Abstract: Embodiments of a method are disclosed. One embodiment is a method for securely updating firmware in a computing device, in which the computing device includes a host processor and a non-volatile memory. The method involves receiving a double-encrypted firmware image from an external firmware source, wherein the double-encrypted firmware image is generated from firmware that is encrypted a first time using a first crypto-key and then encrypted a second time using a second crypto-key. The method also involves receiving the second crypto-key from an external key source, decrypting the double-encrypted firmware image using the second crypto-key to produce an encrypted firmware image, storing the encrypted firmware image in the non-volatile memory of the computing device, reading the encrypted firmware image from the non-volatile memory of the computing device, decrypting the encrypted firmware image using the first crypto-key, and executing the firmware on the computing device.

Abstract: A card reader has an input interface for accepting output from an output interface of transaction card, and a tip-ring pin as an integral part of the card reader, adapted to plug into a microphone port of a cellular telephone. The input interface accepts data from the transaction card, and provides that data to the tip-ring pin as an analog, variable-voltage signal.

Abstract: An apparatus includes a transaction card bearing data and having an output interface capable of transmitting the data, a card reader having an input interface enabled to accept the data from the output interface of the transaction card, conversion circuitry converting the card data to an analog modulated signal, and an output pin from the card reader adapted to engage in a microphone port of a computerized appliance, the output pin providing the analog modulated signal to the port, and thence to the computerized appliance.

Abstract: Disclosed is a method of generating a structure comprising at least one virtual machine, the method comprising: obfuscating a first virtual machine source code, thereby yielding a first obfuscated virtual machine (OVM) source code; associating a processor identifier with the first OVM source code, thereby yielding a processor-specific first OVM source code; compiling the processor-specific first OVM source code, thereby yielding a processor-specific first OVM. Furthermore, a structure generated by said method is disclosed.

Abstract: There is disclosed a device for facilitating a transaction, comprising at least one host component, a communication controller and a secure element, said communication controller being communicatively coupled to the host component and to the secure element, wherein said communication controller is arranged to establish a communication with an external transaction device, and wherein said communication controller is further arranged to operate in a secure mode of operation in which the communication controller inhibits the host component from performing transactions with said transaction device and does not inhibit the secure element to perform transactions with said transaction device. Furthermore, there is disclosed a corresponding method for facilitating a transaction, as well as a corresponding computer program product.

Abstract: An apparatus includes a transaction card bearing data and having an output interface capable of transmitting the data, a card reader having an input interface enabled to accept the data from the output interface of the transaction card, conversion circuitry converting the card data to an analog modulated signal, and an output pin from the card reader adapted to engage in a microphone port of a computerized appliance, the output pin providing the analog modulated signal to the port, and thence to the computerized appliance.

Abstract: Disclosed is a method of generating a structure comprising at least one virtual machine, the method comprising: obfuscating a first virtual machine source code, thereby yielding a first obfuscated virtual machine (OVM) source code; associating a processor identifier with the first OVM source code, thereby yielding a processor-specific first OVM source code; compiling the processor-specific first OVM source code, thereby yielding a processor-specific first OVM. Furthermore, a structure generated by said method is disclosed.

Abstract: A security process involves log-in and data exchange between a server and a user operating a computerized appliance. The process requires a user-specific token, independent verification of the server execution within a programmed time window. A hash created at the client side is reproduced at the server side from separate data and compared to the client hash. Too much time or incorrect hash denies access.

Abstract: A security process involves log-in and data exchange between a server and a user operating a computerized appliance. The process requires a user-specific token, independent verification of the server execution within a programmed time window. A hash created at the client side is reproduced at the server side from separate data and compared to the client hash. Too much time or incorrect hash denies access.

Abstract: Embodiments of a method are disclosed. One embodiment is a method for securely updating firmware in a computing device, in which the computing device includes a host processor and a non-volatile memory. The method involves receiving a double-encrypted firmware image from an external firmware source, wherein the double-encrypted firmware image is generated from firmware that is encrypted a first time using a first crypto-key and then encrypted a second time using a second crypto-key. The method also involves receiving the second crypto-key from an external key source, decrypting the double-encrypted firmware image using the second crypto-key to produce an encrypted firmware image, storing the encrypted firmware image in the non-volatile memory of the computing device, reading the encrypted firmware image from the non-volatile memory of the computing device, decrypting the encrypted firmware image using the first crypto-key, and executing the firmware on the computing device.

Abstract: Systems, devices and/or methods that facilitate mutual authentication for processor and memory pairing are presented. A processor and a suitably equipped memory can be provided with a shared secret to facilitate mutual authentication. In addition, the memory can be configured to verify that the system operating instructions have not been subjected to unauthorized alterations. System integrity can be ensured according to the disclosed subject matter by mutual authentication of the processor and memory and verification of the authenticity of system operating instructions at or near each system power up. As a result, the disclosed subject matter can facilitate relatively low complexity assurance of system integrity as a replacement or supplement to conventional techniques.

Abstract: A secure memory device for a smart card with a modem interface comprising a rewritable memory such as an EEPROM, a processing unit or a microprocessor, an on-chip oscillator, an ISO 7816 interface, a one-wire modem interface, and characterized in that both communication interfaces are bidirectional and share the same I/O terminal. The modem interface is exchanging data with the host in the form of a modulated signal by means of a card reader characterized by the absence of processing means.

Abstract: Systems, devices and/or methods that facilitate mutual authentication for processor and memory pairing are presented. A processor and a suitably equipped memory can be provided with a shared secret to facilitate mutual authentication. In addition, the memory can be configured to verify that the system operating instructions have not been subjected to unauthorized alterations. System integrity can be ensured according to the disclosed subject matter by mutual authentication of the processor and memory and verification of the authenticity of system operating instructions at or near each system power up. As a result, the disclosed subject matter can facilitate relatively low complexity assurance of system integrity as a replacement or supplement to conventional techniques.

Abstract: A secure memory device for a smart card with a modem interface comprising a rewritable memory such as an EEPROM, a processing unit or a microprocessor, an on-chip oscillator, an ISO 7816 interface, a one-wire modem interface, and characterized in that both communication interfaces are bidirectional and share the same I/O terminal. The modem interface is exchanging data with the host in the form of a modulated signal by means of a card reader characterized by the absence of processing means.

Abstract: A method and apparatus to secure online transactions on the Internet comprising a smart card transmitting an identification sequence to a PC in the form of a modulated signal, a card reader plugged into the microphone input of the PC sound card, and a PC applet demodulating the identification sequence. The card reader is characterized by the absence of processing means.

Abstract: A method and apparatus to secure online transactions over the phone comprising a smart card transmitting an identification sequence to an IVR server in the form of a modulated signal, a card reader plugged into the telephone line, and an IVR applet demodulating the identification sequence. The card reader is characterized by the absence of processing means.