Abstract: Disclosed are electronic fuse management systems and techniques. For instance, an electronic fuse management system is described. The electronic fuse management system receives an indication of a value to be written to a plurality of electronic fuses. The system combines the value with a codeword to determine a pattern for the plurality of electronic fuses. The codeword is based on a previous pattern of the plurality of electronic fuses. In some examples, the system processes the previous pattern with a codeword function (e.g., a non-systematic Hamming codeword function) to generate the codeword. In some examples the system determines an exclusive or (XOR) of the value and the codeword to combine the value with the codeword. The system sets (e.g., writes to) a subset of the plurality of electronic fuses according to the pattern.

Abstract: A transaction method for a user using a first and a second terminal and connected to a server via a first and a second communication channel, respectively. The first terminal sends a transaction amount to the server. The server establishes a verification code whose length depends on the transaction amount, then sends a request to the first terminal and the verification code to the second terminal. The user returns the request filled in with a copied code to the server using the first terminal. The server compares the verification code with the copied code and sends a transaction validation or invalidation message to the first terminal depending on the comparison.

Abstract: In the field of payment terminals, a new generation of feature-rich payment terminals is emerging. These payment terminals are mass-produced and the level of security provided for data entry operations is low because the primary function of these communication terminals is not the entry of sensitive data. As a result, the data relating to payment transactions entered via these payment terminals are entered with a level of security that is not adequate as regards the sensitivity of the data entered. Accordingly, a communication terminal is provided, which secures data entered via a user interface of a communication terminal, by transmitting them among a stream of dummy data, and by encrypting all data, those actually entered by a user and the dummy data, before the transmission thereof to a secure data processing device.

Abstract: In a method for cogenerating a shared cryptographic material implemented within a first electronic device, which is connected to a second electronic cogeneration device and to a third electronic cogeneration device, a shared encryption material (pkx) is determined, as a function of a set of cogeneration parameters ECG. The shared encryption material (pkx) is transmitted, and corresponding shared encryption materials (pky, pkz) are received from the other devices. A shared seed (mx) is computed as a function of the shared encryption materials (pkx, pky, pkz) and the set of cogeneration parameters ECG. A masked form (Ox) of said shared seed (mx) is transmitted, and masked forms (Oy, Oz) of corresponding shared seeds (my, mz) are received. A final seed (ad) is computed as a function of the masked forms (Ox, Oy, Oz) of the shared seeds (mx, my, mz) and the set of cogeneration parameters ECG.

Abstract: Some aspects of the present disclosure include systems and techniques for key exchange and encryption to facilitate secure wireless communication. Certain aspects of the present disclosure are directed towards a method for wireless communication by a first device. The method generally includes determining, at a security system, a first output associated with a first expression having a first value for a variable of the first expression; determining, at the security system, a second value; evaluating, at the security system, a second expression based on the first output and the second value, the second expression being evaluated to determine a second output associated with the first expression with the variable having a third value, the third value being a product of the first value and the second value; and communicating, via a communication interface coupled to the security system, a message based on the second output.

Abstract: In the field of payment terminals, a new generation of feature-rich payment terminals is emerging. These payment terminals are mass-produced and the level of security provided for data entry operations is low because the primary function of these communication terminals is not the entry of sensitive data. As a result, the data relating to payment transactions entered via these payment terminals are entered with a level of security that is not adequate as regards the sensitivity of the data entered. Accordingly, a communication terminal is provided, which secures data entered via a user interface of a communication terminal, by transmitting them among a stream of dummy data, and by encrypting all data, those actually entered by a user and the dummy data, before the transmission thereof to a secure data processing device.

Abstract: Systems and techniques are described herein for compressing data used in cryptographic operations. For example, a process may include obtaining a first data structure, wherein the first data structure comprises polynomials; generating a second data structure based on the first data structure, wherein the second data structure comprises coefficients of the polynomials; sorting the second data structure in an ascending order to obtain a sorted second data structure; updating the sorted second data structure based on differences between elements of the sorted second data structure to obtain a delta-encoded data structure; performing an entropy coding on the delta-encoded data structure to obtain an entropy-encoded output; recovering an updated first data structure using the entropy-encoded output, wherein the updated first data structure corresponds to the first data structure with a different order of first data structure elements; and performing a cryptographic operation using the updated first data structure.

Abstract: A method for authenticating at least one piece of data during a payment transaction taking place between a merchant's communications terminal and a user device of the type including transmission, by the communications terminal, of at least one piece of data to be signed, to the user device by using a near field communications wireless data link. The method includes: obtaining the piece of data to be signed; obtaining an identifier of the communications terminal; signing, within a secured processing unit of the communications terminal, by using a key of the communications terminal, the piece of data to be signed and the identifier of the communications terminal, delivering signed pieces of data; transmission of the signed pieces of data to the user device; and reception, from the user device, of a piece of encrypted data establishing the authentication of the signed pieces of data.

Abstract: Some aspects of the present disclosure include systems and techniques for key exchange and encryption to facilitate secure wireless communication. Certain aspects of the present disclosure are directed towards a method for wireless communication by a first device. The method generally includes determining, at a security system, a first output associated with a first expression having a first value for a variable of the first expression; determining, at the security system, a second value; evaluating, at the security system, a second expression based on the first output and the second value, the second expression being evaluated to determine a second output associated with the first expression with the variable having a third value, the third value being a product of the first value and the second value; and communicating, via a communication interface coupled to the security system, a message based on the second output.

