Abstract: A method for carrying out a transaction between a portable data carrier, such as a chip card, and a terminal is described. An information item (TID) about the terminal is transferred to the portable data carrier upon the transmission of transaction data by a communication between the portable data carrier and the terminal. As a result, the portable data carrier obtains from the information item a locational position (ZID, WID, GID) of the terminal. Further, there is ascertained a locational position (OP) of the portable data carrier to which the portable data carrier has access. Finally, the portable data carrier compares the locational position (ZID, WID, GID) of the terminal with its locational position (OP), and initiates a measure for protecting the transaction in case a deviation between the two locational positions (ZID, WID, GID; OP) exceeds a predetermined threshold.

Abstract: In a portable data carrier having a non-volatile memory, a memory controller and a memory interface, an effected initial operation of the data carrier is checked through a request to a security unit of the data carrier via a security interface connected to the security unit. For this purpose, the data carrier comprises a memory portion comprising the memory interface and a body portion comprising the security interface, which are interconnected such that the memory portion can be folded out of the body portion, so that simultaneously the memory interface is laid open for a connection to an end device and the electrical connection between the security unit and the security interface is disconnected irreversibly.

Abstract: A transaction system has a terminal device contactlessly communicating in the near zone for carrying out transactions with transaction partners disposed in the near zone. A relay end device is arranged to set up a contactless data communication with the terminal device and to relay transaction data received from the terminal device to a remotely disposed transaction unit. A server device switches the relay end device with the transaction unit as a transaction partner for the terminal device, depending on the type of the transaction.

Abstract: A method, a portable data storage medium, an approval apparatus and a system for approving a transaction using acceleration sensors integrated in a portable data storage medium.

Abstract: A transaction system has a terminal device contactlessly communicating in the near zone for carrying out transactions with transaction partners disposed in the near zone. A relay end device is arranged to set up a contactless data communication with the terminal device and to relay transaction data received from the terminal device to a remotely disposed transaction unit. A server device switches the relay end device with the transaction unit as a transaction partner for the terminal device, depending on the type of the transaction.

Abstract: A method for securely storing data in a multilevel memory of a portable data carrier. The multilevel memory includes one or several multilevel memory cells (SZ) which can assume respectively at least three levels (E, NE). The at least three levels represent a different data content, regarding which respective levels (E, NE) of a memory cell (SZ) are defined as valid or invalid. The levels (E, NE) of a respective memory cell (SZ) are selectively defined as valid or invalid in dependence on a required security level.

Abstract: A method, portable data carrier (1) and system for releasing a transaction using acceleration sensors (4, 5, 6) and a structure (8) on the data carrier (1).

Abstract: In a portable data carrier having a non-volatile memory, a memory controller and a memory interface, an effected initial operation of the data carrier is checked through a request to a security unit of the data carrier via a security interface connected to the security unit. For this purpose, the data carrier comprises a memory portion comprising the memory interface and a body portion comprising the security interface, which are interconnected such that the memory portion can be folded out of the body portion, so that simultaneously the memory interface is laid open for a connection to an end device and the electrical connection between the security unit and the security interface is disconnected irreversibly.

Abstract: In a method for the personalization of portable data carriers into a non-volatile memory of the data carrier there are written personalization data, wherein the personalization at first is carried out as a virtual personalization in a virtual data carrier, then a memory image is generated as a bit-true image of a memory of the virtual data carrier and finally the memory image with the aid of its physical memory addresses is directly introduced into the memory of the real data carrier. Here the personalization data in addition to the initialization data also comprise individualization data. Preferably, the introduction of the personalization data into the data carrier can be carried out after the production of the data carrier at an authority issuing the data carrier or at the end user.

Abstract: The invention relates to a method for subsequently implementing a SIM functionality, with the help of which a mobile telephone (1) is enabled to use a mobile radio network, in a security module (3). Within the context of the method according to the invention the SIM functionality is realized in the form of an application, of which at least a first part is loaded into the security module (3). Furthermore, personalizing data, which are required for a use of the mobile radio network by the mobile telephone (1), are transmitted from a provider (2) to the security module (3) in encrypted form on the direct or indirect way. The encrypted personalizing data are decrypted by the security module (3) by means of a secret key of a user stored in the security module (3). The security module (3) is personalized by means of the decrypted personalizing data.

