公开(公告)号：US11689571B2

公开(公告)日：2023-06-27

申请号：US16351062

申请日：2019-03-12

Applicant: NXP B.V.

Inventor： Stefan Lemsitzer ,  Hans de Jong ,  Denis Noel

IPC: H04L9/40 ,  H04L9/08 ,  H04L9/32 ,  H04L41/0806

CPC classification number: H04L63/20 ,  H04L9/0816 ,  H04L9/3213 ,  H04L9/3234 ,  H04L41/0806

Abstract: A security device provisioning hub, including: a memory; and a processor configured to: receive a first secret token from a device manufacturer, wherein the first secret token is associated with a first service; receive a second secret token from a customer device having a security chip; verify that the first secret token and the second secret token are the same; and provide to the customer device access credentials to the first service.

公开(公告)号：US11790069B2

公开(公告)日：2023-10-17

申请号：US17658034

申请日：2022-04-05

Applicant: NXP B.V.

Inventor： Christine van Vredendaal ,  Hans de Jong ,  Marc Vauclair

IPC: G06F21/32 ,  G06F7/58 ,  G06F21/60 ,  H04L9/40 ,  G06V10/74 ,  G06V40/10 ,  G06V40/12 ,  G06V40/50

CPC classification number: G06F21/32 ,  G06F7/582 ,  G06F21/604 ,  G06V10/761 ,  G06V40/10 ,  G06V40/1365 ,  H04L63/1466 ,  G06F2221/2103 ,  G06V40/58

Abstract: A data processing system and a method are provided for recognizing a scanned biometric characteristic in the data processing system. The data processing system includes a biometric sensor, a rich execution environment (REE), and a secure element (SE). In one embodiment, during an enrollment operation, a random challenge is applied to scanned data to produce a biometric template that is stored. During subsequent validation operations, the SE determines if user data includes evidence of the random challenge before providing access to a secure application. Evidence of the random challenge indicates the user data was provided by the biometric sensor. In another embodiment, the sensor data is split between the REE and the SE and partially processed in the SE. The described embodiments prevent a replay attack from being conducted in communications between the REE and the SE.

公开(公告)号：US11004069B2

公开(公告)日：2021-05-11

申请号：US14045776

申请日：2013-10-03

Applicant: NXP B.V.

Inventor： Hans de Jong ,  Pieter Janssens

IPC: G06Q20/38 ,  G06Q20/40

Abstract: Articles and methods for transaction irregularity detection are disclosed. In one example, the article discloses: a memory including a record of a last-reported security-device transaction with the security-device, and including a last-reported transaction counter value associated with the last-reported security-device transaction; a previous device identifier; a record of the previous security-device transaction with the security-device, and including the previous device identifier associated with the previous security-device transaction; a record of a current security-device transaction with the security-device, and including a currently-reported transaction counter value associated with the current security-device transaction; and a back-end device tagging the previous device with fraud if the current transaction counter value differs from the last-reported transaction counter value by other than an increment. In one example, the method discloses: a transaction irregularity detection process based on the article.

公开(公告)号：US20220229892A1

公开(公告)日：2022-07-21

申请号：US17658034

申请日：2022-04-05

Applicant: NXP B.V.

Inventor： Christine van Vredendaal ,  Hans de Jong ,  Marc Vauclair

IPC: G06F21/32 ,  G06F7/58 ,  G06F21/60 ,  H04L9/40

Abstract: A data processing system and a method are provided for recognizing a scanned biometric characteristic in the data processing system. The data processing system includes a biometric sensor, a rich execution environment (REE), and a secure element (SE). In one embodiment, during an enrollment operation, a random challenge is applied to scanned data to produce a biometric template that is stored. During subsequent validation operations, the SE determines if user data includes evidence of the random challenge before providing access to a secure application. Evidence of the random challenge indicates the user data was provided by the biometric sensor. In another embodiment, the sensor data is split between the REE and the SE and partially processed in the SE. The described embodiments prevent a replay attack from being conducted in communications between the REE and the SE.

公开(公告)号：US11328045B2

公开(公告)日：2022-05-10

申请号：US16752734

申请日：2020-01-27

Applicant: NXP B.V.

Inventor： Christine van Vredendaal ,  Hans de Jong ,  Marc Vauclair

IPC: G06F21/32 ,  G06F7/58 ,  G06F21/60 ,  H04L29/06

Abstract: A data processing system and a method are provided for recognizing a scanned biometric characteristic in the data processing system. The data processing system includes a biometric sensor, a rich execution environment (REE), and a secure element (SE). In one embodiment, during an enrollment operation, a random challenge is applied to scanned data to produce a biometric template that is stored. During subsequent validation operations, the SE determines if user data includes evidence of the random challenge before providing access to a secure application. Evidence of the random challenge indicates the user data was provided by the biometric sensor. In another embodiment, the sensor data is split between the REE and the SE and partially processed in the SE. The described embodiments prevent a replay attack from being conducted in communications between the REE and the SE.

公开(公告)号：US20210232667A1

公开(公告)日：2021-07-29

申请号：US16752734

申请日：2020-01-27

Applicant: NXP B.V.

