-
公开(公告)号:US11593805B2
公开(公告)日:2023-02-28
申请号:US15568108
申请日:2015-09-25
申请人: GEMALTO SA
发明人: Frank Arnold , Jean Lambert , Laurent Castillo
摘要: A system for authenticating an electronic device by means of an authentication server in order to authenticate a user of said electronic device. The system is adapted to perform an authentication based on a fictive payment transaction and includes the authentication server which is adapted to execute a fictive payment transaction with a predetermined transaction amount with said electronic device and during said execution to receive a first cryptogram from said electronic device; send said first cryptogram to a banking server; and receive from said banking server an acknowledgment if said first cryptogram is valid; when said fictive payment transaction has been executed, compute an authentication identification based on said electronic device's data; said electronic device which is a payment electronic device and which is adapted to execute said fictive payment transaction with said authentication server and during said execution to send said first cryptogram to said authentication server.
-
公开(公告)号:US11201724B2
公开(公告)日:2021-12-14
申请号:US16337197
申请日:2017-09-22
申请人: GEMALTO SA
发明人: Aline Gouget
摘要: The present invention relates to a method to counter DCA attacks of order 2 and higher order applied on an encoded table-based (TCabi,j) implementation of block-cipher of a cryptographic algorithm to be applied to a message (m), said method comprising the steps of: —translating a cryptographic algorithm block-cipher to be applied on a message (m) into a series of look-up tables (Tabi,j),—applying secret invertible encodings to get a series of look-up tables (TCi,j),—computing message-dependent masking values, comprising the computation of at least two shares of masking value (mmask1, mmask2) for the input of the table network based on at least two different message derivation functions (F1, F2),—re-randomizing the tables (TCi,j) using the computed message-dependent masking values (mmask1, mmask2),—computing rounds to be applied on the message (m) based on the randomized network of tables (TCi,j).
-
公开(公告)号:US10965657B2
公开(公告)日:2021-03-30
申请号:US15756700
申请日:2016-07-05
申请人: GEMALTO SA
摘要: The present invention relates to a method to authenticate a subscriber (IMSIi) within a local network (LNj) comprising preliminary step of deriving a subscriber key (SMKi) in local keys (LKi), one local key (LKiLNj) for each local network (LNj) the subscriber (IMSIi) is authorized to access, provisioning each local network (LNj) the subscriber (IMSIi) is authorized to access with its own local key (LKiLNj). When an authentication is required in a given local network (LNj), an UICC application derives a local key (LKiLNj) in the UICC application of the subscriber (IMSIi) using the network identifier (LNj), the key derivation function (KDF) and the subscriber key (SMKi) and use the derived local key (LKiLNj) in the algorithm to perform local authentication in the local network (LNj).
-
公开(公告)号:US10922682B2
公开(公告)日:2021-02-16
申请号:US16327271
申请日:2017-09-04
申请人: GEMALTO SA
摘要: There is described a method for Java Card application memory footprint optimization which relies on the separation in advance of the code related to the personalization from the rest of the code. It allows this code to perform the personalization of an application installed from a main package while being itself included and installed from a separated package dedicated to the personalization, namely the Card Personalization Specifications (CPS) package. This way, the CPS package and all the code inherent to the personalization can be removed once all the personalization steps have been completed.
-
公开(公告)号:US20190311997A1
公开(公告)日:2019-10-10
申请号:US16466825
申请日:2017-12-07
申请人: GEMALTO SA
IPC分类号: H01L23/00 , H01L23/498 , H01L23/66 , G06K19/077 , C09J9/00
摘要: The invention relates to a method for producing a security document, wherein a body is created that comprises two superimposed layers, a circuit which is electric and/or has an electronic chip arranged on the interface between the two layers, and a first adhesive between the two layers, which adheres to the two layers and/or the circuit. The method includes a step of depositing a second adhesive which is different from, or has a different behaviour from, the first adhesive in relation to the solvents or the temperature and partially adheres to at least one of the two layers and/or the circuit.
-
公开(公告)号:US20190311155A1
公开(公告)日:2019-10-10
申请号:US16315007
申请日:2017-06-14
申请人: GEMALTO SA
发明人: Fabien COURTIADE , Réda ZAITI
摘要: A method for managing a secure element embedded in an equipment comprising an NFC controller. The secure element comprises a security indicator. The method comprises the steps of: on receipt of a triggering command sent by the NFC controller, the secure element switches in a test context; on receipt of a restore command sent by an application, the secure element sets the security indicator, such as a counter of unusual events, to a predefined value only if the secure element is in test context; and on receipt of an ending command sent by the NFC controller, the secure element switches in a Live context. The secure element keeps a track of the switch in the test context and denies any further triggering commands. The method enables reset of security indicator after manufacturing and test where the security indicator may have been affected.
