Abstract: A card (35) generates a dynamic security code for a card transaction, e.g. a card not present (CNP) transaction. The card (35) receives a request (83) to generate a dynamic security code from an electronic device (10) external to the card via an external card interface (330). The card (35) receives a message (87) comprising a time via the external card interface (330). The card (35) computes (89) the dynamic security code based on the time and a key (dCVV-key) stored at the card. The card (35) sends the dynamic security code (90) to the electronic device (10) via the external card interface (330) for display on a display (14) of the electronic device (10). The card (35) may determine (88) an authenticity of the message comprising the time.

Abstract: An electronic device generates a dynamic security code for a card transaction, e.g. a card not present transaction. The electronic device receives a user request to generate a dynamic security code. The electronic device sends a time request to a time source and receives a message including a time from the time source. The electronic device determines an authenticity of the message containing the time and computes the dynamic security code based on the time received in the message and a key stored at the electronic device. The electronic device causes the dynamic security code to be displayed on a display of the electronic device. The electronic device may be capable of computing a dynamic security code for a plurality of different cards. The electronic device may be a smart phone, a tablet, or a personal computer.

Abstract: Disclosed is a card that generates a dynamic security code for a card transaction, e.g. a card not present transaction. The card receives a request to generate a dynamic security code from an electronic device external to the card via an external card interface. The card receives a message including a time via the external card interface. The card computes the dynamic security code based on the time and a key stored at the card. The card sends the dynamic security code to the electronic device via the external card interface for display on a display of the electronic device. The card may determine an authenticity of the message including the time.

Abstract: An electronic device generates a dynamic security code for a card transaction, e.g. a card not present transaction. The electronic device receives a user request to generate a dynamic security code. The electronic device sends a time request to a time source and receives a message including a time from the time source. The electronic device determines an authenticity of the message containing the time and computes the dynamic security code based on the time received in the message and a key stored at the electronic device. The electronic device causes the dynamic security code to be displayed on a display of the electronic device. The electronic device may be capable of computing a dynamic security code for a plurality of different cards. The electronic device may be a smart phone, a tablet, or a personal computer.

Abstract: A method for verifying the security of a device for generating private and public cryptographic keys. Such a method includes generating at least one pair of private and public cryptographic keys by the device from at least one random variable coming from a random-variable generator; transmitting at least one constituent element of a generated private or public key to at least one device for verifying; and determining a level of security of the device from the at least one transmitted element, as a function of pieces of information stored by the device for verifying.

Abstract: A method for making secure execution of a computer program includes a set of at least one instruction, characterized in that it includes: a first step which consists in calculating and storing, prior to execution of the computer program, a first signature representing the expected execution of the set of instructions; a second step which consists in calculating and storing, during execution of the set of instructions, a second signature representing the execution of the set of instructions; and a step which consists in detecting an anomaly of execution of the set of instructions from the first and second signatures.

Abstract: The invention concerns a secure electronic entity (11) containing a time measuring unit (18) and comprising a unit (21) for certifying an information concerning a date or a time interval, the certifying unit (21) receiving from the time measuring unit (18) data concerning the date or the time interval and producing certification data of the information concerning a date or a time interval addressed to and external entity. The invention is applicable in particular to microcircuit cards.

Abstract: A portable computer terminal having an operating system configured to switch from a first state to a second state in response to a first command from a user and to switch from the second state to the first state in response to a second command from the user, the second command including inputting an identification code of the user, the operating system being capable, in the first state, of causing execution in interactive manner of an application selected from a set of applications, the operating system being capable, in a second state, of causing execution in interactive manner of an application of said set of applications in compliance with an access condition, wherein the access condition is determined as a function of said first command.

Abstract: A method for verifying the security of a device for generating private and public cryptographic keys. Such a method includes generating at least one pair of private and public cryptographic keys by the device from at least one random variable coming from a random-variable generator; transmitting at least one constituent element of a generated private or public key to at least one device for verifying; and determining a level of security of the device from the at least one transmitted element, as a function of pieces of information stored by the device for verifying.

Abstract: Perfected cryptographic protocol making it possible to counter attacks based on the analysis of the current consumption during the execution of a DES or similar. According to the invention, a message (M) is processed by two entities (A and B) and the entity (B) subject to attack executes a chain of operations known as DES in which it is chosen to carry out a given operation (O1, O2, O3 . . . On) or the same operation complemented (?1, ?2, ?3 . . . ?n), the choice being random.

Abstract: A method of transfer transferring a right to access a service from a device (2) of a lender (P) to a device (25) of a borrower (E), the method comprising: holding an access right to a service; obtaining authentication data associated with the borrower (E) or the borrower's device (25); duplicating said at least one access right (D1-D2); using a cryptographic key associated with the device (2) of the lender (P) to calculate a cryptogram containing authentication data and duplicated rights; and sending the cryptogram to the device (25) of the borrower (E). Correspondingly, the invention also provides a method of controlling access to such a service by a service provider, and also a method of managing a transfer of such access rights from the device (2) of the lender (P) to the service provider.

Abstract: A portable computer terminal having an operating system configured to switch from a first state to a second state in response to a first command from a user and to switch from the second state to the first state in response to a second command from the user, the second command including inputting an identification code of the user, the operating system being capable, in the first state, of causing execution in interactive manner of an application selected from a set of applications, the operating system being capable, in a second state, of causing execution in interactive manner of an application of said set of applications in compliance with an access condition, wherein the access condition is determined as a function of said first command.

Abstract: A method for protecting an electronic entity such as a smart card, against simple/differential power analysis, by integrating a current accumulator in said entity. The current accumulator (19) powers a processor (P) via a multiplexer (20) when the processor is loaded to execute so-called sensitive operations.

Abstract: The invention concerns a secure electronic entity (11) containing a time measuring unit (18) and comprising a unit (21) for certifying an information concerning a date or a time interval, the certifying unit (21) receiving from the time measuring unit (18) data concerning the date or the time interval and producing certification data of the information concerning a date or a time interval addressed to and external entity. The invention is applicable in particular to microcircuit cards.

Abstract: A method for making secure execution of a computer programme includes a set of at least one instruction, characterized in that it includes: a first step which consists in calculating and storing, prior to execution of the computer programme, a first signature representing the expected execution of the set of instructions; a second step which consists in calculating and storing, during execution of the set of instructions, a second signature representing the execution of the set of instructions; and a step which consists in detecting an anomaly of execution of the set of instructions from the first and second signatures.

Abstract: The invention concerns a method for protecting an electronic entity such as a smart card, against simple/differential power analysis, by integrating a current accumulator in said entity. The invention in characterised in that the current accumulator (19) powers a processor (P) via a multiplexer (20) when said processor is loaded to execute so-called sensitive programs.

Abstract: Perfected cryptographic protocol making it possible to counter attacks based on the analysis of the current consumption during the execution of a DES or similar.