Abstract: A method for carrying out a transaction between a portable data carrier, such as a chip card, and a terminal is described. An information item (TID) about the terminal is transferred to the portable data carrier upon the transmission of transaction data by a communication between the portable data carrier and the terminal. As a result, the portable data carrier obtains from the information item a locational position (ZID, WID, GID) of the terminal. Further, there is ascertained a locational position (OP) of the portable data carrier to which the portable data carrier has access. Finally, the portable data carrier compares the locational position (ZID, WID, GID) of the terminal with its locational position (OP), and initiates a measure for protecting the transaction in case a deviation between the two locational positions (ZID, WID, GID; OP) exceeds a predetermined threshold.

Abstract: A method, a portable data storage medium, an approval apparatus and a system for approving a transaction using acceleration sensors integrated in a portable data storage medium.

Abstract: A method, portable data carrier (1) and system for releasing a transaction using acceleration sensors (4, 5, 6) and a structure (8) on the data carrier (1).

Abstract: A method for securely storing data in a multilevel memory of a portable data carrier. The multilevel memory includes one or several multilevel memory cells (SZ) which can assume respectively at least three levels (E, NE). The at least three levels represent a different data content, regarding which respective levels (E, NE) of a memory cell (SZ) are defined as valid or invalid. The levels (E, NE) of a respective memory cell (SZ) are selectively defined as valid or invalid in dependence on a required security level.

Abstract: In a method for the personalization of portable data carriers (700) into a non-volatile memory (350) of the data carrier (700) there are written personalization data (100,101,102), wherein the personalization at first is carried out as a virtual personalization (1000) in a virtual data carrier (500), then a memory image (250) is generated as a bit-true image of a memory (150) of the virtual data carrier (500) and finally the memory image (250) with the aid of its physical memory addresses is directly introduced into the memory (350) of the real data carrier (700). Here the personalization data (100, 101, 102) in addition to the initialization data (90) also comprise individualization data (110, 111, 112). Preferably, the introduction of the personalization data (100,101,102) into the data carrier (700) can be carried out after the production of the data carrier (700) at an authority issuing the data carrier (700) or at the end user.

Abstract: The invention relates to a method for testing the authenticity of a data carrier (1) and/or an external device (2) which enters into data exchange with the data carrier (1). According to the invention, the data carrier (1) and the external device (2) are each equipped with a special additional apparatus (4, 6) for generating and/or testing authenticity data. Data transmission between the data carrier (1) and the external device (2) as required for authenticity testing is performed at least partly via a special transmission channel (B). The transmission channel (B) for transmitting authenticity data is separated physically or logically from a transmission channel (A) for transmitting standard data so that there is no mutual interference of data transmission via the two transmission channels (A, B).

Abstract: The invention relates to a method for subsequently implementing a SIM functionality, with the help of which a mobile telephone (1) is enabled to use a mobile radio network, in a security module (3). Within the context of the method according to the invention the SIM functionality is realized in the form of an application, of which at least a first part is loaded into the security module (3). Furthermore, personalizing data, which are required for a use of the mobile radio network by the mobile telephone (1), are transmitted from a provider (2) to the security module (3) in encrypted form on the direct or indirect way. The encrypted personalizing data are decrypted by the security module (3) by means of a secret key of a user stored in the security module (3). The security module (3) is personalized by means of the decrypted personalizing data.

Abstract: In a method for authorizing a transaction by a user with the aid of a terminal which can communicate with a background system, a secret, which is known to the user and to the background system but not to an unauthorized attacker, is used. The background system transmits secret data, which indicate the secret, only to the terminal if the terminal has successfully authenticated itself at the background system. Because, as a rule, secret data of several users are stored in the background system, the terminal detects in advance identification information which identifies the user, and transmits corresponding user identification data to the background system. When the terminal displays the secret to the user, the user can be certain that the terminal is trustworthy. A device and a computer program product comprise corresponding features. The invention provides a technique for authorizing a transaction by a user with the aid of a terminal which enables the user to recognize a falsified terminal.

Abstract: The invention relates to a method for exchanging at least one secret initial value between a processing station and a chip card, in an initializing step for the chip card. In the initialization of chip cards in known methods an initial value, e.g. a key, is transmitted from a processing station to the chip card and stored therein. Since this key is transmitted in plaintext this involves security problems. In the present invention the described security problems are solved by only parts of the key being exchanged between processing station and chip card and the key being generated in the chip card and the processing station from the parts.

Abstract: A method for testing the authenticity of a data carrier having at least an integrated circuit with memory units and logic units as well as a data line for data exchange with an external device. The invention is characterized in that the integrated circuit additionally has a separate hard-wired circuit for transmitting and/or receiving data during the power-up sequence, which is used for authenticity testing, the first transmission or reception of data being completed within a defined time domain of the power-up sequence in which the data line has no defined state.