Inventor： Christine van Vredendaal ,  Hans de Jong ,  Marc Vauclair

IPC: G06F21/32 ,  G06F7/58 ,  H04L29/06 ,  G06F21/60

Abstract: A data processing system and a method are provided for recognizing a scanned biometric characteristic in the data processing system. The data processing system includes a biometric sensor, a rich execution environment (REE), and a secure element (SE). In one embodiment, during an enrollment operation, a random challenge is applied to scanned data to produce a biometric template that is stored. During subsequent validation operations, the SE determines if user data includes evidence of the random challenge before providing access to a secure application. Evidence of the random challenge indicates the user data was provided by the biometric sensor. In another embodiment, the sensor data is split between the REE and the SE and partially processed in the SE. The described embodiments prevent a replay attack from being conducted in communications between the REE and the SE.

公开(公告)号：US10007815B2

公开(公告)日：2018-06-26

申请号：US13924356

申请日：2013-06-21

Applicant: NXP B.V.

Inventor： Tvrtko Barbaric ,  Hans de Jong ,  Ad Arts ,  Peter Bukovjan

IPC: G06K7/10 ,  G06K19/07 ,  G06K19/073 ,  H04L9/32 ,  H04W12/06 ,  H04L29/06 ,  H04W12/10

CPC classification number: G06K7/10009 ,  G06K19/0723 ,  G06K19/073 ,  H04L9/3247 ,  H04L63/0823 ,  H04L63/126 ,  H04L2209/805 ,  H04W12/06 ,  H04W12/10

Abstract: The exemplary embodiments of the invention realize an efficient prevention of massive infiltration of cloned RFID transponders into existing and new RFID systems. Furthermore, reader devices used for authentication of RFID transponders do not need to be on-line and do not need to be equipped with a Security Authentication Module (SAM). This simplifies authentication procedures and reduces costs. According to an exemplary embodiment of the invention a transponder-specific originality signature is stored by a transponder manufacturer on the transponder. The transponder-specific originality signature may, for example, be stored in the non-volatile memory (EEPROM) of the transponder during the fabrication of the transponder. This transponder-specific originality signature can be checked at any time in a convenient way, which provides an indication of originality of said transponder.

公开(公告)号：US20150100497A1

公开(公告)日：2015-04-09

申请号：US14045776

申请日：2013-10-03

Applicant: NXP B.V.

Inventor： Hans de Jong ,  Pieter Janssens

IPC: G06Q20/38 ,  G06Q20/40

CPC classification number: G06Q20/3829 ,  G06Q20/389 ,  G06Q20/401 ,  G06Q20/4016

Abstract: Articles and methods for transaction irregularity detection are disclosed. In one example, the article discloses: a memory including a record of a last-reported security-device transaction with the security-device, and including a last-reported transaction counter value associated with the last-reported security-device transaction; a previous device identifier; a record of the previous security-device transaction with the security-device, and including the previous device identifier associated with the previous security-device transaction; a record of a current security-device transaction with the security-device, and including a currently-reported transaction counter value associated with the current security-device transaction; and a back-end device tagging the previous device with fraud if the current transaction counter value differs from the last-reported transaction counter value by other than an increment. In one example, the method discloses: a transaction irregularity detection process based on the article.

Abstract translation: 披露了交易不规则检测的文章和方法。 在一个示例中，该文章公开：包括与安全设备的最后报告的安全设备事务的记录的存储器，并且包括与最后报告的安全设备事务相关联的最后报告的事务计数器值; 先前的设备标识符; 与安全设备的先前安全设备事务的记录，并且包括与先前安全设备事务相关联的先前设备标识符; 与安全设备的当前安全设备事务的记录，并且包括与当前安全设备事务相关联的当前报告的事务计数器值; 以及如果当前事务计数器值不同于最后报告的事务计数器值而不是增量，则后端设备用欺诈标记前一个设备。 在一个示例中，该方法公开：基于该文章的事务不规则检测过程。

公开(公告)号：US20130342311A1

公开(公告)日：2013-12-26

申请号：US13924356

申请日：2013-06-21

Applicant: NXP B.V.

Inventor： Tvrtko Barbaric ,  Hans de Jong ,  Ad Arts ,  Peter Bukovjan

IPC: G06K7/10

CPC classification number: G06K7/10009 ,  G06K19/0723 ,  G06K19/073 ,  H04L9/3247 ,  H04L63/0823 ,  H04L63/126 ,  H04L2209/805 ,  H04W12/06 ,  H04W12/10

Abstract: The exemplary embodiments of the invention realize an efficient prevention of massive infiltration of cloned RFID transponders into existing and new RFID systems. Furthermore, reader devices used for authentication of RFID transponders do not need to be on-line and do not need to be equipped with a Security Authentication Module (SAM). This simplifies authentication procedures and reduces costs. According to an exemplary embodiment of the invention a transponder-specific originality signature is stored by a transponder manufacturer on the transponder. The transponder-specific originality signature may, for example, be stored in the non-volatile memory (EEPROM) of the transponder during the fabrication of the transponder. This transponder-specific originality signature can be checked at any time in a convenient way, which provides an indication of originality of said transponder.

Abstract translation: 本发明的示例性实施例实现了有效地防止克隆的RFID应答器大量渗透到现有的和新的RFID系统中。 此外，用于RFID应答器认证的读取器设备不需要在线，并且不需要配备安全认证模块（SAM）。 这简化了认证过程并降低了成本。 根据本发明的示例性实施例，转发器制造商在应答器上存储应答器特定的原始性签名。 例如，应答器特定的原始性签名可以在应答器的制造期间被存储在应答器的非易失性存储器（EEPROM）中。 可以在任何时候以便利的方式检查该应答器特定的原始性签名，这提供了所述应答器的原始性的指示。