公开(公告)号：US09825917B2

公开(公告)日：2017-11-21

申请号：US14654547

申请日：2013-12-20

Applicant: GEMALTO SA

Inventor： HongQian Karen Lu ,  Laurent Castillo ,  Philippe Smadja

IPC: H04L29/06 ,  G06F21/62 ,  H04L9/32 ,  G06F17/30 ,  G06F21/34 ,  H04L29/08

CPC classification number: H04L63/0421 ,  G06F17/30867 ,  G06F21/34 ,  G06F21/6254 ,  G06F21/6263 ,  H04L9/3234 ,  H04L9/3263 ,  H04L63/0815 ,  H04L67/02 ,  H04L2209/42

Abstract: Method and System for enhanced privacy in privacy-preserving identity solutions. The technology provides for a redirect of a request to generate a proof of an attribute from a service provider to a separator. The separator removes source identification from the attribute-proof request and redirects the attribute-proof request, free of original source identification, to a credential issuer which issues the credential. A security device of the user generates a presentation token from the privacy-preserving credential and presents the presentation token to the service provider as proof of the attribute. Other systems and methods are disclosed.

公开(公告)号：US20170302650A1

公开(公告)日：2017-10-19

申请号：US15516136

申请日：2015-08-21

Applicant: GEMALTO SA

Inventor： Xavier BERARD ,  HongQian Karen LU

IPC: H04L29/06 ,  H04W4/00 ,  H04W12/06 ,  H04W12/04

CPC classification number: H04L63/083 ,  G06F21/35 ,  G06F2221/2103 ,  G06F2221/2107 ,  H04L63/0876 ,  H04L63/168 ,  H04W4/14 ,  H04W4/60 ,  H04W12/0023 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06

Abstract: The invention is a method for managing a response generated by an application embedded in a secure token in response to a command requesting opening a proactive session. An applicative server relies on an OTA server to securely send the command to the application. The method comprises the steps of: the application retrieves a data from the command and derives a key using a preset function, the application generates the response to the command, builds a secured response packet comprising the response secured with the derived key and sends the secured response packet to the applicative server.

公开(公告)号：US09722710B2

公开(公告)日：2017-08-01

申请号：US14896641

申请日：2014-06-06

Applicant: GEMALTO SA

Inventor： Matthieu Antoine ,  Evangelos Spyropoulos

IPC: H04B10/85 ,  H04W76/02 ,  H04B13/00 ,  H04L29/06 ,  H04W12/06 ,  H04B10/114 ,  H04B10/116 ,  H04W4/00 ,  H04W12/04 ,  H04B1/3827 ,  H04B5/00

CPC classification number: H04B10/85 ,  H04B1/3827 ,  H04B5/0012 ,  H04B10/1149 ,  H04B10/116 ,  H04B13/005 ,  H04L63/0492 ,  H04L63/0853 ,  H04W4/80 ,  H04W12/04 ,  H04W12/06 ,  H04W76/10

Abstract: A pairing device for establishing a secure wireless communication path between a first device having a first body-coupling communication interface and a second device having a screen. The pairing device includes a screen communication interface having a light sensor, which, in conjunction with the screen of the second device, allows definition of a light-based communication path for the transmission of a first pairing information from the second device to the pairing device, a calculator for generating a second pairing information once the first pairing information has been received by the pairing device, a second body-coupling communication interface, which in conjunction with the first body-coupling communication interface allows the definition of a body-coupling communication path for the transmission of the second pairing information from the pairing device to the first device, the second pairing information allowing the establishment of a secure wireless communication path between the first device and the second device.