Abstract: A cryptographic data processing method for implementing a cryptographic function, implemented within an electronic data processing device including a processor, a memory and a set of cryptographic processing modules, the method including the following steps implemented by a current cryptographic processing module of the set: receiving incoming data; determining a decryption key to be applied to the incoming data according to a master key and a position of the current cryptographic processing module; decrypting the incoming data, with the key, delivering unencrypted incoming data; implementing at least one cryptographic operation on the unencrypted incoming data, delivering unencrypted outgoing data; optionally, determining a subsequent cryptographic processing module to be executed on the unencrypted outgoing data; obtaining an encryption key for the unencrypted outgoing data; encrypting the unencrypted outgoing data with the previously determined encryption key for the outgoing data, delivering the encrypted

Abstract: A method for processing data insertion and/or modification requests, which is implemented by an electronic processing device including a communication interface to receive the requests from a communication network. The method includes distributing data, within a plurality of buffers. Each buffer is associated with a record of a database. The association is made via a database record identifier present within the received insertion and/or modification requests. The data is inserted in the form of buffer records, including a value to be updated in and/or inserted into the database. The method also includes allocating data within the records of the database, from the buffers of the plurality of buffers. The allocation phase includes, for the buffer records that include an operational marking, executing, from a configuration file, a computer program specifically dedicated to the record and/or specifically dedicated to the data type of the value to be updated and/or inserted.

Abstract: A method for securing the processing of transactional data is disclosed. The method is implemented within a communications terminal comprising a transactional data processing module. The method has: a step for the detection, by the processing module, of a display of at least one entry area relating to a piece of payment means data; a step for the activation, by the processing module, of a contactless data reading module; a step for the obtaining, by the contactless data reading module, of at least one piece of payment means data coming from a payment means; and a step for the furnishing, at said at least one entry area, of at least one piece of payment means data previously obtained.

Abstract: A transaction method for a user using a first and a second terminal and connected to a server via a first and a second communication channel, respectively. The first terminal sends a transaction amount to the server. The server establishes a verification code whose length depends on the transaction amount, then sends a request to the first terminal and the verification code to the second terminal. The user returns the request filled in with a copied code to the server using the first terminal. The server compares the verification code with the copied code and sends a transaction validation or invalidation message to the first terminal depending on the comparison.

Abstract: In a method for cogenerating a shared cryptographic material implemented within a first electronic device, which is connected to a second electronic cogeneration device and to a third electronic cogeneration device, a shared encryption material (pkx) is determined, as a function of a set of cogeneration parameters ECG. The shared encryption material (pkx) is transmitted, and corresponding shared encryption materials (pky, pkz) are received from the other devices. A shared seed (mx) is computed as a function of the shared encryption materials (pkx, pky, pkz) and the set of cogeneration parameters ECG. A masked form (Ox) of said shared seed (mx) is transmitted, and masked forms (Oy, Oz) of corresponding shared seeds (my, mz) are received. A final seed (ad) is computed as a function of the masked forms (Ox, Oy, Oz) of the shared seeds (mx, my, mz) and the set of cogeneration parameters ECG.

Abstract: A method for encrypting a piece of payment means data is disclosed. This method is implemented by a payment means having a data processor. Such a method has at least one iteration of the following steps: obtaining a current piece of payment means data from a memory of the payment means; generating a following piece of payment means data as a function of the current piece of payment means data and as a function of an encryption key of the payment means; replacing the current piece of payment means data by the following piece of payment means data within the memory of the payment means.

Abstract: A method for controlling the running of an application. The method is implemented within the application, the application running on an electronic running device. The running device is connected to a calling device via a communication network. The method includes: receiving from the calling device a runtime data structure, including at least one recording, each recording having at least one data field including a coded function name; saving the runtime data structure in a specific memory zone; for each current recording of the runtime data structure, implementing a function bearing a decoded function name corresponding to the coded function name, when the function bearing a decoded function name of the application can be associated with the coded function name.

Abstract: A method for controlling access to preliminarily identified computer resources is disclosed. The access is controlled so as to prevent the circumventing, by malicious applications, of barriers set up to prevent them from communicating when they are executed on one or more processors of an electronic device The method is implemented by an electronic device having access to the resources to be controlled. The method includes: receiving a request, coming from a program, for access to a current resource; obtaining at least one access parameter for access to the current resource within a resource-characterizing data structure; and modulating access to the current resource as a function of the at least one access parameter.

Abstract: In the field of payment terminals, a new generation of feature-rich payment terminals is emerging. These payment terminals are mass-produced and the level of security provided for data entry operations is low because the primary function of these communication terminals is not the entry of sensitive data. As a result, the data relating to payment transactions entered via these payment terminals are entered with a level of security that is not adequate as regards the sensitivity of the data entered. Accordingly, a communication terminal is provided, which secures data entered via a user interface of a communication terminal, by transmitting them among a stream of dummy data, and by encrypting all data, those actually entered by a user and the dummy data, before the transmission thereof to a secure data processing device.

Abstract: The invention concerns a method for supplying data relating to a payment transaction to a communications terminal. A payment device capable of carrying out a payment transaction with said communications terminal, according to at least two distinct payment transaction modes, generates (E21) a first signal relating to a first payment transaction mode, said first signal comprising at least one piece of information making it possible to set up the payment transaction via a first communications channel, and sends (E23) said first signal, via said first communications terminal. Then, the payment device generates (E22) at least one second signal relating to a second payment transaction mode, said second signal comprising at least one piece of information making it possible to set up the payment transaction via a second communications channel, and sends (E24) the second signal, simultaneously with the sending of the first signal.

Abstract: A method is provided for managing a display of a view of an application, executed on a non-secured processor of an electronic data entry device that furthermore includes a secured processor. The application delivers at least one current view having a set of pixels to be displayed on a screen of the device. The managing is implemented under the control of the secured processor and includes: analysis of the current view, delivering at least one piece of data representing a presence of at least one suspect pattern; and, when a presence of a suspect pattern is detected within the current view, implementing by the secured processor at least one protection measure.