Abstract: The method allows a sender to safeguard its identification in messages sent to a recipient. Even when using promiscuous channels for transmitting the message, only the recipient is able to disclose the sender's identity. The method uses symmetrical cryptography of low computational requirements, without depending on a single shared key among the users so that the sender cannot disclose the identity of the others. The method gradually safeguards the sender's identification, by using successive symmetric cryptographic operations and keys of a binary tree structure built for this purpose in the recipient which applies the steps in a reverse way to that of the sender's protection, to disclose its identification. It is also possible to encrypt the message body.

Abstract: A user accesses an intermediary device, in communication with a restricted entity, requires a One Time Credential OTC and activates a mobile device previously registered, by the user, in an authentication entity, in order to generate a OTC, based on the information related to the user, to the restricted entity, to the mobile device and to the authentication entity, the OTC credential being then typed in the intermediary device and transmitted therefrom to the restricted entity and, from the latter, to the authentication entity, in which the OTC credential is decrypted and compared with the information related to the user, to the restricted entity, to the authentication entity and to the mobile device registered in the authentication entity, in order to generate an authentication result which is transmitted to the restricted entity, which will decide to accept or to reject the access of the user.

Abstract: The method allows a sender to safeguard its identification in messages sent to a recipient. Even when using promiscuous channels for transmitting the message, only the recipient is able to disclose the sender's identity. The method uses symmetrical cryptography of low computational requirements, without depending on a single shared key among the users so that the sender cannot disclose the identity of the others. The method gradually safeguards the sender's identification, by using successive symmetric cryptographic operations and keys of a binary tree structure built for this purpose in the recipient which applies the steps in a reverse way to that of the sender's protection, to disclose its identification. It is also possible to encrypt the message body.

Abstract: A user (1) accesses an intermediary device (3), in communication with a restricted entity (4), requires a One Time Credential OTC (15) and activates a mobile device (2) previously registered by the user (1) in an authentication entity (5), in order to generate a One Time Credential OTC (15) based on the information related to the user (1), to the restricted entity (4), to the mobile device (2) and to the authentication entity (5), said OTC credential being then typed in the intermediary device (3) and transmitted therefrom to the restricted entity (4), and from the latter to the authentication entity (5), in which the -OTC credential is decrypted and compared with the information related to the user (1), to the restricted entity (4), to the authentication entity (5) and to the mobile device (2) registered in the authentication entity (5), in order to generate an authentication result (47) which is transmitted to the restricted entity (4), which will decide to accept or to reject the access of the user (1).

Abstract: The method verifies the integrity and authenticity of a page received by the browser client (10) provided in a terminal station (E) of a user client. The method uses two program modules: a signature program module (22): an application executed by the Web server (21) provided in an institution (I) and which intercepts the pages to be sent to the user client and, in case the page is configured as a page to be signed, said module performs the signature with an identifier code and includes, at the end thereof, a tag, whose content is the signature. a verification program module (12): an application executed in the environment of the user client which monitors the pages accessed by the browser client (10). Upon finding a page to be validated, it verifies the presence of the signature tag and validates whether the signature is correct, that is, whether it has really been executed by the correct server and whether the identifier code (HTML) has not been modified.

Abstract: The method of the invention allows presenting, in a friendly and intuitive form, to a user of a protected institution, access password codes arranged in the form of a table and to be individually and only once utilized for authenticating a user upon a respective operation to access said institution. The method proposed herein is particularly adequate for the representation of passwords in a mobile device, such as cell phone, PDA, and the like, utilizing a representation practically identical to the tables of printed passwords and already utilized by many users. There are additional advantages in relation to the use of printed tables, such as the possibility of highlighting a determined password, searching a determined index, protecting the tabular token application by password, and updating the passwords, and the like.

Abstract: The method of the invention allows a user to authorize and sign electronic transactions using token programs, even though the software used to effect said transactions is executed in the same terminal device that executes the token program, as it occurs in mobile telephones. A user utilizes an access application or browser to submit electronic transactions, through a terminal device, to an application of an institution, not executing them immediately, but leaving them as pending transactions. Subsequently, the user activates the token program, which consults in the pending transactions in a device in the server of the institution. The user reads the description of each transaction, approving or not the transactions, which are transmitted in or back to the application of the institution with the due authorization or signature, using a secret to be interpreted by this application. Only the transactions correctly authorized/signed are executed by the application of the institution.