公开(公告)号：US20170178991A1

公开(公告)日：2017-06-22

申请号：US15036641

申请日：2014-11-13

Applicant: GEMALTO SA

Inventor： Stéphane OTTOBON ,  Lucile DOSSETTO ,  Lauren AUDOUARD ,  Sébastien GUIJARRO

IPC: H01L23/31 ,  H01L23/00 ,  H01L21/56

CPC classification number: H01L23/3121 ,  H01L21/56 ,  H01L21/561 ,  H01L21/563 ,  H01L21/565 ,  H01L21/568 ,  H01L23/562 ,  H01L24/48 ,  H01L24/49 ,  H01L24/97 ,  H01L2224/48091 ,  H01L2224/73265 ,  H01L2924/00014 ,  H01L2924/181 ,  H01L2924/00012 ,  H01L2224/45099

Abstract: The invention relates to a method for producing an electronic device including at least one electronic component in a substrate body, said method including at least one step of transferring said electronic component to a surface of a removable dielectric substrate, of delivering a protective resin on said electronic component, and of transferring, onto the protective resin, a reinforcement disc having a main front surface with a peripheral contour, wherein the protective resin extends up to the peripheral contour of the disc in order to form, together with the disc, the peripheral side contours and the final layer of the substrate body of the device.

公开(公告)号：US20170154255A1

公开(公告)日：2017-06-01

申请号：US15322166

申请日：2015-05-27

Applicant: GEMALTO SA

Inventor： Taru SYRJANEN

IPC: G06K19/18 ,  G06K19/16

CPC classification number: G06K19/18 ,  G06K19/08 ,  G06K19/16

Abstract: The present invention relates to a data carrier, especially a security document, such as an identification card, comprising authentication data comprising personalized data, the data carrier comprising a first side and a second opposite side, and a plurality of layers comprising personalized data, a transparent recording layer, a transparent plastic upper layer and an opaque layer between the recording layer and the upper layer. To make the data carrier very difficult to forge and to enable that it can be manufactured with ordinary machines and without need of expensive materials, the opaque layer comprises a window a first piece of authentication data of said authentication data being divided between said plurality of layers so that the first piece of authentication data is to at least one part thereof, provided above or on the first side of the opaque layer facing the upper layer, at least a rest part of the first piece of authentication data being in the form of laser engraved markings beneath the window and provided in the recording layer, or in a plurality of transparent recording layers of said plurality of layers.

公开(公告)号：US09626527B2

公开(公告)日：2017-04-18

申请号：US14071179

申请日：2013-11-04

Applicant: Gemalto SA

Inventor： Asad Mahboob Ali ,  Ella Segura

IPC: G06F21/62 ,  H04L9/08 ,  H04L29/06 ,  H04L29/08

CPC classification number: G06F21/6218 ,  G06F21/62 ,  G06F2221/2107 ,  G06F2221/2141 ,  H04L9/0861 ,  H04L63/0428 ,  H04L63/101 ,  H04L67/02 ,  H04L67/10

Abstract: The present invention relates to a web server having a web application using published API of one or more cloud storage providers, said web application being dedicated to secure and economical sharing of encrypted files residing at the cloud storage providers, said files being managed under a virtual folder which is shared by a group of different entities.

公开(公告)号：US20170104739A1

公开(公告)日：2017-04-13

申请号：US15128185

申请日：2015-03-25

Applicant: GEMALTO SA

Inventor： Martin LANSLER ,  Sébastien PETIT ,  Guillaume PIERQUIN

IPC: H04L29/06 ,  H04L9/32 ,  G06F21/60

CPC classification number: H04L63/067 ,  G06F21/602 ,  H04L9/0863 ,  H04L9/0869 ,  H04L9/12 ,  H04L9/3226 ,  H04L9/3228 ,  H04L63/0838

Abstract: The present invention relates to a method to manage a One Time Password key, referenced OTP key, used in an OTP algorithm in a user device having access to an unsafe storage including the steps of retrieving a Personal Identification Number, named PIN, of a user of the user device, deriving a symmetric key from the PIN, encrypting the OTP key using the derived symmetric key, storing the encrypted OTP key in the unsafe storage, decrypting the OTP key using the derived symmetric key, and generating a next OTP key using an incremental parameter, wherein the start value of the incremental parameter of the OTP key generation is random.