-
公开(公告)号:US10406845B2
公开(公告)日:2019-09-10
申请号:US13844591
申请日:2013-03-15
申请人: GEMALTO SA
发明人: Steven J. Rhyner , Christopher K. Haas , Todd D. Jones , Kui Chen-Ho , Krystal K. Hunt , Ryan E. Marx
IPC分类号: B42D25/24 , B42C9/00 , B42D25/00 , B42D25/41 , B42D25/305 , B42D25/36 , B42D25/455 , B42D25/324 , B42D25/351 , B42D25/46 , B42D25/328 , B42D25/355 , B42D25/382 , B42D25/47 , B42D25/387 , B42D25/391 , B42D25/378 , B42D25/337 , C08G18/48 , C08G18/66 , C08G18/73 , C08G18/75 , C08G18/79 , C08G18/08 , C08G18/42 , B42D13/00 , B42D25/465
摘要: An article may include a biodata page defining a perimeter including an edge and a hinge layer attached to at least a portion of the biodata page. The hinge layer comprises a cross-linked polyurethane. In some examples, the hinge layer may include a cross-linked thermoset polyurethane.
-
8.发明申请公开(公告)号:US20190268341A1
公开(公告)日:2019-08-29
申请号:US15906833
申请日:2018-02-27
申请人: GEMALTO SA , SafeNet Inc.
发明人: Didier HUGOT , Asad ALI , Gorav ARORA
摘要: The invention relates to a method, an entity and a system for managing access to data. The data is associated with metadata. At least one predetermined access policy for accessing metadata includes, for each client, at least one identifier relating to the client. An entity receives from at least one client device, a data access request that includes at least one identifier relating to the client. The entity determines, based on the associated access policy, whether the metadata access is authorized. If yes, the entity determines, based on the associated access policy, associated first data allowing to access the metadata. The entity accesses, based on the first data, the associated metadata. The entity accesses, based on the accessed metadata and the associated access policy, at least a part of the associated data, as a late dynamic binding of the metadata with the associated data (or a part of it).
-
公开(公告)号:US20190239077A1
公开(公告)日:2019-08-01
申请号:US16337801
申请日:2017-10-04
申请人: GEMALTO SA
发明人: Paul BRADLEY , Nicolas CHALVIN , Emmanuel PAYRAUD
CPC分类号: H04W12/08 , H04M15/00 , H04M15/715 , H04M17/02 , H04M17/103 , H04W4/20 , H04W4/24 , H04W4/60 , H04W12/06 , H04W48/17
摘要: In a method for securing access to a service, a device is set in a restricted operation mode that allows addressing only a first server and that is associated with a first identifier relating to a first connectivity gateway. The device accesses the first identifier and a subscription profile that is active during the restricted operation mode. The first server receives from the device a request for enrolling a device user and at least one feature relating to a user identity. The first server verifies whether the user identity feature is valid. If the user identity feature is valid, the first server sends to the device a command for deactivating the restricted operation mode. The device deactivates the restricted operation mode while storing, instead of the first identifier, a second identifier relating to a second connectivity gateway. The second identifier allows accessing a second server that manages the service.
-
公开(公告)号:US20190205045A1
公开(公告)日:2019-07-04
申请号:US15858882
申请日:2017-12-29
申请人: GEMALTO SA , SafeNet Inc.
发明人: Didier Hugot , Asad Ali , Gorav Arora
IPC分类号: G06F3/06
CPC分类号: G06F3/0622 , G06F3/0637 , G06F3/067 , G06F21/31 , G06F21/44 , G06F21/604 , G06F21/62 , G06F2221/2113 , G06F2221/2129 , G06F2221/2141 , H04L63/08 , H04L63/10 , H04L2463/082
摘要: The invention relates to a method for managing data access. The method includes receiving at least one request for accessing data; capturing data relating to at least one current context signal during each data access request; comparing, as a current authorization step, the data relating to at least one captured current context signal to predetermined reference data relating to at least one corresponding context signal according to at least one corresponding predetermined authorization policy; determining, based upon the current authorization result and at least one predetermined dynamic data access policy, whether the data access is or is not authorized, as a data access decision; and issuing the data access decision. The invention also relates to corresponding first device, second device and system.
-
-
-
-
-
-
-
-
-
搜索结果
826 条记录 (耗时 0.055 秒)