup image (IS) containing the data stored in memory in the non-volatile memory (2) and for writing the backup image (IS) into the non-volatile memory (2) of the secure element (1). The present invention also relates to a method for restoring saved data.