公开(公告)号：US09571583B2

公开(公告)日：2017-02-14

申请号：US15028321

申请日：2014-10-07

Applicant: GEMALTO SA

Inventor： Julien Delsuc ,  Sylvain Chafer

IPC: G06F15/177 ,  H04L29/08 ,  H04W4/00

CPC classification number: H04L67/125 ,  H04L67/2838 ,  H04L67/34 ,  H04W4/70

Abstract: The invention is a method of communicating between a caller device and an executor device wherein the executor device comprises a memory having a layout which defines formats and addresses used for storing data in the memory. The executor device comprises an application including a service and the method comprises the steps of: providing the caller device with the layout and an indicator reflecting the service during the handshake phase, sending to the executor device a data block corresponding to a command targeting the service, wherein the data block complies with the layout and is devoid of metadata, sending to the caller device a response block which complies with the layout and which corresponds to a result generated by execution of the command.

Abstract translation: 本发明是一种在呼叫者设备和执行器设备之间通信的方法，其中执行器设备包括具有定义用于在存储器中存储数据的格式和地址的布局的存储器。 所述执行器设备包括包括服务的应用，所述方法包括以下步骤： - 在所述握手阶段期间向所述呼叫者设备提供所述布局和反映所述服务的指示符， - 向所述执行器设备发送与命令定位相对应的数据块 所述服务，其中所述数据块符合所述布局并且没有元数据， - 向所述呼叫者设备发送符合所述布局的响应块，并且对应于通过执行所述命令而产生的结果。

公开(公告)号：US20170019256A1

公开(公告)日：2017-01-19

申请号：US15121910

申请日：2015-02-20

Applicant: GEMALTO SA

Inventor： Alain RHELIMI

IPC: H04L9/32 ,  H04L29/06 ,  H04L9/08

CPC classification number: H04L9/3213 ,  H04L9/0833 ,  H04L9/0838 ,  H04L63/0428 ,  H04L63/065 ,  H04L63/0838 ,  H04L63/0846 ,  H04L2209/24

Abstract: The present invention relates to a method to authenticate two devices to establish a secure channel, one belonging to a first group of devices, the second belonging to a second group of devices, in a non-traceable manner without the need to share a secret, each group being authenticated by an authority that stores a group secret key into the devices under its authority. The method uses a set of authentication tokens, one for each of the other groups with which the device is intended to communicate, said authentication token comprising at least a random number and a cipher of at least this random number by the secret key of each of these other groups, said authentication tokens being further renewed at each communication with a device from another group.

Abstract translation: 本发明涉及一种验证两个设备来建立安全通道的方法，一个属于第一组设备的第二设备，第二设备属于第二组设备，不需要共享秘密， 每个组由被授权在其授权的设备中存储组密钥的机构进行认证。 该方法使用一组认证令牌，一组用于设备与之通信的其他组中的每一个，所述认证令牌至少包含随机数和至少该随机数的密码，该密码由每个的秘密密钥 这些其他组，所述认证令牌在与来自另一组的设备的每次通信时进一步更新。

公开(公告)号：US20160321533A1

公开(公告)日：2016-11-03

申请号：US15105561

申请日：2014-12-03

Applicant: GEMALTO SA

Inventor： Michel THILL

IPC: G06K19/077 ,  G06K19/07

CPC classification number: G06K19/07769 ,  G06K19/0705 ,  G06K19/07707 ,  G06K19/07709

Abstract: The invention relates to a payment device 100 comprising a secure integrated circuit SE with a dual interface. A connector 110 is connected to the contact type interface in order to communicate with an external reader. An antenna 140 is connected to the contactless interface. The device also comprises a reader circuit 120, 130, 150 compatible with the secure integrated circuit SE, wherein the reader circuit is connected in parallel to the connector 110. An independent battery BAT is used to power the reader circuit. A power switching circuit 160 connected to a communication field detection circuit 170, wherein said power switching circuit is capable of powering the reader circuit after a communication field is detected.

Abstract translation: 本发明涉及支付设备100，支付设备100包括具有双接口的安全集成电路SE。 连接器110连接到接触型接口以与外部读取器通信。 天线140连接到非接触式接口。 该装置还包括与安全集成电路SE兼容的读取器电路120,130,150，其中读取器电路与连接器110并联连接。独立电池BAT用于为读取器电路供电。 连接到通信场检测电路170的电源切换电路160，其中所述电源切换电路能够在检测到通信字段之后为读取器电路供电。